Industry Vocabulary Reference

Telecommunications & IT Operations

Comprehensive enumeration library for the Telecommunications & IT Operations vertical. Covers every subdomain where agentic AI is actively deployed as of March 2026: trouble ticket and service assurance (TM Forum TMF621 v5.0.1), product order management (TMF622 v5.0), network alarm and fault management (ITU-T X.733 / TMF642), AIOps and autonomous network operations, ITIL 4 change and incident management, cybersecurity event handling (NIST CSF 2.0), 5G network slice management (3GPP TS 28.541), service level agreement governance, and regulatory compliance for critical national infrastructure. Designed for use as OTel span attributes in an agentic AI SDK and as policy vocabulary in an OPA Rego GRC portal.

v2026.03.1632 enum categories2.2 schema9 subdomains25 standards

Back to industry coverage library

Download mirrored JSON Open vertical SDK quick start Get API access

How to use this reference

Start with the core file if you need the cross-industry governance baseline.
Then move into the vertical file to see the regulated workflow vocabulary, policy surfaces, and implementation pressure unique to this market.
Use the OTel attributes and policy paths here as the common language across SDK instrumentation, governance review, and evidence export.

March 2026 deployment context

As of March 2026, agentic AI in telecommunications and IT operations is deployed across: autonomous network operations (Level 3–4 on TM Forum AN scale) with AI-driven fault detection and self-healing, AIOps platforms automating root cause analysis and runbook execution across cloud and on-premises infrastructure, AI-powered trouble ticket triage and resolution (TMF621 API integration), autonomous product order orchestration replacing manual provisioning workflows (TMF622), 5G network slice lifecycle management with AI-driven SLA assurance, security operations centre (SOC) automation for threat detection and incident response, ITIL 4 change management with AI-generated standard change proposals, and customer-facing conversational agents for fault reporting and service updates. The TM Forum Autonomous Networks Level 4 (intent-driven, cross-domain automation with human oversight) represents the target maturity for tier-1 operators. ETSI ZSM zero-touch networks and 3GPP SON (Self-Organising Networks) provide the standards foundation. EU NIS2 (in force October 2024) directly applies to telecoms as essential entities, mandating incident reporting within 24h (early warning) and 72h (detailed notification). FCC Part 4 outage reporting applies to US operators.

Risk note: EU NIS2 Directive (2022/2555) entered force October 18, 2024, applying to telecommunications operators as 'essential entities'. NIS2 Article 21 mandates security measures including AI system governance; Article 23 requires 24-hour early warning and 72-hour detailed incident notification to national CSIRTs. NERC CIP v7 applies to telecom networks overlapping with energy sector critical infrastructure. FCC Part 4 requires US carriers to notify NORS within 120 minutes of discovering an outage meeting threshold criteria. The TM Forum Autonomous Networks framework defines five autonomy levels (AL0–AL4) that map directly to the EU AI Act Article 14 human oversight requirements for AI systems — AL3+ systems (cross-domain autonomous) require documented human oversight mechanisms to remain compliant.

Loading Model

Mirrored file: 05_vertical_telecom_it_operations.json
Kind: vertical

OTel Namespaces

telecom

Primary Standards

TM Forum Open API v5.0.1 — TMF621 Trouble Ticket Management API v5.0.1 (July 2025 patch)
TM Forum Open API v5.0 — TMF622 Product Ordering Management API v5.0.0
TM Forum Open API v4.0 — TMF640 Service Activation & Configuration API
TM Forum Open API v5.0 — TMF641 Service Ordering Management API v5.0.0
TM Forum Open API v5.0 — TMF642 Alarm Management API v5.0.0
TM Forum Open API v4.1 — TMF628 Performance Threshold Management API
TM Forum Open API v4.0 — TMF688 Event Management API
TM Forum Autonomous Networks (AN) Level 4/5 Framework — GB921 Frameworx v23.5
ITU-T X.733 (1992) — Alarm Reporting Function; extended by ITU-T X.736 Security Alarms
ITU-T M.3400 — TMN Network Management Functions
3GPP TS 28.541 — 5G NR Network Resource Model (NRM) for Network Slice Management
3GPP TS 28.530 — 5G NRM Concepts and Requirements for Network Slice Management
3GPP TS 28.545 — Fault Supervision for Network Slices
ITIL 4 — IT Service Management (Axelos, 2019 — current edition)
ITIL 4 Change Enablement Practice Guide (Axelos, 2020)
ITIL 4 Incident Management Practice Guide (Axelos, 2020)
NIST Cybersecurity Framework (CSF) 2.0 (February 2024)
NIST SP 800-61 Rev 3 — Incident Response Recommendations (2024 Draft)
ETSI ENI 007 — Terminology for Experiential Networked Intelligence
ETSI ZSM 002 — Zero-touch Network and Service Management Reference Architecture (2019)
IEEE 802.1Q — VLANs / Bridged Local Area Networks (for network topology context)
NERC CIP v7 — Critical Infrastructure Protection (applicable to telco/CNI overlap)
EU NIS2 Directive (2022/2555) — Network and Information Security for essential entities
FCC Part 4 — Disruptions to Communications (US outage reporting)
Ofcom Network Reporting Code (UK) — Communications provider outage notifications

Source URLs

Subdomains

Subdomain	Categories	Sample Attributes
Trouble Ticket & Service Assurance	5	telecom.trouble_ticket.status, telecom.trouble_ticket.severity, telecom.trouble_ticket.type
Product Order & Service Provisioning	4	telecom.product_order.state, telecom.order_item.action, telecom.service_order.state
Network Alarm & Fault Management	4	telecom.alarm.severity, telecom.alarm.probable_cause, telecom.alarm.event_type
AIOps & Autonomous Network Operations	4	telecom.autonomous_network.level, telecom.aiops.action_type, telecom.closed_loop.state
5G Network Slice Management	3	telecom.network_slice.instance_state, telecom.network_slice.service_type, telecom.network_slice.sla_violation_type
ITIL 4 Change & Problem Management	4	telecom.itil.change_category, telecom.itil.change_approval_state, telecom.itil.problem_status
Cybersecurity & SOC Operations	4	telecom.security.event_kind, telecom.security.nis2_incident_severity, telecom.security.automated_response_action
Service Level Management	2	telecom.sla.compliance_state, telecom.kpi.performance_class
Regulatory Reporting & Outage Notification	2	telecom.regulatory.nis2_reporting_stage, telecom.regulatory.fcc_outage_reporting_stage

Implementation examples

Trouble Ticket & Service Assurance: Trouble Ticket Status. An AI triage agent creates a ticket in 'new' state, acknowledges it moving to 'acknowledged', then routes it to an autonomous remediation agent moving to 'in_progress'. If the automated fix requires a change window, the agent transitions to 'held' until the change is approved. (Eu Nis2 Art23: EU NIS2 Article 23 — Incident reporting obligations require ticket state to be machine-readable for regulatory timeline tracking (24h early warning, 72h notification))
Trouble Ticket & Service Assurance: Trouble Ticket Severity. AI triage agent assigns severity based on affected service, customer count, and revenue impact. Critical severity tickets trigger automatic NIS2 timeline tracking and human escalation. (Eu Nis2 Art23: Severity 'critical' or 'major' tickets affecting essential service must be assessed for NIS2 Article 23 reportability)
Trouble Ticket & Service Assurance: Trouble Ticket Type. Security_incident type tickets are routed to the SOC AI agent chain and subject to NIS2/NIST CSF 2.0 incident handling procedures. Problem type tickets engage the problem management AI agent for root cause analysis across related incidents.
Trouble Ticket & Service Assurance: Incident Priority. AI incident management agent assigns priority on ticket creation. P1/P2 incidents trigger HITL escalation workflow; P3/P4 permit autonomous runbook execution. (Itil4: ITIL 4 Incident Management Practice — priority matrix based on urgency × impact)

Illustrative policy patterns

enforce hitl for al3 auto remediation

Block any AIOps auto-remediation action on a network domain operating at AL2 or below without explicit HITL approval. AL3+ domains may allow conditional autonomous execution, but only for approved runbook types.

Regulatory basis: EU AI Act Article 14 — Human oversight for high-risk AI; TM Forum Autonomous Networks GB921 Frameworx AL governance guidelines

package telecom.autonomous_network

requires_hitl_below_al3 := {
  "auto_remediation_config_change",
  "auto_remediation_capacity_scale",
  "configuration_optimisation",
  "network_slice_assurance"
}

denied_al_levels := {"al0_manual", "al1_assisted", "al2_partial_autonomous"}

deny[msg] {
  input.telecom_aiops_action_type in requires_hitl_below_al3
  input.network_domain_an_level in denied_al_levels

enforce nis2 incident notification sla

Block an incident from being marked closed or downgraded in severity if NIS2 Article 23 reporting obligations for a significant incident have not been completed. Ensures AI SOC agents cannot bypass regulatory notification timelines.

Regulatory basis: EU NIS2 Directive (2022/2555) Article 23 — 24h early warning, 72h incident notification mandatory for essential entity significant incidents

package telecom.nis2_compliance

incomplete_nis2_stages := {
  "early_warning_pending",
  "incident_notification_pending",
  "intermediate_report_pending",
  "final_report_pending"
}

deny[msg] {
  input.telecom_security_nis2_incident_severity == "significant_incident_article23"
  input.telecom_regulatory_nis2_reporting_stage in incomplete_nis2_stages
  input.requested_ticket_status in {"closed", "resolved"}
  msg := sprintf("NIS2 Article 23 violation: Significant incident cannot be closed while NIS2 reporting stage is '%v'. Complete regulatory notification before closing.", [input.telecom_regulatory_nis2_reporting_stage])

From enum to evidence

The same vocabulary should carry from instrumentation through review. The OTel attribute names here become emitted metadata, those attributes become policy inputs, and those same labels should still be intelligible when a reviewer opens the decision record later.

import { VeriproofClient, VeriproofSdkOptions, SessionMetadata } from '@veriproof/sdk-core';
import { TroubleTicketStatus, TroubleTicketStatusMeta, TroubleTicketSeverity, TroubleTicketSeverityMeta, TroubleTicketType, TroubleTicketTypeMeta } from '@veriproof/sdk-core/verticals/telecom-it-operations';

const client = new VeriproofClient(
  VeriproofSdkOptions.createProduction({
    apiKey: process.env.VERIPROOF_API_KEY!,
    applicationId: 'telecom-it-operations-production',
  }),
);

const session = client
  .startSession('telecom-it-operations.review')
  .withSessionMetadata(SessionMetadata.forTransaction('txn-1001').withEnvironment('production'))
  .addStep('evaluate_workflow', { output: { status: 'completed' } })
  .withMetadata(TroubleTicketStatusMeta.otelAttribute, TroubleTicketStatus.new)
  .withMetadata(TroubleTicketSeverityMeta.otelAttribute, TroubleTicketSeverity.critical)
  .withMetadata(TroubleTicketTypeMeta.otelAttribute, TroubleTicketType.trouble_report)

await session.complete();

SDK: emit the OTel attribute shown on this page during the decision workflow.
Policy: reference the matching `opa_policy_path` in governance rules.
Evidence: surface the same label and value in the portal and exported record so reviewers are not translating between systems.

For a step-by-step getting-started walkthrough specific to this vertical, open the Telecommunications & IT Operations SDK quick start. For the full core API reference, continue with TypeScript, Python, or .NET.

Ready to connect your first workflow?

Register a free Builder account for full SDK and REST API access, enter the live demo if you want to see the portal first, or request a coverage workshop if your team wants a guided review of this vertical before implementation starts.

Live demo →Get API access →Request coverage workshop →

Highlighted Enum Categories

Enum	OTel Attribute	Values
TroubleTicketStatus The lifecycle state of a trouble ticket per TM Forum TMF621 v5.0.1. These are the exact status values defined in the TMF621 TroubleTicket resource statusType enum. AI triage and routing agents must use these exact values when setting or reading ticket status via the TMF621 API. Workflow area: Trouble Ticket & Service Assurance	telecom.trouble_ticket.status	new, acknowledged, in_progress, pending, held, resolved, closed, cancelled
TroubleTicketSeverity Severity of the trouble ticket per TMF621. Drives AI escalation logic, SLA timers, and NOC escalation paths. Critical and major tickets must trigger immediate human-in-the-loop notification under NIS2 for incidents affecting essential services. Workflow area: Trouble Ticket & Service Assurance	telecom.trouble_ticket.severity	critical, major, minor, no_impact
TroubleTicketType The classification of the trouble ticket per TMF621. Determines routing logic, responsible team assignment, and which AI remediation agents are eligible to handle it. Workflow area: Trouble Ticket & Service Assurance	telecom.trouble_ticket.type	trouble_report, installation_request, service_request, billing_dispute, change_request, query, incident, problem
IncidentPriority ITIL 4 incident priority matrix values, combining urgency and impact. Used by AI incident management agents to set escalation timers and determine whether automated resolution is permitted. Workflow area: Trouble Ticket & Service Assurance	telecom.incident.priority	p1_critical, p2_high, p3_medium, p4_low
ServiceRestorationMethod The method used to restore service after a fault. AI remediation agents must log the restoration method to support post-incident review and SLA reporting. Workflow area: Trouble Ticket & Service Assurance	telecom.incident.restoration_method	autonomous_self_heal, automated_runbook_executed, hitl_approved_change, emergency_change_deployed, manual_field_intervention, traffic_rerouting, failover_to_redundant_path, service_migration_to_backup_node
ProductOrderState The lifecycle state of a product order per TM Forum TMF622 v5.0. These are the exact productOrderStateType values in the TMF622 ProductOrder resource. Agentic provisioning agents must use these exact values when reading or setting product order state via the TMF622 API. Workflow area: Product Order & Service Provisioning	telecom.product_order.state	acknowledged, in_progress, held, pending, cancelled, completed, failed, partial
OrderItemAction The action type for an individual order item within a product order per TM Forum TMF622. Determines what the provisioning agent must do for each product line item. Workflow area: Product Order & Service Provisioning	telecom.order_item.action	add, modify, delete, no_change, suspend, resume, port_out
ServiceOrderState The lifecycle state of a service order per TM Forum TMF641 v5.0. Mirrors TMF622 ProductOrder state at the service layer; used when orchestrating multi-domain service provisioning via the OSS. Workflow area: Product Order & Service Provisioning	telecom.service_order.state	acknowledged, in_progress, held, pending, cancelled, completed, failed, partial
ProvisioningActivationState Service activation state per TM Forum TMF640 Service Activation & Configuration API. Used by AI service activation agents to track service configuration lifecycle. Workflow area: Product Order & Service Provisioning	telecom.provisioning.activation_state	designing, activating, active, inactive, terminating, terminated
NetworkAlarmSeverity Alarm perceived severity per ITU-T X.733 Section 8.1.2.3 and TM Forum TMF642 perceivedSeverityType. These are the exact ITU-T/TMF642 values. AIOps agents must use these when processing alarms from NMS/EMS systems. Workflow area: Network Alarm & Fault Management	telecom.alarm.severity	critical, major, minor, warning, indeterminate, cleared
AlarmProbableCause Probable cause categories for network alarms per ITU-T X.733 and extended by TMF642. AIOps root cause analysis agents use these values to classify the root cause hypothesis and trigger appropriate remediation runbooks. Workflow area: Network Alarm & Fault Management	telecom.alarm.probable_cause	software_error, software_program_error, software_program_abnormally_terminated, version_mismatch, configuration_or_customization_error, hardware_malfunction, hardware_power_problem, hardware_resource_exhausted
AlarmEventType Alarm event type categories per ITU-T X.733 Section 8.1.2.1. Classifies the broad category of fault at the first level of alarm taxonomy. Used by AI alarm correlation to route to the appropriate specialist analysis agent. Workflow area: Network Alarm & Fault Management	telecom.alarm.event_type	communications_alarm, environmental_alarm, equipment_alarm, integrity_violation, operational_violation, physical_violation, processing_error_alarm, quality_of_service_alarm

This reference page is rendered from the mirrored JSON file inside the docs app, not from a hand-written website model.

If you need the machine-readable asset for offline review, automation, or internal diffing, use the mirrored JSON download above.

Next: open the corresponding SDK reference under SDK documentation and then compare it with the public-site industry page to see how the same vocabulary is framed commercially.