Search...
| Line | Role | Responsibilities |
|---|---|---|
| First Line | Operational Management | Own and manage risks day-to-day, implement controls |
| Second Line | Risk & Compliance Functions | Oversee risk management, set policies, monitor compliance |
| Third Line | Internal Audit | Independent assurance, evaluate effectiveness of governance |
| Role | Primary Responsibility | Accountability |
|---|---|---|
| Board of Directors | Risk oversight and governance direction | Ultimate accountability for risk |
| Risk Committee | Risk appetite and tolerance decisions | Strategic risk oversight |
| CRO / CISO | Risk program leadership and reporting | Program implementation |
| Risk Manager | Day-to-day risk operations | Tactical risk execution |
| Business Process Owners | Risk decisions within their domain | Process-level risk ownership |