“Controls are useless if they are not reliable”

One of the pillars in the formation of Antalea, is our observation that there is no need to perform checks if they are not reliable.

From this, we concluded several principles :

Too often, requirement gathering is limited to choosing from existing software features.

Requirements must be independent of any system or data..

Where the necessary information for a check is missing or of poor quality, the overall workload of incident tracking is increased, and the reliability of controls is correspondingly affected.

At Antaléa, we believe that a control without reliable data available should not be implemented.

In a control system, it is not uncommon to find thousands or even tens of thousands of coded rules, which primarily results from a duplication of nearly identical rules.

A system with fewer rules will be easier to use and maintain therefore more reliable.

Too often the validation of controls is implemented using existing portfolios or by means of incomplete unit testing.

The efficiency of a series of tests is ensured by the meticulous crafting of numerous test sets which reflect your business to the greatest degree possible, as well as by a thorough analysis of the results.

The shortcomings of a system are often related to its opaqueness: to extract all the information that led to a given situation can be painstaking.

We believe that to be functional, a system must be fully transparent and include a comprehensive and easily readable audit trail.

 

RiskyLeaks

RiskyLeaks is a simple and flexible tool developed by Antalea, usable whatever your tools and software, and provides easily readable results. RiskyLeaks can :

  • Create test portfolios which are consistent, and conform to your management types
  • Run parallel tests on these portfolios in RiskyLeaks and in your control tools
  • Extract accurate and auditable results and from RiskyLeaks compare them to the results obtained from your systems to identify possible failures based on facts.