A large financial institution is currently reviewing its strategies and protocols for managing operational risk, in alignment with the Basel Committee's guidelines. Considering this within the framework of the three lines of defense, which of the following statements is correct?

Exam-Like

The internal audit function should serve as the first line of defense and continually validate operational procedures used by the business lines.

3.8%

Business line managers, as part of the first line of defense, should provide a credible challenge to the internal audit function.

19.2%

The corporate operational risk function, as part of the second line of defense, should challenge risk inputs from business line managers.

76.9%

The corporate operational risk function should serve as the third line of defense and validate model assumptions made by senior management.

0.0%

Financial Risk Manager Part 2