NFRA defensibility assessment
Rate each question: Not at All (1) · Partially (2) · Mostly (3) · Fully (4)
Pillar 1, Transparency & Explainability
1. “Can the tool explain WHY it flagged a specific transaction?”
Not at All (1) Partially (2) Mostly (3) Fully (4)
2. “Can you trace every output back to its input data?”
Not at All (1) Partially (2) Mostly (3) Fully (4)
3. “Are the rules / algorithms documented and auditable?”
Not at All (1) Partially (2) Mostly (3) Fully (4)
Pillar 2, Consistency & Reproducibility
4. “Does the same input always produce the same output?”
Not at All (1) Partially (2) Mostly (3) Fully (4)
5. “Are results consistent across different users running the same data?”
Not at All (1) Partially (2) Mostly (3) Fully (4)
6. “Is there version control for the tool’s logic / models?”
Not at All (1) Partially (2) Mostly (3) Fully (4)
Pillar 3, Completeness & Coverage
7. “Does it process 100% of the population or use sampling?”
Not at All (1) Partially (2) Mostly (3) Fully (4)
8. “Does it cover all relevant assertion categories?”
Not at All (1) Partially (2) Mostly (3) Fully (4)
9. “Can it handle edge cases (negative amounts, reversals, multi-currency)?”
Not at All (1) Partially (2) Mostly (3) Fully (4)
Pillar 4, Documentation & Audit Trail
10. “Does it generate audit-ready documentation automatically?”
Not at All (1) Partially (2) Mostly (3) Fully (4)
11. “Is there a complete log of all operations performed?”
Not at All (1) Partially (2) Mostly (3) Fully (4)
12. “Can the documentation satisfy SA 230 requirements?”
Not at All (1) Partially (2) Mostly (3) Fully (4)
Answer all 12 questions (0/12)
