Created in 2013 by the Institute of Internal Auditors, the goal of the three lines of defense model was to foster a more structured approach to the relationships between the different areas of an organization, when it comes to managing risk and controls. There had been concerns among both firms and regulators that there were both gaps and overlaps in the responsibilities within organizations for risks and controls. Today, the Three Lines of Defense model has been adopted by regulators around the globe as a robust approach to interactions between different parts of an organization. See First Line of Defense, the Second Line of Defense.