The 3 lines of defense for risk management
<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.loc.gov/MARC21/slim http://www.loc.gov/standards/marcxml/schema/MARC21slim.xsd">
<record>
<leader>00000cab a2200000 4500</leader>
<controlfield tag="001">MAP20160022506</controlfield>
<controlfield tag="003">MAP</controlfield>
<controlfield tag="005">20160722153343.0</controlfield>
<controlfield tag="008">160718e20160718esp|||p |0|||b|spa d</controlfield>
<datafield tag="040" ind1=" " ind2=" ">
<subfield code="a">MAP</subfield>
<subfield code="b">spa</subfield>
<subfield code="d">MAP</subfield>
</datafield>
<datafield tag="084" ind1=" " ind2=" ">
<subfield code="a">7</subfield>
</datafield>
<datafield tag="100" ind1="1" ind2=" ">
<subfield code="0">MAPA20160009088</subfield>
<subfield code="a">Potter, Patrick</subfield>
</datafield>
<datafield tag="245" ind1="1" ind2="4">
<subfield code="a">The 3 lines of defense for risk management</subfield>
<subfield code="c">Patrick Potter, Marshall Toburen</subfield>
</datafield>
<datafield tag="520" ind1=" " ind2=" ">
<subfield code="a">For years, risk in many organizations was managed on an ad-hoc basis by tenured leaders relying on their own experience, such as the CEO and any credit, market, legal and fraud experts on hand. Internal audit functions existed to identify necessary internal controls and make sure there were no gaping holes. Typically, internal audit was the only part of an organization performing regular risk assessments, and when something went wrong, management would cry, Where were the auditors?</subfield>
</datafield>
<datafield tag="650" ind1=" " ind2="4">
<subfield code="0">MAPA20080591182</subfield>
<subfield code="a">Gerencia de riesgos</subfield>
</datafield>
<datafield tag="650" ind1=" " ind2="4">
<subfield code="0">MAPA20080601522</subfield>
<subfield code="a">Evaluación de riesgos</subfield>
</datafield>
<datafield tag="650" ind1=" " ind2="4">
<subfield code="0">MAPA20080594886</subfield>
<subfield code="a">Auditoría de gestión</subfield>
</datafield>
<datafield tag="650" ind1=" " ind2="4">
<subfield code="0">MAPA20080586461</subfield>
<subfield code="a">Modelos de gestión</subfield>
</datafield>
<datafield tag="700" ind1="1" ind2=" ">
<subfield code="0">MAPA20160009095</subfield>
<subfield code="a">Toburen, Marshall</subfield>
</datafield>
<datafield tag="773" ind1="0" ind2=" ">
<subfield code="w">MAP20077000291</subfield>
<subfield code="t">Risk Management Magazine</subfield>
<subfield code="d">New York : Risk and Insurance Management Society, 1982-</subfield>
<subfield code="x">0035-5593</subfield>
<subfield code="g">28/06/2016 Volumen 63 Número 5 - junio 2016 , p. 16-17</subfield>
</datafield>
</record>
</collection>