Skip to content
Log in

First-line controls

Definition

Controls owned and operated by the business units and IT functions that process or store information. The first line is accountable for day-to-day control effectiveness and for reporting upward when controls fail or gaps are identified.

Related terms

Audit committee
A sub-committee of the board of directors composed principally of independent non-executive directors, responsible for overseeing financial reporting, internal controls, and the...
CISO (Chief Information Security Officer)
The senior executive responsible for developing and maintaining the information security programme. The CISO reports to the board or a board committee...
Second-line oversight
The risk management and compliance functions, including the CISO office and the risk function, that set policy, monitor control effectiveness across the...
Security steering committee
A cross-functional management body, typically chaired by the CISO or Chief Risk Officer, that coordinates security priorities across business units, approves major...
Three lines of defence
A governance model that separates security responsibility into three distinct layers: operational management that owns controls (first line), risk and compliance functions...

Explained in

  • Security Governance Structures and RolesControls owned and operated by the business units and IT functions that process or store information. The first line is accountable for day-to-day control effe...

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.

Continue learningCreate Your Account