At a minimum, the internal controls system should be designed and
operated to provide reasonable assurance over the insurers key
business, IT and financial policies and processes, including
accounting and financial reporting, and the related risk management
and compliance measures in place. Each individual control6 of an
insurer, as well as all its controls cumulatively, should be designed
for effectiveness and operate effectively.