Testing Strategy 2011
-
Upload
agarciascz -
Category
Documents
-
view
220 -
download
0
Transcript of Testing Strategy 2011
-
8/2/2019 Testing Strategy 2011
1/330
Millicom - 2011 Summary of Testing Strategy - Overall risk assessmentP# Process
(Backbone Procedures v 3.1)
Total
controls
per cycle
SC IC Related
Accounts -
Inherent
Controls /
Process
Complexity
CLCs PY
Errors
PY Control
Deficiencies
PY Overall
Risk
assessment
Overall Level
of Risk
assessment
P01 Payroll 13 3 10 Low Low Indirect No None Low Low
P1b Payroll Outsourced 14 3 11 Low Low Indirect No None Low Low
P02 Inventory Management 21 10 11 High Med Indirect No Limited Low Low
P03 Purchasing and Assets Management 33 22 11 Low High Indirect Yes Limited High HighNo ma
Overa
P04 Cash Management 18 9 9 Hi h Low Indirect No Limited Med Hi h No de
P05 Debt Management 6 2 4 High Low Indirect No None High Med MistatP06 Prepayment 2 1 1 Low Low Indirect No None Low LowP07 Taxes 10 3 7 High Med Indirect Yes Limited High High
P08 Assets Impairment 1 1 - Med High Indirect No None High MedSignif
HQ.
P09 Bad debts 4 4 - Low Low Indirect No None Low Low
P10 Contract Management 4 1 3 High Low Indirect No None Low Low
P11 Commitment and Contingencies 7 7 - High Med Indirect No None Med Med
P12 Financial Statements Close 12 12 - Hi h Med Indirect Yes Limited Hi h Hi h
High r
Adjus
Coun
P13 IT General Controls Procedure 46 31 15 High Med Indirect No Multiple High High Defici
P14 Network General Controls Procedure 34 23 11 High High Indirect No Multiple High High Defici
P15 Bill and Collect for Interconnect/other operators 14 9 5 High Med Indirect No None High High
P16 Bill and Collect for Sales (Roaming) 28 19 9 High Med Indirect No None Med LowP17 Bill and Collect for Sales (Postpaid) 32 16 16 Low Med Indirect No Limited Med Med Defici
P18 Bill and Collect for Sales (Prepaid) 34 20 14 High High Indirect No Multiple High High Defici
P19 Bill and Collect for Sales (wireless) 17 6 11 Med Med Indirect No None Med Low
P20 Adjustments 8 3 5 Hi h Med Indirect No None Med Med
P21 Recording of Subscribers Numbers 4 - 4 Low Low Indirect No None Low Low
P22 Intercompany 3 1 2 Med Low Indirect No None Low Low
P23 Accounting for Financial Assets other than pledge deposits 2 1 1 Low Med Indirect No None Low Low
P24 Indefeasible Rights of Use (IRU) 9 9 - Med Med Indirect No None Med Low
P25 Managing Programming Costs 6 5 1 Med Med Indirect No None Med Med
P26 Bill and Collect for Sales (Cable TV) 22 11 11 Med Med Indirect No Limited Med Med
P27 Hedging - - - Med Med Indirect No Limited 2011
P28 Tower Lease Back - - - Med Med Indirect No Limited 2011
P29 Technology General Controls Procedure 15 - 15 High Med Indirect No Multiple High High Repla
Total Controls (TLC) 404 232 187
Average (Critical) Controls per Cycle 17 10 8
The testing strategy was taylored based on the risk assessment and the maturity of control environmen in each operation.
We have defined 3 buckets for which a different testing approach was defined.
Bucket 1 represents mature countries which demonstrated an history of ICFR low number of deficiencies, strong CSA Peer review team and low level of exposure for remaining deficiencies.
Bucket 2 represents improving countries which demonstrated an history of ICFR reasonable number of deficiencies, strong CSA Peer review team and reasonable level of exposure for remaining deficiencies.
Bucket 3 re resents develo in countries which demonstrated an histor of ICFR inconsistent number of deficiencies, ood CSA Peer review team and some level of ex osure for remainin deficiencies.
Bucket 1 Bucket 2 Bucket 3
Bolivia Colombia Amnet o erations
Para ua Guatemala Honduras
El Salvador Tanzania Sene al
Ghana DRC Chad
Testing (color scheme used in sheet "Test Strategy"):
Independent testing - PwC to independently test control based on testing strategy defined in worksheet "Test Strategy"Re erformance of mana ement testin - PwC to obtain mana ement's testin su ort for mana ement's sam le and re erform test of controlRely / Observation/Walkthrough - PwC to independently observe if the control is being performed with the Control Owner, and to confirm the result
Criteria used for:Low risk: Not Pervasive; Routine; Low degree of judgement involved; ok for objective testing; low potential for mgt overrideMedium/High risk: More complex IT Application Controls (ITACs); Higher risk; highly judgemental or complex controls; potential for mgt overrideSoX controls are allocated in 3 buckets (High, Medium, Low) depending on risk rating. !!! change !!! compared to 2010: Controls risk rating has been aligned with overall risk assessment by process.
PY SoX resultsTest Results 06:
Significant deficiencies were noted in the controls surrounding taxes/deferred taxation, fixed assets/CWIP and the Financial Statement Preparation (IFRS) process.No material weaknesses were identified. No SUD or SAAD items identifed.
Test Results 07:No significant deficiencies or material weaknesses were identified. No SUD or SAAD items identifed.
Test Results 08:No significant deficiencies or material weaknesses were identified. No SUD item identifed. 1 SAAD item recorded (Tax accrual in Tanzania).
Test Results 09:Two significant deficiencies, Consolidation Close process at the HQ and Prepaid revenue in Chad
Test Results 10:No significant deficiencies or materlal weaknesses were identified. No SUM item identifed. 4 SAM items recorded.
Group environment:Backbone V3.1: rationalisation of controls based on local management comments. Mainly clarification of controls responsible and testing procedures.Management testing will use V3.1 as from Q1_2011.=> Assessment of Management testing to erform based on Q2_2011 CSA Peer review results.
-
8/2/2019 Testing Strategy 2011
2/330
In Scope
Locations High Med. Low Indep. Reperf.
2010 12 63 116 41 62 77
29% 53% 19% 28% 35%
2011 - Bucket 3 5 52 113 98 55 10622% 49% 42% 24% 46%
Variance -11 -3 57 -7 29
-6% -4% 24% -4% 11%
2011 - Bucket 2 4 52 113 98 43 83
22% 49% 42% 19% 36%
Variance -11 -3 57 -19 6
-6% -4% 24% -10% 1%
2011- Bucket 1 3 52 113 98 34 84
22% 49% 42% 15% 36%
Variance -11 -3 57 -28 7
-6% -4% 24% -14% 1%
2010 Total 756 1392 492 744 924
29% 53% 19% 28% 35%
2011 Total 624 1356 1176 549 1114
20% 43% 37% 17% 35%
Variance -132 -36 684 -195 190
-9% -10% 19% -11% 0%
Risk Assessment @ SoX control levelSummary of T
SC *
-
8/2/2019 Testing Strategy 2011
3/330
IC *
Rely Walkthr. Indep. Reperf. Rely Indep. Reperf. Rely Reperf.
81 168 50 13 0 12 60 44 4
37% 79% 21% 0% 10% 52% 38% 10%
102 187 37 12 3 18 61 34 3344% 71% 23% 6% 16% 54% 30% 34%
21 -13 -1 3 6 1 -10 29
7% -8% 2% 6% 6% 2% -8% 24%
137 187 29 16 7 14 46 53 21
59% 56% 31% 13% 12% 41% 47% 21%
56 -21 3 7 2 -14 9 17
22% -24% 10% 13% 2% -11% 9% 12%
145 187 24 19 9 10 48 55 17
63% 46% 37% 17% 9% 42% 49% 17%
64 -26 6 9 -2 -12 11 13
26% -33% 16% 17% -1% -9% 11% 8%
972 600 156 0 144 720 528 48
37% 79% 21% 0% 10% 52% 38% 10%
1493 373 181 70 176 633 547 300
47% 60% 29% 11% 13% 47% 40% 26%
521 -227 25 70 32 -87 19 252
10% -20% 8% 11% 3% -5% 2% 16%
sting Strategy SC
High Med. L
-
8/2/2019 Testing Strategy 2011
4/330
IC
non-key
Rely Walkthr.
37 168
90%
65 18766%
28
-24%
77 187
79%
40
-12%
81 187
83%
44
-8%
444
90%
876
74%
432
-16%
w
-
8/2/2019 Testing Strategy 2011
5/330
Millicom - 2011 Summary of Testing Strategy - Improving countries (Bucket 1)
IC *
P# Process
(Backbone Procedures v 3.1)
Total
controls
per cycle
SC IC High Med. Low Indep. Reperf. Rely Walkthr. Indep. Reperf. R
P01 Payroll 13 3 10 - 1 2 - 1 2 10 P1 - -
P1b Payroll Outsourced 14 3 11 - 1 2 - 1 2 11 P1b - - P02 Inventory Management 21 10 11 - 4 6 - 2 8 11 P2 - -
P03 Purchasing and Assets Management 33 22 11 7 10 5 6 4 12 11 P3 3 2
P04 Cash Management 18 9 9 3 4 2 2 2 5 9 P4 2 1
P05 Debt Management 6 2 4 - 2 - 1 1 - 4 P5 - -
P06 Prepayment 2 1 1 - - 1 - - 1 1 P6 - - P07 Taxes 10 3 7 2 1 - 2 1 - 7 P7 2 -
P08 Assets Impairment 1 1 - - 1 - - 1 - - P8 - -
P09 Bad debts 4 4 - - 1 3 - 1 3 - P9 - -
P10 Contract Management 4 1 3 - 1 - - 1 - 3 P10 - -
P11 Commitment and Contingencies 7 7 - - 4 3 1 1 5 - P11 - -
P12 Financial Statements Close 12 12 - 7 3 2 3 4 5 - P12 2 3
P13 IT General Controls Procedure 46 31 15 9 14 8 4 13 14 15 P13 4 4
P14 Network General Controls Procedure 34 23 11 7 10 6 2 10 11 11 P14 2 2
P15 Bill and Collect for Interconnect/other operators 14 9 5 2 3 4 1 2 6 5 P15 1 1
P16 Bill and Collect for Sales (Roaming) 28 19 9 - 8 11 - 5 14 9 P16 - -
P17 Bill and Collect for Sales (Postpaid) 32 16 16 - 8 8 1 5 10 16 P17 - -
P18 Bill and Collect for Sales (Prepaid) 34 20 14 6 9 5 5 8 7 14 P18 4 2 P19 Bill and Collect for Sales (wireless) 17 6 11 - 1 5 - - 6 11 P19 - -
P20 Adjustments 8 3 5 - 1 2 - 2 1 5 P20 - -
P21 Recording of Subscribers Numbers 4 - 4 - - - - - - 4 P21 - -
P22 Intercompany 3 1 2 - 1 - - 1 - 2 P22 - -
P23 Accounting for Financial Assets other than pledge deposits 2 1 1 - - 1 - 1 - 1 P23 - -
P24 Indefeasible Rights of Use (IRU) 9 9 - - 4 5 - 1 8 - P24 - -
P25 Managing Programming Costs 6 5 1 - 4 1 1 1 3 1 P25 - -
P26 Bill and Collect for Sales (Cable TV) 22 11 11 - 3 8 1 2 8 11 P26 - -
P27 Hedging - - - - - - - - - - P27 - -
P28 Tower Lease Back - - - - - - - - - - P28 - -
P29 Technology General Controls Procedure 46 31 15 9 14 8 4 13 14 15 P29 4 4
Total Controls (TLC) 404 263 187 52 113 98 34 84 145 187 24 19
Average (Critical) Controls er Cycle 17 11 8 15% 38% 66%
This testing strategy is applicable for ICFR developing countries: SoX coverage: 46% 37%
Bolivia PY: 63 116 41 62 77 81
Paraguay 11- 3- 57 28- 7 64 CoveEl Salvador Cove
Cove
Testing (color scheme used in sheet "Test Strategy"):
Inde endent testin - PwC to inde endentl test control based on testin strate defined in worksheet "Test Strate "Reperformance of management testing - PwC to obtain management's testing support for management's sample and reperform test of controlRely / Observation/Walkthrough - PwC to independently observe if the control is being performed with the Control Owner, and to confirm the result
Criteria used for:
Low risk: Not Pervasive; Routine; Low de ree of ud ement involved; ok for ob ective testin ; low otential for m t overrideMedium/High risk: More complex IT Application Controls (ITACs); Higher risk; highly judgemental or complex controls; potential for mgt overrideSoX controls are allocated in 3 buckets (High, Medium, Low) depending on risk rating. !!! change !!! compared to 2010: Controls risk rating has been aligned with overall risk assessment by process.
PY SoX resultsTest Results 06:
Significant deficiencies were noted in the controls surrounding taxes/deferred taxation, fixed assets/CWIP and the Financial Statement Preparation (IFRS) process.No material weaknesses were identified. No SUD or SAAD items identifed.
Test Results 07:No significant deficiencies or material weaknesses were identified. No SUD or SAAD items identifed.
Test Results 08:No significant deficiencies or material weaknesses were identified. No SUD item identifed. 1 SAAD item recorded (Tax accrual in Tanzania).
Test Results 09:Two significant deficiencies, Consolidation Close process at the HQ and Prepaid revenue in Chad
Test Results 10:No si nificant deficiencies or materlal weaknesses were identified. No SUM item identifed. 4 SAM items recorded.
Group environment:Backbone V3.1: rationalisation of controls based on local mana ement comments. Mainl clarification of controls res onsible and testin rocedures.Management testing will use V3.1 as from Q1_2011.=> Assessment of Management testing to erform based on Q2_2011 CSA Peer review results.
1
Risk Assessment @ SoX
control levelSummary of Testing Strategy
SC * High
-
8/2/2019 Testing Strategy 2011
6/330
Controls Description
P# Procedure C# Control Name Control Description Responsible Type Categor
P10 Contract Management IC01 Contract details reviewed Contract is reviewed by legal department in order to ensure
adequacy of the general terms and conditions.
Legal Responsible (GM-2) Manual Preventive
P10 Contract Management IC02 Contract signature reviewed Signed contract is reviewed by the legal team in order to
ensure that the contract has been signed by the other party
and according to the authorized signatory as per the
approved authority matrix.
Legal Responsible (GM-2) Manual Preventive
P10 Contract Management IC03 Contract summary form
reviewed
Contract summary form is prepared by the requesting
department and reviewed by Legal Responsible who
includes a sequential contract reference number.
Legal Responsible (GM-2) Manual Preventive
P10 Contract Management
Accounting Treatment
Complying management
Significant agreements
Dealers comission
Renting
Contact Center service
Contracts
SC04 Calculation sheet reviewed Based on the contract and contract summary form, the
accounting team determines the appropriate accounting
treatment (as per MIC Accounting Policy Manual) and
details any required calculation (pre-requisites for the
journal entries booking). Final analysis is reviewed by
Accounting Responsible (CFO-1).
Accounting Responsible
(CFO-1)
Manual Preventive
-
8/2/2019 Testing Strategy 2011
7/330
Test Procedure Sample size according to
PCAOB standards (over one
ear
Sample size for Peer
Reviews (over a quarter)
Test Method (R/Ins/
- Based on the samples selected for IC2, determine the contracts that include the MIC purchasing general terms
and conditions and ensure that those terms and conditions were reviewed and formally approved.
- For the contracts which does not include the MIC purchasing general terms and conditions, verify that those
terms and conditions were reviewed and formally approved by the legal responsible.
- If estimated yearly population > 50
--> select 10% of available
population, up to 25
- If estimated yearly population < 50
--> select all population available,
up to 5
- If estimated yearly population
> 50 --> select 10% of available
population, up to 10
- If estimated yearly population
< 50 --> select all population
available, up to 5
Inspection
- From the contracts database, obtain the list of all new contracts / agreements issued during the period under
review.
- Select in this list the samples to be tested and obtain the related contracts.
- Verify for each sample selected that the legal responsible has ensured that the contract was properly signed
by both parties.
- In particular, ensure that the contract was signed according to the company approved authority matrix.
- If estimated yearly population > 50
--> select 10% of available
population, up to 25
- If estimated yearly population < 50
--> select all population available,
up to 5
- If estimated yearly population
> 50 --> select 10% of available
population, up to 10
- If estimated yearly population
< 50 --> select all population
available, up to 5
Inspection and Reper
- Based on the samples selected for IC2, obtain the approved contract summary form.
- Reconcile the information contained in the contract summary form with the contract to ensure data accuracy.
- Verify that it has been reviewed and formally approved by the legal department.
- Ensure it is sequentially numbered.
- If estimated yearly population > 50
--> select 10% of available
population, up to 25
- If estimated yearly population < 50
--> select all population available,
up to 5
- If estimated yearly population
> 50 --> select 10% of available
population, up to 10
- If estimated yearly population
< 50 --> select all population
available, up to 5
Inspection and Reper
- Based on the samples selected for IC2, obtain the approved "calculation sheet".
- Reconcile the information contained in the calculation sheet with the contract summary form and the contract
to ensure data accuracy.
- Ensure that all accounting treatments comply with the MIC accounting policy
- Ensure the ar ithmetical accuracy of any calculation
- Verify that the calculation sheet has been reviewed and formally approved by the accounting responsible
- If estimated yearly population > 50
--> select 10% of available
population, up to 25
- If estimated yearly population < 50
--> select all population available,
up to 5
- If estimated yearly population
> 50 --> select 10% of available
population, up to 10
- If estimated yearly population
< 50 --> select all population
available, up to 5
Inspection and Reper
Management testing strategy
2010 testing strategy
-
8/2/2019 Testing Strategy 2011
8/330
Millicom - 2011 Summary of Testing Strategy - Improving countries (Bucket 2)
IC *
P# Process
(Backbone Procedures v 3.1)
Total
controls
per cycle
SC IC High Med. Low Indep. Reperf. Rely Walkthr. Indep. Reperf. Re
P01 Payroll 13 3 10 - 1 2 - 1 2 10 P1 - - -
P1b Payroll Outsourced 14 3 11 - 1 2 - 2 1 11 P1b - - -P02 Inventory Management 21 10 11 - 4 6 - 2 8 11 P2 - - -
P03 Purchasing and Assets Management 33 22 11 7 10 5 6 7 9 11 P3 3 3
P04 Cash Management 18 9 9 3 4 2 3 2 4 9 P4 2 1 -
P05 Debt Management 6 2 4 - 2 - 1 1 - 4 P5 - - -
P06 Prepayment 2 1 1 - - 1 - - 1 1 P6 - - -P07 Taxes 10 3 7 2 1 - 2 1 - 7 P7 2 - -
P08 Assets Impairment 1 1 - - 1 - - 1 - - P8 - - -
P09 Bad debts 4 4 - - 1 3 - 1 3 - P9 - - -
P10 Contract Management 4 1 3 - 1 - - 1 - 3 P10 - - -
P11 Commitment and Contingencies 7 7 - - 4 3 1 1 5 - P11 - - -
P12 Financial Statements Close 12 12 - 7 3 2 5 2 5 - P12 4 1
P13 IT General Controls Procedure 46 31 15 9 14 8 4 13 14 15 P13 4 4
P14 Network General Controls Procedure 34 23 11 7 10 6 4 9 10 11 P14 3 2
P15 Bill and Collect for Interconnect/other operators 14 9 5 2 3 4 2 1 6 5 P15 2 - -
P16 Bill and Collect for Sales (Roaming) 28 19 9 - 8 11 - 5 14 9 P16 - - -
P17 Bill and Collect for Sales (Postpaid) 32 16 16 - 8 8 1 7 8 16 P17 - - -
P18 Bill and Collect for Sales (Prepaid) 34 20 14 6 9 5 8 5 7 14 P18 5 1 -P19 Bill and Collect for Sales (wireless) 17 6 11 - 1 5 - - 6 11 P19 - - -
P20 Adjustments 8 3 5 - 1 2 - 2 1 5 P20 - - -
P21 Recording of Subscribers Numbers 4 - 4 - - - - - - 4 P21 - - -
P22 Intercompany 3 1 2 - 1 - - 1 - 2 P22 - - -
P23 Accounting for Financial Assets other than pledge deposits 2 1 1 - - 1 - 1 - 1 P23 - - -
P24 Indefeasible Rights of Use (IRU) 9 9 - - 4 5 - 1 8 - P24 - - -
P25 Managing Programming Costs 6 5 1 - 4 1 1 1 3 1 P25 - - -
P26 Bill and Collect for Sales (Cable TV) 22 11 11 - 3 8 1 2 8 11 P26 - - -
P27 Hedging - - - - - - - - - - P27 - - -
P28 Tower Lease Back - - - - - - - - - - P28 - - -
P29 Technology General Controls Procedure 46 31 15 9 14 8 4 13 14 15 P29 4 4
Total Controls (TLC) 404 263 187 52 113 98 43 83 137 187 29 16
Average (Critical) Controls er Cycle 17 11 8 20% 38% 62%
This testing strategy is applicable for ICFR developing countries: SoX coverage: 56% 31%
Colombia PY: 63 116 41 62 77 81
Guatemala 11- 3- 57 19- 6 56 CoveTanzania CoveGhana Cove
Testing (color scheme used in sheet "Test Strategy"):
Inde endent testin - PwC to inde endentl test control based on testin strate defined in worksheet "Test Strate "Reperformance of management testing - PwC to obtain management's testing support for management's sample and reperform test of controlRely / Observation/Walkthrough - PwC to independently observe if the control is being performed with the Control Owner, and to confirm the result
Criteria used for:
Low risk: Not Pervasive; Routine; Low de ree of ud ement involved; ok for ob ective testin ; low otential for m t overrideMedium/High risk: More complex IT Application Controls (ITACs); Higher risk; highly judgemental or complex controls; potential for mgt overrideSoX controls are allocated in 3 buckets (High, Medium, Low) depending on risk rating. !!! change !!! compared to 2010: Controls risk rating has been aligned with overall risk assessment by process.
PY SoX resultsTest Results 06:
Significant deficiencies were noted in the controls surrounding taxes/deferred taxation, fixed assets/CWIP and the Financial Statement Preparation (IFRS) process.No material weaknesses were identified. No SUD or SAAD items identifed.
Test Results 07:No significant deficiencies or material weaknesses were identified. No SUD or SAAD items identifed.
Test Results 08:No significant deficiencies or material weaknesses were identified. No SUD item identifed. 1 SAAD item recorded (Tax accrual in Tanzania).
Test Results 09:Two significant deficiencies, Consolidation Close process at the HQ and Prepaid revenue in Chad
Test Results 10:No si nificant deficiencies or materlal weaknesses were identified. No SUM item identifed. 4 SAM items recorded.
Group environment:Backbone V3.1: rationalisation of controls based on local mana ement comments. Mainl clarification of controls res onsible and testin rocedures.Management testing will use V3.1 as from Q1_2011.=> Assessment of Management testing to erform based on Q2_2011 CSA Peer review results.
1
Risk Assessment @ SoX
control levelSummary of Testing Strategy
SC * High
-
8/2/2019 Testing Strategy 2011
9/330
-
8/2/2019 Testing Strategy 2011
10/330
-
8/2/2019 Testing Strategy 2011
11/330
P03 Purchasing and Assets
Management
SC08 2-way match PO module prevents to record GRN/SDN quantity higher
than the PO.
PO module Automatic Preventive Each good
service deli
P03 Purchasing and AssetsManagement
SC09 CAPEX accruals reviewed Accounting team (preferably the AP Responsible) extractsfrom the accounting system the open CAPEX accrual
transactions and summarizes them by supplier.
Analysis per supplier is then performed to ensure accuracyof data (including existence, review of duplication, and
explanation on aged accruals balances over 6 months etc.)
Accounting Responsible(CFO-2)
Manual Detective Monthly
P03 Purchasing and Assets
Management
SC10 Accruals checklist reviewed Accruals checklist is completed by CFO-2 and reviewed. In
particular, CFO-1 reviews the list for completeness,explains reasons for current accruals booked, indicates
whether there was an accrual last month and the total
amount booked in the accounts (for each accrual type).
Accounting Responsible
(CFO-1)
Manual Detective Monthly
P03 Purchasing and Assets
Management
SC12 Advance payments globally
reviewed
Accounting team (best AP Responsible) extracts from the
accounting system the open advances and summarizes
them by supplier.Analysis per supplier is then performed to ensure accuracy
of data (appropriate reversal performed).
Accounting Responsible
(CFO-2)
Manual Detective Monthly
P03 Purchasing and Assets
Management
SC13 Invoices approved Invoices are reviewed and approved by Receiving
Department prior to payment.
Receiving Department
Responsible according to
approved authority matrix
Manual Preventive Each invoic
P03 Purchasing and Assets
Management
SC14 3-way match PO module prevents to record invoice quantity and price
higher than the PO and the GRN/SDN.
PO module Automatic Detective Each good
service deli
P03 Purchasing and AssetsManagement
SC15 All assets separately tagged(final tagging)
FA Responsible ensures that when assets are capitalized,a final tagging is applied which follows the assets coding
communicated by the HQ and at the latest 8 weeks after
the date of transfer from CWIP to FA.
Fixed Assets Responsible(GM-2)
Manual Preventive Each asset
P03 Purchasing and Assets
Management
SC16 Turnkey project accounting
treatment validated
Based on the key terms of the contract summarized in a
memorandum, CFO-1 documents the accountingtreatment of transactions linked to the turnkey project and
CFO reviews and approves.
CFO Manual Preventive Each new t
P03 Purchasing and Assets
Management
SC18 Timesheets valuation
reviewed
Based on the information received from the CTO, Human
Resource values the time spent by the cell-sitecommissioning team for the construction of sites. This
analysis is signed-off and communicated to Accounting
Department.
Human Resources
Responsible (GM-1)
Manual Preventive Monthly
P03 Purchasing and Assets
Management
SC19 Manual CWIP register
completed and reviewed
CWIP register is prepared and includes at minimum assets
identification (can be serial number or any other mean),
date of receipt, PO reference, value, expected date ofcapitalization, location and asset description.
Fixed Assets Responsible reviews the CWIP register forcompleteness and reconciles it to the CWIP accounts in
the Accounting System. Any discrepancy is investigated
and solved.
Fixed Assets Responsible
(GM-2)
Manual Detective Monthly
P03 Purchasing and AssetsManagement
SC21 ARO computation reviewed ARO provision calculation is prepared by CFO-1 andreviewed by CFO.
CFO Manual Preventive Each acquidisposal of
ARO
P03 Purchasing and AssetsManagement
SC22 Assets costing reviewed Costing (including assets, ARO, interests, services, freight,duties, etc.) prepared by Fixed Assets Responsible (CFO-
2) is reviewed by CFO-1. System print-out evidencing the
accounts update is attached and reviewed.
Accounting Responsible(CFO-1)
Manual Preventive Each capita
P03 Purchasing and AssetsManagement
SC23 License Summary Sheetapproved
The License Summary Sheet (Part I) relating to thecapitalization rule is completed (including deferred costs)
by the Accounting Responsible (CFO-1) and reviewed by
CFO.
CFO Manual Preventive When licen
P03 Purchasing and AssetsManagement
SC24 Depreciation rates comply withMIC Accounting Policy
Based on the FAR, Fixed Assets Responsible (CFO-2)extracts details of all assets. A summary by assets
category is prepared showing depreciation rate used.Those rates are checked against the MIC Accounting
Policy (including assets with no depreciation rate). Any
discrepancy is investigated and correction documentedand booked into the FAR. CFO ensures that the FA
Responsible has properly performed his review.
CFO Manual Detective Quarterly (q
-
8/2/2019 Testing Strategy 2011
12/330
P04 Cash Management IC05 Vendor balance reviewed
before payment
Before initiating a payment, the vendor balance is reviewed
to ensure that no credit note exists and that previousinvoices were paid.
Treasurer Manual Preventive Each paym
P04 Cash Management IC11 Monitoring of customer and
dealer's complaints
Customer Service Responsible prepares the log of
complains. The log must be maintained and reviewedmonthly by the CFO to ensure appropriate provision has
been booked. The log must include actions taken and
current status of the complaint.
CFO Manual Detective Monthly
P04 Cash Management IC14 Bank reconciliation summary
sheet reviewed
Before the first submission of the monthly financial data, a
bank reconciliation summary sheet is prepared by CFO-1
and includes for all bank accounts the status of thereconciliation and in case of incomplete reconcil iation, the
remaining unexplained amounts and the action plan to
explain / correct those differences. This summary is thenreviewed by CFO.
CFO Manual Detective Monthly
P04 Cash Management IC15 Supporting documents forpetty cash advances approved
All petty cash advances are authorized. Responsible according toapproved authority matrix
Manual Preventive Each advan
P04 Cash Management IC16 Petty cash voucher approved Petty cash voucher are authorized . Treasury Responsible(CFO-1)
Manual Preventive Each advan
P04 Cash Management IC17 Cash advance uses verifiedand expenses approved The responsible manager reviews the original invoicessupporting the cash expended and ensures that it was
used for legitimate business purpose.
Responsible according toapproved authority matrix Manual Preventive Each advan
P04 Cash Management IC18 Petty cash count performed Petty cash safe content must be counted at least once a
month (using specific form for the reconciliation). Any
discrepancy with the Petty Cash Register maintained by the
Petty Cash Custodian must be investigated and escalated.
CFO-1 or CFO-2 Manual Detective Monthly
P04 Cash Management SC02 Aging balance report reviewed The payable aging balance report is extracted and
reviewed. In particular, all unpaid amounts for more than 6months are analyzed and cleared.
CFO-1 Manual Detective Monthly
P04 Cash Management SC04 Reconciliation of vendorstatements with accounts
payable
a) All vendors should be checked once a year (ongoing
program - at least 1/12 of the supplier database a
month)
b) List of 20 top suppliers is obtained. CFO-3 prepares
circularization letter and sends them to the selected
suppliers. When answers are received from suppliers, areconciliation is performed with the A/P. Differences are
investigated, explained and actions are taken.If no answer is received within the following 2 weeks of the
sent request, a reminder is sent to the supplier and any
action performed to obtain the information is documentedon a summary sheet l isting the 20 suppliers selected.
Finance Responsible(CFO-1)
Manual Detective a) Monthly
b) Quarter
P04 Cash Management SC06 Payment voucher / instructions/ cheque authorized
Payment voucher / instruction / cheque is signed based onapproved supporting documents.
Responsible according toapproved authority matrix
Manual Preventive Each paym
P04 Cash Management SC07 Direct Debit list reviewed CFO reviews the list of authorized direct debit obtainedfrom f inancial institutions and ensures that they were all
approved and valid.
CFO Manual Detective Quarterly
P04 Cash Management SC08 Confirmation from financialinstitution of the cash deposit
and of electronic paymentreconciled with sales report
The treasurer or collection department reconciles the salesreport obtained from the billing system with the cash
received confirmed by the financial institution (cashdeposited and electronic payment confirmed).
Treasurer or CollectionResponsible (GM-3)
Manual Detective Daily
P04 Cash Management SC09 Cash reconciliation betweenbilling and accounting system
Cash report from the billing system is reconciled to theaccounting system. Any discrepancy is investigated,
explained and actions are taken.
Treasurer or CFO-1 Manual Detective Minimum wpractice da
P04 Cash Management SC10 Reconciliation between
banking summary and bankstatements (dealers indirect
sales force)
Upon receipt of the bank statements from the central cash
account, the accounting department must reconcile the
statements to the banking summary reports provided bythe dealers. Any discrepancy must be investigated,
documented and actions taken.
Accounting Responsible
(GM-3)
Manual Detective Weekly
P04 Cash Management SC12 Segregation of free cash vs.blocked deposit reviewed intrial balance
CFO-1 verifies that any blocked deposits are properlyidentified in the accounts (versus cash free ofencumbrance).
CFO-1 Manual Detective Quarterly
P04 Cash Management SC13 Bank reconcil iation reviewed For all cash accounts, a reconcil iation with bank statement
is performed by CFO-2. All reconciled items are
investigated, explained and corrective actions booked ifany.
This analysis includes also:
- the clearing of old outstanding unreconciled items (above2 months).
- the review of zero-balance accounts (account in the
accounting system should be blocked)- the review of uncashed cheques
- the review of unapplied cash accountsAll reconciliation are reviewed by CFO-1.
Accounting Responsible
(CFO-1)
Manual Detective Monthly for
account bu
recommendhigh usage
-
8/2/2019 Testing Strategy 2011
13/330
P06 Prepayment SC02 Manual recomputation of
monthly prepaymentcompared with accounting
Accounting Responsible (CFO-2) recomputes manually
the monthly prepayment amortization, compares it to theamount automatically recorded in the accounting system
and checks prepayment closing balance. Any
discrepancies are investigated and explained.
This analysis is then reviewed by the AccountingResponsible (CFO-1).
Finance Responsible
(CFO-1)
Manual Detective Monthly
P07 Taxes IC01 Current and deferred taxesaccruals reviewed
Current and deferred taxes accruals are prepared by theAccounting Responsible (CFO-3) and reviewed by the
CFO-2.
Accounting Responsible(CFO-2)
Manual Preventive Monthly
P07 Taxes IC02 Direct tax return reviewed
before filing
CFO reviews and approves tax return prior filling. CFO Manual Preventive Each tax re
P07 Taxes IC05 Comparison between tax
booked and tax provision/assessment reviewed
Tax booked in the accounts is compared to quarterly tax
provision calculation or to tax assessment if any. Thedifference is identified and approved.
Accounting Responsible
(CFO-2)
Manual Preventive Quarterly a
tax assessm
P07 Taxes IC06 Indirect taxes parameters
reviewed before input insystem
Creation or update of tax parameters related to customer /
supplier / product or service are reviewed before input insystem.
Customer Care
Responsible (GM-3) andAccounting Responsible
(CFO -2)
Manual Preventive Each tax pa
change
P07 Taxes IC07 Tax memo listing indirect
taxes modification reviewed
Tax advisor (internal / external) documents in a memo the
current tax status of all taxes applicable to the entity andspecifically notes the recent tax changes. The memo is
then reviewed by the CFO.
CFO Manual Preventive Quarterly a
change in t
P07 Taxes IC08 Change in indirect taxes
parameters reviewed
Customer Care Responsible (up to GM-3) and/or Accounts
Payable/Receivable Responsible review any change made
in the parameters of any customer or supplier, includingsupporting documentation for the change.
Customer Care
Responsible (up to GM-3)
and/or AccountsPayable/Receivable
Responsible (CFO-2)
Manual Detective Monthly
P07 Taxes IC10 Indirect tax return reviewed
before filing
CFO reviews and approves tax return prior filling. CFO Manual Preventive Each tax re
P07 Taxes SC03 Internal / external tax advisor
review on direct tax approved
Tax advisors (internal / external) performs the following
activities:a) ensures that all direct taxes have been considered by
using a checklist listing all required direct taxes,b) reviews the tax calculation including tax rate,
c) reviews uncertain tax position,
d) reviews the loss carry forward analysis prepared,e) reviews, if any, the tax assessment received from the
Tax Administration.
This analysis is then sent to CFO for review.
CFO Manual Detective a) Quarterly
b) Quarterlyc) Quarterly
d) Annuallye) Ad-hoc
P07 Taxes SC04 Reconciliation betweenaccounting and income tax
base and between statutoryand effective income tax rates
reviewed
Accounting Responsible (CFO-1) prepares thereconciliation between the accounting base and the tax
base and the one between the effective tax rate and thestatutory tax rate. Both reconciliations are reviewed by the
CFO.
CFO Manual Detective Quarterly
P07 Taxes SC09 Internal / external tax advisorreview on indirect tax
approved
Tax advisor (internal / external) performs the followingactivities:
a) ensures that all indirect taxes have been considered by
using a checkl ist listing all required indirect taxes,b) performs a rationalization test per indirect taxes rate for
indirect taxes payable and receivable,
c) reviews, if any, the tax assessment on indirect taxesreceived from the Tax Administration.
In case of discrepancies, adjustment to be booked is
clearly documented. Analysis performed is sent to CFO-1for review.
Finance Responsible(CFO-1)
Manual Detective a) Monthlyb) Monthly
c) Ad-hoc
P08 Assets Impairment SC01 Impairment test conclusions
reviewed
The conclusion of the impairment test and computation of
any impairment loss is reviewed by the CFO and GFC.
CFO and GFC Manual Preventive Quarterly
P09 Bad debts SC01 Aging balance reportautomatically generated
Reports programmed are controlled under IT generalcontrol environment.
Billing Responsible and/orAccounting System
Administrator
Automated Preventive Continuous
P09 Bad debts SC02 Accounts Receivable agingbalance reconciled to thegeneral ledger
Total accounts receivable from the ageing balance isreconciled by the accounting team to the accountreceivables as per the general ledger. Purpose is to
validate the adequacy of the aging balance reporting.
Reconciliation is reviewed by Accounting Responsible(CFO-1).
Accounting Responsible(CFO-1)
Manual Detective Quarterly
P09 Bad debts SC03 Individual review of overdue
balance
Interconnect and roaming partners, dealers and overdue
postpaid subscribers (financial stress customers identified
during the dunning process) are reviewed on an individualbasis. For customers or partners facing financial stress, an
additional provision is determined and reviewed by CFO-1.
For balances above 120 days, the absence of a bad
debt provision has to be reviewed and approved by
Head of Region.
Accounting Responsible
(CFO-1) and Head of
Region
Manual Detective Quarterly
P09 B d d bt SC04 B d d bt l l ti i d B d th i b l ( t id b ib l ) th A ti R ibl M l D t ti Q t l
-
8/2/2019 Testing Strategy 2011
14/330
-
8/2/2019 Testing Strategy 2011
15/330
P13 IT General Controls Procedure IC36 Events and Incidents Journal
is communicated andapproved
Significant IT events or incidents and failures are reported CIO and GM Manual Detective Monthly
P13 IT General Controls Procedure IC39 The list of authorized softwarepermitted for use by
employees is documented
and communicated
The list of authorized, tolerated and unauthorized softwareis formalized and reviewed
CIO Manual Preventive Bi-annually7 months re
between co
executions)
P13 IT General Controls Procedure IC40 The list of software installed is
reviewed
The list of software installed and used on each computer
and server is reviewed and reacted uponSecurity Officer Manual Detective Quarterly
P13 IT General Controls Procedure IC42 The results of scheduled jobs
executions are communicatedand approved
Summary of the batch jobs executions is communicated
and approved to ensure batch jobs run properly
CIO Manual Detective Monthly
P13 IT General Controls Procedure IC43 The operating procedures arereviewed and approved
Formalized operating procedures are in place anddocumented
CIO Manual Preventive Bi-annually7 months re
between coexecutions)
P13 IT General Controls Procedure IC44 An inventory listing al l
potential suspicious activitiesshould be maintained to allow
the monitoring of unauthorized
activities
An inventory listing all potential suspicious activities for
each system should be maintained to allow the monitoringof unauthorized activities. This list should be updated
based on experience and used to review unauthorized
activities (P13.SC37).
CIO and Security Officer Manual Preventive Bi-annually
7 months rebetween co
executions)
P13 IT General Controls Procedure SC01 Change requests are
authorized
Change request forms are completed, reviewed and
approved
Business Owners and
Stakeholders and CriticalSystems ITResponsible(s)
Manual Preventive When a cha
required
P13 IT General Controls Procedure SC02 Existing controls are identified,
tested and redesigned if
necessary
Existing controls (which may be affected by the design
and implementation of changes) are identified and
reported in the change request.
Testing of the existing controls impacted is
documented as part of the test plans in the change
request.
Change acceptance tests performed by Business Owners
and Stakeholders include the testing of these controls.
Appropriate actions are taken to modify or redesign thesecontrols, if necessary, to retain their integrity
Business Owners and
Stakeholders and Critical
Systems ITResponsible(s)
Manual Preventive Every reque
P13 IT General Controls Procedure SC03 Change requests (includingchanges to critical end-user
computing tools) have a test
plan, a roll-out plan and a roll-back plan developed prior to
implementation
Test plan, roll-out plan and roll-back plan are formalized,reviewed and approved prior to implementation of the
change
Critical Systems ITResponsible(s) and CIO
Manual Preventive Every reque
P13 IT General Controls Procedure SC05 Testing of interfaces between
systems and thecorresponding results are
reviewed
Interface test results are formalized and reviewed to
confirm that data transmissions are complete, accurateand valid and that interfaces are working properly
Critical Systems IT
Responsible(s)
Manual Preventive At least eve
before a neinterface is
production
P13 IT General Controls Procedure SC06a Test results are reviewed andapproved before going l ive
with the change in theproduction environment
Changes are tested, test results are reviewed and decisionto go live in production is approved
Business Owners andStakeholders and Critical
Systems ITResponsible(s)
Manual Preventive Every reque
P13 IT General Controls Procedure SC06b Implementation results arereviewed and approved after
going live with the change in
the production environment
Changes results are reviewed Business Owners Manual Detective Every reque
P13 IT General Controls Procedure SC07a Impact of change on the
documentation and supportservice plans of critical
systems, platforms,
applications and databases isassessed and the
documentation is updated if
necessary
Changes in a critical system, platform application or
database are subject to an impact analysis of the relateddocumentation (user and operation procedures, manuals,
technical documentation, support service plans, trainingmaterials, ) which is updated if necessary
Business Owners and CIO Manual Preventive Every reque
P13 IT General Controls Procedure SC07b Documentation and supportservice plans for critical
systems, platforms,
applications and databases isreviewed
The documentation of critical systems, platforms,applications and databases (user and operation
procedures manuals, technical documentation, supportservice plans, training materials, ) is reviewed to ensure
sufficiency against business needs
Business Owners and CIO Manual Detective Bi-annually7 months re
between co
executions)
P13 IT G l C t l P d SC08 I t f h th Ch t d ti t l bj t t B i O M l P ti E
-
8/2/2019 Testing Strategy 2011
16/330
-
8/2/2019 Testing Strategy 2011
17/330
P13 IT General Controls Procedure SC41 The daily job scheduling
checklists and correspondingresults are reviewed
Batch jobs are scheduled and monitored to ensure they
run as needed and to completion
Critical Systems IT
Responsible(s)
Manual Detective Daily
P14 Network General Controls
Procedure
IC04 Testing for systems,
platforms, applications and
databases is performed in atesting environment
For all critical systems, platforms, applications and
databases, there is a testing environment:
- separated logically and/or physically from the productionenvironment,
- which allows adequate stress, unit, end-to-end testing
- which reflects as much as possible the live environment(data in kind and quantity),
- which is available for sufficient testing time
CTO Manual Preventive Bi-annually
7 months re
between coexecutions)
P14 Network General ControlsProcedure
IC09 Users and relevantstakeholders are informed of
change implementation
Implementation of change/project is communicated to allrelevant parties (end-users, stakeholders) to ensure they
are aware of the change and its related impacts
Critical Systems TechnicalResponsible(s)
Manual Preventive Each new pimplemente
P14 Network General Controls
Procedure
IC10 Logical Access Management
process is documented and
communicated
The Logical Access Management policy (or security policy)
is reviewed and approved to check that the management
of user accounts for joiners, job changes and jobtermination is part of the policy (for both employees and
contractors, for local and remote access...)
CTO Manual Preventive Bi-annually
7 months re
between coexecutions)
P14 Network General Controls
Procedure
IC20 Backup execution is reviewed Backup execution results are documented in the backup
journal and validated to ensure that backups are carriedout on critical systems, platforms, applications and
databases at least daily for data and weekly for
configuration setups
Critical Systems Technical
Responsible(s)
Manual Detective Daily
P14 Network General ControlsProcedure
IC24 A Disaster Recovery Plan(DRP) is in place and is
formalized
The formalized DRP is reviewed and approvedNote: DRP and BCP plans should be updated whenever
there is a large change implemented.
CTO and GM Manual Preventive Bi-annually7 months re
between coexecutions)
P14 Network General ControlsProcedure
IC25 The DRP is tested on aregular basis
The test results of the DRP are reviewed and approved CTO and GM Manual Preventive Annually
P14 Network General Controls
Procedure
IC26 Incident and Problem
Management process isdocumented and
communicated
The Incident and Problem Management Policy and
Procedures is reviewed to check that non-standard eventsare analyzed and resolved in a timely manner, including
escalation procedures, supplier involvement if appropriate
and a clear description of the process (flowchart forexample)
CTO Manual Preventive Bi-annually
7 months rebetween co
executions)
P14 Network General ControlsProcedure
IC27 Events and Incidents Journal
is reviewedSignificant NW events or incidents and failures aremonitored, communicated and resolved in a timely manner
Critical Systems TechnicalResponsible(s)
Manual Detective When a sigevent or fai
P14 Network General Controls
Procedure
IC28 Events and Incidents Journal
is communicated and
approved
Significant NW events or incidents and failures are
reported
CTO and GM Manual Detective Monthly
P14 Network General Controls
Procedure
IC31 The operating procedures are
reviewed and approved
Formalized operating procedures are in place and
documented
CTO Manual Preventive Bi-annually
7 months re
between coexecutions)
P14 Network General Controls
Procedure
IC32 An inventory l isting al l
potential suspicious activitiesshould be maintained to allow
the monitoring of unauthorized
activities
An inventory listing all potential suspicious activities for
each system should be maintained to allow the monitoringof unauthorized activities. This list should be updated
based on experience and used to review unauthorized
activities (P14.SC29).
CTO and Security Officer Manual Preventive Bi-annually
7 months rebetween co
executions)
P14 Network General Controls
Procedure
SC01 Change requests are
authorized
Change request forms are completed, reviewed and
approved
Business Owners and
Stakeholders and Critical
Systems Technical
Responsible(s)
Manual Preventive When a cha
required
P14 Network General Controls
Procedure
SC02 Existing controls are identified,
tested and redesigned ifnecessary
Existing controls (which may be affected by the design
and implementation of changes) are identified and
reported in the change request.
Testing of the existing controls impacted is
documented as part of the test plans in the change
request.
Change acceptance tests performed by Business Owners
and Stakeholders include the testing of these controls.Appropriate actions are taken to modify or redesign these
controls, if necessary, to retain their integrity
Business Owners and
Stakeholders and CriticalSystems Technical
Responsible(s)
Manual Preventive Every reque
P14 N t k G l C t l SC03 Ch t (i l di T t l ll t l d ll b k l f li d C iti l S t T h i l M l P ti E
-
8/2/2019 Testing Strategy 2011
18/330
P14 Network General Controls
Procedure
SC07b Documentation and support
service plans for criticalsystems, platforms,
applications and databases is
reviewed
The documentation of critical systems, platforms,
applications and databases (user and operationprocedures manuals, technical documentation, support
service plans, training materials, ) is reviewed to ensure
sufficiency against business needs
Business Owners and
CTO
Manual Detective Bi-annually
7 months rebetween co
executions)
P14 Network General ControlsProcedure
SC08 Emergency changes arereviewed
Emergency changes are reviewed to assess legitimacyand compliance with change management policies and
procedures
CTO and GM Manual Detective Every emerchanges
P14 Network General ControlsProcedure
SC11 Provisioning / deprovisioningforms are reviewed and
approved to grant users onlythe access they need
The logical access request forms for joiners, job changesand job terminations for employees, contractors, vendors
and non-client personnel are:- prepared and approved by the Head of Department (of
the employee or contracting a third-party),
- reviewed and approved by the Human ResourcesResponsible vs. the job description for legitimacy and
segregation of duties purposes,- processed by the Technical Staff
Head of Department andHuman Resources
Responsible
Manual Preventive For each re
P14 Network General Controls
Procedure
SC12 Access rights to systems,
platforms, applications anddatabases that are granted
(through profiles) arereviewed, updated if
necessary and approved
The complete access rights (granted through allocation of
profiles) are reviewed to check that:- access rights are in l ine with employee's position and
responsibilities in the company (job description) and thatthese are still aligned with need-to-have and segregation
of duties principles
- all users of systems, platforms, applications anddatabases receive a unique user ID by which they can be
uniquely identified (any exception to this rule must be well
documented, rationalized and approved)- temporary accounts, generic accounts, applicative
accounts are legitimate and adequately supported by
documentation
Critical Systems Technical
Responsible(s) andSecurity Officer
Manual Detective Quarterly
P14 Network General ControlsProcedure
SC13 Privileged access (admin,super users) to systems,
platforms, applications and
databases is reviewed andapproved
The list of usernames (and corresponding persons) withprivileged/powerful access rights to systems, platforms,
applications and databases is reviewed to ensure that
capability to issue powerful commands is limited toappropriate individuals
Security Officer and CTO Manual Detective Quarterly
P14 Network General ControlsProcedure
SC14 Access rights granted tovendors and contractors are
strictly limited in terms of timeand profile (need-to-have
basis)
The access rights granted to providers (including generic,application and maintenance accounts) are reviewed to
assess the need-to-be of active vendors' accounts
Human ResourcesResponsible and Security
Officer and CriticalSystems Technical
Responsible(s)
Manual Detective Monthly
P14 Network General ControlsProcedure
SC15 Remote access connectioncapability from vendors,
contractors and employees is
adequately limited
The timeframe and business requirements for remoteaccess granted to vendors, contractors and employees is
reviewed
Human ResourcesResponsible and Security
Officer and CTO
Manual Detective Monthly
P14 Network General Controls
Procedure
SC16 Remote access connections
from vendors, contractors and
employees is monitored
Activities on network components performed during remote
access are monitored by the Critical Systems Technical
Responsible through review and documentation of theactivity logs (connection, tasks performed, disconnection)
to ensure they are in line with the planned remote activities.The monitoring of connection/disconnection to the VPNplatform ( if any) is the responsibility of the Critical System
IT Responsible
Critical Systems Technical
Responsible(s) and
Critical System ITResponsible(s) (if
applicable)
Manual Detective For each re
connection
P14 Network General Controls
Procedure
SC17 The reports on remote
connections arecommunicated and approved
Activities performed on network components during remote
access are reported and reviewed by the Security Officerand the CTO.
Remote connections to the VPN platform (if any) are
reported and reviewed by the Security Officer and the CIO
Security Officer, CTO and
CIO (if applicable)
Manual Detective Monthly
P14 Network General Controls
Procedure
SC18 The set-up for passwords of
each system, platform,
application and database isreviewed
Password controls to critical network and systems,
platforms, applications and databases are in effect and
consider minimum security rules (where technicallyfeasible)
Security Officer and CTO Manual Preventive Bi-annually
7 months re
between coexecutions)
P14 N k G l C l SC19 S d b k i i l R i i d b k d d fi d CTO d L l M l P i Bi ll
-
8/2/2019 Testing Strategy 2011
19/330
P15 Bill and Collect for
Interconnect/other operators
IC03 Analyze and resolve rejected
EDRs on billing system
Identify the source of the rejection (if possible) and try to
resolve the problem in order to prevent the event from
happening in the future. Furthermore, the rejected EDRs
are recuperated where possible. This process occurs
continuously and the events that happen the most are
tackled first.
Billing Staff Manual (electronic
evidence)
Detective Daily
P15 Bill and Collect for
Interconnect/other operators
IC04 Reconciliation of reference
data (e.g. trunk groups and
gateway transit routes) in the
Switch, Mediation and
interconnect billing system
Reference data (i.e. Trunk and gateway transit routes)
needs to be reconciled between Switch and Interconnect
Billing System per operator. I.e. validating that the operator
trunk code and gateway transit routes are linked to the
correct operator by the interconnect billing system.
The reconciliation should include the mediation in case of
filtration rules defined based on Trunk Groups on
Mediation Device.
Billing Manager Manual Detective Before Bi
P15 Bill and Collect for
Interconnect/other operators
IC08 Verification on whether the
invoices are sent out
Check whether all the invoices generated are sent out to
the relevant operators.
CFO-2 Manual Detective Monthly
P15 Bill and Collect for
Interconnect/other operators
SC05 All rejected EDRs are formally
reported during theinterconnect bill run
EDRs not corrected are reviewed by CFO and Local
Revenue Assurance Manager before clearing them fromthe Billing System (based on delegation of authority and
local regulations).
Billing Manager, Local
Revenue AssuranceManager and CFO
Manual (electronic
evidence)
Detective At each b
P15 Bill and Collect for
Interconnect/other operators
SC06 Mediation output is reconciled
with Interconnect billing input
and output
Reconciliation of output from the Mediation device with the
input into the Interconnect Billing System and its output (or
support system such as a database or data warehouse) in
number of EDRs and in number of minutes. This is a
standard MIC input / output report.
Billing Manager Manual (electronic
evidence)
Detective Daily
P15 Bill and Collect for
Interconnect/other operators
SC07 Detailed interconnect revenue
invoice validation
The monetary values, the minutes and events in the
interconnect revenue invoices are checked for their
accuracy.
CFO-1 Manual Detective Monthly
P15 Bill and Collect for
Interconnect/other operators
SC09 Usage Report (EDRs Count,
Minutes etc) from other
operators are reconciled with
the registered traffic sent to
them
Usage Report ( EDRs Count, Minutes etc) received from
the other operators are reconciled with the output from the
Interconnect Billing system by the Bill ing Manager. If the
figures deviate from a preset tolerance limit (threshold), a
detailed analysis is needed (exchange of EDRs may be
necessary in this case).
Billing Manager Manual Detective Monthly
P15 Bill and Collect for
Interconnect/other operators
SC10 Payable invoices from other
operators are reconciled with
the Usage Report
reconciliation
Payable interconnect invoices received from the other
operators by the Interconnect Manager are reconciled with
the Usage Report ( EDRs Count, Minutes etc)
reconciliation done in SC9.
Interconnect Manager Manual Detective Monthly
P15 Bill and Collect forInterconnect/other operators
SC11 All payable invoices that areaccepted are subject to
approval
All payable invoices of interconnect operators that areaccepted are subject to an approval of the Interconnect
Manager and GM.
GM and InterconnectManager
Manual Detective Monthly
P15 Bill and Collect for
Interconnect/other operators
SC12 Validation of prepared
bookings by CFO-1
All the accounting records in relation to interconnection
revenue & cost are verified by the CFO-1 before posting
into the GL.
CFO-1 Manual Preventive Monthly
P15 Bill and Collect for
Interconnect/other operators
SC13 Revenue and cost data in the
interconnect billing system(both accruals and invoices) is
reconciled with the accounting
system
Comparison of interconnect revenue & cost booked in the
accounting system with the revenue/cost from theinterconnect billing system & the invoices sent out/received.
CFO Manual Detective Monthly
P15 Bill and Collect for
Interconnect/other operators
SC14 Netting of invoices is reviewed
by the CFO-1
Validation of the invoices netted off and the resulting
values.
CFO-1 Manual Detective Monthly
P16 Bill and Collect for Sales
(Roaming)
IC01 Formal review and approval of
all roaming agreements
Terms & conditions set out in the roaming agreement must
be reviewed for their technical/financial terms by the
relevant departments.
GM Manual Preventive For each
agreemen
-
8/2/2019 Testing Strategy 2011
20/330
P16 Bill and Collect for Sales
(Roaming)
IC13a Analyze and resolve rejected
Inbound Roaming EDRs at theBilling System
Identify the source of the rejection (if possible) and try to
resolve the problem in order to prevent the event fromhappening in the future. Furthermore, the rejected EDRs
should be recuperated if possible. This process occurs
continuously and the events that happen the most are
tackled first.
Billing Staff Manual (electronic
evidence)
Detective Daily
P16 Bill and Collect for Sales
(Roaming)
IC13b Analyze and resolve Inbound
Roaming EDRs rejectedduring the MBF and TAP OUT
generation
Identify the source of the rejection (if possible) and try to
resolve the problem in order to prevent the event fromhappening in the future. Furthermore, the rejected EDRs
should be recuperated if possible. This process occurscontinuously and the events that happen the most are
tackled first.
Rejections are investigated from two sources:- during MBF files generation;
- during MACH TAP OUT files generation. Rejected EDRs
are listed in MACH COM portal (Rejected, CDR DetailsReport) including the reason of their rejection. These
rejections have to be investigated and corrected if possible
together with Mach support.
Billing Staff Manual (electronic
evidence)
Detective Daily
P16 Bill and Collect for Sales(Roaming)
IC15 Daily review of the high usagereporting + validation of the
sending of any existing high
usage reports
The Billing Manager verifies that the Bill ing system/Fraudsystem generates and sends out the high usage report for
subscribers visiting your network each day.
In case of NRTRDE f iles are stored on MACH server every4 hours.
Billing Manager Manual Detective Daily
P16 Bill and Collect for Sales(Roaming)
IC24 Roaming tariff changes arecommunicated on time to the
Clearing House
IOT updates and rating information for new roamingpartners are sent to MACH at least 4 weeks before the
agreed start date of application.
Billing Manager Manual Preventive For each neagreement
P16 Bill and Collect for Sales
(Roaming)SC02a Reconciliation of inbound
roaming settings in the Switchand corresponding settings in
the inbound roaming Billing
System and Mediation device(if required)
There is a reconciliation between the inbound roaming
settings (IMSI ranges per operator) on the Switch againstthe corresponding settings in the roaming Billing System
and Mediation Device. The reconciliation report should
include the underlying reasons of discrepancies andcorrective actions.
Billing Manager Manual (electronic
evidence)
Detective Monthly
P16 Bill and Collect for Sales(Roaming)
SC02b Reconciliation of inboundroaming settings in the Switch
and corresponding settings inthe Mediation device.
There is a reconciliation between the inbound roamingsettings (IMSI ranges per operator) on the Switch against
the corresponding settings in the Mediation device. Thereconciliation report should include the underlying reasons
of discrepancies and corrective actions.
Billing Manager Manual (electronicevidence)
Detective Monthly
P16 Bill and Collect for Sales
(Roaming)
SC06 Duplicate check on Outbound
Roaming EDRs
The TAP IN processor (or the postpaid billing system)
checks for duplicates based on certain fields in a callrecord that are equal.
This is either done based on a report that runs daily or
based on an exception / alarm report that is issued uponoccurrence.
Billing Staff Manual (electronic
evidence)
Preventive Daily
P16 Bill and Collect for Sales(Roaming)
SC07 Validation of TAP IN filessequence numbering
There is a validation on the sequence number of the TAPIN files.
Billing Manager -1 Manual Detective Daily
P16 Bill and Collect for Sales
(Roaming)
SC08 Reconciliation of rates applied
in the records in the TAP IN
file with rates agreed upon.
There is reconciliation between the rates applied in the
records from the TAP IN files with rates agreed upon. This
reconciliation may be performed on a relevant sample ofTAP IN files if the control is performed completely manual.
It is however preferred to perform the reconciliation on all
TAP IN files.
Billing Manager -1 Manual OR
Manual (electronic
evidence)
Detective Daily
P16 Bill and Collect for Sales(Roaming)
SC11 Validation of currencyconversion rates used to
convert SDR values in local
currency values
The currency conversion from SDR values in the TAP INrecords to local currency is timely updated and performed
by the Billing Manager and reviewed by the CFO-1.
CFO-1 Manual (electronicevidence)
Preventive Monthly
P16 Bill and Collect for Sales
(Roaming)
SC12 Reconciliation of Billing
records contained in TAP INfiles with the Roaming records
in the Billing System or
Prepaid EDRs
There is a reconciliation between the billing records
contained in TAP IN records with the roaming recordsuploaded in the postpaid billing system.
Note: Wherever Prepaid Camel is offered for Out roamers
Billing Manager Manual (electronic
evidence)
Detective At each bill
-
8/2/2019 Testing Strategy 2011
21/330
P16 Bill and Collect for Sales
(Roaming)
SC18b The output from the Mediation
is reconciled with the MachTAP creation report
Reconciliation of Mediation output (MBF files or raw CDRs)
with the Mach 'TAP creation report for Revenue Assurance'in number of EDRs and in number of minutes / bytes.
Billing Manager Manual (electronic
evidence)
Detective Daily
P16 Bill and Collect for Sales
(Roaming)
SC19 Validation with Clearing House
of TAP OUT file sent
Check whether the Clearing House has received the TAP
Out files sent by the MIC subsidiary.
Billing Manager -1 Manual Detective Daily
P16 Bill and Collect for Sales
(Roaming)
SC20 Validation of clearing house
netting results by comparingdifference retrieved TAP IN
and created TAP OUT
Comparison of the Summary report sent by the ClearingHouse against the MIC subsidiarys own Tap IN & Tap OUT
details.
CFO-1 Manual Detective Monthly
P16 Bill and Collect for Sales
(Roaming)
SC21 Validation of prepared
bookings by CFO -1
All the accounting records in relation to roaming revenue &
cost are verified by the CFO -1 before posting into the GL.
CFO-1 Manual Preventive Monthly
P16 Bill and Collect for Sales(Roaming)
SC22 Accounting journal entries arereconciled with MACH reports
The CFO reviews and validates the proposed Roamingrevenue and cost bookings in the accounting system with
the MACH reports.
CFO Manual Detective Monthly
P16 Bill and Collect for Sales
(Roaming)
SC23 Tariff complies with roaming
agreements (AA14)
Tariffs applied to TAP OUT are reviewed against those of
the signed agreement (AA14) with all roaming partners. Allagreements have to be reviewed once a year, with 25% of
roaming partners being reviewed quarterly on a rol ling
basis.
Billing Manager -1 Manual (electronic
evidence)
Detective Quarterly
P17 Bill and Collect for Sales
(Postpaid)
IC01 A formal credit check is
performed for each postpaid
subscriber before provisioning
For each new postpaid subscriber recommended by the
Go-to-Market Department, a formal credit check is
performed based on the approved Commercial policy toreview and assess the credit status and reputation of the
subscriber.
Credit and Collection
Manager -1
Manual Preventive For each ne
P17 Bill and Collect for Sales
(Postpaid)
IC02 A specific exception form
exists on the acceptance ofsubscribers that do not comply
with the Commercial policy /
credit check limits
A specific exception form (prepared and justified by the
Sales department) exists on the acceptance of postpaidsubscribers that do not comply with the Commercial policy.
Credit and Collection
Manager
Manual Preventive For each ne
subscriber
P17 Bill and Collect for Sales(Postpaid)
IC03 A specific exception form
exists on the acceptance of
exceptional discounts that
do not comply with the
Commercial policy
A specific exception form (prepared and justified by
the Sales department) exists on the acceptance of
exceptional discounts that do not comply with the
Commercial Policy.
Credit and CollectionManager
Manual Preventive For each neallocated an
discount
P17 Bill and Collect for Sales(Postpaid)
IC05 Review the credit limit setup A formal verification is made to ensure that all credit limitsreported are implemented in accordance with the
Commercial policy.
Credit and CollectionManager
Manual (electronicevidence)
Preventive Daily
P17 Bill and Collect for Sales
(Postpaid)
IC06 All manually provisioned
changes to critical subscriber
data are automaticallyreported and reviewed
All manually provisioned changes to critical subscriber data
(in the Switch and Billing environment) are automatically
reported (based on a predefined query) and reviewed. Thereview verifies whether the reported provisioned changes
equal the approved subscriber data change requests.
Critical subscriber data is (but not limited to): name,address, services and status.
Consumer Manager Manual (electronic
evidence)
Detective Daily
P17 Bill and Collect for Sales
(Postpaid)
IC08 A standard report with all tariff
changes is generated andsigned off on a daily basis
A standard (predefined query) report with all tariff changes
is generated and signed off on a daily basis. This is eitherdone based on a report that runs daily or based on an
exception / alarm report that is issued upon occurrence.
When the control is based on an alarm: the approval must
be attached to the exception report.
Category Manager Manual Detective Daily
-
8/2/2019 Testing Strategy 2011
22/330
P17 Bill and Collect for Sales
(Postpaid)
IC20 High Usage Monitoring Monitoring of high usage looks at value, but also at minutes
and transactions (and must cover both prepaid as well aspostpaid). Specific thresholds are applied (based on
approved high usage policy & procedures) and subscribers
surpassing the thresholds are followed up. Appropriate
actions are taken, such as contacting the subscriber for anexplanation or even barring the subscriber.
This is either done based on a report that runs daily or
based on an exception / alarm report that is issued upon
occurrence.
Credit and Collection
Manager -1
Manual (electronic
evidence)
Detective Daily
P17 Bill and Collect for Sales
(Postpaid)
IC21 Test SIM usage monitoring Usage of test SIMs is monitored and evaluated to detect
any misuse.This is either done based on a report that runs daily or
based on an exception / alarm report that is issued uponoccurrence.
Revenue Assurance Manual (electronic
evidence)
Detective Monthly
P17 Bill and Collect for Sales
(Postpaid)
IC22 Sample testing pre and post
bill run (testing completenessand calculation of invoice)
The accuracy of the invoices is verified on a sample basis.
The sample should represent a variety of billing scenarios.A log should be maintained for any errors identified.
Billing Manager Manual Detective At each bill
P17 Bill and Collect for Sales
(Postpaid)S0C4 Review the discount report All discounts (not part of a discount plan) are reported in a
specific exception report on a daily basis. This report mustbe based on a predefined query.
Consumer Manager Manual (electronic
evidence)
Detective Daily
P17 Bill and Collect for Sales
(Postpaid)
SC07 Record all future movement of
revenues (e.g. connectionfees) based on the MIC Policy
Future movements of revenues (e.g. connections fees) are
computed and reported in a schedule, which is used forrecognizing and booking the corresponding entries basedon the MIC accounting policy.
CFO-1 Manual Detective Monthly
P17 Bill and Collect for Sales
(Postpaid)
SC09 Identify missing EDR
sequence
The Switches (and other EDR generating nodes) must
number their call records sequentially. A control is
performed by the mediation device to verify whether thesequence is respected (completeness of EDRs).
This is either done based on a report that runs daily orbased on an exception / alarm report that is issued upon
occurrence.
Billing Manager Manual (electronic
evidence)
Detective Daily
P17 Bill and Collect for Sales
(Postpaid)
SC10 Automated check for duplicate
EDRs
The database of the billing system (or mediation) is
checked for duplicate EDRs based on certain fields in acall record that are equal.
This is either done based on a report that runs daily orbased on an exception / alarm report that is issued upon
occurrence.
Billing staff Manual (electronic
evidence)
Detective Daily
P17 Bill and Collect for Sales
(Postpaid)
SC15 Reconcile Mediation Input Vs
Mediation Output
Reconcile the input of mediation device against the output
by EDR category. This reconciliation is common for al l typeof Traffic ( i.e. Postpaid, Interconnect and Roaming). Thisreconciliations is the standard MIC input / output report,
must occur both in numbers of EDRs, minutes and (kilo)bytes where applicable.
Billing Manager Manual (electronic
evidence)
Detective Daily
P17 Bill and Collect for Sales
(Postpaid)
SC19 All rejected EDRs at on billing
Platform should be formallyreported before bill run
EDRs not corrected are reviewed by CFO and Local
Revenue Assurance Manager before clearing them fromthe Billing System (based on delegation of authority and
local regulations).
Billing Manager, Local
Revenue AssuranceManager and CFO
Manual Detective At each bill
P17 Bill and Collect for Sales(Postpaid)
SC23 Check all the revenuemovements in the Billing cycle
is captured
Ensure that all the revenue movements in the Billing cycleare captured and that all the pending subscription fees (e.f.
flat fee services and packages) are included in the
settlement invoice.
Billing Manager Manual (electronicevidence)
Detective At each bill
P17 Bill and Collect for Sales
(Postpaid)
SC24 Check that all subscribers are
included in a billing cycle
Reconciliation of subscribers in the subscriber database
against the subscribers covered by the bill runs in order to
verify whether all subscribers are assigned to at least oneof the bill runs.
Billing Manager Manual (electronic
evidence)
Detective At each bill
P17 Bill and Collect for Sales
(Postpaid)
SC25 Reconciliation provisioning
prepaid platform with billsgenerated by the billing
system for fixed bills
Validate fixed bills generated for fixed bill subscribers in the
prepaid billing system to ensure that the reload (top-up) atthe beginning of the month reconciles to the invoices
generated at the end of the month.
Billing Manager Manual (electronic
evidence)
Detective At each bill
-
8/2/2019 Testing Strategy 2011
23/330
P17 Bill and Collect for Sales
(Postpaid)
SC30 Validation of prepared
bookings by CFO-1
All bookings should be first prepared in draft and then
approved by the CFO-1 before being booked in the G/L(this should be performed in both cases where there is an
interface between the Postpaid system and the accounting
system or if this is a manual booking into the accounting
system).
CFO-1 Manual Preventive At each bill
P17 Bill and Collect for Sales
(Postpaid)
SC31 Revenue data in the Billing
System is reconciled with theAccounting System (both
accruals and invoices)
The relevant bookings in the G/L are reconciled with their
source, i.e. the billing system and the invoices and accrualsgenerated by it. This reconciliation must also reconcile the
classification of revenue in both systems.
CFO Manual Detective At each bill
P17 Bill and Collect for Sales
(Postpaid)
SC32 Reconcile Switch Output Vs
Mediation Input
Reconcile the output of Switch against input of mediation
device by EDR category. This reconciliation is common forall type of Traffic ( i.e. Postpaid, Interconnect and
Roaming). This reconciliations is the standard MIC input /output report, must occur both in numbers of EDRs,
minutes and (kilo) bytes where applicable.
CTO-1 Manual (electronic
evidence)
Detective Daily
P18 Bill and Collect for Sales
(Prepaid)
IC02 Determine commercial
feasibility of tariff changes/add
All new / changed tariffs are subject to a profitability impact
analysis by Go-To-Market. The analysis must be reviewedand approved.
Category Manager Manual Preventive For each ne
tariff
P18 Bill and Collect for Sales
(Prepaid)
IC04 Formal approval of tariff
changes
Prior to being set up all tariff/pricing changes need to be
approved.
In accordance with the
approved Pricing Policy
Manual Preventive For each ne
tariff
P18 Bill and Collect for Sales(Prepaid)
IC07 Review and approval ofmanually initiated changes to
prepaid subscriber balances
All manually initiated changes to subscriber balancesrequire prior approval of the Customer Support.
Manual changes are all changes that are not part of thenormal automated logic of using and uploading balances.
This covers adjustments and initiating batches for
promotions and discount corrections.
Note: The approval has to be in l ine with the MIC Policy
No.B4.3.2. based on the thresholds set.
Customer Support Manual Preventive For every rechange to b
P18 Bill and Collect for Sales
(Prepaid)
IC10 Exception Report on prepaid
rating
Prepaid traffic which can not be rated, and for whichdefault rated cant be applied is reported.
Billing Manager Manual Detective Monthly
P18 Bill and Collect for Sales
(Prepaid)
IC14 Test transaction matrix The test transaction matrix consists out of a relevant
sample of events scenarios (as well as other types of
transactions e.g. Voice, SMS, MMS, GPRS, rechargevouchers, e-pin) that is executed each month, which are
followed up from switch up to the Prepaid platform (orindependent comparison of test call records from matrix
with IN system and in case of any missing records, trace
back on Switch or Mediation). The test transaction matrixcontains the scenarios that represent at least 90% of all
transactions.
Billing Manager -1 Manual Detective Monthly + A
changes to
equipment
P18 Bill and Collect for Sales(Prepaid)
IC15 Check the forfeiture is takingplace as per card expiry
The billing manager ensures the forfeiture is taking placeas per card expiry.
Billing Manager Manual (electronicevidence)
Detective Monthly
P18 Bill and Collect for Sales(Prepaid)
IC20 All PIN/HRN generationrequests are subject to a
formal approval.
Before generating new PINs and registering these on the
network, the Category Manager should approve this action.Category Manager Manual Preventive For each P
generation
P18 Bill and Collect for Sales(Prepaid)
IC24 Take approval for PINsactivation (prior to the actual
activation)
There is a proper management approval for activation ofPINs in the prepaid platform. The Warehouse Manager is
responsible for informing the Billing Manager.
Warehouse Manager Manual Preventive Before PIN
P18 Bill d C ll f S l IC26 A d C i l P li A f l i l li i d f d d d Thi G M l P i B
-
8/2/2019 Testing Strategy 2011
24/330
P18 Bill and Collect for Sales
(Prepaid)SC01 Reconciliation of MSISDNs,
subscribers profile and status
in Switch subscriber db and
prepaid and postpaid billing
platform
The MSISDNs, subscriber's profiles and status
(Active/Inactive) in the switch subscriber DB (HLR) andprepaid/postpaid Billing platform are reconciled by the
billing manager. The Billing manager should review
exceptions and propose corrective actions to IT and
Network. Any corrective actions should be formerlydocumented
Note: Ring Back Tone should also be reconciled (between
RBT server, IN, Billing System and the Switch). For
practical reasons the profile and MSISDNS reconciliationfor prepaid and postpaid should be done at the same time.
Billing Manager Manual (electronic
evidence)
Detective Daily
P18 Bill and Collect for Sales
(Prepaid)
SC03 Determine accounting impact
of tariff changes/add
Changed or new tariff (plans) may have an impact on the
way revenue is recorded. As such, Finance needs, as perthe MIC accounting policy manual, to assess the impact of
a tariff change.
CFO Manual Preventive For each ne
tariff
P18 Bill and Collect for Sales
(Prepaid)
SC05 Changed / added tariffs report A standard (predefined query) report with all tariff changes
(including interconnect, roaming, prepaid, postpaid andwireless) is generated and signed off. This is either done
based on a report that runs daily or based on an exception
/ alarm report that is issued upon occurrence.
Category Manager Manual Detective Daily
P18 Bill and Collect for Sales(Prepaid)
SC06 Reconciliation between EDRsgenerated by the prepaid
platform and the ones
generated by the Switch /SMSC / MMSC / GPRS
(depending upon networkarchitecture)
A reconciliation between EDRs generated by the prepaidplatform and the ones generated by the Switch (or other
EDR generating nodes on the network, e.g. SMSC, MMSC,
GPRS Nodes, etc) should be performed in order to ensureintegrity of transfer between both systems. The
reconciliation should occur both in numbers of EDRs aswell as in number of minutes and (kilo) bytes where
applicable.
Wherever it is applicable for content, there should be areconciliation of SMS_MT with the Switch and IN EDRs.
Billing Manager Manual (electronicevidence)
Detective Daily
P18 Bill and Collect for Sales(Prepaid)
SC08 Validation of all manualchanges to subscriberbalances
A predefined query reports all manual changes tosubscriber balances. Issued report is reviewed andvalidated.
Consumer Manager andCFO
Manual (electronicEvidence)
Detective Daily
P18 Bill and Collect for Sales
(Prepaid)
SC09 Review reasons for all
subscriber with negativebalance (or subscribers
credited to 0 balance) and
obtain validation byappropriate level of
management
All negative balances for prepaid subscribers should be
reviewed on a regular base. This includes also theinstances where subscribers wou