Abstract
The efficient and effective organization and coordination of corporate governance activities is still one of the major challenges of modern corporate management. For many years, it was precisely the so-called three lines of defense model that was used to structure governance functions. However, as more and more open points of discussion regarding practical implementation have emerged over the past years, the three lines model was published in 2020 as a fundamental update by the Institute of Internal Auditors (IIA). This article presents the new model and critically discusses the similarities and differences to the existing model. Thus, this article contributes to the current discussion of best practices regarding corporate governance structure and the fundamental issues of efficient and effective oversight. Both practitioners and researchers should benefit from the critical analysis of this paper.
Highlights
The design of an efficient and effective internal corporate governance and monitoring structure is still a central challenge for modern corporate management
As more and more open points of discussion regarding practical implementation have emerged over the past years, the three lines model was published in 2020 as a fundamental update by the Institute of Internal Auditors (IIA)
Corporate management, in the form of the management board or C-level, and corporate monitoring, in the form of the supervisory board or audit committee, are faced with the question of how to align the internal governance structure (e.g., Eulerich, Kremin, & Wood, 2019) and how much to invest into different governance functions (e.g., Anderson, Christ, Johnstone, & Rittenberg, 2012; Barua, Rama, & Sharma, 2010; Carcello, Hermanson, & Raghunandan, 2005)
Summary
The design of an efficient and effective internal corporate governance and monitoring structure is still a central challenge for modern corporate management. Due to the “information overload”, it is becoming increasingly difficult for management boards and supervisory boards to extract the appropriate decision-relevant information Approaches, such as combined assurance (e.g., d’Arcy & Eulerich, 2020) or the COSO enterprise risk management (COSO, 2017; De Zwaan, Stewart, & Subramaniam, 2011) try to reduce weaknesses of a too static model, such as the TLoD, through an integrated or coordinated governance organization and to realize potential advantages in terms of synergy effects as well as efficiency and effectiveness improvements. The changing objectives and (digital) processes in companies require new and powerful structures so that the executive board and supervisory board can manage and monitor the company in the best possible way Against this background, internal audit is the necessary and sensible provider of independent and objective auditing services to ensure the necessary level of assurance.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
