The Three Lines of Defense Model

The Three Lines of Defense Model

EXECUTIVE SUMMARY

There are expectations from board members, CEOs and senior management at banks to implement robust cybersecurity practices. Cybersecurity no longer is a security risk limited to IT functions of an organization and there is an increasing recognition that it is now an integral part of operational risk management. This paper describes an optimal organizational structure called the “three-line-of-defense” model to implement a robust governance structure for cyber risk management within an organization.

This paper can be cited as: Vivek Srivastav: "The Three Lines of Defense Model," Reserve Bank Information Technology Pvt. Ltd. (2018) www.rebit.org.in

Posted by Vivek Srivastav | SrVP Research and Innovation, ReBIT

on 15 February 2019

The Three Lines of Defense Model

The Three Lines of Defense Model

Posted by Vivek Srivastav | SrVP Research and Innovation, ReBIT

Share

Cyber Security Business Insights

Subscribe to Cyber Pulse