GRAPA - RAStandards2009

R o b M at t i s o n
R e v e n u e A s s u R A n c e s TA n d A R d s
ReleAse 2009
The
Copy Edit by Rick Alaska
GRAPA Oakwood Hills, Illinois, USA
Other Books by Rob Mattison:

The Data Warehousing Handbook - 2006 The Telco Revenue Assurance Handbook - 2005 The Telco Churn Handbook - 2005 Telco Churn: The Golden Opportunity - 2001 Web Warehousing and Knowledge Management - 1999 Winning Telco Customers Using Marketing Databases - 1999 Data Warehousing and Data Mining for Telecommunications - 1997 Data Warehousing: Strategies, Technologies and Techniques - 1996 The Object-Oriented Enterprise: Making Corporate Information Systems Work - 1994 Understanding Database Management Systems, 2nd Edition - 1998, 1993
Published by XiT Press, Oakwood Hills, Illinois, USA - 2009
Copyright Rob Mattison, 2009
All rights reserved. Printed and bound in the United States of America. No part of this book may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without permission in writing from the publisher. Use of a terms in this book should not be regarded as affecting the validity of any trademark or service mark.
Internatinonal Standard Book Number:
Ta b l e o f C o n t e n t s
Table of Contents
Foreword . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvi Chapter 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Monetary Menials or Profit Prophets: The Revenue Assurance Phenomena . . . . . . . . . . . . . . . . . . . . . . . . . 1
Old School Revenue Assurance and the Monetary Menial . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Introducing the BOM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Whatever Happened to the Product Manager? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 The Modern Telecommunications Management Team . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
The Demise of the BOM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 The Demise of the Full Life Cycle Product Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Welcome to the Telecom of the 21st Century . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Revenue Assurance: State of the Art Today . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Old School Revenue Assurance The Monetary Menials . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Next Generation Revenue Assurance The Profit Prophet Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Prevention vs. Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Anticipation vs. Reaction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Becoming the Prophet of Telco Profits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
The Modern Revenue Assurance Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 The GRAPA Standards Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Challenges to the Establishment of Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Disparity in Size, ARPU and Headcount . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Disparity in Technology (Age, Diversity, Complexity) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Disparity in Corporate and National Culture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Disparity in Organizational Maturity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Revenue Assurance Standards: A Sliding Scale . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Chapter 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 An Introduction to the Global Revenue AssuranceProfessionals Association . . . . . . . . . . . . . . . . . . . . . . . 11

The History of the GRAPA Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
The Lack of Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11
Copyright 2009 Rob Mattison
GRAPA
iii
The Revenue Assurance Standards Release 2009
Professionalization the Need and the Price . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

The Need for Autonomy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 The Need for Consensus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Key GRAPA Facts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

GRAPA Key Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 GRAPA Countries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 Members' Regions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 Members' Lines of Business . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 Members' Subscriber Base . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
The GRAPA Staff . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 GRAPA Initiatives in 2008 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

GRAPA Standards Committee . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 GRAPA Fraud Contest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 GRAPA Certification Committee . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 GRAPA Benchmarks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 GRAPA Town Hall Meetings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 The Revenue Assurance Academy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
GRAPA in 2009 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 GRAPA Standards 2009 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

GRAPA Town Hall Meetings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 GRAPA Certification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 Revenue Assurance Academy for 2009 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 New Committees . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 GRAPA Cyber Conferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 GRAPA Job Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Chapter 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 The GRAPA Benchmarks: The State of the Revenue Assurance Profession Today . . . . . . 21
GRAPA Benchmarks: Background . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 Observations About the Volatility of the Benchmarks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 Benchmark Respondents General RA Practices and Personnel Characteristics Background . 22 Line of Business of Respondents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
GRAPA
iv
Background of Typical Revenue Assurance Professionals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 Years of Experience (Employed in Telecommunications) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 Basic Background and Training . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 Educational Background . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 The Practice of Revenue Assurance within the Telco . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 Revenue Assurance Performed by Other Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 Self Assurance: Revenue Assurance Performed by Operational Departments Themselves . . . . 26 Where does Revenue Assurance Report? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 Role and Positioning of Fraud Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 Scope, Breadth and Depth of RA Participation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 Biggest Needs within Revenue Assurance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 The Future of Revenue Assurance 2009 Forecast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 Conclusions Drawn from the Benchmark Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 Sliding Scale Application of Revenue Assurance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 Need to Define Boundaries between RA and Other Oversight / Assurance Groups . . . . . . . . . . . 30
Need to define boundaries between RA and Operational Management . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 The Need for Training and Certification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Chapter 4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 GRAPA Standards Approach and Prerequisite Components (Practices and Body of Knowledge) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
The Standards Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 The Standards Development and Ratification Process. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
GRAPA Workshops . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 GRAPA Committees . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 GRAPA Benchmark Surveys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 GRAPA Town Hall Meetings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 GRAPA Standards Ratification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Development of the Supporting Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 The Revenue Assurance Body of Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

Domain Knowledge (Technical) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
GRAPA
Techniques and Practices Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 Tools Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 Line of Business Knowledge (Operational Domains) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
GRAPA Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Standard Controls Inventory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 Diagnostic and Administrative Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 KPIs and Measures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Chapter 5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
GRAPA Standards: Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Chapter 6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
The Revenue Assurance Lifecycle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 What Is Not Part of Revenue Assurance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 Developing a Non-Anecdotal Definition of Revenue Assurance . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
A Functional Description of Revenue Assurance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 Note: Who Does What? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
The Four Disciplines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

Appropriateness and Fit of These Disciplines to Actual Practice . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Benefits of Agreeing Upon This Standardized Framework . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

1. Developing Expertise and Systematic Approaches and Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 2. Economy of Scale . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 3. Ability to Organize . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 4. Standard Vocabulary Across Organizations and Functional Areas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 5. Ability to Measure and Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
What Has Been Missed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 The Revenue Assurance Lifecycle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

Phase I Forensic Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 Real World Practices in Forensics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
The Findings Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

How formal or informal is this process? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 Phase II Implementation of Corrections and Controls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47 Who Decides About Corrections and Controls? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48 Phase III Implementation of Corrections and Controls. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
GRAPA
vi
Phase IV Feedback Mechanisms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Phase IV++ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 The Revenue Assurance Lifecycle Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Chapter 7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Forensic Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 A Set of Guidelines Not an Instructions Manual . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 Forensic Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 The Revenue at Risk Concept . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 The Forensic Analysis Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 Inputs to Forensic Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 Cases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 Managing the Queue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
Who Does What? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54 The Prioritization of Cases and Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54 The First Revenue Assurance KPI Case/Domain Uptake Rate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
The Forensic Disciplines (Scientific Method) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 Risk Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

Output of the Risk Analysis Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Exchange Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Process Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 Systems Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 Statistical and Numerical Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
Outputs of Forensic Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59 Summary of the Case/Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 Review of the Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 Revenue at Risk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
The Second Set of Forensic KPIs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
Remedy Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 Remedy Recommendation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 How Formal Does the Forensics Process Need to Be? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
GRAPA
vii
Chapter 8 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Controls, Corrections and Compliance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 Management Decision-Making . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66 The Management Decision Making Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Remedy Selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67 Implementation Responsibility Assignment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67 Funding and Budgeting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
The Controls/Corrections Development Lifecycle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68 Understanding Controls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68 Definition of a Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68 Most Commonly Applied Controls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Audits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69 Threshold Response Monitoring based on Existing Operational Reports. . . . . . . . . . . . . . . . . . . . . . . . . . 70 Test Plans . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71 Synchronization Mechanisms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71 Change Management Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
Auto-Adjustment Mechanisms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73 Understanding Corrections. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73 Understanding Compliance and Reporting (KPIs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73 What is the Reason for Compliance Reporting? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
Chapter 9 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 Objectives of Revenue Assurance Activity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79

Definitions that are Too Broad . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 Definitions that are Too Narrow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
Why is an Accurate Definition of Objectives Critical? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 Remediation, Detection and Deterrence (RDD) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
Appetite for Risk and RDD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80 Scope and RDD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81 What Kinds of Cases Should be Included in the Charter for Revenue Assurance? . . . . . . . . . . . . . . . . . . 81
The GRAPA Standards Process and Standard Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
GRAPA
viii
Who Else is Available? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 The Six Mis Prefixed Categories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 Leakage Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
KPIs for Forensics, Controls and Corrections for Leakage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
Fraud Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
KPIs for Forensics, Controls and Corrections for Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
Margin and Rate Plan Assurance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86 Beyond Interconnect Margins Rate Plan Assurance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Bundle and Subsidy Rationalization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87 Cannibalism . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88 The Revenue Assurance Lifecycle and Rate Plan Assurance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
New Product Development Assurance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88 Product Assurance Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 Market Assurance (Churn and Market Erosion) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90 How Do You Assure Against Churn? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90
Determining the Loss and Risk of Loss Associated with Churn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Asset Utilization Assurance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92 BTS Outage Assurance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92 RDD and Asset Utilization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92 The Fluid and Expanding Scope of Revenue Assurance Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . 93
Chapter 10 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
Domains and Scope Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 Defining Scope by Function and Responsibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
Starting with the ETOM model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
GRAPA Vertical and Horizontal Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100 Vertical Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101 Network Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101 BSS and OSS Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101 Operational Areas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
Vertical Domain Controls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
Horizontal Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
GRAPA
ix
Line of Business Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 Product Line Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 Rate Plan Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 Market and Customer Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 Taxonomy of Horizontal Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104 Revenue Mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105 1. Define the Horizontal Domain for the Mapping Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105 2. Decompose the Domain into Revenue Streams . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105 3. Obtain Revenue Numbers for Each Revenue Stream . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 4. Create a Revenue Map for Each Revenue Stream . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
a) Identify the Point of Revenue Transaction Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 b) Identify the Point of Revenue Transaction Capture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 c) Trace the Revenue Transaction Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 d) Assign Revenue Values to Each Component . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107 Revenue Map Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
Creating a Payment Map for each Revenue Stream . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .110 Horizontal Forensics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .110
Risk Maps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
Horizontal Controls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112 Coverage Strategies (Vertical/Horizontal Optimization) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .113
Chapter 11 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
Organizational Principles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .117 Making Revenue Assurance a Good Fit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .117 Separating Who Does What? from What Needs to be Done? . . . . . . . . . . . . . . . . . . . . . . . . . .118 The Coverage Challenge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .118 The Super-Revenue Assurance Department Temptation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .119
Best Fit Criteria for Revenue Assurance on a Task-by-Task or Domain-by-Domain Basis . . . . . . . . . . . 119
Administration vs. the Practice of Revenue Assurance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120

The Revenue Assurance Department as a Competitor. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120 The Revenue Assurance Department as the Administrator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
Operational Responsibility Positioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
GRAPA
The Revenue Management Organizationand the Return of the BOM . . . . . . . . . . . . . . . . . . . . . . . . 121 The Shared Responsibility Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122 Organizational Principle #1: The Relationship of Revenue Assurance to the Operational Team . . . . . 122
Exceptions and Conditions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
Organizational Principle #2: The Relationship of Revenue Assurance to Other Support Organizations . 123 Organizational Principle #3: The Relationship of Revenue Assurance to Top Management . . . . . . . 123 A. Assess and Report Risk Forensics and Overall Risk Analysis . . . . . . . . . . . . . . . . . . . . . . . . 124
Assessing Risk vs. Performing Risk Assessment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124 End to End Assurance and Strategy vs. Tactical Application . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
B. Define and Recommend Rationalized Remedies Recommend Coverage Plans . . . . . . . . . 125 C. Implement Based on Management Decision and Appetite for Risk . . . . . . . . . . . . . . . . . . . . . 125
Top Management Must be Directly Involved . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126 Other Managers Can Take Responsibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126 The Revenue Assurance Management Team Can Make the Decision . . . . . . . . . . . . . . . . . . . . . . . . . . 126 The Revenue Assurance Practitioner is Authorized to Make The Decision . . . . . . . . . . . . . . . . . . . . . . . 126
Management Decision-Making and Appetite for Risk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126 D. Perform Within Formally Defined Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
Chapter 12 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
Operational Principles and Ethics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131 The Core Principles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131 Consensus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131 Integrity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132 Rationalization. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132 Ethical Principles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132 Corporate Responsibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133 Operational Independence Requirement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133 Principles of Practice . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133 Competency Requirement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134 Transparency Requirement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134 Maximum Effect for Minimum Cost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
GRAPA
xi
ConclusionThe New Definition of Revenue Assurance and Next Steps . . . . . . . . . . . . . . . 137

A Comprehensive, Substantive and Non-Anecdotal Definition of Revenue Assurance . . . . . . . . 137 Next Steps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138 1. Certification Program Launch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138 2. Cataloging and Benchmarking of Standard Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138 3. Review, Update and Modification of the Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138 Lead, Follow, or Get Out of the Way . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
Appendix A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139 The GRAPA Certification Program (2009) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139

Certification Training Curriculum . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139 Benefits of Certification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140
Plans for Extension of the Certification Program . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140
The Need for a Professional Revenue Assurance Function. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140 Telco and Revenue Loss An Odd Relationship . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141 The Revenue Assurance Job Today . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141 Benefits of Professionalization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142 What Does Professionalization Mean? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142 Benefits of Professionalization for the Practitioner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142 Benefits of Professionalization for the Company . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
Authoritative Body of Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
Key Ingredients of Professionalization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144

Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144 Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145 Operational Models (Frameworks) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146 Subscription . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
The Role of Certification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147 What is Certification? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147 Why Pursue Certification? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147 Why Is It Required? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
Knowledge Volatility (Continuous Source of Knowledge Upgrade). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148 Accessibility of Knowledge (Silos of Information) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
GRAPA
xii
Career Anchor (Referential Positioning) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148 Control Rate of Growth (Self Guidance) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148 Measurement of Competence (Self Confidence) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
What Are The Challenges? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148

Cost To Provide (Funding Model and Value Returned) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149 Cost to Administer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149 Credibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149 Ease of Attainment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149 Industry Acceptance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149 Proof of Value . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
Components and Administration Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150

Curriculum (Body of Knowledge) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150 B. Classes (Training) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150 C. Testing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150 D. Experience Verification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150 E. Test Out (Bypass) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
Appendix B . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151 The GRAPA Body of Knowledge Draft . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

I. Vertical Domain Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152 I.A. Network Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152 I.B. Billing Architectures Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153 I.C. Mediation Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153 I.D. Postpaid Billing Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154 I.E. Prepaid Billing Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154 I.F. Interconnect Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154 I.G. Roaming Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155 I.H. Content Management Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155 I.J. Customer Service Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155 Horizontal Domain Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156 II.A. Postpaid Line of Business Operations Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156 II.B. Prepaid Line of Business Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
GRAPA
xiii
II.C. Interconnect Line of Business Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156 II.D. Roaming Line of Business Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157 II.E. Value Added Services Line of Business Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157 II.F. Cable-Based Services Line of Business Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157 II.G. Streaming Services Line of Business Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158 II.H. Data Services Line of Business Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158 II.I. Content-Based Services Line of Business Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158 II.J. Satellite Services Line of Business Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159 Payment Channel Domain Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159 III.A. Point of Sale Payment Channel Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159 III.B. Sales Channel Payment Channel Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159 III.C. Prepaid Retail Payment Channel Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160 III.D. Distribution Payment Channel Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160 III.E. Credit and Collections Payment Channel Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160 III.F. Credit Card and ATM Payment Channel Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161 Provisioning and Activation Process Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161 IV.A. Provisioning and Activation Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161 New Product Development Process Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162 V.A. New Product Development Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162 Fraud Management and Crime Detection Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162 VI.A. Fraud Management Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162 Techniques Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162 VII.A. Revenue Assurance Lifecycle and Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163 VII.B. Forensics Analysis Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163 VII.C. Operational Monitoring (Controls Management) Techniques . . . . . . . . . . . . . . . . . . . . . . . 163 VII.D. Corrections Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164 VII.F. Compliance Management Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164 VII.G. Revenue Assurance Department Management Techniques . . . . . . . . . . . . . . . . . . . . . . . 164 VII.H. Fraud Management Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164 VII.I. Audit Techniques. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165 VII.J. Margin Analysis Techniques. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165
GRAPA
xiv
VII.K. Revenue Stream Maximization Network Element Outage Assurance Techniques . . . . . 165 VII.L. Revenue Stream Maximization Fraud Management Assurance Techniques . . . . . . . . . . 165 VII.M. Rate Plan and Bundle Assurance Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165 Tools Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166 VIII.A. Fraud Management Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166 VIII.B. Probes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166 VIII.C. Test Call Generators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166 VIII.D. Parallel Rating Engines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166 VIII.E. Business Intelligence Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167 VIII.F. Revenue Assurance Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167
GRAPA
xv
GRAPA
xvi
Foreword
Foreword
In January of 2009, the Global Revenue Assurance Professionals Association (GRAPA) formally published the official Standards for the Practice of Revenue Assurance for 2009. These Standards are the result of many hours of hard work by dozens of volunteers who labored to make the Standards as neutral, unbiased, practical, and useful as possible for the thousands of people who are currently employed as Revenue Assurance professionals in the Telecommunications industry. This book is an in depth review and exploration of the current Standards. The Standards Document itself is only 18 pages long, but the implications and interpretations of the dozens of different principles are extensive. It is our hope that the majority of the people practicing Revenue Assurance around the world today take the time to review these Standards and make use of whatever they find to be beneficial. In an effort to encourage the dissemination of these Standards as quickly and accurately as possible, it was decided to make this book available via several channels: 1. 2. 3. GRAPA members can download a PDF version of the book, free of charge, using their GRAPA Membership ID on the GRAPA website. Anyone wishing to obtain a copy of the book without providing personal contact information can purchase an e-download from a number of sources. The book will also be made available in soft- and hardcover format and can be purchased from a number of sources.
This book (and the Standards) represent a work in progress; not a definitive last word on the practice of Revenue Assurance. We hope that it provides professionals with a rich body of knowledge, a perspective to clarify their thinking, and that it improves their professional careers. If you are genuinely interested and/or engaged by this book, we hope that you are inspired enough to join the GRAPA organization and become further involved in the ongoing refinement of these Standards. Although it is not be possible for me to give credit to all of the many people that participated and helped with this process, I must acknowledge some of those that had a major role in making the book happen. My thanks and gratitude goes out to: Mike Sullivan (USA), Wessel Scheepers (South Africa), John L. Myers (USA), Henry E. Whyte (Ghana), Sriram Dharmarajan (India), Baba Diomande (Gabon), Dsir Nindjin (Ivory Coast), Robert Martignoni (Germany), Carola Rusch (Germany), Enid Mullin (South Africa), Victoria de Aboitiz (Argentina), Theodore Daniel Toma (Egypt), Pete Van Cleve (USA), Ravikumar Jigajinni (India), Anthony Cruz (Philippines), Malthesh Gududappa (India), along with the U.S. GRAPA team members who helped to make this happen including Brigitte Mattison, Chris Yesulis, Laura Knigge, Dustin Mattison, Eva Pristera, Nathan Langlois, Michael Crowley, Amy Beymer, Teresa Shepp, Jade Blackwater, and many others. This work could not have been completed without your dedication and continuous effort. I would also like to acknowledge and thank our copy editor, Rick Alaska, who made this book read as smoothly as it does.
My thanks, and enjoy. Rob Mattison
GRAPA
xvii
GRAPA
xviii
Chapter 1 - The Revenue Assurance Phenomena
Chapter 1 Monetary Menials or proFit prophets: the revenue assuranCe phenoMena

Help Wanted: Well financed Telecommunications Company looking for an experienced Revenue Assurance manager. Must be able to keep track of millions of miniscule, obscure facts and details, and be expert at Telecommunications technology (four generations) regulations (change monthly), business models (change frequently), finance, and operations (change daily). Successful candidate should be familiar with wireline, wireless, interconnect, roaming, 3G, Wi-Fi, WIMAX, and dozens of other technologies. You will be required to guarantee the integrity of the operation of hundreds of processes (processes that are the responsibility of someone else) and check to make sure that every single bit of revenue earned is accounted for across hundreds of operations and dozens of departments. You will also be required to participate in and assure the profitability and success of dozens of new service offerings. You will make use of technologies that are so new they havent even been invented yet, while not upsetting or causing the finance, internal audit, I/T, technical or operational management teams to feel threatened in any way. You will be forced to work with a minimum staff, budget and with only a few inappropriate tools, while being held personally responsible for any and all losses no matter how small, and no matter who is actually responsible for creating the problems. Must be willing to work for minimum wage, work long hours and assign credit for your accomplishments to people you had to fight to get things fixed in the first place.
Seems like a great job, doesnt it? But looking around the Telecommunications industry today, you can easily find hundreds of job openings with exactly these kinds of qualifications and terms. More unbelievably, you will also find a core group of highlymotivated individuals who are willing to voluntarily take on these tremendous jobs. To the casual observer and even to the seasoned Telecommunications professional, the phenomenon known as Revenue Assurance creates quite a bit of confusion and at times some controversy. Despite the confusion, the bickering and apathy, it is clear that Revenue Assurance is growing in scope, depth and breadth on nearly a daily basis.
GRAPA
Old School Revenue Assurance and the Monetary Menial

For those of us who have been in the Telecommunications industry for a while, we are familiar with the classical perspective on what Revenue Assurance is all about. Much in the same way that the pre-War of 1812 British Navy impressed sailors to man their fleets, financial managers have impressed unwary I/T, Finance and Operational personnel into attempting to clean up the financial mess left by sloppy operations, unclear operational boundaries and less-than-crisp execution in all matters related to revenue. At the height of the Old School Revenue Assurance crusade personnel were expected to be responsible for the sacred Switch to Bill domain. This assures that every CDR that came off the switch can be accounted for in the billing system, and not much else. The irony, of course, is that this represents only a small portion of the overall revenue exposure that a typical Telco experiences. Even more ironic even in those days, getting this simple piece of the complex revenue management puzzle assured was no small task.
Introducing the BOM

The good old days of Revenue Assurance are quickly receding as the Revenue Assurance job continues to expand in scope and importance. However, before we can intelligently address the many different facets of this expansion of the profession, it is important to have a basic understanding of why the Revenue Assurance job exists, and more importantly, why it is growing in importance. One of the first places we can look when trying to explain the Revenue Assurance phenomena is the demise of one of the venerable institutions of old school Telecommunications, the BOM. The BOM (Billing Operations Manager), used to be one of the most important people on the Telecommunications management team. The BOM usually reported directly to the CEO, and was considered the second most powerful member of the management team after the CTO (Chief Technology Officer). For people familiar with modern Telecommunications, the concept of the BOM might seem foreign and difficult to understand. But the BOM had traditionally been a critical cog in the Revenue Management machine. The Billing Operations Manager was the person responsible for the integrity of everything in Billing Operations. The BOM was responsible for making sure that the CDRs were generated by the switches. This person ensured that mediation processed the CDRs successfully. The BOM was king of running the billing cycles, and usually had credit and collections responsibilities. In short, the BOM had absolute full operational and financial responsibility for the capture, processing and collection of revenues. The CEO needed to call only one person to answer questions about revenues or collections, and that was the BOM. What a concept! What a great idea a fully integrated operational group responsible for the integrity of all revenue related activities! The BOM, of course, was a difficult job. It required that a person be an expert politician, technician, operational maven, and financial manager. The BOM had to know how to make things happen and how to make sure that others did as well. Most critically, the BOM had the power to change things what needed to be changed (because of the impact on revenues) and the BOM had the support of the organization to ensure that it happened.
GRAPA
Whatever Happened to the Product Manager?

Not too surprisingly, there is another role that used to be part of the Telecommunications Management team that is also rapidly disappearing. That role is the fully-responsible Product Manager. Admittedly, many incumbent, wireline Telcos still have this job and keep this department in operation today, but for the most part, newer teams and especially wireless carriers tend to function without one. The Product Manager in the old school Telecom world, like the BOM, was a person with end-to-end responsibility. The Product Manager was responsible for the profitability and success of products from inception to creation, to deployment, and throughout a products lifecycle. When the Telco decided to create a new service offering, the Product Manager (typically a member of the CTO team) was responsible for ensuring that everything associated with that product, was addressed, especially from the technology and market and sales forecast side. The old school Product Manager was one third technician, one third operational manager and one third marketer. It is not surprising that, with a good BOM and a good Product Manager, there was little doubt about how well a Telco was being managed, and most importantly, who was responsible when something went wrong.
The Modern Telecommunications Management Team

If the BOM and the Product Manager made managing revenues so simple and clear, what happened? Where are these people today? More importantly, who is doing the jobs that these people used to do? Therein lays the crux of the problem. Where did these roles go, and how does the modern Telecommunications organization get these jobs done? Although the good old days of Telecommunications had virtues, such as profitability and stability, several factors disrupted the previously normal way of operating. The past 25 years have seen an explosion in innovation, invention and disruption of the Telecommunications business model on every front. New technologies, disruptive and inconsistent regulatory variance, and deployment of radical new sales channels and business models have reduced Telecommunications to a mere shadow of what it used to be. With so much changing so quickly, Telecommunications organizations have been forced to adopt a radically different kind of operational control model.
The Demise of the BOM

One of the first roles to disappear was that of the BOM. As the business models for Telecoms shifted from Postpaid to Prepaid, and from household and corporate-based to individually-based, the need for a Billing Operations Manager disappeared. Prepaid systems, credit cards, cash payments, direct bank deposits, and a myriad of other financial vehicles complicated the simple, straightforward model that directed the Billing Operations domain.
The Demise of the Full Life Cycle Product Manager

In much the same way, the once powerful end-to-end full responsibility Product Manager was replaced by a team of people. As the number of products and marketing plans exploded, and as Telcos became more and more radical and speculative in their marketing approach the ability of a single person to manage it all was quickly abandoned. In its place is a team, typically headed by Marketing, and assisted by temporary help from Technology, Finance and Operations. The team is comprised of individuals with each having a different partial view of the product, its overall profitability, and its revenue generating integrity.
GRAPA
Welcome to the Telecom of the 21st Century

Replacing the large, slow moving, highly profitable incumbent wireline and long distance companies of the nineteenth and twentieth century is a new, lean, mean, highly flexible (loosely assembled) Telecom of the twenty-first century. The modern Telecommunications company is a chaotic and confusing pressure cooker of change, including changing technology, changing markets, changing consumer attitudes, and a changing competitive landscape. In the modern world of Telecommunications, competitors can become partners in the blink of an eye as companies struggle to balance risk, revenue, capital outlay, and expertise. In the midst of all of this we find the humble Revenue Assurance practitioner.
Revenue assuRance: state of the aRt today

Given this background, the chaos, confusion, profit and loss that typifies the Telecommunications company today, where exactly does the Revenue Assurance job fit in? What do managers expect from a Revenue Assurance department? How are Revenue Assurance groups measured? How are they organized? How do they know if they are doing it right? These are extremely complex questions. Revenue Assurance, like everything else in Telecommunications today, is typified by a wide range of different implementations and interpretations depending upon where you go and who you ask.
Old School Revenue Assurance The Monetary Menials

At the low end of the Revenue Assurance scale are the groups that cling to the Switch to Bill mantra. According to these practitioners, Revenue Assurance is about counting CDRs and troubleshooting Billing System problems. The people who view and treat Revenue Assurance this way have relegated the discipline to simple straightforward monetary menials. These menials are the billing system maid service that follows the operational teams, attempting to sweep the droppings from overly aggressive and forgetful Operational Managers. In this world view, the Operational Managers are responsible for bringing in the big bucks and cannot be saddled with responsibility for the minor details. So instead of expecting them to clean up after themselves, we bring in the Revenue Assurance janitors who make sure that there are no major messes left behind. Almost all Revenue Assurance departments started out this way, but an increasingly large number of groups are finding themselves forced into the limelight and pressured to take on more and more responsibility for a scope that far exceeds the humble Switch to Bill beginnings.
Next Generation Revenue Assurance The Profit Prophet Model

Employing a team of revenue janitors can recover some of the losses that Telcos might experience as they scramble to stay competitive at this breakneck pace. But many organizations are coming to realize that employing this janitorial team (even if it is really good), still leaves considerable revenue at risk. Why is that? There are many reasons.
GRAPA
Prevention vs. Recovery

The role of revenue janitor is not a model for preventing revenue losses. The janitor cleans up after it is too late. As the old saying goes An ounce of prevention is worth a pound of cure. It is much more efficient to prevent losses than to clean them up. If you want to prevent losses, then you will have to redefine the janitors role as something more proactive and involved in the process. One of the biggest trends seen in the expansion in the responsibilities of the Revenue Assurance professional is the movement into areas where prevention of loss is as important as detection and elimination of existing losses.
Anticipation vs. Reaction

If you are going to try to prevent revenue leakage, then you will need to know how far up the Revenue Recognition chain you must climb to achieve prevention. Does prevention include anticipating losses due to fraudulent activities by partners? Does it include anticipating losses due to poorly managed contracts and agreements? Does it involve losses created by failure to comply with regulations? Does it involve anticipating losses due to aggressive marketing activities by competitors?
To take on the mantle of prevention, we have to define exactly how far to take it.
Becoming the Prophet of Telco Profits

And so, as the natural evolution of the Revenue Assurance job continues, we see the redefinition of this janitor into a person responsible for the anticipation of loss, the prediction of outcome, and the forecasting of success. As the role of the Revenue Assurance professional moves increasingly into anticipation of loss domain, that professional is asked more often than not to see into the future, predict likely outcomes and provide management with guidance regarding the best course in a given situation.
The Modern Revenue Assurance Organization

In Telcos around the world, the Revenue Assurance professional is being asked to wrestle with these issues and more. As the old Telecom model falls further into disuse and disgrace, the modern Telco executive is relying more and more on teams of sharp revenue-, technology- and operation-savvy professionals who focus on the bottom line. This can be an incredibly useful and even critical component for success. It is in this wild, crazy, confusing world of conflicting missions, objectives and operational assumptions that most modern Revenue Assurance departments find themselves. While almost every Telco on the planet today has a Revenue Assurance department, the disparity in staffing, missions, responsibilities, and charters can be immense. Even in multi-national Telcos, where one parent corporation oversees dozens of subsidiaries, the missions, makeup and roles of the Revenue Assurance departments can be quite disparate.
The GRAPA Standards Objectives

It is in this environment that the Global Revenue Assurance Professionals Association (GRAPA) has undertaken the task of developing a consensus across the industry, defining what the scope, depth and breadth of the Revenue Assurance job should be
GRAPA
GRAPA was founded and has as its primary mission the job of aiding Revenue Assurance professionals around the world in the definition, standardization and professionalization of the Revenue Assurance job. Early in the life of the organization it became clear that the key advantage that most members were seeking was a clear set of standards by which they could set their goals and objectives. There are many reasons why GRAPA has taken on the development of a clearly defined, industry-wide, globally accepted set of standards for the practice of Revenue Assurance. Standards of this kind provide support from many peoples perspectives. 1. Top Management: By establishing a clear set of standards, it will be possible for companies to: a. Better understand, manage and finance Revenue Assurance activities b. Better judge the skills, strengths and weaknesses of Revenue Assurance departments c. Develop a clear set of expectations, KPIs and budgetary guidelines for the conduct of Revenue Assurance within the organization d. Decide upon clear boundaries and assignment of responsibilities between the Internal Audit, I/T, Sarbanes-Oxley, Business Process Engineering, and Operational Management teams. 2. Revenue Assurance Managers: Standards make it possible for Revenue Assurance managers to: a. More efficiently organize and run their departments b. More effectively recruit and train people with the right skills and dispositions c. Develop clear career paths and salary scales for RA professionals d. Gain acceptance, support and a shared vision between the RA, Operational Management, and Top Management teams. 3. Revenue Assurance Professionals: These standards make is possible for individuals to: a. Better understand their own mission and value to the organization b. Build a comprehensive career development plan c. Increase their value to the organization d. Improve their sense of mastery, accomplishment and proficiency In general, the objectives of these standards are to help the industry overall, and the Revenue Assurance professionals as individuals to improve the quality, quantity and effectiveness of their activities to the benefit of all parties involved.
challenges to the establishMent of standaRds

While establishment of a set of standards for the Revenue Assurance professional might seem a simple process, there are actually several forces at work that make it an extremely difficult task. There are hundreds of companies around the world that can clearly identify themselves as a part of the Telecommunications industry, but the variance between these companies can be quite large There are several factors that make the standardization of anything within the Telecom industry extremely difficult. These include the following disparities.
GRAPA
Disparity in Size, ARPU and Headcount

Telecommunications companies range in size from the small Telco with less than 10,000 subscribers to the extremely large carrier with tens of millions, and now, even hundreds of millions of subscribers. In addition to the disparity in size of the customer base (headcount), there is also a large difference in the average revenue per user (ARPU). As a result, for some carriers a high headcount combined with a high ARPU will mean that highly automated, repetitious and rigidly defined operational parameters, combined with employment of many highly trained specialists, will yield the best benefit from a revenue protection perspective. For the smaller companies that also have a lower ARPU, the employment of fewer people who perform a wide variety of responsibilities will be the order of the day. Headcount and ARPU disparity establish the first set of parameters dictating what an optimum Revenue Assurance approach will be.
High ARPU High Headcount
Low ARPU Low Headcount
Small Team Generalists
Large Team Specialist
Figure 1.1 Optimum size and nature of RA team in relation to the ARPU and Headcount of carrier
GRAPA
High ARPU High Headcount
Low ARPU Low Headcount
Loosely Structured Highly Reactive
Highly Structured Highly Automated
Figure 1.2 Optimum structural and automation approach based on the ARPU and Headcount of carrier
Disparity in Technology (Age, Diversity, Complexity)

The number of different technologies that a Telco supports, the age of those technologies and the overall complexity of the infrastructure all have a significant impact on the likelihood that the carrier will need more or less support from Revenue Assurance activities. Older technologies are by definition more stable, better understood and more easily contained than new technologies. This translates into a clear need for an increase in Revenue Assurance support as the technology gets newer. Indeed, the newest technologies typically have almost no built-in revenue controls whatsoever, and in these cases the job of the Revenue Assurance team becomes focused on the creation of controls rather than enforcement of existing controls. In the same way, Telcos with a highly diverse set of technologies (many generations and many different types of technology) will typically find themselves in need of this same kind of active participation by Revenue Assurance.
Newer Technology Complex Environment
Older Technology Simpler Environment Less Need for Revenue Assurance More Need for Revenue Assurance
Figure 1-3 Relationship between the complexity and age of technology to the need for RA support
GRAPA
Disparity in Corporate and National Culture

As if the diversity of Telco environments defined by markets, customers and technologies was not enough, there are clear differences in the way organizations embrace Revenue Assurance as it relates to their national and corporate cultures. For example, the German people are famous for their dedication to detail, precision and for doing things the right way. An employee of a German carrier is likely to have a cultural predisposition towards doing things right the first time and thus eliminating the need for the double-checks that a Revenue Assurance organization will provide. This greatly limits the areas where Revenue Assurance might be required.
Disparity in Organizational Maturity

As the Telco gets older, more operations and organizational boundaries become formalized. In general, this means that older organizations tend to have less need for Revenue Assurance activities than younger organizations. This is because, over time, more areas have institutionalized and standardized controls, making the imposition of additional Revenue Assurance controls redundant. Indeed, in the older, more established Telcos, there are often well established Business Process Reengineering teams, IT teams and seasoned Internal Auditors who understand the intricacies of Revenue Assurance much better than any traditional Revenue Assurance team. Ironically, this institutionalization and formalization can sometimes create a backlash effect where the structures are so inflexible that the organization creates blind spots that generate Revenue Assurance exposure.
Newer Organization Less Structure
Older Organization Mature Processes And Operations Less Need for Revenue Assurance More Need for Revenue Assurance
Figure 1-4 Relationship between age and maturity of an organization and its need for Revenue Assurance support
GRAPA
Revenue assuRance standaRds: a sliding scale

Because of these factors it became clear at the outset that any set of standards for the practice of Revenue Assurance, applicable across the Telco industry, would need to be extremely flexible in structure and implementation. Revenue Assurance might be needed more in some places than others, and might see a variety of different implementations, based upon the different conditions that an individual carrier might face. But there is no logical reason that we should not be able to establish a set of standards, structures, guidelines, and knowledge sharing that will enable the industry to attain a reasonable economy of scale for investment in Revenue Assurance. This is the core challenge to the establishment of Revenue Assurance as a profession and to the efficient practice of Revenue Assurance across the industry. How do we establish a set of standards that can support everyone, allowing everyone to benefit from the shared mission, goals and challenges, while at the same time recognizing and adapting to the differences that are the heart and soul of the industry? We have the privilege of sharing with you the results of the GRAPA organizations two-year project in order to accomplish this. We hope that you find our efforts to be interesting, informative and helpful in your understanding of Telco operations. We also hope that it increases your appreciation of the incredibly complex and interesting job of Revenue Assurance, and the complexities of creating, staffing and training your own Revenue Assurance team. As with all efforts of this type, the standards in this document should be considered a work in progress rather than a finished product. The teams and individuals involved in the creation of these standards, and in the practice of Revenue Assurance around the world, are constantly increasing, modifying, and improving the definition of Revenue Assurance and its many arts and skills. We do not consider the publication of these standards as the end of a process but as the beginning of the real work. Now that the standards have been formalized and approved, people can examine those standards and the Revenue Assurance job itself with a level of scrutiny that was not previously possible. Will these standards be the final word in Revenue Assurance? Absolutely not! But we are confident that they represent a strong start.
Rob Mattison President GRAPA
GRAPA
10
C h a p t e r 2 - I n t r o d u c t i o n t o G R A PA
Chapter 2 an introduCtion to the Global revenue assuranCe proFessionals assoCiation

The standards document presented here represents the sum total of the participation of hundreds of Revenue Assurance professionals from every continent working for telecommunications companies of every type and size. Creating the environment that made this kind of collaborative effort possible was not easy, and it is important for anyone reviewing these standards to have an understanding of their origin, why we believe they are important, and most importantly, why we believe they are legitimate.
The History of the GRAPA Organization

The original concept for the formation of GRAPA can be credited to a discussion between a group of experienced Revenue Assurance professionals who were sitting in a Starbucks coffee shop at the Petronas Towers in Kuala Lumpur. This group was discussing what was on the minds of many Revenue Assurance practitioners.
The Lack of Standards

A lack of standards can be attributed to: The inadequacy of conferences and training organizations to provide any credible and substantive value to the participants. The frustration with vendor-driven solutions that often missed the key issues faced by Revenue Assurance professionals.
More importantly, this discussion demonstrated that Revenue Assurance professionals are very interested in learning what other RA professionals are doing. A desire to share information, to learn from each other, and to create a community of professionals has been continually expressed by Revenue Assurance professionals. About six months later, a small group of people decided to turn these needs and concepts into a viable professional association. This association was dedicated exclusively to creating a Revenue Assurance community and solidifying the professionalization of the discipline.
GRAPA
11
Professionalization the Need and the Price

Upon researching the concepts and requirements, several things became clear at the outset. First and foremost was a strikingly simple fact. The definition of professional and the advocacy of professionalization have one core requirement; there needs to be an association, a body, or a group that defines and bestows professional status upon its members. In other words, the first step in the process of professionalizing the Revenue Assurance business is the creation of an association whose mission it is to attain that objective. And so, the Global Revenue Assurance Professionals Association was borne. Some may ask, why choose this method to pursue professionalization? Surely there must be an easier and more convenient way to do this. Clearly, the decision to form an entirely new, unfunded and unsponsored association was a difficult one, but the decision was made, addressing the needs of autonomy and consensus.
The Need for Autonomy

Uppermost in our minds from the onset was that the association would have to function with a great deal of autonomy if it was going to deliver real value and integrity to its membership. Specifically, the association must be answerable and owe nothing to anyone except the membership itself if it is to accomplish its objective. There are many organizations, companies and institutions that would be willing to, and have offered to sponsor GRAPA, but these offers have been categorically rejected. The reasons are simple. If the GRAPA organization were to take significant funding from outside organizations, GRAPA would by definition stop being independent and would have to respond to the demands of the sponsors. For example, if a major Revenue Assurance software company or a major Telecommunications equipment vendor were to significantly bankroll GRAPA, then the mission, focus and direction of GRAPA would be required to meet the demands and needs of those sponsoring organizations, and not those of the membership. We believe that, if GRAPA is to be successful, then the integrity of the organization and of its statements and activities must be completely above reproach.
The Need for Consensus

The second and equally critical founding principle behind was to have as close to an industry-wide consensus as possible if GRAPAs role is to have long term value. It is tempting to take short cuts, developing an association and direction for the Revenue Assurance profession that caters to the needs and demands of a select sub-segment of the Telecommunications industry, instead of working hard to get everyone involved. It is incredibly tempting to narrow the focus of GRAPA activities to the large, high volume, well financed Telcos. The employees at those companies have higher incomes. The companies have larger budgets, and it would be easy to attract lucrative funding and quick success by catering to this groups specific needs. However, while tempting, this specific focus might alienate the much larger population of telecommunications professionals in the process. Defining the association to cater to the more privileged individuals would deprive the membership of insight into the exciting, dynamic and innovative breakthroughs in Revenue Assurance practices that the smaller, less financed, more challenged professionals have to offer.
GRAPA
12
It was decided that, in order to target as large a population of professionals as possible, the criteria for membership and for participation had to be geared towards the entire spectrum of carriers, geographies and situations.
Key gRaPa facts

Since its inception in 2007, the GRAPA organization has experienced rapid growth on all fronts.
GRAPA Key Statistics

1. 2. 3. 4. 5. 6. 7.
Total membership: Over 1800 Proportion of members who work for carriers in Revenue Assurance and Internal Audit capacity: 75% Average number of GRAPA members per carrier: 2.5 Continent with the most GRAPA members: Africa Continent with the least GRAPA members: Northern Asia (China, Korea, Japan) Countries with the most GRAPA members: India, Nigeria, South Africa Participants in GRAPA Benchmarks in 2008: over 300
GRAPA
13
GRAPA Countries
Afghanistan Albania Algeria Angola Anguilla Argentina Armenia Aruba Australia Austria Azerbaijan Bahrain Bangladesh Barbados Belgium Belize Benin Bolivia Bosnia and Herzegovina Botswana Brazil Brunei Darussalam Bulgaria Burkina Faso Cambodia Cameroon Canada Cayman Islands Central African Republic Chad Chile China Colombia Congo Costa Rica Cote dIvoire Croatia Czech Republic Democratic Republic of Congo Denmark Dominican Republic Ecuador Egypt El Salvador Estonia Fiji France Gabon Georgia
Germany Ghana Great Britain Greece Grenada Guatemala Haiti Honduras Hong Kong Hungary India Indonesia Iran Iraq Ireland Israel Italy Jamaica Japan Jordan Kenya Kuwait Latvia Lebanon Lesotho Libya Lithuania Luxembourg Macedonia Madagascar Malawi Malaysia Maldives Malta Mauritius Mexico Mongolia Morocco Mozambique Namibia Netherlands Netherlands Antilles New Zealand Niger Nigeria Norway Oman Pakistan Palau Palestinian Territory
Panama Paraguay Peru Philippines Poland Portugal Puerto Rico Qatar Romania Russia Rwanda Saint Lucia Saudi Arabia Senegal Serbia and Montenegro Sierra Leone Singapore Slovakia Slovenia South Africa Spain Sri Lanka Sudan Suriname Swaziland Sweden Switzerland Syria Taiwan Tanzania Thailand Togo Tonga Trinidad and Tobago Tunisia Turkey Uganda Ukraine United Arab Emirates United Kingdom USA Uzbekistan Venezuela Vietnam Yemen Zambia Zimbabwe
GRAPA
14
Members' Regions
GRAPA members can bet found in every region of the world. Our greatest membership numbers are currently in Africa and Southern Asia, but we are gaining quick acceptance and growth in the South American, European and Northern Asia markets as well.
1.79% (3) 7.74% (13) Asia Africa Middle East W. Europe E. Europe N. America Latin America S. Pacific
.
5.36% (9) 4.76% (8) 3.57% (6) 32.14% (54)
11.31% (19)
Members' Lines of Business
33.33% (56)
GRAPA members work with all of the major lines of business in telecommunications today: Wireless (GSM and CDMA), Wireline, DSL, Cable, Satellite, Long Distance, Roaming, WiFi, WiMax and many other technologies. As you can see by this graph, GRAPA members provide a highly representative coverage of each of these "lines of business".
GSM CDMA Wireline WiFi WiMax Cable Broadband DSL Satellite Content Other: Frame Relay VAS Wireless 3G
10
20
30
40
50
60
GRAPA
15
Members' Subscriber Base

GRAPA members work for companies of broad range of sizes. We have members who provide revenue assurance support for telcos having less than 100,000 customers and we have others with a customer base greater than 10 Million. GRAPA membership represents a good mix of carriers of every size and composition.
14.29%
1 to 300,000 300,001 to 600,000 600,000 to 1,000,000 1,000,001 to 2,000,000 2,000,001 to 3,000,000 3,000,001 to 5,000,000 5,000,001 to 10,000,000 More than 10,000,000
27.38% 7.14%
7.14%
12.50%
14.88% 7.74% 8.93%
the Grapa orGanization

Based upon the two key principles of autonomy and global consensus, the GRAPA organization was formed. The current organization is made up of a small number of paid clerical staff that creates the environment within which members can function. The basic structure of GRAPA includes the following: 1. Committees The key operational unit of the GRAPA organization is the committee. A committee consists of a number of members (Revenue Assurance professionals) who volunteer to participate in the accomplishment of different projects. Any GRAPA member can form a committee, which the GRAPA clerical staff supports with ads, benchmark surveys, website presence and other promotion. Training and Certification Organization The only source of income for GRAPA is the training that is provided through the Revenue Assurance Academy and the certification of professionals that this training generates. Since GRAPA does not accept sponsorship (due to the need for autonomy) and chooses not to demand membership fees (due to the desire to attain maximum participation by as many professionals as possible) it is critical that there be some way for activities to be funded.
2.
GRAPA
16
(The rationale for this is simple. If GRAPA is developing the standards, body of knowledge and professionalization that people really want and need, then they should be willing to pay for it. In fact, if they are not willing to pay for it, then that actually proves that the material being developed is offering no real value to the constituency. The success of the Revenue Assurance academy, and the certification program is, in fact, a very powerful and crystal clear litmus test for the effectiveness of the association and the work that it performs. If what the association creates is relevant, adds value to peoples careers and makes sense to managers, then the classes and certification will be filled. If not, then the association is clearly failing.)
The GRAPA Staff

The GRAPA staff consists of the following teams: 1. 2. 3. 4. 5. Marketing - Responsible for websites, benchmark surveys, questionnaires, announcements, newsletters, forum, and blogs. Membership Development - Responsible for recruiting committee chairs, formation and execution of committee work, conducting benchmarks, surveys, town hall meetings, webinars, and supporting committee activities. Membership Managers - Responsible for maintaining contact and relationships with members. Membership Managers are geographically based around the world in order to better serve their specific geographies. Certification and Training - Responsible for scheduling, logistics and support for all training activities and for administration of the certification program. Administration - Finances, administration and H/R.
These small teams provide support to the different committees and members in the accomplishment of their objectives.
GRAPA Initiatives in 2008

Since its inception, GRAPA has experimented with a number of different activities and initiatives. While some have been extremely successful, others have been less effective. As time goes on, however, we continue to improve in our approach and effectiveness. Some of the more successful activities of 2008 included:
GRAPA Standards Committee

By far the single biggest success, and the more critical aspect of activities in 2008 was the completion of the primary mission of GRAPA, the development and publication of our first official standards document. This document summarizes the work of the many different committees that participated, and forms the foundation for the continued efforts of the GRAPA organization.
GRAPA Fraud Contest

In our continued commitment to the creation of a community of professionals, we conducted our first ever GRAPA Fraud Contest. This contest encouraged members around the world to submit their most interesting fraud cases in order to enhance the GRAPA fraud practices library. The contest saw participation by dozens of members. An esteemed panel of GRAPA Fraud Specialists judged the cases and awarded prizes, such as iPods and PDAs to the winners.
GRAPA Certification Committee

Over the past year, several GRAPA certification committees have applied their knowledge and insight to help develop a certification that will most effectively support our membership. With the ratification of the standards, GRAPA will be launching the first version of the certification program based upon these inputs.
GRAPA
17
GRAPA Benchmarks
One of the more prominent and useful of the GRAPA activities in 2008 was the GRAPA benchmarks, which consisted of a number of different questionnaires. These were designed to help the GRAPA organization and members to understand current Revenue Assurance practices around the world. The rules for GRAPA benchmarks are simple. If you participate in the benchmark, you get to see the results. Over 300 members participated in our benchmarks in 2008 and several dozen are planned for 2009.
GRAPA Town Hall Meetings

One of the most exciting and successful activities that GRAPA initiated in 2008 were Town Hall Meetings, which are online, real-time webinars. These meetings provide a forum that enables GRAPA members to share ideas and insights with each other. A series of four standards-based town hall meetings were held in locations around the world, including Africa, Asia, Europe and the USA. More Town Halls are planned for 2009.
The Revenue Assurance Academy

No mention of the activities of GRAPA would be complete without giving credit to the Revenue Assurance Academy team for the amazing job they did in 2008. With only a few months of preparation, and no notable experience, the Revenue Assurance Academy was able to offer dozens of training classes in cities around the world, providing high quality training at affordable prices to GRAPA members.
GRAPA in 2009
2009 will see a number of improvements and re-commitment to many things that worked well in 2008. More importantly, we will continue with our innovation by providing a number of new activities.
GRAPA Standards 2009

By far the biggest single event and most important GRAPA activity in 2009 will be the publication and promotion of our standards. The formalization and ratification of these standards and their promotion around the world signals the maturation of Revenue Assurance, as a professional activity, and GRAPA as the agent of that professionalization.

2009 will see a recommitment of GRAPA to the Town Hall meeting venue. Although there were some challenges and false starts in 2008, we are sure that our more experienced team members will be able to make Town Halls a primary component of GRAPA member activity in 2009.
GRAPA Certification
Simultaneous with the release and promotion of the GRAPA ratified standards will be the launching of the GRAPA Certification Program. This program was designed to assist Revenue Assurance professionals in establishing clear goals and objectives for their career paths. It is designed foremost to accomplish the primary objective of GRAPA, which is the professionalization of the industry. GRAPA certification includes requirements for members in the areas of training, testing and real world experience. GRAPA will be assembling a support staff to support this certification effort.
GRAPA
18
For more information about the GRAPA certification program, see the GRAPA website at www.grapatel.com/A-GRAPA/02Certification/Certification.asp
Revenue Assurance Academy for 2009

Based upon the success of the Revenue Assurance Academy in 2009, GRAPA will see a recommitment and expansion of venues and course offerings. The Revenue Assurance Academy is a training organization that offers classes to professionals through a number of different venues including: a. b. c. On-site training at corporate locations Venue-based training at independent training sites and hotels around the world, including Johannesburg, Miami, Chicago, Dubai, Madrid, Cairo, Lagos, Nairobi, Kuala Lumpur and others. Web-based training classes
This same organization administers the GRAPA certification program, a program designed to assist Revenue Assurance professionals in defining a career path and attaining the training and experience necessary to accomplish those objectives. For more information about GRAPA training see the Revenue Assurance Academy website at: www.ra-academy.org 2009 expansion will include: 1. Alignment of the curriculum with the GRAPA Standards, specifically, the principles, practices and body of knowledge requirements. It is the commitment of the Revenue Assurance Academy to enable members to attain the knowledge, skills and experience they need to accomplish their certification objectives. A more conservative caldendar The Revenue Assurance Academy will be offering more venues in 2009, and will be announcing tentative dates well in advance (12 months). This calendar was assembled to help as many members as possible reach certification in less than 1 year (if possible). Expansion of curriculum a number of GRAPA members have been recruited to write much of the training required by the new expanded body of knowledge requirements. Expansion of faculty The Revenue Assurance Academy is planning on adding a number of instructors to the staff in 2009 in alignment with the new curriculum and certification requirements.
2.
3. 4.
New Committees
In addition to the already exciting work being done by existing committees, several new committees are being formed. Included will be committees to address: 1. Credentialization - Determining which major certification / industry standards bodies GRAPA should align with. GRAPA is already engaged in the study and consideration of membership in the TIA, working with the ITU at the national level, NOCA and several others. 2. Spanish, Arabic and French Language Development - GRAPA understands the importance of the accessibility of information and training in a language that is comfortable for the member to undertand. For that reason, we will be launching several major initiatives to deploy the standards, Townhalls, training and other GRAPA materials in French, Spanish and Arabic.
GRAPA
19
GRAPA Cyber Conferences

To help stimulate activities in certain key areas, we will be initiating a new GRAPA Cyber Conferences program. This program will allow members to participate in a number of topics, discussions, benchmarks and other events leveraging our townhall approach, in addition to a network of BLOGS, Linkedin and Facebook groups. Look forward to a lot of discussion, engagement and exchange of ideas in 2009.
GRAPA Job Site

GRAPA has begun hosting a FREE JOB POSTINGS section on the GRAPA site. This site allows anyone interested in hiring a Revenue Assurance professional to post job information that GRAPA members can review. People who post information will be contacted directly by candidates (at no charge). Access to the postings will be made available to GRAPA members only (also at no charge). .
the futuRe of gRaPa and Revenue assuRance

While the battle is far from won, it is clear that the Global Revenue Assurance Professionals Association has made great strides forward as an organization and for the benefit of Revenue Assurance professionals around the world. The commitment of the organization is to continually increase our efforts to improve effectiveness, penetration and influence in the coming years.
GRAPA
20
C h a p t e r 3 - T h e G R A PA B e n c h m a r k s
Chapter 3 the Grapa benChMarks: the state oF the revenue assuranCe proFession today
What exactly is the status of the Revenue Assurance profession today? How extensive is it? How is it practiced? Who is doing the job? How does it vary from one location to the next? These are just a few of the questions that the GRAPA organization has set out to answer through execution of a number of different benchmark surveys?
GRAPA Benchmarks: Background

Development and execution of benchmark surveys is one of the cornerstones of the efforts of the GRAPA organization. It helps people involved in the industry to understand the state of the profession across the many varied geographies, technologies and operational environments that make up the Telecommunications industry. In 2008, GRAPA conducted more than twenty different benchmarks covering a number of different topics. The largest (with the most responses) were the GRAPA General Revenue Assurance Practices and Revenue Assurance Team Member Profiles. The General Practices surveys asked GRAPA members basic questions about: 1. 2. 3. 4. 5. 6. The size of their departments Positioning of their departments within their organizations Budgets and plans for expansion Scope Mission Basic Organization
The Revenue Assurance Team Member Profiles attempted to help us understand: 1. 2. 3. The background and skills of existing Revenue Assurance team members The basic professional training and level of experience of a typical Revenue Assurance professional A general understanding of career paths and plans of these professionals
In total, over 200 people participated in these benchmarks, providing solid information about the state of the profession for those individuals. The relatively small size of the benchmark compared to GRAPA membership is primarily due to the fact that GRAPA membership was approximately 300 at the beginning of 2008, but grew to a staggering 1700 by the end of the year. As a result, the number of participants represents approximately 25 to 35% of the membership at the time the surveys were conducted.
Copyright 2009 Rob Mattison GRAPA 21
obseRvations about the volatility of the benchMaRKs

One of the most interesting and challenging aspects of executing benchmarks of this type is the extremely high volatility that we have discovered in the rate at which Telco organizations shift resources, priorities, and missions for the Revenue Assurance teams. In fact, this very volatility is perhaps much more definitive of the nature of the practice of Revenue Assurance than any specific answers we might garner. It is clear, from the survey results and the follow-ups conducted, that the typical Revenue Assurance areas in many Telcos in 2008 were subjected to several different types of volatility. 1. Radical shift in the perceived importance of the Revenue Assurance function. The Revenue Assurance team often finds itself the focus of high expectations and top management attention for short stretches of time, followed by periods of management apathy and lack of concern. This shift from critical to laissez-faire appeared to happen more than once in a given year. In other words, one of the characteristics of Revenue Assurance would appear to be that it moves into and out of the spotlight based on a number of different factors. Incredibly rapid expansion in scope. 2008 saw an incredible explosion in the headcount allocated by top management to the Revenue Assurance function, as well as an almost unbelievable push to add continually increasing scope to the responsibilities of the Revenue Assurance team. Benchmarks of only two years ago showed Revenue Assurance as almost exclusively relegated to the sacred switch to bill domain. Benchmarks in 2008 showed Revenue Assurance departments assuming responsibilities for areas that were formerly, or traditionally, considered to be the responsibility of Internal Audit, Network Operations, Product Development, and Marketing. This dizzying increase and redefinition of the scope of Revenue Assurance has by far been the biggest single challenge in the development of Revenue Assurance standards.
2.
Some of the volatility that we discovered in these surveys is attributable to the high percentage of African, Middle Eastern and South Asian members in GRAPA. These markets are currently undergoing some significant volatility at the highest level. It is important to note that even the more stable European and North and South American carriers had their fair share of this type of volatility, although it was not quite as severe. Equally important is the fact that these markets are quickly overtaking the European and American markets as the thought leaders and trendsetters in the industry. As the shift of emphasis and innovation moves from the old school European and American carriers to the new leading African, Asian and Middle Eastern operators, the importance of these markets and their behaviors will continue to increase.
Benchmark Respondents General RA Practices and Personnel Characteristics Background

The Revenue Assurance General Practices and Personnel benchmarks were completed by 168 participants. More than 50% of the people responding to these benchmarks were from African, Southeast Asian or Middle Eastern Carriers.
GRAPA
22
Line of Business of Respondents

The members responding to the survey were from many lines of business, the largest segments being GSM and Wireline.
GSM CDMA Wireline WiFi WiMax Cable Broadband DSL Satellite Content Other: Frame Relay VAS Wireless 3G
10
20
30
40
50
60
Background of Typical Revenue Assurance Professionals

Many interesting insights were revealed by the benchmarks, and one of the most interesting was related to the background of typical Revenue Assurance professionals. Indeed, understanding the education, experience and background of the typical Revenue Assurance professional can tell us a lot about the nature of those personnel.
1.79% 7.74% 5.36%
Asia Africa Middle East W. Europe E. Europe N. America Latin America S. Pacific
4.76% 3.57%
32.14%
11.31%
33.33%
GRAPA
23
Years of Experience (Employed in Telecommunications)

In general, people involved in Revenue Assurance have been working from three to ten years, meaning that the majority of Revenue Assurance professionals are in the mid-20s to mid-30s age group. The vast majority have been employed by Telecommunications companies for their entire career. The average years employed was 3.46 years. The average years in Revenue assurance was 2.02 years. This means is that most people have been in Revenue Assurance for two years or less, and the majority of them spent at least one year in some other role in the Telco before moving to Revenue Assurance.
Less than 1 year 1-2 years 3-10 years 11-20 years More than 20 years 0 50 100 150
Basic Background and Training

Quite interesting were the results when Revenue Assurance professionals were asked to identify their formal training and background. Most identified more than one discipline as their foundational skill set. Large numbers of people identified themselves as having Accounting, Operations or IT skills, with backgrounds in Billing, Mediation and Network each providing significant representation. It is interesting to note that over 20% of the respondents cited experience and training in Network Operations.
Accounting I/T Operations (Billing) Operations (Network) Operations (Mediation) Operations (Accounting /Finance) Other, specify: 0 20 40 60 80 100
GRAPA
24
The Other category yielded an amazing mix of skills including: Product Development Business Analyst Credit Management Data Warehouse / DBA / IT Security Officer Interconnect Operations Manager
Educational Background
The educational background of most Revenue Assurance professionals is higher than that of most typical Telecom employees. The vast majority of Revenue Assurance practitioners have a four-year college degree and almost half of them also have advanced degrees.
Trade School Some College Bachelors Degree (4 years) Masters Degree (2+ years of post graduate work) PHD (3+ years of post graduate work) 0 50 100
the PRactice of Revenue assuRance within the telco

Given the makeup of the typical Revenue Assurance team, the next series of questions focused on the way Revenue Assurance is practiced. This category of questions includes: 1. 2. Who does Revenue Assurance Work? What is the scope of Revenue Assurance in your organization?
Revenue Assurance Performed by Other Groups

Our first objective was to determine the groups who perform Revenue Assurance work, other than the Revenue Assurance team and Operational groups. We found that in almost all of the organizations one or more other groups are responsible for some Revenue Assurance functions.
GRAPA
25
The largest group is made up of the Internal Audit organizations, but Sarbanes-Oxley, Quality Management, and Risk Management groups are also well-represented.
Sarbannes-Oxley Internal Audit Risk Management Corporate Performance Mgmt Corporate Governance
p Business Process Re-engineering

Quality Assurance Process Quality Operational Management Groups
None
0
50
100
150
Self Assurance: Revenue Assurance Performed by Operational Departments Themselves

One of the most significant factors to consider in the definition of Revenue Assurance standards is the concept of selfassurance, that is, the conducting of Revenue Assurance by operational departments themselves. Our survey showed a clear commitment to this kind of coverage by many carriers. Somewhere between one third and one half of all respondents indicated that at least some level of Revenue Assurance responsibility was managed by the operational areas themselves. Of course, this delegation of responsibility to the operational groups does not speak to the quality or effectiveness of the effort.
Network Operations Mediation Postpaid Prepaid Roaming Interconnect Provisioning Sales Credit Collections 0 10 20 30 40 50 60 70
GRAPA
26
Where does Revenue Assurance Report?

In response to the question of where the current Revenue Assurance department reports, there was a clear prejudice towards Finance. Specifically the CFOs office was identified as the place where Revenue Assurance fits within the organization. The next most likely reporting structure was Other, which consisted mostly of different forms of Risk Management, reporting directly to the CEO.
15.48% 15.48%
3.57% CEO CIO CFO CTO Other:
4.17%
61.31%
Role and Positioning of Fraud Management

The question of where Fraud Management fits within the organization and whether it is legitimately a part of Revenue Assurance was also addressed by our survey. The results showed that the majority of Telcos position Fraud Management entirely or partially under Revenue Assurance. In situations where Fraud was not under Revenue Assurance, it was more often than not considered a partner organization under the Risk Management group.
Fraud Report to RA?
41.07% No No Partial Yes 50.00% Yes
8.93% Partial
Scope, Breadth and Depth of RA Participation

Probably the most interesting and difficult issue to track and report was the scope, depth and breadth of Revenue Assurance activity. The difficulty came, first, from the volatility of responsibilities mentioned earlier. Second, and more critically, was the lack of a set of standards that could be utilized to effectively poll people on what is being done, and how it is being done.
GRAPA
27
It is in this area, that the GRAPA Standards were seen as a more critical tool. Without a standardized way of dissecting and explaining the various aspects of the Revenue Assurance job, it is clearly impossible to assess the extent to which Revenue Assurance is actually being done. In general, the surveys showed that Revenue Assurance teams were involved in dozens of areas. Many of these areas appear to be quite inappropriate and out of scope for what we would traditionally consider to be the Revenue Assurance job. While the classical switch to bill job shows up, its importance continues to diminish as bigger risks to revenue are discovered, and as the reliance on the simplistic postpaid, voice and circuit-based business models give way to the exponentially more complex models of the twenty-first century. The scope of Revenue Assurance clearly includes the following areas in many Telcos around the world. Any attempt to define a set of criteria for measuring the actual penetration and assignment of responsibility to Revenue Assurance for these areas is greatly confused by: 1. 2. 3. 4. 5. The shared nature of Revenue Assurance responsibilities The almost random practice of self-assurance by different departments The almost random acceptance of Revenue Assurance type responsibilities by Internal Audit, SOX and other oversight groups The maturity, skills and adequacy of the Revenue Assurance teams themselves The size, profitability and nature of the Telco organization
However, taken as a whole, you will find Revenue Assurance departments responsible for the revenue and operational integrity aspects of every single line of business with which Telcos are involved. This is along the entire depth and breadth of the Revenue Management streams from Network Operations, Switch Utilization, Network Investment Assurance, Network Outage Assurance, Marketing, Churn, Sales Channel Security and Assurance, Credit, Collections, Product Development, Prepaid, Interconnect, Roaming, and dozens of other areas. The scope of Revenue Assurance in Telecommunications today is undeniably: 1. 2. 3. Extensive Inconsistently applied between Telcos Expanding in scope and importance.
For a comprehensive listing of the currently defined and approved body of knowledge considered to be in-scope for Revenue Assurance as of 1 January 2009, see the GRAPA Body of Knowledge Index in the Appendix of this book as well as the details of the Objectives (Levels of Assurance) section of the Standards.
GRAPA
28
Biggest Needs within Revenue Assurance

In response to what the biggest needs of the Revenue Assurance are, answers were surprisingly unanimous. The need for training and supplementing of Revenue Assurance team skills was cited as the most critical. Top priority, however, was for the establishment of standards and procedures, and for assistance in establishing the best way to fit Revenue Assurance into the overall Telco organization.
Training of personnel Standards and procedures Budget Systems selection System development Cooperation between groups Role within the overall organization Staffing Technical skills development New product development integration 0 50 100 150
The Future of Revenue Assurance 2009 Forecast

When respondents were asked to report on their best estimate of the future of Revenue Assurance within their organizations, the resounding answer was that rapid growth was anticipated. This was verified by smaller surveys conducted late in 2008, which showed that more than half of the organizations polled indicated that the size of the Revenue Assurance staff would be increased in 2009. This is despite the economic downturn of the second half of 2008.
Rapid Growth
Stay the Same
Shrinking
The Group will be disbanded
0 0
50
100
150
200
GRAPA
29
conclusions dRawn fRoM the benchMaRK data

There is always room for improvement in the discipline and precision that can be accomplished from benchmarks of this type. The GRAPA organization will be making improvements and repeating these benchmarks for 2009-2010. There are several unavoidable conclusions that provide us with a significant insight into how the Revenue Assurance profession can be most effectively positioned. These include the following:
Sliding Scale Application of Revenue Assurance

Any attempt to define standards for the practice of Revenue Assurance account for the incredible diversity in practices between carriers. It is not reasonable to assume that any two carriers should (or would) benefit from practicing Revenue Assurance the same way. Each Telco is unique and their needs and abilities to address Revenue Assurance issues will be defined as much by history and culture as by whatever standards GRAPA can define. This then is a key component if the standards are to be effective. They must allow for, and build this flexibility for interpretation into the structure.
Need to Define Boundaries between RA and Other Oversight / Assurance Groups

The benchmarks show us that Revenue Assurance departments function within complex and unique organizations where there are many overlapping oversight groups with responsibilities that may correspond or conflict with that of Revenue Assurance. The GRAPA Standards must clearly define exactly what the different responsibilities of a Revenue Assurance function are and provide practitioners with a way to understand, diagnose, differentiate, and negotiate boundaries with each of these groups. (The Disciplines section of the standards provides a framework for understanding what the different Revenue Assurance responsibilities are, and the Principles section offers a definition for how the Revenue Assurance team is to negotiate and establish operational boundaries with these overlapping groups.)
Need to define boundaries between RA and Operational Management

By far, the most difficult aspect of the definition of the Revenue Assurance job is determining how a Revenue Assurance group is supposed to exist in an organization where operational teams are also expected to assure themselves. Clearly, the definition of responsibility of a Revenue Assurance group to relieve Operational Managers of their responsibilities for operational integrity and protection of revenue streams would be disastrous. At the same time, ignoring the fact that Operational Managers can be aided in these responsibilities through the specialized skills and focus of a Revenue Assurance team cannot be ignored either. Proposing a method for the definition and negotiation of these boundaries is also defined in the Principles section of the standards.
GRAPA
30
The Need for Training and Certification

The other major need cited by Revenue Assurance managers is for better training, and the requirement to provide them with a method whereby personnel can be rated as to their skills and adequacy in the performance of Revenue Assurance tasks. It is for this reason that GRAPA has undertaken the establishment of the GRAPA Certification program. Of course, it will be impossible for GRAPA to provide certification until there is a clear set of standards, a good vocabulary, and an accepted body of knowledge upon which this training and certification can be based. It is in support of this goal that these standards are being solidified and published.
GRAPA
31
GRAPA
32
C h a p t e r 4 - G R A PA S t a n d a r d s A p p r o a c h a n d P r e r e q u i s i t e C o m p o n e n t s
Chapter 4 Grapa standards approaCh and prerequisite CoMponents (praCtiCes and body oF knowledGe)
Based on our best understanding of how Revenue Assurance is being practiced today, and given the clear mandate by the members of GRAPA regarding what their biggest needs and concerns are, the GRAPA organization set out to develop a set of standards that would: Meet the needs of Revenue Assurance professionals around the world Have enough legitimacy to make it acceptable to the majority of Revenue Assurance professionals Include enough value to make it attractive for CFOs, CEOs and other top managers to be motivated to align with the standards
The biggest needs and issues as determined by our benchmarks, town hall meetings and seminars are: 1. The need to define the fit of Revenue Assurance within the organization, especially in regards to top management, other assurance organizations (Internal Audit, Sarbanes Oxley etc), and the critical relationship with Operational Managers. In other words, determining the issues of responsibility and accountability. The need to define a mechanism for the organization of the Revenue Assurance job so that managers can train, staff, organize, measure, and assess the effectiveness of practitioners. The need to create a clear, consistent vocabulary and structure that can be applied to the majority of the vastly different implementations of Revenue Assurance across different geographies, technologies and cultural templates.
2. 3.
The structure employed to accomplish these objectives involved the definition of the standards themselves, along with related and supporting information and structures.
The Standards Environment

To create standards that are meaningful and productive there are several foundational elements that must be in place. These include: Body of Knowledge The body of knowledge defines the prerequisite knowledge that a Revenue Assurance practitioner must have. It defines the curriculum to which a person must adhere in order to perform the Revenue Assurance job with integrity. Practices The profession must have a set of guidelines for how things are done. Practices provide practitioners with information on what most Telcos typically do to assure various systems and situations. These are the practices that Revenue Assurance professionals follow. While many consulting organizations promote best practices, it is GRAPAs position that the most critical is not the definition of best but of standard practices. Indeed, without a definition of what the standard practices are,
GRAPA
33
the definition of best practice is problematic at best. GRAPA has prepared and will begin to build a comprehensive library of such practices as the next step in the standards and certification processes. Standards Standards are built on the foundation, and assumption of the existence of practices and body of knowledge. They describe the structure, operating principles and guidelines for the organization, along with the fit and execution of Revenue Assurance.
Standards
Body of Knowledge
Practices
The Standards Development and Ratification Process

Creating a technique for development of standards for the practice of Revenue Assurance was a time consuming and challenging project. The process needed to include many people, from multiple geographic locations, types of carriers, and levels of management. This had to be accomplished without delay and had to avoid becoming a tool for any specific special interest group or perspective. In addressing these challenges, GRAPA took a multi-leveled approach over a twelve-month period. The different legs of the standard development process included:
GRAPA Workshops
The GRAPA membership disseminates its knowledge, expertise and intentions through a variety of mechanisms. One of the most compelling and effective is GRAPA workshops. Workshops are combined training/problem solving sessions wherein GRAPA members meet to discuss their common problems, approaches and solutions. These sessions, offered through the GRAPA Revenue Assurance Academy, provide a compelling, in- depth and personal source of input and knowledge-sharing. More than twenty workshops were held around the world in 2008 in Asia, Europe, Africa, Middle East, North and South America. These workshops were each attended by at least fifteen participants and included Revenue Assurance Managers, CFOs, Internal Auditors, Revenue Assurance Practitioners, Management Consultants, Software Engineers, and IT personnel.
GRAPA
34
GRAPA Committees
GRAPA hosted a number of committees for the development of standards in 2007 and 2008. These committees were used for most of the advance work in the standards process, such as defining the basic parameters, guidelines, body of knowledge and framework. Committee members came from Management Consulting, Software and Revenue Assurance departments.
GRAPA Benchmark Surveys

The GRAPA online benchmark surveys collected a large body of basic information that was incorporated, and used in shaping the Body of Knowledge, Practices Library and Standards. These benchmarks will continue to be the foundational tool for assessing the acceptance and effectiveness of the GRAPA Standards, Practices, and Body of Knowledge specifications.

In 2008, GRAPA instituted the highly effective National and Regional Town Hall meetings process. It allows local experts, usually volunteers from local carriers, to conduct monthly online webinars where key topics are presented and discussed. The Town Hall meetings continue to expand as more users take part in the growing body of consensus-based expertise. A series of four Town Hall meetings covering each of the four major areas of the GRAPA Standards were held in countries around the world. Some of these were recorded and made available for public review. These town halls allowed for review of standards, the initiation of debate about standards, and holding ad hoc polls to assess their applicability and acceptance.
GRAPA Standards Ratification

Every three years, the currently proposed body of GRAPA Standards and Body of Knowledge specifications will be submitted for a formal ratification process. This ratification process provides the entire membership with a summary of what is contained within the standards, and allows everyone an opportunity to vote on those standards, approving or disallowing portions as they deem appropriate. The certification program specified here is based upon the standards and body of knowledge verified by the most recent GRAPA Standards ratification. The current ratification process is underway, with public notices being sent to the entire membership allowing them the opportunity to vote and accept the standards. The ratification voting process has yielded an incredible ninety-five percent acceptance of the standards as specified. Based on this mandate from the membership, we have chosen to formalize and promote the standards contained in this document.
develoPMent of the suPPoRting coMPonents

When the GRAPA organization accepted the challenge to develop the standards, there was a great deal of confusion and controversy about not only what should be included in the standards, but also what was required to develop Revenue Assurance as a profession. The structure presented here is the one we finally decided upon. The standards development process yielded information and knowledge that came to be labeled as either part of the GRAPA Body of Knowledge and/or the Practices Library. While not part of the actual standards, they are clearly a critical component to the overall framework that is being defined. We have summarized the basic nature and content of these two areas.
GRAPA
35
The Revenue Assurance Body of Knowledge

At the heart of any profession and at the core of any set of standards there must reside a clear, well-defined Body of Knowledge. The Body of Knowledge is a functional showcase for those involved in the profession and those working with these professionals. It should demonstrate the level of technical, operational and organizational information that true professionals should be expected to have at their disposal. While the body of knowledge is not actually a part of the standards, it is a foundational element for their creation. The GRAPA Body of Knowledge was developed in tandem with the Standards effort, but identified as separate from it. The GRAPA body of knowledge for Revenue Assurance is quite extensive and is made up of the following major components:
Domain Knowledge (Technical)

Domain knowledge defines technical areas that the Revenue Assurance professional must understand. Technical domain knowledge can best be summarized as having a clear understanding of the OSS (Network Operational Systems) and BSS (IT Systems) that support Telco operations. Domain knowledge includes a fundamental working knowledge of how things work in each area. This defines the foundational technical knowledge Revenue Assurance professionals must have before they can start doing their job. Complete domain knowledge must include a clear working knowledge of how the various technologies that support different telecommunications services work. Indeed, without a sound foundation in the technology, assurance is almost impossible. Inclusion of these technology areas into the definition of the required Revenue Assurance Body of Knowledge is sorely needed. The rationale for including sound technology domain knowledge as a prerequisite for effective Revenue Assurance activity is clear and pronounced. Without knowledge the Revenue Assurance professional must always guess, assume and blindly hope that interpretations and conclusions are correct. On the other hand, the naysayers in each of the technology areas (Network and IT) will claim that only an engineer with years of experience can understand what we do. While we have the utmost respect for the skill, experience and years of effort that IT and Network Engineers put into perfection of their craft, it is also true that: 1. 2. 3. There are many intelligent and indeed some brilliant people involved in the practice of Revenue Assurance. Debunking the mystery of Network and IT is clearly one of the first and most important jobs of the Revenue Assurance professional. Knowing enough about how things work in order to assure them is different than knowing enough to build and manage them.
Techniques and Practices Knowledge

Along with the need for a strong understanding of how technologies work and are utilized to deliver and bill for services, the Revenue Assurance professional must have access to and knowledge of the unique set of skills and techniques that make up the Revenue Assurance practice. The major boundaries and areas of expertise in the area are defined under the GRAPA Standards and Practices. These Practices include the execution of the different GRAPA Disciplines and techniques that practitioners utilize in the day to day execution of their duties.
GRAPA
36
Tools Knowledge
In addition to knowledge of domains and techniques, the practitioner must also be familiar with and conversant in the utilization of the wide variety of different systems, applications and other tools especially designed to aide in Revenue Assurance activities.
Line of Business Knowledge (Operational Domains)

Revenue Assurance practitioners are also required to understand the different operational environments. Operational knowledge includes an understanding of the laws and regulations, contracts and partnerships, market conditions and operational environments that support each line of business. Note: For an exhaustive index of these different body of knowledge domains, see the index in the appendix of this book.
GRAPA Practices
The GRAPA Practices Library defines the sum total of the best estimate of how different professionals perform the Revenue Assurance job. Practices are divided into the following major categories: 1. 2. 3. Standard Controls Inventory Diagnostic and Administrative Techniques KPIs and Measures
Standard Controls Inventory

The GRAPA Standard controls inventory defines the most commonly applied tests, checks and controls assigned to each area within the different domains that are managed by Revenue Assurance teams. The standards controls define the areas where controls are typically placed, and how they are typically managed and monitored. The GRAPA Standards define the different types of controls, along with what they are, how they work, etc. The Standard Control definitions specify how and where they are applied. There are currently nine standard controls for the assurance of a mediation system. These include CDR Transport, Mediation I/O, Filtration, Suspension Management, Error Management, Consolidation Operations, Business Rule Assurance, Change Control, and System Security. Each of these controls describes the basic operational and technical environments associated with the control. They also define the standard approach taken to ensure that a particular area does not experience a higher than normal loss or risk of loss. For example, the first area listed is CDR Transport Assurance. This is the process of assuring that all CDRs are successfully transported from the switch to the mediation system. The standard practice for implementation of this control is to utilize the Mediation System CDR Serial Number and TTFile Continuity reports. The standard application of this control is for Mediation Operations to check these reports each day, and to report any variance outside the normally defined range of losses (risk tolerance parameter) to the Revenue Assurance Forensics team for analysis and resolution.
GRAPA
37
The job of the Revenue Assurance professional is to take a look at the existing environment and determine: 1. 2. 3. 4. The exact level of risk of loss associated with each control The level of assurance that should be applied The tolerance for risk/loss that should be integrated into the environment. Note: We refer to steps 1, 2 and 3 as the Forensics process. That controls are implemented and enforced. This is referred to as the Compliance process.
The Standard Controls library forms the foundational reference for the Revenue Assurance professional. Note: The Practices library for GRAPA is currently found embedded in the GRAPA certified training courses. Work on a true reference library will be undertaken as the need arises.
Diagnostic and Administrative Techniques

The Diagnostic and Administrative Techniques portion of the GRAPA Practices library includes a large body of knowledge associated with the application of statistics, sampling, distribution analysis, and other tools for the quick, effective and cost effective evaluation of risk. Included are other techniques such as Revenue Mapping, Noise Analysis, and other approaches that help the Revenue Assurance manager to organize and optimize Revenue Assurance activities. Also included are techniques for organizing the Revenue Assurance group itself and for the different systems and activities involved.
KPIs and Measures

Included under Practices is the establishment of meaningful KPIs and other techniques for measuring the effectiveness of Revenue Assurance activities. It will become clear as you review the standards document that the issue of KPIs and Measures is coupled and inseparable from the areas of Objectives, Disciplines and Domains, which will be discussed in detail. Like the practices and techniques libraries, the current body of knowledge associated with KPIs and measures can be found in the GRAPA Forensics and Management training classes. In the next chapter we will focus on the overall structure of the GRAPA Standards themselves.
GRAPA
38
C h a p t e r 5 - G R A PA S t a n d a r d s : S t r u c t u r e
Chapter 5
gRaPa standaRds: stRuctuRe
One of the biggest challenges in the development of a set of standards is determining how to organize the material. Many people in the GRAPA organization had great ideas about what Revenue Assurance is, how it should be done, what works and what doesnt, in addition to what is important and what is not. If the standards are going to be effective they must be: 1. 2. 3. 4. Organized Clear Easy to understand Relevant
We believe that the standards specified here accomplish these objectives. When documenting standards of this nature, you need to determine how to separate each of the concepts, while simultaneously pointing out their interrelationship. The standards as specified here, when coupled with the practices and body of knowledge, present an amazingly clear and straightforward way to organize and professionalize the practice of Revenue Assurance. There is a risk, however, that the reader will examine some aspects of the standards and fail to see how they are appropriate. This reader may have missed how the other parts of the standards make them appropriate. Therefore, we ask the reader to review the standards in their entirety, before jumping to any conclusions about their adequacy or appropriateness. These standards are an interlocking set of foundation stones which, when utilized together, will deliver what we believe is a highly effective Revenue Assurance practice. The GRAPA Standards themselves have been organized into the following four major categories: 1. Disciplines and the Revenue Assurance Lifecycle Which define the four major Jobs in the Revenue Assurance domain (Forensics, Controls Management, Corrections Management, and Compliance) and the way they work together to assure revenue risk. The four core disciplines that make up the job of Revenue Assurance often surprise people when they first review them. But for most practitioners, the soundness of the approach quickly helps them to understand their jobs in new and more manageable ways. Not only does the definition and delineation of the Revenue Assurance Disciplines provide a badly needed organizational reference, it makes interdepartmental boundary setting, establishment of measures and KPIs, and the negotiation of responsibilities quite clear and straightforward.
GRAPA
39
2.
3.
4.
Domains Which provide the vocabulary and method for designating what is in and out of scope for Revenue Assurance activity. By far, one of the most confusing and difficult to manage aspects of the Revenue Assurance job is the continuous ebb and flow of responsibility and scope. Revenue assurance is, by definition, a fill-in job, a stopgap and supporting role to the major function of the Telco, which is the operational part. If Revenue Assurance is to be successful, it must have a method and a process for defining what it is doing, where it is doing it, and what it is expected to deliver as a result of that involvement. Domain management and definition is a foundational concept of the standards for this reason. Objectives (Levels) Which define what the purpose of the Revenue Assurance activities are to be in each area. By far the most controversial, interesting and exciting aspect of the practice of Revenue Assurance is the incredible diversity in the definition of exactly what the objective of that effort should be. Under GRAPA, we refer to the different objectives as levels of assurance. Assuring against current revenue losses, prevention of losses, anticipation of loss, and mediation of all losses in all of their forms comprises the second critical aspect of Revenue Assurance scope definition and control. Principles Which define the organizational and operational guidelines for establishing a Revenue Assurance group. The principles address the ethics of how Revenue Assurance should be practiced, as well as establishing the guidelines for how the Revenue Assurance practitioner is to relate to and work with top management, related assurance groups, and the Operational Managers they serve. It is our firm belief that, if Revenue Assurance is to graduate from the status of a part-time, ad hoc, short term solution to a profession, then establishing an ethical foundation and declaring clear and enforceable organizational boundaries is critically important.
Developing a comprehensive definition of revenue assurance, requires that we create a definitive summary of all of the different aspects embodied by these standards. The decision of whether to include this definition in the standards was a difficult one. In the final analysis, the statement of the definition of the Revenue Assurance discipline is by far our boldest statement. It leaves little room for doubt and confusion in peoples minds. The definition of Revenue Assurance as to the practice of the standards defined here is the keystone that holds the rest together and, as with all aspects, it is subject to legitimate query as well as less than legitimate name calling and nay saying by the people who consider this to be a topic for the water cooler rather than in the board room.
P r in c ip le s
D o m a in M a n a ge m e n t
D e fi n i t i o n Of R e v e nue A s s ura nc e
O b je c t iv e s ( L e v e ls o f A s s ura nc e )
D is c ip lin e s
As indicated by this diagram, the GRAPA Standards are organized into four major areas: Principles, Domain Management, Objectives (Levels of Assurance), and the Disciplines. Each of these is based upon and borrows from the others, and they are tied together through the definition of exactly what Revenue Assurance is, as defined by these standards.
GRAPA
40
Chapter 6 -The Revenue Assurance Lifecycle
Chapter 6
the Revenue assuRance lifecycle
In order to conduct an intelligent discussion about how to organize, manage and standardize the Revenue Assurance function, we need to first define is exactly what the Revenue Assurance job consists of.
what is not PaRt of Revenue assuRance

Most people will define the Revenue Assurance job with some generalized mumblings about revenue integrity, CDRs and other miscellaneous tidbits. In most cases, the definition of Revenue Assurance will be anecdotal and include tasks that are done as part of Revenue Assurance, or it will be a list of what the Revenue Assurance team does or checks. Trying to get the Human Resources department to develop a job description or a list of requirements for the job will be even more frustrating and confusing. This lack of a clear definition of the job, the skills and the boundaries of the operations is no surprise, and is precisely the reason that a set of standards is so badly needed.
Developing a Non-Anecdotal Definition of Revenue Assurance

There are actually many dimensions to the Revenue Assurance job, and many different perspectives to utilize for organizing and executing it. In the final analysis, Revenue Assurance is not a discipline that can be summarized in a few cute sound bites. In our effort to build a comprehensive definition and description of Revenue Assurance, we begin with a purely functional definition.
A Functional Description of Revenue Assurance

From the GRAPA perspective, the functional definition of Revenue Assurance covers not where or how practitioners are conducting Revenue Assurance, but what they are doing. After more than 15 months of interviews, meetings and discussions with dozens of Revenue Assurance professionals, we were finally able to come up with a simple list of tasks that everyone agreed includes the majority of what Revenue Assurance people do. Not only were we able to crystallize and simplify the many disparate anecdotal testimonies, lists of tasks, and different operational perspectives into a simple framework, but we were then able to map them back to the source and verify that we had captured the heart of the Revenue Assurance function.
GRAPA
41
Note: Who Does What?

Before providing the reader with the list of these disciplines it is critical that we note that we identify these jobs as being part of the Revenue Assurance process. We are not saying that these jobs must be done by officially recognized Revenue Assurance professionals. As we have stated earlier, and what we will review in much greater detail in later chapters, the question of who does what job? is different than the question of what needs to be done to assure revenues? The disciplines illustrated here describe what needs to be done. The organization and top management must determine who does what job.
the fouR disciPlines

The four disciplines to which everyone finally agreed are: 1. Forensics The process of investigating root causes for revenue loss problems (actual and potential), the diagnosis of those problems, and the development of recommended remedies to the many different exposures. One of the major outputs of forensics is the coverage plan, which describes the controls and corrections recommended to attain the level of risk containment set by management. Controls Management The process of creating and utilizing controls in order to assure management that revenue risk exposures are being monitored and responded to in an appropriate and timely manner. Corrections Management The process of recommending that changes be made to policies, procedures, systems, or operations and then assuring management that those corrections have been implemented. Compliance Management The process of collecting key information from each of the other three areas of Revenue Assurance operations (Forensics, Controls and Corrections) and reporting to management, in summary form and in detail in those areas where it is requested. Reporting includes a) the current revenue risk exposure of the firm, b) where the risks are greater or lesser, and c) assuring management that all critical risk areas are under an appropriate level of vigilance.
2. 3. 4.
Appropriateness and Fit of These Disciplines to Actual Practice

At first glance, many Revenue Assurance professionals had difficulty coming to understand what each of these four disciplines really involves. After they understood it, they usually needed to take time to reconsider the way they had been approaching it, and then setting up the practice of Revenue Assurance in their own organization. This is followed by some mental reorganization in order to see if the disciplines made sense as presented. Without exception, once presented with the rationale and given some time to process the structure, Revenue Assurance managers and practitioners agreed that these are the four things they do when they perform Revenue Assurance.
Benefits of Agreeing Upon This Standardized Framework

So we have now established that Revenue Assurance boils down to the practice of four jobs: Forensic Analysis, Controls Management, Corrections Management, and Compliance. How does that help us?
1. Developing Expertise and Systematic Approaches and Tools

One of the first and biggest benefits of the development of an agreement upon these disciplines is that it makes it possible to develop a specific body of knowledge and pool of expertise that is based on the skills themselves, rather than on the subject area or domain under review.
GRAPA
42
In other words, understanding forensic analysis of a postpaid billing system is a valuable skill, but understanding the principles of forensic investigation is much more valuable. If you understand the discipline behind how to organize and execute a forensic analysis, you can apply it to any domain or subject area. Conversely, if you understand only how to investigate a particular brand of billing system, you are lost as soon as your domain changes.
2. Economy of Scale
Accompanying the development of these disciplines is the ability to greatly increase the effectiveness of individuals and teams by enabling them to scale their knowledge and make themselves more effective in more domains in less time. It is in this area of economy of scale of skills that Telco organizations face the biggest challenge. It is easy to assure a particular system or domain in telecommunications if you are an operational and technical expert in that domain. But if you are not an expert, you are severely limited. The development of these disciplines and the science that goes with them will greatly change this factor.
3. Ability to Organize
Ask Revenue Assurance managers what their biggest constraint is, and they will tell you that it is people. Having the people with the vast knowledge required for the many different Revenue Assurance jobs is a huge challenge. Consequently, most Revenue Assurance teams are organized by domain. A network specialist assures all network issues. A billing specialist assures billing issues. The problem of course is that few organizations can afford to hire enough specialists to cover all of the areas. A more effective approach is to re-think the way you organize your teams. Organizing teams by discipline (forensics, controls, corrections, compliance) instead of by domain opens some exciting possibilities for getting a more effective organization of a Revenue Assurance team (and for attracting and training specialists to fill out the coverage requirements).
4. Standard Vocabulary Across Organizations and Functional Areas

Until you have a standard vocabulary for describing the different jobs that people do within the Revenue Assurance domain, it is impossible to compare personnel, share best practices, leverage experience and knowledge, and gain significant return on investment for the Revenue Assurance activity. Standardization of the terms utilized to describe the different functional areas, and the list of disciplines within each of them, can only benefit everyone in the industry.
5. Ability to Measure and Control

Finally, and most importantly, it is impossible to measure and control what you do not understand. The current world of Revenue Assurance key performance indicators (KPIs) and operational measures is a maddening assortment of ratios, numbers and tracking reports that mean virtually nothing to top management, but that totally dominate the time of hundreds of Revenue Assurance professionals. The functional disciplines described here offer a powerful template for understanding what the Revenue Assurance team is supposed to be doing, and then provides the means to effectively measure and direct those activities where management wants them to go.
GRAPA
43
What Has Been Missed

As is true with all aspects of the Telecommunications industry, things are changing every day. It is not only possible, but probable, that our current comprehensive taxonomy of Revenue Assurance disciplines will be proven to be lacking in one or more areas. This is to be expected. The purpose of the GRAPA organization, and of these standards, is to provide a format and a forum for the open discussion and modification of these standards. This leads to the organized and hopefully painless integration of innovations into the model on a regular basis. We not only encourage, we plead with the membership, to review these standards with the utmost in scrutiny, and to participate in their improvement over time. Note: At this time, we repeat, that the definition of these functions and the illustration of the Revenue Assurance Lifecycle is not a statement about who should do what job, how to organize a department or any other operational or political issues. We reserve those discussions for the section of the standards based on the principles of Revenue Assurance, and specifically the Operational and Organizational principles.
the Revenue assuRance lifecycle

Before delving into the detail of what exactly is involved, we will first show how the four disciplines can be organized and fit together into a comprehensive Revenue Assurance lifecycle.
Phase I Forensic Analysis

When looked at as a whole, we can see that Revenue Assurance must always start with forensics. Indeed, how can you have a Revenue Assurance directed correction without a forensic analysis to tell you what correction should be made? In the same manner, how can you initiate and run a control, if no one has done a forensic analysis to determine exactly what the risk in the given area is, and what the appropriate control should be? And of course, how can you report on how well the organization is complying with the Revenue Assurance containment program without Forensic Analysis to define that environment?
GRAPA
44
RA Lifecycle Phase I
Forensic Analysis
Management Internal Audit Customer Complaints Internal Incidents External Incidents Operational Monitoring
Cases
Domains
F o r e n s i c s
Forensic Findings Report

1. 2. 3. 4. Quantification (Revenue At Risk) Alternative Solutions Development Rationalization of Remedies Recommendations to Management
Management
While this may seem obvious and trivial when presented in this manner, it is amazing how many Revenue Assurance problems occur because people did not understand this basic fact. A staggering number of organizations have attempted to implement Revenue Assurance systems at the cost of hundreds of thousands and often millions of dollars, without doing a basic forensic analysis beforehand! Unbelievable, but true in more cases than you might imagine. People go through the incredible trouble and expense of installing a Revenue Assurance system, basically a system designed to automate and report on controls. They then discover that the area being monitored is not losing any revenue, or is losing much less than the cost of the system implemented to manage the control! Nothing could be more obvious, or more critical. You must perform a disciplined, rationalized analysis of an area before you can decide what the appropriate level of assurance needs to be. Some examples can help illustrate this point. Take a mediation system for example. Following are two organizations with the same number of customers, same revenue and same type of traffic, but with very different mediation environments. 1. Carrier one has a one-year old, commercial off-the-shelf mediation system. There is a team of four experienced personnel in charge of operations in that area, and all major mediation controls are already reported by the existing mediation system daily reports that the mediation operations team checks anyway for operational control reasons. Carrier two has an eight-year old system written by a company that is no longer in business. There is only one person, assigned part-time to the operational control of that system. That person runs none of the standard reports, and does not know what they mean.
2.
Clearly, the decision for setting up the appropriate controls for these two environments is quite different and only an in-depth, disciplined analysis can be counted on to recommend the appropriate coverage plan.
GRAPA
45
Real World Practices in Forensics

In reality, the vast majority of Revenue Assurance professionals perform a forensic analysis of one kind or another in most situations that they encounter. What is missing is a formal definition of the discipline. The formal definition will bring about a great improvement in the confidence that management can take from the conclusions drawn by the Revenue Assurance team.
The Findings Report

The output of the forensics process, in most cases, will be a Findings Report. The findings report lets everyone know exactly what was reviewed, how it was reviewed, and the conclusions drawn by the Forensic Analyst. The key components of a findings report include: 1. 2. A Summarization of the Situation Details about the case or domain that is the subject of the analysis A Revenue At Risk Report The revenue at risk (RAR) report lets management know the Forensic Analysts best estimate of how much revenue the company can expect to lose over the next twelve months if nothing is done to remedy the risk exposure. Revenue at risk numbers are a well defined forecast of loss. The RAR number is the first and one of the most critical of the Forensic Process KPIs. Alternatives The second objective of the Forensic Analyst is to review the revenue at risk and to consider the different approaches available for addressing that risk. Alternatives can include: a. Do nothing b. Change Operations c. Initiate a report d. Initiate a regularly scheduled audit e. Any number of others It is typically good practice to provide management with several different options, so that the decision about what needs to be done can be based upon the best alternative. Rationalization Once the most reasonable alternatives have been identified, the next thing that the Forensic Analyst must do is develop a rationalization (a clear cost/return and risk/return ratio) for each. It is fundamental to the practice of Revenue Assurance that all alternatives undergo a rationalization scrutiny Recommendation Management will typically count on the Revenue Assurance team to provide options, along with an opinion regarding which alternative appears to be the best, and why.
3.
4.
5.
How formal or informal is this process?

The process described here is illustrated in a manner that helps the reader understand the dynamics involved and the due diligence that should be associated with each step. This description is not intended to be a formula for the rigorous application of the methods in practice. Each organization will develop its own style for collecting forensic requirements, performing analysis and documenting results. The execution of a totally informal, undocumented forensic analysis is quite common and perfectly acceptable, as long as the practitioner has done all of the necessary steps. It is assumed that, with experience, the professional can use shortcuts for many steps. In cases where there is a trusting relationship with management and operational managers, an informal execution is common.
GRAPA
46
Phase II Implementation of Corrections and Controls

The next step in the Revenue Assurance lifecycle is for someone from management to make a decision about which controls and/or corrections to implement. It is fundamental to the organization of the standards for the practice of Revenue Assurance that we clearly define and segregate the responsibilities for different aspects of this process.
RA Lifecycle Phase II
Implementation of Corrections and Controls
F o r e n s i c s
Correction Management Directive

Forensic Findings Report 1. Perception of Risk 2. Appetite for risk 3. Risk Profile 4. Priorities 5. Budget 6. Organizational and Operational Constraints to policy, procedure or systems
Controls Implementation creation of

reports, measures or procedures to monitor risk of loss or actual loss
While it is clearly the job of the Forensic Analyst to investigate root causes, diagnose the situation and offer alternatives, it is equally clear that the decision about which one to implement should not normally fall within the Revenue Assurance organization. There are several reasons for this. 1. First, if Revenue Assurance recommends a change in policy, procedure, IT systems, or the operational environment, then the consequences of such a decision go far beyond the narrow Revenue Assurance consequences. Decisions to implement corrections clearly require top management and operational management approval before they can even be considered. In the case of the decision to implement a control, the same rules apply, only not quite as strongly. Appropriate, required controls are typically assigned to the operational team to implement and monitor. This is certainly the case under SarbanesOxley guidelines, as well as GAAP, IFRS and other standards groups. There are very good reasons for this. There are few, if any, Revenue Assurance controls that do not fall under the definition of standard controls that operational groups should be checking. If the Revenue Assurance controls that are recommended reveal that there are problems with the way the operational system is running, then the most sensible approach is for the operational area management team to take responsibility.
2.
3.
There are several exceptions to this conclusion however. 1. 2. Sometimes the operational team is not capable of running and interpreting the controls. They are either understaffed or unstaffed. This means that, if someone else does not implement the control, it will simply not be run at all. It has occurred on some occasions that an operational team was less than thorough in implementing controls, because those controls made it look as thought its operations were not being run well. In most cases this is true.
GRAPA
47
3.
Because of these exceptions, the decision about the implementation of controls, like those regarding corrections, must usually be brought before top management and the operational management team for a final decision about how, where and when the corrections and controls will be implemented.
Who Decides About Corrections and Controls?

This brings us to our second area of controversy regarding implementation of Revenue Assurance. Who decides when and where to do the corrections and controls? As in the previous case, in real world practice, management may often decide to trust the Revenue Assurance team with a certain level of decision-making in this regard. What is critical, from a standards perspective, is that all understand the following: a. b. c. The structure and lifecycle The major decision points and why they are implemented the way they are The reasons for this separation of responsibility and the consequences for bypassing the separation
As long as the points above are understood, it is expected that each organization will use its own judgment for implementation of this phase.
Phase III Implementation of Corrections and Controls

After controls and corrections are implemented, or the decision has been made to implement them, the compliance discipline is called into play. Compliance is the process of ensuring that management is informed of the status of Revenue Assurance activities.
RA Lifecycle Phase III

Implementation of Compliance
Cases
Domains
F o r e n s i c s
Recommended Corrections
Correction
Coverage Plan
Controls
C o m p l i a n c e
M a n a g e m e n t
A well designed compliance operation will summarize each of the different activities of Revenue Assurance, and allow management to know quickly and easily the status of different initiatives and, most critically, the location and degree of risk across the myriad systems and operations within the environment.
GRAPA
48
Phase IV Feedback Mechanisms

Upon implementation of controls, corrections and compliance, the next step in the process is to create appropriate feedback mechanisms.
RA Lifecycle Phase IV
Feedback Mechanisms (Alarms, Alerts, AutoCorrections)
Management Internal Audit Customer Complaints Internal Incidents External Incidents Operational Monitoring Assessment
Report to: -Management -Internal Audit -Operational Management
Cases
Domains
F o r e n s i c s
Correction
Coverage Plan
Operational Monitoring
C o m p l i a n c e
M a n a g e m e n t
Each correction that has been specified needs to be tracked, and management kept informed about how and when the correction will be implemented. When the corrected procedure yields new cases, these need to be fed back into the forensic process for further review. The fact that controls have been created is only the beginning of the Revenue Assurance process. The real work begins after they have been implemented. The point of controls is to: 1. 2. Provide management with an assurance that the risk of revenue loss is being monitored on a regular basis (by the running controls and reporting via compliance). Generate alarms when revenue risk levels surpass the management specified levels (appetite for risk threshold). When the threshold is violated, the forensic team needs to be notified so that appropriate investigation and adjustment can happen.
With the implementation of appropriate feedback and communication mechanisms, the basic Revenue Assurance Process is complete.
Phase IV++
After the successful establishment of the Revenue Assurance environment for the cases and domains that were specified as the initial scope of the Revenue Assurance group, the real work of Revenue Assurance begins. Now, the Revenue Assurance team must maintain vigilance and control over the areas currently in scope. At the same time, the team will be reviewing and expanding scope by adding more domains and cases to the environment.
GRAPA
49
With patience, professionalism and trust, the scope of Revenue Assurance will continue to expand to include more of the Telco environment.
Ad d
or e
ca se s
an d
do m
ai ns
the Revenue assuRance lifecycle conclusion

Over the next several chapters we will continue to expand and expound upon the structure and organization of the Revenue Assurance function. As was previously stated, the lifecycle and functions defined here are provided as a guideline and framework for understanding, communicating, teaching, organizing, and assessing the execution of Revenue Assurance responsibilities. In the next chapter, we review the four Revenue Assurance disciplines in more detail to provide a better understanding of exactly what is involved, and how they can be applied.
GRAPA
50
Chapter 7 -Forensic Analysis
Chapter 7
foRensic analysis
Provided with the general overview of the Revenue Assurance function, as defined by the Revenue Assurance lifecycle in the previous chapter, it is now possible for us to provide a more in-depth review of each of the four basic disciplines that make up the Revenue Assurance environment. As we said earlier, at this point, our objective is to define what needs to be done in order to assure the different revenues of the Telecom. We leave the discussion about who should do it for later. There is no reason to assume that a formally-defined Revenue Assurance team should be expected to have the manpower, expertise or predisposition to do any of the jobs we are talking about here. Indeed, there are some Telcos where there is little or no need for a Revenue Assurance group. Internal Auditors, Business Process Reengineering teams, Sarbanes-Oxley, Operations can all get the same job done. The critical point is not who does it, but that someone does.
A Set of Guidelines Not an Instructions Manual

At this point, it is important to remind the reader that this book represents a summary of a set of standards for the way Revenue Assurance is practiced. It is not an instruction manual. The examples and formats laid out here are for example, structure and completeness. The reality of the practice of Forensic Analysis is often, and many times appropriately, informal. Formal or informal, what is important are the basic logic, checkpoints and flow of logic.
foRensic analysis
The first of the four Revenue Assurance disciplines is Forensics (or Forensic Analysis). You may be asking, How did you come up with the term Forensic Analysis for this function? Why not Systems Analysis or Assurance Review? The decision of what to name this function was not an easy one to make. We tested several different names and approaches, but most of the more neutral and acceptable names carried such a large backlog of assumptions and pre-determined ideas about what it meant and what was involved that we decided on the more exotic term Forensics. The dictionary includes several definitions for the term Forensics but one of them fits our meaning. It states that Forensics is relating to the use of science or technology in the investigation and establishment of facts or evidence.
That is precisely what Forensic Analysis is all about in this case. We want people to make decisions in the area of Revenue Assurance based upon facts not guesses and we want those facts to be based on an organized, dependable scientific method. It should not be based on an infinite collection of random observations, assumptions and gut-level guesses about revenues, loss, and most critically -- the risk and forecast of loss.
The Revenue at Risk Concept

The foundational metric and the key concept that drives the Forensic process is the determination of Revenue at Risk. We use this term to define (for the business) several different aspects of revenue loss. The term includes: 1. 2. 3. Known revenue leakage situations where it is highly probable that, without a correction, the historically proven revenue losses will continue, and usually at an accelerated rate Anticipated situations where it is probable that leakages will develop if preemptive measures are not taken Forecasted situations where market trends, environmental conditions, and known historical patterns provide a clear expectation of revenue losses in the future
When the Forensic Analyst takes on a case or domain, the objective is primarily to determine the amount of revenue that the company risks losing in this particular situation.
The Forensic Analysis Process

But how does the Forensic Analysis determine exactly what the revenue at risk is? And most critically, how do we apply a scientific method to that analysis? Let us begin with an overview of the Forensic Analysis process itself (shown below).
Cases Domains
The Forensic Analysis Process
Reports And Recommendations
Fundamentally, we can view the Forensics Process as consisting of three parts, the Inputs to the Process, The Forensics Disciplines themselves (scientific methods employed) and the Outputs.
GRAPA
52
inPuts to foRensic analysis

The Revenue Assurance process itself, and Forensics Analysis, begins with two kinds of inputs, cases and domains.
Cases
The first and most common input to Forensics is the case. There are many different kinds of cases but they have one thing in common; they are discretely-defined events which indicate a possible or definite risk of revenue loss. There are many different sources of cases. One source is the straightforward and usually random cases that are reported. These include: 1. 2. 3. 4. 5. Customer complaints Management observations and directives Whistle Blower reports (for fraud cases) Operational personnel observations and reports Internal Audit recommendations
These random reports of cases, while important and useful, usually represent a small percentage of the total number of cases that a forensic team will review. The most common and largest single source of cases is from alarms and alerts issued by controls. Ultimately, the goal of the overall Revenue Assurance process is to install enough controls, so that all revenue risks are adequately anticipated and reported as alarms that the Forensic Team can analyze and respond to. Alarms of this type include: 1. 2. 3. Report of a higher than normal loss of CDRs from the Mediation System Report of a higher than normal percentage of rating errors from the Billing System Report that a new interconnect partner has been brought online without completion of the proper assurance checklist
Domains
The other, equally important input is a domain. Whereas a case is a discreet event that is turned over to the Forensics Team for diagnosis, domains represent a completely different kind of input. A domain of interest for the Forensics Team is a complete subsection or component of the companys Revenue Management chain or product group that management has decided should be included within the scope of Revenue Assurance. Domains are turned over to the Forensics Group so that they can do a comprehensive evaluation of the potential lost exposure that the area represents so that a proactive and well-developed coverage plan can be recommended. In other words, cases are reactive notifications that the Forensics Team needs to try to backtrack and determine what happened. Domains are areas where management has decided that the Revenue Assurance team should be proactive, and determine ahead of time where the most likely leakage points might be. They then recommend controls and corrections in order to prevent it from happening in the future.
GRAPA
53
Domains can include: 1. 2. 3. 4. 5. The prepaid billing system The interconnect line of business Development of the new 3G product offering Switch operations and controls Many others
We will withhold our detailed discussion of domains for the chapter on Standards, which is dedicated to that topic. Suffice it to say that domains are broader and more comprehensive in scope than cases. Domains are typically assigned to the Revenue Assurance team by top management. Domains are also assigned by invitation, issued by the manager of a particular operational area, or by edict, at the direction of Internal Audit, Sarbanes-Oxley or another Compliance Management group.
Managing the Queue

Given that the driving inputs for Forensics are cases and domains, the next issue that must be addressed is, How do you manage all of the different domains and cases that are being generated? Any given company on a given day can generate dozens of cases that must be addressed. In addition, most companies are badly in need of a clear Forensic review of most domains (product lines and systems) that they operate. So how does the Revenue Assurance Forensics Team manage it all?
Who Does What?

The first component to answering the question of who does what, is defining responsibility for Forensic operations. In some organizations, all Forensics are deferred to the Internal Audit team. In these organizations, Revenue Assurance personnel are dedicated to setup and monitoring of controls. In other organizations the majority of Forensics is deferred to the Revenue Assurance team. Other groups, like Internal Audit or Business Process Reengineering; only get involved in special cases. The process of determining which organization should be assigned responsibility for Forensic Analysis is very important and we will discuss this issue in detail under the Operational and Organization Principles section of the standards. At this point it is important to note that the Forensics job is most often shared between multiple organizations.
The Prioritization of Cases and Domains

Once the decision about who will be responsible for cases and domains has been made, the Forensics Team can establish policies regarding how to manage and prioritize the cases and domains for which they are responsible. In general, we consider this topic an important part of the Revenue Assurance Practices and not the standards per se.
The First Revenue Assurance KPI Case/Domain Uptake Rate

Once the scope of the Forensics Team has been defined, it is important to note that we have now created our first Revenue Assurance KPI. That KPI is the number of cases and domains that the Forensics Team is accepting and processing on a monthly basis. Indeed, the way to measure the effectiveness of a Forensics Team begins with tracking the number and types of cases and domains they are accepting on a monthly basis.
GRAPA
54
the foRensic disciPlines (scientific Method)

Once the inputs have been organized and accepted, the Forensics Team is ready to perform the real job, Forensic Analysis. The GRAPA Standards identify six disciplines as the core Forensic techniques. We are confident that more will be added over time, and that these disciplines will be refined and improved as more people get a chance to practice them. The Forensic disciplines include: 1. 2. 3. 4. 5. 6. Risk Analysis Exchange Analysis Process Analysis Systems Analysis Statistical/Numerical Analysis Coverage Plan Development
Case Or Domain Risk Analysis
What analysis and at what level Is appropriate?
No
Is there enough Revenue at Risk to Justify Forensic Investment?
Exchange Analysis Systems Analysis Process Analysis Statistical / Numerical Analysis
Coverage Plan Development
We provide a brief description of each area here. The techniques utilized in each area are considered part of the Practices section of the standards and are a critical part of the GRAPA Body of Knowledge for Revenue Assurance professionals.
Risk Analysis
Risk Analysis is the application of predefined and proven techniques for the assessment and determination of the level of risk of loss, or the extent of the risk of loss to be found within a particular domain or case.
GRAPA
55
Risk Analysis techniques provide the Forensic Analyst with tools that allow him/her to determine the level of probable risk without experiencing the extreme expense of extensive, detailed, specific quantification. The purpose of Risk Analysis is to allow the Forensic Analyst to draw preliminary conclusions about the extent of the risk of loss before investing in a more extensive evaluation. Forensic Analysis is costly in terms of time, money and effort, and the Forensic Team must be sure it is prioritizing efforts based upon a foundation of the best return on investment. This requires a clear understanding of the amount of revenue at risk, and the magnitude of that risk, prior to engaging in an in-depth evaluation. There are many different techniques that we include in the ever-growing collection of Forensic Risk Analysis practices. Some of the most common and best understood include: Revenue Mapping This is the rigorous process of identifying each of the major revenue streams that the company has, and mapping out each of the different systems and operations involved in the realization of revenue. A Revenue Map traces the progression of a revenue transaction from the point of activation/provisioning, to the point of revenue generation (usually on the network), through the different systems that handle the transactional information. This is done to the point where the money is collected and credited to the customers account and the customers prepaid balance and general ledger as recognized revenue. Risk Mapping A Risk Map is a derivation of a Revenue Map, which allows the Forensic Analyst to understand in relative and absolute terms, the differences and degree of revenue at risk within each component of a Revenue Stream. Noise Analysis Noise analysis is a process that allows the Forensic Analyst to determine the relative revenue at risk, based upon collateral and coincidental data related to each link in the revenue chain, as defined by the Revenue Map. Noise analysis is an extremely powerful Risk Assessment technique that allows the analyst to identify the greatest risk exposure with a minimum need for numerical and analytical work. Gross Tally Analysis this is the process of creating meaningful and easy to generate metrics, ratios and indicators that allow the analyst to quickly estimate loss exposures. Typical GTA metrics include: 1. 2. 3. 4. 5. Average value of customer Average value of CDR Average value of 1 Erlang Average value of a particular network element Many others.
Environmental Risk Assessment The Environmental Risk Assessment technique provides the Forensic analyst with a list of collateral and secondary conditions that can be tested in order to assess the relative risk associated with a particular component. For example, the age of a switch, the proficiency of the network team managing that switch, the frequency of audits and the percentage of faults and corrupt CDRs that a switch generates can provide the Forensic analyst with a great deal of valuable collateral and generalized risk information, which can help narrow down the analysis and scope. One of the most powerful techniques that can be integrated into risk analysis is the utilization of statistical analysis. Sampling, distribution analysis, forecasting, cluster analysis and other techniques can be utilized by the analyst to do preliminary risk analysis, as well as the more advanced Revenue at Risk forecasts generated as the last step in the process. Note: For detail on these techniques see the Numerical/Statistical Analysis Techniques section. There are many more Forensic risk analysis practices, but the above examples provide you with an idea of what is involved in these practices and how they are utilized.
GRAPA
56
Output of the Risk Analysis Process

When risk analysis has been completed, the Forensic analyst will have formed an opinion about the merit, viability and urgency regarding the case or domain in question. At this point the analyst will decide to: 1. 2. Choose not to analyze at this time due to the low value or impact that it represents Choose to forward the case/domain for a more in-depth analysis
It is as this point that the analyst determines which additional analytical techniques should be used, and what degree is most appropriate. Each of the downstream processes has an objective, with specific skills and techniques associated with them. In general, it is uncommon for a Forensic investigation to employ all of them.
Exchange Analysis
Exchange Analysis is the process of reviewing all of the terms and conditions associated with the contracts and/or regulations to which the Telco is subject. Exchange in this context refers to the economic exchange between two legal entities. The typical exchanges reviewed under exchange analysis include: 1. 2. 3. 4. 5. 6. The contract and arrangement between a carrier and interconnect partners The contract and terms between a carrier and content providers The contract and terms between the company and the organization that prints top-up cards The contract between the Telco and the bank that supports ATM -based top-up The contract, terms, conditions and service level agreements associated with rate plans to consumers The regulatory constraints on prices, contracts and service level guarantees as declared by government, association or other legally binding conditions
Exchange Analysis can have a fundamental impact on the effectiveness of any Forensic Analysis that involves customers, regulators or partners. Failure to include an analysis of these contracts (explicit and implied); laws and agreements leave the Forensic Analyst unable to answer many key questions regarding how things should or should not be handled. The following examples illustrate this point: 1. Do customers pay for an SMS message that is not delivered? In some countries they do, in others they do not. Which is correct in your case? 2. When the SS7/C7 Network fails between the Switch and IN, are the customers calls cut off, or are they allowed to complete the calls at no expense? In some countries the Telco is required to complete the call for the customer. In others it is okay if they do not. In some cases there is a service level commitment to customers to let them finish the call. Unraveling the complicated legal and contractual issues is a critical component to many Revenue Assurance situations.
Process Analysis
Process Analysis is a well known, well understood and well practiced discipline. It involves the utilization of process models, process narratives and a well defined set of tools and techniques to help the analyst understand, document and recommend improvements to processes that are not optimal.
GRAPA
57
Process Analysis is an important part of many Forensic Analysis situations. Process Analysis is integral when multiple organizations and complex interrelationships make operations confusing, contradictory and a danger to the efficient and effective capture and processing of revenue.
Systems Analysis
As is true in the case of Process Analysis, Systems Analysis is a well-defined and well- understood discipline in its own right. While Process Analysis focuses on people and operations, Systems Analysis focuses on computer systems and network element operations. Some of the disciplines associated with Systems Analysis are similar to those utilized in Process Analysis, but many are unique to the IT and Network world. Decision trees, logic maps and a host of other tools help Systems Analysts understand and diagnose problems with revenue flows related to systems.
Statistical and Numerical Analysis

After the appropriate level of Exchange, Process and Systems Analysis has been completed, the Forensic Analyst is ready to conduct Numerical and/or Statistical Analysis. While it is likely that most of the efforts of the Forensic Analyst will be in this area, it is critical to note that, without performing the appropriate levels of analysis in the other areas first (Risk, Exchange, Process and System), it would be impossible for the analyst to draw any accurate and/or meaningful conclusions. One of the most frustrating (and sometimes comical) experiences is watching a person who has spent many days on a Numerical Analysis experience having all of the work thrown out within the first 15 seconds. This happens after it is revealed that the analyst has missed some critical aspects of the exchange, process or system environment that completely invalidates the assumptions. In short, doing the right analysis in the right order is critical. Numerical Analysis is the process of gathering and analyzing straightforward reports generated by the different systems involved in the area under investigation. Alternately, it can involve the development and creation of Data Warehouse generated, special purpose reports in order to get a unique view of the situation under investigation. Ultimately, it is impossible for the Forensic Analyst to make meaningful recommendations and to draw valid conclusions without numerical data to back up the Forensic Findings Report. In addition to the straightforward numerical reports created by the analyst, a great deal of powerful insight can be gained by leveraging Statistical Analysis techniques. Statistical techniques are helpful not only as part of the in depth Forensics Analysis, but as an adjunct to the Risk Analysis process as well. There are a great number of Statistical Analysis techniques that can help the Forensic Analyst to do the job. These techniques fall under a few basic categories, which include the application of Statistical Analysis in order to perform: 1. 2. 3. 4. Risk Analysis Helps the analyst to quickly determine the extent and severity of risk without requiring expensive detailed data review Root Cause Analysis Utilizes pattern recognition and other techniques to uncover patterns that provide pointers to the cause of a problem Early Detection Makes use of techniques that show an early indication of where a problem is most likely to occur Forecasting Provides the analyst with the ability to anticipate losses and approximate the extent of loss
GRAPA
58
Some of the more useful statistical techniques include: 1. Sampling Allows the analyst to utilize a small sample of the entire population of data to draw conclusions about the risk of loss and the extent of a condition without needing to review all of the data 2. Cluster Analysis Leverages the power of Statistical Analysis software to identify underlying patterns and complex (and sometimes causal) relationships between factors 3. CART/CHAID A technique often applied to the prediction of churn, failure of network elements, credit default, and fraud 4. Neural Networks Often integrated into fraud management systems, as well as utilized to predict credit default and network element failure 5. Distribution Analysis An extremely powerful and easy to implement visual technique for tracking patterns and identifying discrepancies in the normal flow of revenue 6. Analysis of Central Tendency An extremely simplified form of Distribution Analysis that allows the analyst to make use of different measures of central tendency to set up and test controls and conditions 7. Regression Analysis A long utilized method for prediction and forecast The table below illustrates some of the areas where these techniques are commonly applied.
Risk Analysis Root Cause Analysis Early Detection Forecast Controls Design
X X X X
The subject of Statistical Techniques and their application to Forensics is vast and wide and far beyond the scope of this book, but the preceding summary should help provide an overview of the area. It is clear that an industry-based investment in the exploration and application of Statistical Techniques to the challenges of Forensics will undoubtedly deliver extensive and effective benefits to the industry over the next several years.
outPuts of foRensic analysis

The ultimate output of the Forensic process is the Forensic Findings Report. Although the specific formula and format for the report will vary based on the organization, the specific case under review, and the purpose for the analysis, there are certain key elements that should be included. These include:
mp lin g Cl us ter An Ch al y aid sis /C AR Ne T ura lN etw Di or str k ibu tio nA Ce na nt lys An ral T is aly en Re si de nc gr s es y sio n
Sa
X X X X X X X X X
X X
X X
X X X
GRAPA
59
Summary of the Case/Domain

For the sake of completeness and the usefulness of the report, most Forensic Findings Reports begin with a brief summary of the case or domain that they are associated with. This summary should define where the case/domain originated, why it was referred to the Revenue Assurance Forensics Team and what the objectives for the Forensic Analysis are.
Review of the Procedures

The next section should be a summary of each of the steps involved in the Forensic Process including summary of: 1. 2. 3. Risk Analysis This includes (a) What was done? (b) How was it handled? and (c) What was the conclusion? Exchange, Process and Systems Analysis This includes (a) Which were done? (b) How were they done? and (c) What was learned? Numerical/Statistical Analysis The numbers and summary of the case for the conclusions to be drawn.
Revenue at Risk
Based upon the material collected and reviewed in the previous sections of the document, the Forensic Analyst is ready to summarize the findings in the form of a Revenue at Risk Statement. The Revenue at Risk Statement reports on: 1. 2. 3. How much revenue has been lost to the firm over the past 12 months due to this condition or situation How much revenue loss can be anticipated over the next 12 months if no action is taken The rationalization and justification for those numbers.
Calculating and reporting the revenue at risk for each case or domain might at first seem to be a lot of trouble, especially if it is being forced into this rather rigid format. But there is a very good reason for imposing this discipline, and that has to do with the KPIs for Forensics.
The Second Set of Forensic KPIs

Early in this chapter we referred to tracking of the number of cases and domains handled by the Forensics Team as the first set of Revenue Assurance KPIs. That measure, however, only tells you how busy, not how effective, the Revenue Assurance team is. To measure the effectiveness you need the second metric, the measure of revenue at risk. In the final analysis, it is not the number of leaks that the Revenue Assurance team finds, or the number of cases it investigates that determines value. The true value of any Revenue Assurance effort is the Revenue at Risk that is detected, contained and prevented. But how can you measure it and report on it if you do not have a set, standardized method for analyzing and reporting it? That is the pivot point and cornerstone of Revenue Assurance efforts, the accurate creation of Revenue at Risk Reports. The revenue at risk numbers generated as the output of the Forensics Process has many purposes: 1. 2. 3. It is the key piece of data required to enable management to make a sound decision regarding which remedies (corrections or controls) make the most sense. It is the key piece of data that will allow the Revenue Assurance manager to show the value that Revenue Assurance is bringing to the business. It is the key fact that can help Revenue Assurance and top management motivate operational managers to change their ways and tighten up their operations.
GRAPA
60
4.
It is the only way that you can establish a simple and easy to understand metric. This will enable the Revenue Assurance team to compare the benefits and risks to the business across the myriad operations and processes involved. It is the ideal least common denominator for all Revenue Assurance reporting.
Remedy Review
After the reporting of the revenue at risk for the case or domain, the next component in the findings report is a review of the different remedies for the situation. Remedies can be recommendations to change policies, procedures or systems, or they can involve nothing more than the formalization and reporting of operational monitoring that is already being practiced. In all cases, a review of possible remedies should clearly show the advantages and disadvantages of each alternative, in addition to the rationalization and return on investment that each anticipates.
Remedy Recommendation
Finally, the Forensic Findings Report should include the recommendations of the Forensic Analyst and the reasons for the recommendation.
how foRMal does the foRensics PRocess need to be?

As we have repeatedly stated, this is a standards document and not a user guide. This book should not be taken as a literal guide to the practice of Forensics in your organization. The specifics of how it is practiced are an individual implementation issue. A big factor in the formalization of this process is the way that many different groups will be counted on to provide Forensic Analysis. The more diverse the groups, the harder the implementation of this rigid structure. In the same manner, most organizations have a very large number of small cases, and a small number of large cases. Clearly, the larger the domain, or the more extensive the revenue at risk under consideration, the more formally and the more thoroughly you will want to implement your Forensics. A good, experienced Forensics Team will quickly and effectively dispatch a number of cases with a minimum of rigor and formal reporting. But a more inexperienced team will probably require the additional support that the formal documentation process provides. This, like so many other issues, falls under the topic of practices, not standards. For this reason, we defer further discussion to those forums.
GRAPA
61
GRAPA
62
The following table provides the reader with an excerpted view of the GRAPA standards as formally defined in the Standards Document and ratified by the membership January 2009. I. The Revenue Assurance Disciplines - Forensics a. Forensic Analysis - The different subdisciplines that make up the forensic discipline include: i. Risk Analysis The process of quickly and cost effectively evaluating the depth and/or degree of risk associated with a particular area BEFORE expending the groups resources on in-depth investigation. 1. Revenue Mapping The process of creating an exhaustive mapping of all of the different processes and systems involved in a particular revenue chain and the actual amount of revenue that each manages. 2. Risk Mapping The process of assigning risk (subjective and objective) to each of the components of the revenue map in order determine the relative risk that each component represents. 3. Noise Analysis The process of determining the difference between revenue accounting for, and revenues unaccounted for in order to quick assess the revenue at risk level BEFORE indepth examination of particular reasons and amounts. 4. Gross Tally Analysis - The process of creating meaningful benchmark and thumbnail estimates of the revenue generating activity of a component in order to assist in risk analysis. 5. Environmental Risk Analysis Utilization of key benchmark information to assist in the setting of a subjective level of risk based upon environmental factors. ii. Exchange Analysis The process of examining the all aspects of the rules of exchange (exchange of value) between the carrier and outside parties (regulators, partners, suppliers, customers, channels etc). in order to fully define and understand the terms, conditions and risks associated with the relationship. 1. Contract Analysis The process of examining and understanding the terms defined in a contract between the carrier and other parties in order to understand the constraints and risks associated. 2. Service Level Agreement Analysis Review of the explicitly stated, and implied service level agreement between the carrier and customer , or between the carrier and supplier, in order to better understand the risk/ functionality conditions. 3. Pricing Analysis Extensive review of the price-promise, and price-billing scenarios to assure alignment, accuracy and compliance. 4. Regulatory Constraint Analysis Review of regulatory constraints associated with revenue related situations. iii. Process Analysis The utilization of standard process analysis techniques in order to assist the analyst in understand how processes work, and how the fit and hand off information between. 1. Flowcharts Standard mechanisms for the graphing of the logical relationships between processes or steps. 2. Cross Functional Flowcharts Standard technique for the mapping of processes between different organizations. 3. Process Narrative Written narrative description of a process iv. Systems Analysis The utilization of standards systems anlaysis disciplines and techniques in order to assist the analyst in understanding how systems work and interact, and to identify risk to revenue vulnerabilities.
GRAPA
63
1. Data Flow Diagrams Standard I/T technique for the tracking of data flow through systems/operations. 2. Entity-Relationship Diagrams Standard DBA technique for the capture and documentation of the relationships between data elements. 3. Normalization Standard technique for the documentation and clarification of the relationship of data elements. 4. Systems Flowcharts Technique for the mapping and diagramming of the interrelationships between programmatic and hardware components. 5. Network Topology Diagrams Standard diagrams utilized to show the physical and logical organization of the network. 6. Network Technical Diagrams Any of a vast assortment of network diagrammatic techniques. v. Statistical and Numerical Analysis The utilization of advanced business intelligence and statistical analysis techniques to assist in the understanding, diagnosis and evaluation of revenue risk situations. 1. Risk Analysis Employment of risk assessment techniques to assist in the quantification of risk after in depth analysis. 2. Root cause analysis utilization of statistical methods to determine the source reasons for revenue risk 3. Early Detection utilization of statistical techniques to be pre-emptive in the determination of where risk will occur 4. Forecasting providing management with a clear forecast of potential future loss given current conditions. 5. Sampling statistical technique that allows the analyst to examine a small number of records and infer the true nature of risk for the entire population 6. Cluster Analysis statistical technique that allows the analyst to identify patterns and possible root causes based upon the natural clustering of cases or conditions 7. CART/CHAID graphical techniques that provides accurate and effective forecasts or many different risk conditions 8. Neural Networks tools that provide for forecasting and prediction using modern statistical methods 9. Distribution Analysis utilization of graphical distribution charts to help the analyst spot patterns, trends and disparities that can indicate loss risk scenarios 10. Analysis of Central Tendency utilization of average, mean and mode to provide analysis of large populations of data 11. Regression Analysis traditional statistical technique for prediction and root cause analysis of revenue at risk scenarios vi. Coverage Plan Development 1. Rationalization a. Quantification of Risk (Determine Revenue at Risk) b. Annualization (Forecast 12 month loss) c. Alternative approach development 2. Solution Development a. Root cause analysis b. Identification of Key Control Points 3. Feasibility and Estimation of Each Solution 4. SWOT-CB (Strength, Weakness, Opportunity, Threat, Cost, Benefit) for each alternative 5. Recommendation of best alternative
GRAPA
64
Chapter 8 -Controls, Corrections and Compliance
Chapter 8
contRols, coRRections and coMPliance
Upon completion of the Forensics Process, the Revenue Assurance Team is ready to proceed with the rest of the Revenue Assurance lifecycle.
RA Lifecycle
Cases (Alerts/Alarms)
Cases
Domains
F o r e n s i c s
Correction
Coverage Plan
Controls
C o m p l i a n c e
M a n a g e m e n t
Cases (Alerts/Alarms)
GRAPA
65
Management Decision-Making
You should recall that, after the Forensics Findings Report is created, the next step is for management to review the report and to make some decisions about how to proceed.
Controls and Corrections Decisionmaking
Forensics Team
Initial Forensic Findings Report
Finalized Report to Top Management
Operational Management (for the area under review)
Review and Recommended Modifications and Comments
Top Management
Selection Of Remedy
Implementation Decisions
Budget and Funding Decisions
Controls and Corrections Decisionmaking
Forensics Team
Initial Forensic Findings Report
Finalized Report to Top Management
Operational Management (for the area under review)
Review and Recommended Modifications and Comments
Top Management
Selection Of Remedy
Implementation Decisions
Budget and Funding Decisions
Before we get into an in-depth discussion about the implementation and activation of corrections and controls, it is important that we consider the management decision-making process in more detail. After the Forensics Team has developed its best assessment of the case or domain in question, the team members might decide that they understand the situation well enough to make the decision about the control/corrections on their own. While this may be true in many cases, the situation is usually not that simple. To be effective, the control or correction in question must be implemented and agreed upon by top management and the involved operational area. Revenue Assurance typically does not set out to override the authority and responsibility of Operational Teams, only to supplement and assist them.
GRAPA
66
This means that the Forensics Team should, in most cases, review its findings with the operational area in question before submitting it to management for approval. There are several reasons for this: 1. 2. It is possible that the Operational Manager will agree with the findings and recommendations and decide to implement them immediately. This will make the entire implementation process much easier. If the Operational Manager has concerns or disputes the findings, it is best to listen and attempt to resolve them before involving top management in unnecessary controversy. The Operational Manager may not always agree with the findings, but it shows respect for the role and position when you consult this manager and solicit opinions. Based on the feedback provided by the Operational Manager, improvements to the recommendations can probably be made.
3.
Once the Operational Team involved in the area under review is consulted, the Forensics Analyst can submit the final report to management for review.
The Management Decision Making Process

There are three levels of decision that management needs to make in order to get the control or correction implemented correctly. The fact that there are three decision levels is the main reason that any major control/correction decision must be reviewed and approved by management. Management needs to decide about the following.
Remedy Selection
The first decision to be made is determining which remedy should be implemented. If the Forensic Team did a good job of exploring the problem and presenting different alternatives, the management job should be relatively simple and straightforward. The risk/cost tradeoffs associated with each remedy should be clearly spelled out in the Forensic Findings Report. If they are, then the top managers can focus on their part of the process, which is to set their tolerance for risk, and to decide how much they are willing to spend in exchange for the level of risk that the remedy assures.
Implementation Responsibility Assignment

Deciding on the remedy is only a small part of the process. After the remedy has been selected, management must make the decision about the who, what, where, when and how aspects involved in implementing the remedy. The decision to implement a specific remedy (control or correction) will involve several key decisions. These decisions fall into three categories: Implementation Who will be responsible for designing and building the new control or correction? Will it be IT, the Operational Management Team, or contractors? The construction of a control or correction can be a major implementation, ranging in cost from a few dollars (to make a minor modification to a program) to millions of dollars (for implementation of a new system or major operational change). Administration After the control/correction has been implemented, the next, and most critical question is, Who will be responsible for running it? This is where many organizations lose the benefit of their Revenue Assurance investments. Organizations spend a great deal of time defining and building controls and corrections, but can be woefully lacking in decision-making about who is going to actually run the control. The assignment of responsibility is critical to the person who will monitor the control and ensure that appropriate responses are made to conditions that arise, whether that is to the Operational Team, the Revenue Assurance Team or someone else. Compliance Requirements and Responsibilities It is also important that management, the Revenue Assurance Team and the Operational Management Team agree upon the compliance associated with a particular control.
GRAPA
67
It is one thing to create a control, another to monitor it, and yet another to ensure that the monitoring is happening. In addition, the alarms and alerts must be escalated appropriately, and management must be assured that everything is functioning the way that it was specified. These negotiations can be especially sensitive since they often involve assurances that operational personnel report information to the Revenue Assurance Compliance and Reporting Team.
Funding and Budgeting

After all the operational responsibilities are assigned, someone has to make sure that the appropriate funding and budgeting decisions are made. The decision to grant implementation, operational and compliance responsibilities to an organization includes an implied budgeting allocation as well. The following decision must be made -- whether that allocation is a decision that the assigned team needs to take on the work as part of pre-existing budgets, or whether the task represents a new load that requires a budgetary or headcount adjustment. Once these decisions have been made, the team is ready to begin the Controls Development Lifecycle.
The Controls/Corrections Development Lifecycle

1. 2. 3. The Controls Development lifecycle includes the steps involved in the implementation of a control. These are: Determination of responsibility and funding. This should be completed as part of the management approval process noted above. Management of the control/correction project. This is the project that will create the new control or implement the correction specified. Implementation and testing of the new control/correction. This is the review and approval of reports and/or alarms associated with the remedy and verification that the staff responsible for their administration are trained and allocated to the task. Implementation and testing of the compliance component of the new activity.
4.
This development process is simple and straightforward at this very high level. But it will vary greatly in complexity based on the extent of the correction or control involved.
undeRstanding contRols
Creation and administration of controls is a major part of most Revenue Assurance Departments activities. As with all of the other disciplines, it involves an assortment of varying approaches and levels of expertise.
Definition of a Control
The first step in understanding Revenue Assurance controls is to determine what exactly is meant by the term. The term control in this case is borrowed from Finance and refers to the same things as an accounting control (as specified by auditors and management accountants). One of the most common definitions of accounting controls is that they are procedures used to assure accuracy in the record keeping function. Controls exist to ensure source data placed in the system are proper and correct. In short, a control is a procedure that double-checks some aspect of an operation or system.
GRAPA
68
There are several types of controls, and many different ways to categorize them. These include categorization by: 1. 2. 3. 4. 5. 6. Level of Automation Manual, semi-automatic and fully-automated controls Continuity Continuous (ongoing), periodic (regular schedule) and sporadic (random sample based) Frequency hourly, daily, weekly, monthly, annual Triggering Mechanism time, calendar, event, condition Control Type Audit, change control, threshold response Mechanism Operational Report review, overlay system or function
While the review of these different aspects and mechanisms is as much a part of Controls Design (a Forensic Process) as Controls Implementation, we have included the complete discussion at this point for the sake of continuity.
Most Commonly Applied Controls

The following provides examples of different types of controls, which can help us set the stage for a more in-depth study. Some of the most commonly implemented controls include:
Audits
The term audit in the context of a Revenue Assurance control is not the same as a typical audit done by an internal auditor. Within our context, an audit is a predefined, manually executed series of tests that allow the auditor to verify that the system or operation under review is working as specified. In this context, an audit can be done every day or many times a day if required. The most commonly practiced and easily understood example of an audit of this type is the typical postpaid billing system invoice audit. In most cases, the people running postpaid billing systems will extract a sample of bills from each billing cycle, and manually verify that the charges and calculations are executed correctly, before releasing the cycle for printing. The specifications for audits are:
Control Type: Audit

Automation Continuity Frequency Triggering Mechanism Where Applied Manual only Continuous (Ongoing) , Periodic (Regular schedule) and Sporadic (Random sample based) As needed Time, Calendar, Event, Condition Function defined within operational charter Bill Cycles, Security/Fraud Prevention, Also commonly applied in areas where the need for monitoring is very low and places where the volume of information to be checked is low
GRAPA
69
For many organizations the audit is one of the most commonly applied controls because the cost to implement them is low when the check does not need to be done often. As the frequency, volume of information and level of risk increases, the appropriateness of the audit decreases. Threshold Response Monitoring based on Existing Operational Reports
Generally speaking, the threshold based Operational Report review is the undisputed and most commonly applied control. Using this approach, the Forensic Analyst identifies reports already created by different operational systems that can provide the Revenue Assurance Team with the level of risk and alert/alarm information it requires. The analyst can then simply ensure that someone checks the reports and makes compliance reports about the levels. By formally identifying and designating existing (or commissioned) reports being generated as a normal part of the operational activities in the area as controls, the Forensic Analyst provides optimum coverage for minimum cost. In a surprisingly large number of cases, the information required by the Revenue Assurance organization to monitor the level of risk associated with a particular area is already being captured and reported by operational systems. In fact, this is quite logical. How can an operational system run effectively if critical information about the integrity of revenue related operations is not being checked? The process of establishing these kinds of controls is easy if the Forensic Analyst understands the system being assured. The first step is for the analyst to identify the standard controls associated with that particular function or system. The GRAPA Practices and Training Classes provide an in-depth review of standard controls for all areas of Telco operations identified as part of the Body of Knowledge. The analyst then reviews the existing operational environment and attempts to identify the specific reports that generate the information. If the information is found in place, the analyst then identifies: 1. 2. 3. 4. 5. The specific reporting information to be checked Which report? Which fields? The Periodicity How often should it be checked? The Thresholds Values and Conditions (to be ignored if normal), Alerts (to be responded to), and Alarms (to be responded to immediately and emphatically) The Escalation Procedures How should the Operational Team handle each situation? The Compliance Requirements What should be checked and reported and how often?
A large number of Revenue Assurance Departments run the majority of their operations utilizing spreadsheets, which identify each of these types of controls and the other required information that must be checked in order to make them effective.
GRAPA
70
Control Type: Operational Report-based Threshold Response

Automation Continuity Frequency Triggering Mechanism Where Applied
Semi-automatic Continuous (Ongoing) , Periodic (Regular schedule) and Sporadic (Random sample based) As needed Event based (per cycle) Operational Report review Majority of automated (IT systems)
Test Plans
A test plan is a predefined set of procedures that allow the analyst to determine whether a particular function is working correctly or not. The difference between a test plan and an audit is that a test plan is more simplistic and single threaded in design, while an audit will typically involve several steps and checks. The most common practice test plan is a Test Call Discipline. Under a Test Call Discipline, the person running the control schedules a predetermined number of calls to be made at certain times to certain places. The date, time, destination and duration of the calls are logged, and the analyst then reviews the IN, VMS, Mediation or Billing System to verify that the call was routed and billed as intended. Test plans can be run manually, semi-automatically or automatically and are a crucial control for many aspects of operational review.
Control Type: Test Plans

Manual, Semi-automatic, Fully automated Continuous (ongoing), Periodic (regular schedule) and Sporadic (random sample based) As needed Time, Calendar, Event, Condition Operational overlay Test Calls, anyplace where a single aspect of the system can be tested autonomously
Synchronization Mechanisms
Synchronization is the process of making sure that two or more sources of data that are supposed to have the same information, are in fact in alignment. Management of revenue in the Telco involves the synchronization of hundreds of pieces of information across dozens of systems. In a great number of cases, the effective synchronization of out-of-synch systems can save Telcos millions of dollars of jeopardized revenues. The most commonly implemented synchronization activity in the wireless business is the synchronization of the HLR with Billing. Failure to synchronize these two data sources can result in serious revenue loss due to the mishandling of revenue transaction information. In general, activation, provisioning, routing table, rating data, and other information repositories are potentially useful synchronization points.
GRAPA
71
Control Type: Synchronization

Automation Continuity Frequency Triggering Mechanism Where Applied Manual, Semi-automatic , Fully automated Continuous (Ongoing) , Periodic (Regular schedule) and Sporadic (Random sample based) As needed Time, Calendar, Event, Condition Operational overlay HLR to Billing (prepaid/postpaid) to assure alignment in customer information, anywhere that two different data sources must be synchronized in order to assure revenue management integrity
Change Management Procedures

Controls are not only initiated to check on what has already happened. A truly effective revenue assurance group will be proactive wherever possible and anticipate revenue loss situations. In many cases, future losses can be prevented if the organization or operation in question institutes simple change management procedures as part of its operational profile. Some of the more common applications of change management procedures are: 1. 2. 3. 4. 5. Initiation of new interconnect partners or roaming partners Major network modifications Change or replacement of major systems (billing system, mediation system etc.) Implementation of new rate plans Introduction of new products or services
A change management procedure typically consists of several elements including: 1. 2. 3. 4. 5. Checklists (to make sure certain tasks have been done) Tests (techniques utilized to verify that everything is working as it should) Audits (manual verifications of different aspects of the operation) Synchronization Others
Control Type: Change Management Procedure

Semi-automatic Continuous (Ongoing), Periodic (Regular schedule) and Sporadic (Random sample based) As needed Event based (per cycle) Operational Report Review Addition or modification of interconnect or roaming partners, changes in network configuration, changes in systems (version control) or replacement of systems
GRAPA
72
Auto-Adjustment Mechanisms
There is one special version of a control called an auto-adjustment mechanism. In the default case, controls generate alarms and alerts, which are to be responded to as part of the Forensic Process. When the domain of the control is tightly defined, it can be common practice to create a standardized response to certain levels of alert. In these cases, the Forensic Team does not need to be involved in the escalation. The person running the control, or another person in the operational area such as a manager, or a system, can make the adjustment to the operation to compensate for the perceived risk. For example, when a Bill Cycle Auditor discovers problems with billing system ratings, the next step is typically for that analyst to go through a verification sequence. This involves checking the accuracy of the rating tables, verifying synchronization with the HLR, checking the CDRs, and other manual checks. The analyst will be authorized to make adjustments as needed, giving a set of parameters when the identified variance requires escalation to a higher authority. Auto-adjustment mechanisms are powerful and useful, but also difficult to manage; so care must be taken when implementing them.
undeRstanding coRRections
While the topic of corrections could fill volumes all by itself, for the purposes of this standards exploration we will simply review the high level points that are pertinent to Corrections activity. As with controls, the Revenue Assurance Team may or may not be involved in the implementation of a correction. This depends on the Operational Teams capability and managements decisions. It is certainly not common for Revenue Assurance to oversee the implementation of new operations or major systems. However, Revenue Assurance does need to be involved in these processes. Most critically, the Revenue Assurance Team should be assigned responsibility to ensure that all the required controls and compliance for the new operations are implemented correctly, and as part of the design and build process. When a correction is complete, it should be considered as simply another control to be managed and monitored by the Revenue Assurance Team as part of the Controls discipline.
undeRstanding coMPliance and RePoRting (KPis)

The final area to consider under the topic of Revenue Assurance disciplines is Compliance. The discipline of establishing the proper Compliance Management environment will be the most challenging and politically charged of any Revenue Assurance activity.
GRAPA
73
The key to establishing a Compliance Management environment is to understand: 1. 2. 3. 4. Who the recipients are of the different levels of Compliance information What they are going to do with the information (action ability) How to gain cooperation from all the different Operational Teams involved What to do when Compliance does not happen
As in many other cases we have discussed, the ultimate decision about what Compliance to enforce and the methods for structuring and reporting it are an issue of practices more than standards. From a standards perspective we can only identify the different types and levels of Compliance Reporting. We leave it for practitioners to determine which Compliance elements to include and how to manage them.
What is the Reason for Compliance Reporting?

The first question that needs to be answered when setting out to create a Compliance environment is, What is the reason for Compliance Reporting? There are several objectives for the Revenue Assurance Team. The first set is associated with management needs. Major management concerns include: 1. Assurance that all areas of Revenue Risk that have been included within the domain of Revenue Assurance are being monitored as specified. In other words, to assure management that the Revenue Risk exposure is at the level set or lower. Transparency regarding whether there are some areas where the current level of controls is too high. Can I reduce the level of control and monitoring without exposing myself to a significantly greater risk? Understanding how much loss or risk of loss is actually occurring (Alarm and Alert summaries). Providing a clear set of measures that make it easy to understand how well the Revenue Assurance function is being managed.
2. 3. 4.
To create a meaningful set of Compliance Reports and procedures without taking on a huge and disproportionate report expense or flooding management with too much data is a challenging job. The GRAPA Standards identify several areas of Compliance Reporting including: 1. Coverage a. Which domains are included as in scope of the revenue assurance activity? b. For those areas that are in scope, how well are they covered? Conformance a. How dutifully are the Operational Teams complying with their reporting and alarm requirements? b. Are the controls working correctly and who is not administering them as they need to be administered? Alarm Summaries and Detail a. What alarms are occurring? How many? How often? What level of revenue risk is involved? Corrections Follow-up a. Assuring that all specified corrections are being implemented on time and within budget.
2.
3. 4.
As we have stated earlier, the real work associated with Compliance Reporting is done at the point when the controls and corrections are negotiated and approved by management. It is at that point that the Revenue Assurance Team needs to be sure that the proper Compliance infrastructure and rules are implemented.
GRAPA
74
Conclusion
This concludes our discussion of the four Revenue Assurance disciplines and their application in the real world. In the following chapter we will investigate the next component of the Revenue Assurance standards, the Objectives (or Levels) of Revenue Assurance.
GRAPA
75
GRAPA
76
he following table provides the reader with an excerpted view of the GRAPA standards as formally defined in the Standards Document and ratified by the membership January 2009. I. The Revenue Assurance Disciplines b. Controls Management i. Types of Controls 1. Level of Automation (Manual, semi-Automatic, Automatic) 2. Continuity (Ongoing, periodic, sporadic) 3. Frequency (Real Time, Hourly, Daily, Weekly, Monthly, Annual) 4. Triggering Mechanism (Time, Calendar, Event, Condition) 5. Control Type (Audit, Change Control, Threshold Response) 6. Mechanism (Operational Report, Overlay System, Integral Function) ii. Major Controls 1. Audits 2. Operational Report Threshold Response 3. Test Plans 4. Synchronization 5. Change Management 6. Auto-Adjustment Mechanism b. Corrections Management i. Policy Change Changes that entail the change of an operational policy. ii. Procedures Change Changes that require that the way things are done be altered (without need for inter-departmental or systems modifications) iii. Operational Systems Change Changes to the I/T systems that run different operational areas. iv. Organizational Responsibility Change major changes in the assignment of responsibility to different people v. New Department Change a requirement to create a new department or major functional area. vi. Network Operational Change - a change to the way that network operations work vii. New Systems Deployment Change a requirement to deploy a new systems b. I.D. Compliance Management i. Forensics Compliance 1. Tracking of Cases and Domains In Scope a. New Cases / Domains added each month b. Cases closed each month c. Cases carried over this month d. Domains completed this month 2. Annualized Revenue at Risk Discovered this month 3. Annualized Revenue at Risk Containment Plan (Forecasted Risk Reduction0 4. Annualized Revenue at Risk - Recovery In Process (Coverage Plans in Implementation) ii. Corrections Compliance a. Corrections Recommended this month b. Corrections scheduled this month c. Corrections completed this month 1. Annualized Revenue at Risk (Forecasted Recovery) 2. Annualized Revenue at Risk Recovery
GRAPA
77
iii. Controls Compliance 1. # Controls in operation 2. Control Management Compliance (are the people responsible for managing this control doing their jobs?) 3. Controls Activity Reports (ongoing controls reporting activity) iv. Controls Exception Reporting 1. Major Alarms (Revenue at Risk greater than threshold) 2. Minor Alarms (Revenue at Risk within bounds) 3. Non Alarms
GRAPA
78
Chapter 9 -Objectives of Revenue Assurance Activity
Chapter 9 objeCtives oF revenue assuranCe aCtivity
The first dimension in the process of developing our comprehensive definition of the Revenue Assurance operation was to define the Revenue Assurance lifecycle and the four main disciplines that it includes. The next challenge is to develop a consistent and inclusive definition of the objectives for the Revenue Assurance process. As we have stated, it is easy to find highly-generalized statements regarding what the goal of a Revenue Assurance operations should be, such as the protection of revenue streams or to champion the integrity of processes. It is also easy to find anecdotal references such as The goal of Revenue Assurance is to reduce leakage. The problem with these definitions is that they fail to provide us with a clear and quantifiable understanding of what is (and what is not) included in the Revenue Assurance charter.
Definitions that are Too Broad

The extremely broad definitions, which say that the purpose of Revenue Assurance is to assure the integrity of processes, would lead us to conclude that Revenue Assurance is nothing more than business process integrity with a different name. If Revenue Assurance is about process integrity, why do we call it Revenue Assurance? In the same way, setting the objective of Revenue Assurance to be the protection of revenues or the management of risk leaves us with far too much scope to manage.
Definitions that are Too Narrow

Equally harmful and misleading can be definitions that are too narrow. The most comical and overly narrow definition that I have seen states that Revenue Assurance is the process of assuring that all CDRs are billed properly. That would be great if the majority of the revenues for Telcos around the world today were prepaid and did not involve the postpaid billing system or CDRs at all.
Why is an Accurate Definition of Objectives Critical?

Precision in our definition of the goal of the Revenue Assurance activity is the only way that we can set meaningful measures and KPIs for:
GRAPA
79
1. 2. 3.
Evaluating the effectiveness of a Revenue Assurance investment Evaluating the effectiveness of a Revenue Assurance team Establishing reporting and tracking measures to monitor the activity of the group
One might say that the biggest reason for the ambiguity and dissatisfaction with the activities of Revenue Assurance teams is that no one has clearly defined what needs to be accomplished. Problems arise when attempting to define a meaningful and comprehensive definition for the goals of Revenue Assurance. The domain of most Revenue Assurance groups is vast, and the majority of their actions have a clear impact on the assurance of the companies revenues. However, due to the broad range of areas and disciplines involved, it can be extremely difficult to categorize and standardize.
ReMediation, detection and deteRRence (Rdd)

The first characteristic of Revenue Assurance goal setting to consider is that of Remediation vs. Detection and Deterrence. We use the acronym RDD to represent these three areas. Revenue Assurance is commissioned to perform one, two or all three sets of actions depending on the situation and managements tolerance for risk. Remediation is the process of taking action and fixing a Revenue Assurance or Fraud situation that has been discovered. The Revenue Assurance lifecycle clearly identifies corrections, and the initiation of new controls. Both are clear examples of how Revenue Assurance delivers remediation to the business. Detection involves the determination of where problems are and the items that require remediation. The Forensic process as previously defined is dedicated to the discovery, prioritization and escalation of issues that need to be addressed. Deterrence, although we have implied it, has not been specifically cited in our discussions so far. It is the process of preventing the revenue loss from occurring from the start. We have not specified a different function for Deterrence because it can be accomplished using the existing structures. Corrections and controls are not only for Detection but also for Deterrence. The single biggest form of Deterrence is the establishment of a specific response to different alerts and alarms (Detection). For example, SIMBox Fraud Deterrence is accomplished by establishing a SIMBox activity detection mechanism (a Fraud Management system), and then establishing a policy that provides for escalation of alarms. This is intended to elicit a decision about cutting off the account (normal escalation of alarm), or establishing an automated process for handling alarms (auto feedback mechanism). The establishment of a Change Management procedure (control) to prevent loss when a new interconnect partner is added, is a straightforward example of Deterrence activity.
Appetite for Risk and RDD

While Remediation, Detection and Deterrence are important considerations in every Revenue Assurance case, determining how to prioritize them and how much effort to expend on each is also a serious consideration.
GRAPA
80
For example, when a leakage is found in the Mediation System, should part of the remediation process be to repair the code involved and then reprimand the programmers involved? Or should the remediation be limited to making note of the situation without making any change at all? Where should Detection be performed and how much time and effort should be spent on it? When should Deterrence be priority and how much time and effort should it involve? These are questions that should be answered as part of the Forensic Analysis process, and prioritized based on managements tolerance for risk. Managements decision about how the revenue at risk should be handled and overall risk exposure should be effectively ameliorated.
Scope and RDD

A decision must be made about the level of RDD that must be applied to each risk situation. A second decision (as in all Forensic cases) is regarding who is to be responsible for each RDD area. For example, one group could be responsible for Remediation (e.g. management), another for Detection (e.g. Revenue Assurance controls) and a third for Deterrence (e.g. fraud management). Determination of responsibility depends on the area, issues and risk at hand. It is necessary to take note that all three aspects (RDD) need to be considered for each domain or case under review. This is a matter of practices. This is not the time for setting up rules about how to assign responsibilities or priorities.
What Kinds of Cases Should be Included in the Charter for Revenue Assurance?
In other words, what exactly does Revenue Assurance assure against? The RDD dimensions provide us with only one way of looking at what Revenue Assurance is supposed to achieve, (the Remediation, Detection and Deterrence of revenue loss). There are many ways to look at revenue loss, and we need to develop a clear understanding of which aspects of revenue loss are to be considered in scope for Revenue Assurance, and which are excluded. In one sense, everything is related to revenues one way or another. For example, by saying that Fraud Management is a part of Revenue Assurance, we open the door to the argument that employees stealing pencils is a Revenue Assurance issue. In the same manner, indicating that the security of network assets, such as login/password integrity, or protection against tap-in, and the physical violation of assets is a Revenue Assurance concern, opens the possibility of making the physical security of assets and site security as being in scope for Revenue Assurance as well. Clearly, we need a decision of where to draw the line when it comes to defining what aspects of revenue are valid targets for Revenue Assurance activity.
The GRAPA Standards Process and Standard Practices

Not all activities designated as valid and in-scope for Revenue Assurance are totally logical. As president of GRAPA I do not agree with all of them and lobbied to have some of them removed. However, in the final analysis, GRAPA is about the actual practices in the industry. It is also about what revenue managers, CFOs and other professionals are being asked to do, and not what they would theoretically like to see.
GRAPA
81
The point of these standards is to provide us with a solid starting point for discussion. As long as the dialog continues, as professionals, we can make refinements as we determine what works. In the following text I attempt to organize this disparate and eclectic list of Revenue Assurance objectives in a consistent and understandable manner. One way to look at this eclectic basket of Revenue Assurance objectives would be to say that Revenue Assurance has become a revenue related dumping ground for CFOs. In effect, if it is revenue related and you dont have anyone else to assign it to, then give it to the Revenue Assurance person. On the other hand, I believe this trend toward isolating and entrusting Revenue Assurance professionals with such a diverse range of issues is an incredible vote of confidence for the ability these people have. It takes a great amount of mental agility and focus to take on such a broad range of issues, and then to convert the initial chaos into an ordered and assured environment. Where will this end up? Who knows? It is clear that management has a serious need for someone to address the diverse set of revenue risks. The Revenue Assurance professional appears to be the best person available to handle the job.
Who Else is Available?

When viewing the diverse range of issues and trying to apply some rigor to the process of determining who is actually assigning which jobs to Revenue Assurance (and who is not), there seems to be no logical pattern to it. From my observations, the only interpretation that makes sense is that, when an organization has an alternative department that is capable of handling any of these areas, then that department is employed. But if there is no one available when a crisis arises, it becomes a de facto Revenue Assurance issue. Only time will tell whether this pattern will continue. How many more issues and domains will be added to the Revenue Assurance requirements? How will boundaries, expectations and controls around the process be set? That is exactly what the GRAPA organization and this process is all about. The objectives and domains listed here are provided as a reference, and as a starting point for the continuation of the standards development effort, and not as a final answer. This document is not a statement about what Revenue Assurance objectives should be, but what they currently appear to be as a cross section of activities across the world.
the six Mis PRefixed categoRies

The current inventory of areas considered within the scope of Revenue Assurance groups around the world can be summarized as falling under six general categories. These six categories define the types of cases that Revenue Assurance teams are being asked to manage, and the operational exposures they are addressing in the development of coverage plans for different domains. Each of the categories, summarized in the table below, is characterized by starting with the prefix mis. This prefix is defined in dictionaries as to do badly or wrong. So these categories indicate something done poorly or in the wrong way.
GRAPA
82
Terminology and Examples Leakage Fraud Margin or Rate Plan Assurance New Product Assurance Asset Utilization Assurance Market Assurance (Churn)
Assure Revenues Against: Mis-handling of revenue transaction information Mis-appropriation of funds or services Mis-interpretation /mis-representation of the revenue stream Mis-alignment of the product planning process Mis-deployment of assets (Maximization of asset allocation) Mis-interpretation and/or mis-prediction of customer behaviors (Optimizing churn remedy decision-making)
The rest of this chapter will provide a quick summarization of each of these areas. This includes the rationalization for their inclusion, examples of how Revenue Assurance approaches them, and adds value.
leaKage ManageMent
By far the area of assurance most readily associated with Revenue Assurance is the management of leakage. But, for the nonTelecommunications professional, and even for many who have Telecommunications experience, there is a lack of clarity about how leakage is defined. In its simplest form, leakage is the loss of revenue due to a mishandling of the revenue transaction information by systems, people or processes. There is a significant body of knowledge and writing about leakage, including its causes and effects. This includes how bad it is, and how easy and/or how difficult it is to detect, deter and remediate. In the final analysis, Revenue Assurance (in no small way) is still about leakage. The key to leakage management, as in all areas of Revenue Assurance, is to develop an understanding of the following: 1. 2. 3. 4. 5. How the revenue loss occurs (root cause analysis) Estimating the extent and future value of that loss (quantification of revenue at risk) Determining alternative methods to protect against the risk Deploying corrections and controls to make that happen Monitoring and continuous review of controls to keep the risk in line
There is no one who will argue that leakage management does not belong in this list. In fact, the only controversy surrounding this particular aspect of Revenue Assurance is whether it should be the only aspect.
KPIs for Forensics, Controls and Corrections for Leakage

The first set of KPIs that can appropriately be assigned to this area, as is true for all areas of Revenue Assurance, is to measure how effectively the Revenue Assurance team is managing the entire lifecycle. This should include KPIs to measure Forensics, Controls and Corrections Activity.
GRAPA
83
Measures of Operational Activity for all Revenue Assurance Activities Activity Forensics Controls Measure of Operational Efficiency # New cases/domains initiated # Cases/domains closed # Controls created # Alarms/alerts handled # Corrections initiated # Corrections completed Activity level reported Measure of Effectiveness Amount of revenue at risk reported (RAR Forecast) # Alarms/alerts handled (ROI based on RAR) # Corrections implemented (ROI based on RAR) Forecasted Risk Containment due to Compliance Enforcement (Based on RAR Forecast)
Corrections
Compliance
The measure of the effectiveness of the leakage containment activity must ultimately include:
1.
2.
3.
Remediation Activity Corrections KPIs How many cases of leakage were uncovered and resolved as a result of the corrections activities? What was the value of the revenue at risk associated with the leakage, and what was the net benefit to the Telco as a result of that correction? This is based on the Revenue at Risk reported in the Forensics Findings Report and the cost of the corrections activity that eliminated or reduced the risk. Detection Activity Forensics and Controls KPIs How much revenue at risk was discovered through the combined activities of forensics analysis and alarms as far as the number of leakage cases reported? This value can be derived from the sum total of the revenue at risk and alarm levels reported. Deterrence Activity Controls and Compliance KPIs How much revenue loss was prevented due to the Revenue Assurance activities implemented? This can be derived from a combination of forecasts of loss provided by the revenue at risk value and the compliance report, which verifies that the control or correction has been effective.
GRAPA
84
fRaud ManageMent
The second area of consideration is Fraud Management. While leakage management is undeniably within the purview of Revenue Assurance there is dispute regarding Fraud Management. There are three strong cases to be made for placing a large portion of Fraud Management under the Revenue Assurance umbrella. 1. It is an established fact that the majority of fraud cases are discovered by organizations that understand and make use of standard revenue protection controls. In other words, good Revenue Assurance controls are the best Fraud Management controls. Statistics show that standard revenue protection controls are the number one revealer of fraud, much higher than the fraud cases uncovered by audit, and slightly greater than the cases revealed by whistle-blowers and outside reports. The logic is clear. GRAPA benchmark surveys have revealed that over sixty-percent of Telcos worldwide place the Fraud Management group, or at least a major part of it, under the Revenue Assurance department. Another thirty-percent place Revenue Assurance and Fraud Management as peer organizations under the CFO, a Risk Management group, or some other related risk oversight organization. In short, we include fraud as a part of Revenue Assurance because most carriers treat it that way. The Revenue Assurance lifecycle specified here and the different disciplines involved are as applicable to the organization of a Fraud Management operation as they are to that of a Revenue Assurance group. In summary, there is significant economy of scale and efficiency to be gained by strategically blending Revenue Assurance and Fraud activities. For example, the majority of controls that a Fraud Management team requires for the review of internal fraud are exactly the same controls that the Revenue Assurance group needs to assure revenues. Why build the controls twice, or double up on the compliance activity?
2.
3.
Integration of Fraud and Revenue Assurance activities is greatly simplified with a good understanding of the Revenue Assurance lifecycle. What does it mean to integrate Fraud and Revenue Assurance? Who will handle Forensics? More importantly, what are the forensics associated with Fraud and how are they different from those required for Revenue Assurance? Can you easily train a Forensics Analyst to assess both leakage and fraud risk, or do you require a completely separate set of skills? When managing controls, do you need a separate person setting up controls for each? Who is monitoring those controls? How can one person be utilized to double the efficiency of the operation? There are fraud controls that require a specialized Fraud team to manage the Fraud Management systems. The physical network element security and other areas require specialists. And the operational leverage from integration is very high and is an important consideration.
KPIs for Forensics, Controls and Corrections for Fraud

It should come as no surprise that, under the structure provided by the Revenue Assurance lifecycle, reporting on the effectiveness of Fraud Management activities is both consistent and equally meaningful. Part of the beauty of this consolidated view is that management and the Revenue Assurance team are able to do a side-by-side equivalent measure of the effectiveness delivered by both the fraud and leakage containment efforts.
GRAPA
85
Since all of the measures are being turned into a common unit (Revenue at Risk for a specified / forecasted period of time), management has the ability to clearly compare the effectiveness of each effort. This will include: 1. 2. Remediation Activity Corrections KPIs How many cases of fraud were addressed and resolved and what value was delivered to the business as a result? Detection Activity Forensics and Controls KPIs How much revenue at risk of fraud and actual fraud was discovered through the combined activities of Forensics Analysis? Deterrence Activity Controls and Compliance KPIs How much fraud loss was prevented due to the activities implemented?
3.
MaRgin and Rate Plan assuRance

Assignment of leakage responsibility to a Revenue Assurance function invokes little controversy, and alignment of Fraud with Revenue Assurance is more of an internal political and organizational issue, rather than a truly functional one. The inclusion of the margin and rate plan assurance, however, pushes the boundaries of the definition of Revenue Assurance. The first and most common application of Revenue Assurance to margins has appeared in the Interconnect area. In Interconnect, the number of different rate plans, the complexity of the cost models, and the volatility of the operational environment have left many Telcos with a range of interconnect service offerings that generate a negative cash flow. In other words, for every dollar of interconnect service they sell, they actually lose money. The Forensics involved with this kind of revenue loss can be complex. This is because the cost of an interconnect minute will include the wholesale rate paid to the partner and the cost of the trunk group or other mechanism that connects the two carriers. As in most cases, the reason that Revenue Assurance is assigned the task is because: 1. 2. 3. It is complicated, requiring a knowledge of network topology and architecture, complex contractual arrangements, and multi-organizational operational process issues It involves revenue and a potential loss of revenues There is nobody else qualified to take it on
As in the case of Fraud, the management and measurement of this activity is consistent with the overall Revenue Assurance lifecycle and measures defined. In some cases of suspected revenue loss due to an interconnect margin problem, it is assigned to the Forensic Analyst for review. In other cases, where management suspects there may be a problem, the entire domain will be assigned to Revenue Assurance. In either case, the Forensic Analyst will investigate the situation utilizing risk, exchange, process, and systems analysis. Once the situation and environment is fully understood, the analyst will perform a numerical analysis to determine if there is a problem.
GRAPA
86
Based on its findings, the Forensics Team will: 1. 2. 3. 4. 5. Recommend changes in policies and procedures (how contracts are negotiated) Suggest creating some new operational procedures or reports to check on the condition Recommend that a new control be established to track rate changes Recommend that a new change management procedure be established to assure accurate tracking of interconnect network topology changes Suggest any number of other remedies
It is clear is that these types of outputs fit the structure of the Leakage and Fraud Domain Management approaches exactly.
Beyond Interconnect Margins Rate Plan Assurance

Once management realized how effective the assurance of interconnect margins was, it did not take long to recognize that assurance of other margins, such as roaming and content, would also be beneficial. As a result, the scope of Revenue Assurance was expanded into this area. Once the momentum started, it became clear that there was an even greater risk to revenue that many Telcos had to confront. This was the risk associated with the viability and profitability of rate plans. Although the issues associated with Rate Plan Assurance are different from those associated with margin assurance, there are many assumptions and conditions that are the same. Under a typical rate plan risk scenario, Marketing Teams make recommendations for rate structures based on a set of conditions that may (or may not) prove to be value. Since there is no Finance/Revenue Assurance based framework for assuring that rate plans are proposed and computed in a consistent and effective way, Telcos can end up with rate plans that ultimately cost them money. There are several different kinds of risk/loss scenarios associated with rate plan risk, as described in the following sections.
Bundle and Subsidy Rationalization

The Telecommunications industry is famous for its love of the subsidized marketing offering. Telcos will give away handsets, modems and minutes of service as incentives to customers to sign up for a rate plan or try a new service. Indeed, subsidy programs like this have proven to be very successful in the past. Unfortunately, consumers do not always react in a way that pleases marketers. In these cases, while the basic assumptions associated with the offering might have been sound, the fact that consumer response is different than anticipated could mean that the company would lose money on each sale. For example, one carrier I know of gave away a $400 handset, based on the assumption of an ARPU of $40 a month and a return period of 10 months. When the carrier launched, however, the customers spent less than $10 a month, meaning that the pay back period was several years and the net effect of the program in the short term was a substantial loss. The question is, who is in charge of tracking these situations and assuring management that bundles and subsidies are calculated accurately? Who makes sure that the actual sales are tracked against the marketing forecast to verify that the program is delivering as promised?
GRAPA
87
The answer for many organizations has been to assign this responsibility to the Revenue Assurance group.
Cannibalism
Cannibalism is another tricky and often damaging consequence of unexpected consumer behavior. When marketers propose rate plans and programs, they usually create their forecast of the value of the offering based upon the net adds, that is, the number of new customers that will be attracted to the program. What is often not considered is the fact that new rate plans are usually available to existing subscribers as well as new customers. An attractive program launched to generate one million new customers may actually attract no new customers, but instead converts one million existing customers to the lower plan. The result is a money loser, not a revenue generator. Again, a consistent, independent monitoring of the rate plan forecasts and actual results is critical to genuine success.
The Revenue Assurance Lifecycle and Rate Plan Assurance

While the specific knowledge and methods utilized for Rate Plan Assurance are different from those of Margin Assurance, the basic discipline is the same. First, perform Forensic Analysis to gain a good understanding of the environment. Then develop a set of controls and or corrections based on the problem. Usually, implementation of Rate Plan Assurance for the first time includes: 1. 2. 3. Development of controls that most often are a set of reports, tracking how well the rate plan authors forecast is holding up, and the difference in revenue due to that variance Development of a change of process associated with the way that rate plans are rationalized Creation of a change management procedure that requires rate plan developers to submit their cases to Revenue Assurance for verification and alignment
The expansion of the scope of Revenue Assurance to include rate plan and margin assurance is significant for several reasons. 1. 2. 3. 4. It signals a new level of trust and sophistication in the role of Revenue Assurance. It represents a more complex framework for implementation. It moves Revenue Assurance into domains where the Revenue Assurance delivered can be significant and expands scope into the Marketing and Forecast of Revenues areas. It provides for a much more proactive and high value positioning for the group.
new PRoduct develoPMent assuRance

The next logical step, based on our previous discussion, would be to expand the scope of Revenue Assurance into the assurance of new product development. As in the previous cases, the assurance of new products is a complex, multi-disciplinary job where no one else seems to have the appropriate skills and tools to do an effective job. The assurance of new product development is actually an easy and logical fit for Revenue Assurance.
GRAPA
88
Assurance of new product development requires that the person doing the assurance understands: 1. 2. 3. 4. Network technology and topology Billing architectures (prepaid and postpaid) and how they work Revenue streams and their management Pricing and Sales Forecast Assurance
With the inclusion of margins and rate plans in the Revenue Assurance charter, we have a team that is perfectly positioned and equipped to take on the responsibility. It was not long ago that Revenue Assurance teams were fighting to get themselves included in the product development process. With the rapid implementation of more and more technologies, business models, marketing schemes, and operational innovations, Telco managers have learned the hard way that, without a qualified revenue management specialist involved in the final signoff on the rollout, the chances of losing money because of misalignment of the many different aspects of the process are very high. Products that are designed without the requisite hooks into the Telcos existing revenue streams (both prepaid and postpaid) might be very popular with customers, but extremely difficult to bill and manage. The history of Telco Revenue Assurance is loaded with examples of carriers who have deployed products too quickly, and without enough Revenue Management scrutiny. This resulted in deployment disasters when the product was released.
Product Assurance Components

Product assurance involves the same processes as any other Revenue Assurance activity. First, a Forensic Analyst must become involved in order to develop an understanding of how things are going to work. Risk, Exchange, Process and Systems Analysis are required to develop a clear, well-rounded picture of the new product deployment. Also critical to the success of any new product deployment is the effective generation and tracking of the rate plan and pricing models. Many anticipated new product roll-out success stories turned into financial disasters when the market reactions were measured. In most organizations where Revenue Assurance has become a standard part of the new product development team, the Revenue Assurance group develops a Change Management procedure associated with each product proposal. This procedure may involve standard forms and checkpoints that the new Product Development Team must meet in order to get the product approved for release. In some aggressive environments, the Revenue Assurance Team has developed a complete set of what are in effect the User Acceptance Testing criteria for the products function. This again pushes the boundaries of what we might consider to be in scope for Revenue Assurance, but I have spoken with several Revenue Assurance Managers who have taken on this responsibility. The best rationalization I can apply to this is -- to test the product features and functions to ensure they are being billed correctly. This is a Change Management and Assurance Operation. As with many Revenue Assurance issues, it turns into a discussion about Who should do it? rather than Should it be done? Again, this is an issue we address in the Operational and Organizational Principles portion of the standards.
GRAPA
89
MaRKet assuRance (chuRn and MaRKet eRosion)

As we have proceeded from margin to rate plan to new product assurance, the Revenue Assurance Team continues to add to its expertise and scope while staying within the bounds defined by the Revenue Assurance Lifecycle and the Four Disciplines. As is true with all the other objectives we have discussed, the inclusion of Market Assurance (or Churn) retains this operational consistency. Including Churn Management as a valid objective for Revenue Assurance generated the biggest pushback, from me and from a number of other members. However, there are a number of Revenue Assurance departments that have provided at least partial responsibility for Churn. Since the membership has overwhelmingly voted to include it along with the rest of the standards, we are including it here. We are also striving to integrate it into the Operational model. The rationale for including Churn Management in the charter of Revenue Assurance must be viewed at the highest level first. The scenario that I envision is described in the following paragraphs. A company spends months or years, and millions of dollars in developing and earning a market and that markets share. The competitive environment suddenly changes. New carriers arrive. New services are presented. Now the revenue stream of the company is threatened. There is no doubt that Churn represents a significant source of revenue loss. Indeed, Churn is probably the biggest source of revenue loss that a company can suffer. Since we are in the business of assuring revenue, it is important for the Revenue Assurance Team to examine and assure this area. When looking at the continuum presented by margin, rate plan and new product development, we see a clear pattern that points to the ultimate revenue loss situation.
How Do You Assure Against Churn?

Putting aside the philosophical debate about whether Churn should be included in the scope of Revenue Assurance, we should now examine the Revenue Assurance teams role. We have established a clear methodology and structure from a Revenue Assurance point of view. We also need to look at the Churn problem in terms of the following: 1. 2. 3. 4. Revenue loss or the risk of revenue loss Addressing the Remediation, Detection and Deterrence of that loss Addressing the forecast of the ultimate revenue at risk involved in the situation Developing corrections and/or controls to help ameliorate that risk
We will now consider each of these in more detail from a Revenue Assurance perspective.
Determining the Loss and Risk of Loss Associated with Churn

Once we submit the domain (Churn) to a Forensic Analysis, the first step is to perform a high level risk assessment to determine if the area represents a risk or loss that is large enough to warrant the in-depth Forensic review. To do that, the Forensic Analyst will need to conduct some serious research.
GRAPA
90
The easiest way to determine the loss associated with Churn would be to view the reports written by the Marketing, CRM or Data Warehouse/Business Intelligence group that track the churn numbers for the firm. If such reports exist and are accurate, then the Forensic job is simple. It would involve looking at the current history of loss, noting the trend, creating a quick 12 month forecast, and reviewing the annualized revenue at risk number. If this number is larger than any of the other Revenue Assurance cases currently under review, then including Churn in the portfolio of domains is justified. Unfortunately, there are many if statements in that last sentence. What if there is no report about Churn available, or what if the report has results that are highly suspect? In such cases, the Forensic Analyst will need to perform the Process, Exchange and Systems Analysis to obtain the real numbers. Churn management and Churn reporting is a complex and highly sophisticated activity. But then again so is the assurance of a billing system or a switch. The Forensic Analyst will require a special set of skills and knowledge, but that is always true. In many cases, the only way to generate a truly meaningful forecast of Churn (in order to report the annualized revenue at risk) is through employment of sophisticated statistical methods. These methods are already included as part of our Forensic Methodology. Assuming that the Churn situation is serious, the Forensic Specialist needs to go about the process of defining the appropriate remedies. A common set of controls and corrections associated with churn management includes the following: 1. Creation of an application or data warehouse, which reports to management the history and forecasted loss due to Churn for a 12 month backward and forward period. This report is a foundational control and becomes the main control for other activities. Establishment of a procedure for the review of all Churn Management proposals by Marketing or CRM. This Change Management procedure is similar to the ones initiated for Rate Plan Assurance and New Product Development Assurance. They typically consist of a checklist of issues and aspects that must be considered with any Churn-based initiative. This requires that the initiative be traceable to an Impact Forecast, which is then measured. Ongoing tracking of the risk of Churn, the losses due to Churn, ongoing recommendation of remedies (changes in operations, policies and procedures), and controls.
2.
3.
Revenue Assurance groups that have taken responsibility for Churn have been very successful for the most part. I believe this is due to their revenue-based view of the problem, rather than a marketing-based view (emphasizing headcount and short term sales) or a CRM-based view (emphasizing customer satisfaction versus revenue actually delivered). The Revenue Assurance Team can add value to the business in the management of churn, but this currently represents the leading edge of frontiers that Revenue Assurance is addressing.
asset utilization assuRance

In addition to the marketing related continuum of objectives for Revenue Assurance, there is another angle on revenues that many Revenue Assurance teams are being asked to address. This is the area of Asset Utilization. Asset Utilization assurance is the process of ensuring that all revenue producing assets are being deployed for the maximum revenue impact. This can include positive measures -- changing of asset location or pricing in order to generate more revenue for the firm, or negative impacts -- tracking how much revenue is being lost due to failed assets and developing strategies to minimize those losses.
GRAPA
91
At this time, the majority of the excursions into these areas focus on network elements (switches and/or BTSs), but there is no reason to assume that it needs to be limited to these areas. This discipline is applicable any place that an asset is critical to the generation of revenue.
BTS Outage Assurance

Once the Revenue Assurance group has taken responsibility for ensuring that management is aware of the amount of revenue lost each time a BTS goes out of service, the team tracks the outage of BTSs over time, assigns a value to each minute of BTS service, and provides a weekly report on lost revenues. This information can be extremely helpful in a number of ways. 1. 2. It lets management know how much revenue is lost due to that condition. It provides the Revenue Assurance Team with a foundational report (control) against which corrections can be designed.
RDD and Asset Utilization

When it comes to Asset Utilization assurance, there are the same three missions to address: 1. 2. 3. Remediation Developing a strategy for handling situations where the outage of the asset generates more revenue loss than management has labeled acceptable. Detection Establishing controls (reports) that provide tracking of the up and down times, and a set of alarm/alert procedures for handling them Deterrence Making use of the control information to determine how to prevent the losses from recurring (with better Mean Time to Repair (MTTR) targets, better equipment, redundant network coverage or other mechanisms).
the fluid and exPanding scoPe of Revenue assuRance objectives

The six areas documented here represent our organizations current approximation of the state of the art in global Revenue Assurance practices. As stated, we expect that over time (in many cases just a few months), objectives will be added and dropped as the industry and profession gets its bearings on this exciting new way of managing revenue and risk.
GRAPA
92
he following table provides the reader with an excerpted view of the GRAPA standards as formally defined in the Standards Document and ratified by the membership January 2009.
II. Objectives for Revenue Assurance Activity a. Leakage Management the process of monitoring for, detecting and remedying revenue leakage i. Loss due to system error revenue losses caused by errors in programming or systems design ii. Loss due to operational (human) error revenue losses caused by errors in the way processes are executed b. Fraud Management Intentional acquisition of money, services, assets or advantage through illegal means i. Fraud Responses three domains of fraud management activity 1. Remediation fixing the exposure / risk 2. Detection discovering where it is occurring 3. Deterrence preventing it from happening ii. Sources of Fraud Who performs fraud 1. External a. Criminal b. Hobbyist/Amateur c. Opportunist d. Terrorist 2. Internal a. Criminal b. Opportunist iii. Objective of Fraud Why people do fraud 1. Cash / Money 2. Services 3. Misdirection / Misinformation iv. Domain of Fraud - where is fraud management practiced , in what operational areas? 1. Network 2. I/T Systems 3. Processes / Operations 4. Customer Based c. Margin and Rate Plan Assurance Assurance of pricing plans and arrangements against revenue loss (negative margins) i. Interconnect Margin Assurance Assurance of the Interconnect Line of Business 1. Retail Margin Assurance 2. Wholesale Margin Assurance 3. Trunkgroup Expense Rationalization Analysis ii. Rate Plan Assurance Assurance of Traditional Rate Plans 1. Cannibalization Analysis 2. Direct Rationalization Assurance 3. Margin Evaluation
GRAPA
93
iii. Bundling Assurance Assurance of Bundles 1. Direct Rationalization Assurance 2. Margin Evaluation iv. Subsidy Rationalization Assurance Assurance of subsidy programs d. New Product Development - Assurance of new product development i. New Product Pricing Assurance - Assuring product developer pricing assumptions 1. Margin Evaluation 2. Direct Rationalization Assurance 3. Forecast / Performance Track ii. Revenue Management Chain Alignment Assuring the alignment of new products into revenue management architecture 1. CDR / Transaction Capture 2. Mediation Alignment 3. Billing Alignment (Postpaid) 4. Billing Alignment (Prepaid) 5. Service Level Compliance and Alignment 6. Point of Sale / Channel Alignment 7. Provisioning/Activation Alignment 8. Credit / Fraud Risk Alignment iii. Supplier/Partner Compliance and Alignment Assuring partnership arrangements 1. Settlement Architecture 2. Settlement Tracking 3. Settlement Alignment and Compliance 4. Supplier/Partner Margin Analysis e. Market Assurance (Churn, Brand Erosion and Technology Obsolescence Assurance) i. Market Sizing Techniques for determining the presence and assessing the risk of revenue loss 1. Market and Revenue Size Analysis 2. Market Erosion Impact Measurement ii. Market Erosion Root Cause Analysis 1. Churn Reason Codes 2. Churn Reason Analysis 3. Product Feature/Function/Fit Analysis iii. Churn Prediction and Forecasting iv. Market Share Analysis v. Churn Remedy Alternative Development vi. Churn Remedy Effectiveness Analysis f. Asset Utilization Assurance i. BTS Outage Assurance 1. Remediation of BTS Outage 2. Detection and Measurement of BTS Outage 3. Rationalized Deterrence and Prevention of BTS Outage ii. Network Element (NE) Outage Assurance 1. Remediation of NE Outage 2. Detection and Measurement of NE Outage 3. Rationalized Deterrence and Prevention of NE Outage
GRAPA
94
Chapter 10 -Domains and Scope Management
Chapter 10
doMains and scoPe ManageMent
With the definition of the disciplines and objectives of Revenue Assurance we have almost completed our exploration of exactly what Revenue Assurance is. In this chapter, we will examine the remaining component, which is the Domains and Scope Management. As we have seen, Revenue Assurance practitioners need to take a multi-disciplinary approach to the various revenue risk situations they are asked to address. They may have to cross many different organizational and operational boundaries to determine the nature of the situation and the best way to address the problem. With so many different areas, disciplines and issues involved, it can become difficult to know what is in scope for Revenue Assurance and what is out of scope. There are several risks associated with this situation. 1. 2. There is a risk that management (either implicitly and or explicitly) will assign vague and broadly-defined revenue risk responsibilities to the Revenue Assurance group without considering the possible consequences. It becomes exceedingly difficult to draw the operational and responsibility boundaries between the Revenue Assurance group and the operational groups they serve, as well as the delineation of responsibility between Revenue Assurance and the other risk management groups, such as Internal Audit. The lack of clear boundaries makes planning, capacity forecasting and management extremely difficult for the Revenue Assurance Team.
3.
Most Revenue Assurance groups find it difficult to define clear lines of responsibility. The GRAPA Standards establish a set of principles around the actual declaration and acceptance of responsibility for an area, along with standard methods for establishing the boundaries.
Defining Scope by Function and Responsibility

Clearly, the first step needs to be is the decision about which organization will be responsible for each Revenue Assurance function. For each area that is to be considered as part of the Revenue Assurance scope, it is necessary to assign responsibility for disciplines. This includes Forensics, Corrections, Controls Management and Compliance, along with Remediation, Detection and Deterrence. Equally important is clarity about who is responsible for attaining the objectives of the activity, including leakage, fraud, margin, new product, asset utilization, and market assurance.
GRAPA
95
Assigning responsibility to an area by function and objective can provide a definite assist, it is not enough. Revenue Assurance issues are so broad, and the Telecommunications operational model is so interdependent and complex that you could almost take any issue to justify assurance of the entire organization.
Starting with the ETOM model

Luckily, we do not have to start from scratch on this issue. The Telecommunications industry is fortunate enough to have a starting point. The ETOM model, developed by the TMF (Tele Management Forum), provides Telco professionals with a simple set of guidelines for decomposing the complex and interdependent quagmire that typifies the Telecommunications environment. The ETOM starts by dividing the Telco organization into two dimensions, the vertical and horizontal. Vertically, the Telco is divided into three major functions: 1. Fulfillment Processes associated with taking customer orders and provisioning the network so that the customer can make use of that service 2. Assurance Processes in place to assure that customers are getting the services they have ordered in alignment with the agreed service level 3. Billing The process of assembling transaction information and collecting for services delivered Running horizontally across these vertical dimensions are the three areas: 1. Customer Management All activities that are focused on the direct interface and servicing of the customer. This includes the sales portion of Fulfillment, the call center portion of Assurance, and the invoicing portion of Billing. 2. Service Management All activities associated with provisioning, assurance and billing of each individual service across the Vertical Domains 3. Network Management The management of network elements in support of the three vertical areas Under the ETOM model, all operations of the Telco fall under these two dimensions.
GRAPA Vertical and Horizontal Domains

Although GRAPA has not incorporated the ETOM model directly into its method of domain definition, the Vertical vs. Horizontal Domain organization is certainly included as a highly useful tool. Under the GRAPA Standards, there are then two ways to declare a domain for Revenue Assurance, vertically and horizontally. Vertical Domains are systems or operations that are involved in revenue management and through which several different revenue streams can flow. For example, mediation, a postpaid billing system, a prepaid billing system, sales channels and customer service are Vertical Domains and these Vertical Domains define one way to set domain boundaries. Declaring a Vertical Domain to be in scope for a Revenue Assurance effort means that we will take responsibility for assuring that the revenue loss or risk of loss is known and analyzed for all revenue streams that go through that system. We will also assure that it is subject to appropriate controls for the various objectives set by management. By standardizing the definition of Vertical Domains, the Revenue Assurance professional is able to establish standardized approaches for defining, assuring and managing that domain. Declaring clear boundaries around the Vertical Domains also makes it easy for organizations to draw up the lines of responsibility for different functions. This greatly assists with inter-organizational challenges. Vertical Domains can be well recognized OSS or BSS applications or components, but they can also be operational areas.
GRAPA
96
veRtical doMains
The GRAPA Standards recognize the major categories of Vertical Domains listed below. The inventory of Vertical Domains includes systems, BSS or OSS components, operational areas, or departments. Under the GRAPA Standards, each of these domains can be broken down into sub-domains based upon various criteria, as described in the following sections.
Network Domain
The network domain includes all elements in the network environment that are directly associated with revenue generation and or capture. For example, a circuit switch that generates CDRs will be included; a transit switch usually will not. The Network Domain can be further divided into sub-domains by: Geography Brand/Model/Age of Network Element Product/Service Payload Topology Line of Business
Breakdown of the network domain by these sub-domains makes the definition and organization of Revenue Assurance activities easier and more consistent in how they can be applied.
BSS and OSS Systems

Included under the category of BSS/OSS systems are all of the operational applications that participate in the process of capturing, transporting, or processing revenue transaction information. Mediation Systems Postpaid Billing Systems Prepaid Billing Systems Interconnect Billing Systems Roaming Billing Systems CRM Systems Customer Management Systems Point of Sale Systems Provisioning Systems Sales Channel Management Intelligence Network Applications SMSC, MMSC WAP Servers Radius Servers
GRAPA
97
Many Telcos have one or at most two applications of the same type in their BSS environment. For some, however, the architecture can become much more complex. When that happens, the number of systems may expand drastically and the sub-domains are then typically defined via: Brand/Model/Age of software Alignment of systems with network sub-domains Geography Line of Business
Operational Areas
Systems are not the only kinds of Vertical Domains to be considered. We can also include operational groups (departments or sub-departments), based on their revenue management role. An area is a candidate for Vertical Domain status if it meets either of the following criteria: Its primary function is a critical aspect of revenue management It manages more than one product or service Some of the more commonly included operational Vertical Domains include: Collections Management Credit Management Point of Sales Operations Sales Channel Management ATM and Banking Channels
Vertical Domain Controls

Although there are differences between various Vertical Domains, some consistencies and economies of scale can be gained. GRAPA practitioners have managed to identify some approaches that are easy to remember and apply to the assurance of Vertical Domains that transfer well between domains. These include: Transaction Transport Assurance Transaction In / Transaction Out Assurance FSEC (Filter, Suspect, Error, Consolidate) Rating Assurance
These disciplines and controls, and the dozens of others like them can be applied to almost any vertical domain. This helps to standardize the assurance of the areas, and the creation of standard controls that are consistently defined across the organization.
hoRizontal doMains
The other way to divide up the Revenue Assurance responsibility is by the Horizontal Domains. A Horizontal Domain consists of all transactions involved in the capture and processing of revenue information for a particular subset of revenue transactions in the organization. The smallest possible Horizontal Domain would be one phone call, or one data transport. In other words, a single billable transaction is the most granular example of a horizontal domain.
GRAPA
98
Horizontal Domains are typically organized in a way that makes sense for management in an operational and economic context. The most common are segregation by product/business or by customer/market. Ultimately, any horizontal definition of domain is a way to identify a specific stream of revenue, and to provide assurance for that entire stream as it flows through the different vertical systems and operations that help in the management of its revenue. Some examples are included in the following sections.
Line of Business Domain

At the highest level, management can set aside an entire line of business as a starting point for Revenue Assurance scope delineation. There are organizations, for example, that specify that Revenue Assurance is responsible for wireless but not wireline, or for voice but not data. This delineation, though high level, gets everyone working within the context of the explicit boundaries of the Revenue Assurance function.
Product Line Domain

Within the context of a specific line of business, the Revenue Assurance team can be further focused by product line. It is in fact standard practice for most Telcos to differentiate between each product line as one of the first levels of scope definition in Revenue Assurance. The breakdown of the different responsibility areas of Revenue Assurance by product line aligns well with the practice of revenue stream mapping, which is covered later in this chapter. Examples of product lines include: 1. 2. 3. 4. 5. Interconnect (International) Interconnect (Domestic) Roaming aDSL IPTV
The novice Revenue Assurance practitioners soon realize that each product line has a unique set of conditions, constraints and operational components. These force the professionals to develop mechanisms that isolate each product line and assure it independent of the others.
Rate Plan Domain

We can decompose horizontally to the absolute lowest level (a single transaction), which typically is the rate plan. Assuring a specific rate plan involves making sure that all aspects of the plan (operational, financial, strategic, and economic) make sense and are in alignment with managements risk tolerance.
Market and Customer Domains

Not only can we create a Horizontal Domain based on certain products or transactions, we can also delineate by type of customer. There are generally very diverse Revenue Assurance support requirements for large corporate, small and medium business, and consumer customer groups.
GRAPA
99
In larger Telcos, this delineation might actual break down to the point of assuring customer segments differently. Certainly, when we begin looking at issues like churn, then market segment-based domain definition will make a lot of sense.
Taxonomy of Horizontal Domains

A taxonomy of some of the more frequently employed horizontal delineation mechanisms, and their sub-domains, includes a wide range of different products and services. The taxonomy for most carriers will be unique and will need to be organized in the most sensible manner. Following is an example of a portion of a typical taxonomy listing. Cable o Postpaid Internet Access Video Programming Prepaid Internet Access Video Programming On Demand Video Programming Data Bonus
Wireline o Postpaid Voice VAS aDSL Dialup IPTV Streaming Wireless o Postpaid Voice VAS Data SMS MMS IPTV Streaming GPRS
GRAPA
100
Prepaid
Voice VAS Data SMS MMS IPTV GPRS
Revenue MaPPing
One of the most useful and most often utilized of the GRAPA standard practices is a technique known as Revenue Mapping. Revenue Mapping is the process of determining exactly which systems and operations (vertical components) are involved in the management of revenue for a specific revenue stream (horizontal component), and then creating a physical map that allows Revenue Assurance professionals to develop a much better understanding of the following points: Exactly where and how revenue flows through the organization Where the biggest risks to revenue are, on a horizontal and vertical basis
The Revenue Mapping procedure is executed as follows:
1. Define the Horizontal Domain for the Mapping Exercise

The first step in this process is to determine which domains are to be included in the mapping operation. This will typically be the highest level Horizontal Domain that defines the scope of the Revenue Assurance group. Typically, a separate mapping will be done for each line of business, depending upon how many shared operational components there are between each line. If the wireless and wireline businesses share the same mediation, billing and interconnect operational environments, then the case could be made for creating a very large Master Map. In most cases, however, different lines of business share few if any components, making the separation by line of business an easy and logical one.
2. Decompose the Domain into Revenue Streams

Next, the practitioner breaks down the selected Horizontal Domain into each of its different revenue streams. Basically, a revenue stream is a clearly defined separate group of transactions that follow the same trail across the Revenue Management infrastructure. For example, prepaid local voice is a different stream than postpaid local voice because management of the transactions is handled by different billing systems. Therefore, a different Revenue Management stream must be considered. In the same way, interconnect, roaming, SMS, and data are all separate revenue streams. There are overlaps and, hopefully, a large degree of shared infrastructure, but for Revenue Mapping we must understand each stream separately.
GRAPA
101
Confusion about where revenues flow creates a great deal of the complexity and error proneness of Telecommunication revenue streams. Many people simply assume that all Telco revenues flow the same way, when in fact each revenue stream can be unique. One of the main objectives of Revenue Mapping is to clarify the reality of the companys Revenue Management topology.
3. Obtain Revenue Numbers for Each Revenue Stream

The Revenue Assurance practitioner then gathers up as much information as possible about each revenue stream. At least 12 months of history and 12 months of revenue forecast should be obtained for each stream. These revenue numbers are utilized to assign actual values to the map components.
4. Create a Revenue Map for Each Revenue Stream

Once the streams are identified and the values obtained, the analyst it ready to begin the process of creating the actual Revenue Map. The map is typically a diagram with a separate symbol (a square or a diamond to represent a switch and a rectangle to represent a transaction, for example) for each component involved in the management of revenue for that revenue stream.
a) Identify the Point of Revenue Transaction Management

The first step in the process is to determine exactly where the revenue producing event actually occurs. For the vast majority of Telco services it will be at a circuit switch or MSC. However, some revenue generating transactions are managed manually or by other types of devices. The key is in being absolutely certain about where the real revenue event is initiated.
b) Identify the Point of Revenue Transaction Capture

Once you have found the point of revenue production, the next step is to identify how information about each transaction is captured. Again, for voice products, the switch where the transaction occurs will be the same place where the transaction information is captured. However, for SMS, that point is usually at the SMSC. As Telcos move into a 3G/UMTS environment the point of transaction (RNC) will be far removed from the point of transaction capture (the Media Gateway). One cannot simply assume that transaction capture and service delivery happen in the same place. Understanding that and including it in the revenue map is critical.
c) Trace the Revenue Transaction Information

Next, the analyst traces the revenue transactions through each system that participates in its management, identifying each of the other components that manage that data. A typical postpaid revenue stream will include: 1. 2. 3. The switch A mediation system A postpaid billing system
However, when it comes to Telecoms, nothing can be assumed. Some Telcos have more than one mediation system, distributed by geography or function. Some have different billing systems for various geographical regions.
GRAPA
102
Exploring, discovering and mapping out these components is the real work of Revenue Mapping.
d) Assign Revenue Values to Each Component

Once the Revenue Map is complete, the analyst allocates the revenues identified across the map. For example, when you are mapping postpaid local voice revenues, you begin by assigning revenues to each of the switches that manage the local voice business. Lets say that the Telco has five switches (named Eric1, Eric2, Hua1, Hua2, and Nor1) and local voice traffic amounts to $500,000. If we assume that each switch carries the same volume of traffic, then we would allocate $100,000 to each switch. Then, lets also assume that there are two mediation systems (mediation-north and mediation-east organized geographically), we would allocate $300,000 and $200,000 to each respectively. Ultimately, the postpaid billing system would be credited with the full $500,000 since all postpaid local voice is billed by that single system.
Revenue Map Examples

Some examples will help explain how the Revenue Mapping process works. The diagram below illustrates our previous example. The map provides us with a clear diagrammatic view of the revenue stream. This is a very simple diagram, but as the number of mapped revenue streams increases, the map tends to become much more complicated.
PostPaid Local Voice

Eric1 $100,000 Eric2 $100,000 Hua1 $100,000 Hua2 $100,000 Nor1 $100,000 Switches Mediation-East $300,000 Mediation-North $200,000 Postpaid Billing $500,000
After successfully mapping the postpaid voice business, the analyst might decide to map postpaid Interconnect (outbound) next. The outbound Interconnect business is much more complicated than local. This is because all Interconnect transactions include an accounts receivable (customer pays you) and an accounts payable (you pay partner). We will also need to include the Interconnect Billing System. We might also need to map an additional switch, the POI (Point of Interconnect), which carries traffic to interconnect partners.
GRAPA
103
Assuming that we have $250,000 of outbound Interconnect postpaid traffic each month, we could begin by assigning $50,000 per month to each switch. We can then determine the margin associated with Interconnect. If we assume that it is 50%, then for each $2 of Interconnect business billed to customers, $1 will be paid out to a business partner. The next step will be to identify our POI and allocate $125,000 to it as well. This is 50% of the $250,000 as an Accounts Payable item. We can then assign our value of $250,000 to the Postpaid Billing System (our Accounts Receivable) and the $125,000 to the Interconnect Billing System (our Accounts Payable).
Eric1 $50,000 Eric2 $50,000 Hua1 $50,000 Hua2 $50,000 Nor1 $50,000 POI1 $125,000 Switches
PostPaid Outbound Interconnect
Mediation-North $100,000 Postpaid Billing $250,000 Mediation-East $150,000 Interconnect Billing $125,000
When all revenue streams have been mapped, collapse the maps and generate the overall revenue and payment map for the entire organization The final step in the mapping process is to collapse all of the maps that have been generated and into one master map. Collapsing the map allows the analyst to determine which vertical components are responsible for managing what proportion of the companys overall revenues. Many times, systems and areas assumed to be trivial turn out to be critical, high risk areas. In our previous example, we can collapse the Postpaid Local Voice and Outbound Interconnect into the following consolidated revenue map.
GRAPA
104
Eric1 $150,000 Eric2 $150,000 Hua1 $150,000 Hua2 $150,000 Nor1 $150,000 POI1 $125,000 Switches
PostPaid Combined Revenue Map
Mediation-North $300,000 Postpaid Billing $750,000 Mediation-East $450,000 Interconnect Billing $125,000
As indicated in the above diagram, our Postpaid Billing System is the most valuable vertical component with a net value of $750,000 per month. The second most critical is the Mediation-East System valued at $450,000.
Local Switching 40M
Retail Billing 2M Wholesale Billing Mediation Mediation 76.75M 35M Calling Card Billing 3M Interconnect Billing 36.75 A more complex revenue map Collections 40M Dunning 1M Settlement 36.75
National POIs 12.5M
Intl POIs 24.25M
As the number of revenue streams increases, the nature and distribution of revenue across the organization becomes clearer.
GRAPA
105
Creating a Payment Map for each Revenue Stream

Tracking the actual revenue streams is only part of the overall Revenue Assurance story. In addition to the revenue map, there is often a need for a payment map as well. Like the revenue map, a payment map traces the flow of money across the different Telco environments. In this case, however, instead of tracing revenue information, the actual payments are traced. The process for developing a payment map is similar to developing a revenue map. 1. 2. 3. 4. Identify the point of sale for activation/provisioning (for postpaid) or for payment (for prepaid or postpaid collections). Trace the activation/provisioning or payment from the point of sale to the point where it is credited to the customer and recognized in the general ledger. Assign collections/payment values to each component along the payment stream. When all payment streams have been mapped, collapse the maps and generate the overall payment map for the entire organization.
hoRizontal foRensics
The concepts of Horizontal Assurance and Revenue Mapping are exciting and powerful tools to contain revenue risks at a reasonable cost. Most Revenue Assurance practitioners believed that it is a purely vertically oriented operation. By focusing only on the vertical aspects of assurance, however, there are many benefits and opportunities to leverage tools, techniques and approaches that are not readily apparent.
Risk Maps
After creating of the Revenue Maps, there is much that the Forensic Analyst can do with them. The first might be to perform an assessment of the risks to revenues one vertical component at a time. By reviewing the risk to the organization along a single revenue stream, and factoring in the economic risk that each vertical component represents, the analyst can generate a revenue risk map that gives management a clear understanding of just where the risks to revenue are. In addition, the map will indicate how much actual revenue at risk each vertical component represents. Inability to gauge the risk to revenues across the organization has been one of the major handicaps. With risk maps, everyone can now see where the risk exists and, more importantly, how great the risk is. To perform risk mapping, we begin with a consolidated revenue map (shown below), illustrating all systems and their relationships.
GRAPA
106
Roaming Reconciliation
Roaming Collections
Roaming Negotiation
Settlement Network Mediation Billing
Inter-carrier Collections
Inter-carrier Negotiation
Collections
Dunning
Pre-paid Reconciliation
Voucher Management
Channel Dunning
We then enhance this map by assigning the level of risk to revenue that has been defined. This is done by utilizing Forensic Risk Assessment techniques.
Roaming Roaming Collections
Roaming Negotiation
Settlement Network Mediation Billing
Collections
Dunning
White = Low Risk Grey = Medium Risk Black = High Risk
Voucher Management
Channel Dunning
Development of risk maps represents a big step forward for Revenue Assurance as a profession. The Revenue Map/Risk Mapping discipline is a starting point for creating a true enterprise Revenue Risk Strategy. It also provides a powerful and
GRAPA
107
easy-to-understand tool for documenting and disseminating information about the scope of Revenue Assurance and the levels of coverage provided to each area. Risk Mapping, though useful, still leaves the Revenue Assurance group with a methodology that relies heavily on subjective interpretation rather than objective and quantifiable risk. It is for this reason that the Noise Analysis Methodology was created. Noise Analysis is a technique used to convert the relative and subjective judgments of a risk map into a more objective and quantifiable method for estimating the risk of revenue loss embedded in each vertical component of a Revenue Map.
Leakage + Unrecoverable + Too Expensive to Recover
Realized Revenue
Unrecoverable
Unrecoverable Network Activity
Unrecoverable
Roaming Collections
Leakage + Unrecoverable + Too Expensive to Recover Unrecoverable Network Activity
Realized Revenue
Unrecoverable Network Unrecoverable Activity
Roaming Negotiation
Realized Revenue
Settlement
Realized Revenue
Realized Revenue
Realized Revenue
Leakage + Unrecoverable + Too Expensive to Recover Unrecoverable Network Unrecoverable Activity
Realized Revenue
Realized Revenue
Network
Mediation
Unrecoverable
Unrecoverable
Realized Revenue
Billing
Collections
Realized Revenue
Realized Revenue
Dunning
Realized Revenue
Voucher Management
Realized Revenue
Realized Revenue
Channel Dunning
The specific details behind the concept of Noise Analysis are really a practice rather than a standards issue, but it is important to mention that this methodology exists. We also should note how it provides for a more quantitative approach to the overall problem of enterprise Revenue Risk Planning and Management.
hoRizontal contRols
Just as there are a number of controls that lend themselves well to assuring Vertical Domains, there are also controls that make assurance of Horizontal Domains easier. Among the horizontal controls most often utilized are: 1. 2. 3. Test Calls and Test Plans For end to end assurance of any domain Change Management Procedures Ensuring that all Vertical Domains involved in a particular revenue stream are included in the changes being managed Synchronization Synchronization of data across Vertical Domains for a particular Horizontal Domain
In addition to these few obvious examples, many of the control mechanisms employed are effective for both Horizontal and Vertical Domains.
GRAPA
108
coveRage stRategies (veRtical/hoRizontal oPtiMization)

The concepts of the vertical vs. horizontal domain generate many new and interesting possibilities for the Revenue Assurance professional. The different ways of looking at the assurance problem afford us with many ways to attack the same problem. Ultimately, the Revenue Assurance professional, and more specifically top management and the Revenue Assurance management team, now have the ability to approach assurance from several perspectives and to define an optimal Revenue Assurance strategy. Many organizations are finding that a Revenue Assurance strategy that combines optimum applications of Horizontal Assurance and Vertical Assurance across the enterprise is based upon an analytical consideration of the amount of revenue involved, the relative degree of risk experienced, and the ease of applying either a vertical or horizontal approach. This creates a crosschecked coverage strategy that can provide them with maximum impact at minimum cost.
GRAPA
109
GRAPA
110
he following table provides the reader with an excerpted view of the GRAPA standards as formally defined in the Standards Document and ratified by the membership January 2009. III. Domain and Scope Management a. Vertical Domain (In alignment with GRAPA Body of Knowledge) i. Network Domain 1. Wireline 2. Wireless 3. Data/Cable 4. Satellite 5. WiMAX 6. LMDS/MMDS 7. Microwave 8. Content ii. Mediation Domain iii. Postpaid Billing Domain iv. Prepaid Billing Domain v. Interconnect Domain vi. Roaming Domain vii. Content Management Domain viii. Customer Service Domain b. Horizontal Domain i. Postpaid Line of Business Operations ii. Prepaid Line of Business iii. Interconnect Line of Business iv. Roaming Line of Business v. Value Added Services Line of Business vi. Cable-Based Services Line of Business vii. Streaming Services Line of Business viii. Data Services Line of Business ix. Content-Based Services Line of Business x. Satellite Services Line of Business c. Payment Channel Domain i. Point of Sale Payment Channel ii. Sales Channel Payment Channel iii. Prepaid Retail Payment Channel iv. Distribution Payment Channel v. Credit and Collections Payment Channel vi. Credit Card and ATM Payment Channel d. Provisioning and Activation Process e. New Product Development Process f. Fraud Management
GRAPA
111
GRAPA
112
C h a p t e r 11 - O r g a n i z a t i o n a l P r i n c i p l e s
Chapter 11
oRganizational PRinciPles
The final section of the GRAPA Standards is concerned with the principles of Revenue Assurance. The other sections are focused on the designation of what Revenue Assurance actually is. This includes the tasks and structures associated with the mechanics of performing the Revenue Assurance job. The principles, on the other hand, provide the practitioner with a structure regarding assignment of responsibilities for various jobs, and integrating those jobs into the context of the larger Telco organization. We have divided the principles into two sections for this discussion. The first section, Organizational Principles, focuses on how to fit Revenue Assurance into the organization. Here, we consider how the Revenue Assurance professional should interact with various departments and personnel. Organizational principles are also concerned with KPIs and measuring the effectiveness of Revenue Assurance. In the second section, Operational Principles, we address the ethics and standards of performance issues. (What are the principles that should guide the Revenue Assurance professionals activities? And what are the benchmarks to their participation in the corporate world?)
Making Revenue Assurance a Good Fit

Determining how to make Revenue Assurance fit into the larger Telecommunications organization is not an easy task. The organizational landscape of the typical Telco is already clogged with dozens and even hundreds of different roles, responsibilities, departments, and tasks. Many of them are overlapping and contradictory. This problem is exacerbated by the fact that most Telcos have different approaches to how they organize themselves. Some Telcos have a large, well staffed, and highly involved Internal Audit group that does much of the work that is outlined in these standards. Others have a small, internal audit staff with time for only a miniscule subset of revenue related tasks. The diversity of Telco organizational structures is a study in variety. In some organizations, the Revenue Assurance team may be asked to take on all the domains listed in these standards, whereas in others the team will be relegated to only the smallest subset. The challenge for GRAPA and for Revenue Assurance professionals around the world is to determine how to fit Revenue Assurance into each of these unique contexts. This must be done in a way that creates minimum disruption and maximum impact.
GRAPA
113
And it must maintain enough of the integrity of the Revenue Assurance job itself to gain the leverage delivered by economies of scale, standardization, and a shared body of knowledge.
Separating Who Does What? from What Needs to be Done?

We must accept, within the context of the Revenue Assurance standards and the organization, that there is a difference between Who is supposed to do something? and Should the job be done? The first foundational concept is that the Revenue Assurance job, as outlined here, needs to be done by someone. Establishing and implementing a function that provides the values and structure defined by these standards is a requirement for the financial health of most Telco organizations no matter who does the actual work. Those values and structures include: A standardized approach to analyzing risk to revenue A requirement that all revenue risk situations be investigated down to their root causes A policy that requires that risks to revenue be qualified and quantified before corrections or controls are implemented A discipline around the initiation and execution of controls and corrections A compliance reporting mechanism that keeps management informed of the status of all of these activities
So while some Telcos may employ external consultants to run their Revenue Assurance activities, others may call this risk management and include it under that organizational structure, while still others may designate the Revenue Assurance Department as the organization responsible. In all cases, it is still the process of Revenue Assurance and the actual work that needs to be done and the approach that should be taken does not change.
the coveRage challenge

Unfortunately, the decision of who to relegate this functionality to is not as simple as saying, Internal Audit will do it or, That is part of Risk Management. In most organizations, the responsibility for Revenue Assurance is going to be shared. Remember that we have dozens or hundreds of domains (vertical and horizontal) and four major disciplines (Forensics, Correction, Controls Management, and Compliance) that need to be scattered across an organization where any number of those domains is already adequately covered for the four functions. In most Telcos there are Internal Audit, Sarbanes-Oxley, Risk Management, and other overlap and oversight departments that are each handling some of the Revenue Assurance functions in a unique combination of domains. There are also many departments (vertical domain areas) where the operational management team is competent and the Revenue Assurance issues are being managed as a matter of course. In other words, they do a good job and part of that is the assurance of revenues in their area. On the other hand, there will be domains where no assurance activity is happening and, worst of all, the majority of areas that are partially covered to an unknown extent. This then is the real challenge of Revenue Assurance, and it is big. How do we organize the practice of Revenue Assurance to ensure we get coverage where it is needed (from domain and discipline perspectives) and accomplish this at a reasonable cost?
The Super-Revenue Assurance Department Temptation

It is tempting to address this problem by establishing a policy that maintains that all Revenue Assurance functions will be managed by one Revenue Assurance Department. The sigh of relief by management in this case is great. Now things are simple; Revenue Assurance is responsible for all of it. There are several reasons why the Super-Revenue Assurance Department is not practical in most cases. First of all, it is inefficient. The Super-Revenue Assurance Department will, by definition, overlap and duplicate work done by other departments or groups. This overlap of territory is likely to spark a round of territorial wars. Conflict will be generated as people debate the roles of Revenue Assurance and Internal Audit, etc. This causes the organization to expend energy on politics rather than revenue risk protection. It is necessary to take a stand regarding responsibility for operational integrity. The more operational managers are relieved from their responsibility for the integrity of their actions, the less they care about it. An aggressive and inclusive Revenue Assurance group can easily promote more operational inefficiency-- if the responsibility for the ultimate integrity of those operations does not stay with the operational group. There is one exception to this scenario: creation of a Revenue Management Department (which we will discuss later in this chapter). If operational managers are ultimately responsible for their departments, then we cannot create overlapping responsibilities. This confusion and conflict can only lead to overall chaos. This is an exceptionally difficult issue and one where we have invested much time and energy. The navigation of these very real and valid conflicts and issues is the reason for the way in which the GRAPA Standards are organized. It is not appropriate for a standards document to attempt to dictate to organizations how they should organize their operations; that is a practices issue. The job of the standards and our proposed structure is the following. 1. 2. Clearly define the issues and trade-offs so that people can understand what they are getting into when they make these decisions Define a set of rules of engagement and rules for how to structure, negotiate and manage these conflicting and overlapping responsibility issues when they arise
We do not insist that you act a specific way. Instead, we forewarn you of the reality of the situation, namely that you will run into these conflicts on a regular basis. It is intrinsic in the nature of the Revenue Assurance job. Therefore, our standards are designed to label, structure and provide guidelines for how to best navigate these situations. When it comes to organizational alignment and assignment, there is no right way. There is only the best fit for your organization, environment and situation.
Best Fit Criteria for Revenue Assurance on a Task-by-Task or Domain-by-Domain Basis

One possible approach to an optimized Revenue Assurance overage model is to perform an in-depth survey of the skills, capabilities and available capacity of every support organization (Internal Audit, IT, Business Process Reengineering, etc.) and then do an area by area assessment of the needs of Revenue Assurance. This will identify organizations that have little need for assurance (since they are doing a good job) and those that need help. The final step would be to map each organization against the needs of the Revenue Assurance function, and assign them one task and one domain at a time. Under this mapping strategy, the definition of best fit would take different factors into account. How well does the operational group currently cover the Revenue Assurance problem areas?
GRAPA
115
Which organization has the personnel, skills and tools that best qualify them to do the job? Which organization is best positioned to manage the nature of the jobs to be completed and the workload involved?
This, of course, represents an idealized approach to the problem. In reality, the time, trouble and energy it would take to do all of this best-fit-mapping, and the administration of the resultant chaos, would make it cost prohibitive and impractical.
Administration vs. the Practice of Revenue Assurance

This discussion leads us to an interesting logical conclusion regarding the ultimate role of a formally defined Revenue Assurance Department, as opposed to the actual practice of Revenue Assurance.
The Revenue Assurance Department as a Competitor

One view (and the one that most managers take) is that running a Revenue Assurance Department is about how many different Forensic, Correction, Controls, and Compliance functions the Revenue Assurance group executes and manages. This perspective views Revenue Assurance as a collection of unrelated discrete tasks. Under this model, the Revenue Assurance Department competes with other groups (Operational Managers, Auditors, Business Process Engineers, etc.) for the right and responsibility to perform those functions.
The Revenue Assurance Department as the Administrator

An alternative view is to see the Revenue Assurance Department as the group that is responsible for the overall administration of Revenue Assurance, making sure that its application is balanced, cost effective and consistent across all domains. Revenue Assurance should not be viewed as one of a dozen groups that compete for individual task responsibility. In this case, the formally defined Revenue Assurance Department can be perceived as supplementing and supporting the efforts of all the groups involved, instead of as a competitor. Under this model, the primary responsibility of Revenue Assurance is to ensure that it (Revenue Assurance) is conducted according to guidelines set by management, and to participate only when necessary. Some of the tasks can include: 1. 2. 3. 4. 5. Set the strategy for a balanced application of Revenue Assurance across the organization. Make sure that the best resources are performing the appropriate level of Forensics, Corrections, Controls Management, and Compliance) in each situation across the organization. Provide tactical and operational support to supplement those organizations that need the help in order to meet their Revenue Assurance objectives. Perform as the organization with the primary responsibility for Forensic, Control, Correction, and Compliance for domains and disciplines that management decides are appropriate. Take on an overriding Compliance Management responsibility, keeping management informed as to the current level of risk and the current location of risks to revenues on an enterprise basis.
Adopting this model for the responsibilities of the Revenue Assurance Department, as opposed to viewing Revenue Assurance as an unrelated collection of discrete assurance tasks, offers value to the Telco, management, operational managers, and other support teams. This value is provided with very little reason for conflict. A Revenue Assurance group that is organized and positioned this way provides the organization with a flexible, cost effective unit, whose main role is the optimization of coverage for revenue risk. This is in response to the ever changing demands of the business and the various operational areas.
GRAPA
116
oPeRational ResPonsibility Positioning

Positioning the Revenue Assurance group as the overall administrators of the Revenue Risk Management strategy, while allowing the tactical decisions about coverage (who will cover each function) to be decided on a case by case basis, fits well within the other major foundational concept of the GRAPA Organizational standards. That is the concept of operational responsibility. As we have stated, the entire decision-making process about Revenue Assurance must be based, more than anything else, on a basic assumption and belief regarding responsibility for the operational integrity of a domain. If we assume that an operational management team is not responsible for the integrity of the revenue transactions that flow through its area, then what is its responsibility? Clearly, one of the basic assumptions of GRAPA and this Standards document is that everyone is responsible for assuring their portion of the Revenue Management process, and the Revenue Assurance teams role is to help them do their job. This may seem like a strong position, but as stated earlier in this chapter, it is the only position that can stand up to the tests of time, organizational change, and reality.
the Revenue ManageMent oRganization and the RetuRn of the boM

Now that we have made that statement, there are two exceptions to consider. The first one is an extreme example. We will consider the second, more moderate view in the next section. In the most extreme, a case can be made for re-institution of the old BOM (Billing Operations Management) function. Earlier in this book, we discussed the BOM and how it previously functioned. There are some aggressive CFOs and CEOs who decided that the ultimate solution to the Revenue Risk Management issue is to return to the previous way of doing things, i.e. create a Revenue Management Department. A Revenue Management Department, unlike a Revenue Assurance Department, is a team of people who have full operational responsibility and accountability for the integrity and execution of all operations associated with a revenue stream. Like the BOM of old, the Revenue Management Department would be fully responsible for running each of the systems associated with the capture, transportation and processing of revenue transaction data. Since this group is operational, not staff, and has responsibility for revenues, it is possible to quickly short circuit problems and assure management that revenue streams are well run and well managed. Several Telcos are experimenting with this model with varied levels of success. GRAPA does not take a position on this. However, there are a number of people who have proposed that this extreme form (full responsibility for revenue management) should be considered as the ultimate goal of Revenue Assurance. As the industry and the discipline matures this may happen. At this time however, the membership has voted to exclude it from the scope of Revenue Assurance.
GRAPA
117
the shaRed ResPonsibility Model

In summary, the GRAPA Standards provide a framework that assumes Revenue Assurance is going to be a shared and uniquely configured discipline across the organization. Among the reasons for this are: 1. 2. 3. Different areas will have different Revenue Assurance needs. Some will need little or no support, while others will require a great deal. Different domains will require varying levels of coverage, based upon how well the Operational Management Team does its job. Different people will be available to cover different Revenue Assurance functions. A competent Forensics specialist in IT, Network, Audit or other departments, along with a competent Business Process Reengineering, Sarbanes-Oxley Implementation team, or other supporting departments will play a role in defining how Revenue Assurance can fit within the overall organizational structure. Each organization has a different set of assets/skills available to address the issues. The risk profile changes, and often causes changes to conditions 1-4 (above). This forces an almost continuous organizational re-alignment as conditions and risks change.
4. 5.
For all the reasons mentioned, and based upon the principles that we have discussed, the position of the current Revenue Assurance standards is that Revenue Assurance is a shared responsibility. We assume that each organization will need to make its own, customized allocation of Forensic, Correction, Control, and Compliance assignments across the landscape of Horizontal and Vertical Domains. The decision to choose this model is not an easy one. The flaws and problems that it represents are obvious. However, if the standards are going to be practical, i.e. if they are going to help Revenue Assurance professionals do their jobs, then we must provide them with guidelines and insights about how best to manage it. Unfortunately, any attempt to dictate a structure that can be imposed on this wide range of organizations and environments is doomed to fail, at least in the short term. As Revenue Assurance matures, there may be an opportunity for a movement in this direction, but we must deal with the current reality. The Shared Responsibility Model means that each Telco will be forced into crafting a unique, tailored implementation by blending and optimizing the many factors. Ultimately, we believe that the model that prevails will be Revenue Assurance as the Administrator of Strategy and Practice and allocation of different organizations to different tasks based on the situation and the demand.
oRganizational PRinciPle #1: the RelationshiP of Revenue assuRance to the oPeRational teaM
The first organizational principle of the GRAPA Standards is that Revenue Assurance exists to support and aid operational managers in the accomplishment of Revenue Management integrity in their areas. Revenue Assurance does not override or supersede the decisions of the Operational Management team.
GRAPA
118
Exceptions and Conditions

Because we live in a real world where compromise is at times required, we include an exception to this standard. In cases where management overrides the policy and explicitly commissions the Revenue Assurance Department to take responsibility for creating, implementing or executing corrections or controls, then the Revenue Assurance group will accept that responsibility. In other words, the general policy and assumption is that the operational team is fully responsible for revenue integrity, but if management so directs, then the Revenue Assurance team will accept a level of responsibility.
oRganizational PRinciPle #2: the RelationshiP of Revenue assuRance to otheR suPPoRt oRganizations
In any Telco, there will be occasional situations where overlap of functionality arises. Two or more organizations may feel that it is their charter to handle a specific task. When such a conflict occurs, there must be a policy or guideline in place to address and help rectify the conflict. In such cases, the GRAPA Standards state that the decision regarding which group should be assigned responsibility must be based on which group: 1. 2. Is most qualified Can provide the best return on investment
This is covered by the operational principle that states that the overriding objective of Revenue Assurance is to accomplish the best coverage for the lowest cost.
oRganizational PRinciPle #3: the RelationshiP of Revenue assuRance to toP ManageMent

While the relationship of the Revenue Assurance group with operational managers and related departments is critical, it is also important to have a well defined set of boundaries when it comes to top management. We have touched on many aspects of the nature of this relationship throughout the book, let us now summarize the basic principles again. The Revenue Assurance groups primary responsibility to top management (and to the overall organization) is as follows. A. Assess the risk of revenue loss, find and report revenue at risk, using the Forensics (tactical and strategic) disciplines. B. Define appropriate remedies and develop coverage plans that recommend cost effective Controls, Corrections and Compliance. C. Implement the Controls, Corrections and Compliance specified by management, based on managements risk tolerance. D. Perform these functions in all areas designated by management as in scope for the Revenue Assurance Department.
GRAPA
119
These four statements embed the critical aspects of what we consider the overall mission of the Revenue Assurance team. Let us consider each in more detail.
A. Assess and Report Risk Forensics and Overall Risk Analysis

The first part of this principle states that the Revenue Assurance group should be responsible for assessing and reporting the risk of revenue loss to top management as its primary task.
Assessing Risk vs. Performing Risk Assessment

As we have already discusses, management may decide that an operational group, internal audit, or some other organization is the best qualified to perform Risk Assurance in certain areas. This is appropriate as long as management does not add more and more groups to the resources commissioned to perform the different aspects of Revenue Assurance. When this occurs, management will quickly find that they: 1. 2. 3. Are unable to keep track of all of the activity going on Cannot pull all the different threads of activity to the same level of understanding Will not be able to compare apples to apples since each group uses different criteria for evaluation
In other words, without the benefit of one group that unifies and standardizes the approach and the reporting and guarantees the quality and impartiality of the effort, management receives a level of assurance that is not at all cost-effective. In order for management to be confident that the full range of revenue risks are understood and handled appropriately, there must be one agency responsible for establishment and reporting of that exposure. This is not to say that the Revenue Assurance group has to perform the Forensic Analysis in all cases, only that it needs to provide an assessment of that risk. It is perfectly acceptable for Internal Audit, Fraud Control, or an operational area to do their own Revenue Risk Assessment, as long as the Revenue Assurance group reviews the findings and applies a standard template to the analysis and reporting. We are not implying that the findings and conclusions drawn by other groups are to be considered in error or suspect in any way. However, these different analyses and conclusions must be standardized if management is to have a clear understanding of the exposure. The Revenue Assurance Group is best qualified to provide this service.
End to End Assurance and Strategy vs. Tactical Application

This statement also implies that the Revenue Assurance team needs to take a broader responsibility for risk assessment and accept responsibility far greater than the tactical, issue by issue risk analysis. Ultimately, the greatest leverage and value that a Revenue Assurance team can deliver is related to how well it takes on the end-to-end scope of risk across all revenue streams and works to blend the optimum coverage models in each situation. In other words, the ultimate value of Revenue Assurance, when managed as a comprehensive effort, is far greater than the sum of the discreet activities involved in the assurance process.
GRAPA
120
B. Define and Recommend Rationalized Remedies Recommend Coverage Plans

The second job of the Revenue Assurance team is to recommend remedies to risks that are discovered. This presents several alternatives to be considered. The first and simplest case is for the Revenue Assurance team to take responsibility for formulating alternative remedies as a natural conclusion of the Forensics process. If Revenue Assurance was initially assigned the responsibility for the Forensics, then it is logical that it should drive the recommended remedies. This does not mean that the group should not be taking input, suggestions and even instructions from the other groups involved. The operational team should certainly have much to say about any control or correction, and Internal Audit, external consultants and other groups also have reasons to provide direction. Another consideration is the role of the Revenue Assurance team when another group has done the Forensics. This is a bit trickier. Supposing an operational group does its own review and determines that a correction is required to assure revenue integrity. Should Revenue Assurance be involved? In general, the answer should be yes. In the spirit of supporting operational managers and providing an independent view of the problem and the solution, it makes sense. Revenue Assurance should provide quality assurance and a sanity check for all major implementations of revenue-related activities. If the Revenue Assurance group does not perform this function, then management will have the same risk assessment issue. If the Revenue Assurance group does not provide the quality assurance check on these kinds of changes, there is a risk of omissions, or cases where an additional risk is embedded into a supposed solution to the problem. Creating a situation where one risk is simply traded for another ). Equally important is the additional benefit gained when the design of this correction is engineered consistent with the overall Revenue Management strategy of the firm, and when that design includes a seamless interface for compliance and reporting. No matter who is doing the Forensics, and who will implement the solution, the Revenue Assurance Team should play a role in the evolution and evaluation of all corrections, controls and compliance activity that is related to revenues.
C. Implement Based on Management Decision and Appetite for Risk

This third principle is by far the most controversial and causes the most protest, especially from management. For this reason, some serious discussion and explanation is in order. This principle states that the decision about which remedy to implement, whether it is a control, a correction, or a compliance solution or report, must be approved by management. There are several situations that could arise, and we will consider each of them in the text that follows.
GRAPA
121
Top Management Must be Directly Involved

The first and most literal interpretation of this principle occurs when the recommended remedy meets one of the following criteria. 1. 2. 3. It involves a cost that is high enough to warrant top management attention It involves a significant change of policies or procedures that could have sales or budgetary impact It involves a conflict between organizational units about which remedy to implement
Any of these conditions require that top management be called upon to make the final determination. For example, a decision to implement a $1 Million Revenue Assurance Controls and Analysis System requires that top management be directly involved.
Other Managers Can Take Responsibility

When the recommended remedies (Controls, Corrections and Compliance) are reasonable, do not involve costs over the threshold established by management, and all parties involved (Operational Management, Internal Audit, IT, and any others) are in agreement, the approval of the operational manager for an area is sufficient. For example, if the recommendation of a new set of controls fits within the Mediation Systems managers operational responsibilities, then that manager can approve the controls.
The Revenue Assurance Management Team Can Make the Decision

When the costs (financial and organizational) involved are below the management threshold, and when the remedy recommended is acceptable and agreed to by all parties involved, then the Revenue Assurance Manager can make that decision. This is true if the thresholds and decision-making criteria have been reviewed and approved by management.
The Revenue Assurance Practitioner is Authorized to Make The Decision

When the adjustments and corrections are so minor that even the Revenue Assurance Manager does not need to be involved, then the field practitioner can implement the adjustment. Again, this decision is made based upon the establishment of decisionmaking thresholds and pre-defined policies for how to handle them. For example, a Revenue Assurance practitioner assigned to running a billing and rating audit can be authorized to release lost revenues (due to the mismanagement of CDRs) up to a specified level. This level might be 100 CDRs or less, as long as the practitioner has performed all required checks and tests. It is not necessary for top management to be involved in every decision. However, the approval levels, thresholds and criteria for decision making must be established by management.
ManageMent decision-MaKing and aPPetite foR RisK

Management decision-making regarding the implementation of remedies is to be made within the context of that managements appetite for risk. This statement is just as important as the first. It is the appetite for risk that is the ultimate arbiter of the riskversus-cost formula that is implied in every Revenue Assurance investment decision.
GRAPA
122
Many people become fixated on the subject of establishing criteria for the correct level of assurance. The bottom line question is, What is the proper level of coverage to set for an identified risk to revenue, and who should set that level? In other words, when presented with a revenue risk situation, there are a large number of potential solutions. You can to a first class job, correct all of the root causes, and ensure that there will never again be any revenue losses of this kind. We refer to this as the zero tolerance for risk scenario. 2. You can implement a control that allows for the risk of something to go wrong, but provides you with a gauge and an alarm that will notify you when it happens. 3. You can decide that the risk is low and do nothing. How do you decide which is the appropriate response? Under the principle of appetite for risk, management makes the decision in the following manner: 1. The actual amount of risk (the 12-month forecast of losses that could occur if nothing is done) and the degree of risk (the likelihood that this will occur) provide an understanding of the revenue at risk. 2. The Forensic team provides management with a number of options, including: a. The cost to implement the option b. The impact that the option will have on the degree of risk c. The impact that the option will have on the amount of risk 3. Management considers the degree of risk, amount of risk, and cost of the remedy and decides which one is preferred. This may seem arbitrary at first glance, but the approach is actually quite logical. Lets consider a situation. It is discovered that a switch is delivering fifty percent of its CDRs in error. What should you do? Replace the switch? Repair the switch? Create a control around the loss of CDRs? The answer is it depends? The questions that need to be asked before a decision can be made include: 1. 2. 3. 4. How much revenue is actually at stake in this situation? How much will it cost to repair or replace the switch? What is the network maintenance plan for this switch? Is it scheduled for replacement? If so, when? 1.
Based on the answers, someone will have to make a rational decision. This decision will need to account for all factors and consider how much risk management is willing to accept. The concept of appetite for risk, like that of the measurement of revenue at risk is a foundational concept that drives the GRAPA Standards framework for decision-making.
D. Perform Within Formally Defined Scope

The last aspect of the relationship to management principle has to do with scope management and control. The GRAPA Standards state that Revenue Assurance departments should only be involved in their activities when directed by management. Revenue Assurance is not a freelance audit group; it is a serious, dedicated function. The decision to deploy Revenue Assurance resources in order to focus on a particular domain is a decision with many consequences.
GRAPA
123
There are several reasons why GRAPA is taking this position: 1. The decision to take responsibility for different revenue risk cases or to perform an in-depth Forensic Analysis of a specific domain can easily create territorial disputes. Disputes can occur between the Revenue Assurance group and the operational group being assured, or between Revenue Assurance and various complementary groups (Internal Audit, Sarbanes-Oxley etc.). In either case, a directive from management, and from the operational team involved, is the best policy to minimize conflict and confusion. The decision to take responsibility for an area is exactly that -- a responsibility. When the Revenue Assurance group declares a domain to be in scope, it is saying that the domain has been analyzed, the risk identified and quantified, and the appropriate controls initiated. If the Revenue Assurance team allows management or operational groups to declare that a domain is the responsibility of the Revenue Assurance group before they have performed their due diligence, then the Revenue Assurance group will rightfully be held responsible for leakages and losses. Related to point two above is the fact that every addition to the scope of the Revenue Assurance department should result in an increase in budget and headcount for the department. As the scope grows, so should the size of the team. If Revenue Assurance managers fail to associate scope with budget/head count, then management will simply pile more scope on them, resulting in erosion of the overall level of risk containment. There will be no way for anyone to determine how great that risk might be.
2.
3.
The explicit declaration of scope, and the fastidious analysis and remedy of risks in those domains is the entire point of Revenue Assurance, and it is critical that the Revenue Assurance Manager, Operational Managers, related areas and the top management team are aware of how large the scope of Revenue Assurance is, and the related significance.
GRAPA
124
he following table provides the reader with an excerpted view of the GRAPA standards as formally defined in the Standards Document and ratified by the membership January 2009. IV. Ethics and Principles : Organizational a. IV. A. Delegation of Responsibility for RA i. It is not the job of the RA Professional to insist that they do all of the RA job. The overriding goal of the RA professional is to make sure that the RA job is performed with integrity with a goal of maximum effectiveness for minimum cost. ii. The directive to accomplish maximum effectiveness for minimum cost means that the RA manager will work with other departments (operational teams, operational managers, internal audit, I/T and other groups) and encourage the development of solutions, and the allocation of responsibilities in a manner that makes the most sense for the entire organization. b. Responsibility and Relationship to Management i. It is the responsibility of the RA practitioner to assess and report actual revenue loss, potential revenue loss and to assess the potential risk of loss due to leakage or fraud to management. ii. It is managements responsibility to review and decide upon the degree and nature of the mitigation of that risk (if any). iii . RA professionals do not choose levels of risk or determine policies regarding how operations should be performed or who should perform what task. That is the responsibility of management. c. Responsibility and Relationship to Operational Managers and Peers i. It is the responsibility of the RA practitioner to work with and assist operational managers with the accuracy , efficiency and effectiveness of their operational areas. The addressing of leakage, risk of loss or other risk or fraud exposures are the clear and full responsibility of the operational team in assigned to that area. ii. Revenue assurance is present to assist those operational teams but not to assume their responsibility. iii. (unless at the explicit direction of top management the RA team takes on certain aspects of this operational responsibility). d. Responsibility and Relationship to Related (Support) Departments i. It is the responsibility of the RA practitioner to work with and assist the people responsible for Internal Audit, Business Process Reengineering or any other staff discipline which might overlap with the scope or RA. The objective of RA is to attain maximum impact for minimum cost and if the related department can do the job (Forensics, Controls Management, Compliance and Corrections) better, faster or more efficiently, then it is the responsibility of the RA practitioner to do everything possible to help that group to accomplish those objectives. e. GRAPA Inter-organizational Principles (Review) i. Under the GRAPA standards, it is the responsibility of the Revenue Assurance practitioner to assess and report on the risk of revenue loss, or the extent of revenue loss suffered within a particular operational area as directed by management , and in cooperation with the operational manager responsible for the area under review.
GRAPA
125
Based upon these guidelines, the following conclusions ensue: 1. It is the job of RA to assess risk and loss only in areas where management has directed it to. It is not the job of RA to look for risk without this direction. 2. It is the job of RA to report the risk of loss, but it is NOT the job of RA to recommend or enforce a particular level of loss. The appetite for risk, and the level of acceptable risk is a parameter set explicitly by the management team. 3. If so directed, the RA team can be commissioned with responsibility to investigate, develop and promote recommendations for the reduction of a risk exposure from its current level, to a level set by management. 4. The RA team will only be involved in the assessment of risk and loss in areas where the manager responsible for the operational area in question has agreed to cooperate. We believe that it is impossible to accurate assess risk , report risk and remedy risk without the full commitment of the operational management team. 5. The RA team can be invited by the operational manager, or by top management to proactively and aggressively assist the operational manager in the assessment of his risk exposure and in the development of a coverage plan. 6. Coverage plans and the institution of new controls must be approved by operational managers and top management before they are to be executed. 7. Primary responsibility for the execution of a coverage plan and implementation of new controls will be the responsibility of the operational manager. 8. The RA team may assist or execute a coverage plan at the request of top management and/or the operational manager. 9. Compliance reporting will be developed as part of the coverage plan, and all ultimate compliance and risk/loss reporting will be managed by the RA team, separate from the operational area.
GRAPA
126
Chapter 12 -Operational Principles and Ethics
Chapter 12
oPeRational PRinciPles and ethics

This is the final chapter about the Revenue Assurance standards; in it we will discuss the principles and ethics that should guide the practice of Revenue Assurance. Again, there was considerable discussion within the GRAPA organization about whether a Principles and Ethics section should be included in the standards. However, when you consider the mission of GRAPA, which is to promote the professionalization of the practice of Revenue Assurance, you realize, as we did, that the inclusion of principles is crucial. If management and operational managers do not have a strong level of trust in the work performed by the Revenue Assurance professionals, how can anyone expect to take their findings seriously?
the coRe PRinciPles

The first dimension to our ethical principles is what GRAPA refers to as the three core principles. These are the underlying objectives and guidelines for everything we do. All operations, decisions and activities should be driven by the three core principles
Consensus
It is the primary objective of the Revenue Assurance team to promote cooperation between the operational teams involved in each aspect of Revenue Management, Accounting and Delivery. Revenue Assurance should primarily be a vehicle for collaboration. The goal of Revenue Assurance is to create a solution that involves the consensus of all parties involved. Revenue Assurance is not an internal audit or policing function; it is a problem-solving function and most problem-solving requires the cooperation of all parties involved in the problem. This concept of consensus aligns perfectly with many of the other issues and principles we have discussed. The Revenue Assurance professional must always be aware and concerned about the effect of actions on other groups.
GRAPA
127
Integrity
All Revenue Assurance activities should have a primary focus on the integrity of the activities performed. This integrity applies to relations with managers, to how the job is conducted, and to the findings and reports. One might say that integrity is an obvious principle and does not require listing. However, the practice of Revenue Assurance has unfortunately been plagued by a lack of integrity in execution. The lack of integrity is evident in such cases as: 1. 1. 1. Revenue Assurance groups that are sloppy in executing, granting approval, and accepting scope and responsibility for domains and systems that they known to be invalid. Revenue Assurance groups that report figures and provide information about which they are unclear. Revenue Assurance groups that accept responsibility for areas they do not understand and are not qualified to assure.
If Revenue Assurance intends to gain recognition as a reputable and meaningful profession, establishment of integrity will be the key.
Rationalization
All Revenue Assurance activities should be based on the principle of Rationalization of Investment. Any investment of company time, money, and effort in pursuit of Revenue Assurance objectives must be balanced against the anticipated benefits in risk reduction, revenue retention, or revenue maximization. The Revenue Assurance practitioner is responsible for understanding, documenting and assuring the rationalization of all investments and decisions. Every Revenue Assurance decision requires a balance between the degree of risk mitigated and the associated cost. The Revenue Assurance team must be aware of this tradeoff and develop the rationale and criteria for making those decisions clear. Our concepts of revenue at risk and managements appetite for risk are intrinsic to consistently enact this principle. Rationalization is critical, but it must be remembered that, when rationalization is promoted without an underlying discipline, rigor and confidence, it is worse than doing nothing at all.
ethical PRinciPles
Ethical principles provide professionals with an understanding of the expectations associated with their task performance. As with other principles, the decisions and structures created to enforce them is related to practices rather than standards. The GRAPA organization clearly expects members to adhere to these principles as well as the others.
GRAPA
128
Corporate Responsibility
It is the responsibility of the Revenue Assurance practitioner to stay alert and aware of all risks to the revenues and assets of the firm. The Revenue Assurance practitioner will always, without fail, report any serious risk of loss to the appropriate agencies or authorities . even if it is not within the scope of the Revenue Assurance practitioners responsibilities. Corporate responsibility is an important part of the Telecommunication employees role, but the Revenue Assurance professional has a special status. As a person responsible for assurance of revenues, the professional is in a position of trust. The Revenue Assurance practitioner may be responsible for detecting and addressing fraud (both external and internal), be responsible for millions of dollars in revenues, and involved in cash and financial management and assurance. For these reasons the Revenue Assurance professional is expected to maintain the highest level of honesty and trustworthiness. Another critical aspect of corporate responsibility is the professionals responsibility to the companys customers, partners, and governmental and regulatory agencies. Corporate responsibility reaches out to these agents as well. If the Revenue Assurance professional discovers any impropriety, even if that impropriety financially benefits the firm in the short run, it is the professionals responsibility to bring the case to management. Allowing known illegal or questionable business practices to continue exposes the firm to increased risk over time. As in all situations, it is the responsibility of management to assess the level of risk and to make the decision to act. However, failure to note and report such cases is a violation of the Revenue Assurance professionals ethical responsibility.
Operational Independence Requirement

Every Revenue Assurance professional is responsible for maintaining independence so that opinions, conclusions, judgments, and recommendations will be viewed as impartial by third parties. This includes any potential personal, external, and organizational impairment. An example of a personal impairment would be an outside financial relationship, and an external impairment would be unreasonable restrictions on the time required to complete an assurance activity. To achieve organizational independence, Revenue Assurance organizations and compliance professionals should report the results of their assessments and compliance findings, and be accountable to the head of the organization. In addition, they should be organizationally located outside the staff or line function that is being reviewed. This helps ensure that the staff avoids political repercussions. Assessment and Compliance reporting should be performed separately from the operational unit. Revenue Assurance teams may also perform operational reporting, as long as they do not report to the operational team. According to GRAPA benchmarks, the majority of Revenue Assurance departments report to the CFO. As the CFO is typically not responsible for any operational areas, it appears that in most Telcos this requirement is being met.
PRinciPles of PRactice
Finally, we have our principles regarding how Revenue Assurance is to be practiced, in general reinforcing and re-instating existing principles.
GRAPA
129
Competency Requirement
Revenue Assurance functions should be staffed with those who collectively have the knowledge and skills necessary to conduct Revenue Assurance activities. Outside consultants with requisite knowledge may need to be hired to complement the internal staff. GRAPA recommends that staff receive a minimum number of hours of continuing education each year and maintain a record of that training. The Revenue Assurance practitioner is responsible for conducting activities with competence. The competency requirement is essentially a restatement and focusing of the integrity requirement. The Revenue Assurance group must accept responsibility for attaining the appropriate level of competency within their organization. This is a serious problem for many departments, and one of the reasons that the GRAPA training and certification programs have been launched.
Transparency Requirement
All Revenue Assurance activities are to be conducted in a straightforward and transparent manner. All processes and activities are to be documented and published for review of the appropriate persons involved. Forensic Analysis techniques, assessment reports, quantification findings, and correction and control recommendations should be clearly documented and published in a manner that makes the process, intention and results clear to all parties involved. The practice and maintenance of a posture of transparency assures operational managers and teams that the work of Revenue Assurance is straightforward and geared towards helping them in accomplishing their objectives. It also reassures them that Revenue Assurance is not acting as an auditor or trying to make them appear incompetent or criminal. Transparency combined with a dedication to integrity of operations is the key to a successful Revenue Assurance team.
Maximum Effect for Minimum Cost

The last of our principles is the responsibility of the Revenue Assurance professional to continually strive to attain the maximum impact (reducing revenue loss, risk of loss, or other objective) for the minimum investment. The best cost solution is always preferred. The principle has application in dozens of different aspects in the day to day world of the practice of Revenue Assurance. Among the more critical are situations where there are conflicting bids from organizations addressing who should take the Forensic, Control, Correction or Compliance responsibilities. Ultimately, that decision should be made based on the determination of which group can do the best job for the lowest overall cost. Decisions about alternative remedies are also subject to this rule.
GRAPA
130
he following table provides the reader with an excerpted view of the GRAPA standards as formally defined in the Standards Document and ratified by the membership Jan. 2009.
V. Ethics and Principles - Operationall a. Consensus i. It is primary objective of the revenue assurance team to promote cooperation between the operational teams involved in each of the different aspects of revenue management, accounting and delivery. Revenue assurance should be a vehicle for collaboration first and foremost. The goal of RA is to create a solution that involves the consensus of all parties involved. RA is not an internal audit or policing function, it is a problem solving function and most problem solving requires the willful cooperation of all parties involved in the problem. b. Integrity i. All revenue assurance activities are to be performed with a primary focus on the integrity of the activities performed. Integrity includes the integrity of relations with other managers, the integrity with which the job is conducted and the integrity of the findings and reporting utilized. c. Rationalization i. All revenue assurance activities should be based on the principle of rationalization of investment. Any investment of the companies resources (time, money, effort) in pursuit of revenue assurance objectives must be balanced against the anticipated benefit in risk reduction, revenue retention or revenue maximization anticipated. The RA practitioner is responsible for understanding, documenting and assuring the rationalization of all investments and decisions. ii. Every revenue assurance decision requires that a balance be struck between the degree of risk mitigated and the cost of accomplishing that degree. The revenue assurance team will at all times be aware of this tradeoff and make the rationale and criteria for making those decisions clear. d. Corporate Responsibility i. It is the responsibility of the revenue assurance practitioner to stay alert for and aware of any and all risks to the revenues of the firm and well as to any assets of the firm that are involved. The RA practitioner will always and without fail report any serious risk of loss to the appropriate agencies or authorities whether it is directly within the scope of the RA persons responsibilities or not. e. Competency Requirement i. Revenue assurance functions should be staffed with those who collectively have knowledge and skills necessary to conduct RA activities. Outside consultants with requisite knowledge may need to be hired to complement internal staff. GRAPA recommends staff receive a minimum number of hours of continuing education each year and maintain a record of training. The RA practitioner is responsible for conducting activities with competence. f. Transparency Requirement i. All RA activities are to be conducted in a straightforward and transparent manner. All processes and activities are to be documented and published for review of the appropriate persons involved. Forensic analysis techniques, assessment reports, quantification findings, correction and control recommendations should be clearly documented and published in a manner that makes the process, intention and results clear to all parties involved.
GRAPA
131
g. Maximum Effect for Minimum Cost i. It is the responsibility of the RA professional to always attempt to attain the maximum impact (in terms of the reduction of revenue loss, risk of loss or other objective) for the minimum investment. The best cost solution is always preferred.
GRAPA
132
Conclusion -The New Definition of Revenue Assurance and Next Steps
ConClusion the new deFinition oF revenue assuranCe and next steps
Early in this book, we considered some of the alternative definitions of Revenue Assurance. We saw that it is easy to come up with a high-level, well intentioned definition, but that it is too broad to communicate any real meaning, or so narrow that the definition can only be applied to an individual company or situation. Conversely, creating a definition that communicates widely applicable and substantive information is quite challenging. Broad, ideal-sounding definitions often turn out to be non-definitions. Such definitions claim to work, but it only appears this way because people fill in the blanks with their own interpretations. Such broad definitions are worse than no definition at all because they foster miscommunication, confusion and ineffectiveness. Making sure that the processes associated with Revenue Management occur without error is a definition that is so broad that almost anything can be included in its scope. An overly narrow definition fails in the same way as it again leaves it to the individuals imagination to project what may be the other facets of the discipline. A more specific definition such as The process of assuring that all CDRs are managed by the billing system in an accurate and timely manner excludes so many areas of Revenue Assurance that it can actually be viewed as an untrue statement. It is my hope that through the last 100 or so pages we have proven that neither type of definition is sufficient or necessary.
A Comprehensive, Substantive and Non-Anecdotal Definition of Revenue Assurance

The GRAPA Standards that we have reviewed in this book provide the reader with a substantive, comprehensive and nonanecdotal definition of Revenue Assurance that really communicates its essence. That definition includes the following. Q.1: What are the different tasks involved in the practice of Revenue Assurance? A.1: Forensics, Correction, Controls Management, and Compliance. Q.2: What is the objective of Revenue Assurance activity? A.2: To provide cost effective and efficient: 1. Containment of revenue loss due to leakage 2. Containment of revenue loss due to fraud 3. Anticipation and prevention of revenue loss 4. Assurance of margins and rate plans
GRAPA
133
5. Assurance of new products 6. Assurance of efficient network assets utilization 7. Assurance against the risk of loss due to churn and market erosion Q.3: What is included in the scope of a Revenue Assurance department? A.3: All domains assigned to the group by management as defined by discrete horizontal and vertical domains. Q.4: What is the role of Revenue Assurance in the organization? A.4: To support the efforts of operational managers to minimize the risk of revenue loss and maximize the level of revenue recognized for all transactions. While I will agree that this definition is far from eloquent, it certainly provides a clear understanding of the processes, scope, mission, and constraints associated with the practice of professional Revenue Assurance as of January 2009.
next stePs
With the ratification and acceptance of these standards by the GRAPA Membership, the organization is now ready to proceed with the next step in the process of professionalization.
1. Certification Program Launch

In 2009, GRAPA will launch the new GRAPA training and certification program that will give Revenue Assurance professionals the opportunity to train and arm themselves with the information and tools they need to be more effective in their work and to garner recognition and support for their efforts.
2. Cataloging and Benchmarking of Standard Practices

With the ratification of the Standards, GRAPA will begin the process of cataloging, benchmarking, and publishing standard practice information about each of the domains considered to be in scope for Revenue Assurance departments.
3. Review, Update and Modification of the Standards

The Telecommunications industry is fast paced and dynamic and we expect that, by January 2010, it will be necessary to modify the Standards to better reflect the reality of Telco 2010.
lead, follow, oR get out of the way

Publication of these Standards and the launching of this standards reference book is a milestone in the progress of the GRAPA organization and the profession. With the ratification and publication of these Standards, we are ready as a profession to begin the real work of building a comprehensive, meaningful, and effective body of knowledge, standard practices reference, and other critical tools. Although a great deal of work was done by GRAPA members over the past year, there is still much more work ahead of us. The GRAPA organization is continually looking for members who would like to help with this activity. The more members that get involved, the more we will advance. So please volunteer to help! GRAPA is a professional association, not a services company. You, as a member, will only get as much out of it as you put into it. The more courses you attend, the more committees you chair, the more town hall meetings you participate in, the better informed, better motivated, and better positioned you are as a Revenue Assurance professional.
GRAPA
134
A p p e n d i x A - T h e G R A PA C e r t i f i c a t i o n P r o g r a m ( 2 0 0 9 )
appendix a the Grapa CertiFiCation proGraM (2009)
With the formal ratification of the GRAPA standards, the GRAPA organization has undertaken to immediately provide the Revenue Assurance community with a credible, extensive certification program. This program will allow Revenue Assurance professionals to attain recognition for their knowledge and skill, gain access to a shared pool of expertise for the expansion of their knowledge base, and begin the process of separating the professionals from the amateurs and tourists. The creation and administration of certification is now the primary focus of the GRAPA organization. As of February 2009, a limited pilot program, which offers certification programs for Revenue Assurance Managers, Fraud Specialists, Internal Auditors, Forensics Specialists, Generalists, and Apprentices (Novices), is being launched. This initial program will offer certification to members based on their successful completion of: 1. 2. 3. 80 hours of training in their area of specialization Successful completion of a battery of tests, which assure that their level of knowledge and mastery of the body of knowledge is sufficient Demonstration of a suitable level of real-world experience, varying with the certification they pursue
Members will be registered as certified Revenue Assurance professionals.
Certification Training Curriculum

GRAPA training is provided by the Revenue Assurance Academy, which is responsible for the currently proposed certification curriculum. This curriculum specifies over 240 hours of training material designed to provide the Revenue Assurance professional with in depth coverage of the many different areas that are specified in the Body of Knowledge. There are currently over 100 hours of training available to members. Additional course writers and trainers are being recruited and will be added, based on the level of demand.
GRAPA
135
benefits of ceRtification
In addition to the many personal and professional benefits, the certified Revenue Assurance professional will gain recognition in several ways: 1. 2. 3. 4. Information about career, accomplishments, and certification status will be posted on the GRAPA website. Upon receipt of certification, the members new status will be communicated to the entire GRAPA community via email announcements. The member will receive a certificate and frame for display in their office. Certified members will qualify to teach, run conferences and town hall meetings, chair committees, and other GRAPA responsibilities and honorarium.
Plans for Extension of the Certification Program

The GRAPA certification committee has plans for implementing extended programs that will allow members to attempt to qualify for partial credit towards certification, but this program will be deferred until the core program is implemented. The following pages provide the interested reader with some background information about the thinking, assumptions, and principles behind the implementation of this certification program.
the need foR a PRofessional Revenue assuRance function

For more than a century, the telecommunications industry has served as one of the largest, most profitable and dynamic agents of change in the world. Telecommunications companies have historically lead the technology charge for the citizens of the world in a number of different ways. As each new generation of computer, telecommunications-, and operational technology was invented, the telecommunications industry has been the first to step up and tackle the hard job of making that new technology useful, dependable and accessible to billions of people around the world in a very short amount of time. In Telecommunications, the only thing that is absolutely certain is that the telcos will aggressively and successfully deploy new technologies in a timeframe that would appear to be completely unrealistic to any reasonable person who considered the many factors involved. Although the industry has done an almost supernatural job with integration and commercialization of this wide range of technological innovations, that capability is delivered at a cost. This cost is paid by the employees of the phone companies who must change, adapt, and re-invent themselves continuously and relentlessly. One of the major side effects of this incredibly rapid rate of operational and procedural change is that the operational systems and disciplines that drive the telco and make it work are constantly under stress. New products, new systems, new business models, and new customer expectations require that telcos continuously modify the network elements, architectural configurations, and operational processes that hold the business together. When you change things this often and this frenetically, then you can be sure that the operational systems themselves are going to have some lapses. Mistakes will be made. Oversights will occur. And in some cases, money will be lost.
GRAPA
136
Telco and Revenue Loss An Odd Relationship

Newcomers are often shocked to learn of the apparently odd relationship that telcos have to revenue and profit. In most industries, accounting for every single penny or expense, and making sure that operational systems provide for a comprehensive accounting for all aspects of financial transactions, is the top priority. Banks, retailers and other consumer facing industries are driven to a high level of penny pinching to stay competitive. So when those who come from one of these industries are introduced to a typical Telecommunications environment, they are shocked to learn that a large percentage of the systems and operations that the telco runs are managed with a much looser set of controls. This apparent laxness in the maintenance of controls over operations may seem sloppy and unprofessional, but anyone who has spent a few weeks trying to keep up with the rate of change in a typical telco environment will quickly come to appreciate why it happens. Telcos are extremely large, complex organizations. That complexity comes from the wide range of different business models, sales channels, products, services, and technologies that they support. Each unique combination of market, product, service, technology, billing model, service level agreement, and line of business represents a unique revenue chain and managing this enormous collection of revenue chains is a daunting job. For the typical telco, revenue loss is no surprise. The nature of the business makes accounting for all expenses at an individual transaction level almost impossible. Many product lines are tested without much consideration for profitability until the nature of the market and technology is fully known. For the telco, varying levels of revenue leakage are considered acceptable at different times in the life of the company and in the maturity of the technology. The core nature of the telco is to focus on new technology deployment and market expansion first, and to worry about operational discipline and precision later. This means that, for most telcos, there are some areas where help will be required from someone who understands the workings of the business models, operational process, systems, and technologies. This is a professional clean up person who can keep the operational playing field cleared and the revenue flowing as much as possible.
The Revenue Assurance Job Today

In response to the need for application of a specialized set of skills and tools to these areas of operational inefficiency, the majority of telcos have started to employ the services of Revenue Assurance personnel. While there are a few telcos that can claim to have been doing Revenue Assurance for a long time, the majority have only come to recognize it as a legitimate discipline over the past couple of years. New Revenue Assurance departments are springing up in almost every telco in the world. Most of these departments are less that two years old, and most are staffed with people with little or no experience in Revenue Assurance. GRAPA research shows that approximately one third of the people doing Revenue Assurance come from a finance background, one third are from operational areas, and another third are from IT or Network areas. We currently have an industry that is hiring hundreds of people to do jobs that are not well understood, attempting to accomplish objectives that are not well thought out, and using language and procedures that are poorly understood by most of the people involved. Most of the people in Revenue Assurance are doing an excellent job of making sense of the chaos into which they are dropped. However, there are clearly a number of ways to make this process better, more efficient, effective and comfortable for everyone involved if we were to leverage each others experience and create a standard body of knowledge about how the job should be done.
GRAPA
137
benefits of PRofessionalization
Amazingly, there is a great deal of professionalization that occurs in the creation of the Revenue Assurance discipline without a conscious effort on anyones part. Standard approaches, logical conclusions and common sense have pointed many companies in the same general direction without intrusion from outside forces. We are not saying that people in Revenue Assurance today are not professional or competent. We are saying that Revenue Assurance is naturally professionalizing itself. While this natural move towards professionalization is good, we believe that the process can become more effective and efficient for everyone. To do this, we need to overcome many of the operational, geographical and organizational blockages and participate in the conscious process of professionalizing.
What Does Professionalization Mean?

According to online dictionaries and other sources, Professionalization is the process by which any trade or occupation transforms itself into a true profession of high integrity and competence. This process includes establishing acceptable qualifications, creating a professional body or association to oversee the conduct of members of the profession, and recognizing the demarcation between qualified professionals and unqualified amateurs. This creates a hierarchical divide between the knowledge-authorities in the professions and a deferential citizenry. This demarcation is often termed occupational closure, which means that the profession becomes closed to entry from outsiders, amateurs, and the unqualified: a stratified occupation defined by professional demarcation and grade. The origin of this process is said to have been with guilds during the Middle Ages, when they fought for exclusive rights to practice their trades as journeymen and to engage unpaid apprentices. The ingredients of the professionalization process therefore are: 1. 2. 3. 4. Creation of a code of conduct that defines how the professional behaves, focused heavily on issues of ethics and integrity Establishment and maintenance of a Body of Knowledge that clearly defines the knowledge requirements for a professional Development of a method for establishing the credentials of a person as having mastered that Body of Knowledge and its application Recognition of those who have attained and exhibited the practice of that discipline, separating them from the unqualified and the amateurs.
Benefits of Professionalization for the Practitioner

Why is the professionalization of Revenue Assurance a good thing? Why should any Revenue Assurance practitioner care about it? There are several reasons. For the individual professional practitioner the benefits are obvious. The attainment of professional status that is recognized by management, co-workers and the industry translates into power, prestige and higher income. Why? Because management can assume a level of competence that is recognized as professional.
GRAPA
138
In an area as technically and operationally complex as Revenue Assurance, it is not typical for a top manager (CEO, CFO) to be intimately familiar with all the details and procedures required to perform the Revenue Assurance job. The manager will want to defer to the expertise of the professional when it comes to issues of strategy, next steps and alternative solutions. This trust in the expertise of the professional is integral to the relationship of professional and client and is the goal of most Revenue Assurance practitioners. The Revenue Assurance professionals are specialists who work hard for several years to master their craft. In the current environment, there is a good chance that this mastery will never be recognized, simply because the managers have no yardstick to fairly assess those capabilities. Professionalization allows practitioners to leverage appropriate value for investment in their craft. At the same time, the definition of a standard body of knowledge allows the Revenue Assurance practitioners to understand how to better manage their careers. What do they still need to learn? How should they channel their energies? Professionalization provides a career roadmap.
Benefits of Professionalization for the Company

While there are some obvious benefits for the practitioners themselves for professionalization, why will this be of benefit to the companies? Will professionalization not raise the cost of resources and make things more difficult? Not especially. But more importantly, there are many benefits that professionalization can deliver.
Authoritative Body of Knowledge

The primary job of a professional association is to define an authoritative body of knowledge that informs all members about knowledge requirements, and how knowledge should be applied. There is probably no industry in the world more in need of such authoritative bodies of knowledge than Telecommunications. The development of such a Body of Knowledge requires that practitioners from around the world agree to collaborate on the process. There is no way for one person or one company to assemble it. In the traditional educational model, universities compile and disseminate this knowledge. However, for a number of reasons, the educational institutions simply cannot keep up. The professional association, like the guilds and trade associations of the Middle Ages, provide professionals with a community where these issues can be worked out dynamically, quickly, and appropriately with minimum cost and fuss. There a many benefits that an authoritative Body of Knowledge can deliver. These include:
Vocabulary
One of the first challenges participants in Revenue Assurance face is that people use different terms to describe the same things; CDR and Interconnect for example. Very basic words and concepts carry a wide range of meanings from one telco to the next. A consistently applied vocabulary speeds up communication, simplifies the problem solving process, and increases our ability to share knowledge quickly.
Consistency
A standard body of knowledge will provide everyone involved with a consistency in the application, measurement and assessment of Revenue Assurance activities. Today, there are thousands of different, conflicting and confusing versions of what Revenue Assurance is, how to set KPIs for Revenue Assurance, and many other aspects of the practice.
GRAPA
139
Measurable Results
Professionalization of the discipline will establish clear criteria for measuring the professional effectiveness. How do you know if your Revenue Assurance team is producing value? How do you know the KPIs to which you are responding are correct?
Transference of Skills
Establishment of a core body of knowledge makes training, assessing and assigning people to different tasks infinitely easier. A standard body of knowledge is the foundation for the utilization of Revenue Assurance practitioners for maximum benefit.
Leveraging of Industry Experience and Practices

Establishment of this body of knowledge will help professionals to share experience and practices and develop a best of breed culture across the world. All of these benefits translate into several things for the manager: 1. 2. 3. Increased productivity of the Revenue Assurance practitioner Clarification of the role that Revenue Assurance is to play in the operational framework Improvement in the measurement and attainment of objectives
Key Ingredients of Professionalization

What are the key ingredients of the professionalization process? What do we need to establish as the core body of knowledge and operational framework for the conduct of the profession? There are four key elements: 1. 2. 3. 4. Standards which define how things are done professionally, and the rationalization for why they are done that way. These are the basic core values of the professional. Practices which are the body of knowledge that the professional needs to know, and how this knowledge is applied. Operational Frameworks which define how the professional works within the greater context of the telco organization and the Telecommunications industry. Subscription which defines how the practitioner agrees to subscribe to these standards, principles, and operational frameworks. The manager must be able rely on the professionals ability to understand and subscribe to what is presented.
Standards
The foundation for establishing any profession is a set of standards that the members of that profession subscribe to. For doctors, there is the Hippocratic Oath, Do no harm. For auditors, it is a code of ethics around dependability, impartiality and integrity.
GRAPA
140
The integrity of the professional assures a manager or a co-worker that this professional can be trusted to deal with problems and issues in a productive manner and with integrity.
Ethics (Code of Conduct Right and Wrong)

Industry specific ethics provide professionals with guidelines for their responsibilities in any given situation. These ethics are a yardstick for the assessing what is right and wrong in work situations. The practice of these ethics assures associates that the Revenue Assurance professional can be trusted with sensitive information. Revenue Assurance professionals are often given access to information that can be potentially harmful to individuals or the company, and it is imperative that they are viewed as trustworthy.
Principles (Why Things Are Done The Way They Are)

While ethics define right and wrong, principles define why things are done in a certain manner. More specifically, principles provide the Revenue Assurance professional with objectives and the important characteristics of an activity.
Methods (How Things Are Done; How Problems Are Approached)

The methods describe how people do things, including the technique used to define the scope of the activity and the definition of the disciplines (roles and responsibilities) associated with its conduct.
Practices
Standards define a set of principles and values, and provide a taxonomy for the definition of scope, objectives and approaches. Practices, on the other hand, define the actual details of how those standards are applied in the real world. Practices define what you need to know to do the job and include: 1. 2. 3. Subject Matter Knowledge and Domains Techniques (Ways to do things) Tools (Knowledge of software, hardware and other devices that assist in the carrying out of the job.
Subject Matter Knowledge

Subject matter knowledge addresses the question What must I know to be a Revenue Assurance professional? It provides guidelines for ascertaining the qualification, experience level, and overall value of the individual. It also provides management with an expectation of competence when assigning different tasks. For GRAPA and Revenue Assurance, the Subject Matter Knowledge is best identified via: 1. 2. Domains An understanding of the workings, vocabulary and issues associated with the different horizontal and vertical domains (network, billing, mediation, etc.) Objectives An understanding of the issues and approaches required to do a competent job of analyzing and making recommendations for a specified level of assurance (leakage containment, risk containment, margin assurance, revenue stream assurance, or fraud prevention)
GRAPA
141
Techniques
Techniques specify how different levels of assurance are attained for domains. Practitioners must understand how the domain works and how the assurance level is accomplished before they can actually understand and apply specific techniques. Techniques include: 1. 2. 3. Conducting a billing audit Synchronizing HLR and the billing system Executing test calls
Tools
The Revenue Assurance practitioner must also be aware of the various tools available to do a job. Tools can include: 1. 2. 3. 4. Test call generators Fraud Management systems Network probes Business Intelligence systems
Operational Models (Frameworks)

Professionalization requires that the practitioners understand how their job fits within the context of the telco organization. Operational models spell out the Revenue Assurance practitioners relationship to management, audit, billing operations, and many other related and overlapping organizations in the company.
How to Work With Management

A professional understands how to work with management, what the managers want, and how to give it to them in a form they expect.
KPIs, Expectations Management, Accountability, and Deliverables

The definition of the profession includes a clear understanding, body of knowledge, and shared expertise in establishing industry standard KPIs, techniques for managing expectations (on the part of management, other operational managers, and the Revenue Assurance team itself), developing a sense of appropriate accountability, and the identification of a set of standardized deliverables.
Relationships with Other Operational Groups

Professionals define themselves, not only in the context of management and the job they perform, but also in how they work with peers. The key here is development of an operational model of cooperation.
GRAPA
142
Subscription
Professionalization will take place when the people practicing the profession identify themselves as professionals and publicly declare their subscription to the policies, principles and objectives of the professional body to which they subscribe.
the Role of ceRtification

Given this definition of professionalization, what is the role of certification? While it is possible to become more professional as a group without certification, there are several reasons why it is to everyones benefit to pursue this objective.
What is Certification?
Professional certification is a designation or classification earned by a person to assure that this individual is qualified to perform a job or task. Certifications are earned from a professional association and, in general, must be renewed periodically. The certification process varies from one industry and trade to the next but usually includes: 1. 2. 3. 4. 5. A formal education requirement (body of knowledge) Proof of internship (actual experience) Proof of mastery of the subject matter (testing) Registration and subscription to the profession Commitment to refresh and continue education.
Why Pursue Certification?

Certification is undertaken by an industry for several reasons. For individual companies, the acceptance of a certification body allows them to establish an independent source of employee validation, verification, certification, training, and testing without the expense and overhead associated with doing that job for themselves. A valid, accurate and meaningful certification makes a hiring manager and HR departments job many times easier because the burden and responsibility for the development of the employee becomes the responsibility of: 1. 2. The employee The certification body
Certification creates a pool of qualified resources from which the hiring company can choose with a greatly reduced risk of hiring a person who is not competent, while at the same time greatly increasing the chances of getting a person who can serve as an expert in the area under consideration.
GRAPA
143
In addition to this benefit, pursuit of certification by an employee indicates a willingness to learn and a drive to excel that can help the manager better evaluate the relative merit of candidates. For the Revenue Assurance professional, certification offers the opportunity to enhance the persons body of knowledge, mastery of subjects, and recognition of that mastery in a controlled, measurable and quantifiable way. Certification gives the Revenue Assurance professional a competitive advantage in the work place, both through the knowledge it imparts with the status and assumption of competence it communicates.
Why Is It Required?
Why is certification for Revenue Assurance a requirement? We have identified several reasons.
Knowledge Volatility (Continuous Source of Knowledge Upgrade)

Telecommunications is undergoing change at such an incredibly fast rate that it is literally impossible to stay up to date on everything that is happening, based on their own resources. It is also impossible for practitioners to teach themselves in the field, considering the restricted access to technologies and time. The problem is exacerbated by the fact that practitioners, with their more limited perspectives, need help in identifying the directions in which they should be moving, in terms of subject matter, technique and mastery of tools.
Accessibility of Knowledge (Silos of Information)

The Telecommunications industry in general and the individual telcos specifically, are typified by many overlapping layers of operational and informational isolationism. This isolationism makes it extremely difficult for someone inside the system to recognize what must be handled across the depth and breadth of the organization. Externally-based certification can provide that perspective.
Career Anchor (Referential Positioning)

For Revenue Assurance professionals, a certification body that is credible and accepted by the industry can provide a badly needed reference point, helping them better assess their own careers and options.
Control Rate of Growth (Self Guidance)

A recognized certification program allows professionals to take personal responsibility for their development. The risks and decision-making criteria around the investments of the time and energy are greatly eased by this capability.
Measurement of Competence (Self Confidence)

Certification provides the professionals with an independent, measurable and controllable source for their own self assessment. Their self confidence and sense of competence will be greatly enhanced.
What Are The Challenges?

Creation and implementation of a certification program can provide many benefits to the industry, but for the individual telcos and for the professionals themselves, there are a number of challenges that need to be addressed to make it successful.
GRAPA
144
Cost To Provide (Funding Model and Value Returned)

One challenge is an appropriate funding model. The funding model identifies how the program will be administered and controlled. A loosely defined set of certification criteria and a mostly informal program can offer some value, but will be lacking in several of the areas where an effective program must be strong. Most importantly, the funding model implemented must offer a good return on the cost to the professional.
Cost to Administer
The cost to administer the program will obviously reflect greatly on the quality of the program. This will include: 1. 2. 3. 4. 5. 6. 7. 8. The cost to define the program and criteria The cost to market and sell the program to the industry (to get enough industry backing to make the funding model work) The cost to create training classes and other body of knowledge references (mechanism for the knowledge transfer to members) The cost to advertise, schedule, sell and administer training events The cost to develop tests The cost to administer, score and report findings of tests The cost to keep track of the individuals professional status (who has met which criteria) The cost to advertise and promote the professionals career after certification has been reached
Credibility
The success of the program will dependent greatly on the credibility that the industry, the telcos, and the individual professionals assign to it. It is not enough to say, This is the certification you should have. There must be substance (credible facts and information) and reference (prove of validity of the claims).
Ease of Attainment
The certification process must be designed so that it accomplishes its primary objective, which is the separation of the expert from the amateur. However, the criteria must not be set so high that only a privileged few can attend. This requirement impacts both the funding model and the depth and breadth of the body of knowledge to be managed.
Industry Acceptance
To provide value, the program must be accepted by a large percentage of the participants in the industry (telcos, vendors and consultants). Without a sound industry acceptance, the value of the program is weakened. This means that the program must be marketed and sold to ensure that value is attained.
GRAPA
145
Proof of Value
Part of the administration of the program must include testimonials or other proof of value. Otherwise is no objective assessment of its merit.
Components and Administration Issues

The key components and administrative tasks that the GRAPA certification program needs to address are described in the following paragraphs.
Curriculum (Body of Knowledge)

The certification program must have a clearly defined body of knowledge. This includes a register, list, and a bill of materials that identifies the level of knowledge required for professional status. This curriculum must include subject matter, technique and tool expertise, as well as operational, political and organizational intelligence and competence.
B. Classes (Training)
Based on this curriculum, a body of training materials must be prepared. The training material must be designed to do the best job possible of documenting and explaining each of the subject matter, technique, tool, operational, political and organization intelligence areas specified by the curriculum.
C. Testing
The fact that a person attended a class does not especially mean that this individual has learned the subject matter. A combination of training and testing is the best way to assure that the practitioner has actually mastered the required body of knowledge.
D. Experience Verification
As with most professional certification programs, it is important that certified professionals can prove that they can do the job, and not just talk a good story. Therefore, an experience verification component is critical.
E. Test Out (Bypass)

A path must be developed that allows experts to bypass certain parts of the requirement and simply prove their expertise. It is not incumbent upon the GRAPA certification to provide this capability, but in rare cases it would seem appropriate. What is most critical is the integrity of the certification, not the protection of the egos of people who want to participate. The decision to comply with a certification process is a decision to bow to the greater authority, and that is the certification body. The GRAPA certification program was developed with these guidelines and principles in mind. For the latest information about the program, please see the GRAPA website at www.grapatel.com
GRAPA
146
A p p e n d i x B - T h e G R A PA B o d y o f K n o w l e d g e D r a f t
appendix b the Grapa body oF knowledGe draFt
The following outline provides the reader with an overview of the various areas, domains and skills that have been defined as the current Body of Knowledge for the Revenue Assurance profession. Now that the GRAPA Standards have been ratified and published, the GRAPA organization will formalize and refine this Body of Knowledge and begin the systematic publication and verification of standard industry practices while continuing to refine the standards themselves. This draft is provided as a reference document for interested readers. The GRAPA Body of Knowledge for Revenue Assurance has been divided into the following major categories of knowledge: 1. Vertical Domain Knowledge The key information necessary to understand how each of the major vertical domains (systems and functions) works. A person with vertical domain knowledge understands the major processes, operations, policies, systems, and decisions involved in running that domain. This person can explain the major functions of the domain and how the area manages revenues. Horizontal Domain Knowledge The key information necessary to understand how each of the major horizontal domains (lines of business, product lines, service categories, rate plans etc.) works. A person with horizontal domain knowledge understands the major processes, operations, policies, systems, and decisions involved in tracing and processing revenue transactions across the entire domain (end-to-end). This person can explain the major functions of the domain and which departments, areas and systems are responsible for managing each part. Payment Channels Domain Knowledge The key information necessary to understand each of the payment channels that support the business operates. A person with payment channel domain knowledge understands how each payment channel works and the major processes, operations, policies, systems, and decisions involved in running that domain. This person can explain how these channels work and the common areas of revenue risk. Activation and Provisioning Domain Knowledge The key information necessary to understand how each of the activation and provisioning processes that support the business operate. A person with activation and provisioning domain knowledge understands how each provisioning process works and the major processes, operations, policies, systems, and decisions involved in running that domain. This person can explain how activation and provisioning works and the common areas of revenue risk. New Product Development Domain Knowledge The key information necessary to understand how the new product development process works. It includes an understanding of the gateway management approach to product development and the role of billing architectures design, exchange analysis, and market assurance as they relate to product development.
GRAPA 147
2.
3.
4.
5.
6.
Fraud Management and Crime Detection Domain Knowledge The key information necessary to understand each of the major categories of fraud risk and fraud management processes. A person with fraud management and crime detection domain knowledge understands the major processes, operations, policies, systems, and decisions involved in running fraud management operations. This person can explain how fraud management works and what the common areas of revenue risk are. Techniques Knowledge The techniques knowledge area consists of information about how to organize Revenue Assurance activities, define strategy, KPIs, and specific techniques related to the planning, development and execution of forensics, corrections, controls management, and compliance. Tools Knowledge Tools knowledge focuses on the use of Revenue Assurance applications and appliances that the Revenue Assurance professional utilizes to assist with activities.
7.
8.
i. veRtical doMain Knowledge

Vertical domain knowledge consists of a familiarity with the vocabulary, concepts and principles of operations in the specified area, along with knowledge of the key standard controls employed by most telcos to assure the area.
I.A. Network Domain

The Network domain includes all areas associated specifically with network operations and the core OSS technology that underlies Telecommunications services delivery. 1. Circuit Switch a. Wireline b. Wireless 2. Message a. SMS b. MMS 3. Control Protocols Domain a. DTMF b. SS7 c. IP d. MMS e. GPRS 4. Content and Data a. Audio/Video Packet b. Audio/Video Streaming c. GPRS
GRAPA
148
5.
Broadband a. DSL b. Cable c. 3G d. WiFi e. WiMax 6. IP a. Internet b. VoIP c. IPTV 7. Wireless Transport a. Microwave b. MMDS/LMDS c. Satellite d. VLF 8. Facilities Security 9. Network-related Fraud Vulnerabilities 10. Network Operations and Controls
I.B. Billing Architectures Domain

The Billing Architectures Domain includes all areas of operational integrity associated with the capture and processing for revenue generating transactions in all forms. Specifically, all components of the Revenue Management chain (from switch to collections, from top-up to call completion, and from transaction to revenue recognition (posting of revenues to the general ledger)). This Architectures Domain emphasizes the systems, how they are constructed, and how they connect and interface with each other. 1. 2. 3. 4. 5. 6. 7. CDR-based Billing Architectures Prepaid Billing Architectures Other Billing Architectures Circuit-based Billing Models Packet-based Billing Models Rating Operations and Controls Assuring the Rating Process
I.C. Mediation Domain

Standard practices and best practices associated with the selection, implementation, running, and monitoring of mediation systems and operations. 1. 2. 3. 4. CDR Transport and Integrity Mediation Operations and Controls CDR Input/Output Controls CDR FSEC Controls
GRAPA
149
I.D. Postpaid Billing Domain

Standard practices and best practices associated with the selection, implementation, running, and monitoring of postpaid billing systems and their operational environment. 1. 2. 3. 4. 5. 6. Postpaid Billing Operations and Controls Rating Assurance Margin and Rate Plan Assurance Postpaid Change Management Controls Postpaid Audit Procedures Postpaid Revenue Recognition
I.E. Prepaid Billing Domain

Standard practices and best practices associated with the selection, implementation, running, and monitoring of prepaid billing systems and the operational and organizational environment. 1. 2. 3. 4. 5. 6. 7. Prepaid Billing Operations and Controls Prepaid Billing Rating Assurance Prepaid Sales and Channel Assurance Prepaid Traffic Assurance Prepaid Account Management Assurance Prepaid Change Management Controls Prepaid Revenue Recognition
I.F. Interconnect Domain

Standard practices and best practices associated with the selection, implementation, running, and monitoring of interconnect billing systems and the operational and organizational environment. 1. 2. 3. 4. 5. 6. 7. 8. 9. Interconnect Operations and Controls Interconnect Margin Assurance Interconnect Architecture and Traffic Verification Interconnect Fraud Controls Interconnect Settlement Controls Interconnect Routing Controls and Assurance Interconnect Agreement Assurance and Verification Interconnect Change Management Controls Interconnect Revenue Recognition
GRAPA
150
I.G. Roaming Domain

Standard practices and best practices associated with the selection, implementation, running, and monitoring of roaming billing systems and the operational and organizational environment. 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. Roaming Operations and Controls Roaming Margin Assurance Roaming Architecture and Traffic Verification Postpaid Roaming Controls Prepaid (CAMEL) Controls Roaming Long Distance Forwarding Controls Roaming Partnership Controls Roaming Credit Risk Exposure Management Controls Roaming Fraud Controls Roaming Change Management Controls Roaming DCH Controls Roaming Revenue Recognition
I.H. Content Management Domain

Standard practices and best practices associated with the selection, implementation, running, and monitoring of content delivery and billing systems and their operational and organizational environment.
1. 2. 3. 4. 5. 6. 7. 8. Content Product Architectures and Operational Models Content Management Billing Models Content Management Controls Content Provider Controls Content Management Delivery Controls Content Management SLA Controls Content Change Management Content Management Revenue Recognition
I.J. Customer Service Domain

Standard practices and best practices associated with the design, implementation, running, and monitoring of customer service systems and functions as they apply to customer identity, service, activation, provisioning, fraud, and other revenue related functions, including the operational and organizational environment. 1. 2. 3. 4. 5. Customer Service Operations and Architectures Revenue Vulnerabilities within the Customer Service Framework Customer Service Systems and Functions Customer Service Controls Customer Service Change Controls
GRAPA
151
hoRizontal doMain Knowledge

This knowledge includes all of the major areas associated with the horizontal domains and their operational environments, as well as an understanding of the complete revenue chain for the area and the typical exceptions and variations.
II.A. Postpaid Line of Business Operations Knowledge

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. Key Functions, Tasks and Systems End-to-End Revenue Map for this Line of Business Contractual, Regulatory and Service Level Constraints Associated with this Line of Business Typical Pricing Models and Rating Issues for this Line of Business Overall Measures and Controls for the Line of Business Profitability and Revenue Integrity Issues for the Line of Business KPIs and Objectives Key Operational Components Staffing, Roles and Responsibilities Revenue Capture, Revenue Assurance and other Revenue-related Aspects of the Line of Business Known and/or Common Risk Areas (Fraud, Leakage, Margin, Utilization, Market) for this Line of Business and Typical Remedies and Forensic Techniques
II.B. Prepaid Line of Business Knowledge

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. Key Functions, Tasks and Systems End-to-End Revenue Map for this Line of Business Key Contractual, Regulatory and Service Level Constraints associated with this Line of Business Typical Pricing Models and Rating Issues for this Line of Business Overall Measures and Controls for this Line of Business Profitability and Revenue Integrity Issues for this Line of Business KPIs and Objectives Key Operational Components Staffing, Roles and Responsibilities Revenue Capture, Revenue Assurance, and other Revenue-related Aspects of the Line of Business Known and/or Common Risk Areas (Fraud, Leakage, Margin, Utilization, Market) for this Line of Business and Typical Remedies and Forensic Techniques
II.C. Interconnect Line of Business Knowledge

1. 2. 3. 4. 5. Key Functions, Tasks and Systems End-to-End Revenue Map for this Line of Business Key Contractual, Regulatory and Service Level Constraints associated with this Line of Business Typical Pricing Models and Rating Issues for this Line of Business Overall Measures and Controls for this Line of Business
GRAPA
152
6. 7. 8. 9. 10. 11.
Profitability and Revenue Integrity Issues for this Line of Business KPIs and Objectives Key Operational Components Staffing, Roles and Responsibilities Revenue Capture, Revenue Assurance and other Revenue-related Aspects of the Line of Business Known and/or Common Risk Areas (Fraud, Leakage, Margin, Utilization, Market) for this Line of Business and Typical Remedies and Forensic Techniques
II.D. Roaming Line of Business Knowledge

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. Key Functions, Tasks and Systems End-to-End Revenue Map for this Line of Business Contractual, Regulatory and Service Level Constraints associated with this Line of Business Typical Pricing Models and Rating Issues for this Line of Business Overall Measures and Controls for this Line of Business Profitability and Revenue Integrity Issues for this Line of Business KPIs and Objectives Key Operational Components Staffing, Roles and Responsibilities Revenue Capture, Revenue Assurance and other Revenue-related Aspects of the Line of Business Known and/or Common Risk Areas (Fraud, Leakage, Margin, Utilization, Market) for this Line of Business and Typical Remedies and Forensic Techniques
II.E. Value Added Services Line of Business Knowledge

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. Key Functions, Tasks and Systems End-to-End Revenue Map for this Line of Business Contractual, Regulatory and Service Level Constraints associated with this Line of Business Typical Pricing Models and Rating Issues for this Line of Business Overall Measures and Controls for this Line of Business Profitability and Revenue Integrity Issues for this Line of Business KPIs and Objectives Key Operational Components Staffing, Roles and Responsibilities Revenue Capture, Revenue Assurance, and other Revenue-related Aspects of the Line of Business
II.F. Cable-Based Services Line of Business Knowledge

1. 2. 3. 4. 5. Key Functions ,Tasks and Systems End-to-End Revenue Map for this Line of Business Contractual, Regulatory and Service Level Constraints associated with this Line of Business Typical Pricing Models and Rating Issues for this Line of Business Overall Measures and Controls for this Line of Business
GRAPA
153
6. 7. 8. 9. 10.
Profitability and Revenue Integrity Issues for this Line of Business KPIs and Objectives Key Operational Components Staffing, Roles and Responsibilities Revenue Capture, Revenue Assurance, and other Revenue-related Aspects of the Line of Business
II.G. Streaming Services Line of Business Knowledge

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. Key Functions ,Tasks and Systems End-to-End Revenue Map for this Line of Business Contractual, Regulatory and Service Level Constraints associated with this Line of Business Typical Pricing Models and Rating Issues for this Line of Business Overall Measures and Controls for this Line of Business Profitability and Revenue Integrity Issues for this Line of Business KPIs and Objectives Key Operational Components Staffing, Roles and Responsibilities Revenue Capture, Revenue Assurance, and other Revenue-related Aspects of the Line of Business
II.H. Data Services Line of Business Knowledge

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. Key Functions ,Tasks and Systems End-to-End Revenue Map for this Line of Business Contractual, Regulatory and Service Level Constraints associated with this Line of Business Typical Pricing Models and Rating Issues for this Line of Business Overall Measures and Controls for this Line of Business Profitability and Revenue Integrity Issues for this Line of Business KPIs and Objectives Key Operational Components Staffing, Roles and Responsibilities Revenue Capture, Revenue Assurance, and other Revenue-related Aspects of the Line of Business
II.I. Content-Based Services Line of Business Knowledge

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. Key Functions, Tasks and Systems End-to-End Revenue Map for this Line of Business Contractual, Regulatory and Service Level Constraints associated with this Line of Business Typical Pricing Models and Rating Issues for this Line of Business Overall Measures and Controls for this Line of Business Profitability and Revenue Integrity Issues for the Line of Business KPIs and Objectives Key Operational Components Staffing, Roles and Responsibilities Revenue Capture, Revenue Assurance, and other Revenue-related Aspects of the Line of Business
GRAPA 154
II.J. Satellite Services Line of Business Knowledge

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. Key Functions, Tasks and Systems End-to-End Revenue Map for this Line of Business Contractual, Regulatory and Service Level Constraints associated with this Line of Business Typical Pricing Models and Rating Issues for this Line of Business Overall Measures and Controls for this Line of Business Profitability and Revenue Integrity Issues for the Line of Business KPIs and Objectives Key Operational Components Staffing, Roles and Responsibilities Revenue Capture, Revenue Assurance, and other Revenue-related Aspects of the Line of Business
PayMent channel doMain Knowledge

This knowledge includes all of the major areas associated with the management of payment chains, starting with the customers input of funds (cash, ATM, credit card, check) to the point where the funds are credited to the general ledger and recognized as revenue.
III.A. Point of Sale Payment Channel Knowledge

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. Key Functions, Tasks and Systems Associated with the End-to-End Process of Point of Sale Transactions End-to-End Payment Map for this Payment Channel Contractual, Regulatory and Service Level Constraints Associated with this Payment Channel Typical Pricing Models and Rating Issues for this Payment Channel Overall Measures and Controls for the Payment Channel Profitability and Revenue Integrity Issues for the Payment Channel KPIs and Objectives Key Operational Components Staffing, Roles and Responsibilities Payment Capture, Revenue Assurance and Other Revenue-related Aspects of the Payment Channel Known and/or Common Risk Areas (Fraud, Leakage, Margin, Utilization, Market) for this Payment Channel and Typical Remedies and Forensic Techniques
III.B. Sales Channel Payment Channel Knowledge

1. 2. 3. 4. 5. Key Functions, Tasks and Systems Associated with the End-to-End Process of Sales Channel Transactions End-to-End Payment Map for this Payment Channel Contractual, Regulatory and Service Level Constraints Associated with this Payment Channel Typical Pricing Models and Rating Issues for this Payment Channel Overall Measures and Controls for the Payment Channel
GRAPA
155
6. 7. 8. 9. 10. 11.
Profitability and Revenue Integrity Issues for the Payment Channel KPIs and Objectives Key Operational Components Staffing, Roles and Responsibilities Payment Capture, Revenue Assurance, and Other Revenue-related Aspects of the Payment Channel Known and/or Common Risk Areas (Fraud, Leakage, Margin, Utilization, Market) for this Payment Channel and Typical Remedies and Forensic Techniques
III.C. Prepaid Retail Payment Channel Knowledge

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. Key Functions, Tasks and Systems Associated with the End-to-End Process of Prepaid Retail Payment Transactions End-to-End Payment Map for this Payment Channel Contractual, Regulatory and Service Level Constraints Associated with this Payment Channel Typical Pricing Models and Rating Issues for this Payment Channel Overall Measures and Controls for the Payment Channel Profitability and Revenue Integrity Issues for the Payment Channel KPIs and Objectives Key Operational Components Staffing, Roles and Responsibilities Payment Capture, Revenue Assurance, and Other Revenue-related Aspects of the Payment Channel Known and/or Common Risk Areas (Fraud, Leakage, Margin, Utilization, Market) for this Payment Channel and Typical Remedies and Forensic Techniques
III.D. Distribution Payment Channel Knowledge

1. Key Functions ,Tasks and Systems Associated with the End-to-End Process of Distribution Payment Channel Transactions 2. End-to-End Payment Map for this Payment Channel 3. Contractual, Regulatory and Service Level Constraints Associated with this Payment Channel 4. Typical Pricing Models and Rating Issues for this Payment Channel 5. Overall Measures and Controls for the Payment Channel 6. Profitability and Revenue Integrity Issues for the Payment Channel 7. KPIs and Objectives 8. Key Operational Components 9. Staffing, Roles and Responsibilities 10. Payment Capture, Revenue Assurance, and Other Revenue-related Aspects of the Payment Channel 11. Known and/or Common Risk Areas (Fraud, Leakage, Margin, Utilization, Market) for this Payment Channel and Typical Remedies and Forensic Techniques
III.E. Credit and Collections Payment Channel Knowledge

1. 2. Key Functions, Tasks and Systems Associated with the End-to-End Process of Credit and Collections Management End-to-End Payment Map for this Payment Channel
GRAPA
156
3. 4. 5. 6. 7. 8.
Contractual, Regulatory and Service Level Constraints Associated with this Payment Channel Typical Pricing Models and Rating Issues for this Payment Channel Overall Measures and Controls for the Payment Channel Profitability and Revenue Integrity Issues for the Payment Channel KPIs and Objectives Key Operational Components
9. Staffing, Roles and Responsibilities

10. Payment Capture, Revenue Assurance, and Other Revenue-related Aspects of the Payment Channel
III.F. Credit Card and ATM Payment Channel Knowledge

1. Key Functions ,Tasks and Systems Associated with the End-to-End Process of Credit Card and ATM Payment Management 2. End-to-end payment map for this Payment channel 3. Contractual, Regulatory and Service Level Constraints Associated with this Payment Channel 4. Typical Pricing Models and Rating Issues for this Payment Channel 5. Overall Measures and Controls for the Payment Channel 6. Profitability and Revenue Integrity Issues for the Payment Channel 7. KPIs and Objectives 8. Key Operational Components 9. Staffing, Roles and Responsibilities 10. Payment Capture, Revenue Assurance, and Other Revenue-related Aspects of the Payment Channel
PRovisioning and activation PRocess Knowledge

This knowledge includes all of the major areas associated with the management of payment chains, starting with the customers input of funds (cash, ATM, credit card, check) to the point where the funds are credited to the general ledger and recognized as revenue.
IV.A. Provisioning and Activation Knowledge

1. 2. 3. 4. 5. 6. 7. Key Functions, Tasks and Systems Associated with the End-to-End Process of Provisioning and Activation for Wireline and Wireless End-to-End Activities Map for these Provisioning Processes Overall Measures and Controls for the Provisioning and Activations Process KPIs and Objectives Key Operational Components Staffing, Roles and Responsibilities Known and/or Common Risk Areas (Fraud, Leakage, Margin, Utilization, Market) for this Activity Channel and Typical Remedies and Forensic Techniques
GRAPA
157
new PRoduct develoPMent PRocess Knowledge

This area includes all of the knowledge associated with the development of new products, services and rate plans within the Telecommunications environment, including knowledge of gateway methodologies, checkpoints, and the role of Revenue Assurance as a gatekeeper.
V.A. New Product Development Knowledge

1. 2. 3. 4. 5. 6. 7. 8. Key Issues associated with the Development of New Services, Products and Rate Plans Basic Concepts o Rate Plan Profitability Analysis Basic Concepts of Market Research, Voice of Customer, Customer Price Sensitivity, and Margin Analysis End-to-End Activities Map for the New Product Development Process Billing Architectures and Controls Approaches Key Operational Components Staffing, Roles, and Responsibilities Known and/or Common Risk Areas (Fraud, Leakage, Margin, Utilization, Market) for New Product Development
fRaud ManageMent and cRiMe detection Knowledge

This includes all of the major areas of knowledge associated with the fraud management and crime detection domains. Knowledge in this area includes familiarity with the major vulnerabilities to fraud (internal and external) and the major processes, methods, and approaches utilized to combat it.
VI.A. Fraud Management Knowledge

1. 2. 3. 4. 5. 6. 7. Key Functions, Tasks, and Systems associated with End-to-End Fraud Remediation, Detection and Prevention Familiarity with the Fraud Triangle and its Use as a Planning and Prevention Tool Overall Measures and Controls for Fraud Management KPIs and Objectives Key Operational Components Staffing, Roles and Responsibilities Known and/or Common Risk Areas for Fraud and Standard Approaches to Prevention and Control
techniques Knowledge
This category of knowledge is associated with the actual practice of Revenue Assurance including the disciplines, standards, operating principles, and methodologies.
GRAPA
158
VII.A. Revenue Assurance Lifecycle and Management

1. 2. 3. 4. 5. 6. 7. Definition and Components of the Revenue Assurance Lifecycle Staffing and Budgeting for each of the Revenue Assurance Functions Monitoring, Controls and KPIs for each of the Revenue Assurance Functions Organizing a Revenue Assurance Environment Budgeting and Staffing for Revenue Assurance Rationalization and Justification for Revenue Assurance Activities The GRAPA Standards and their Application
VII.B. Forensics Analysis Techniques

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. Risk Assessment Process Analysis Systems Analysis Exchange Analysis Numerical/Statistical Analysis Controls Design and Deployment Use of Statistics to Supplement Forensics Design and Use of a Forensics Laboratory TTFile Conversion TTFile Diagnosis CDR Tracing Revenue Recognition Trail Verification
VII.C. Operational Monitoring (Controls Management) Techniques

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. CDR Management CDR Accounting Process I/O Reporting FSEC (Filter, Suspend, Error and Consolidate) Controls Rating Assurance Reference Data Assurance Synchronization Techniques Revenue Recognition Monitoring Operational Audit Techniques Instituting Change Management Controls Process Chain Control Reports
GRAPA
159
VII.D. Corrections Techniques

1. 2. 3. 4. Identifying the Need for Corrections Developing Alternative Correction Scenarios Implementing Corrections Tracking Corrections
VII.F. Compliance Management Techniques

1. 2. 3. 4. 5. Assignment of Compliance Responsibilities Collection of Compliance Data Reporting of Compliance Information Rationalization and the Assignment of Value to Revenue Assurance Activities Tracking and Reporting the History of Value Delivered
VII.G. Revenue Assurance Department Management Techniques

1. 2. 3. 4. 5. 6. 7. 8. Defining Revenue Assurance Roles and Responsibilities Job Requirements and Staffing Procedures Organization of the Revenue Assurance Function Establishing KPIs and Budgets Establishing Reporting Relationships Interdepartmental Relationship Management Internal Marketing of Revenue Assurance Functions Creation of a Revenue Assurance Culture
VII.H. Fraud Management Techniques

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. Key Categories of Telco Fraud Fraud Management Techniques Using Fraud Management Systems Audits Physical Assets Assurance Reporting, Tracking and Valuation of Fraud Management Activities SIMBox Fraud Exposure Management VoIP Fraud Exposure Management Gateway Fraud Exposure Management Phreaking and Hacking Fraud Exposure
GRAPA
160
VII.I. Audit Techniques

1. 2. 3. Identification of Situations where Audit is the Best Control Audit Plan Development Techniques Audit Components
VII.J. Margin Analysis Techniques

1. 2. 3. 4. Identification of Margin Analysis Loss Scenarios Quantification of Margin Loss Risk Margin Loss Computation Techniques Developing a Margin Analysis Control
VII.K. Revenue Stream Maximization Network Element Outage Assurance Techniques

1. 2. 3. 4. 5. Identification, Qualification and Quantification of Revenue at Risk or Revenue Loss Due to Network Outage. Justified and Rationalized Valuation of Network Element Performance Assigning Value to Network Element Downtime Development of Network Element Outage Controls Network Element Outage Controls and Assurance Procedures
VII.L. Revenue Stream Maximization Fraud Management Assurance Techniques

1. 2. 3. 4. 5. 6. 7. Identification, Qualification and Quantification of Revenue at Risk Due to Churn or Brand Erosion Justified and Rationalized Valuation of Churn and Churn Remedies Churn Remedy Options, Cost and Tradeoff Models. Measuring Churn Predicting Churn Reporting Churn Managing a Churn Remedy Program
VII.M. Rate Plan and Bundle Assurance Techniques

1. 2. 3. 4. 5. 6. 7. Identification, Qualification and Quantification of Revenue at Risk or Revenue Loss due to Rate Plan and Bundle Configuration. Justified and Rationalized Valuation of Rate Plans Rate Plan Lift/Loss Analysis Assigning Value to Rate Plan Lift Loss Rate Plan Lift/Loss Model Development Revenue Recognition Variances in Lift/Loss Modeling Development of Rate Plan Lift/Loss Controls
GRAPA
161
tools Knowledge
This category of knowledge includes information about the primary tools utilized in the support of Revenue Assurance activities.
VIII.A. Fraud Management Systems

1. 2. 3. 4. 5. 6. 7. Features, Functions and Operational Characteristics of Fraud Management Systems Top 3 FMS Feature Review FMS Specifications Options Selecting an FMS FMS RFP Procedures Staffing for FMS FMS Reporting and Optimization
VIII.B. Probes
1. 2. 3. 4. 5. 6. 7. Features, Functions and Operational Characteristics of Probes Top 3 Probes Feature Review Probes Specifications Options Selecting Probes Probes RFP Procedures Staffing for Probes Probes Reporting and Optimization
VIII.C. Test Call Generators

1. 2. 3. 4. 5. 6. 7. Features, Functions and Operational Characteristics of Test Call Generators Top 3 Test Call Generators Feature Review Test Call Generators Specifications Options Selecting Test Call Generators Test Call Generators RFP Procedures Staffing for Test Call Generators Test Call Generators Reporting and Optimization
VIII.D. Parallel Rating Engines

1. 2. 3. 4. 5. Features, Functions and Operational Characteristics of Parallel Rating Engines Top 3 Parallel Rating Engines Feature Review Parallel Rating Engines Specifications Options Selecting Parallel Rating Engines Parallel Rating Engines RFP Procedures
GRAPA
162
6. 7.
Staffing for Parallel Rating Engines Parallel Rating Engines Reporting and Optimization
VIII.E. Business Intelligence Systems

1. 2. 3. 4. 5. 6. 7. Features, Functions and Operational Characteristics of Business Intelligence Systems Top 3 Business Intelligence Systems Feature Review Business Intelligence Systems Specifications Options Selecting Business Intelligence Systems Business Intelligence Systems RFP Procedures Staffing for Business Intelligence Systems Business Intelligence Systems Reporting and Optimization
VIII.F. Revenue Assurance Systems

1. 2. 3. 4. 5. 6. 7. Features, Functions and Operational Characteristics of Revenue Assurance Systems Top 3 Revenue Assurance Systems Feature Review Revenue Assurance Systems Specifications Options Selecting Revenue Assurance Systems Revenue Assurance Systems RFP Procedures Staffing for Revenue Assurance Systems Revenue Assurance Systems Reporting and Optimization
GRAPA
163
GRAPA
164

GRAPA - RAStandards2009

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

GRAPA - RAStandards2009

Uploaded by

Copyright:

Available Formats

R o b M at t i s o n

Copy Edit by Rick Alaska

GRAPA Oakwood Hills, Illinois, USA

Other Books by Rob Mattison:

Published by XiT Press, Oakwood Hills, Illinois, USA - 2009

Copyright Rob Mattison, 2009

Internatinonal Standard Book Number:

Chapter 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 An Introduction to the Global Revenue AssuranceProfessionals Association . . . . . . . . . . . . . . . . . . . . . . . 11

Copyright 2009 Rob Mattison

The Revenue Assurance Standards Release 2009

Professionalization the Need and the Price . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Key GRAPA Facts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

The GRAPA Staff . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 GRAPA Initiatives in 2008 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

GRAPA in 2009 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 GRAPA Standards 2009 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

Copyright 2009 Rob Mattison

Development of the Supporting Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 The Revenue Assurance Body of Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

Copyright 2009 Rob Mattison

The Revenue Assurance Standards Release 2009

The Four Disciplines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

Benefits of Agreeing Upon This Standardized Framework . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

What Has Been Missed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 The Revenue Assurance Lifecycle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

The Findings Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

Copyright 2009 Rob Mattison

Phase IV Feedback Mechanisms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

Phase IV++ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 The Revenue Assurance Lifecycle Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

The Forensic Disciplines (Scientific Method) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 Risk Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

Copyright 2009 Rob Mattison

The Revenue Assurance Standards Release 2009

Chapter 9 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 Objectives of Revenue Assurance Activity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79

The GRAPA Standards Process and Standard Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

Copyright 2009 Rob Mattison

Horizontal Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102

Copyright 2009 Rob Mattison

The Revenue Assurance Standards Release 2009

Horizontal Controls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112 Coverage Strategies (Vertical/Horizontal Optimization) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .113

Administration vs. the Practice of Revenue Assurance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120

Operational Responsibility Positioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121

Copyright 2009 Rob Mattison

Copyright 2009 Rob Mattison

The Revenue Assurance Standards Release 2009

ConclusionThe New Definition of Revenue Assurance and Next Steps . . . . . . . . . . . . . . . 137

Appendix A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139 The GRAPA Certification Program (2009) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139

Key Ingredients of Professionalization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144

Copyright 2009 Rob Mattison

What Are The Challenges? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148

Components and Administration Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150

Appendix B . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151 The GRAPA Body of Knowledge Draft . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

Copyright 2009 Rob Mattison

The Revenue Assurance Standards Release 2009

Copyright 2009 Rob Mattison

Copyright 2009 Rob Mattison

Copyright 2009 Rob Mattison

My thanks, and enjoy. Rob Mattison

Copyright 2009 Rob Mattison

The Revenue Assurance Standards Release 2009

Copyright 2009 Rob Mattison

Chapter 1 - The Revenue Assurance Phenomena

Chapter 1 Monetary Menials or proFit prophets: the revenue assuranCe phenoMena

Copyright 2009 Rob Mattison

The Revenue Assurance Standards Release 2009

Old School Revenue Assurance and the Monetary Menial

Introducing the BOM

Copyright 2009 Rob Mattison