In the financial sector, individuals are utilizing three lines of defense for most of the hazard capacities. Usually, the first line of protection for management of hazard is the business, the second line of protection is a control work, and the third line of protection is an inner review. Progressively firms are thinking about data risk as a hazard component in their overall hazard management system. Organizations are incorporating data risk in their gathering hazard hunger proclamation notwithstanding their market chance, credit chance, and operational hazard. Once the hazard is recognized, then the organization needs to build up three lines of defense to guarantee the hazard is managed as per the hazard craving. Following is the approach that we would consider as three lines of defense for data management and data hazard. The first line of defense: This resistance lies with the data proprietors and data stewards. These are the colleagues who make/source the information. They are responsible to guarantee that the information meets the information quality necessities as stipulated by controllers or by the information buyers. The second line of defense: This barrier is kept up by the focal data office, either a data governance work, data management office or a central data office. This group builds up the policy relating to the information in the organization. It keeps an eye on the data quality metrics and for the most part, goes about as an escalation mechanism when the data quality does not meet the required benchmarks. Furthermore, the second line of defense additionally gives counseling services identified with sourcing of new data and the effect of data on innovation and business changes. The third line of defense: This resistance is an internal review. The internal review guarantees that the organization has a sufficient arrangement with respect to data management and routinely leads a review of information administration in the firm. The internal review specifically reports to the review board of trustees and to the controller for issues concerning information administration. For data management to be effective, it is important that your firm build up three lines of defense to guarantee that everybody knows about their roles and duties concerning data hazard.