Patrick Potter

Six Reasons to Implement the Three Lines of Defense

Blog Post created by Patrick Potter Employee on Jun 1, 2016

I’m excited to show you an article Marshall Toburen and I co-authored and just had published in Risk Management Magazine, which talks about the Three Lines of Defense (3LoD) model.  The link is below, so check it out.  If you’re in a hurry and just want to know why you should implement the 3LoD model in your organization, take a look at these six reasons:

  1. Organizations that have a strong 3LoD are generally more risk-intelligent - meaning they are capable of quickly identifying and reacting to risk and they more efficiently deploy scarce resources to manage risk on a prioritized basis.
  2. They can better leverage information without the need to recreate reports or play the ‘telephone tag game’ of information gathering and sharing.
  3. The 3LoD model promotes risk ownership and a stronger risk management culture while eliminating inefficiencies, gaps and overlaps that often occur in the management of risk and compliance by multiple functions.
  4. The 3LoD model helps internal organizations (i.e., the three lines) do a better job of working together to manage risk.  While each of the three lines of defense has its own responsibilities, they are all using the same playbook.
  5. The model contributes to fewer surprises and losses, lower risk transfer costs, and increased likelihood that the organization’s objectives will be achieved.
  6. The Institute of Internal Auditors (IIA) published a position paper effectively endorsing the 3LoD model as a best practice in risk management and control, which generally makes your auditors and regulators happier.

Why do these benefits come from implementing a 3LoD model?  In this day of more and varied risks coming at our organizations at the speed of light, the 3LoD model helps provide an organizational and practical model to give order to the chaos.  Check out the article below and let me know your thoughts at patrick.potter@rsa.com

 

Risk Management – The 3 Lines of Defense for Good Risk Management.

Outcomes