Professional Documents
Culture Documents
BARAÑAO
Mindanao State University
BS Accountancy
ACT 140
ASSIGNMENT NO. 2
The Three Lines of Defense model provides a valuable framework that describes the role of
the internal audit in ensuring effective risk management and how important it is to deliver its position
and function in the governance structure of companies.
Various parts and levels of an organization have different roles in risk management and the
interplay between these parts determines the effectiveness of the whole organization in managing risk.
The unique role of internal audit is to assure the board of directors that the risk management controls
are objective and independent.
Regular and ongoing dialog through internal auditing with the defense line 1 and 2 must be
carried out in order to provide the function with a more timely perspective on management and
business issues. Internal audit may thus be of use to the manager, in the form of advice, facilitation
and training, in order to improve the second line of defense processes. Internal audit can also
determine where the first two defense lines have gaps and advise how they can be connected.
Internal audit may also play a valuable part in ensuring that the Board is able to efficiently
identify and managed governance structures for broader strategic and internal risks.
SENIOR MANAGEMENT
EXTERNAL
REGULATOR
AUDIT
1ST LINE OF DEFENSE 2ND LINE OF DEFENSE 3RD LINE OF DEFENSE
FINANCIAL CONTROLLER
MANAGEMENT SECURITY
CONTROLS
RISK MANAGEMENT INTERNAL AUDIT
INTERNAL QUALITY
CONTROL
MEASURE INSPECTION
COMPLIANCE
Bruce, S.,CA. (2017), “Internal audit: three lines of defense model explained”. Retrieved at
http://www.icas.com/professional-resources/audit-and-assurance/internal audit/inter
nal-audit-three-lines-of-defense-model-explained
Chartered Institute of Internal Auditors, (2017). “The Three Lines of Defense”. Retrieved at
https://www.iia.org.uk/policy-and-research/position-papers/the-three-lines-of-defense