Process 3.2.

3 Fraud Management Fraud Management processes define Fraud Management corporate policies, guidelines, best practices and control procedures to be deployed to ensure fraud minimization within the enterprise. Fraud management deals with enterprise exposure to loss of value or reputation through fraudulent activity, and covers financial, intellectual property, identity theft, as well as other aspects. Proactive Fraud Management processes identify areas of fraud risk within the enterprise (including internal and external sources of risk), and monitor industry trends and best practice approaches to ensure that the enterprise remains at the forefront of fraud management minimization. The processes support the categorization and prioritization of areas of fraud risk. These processes define the policies, guidelines, practices and procedures to be followed and provide assistance to the enterprise operational areas to deploy appropriate procedures and monitoring capabilities. Reactive Fraud management processes deals with the establishment of tools and data collection capabilities to capture details of operation activity, analysis of monitored activity to detect potential fraudulent concerns, and forensic investigations to determine whether fraud has occurred, and the perpetrators of the fraud. These processes strongly interact with Security Management and have common elements and information services and communications specific elements. Fraud processes are implemented at many levels of the enterprise and at the user, system/network, etc. levels. Note that the actual fraud monitoring, control and management procedures and facilities are embedded in the operational processes defined and deployed within the Operations process area. Note that Audit Management processes provide assurance that the necessary control structures are in place, and provide an estimate to the extent to which the procedures are followed and are effective.

Process 3.2.6 Revenue Assurance Management: The objective of the Revenue Assurance Management processes is to establish an enterprisewide revenue assurance policy framework, and an associated operational capability to resolve any detected revenue assurance degradations and violations. Revenue Assurance Management processes identify areas of revenue leakage risk within the enterprise, and monitor industry trends and best practice approaches to ensure that the enterprise remains at the forefront of revenue leakage minimization. These processes support the categorization and prioritization of areas of revenue leakage risk. To achieve this, these processes define the policies, guidelines, practices and procedures to be followed and provide assistance to the enterprise operational areas to deploy appropriate procedures and monitoring capabilities. Revenue Assurance Management processes deal with the establishment of tools and data collection capabilities to capture details of operation activity, analysis of monitored activity to detect and correct actual revenue leakage. These processes work in conjunction with operational and other process elements to guide them in supporting the specific needs of Revenue Assurance Management. Where appropriate, Revenue Assurance Management processes supplement the capabilities of these other process elements, to control and analyze the

enterprise behavior relevant to Revenue Assurance needs, The responsibilities of these processes include, but are not limited to: Establishing and managing a revenue assurance policy framework, including identification of controls and measures; Establishing and managing an operational process capability able to detect and resolve revenue assurance degradations and violations; or Establishing and managing a capacity to regularly review the revenue assurance policy framework to ensure it meets the enterprises changing objectives.

A detailed listing of business processes associated with Revenue Assurance Management includes: 3.2.6.1 Manage Revenue Assurance Policy Framework 3.2.6.2 Manage Revenue Assurance Operations - 3.2.6.2.1 Monitor Revenue Assurance Controls - 3.2.6.2.2 Create Revenue Assurance Trouble Report - 3.2.6.2.3 Assess Revenue Assurance Trouble - 3.2.6.2.4 Resolve Revenue Assurance Trouble - 3.2.6.2.5 Track & Manage Revenue Assurance Trouble Resolution - 3.2.6.2.6 Report Revenue Assurance - 3.2.6.2.7 Close Revenue Assurance Trouble Report 3.2.6.3 Support Revenue Assurance Operations