Vision Report

No More Blurred Lines: Introducing Continuous Risk Management

Dismantle The Three Lines Of Defense And Embrace The Forrester Continuous Risk Management Model

and

Updated Jan 13, 2026

Summary

The three lines of defense (3LOD) concept was first mentioned by the UK’s Financial Services Authority and then promoted by the Institute of Internal Auditors (IIA) in 2013; since then, the model has become ubiquitous among financial institutions. Although it’s often considered a pillar of enterprise risk management, make no mistake: 3LOD isn’t a framework for managing risk. Risk leaders must instead embrace a new way of managing risk using the Forrester Continuous Risk Management Model.

Log in to continue reading

Client log in

Welcome back. Log in to your account to continue reading this research.

Become a client

Become a client today for these benefits:

Stay ahead of changing market and customer dynamics with the latest insights.
Partner with expert analysts to make progress on your top initiatives.
Get answers from trusted research using Izola, Forrester's genAI tool.

Purchase this report

This report is available for individual purchase ($1495).