Instruction manual
About this document
1-8 Issue 9 May 2003
Avaya’s roles and responsibilities
■ Avaya, as a manufacturer, has the responsibility to provide the customer
with securable technology, the information resources (product
documentation) to understand the capabilities of the technology, and the
configuration of the equipment when it shipped from the factory.
■ Avaya, as a sales organization, has the responsibility to inform the
customer of potential toll fraud, how it can happen, and what roles and
responsibilities Avaya and the customer need to accept to work together in
reducing the customer’s potential for toll fraud.
■ Avaya, as a provisioning organization, has the responsibility to assist the
customer in understanding the risks inherent in the use of certain
equipment features, and the methods available to minimize those risks.
Together with the customer, Avaya must come to an agreement on the
desired configuration and ensure that customers’ requests are carried out
correctly.
■ Avaya, as a maintenance provider, has the responsibility to ensure that no
action taken by us serves to introduce risk to the customer’s system. At the
very least we must ensure the customer is as secure after our assistance
as they were before it.
Customer roles and responsibilities
The customer as the business owner has the responsibility to select and manage
the security of their system. Specifically, according to the Telecommunications
Fraud Prevention Committee (TFPC) of the Alliance for Telecommunications:
“The basic responsibility of the business owner is to devote adequate
resources (time, talent, capital, etc.) to the selection of CPE and to its
management, including fraud prevention, detection and deterrence. It is an
essential part of managing the business. The owner must demand that the
internal staff and supporting external professionals, such as consultants,
include security concerns in the evaluation, design, and operation of the
telecommunications environment for his/her business.”