A large bank is reviewing its strategies and protocols for managing operational risk in accordance with the Basel Committee's guidelines. As part of this review, the bank is implementing the three lines of defense model to ensure comprehensive risk management. Which of the following statements is accurate regarding this approach?

Exam-Like

The internal audit function should serve as the first line of defense and continually validate operational procedures used by the business lines.

3.8%

Business line managers, as part of the first line of defense, should provide a credible challenge to the internal audit function.

15.4%

The corporate operational risk function, as part of the second line of defense, should challenge risk inputs from business line managers.

73.1%

The corporate operational risk function should serve as the third line of defense and validate model assumptions made by senior management.

7.7%

Financial Risk Manager Part 2