Statement of Work

Managed Services Statement of Work (Mssow)

by U.S. Cellular
February 10th, 2015

Exhibit 10.2

 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

MANAGED SERVICES STATEMENT OF WORK

 

NO. 1

 

(“MSSOW”)

 

between

 

USCC Services, LLC (“USCC”)

 

and

 

Amdocs Software Systems Limited
(“Amdocs,” “Consultant” or “Provider”)

 

Effective as of October 1, 2014

 



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

Managed Services Statement of Work

 

No. 1

 

This Managed Services Statement of Work No. 1 (this “MSSOW”) is effective as of October 1, 2014 (the “Commencement Date”) and is entered into pursuant to and under the terms of that certain October 1, 2014, Master Statement of Work for Managed Services (“MSOWMS”) between USCC Services, LLC (“USCC”) and Amdocs Software Systems Limited (“Amdocs,” “Consultant” or “Provider”).  All terms and conditions of the MSOWMS shall apply to this MSSOW, provided that in the event of a conflict between the terms of the MSOWMS and this MSSOW, this MSSOW shall control except with respect to Sections 2.1(b) and 2.1(c) of the MSOWMS.

 

1.                                      Scope of Services

 

1.1                               Provider shall perform the tasks and activities as described herein inclusive of attachments to this MSSOW (all collectively referred herein as the “Services”).

 

1.2                               The Services to be provided hereunder consist of the following four major functional areas (each a “Service Tower”):

 

(a)                                 Tier 2 Front-End and Back-End (as described in Section 6 of this MSSOW)

 

(b)                                 Tier 3/Tier 4 Support (as described in Section 7 of this MSSOW)

 

(c)                                  Billing Operations (as described in Section 8 of this MSSOW)

 

(d)                                 Infrastructure Support (as described in Section 9 of this MSSOW)

 

1.3                               In addition, as part of the Services, Provider shall assign a Customer Operations Manager (the “COM”) to oversee the Service Towers and to be USCC’s main focal point for any questions and/or issues related to the Service Towers. The COM’s role is further described in Section 10 of this MSSOW.

 

1.4                               In performing the Services, Provider shall comply with all of USCC’s Policies (as specified in Appendix C to the MSOWMS).

 

1.5                               Provider Personnel shall be available on a [***] per day basis as required to perform the Services in adherence with the SLAs and KPIs identified in Schedule B to the MSOWMS.  Provider shall monitor Provider’s performance relative to the SLAs and KPIs and provide to USCC reports indicating Provider’s performance against the SLAs and KPIs (including exception details) as described in Schedule B to the MSOWMS.

 

1.6                               Once each calendar quarter, Provider will export into USCC’s SharePoint the USCC-specific data from Provider’s knowledge base for each of the Service Towers.

 

1.7                               In connection with the performance of the Services hereunder, Provider will cooperate with USCC Third-Party Contractors whose systems or applications interface with the B/OSS Solution with respect to such interfaces.  Provider communications with USCC Third-Party Contractors will follow USCC-provided procedures, processes and guidelines including escalation requirements.  Provider will communicate directly with such third parties, except for those specific third parties identified by USCC as ones with whom USCC retains the communication interface for some period of time.  USCC expects to phase in certain third-party communication interfaces with Provider over time to minimize transition risk.  At any time and from time to time, USCC may

 

1



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

modify the status of the communication interface with any third party.  Until such time as USCC may transition each communications interface to Provider, Provider will communicate with USCC with respect to such third parties with whom USCC has retained the communication interface. In all cases (regardless of whether Provider communicates directly with such third parties or USCC requires Provider to communicate indirectly with such third parties through USCC as set forth herein), Provider will work with such third parties in accordance with USCC-specified procedures, processes and guidelines to timely and cooperatively investigate and resolve any inbound or outbound file transfer or other interoperability Issues, Incidents or Problems.  Provider will escalate to USCC any issues related to cooperation or communication between Provider and any USCC Third-Party Contractor, but in no event will Provider be responsible for the performance of any USCC Third-Party Contractor.

 

1.8                               Provider will deliver the Deliverables identified in Annex H to this MSSOW.  With respect to Deliverables identified as “Reports” in such Annex:

 

(a)                                 The number, name, frequency and nature of such Deliverables can be reduced, modified, increased and/or substituted at any time upon the parties’ written agreement.

 

(b)                                 USCC shall be deemed to have Accepted the templates of all such Deliverables to the extent that such Deliverables have been provided to USCC by Provider prior to the Commencement Date.

 

(c)                                  USCC shall be deemed to have Accepted the template of each such Deliverable, the template of which is the same as the template of the applicable report that was provided to USCC by a Third-Party Contractor prior to the Commencement Date.

 

(d)                                 USCC shall be deemed to have Accepted the template of each such Deliverable, the template of which is the same as the template of the applicable report that was generated by USCC for itself prior to the Commencement Date.

 

(e)                                  For each such Deliverable in such Annex as of the Commencement Date to which none of the preceding clauses (b) through (d) apply, during the [***]-day period commencing on the Commencement Date, Amdocs shall submit to USCC a template for each such Deliverable, and USCC shall have [***] days after receipt of each such template to Accept such template or to provide to Amdocs revisions to such template, and Amdocs shall revise each template accordingly until Accepted by USCC acting reasonably. For the avoidance of doubt, Amdocs shall be obligated to deliver each such Deliverable only after its respective template is Accepted by USCC.

 

(f)                                   For each such Deliverable that is added to such Annex after the Commencement Date, Amdocs shall submit to USCC a template for such Deliverable, and USCC shall have [***] days after receipt of such template to Accept such template or to provide to Amdocs revisions to such template, and Amdocs shall revise such template accordingly until Accepted by USCC acting reasonably.  For the avoidance of doubt, Amdocs shall be obligated to deliver each such Deliverable only after its respective template is Accepted by USCC.

 

(g)                                  Recurring versions of such Deliverables for which the applicable template has been Accepted or deemed Accepted under any of the preceding clauses (b) through (f) in this Section shall not be subject to Acceptance by USCC; provided that if USCC identifies any errors or other Issues or problems with such Deliverables, the correction of such errors or other Issues shall be subject to the Incident Management process set forth in Appendix C to the MSOWMS.

 

2



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

2.                                      Term/Termination.

 

2.1                               The term of this MSSOW (the “Term”) shall begin on the Commencement Date and shall end on September 30, 2019 (the “Expiration Date”) unless terminated earlier in accordance with its terms.  If not earlier terminated, the Expiration Date shall be automatically extended five times for one year each time (i.e., a total of five one-year extensions) unless on or before April 1, 2019, or April 1 of the same calendar year thereafter as the then-current Expiration Date, USCC notifies Amdocs in writing of USCC’s intent not to so extend the Term, in which case the Term will expire on the then-current Expiration Date.  Except to the extent modified by this Section, the terms and conditions (including the Fees set forth in Annex C to this MSSOW) during each such one-year extension of the Term shall be the same as from October 1, 2018, to September 30, 2019.

 

2.2                               The parties’ rights to terminate this MSSOW prior to the Expiration Date include those set forth in Section 11 of the MSOWMS.  With respect to Section 11.2(b) of the MSOWMS, USCC shall have the right to terminate for convenience the MS Bundle of which this MSSOW is a part effective on or after September 30, 2017, by (a) providing written notice to Provider at least 90 days prior to the effective date of such termination specified in such written notice; and (b) paying to Provider the termination fee therefor set forth in Annex C to this MSSOW which fee shall be billed by Provider to USCC on the effective date of termination. For purpose of clarification, USCC shall not have the right to terminate this MSSOW or the MS Bundle of which it forms a part for convenience effective prior to September 30, 2017.

 

3.                                      Get-Well Plan.

 

As part of the Services, Amdocs shall timely deploy to production in accordance with the Get-Well Plan attached hereto as Appendix 10 to this MSSOW enhancements and Defect corrections to the B/OSS Solution.  USCC shall not delay or prevent Provider from such timely deployment to production in accordance with the Get-Well Plan.

 

4.                                      Definitions

 

4.1                               “Defect” means a material deviation between the B/OSS Solution and the Specifications. For the purpose of this Section 4.1: “Specifications” means (a) the applicable specifications set forth in the following documentation: Annex O to the Statement of Work dated August 17, 2010 and amended as of July 6, 2011 (the “R1 SOW”), High Level Design (“HLD”) documents delivered under the R1 SOW, Interface Design Documents and final Impact Assessment documents associated with approved Projects, CRs and MERs, in each case delivered by Amdocs and approved by USCC in connection with Statements of Work entered into at any time under the Agreement, including any amendments thereto, any PCRs thereunder and any Work Authorizations related thereto; (b) documentation of Defect fixes recorded in QC tickets associated with Defects opened prior to the Commencement Date; and (c) HLDs for Defect fix bundles delivered by Provider (in an agreed-upon template) and approved by USCC as part of the Change Management process for Defects opened after the Commencement Date. In the event of a conflict between the different Specification documents, the applicable specifications contained in the most recently created document shall take precedence.

 

4.2                               “End-to-End” means (a) with respect to the Production Environment and the B/OSS Solution training environment, all of the associated hardware, software, resources, services, processes and transactions; or (b) with respect to a process, all of the subprocesses and activities and the sequence required to accomplish the goals of the process from the initiation of the process through to completion of the process.

 

3



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

4.3                               “Incident” means an unplanned interruption or failure of the B/OSS Solution functionality (in whole or in part) or a degradation in the performance of the B/OSS Solution or conditions that indicate that such unplanned interruption, failure or performance degradation is likely to occur.

 

4.4                               “Incident Record” or “Incident Ticket” means a record containing the details of an Incident as such record is updated to document the actions taken as part of the End-to-End resolution process.

 

4.5                               “Issue” means a concern raised by one or more USCC Personnel or Provider Personnel.

 

4.6                               “Problem” means the cause of one or more Incidents which may be uncovered through investigation, root cause identification, and other actions that occur as part of the Problem Management Process.

 

4.7                               “Problem Record” means a record containing the details of a Problem as such record is updated to document the actions taken as part of the End-to-End resolution process.

 

4.8                               “Ticket Management” means management of the overall lifecycle of an Incident Ticket including triaging, providing status updates, escalating (as needed), providing workarounds and tracking root cause resolutions.

 

5.                                      Privacy, Data Security and Regulatory Process and Control Requirements

 

5.1                               Provider, while executing the Services, shall comply with the Sarbanes-Oxley Act of 2002 (“SOX”), ISO 27001 and the then-current version of PCI-DSS.

 

5.2                               Provider shall comply with the operational processes listed in Appendix 5 to this MSSOW (each an “Operational Process”) while performing the Services.  The processes listed in Appendix 5 to this MSSOW include the SOX compliance controls for which Provider is responsible and which are addressed in the SOC 1 Type II reporting described in Section 5.4 of this MSSOW.

 

(a)                                 After the Commencement Date, if USCC requires revisions or additions to any of the process mapping flows and controls related to SOX compliance contained in the Operational Processes in order to remain SOX compliant, then USCC shall notify Provider of such required revisions and/or additions (each such notice, a “Requirements Notice”), and the parties shall use all commercially reasonable efforts to complete such revisions and additions within [***] days after Provider’s receipt of the applicable Requirements Notice (or if not completed within such [***]-day period, then as soon as possible thereafter).  Subject to the foregoing, if Provider disputes whether such revisions and/or additions are necessary for USCC’s SOX compliance, then within ten Business Days after Provider’s receipt of the applicable Requirements Notice, Provider shall notify USCC that Provider is disputing whether such revisions and additions are necessary for USCC’s SOX compliance, and such notice shall specify Provider’s fees (using the manpower rates set forth in Schedule C of the MSOWMS) to complete such revisions and additions as well as Provider’s intention to seek payment therefor from USCC.  Such dispute shall be subject to the informal dispute resolution process set forth in Section 2 of Schedule D to the MSOWMS; provided, however, that solely for such purpose, the last sentence of Section 2.2(b)(iv) of Schedule D to the MSOWMS shall be deemed to be replaced with the following:

 

If, after any such resolution of a Level 4 Dispute by USCC’s Vice President of Information Technology, Provider notifies USCC that the Dispute is not resolved to Provider’s satisfaction, then within [***] Business Days after such written notice, such Dispute shall be submitted to arbitration in accordance with the terms and conditions set forth in Section 11.17(b) of the Agreement, except that (A) such arbitration shall be conducted by the arbitrator agreed upon by the

 

4



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

parties pursuant to Section 3.7 of this Schedule D to the MSOWMS; (B) the arbitrator shall render a decision regarding the disposition of such Dispute within [***] Business Days after such Dispute is submitted to arbitration, during which time the parties shall have the opportunity to present their positions to the arbitrator who shall take into consideration:  (I) USCC’s past compliance experience (whether unique to USCC or otherwise) as well as advice received by USCC from its independent and internal auditors and other relevant subject matter experts, and (II) solely to the extent that Provider can demonstrate that Provider presented the following to USCC in writing prior to USCC submitting such Dispute to arbitration:  alternative methods to achieve compliance other than those contained in the Requirements Notice as well as advice received by Provider from Provider’s independent and internal auditors and other relevant subject matter experts; and (C) the arbitrator shall also determine whether Provider failed to act reasonably in contesting such resolution by USCC’s Vice President of Information Technology and whether USCC’s Vice President of Information Technology acted reasonably in determining such resolution.  If the arbitrator determines that either party failed to act reasonably in contesting or determining such resolution, as applicable, then the party determined to have acted unreasonably shall bear the entire cost of the arbitration including, without limitation, the other party’s reasonable attorneys’ fees and expenses.

 

For the avoidance of doubt, USCC shall only be required to pay Provider’s fees to complete such revisions and additions upon a finding that such revisions and additions were not necessary for USCC’s SOX compliance.

 

(b)                                 Notwithstanding the other portions of this Section 5.2 of this MSSOW, the parties acknowledge that, as of the Commencement Date, the process mapping flows and the controls for certain Operational Processes listed in Appendix 5 to this MSSOW are not complete (each a “WIP OP”).  Provider and USCC will perform the actions described in the plan set forth in Section 2.4 of Appendix 5 to this MSSOW in accordance with the schedule of dates specified in such plan in order to finalize the process mapping flows and controls for the WIP OPs.

 

5.3                               Provider will maintain a central repository of all relevant process and control documentation set forth in Appendix 5 to this MSSOW applicable to Provider in providing the Services.  Documents in such repository will serve as the “documents of record” for such processes and controls managed under this MSSOW. Such repository will be a segregated directory accessible only by USCC resources (including impacted business stakeholders) and Provider Personnel with a need to know in connection with the Services. Each party will identify and notify the other party of potential process or control changes in the interaction by Provider with USCC that, to its knowledge, may impact USCC’s policies, controls, processes or procedures.  Whenever USCC reasonably determines that such a process or control change in the interaction by Provider with USCC is required that may impact USCC’s policies, control environment, controls, processes and procedures, USCC shall reasonably determine, in consultation with Provider, the required process or control changes, and within ten days after such determination, Provider shall make the necessary additions or edits to such documentation as reasonably directed by USCC to reflect such process and/or control changes and shall provide the most current versions of such documentation to USCC for review.  Within [***] days after USCC’s receipt of each updated version of the relevant process and controls documentation, USCC will either provide written confirmation to Amdocs that the revised documentation is acceptable or provide to Amdocs in writing the revisions that are required to make such documentation reflect such agreed-upon process and/or control changes.  Within [***] days after Amdocs’ receipt of such revisions, Amdocs shall process such revisions into the documentation and update the repository accordingly.  Within [***] days after the end of each calendar quarter, Provider shall confirm to

 

5



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

USCC in writing that the documentation in the repository is current as of the end of the immediately preceding calendar quarter.

 

(a)                                 After each calendar quarter, Provider shall participate in SOX management testing conducted by USCC, provided that, if such participation requires more than [***] hours of Provider Personnel time in any calendar quarter, Provider shall be entitled to charge USCC for the number of hours in excess of such [***] hours at the manpower rates set forth in Schedule C to the MSOWMS.

 

(b)                                 At any time, if USCC is concerned that a process or control for SOX compliance set forth in Appendix 5 to this MSSOW is not in compliance, USCC will provide written notice to Provider that identifies the potential compliance issue and any facts that are available to USCC forming the basis for USCC’s concern(s).  Within [***] days after receipt of such notice, Provider will respond to USCC in writing with any information that Provider may have that is relevant to such compliance issue(s).  If, after reviewing Provider’s response, USCC determines that the issue(s) have the potential to be significant and therefore merit further investigation, USCC may, upon written notice to Provider at least [***] days prior to commencing an audit under this Section 5.3(b), through an independent auditor that is a registered public accounting firm nationally recognized in the United States and qualified to perform a SOX audit (“SOX Auditor”), subject to USCC and such SOX Auditor executing Provider’s relevant standard confidentiality/nondisclosure agreements, and at USCC’s expense, audit Provider’s processes and/or controls related to such potential compliance issue(s).  If any such audit reveals any significant issues (or [***] or more insignificant issues that taken together become significant) related to such processes and/or controls, then Provider will remediate the non-compliance according to the written remediation recommendation and plan (including the timeline therefor) provided by the SOX Auditor. USCC may, through such auditor, at USCC’s expense, perform additional audit procedures in USCC’s reasonable discretion to ensure that Provider properly implemented all remediation plan activities.

 

5.4                               Provider shall comply with the following SOC 1, Type II, and PCI-DSS reporting requirements:

 

(a)                                 SOC 1, Type II Reporting.  Provider shall retain an independent, registered public accounting firm that is nationally recognized in the United States to perform an audit or series of audits of the control activities, systems and processes established and maintained by Provider and its subcontractors to provide the Services and any other services then being provided to USCC under this MSSOW. Each such annual audit or series of audits shall conform to the requirements necessary to produce a SOC 1, Type II Report as set forth in the American Institute of Certified Public Accountants (“AICPA”) Statement on Standards for Attestation Engagements (SSAE) No. 16, Reporting on Controls at a Service Organization, or in any successor or substitute statement adopted by the AICPA (such report being referred to as a “SOC 1 Report”). The initial annual SOC 1 audit shall be performed for the period commencing on the actual execution date of this MSSOW and ending as of September 30, 2015.  Thereafter, each annual SOC 1 audit shall be performed for a twelve-month period that ends as of a date that is no earlier than September 30th of the calendar year for which the SOC 1 Report is required.  Provider shall provide the SOC 1 Report to USCC promptly upon receipt by Provider, but no later than December 31 of the calendar year for which the SOC 1 Report is required. In addition, Provider shall promptly notify USCC of any areas of significant concern identified in any SOC 1 Report or, on an interim basis, of any areas of significant concern expected to be identified in any future SOC 1 Report, and shall provide to USCC periodic reports regarding Provider’s efforts and progress towards resolving such areas of concern. If required by USCC, Provider will provide a bridge letter for each SOC 1 Report to facilitate annual compliance reporting under the Sarbanes-Oxley Act of 2002 and any regulations promulgated under it.

 

6



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

(b)                                 Agreed-Upon Procedures (AUPs).  Provider shall be accountable to remediate any control failures identified through USCC’s audit and control testing for the period commencing October 1, 2014, and ending on the date that is the later to occur of (i) the date that Amdocs completes Amdocs’ data-gathering procedures in connection with USCC’s audit and control testing of the data provided to USCC, and (ii) the actual execution date of this MSSOW; provided, however, that for any time period prior to the actual execution date of this MSSOW, Amdocs shall only be obligated to provide such data to USCC with respect thereto that is reasonably available to Amdocs.  Provider will support USCC in its SOX Compliance function by performing the tasks specified in Section 2.4 of Appendix 5 to this MSSOW as well as providing information requested and addressing questions in connection therewith regarding the Services provided by Provider in 2014.  For clarification, testing SOX Compliance is the responsibility of USCC, although Provider may propose and the parties may agree on changes to the testing approach.  If Provider is unable to produce a SOC 1, Type II report covering services provided for a time period during the last calendar year that this MSSOW is in place, Provider shall retain an independent, registered public accounting firm that is nationally recognized in the United States to perform an audit or series of audits of the control activities, systems and processes established and maintained by Provider and its subcontractors to provide the Services and any other services then being provided to USCC under this MSSOW.  The result of this audit shall conform to the requirements necessary to produce a Report on Agreed-Upon Procedures (“AUPs”) as set forth in the American Institute of Certified Public Accountants (“AICPA”)  Statement on Standards for Attestation Engagements (SSAE) No. 16, Reporting on Controls at a Service Organization and AT section 201, Agreed-Upon Procedures Engagement.  Provider shall provide the Agreed-Upon Procedures Report to USCC promptly upon receipt by Provider, but no later than December 31 of the calendar year for which the report is required, unless USCC agrees to a later date in advance and in writing. In addition, Provider shall promptly notify USCC of any areas of significant concern identified in any Agreed-Upon Procedures Report or, on an interim basis, of any areas of significant concern expected to be identified in any future Agreed-Upon Procedures Report, and shall provide to USCC periodic reports regarding Provider’s efforts and progress towards resolving such areas of concern. If required by USCC, Provider will provide a bridge letter for each Agreed-Upon Procedures Report to facilitate annual compliance reporting under the Sarbanes-Oxley Act of 2002 and any regulations promulgated under it.

 

(c)                                  PCI-DSS Reporting, Documentation and Related Controls.  USCC is required to maintain and periodically demonstrate compliance with PCI-DSS (Payment Card Industry Data Security Standard). The compliance process requires USCC to undergo an assessment that includes all the system components used to process, store or transmit cardholder data, and any other component that resides on the same network segment as those system components (collectively, “System Components in Scope”). Because Provider will be performing Services for certain of the System Components in Scope, Provider acknowledges that Provider has the ability to impact the security of USCC’s cardholder data environment. Thus, with respect to Provider’s performance of Services for System Components in Scope (which, for the avoidance of doubt, will not include development of enhancements to existing, or the addition of new, System Components in Scope), Provider will provide the Services in compliance with PCI-DSS for controls that are part of the following PCI-DSS Requirements (as such PCI-DSS Requirements may be modified from time to time):  “(i) restrict access to cardholder data by business need to know; (ii) develop and maintain secure systems and applications; and (iii) identify and authenticate access to System Components in Scope.”  As evidence of compliance, Provider will provide when requested, all documentation and evidence that will have shown effectiveness of the controls. If Provider does not undergo its own PCI-DSS assessment, USCC reserves the right to audit through an independent, registered public accounting firm that is nationally recognized in the United States and qualified to perform

 

7



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

a PCI-DSS audit, upon notice to Provider at least [***] days prior to commencing such audit and not more than [***] period, subject to USCC and its representatives executing Consultant’s relevant standard confidentiality/nondisclosure agreements, the processes in order to ensure that Provider is complying with the foregoing.

 

5.5                               Jump Server Access.

 

(a)                                 USCC shall procure and make available to Provider the license quantities (the “Initial Quantities”) of the Third-Party Software listed in Annex C to this MSSOW for installation by USCC on USCC’s Citrix jump server that provides access to USCC’s B/OSS Solution (the “Jump Server”) for use by Provider Personnel in connection with such Personnel’s access to USCC’s B/OSS Solution in performance of the Services in accordance with the MS Bundle. USCC shall be responsible for all fees and expenses associated with the Initial Quantities.  The procurement of any additional license quantities of such Third Party Software for use by Provider as described in this Section (the “Additional Quantities”) is subject to USCC’s approval, provided that the USCC hereby approves the Pre-Approved Additional Quantities specified in Annex C to this MSSOW. USCC shall be responsible for all fees and expenses associated with such Additional Quantities of Third-Party Software which are listed as under USCC’s financial responsibility on Annex C to this MSSOW and will acquire the Additional Quantities specified under the USCC-required Additional Quantities immediately following the Commencement Date. Provider shall be responsible for all fees and expenses associated with such Additional Quantities of Third-Party Software which are listed as under Provider’s financial responsibility on Annex C to this MSSOW.  Provider shall comply with the applicable licensor’s terms and conditions governing Provider’s use of all such Third-Party Software.

 

(b)                                 Except as set forth in Section 5.5(a), all software that Provider may desire to use at its discretion to access directly USCC’s B/OSS Solution in connection with the performance by Provider of the Services in accordance with the MS Bundle is subject to USCC’s prior approval and installation by USCC on the Jump Server.  When seeking such approval from USCC for any such software, Provider shall provide to USCC a copy of the applicable licensor’s terms and conditions that govern installation by USCC on the Jump Server and Provider’s use of such software. If USCC approves such software, it shall be added to Annex C to this MSSOW.  Provider shall pay all fees and expenses associated with such software to the licensor of such software prior to delivery of such software to USCC for installation on the Jump Server. Provider and USCC shall comply with the applicable licensor’s terms and conditions that govern installation by USCC on the Jump Server, and Provider shall comply with the applicable licensor’s terms and conditions that govern Provider’s use of such software. For the avoidance of doubt, USCC will not use such software under the licenses obtained by Provider pursuant to this Section; provided that if USCC is required to use such software together with Provider under licenses obtained by Provider pursuant to this Section, then USCC shall comply with the applicable licensor’s terms and conditions that govern USCC’s use of such software.

 

(c)                                  Each party shall be solely responsible for such party’s acts and omissions in connection with the software listed in Annex C to this MSSOW and associated licenses and the Jump Server.

 

5.6                               For the avoidance of doubt, in the event that USCC discloses to or otherwise grants Provider access to USCC Confidential Information in USCC’s Systems (including, without limitation, via virtual private network such as Citrix) in order to perform Services under this MSSOW, but does not deliver such USCC Confidential Information to Provider, then the requirements set forth in Section 10.1 of the Agreement shall not apply to such USCC Confidential Information while in USCC’s Systems.

 

8



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

6.                                      Tier 2 Front-End and Back-End

 

Provider is responsible for managing, performing and communicating activities related to the SLAs and KPIs that are associated with the Tier 2 Front-End and Back-End Service Tower.  The detailed activities include the following:

 

6.1                               Tier 2 Service Desk.  Provider shall resolve Incidents arising out of or in connection with the B/OSS Solution as identified in the tickets opened in USCC’s Remedy system. The activities include the following:

 

(a)                                 Monitor incoming calls from USCC regarding urgent and escalated tickets that require immediate attention per the Ticket Escalation Flow referenced in Appendix 5 to this MSSOW.

 

(b)                                 Monitor incoming tickets from USCC’s Remedy system for all applications Issues and escalated user-support Issues.

 

(c)                                  Perform Ticket Management and provide resolution based on known solutions and knowledge base.

 

(d)                                 Perform initial triage of tickets and route tickets to:

 

(i)                                     Provider’s Order Management team for all OMS- and Stuck Order-related Issues;

 

(ii)                                  Provider’s Tier 3 Support team for all applications-related Issues;

 

(iii)                               Provider’s infrastructure team for all configuration-related Issues; and

 

(iv)                              USCC’s originator of the ticket for any IT-, System-, Network- and Storage-related Issues that are under USCC’s responsibility pursuant to Section 9.9.

 

(e)                                  To the extent that the applicable mass scripts and recurring scripts have been previously approved by USCC through the Change Management process, run known solutions with such mass scripts and recurring scripts. If a new script is required to resolve a ticket, Provider will seek USCC’s approval to run such script via the Change Management process.

 

(f)                                   Enhance knowledge base for Tier 2 by working with Tier 3/Tier 4 Support teams.

 

(g)                                  Provide USCC with knowledge base updates and known solutions for USCC’s Tier 1 knowledge base to enable first-call resolution by USCC’s Tier 1.

 

(h)                                 Manage Incident- and operational status-related communications both internally and with USCC.

 

(i)                                     Escalate Severity 1 Incidents and Severity 2 Incidents to USCC’s Incident Management Team.

 

(j)                                    Create and manage Root Cause Analysis (RCA) and Root Cause Resolution Actions for Severity 1 Incidents and Severity 2 Incidents including (i) coordinating with all relevant Provider teams; and (ii) providing details (including ongoing status updates) to the USCC Problem Management team.

 

(k)                                 Provide End-to-End management of all Problem Records.

 

9



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

(l)                                     Ensure that all applicable Provider teams are providing timely, complete and accurate data to USCC’s Defect Management team and USCC’s Test Management team as required.

 

(m)                             Manage USCC customer-level escalations in coordination with USCC Tier 1 Support for rapid service restoration.

 

(n)                                 Inform USCC about any third-party interface-related Issues (to the extent known to Provider) so that USCC can engage the relevant third party for resolution. If the third party is managed by Provider, Provider will inform USCC and also work with the third party to achieve resolution.

 

(o)                                 Provide written communication to USCC’s Incident Management team regarding system errors encountered by front-line users that are causing repeated fallout and/or multiple tickets, and such communication shall include guidance on the process that should be followed to avoid such errors.

 

(p)                                 Perform Ticket Management including tickets originated by the following USCC group functions:

 

(i)                                     IS Support Center.  The IS Support Center supports the handling of Remedy tickets that do not qualify for handling by any of the other three teams described in this Section 6.1(p) and also handles escalations and Severity classification disputes.

 

(ii)                                  Billing Business Support (“BBS”).  The BBS supports the handling of Remedy tickets for business customers/calls regarding billing and/or finance related to the B/OSS Solution.

 

(iii)                               Business Escalation Queue (“BEQ”).  The BEQ supports handling of Remedy tickets for business customers/calls related to the B/OSS Solution that do not involve billing and/or finance.

 

(iv)                              TOPS Escalation Queue (“TEQ”).  The TEQ supports handling of Remedy tickets for customers/calls (other than business customers/calls) related to the B/OSS Solution.

 

(q)                                 Communication between Tier 2 Support and non IS ticket initiators will be only through the ticket interface unless authorized by USCC’s IS department. Any communication outside of specific ticket interaction with business will be handled by USCC.

 

(r)                                    With respect to open B/OSS Solution-related tickets as of September 30, 2014 (of which there will be less than [***] such tickets), Provider will attempt to resolve all tickets on behalf of USCC on or before [***], provided that USCC will make available to Provider at USCC’s cost and expense [***] full-time USCC contractors (identified by the parties prior to September 30, 2014) to assist Provider in such effort during such period.  For the purpose of clarification, there will be no SLAs or penalties applicable with respect to such efforts by Provider.

 

6.2                               Production Management — Data Center Operations. Provider shall perform Production Management with Provider’s internal supervisor escalations handled by a Shift Manager and situations requiring escalation to USCC management handled by a Production Manager.

 

(a)                                 Shift Manager.  The “Shift Manager” manages Provider’s resolution of failed processes and critical Incidents (Severity 1 Incidents, Severity 2 Incidents and other Issues that put

 

10



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

Provider’s performance of the Services at risk of Full Service Level Default or Partial Service Level Default (as defined in Schedule B to the MSOWMS)), manages the issuance of alerts from Service Level Dashboard, and obtains updates from other Amdocs and/or USCC teams in cases of Issue evaluations and escalations. The Shift Manager is also responsible for managing the resolution of day-to-day production Incidents and escalating to the Production Manager in cases of critical Incidents as described above.  The Shift Manager’s activities include the following:

 

(i)                                     Inform Provider Personnel and USCC Personnel that are designated by USCC (such USCC Personnel to include individuals working in the IS organization only) on the initiation and periodic status of Incidents, manage technical conference calls for such Incidents and record status of such Incidents in Provider’s notification system.  For Incidents identified by Provider, the Shift Manager will initiate internal conference calls and inform USCC’s Incident Management team who will then initiate the USCC Incident Management process.

 

(ii)                                  Keep USCC informed regarding production Incidents and provide reasonably frequent updates (based upon the type of Incident) via SMS and email until the Incident is resolved.

 

(iii)                               Participate and provide updates on ongoing Incident in the external conference calls initiated by USCC in accordance with the Incident Management process.

 

(iv)                              Monitor Service Level Dashboard for any alerting situations and take actions as necessary to ensure that USCC has visibility to any such situations that may put Provider’s performance of the Services at risk of Full Service Level Default or Partial Service Level Default.

 

(v)                                 Manage and track changes into the Production Environment via USCC Change Management and Release Management processes and USCC tools.

 

(vi)                              Escalate to Production Manager any unresolved Severity 1 Incidents and Severity 2 Incidents.

 

(vii)                           At the end-of-shift turnover between shifts/sites, send to USCC Provider’s internal Incident summary.

 

(viii)                        Follow-up on enhanced monitoring of recurring Incidents and other mitigation activities on a day-to-day basis and keep USCC informed thereof.

 

(ix)                              Oversee all scheduling activities including nightly maintenance bounces and end-of-week and end-of-day activities.

 

(x)                                 Communicate to USCC in a timely manner, either directly or through the Production Manager, any change or variance in plans which create risk or output delay.

 

(xi)                              Communicate to USCC any change or variance in operations that created Issues or did not follow defined procedures.

 

(xii)                           Maintain production run books, internal/external escalation contact details, and emergency procedures.

 

(b)                                 Production Manager.  The “Production Manager” is accountable for B/OSS Solution Production Operations and is responsible for managing all critical Incident escalations

 

11



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

from the Shift Manager including Severity 1 Incidents and Severity 2 Incidents as well as any Issues that could put Provider’s performance of the Services at risk of Full Service Level Default or Partial Service Level Default and overall monitoring of the Services. The activities include the following:

 

(i)                                     Manage communications between internal Provider teams and with USCC IS teams regarding critical Incident escalations from the Shift Manager including Severity 1 Incidents and Severity 2 Incidents as well as any Issues that could put Provider’s performance of the Services at risk of Full Service Level Default or Partial Service Level Default.

 

(ii)                                  Join conference calls initiated by Provider or USCC in order to address the resolution of an Incident so that Provider may provide its plan to restore B/OSS Solution functionality impacted by Incidents and to provide to USCC a description of the issue, impact, and actions being taken by Provider with respect to the Incident as well as requesting any information and/or action from USCC that Provider deems reasonably necessary. Provider will drive resolution of the issues identified on the conference call.  If, however, an Issue is identified as outside of Provider’s scope, then USCC will drive resolution of such Issue, and Provider (A) will remain on the conference call until reasonably released by USCC, (B) will participate in technical resolution, and (C) will provide to USCC all relevant data upon which Provider reached that determination.

 

(iii)                               Provide reasonably complete information to USCC on all production Incidents via direct contact with the USCC Incident Manager and via email to USCC IS leaders.

 

(iv)                              Provide to USCC periodic updates (hourly, daily, weekly or as otherwise reasonably specified by USCC) until the Incident is resolved.

 

(v)                                 Engage the COM and other management team members for critical Incidents as per Provider’s escalation guidelines.

 

(vi)                              Follow up on and manage recurring production Incidents.

 

(vii)                           Escalate and coordinate resolution of at-risk or missed SLAs and KPIs.

 

(viii)                        Serve as one of the key participants in build and implementation activities for releases of the B/OSS Solution.

 

(ix)                              Manage end-of-shift turnover between shifts at Provider’s sites.

 

6.3                               Application Support. Provider is responsible for managing all tickets requiring additional investigation after the tickets have been vetted by Provider’s Tier 2 Support group.  This responsibility includes identifying and routing Defects for resolution by Tier 3/Tier 4 Support or Tier 5 Support. The activities include the following:

 

(a)                                 Manage Tickets vetted by Tier 2 Support groups including Service Desk, Scheduling, Billing Operations and other groups. Examples include, without limitation, tickets related to the following:

 

(i)                                     RIM/RIM LITE/Sales/CRM/MSCC/CIM and all other B/OSS Solution applications

 

(ii)                                  Billing/Batch Job failures

 

12



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

(iii)                               Quantification Impacts/Billing QA/ A/R /GL/Usage

 

(iv)                              Alerts from scheduling

 

(v)                                 Event Processing

 

(b)                                 Use commercially reasonable efforts to attempt to automate to avoid repetitive manual tasks.

 

(c)                                  Update Provider knowledge base in order to permit Provider to improve the handling of future similar issues.

 

(d)                                 Automate and manage transmit process for all Billing, Usage and End of Day / End of Month reports.

 

(e)                                  Fix all error records or error events including, without limitation, usage processing, payment, accounts receivable and other volume transactions.

 

(f)                                   Apply credits or charges via the appropriate credit and charge tools pursuant to USCC’s instructions.

 

(g)                                  Create and maintain USCC-approved data patch scripts and ensure that such scripts meet USCC-approved script standards.

 

(h)                                 Participate in conference calls to provide application expertise for resolution of production Issues.

 

(i)                                     Participate in preparation of Release implementation checklist and release readiness activities.

 

6.4                               Testing Support — Sanity Testing.  Prior to the end of each Daily Maintenance Window, Provider shall perform sanity testing of the B/OSS Solution to ensure that all changes that occurred during the Daily Maintenance Window period are successful. Such sanity testing will also be performed to verify service restoration after each CRM-, RIM-, RIM LITE-, MCSS- and MicroTelecom-related Severity 1 Incident and Severity 2 Incident have been resolved.  Details of sanity testing activities for each of the B/OSS Solution applications are listed in Appendix 6 to this MSSOW.

 

6.5                               Change Management.  Provider shall manage and coordinate Provider’s activities in connection with all changes to the Production Environment and review requests for change approvals with USCC. The activities include the following:

 

(a)                                 Use USCC’s Remedy system for all changes subject to USCC’s Change Management Process including the requirement to obtain prior approval from the USCC Change Approval Board (“CAB”) for any change made by Provider that could impact any USCC system or Provider’s service delivery.

 

(b)                                 In connection with all communications related to USCC’s Change Management Process, manage all such communications with Provider’s organization and each third-party vendor that is a part of the B/OSS Solution.

 

(c)                                  Create and maintain a change schedule of upcoming releases and changes as part of USCC’s Change Management Process.

 

(d)                                 Monitor and report on the implementation of USCC-approved changes made by Provider.

 

13



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

(e)                                  Coordinate with USCC through USCC’s Change Management Process all changes that require service interruption.

 

(f)                                   Conduct activities such as:

 

(i)                                     Create and submit requests for changes including coordination of detailed implementation plans inclusive of steps that need to be executed by USCC.

 

(ii)                                  Coordinate approval from USCC SMEs in advance of CAB meetings.

 

(iii)                               Categorize each change and provide a description of its impact as described in Appendix 7 to this MSSOW.

 

(iv)                              Schedule each change for deployment and verify the successful deployment of the change as part of the closure procedures that are part of USCC’s Change Management Process.

 

(v)                                 Communicate to USCC any variance from plan regarding timing, unsuccessful changes, incomplete or backed-out changes, and escalate to USCC according to USCC-defined processes.

 

(vi)                              Upon receiving each USCC-approved change request, coordinate the deployment of Enterprise Product Catalog (“EPC”) changes into production.

 

(vii)                           Assess and communicate to USCC the potential impacts and risks (if any) associated with the changes USCC introduces when publishing a new version of EPC (such changes to be governed by the Change Management process, and if reasonably practicable, USCC shall inform Provider of such planned changes at least two weeks in advance).

 

6.6                               Order Management System Support (“OMS Support”).  Provider shall manage all orders originating in the B/OSS Solution including ensuring that orders are processed in a timely manner.  The activities include the following:

 

(a)                                 Escalate for resolution by Tier 3/Tier 4 Support, as appropriate, OMS Issues (including Stuck Orders causing delays/failures in processing of orders).

 

(i)                                     Execute USCC-approved (such approval to be obtained via the USCC’s Change Management process) work-around scripts provided by OMS Support, Tier 3 Support/Tier 4 Support or implement other short-term options to resolve order Issues.

 

(ii)                                  Apply automation to ensure quick recovery until a long-term solution is provided by Provider.

 

(iii)                               Open Problem Records for unique order failures and manage such Problems to root cause resolution.

 

(iv)                              Escalate Issues to Tier 3/Tier 4 Support.

 

(v)                                 Identify and propose to USCC solutions to improve order flow to help avoid Stuck Orders.

 

(vi)                              Notify the Shift Management team about high-impact fallout Incidents.

 

14



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

(b)                                 Resolve Incidents by executing USCC-approved data patch scripts

 

(c)                                  Perform routine analyses of the order trending/patterns. Details include the following:

 

(i)                                     Recommendations for improvement;

 

(ii)                                  Escalations of anomaly trends (e.g., spikes/drops in volumes when compared to previous similar timeframes); and

 

(iii)                               Reprocessing of order fallout and exceptions which will be handled as Issues according to their respective impact and priority.

 

(d)                                 Support the planning and execution of Mass Order activities (“MOA”) including (i) creating the implementation plan to be approved through the Change Management Process, and (ii) providing daily reports to USCC IS Operations regarding results of the MOA.

 

(e)                                  Maintain, manage, and share with USCC the USCC-specific Methods & Procedures (“M&P”) and USCC-specific data from Provider’s knowledge base.

 

(f)                                   Resolve high-priority escalations and tickets from USCC to ensure timely turnaround on order failures.

 

(g)                                  Provide ordering expertise to USCC for ad hoc requests and involve a Provider Business Analyst if needed.

 

(h)                                 Monitor and manage order fallout in the B/OSS Solution as well as in Third-Party Software (including SAP).

 

(i)                                     Perform sample audits and analyses of trends and fluctuations.

 

(j)                                    Resolve Stuck Orders.

 

(k)                                 Manage and resolve Remedy tickets related to Incidents in order flows

 

(l)                                     Use commercially reasonable efforts to attempt to automate the resolution of recurring Stuck Orders

 

(m)                             Support USCC as needed for USCC’s interactions with its customers for the collection of data and/or coordination of changes to resolve Stuck Orders.

 

7.                                      Tier 3/Tier 4 Support

 

Provider’s Tier 3/Tier 4 Support team handles Incidents that are reported by Tier 2 and Defects that are escalated by Tier 2 including:  (a) participating in Incident management process; (b) triaging defects (i.e., analyze and classify Defects and provide immediate fixes when possible); (c) providing fixes for Defects in the Production Environment and the B/OSS Solution training environment; and (d) participating in release deployment.  The activities include the following:

 

7.1                               Participate in Incident Management Process.  Participate in conference calls when Severity 1 Incidents and/or Severity 2 Incidents are raised and follow USCC’s Incident Management process and Problem Management process in order to find resolution and minimize the impact on USCC’s business.  The activities that may be required include, without limitation, reviewing log files and queues and making necessary decisions for restoring the B/OSS Solution.  If an Incident requires an immediate data or code fix, Provider will provide such data or code fix.  If an Incident is not code- or data-related, then it will be routed to the appropriate Provider or USCC team.

 

15



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

7.2                               Triaging Defects.  When a Defect is escalated by Provider’s Tier 2 Support team to Provider’s Tier 3/Tier 4 Support team using Provider’s ticket tracking system, Provider’s Tier 3/Tier 4 Support team will analyze the Defect and do one of the following:

 

(a)                                 Provide a work-around if requested by the Tier 2 Support team;

 

(b)                                 If a code fix is required, assign the Defect to the appropriate Provider development team and establish a target due date and/or release for Defect resolution; or

 

(c)                                  If an Incident is not reproducible or is not a Defect, return it to Provider’s Tier 2 Support team.

 

If additional data is required by Provider in connection with a Defect, Provider will identify its specific needs and add them to the applicable ticket.  If the issue is caused by user error, Provider will update the ticket with an explanation so that Provider’s Tier 2 Support team can understand the issue and close the ticket.

 

7.3                               Provide Fixes for Defects.

 

(a)                                 When a code fix is required, Provider will provide the code fix, complete unit testing, send the fix to the appropriate testing team.

 

(b)                                 After fixing the code, add to the Defect record in Quality Center an identification of the source of the issue (e.g., design gap or code error).

 

(c)                                  If a Defect requires a fix to the Core Product, Provider’s Tier 3/Tier 4 Support team will work with Provider’s R&D team and will provide all details necessary to reproduce and fix the Defect.  After Provider’s R&D team fixes the Defect, Provider’s Tier 3/Tier 4 Support team will integrate the Defect fix with other Defect fixes, if any, and will develop a deployment plan therefor.

 

(d)                                 Providing impact, risk and feasibility assessment for Severity 1 Defects, Severity 2 Defects, escalated billing-related Defects and other prioritized business Defects.

 

7.4                               Participate in Release Deployment.  Provider’s Tier 3/Tier 4 Support team will participate in release planning and obtain the necessary knowledge from the appropriate Provider development team.  Such activities will include:

 

(a)                                 Providing subject matter expertise in quality review of release design including reviewing the functional approach as well as any operational or performance risks.

 

(b)                                 Providing production expertise including data model knowledge.

 

(c)                                  Reviewing all upcoming release changes and providing recommendations with respect thereto as such team deems appropriate.

 

(d)                                 Supporting implementation planning.

 

(e)                                  Supporting testing team’s testing of Defect fixes.

 

(f)                                   Coordinating development support during and immediately after deployment of each release.

 

16



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

(g)                                  Supporting the COM and USCC’s business and IS stakeholders in understanding expected changes due to releases and impacts of releases on operational processes or parameters (known as post-release predictions).

 

7.5                               Resolve Defect Backlog.

 

(a)                                 Provider will Resolve Defects that were identified or otherwise occurred in the Production Environment and were known to Provider during the period commencing on March 5, 2014, and ending on the Commencement Date (each a “Backlog Defect”) as follows: (i) Backlog Defects that are Severity 1 Defects or Severity 2 Defects shall be Resolved by the fifth major B/OSS Solution code release (also known as “Release 5”); (ii) no less than [***]% of Backlog Defects that are Severity 3 Defects and Severity 4 Defects will be Resolved by Release 5; and (iii) Backlog Defects that are Severity 3 Defects and Severity 4 Defects that are not Resolved by Release 5 shall be Resolved by the sixth major B/OSS Solution code release (also known as “Release 6”).

 

(b)                                 The Service Level Targets shall not apply to the Backlog Defects that are Resolved in accordance with the timeframes set forth in Section 7.5(a) of this MSSOW, provided that the following Backlog Defects shall be subject to the applicable Service Level Targets based upon the date that the Backlog Defect was identified:  (i) any Backlog Defect that is a Severity 1 Defect or Severity 2 Defect that is not Resolved by Release 5; (ii) if less than [***]% of the Backlog Defects that are Severity 3 Defects and Severity 4 Defects are Resolved by Release 5, then the number of Backlog Defects that are not then yet Resolved that equals the percentage difference between [***]% and the percentage of the Backlog Defects that are Severity 3 Defects and Severity 4 Defects that were Resolved by Release 5 (the oldest Severity 3 Defects based upon date of identification through the newest should be counted before any Severity 4 Defects which should then be considered from oldest to newest); and (iii) any Severity 3 Defects and Severity 4 Defects that are not subject to the Service Level Targets pursuant to clause (ii) of this Section 7.5(b) and are not Resolved by Release 6.

 

(c)                                  For the purpose of this Section 7.5, “Resolved” means that (i) a fix for a Defect has been delivered and tested as part of a B/OSS Solution code release, as indicated in the applicable release notes; or (ii) a standalone Hot Fix for a Defect has been delivered outside of a release and passed testing, as indicated in Quality Center by the change of the Defect’s status to “HF Passed”; or (iii) a standalone Hot Fix for a Defect has been delivered outside of a release, as indicated in Quality Center by the change of the Defect’s status to “Fixed”, and that status has not changed in over [***] days.  For clarity, once a Defect is Resolved in accordance with the preceding sentence of this Section 7.5(c), if the same Defect is at any time thereafter identified in the Production Environment, then such later identified Defect and its Resolution will be handled as a new Defect subject to the Defect Resolution Service Level set forth in Exhibit B-1 to Annex B of this MSSOW.

 

(d)                                 If Provider is unable to reproduce a given Backlog Defect, then Provider shall notify USCC in writing that Provider is unable to reproduce such Backlog Defect, and USCC shall have a period of [***] days thereafter to provide to Provider then-current data substantiating that the Backlog Defect still exists in the Production Environment, and based upon such data, Provider shall continue to work on such Backlog Defect until it is Resolved.  If USCC is unable to provide such data within such [***]-day period, then such Backlog Defect shall be cancelled and deemed Resolved.

 

(e)                                  Provider and USCC shall cooperate and work together (including, without limitation, in joint sessions) to ensure that no less than [***]% of the Backlog Defects designated to be Resolved by Release 5 have an agreed-upon disposition (i.e. after all missing

 

17



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

supporting information has been provided, rejections have been discussed, and cancellations, as applicable, have occurred) no later than [***].

 

(f)                                   Provider and USCC shall cooperate and work together in (including, without limitation, in joint sessions) to ensure that no less than [***]% of the Backlog Defects designated to be Resolved by Release 6 have an agreed-upon disposition (i.e. after all missing supporting information has been provided, rejections have been discussed, and cancellations, as applicable, have occurred) no later than [***] days prior to the date that Release 6 is deployed to production.

 

8.                                      Billing Operations

 

Provider is responsible for managing, performing and communicating activities related to the SLAs and KPIs that are associated with the Billing Operations Service Tower.  The detailed activities include the following:

 

8.1                               Scheduling.  Provider shall run batch jobs, billing jobs, ad hoc jobs, bounces, and reruns; perform alert handling, manage failed jobs, and provide escalations to Shift Manager for critical Issues and Provider’s Application Support team for alerts and failures. This applies to all phases of all bill cycles (as well as consolidated billing) including final file delivery. The activities include the following:

 

(a)                                 Run billing and batch jobs, B/OSS Solution-related jobs currently in both AMC Operational and Tivoli Work Scheduler.

 

(b)                                 Execute EOD, EOW, EOM and nightly bounces.

 

(c)                                  Monitor and manage timely resolution for the following:

 

(i)                                     Long-running billing and batch jobs

 

(ii)                                  Usage Processing and related usage fallout (except as specified in Section 11 of this MSSOW)

 

(iii)                               Billing and EOD executions

 

(iv)                              System alerts

 

(d)                                 Run CAB-approved ad-hoc scripts.

 

(e)                                  Manage the following or escalate to Provider’s Application Support:

 

(i)                                     Job failures

 

(ii)                                  Daemon down

 

(iii)                               Online bounces

 

(iv)                              Alerts

 

(v)                                 Usage processing

 

(vi)                              Billing rejects

 

18



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

(f)                                   Notify the Shift Manager of Issues impacting SLAs and/or user/customer experience.

 

(g)                                  Document solutions in knowledge base after discussing such solutions with other applicable Provider teams

 

(h)                                 Assign SMEs to participate on conference calls for resolution of any production Issues related to batch jobs and billing

 

(i)                                     Configure customer data for consolidated billing including MABEL and MobilSense.

 

8.2                               BIMS Tool.  On or before the [***] day after the Commencement Date, Provider shall Implement the BIMS Tool and configure the BIMS Tool to load billing data and generate exception reports that enable the identification of certain potential billing and/or revenue impacting issues.  Provider shall make such Tool available to Provider Personnel and to USCC Personnel in the Information Systems (“IS”) organization and the Revenue Assurance (“RA”) organization as follows:

 

(a)                                 At any one time, the aggregate total number of Administrative Users and Account Users who are actively querying data will be limited to seven.

 

(b)                                 “Administrative User” means a user of the BIMS Tool who has rights to create and modify reports.  USCC will be entitled to three Administrative Users.

 

(c)                                  “Account User” means a user of the BIMS Tool who has rights to view reports and data that exist in the B/OSS Solution or that are created by the Administrative Users.  USCC will be entitled to 40 Account Users.

 

8.3                               QA Billing/Auditing. Provider shall audit sample bills, Usage/Traffic, and Cycle Management; generate Audit Reports for Accounts Receivable (“A/R”)/General Ledger (“GL”), and Billing; and manage communications for billing and audit Issues.  The activities include the following:

 

(a)                                 Billing QA

 

(b)                                 Billing and Accounts Receivable audits

 

(c)                                  Trending of billing audits

 

(d)                                 Management of bill validation as part of the release life cycle, including:

 

(i)                                     Run billing during testing of releases — limited to two bill cycles (or up to three additional bill cycles if USCC reasonably determines such additional cycles are necessary).

 

(ii)                                  Produce invoices and reports for USCC RA purposes.

 

(iii)                               Review and prioritize with USCC the provision of Defect fixes by Provider that arise from the bill validations.

 

(iv)                              Provide recommendations related to USCC’s “go/no-go” decisions for releases

 

(v)                                 Perform project planning in cooperation with USCC for bill validation activities and jointly execute such plans, provided that Amdocs shall retain overall responsibility for managing each such project.

 

(e)                                  Audits of usage and event records

 

19



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

(f)                                   Audits of consolidator billing output

 

(g)                                  Reruns/fixes/additional batch jobs

 

(h)                                 Communicate with USCC IS related to (i) Bill Cycle timing and coordination; (ii) USCC approvals; (iii) sharing of best practices; (iv) process improvements; (v) reject and corrective handling; (vi) Issues and options for Bill Cycle activities.

 

8.4                               Cycle Management.  Provider shall perform the Bill Cycle management activities including the following:

 

(a)                                 Obtaining Bill Cycle approvals from USCC.

 

(b)                                 Fulfilling information requests and marketing-related special requests.

 

(c)                                  Monitoring production including monitoring of Bill Cycle performance, Bill Cycle QA, report delivery, End of Cycle (“EOC”), and electronic bill status.

 

(d)                                 Performing analyses to predict (i) timing for successful/complete Bill Cycle runs, and (ii) timing to address/resolve rejected and held bills.

 

(e)                                  Executing processes to confirm that billing balances post to customer accounts after each Bill Cycle.

 

(f)                                   Performing Billing Audit Support including the handling of ad-hoc requests related to potential issues found during USCC’s billing audit, billing audit support and facilitation, and trending support.

 

(g)                                  Reporting to USCC including reporting of (i) monthly team metrics, (ii) billing status, (iii) audit finds, and (iv) review of potential and/or actual impacts on billing caused by a B/OSS Solution code release.

 

8.5                               Revenue Assurance (A/R, Usage and Billing).  Provider shall perform the revenue assurance services including the following activities for all B/OSS Solution output related to A/R, usage and billing:

 

(a)                                 Perform pre-cycle preparation including coordinating QA sample accounts, determining readiness based on Issues found in previous cycles, and creating billing cycle folders and tracking tools.

 

(b)                                 Perform billing audits and invoice QA including financial trending and analyses and investigating exceptions.

 

(c)                                  Perform billing approval and confirmation including obtaining confirmation of audit completion and cycle approvals from internal Provider teams and USCC teams and reporting and tracking approvals, confirmations, and fulfillment activities.

 

(d)                                 Perform daily End-to-End usage balancing of system-wide, usage-related inputs and outputs.

 

(e)                                  Perform In-Collect and Out-Collect processing.

 

(f)                                   Coordinate and resolve file processing errors and fallout Issues.

 

(g)                                  Coordinate end-user device-related activities including migrations and switch upgrades.

 

20



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

9.                                      Infrastructure Support

 

Provider shall perform infrastructure services to support the Production Environment and the Non-Production Environments listed in Appendix 2 to this MSSOW including the following services: Environment Integration, Application Database Administration, Middleware Administration, Configuration Control, and Capacity Planning and Monitoring. Additional Provider responsibilities and accountabilities for Non-Production Environments are set forth in Appendix 1 to this MSSOW. For the third-party systems not operated by Provider as part of the B/OSS Solution (e.g., EDW, ODS, IVR, MyAccount, SAP, and CyberSource), Provider shall be responsible for all infrastructure interface configurations to and from the B/OSS Solution.  The activities include, without limitation, the following:

 

9.1                               Environment Integration.

 

(a)                                 Maintain and provide Infrastructure support for existing USCC testing, development and training environments and build-out of new environments to meet various business needs of USCC.

 

(b)                                 Design environment architecture for any new components of the B/OSS Solution by identifying the number of components/environments required based on USCC’s needs and business requirements and optimizing the hardware and software asset utilization.

 

(c)                                  Provide ongoing maintenance of the environments by developing tools/utilities for scheduled reboot of the environments and apply changes/modifications using a tightly controlled method.

 

(d)                                 Deploy new builds, releases, and software upgrades for implementing new CRs and enhancements using Configuration Control.

 

(e)                                  With respect to the applications, Systems and environments set forth in Appendix 8 to this MSSOW, monitor (i) the Production Environment commencing no later than December 15, 2014; and (ii) all such Non-Production Environments commencing no later than February 15, 2015.  For the avoidance of doubt, the date upon which Amdocs commences such monitoring shall not affect the applicability of the SLAs and KPIs to the Services (or the parties’ respective rights and obligations related thereto).

 

(f)                                   Perform environment upgrade/build/bounce and data refresh for each environment in accordance with the testing requirements and timelines for each release.

 

(g)                                  Administer daemons, operational batch jobs and software scheduling.

 

(h)                                 Perform log file archiving and cleaning for all B/OSS Solution applications.

 

(i)                                     Identify themes from each release and apply lessons learned to optimize and reduce the total number of Incidents through environment standardization, automation and repeatable processes/tasks in preparation and management of Non-Production Environments.

 

(j)                                    Support and maintain self-service tools. Provider will continue to be responsible for the deployment of builds, upgrades, and Hot Fixes, execution of bounces and data refreshes.  After the self-service tools are functioning, Provider will continue to be responsible for any activity the self-service tool fails to perform or is not designed to perform.

 

(k)                                 Administer Provider’s infrastructure tools such as Genesis, Boot Manager, Hot Fix Tool, Tiger Tool, and the self-service tools.

 

21



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

(l)                                     Install, maintain and administer the batch job scheduling tool.

 

(m)                             Upon USCC’s request, perform the infrastructure environment tasks listed in Appendix 4 to this MSSOW (in accordance with the applicable lead and implementation times set forth in Appendix 4 to MSSOW).

 

(n)                                 Integrate Non-Production Environments with external interfaces and downstream applications (such as Spectrum/Vertex, ESB/DP, EBI, ODS, etc.) in accordance with project and/or release requirements.

 

(o)                                 Support Testing and Development activities in the Non-Production Environments by investigating and troubleshooting environment Incidents, providing RCAs and identifying permanent remediation solutions to prevent recurring Issues.

 

(p)                                 Perform infrastructure Sanity Testing after each environment upgrade and build push and support Provider’s Testing team with any issues in Sanity Testing performed by such Testing team.

 

(q)                                 Analyze the performance of the environments set forth in Appendix 8 to this MSSOW and make actionable recommendations to USCC’s Infrastructure group for system performance Issues and to Provider Delivery organizations for application and environment performance Issues.

 

(r)                                    Provide the automated self-help tools listed in Appendix 9 to this MSSOW (the “Self-Service Tools”).  Provider will provide training, knowledge transfer and documentation on how to use the Self-Service Tools including, without limitation, run books, user guides, tool logs location and how to interpret them, common Issues and resolutions, etc.  Provider may introduce additional self-service tools as appropriate.

 

(s)                                   Maintain up-to-date Environment Pages and Environment Dashboard documentation describing the configuration details for all Non-Production Environments.

 

(t)                                    Perform all changes to the environment configurations in accordance with the Technical Release Notes, and track and document all manual changes to ensure they are included in the production cut-over.

 

9.2                               Application Database Administration.

 

(a)                                 Identify, tune, and resolve application queries causing application or database performance impacts. Maintain database statistics for optimal execution plans and transform application data access methods to improve efficiency.

 

(b)                                 Support the obfuscation of PCI, PII, and CPNI data by identifying the applicable elements as defined by USCC (Table and Column combinations).  Determine the appropriate method of obfuscation that is supported by the application.

 

(c)                                  Monitor/trace the database transactions End-to-End in response to Incidents and identify the bottlenecks for the resources that can be fine-tuned.

 

(d)                                 Maintain Application Database schema in all in-scope environments.

 

(e)                                  Perform copy Ban requests (DB Extract).

 

(f)                                   Provide application database support at every level of release (i.e., from code repository to environmental data).

 

22



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

(g)                                  Review and approve development schema changes for consistency and stability.

 

(h)                                 Execute required steps of approved changes during Daily Maintenance Windows to deploy Hot Fixes and builds including reviewing and testing of all SQL scripts in a full-volume environment. Notify and coordinate with the USCC team for database replication.

 

(i)                                     Troubleshoot ongoing release/production support Issues from the Application DBA standpoint including participation in outage conference calls and the necessary RCA follow-up activities.

 

(j)                                    Support the restoration of the database instance through the application of archive logs after USCC restores the full instance from the back-up (including any incremental back-ups).

 

(k)                                 Support the database instance from an application perspective at source and target for the environments set forth in Appendix 8 to this MSSOW for the database technologies such as Standby, BCV, Flash and SNAP, provided that USCC will obtain a license to use the technology to replicate such instance.

 

(l)                                     Perform clean-up and capacity management of all temporary objects created in the Production Environment by Provider’s application support teams.

 

(m)                             Perform database set-up after physical database restore, clone, or creation (including database dblinks, reference data refresh, and configuration items).

 

(n)                                 Perform certification of appropriate Oracle database versions and patch sets.

 

(o)                                 Open and escalate cases with Oracle and any other applicable database vendors for production Incidents (to the extent that such Incidents relate to application database services).

 

9.3                               Middleware.  Provider will administer with respect to the tasks defined below the middleware technologies within the scope of the B/OSS Solution . Provider is responsible for configuration of B/OSS Solution system certificates that are managed and supplied by USCC. For all other out-of-scope middleware technologies and systems, Provider is only responsible for configuration of B/OSS Solution system interfaces to those technologies and systems.

 

(a)                                 Manage production and non-production middleware for in-scope environments.

 

(b)                                 Manage infrastructure for front-end web applications and web services and interfaces to/from the ESB.

 

(c)                                  Tune middleware for optimal performance and throughput using Provider’s deep-dive tools.

 

(d)                                 Implement continuous improvement and stability initiatives.

 

(e)                                  Monitor middleware layers in the Production Environment to proactively manage performance Issues and error conditions.

 

(f)                                   Implement security and functional patches in accordance with USCC’s Change Management Process to keep instances stable and supportable by Oracle and any other applicable middleware software vendors.  Maintain a rolling [***]-day schedule to deploy the patches and keep up with patching to fix security vulnerabilities and resolve published bugs.

 

23



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

(g)                                  Open and escalate cases with Oracle and any other applicable middleware software vendors for production incidents.

 

(h)                                 Manage middleware changes and Incident Records.  USCC shall provide a work plan if there are any changes to be performed by USCC.

 

9.4                               Infrastructure Management.

 

(a)                                 Coordinate production and non-production infrastructure activities among Provider’s B/OSS Solution support teams.

 

(b)                                 Serve as the infrastructure escalation point for production and non-production Incidents.

 

(c)                                  Provide infrastructure-related input and recommendations in accordance with the production change management process.

 

(d)                                 Provide infrastructure-related input and recommendations to non-production upgrade schedules.

 

(e)                                  Provide infrastructure-related input and recommendations for release and maintenance checklists and reviews.

 

(f)                                   Perform production change management controls for Provider Infrastructure changes in accordance with USCC’s Change Management Process.

 

(g)                                  Serve as Manager-on-duty for production and non-production infrastructure Issues.

 

(h)                                 Coordinate infrastructure release tasks and timelines with all Provider teams as well as USCC Release Management team for in-scope services.

 

(i)                                     Coordinate Provider application deployments, lessons learned and best practices.

 

(j)                                    Manage and coordinate production deployment of Provider Infrastructure changes.

 

(k)                                 Track production changes, best practices and lessons learned to enhance Provider’s knowledge base and for continuous improvement.

 

9.5                               Configuration Control.

 

(a)                                 Design, configure, synchronize, and build development environments for different versions and releases to implement USCC’s CRs and enhancements.

 

(b)                                 Perform maintenance, synchronization, and stabilization among different Third-Party Software (e.g., Oracle, Java, Syncsort, etc.) on different platforms.

 

(c)                                  Ensure source code repository for the B/OSS Solution is available to maintain different versions of source code and synchronize between the different versions to ensure any Hot Fixes deployed to production are not overwritten by new development.

 

(d)                                 Manage versions and maintain inventory of Hot Fixes/builds throughout the release lifecycle for “n plus 2” releases.

 

(e)                                  Manage infrastructure and software configurations and provide architectural information to USCC infrastructure team related to application models and processes to aid in impact analyses to be performed by USCC.

 

24



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

(f)                                   Ensure all environment configurations are consistent across the various types of environments (e.g., SIT, DEV, E2E and PTE).

 

9.6                               Capacity Planning.

 

(a)                                 Monitor trending for B/OSS Solution applications and all other capabilities that are in scope for Provider.

 

(b)                                 Develop and deliver to USCC infrastructure monthly performance data analysis for planning capacity based on business volumes for at least [***] months into the future.

 

(c)                                  Forecast and predict business volumes and machine performance and provide reports to USCC with respect thereto. Sample reports are shown in Appendix 3 to this MSSOW.

 

(d)                                 [***] months, conduct B/OSS Solution true-up analysis and provide capacity recommendations to USCC for B/OSS Solution to ensure sufficient hardware is available to accommodate the demands of daily production and non-production activities.

 

(e)                                  Provide sizing and recommendations for special project initiatives and any new CRs that may impact capacity demand. (USCC is responsible for providing business forecasts and project details impacting capacity, and Provider will furnish the sizing and recommendations within [***] weeks after receiving such forecast and details.)

 

(f)                                   Install collection probes on all B/OSS Solution servers to gather capacity planning data. (USCC is responsible for providing required permissions/approvals.)

 

9.7                               Monitoring.

 

(a)                                 Monitor the Production Environment to ensure application performance meets or exceeds the KPIs and SLAs.

 

(b)                                 Set up proactive notification/alerting mechanisms for early detection of Issues to enable Provider teams to rapidly investigate and resolve situations before any impacts are experienced by USCC’s business thereby preventing any downtime/outage situation.

 

(c)                                  Collect production data for monitoring, reporting, capacity planning, and KPI and SLA measurement.

 

(d)                                 Design, implement and configure the optimal monitoring strategy based on USCC B/OSS Solution application needs and business to encompass the End-to-End business transactions/flows.

 

(e)                                  Create new monitoring plug-ins and extracts (other than those that require application development) to support on-going needs and new CRs and enhancements to satisfy B/OSS Solution business growth and needs.

 

(f)                                   Implement data collection for different systems (HW servers, Database, Middleware Layer as utilized within the application), provided that USCC is responsible for installation of monitoring components requiring “root” access on USCC Servers.

 

(g)                                  Use Provider’s monitoring system to gather B/OSS Solution server utilization and other architecture information for use by Provider in troubleshooting, operations, and capacity planning. (Monitoring and alerting for core architecture and physical database remains the responsibility of USCC.)

 

25



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

(h)                                 Create and maintain dashboards and views for production monitoring and operations, and make all such dashboards and views available to USCC.

 

(i)                                     Feed into the USCC monitoring solution critical alerts from Provider monitoring that correlate to business impacts.

 

(j)                                    Manage monitoring system maintenance windows to halt alerts to USCC during maintenance and release times.

 

(k)                                 Provide ongoing support for patches and upgrades for monitoring software and infrastructure.

 

(l)                                     Provide ongoing health checks for the availability and reliability of the monitoring infrastructure.

 

(m)                             Provide advance notice and coordinate implementation of any increases to architecture capacity and related IT support for the Provider monitoring data gathering instances that must run on USCC’s system/network.

 

(n)                                 Collaborate with USCC to provide network connectivity to allow data transfer of monitoring KPIs from data gathering instances to Provider’s central monitoring system.

 

9.8                               General Infrastructure Support.

 

(a)                                 Manage Provider Infrastructure tickets at production and non-production level.

 

(b)                                 Subject to prior approval through the USCC Change Management Process, deploy infrastructure release components (including readiness and staging) to the Production Environment.

 

(c)                                  Measure, report and proactively analyze and solve performance Issues related to USCC’s Infrastructure.

 

(d)                                 Provide High Availability (“HA”) design recommendations to USCC infrastructure.

 

9.9                               Exclusions.

 

(a)                                 Areas of Provider accountability do not include the following if the applicable hardware is located other than at a Provider facility:  (a) IT infrastructure support services such as Unix/Linux OS and server administration, (b) Windows administration, (c) Network administration, (d) storage and back-up services, (e) vendor and asset management, (f) physical data center services, and (g) physical database administration.

 

(b)                                 USCC’s responsibilities and accountabilities for the Non-Production Environments are set forth in Appendix 1 to this MSSOW.

 

10.                               Customer Operations Manager

 

The COM shall be responsible for managing and communicating activities related to the Service Towers listed under Section 1.2 of this MSSOW in accordance with the agreed-upon SLAs and KPIs.  The detailed activities of the COM include the following:

 

10.1                        Serve as the day-to-day interface for critical Issues in production systems.

 

26



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

10.2                        Serve as an escalation point for any Issues within the scope of the Services.

 

10.3                        Lead and drive (a) resolution of Issues; and (b) identification and impact assessment or quantification of Issues in accordance with the Service Level Targets (based upon the severity of each Issue)

 

10.4                        Review production RCAs to identify critical production Issues.

 

10.5                        Coordinate individual or packaged Hot Fixes and production immediate fixes with Tier 3/Tier 4 Support and testing teams in accordance with USCC’s Change Management Process before deploying such fixes into production.

 

10.6                        Participate in daily management production calls including management CAB meetings.

 

10.7                        Manage monthly partner meeting to review all SLAs and KPIs with USCC.

 

10.8                        Participate in USCC daily production calls and share B/OSS Solution updates including action plans for missed SLAs and KPIs.

 

10.9                        Provide timelines and steps to be executed by Provider as input to the overall release timeline for development and infrastructure upgrades.

 

10.10                 Provide status of development and System Testing for a production immediate fix to USCC IS Operations.

 

10.11                 Serve as escalation point for any disputes or major Issues.

 

10.12                 Provide information on infrastructure and operational steps including any validation processes to create implementation for release deployment.

 

10.13                 Provide predictive analyses as agreed upon, prior to any release to share insight on operational/process impacts and benefits.

 

10.14                 Provide after action review after any release to compare planned and actual impacts as well as lessons learned.

 

10.15                 Enforce access control policy for B/OSS Solution support as defined by USCC.

 

10.16                 Coordinate release post-deployment Warranty support and ensure Problem resolution.

 

10.17                 Prioritize Problem Records according to USCC business needs, subject to approval by the USCC’s Defect Management function.

 

10.18                 Interface with USCC Engineering to investigate and resolve TurboCharging/SCP Issues and in planning upgrade and release activities when needed.

 

10.19                 Provide demand forecast for releases and any special launches that are agreed upon, including the following indicators:  (a) Ticket management, (b) Defect management, (c) Stuck Order fallout, (d) billing rejects and holds, and (e) any other agreed-upon indicators as and when needed.

 

11.                               Out of Scope Activities

 

The parties confirm that the following tasks and activities are outside the scope of the Services. For the avoidance of doubt, the following list is not comprehensive.

 

27



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

11.1                        Updates of EPC and BPT data and table entries, excluding deployment activities.

 

11.2                        Approvals of financial or customer impacting decisions.

 

11.3                        Approvals of bill cycle or credits/adjustments.

 

11.4                        Performance and approval of revenue assurance financial audit, excluding quality checks for usage, bill cycle and financial output.

 

11.5                        Cost and relationship management with Print and Mail Center (“PMC”), actual printing and mailing of bills.

 

11.6                        Cost and relationship management with Third-Party Contractors under USCC’s financial responsibility.

 

11.7                        Serving as a primary point of contact with USCC business partners.

 

11.8                        Investigation and Resolution of root cause problems in USCC Systems (e.g., Network Elements fix) following initial triage by Provider.

 

11.9                        Performing help desk activities (Tier 1).

 

12.                               Additional Obligations

 

The additional obligations described in Annex J to this MSSOW shall apply, subject to the terms thereof.

 

IN WITNESS WHEREOF, the parties have executed this MSSOW as of the Commencement Date by their duly authorized representatives in one or more counterparts, each of which shall constitute an original.

 

 

AMDOCS SOFTWARE SYSTEMS LIMITED

USCC SERVICES, LLC

 

 

 

 

By:

 

 

By:

 

 

 

 

 

 

 

 

 

 

 

Name:

 

 

Name:

 

 

 

 

 

 

 

 

 

 

 

Title:

 

 

Title:

 

 

28



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

APPENDIX 1

 

USCC and Amdocs’ Responsibilities for Non-Production Environments

 

EID—Delivery

 

Category

 

Task

 

USCC
Accountable

 

USCC
Responsible

 

Amdocs
Accountable

 

Amdocs
Responsible

 

RASCI Details

Project/Release Planning

 

E50/E30/E10 Resource Estimates

 

Yes

 

Yes

 

 

 

Yes

 

USCC is accountable and responsible for provide E50/E30/E10 resource estimates for Non-B/OSS Solution systems.

Amdocs is responsible for acknowledgement of support for Release

 

IS Projects not part of release

 

Yes

 

Yes

 

 

 

Yes

 

USCC is accountable and responsible for all planning of Non-B/OSS Solution and B/OSS Solution IS Projects outside of a Release.

Amdocs is responsible for acknowledging the support of IS Projects and any Amdocs’ resource planning to provide such support.

Maintenance Windows

 

Coordinate Maintenance Window

 

Yes

 

Yes

 

 

 

 

 

USCC is accountable and responsible for communication with Testing & VMs, coordination of USCC and Amdocs resources (via Amdocs focal point), accommodation of unscheduled Maintenance Windows

Defect Management

 

Evaluate release defects opened for Infra Integration

 

 

 

 

 

Yes

 

Yes

 

Amdocs is accountable and responsible for monitoring Quality Center for all open Infra defects and providing resolution

 

Daily defect meetings

 

 

 

 

 

Yes

 

Yes

 

Amdocs is accountable and responsible for attending daily defect meetings and to communicate updates, discuss all open defects.

 

Coordinate resources and track defect resolution and escalate when needed

 

 

 

 

 

Yes

 

Yes

 

Amdocs is accountable and responsible for allocating resources to work on defects or attend triage bridges. Amdocs is also accountable to track the progress of Infra defects resolution and escalate to get support as needed

 

Provide Off-Hours focal point coverage

 

 

 

 

 

Yes

 

Yes

 

Amdocs is accountable and responsible for providing late shift focal point support during the week from [***] and Saturday/Sunday/Holidays from [***].

Environment Coordination and Allocation

 

Coordinate upgrade schedule with Testing based on requirements

 

Yes

 

Yes

 

 

 

Yes

 

USCC is accountable and responsible for planning the schedule of the environment upgrades with the Testing team and for negotiations and communications about any change in the upgrade schedules

Amdocs is responsible for providing input on the environment upgrade schedule

 

Plan and track environment allocation

 

Yes

 

Yes

 

 

 

Yes

 

USCC is accountable and responsible for planning and allocation of B/OSS Solution and Non-B/OSS Solution environments for all Major/Minor Releases and Prod Support

Amdocs is responsible for acknowledging the B/OSS Solution environment allocation

 

Appendix 1 (MSSOW)

 

1



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

Category

 

Task

 

USCC
Accountable

 

USCC
Responsible

 

Amdocs
Accountable

 

Amdocs
Responsible

 

RASCI Details

 

 

Maintain Environment Dashboard and Master Details document for B/OSS Solution

 

 

 

 

 

Yes

 

Yes

 

Amdocs is accountable and responsible for maintaining the Environment Dashboard and Environment Pages document for B/OSS Solution

 

 

Maintain Environment Dashboard and Master Details document for Non-B/OSS Solution

 

Yes

 

Yes

 

 

 

 

 

USCC is accountable and responsible for maintaining the Environment Dashboard and Environment Pages document for Non-B/OSS Solution

 

 

Coordinate connectivity to external interfaces

 

Yes

 

Yes

 

 

 

Yes

 

USCC is accountable and responsible for coordinating the overall implementation of the connections with external interfaces.

Amdocs is responsible for planning and coordinating the implementation of changes in B/OSS Solution

Environment Upgrades

 

Coordinate unpack of B/OSS Solution builds

 

 

 

 

 

Yes

 

Yes

 

Amdocs is accountable and responsible for coordinating the unpacking of the B/OSS Solution builds after they are delivered on-site from DVCI

 

Coordinate with VMs the B/OSS Solution HF list for env upgrade

 

 

 

 

 

Yes

 

Yes

 

Amdocs is accountable and responsible for working with VMs to obtain the HF lists needed for environment upgrades

 

Allocate resources for Non-B/OSS Solution environment upgrade

 

Yes

 

Yes

 

 

 

 

 

USCC is accountable and responsible for allocating the resources needed to perform the Non-B/OSS Solution environment upgrades

 

Allocate resources for B/OSS Solution environment upgrade

 

 

 

 

 

Yes

 

Yes

 

Amdocs is accountable and responsible for allocating the resources needed to perform the B/OSS Solution environment upgrades

 

Communicate updates on B/OSS Solution environment upgrade progress

 

 

 

 

 

Yes

 

Yes

 

Amdocs is accountable to provide periodic status updates of B/OSS Solution environment upgrade progress

 

Communicate updates on overall environment upgrade and release environment to Testing

 

Yes

 

Yes

 

 

 

 

 

USCC is accountable and responsible for providing periodic status updates of overall environment upgrade progress (B/OSS Solution and Non-B/OSS Solution). This includes escalation and raising awareness about delays, risks, impacts as appropriate

New Project Implementation

 

Perform requested B/OSS Solution specific activities as documented via UTS

 

 

 

 

 

Yes

 

Yes

 

Amdocs is accountable and responsible for coordinating the implementation of any required changes on B/OSS Solution systems

 

Coordinate Non-B/OSS Solution activities

 

Yes

 

Yes

 

 

 

 

 

USCC is accountable and responsible for coordinating the implementation of any required changes on Non-B/OSS Solution systems

Data Refresh - Full Data

 

Coordinate environment data refresh with Testing.

 

Yes

 

Yes

 

 

 

Yes

 

USCC is accountable to coordinate data refresh schedule with Testing Team and Amdocs is responsible for making sure the data refresh activities are executed per scheduled timelines and duration of work

 

2



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

Category

 

Task

 

USCC
Accountable

 

USCC
Responsible

 

Amdocs
Accountable

 

Amdocs
Responsible

 

RASCI Details

 

 

Engage and coordinate USCC Infrastructure resources

 

Yes

 

Yes

 

 

 

Yes

 

USCC is accountable and responsible for overall coordination and communicating the schedule. Amdocs is responsible to coordinate, complete the technical sequence of steps by working with the USCC Storage and DBA teams to perform the data refresh from production in all full environments.

Data Extracts - Subset Data - Dbextract

 

Obtain list of customers to be extracted from Test Full environment

 

Yes

 

Yes

 

 

 

Yes

 

Amdocs is overall accountable for the DB Extract process in B/OSS Solution environments. USCC is responsible for obtaining CID list for data extract from the Testing Team

 

Coordinate dbextract and data load with ADBA into Test Flat environments

 

 

 

Yes

 

Yes

 

Yes

 

Amdocs is overall accountable for the DB Extract process in B/OSS Solution environments. USCC is responsible for coordinating with ADBAS the db extract from Full environments and the data load into the Flat environments

TRN Environment Upgrades and Support

 

Coordinate and publish a plan for Training environment upgrade schedule

 

Yes

 

Yes

 

 

 

Yes

 

USCC is accountable for coordinating, planning and publishing Training environment upgrade schedules by working with APS team and Amdocs; Amdocs is responsible for providing input to the training plan for: availability of resources, upgrade timelines, any risks or concerns.

 

Gather the training environments data requirements

 

Yes

 

Yes

 

 

 

Yes

 

USCC is accountable and responsible for getting the data requirements from APS Team and submit to Amdocs Infra to extract the CIDs based on the data requirements from USCC APS Team.

Amdocs is responsible to mine the data to feed the dBExtract tool and load the extracted data into the training environments.

OS and DB Patching

 

Schedule with Testing monthly Linux and AIX patching

 

Yes

 

Yes

 

 

 

 

 

USCC is accountable and responsible for planning the monthly Linux and AIX patching activities

 

Allocate USCC Platform resources

 

Yes

 

Yes

 

 

 

 

 

USCC is accountable and responsible for allocating the USCC Platform Unix and DBA resources to perform the patching

 

Allocate resources to bounce B/OSS Solution environments and perform Infra Sanity

 

Yes

 

Yes

 

 

 

 

 

USCC is accountable and responsible for allocating the USCC resources to bounce the B/OSS Solution environments and to perform the Infra Sanity

 

3



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

EID—Technical

 

Task

 

USCC
Accountable

 

USCC
Responsible

 

Amdocs
Accountable

 

Amdocs
Responsible

 

Self-Help
Tool

 

RASCI Details

B/OSS Solution Environment Upgrade

 

 

 

 

 

Yes

 

Yes

 

 

 

Amdocs is accountable and responsible for performing the B/OSS Solution environment (env) upgrades

B/OSS Solution Environment Data Refresh - Full Data

 

 

 

Yes

 

Yes

 

Yes

 

 

 

Amdocs is accountable and responsible for the data refresh process for extracting data (including documentation) in the B/OSS Solution environments. USCC is responsible for performing the data refresh from production into full environment. This includes the tasks executed by the Platform, Storage, DBA and EID teams

DB Extracts - Subset

 

 

 

Yes

 

Yes

 

Yes

 

Yes

 

Amdocs is accountable and responsible for the db extract process, tools and documentation. USCC is responsible for running the DBExtract self-service tool to extract data from Full environments and load it into the Flat environments.

B/OSS Solution Infra Environment Sanity

 

 

 

Yes

 

Yes

 

Yes

 

Yes

 

Amdocs is accountable and responsible for the Infra Sanity process, tools and documentation. USCC is responsible for running the Infra Sanity self-service tool in all instances where it is necessary (after Maintenance Window, OS Patching, etc.)

B/OSS Solution Environment Bounce

 

 

 

Yes

 

Yes

 

Yes

 

Yes

 

Amdocs is accountable and responsible for the B/OSS Solution environments bounce process, tools and documentation. USCC is responsible for running the B/OSS Solution Bounce self-service tool

B/OSS Solution Maintenance Window - Onshore- Deploy HF

 

 

 

Yes

 

Yes

 

Yes

 

Yes

 

Amdocs is accountable and responsible for the Hot Fix (HF) deployment process, tools and documentation. USCC is responsible for applying the B/OSS Solution HFs during Maintenance Windows using the self-service tool provided by Amdocs. All HFs must be auto-deployable (i.e. no manual deployments)

B/OSS Solution Maintenance Window - Offshore- Deploy HF

 

 

 

Yes

 

Yes

 

Yes

 

Yes

 

Amdocs is accountable and responsible for the HF deployment process, tools and documentation. USCC is responsible for applying the B/OSS Solution HFs during Maintenance Windows using the self-service tool provided by Amdocs. All HFs must be auto-deployable (i.e. no manual deployments)

OS Patching Maintenance Window

 

Yes

 

Yes

 

 

 

 

 

Yes

 

USCC is accountable and responsible for performing the OS Patching Maintenance Windows on the B/OSS Solution systems. The self-service tool will be used by USCC to bounce the B/OSS Solution environments

Troubleshooting and support

 

 

 

 

 

Yes

 

Yes

 

 

 

Amdocs is accountable and responsible for troubleshooting, support and defect management in the B/OSS Solution environments

Off-hours support

 

 

 

 

 

Yes

 

Yes

 

 

 

Amdocs is accountable and responsible for providing technical support during the week from [***] and Saturday/Sunday/Holidays from [***].

New B/OSS Solution environment build out

 

 

 

 

 

Yes

 

Yes

 

 

 

Amdocs is accountable and responsible for any new B/OSS Solution environment build out activities as per the Release/Projects requirements

Unpack B/OSS Solution Builds

 

 

 

 

 

Yes

 

Yes

 

 

 

Amdocs is accountable and responsible for B/OSS Solution code delivery and unpacking. This includes both B/OSS Solution full builds and HFs

 

4



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

Task

 

USCC
Accountable

 

USCC
Responsible

 

Amdocs
Accountable

 

Amdocs
Responsible

 

Self-Help
Tool

 

RASCI Details

New B/OSS Solution components configuration and integration

 

 

 

 

 

Yes

 

Yes

 

 

 

Amdocs is accountable and responsible for any new B/OSS Solution component integration and configuration as required by the Release/Project requirements

TRN review and implementation

 

 

 

 

 

Yes

 

Yes

 

 

 

Amdocs is accountable and responsible for the Technical Release Notes (TRN) review and the implementation of the new changes into the B/OSS Solution environments. USCC access to the TRN is preferred but not required.

B/OSS Solution Filesystem Clean-up

 

 

 

Yes

 

Yes

 

Yes

 

Yes

 

Amdocs is accountable to automate cleanup scripts/jobs and configure the rules according to the env owner’s requirements.

USCC is responsible for running the B/OSS Solution filesystem clean-up self-service tool as needed, once such tool is provided by Amdocs. Any cleanup that happens outside of the cleanup rules will be performed/coordinated by the env owner.

Change debug mode in B/OSS Solution applications

 

 

 

Yes

 

Yes

 

Yes

 

Yes

 

Amdocs is accountable and responsible for the debug mode change process, tools and documentation in the B/OSS Solution environments. USCC is responsible for running the debug mode self-service tool as per request

Change operational mode (logical date/system date)

 

 

 

Yes

 

Yes

 

Yes

 

Yes

 

Amdocs is accountable and responsible for the operational mode change process, tools and documentation in the B/OSS Solution environments. USCC is responsible for running the operational mode self-service tool as per request

Change RIM to RIMLITE in Flat environments

 

 

 

Yes

 

Yes

 

Yes

 

Yes

 

Amdocs is accountable and responsible for the RIM-to-RIMLITE change process, tools and documentation in the B/OSS Solution environments. USCC is responsible for running the RIM-to-RIMLITE self-service tool as per request

B/OSS Solution Middleware components support

 

 

 

Yes

 

Yes

 

Yes

 

 

 

Amdocs is accountable and responsible for the Middleware stack support in the B/OSS Solution environments. USCC is responsible for providing the SSL Certificates needed to implement https support

Capacity Management for B/OSS Solution environments

 

 

 

Yes

 

Yes

 

Yes

 

 

 

Amdocs is accountable and responsible for the Capacity Management process, tools and documentation. USSC is responsible for implementing changes to the infrastructure

Maintain required B/OSS Solution licenses

 

 

 

 

 

Yes

 

Yes

 

 

 

Amdocs is accountable and responsible for providing and maintaining the necessary updated Amdocs applications licenses in the B/OSS Solution environments

Other emergency requests

 

 

 

Yes

 

Yes

 

Yes

 

 

 

It is the responsibility of both Amdocs and USCC to do their respective bests (inside of the agreed service scopes) to collaboratively support the efforts needed to meet the business requirements even in times of emergencies. Because it will not be possible to meet all previously planned deliverables when an emergency request arises, in the case of unplanned urgent requests to meet business goals, prioritization of conflicting tasks will be managed by the env owner (USCC) with input from Amdocs Infra.

 

5



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

Task

 

USCC
Accountable

 

USCC
Responsible

 

Amdocs
Accountable

 

Amdocs
Responsible

 

Self-Help
Tool

 

RASCI Details

Future self service Automation Tools

 

 

 

Yes

 

Yes

 

Yes

 

Yes

 

Amdocs is accountable and responsible for any future self service automation that will be developed for B/OSS Solution application. USCC is responsible for running these self-service tools, once accepted.

As additional self-service tools (not already marked as self-service in this table) are implemented and accepted by USCC, USCC will assume responsibility for the functions that the tool provides while Amdocs will continue to be accountable for that function.

 

6



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

Middleware —Production and Non-Production

 

Category

 

Task

 

USCC
Accountable

 

USCC
Responsible

 

Amdocs
Accountable

 

Amdocs
Responsible

 

RASCI Details

Middleware Configuration and Integration

 

Install and configure Middleware Components (Oracle WebLogic, Apache Tomcat, Apache Web Server, Java JVM, Couchbase) as per B/OSS Solution system requirements and specifications

 

N

 

N

 

Y

 

Y

 

Amdocs is accountable and responsible for the following:

- Submit RC requests for file systems, users & groups, OS kernel parameter change etc.

- Install the products, configure the domains, configure resources (JDBC, JMS, Security etc.) and deploy the applications.

 

Integrate B/OSS Solution MW Components with any internal or external interfaces as per system requirements and specifications. This includes opening FW, VIP requests as appropriate.

 

N

 

Y

 

Y

 

Y

 

Amdocs is accountable and responsible for submitting RC requests for firewall ports, load balancer VIP, IAM users and groups, create Certificate Signing Requests for SSL certificate etc.

USCC is responsible for implementing the RC requests on the systems under USCC administration (Firewalls, Load balancers, eDir, etc.)

 

Implement SSL configuration in B/OSS Solution environments using certificates provided and managed by USCC

 

N

 

Y

 

Y

 

Y

 

Amdocs is responsible and accountable for requesting Certificate Signing from USCC for SSL certificates needed on the B/OSS Solution systems and installing them on the B/OSS Solution systems. USCC is responsible for managing the SSL certificates (including signing by Certificate Authority and monitoring expiration date and alerts) and providing them to Amdocs for the B/OSS Solution systems that require secure traffic

 

Ensure Middleware configurations are consistent across all B/OSS Solution environments, accounting for the different size of the environments where appropriate.

 

N

 

N

 

Y

 

Y

 

Amdocs is accountable and responsible for the following:

- Ensure that the environments are configured consistently. The JVM options, environment variables, admin consoles, managed servers, admin scripts, resources consumed (JDBC, JMS, security etc.) should be consistent across all the environments. All cluster members in a cluster should be configured identically.

- Use data from performance testing to optimize production configuration

 

Ensure Middleware configurations in the B/OSS Solution environments adhere to IS best practices and vendor recommendations

 

N

 

N

 

Y

 

Y

 

Amdocs is accountable and responsible for following standards and best practices to adhere to IS best practices and for working with the product vendors to implement industry best practices.

 

7



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

Category

 

Task

 

USCC
Accountable

 

USCC
Responsible

 

Amdocs
Accountable

 

Amdocs
Responsible

 

RASCI Details

Middleware Support

 

Troubleshoot Middleware issues in the B/OSS Solution systems and provide resolution as per SLAs. Attend bridges as requested by Incident Management or Triage teams. Perform Root Cause Analysis for Middleware defects and provide and implement plans to avoid similar issues in the future.

 

N

 

N

 

Y

 

Y

 

Amdocs is accountable and responsible for the following:

- Troubleshoot Middleware issues in the B/OSS Solution systems.

- Respond to incident management immediately and engage resources to investigate the issues and identify the root cause.

- Escalate and engage vendors if required.

- Follow changes management policies to apply changes as needed.

- Resolve issues to meet SLAs.

 

Maintain Support Contracts with appropriate vendors for all Middleware Components used in the B/OSS Solution environments

 

Y

 

Y

 

N

 

Y

 

USCC is accountable and responsible for managing vendor support contracts for Middleware components used on the USCC B/OSS Solution systems which are owned and paid by USCC. Amdocs is responsible for the following:

- Keep track of support end-of-life and plan accordingly to request upgrade to the supported version of the product.

- Keep track of the system configuration to ensure license compliance of the products.

 

Open, track, follow-up and escalate SR tickets with Middleware vendors until resolution

 

N

 

Y

 

Y

 

Y

 

Amdocs is accountable for the following:

- Work with the product vendors to learn and implement new features and best practices.

- Engage vendors as needed to address issues

- Open support ticket and escalate issues to get best support from vendors to resolve issues quickly.

USCC is responsible for providing Support IDs and access to the vendor support systems for the B/OSS Solution Middleware components to enable them to perform the above mentioned activities

USCC is also responsible for as needed assistance in vendor escalations

 

8



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

Category

 

Task

 

USCC
Accountable

 

USCC
Responsible

 

Amdocs
Accountable

 

Amdocs
Responsible

 

RASCI Details

 

 

Maintain all troubleshooting tools (such as debuggers, profilers, scripts etc.) used for Middleware support. This does not include tools part of OS installation.

 

N

 

N

 

Y

 

Y

 

Amdocs is accountable and responsible for the following:

- Maintain all troubleshooting tools (such as debuggers, profilers, scripts etc.) used for Middleware support.

- Open source tools and customs scripts can be used but make sure they are tested properly in non-prod environments.

- Do due diligence while using the tools and scripts so that there is no negative impact to the production environments.

Middleware Upgrade

 

Upgrade Middleware Components to the versions required by the B/OSS Solution system specifications

 

N

 

N

 

Y

 

Y

 

Amdocs is accountable and responsible for the upgrade of the Middleware components supported and certified for B/OSS Solution applications.

 

Perform patching of the Middleware Components to keep systems stable and up to date from security standpoint

 

N

 

Y

 

Y

 

Y

 

Amdocs is accountable and responsible for the following:

- Install patches for bug fixes.

- Address security vulnerabilities reported by the IS Security.

- Work with IS security to run security scans after applying patches fix security issues.

USCC is responsible to provide the security vulnerability report for all Middleware components on the B/OSS Solution systems

 

Maintain inventory of all Middleware Components in all B/OSS Solution environments along with version and patch level

 

N

 

N

 

Y

 

Y

 

Amdocs is accountable and responsible for the following:

- Prepare and maintain the inventory of all the Middleware components and their versions.

- Maintain inventory of all the hosts and their configurations.

Release Management/IS Projects

 

Implement any Middleware configuration items specified in the Technical Release Notes

 

N

 

N

 

Y

 

Y

 

Amdocs is accountable and responsible for the following:

- Attend release management meetings, gather requirements and implement changes in non-production and production environments per Release Management documents.

- Provide support for Testing Team for the releases.

 

Support Release Cutover activities in B/OSS Solution Production

 

N

 

N

 

Y

 

Y

 

Amdocs is accountable and responsible for working on release cutover activities in production and for providing support to troubleshoot issues.

 

9



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

Category

 

Task

 

USCC
Accountable

 

USCC
Responsible

 

Amdocs
Accountable

 

Amdocs
Responsible

 

RASCI Details

 

 

Support IS Projects for any Middleware tasks required in the B/OSS Solution environments

 

N

 

N

 

Y

 

Y

 

Amdocs is accountable and responsible for supporting IS Projects for any Middleware tasks required in the B/OSS Solution environments

New Middleware Components

 

Provide system requirement and specifications for any new Middleware Components introduced by future B/OSS Solution releases

 

N

 

N

 

Y

 

Y

 

Amdocs is accountable and responsible for the following:

- Provide system requirement and specifications for any new Middleware Components introduced by future B/OSS Solution releases.

- Work with USCC enterprise architecture team to review and get approval for the new Middleware components.

 

Install, configure, integrate and support any new Middleware Components required by future B/OSS Solution releases

 

N

 

N

 

Y

 

Y

 

Amdocs is accountable and responsible for the following:

- Submit RC requests for file systems, users & groups, OS kernel parameter change etc.

- Install and configure the products to meet business requirements.

Middleware Log Management

 

Monitor the Middleware Components logs and perform archival and clean-up as per agreed retention policies

 

N

 

N

 

Y

 

Y

 

Amdocs is accountable and responsible for implementing log monitoring, log rotation, log retention and archival processes

Middleware Performance Tuning

 

Analyze B/OSS Solution Performance Testing results and recommend configurations settings to address any performance issues that cause the service to fail meeting the SLAs

 

N

 

N

 

Y

 

Y

 

Amdocs is accountable and responsible for the following:

- Work with the testing team to analyze the test results in the PTE environments.

- Investigate any performance related issues reported by the testing team and make necessary changes to ensure optimal performance

 

Implement the tuning configurations in the Production Environment once they have been tested and confirmed successful in PTE

 

N

 

N

 

Y

 

Y

 

Amdocs is accountable and responsible for recording all the changes in PTE after completing the successful performance testing and for their implementation in production following proper change approval processes

Middleware Capacity Planning

 

Provide system and sizing specifications for the Middleware Components implemented in the B/OSS Solution environments

 

N

 

Y

 

Y

 

Y

 

Amdocs is accountable and responsible for the following:

- Work on the capacity planning.

- Estimate the expected peak load and configure the middleware instances with enough capacity to handle the traffic without any performance degradation.

USCC is responsible for providing estimates of expected user traffic on the B/OSS Solution systems based on Business Estimates

 

10



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

Category

 

Task

 

USCC
Accountable

 

USCC
Responsible

 

Amdocs
Accountable

 

Amdocs
Responsible

 

RASCI Details

Middleware Security

 

Ensure the access to the administration interfaces of the Middleware Components is done through secure mechanisms. Individual access should be used (no generic administration accounts)

 

N

 

N

 

Y

 

Y

 

Amdocs is accountable and responsible for the following:

- Ensure the access to the administration interfaces of the Middleware Components is done through secure mechanisms.

- Use individual accounts instead of generic administration accounts.

- Maintain audit logs to track user activities.

 

Support the implementation of secure mechanisms (such as use of SSL, network segmentation etc.) for the B/OSS Solution traffic through Middleware Components as per USCC/Regulatory requirements

 

N

 

Y

 

Y

 

Y

 

Amdocs is accountable and responsible for the following:

- Support the implementation of secure mechanisms on the B/OSS Solution systems (such as use of SSL, network segmentation etc.).

USCC is responsible for implementing the secure mechanisms on the USCC Infrastructure that need to support Amdocs in implementing the security configuration on the Middleware components. Examples: USCC will implement Firewall rules, network segmentation as required by regulatory standards, patch Operating Systems to latest secure version, provide SSL certificates etc.

 

Support Security Pen tests when required and support the implementation of any required remediation items

 

N

 

Y

 

Y

 

Y

 

Amdocs is accountable and responsible for the following:

- Support Security Pen tests when required and support the implementation of any required remediation items.

- Address any security issues reported by IS security team. Work with the vendors to apply security patches.

USCC is responsible for performing Security Pen Testing on the B/OSS Solution systems and communicate any security issues to Amdocs for remediation

 

11



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

APPENDIX 2

 

Non-Production Environments

 

Dev 31

 

SIT 11

 

SIT 17

 

E2E 1

 

EPC UTE 1

 

TRN 44

Dev 32

 

SIT 12

 

SIT 18

 

E2E 4

 

EPC UTE 2

 

TRN 45

Dev 33

 

SIT 13

 

SIT 19

 

PSS61

 

EPC UTE 3

 

TRN 46

Dev 34

 

SIT 14

 

PTE

 

PTE2

 

TRN 41

 

 

Dev 35

 

SIT 15

 

E2E 3

 

SUP1

 

TRN 42

 

 

Dev 36

 

SIT 16

 

PSS62

 

BV

 

TRN 43

 

 

 

The names of the environments listed above are subject to change by USCC upon notice to Amdocs. USCC may add, modify or delete environments subject to the Envelope Parameters (Exhibit C-3 to the MSSOW).

 

Appendix 2 (MSSOW)

 

1



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

APPENDIX 3

 

Examples of Reports

 

 

 

Appendix 3 (MSSOW)

 

1



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

APPENDIX 4

 

Infrastructure Environment Tasks

 

Task

 

Description

 

Lead Time

 

Input Required

 

Implementation
Time

 

Assumptions/Requirements

 

 

 

 

 

 

 

 

 

 

 

Build push / Full environment refresh (Dev, SIT, TRN)

 

Upgrade a flat Non-Production Environment to a new build

 

[***]

 

Certified build version, upgrade schedule and approvals from the environment owners

 

[***]

 

·                  No more than [***] full environment upgrades in parallel or [***] total environment upgrades in parallel

·                  To be automated and moved to the environment owners as part of Self-Service

 

 

 

 

 

 

 

 

 

 

 

Build push / Full environment refresh (PTE, E2E, BV)

 

Upgrade a clustered production like environment to a new build

 

[***]

 

Certified build version, upgrade schedule and approvals from the environment owners

 

[***]

 

·                  No more than [***] environment upgrades in parallel

·                  To be automated and moved to the environment owners as part of Self-Service

 

 

 

 

 

 

 

 

 

 

 

Data refresh/DB extracts

 

Copy subset of production data to one of the non-production environment, such as copy Ban

 

[***]

 

Required population, source and target environment (DB) availability

 

[***]

 

·                  Source DB has to be in sync to maintain application data integrity

·                  To be automated and moved to the environment owners as part of Self-Service

 

 

 

 

 

 

 

 

 

 

 

HF Push (non-prod)

 

Application of HF to non-production environments

 

[***]

 

A list of HF from Version Manager to be applied and target environment availability

 

[***]

 

·                  To be automated and moved to environment owner as part of self-service

·                  All Hot Fixes to be applied during planned maintenance windows (up to [***] maintenance windows during biz hours and [***] maintenance windows overnight)

 

 

 

 

 

 

 

 

 

 

 

HF Push (Prod)

 

Application of HF to production environments

 

[***]

 

HF should be tested in Non prod, CM approval required

 

[***]

 

·                  To be automated and moved to  Amdocs Operations as part of self-service

·                  All HF should be applied within the production MW

·                  Extended MW might be required in some special cases.

 

 

 

 

 

 

 

 

 

 

 

Environment bounce (Non-Prod, FLAT)

 

Request to bounce a non-production environment

 

[***]

 

Approval from the environment owners

 

[***]

 

·                  To be automated and moved to the environment owner as part of self-service

·                  There should be scheduled bounce for all environments

 

 

 

 

 

 

 

 

 

 

 

Environment bounce (Non-Prod, FULL)

 

Request to bounce a non-production environment

 

[***]

 

Approval from the environment owners

 

[***]

 

·                  To be automated and moved to the environment owner as part of self-service

·                  There should be scheduled bounce for all environments

 

Appendix 4 (MSSOW)

 

1



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

Task

 

Description

 

Lead Time

 

Input Required

 

Implementation
Time

 

Assumptions/Requirements

 

 

 

 

 

 

 

 

 

 

 

Environment bounce/ Maintenance Windows

 

Request to bounce a production environment

 

[***]

 

Daily MW

 

[***]

 

·                  To be automated

·                  Production should be moved to responsibility of operations and bounced from daily map

·                  Dependent on other MW activities such as HF and Reference data refreshes

 

 

 

 

 

 

 

 

 

 

 

Production Incident support

 

Supporting production environment during Incidents

 

[***]

 

Incident management to open a P1 conference call

 

[***]

 

·                  Infra team will be joining P1 conference calls within [***] minutes to support production Incidents

 

 

 

 

 

 

 

 

 

 

 

New FLAT environment installation/cloning

 

Create new non production environment

 

[***]

 

Architecture requirements

 

[***]

 

·                  New environments would be required only upon business changes

·                  All new requirements would require budget for the initial implementation and additional ongoing support effort

 

 

 

 

 

 

 

 

 

 

 

New FULL environment installation/cloning

 

Create new non production environment

 

[***]

 

Architecture requirements

 

[***]

 

·                  New environments would be required only upon business changes

·                  All new requirements would require budget for the initial implementation and additional ongoing support effort

 

 

 

 

 

 

 

 

 

 

 

Non-prod Incident support and Incident Troubleshooting (Business Hours)

 

Supporting Non-Production Environments during all phases of release life cycle [***] and IST

[***] in consideration of Champaign, IL and India hours

 

[***]

 

Support ticket to be opened for appropriate infra team

 

[***]

 

·                  Infra team will be providing support to Non-Production Environments based on open tickets and their priorities

 

 

 

 

 

 

 

 

 

 

 

Non-prod Incident support and Incident Troubleshooting (Non-business hours)

 

Supporting Non-Production Environments during all phases of release life cycle outside of business hours, unless agreed upon in advance with [***] days’ notice.

 

[***]

 

Support ticket to be opened for appropriate infra team

 

[***]

 

·                  Infra team will be providing support to Non-Production Environments based on open tickets and their priorities

 

2



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

Task

 

Description

 

Lead Time

 

Input Required

 

Implementation
Time

 

Assumptions/Requirements

 

 

 

 

 

 

 

 

 

 

 

Non-prod miscellaneous technical tasks

 

·                  Support OS/DB patching activities

·                  Partial bounce of the environment (specific components) as per Testing request

·                  Change specific operational mode (such as from logical date to system date)

·                  Change debug level or turn it on/off

·                  Logs clean-up

·                  Change environment configuration from RIM to RIM LITE

·                  Respond to any environment monitoring alert by taking remediation actions

·                  Other ad-hoc requests (to be identified and documented)

 

[***]

 

 

 

[***]

 

 

Support ticket to be opened for appropriate infra team

 

[***]

 

·                  Infra team will be providing support to Non-Production Environments based on open tickets and their priorities

 

3



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

APPENDIX 5

 

Operational Processes

 

1.                                      Operational Processes

 

The parties acknowledge that (a) the Operational Processes set forth in this Section are subject to change, and (b) other processes may be added to and/or removed from this Appendix 5 to the MSSOW.

 

1.1.                           Billing

 

1.2.                           A/R Payment files

 

1.3.                           Billing Rerun

 

1.4.                           EOD Process

 

1.5.                           Usage Processing

 

1.6.                           Hot Fix Process

 

1.7.                           Change Control Process

 

1.8.                           RFC Change Control Process

 

1.9.                           Defect Process

 

1.10.                    EOM Process

 

1.11.                    Monitoring Process Critical

 

1.12.                    Sev 3-5 Ticket Flow

 

1.13.                    Sev 1 Sev 2 Flow

 

1.14.                    Severity Dispute Process (subject to completion of the actions identified in the table in Section 2.4 of this Appendix 5)

 

1.15.                    Ticket Escalation Process (subject to completion of the actions identified in the table in Section 2.4 of this Appendix 5)

 

1.16.                    Root Cause Analysis Process

 

1.17.                    MOA Incident Handling Basic Process (subject to completion of the actions identified in the table in Section 2.4 of this Appendix 5)

 

1.18.                    Stuck Order Process (subject to completion of the actions identified in the table in Section 2.4 of this Appendix 5)

 

1.19.                    Tax File Update Process

 

1.20.                    Script approval process

 

Appendix 5 (MSSOW)

 

1



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

1.21.                    A/R Charge/Credit Tool Process

 

1.22.                    Prepaid Process

 

1.23.                    Outcollect Process

 

2.                                      WIP OPs

 

2.1.                           The WIP OPs and the agreed-upon plan (the “AUP”) described in the Tops Transformation Process Flow Plan are tasks that require the actions identified in the table in Section 2.4 of this Appendix 5 to be completed by the due dates listed therein.

 

2.2.                           The following processes are the WIP OPs:

 

(a)                                 Severity Dispute,

 

(b)                                 Ticket Escalation Flow,

 

(c)                                  MOA Incident Handling Basic Process, and

 

(d)                                 Stuck Order Process.

 

2.3.                            The parties shall complete the actions within each task in the table in Section 2.4 of this Appendix 5 in the order specified.  When all actions related to a task are complete, the related task will be deemed finalized and the related process will be deemed approved as an Operational Process.

 

2.4.                           Tasks and actions to be performed to complete the WIP OPs are as follows:

 

 

 

 

 

Responsible Party

 

Due

Task

 

Action

 

Amdocs

 

USCC

 

Date

1.              USCC Process and Control owners to identify required changes to process flows — including Severity Dispute, Ticket Escalation Flow, MOA Incident Handling Basic Process, Stuck Order Process

 

 

 

 

 

USCC Process and Control Owners

 

[***]

 

 

(a)         Provide to Amdocs the changes to the process flow documents required by the USCC Process and Control Owners

 

 

 

[***]

 

[***]

 

 

(b)         Clarify and agree with USCC Process and Control Owners upon the implementation of required changes to process flows

 

[***]

 

[***], USSC Process and Control Owners

 

[***]

 

 

(c)          Update process flow documents based upon review by and response from USCC Process and Control Owners

 

[***]

 

 

 

[***]

 

2



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

 

 

 

 

Responsible Party

 

Due

Task

 

Action

 

Amdocs

 

USCC

 

Date

 

 

(d)         Review updated process flows.  If an updated process flow is approved by USCC, USCC will notify Amdocs, and Amdocs will send the updated process flow to the central repository.  If a process flow is not approved by USCC, USCC will provide to Amdocs the required changes to the process flow documents and recommence Action 1(b) in this table and will have [***] days per action to complete each such action and obtain USCC’s final approval.

 

Amdocs

 

USCC Process and Control Owners

 

[***]

2.              During the period commencing 11/17/2014 and ending on 12/31/2014, USCC and Amdocs resources will work together to provide supporting information and test the controls documented in the AUP as well as nine key automated controls

 

 

 

[***]

 

[***]

 

[***]

 

 

(a)         Amdocs resources to provide sufficient information and evidence requested from USCC to support testing of the [***] controls documented in the AUP attached hereto as Exhibit 5A to this Appendix 5.

 

[***]

 

 

 

[***]

 

 

(b)         Amdocs resources to provide testing approach support and USCC requested information for testing nine key automated controls set forth in the Table in Section 2.5 of this Appendix 5.

 

[***]

 

[***]

 

[***]

 

 

(c)          Amdocs to provide last modified date for code related to [***] additional automated controls set forth in the table in Section 2.6 of this Appendix 5 and [***] key reports set forth in Section 2.7 of this Appendix 5.

 

[***]

 

 

 

[***]

 

2.5.                            Key Automated Controls:

 

Seq.

 

Control #

 

Revised Control Activities

1

 

MEO.12001

 

As funds are replenished For pre-paid customers, unearned revenue will be automatically posted.  As usage is processed through Turbocharging, the charges are automatically processed against the customer’s balance resulting in a reduction to the unearned revenue and an increase to earned revenue via JGL.

 

 

 

 

 

2

 

MEO.12002

 

ETF charges are assigned a unique G/L account which is appropriately tagged within G/L Configurator to recognize revenue on a cash basis

 

 

 

 

 

3

 

CCS.1009

 

Turbo Charging decrements unit balances for individual prepaid customers based on usage data from the Rating Logic Configurator (RLC).

 

 

 

 

 

4

 

BDA.4001

 

Error handling processes from the A&F and TurboCharging (guiding and rating) are configured appropriately to automatically reject records and flag errors for further investigation and resolution. This includes appropriate error descriptor added to the Event Detailed Records (EDRs).  Rejected records are sent to AEM (Amdocs Error Manager) where they are automatically resolved based on a set of defined business rules.

 

3



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

Seq.

 

Control #

 

Revised Control Activities

5

 

CP.1003

 

When a pre-paid customer makes a payment, RPL increments dollar and unit balances by referencing the EPC rate tables.

 

 

 

 

 

6

 

CP.1001

 

When crediting an account (charge/event level credit) based on customer request, the Credit Handling API will ensure the proper amount of credit (charge and applicable taxes) is applied.

 

 

 

 

 

7

 

CP.2002

 

Payment receipt file (Lockbox payment file, payments from third party payment file, agent cash payments file, and CER payments file) level validations (File/Batch Accumulation trailer totals) are performed from the AC1_CONTROL table to help ensure complete and accurate payment processing.

 

 

 

 

 

8

 

CP.2003

 

The AC1_CONTROL TABLE prevents duplicate payments during the rerun of input files during the error management posting process.

 

 

 

 

 

9

 

CP.2007

 

Errors or exceptions in the payment validation (AR1PYMRCT) and payment posting (AR1PYMPST) are automatically flagged for resolution.

 

2.6.                           Additional Automated Controls:

 

Seq.

 

Control #

 

Revised Control Activities

1

 

COP.1007

 

The primary usage address requires validation within the footprint via BPT. For postpaid customers, actual address is used. For prepaid customers the USC store address or agent location nearest customer zip is automatically used. Addresses falling outside the system are automatically erred from being accepted.

 

 

 

 

 

2

 

CHQ.1013

 

Adjustment codes and dollar limits are tied to TOPS profiles. Associates are given access to through a profile that is created based on job function.

 

 

 

 

 

3

 

CP.2004

 

As batch payments are received for closed/written off accounts, the status is automatically adjusted as the payment in applied. If a balance still remains following the payment, the account status automatically reverts back to “written off” and the remaining balance is written off

 

 

 

 

 

4

 

CDNP.1007

 

A credit class is required prior to activation to help ensure credit classifications are assigned timely. Note: the engagement team considers this to be an operational control. Further, the allowance control (USC01.346) will detect any material errors in the valuation of customer accounts receivable & bad debt.

 

4



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

Seq.

 

Control #

 

Revised Control Activities

5

 

CCS.1017

 

The APRM Module in Amdocs is configured to perform roaming guiding activity. This will automatically calculate the appropriate incollect and outcollect records for each month

 

 

 

 

 

6

 

CCS.1025

 

The APRM Module in Amdocs in configured to perform roaming rating activity. This will automatically calculate the appropriate distribution across each market for intra roaming purposes and necessary accruals necessary due to the settlement period mid-month for incollect and outcollect

 

2.7.                           Key Reports:

 

PwC Ref #

 

Report Name

 

Business
Unit

 

Business
Process

 

 

 

 

 

 

 

1

 

Aged Trial Balance Activities Report

 

USC

 

Revenue & Receivables

 

 

 

 

 

 

 

5

 

QA Summary Report

 

USC

 

Accounts Receivable - Customers

 

 

 

 

 

 

 

6

 

A&F Daily Production Report

 

USC

 

Accounts Receivable - Customers

 

 

 

 

 

 

 

7

 

Run Verification Report

 

USC

 

Accounts Receivable — Customers

 

 

 

 

 

 

 

8

 

AMDD Print Bill Report

 

USC

 

Accounts Receivable — Customers

 

 

 

 

 

 

 

9

 

Suppressed Bill AFP Control File

 

USC

 

Accounts Receivable — Customers

 

5



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

PwC Ref #

 

Report Name

 

Business
Unit

 

Business
Process

 

 

 

 

 

 

 

16

 

Aged AR Customer Balance Report (Output of control CDNP.1006)

 

USC

 

Revenue & Receivables

 

6



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

EXHIBIT 5-A

 

AUP

 

#

 

IT General Control

 

AUP Procedure Description

1.1

 

Application development/maintenance and program migration activities are performed following a standardized process requiring approval. The change is tracked and documented throughout the development lifecycle.

 

Select a sample of [***] TOPS application changes that were implemented, confirm the changes were authorized, tested, reviewed by the CAB, approved and documented in accordance with the system development methodology.

 

Select a sample of [***] TOPS hot fixes and confirm each fix was included in the subsequent version release.

 

1.2

 

 

Application changes are tested in a non-production environment prior to migration to the production environment.

 

1.3

 

Changes require the approval of a Change Control Manager prior to being implemented in production.

 

 

1.6

 

CAB meetings are held to discuss and approve changes to be implemented into Production.

 

 

1.4

 

Amdocs uses Code Configuration tool (i.e. perforce) to determine that version control is maintained.

 

Observe the processing and inspect supporting documentation relating to the use of Perforce to determine the system prevents concurrent update to a single program by multiple programmers.

1.5

 

Maintenance changes to the database are identified, documented, tested, and approved prior to implementation in production.

 

Select an application database maintenance change, confirm the change was authorized, tested, approved and documented in accordance with the system development methodology.

1.7

 

Access to migrate TOPS changes to production is limited to authorized users based on their job function.

 

Obtain a system generated listing of individuals with access to the hot fix tool, and confirm it is limited to the Amdocs Infrastructure Production team, and that these users do not also have development access to application source code.

 

1.8

 

 

Segregation of duties exists between Developers and IT personnel authorized to implement changes into production.

 

2.1

 

Job scheduling is accomplished using the AMC Maestro application. Access to change predetermined job schedules and add new jobs to the schedule is restricted to the Infrastructure group.

 

Obtain a system generated listing of individuals with access to modify the job schedule, confirm it is limited to the Amdocs Infrastructure Production team.

2.2

 

Job statuses are recorded by the system in an SLA database. The Scheduling group documents processing irregularities in UTS and notifies the necessary departments of the incident. Once resolved, the corrective actions performed are documented within UTS. Operations management reviews incident reports from UTS daily to determine timely resolution.

 

Select a sample of [***] failed SLA database jobs and confirm an incident ticket was opened in UTS, and the issue was tracked to resolution.

 

For a sample of days confirm Operations Management reviewed the daily incident reports to assess timely resolution of noted issues.

 

Exhibit 5-A to Appendix 5 (MSSOW)

 

1



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

#

 

IT General Control

 

AUP Procedure Description

3.1

 

The user organization transmits all data to a TOPS server. The Operations group monitors files coming into TOPS to determine that files are properly received and are transferred to the appropriate directories. During the transfer process, the files are logged in the audit and control table.

 

Observe the procedures in place for monitoring of files coming into the TOPS application to confirm files are received and transferred to intended directories.

 

Select [***] incoming data files and confirm the file was logged in the audit and control table.

3.2

 

If errors occur in the process, an alert is sent to the Operations group. If errors are not resolved in a timely manner, shift management is notified.

 

Observe the processing and inspect supporting documentation relating to the process used to notify the Operations group of errors in the FTP.

3.3

 

Upon loading the incoming usage files, the system performs checks on files received to determine that the files are complete and accurate. Record-level edits and duplicate record checks are also performed to determine that only valid records are processed.

 

Observe the processing and inspect supporting documentation relating to the file and record-level edits and duplicate record checks performed on incoming files received to determine that only valid records are processed.

 

Select [***] EDR’s that is over [***] days old and determine that the EDR’s were not processed for billing.

 

Select [***] EDR’s and inspect supporting documentation to determine that the EDR’s could not be applied to the subscriber account more than once.

3.4

 

Upon receipt of AR payment and back-out batch files, the load program performs record-level edits to determine that only valid records are processed.

 

Select [***] AR payment files and inspect supporting documentation to determine that the files could not be processed if out of sequential order.

 

Select [***] AR payment files and inspect supporting documentation to determine that the files could not be processed if the format was invalid.

 

Select [***] back-out files and inspect supporting documentation to determine that the files could not be processed if out of sequential order.

 

Select [***] back-out files and inspect supporting documentation to determine that the files could not be processed if the format was invalid.

 

Select [***] back-out file and inspect supporting documentation to determine that the files could not be processed if the file was over [***] days old.

3.5

 

AR and payment files are received from the user organization and processed in sequential order to determine that the files are received and the files are processed in the correct order. If the file is out of sequence or the file is not processed, the user organization is notified of the problem by the AR analyst.

 

Select a sample of [***] days and obtain evidence of the daily balancing procedures performed by the AR Analyst to determine if any discrepancies existed, and noted discrepancies were communicated to the user organization.

 

2



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

#

 

IT General Control

 

AUP Procedure Description

3.6

 

If the system identifies errors with a file or with individual records, the file/records are automatically sent to the AEM for review. Errors are reviewed by the user organization and PSG Usage Audit and are either corrected and reprocessed or written off.

 

Select a sample of [***] days and obtain evidence of the PSG Usage Audit performed to review errors identified in the AEM tool. Determined that noted errors were tracked to resolution.

4.1

 

An AR analyst performs a [***] comparison of the AR payment or back-out files received in the lockbox to the files posted to the general ledger table to determine that the files were posted accurately.

 

Select a sample of [***] days and obtain evidence of the AR Analyst’s daily comparison performed to determine that the AR payment or back-out files received in the lockbox were posted accurately to the general ledger table.

4.2

 

Processed events are balanced by PSG Usage Audit daily to determine that all events received by Amdocs are (1) delivered to the user organization or (2) accounted for within the error log. Variances greater than X are escalated to Service Development OGS for investigation.

 

Select a sample of [***] days and obtain evidence showing completion of the PSG Usage Audit and daily balancing procedures.

4.3

 

Outcollect records are processed to convert them to CIBER format and bundle the records into files by roaming partner. The outcollect files are then sent to the user organization for billing by its roaming partner in a timely manner.

 

Select a sample of [***] days and determine that the outcollect verification process was performed and outcollect records were sent to the user organization in a timely manner.

5.1

 

The Operations group monitors files leaving TOPS to determine that files are appropriately transmitted and received by the intended party.

 

Observe the processing and inspect supporting documentation relating to the process used by the Operations group to monitor and determine that files are appropriately transmitted to and received by the intended party.

5.2

 

If errors occur in the transfer, an alert is sent to the Operations group. If errors are not resolved in a timely manner, shift management is notified.

 

Observe the processing and inspect supporting documentation relating to the process used to notify Operations group and shift management of errors in the FTP.

6.1

 

Changes to the third-party software are performed following a standardized process requiring active management involvement and approval. All tax software changes are authorized by director(s) and tested by Configuration Management prior to implementation.

 

Observe the processing and inspect supporting documentation relating to the process used by the group to determine that third-party tax software files are appropriately tested and approved by the user organization prior to implementation in production.

6.2

 

Changes to the database scripts are performed following a standardized process requiring active management involvement and approval. All changes are authorized by director(s) and tested by Configuration Management prior to implementation.

 

Obtain a system generated listing of individuals with access to the Script Runner tool, confirm it is limited to authorized Amdocs users.

 

Select a sample of [***] scripts that were run and confirm the changes were authorized, tested, reviewed, approved and documented in accordance with the system development methodology.

6.3

 

AR Analysts perform daily balancing procedures to determine that the Aged Trial Balance, Proof and Balance tables, BAN journal, and GL reconcile. Any discrepancies are noted in a UTS ticket and summarized in an email to the user organization.

 

Select a sample of [***] days and obtain evidence of the daily balancing procedures performed by the AR Analyst to determine if any discrepancies existed, and noted discrepancies were communicated to the user organization.

7.1

 

For each billing cycle, PSG T2.5 Revenue Audit performs bill validations to determine that the non-usage, revenue and billing reports in TOPS are complete and accurate by validating that the monthly recurring charges, one-time charges, adjustments, and BAN and subscriber counts reconcile.

 

Select a sample of [***] billing cycles and obtain evidence of the billing cycle checklist completed during the PSG T2.5 Revenue Audit to confirm billing-critical items were completed in a timely manner.

 

 

3



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

#

 

IT General Control

 

AUP Procedure Description

7.3

 

As part of the billing procedures performed by PSG T2.5 Revenue Audit, a review is performed to determine that billing reports are appropriately sent to the user organization.

 

Select a sample of [***] billing cycles and obtain evidence of the cycle approval notifications, indicating completion of the analysis and approval of the cycle for invoice printing and mailing by the user organization.

7.2

 

For each billing cycle, PSG T2.5 Revenue Audit performs QA procedures to determine a sample of invoices have complete and accurate layouts, account-level totals, monthly recurring charges, phone numbers and taxes.

 

Select a sample of [***] billing cycles and obtain evidence of the invoice review checklists (i.e., QA packets) completed during the PSG T2.5 Revenue Audit to confirm a sample of invoices for completeness and accuracy.

7.4

 

PSG T2.5 Revenue Audit compares the total billing cycle’s number of accounts, charges, and revenue to prior months for unusual fluctuations.

 

Select a sample of [***] billing cycles and obtain evidence of the trending analysis performed to determine that unusual fluctuations were identified and investigated.

7.5

 

The BL1_INVOICE table reconciles with the AR1_INVOICE table.

 

Confirm that the BL1_INVOICE table reconciles with the AR1_INVOICE table.

7.6

 

Billing Scheduling uses the usage tables to determine the billing files received are processed in a timely manner. Processing problems identified are communicated to the T2.5 Production Support group for investigation and are documented in UTS.

 

Select a sample of [***] billing cycles and obtain UTS case files to determine that procedures were completed to resolve any cycle errors.

7.7

 

For each billing cycle, PSG T2.5 Revenue Audit reviews the reseller invoices to determine that they are complete and accurate. The procedures are documented on a Wholesale billing cycle checklist and include validating that invoice data against the Bill Tape reports to help ensure the amounts reconcile.

 

For a sample of billing cycles, inspected the Wholesale Billing Checklist and determined that the Analyst reconciled the invoice data against the Bill Tape reports to verify completeness of data. Determined that noted discrepancies were tracked to resolution.

 

4



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

APPENDIX 6

 

Scope of Nightly Sanity Testing

 

Details of sanity testing activities for each of the B/OSS Solution applications include the following:

 

1.                                      CIM:

 

1.1                               Log into application and validate an address

 

1.2                               Verify successfully swapping a customer’s device using a postpaid account

 

1.3                               Verify successfully changing a customer’s phone number using a postpaid account

 

1.4                               Verify successfully adding device financing using a postpaid account

 

1.5                               Purchase an accessory

 

1.6                               Verify successfully swapping a customer’s device using a prepaid account

 

2.                                      RIM:

 

2.1                               Log into the application

 

2.2                               Perform a successful prepaid replenishment payment to restore service

 

2.3                               Perform a successful prepaid and postpaid payment and verify an accurate receipt, including the correct customer message on the receipt

 

2.4                               Verify successfully swapping a customer’s device using a prepaid account

 

2.5                               Successfully activate a prepaid and a postpaid new subscription and print to verify customer agreement

 

3.                                      RIM LITE:

 

Log into the application and verify successfully swapping a customer’s device

 

4.                                      MicroTelecom:

 

4.1                               Log into the application and open a drawer

 

4.2                               Review receipts from RIM payments once the RIM sanity activities complete, and close the opened drawer

 

5.                                      MCSS:

 

5.1                               Log into MCSS website

 

5.2                               Validate the Captcha functionality and a new prepaid device for activation

 

Appendix 6 (MSSOW)

 

1



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

6.                                      Prepaid:

 

6.1                               Log into Prepaid website

 

6.2                               Validate the Captcha functionality and a new prepaid device for activation

 

2



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

APPENDIX 7

 

Change Impact Analysis Requirements

 

Details of impact analysis for each Change Record to be reviewed during the CAB meetings include but are not limited to the following:

 

1.                                      Issue description (why do we need to make the change?)

2.                                      Quantification of Issue and expected improvement after correction

(a)                                 Error rate impact

(b)                                 Response time impact

(c)                                  Other impact

3.                                      Fix description

4.                                      Impacted processes

5.                                      Impacted components

6.                                      Impacted interfaces

7.                                      Impact to configuration settings

8.                                      Impact to security

9.                                      Complexity/risk of fix (High/Medium/Low and justification of rating)

10.                               Tested scenarios and results

11.                               Recommended to be implemented with a release or stand-alone?

12.                               Recommended to be implemented in a phased deployment?

13.                               Detailed back out plan

14.                               Duration of back out

 

Appendix 7 (MSSOW)

 

1



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

APPENDIX 8

 

Monitoring

 

1.              Table 1 below indicates the Monitoring Functions (as defined by Table 2 herein) that Provider will be responsible to monitor for each of the applications, Systems and environments.

 

2.              The metrics to be monitored and corresponding thresholds for each such metric shall be agreed upon by the parties and may be revised from time to time by agreement between Provider and USCC.

 

Table 1

 

 

 

Level 1- Foundation

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Level 2- Performance

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Level 3- Proactive Operations

Monitoring Levels

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Level 4- Business

Application / System / Environment

 

System

 

Error
handling

 

Availability
&
Connectivity

 

Database

 

Middleware

 

Batch
Jobs /
Daemons

 

Application
Queues

 

iTrend

 

Volumetric

 

End User
Experience

 

SLA

OMS in Production Environment

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

CRM in Production Environment

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

ABP in Production Environment

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

TC in Production Environment

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

No

 

n/a

 

n/a

RIM in Production Environment

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

MCSS in Production Environment

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

APRM in Production Environment

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Appendix 8 (MSSOW)

 

1



 

Information marked with “[***]” has been omitted and filed separately with the Securities and Exchange Commission pursuant to a request for Confidential Treatment under Rule 24b-2 under the Securities Exchange Act of 1934, as amended.

 

 

 

Level 1- Foundation

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Level 2- Performance

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Level 3- Proactive Operations

Monitoring Levels

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Level 4- Business

Application / System / Environment

 

System

 

Error
handling

 

Availability
&
Connectivity

 

Database

 

Middleware

 

Batch
Jobs /
Daemons

 

Application
Queues

 

iTrend

 

Volumetric

 

End User
Experience

 

SLA

AEM/ARCM in Production Environment

 

Yes

 

Yes

 

Yes

 

Yes

 

n/a

 

Yes

 

Yes

 

Yes

 

Yes

 

n/a

 

No

MicroTelcom in Production Environment

 

Yes

 

Yes

 

Yes

 

Yes

 

n/a

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

EOD/A/R in Production Environment

 

Yes

 

Yes

 

Yes

 

n/a

 

n/a

 

Yes

 

Yes

 

No

 

n/a

 

n/a

 

n/a

Invoicing (billing) in Production Environment

 

Yes

 

Yes

 

Yes

 

n/a

 

Yes

 

Yes

 

Yes

 

No

 

n/a

 

n/a

 

n/a

TRB in Production Environment

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

Yes

 

n/a

 

Yes

Enterprise Service Bus (ESB) in Production Environment

 

No

 

No

 

No

 

No

 

No

 

No

 

No

 

No

 

No

 

No

 

No

3rd Party Systems in Production Environment and Non-Production Environments

 

No

 

No

 

No

 

No

 

No

 

No

 

No

 

No

 

No

 

No

 

No

Training Environments (Non-Production Environment)

 

No

 

No

 

Yes

 

Yes

 

Yes

 

Yes

 

No

 

No