Why this risk management best practice is not fit for digital innovation

Research output: Non-textual formWeb publication/siteProfessional

Abstract

Innovation requires a culture of openness and transparency, where mistakes can be made, dilemmas raised and discussed, and joint decisions about the design of new services and the risks that need to be taken.
Supervisory authorities around the globe typically consider the so-called “three-lines-of-defense model” as best practice for risk management and internal control. This risk management model is based on a strict segregation of duties. The commercial departments are expected to innovate and ensure compliance for new products and services (first line). The compliance function checks for irregularities (second line). The audit department then reviews, post rollout (third line).
Original languageEnglish
Place of Publicationhttps://iapp.org
PublisherIAPP
Media of outputOnline
Publication statusPublished - 22 Jan 2020

Fingerprint Dive into the research topics of 'Why this risk management best practice is not fit for digital innovation'. Together they form a unique fingerprint.

Cite this