Managing Risks to Success

  029 2252 0571   info@littlechildhaley.co.uk

Integrated Assurance – Three Lines Revisited

September 27, 2025
Insights
1 min read

“Some say the Three Lines (3LOD) model is past its prime – I say it’s just overdue a wardrobe refresh. The structure still fits, but it needs to dress for the risks of today.” – Paul Haley

Why the 3LOD Still Matters

  • Clarity in chaos: In a world of blurred roles and hybrid risks, the 3LOD still offers a clear map of who does what and why it matters.
  • Boardroom confidence: Boards and audit committees continue to rely on the model to understand assurance coverage and gaps.
  • Shared language: Management regularly refer to the Lines, so we now have a common framework around accountability and responsibilities.
  • Regulatory backbone: It remains embedded in the UK Corporate Governance Code and IIA Standards. This is not just tradition, it is expectation.
  • ESG and ethics: The model helps embed ESG into governance, ensuring it becomes a lived responsibility rather than a reporting exercise.

Where It Is Being Challenged

  • Silo syndrome: When applied rigidly, it can reinforce silos and limit collaboration.
  • Digital disruption: AI, cyber risk, and agile delivery models do not respect neat organisational lines.
  • Second line struggles: The second line is often underpowered or misunderstood, and can become the weakest link.
  • Cost and duplication: Without integration, assurance activity can become expensive noise instead of strategic insight.

How It Is Evolving

  • From lines to layers: Less about barriers and more about flexible, overlapping layers of defence.
  • Integrated assurance: The future is collaborative, with shared dashboards, joint planning, and real-time risk intelligence.
  • People over process: The model works best when driven by relationships and trust rather than reporting lines.

What We Are Doing at Littlechild and Haley

  • Modernising the model: Helping clients tailor the 3LOD to their culture, risk appetite, and maturity.
  • Building the second line: Supporting teams through coaching, process mapping, and clarity of purpose.
  • Championing the third line: Making internal audit visible, valued, and vibrant, not simply compliant.
3 lines of defence

 

You may also like

Team
Linkedin

Paul Haley

Co-Founder

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Integer sagittis sodales nibh, at pharetra magna rhoncus vitae. In semper quis ligula non rhoncus.

Duis pharetra sem ultrices ultrices vestibulum. Donec imperdiet tempus ligula, quis semper massa pulvinar ut. Etiam id viverra eros, vitae vestibulum lectus. Morbi lacinia elit eu massa bibendum tristique in vitae lorem. Curabitur dignissim tempus quam sit amet tempor. Nullam pellentesque, urna non eleifend pretium, quam orci pharetra leo, et vulputate mi ligula vel massa. 

Team
Linkedin

Paul Haley

Co-Founder

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Integer sagittis sodales nibh, at pharetra magna rhoncus vitae. In semper quis ligula non rhoncus.

Duis pharetra sem ultrices ultrices vestibulum. Donec imperdiet tempus ligula, quis semper massa pulvinar ut. Etiam id viverra eros, vitae vestibulum lectus. Morbi lacinia elit eu massa bibendum tristique in vitae lorem. Curabitur dignissim tempus quam sit amet tempor. Nullam pellentesque, urna non eleifend pretium, quam orci pharetra leo, et vulputate mi ligula vel massa. 

Enquiries