The three lines in a row
Good Coordination of Work is key to the Functioning of the Three Lines Model
Within the 3-lines of defence model, management (the first line) is most able to manage risks and be in control. Internal audit, as the third line, must ensure that the control measures and controls are actually operational. The second line has an important role in facilitating the first line with the responsibilities and checking whether or not these are taken care of. The second line has expanded considerably in recent years. As a result, the first line is overloaded with questions from risk specialists such as business control, financial control, CISO, privacy officer and quality assurance officer. Coordination of these activities is the key to the actual functioning of the Three Lines Model. By having an integral risk-based collaboration, the board of directors can obtain the assurance that they are in control.
Three Lines Model
The Three Lines of Defense model from The Global Institute of Internal Auditors was updated in July 2020.
The functions are not only intended to protect the value of the organization, but also to increase it. As a result, we no longer talk about ‘lines of defense’ or ‘lines of defence’.
The goals of the organization are central to all functions. The functions are not silos, but coordinate and work together; each from his own role. The design of the model must be geared to the risks and specific situation of the organization.
The 3LM establishes a stronger link with the objectives of the organization.
Test NARIS GRC®
Try it yourself for 30 days free of charge, no strings attached
Link Risks to Objectives
The organization’s strategy is the basis for setting up your control framework. This helps managers to be accountable to stakeholders and thus gain their trust. With NARIS Next, it is possible to visually link risks and controls. This creates a risk strategy map as the basis for the daily management of the organization.
Due to legislation or guidelines, such as ISO27001 and the AVG, many separate risk control frameworks have been created. The process within these risk specialisms is always the same and cooperation pays off. With NARIS Next, the frameworks are brought together and cooperation between control, management and internal audit is facilitated.
Quick Start and Assurance via a Knowledge Database
Do you want to create your own control framework or do you prefer to use a best practice? NARIS Next contains several examples of risk & compliance frameworks that are easy to adapt to your organization. With that, most of the administrative work is done and you can focus on what really matters: the key risks and controls.
Three Lines Model
Inspiration around Three Lines of Defense.
Today, NARIS GRC announces the launch of their fully updated – and expanded – Governance, Risk & Compliance (GRC) software.
Do you have questions about our solutions for your organization? Please feel free to contact us
Fill out the form or
Contact us without obligation
Would you like to know what we can do for your organization? Fill in the form below.