The Risk & Assurance Group (RAG) seeks to facilitate collaboration between telecoms risk and assurance professionals, whether they work in telcos, for vendors, or as consultants. There was no better example at RAG London 2018 than the joint launch of the new RAG Revenue and Cost Risk Catalog alongside the launch of the first publicly downloadable version of the free open source RA risk coverage software developed by A1 Telekom Austria. The catalog and software can be used independently of each other, but become more valuable when used together, which is why the catalog comes packaged with the software. The leaders of both projects recommend that the catalog and software are used together.
Sadly, the leader of the software project, Kostadin Taneski of A1 Telekom Austria, had to cancel his participation in RAG London 2018 at the last moment. Otherwise he would have joined Geoff Ibbett, leader of the catalog project, on stage. Though he was not there in person, Kosta joined via Skype to run a well-attended deep dive session on how to install and use his software. That some telcos voluntarily spent two hours being walked through the detail of the catalog and the software shows the interest they had in using both.
A quick glance at the screenshots (pictured above) gives an excellent idea of the power of the software. Imagine being able to analyze revenue streams according to how much the risks of leakage are being controlled or uncontrolled. Then imagine further mapping the controlled portion of the risks to the business function which is exercising control. The software also produces heat maps and ‘landscapes’ which show where the risks lie by function and activity. The software does that by building upon a data-flow modeler that manages a repository of the telco’s systems, interfaces, data sources, procedures and controls. There is also a node modeler that assesses the risk per each defined product segment.
The software is designed to leverage the risk catalog which it has been set to use. The catalog describes the risks, root causes and generic controls which will define what assurance work has been covered, and what still needs to be performed. The user may create their own risk catalog from scratch, but most will choose to adopt one of the standard catalogs that comes downloaded with the software. The obvious preference is the RAG Revenue and Cost Risk Catalog which is far more extensive and has just been released. However, those who respect tradition may prefer to use the TM Forum’s RA Risk Inventory, which was last updated in 2014.
At this point it is worth noting the legal rights for using the software and catalog. The open source software is made available under the very permissive terms of the MIT License. RAG’s catalog is subject to the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License which means telcos can use it freely but nobody may exploit it by trying to sell it or by creating modified versions to sell. As for the TM Forum’s intellectual property, it is not clear if they have granted any reliable license for others to use it, which makes me wonder what they have to gain by failing to be transparent.
Though automation saves work, some may prefer to use RAG’s raw risk catalog on its own. The catalog is available in the form of a spreadsheet. It contains a high-level map, which shows how the various flavors of assurance (usage assurance, policy assurance, asset assurance, partner assurance etc) correspond to the major activities of a telco. Beneath this lies the actual catalog, which describes over 700 kinds of leakage. This is complemented by hundreds of root causes. So whilst it is possible for a revenue assurance manager to write an all-new risk catalog for his or her telco, most will prefer to start with the comprehensive catalog created by Geoff Ibbett on behalf of RAG, only modifying it by ignoring those risks which are not relevant to their business.
In my years of working and writing about telecoms assurance, I have never seen any telco develop such comprehensive software to model leakage risk. Kosta Taneski deserves our praise for choosing to share his work with his peers. And there has never been a more extensive risk catalog than that produced for RAG by Geoff Ibbett, with the help of various telco friends. Geoff should be congratulated, and helped to keep building the increasingly extensive catalog that he intends to maintain on behalf of the whole industry.