The Institute of Internal Auditors (IIA) is beginning to re-evaluate the “Three Lines of Defense” model for risk management that has been around for more than two decades with an eye toward updating it for the 21st century. The IIA’s existing position paper, “The Three Lines of Defense in Effective Risk Management and Control (PDF),” was last updated in 2013. While it was originally rooted in the financial services industry, it has grown to encompass a wider variety of industries concerned with governance and risk management issues. In collaboration with specialists in governance and risk management, the IIA announced it has launched an extensive review of the Three Lines of Defense, weighing the concept’s strengths, application and usefulness with a view toward ensuring its continued relevance in the operational climate of today. Read more at Accounting Today.