This study aims to determine the effect of three lines of defense on risk management. Risk management as the dependent variable is measured by content analysis based on the risk profile. The independent variable, namely the three lines of defense, was measured by content analysis based on 2013 COSO Internal Control in the form of 17 principles covering five components. The sample was determined based on the purposive sampling method and resulted in 60 Sharia banking observation units registered with the Financial Services Authority (OJK) for the 2015-2019 fiscal year. The results of simple linear regression analysis show that three lines of defense affect risk management. The results of this study imply that the three lines of defense model plays an essential role in realizing the effectiveness of risk management, where the effectiveness of risk management will be achieved if the control and assurance functions are carried out proportionally by the three lines of defense.