ACA's experienced compliance, risk, and technology professionals regularly provide commentary on industry news, trends, and best practices. Our blog now consolidates all ACA compliance alerts, thought leadership articles, white papers, cybersecurity alerts, and results from ACA surveys to help you find the information you need more quickly and easily. For ACA compliance alerts prior to March 2019, see our News Archive.
The Three Lines of Defense Model has gained popularity as the de facto model for organizing governance, risk management and internal control roles and responsibilities since the Institute of Internal Auditors (IIA) published “The Three Lines of Defense in Effective Risk Management and Control,” position paper in 2013. The IIA recently announced that they would embark on a key project to refresh and update this document.