2016 | 17 | 4 | 101-113
Article title


Title variants
Languages of publication
The three lines of defense model (3LODM) is a valuable framework that outlines internal audit’s role in assuring the effective management of risk, and the importance for delivering this of its position and function in the corporate governance structure of Albanian banks. Each line of defense has unique positioning in the organization and unique responsibilities and not combined or coordinated in a manner that compromises their effectiveness. The responsibility for internal control does not transfer from one line of defence to the next line. Independence and objectivity are essential elements to consider Setting up of an internal control system and supporting arrangements by 3LODM is relatively simple. In Albania, the real challenge is ensuring that the perceptions, contribution and expectations of bank’s executive management, audit committee and bank’s board of directors are aligned, and that risk-related information is symmetric, effectively and consistently obtained, analyzed and used by players of internal control system. Misunderstandings between players/bodies of internal control system lead in luck of optimization achievements for reaching bank objectives. Internal auditing is designed to add value and improve an organization’s operations; help an organization accomplish its objectives by bringing in a systematic, disciplined approach; evaluate and improve the effectiveness of risk management, control, and governance processes.
  • Faculty of Economy, University of Tirana, Albania
  • BCBS (2010) Principles for enhancing corporate governance. Basel Committee on Banking Supervision.
  • BCBS (2012) The internal audit function in banks. Basel Committee on Banking Supervision.
  • BCBS (2015) Corporate governance principles for banks. Basel Committee on Banking Supervision.
  • EU (1984) Qualifications of persons responsible for carrying out the statutory audits of accounting documents: eighth Directive, Law Directive 84/253/EEC of the EU.
  • EU (2006) On statutory audits of annual accounts and consolidated accounts, Directive 2006/43/EC, European Commission.
  • IIA (2015) About IIA & their Profession. [on-line:] isinternalaudit.aspx
  • IPPF (2011) International Professional Practice Framework. The Institute of Internal Auditors Global, Edition updated for 2012.
  • Law (2006) On Banks on the Republic of Albania. Law No. 9662, 18.12.2006, amended.
  • Ribaj A. (2015) Banks’ Internal Control System, the case of Albania. International Journal of Science and Research, [on-line:]
  • Publications of CIA-Certified Internal Auditor, CIIA – Chartered Internal Auditor, CFSA-Certified Financial Services Auditor, CGAP-Certified Government Auditor, CCSA-Certified, Control Self-Assessment, CRMA-Certified Risk Management Auditor and COSO-Committee of Sponsoring Organizations of the Tread way Commission.
  • Publications on: Policy position paper on risk management and internal audit; and briefing on whistleblowing
  • SCBA (2015) On the Internal Control System, regulation approved by Supervision Council of Bank of Albania
Document Type
Publication order reference
YADDA identifier
JavaScript is turned off in your web browser. Turn it on to take full advantage of this site, then refresh the page.