When the Three Lines of Defense Model started to get traction within companies a few years ago, I was often asked to explain how software could support the process better, and sometimes even what it really meant for control, risk and audit departments. To me, this model always made sense, and helped companies go well....