Lines of Defense Model for Effective Risk Management

Lines of Defense Model for Effective Risk Management
Slide Note
Embed
Share

Internal controls play a crucial role in ensuring operational, financial reporting, and compliance goals are met. The Lines of Defense Model outlines the key components of a robust risk management framework, involving different levels of oversight and assurance. Board of Trustees, Audit Committees, Executive Management, Internal Audit, and other functions all contribute to managing risks effectively and ensuring the organization operates in line with its goals and objectives.

  • Risk Management
  • Internal Controls
  • Lines of Defense
  • Governance
  • Compliance
vian_oam
vian_oam Follow

Uploaded on Mar 16, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. 2017 ADMINISTRATION AND FINANCE CONFERENCE Lines of Defense Model Scott Lawlor, Senior Internal Auditor, Office of University Audit

  2. Understanding the Lines of Defense Model Internal controls are a set of systems and processes that help to ensure that the University achieves its: Operational goals Internal and external financial reporting goals Legal and regulatory compliance goals In order to achieve these goals, we need to have in place an effective model across the institution and this is the Lines of Defense Model 2

  3. Lines of Defense Model Board of Trustees/Audit Committees Perform Oversight Executive Management Monitor Performance 3rdLine of Defense (Independent and Objective Assurance) Internal Audit 1stLine of Defense (Business Operations) 2ndLine of Defense (Oversight Functions) Departmental, Operational and Functional Management Risk Assurance Functions (Academic and Medical) Responsible for operating business processes and practices (controls) to manage risk. Responsible for defining policy and for monitoring the effectiveness of business operation controls to mitigate risk. Responsible for providing objective and independent assurance (to the Board) on the effectiveness of first and second line processes and controls to mitigate risk. Identify, assess, control and mitigate risks Process and internal control design, implementation and effectiveness Maintain and execute risk and control procedures day-to-day Guide the development and implementation of internal policies and procedures Ensure activities are consistent with goals and objectives Compliance with laws, regulations and policies Risk Management Responsible for identifying risks and maintaining a framework to assist with risk prioritization and reporting. Ensure controls are properly designed, in place and operating as intended Provide guidance and training on the risk management process Services (in accordance with recognized audit standards) include: Assurance Advisory / Consultative Governance Support Data Analysis / Business Intelligence Ethics, Investigations, Whistleblower, etc. Compliance also has Line of Defense responsibilities (e.g., provides assurance to the Board that management practices promote compliance with laws, regulations, and policies) Compliance Responsible for providing oversight, support and monitoring of management s compliance with legal, policy, or business standards. 3

  4. Lines of Defense Model Board of Trustees, Audit and Risk Committees & Executive Management Perform an essential role in the Lines of Defense model Ensures model is reflected in the University s risk management and control processes Responsible and accountable for: Setting objectives Defining strategies to achieve those objectives Establishing governance structures and processes to best manage the risks in accomplishing those objectives Implementing an Enterprise Risk Management function Provides active support and guidance when implementing the model 4

  5. Lines of Defense Model 1st Line of Defense - Business Operations: Departmental, Operational and Functional Management Maintain effective internal controls within a defined area; risks are owned Execute risk and control procedures on a day-to-day basis Identify, assess, control and mitigate risks Guide the development and implementation of internal policies and procedures Ensure activities are consistent with goals and objectives Managerial and Supervisory review 5

  6. Lines of Defense Model 2nd Line of Defense - Oversight Functions: Risk Assurance Functions (Academic and Medical) Ensure Business Operation controls are properly designed, in place and operating as intended. Typically include: Internal Control Assurance Processes Controllership for financial risks and reporting Provide guidance and training on the risk management process Monitor the adequacy and effectiveness of internal control, accuracy of reporting, compliance and timely remediation of deficiencies Program Audits of grants and contributions Management oversight committees (IT, HR, Program) Report risk-related information organization-wide 6

  7. Lines of Defense Model 3rd Line of Defense - Independent and Objective Assurance: Internal Audit Act in accordance with recognized audit standards Perform duties independently and objectively Active and effective reporting line to the Governing Body Ethics, Investigations, Whistleblower, etc. Key is independence and reporting lines Must report internally to the Governing Body Utilize best practices approach based on assessing risks to focus audits Flexible process to adapt to the specific of each engagement 7

  8. Lines of Defense Model Key Takeaways Not a standalone solution to effective risk management, but rather a component of the overall process. Enhances the University s risk management strategy with greater efficiency and effectiveness Model needs to be supported by an active, ongoing initiative and an appropriate organizational mandate Appropriate leadership, accountability, clearly articulated objectives and active performance measures Oversight by both Executive Management, the Board of Trustees and Audit/Risk Committees Continuous fine tuning and improvements must be implemented 8

Related


Risk Management in Environmental Geography and Disaster Management

Risk Management in Environmental Geography and Disaster Management

duke
Future of Radiological and Nuclear Defense Programs and Capabilities

Future of Radiological and Nuclear Defense Programs and Capabilities

nadia
Project Risk Management Fundamentals: A Comprehensive Overview

Project Risk Management Fundamentals: A Comprehensive Overview

franky
New Risk Management and Internal Audit Framework for Local Councils in NSW

New Risk Management and Internal Audit Framework for Local Councils in NSW

rico
Skew Lines and Planes in 3D Geometry

Skew Lines and Planes in 3D Geometry

coralie
the Three Lines of Defense in Risk Management

the Three Lines of Defense in Risk Management

yara
Using Tactics and Orders to Disrupt County Lines: Case Studies and Strategies

Using Tactics and Orders to Disrupt County Lines: Case Studies and Strategies

abner
Risk Concepts and Management Strategies in Finance

Risk Concepts and Management Strategies in Finance

ybre
Risk and Return Assessment in Financial Management

Risk and Return Assessment in Financial Management

chey888
Risk Management & MPTF Portfolio Analysis at Programme Level for UN Somalia

Risk Management & MPTF Portfolio Analysis at Programme Level for UN Somalia

jud_l
Fanno and Rayleigh Lines in Adiabatic Flow

Fanno and Rayleigh Lines in Adiabatic Flow

jazzmarie
Crafting Persuasive Defense Theories for Trial Success

Crafting Persuasive Defense Theories for Trial Success

derr_8
Developing a Risk Appetite Culture: Importance and Framework

Developing a Risk Appetite Culture: Importance and Framework

aima295
Security Planning and Risk Management Overview

Security Planning and Risk Management Overview

kaks
Sustainable Procurement Practices in Defense Department

Sustainable Procurement Practices in Defense Department

frol
National Defense Science & Technology Strategy 2023: Key Points for Systems Engineering & Architecture Discussion

National Defense Science & Technology Strategy 2023: Key Points for Systems Engineering & Architecture Discussion

cate169
Defense Cost Reporting and Systems Overview

Defense Cost Reporting and Systems Overview

jahs_96
Utilizing Topic Modeling for Identifying Critical Log Lines in Research

Utilizing Topic Modeling for Identifying Critical Log Lines in Research

llar
Defense Outlook Unveiling Growth Potential and Forecasted Outlook for 2023-2033

Defense Outlook Unveiling Growth Potential and Forecasted Outlook for 2023-2033

Mohit
Parallel Lines and Their Properties

Parallel Lines and Their Properties

jstec
European Defense Innovation Priorities

European Defense Innovation Priorities

cha_cas
Defense Strategies in the Land of Ttulandes

Defense Strategies in the Land of Ttulandes

sha_bar

More Related Content