Skip Ribbon Commands
Skip to main content
ERM > Governance

Skip Navigation LinksGovernance

ERM - Banner 1.jpg

Three Lines of Defense


The “Three Lines of Defense” support more effective risk management by introducing structured governance and oversight that clarifies and segregates roles and responsibilities based on the following:

    First Line of Defense:

  • functions that own and manage risks;

Second Line of Defense: 

  • functions that oversee and or specialize in risk management, compliance;

Third Line of Defense:

  • functions that provide independent assurance.


Risk Mgmt Structure.jpg