it policy - himachal pradeshadmis.hp.nic.in/himachal/hpridc/hppwd it policy- draft.pdf · •it...

IT Policy PWD, Himachal Pradesh

Wipro Ltd 1 Confidential

IT Policy

For Development of ICT Infrastructure in HPPWD and HPRIDC

Submitted by: Submitted to:

Wipro Ltd Himachal Pradesh Public Works department (HPPWD)

This document is the property of Wipro Ltd., who owns the copyright thereof. The information in this document is given in confidence and without the written consent of Wipro Ltd., given by contract or otherwise, this document must not be copied, reprinted or reproduced in any material form, either wholly or in part. Also the contents of this document or any methods or techniques available there from, must not be disclosed



Contents 1 Introduction ............................................................................................................................................ 5

2 Our approach ......................................................................................................................................... 7

3 Overview of HPPWD & HPRIDC ........................................................................................................... 8

3.1 Functions Performed by the Department ...................................................................................... 9

4 Recommendation and Road Ahead ..................................................................................................... 13

4.1 Technology .................................................................................................................................. 18

Network Architecture ............................................................................................................... 18

Solution Architecture ............................................................................................................... 20

Security Recommendations .................................................................................................... 24

Application List ........................................................................................................................ 28

Application Description ............................................................................................................ 30

Database Description .............................................................................................................. 36

4.2 Standards .................................................................................................................................... 38

Application and Development Standards ................................................................................ 38

Integration Standards .............................................................................................................. 38

Database Standards ............................................................................................................... 39

Localization & Language Technology Standards .................................................................... 42

Network Standards .................................................................................................................. 43

Security Standards .................................................................................................................. 43

Performance Requirement ...................................................................................................... 45

4.3 Training ....................................................................................................................................... 47

Training Approach ................................................................................................................... 48

Retraining of Existing Staff ...................................................................................................... 49

4.4 Progress Monitoring Parameters ................................................................................................ 49

5 Way Forward ........................................................................................................................................ 52



Glossary

S. No. Abbreviation Full Form

1. BPR Business Process Re-engineering

2. CRF Central Road Funds

3. CE Chief Engineer

4. DC Data Center

5. DNIT Detailed Notice Inviting Tender (Bid Document)

6. DO Divisional officer

7. DRC Disaster Recovery Center

8. EE Executive Engineer

9. GIS Geographical Information System

10. GO Government Order

11. IP Infrastructure Project

12. JE Junior Engineer

13. NH National Highway

14. NIT Notice Inviting Tender (for publication purposes)

15. PMGSY Pradhan Mantri Gram Sadak Yojna

16. PPP Public Private Partnership

17. PWD Public Works Department

18. RFP Request for Proposal

19. RFQ Request for Qualification

20. SDC State Data Center

21. AE Assistance Engineer



22. SE Superintending Engineer

23. SLA Service Level Agreement

24. WB World Bank



1 Introduction

Public Works Department (PWD) & State Roads Project (HPRIDC) is a premier department of the

Himachal Government responsible for planning, developing, designing, construction, operation

and maintenance of roads, bridges and buildings in the State (which constitutes basic

infrastructure) with finances being provided by State Government, grant-in-aid / assistance from

Central Government or raising loans from Financial Institutions. Over the period under impetus

of infrastructure development number of roads, bridges and building projects being undertaken

by the Department have been on an increase every year. However, the human resources in the

department to handle these projects have been declining every year. The working of department

is both elaborate and exhaustive in terms of:

Project proposals and preparation of estimates

Arranging approval of project proposal and allocation of funds

Tendering for award of work to contracting agencies having previous experience of

executing similar works and meeting eligibility criteria.

Execution of works – requiring detailed measurements of executed quantities and

preparation of running-account and final bills.

Payments for executed work and fund flow

Monitoring and review of work and administering the Contract for work

Inspection of works by Engineers at various levels, exercise of quality control

Completion report, monitoring during defects liability period, handing over and

maintenance

Incidental works e.g. Arbitration, audit by Accountant General

Other administrative works i.e. human resource management

The above procedures and processes require lot of paper work in compliance with provisions of

rules and regulations of department’s working. With reduction in strength of engineering and

allied services staff at all levels and simultaneous increase in number of works relating to new

infrastructure to be developed and up-gradation and maintenance of existing infrastructure it is

imperative to strengthen institutional framework which also includes bringing in and adopting

strong tools like computerization, IT enablement, e-governance and automation at various level

in the department to bring effectiveness and efficiency in working. As a first step e-tendering has

been introduced and is being followed. As regard works approved and executed under PMGSY

scheme, e-governance is being followed. To certain extent for monitoring of works under a

particular scheme, e-governance has been adopted partially but not completely

The department shall not be the first to introduce computerization in day to day working as

parallel departments in various states have adopted e-governance partially in terms of



“monitoring of approval of projects/works under various heads of accounts”, “allotment of funds

among sanctioned works approved under a scheme “record management system”, “record

management maintenance system” “Consolidation/Bank of Approval under each head of

account”, “consolidation of progress report of works approved under a scheme/head of account”

etc. The ideal situation would be paper-less working and all offices at various levels in the

department’s working and interacting with each other on-line and other communicating with

connected connecting departments on-line and simultaneously complying with requirements of

department rules, financial rules, accounts code, manual of orders etc. It is true that

departmental rules and regulations requires maintenance of some permanent records over a

specific period e.g. measurement book (MB) over a period of 100 years. Well here a thought

needs to be given that such Measurement Book (MB) in paper format may also be maintained

on completion of work in addition to soft copy. Further during execution of work itself, paper

format may also be followed in respect of hidden items of work which cannot be measured later

e.g. foundations of buildings and bridges.

The complete computerization has been envisaged in a phased manner and primary object refers to e-governance in work flow system of department to improve internal administrative efficiency, to bring in transparency and accountability in operations, effective systems for reducing paper work (particularly repetitive work) at all levels, efficient system for monitoring of projects, establish a real-time system for prompt and efficient decision making, integration of assets and efficient asset management, consolidation of inventory of roads, bridges and buildings for their maintenance, development of Project management systems etc.

The terms of reference under the present assignment:

Project Inception & Design

•SOW Understanding

•Understanding of organization structure, functions & services

•Requirement analysis

•AS-IS Study updation

•BPR & TO-BE processes report

•Financial Model & Cost Requirements

•IT Policy Formulation

Project Construction

•Preparation of TOR & RFP.

•Assistance in procurement process.

•Assistance in preparation of Contract agreement & SLA for System Integrator (SI).

Project Development

•Project Management

•Monitoring the progress of Project implementation by SI & Setting up of controls & mechanisms.

•Undertaking Quality audits.

•Project status summary

•Review of Project deliverables

Project Sustenance

•Assistance for adoption ofnew system.

•Change management services.

•Monitoring of SI as per SLAs.

•Project lerning documents.

•Knowledge transfer to State.



2 Our approach

The purpose of this section is to provide the reader with an understanding of the approach adopted for preparation of this deliverable

Figure: Approach Adopted for Preparation of IT plan

Interaction

Interaction with officials of

each wing of PWD

Identify Functions of each wing

Capture the flow of

information/ data across wings

for each of the functions

Identify Issues and pain areas

for each wing

Simultaneously also study

examples of IT implementation

in similar organizations

Prioritization

Technology Definition

IT Plan Preparation

Prepare Recommendations for

addressing the pain areas

Prepare recommendations for

each pain area and identify

applications for the same

Prioritize the implementation

of applications on the basis of

need and feasibility

Validate the prioritization with

PWD

Prepare application definition

in line with the requirements

identified

Identify the interlink ages of

the applications identified

Identify networking security

and site requirements as per

technology required

Prepare IT Plan

Prepare Cost Estimates for

implementation of the budget

Define an Implementation Plan

and Approach

Define Training Needs for the

Implementation



3 Overview of HPPWD & HPRIDC

HPWPD at Government level is headed by Principal Secretary (PW) to the Govt. of Himachal Pradesh, who holds Administrative responsibility for HPWPD. The Pr. Secretary physically located in the Secretariat and operates as the senior liaison between Government and HPPWD.

HPPWD at Directorate level is headed by a position of the Engineer-in-Chief (EnC) with Headquarters at Shimla. Works and matters regarding Codes, Specifications, Planning & Monitoring, and Inter-State Connectivity for the entire State and also the entire establishments of HPPWD are controlled by the Engineer-in-Chief. Engineer-in-Chief is responsible for all technical functions of the HPPWD. Engineer-in-Chief reports to Pr. Secretary (PW) to the Govt. of Himachal Pradesh.

In HPPWD there are one EnC (QC & D), 8 Chief Engineers (CE-cum-Project Director HPRIDC, CE Shimla Zone, CE Mandi Zone, CE Hamirpur Zone, CE Kangra Zone, CE PMGSY, and CE NH) who report to the EnC. Each Chief Engineers are responsible for each unit called ‘wing’/zone.

Engineer-in-Chief (Quality & Design) acts as State Level Quality Coordinator for achieving quality parameters of works in the State. Material Testing Laboratories at State level and Zonal Laboratories are under his control. He conducts quality control checks throughout the State. He is the in-charge for Standardization of Designs and Drawings for Buildings, Bridges and Assurance of common Technical Instructions, Manual of Order, Codes & Specifications, Schedule of Rates, Training Programs, Workshops and allied fields etc.

On administrative and functional considerations, the department has been divided into four zones namely Mandi Zone, Hamirpur Zone, Shimla Zone and Kangra Zone at Dharmshala.

Each zone is being headed by Chief Engineers and they are called as Zonal Chief Engineers. Zonal Chief Engineer deals with all works related to PMGSY, State Budget, RIDF, Annual plan, Maintenance, etc. They are responsible all works relating to DPR / Estimate preparation, tendering, and allotment of works, reviewing progress, monitoring, maintenance and expenditure.

Chief Engineer (National Highways) with headquarters at Shimla controls the Planning and Execution of works of National Highways traversing through the State.

Chief Engineer (PMGSY) is monitoring, planning and having day-to-day interaction with Govt. of India (MoRD) for the works of PMGSY and PMGSY (World Bank) funded projects through National Rural Road Development Agency (NRRDA).

The Zones (Buildings, Roads & Bridges), Electrical, Mechanical, Quality Control & Design and National Highways wing have filed offices called circles, which are headed by Superintending Engineers (SE) who reports to the concerned Chief Engineers for the administration and general professional controls of the public works being executed by officers of the department within their circles. There are 14 B & R circle, 2 Electrical circles, 1 Mechanical circle, 1 Arbitration circle,



2 NH circle, 1 Land Acquisition Office, 1 Chief Architect Office. Each circle further divided into number of divisions, each headed by Executive Engineer.

There are 60 R&B divisions, 5 Electrical divisions, 2 Mechanical divisions, 5 NH divisions, 1 Land Acquisition office, 1 Architect Office. Each division further divided into sub-divisions, each headed by Assistant Engineers. There are 284 sub-divisions, 11 field offices viz. Arbitration office, Land Acquisition office, Architect office & Quality Control office.

Himachal Pradesh Road Infrastructure Development Corporation (HPRIDC)

Himachal Pradesh Road & Other Infrastructure Development Corporation Limited was incorporated in 10.06.1999 under the Companies Act, 1956, and it is wholly owned Company of Government of Himachal Pradesh. The main objective of HPRIDC is;

Construction of Roads/Bridges/Other infrastructure in the State of Himachal Pradesh

Maintenance of Roads/Bridges/Other infrastructure in the State of Himachal Pradesh

To act as a special purpose vehicle for resource mobilization on behalf of the State Government for all infrastructures projects and also discharge obligations on this account on behalf of the State Government from revenue other receipts accruing to the State Government from such projects

HPRIDC is headed by the rank of Chief Engineer and called as Project Director-cum-Chief Engineer HPRIDC.

3.1 Functions Performed by the Department

Public Works Department of Himachal Pradesh is primarily responsible for executing following

different types of development works;

Construction and maintenance of new roads, national highways & bridges

Construction and maintenance of residential and non-residential buildings

Construction of roads under centrally sponsored schemes

Undertaking deposit contribution works relating to different government

departments as well as of other local bodies

Resettlement works due to natural calamities like flood, earth quakes etc.

Construction of roads under employment guarantee scheme

Fixation of rent of private premises requisitioned for housing government offices

Developing parks and gardens in the vicinity of important public buildings and

landscaping of grounds

Providing reservation facility of government rest houses and circuit houses

To permit construction of approaches on both sides of roads to private individual,

other institutions, factories, petrol pumps etc.



Making provisions for irrigation drains, electricity lines, telephone duct cables etc.

Along and across the roads

Facilitating evacuation of encroachment along the road sides

Landscaping along road sides

Construction of flyovers and airstrips

PWD undertakes two kinds of repairs for maintenance of buildings, viz., ordinary

repairs and special repairs. Ordinary repairs are carried out annually and include

activities like white washing, color washing, repairs of patches, replacement of small

broken parts, painting of doors, etc. Special repairs are less frequent and include

repairs to the damaged portions of the building, floors, doors and windows and

replacement of water supply and sanitary fittings.

Detailed Functions performed by various wings of HP PWD & HPRIDC is as below;

Road & Bridges Wing

Head of Road & Bridges wing is a Chief Engineer who looks after the functions of the wing which

are listed below;

Construction and maintenance of State buildings and their transfer from one

department to another

Construction and maintenance of building on behalf of other departments (except for

the Police Department)

Acquisition of land for construction of buildings and roads

Settlement of claims of contractors

Construction and maintenance of National Highways on behalf of Government of

India

Construction and maintenance of all roads in the State (except those owned by the

local bodies within municipal limits), bridges, ferries, tunnels, ropeways, causeways,

strategic roads, tactical roads, border area roads etc.

Toll levied by the State Government in connection with State subjects other then toll

levied by the Local bodies

Follow with Ministry of Railways with regard to development of railways and other

facilities provided by the Ministry of Railways

Construction of roads and bridges with funds made available by State Government

from budget allocations, by raising loan from Financial Institutions, by raising Bonds

and allocation under Central Road Funds (CRF)



Construction of Rural links and development of Core networks through village roads

under PMGSY sponsored by Ministry of Rural Development, Govt. of India

Construction and maintenance of buildings of State Government departments with

funds provided under budget allocation, grant-in-aid/matching grant from Govt. of

India

Construction and maintenance of National Highways in the State with funds provided

by Ministry of Road Transport & Highways, Govt. of India

All aspects of tendering process right from the pre-qualification stage to the opening

of bids and its evaluation

Quality Control & Design Wing

Quality Check & Control Wing is headed by the rank of Engineer-in-Chief. It performs the

following functions;

Quality control wings monitors, manages and tracks all processes relevant to quality

assurance along with the entire execution of work.

Coordinates inspection processing and initiates corrective measures.

Create and maintain Quality Register

Capture test results/build test lab at sites

Generate National Quality Monitor/ State Quality Monitor

Track Action &Take report from site

To do inspection of site after complaint by any stakeholder of project.

National Highway Wing

Chief Engineer, National Highways looks after the improvement and maintenance of National

Highways. There are 2 NH circle and 5 NH divisions who reports to CE. The CE-NH reports to E-in-

C.

The functions of this wing are as follows;

Reduce the line of communication between the GoI and state authorities

Achieve efficiency in implementation by avoiding cumbersome and outdated

delegations for administrative and technical sanction which limit the ability of the

HPPWD to respond quickly

Achieve uniform maintenance & construction standard on National Highways



Architecture Wing

Head of Architecture wing is Chief Architect who looks after the activities of the wing listed

below;

Generate Building Designs

Generate Preliminary Sketch/Concept Note/Master Plan/ Working Drawing/Detail

Drawing

It helps to maintain building designs/drawings and make them available centrally

It also assists to provide drawings for the estimate preparation

Generate feasibility report for any project undertaken by PWD or RIDC

Coordinates with other department (such as electrical, water & sanitation) for

Planning and estimate preparation

Arbitration Wing

Superintending Engineer Arbitration Circle Solan deals with the entire arbitration cases of the

Department viz.

Entry of Court Cases & Follow up actions

All the court cases registered against the department are centrally maintained in this

wing

It maintains the details of court case, status and make available to reporting seniors if

required.

Electrical Wing

Superintending Engineer (Electrical) controls the works related to electrical installation, central

heating, air conditioning, lifts, fire-fighting, fire alarm system, L.T. Sub-Station, Public Address

system and CCTV systems in all Govt. residential & non-residential buildings. There are two

electrical circles and 5 electrical divisions.

Mechanical Wing

Superintending Engineer (Mechanical) controls the works related to this wing. SE (Mechanical)

reports to CE (Road & Bridges). There are one mechanical circle and two mechanical divisions.



4 Recommendation and Road Ahead

This section shall give a listing of the issues noted and illustrate actions that need to be taken by PWD for effective implementation of IT. Benefits of taking the proposed actions have also been listed to give reader an understanding of thought process behind the proposed action.

Public Works Department of Himachal Pradesh is primarily responsible for executing following

different types of development works;

Construction and maintenance of new roads, national highways & bridges

Construction and maintenance of residential and non-residential buildings

Construction of roads under centrally sponsored schemes

Undertaking deposit contribution works relating to different government

departments as well as of other local bodies

Resettlement works due to natural calamities like flood, earth quakes etc.

Construction of roads under employment guarantee scheme

Fixation of rent of private premises requisitioned for housing government offices

Developing parks and gardens in the vicinity of important public buildings and

landscaping of grounds

Providing reservation facility of government rest houses and circuit houses

To permit construction of approaches on both sides of roads to private individual,

other institutions, factories, petrol pumps etc.

Making provisions for irrigation drains, electricity lines, telephone duct cables etc.

Along and across the roads

Facilitating evacuation of encroachment along the road sides

Landscaping along road sides

Construction of flyovers and airstrips

PWD undertakes two kinds of repairs for maintenance of buildings, viz., ordinary

repairs and special repairs. Ordinary repairs are carried out annually and include

activities like white washing, color washing, repairs of patches, replacement of small

broken parts, painting of doors, etc. Special repairs are less frequent and include

repairs to the damaged portions of the building, floors, doors and windows and

replacement of water supply and sanitary fittings.



The list of different processes for PWD is as below:

Sr.

No. Name of the Process

A Execution Process

1. Preparation of estimate for Road work and its Administrative Approval(State Budget)

2. Preparation of Estimate for Bridge Works (Original Work) and its Administrative Approval (State Budget)

3. Preparation of estimate for Original Building Work & its Administrative Approval

4. Preparation of detail estimate and its technical Sanction

5. Checking of Estimations / DPR(State Budget)

6. Preparation and Approval of Structural Design

7. Revision of Estimate & Approval(State Budget)

8. Time Extension request under contract(State Budget/PMGSY/NABARD)

9. Execution of Deposit Work

10. Progress monitoring (Physical and Financial)

11. Annual Maintenance Plan(Roads)

12. Preparation of Annual Plan

13. Enlistment of Contractor (C & D level)

14. Enlistment of Contract(A & B level)

15. Tendering and Contract Management

16. Deviation in work(State Budget, NABARD)

17. Approval of works under CRF, ISC, EI scheme (Ministry of Roads, Transport & Highway)

18. Release of funds under CRF / Interstate Connectivity / Economical Important scheme



19. Approval of works under NABARD( Rural Infrastructure Development Fund – RIDF)

20. Release of funds by NABARD under RIDF

21. Approval of work under PMGSY

22. Payment under PMGSY

23. Release of fund under PMGSY

24. Purchase Plan

25. Purchase Of Material

26. Issue of material

27. Approval for repair of Government vehicles / Machinery

28. Preparation of estimate for Bridge work and its approval (Mechanical work)

29. Purchase of Machinery/Vehicles

30. Annual maintenance Plan for Electrical Work

31. Preparation of Estimate for electrical installation at site and its approval

32. Preparation of estimate for NH works

33. Billing & Payments(NH)

34. Annual Plan for NHs( Ministry of Road & Highway, GOI)

35. NOC for retail outlet / access to private properties / construction of new buildings

36. Land Acquisition process of National Highway( Under the National highway act,1956)

37. Release of NOC(Other than NH)

38. Estate Office

39. Revision of SOR

40. Issue of MBs

41. Processing of complaints- Vigilance Cell

42. Requisition of Vehicles

43. Requisition of IT equipment



44. Process of Arbitration

45. Meetings Management

B Financial Process

1. Budget Allotment

2. Billing and Payment

3. Audit of Records

4. Release of LOC

5. Reconciliation of expenses

6. Payment under establishment(other than salary)

C Common Process

1. File Movement in PWD Office

2. RTI processing

3. Assembly Question

4. Procedure to defend court cases in subordinate courts

5. Procedure to defend court cases in High court / Supreme Court

6. Process of E-Samadhan

7. Petty Purchase

8. Purchase of items through DGSND

D Quality Control Process

1. Technical testing of material

2. Inspection of Work

3. Inspection of work based on complaints

4. Inspection of PMGSY Work

E HPRIDC Process

1. Approval of Project under HPRIDC



2. Approval of DPR under HPRIDC

3. Tendering & Contract agreement of Consultant under HPRIDC

4. Tendering & contract agreement of Contractors under HPRIDC(up gradation work)

5. Billing & payment of contractor under HPRIDC

6. Time Extension based on Variation under HPRIDC

7. Approval Of variation Quantity

8. Approval of Black spot work under HPRIDC

9. Periodic Maintenance work under HPRIDC

10. Billing & Payment of periodic Maintenance Work

11. Dispute Management under HPRIDC

12. Complete work flow of up gradation work under HPRIDC

F Human Resource Process

1. Service Record Book

2. Earned Leave

3. Transfer of Employee

4. Sanction of Leave other than Earned Leave

5. Promotion(Group C Employees)

6. GPF Management

7. Loan/Withdrawal through GPF

8. Promotion (Group A&B Employees)

9. Release of Pension- Payment Order (Gratuity, Pension, Commutation of Pension)

10. No objection Certificate for Pensioner Benefits

11. GPF – Payment on Retirement

12. GPF Number Allotment



4.1 Technology

On the basis of the identified solutions for the issues faced in the execution of the work of PWD, the technological recommendations have been devised as shall be illustrated in the subsequent sections.

Network Architecture

The applications shall be hosted at the SDC. All the Users on internet will access the application/interface servers located in the public zone and the departmental users on intranet shall be accessing the application from Sub Divisional offices, Circle, etc.

All the Branches will get terminated at the SDC. The Connectivity between the various branches / State Data Center / Disaster Recovery Centre will be as per the following Diagram

Networking forms the back-bone of any IT infrastructure setup in the current period. Data and functional integrity between the applications installed at different locations depends on the networking connectivity between the locations. Reliable and high bandwidth connectivity between all the offices of PWD will make a centralized architecture feasible that will remove duplicate data entry and make the information flow across the hierarchy smooth. However, it is important to note that the implementation of a state-wide network infrastructure is a part of national e-Governance programme; therefore PWD shall use HIMSWAN for the implementation



its proposed ERP solution. HIMSWAN should be utilized as the communication backbone for connecting HPPWD offices (up to Divisional Office level). Offices outside the span of HIMSWAN Point of Presence (POP) can be connected through optimal connectivity means like Optical Fiber Cable (OFC) or leased lines as per requirement and availability. However, wherever, it is not possible to have network connectivity using these options, department can consider using broadband connection over VPN

But, looking at the pace of implementation and connectivity problem at the offices located at

remote locations, it is therefore suggested that all the proposed ERP solution shall have the

architecture that works in both offline and online mode with the central server at the State Data

Centre. The architecture should be such that it supports the synchronization of data with

centralized database when the systems work in offline mode to consolidate the data at the

central database (refer below Figure). The offline and online mode is dictated by the reliability

and bandwidth of the connectivity between the office and the central server. The offline mode

shall be case only when the required reliability and bandwidth is not available. It is hoped that

when the HIMSWAN implementation is fully implemented all the offices of PWD shall be

functioning in online mode.



Solution Architecture

The application will be hosted on the Himachal State Data Center. The application will be

accessible to the administrator, department users, citizens and business. Various components of

the solution are shown on in the fig. below:-



Users

Users of the application are department employees, Citizens and contractors etc.

o Citizens

The citizens can register themselves via Portal. Once registered, citizens will be able to log

into the Portal using their credentials and will access the portal services for which they

are authorized. Citizen registration or can fill applications and track the status of their

requests / road complaints through web browser as well as mobile devices via SMS. The

Portal will make the public content available to all users without authentication.

o Business Users (Contractors)

Contractor will register on the portal for the enlistment, submit bills online, submit

project progress reports any project related communication with the contractor will be

done through the online system.

o Departmental Users

Department users will access the application as per the predefined roles to take action on

the work-items and update the project status. Users will use system for their day to day

activities and generate MIS. Any departmental communication between the employees

will be done through the system.

Presentation Layer

The proposed solution will provide a way for users (PWD Employees, Contractors, Business and

Employees of PWD) to interact with the application. User interfaces are implemented using

different technologies to render and format data for users and to acquire and validate data

coming in from them. Under the proposed system a web based portal and Mobile based will

facilitate the communication between the Public Works Department and Business Entities and

Citizens of Himachal Pradesh.

Service Layer

The service components are the critical elements of the proposed model. These elements define

the way in which the request will be entertained, processed and finally executed.

o Service agents: When a business component needs to use functionality provided in an

external service, you may need to provide some code to manage the semantics of

communicating with that particular service. Service agents isolate the idiosyncrasies of

calling diverse services from your application, and can provide additional services, such



as basic mapping between the format of the data exposed by the service and the format

the proposed application requires.

o Service interfaces: To expose business logic as a service, service interfaces are created,

that supports the communication contracts (message-based communication, formats,

protocols, security, exceptions, and so on) it’s different user’s require. Service interfaces

are sometimes referred to as business facades.

To-Be Processes

The proposed application will have embedded improved To-Be processes as the core mechanism

for the execution of work. These processes will detail out the optimum way by which the work

will be executed. The proposed ‘To-Be’ processes will define the work flow, the roles and

responsibilities of the service personnel – process owners, main and participating actors,

information and data flow, decision points, starting and completion criteria, constituent

activities, rules and regulations for the actors, workflow , service levels etc.

Business Layer

Application layer will be the technology within which the To-Be processes will be embedded. This

layer would define all the functionality and work flow of service delivery and contains all the

possible logics based on acts, rules, government orders, departmental orders, etc. This layer will

contain the defined way through which the user can interact with the application – provide

required input to the system and get output from the system. Also, this backend supports an

intelligent Management Information System (MIS) so as to perform the defined functionality for

monitoring and reporting associated with the selected services.

Additionally, this layer would interact directly with the application process and perform common

application services based on the service request. It will also ensure that effective communication

between all the components in a network is possible.

o Business entity components

The Proposed application requires data to be passed between components. The data is

used to represent real-world business entities, such as services and applications. The

business entities that are used internally in the application are usually data structures,

such as Datasets, Data Readers, or Extensible Markup Language (XML) streams, but they

can also be implemented using custom object-oriented classes that represent the real-

world entities your application has to work with, such as a service or application.

o Business components

Regardless of whether a business process consists of a single step or an orchestrated

workflow, the proposed application will require components that implement business



rules and perform business tasks. Business components implement the business logic of

the application

Database Layer

The database layer will host any data that is persisted or consumed by the application. Relational

databases housing application data, content repositories, Directory, external storage are

examples of components that will be part of Database layer. This layer will be the centralized

data repository for the contents and associated attached documents by user department. Along

with the service related data, the repository will also hold the information documents along with

archives of the content available on the portal.

The data storage and handling will also be a backend task as defined by the system in specified

structure. Advantages of proposed service component based architecture:

Introduces one comprehensive data repository ensuring

Reduced duplication of effort

Removal of redundancy from the processes

Cross verification of information

Easy access to inter-departmental data

Reduced requirements for verification

Scope for innovations

Data access logic components

The application and the services will need to access a data store at some point during a business

process. It makes sense to abstract the logic necessary to access data in a separate layer of data

access logic components. Doing so centralizes data access functionality and makes it easier to

configure and maintain.

Components for security, operational management, and communication

The Proposed application will probably also use components to perform exception management, to authorize users to perform certain tasks, and to communicate with other services and applications



Security Recommendations

Security can be sub-divided into two broad categories of Logical Security and Physical Security. The logical security can be defined as the electronic security to maintain data integrity and prevent any unauthorized access/modification of data. On the other hand, the physical security deals with security of the physical infrastructure and protects it from any physical damage

4.1.3.1 Logical Security

Logical Security comprises of security needed for the data and the applications from malicious/ harmful code or attacks or data on the network and the internet. It shall broadly comprise of the following components:

Firewall- A firewall is a dedicated appliance, or software running on another computer, which

inspects network traffic passing through it, and denies or permits passage based on a set of rules.

A firewall's basic task is to regulate some of the flow of traffic between computer networks of

different trust levels. As the firewall shall provide perimeter security at the Data Center. Due to

its relatively high importance in the system, the following design criteria have been decided for

this-

High Availability

Support for virtual firewall / sliced firewall functionality

Support for multiple types of VPN

Ability to handle different network segments

Intrusion Prevention System- An intrusion prevention system is a computer security device that

monitors network and/or system activities for malicious or unwanted behavior and can react, in

real-time, to block or prevent those activities. Network-based IPS, for example, will operate in-

line to monitor all network traffic for malicious code or attacks. When an attack is detected, it

can drop the offending packets while still allowing all other traffic to pass.

The intrusion prevention system offered shall need to include content filtering gateway to

provide protection against malicious content in the form of modified data packets, corrupt codes

etc. The Content Security Gateway scans data in real-time as it enters the network, unlike

traditional anti-virus software, which requires files to be written to disk before scanning

commences. It also provides effective protection against new blended attacks, which may render

systems vulnerable.

High Availability

Protection from zero day attacks

Detection from attacks such as TCP hijacking, Trinoo, TFN, SYN Floods etc.

Monitoring of various protocols such as TCP/IP, ICMP, UDP, FTP, RPC, DNS, HTTP, etc.

Protection against Viruses, Spam, Adware, Spyware, etc.



Administration & Monitoring- Robust reporting capabilities, advanced notification options, and

an intuitive web-based console should be used to enable effective administration and monitoring

of the data center. An Enterprise Management Solution needs to be considered to facilitate

monitoring and administration of the IT infrastructure installed at the Data Centre. Care has to

be taken that a 24x7 Administration & Monitoring Capability is provided.

4.1.3.2 Physical Security

In addition to the logical security being offered to the data center from malicious/ harmful data

packets on the internet, the physical infrastructure would need to be protected from physical

threats as well. Physical security is the protection of personnel, hardware, programs, networks,

and data from physical circumstances and events that could cause serious losses or damage to

an enterprise, agency, or institution. This includes protection from fire, natural disasters,

burglary, theft etc. Moving in this direction, Physical Security shall comprise of the following

components:

Environment

Careful site selection and accommodation planning of a purpose-built computer

installation shall be conducted. Reference to the security specifications for construction

of special installation or office as standard should be made

Data centres and computer rooms shall have good physical security and strong protection

from disaster and security threats, whether natural or caused by other reasons, in order

to minimise the extent of loss and disruption.

Backup media containing business essential and/or mission critical information shall be

sited at a safe distance from the main site in order to avoid damage arising from a disaster

at the main site

Equipment Safety

All information systems shall be placed in a secure environment or attended by staff to

prevent unauthorised access. Regular inspection of equipment and communication

facilities shall be performed to ensure continuous availability and failure detection



Staff in possession of mobile device or removable media for business purposes shall

safeguard the equipment in his/her possession, and shall not leave the equipment

unattended without proper security measures.

IT equipment shall not be taken away from sites without proper control

Physical Access Control

A list of persons who are authorised to gain access to data centres, computer rooms or

other areas supporting critical activities, where computer equipment and data are located

or stored, shall be kept up-to-date and be reviewed periodically

All access keys, cards, passwords, etc. for entry to any of the information systems and

networks shall be physically secured or subject to well-defined and strictly enforced

security procedures

All visitors to data centres or computer rooms shall be monitored at all times by

authorised staff. A visitor access record shall be kept and properly maintained for audit

purpose

All staff shall ensure the security of their offices. Offices that can be directly accessed from

public area and contain information systems or information assets should be locked up

when not in use or after office hours

In line with the above conditions the following measures need to be taken-

Restricting the entry of personnel in the room by allowing only pre-authorized

officials/staff into the Data Centre using authentication procedures.

In addition to this a 24 x 7 surveillance comprising of CCTVs and sensors (heat,

temperature, etc.) are needed to keep track of all conditions in the data center- Entire

Data Centre should be covered using Closed Circuit Video Surveillance, Recording and

Replay facilities. Use of Motion Sensors is preferable.

The CCTV surveillance system should support operations in duplex communication

(record and relay) mode.

The recorded video should be stored for a minimum period of 6 months.

A 24-hour battery power backup is required for the access control system including the

electric door lock(s).

The access control system should also be connected to the UPS if it is installed.

The entrance to the building shall be guarded by the Building Management’s Security

Guards. At the reception, guards provided by the State shall be deployed and shall capture

details of all visitors. Scanning of all personnel before entry into data Centre would be

mandatory.



Heavy-duty electric lock has been recommended for the main entrance doors. With time

delay setting, the lock would effect after time is over. The lock must be fail-safe type.

Panic Bolt should be provided at the emergency exits.

4.1.3.3 Access Control Security

Data Access Control

Access to information shall not be allowed unless authorized by the relevant information

owners

Data access rights shall be granted to users based on a need-to-know basis

Data access rights shall be clearly defined and reviewed periodically. Records for access

rights approval and review shall be maintained

Access to information systems containing information classified CONFIDENTIAL or above

shall be restricted by means of logical access control

Authentication

Access to classified information without appropriate authentication shall not be allowed

Authentication shall be performed in a manner commensurate with the sensitivity of the

information to be accessed

Consecutive unsuccessful log-in trials shall be controlled.

User Identification

Each user identity (user-ID) shall uniquely identify only one user.

Users are responsible for all activities performed with their user-IDs

User Privileges Management

Procedures for approving, granting and managing user access including user

registration/de-registration, password delivery and password reset shall be documented

All accounts shall be revoked after a pre-defined period of inactivity

User privileges shall be reviewed periodically

The use of special privileges shall be restricted and controlled



Password Management

Passwords shall not be shared unless necessary (e.g., helpdesk assistance, shared PC and

shared files). The risk of sharing passwords is that it increases the probability of security

being compromised

Passwords shall always be well protected when held in storage. Passwords shall be

encrypted when transmitted over an un-trusted communication network

All vendor-supplied default passwords shall be changed before any information system is

put into operation

All passwords shall be promptly changed if they are suspected of/are being compromised,

or disclosed to vendors for maintenance and support

Mobile Computing and Remote Access

Appropriate security measures shall be adopted to avoid unauthorized access to or

disclosure of the information stored and processed by these facilities. Authorized users

should be briefed on the security threats, and accept their security responsibilities with

explicit acknowledgement

Employees are prohibited from connecting workstations and mobile devices to external

network by means of communication device, such as dial-up modem, wireless interface,

or broadband link

Security measures shall be in place to prevent unauthorized remote access to Department

information systems and data

Unauthorized computer resources including those privately-owned shall not be

connected to Department internal network. If there is an operational necessity, approval

from Department should be sought

Application List

The main objective of introducing IT in an organization is to bring efficiency and transparency in the core and support business functions. PWD needs specific software applications to support its core and support business, therefore a list of core and support applications have been proposed

A. Primary Applications

Budget Allocation and Management

Work Execution

Project Planning

Road and Bridge Inventory

Routine Maintenance Management



Finance and Accounts Management

Quality and Control

Purchase and Store

Traffic Management System

Tools and Machinery

Grievance System

Legal and Arbitration

HRMS

B. Base Application

Web Portal

Digitization of SOR

Contractor Empanelment System

User Dashboard and Profile

MIS

User Management Module



Application Description



Process Module Mapping

Module / Sub Module Description Mapped To-Be Process

Work Execution

Estimation Preparation Technical sanction &

approval Architecture Design Process Tender Management Work Allocation &

Agreement Progress Monitoring of Work Work Deviation Time Extension

This module takes care of all the work execution related activities of Department like estimation and DPR preparation, technical sanction and approval of competent authorities.

1. Preparation of estimate for Road work and its Administrative Approval(State Budget)

2. Preparation of Estimate for Bridge Works (Original Work) and its Administrative Approval (State Budget)

3. Preparation of estimate for Original Building Work & its Administrative Approval

4. Preparation of detail estimate and its technical Sanction

5. Checking of Estimations / DPR(State Budget)

6. Preparation and Approval of Structural Design

7. Revision of Estimate & Approval(State Budget)

8. Time Extension request under contract(State Budget/PMGSY/NABARD)

9. Execution of Deposit Work 10. Progress monitoring

(Physical and Financial) 11. Preparation of Annual Plan 12. Deviation in work(State

Budget, NABARD) 13. Approval of works under

CRF, ISC, EI scheme (Ministry of Roads, Transport & Highway)

14. Approval of works under NABARD( Rural Infrastructure Development Fund – RIDF)



15. Approval of work under PMGSY

16. Approval for repair of Government vehicles / Machinery

17. Preparation of estimate for Bridge work and its approval (Mechanical work)

18. Preparation of Estimate for electrical installation at site and its approval

19. Preparation of estimate for NH works

20. Annual Plan for NHs( Ministry of Road & Highway, GOI)

21. NOC for retail outlet / access to private properties / construction of new buildings

22. Land Acquisition process of National Highway( Under the National highway act,1956)

23. Release of NOC(Other than NH)

24. Issue of MBs 25. Meetings Management 26. Approval of Project under

HPRIDC 27. Approval of DPR under

HPRIDC 28. Time Extension based on

Variation under HPRIDC 29. Approval Of variation

Quantity 30. Approval of Black spot work

under HPRIDC 31. Periodic Maintenance work

under HPRIDC

Asset management

Annual maintenance plan

This module shall handle the roads inventory of the state. It

1. Annual Maintenance Plan(Roads)



Tools and Machinery Routine maintenance

System Road and Bridge Asset

Register (GIS based) Traffic Information system

shall store data pertaining to roads inventory, roads surface condition, pavement, deterioration, condition of bridges, etc. in respect of all the roads in the state. It shall provide comprehensive MIS in respect of the roads in the state. The outputs shall be viewable on textual and map interfaces

2. Purchase of Machinery/Vehicles

3. Annual maintenance Plan for Electrical Work

4. Estate Office 5. Requisition of Vehicles 6. Requisition of IT equipment

Project Planning

Activity Planner Work Flow Management Resource Allocation MIS reporting

This module will take care planning of project activities and define deliverables and further workflow / resource required for completion of activities.

1. File Movement in PWD Office

Financial & Accounts Management

Budget Pre Planning Budget Approval Process Budget Allocation System Budget Monitoring Billing and payment to

Contractor Billing and payments

This Module will improve governance by providing real – time financial information that can be used to administer programmes effectively, formulate budgets and manage resources. Financial and Accounts Management System will computerize the key aspects of budgeting and accounting operations

1. Budget Allotment 2. Billing and Payment 3. Audit of Records 4. Release of LOC 5. Reconciliation of expenses 6. Payment under

establishment(other than salary)

7. Billing & Payments(NH) 8. Release of funds under CRF

/ Interstate Connectivity / Economical Important scheme

9. Release of funds by NABARD under RIDF

10. Payment under PMGSY 11. Release of Fund under

PMGSY 12. Billing & payment of

contractor under HPRIDC



13. Billing & Payment of periodic Maintenance

Purchase & Store The purchase and Store Management System should consist of computerized database of the store inventory, including records of receipts & issues, stock-in-hand etc.

1. Purchase Plan 2. Purchase Of Material 3. Issue of material 4. Petty Purchase 5. Purchase of items through

DGSND

Quality and Control This module will help in working of quality and control cell like testing of material and test report generation

1. Technical testing of material 2. Inspection of Work 3. Inspection of work based on

complaints 4. Inspection of PMGSY Work

Scheme Management Scheme Management System will comprise of Master Data for various Scheme PMGSY and Scheme Codes

To manage Scheme wise database like

1. Scheme Codes 2. Start and End Date 3. Budget 4. Approval and Authorization 5. Physical and Financial

Reports

Digitization of SOR This module shall manage the detail of category wise and item wise schedule rates of all construction items being followed by the department of PWD or any other engineering wing

1. Revision of SOR

Contract Management This module shall manage the inventory of all the approved contractors PWD and

1. Enlistment of Contractor (C & D level)

2. Enlistment of Contract(A & B level)



RIDC, registration of new contractors etc.

3. Tendering and Contract Management

4. Tendering & Contract agreement of Consultant under HPRIDC

5. Tendering & contract agreement of Contractors under HPRIDC(up gradation work)

Legal and Arbitration 1. Procedure to defend court cases in subordinate courts

2. Procedure to defend court cases in High court / Supreme Court

3. Dispute Management under HPRIDC

4. Process of Arbitration 5. RTI Processing 6. Processing of complaints-

Vigilance Cell



Database Description

In line with the application description developed in the previous section, the database

description has been defined as listed in the following table (it defines the data that shall be

stored in different groups and their interlink ages).

Data base Instance Accessing departmental Application

Wings or Branches using the application

Full Access Partial Access

Work execution Engineering Engineering Project Management

Project Planning Project Management

Project Management/ Engineering

Project Management

Tendering Tendering Engineering Project Management

Finance and Accounts Management

Finance and Billing

Finance/Engineering Project Management

Budget Allocation

and Management

Project Management

Finance/Engineering Project Management

Quality and Control Quality Assurance and Inspection

Engineering

RTI ,Legal Cases

,Grievance System

and Arbitration

RTI and Legal Cases

Legal/Engineering

Human Resource and Management

Human Resource and Management

HRM

Road and Bridge

Inventory

Asset Management

Engineering Finance/Engineering/GIS



Data base Instance Accessing departmental Application

Wings or Branches using the application

Routine Maintenance Management

Engineering GIS and Engineering

Purchase and store Engineering Project Management/ Engineering

Finance/Engineering

Tools and

Machinery

Engineering Engineering Finance/Engineering

Contractor

Empanelment

System

Engineering Engineering Finance/Engineering

MIS & Miscellaneous

MIS & Miscellaneous

MIS and Engineering

All the wings

User Management User Management

User Management All the wings



4.2 Standards

The objective of this section is to provide a view of the standards that need to be taken care of

the by software development agency to ensure future integration with applications in other

departments and/or the new applications that shall be implemented in the future

Application and Development Standards

Software applications shall have the capability to securely exchange information and integrate or

interoperate with other applicable or related software applications. The vendor shall develop and

deploy the Software applications with the following:

Vendor shall develop on open interface, interoperable Service oriented architecture

Common, proven, pervasive, and open software products (programming, database, and

productivity software) to provide a consistent framework to enable integration,

communication, and interoperability.

Non-proprietary technologies, wherever possible, to facilitate integration and

interoperability

Use of XML formats for data transferring between different databases

Application should be web browser based

Application should have n-tier architecture

Application with middleware component for purpose of integration

Software applications should utilize target platform and network operating systems to

allow for common, open-standards-based, management tools that are deployable at

State Data Centre and can easily integrate with Enterprise Architecture domains and their

extension to management of applications

Integration Standards

For integration of different applications, use XML, ebXML standards. Using these standards

applications are required to be seamlessly integrated.



Database Standards

Data management is the management of all data/information in an organization. It includes data

administration, the standards for defining data and the way in which people perceive and use it.

The database connectivity and report and analysis depend on the data base design capability.

Therefore the vendor shall follow following standards but not limited to with regard to database

connectivity or reporting & analysis. The following database capability standards are

recommended.

Availability

Database Server should be highly available with every processing node providing full view

of data.

Database Server must support Clustering exploiting rapidly emerging disk storage and

interconnect technologies

Manageability

Single system Management view which could be a part of the overall Enterprise

Management System

A centralized, lightweight console as a primary interface for performing all management

tasks

Centralized management of user privileges

Scalability

Flexibility and effortless scalability

Security

Restrictive data access that enables users from different departments to have secure,

direct access to mission-critical data sharing

Encryption capabilities while transferring data over networks, and ability to encrypt data

stored in the database at the column level

Public Key Infrastructure (PKI) support

Support for enhanced authentication

Comprehensive auditing for inserts/ deletes/ updates / selects to quickly spot and

respond to security breaches.

Automated Disaster Recovery solution to maintain consistent transactional copies of

database

Operational Features

Database must function on Multiple Operating System Platform

Ability to index, search, and analyze data



Support different partitioning schemes to split large volumes of data into separate pieces

or 'partitions' which can be managed independently

Embedded data mining capabilities

Queue management should support queue persistence, queue logging, recoverability etc,

conforming to open standards

Database Connectivity – Defines the protocol or method in which an application connects to

a data store or database.

Java Database Connectivity (JDBC) – JDBC provides access to virtually any tabular data

source from the Java programming language. It provides cross-DBMS connectivity to a

wide range of SQL databases, and other tabular data sources, such as spreadsheets or flat

files.

Open Database Connectivity (ODBC) – A database programming interface from Microsoft

that provides a common language for Windows applications to access databases on a

network. ODBC is made up of the function calls programmers write into their applications

and the ODBC drivers themselves.

Object Linking and Embedding/Database (OLE/DB) –OLE/DB allowed connectivity to

ODBC-based SQL providers/sources as well as other formats such as text and comma

delimited.

Reporting and Analysis – Consist of the tools, languages and protocols used to extract data

from a data store and process it into useful information.

Extensible Business Reporting Language (XBRL) – Extensible Business Reporting

Language (XBRL is an open specification which uses XML-based data tags to describe

financial statements for both public and private companies.

Java Online Analytical Processing (JOLAP) – JOLAP is a Java API for the J2EE environment

that supports the creation and maintenance of OLAP data and metadata, in a vendor

independent manner.

Online Analytical Processing (OLAP) – Decision support software that allows the user to

quickly analyze information that has been summarized into multidimensional views and

hierarchies.

XML for Analysis – XML for Analysis uses the Simple Object Access Protocol (SOAP) to let

Web browser based programs access backend data sources for data analysis. The

specification allows companies to build online analytical processing (OLAP) and data

mining applications that work over the web.



Backup Policy

Objective

To counteract interruptions to business activities and to critical business processes from the

effects of major failures or disasters; to maintain the integrity and availability of information

processing and communication services

Purpose

Routine procedures should be established for carrying out the agreed back-up strategy taking

back-up copies of data and rehearsing their timely restoration, logging events and faults and,

where appropriate, monitoring the equipment environment. In order to safeguard

information and computing resources from various business and environmental threats,

systems and procedures shall be developed and implemented for backup of all business data,

related application systems and operating systems software. This shall be done on a

scheduled basis and in a standardized manner across the organization

Approach and Strategy

Back‐up of information (user‐level and system‐ level information) and software contained in the Information system shall be taken at defined frequency and protected at storage location.

Backup should be taken for all core applications, databases etc.

Backup should be kept for adequate number of years

The back‐up information shall be tested at a specified frequency in accordance with

agreed back‐up policy to verify media reliability and information integrity

The backup information shall be selectively used in the restoration of information

system functions as a part of contingency plan testing

The backup copies of the operating system and other critical information system

software shall be stored in a separate facility or in a fire‐proof container that is not

collocated with the operational software

The system backup information shall be protected from unauthorized modification

Backup media should be stored in a safe, secure environment, in accordance with

manufacturers’ specifications

Information stored on media that needs to be available longer than the media lifetime

(in accordance with manufacturers’ specifications) should be also stored elsewhere to

avoid information loss due to media deterioration



Data Retention – Data retention policy will identify documents that need to be maintained

and for how long certain documents should be kept and how they should be destroyed

Temporary Records Temporary records include all business documents that have not

been completed. Such include, but are not limited to written memoranda, Draft cost

estimation, project plans, reminders, to-do lists, report and calculation drafts, interoffice

correspondence regarding a client or business transaction, and running logs

Final Records Final records include all business documents that are not superseded by

modification or addition. Such include, but are not limited to: documents given to any

third party not employed by Organization, or government agency; final memoranda and

reports; correspondence; minutes of meeting; design/plan specifications; cost estimates;

etc. All accounting records shall be deemed final. All final records should be archived after

specific time period.

Permanent Records Permanent records include all business documents that define

Organization’s scope of work, expressions of professional opinions, research and

reference materials etc. such records should be retained for permanently and should be

updated as per requirements

Employment, Employee, and Payroll Records Employment records include, but are not

limited to job announcements and advertisements; employment applications,

background investigations, resumes, and letters of recommendation of persons not

hired; etc. such records should be retained permanently.

Data retention duration: - Data should be retained so long as the law requires or for as

long as you actually have use for them, and not a moment longer.

Localization & Language Technology Standards

Keyboard Layout: INSCRIPT Keyboard layout. However, Output of any user specific

keyboard layout must conform to Unicode current version.

Fonts: Cross platform Open Type Fonts must be used in applications. Proprietary fonts

should not be adopted unless the vendor assures interoperability. PWD should only adopt

fonts that have been tested on different platforms for the relevant scripts.

Identity & Access Management- The appropriate Identity Aggregations and

Synchronization should be used to integrate systems to share their identity information.

Single sign-on should be provided to the user for accessing the systems. Single Sign On to

make it easier for user and avoiding the need for him to write down complex password

since it becomes difficult to remember multiple passwords. Only in case of performing

critical operation or accessing sensitive information user may be asked to provide

credentials again.



Network Standards

As the solution is accessed by different stake holders in different environment and in different

networks like HIMSWAN, internet, etc. therefore the solution should support the following

Network Services technology, Service Transport technologies and all network devices. For

networking use TCP/IP (IPv4/IPv6) protocol whereas for internet, HTTP/S, HTML, J2EE, SOAP,

WSDL, UDDI, W3C standards need to be followed. The Solution Provider shall follow open

standards as far as possible.

Standards to be followed are summarized as follows:

Category Current Standards

Internet HTTP/S, HTML, J2EE, SOAP, WSDL, UDDI, W3C

Integration XML, ebXML

Messaging JMS, GoI Gateways

Forms Xforms, (PDF/XDF)

Data Security IT Act 2000 Standards

Mail Protocols SMTP, POP3,IMAP

Workflow XPDL, BPEL4WS

Databases ORDBMS

Directory LDAP

Wireless WAP,802.11

Networking TCP/IP (IPv4/IPv6)

Security Standards

Security defines the methods of protecting information and information systems from

unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide

integrity, confidentiality and availability. The vendor shall refer the IT Act 2000 standards or latest



published by Government of India for data security. The following standards and digital signature

technologies not limited to shall be followed by the vendor.

Certificates / Digital Signature – Software used by a certification authority (CA) to issue

Digital certificates and secure access to information. The evolution of Public Key

Infrastructure (PKI) is based on the verification and authentication of the parties involved in

information exchange. Examples of Certificates/Digital Signature technologies include:

Digital Certificate Authentication – Authentication implementation for controlling access

to network and internet resources through managing user identification. An electronic

document, digital certificate, is issued and used to prove identity and public key

ownership over the network or internet.

FIPS 186 – The Digital Signature Standard (DSS) specifies a digital signature algorithm

(DSA) appropriate for applications requiring a digital, rather than written, signature. The

DSA authenticates the integrity of the signed data and the identity of the signatory. The

DSA may also be used to prove that data was actually signed by the generator of the

signature. Additional references: Draft ANSI X9.30199x Part 1 and ISO/IEC

JTC1/SC27/WG2, Project 1.27.08 Digital Signature with Appendix.

Secure Sockets Layer (SSL) – An open, non-proprietary protocol for securing data

communications across computer networks. SSL is sandwiched between the application

protocol (such as HTTP, Telnet, FTP, and NNTP) and the connection protocol (such as

TCP/IP, UDP). SSL provides server authentication, message integrity, data encryption, and

optional client authentication for TCP/IP connections.

Supporting Security Services – These consist of the different protocols and components to

be used in addition to certificates and digital signatures. The designed and deployed solution

must support all the security services technologies which include the following.

Secure Multipurpose Internet Mail Extensions (S/MIME) – Provides a consistent way to

send and receive secure MIME data. Based on the Internet MIME standard, S/MIME

provides cryptographic security services for electronic messaging applications:

authentication, message integrity and non-repudiation of origin (using digital signatures)



and data confidentiality (using encryption). S/MIME is not restricted to mail; it can be

used with any transport mechanism that transports MIME data, such as HTTP.

Transport Layer Security (TLS) – Standard for the next generation SSL. TLS provides

communications privacy over the Internet. The protocol allows client/server applications

to communicate in a way that is designed to prevent eavesdropping, tampering, or

message forgery.

Web Services Security (WS Security) – Describes enhancements to SOAP messaging to

provide message integrity, message confidentiality, and single message authentication.

These mechanisms can be used to accommodate a wide variety of security models and

encryption technologies including X.509, Kerberos, and SAML.

Security Assertion Mark-up Language (SAML) – An XML-based framework for exchanging

security information expressed in the form of assertions about subjects, where a subject

is an entity (either human or computer) that has an identity in some security domain.

SAML is expected to play a key role in the Enterprise wide-Authentication initiative, and

is supported by both the Liberty Alliance and WS Security.

Performance Requirement

The proposed solution components should be scalable horizontally and vertically to take the

solution from Pilot to full-scale implementation.

Architecture Scalability -Architecture provides the Scalability to support additional users,

additional infrastructure (i.e. Hardware servers and other components), and additional

application components. Scalability is supported at the Database Layer, Application Layer

& Messaging Layer.

Application Scalability- The architecture should be scalable and it is necessary to look into

same application components/instances that be can be loaded on multiple servers to

absorb the more transactional load.

The software products scalability and performance- The product used /Application

which are using/developed shall have Replication feature so that it will be used by



directory servers to improve performance, scalability, availability, and reliability. The

replication should have following:

o Redundancy of information - Replicas back up the content of their supplier

servers.

o Faster searches - Search requests can be spread among several different servers,

instead of a single server. This improves the response time for the request

completion.

o Security and content filtering - Replicas can contain subsets of the data in a

supplier server



4.3 Training

Training programs shall help prepare the employees for working on the application. The training

programs need to be held by Vendor or be arranged by Vendor with an institute specializing in

such training.

The training content shall be different for the employees as per their designation. Depending on

the category of officers they can be categorized in –

Top Executive cum Management level

The supervision level, middle management and executive level

All other employees

Training will include the following

a. Imparting training in Information Communication Technology (ICT) which includes basic

computer training, advance computer training, Business Process related training,

application specific training etc.

b. Such trainings and skills will be imparted to all levels of HPPWD officials involved in the

processes pertaining to the selected wing or divisions.

c. Prepare and organize training programs to facilitate the officials of HPPWD in the efficient

usage of the new system

d. Implementation Partner shall include the learning from past projects implemented in

other states and update the necessary changes in the training.

e. Training shall encompass the knowledge of basic functionality of application to be

developed, Guidelines and other back-end processes.

f. Training shall also be provided for RDBMS, hardware, IT infrastructure basic trouble

shooting activities etc.

g. Trainings shall be provided to all the new employees as and when joining the department.

h. Implementation Partner would also be required to develop user manuals and computer

based tool kits, Presentations and videos to promote self-learning and assist training

participants in undergoing the training.



Training Approach

Programme Training Type Objective of Training Remarks

Awareness

Programs

Basic

Computer

Training

The purpose of this training is to

acquaint and aware HPPWD

officials employees with computer

systems (hardware, internet

browsing, using email and basic

software tools like MS Office,

adobe etc.). The effort will be

concentrated towards providing

exposure to computers especially

to ground level functionaries like

draftsman, head draftsman etc.

During the short

term capacity

building program,

core team member

would be identified

based on the

interest level as well

as assessment result

of training provided

to them

Application

Specific

Training

Specialised

Computer

Training

The training of ICT-IIS application to

be developed under this project is

envisaged compulsory for HPPWD

official cutting across departmental

hierarchy. The training is proposed

to acquaint and train the work

force with the various modules of

ICT-IIS, RDBMS, IT infrastructure,

GIS system etc. These skill set

should be enhanced for the core

group identified during the basic

computer training.

Once core team is

identified, a training

plan shall be made

for the members of

the core group. This

would enable core

group in providing

technical support to

the end users,

manage all the

existing applications

and application to be

implemented in near

future.

Training as

Domain

Knowledge

Experts

Advance

Computer

Training &

Process

Related

Trainings

Keeping in view the enormous task

of driving e-Governance in line with

the overall spirit of service

orientation most departments are

inadequately equipped in terms of

personnel and the skill-sets needed

to handle the host of issues



involved. To ensure successful e-

Governance in the HPPWD, it is

suggested that at-least 10% of the

total employees in the department

be identified as e-champion. The e-

Champions should be equipped

with advance skill like;

Project Management, Web

Technologies Management,

Process Reforms Management,

Data Security & Disaster Recovery

Management

Retraining of Existing Staff

Training programs will have to be an ongoing feature in PWD especially in the light of rapid

changes in technologies and applications.

After expiry of a pre-defined period since the last training held for a wing/branch or after major

up gradation/ changes are implemented in the system, the employees of the concerned

wing/branch would need to be re-trained in the system by the vendor or the institute arranged

by the vendor.

It is also being suggested that a self-automated module of e-training be developed for training

which can be used by the employees as and when required to refresh his/her skill

4.4 Progress Monitoring Parameters

After finalization of the IT strategy as per the vision for IT implementation in PWD, it is essential

to track the Actual progress made in comparison to the Planned Progress. For this, it is necessary

to decide on Key Performance Indicators (KPI) for the same. On the basis of benefit envisaged as

per IT vision of PWD, the KPIs can be classified into two broad categories as follows:

1. Progress Tracking Measures: It aims to assess the progress achieved in transforming PWD

operations with the aid of IT. The following KPIs can be classified in this category:

Percentage of departmental services delivered with aid of Implemented Applications.



Percentage of departmental service information published over PWD portal. For

example, Percentage of policies, percentage of information regarding allotment of plots,

etc. being provided to the public through the web portal

Percentage of transactions of each service executed electronically (including forms entry

and enquiry)

2. Customer Value Measures: It aims to assess the advantages and benefits gained with

introduction of IT within PWD and for all agencies interacting with PWD. The KPIs falling in

this category can be sub-divided further into two categories- externally visible and internally

visible as follows:

Externally Visible: This shall include the KPIs that shall be visible to entities outside PWD

like citizens and other government departments interacting with PWD

o Reduction in number of visits of citizens to department premise for each service.

o Reduction in time required to request for a service and for delivery of the end

deliverable. For example, time taken for filing a request and submitting the

documents including the time lost due to standing in the queue.

o Reduction in time required to track pending transactions for each service.

o Reduction in time required to file in and follow-up on complaints and suggestions.

o Reduction in time required to obtain information for each service

Internally Visible: This shall include KPIs that are visible inside PWD to its employees who

benefit from the introduction of IT

o Reduction of time required to locate and/or retrieve relevant information for each

activity in the service

o Reduction of paper volume to be dealt with for each activity for each service

o Reduction of time lost in tracking movement of data and status of processing

involved in the service

o Overall reduction of time invested in each activity for each service

o Reduction in number of physical movement of employees is required for data

transfer.



The exact KPIs of the analysis for each of the application that is to be implemented would need

to be studied in detail after the implementation of the project. This must be done by the PWD IT

Wing.



5 Way Forward

This section covers what needs to be taken up and done after this document. The initiatives to

be taken up after acceptance of this document have been given as follows

Initiative Steps to be taken

Implementation of

Applications

developed/underway

(PPM, FAS, dynamic web

portal and associated

services)

1. Roll out the current version of the application

2. Take the improvement possibilities identified in the plan to the

software partner for incorporation

3. Keep the areas for linkages ready for easy integration with

other future application

Implementation of new

Applications Identified

The RFP of PWD needs to be prepared for selection of a software

vendor for implementation of all new applications to be

implemented in PWD

Data Centre & Wide Area

Network

To invest in the minimum Infrastructure for IT hardware and

infrastructure to sustain requirements till State Data Centre.

it policy - himachal pradeshadmis.hp.nic.in/himachal/hpridc/hppwd it policy- draft.pdf · •it...

Documents