Risk ManagementUnited States (NAIC)
Own Risk and Solvency Assessment (ORSA) — NAIC Model Act
The NAIC Risk Management and Own Risk and Solvency Assessment Model Act (Model #505) requires US insurance companies to maintain a risk management framework and conduct an Own Risk and Solvency Assessment (ORSA). Adopted by most US states, ORSA requires insurers to assess the adequacy of their risk management and current/future solvency position.
Domains
Reporting and Compliance
Section 3 - Group Risk Capital and Solvency
Section 2 - Risk Exposure Assessment
Section 1 - Risk Management Framework
Compare Own Risk and Solvency Assessment (ORSA) — NAIC Model Act
Own Risk and Solvency Assessment (ORSA) — NAIC Model Act vs ISO 27001:2022View comparison →Own Risk and Solvency Assessment (ORSA) — NAIC Model Act vs SOC 2View comparison →Own Risk and Solvency Assessment (ORSA) — NAIC Model Act vs NIST CSF 2.0View comparison →Own Risk and Solvency Assessment (ORSA) — NAIC Model Act vs GDPRView comparison →Own Risk and Solvency Assessment (ORSA) — NAIC Model Act vs HIPAAView comparison →Own Risk and Solvency Assessment (ORSA) — NAIC Model Act vs PCI DSS 4.0View comparison →
Own Risk and Solvency Assessment (ORSA) — NAIC Model Act by Industry
Own Risk and Solvency Assessment (ORSA) — NAIC Model Act for Healthcare→Own Risk and Solvency Assessment (ORSA) — NAIC Model Act for Financial Services→Own Risk and Solvency Assessment (ORSA) — NAIC Model Act for Technology→Own Risk and Solvency Assessment (ORSA) — NAIC Model Act for Government→Own Risk and Solvency Assessment (ORSA) — NAIC Model Act for Manufacturing→Own Risk and Solvency Assessment (ORSA) — NAIC Model Act for Energy→Own Risk and Solvency Assessment (ORSA) — NAIC Model Act for Retail→Own Risk and Solvency Assessment (ORSA) — NAIC Model Act for Education→
Own Risk and Solvency Assessment (ORSA) — NAIC Model Act by Role
Own Risk and Solvency Assessment (ORSA) — NAIC Model Act for CISOs→Own Risk and Solvency Assessment (ORSA) — NAIC Model Act for Compliance Officers→Own Risk and Solvency Assessment (ORSA) — NAIC Model Act for Risk Managers→Own Risk and Solvency Assessment (ORSA) — NAIC Model Act for IT Directors→Own Risk and Solvency Assessment (ORSA) — NAIC Model Act for DPOs→Own Risk and Solvency Assessment (ORSA) — NAIC Model Act for Auditors→
Frequently Asked Questions
What is Own Risk and Solvency Assessment?
The NAIC Risk Management and Own Risk and Solvency Assessment Model Act (Model #505) requires US insurance companies to maintain a risk management framework and conduct an Own Risk and Solvency Assessment (ORSA). Adopted by most US states, ORSA requires insurers to assess the adequacy of their risk management and current/future solvency position.
How many controls does Own Risk and Solvency Assessment have?
Own Risk and Solvency Assessment contains 11 controls organized across 4 domains.
Where does Own Risk and Solvency Assessment apply?
Own Risk and Solvency Assessment is applicable in United States (NAIC). Organizations operating in or serving customers in this jurisdiction should evaluate its requirements.
What frameworks does Own Risk and Solvency Assessment map to?
Own Risk and Solvency Assessment has control-to-control mappings with 7 other compliance frameworks in our database. Use our compliance platform to explore these mappings interactively.
How do I get started with Own Risk and Solvency Assessment compliance?
Start by understanding the framework's key controls and domains. Our compliance platform provides AI-powered gap analysis and mapping tools to help you assess your current posture and build a remediation plan.
How ready are you for Own Risk and Solvency Assessment (ORSA) — NAIC Model Act?
Answer 25 questions and get a professional readiness report with gap analysis, maturity scores, and prioritised action items. Results in 5 minutes.