Other BT PLC sections
 

EAB Overview: December 2017

The EAB met in November and had presentations from BT and Openreach.

Presentations

Openreach provided us with an in-depth update on its customer consultation plans. We discussed the new consultation processes with James Lilley (General Manager, Copper & Service Products, Openreach) and Stef Norman (Director, Business Integrity, Openreach), noting the enhanced formal process now launched for large-scale investments and ongoing work to define the ‘significant’ and ‘other’ categories industry has asked Openreach to establish. We highlighted to Openreach our view on the importance of providing clear timescales and escalation paths for Statements of Requirements (SoRs). Clive Selley, Openreach CEO, took us through Openreach’s current performance, and we questioned Openreach on the ongoing activities being undertaken as a result of Ofcom’s Deemed Consent investigation.

BT updated us on its plans to establish a BT Compliance Body (‘the BT Compliance Committee’), as set out in its March 2017 notification to Ofcom, which will monitor those areas of the Commitments which are not covered by the Openreach Board Audit Risk & Compliance Committee (OBARCC). We support the establishment of this committee, in the spirit of implementing the transition to the new Commitments regime as soon as possible, although we remain committed to monitoring the Undertakings whilst they are in force and our role is considered to remain necessary. We continue to report quarterly to the OBARCC, to ensure members are informed of current issues, and plan to provide similar support to the BT Compliance Committee. We reviewed a number of recommendations to ensure our work is continued by our two successor bodies, and will keep our arrangements for a successful transition to the new monitoring regime under review.

We reviewed the ongoing work of the OTA2 and EAO to review Openreach Key Performance Indicators (KPIs) that are of particular interest to industry and noted that the review of Copper/Fibre Provision Early Life Failures (ELFs) was progressing.

Undertakings training

Earlier this year, we asked Group Internal Audit to undertake a review of the end to end processes in place to compile mandatory training figures, specifically those reported by the EAB. As we’ve previously reported, the audit identified a number of control weaknesses in the assignment of training. We were pleased to hear from Group Internal Audit and the training team that the majority of the recommendations made by the audit team have now been implemented, with the remainder due to be completed by end of December 2017. We also welcomed a presentation on the work BT is doing to develop its measurement of the effectiveness of its training programmes, and asked for an annual update on this (recommending that this should be made to our successor bodies, should the EAB have ceased).

Delivery of systems milestones

BT reported to us that it continues to progress migrations in line with its forecasts.

Breaches

In our November meeting, we concluded on four breach cases, as set out below.

 

Description

Status

Remedy

Inadvertent sharing of Openreach Commercial Information and Customer Confidential Information in a report shared with a former Openreach employee who had moved to BT Wholesale & Ventures

Non-Trivial

The distribution list for the report has been updated and the process amended to ensure the list is reviewed regularly

Insufficient (Level 1) user access controls in place on a Management Information System, which required Level 2 access controls when some users moved from BT Group to Openreach

Non-trivial

The Openreach information has been moved to a separate database accessible only to Openreach, so the system has now reverted to Group-only users, for which Level 1 controls are appropriate

Inappropriate access rights in place for the main entrance of Openreach’s headquarters building

Trivial

Former Openreach’s employees’ access has been revoked, and the process to grant access has been amended with a quarterly review of access rights in place

A call restriction service for vulnerable customers was available to BT Consumer on Wholesale Line Rental 3 (WLR3) through BT Technology, Services & Operations (TSO) but was not equivalently available to CPs through Openreach

Trivial

Openreach has confirmed there are no other omissions in the WLR3 product and is exploring whether it could offer the call restriction service to industry

The EAB noted that people moves had contributed to three of the breaches discussed at this meeting and that, while CPs had not been adversely impacted by these cases, it was particularly important that any people moves between Openreach and the rest of BT were carefully monitored. It has therefore asked BT to review its governance of people moves and report to its next meeting in February 2018.

Product Key Performance Indicators (KPIs)

BT published KPIs showing the output performance of its regulated wholesale products. The KPI charts for each product portfolio compare service performance for BT’s business units to that for other CPs.

Glossary

BT Compliance Committee - the compliance body BT committed to establish to monitor those areas of the Commitments not covered by the OBARCC
CPs - Communications Providers
EAB – Equality of Access Board
EAO - Equality of Access Office
ELFs - Early Life Failures
KPIs - Key Performance Indicators
OBARCC - Openreach Board Audit Risk & Compliance Committee, composed of independent Openreach board members and responsible for monitoring Openreach’s compliance with BT’s new Commitments, as well as its audit, risk and other compliance activities
OTA2 - Office of the Telecommunications Adjudicator
SORs - Statement of Requirements, the process whereby CPs request changes to Openreach products
WLR3 - Wholesale Line Rental