"Governance, risk, and compliance (GRC) has become a top executive priority. But many organizations are struggling to manage and control risk effectively today. The “three lines of defense” operating model for managing risk provides a framework that allows organizations to ensure GRC success. Exploring the effectiveness of this approach, our study revealed that while organizations believe they are effective with the three lines of defense operating model, only a few are fully exploiting the business value it can bring. "
Click here to download the report