Audit Services and Institute Compliance
/
Institute Compliance
/
Institute Compliance Program
/
Layered Controls
Layered Controls
Layered Controls
The Institute of Internal Auditors, which is the International Organization that sets standards for the Internal Auditing profession, published a whitepaper discussing the different types of layered controls that organizations may implement to help protect them from many types of risks, including compliance risks.
Layered controls are also referred to as lines of defense, where management is the first line of defense, compliance and governance functions are the second line of defense, and Internal Audit is the third line of defense.
At Caltech, the second line of defense includes the Institute Compliance Program and our compliance assessment process.