OAR 836-011-0224
Internal Audit Function Requirements

(1) An insurer is exempt from these requirements if:
(a) The insurer has annual direct written and unaffiliated assumed premium, including international direct and assumed premium but excluding premiums reinsured with the Federal Crop Insurance Corporation and Federal Flood Program, less than $500,000,000; and
(b) If the insurer is a member of a group of insurers, the group has annual direct written and unaffiliated assumed premium including international direct and assumed premium, but excluding premiums reinsured with the Federal Crop Insurance Corporation and Federal Flood Program, less than $1,000,000,000.
(2) The insurer or group of insurers shall establish an Internal audit function providing independent, objective and reasonable assurance to the Audit committee and insurer management regarding the insurer’s governance, risk management and internal controls. This assurance shall be provided by performing general and specific audits, reviews and tests and by employing other techniques deemed necessary to protect assets, evaluate control effectiveness and efficiency, and evaluate compliance with policies and regulations.
(3) In order to ensure that internal auditors remain objective, the Internal audit function must be organizationally independent. Specifically, the Internal audit function will not defer ultimate judgment on audit matters to others, and shall appoint an individual to head the Internal audit function who will have direct and unrestricted access to the board of directors. Organizational independence does not preclude dual-reporting relationships.
(4) The head of the Internal audit function shall report to the Audit committee regularly, but no less than annually, on the periodic audit plan, factors that may adversely impact the Internal audit function’s independence or effectiveness, material findings from completed audits and the appropriateness of corrective actions implemented by management as a result of audit findings.
(5) If an insurer is a member of an insurance holding company system or included in a group of insurers, the insurer may satisfy the Internal audit function requirements set forth in this rule at the ultimate controlling parent level, an intermediate holding company level or the individual legal entity level.

Source: Rule 836-011-0224 — Internal Audit Function Requirements, https://secure.­sos.­state.­or.­us/oard/view.­action?ruleNumber=836-011-0224 (accessed May 26, 2025).

836–011–0000
Annual Statement Blank and Instructions 836–011–0015
Property and Casualty Actuarial Opinion of Reserves and Supporting Documentation 836–011–0020
Definitions 836–011–0022
Filing Procedures 836–011–0024
Contents of Corporate Governance Annual Disclosure 836–011–0030
Own Risk and Solvency Assessment 836–011–0050
Requirements for Segregation of Premium Received for Coverage Not Eligible for Federal Subsidies 836–011–0100
Authority 836–011–0110
Definitions 836–011–0120
Filing and Extensions for Filing of Annual Audited Financial Reports 836–011–0130
Exemptions 836–011–0140
Contents of Annual Audited Financial Report 836–011–0150
Designation of Independent Certified Public Accountant 836–011–0160
Qualifications of Independent Certified Public Accountant 836–011–0170
Consolidated or Combined Audits 836–011–0180
Scope of Audit and Report of Independent Certified Public Accountant 836–011–0190
Notification of Adverse Financial Condition 836–011–0200
Communication of Internal Control Related Matters Noted in an Audit 836–011–0210
Accountant’s Letter of Qualifications 836–011–0220
Definition, Availability and Maintenance of Independent Certified Public Accountants Workpapers 836–011–0223
Requirements for Audit Committee 836–011–0224
Internal Audit Function Requirements 836–011–0225
Conduct of Insurer in Connection with the Preparation of Required Reports and Documents 836–011–0227
Management’s Report of Internal Control over Financial Reporting 836–011–0230
Canadian and British Companies 836–011–0235
Effective Dates 836–011–0250
Authority 836–011–0253
Definitions 836–011–0255
Reserve Adequacy 836–011–0258
Unallocated Reserve Account 836–011–0260
Distribution of Annual Financial Statement 836–011–0300
Statutory Authority 836–011–0305
Definitions 836–011–0310
RBC Reports 836–011–0320
Company Action Level Event 836–011–0330
Regulatory Action Level Event 836–011–0340
Authorized Control Level Event 836–011–0350
Mandatory Control Level Event 836–011–0360
Hearings 836–011–0380
Supplemental Provisions 836–011–0390
Foreign Insurers 836–011–0430
Scope and Authority 836–011–0440
Report 836–011–0450
Acquisitions and Dispositions of Assets 836–011–0460
Nonrenewals, Cancellations or Revisions of Ceded Reinsurance Agreements 836–011–0500
Application 836–011–0505
Definitions 836–011–0510
RBC Reports 836–011–0515
Company Action Level Event 836–011–0520
Regulatory Action Level Event 836–011–0525
Authorized Control Level Event 836–011–0530
Mandatory Control Level Event 836–011–0535
Hearings 836–011–0540
Supplemental Provisions 836–011–0545
Foreign Health Care Service Contractors 836–011–0600
Report on Services Provided by Expanded Practice Dental Hygienists

May 26, 2025

Rule 836-011-0224's source at or​.us