Frameworx Home

Application Framework (TAM)

Business Process Framework (eTOM)

Business Process Framework Flows

Information Framework (SID)

Business Metrics High Level

All Diagrams

Frameworx Processes

Frameworx Applications

Information Framework ABEs

Frameworx Metrics

Views

Frameworx Process: Intelligence Gathering

Category: (4) eTOM Process Type

Process Identifier: 1.7.2.3.3.1

Original Process Identifier: 1.3.2.3.3.1

Maturity Level: 4

Description

Intelligence Gathering is the process by which threats to the business are understood via information analysis from a variety of sources, both internal and external.

Extended Description

Intelligence Gathering is one of two primary proactive process groups by which fraud management practices are able to aggressively address fraud issues, preferably before those issues are executed against the operator. Intelligence gathering processes and methods serve as one of the operator’s first lines of defense to fraud attacks, and are a critical path to understanding threats currently outside the operator’s business. Four sub processes comprise Intelligence Gathering: 1. External Sources: Intelligence about fraud attacks, methods to detect, methods to correct, and possible legality issues are collected and managed within this process step. Sources may include: a. Other operators: Collective information about fraud attacks is frequently shared between operators as a best practice to help protect everyone b. LEAs: Law Enforcement Agencies – where information about legality of the threats, punishment available by law, methods to detect, etc., may be obtained c. Industry support bodies: Fraud protection forums including TM Forum, GSM Fraud Forum, CFCA, FIINA; Credit bureaus d. Other industries: General utilities, healthcare, insurers, etc., where identity theft practices and other frauds also occur 2. Customer Behavior Analysis: By understanding behaviors that lead to fraud activity, patterns associated with these behaviors can be identified and isolated. Once isolated, patterns of activities across all customers may be monitored for similar patterning that would lead to alarms and analysis much earlier in an attempted fraud activity. 3. Customer Contacts: Frequently fraud activities conducted by an individual or syndicate (defined for this instance as an organized group) will also involve other parties that may not be directly associated with the fraud, but are knowledgeable of the activity. While the individual(s) initiating the fraud may be isolated and the attack halted, care should be taken to understand the associated parties within the communications patterns of the initiating fraudsters. Attacks may resume via these individuals, and therefore close monitoring of this chain of parties is warranted. Note that none of these individuals (that either started the attack or were part of the communications patterns) may be direct customers of the targeted operator. 4. Whistleblower: A “Whistleblower” is defined as an individual that identifies fraud activity to an operator. This individual is most often an internal employee (revealing internal fraud activity), but may also be an external party otherwise unaffiliated with the operator. Several operators have encouraged internal whistle blowing by offering incentives as part of normal operator policy to reward those people that bring fraud attacks to the attention of the fraud management team.

Explanatory

Reserved for future use.

Mandatory

Reserved for future use.

Optional

Reserved for future use.

Interactions

Candidate Explanatory

Candidate Mandatory

Reserved for future use.

Candidate Optional

Reserved for future use.

Candidate Interactions

Reserved for future use.

(4) eTOM Process Type Intelligence Gathering

Appears on these diagrams:

Issues

  • Business Process Framework 14.5 Addition
  • Business Process Framework 15.0 Modification
  • Business Process Framework 15.5 Modification

This was created from the Frameworx 16.0 Model


Created from the TM Forum Model Frameworx 16.0.0 on 6/13/2016 at 22:23