Intensive As Is status study on IT usage and level of computerization And IT / egovernance Roadmap Volume: INT - 14 Department Basic Education February 2007 Department of Information Technology & Electronics Government of Uttar Pradesh Version 1.0 Submitted by: PwC
Table of Contents List of acronyms...4 Executive Summary...6 CHAPTER 1: BASIC EDUCATION DEPARTMENT A BACKGROUND... 17 1. Basic Education Department - A background... 18 1.1. Basic education department... 18 1.2. Vision of the department... 19 1.3. Expectations from Information & Communications Technologies (ICTs)... 19 1.4. Department s plan for next 5 years... 20 1.5. Service delivery vision of the Department 5 year perspective... 21 CHAPTER 2: AS IS STATUS... 22 2. As Is status of computerization in the department... 23 2.1. Manpower resources at various offices of the department... 24 2.2. IT organization & people... 25 2.3. Nodal Officer, Web Master and egovernance team within the department... 25 2.4. IT related skill sets in the department... 26 2.5. Software applications in the department... 28 2.6. Hardware and Networking... 29 2.7. Data digitization... 30 2.8. IT policies... 30 2.9. Key concerns of the department... 30 2.10. Constraints to IT / egovernance initiatives... 31 2.11. IT / egovernance initiatives that are in progress... 31 2.12. e-governance Readiness score... 32 2.13. Level of Computerization... 33 CHAPTER 3: e-governance ENVISIONING... 34 3. egovernance... 35 3.1. Benefits of e-governance... 35 3.2. Department s envisioned state... 36 3.3. E-Governance Delivery Model... 38 3.4. E-Governance Prioritization Framework... 39 3.5. e-governance Roadmap... 42 CHAPTER 4: GAP ASSESSMENT... 46 4. Gap Assessment... 47 4.1. The gaps with respect to the future plans of the department... 47 CHAPTER 5: IDENTIFICATION OF SPECIFIC egovernance PROJECTS... 50 5. Specific egovernance projects... 51 2
CHAPTER 6: DATA DIGITIZATION... 54 6. Data Digitization... 55 6.1. Data digitization strategy... 55 6.2. Cost / financial outlay and timeframe for data digitization... 56 CHAPTER 7: IT ROADMAP IMPLEMENTATION FOR THE DEPARTMENT... 57 7. IT Roadmap Implementation... 58 7.1. Planning & Organization... 60 7.1.1. Define a strategic IT plan... 60 7.1.2. Define the IT organization, direction and relationships... 60 7.1.3. Define the IT Policies and Procedures... 61 7.1.4. Define the Standards... 62 7.1.5. Manage IT Investments... 62 7.1.6. Communicate the Management aims and direction... 63 7.2. Acquisition and Implementation... 64 7.2.1. Define the user requirements... 64 7.2.2. Acquire and Maintain application software... 64 7.2.3. Acquire and maintain technology infrastructure... 65 7.2.4. Install and accredit systems... 65 7.2.5. Manage changes... 66 7.3. Delivery and Support... 66 7.3.1. Define and manage service level... 66 7.3.2. Manage third party services... 66 7.3.3. Manage performance and capacity... 67 7.3.4. Ensure continuous service... 67 7.3.5. Ensure Secure System... 68 7.4. Monitoring... 69 7.4.1. Monitor the processes... 69 7.4.2. Assess internal control adequacy... 69 7.4.3. Provide for independent audit and obtain independent assurance... 69 CHAPTER 8: IMMEDIATE POSSIBLE COMPUTERIZATION INITIATIVES... 70 8. Immediate possible computerization initiatives... 71 CHAPTER 9: ANNEXURES... 72 9. Annexure... 73 9.1. Annexure -I: Contact details of the department... 73 9.2. Annexure -II: Solution deployment model... 74 9.3. Annexure -III: Training requirements of the department... 77 9.4. Annexure -IV: Best practices on Information technology usage on IT policies, standards and guidelines... 83 9.5. Annexure -V: Suggestive Information directory for the website... 93 9.6. Annexure -VI: Data digitization guidelines... 94 3
List of acronyms AMC BPR DHTML DPR DRP DSS egov e mail G2C G2G GO GPF GPR GoUP HO HOD HTML ICT IT ISSP KBPS LAN MIS MPR NeGP NIC OS PC PeMT PERT PKI PPP PwC PMS RDBMS SDLC SeMT SRS TNA UP UPDESCO XML VSAT WAN Annual Maintenance Contract Business Process Reengineering Dynamic Hypertext Markup Language Detailed Project Report Disaster Recovery Plan Decision Support System Electronic Governance Electronic Mail Government to Citizen Government to Government Government Order Government Provident Fund Government Process Reengineering Government of Uttar Pradesh Head Office Head of Department Hyper Text Markup Language Information & Communications Technology Information Technology Information System Security Policy Kilo Bytes Per Second Local Area Network Management Information System Monthly Progress Report National egovernance Plan National Informatics Center Operating System Personal Computer Project egovernance Mission Team Project Evaluation and Review Technique Public Key Infrastructure Public Private Partnership PricewaterhouseCoopers Personnel Management System Relational Database Management System Software Development Life Cycle State egovernance Mission team Software Requirement Study Training Need Analysis Uttar Pradesh Uttar Pradesh Development System Corporation extendible Markup Language Very Small Aperture Terminal Wide Area Network 4
Executive Summary 5
Executive Summary Success to egovernance projects largely depends on three dimensions (a) People, (b) Processes and (c) Technology. Department of Basic Education needs concerted efforts in all the three dimensions to ensure that departmental services reach to its beneficiaries efficiently and egovernance efforts help meet the department s objectives successfully. In order to align the department s egovernance initiatives with National egovernance Plan (NeGP) and State egovernance efforts, Government of Uttar Pradesh has appointed PricewaterhouseCoopers (PwC) to undertake "As Is assessment of Information Technology (IT) usage and level of computerization in the department and subsequently prepare 5 year egovernance roadmap for the department. This draft report summarizes the existing status of the department towards computerization and egovernance initiatives. With the understanding of the department s vision, services, stakeholders, expectations from Information Communications & Technology (ICT) and the envisioned state of the department for next 5 years in respect to interface with its beneficiaries / stakeholders, egovernance roadmap has been prepared and presented with a 5 year view in this report. The assessment and roadmap has been prepared after detailed interaction with department s personnel and the response provided through the questionnaire submitted by PwC. This report has been prepared after interaction with SCERT, Directorate of literacy and alternative education, Basic Education directorate and Education for all project. The focus of egovernance is the services of the department that it renders to its beneficiaries / customers and not merely the activities that the department does. The findings of As Is study on IT usage and level of computerization for Department of Basic Education is as follows: As Is Assessment Status Existence of Core departmental software application Does not exist LAN at HO (of all the offices) Does not exist LAN at other offices Does not exist WAN for the department Does not exists No of computers in the department (approximately) 63 in Education for all Project and Directorate of Literacy and alternative education No of servers in the department 3 Official e-mail id of the departmental personnel Existence of web site Does not exist Yes 6
State of data As Is Assessment Manual Status Skills (for IT and relevant area) Department would require to train 40000 people in IT and relevant area Existence of department s egovernance team Yes Existence of egovernance Nodal Officer Existence of web master Existence of IT function / cell in the department Existence of formal IT policies in the department Level of computerization score (from three categories of High, Medium and Low)* Level of egovernance readiness (from three categories of High, Medium and Low)* * Framework for level of computerization and egovernance readiness score is provided in chapter -2 of this report. The department envisages that all offices of the department viz Head office, and field offices are networked with each other so that the information flow is prompt and information related to decision making is available with out unnecessary delays. The department also envisages that Head office and field offices are connected to treasury so that electronic submission of documents and flow of funds can be facilitated. Yes No No No Low Low In realizing the vision of providing services efficiently and promptly from each office of the department, it looks forward to provide personal computers upto the level of senior clerk / section officer. The basis of providing computers upto this level is that the paper work is mostly handled by them, and by automating the services upto this level of department, egovernment services can be provided efficiently to the citizens. Automating the services in phased manner will enable the department to provide G2C and G2B and G2G services to the citizens / and other stakeholders in effective and efficient manner. The department envisages framing of policies that help general public and for pressing effective services in those areas that require immediate and focused attention. In order to create such policies and provide effective services, department needs to have two way-communications for information and data with the field offices. On one hand, the basic data regarding the needs of 7
citizens / beneficiaries would be communicated to the top level authorities so that necessary action can be initiated, and on the other hand the department s responsibilities towards its field offices regarding supply of material / technology / advice / funds could be expedited. The essence of this two way communication is to ensure that the beneficiaries of the department are provided with prompt services without hassles and cumbersome follow ups. egovernment is the achieved through meticulous planning, commitment from top management and dedicated personnel. It is essential that a very clear vision for the department is created and is percolated to all the employees. There are 4 stages in egovernment; (1) Publish, (2) Interact, (3) Transact and (4) Integrate. In stage one Publish, the department aims in providing the information about the department through electronic mode like website. The basic idea of this stage is to have wider visibility and accessibility of the department. The department could provide information regarding the procedures to avail the services, the acts / rules and various GOs, various documents that be of use to the citizens, performance indicators (both financial and physical) of past couple of years, future plans and targets for the current fiscal, management structure, names of the officers along with their contact numbers, email id etc. In stage two - Interact, the department progresses from earlier stage wherein one way communication (from the Government to the citizens) was possible, to the two way communication (between the Government and Citizens / Business etc). The department could accept and write official emails to have closer interaction with the general public to cut short usually long communication time, could accept feedback on various issues and welcome comments on the delivery of services or any other issues. In stage three Transact, the department progresses from stage II of merely informational communication, to transactional stage. In this stage the department attempts to deliver the services electronically. Certain specific services, for example, imparting of education (to students), treatment of a patient (to patient) or distribution of seeds (to farmers) cannot be provided through electronic modes, however, the delivery of such services can be facilitated with egovernance. In reference to the above cited examples, enrolment of student and for scholarship, registration or appointment 8
with the doctor or OPD (Out Door Patient Department) and registration & licensing of the retailer for the seed can be accelerated with egovernance. In this stage the financial transaction between the beneficiary and the Government could be carried out through payment gateway with the help of electronic fund transfer (EFT), electronic banking, credit card, debit card etc without having the need to visit the Government department / treasury to do the financial transactions. It is not imperative for the beneficiary to have a credit card to avail of the facility of electronic fund transfer, most of the banks are moving to computerized environment and this facility (of EFT) can be availed from the bank of the beneficiary. In stage four Integrate, the department transcends its physical boundary and shares data and information with other departments to provide the services to its beneficiaries. In this stage the department shares its databases and other information electronically with concerning departments based on need to know basis. An example could be admission of a candidate in Government medical college. The verification of credentials at the time of admission could be done electronically like High School & Intermediate marks and subjects studied (from the department of Secondary Education), Caste status (from Rural / Panchayati Raj Department in case of rural candidate and Collectorate in case of urban candidate). Successful egovernment is achieved through gradual steps. The following activities could be undertaken as possible immediate computerization initiatives: The following activities can be undertaken as possible immediate computerization initiatives: (1) Creation of IT function / cell (2) Preparation of DPRs for a. Hardware requirements b. Software requirements c. Networking (LAN structure) d. Connectivity (between the offices of the department) e. Training (Training Need Analysis) f. Web site g. Data digitization (3) Seek approval of DPRs (4) Start the process of development of the software and implementation thereof (5) Start the training of the staff In order to undertake egovernance activities, approximate costs have been estimated for the following (a) Hardware (b) Software development (c) Data digitization (d) Training, and Total cost for all the four components (The costs and the requirements provided in this report are only an estimate, it is important to note that a detailed project report needs to be prepared for each project for precise estimation of cost) 9
Approximate costs for hardware components Component Item Requirements Per unit cost Cost per item (A) Servers & System PC 1197 35000.00 41895000.00 Dual Processor based server (for database, application and backup) 6 800000.00 4800000.00 Single processor based server (For web and proxy) 2 400000.00 800000.00 Servers & System Cost 47495000.00 LAN nodes 980 900 882000 Routers (For connectivity from SWAN terminal router) 903 250000 225750000 Hardware (B) Network Switch 48 port 0 20000 0 Switch 24 port 0 10000 0 Switch 16 port 4 8500 34000 Switch 8 Port 86 7500 645000 Patch Panel 48 port 0 6000 0 Patch Panel 24 port 0 3500 0 Patch Panel 16 port 4 3000 12000 Patch Panel 8 port 86 2500 215000 Network Cost 227538000.00 (C) Peripherals 5 KVA UPS (HO) 4 175000 700000 3 KVA UPS (1 each office) 899 100000 89900000 Laser Printer (1 each office) Network printer 4 35000 140000 Laser Printer 899 8000 7192000 Storage Solution 1 100000 100000 5 U Racks (for each office) 0 3000 0 42 U Racks (For head office) 1 30000 30000 Peripheral cost 98062000.00 (D) AMC AMC (for 4 years) @10 % of Hardware cost 373095000.00 149238000.00 AMC Cost 149238000.00 TOTAL HARDWARE COST 522333000.00 10
Cost estimates for Software components Component Item Requirements Per unit cost Cost per item Software (A) (B) System Software Customized S/w for departmental domain functions OS license (per server) 8 12000 96000 Application Software license (Processor based) 2 500000 2000000 Database License (Processor based) 2 700000 2800000 Anti Virus 10 Agents 120 10000 1200000 Anti Virus 50 Agents 0 50000 0 MS Office 1197 8000 9576000 System Software cost 15672000.00 Software - one time cost 13000000 13000000 Recurring cost @10% per year 4 years 5200000 Customized software for departmental domain functions 18200000.00 TOTAL SOFTWARE COST 33872000.00 Data Digitization Cost estimates for Data digitization Number of Rate (Rs per Data records record) Amount Students 400000 3 1200000 (A) School and school infrastructure details 100000 5 500000 Teachers details 250000 3 750000 Employee data 12000 5 60000 Data Digitization Data Digitization cost 2510000.00 11
Cost estimates for training Training (A) Training Training Cost Rate No of participants Amount Basic Computer training 3000 40000 120000000 Advance level including application software 5000 350 1750000 Training Cost 121750000.00 Total estimated cost for all the components Cost Estimates Cost Estimates Hardware 522333000.00 Software 33872000.00 Data Digitization 2510000.00 Training 121750000.00 Total Cost 680465000.00 In order to have sustainable egovernance initiatives change management plays vital role. Change management aims in bringing a paradigm shift in providing services to the customers of the department. This necessitates attitudinal change, technological skills enhancement, adaptability to respond to customers requirements in ever demanding scenario and commitment to provide superlative services. The department needs to provide training to its employees to work in computerized environment to undertake e-governance initiatives and for change management. Various teams would be created and specific training would be provided to special team created for specific tasks. Training that needs to be provided to the departmental staff is detailed in this report in Annexure III. The department should start with creation of teams for successful implementation of egovernance projects, preparation of detailed project reports for each of the activities under egovernance, like development of core departmental software, data digitization, sustainability model (whether outsourced through a PPP model), site preparation, process reengineering, creation of LAN, training to departmental manpower resources, capacity building, change management etc. 12
The priority and software applications required by the department for its core and subsidiary functions are: Priority (High / Medium / Low) High Medium Functional Objective of the software School Management System Students database Personnel management system Accounts / Budget / Audit Low 1. Complaint management 2. File tracking system 3. Daak Management System The departmental services have been studied and analyzed for the value that they would provide, both to the consumers (beneficiary) and the department, on their e-enablement. The assessment of value has been done using service value analysis framework, a PwC methodology for identifying the value. The value to the consumer could be in terms of savings in time & money, no harassment, no follow-ups, prompt delivery of service / information etc. Value to the department could be in terms of efficient and proactive delivery, low cost, less manual work, less paper and file work etc. Each service, subsequent to egovernment that the department would offer, is assessed from the view of value (high or low) that it would render to the consumer and department. The egovernance roadmap is provided in Chapter 3 of this report, within which the activities that the department needs to undertake are provided in three phases. The services of phase 1 would provide high value both to the consumers and department. Activities in phase -1 are to be undertaken and implemented in the timeframe of 0 2 years. The key objective of the services / activities in this phase is to increase the visibility of the department. Services implemented in this phase have wide customer base and relatively simple delivery operations. Phase -2 services / activities are to be undertaken and implemented in 2 to 4 years timeframe. The key objective of the services / activities in this phase is to build critical transactional services. Services implemented as a part of this phase enjoy high visibility and have relatively complex delivery operations. Phase -3 services / activities are to be undertaken and implemented in 4 to 5 year timeframe. The key objective of the services / activities in this phase is to sustain value. egovernance Roadmap for the department is as follows: 13
Phase -1 0 to 2 years (I) People Related Initiatives 1. Create a committee that would look after all egovernance initiatives for the department. Also create PeMT, office level team and identify echampions. The team would look after the requirements for the entire department. 2. Create the IT function / cell in the department (Refer Chapter 7 for more details in IT function in the department) 3. Provide training to the department officials (Refer annexure III for training requirements) (II) Process / Operations Related Initiatives 1. Prepare detailed project reports (DPRs) for the enablement of e-governance in the department. DPRs to be prepared are: a. Data digitization b. Hardware requirements c. Software requirements d. Training e. Networking and connectivity f. Web site 2. Carrying out Business Process Reengineering in the department (III) Technology Infrastructure 1. Create e-mailing infrastructure within the department. 2. Procure and install the requisite hardware at the departmental locations. The locations where hardware would be installed in the first phase would be identified in the detailed project report 3. Development of core departmental integrated application software; Implementation at the core departmental application software at the locations where activities are high (as identified in the detailed project report) 4. Add the following functionality to the website a Application forms to request the services of the department b Information on the procedures to avail the services c Acceptance of grievance and complaints through the web site 5. Data digitization for (i) Students details (ii) School and school infrastructure details (iii) Teacher s details (iv) Employees data 6. Create LAN infrastructure 7. Create e-mail id of all the important functionaries 8. Establish connectivity with the State Wide Area Network (SWAN) for inter office connectivity 14
Phase -2 3 to 4 years (I) People 1. Implement the changes as recommended in the BPR exercise done in phase 1 (II) Process / Operations Related Initiatives 1. Creation of Information Systems Security Policies (ISSP), Disaster Recovery Plan (DRP) (III) Technology Infrastructure 1. Providing infrastructure throughout the department for intra-office communication through emails, share data / files / documents. 2. Undertake the implementation of software application for a. Personnel Management Software b. Budgeting & Financial Management system c. E procurement d. Other softwares like Daak Management system, File tracking system etc 3. Implementation of Core departmental integrated application software at the offices that were not covered in phase -I 4. Creation of interactive website through which the beneficiaries / citizens can submit their documents and apply for the services Phase -3 4 to 5 years (I) Process / Operations Related Initiatives 1. Implementation of Information Security Policies (ISSP) 2. Develop the information sharing and privacy policy for sharing of department information with other departments (G2G). (II) Technology Infrastructure 1. Enable the department to have Public Key Infrastructure (PKI) for secured electronic transactions 2. Creation of secured IT environment to enable the beneficiaries of the department transact safely 3. Provide the departmental services through the state portal 4. Implementation of DRP and creation of disaster recovery (DR) Site 5. Sharing of department information with the other government departments and agencies (G2G). 15
Cost for the activities in phases Component Phase 1 Phase 2 Phase 3 Y ear 1 Y ear 2 Y ear 3 Y ear 4 Y ear 5 Hardware 373095000.00 37309500.00 37309500.00 37309500.00 37309500.00 Software 28672000.00 1300000.00 1300000.00 1300000.00 1300000.00 Data Digitization 1200000.00 60000.00 Training 120000000.00 1750000.00 Total (Y ear wise) 522967000.00 38609500.00 40419500.00 38609500.00 38609500.00 The department needs computing at both head office offices and field offices, and with the kind of usage of core departmental functionalities it is recommended that a centralized architecture is adopted (various options of solution deployment model is provide in (Annexure II) of this report). Information Technology Implementation plan for the department is discussed in detail (in Chapter 7) for the four main areas (i) Planning and Organization, (ii) Acquisition & Implementation, (iii) Delivery & support, and (iv) monitoring. Best practices on information technology usage is provided (Annexure - IV) for (i) security, (ii) privacy, (iii) disaster recovery and business continuity planning, (iv) database designing and implementation, (v) software architecture, (vi) Technology Infrastructure, (vii) Integration technologies, and (viii) Adoption of local language 16
CHAPTER 1: BASIC EDUCATION DEPARTMENT A BACKGROUND 17
1. Basic Education Department - A background 1.1. Basic education department The state Government has accorded the highest priority to primary education for children in the age group of 6 to 14. In order to universalize education, the state government had a quick survey conducted to identify the gaps for primary and upper primary schools. On the basis of cluster of population the survey revealed that the department would need to open up 9524 primary schools and 4863 upper primary schools. The primary schools are to be opened up in the radius of 1.5 km and upper primary in the radius of 3 km. In order to have effective education system for the children of the state, Government has formulated various schemes, some of them are: Mid Day Meal Shiksha Mitra Scheme Prime Minister Gramoday Project Education Guarantee Scheme Education for all Objectives of the department: 1. To organize pre-service and in-service training programmes. 2. To develop textbooks, teacher manual, magazines and other relevant literature. 3. To encourage research and innovation programmes & projects. 4. To empower DIET faculty for planning and implementing strategy in the areas of improvement of the quality of achievement, access and retention 5. Expanding access to education by opening new schools, education centres etc. 6. Strengthening infrastructure in schools 7. Universal enrolment and universal retention of all children 8. Improving quality of teaching-learning 9. Community participation in basic education 10. To provide infrastructure for the schools run by Basic Shiksha Parishad, make necessary arrangements for inspection of schools, ensure availability of teachers in schools, curriculum development, conduct examinations, recognition of Private Primary and Upper Primary Schools and their supervision and inspection. 11. To give advice to the govt. from time to time for the development of Basic Education. 12. To provide a Primary School in a radius of 1.5 km. and for a population of 300 and a Junior High School in a radius of 3.00 km. and for a population of 800. 13. To ensure availability of at least two teachers in a primary school. 14. To monitor regular attendance of teachers in schools. 15. To reduce the number of drop-outs in the schools. 16. Universalization of Primary Education 18
There are various implementing bodies for the schemes formulated by the Government. Some of the implementing agencies are: 1. State Council of Educational Research and Training (SCERT) 2. Education for all project 3. Training programme under education council 4. Literacy and Alternative Education 5. Urdu education 1.2. Vision of the department The department has various implementing bodies each having distinct responsibilities. Vision of each of the implementing agency is as follows: Vision of State Council of Educational Research and Training: The vision of SCERT is primarily concerned with ensuring quality in respect of planning, management, research, evaluation and training at the school level with a view to effecting changes in policy formulation and policy implementing strategies. Vision of education for all project is The vision of Education For All Project is to make good quality free elementary education accessible and available to each child in the age group of 6 14 years Vision of the department of basic education is: The Basic Education Department's vision is to impart basic education to all the children of the state in the age-group 6 to 14 years 1.3. Expectations from Information & Communications Technologies (ICTs) With the use of ICT, department would like to provide services to the beneficiaries of the department: The department looks forward to the following 19
(1) Monitoring of different training programmes (2) Evaluations and Survey analysis (3) Greater help in implementing right to information act (4) Co-ordination among all units (5) Monitoring of Staff strengthening (6) On line collaboration of experts (7) On line examinations (8) To provide academic support to primary teacher for quality education (9) Monitoring of funds flow from head quarter to sub ordinate offices (10) To provide on line services e.g. research & evaluation, exams etc (11) On line Training programmes and monitoring the progress (12) We want that the we should integrate our Nyay Panchayat Resource Center to block and block to district so that all communication transfer of documents, letter, data entry of Educational Management Information System, reporting system can be online thru web (13) We want that funds utilization at VEC level should informed through web, that they have utilized the funds. (14) Strengthening of District Institute of Educational Training (DIET), thru e- learning. (15) To have official email ids for the staff up to the level of Section Head; this initiative would help the department to communicate efficiently both within and outside the department (16) The department would like to have interactive web site for the purpose of taking feedback from the visitors of web site, acceptance of filled in application. In ideal condition, the feedback from the users through the website should go to the concerned person s email id 1.4. Department s plan for next 5 years (1) To impart basic education to all the children upto age-group 14 years of the state (2) To saturate the demand for additional infrastructure in schools (3) To saturate the demand for access to basic education (4) To establish teacher pupil ratio of 1:40 and student classroom ratio of 1:40 (5) To ensure 100% enrolment and 100% retention (6) To improve students learning levels (7) Organization of qualitative pre-service and in-service teachers training programmes (8) Delivery of quality education in primary schools 20
(9) Capacity building of DIET faculty 1.5. Service delivery vision of the Department 5 year perspective 1. To have May I Help You service in all offices of the department that is able to provide assistance to the consumers of the department 2. All the offices of the department across the state are computerized and consumers are attended promptly 3. The offices of the department have healthy, comfortable and conducive environment for the citizens and the employees as well 4. The services of the department are provided through the Common Service Centers (CSCs) 21
CHAPTER 2: AS IS STATUS 22
2. As Is status of computerization in the department We have studied and assessed the department on the following parameters: (1) Manpower resources at various offices of the department (2) IT Organization & people (3) Nodal officer, Web Master and egovernance team within the department (4) IT related skill sets of the department (5) Application software inventory that are available with the department (6) Hardware and networking (7) Data digitization (8) IT policies (9) Key concerns of the department (10) IT / egovernance initiatives that are in progress (11) egovernance readiness (12) Level of computerization 23
2.1. Manpower resources at various offices of the department The following table gives the break up of the number of staff in the various offices. Table 1 : Number of manpower resources in the department SCERT set up Office No of units No of people No. of IT Staff (inhouse) No of IT Staff (outsource) Head Office 1 55 None None Divisional offices None None None None District offices 75 3562 None None Table 2 : Number of manpower resources in the department Education for all set up Office No of units No of people No. of IT Staff (inhouse) No of IT Staff (outsource) Head Office 1 55 None None Divisional offices None None None None District offices 70 Not provided None None Table 3 : Number of manpower resources in the department Literacy & Alternative Education set up Office No of units No of people No. of IT Staff (inhouse) No of IT Staff (outsource) Head Office 1 25 None None Divisional offices None None None None 24
Office No of units No of people No. of IT Staff (inhouse) No of IT Staff (outsource) District offices 70 210 None None Table 4 : Number of manpower resources in the department Directorate of Basic education and field offices set up Office No of units No of people No. of IT Staff (inhouse) No of IT Staff (outsource) Head Office 1 254 None None Divisional offices 16 192 None None District offices 66 2052 None None Block 813 1360 None None 2.2. IT organization & people The department does not have an IT section / cell to look after the needs of computerization 2.3. Nodal Officer, Web Master and egovernance team within the department Table 5 : Details of Nodal Officer, Web master and egov team Nodal Officers Web Master egov team 1. Smt Vasumati Agnihotri, Deputy Director (Literacy & Alternative Education) 2. Shri K K Gupta, Joint Director (DPEP) 3. Smt Partha Sarthi Sen None Yes, The department has formed an egov Team 25
Nodal Officers Web Master egov team Sharma, Additional State Project Director (UP Education for all project) 4. Shri K M Tripathi Additional Director (Basic Education) 2.4. IT related skill sets in the department Details of computer and IT related training that has been facilitated to the staff of the department is provided in the following table Table 6 : Details of (IT related) training provided to the number staff of the department - SCERT Training domain H.O. Dist office Provided by Basic training on IT Nil Hardware & Networking Nil Nil OS (system admin) & Database admin Nil Nil Communications (email) Nil Nil Project Management Nil Nil Web and emerging technologies Nil Nil Others: Nil Nil Table 7 : Details of (IT related) training provided to the number staff of the department Education for all project Training domain H.O. Dist office Provided by Basic training on IT 11 70 Hardware & Networking Nil Nil OS (system admin) & Database admin 11 70 26
Training domain H.O. Dist office Provided by Communications (email) Nil Nil Project Management Nil Nil Web and emerging technologies Nil Nil Others: Coral / page maker 4 Nil Table 8 : Details of (IT related) training provided to the number staff of the department Basic education Directorate Training domain H.O. Dist office Provided by Basic training on IT None None Hardware & Networking Nil Nil OS (system admin) & Database admin 11 70 Communications (email) Nil Nil Project Management Nil Nil Web and emerging technologies Nil Nil Others: Nil Nil Table 9 : Details of (IT related) training provided to the number staff of the department Literacy and alternative education Training domain H.O. Dist office Provided by Basic training on IT 10 Nil Hardware & Networking 10 Nil OS (system admin) & Database admin Nil Nil Communications (email) Nil Nil 27
Training domain H.O. Dist office Provided by Project Management Nil Nil Web and emerging technologies Nil Nil Others: Coral / page maker 4 Nil 2.5. Software applications in the department The details of the application software that are in use in the department are given below: S. No Name of the application software Functional objective Architect ure Database Location installed Developed / Procured from Current status software of 1. Financial Management System Maintain books of accounts 2 Tier Oracle 55 locations Compare Infobase Delhi Functional (Only 35 locations) 2. DISE District Information of School Education 2 Tier Oracle 70 locations NIEPA, New Delhi Functional 3. House Hold survey Trace Out details of out of school / disabled children 2 tier Oracle 70 locations In house Functional 4. Payroll Prepare pay bill 2 tier SQL Anywher e 1 location In house Functional 5. Decisions Support System Analysis of DISE data 2 tier Oracle 70 locations In house Functional 6. DSS For state Generate report of State Analytical 2 tier Oracle 1 Location In house Functional 28
2.6. Hardware and Networking Table 10 : Summary of status of hardware and networking status S. No. Item Description Network (1) LAN Setup SCERT Education for all project Basic education Directorate of literacy and alternative education (2) LAN setup in other administrative and field offices (3) Wide Area Networking (WAN) between different offices No Yes No No No No (4) Networking Backbone Not Applicable as there is no WAN No. of PCs in the department (5) HO and other offices Education for all: 50 PC and 3 Laptops Directorate of literacy and alternative education: 10 PC SCERT and Basic Education: Information on number of PCs not furnished Servers installed in the department (6) Servers 3 Internet Access (7) Head office Access is provided (8) Other offices Not available (9) Networking Equipment (Routers, etc) None 29
2.7. Data digitization a. Data that needs to be digitized for egovernment (a) (b) (c) (d) Students details School and School Infrastructure details Teachers details Employee details b. Status of data; whether manual or digitized Data is in manual form c. Number of records to be considered for data digitization S. No. Record type No. of records (Approx) 1 Students details 4 Lakhs 2 School and school infrastructure details inclusive of EGS Centers 1 Lakh schools and centers 3 Teachers details 2.5 Lakhs 4 Employee details 12000 2.8. IT policies The department currently does not have documented IT policies in place. 2.9. Key concerns of the department The department officials try to provide the services to its customers in a timely fashion; however, the following areas hamper the efficiency of the department in the delivery of the services to the citizens / customers / beneficiaries / other departments / employees etc Departmental process are manual and therefore a lot of time is wasted in doing the exercise again and again The department has to wait for NLM sanctions Non availability of information for district level Lack of IT Facilities We have to wait for responses from other subordinate and higher offices. 30
More than 50% posts are vacant We are not able to track out of school children which is essential to ensure enrolment of 100% children in the age group of 6 14 years Regular attendance of teachers and students is a problem which is the main reason of low quality of education as well as drop out. Teachers lack in motivation and commitment towards teaching which has affected the learning levels of students. There are large no. of teacher vacancies in schools which is affecting the proper teaching learning in schools. There is shortage of classrooms for students due to which multi-grade teaching different classes being taught in the same classroom, has to be resorted to. Quality of cooked mid-day-meal programme for students has to be ensured. 2.10. Constraints to IT / egovernance initiatives Various constraints faced by the department in taking up the IT / egovernance initiatives can be classified under the following heads: Technical people are not available Due to non sensitization of employees, they are resistant to IT No motivation for computerization Existing staff is not trained 2.11. IT / egovernance initiatives that are in progress (1) Web site is being created (2) Web based monitoring system approval is in process (3) Networking of computers at state level is in process (4) Educational Management Information System data entry is in progress (5) Basic computer training of staff is in progress (6) Purchase of MS Office 2003 & Windows 2003 Standard Edition, approval is in process 31
2.12. e-governance Readiness score The following table is the graded score on level of preparedness evaluated through the as is studies for taking up egovernance activities / applications. The scores have been classified in three categories: High, Medium and Low; we have used a framework to assess the level of egovernance readiness of the department on various parameters. The level of preparedness is graded on following basis: Score > 75% High; Between 75 and 35% Medium, and < 35% Low Basic Education Measurement Criteria The motivation in pursuing e-government from both the government Has the department (including all the administrative offices) created an egovernance team and identified a Nodal officer? Has the department created a well thought citizen charter? The enabling environment for both the government and the public to utilize e-government Does the department have adequate physical infrastructure (LAN, WAN, PCs, Servers and other networking components)? Does the department have human capacities to manage egovernance? Does the department have policies that are conducive for establishing secured egovernance environment? Does the department have functional domain specific software (s)? Sustainability, or factors that should be present in order to ensure that e-government initiatives, which are not intended to be short term catalytic exercises, are able to continue, develop further and eventually lead to a networked government Does the department have necessary legal and regulatory framework which is essential to the broadest utilization of e-government? Has department instituted organizational and cultural change? Does the department have technical a team to take care of the on-going demands arising out of egovernance initiatives? Has the department undertaken process change (BPR) initiatives to streamline the processes Status Yes No No No No No No No No No Table 11 : egovernance readiness score egovernance Readiness Score Low 1 32
2.13. Level of Computerization The following table gives a graded score on level of computerization. The scores have been classified in three categories: High, Medium and Low; we have used a framework to assess the level of computerization of the department on various parameters. The level of computerization is graded as: Score > 75% High; Between 75 and 35% Medium, and < 35% Low Table 12 : Level of computerization score Basic Education S.No Parameter Response 1 Does the department have functional domain software (s)? No 2 Has the department undertaken initiatives for development of integrated software for all of its activities? Yes 3 Does the department have operational LAN at all HOs? No 4 Does the department have operational LAN at other offices? No 5 Has the department undertaken an initiative for putting up LANs wherever the same is not existing? No 6 Are the offices of the department connected through WAN? No 7 Has the department undertaken an initiative for WAN whereever the same is not existing? No 8 Does the department have a website? Yes 9 Has the department taken an initiative for developing and hosting a website wherever the same is not existing? Yes 10 Does the department have adequate servers for web, database, application, backup, mail etc? No 11 Does the department have internal team to look after computerization needs? No 12 Has the department outsourced its computerization requirements? No 13 Is the legacy data in digital form? No 14 Is there an initiative to digitize the manual data / records? No 15 Is the department interconnected with other departments? No 16 Is there an initiative for interconnection with other departments? No 17 Does the department have UPS / Generator set to ensure the continuous computer operations? No 18 Has the department created an egovernance team / appointed a nodal officer? Yes 19 Does the department have a data center? No 20 Does the department have policies on data and database architecture, information security, disaster management etc? No 4 Computerization Level Indicator Low 33
CHAPTER 3: e-governance ENVISIONING 34
3. egovernance E-government is a way for governments to use the new technologies to provide people with more convenient access to government information and services, to improve the quality of the services and to provide greater opportunities to participate in the democratic institutions and processes. These include gains in efficiency and effectiveness from better use and management of information, whether in support of policy making or the administration of programs. Intranet technologies offer the possibility of establishing knowledge bases and cross departmental working. e-governance is defined as the application of electronic means in (1) the interaction between government and citizens and government and businesses, as well as (2) in internal government operations to simplify and improve democratic, government and business aspects of Governance. It is the transformation of government to provide Efficient, Convenient & Transparent Services to the Citizens & Businesses through Information & Communications Technologies (ICT). e-governance is the continuous optimization of government service delivery and governance by transforming internal and external relationships through digital technology, the Internet and new media. 3.1. Benefits of e-governance e-governance can fundamentally change the way government operates and relates to the stakeholders, for example: 1. Tighter integration of delivery networks 2. Horizontal integration within Governments, across departments, organizationally and functionally; 3. Change in role from that of an implementer to that of a facilitator; and 4. Citizens gain greater visibility and insight into Government activities. 35
The department has identified the following objectives from the IT / e-government initiatives 3.1.1. Web based system for providing on-line submission of applications 3.1.2. Generation of reports on weekly / monthly / quarterly and annual basis 3.1.3. To provide online information system between district and the State 3.1.4. To develop direct linkage between the State and the NLMA(National Literacy Mission Authority) 3.1.5. Effective monitoring of various programmes and schemes 3.1.6. Better Co-ordination among the head office and various units at different level 3.1.7. To provide on line services to citizens 3.1.8. Implement web based monitoring system between district and state offices 3.1.9. Fully functional computerized management information system for educational statistics 3.1.10. On line details of out of school children 3.1.11. Electronic transfer of funds to all Village education committees 3.2. Department s envisioned state The department s IT envisioned state (based on the feedback from department officials) is provided in the table below Table 13 : Envision of the department S. No. Dimension Envisioned state 1 Networking a. LAN at HOs (Basic Education, SCERT, Directorate of L&AE, Education for all project) b. Total LAN nodes i. HO: 16 nodes per office, 64 nodes ii. Div offices: 8 nodes per office: 256 nodes iii. District offices: 8 nodes per office: =70*8 = 560 nodes Total Nodes: 980 nodes c. Connectivity with SWAN i. HO (4) ii. Divisional offices (16) 36
iii. District offices (70) iv. Block level: (813) Total number of SWAN routers: 903 2 Hardware* * The exact number of hardware may change as per the need of the department. The envisioned number is a preliminary assessment of PC that could be required by the offices of the department HO: 10 PC per administrative head office = 40 PCs Divisional Offices: 4 PC per office: 64 PCs District Level: 4 PC per district office: 280 PCs Block Level: 1 PC: 813 PCs Total PCs: 1197 3 Software 1. Database of school with following modules a. School details b. Students in each class (name, father s name, caste, address, class etc) c. School infrastructure (number of class rooms, area, toilets, etc) d. Teacher s details (name, father s name, qualifications etc) e. Accounts f. Mid day meal g. Medical assessment provided h. School uniform distributed i. Text books distribution j. Scholarship distribution 2. Employee details 4 Training The department would like to provide basic computer training to its employees upto Class III and to Shiksha Mitras at school level This would entails approximately: 40,000 people 5 Data digitization Students details: 4 Lakhs School and school infrastructure details: 1 Lakhs 37
Teachers details: 2.5 Lakhs Employee details: 12000 6 Others To have official email ids for all the officers and employees upto the level of section heads. The department would like to communicate electronically with its employees and send / share files with the use of ICT The email ids would be shared with the citizens so that they can communicate with the departmental staff electronically The department would like to introduce auto responders to every email that is received from citizens Department would like to have email related policies to attend to emails with in specified time frame. It is suggested that official communication is classified into three categories; A, B and C. A Category to be responded in 1 day B category to be responded in 3 days, and C category to be responded in 5 days 3.3. E-Governance Delivery Model The department envisions itself as providing prompt services to all of its beneficiaries in the state. This would require an extensive coordination with in all of its offices in the state. In order to have extensive coordination with all the supporting offices, the department sees itself interconnected with them, seamless transfer of information and having MIS that can help department develop sound policies and to facilitate services to the citizens. The following figure gives illustrative network architecture for the service delivery in an e- Governance enabled environment Figure 3: Illustrative delivery model 38
3.4. E-Governance Prioritization Framework It is essential that the services of the department are provided electronically through the gradual stages of egovernance. Investing in the right services is a critical factor for the success of the e - governance initiatives and accrual of the benefits to the stakeholders of the department. The move towards E-Government should deliver key and tangible 4 Step benefits to the stakeholders of the department. PwC in Approach consultation with the department officials has followed a structured approach to identify what and when such eenablement should take place. We have implemented the approach of Service Value Analysis to arrive at Implementation priority. We have used a structured 4-step approach to arrive at implementation priority. The four steps involved are described in detail below: Service Value Analysis Implementation Priority Service Value Analysis 1 2 3 1. Compile the List of Services This step involved compiling the list of services provided by the department. 2. Collect information & statistics about the services This step involved collecting operational statistics and information about each service to assist in the prioritization process. Such information includes transaction volumes, customer type, service type, number of departments involved in delivering the service, etc. 3. Prepare a Service value matrix - This step involved identifying the value that will accrue from the service if it is made E- Government-enabled. This was done Customer Value Measures Value through e Government through a consultative approach with the Department Value Measures department and the analysis of the information collected about the services in the departmental questionnaire. The 39
parameters that were taken into consideration while measuring the value of e- Government enabling the services can be classified into two groups: i. Department Value Measures; explores the E-Government impact on the following: 1. Reducing cost of processing transactions; and 2. Delivering intangible benefits (e.g. boosting the image of the department) ii. Customer Value Measures; explores the E-Government impact on the following: 3. Minimizing the number of customer visits to the department premises; 4. Reducing the time required to request the service; 5. Reducing the time spent by the customer to follow-up and track the progress of the requested service; and 6. Reducing the time spend by the customer to file complaints, comments and suggestions 7. Provide flexibility to the customer to avail the service from alternate delivery channel Classification of services: Service Value Matrix The value that department would create for itself and the citizens subsequent to egovernance has been assessed through the responses provided by the department in the Set IV of the questionnaire provided by us. We have classified the services of the department into the service value matrix in the following table Table 14 : Service Value Matrix S. No Service Value to beneficiary Value to Department Service value 1. Total literacy program for basic literacy H H H H 40
S. No Service Value to beneficiary Value to Department Service value 2. Post Literacy Programmes - for Strengthening of acquired literacy status 3. Continuing Education Schemes - for Equivalency Programmes, Income Generating Programmes, Quality of Life Improvement Promotion Programme and Individual Interest Promotion Programme. 4. Providing course material to each teaching center H H H H H H H H H H H H 5. Providing education H H H H 6. Recognition to private schools 7. Enrolment of 6 14 year age children and free education to them 8. Opening of new schools in un-served areas 9. Opening of EGS / AIE centers & Bridge courses in small habitations for special category of children 10. Cooked mid day meal scheme 11. Recruitment of shiksha mitras in schools, instructors of EGS / AIE centers, Bridge courses 12. Medication assessment of disabled children and distribution of aids / appliances to them H H H H H H H H H H H H H H H H H H H H H H H H H H H H 41
S. No Service Value to beneficiary Value to Department Service value 13. Distribution of uniforms to girls 14. Distribution of text books to children H H H H H H H H 4 Step 4: Prioritize the implementation of the Initiatives-This step is involved in identifying when to implement the initiatives based on the service value identified in Step 3. The implementation priority for each high value service was defined based on the analysis of the following attributes: Service Visibility Service Complexity 1. Service Visibility describes how significantly and extensively can customers feel and experience the benefits achieved from delivering the service through E-Government. Services of high volume of transactions and a large customer base would be more visible to the department customers than other services with a very limited customer base. 2. Service Complexity describes how easy the service can be made E-Government-enabled. This depends on a number of factors such as the degree of existing automation, number of external parties involved and the number of customer documents processed. 3.5. e-governance Roadmap The department will need to undertake the e-governance initiatives on the following dimensions. People Technology Process Based on our Implementation Priority Analysis, we recommend that department undertakes the E- Government projected into three distinct phases. 42
Phase - 1 Phase - 2 Phase - 1: The key objective of the services / activities in this phase is to increase the visibility of the department. Services implemented in this phase have wide customer base and relatively simple delivery operations. Services that are high value to both the beneficiaries and the department (HH) are taken up in this phase. Phase - 2: The key objective of the services / activities in this phase is to build critical transactional services. This phase aims to establish the core critical transactional services required to support the key customer segments. Services that are High Value to the beneficiary and Low Value to the department are to be taken up for implementation in this phase. Services implemented as a part of this phase enjoy high visibility and relatively complex delivery operations. Phase - 3 Phase- 3: The key objective of the services / activities in this phase is to sustain value. Services that are Low value to the beneficiaries and High value to the department and Low value to both the beneficiaries and the department could be implemented in this phase. Phase 1 (0 2 Years) Phase 2 (2 4 Years) Phase 3 (4 to 5 Years) The following table gives the initiatives that the department needs to undertake in the three phases. Table 15 : Phase wise activities 43
Phase I 0-2 years Phase II 2 to 4 years Phase III 4 to 5 Years People People Processes/Operations and Services (i) Create a committee that would look after all egovernance initiatives for the department. Also create PeMT, office level teams and identify echampions. The team would look after the requirements for the entire department. (i) The BPR exercise taken in phase -1 would mandate various changes. Create the team for implementation of the changes. (i) (ii) Implementation of Information Security Policies (ISSP) Develop the information sharing and privacy policy for sharing of department information with other departments (G2G). (ii) Create an IT function / cell in the department (Refer Chapter 7 for details on IT Function) (iii) Provide training of departmental staff (Refer annexure III for training requirements) Process/Operations and Services (i) Prepare detailed project reports (DPRs) for the enablement of egovernance in the department. DPRS would need to be prepared for: (a) (b) (c) (d) (e) (f) Data Digitization Hardware requirement Software requirement Training Networking and connectivity website (ii) Carry out Business Process Reengineering in the department Technology Infrastructure (i) Create e-mailing infrastructure within the department. (ii) (iii) Procure and install the requisite hardware at the departmental locations. The locations where hardware would be installed in the first phase would be identified in the detailed project report. Development of core departmental Process/Operations and Services (i) Creation of Information Systems Security Policies (ISSP), Disaster Recovery Plan (DRP) Technology Infrastructure (i) Providing infrastructure throughout the department for intra-office communication through emails, share data / files / documents. (ii) Undertake the implementation of software application for Technology Infrastructure (i) Enable the department to have Public Key Infrastructure (PKI) for secured electronic transactions (ii) Creation of secure IT environment to enable the beneficiaries of the department transact safely (iii) Provide the departmental services through the state portal (iv) Implementation of DRP and creation of disaster recovery (DR) site (v) Sharing of department information with other government departments and agencies (G2G). 1 Software applications like Personnel Management, Budget & Finance, Dak Management system, etc (the applications that are state level initiatives) are considered to be developed as common applications across the state departments, Their implementation is considered in Phase II on account of the fact that these software applications will be readily available to the departments by that time. 44
(iv) (v) (vi) (vii) application software; Implementation of core departmental application software at the locations where activities are high (as identified in the detailed project report) Add the following functionalities to the website (a) Information on the procedures to avail the services (b) Application forms to request the services of the department (c) Acceptance of grievance and complaints Data digitization for (i) Students details (ii) School and school infrastructure details (iii) (iv) Teachers details Employees data Create LAN infrastructure at HO and other field offices Create e-mail id of all the important functionaries in the department (a) Personnel Management Software (b) Budgeting & Financial Management system 1 (c) (d) E procurement Other softwares like Daak Management system, File tracking system etc (e) Implementation of Core departmental integrated application software at the offices that were not covered in phase -I (iii) Creation of interactive website through which the beneficiaries / citizens can submit their documents and apply for the services (viii) Establish connectivity with State Wide Area Network (SWAN) for inter office connectivity 45
CHAPTER 4: GAP ASSESSMENT 46
4. Gap Assessment As Is assessment on IT usage and level of computerization was conducted through (a) structured questionnaire, (b) department s performance reports / development plans, (c) discussion with key people / nodal officers. The gaps are assessed for the following dimensions: (1) Hardware requirements (2) Networking in offices of the department (3) Software requirements (4) Connectivity requirements (5) Policies that are critical for creating secured egovernance environment (6) Skills (7) Data digitization Gaps on aforementioned dimension were assessed after understanding the requirements from the consumers of the department, expectations of the department from ICT, service delivery envisioning and comparing the same with the findings out of the As Is assessment conducted by us. 4.1. The gaps with respect to the future plans of the department Table 16 : Gaps Matrix S. No Components Existing level Envisaged level Gaps (1) Hardware 2 Education for all: 53 Directorate of literacy and alternative education: 10 Total 63^^ Servers: 3 ^^ kindly refer section 2.6 (2) Network (1) No network is existing (3) Software (1) Financial Management In addition to existing PCs the department would require PCs: 1197 Total Servers envisaged: 8 #LAN Nodes: 980 # Kindly refer section 3.2 Web based integrated software on appropriate technology for Additional requirements of PC: 1197 Servers: 8 Total LAN: 980 nodes (1) As mentioned in the envisaged level 2 Hardware envisioning and subsequently the gaps are approximate in nature and precise requirements along with hardware sizing can be derived only after carrying out detailed project exercise. The DPR is more systematic approach to arrive at the figures for hardware that would be required by the department 47
S. No Components Existing level Envisaged level Gaps System (2) DISE (3) House Hold Survey (4) Pay roll system (5) DSS (6) DSS for state all the services of the department: this would include: 1. Database of school with following modules a. School details b. Students in each class (name, father s name, caste, address, class etc) c. School infrastructure (number of class rooms, area, toilets, etc) d. Teacher s details (name, father s name, qualifications etc) e. Accounts f. Mid day meal g. Medical assessment provided h. School uniform distributed i. Text books distribution j. Scholarship distribution 2. Employee details (4) Connectivity No WAN #Routers for SWAN connectivity: 903 # Kindly refer section 3.2 Routers for SWAN PoP connectivity; 903 (5) IT related Policies None Policies on (1) IT Standards & Guidelines (2) Information Systems Security (3) Disaster Recovery and Backup Policies on (1) IT Standards & Guidelines (2) Information Systems Security (3) Disaster Recovery and Backup 48
S. No Components Existing level Envisaged level Gaps (6) Skills 3 Department wishes to provide the training related IT to all people who are involved in paper work. This would mean that all Class I, II and III people (Excluding drivers) would required to be trained. No of such people is approximately 40,000 Basic: 40,000 Advance level of training on project management / change management / BPR etc: 350 personnel (7) Data digitization Students details: 4 Lakhs School and school infrastructure details: 1 Lakhs Teachers details: 2.5 Lakhs Employee details: 12000 As mentioned in the envisaged level 3 In order to arrive at specific training requirements, it is suggested that detailed project exercise is undertaken through out the department 49
CHAPTER 5: IDENTIFICATION OF SPECIFIC egovernance PROJECTS 50
5. Specific egovernance projects Specific projects that the department need are (a) Development of core departmental software (b) Procurement of Licensed systems software (c) Hardware for the department Servers and Systems Network Peripherals AMC (d) Data digitization (e) Training Other IT / egovernance projects that the department would require are common with all other Government departments in nature and should adopt as suggested in the egovernance roadmap for the state. Common projects / initiatives include creation of (a) Wide Area Network, a part of the SWAN, (b) implementation of Personnel Management System, (c) implementation of Finance & budgetary management system, (d) implementation of eprocurement system, (e) creation of e-mailing infrastructure, (f) File tracking system, (g) Dak Management system, (h) implementation of asset and inventory management system, (i) creation of common service delivery centers, (j) creation of policies for egovernance framework etc An estimate of cost for the department specific egovernance projects is prepared on the basis of gap assessment as carried out in Chapter 4. The cost has been estimated for: (a) Procurement of Hardware (b) Development of Software (c) Data digitization (d) Training 51
Table 17 : Specific egovernance projects - Hardware Component Item Requirements Per unit cost Cost per item (A) Servers & System PC 1197 35000.00 41895000.00 Dual Processor based server (for database, application and backup) 6 800000.00 4800000.00 Single processor based server (For web and proxy) 2 400000.00 800000.00 Servers & System Cost 47495000.00 Hardware (B) Network LAN nodes 980 900 882000 Routers (For connectivity from SWAN terminal router) 903 250000 225750000 Switch 48 port 0 20000 0 Switch 24 port 0 10000 0 Switch 16 port 4 8500 34000 Switch 8 Port 86 7500 645000 Patch Panel 48 port 0 6000 0 Patch Panel 24 port 0 3500 0 Patch Panel 16 port 4 3000 12000 Patch Panel 8 port 86 2500 215000 Network Cost 227538000.00 (C) Peripherals 5 KVA UPS (HO) 4 175000 700000 3 KVA UPS (1 each office) 899 100000 89900000 Laser Printer (1 each office) Network printer 4 35000 140000 Laser Printer 899 8000 7192000 Storage Solution 1 100000 100000 5 U Racks (for each office) 0 3000 0 42 U Racks (For head office) 1 30000 30000 Peripheral cost 98062000.00 (D) AMC AMC (for 4 years) AMC Cost @10 % of Hardware cost 373095000.00 149238000.00 149238000.00 TOTAL HARDWARE COST 522333000.00 Table 18 : Specific egovernance projects - Software Component Item Requirements Per unit cost Cost per item Software (A) (B) Customized S/w for departmental System Software domain functions OS license (per server) 8 12000 96000 Application Software license (Processor based) 2 500000 2000000 Database License (Processor based) 2 700000 2800000 Anti Virus 10 Agents 120 10000 1200000 Anti Virus 50 Agents 0 50000 0 MS Office 1197 8000 9576000 System Software cost 15672000.00 Software - one time cost 13000000 13000000 Recurring cost @10% per year 4 years 5200000 Customized software for departmental domain functions 18200000.00 TOTAL SOFTWARE COST 33872000.00 52
Table 19 : Specific egovernance projects Data digitization Data Digitization (A) Data Digitization Data Number of records Rate (Rs per record) Amount Students 400000 3 1200000 School and school infrastructure details 100000 5 500000 Teachers details 250000 3 750000 Employee data 12000 5 60000 Data Digitization cost 2510000.00 Table : Specific egovernance projects Training Training (A) Training Training Cost Rate No of participants Amount Basic Computer training 3000 40000 120000000 Advance level including application software 5000 350 1750000 Training Cost 121750000.00 Total estimate of cost for all the aforementioned components for the departmental egovernance initiatives Cost Estimates Cost Estimates Hardware 522333000.00 Software 33872000.00 Data Digitization 2510000.00 Training 121750000.00 Total Cost 680465000.00 Disclaimer: (1) The cost implications provided above are indicative in nature for budgetary provisions and exact estimation on the same can be arrived at after detailed project report preparation (2) Aforementioned cost for core application software development is assumed for a SEI-CMM level 5 software development company (3) The cost for application software includes software development, testing, implementation, hands on user training along with training material, user manual, and 4 year on-site maintenance is expected to be separate cost (recurring cost) @ 10% of total software development cost (4) The software architecture is assumed to be Centralized (5) The database and application servers are assumed as dual processor based (6) It is assumed that the hosting of database and application software is at State Data Centers (7) Accurate cost for hardware and networking to be arrived at after detailed project preparation by the by the selected software developer (8) AMC for the hardware is assumed as 10% of total hardware cost 53
CHAPTER 6: DATA DIGITIZATION 54
6. Data Digitization 6.1. Data digitization strategy A strategy for data digitization needs to formulated, suggested components of the strategy are as follows: 1. What data and from when that needs to be converted into digital format 2. Data of from which offices is to be converted into digital format 3. On which software the data entry will be carried out 4. Where will the data entry be done; will it be at the head office (and all the physical records will be brought there) or will the same be done at field offices 5. Will the data entry be done simultaneously for all the offices at one instances (in parallel) or it will be carried out in series 6. The language in which data entry is to be done (English / Hindi / any other language) 7. The person in charge from each of the field office who would be responsible for end to end affair 8. What percentage of accuracy is expected 9. Who are the people who do the data verification 10. Whether any honorarium would be paid for data verification or not 11. If honorarium is to be given then what honorarium would be provided for the people doing the data verification 12. When would the same be disbursed 13. What is the level of training / orientation that needs to be given to the data verifiers 14. What activities are expected out of the data entry agency 15. What would be the time frame for data entry work 16. What kind of arrangement needs to be done with data entry agency 17. What are the risks associated with data entry outsourcing and what are the mitigation plans The guidelines for data digitization are given in Annexure VI 55
6.2. Cost / financial outlay and timeframe for data digitization The department needs the following data to be converted into digital format to get started for egovernance initiatives: Table 20 : Data digitization cost and time outlay S. No Data Data size (approx) No of records (approx) Indicative cost 4 Indicative timeframe 5 (1) Students details 400 bytes 4 Lakhs Rs 3 per record 6 to 8 months (2) School and school infrastructure details 2000 bytes 1 Lakh Rs 5 per record 6 to 9 months (3) Teachers details 400 bytes 2.5 lakhs Rs 3 per record 6 to 9 months (4) Employee details 2000 bytes 12 Thousand Rs 5 per record 4 to 6 months 4 Indicative cost is based on our experience of projects of similar nature 5 Indicative time frame is based on the assumption that the data digitization activity will be done for all the sites and field offices simultaneously with multiple data entry operators at one field office 56
CHAPTER 7: IT ROADMAP IMPLEMENTATION FOR THE DEPARTMENT 57
7. IT Roadmap Implementation Based on the e-governance prioritization and the department s expectations from the ICT, this section illustrate the IT Implementation Roadmap for the department. The primary objective of the IT Roadmap is to formulate a three to five year view of an appropriate technical architecture and application portfolio to meet department strategy and plan. For any IT Strategy Plan to be effective, it must incorporate all the following IT governance pillars: *Source: ISACA COBIT Framework 58
The following figure gives an overview of the activities that the department need to undertake in for the IT roadmap implementation Figure 4 59
7.1. Planning & Organization 7.1.1. Define a strategic IT plan IT has been identified as an integral tool in the in the achievement of the e-governance objectives. It is very essential to have definite strategic plan with the business goal of striking an optimum balance of information technology opportunities and IT business requirements as well as ensuring its further accomplishment. A strategic planning process must be undertaken at regular intervals giving rise to longterm plans; the long term plans should periodically be translated into operational plans setting clear and concrete short-term goals. The Information Systems (IS) strategic plan involves the creation and maintenance of a technological infrastructure plan that sets and manages clear and realistic expectations of what technology can offer in terms of products, services and delivery. The e-governance roadmap has been prepared for the department. It is very essential that this roadmap must be periodically reviewed in context of the changing priorities of the department. The operation plans for the IT implementation must be detailed keeping the e-governance Roadmap. 7.1.2. Define the IT organization, direction and relationships IT has been identified as a integral tool in the in the achievement of the e-governance objectives The IT function therefore has to be positioned in the department to enable it to: Gain the same level of recognition as do other functions Influence the level of investment in infrastructure and human resources, and Provide a key partnership to the other organizational functions, so that the support provided by IT is appropriate. The department has identified a senior level committed and experienced person as a nodal officer for egovernance initiatives. In order to get the best from the services of the nodal officer, it is recommended that the nodal officer provides his / her services only in egovernance initiatives. This would enable the nodal officer to focus his energies exclusively on egovernance related matters. It is also recommended that the nodal officer remains the nodal officer for the entire project duration and transfers within the life cycle of the project are avoided. It is recommended that the department creates a project egovernance Mission Team (PeMT) which would be involved in taking decisions on various projects of the 60
department, monitor the progress of ongoing initiatives, interact and report the progress to State egovernance Mission team (SeMT). The department should create various internal teams (task force) under the PeMT to organize, execute, and monitor projects at field levels. However, to manage the IT systems of the department, the department must constitute a separate IT function. This function would be responsible for the implementation of the IT policies, standards and procedures in the department. The structure of the model IT function has been given below figure 5. Figure 5 7.1.3. Define the IT Policies and Procedures. The department currently has no documented IT standards and policies. Documented policies should address the following areas: Information Security Policy Security and Usage focusing on risk areas (including usage of company Internet, email and technology resources) and signed by all system users. This helps ensure that everyone understands what is expected of them, 61
Internet and local area network security policy, and Privacy and Information Sharing Procurement and implementation of hardware and software; Hardware and software migration policy; Electronic document retention policy for email, file and data storage, access, update and archiving; Disaster Recovery and Business Continuity Planning. The recommended best practices for following are mentioned in annexure IV Security Policy Disaster Recovery and Business Continuity Planning Privacy policy 7.1.4. Define the Standards Standards need to be established to translate the strategic options into practical and usable user rules. It is very essential that the department defines the standards for the following Software architecture Technology Infrastructure Database Design and Implementation Integration Technologies Security The recommended best practices for the standards is given in Annexure IV 7.1.5. Manage IT Investments For the proper utilization of funds for the IT projects it is very essential that the following activities are undertaken: Formal investment criteria are defined for decision making in a responsive approval process, adaptable to the type of project 62
An investment decision-making process is defined and consider short and long term impacts, cross divisional impacts business justification, benefit realization, strategic contribution and compliance with the technology architecture and direction To allow for clear choices based in impacts, measurable benefits, time frames and feasibility, investment decisions need to be presented with options and alternatives IT budgets and investments are aligned with the IT strategy and business plans Budgets that cover end-to-end expenditures have identifiable and accountable owners and are timely and closely tracked in an automated manner Clear management accountabilities for realizing forecasted benefits and a process to track and report on benefits realization exist, eliminating cross-subsidies 7.1.6. Communicate the Management aims and direction It is essential that policies established are communicated to the user community. Given the scale and pace of change which is expected in connection with the various initiatives/projects suggested in IT Strategy Plan, it is recommended that the department employ the service of a Change Management Consultant to ensure that the projects are successfully adopted within the department. The Change Management Consultant will have the following responsibilities: Providing an overall change management framework to the department as a whole; Co-coordinating all change related activities to ensure that a consistent approach is being followed to managing change; Providing advice about how to manage change within the department (what works and what might not); Preparing department-wide communication plans and stakeholder management activities; Controlling and managing all HR Migration activities; Providing a framework in which senior stakeholders can understand and commit to Change Management; Working closely with senior stakeholders to ensure commitment, ownership and buy-in; Maintaining formal and informal communication channels with senior stakeholders; Building a sense of team spirit and identity with the department s Core team; Managing the process of identifying and providing training and support to the project; 63
Providing a single point of contact for change and training related issues within the department s IT Program; 7.2. Acquisition and Implementation 7.2.1. Define the user requirements The IT strategic plan gives the requirements of the department for various IT applications that will be required by the department. The department must have a clear understanding of the user requirements from such applications. The department must undertake the following activities: Identify key users are to support the solution analysis and recommendation. The identified users must perform a structured requirement analysis in keeping with the business processes. This can also be used as an opportunity by the department to do a Business Process Reengineering (BPR) of the existing processes. There is general acquisition and implementation method or system development life cycle methodology that is clear, understood and accepted Acquire maintain application software with the business goal of providing automated functions which effectively support the business process. Key requirements are prioritized in view of possible scope reductions, if time, quality or cost cannot be compromised Compliance with department IT architecture is monitored; including a formal process for approving deviations is also implemented. 7.2.2. Acquire and Maintain application software The department needs to follow the following guidelines for the acquisition of the software application. There is a formal, accepted, understood and enforced methodology for the implementation and acceptance of the software There is a separation between the development and testing activities Key requirements are prioritized in view of possible scope reductions, if time, quality or cost cannot be compromised The department must see that the documentation with regards to the software application is complete and the implementation partner must deliver the same to the department before final sign-off. The department must insist on the following documents at the minimum User requirement document Systems requirement document Detailed design document including the database design 64
Test plan and the results User manual for the users and system administrator. 7.2.3. Acquire and maintain technology infrastructure It is very important that the department must plan for acquisition of required hardware based on a needs analysis and follow a policy of maintaining a standardized software application portfolio. This is very important for maintaining optimum software performance and ease in system administration. The following are the guidelines that the department must follow for the acquisition of the Technology infrastructure. Maintain an up-to-date inventory of hardware and software infrastructure Ensure that the new acquisition can be integrated across different technology platforms The department must make policies for the decision to use internal resources, use the common State infrastructure or outsource the services. A well defined life cycle methodology is used to select, acquire, maintain and remove obsolete infrastructure technology Acquisition duly considers performance and capacity requirements by integrating with capacity and performance management processes 7.2.4. Install and accredit systems The department must follow the following implementation checklist for the departmental IT acquisitions Resources are available to support a separate test environment and sufficient time is allowed for the test process Commitment and involvement of stakeholders is assured in the testing, training and transition processes Test data is available and representation of live data in kind and quantity, and the test environment reflects as close as possible the live environment Stress testing is performed for new systems before they are rolled out and regression testing is conducted for existing system when changes are implemented Procedures for formally certifying and accrediting systems for security are consistently defined and adhered to. Service Level Agreement s must become a prerequisite whenever any software or hardware is purchased. Ideally, the department must go a for a third party independent audit/certification of the new system. 65
7.2.5. Manage changes The implementation of the application must be done with the minimal of disruption to the existing processes and service delivery. The department needs to undertake the following activities before the roll-out of any IT initiative. There is sufficient planning, approval and initiation process covering identification, categorization, impact assessment and prioritization of changes Complete and up-to-date application and configuration documentation is available A process is in place to manage co-ordination between changes recognizing interdependencies People have been adequately trained in the new application. The department has a rollback plan in the event of any unforeseen circumstance. Digitization of the legacy data is very important to shift from the traditional paper based systems to the electronic systems. The data digitization guidelines recommended for the department is given in Annexure VI 7.3. Delivery and Support 7.3.1. Define and manage service level The establishment of service-level agreements formalizes the performance criteria against which the quantity and quality of service will be measured. It is very important that: 1. Service levels are expressed in end-user business terms, where possible 2. Skills and tools are available to provide useful and timely service level information 3. The reliance of critical business processes on IT is defined and is covered by service level agreements 4. IT management accountabilities and responsibilities are linked to service levels 7.3.2. Manage third party services The department must ensure that for the management of external vendors 1. Clearly-defined service requirements and performance measures exist 66
2. The application of mutually agreed service level agreements is based on agreed upon associated rewards and penalties. The department retains accountability and control, and proactively manages external services 3. The service provider has a mechanism in place to report on performance measures 4. Third-party provides have a quality assurance program in place 5. All deliverables, including operational and performance requirements, are sufficiently defined and understood by all parties 6. An internal contract manager is the single point of contact with the third party 7.3.3. Manage performance and capacity The department must formulate a plan to manage the performance and capacity with the department goal of ensuring that the adequate capacity is available and that best and optimal use is made to meet required performance needs. 1. Performance requirements are included in all IT development and maintenance projects 2. Capacity and performance issues are dealt with at all appropriate stages in the system acquisition and deployment methodology. 3. The technology infrastructure is regularly reviewed to take advantage of cost/performance ratios and enable the acquisition of resources providing maximum performance capability at the lowest price 4. Study is regularly carried to analyze current and forecasted capacity 5. Current and projected capacity and usage information is made available to users and department head in an understandable and usable form 7.3.4. Ensure continuous service It is important to ensure that the IT services are available as required and ensuring a minimum business impact in the event of a major disruption. The department needs to formulate a disaster recovery and business continuity plan for IT functions. The business continuity plan at the minimum must entails the following: 67
1. The business costs of interrupted Critical infrastructure components are identified and continuously monitored 2. Continuous service provision is a continuum of advance capacity planning, acquisition of high-availability components, needed redundancy, existence of tested contingency plans and the removal of single points of failure 3. Contingency plans are regularly tested. 4. Availability requirements analysis is performed regularly 5. Service level agreements are used to raise awareness and increase cooperation with suppliers for continuity needs 6. The escalation process is clearly understood and based on a classification of availability incidents 7.3.5. Ensure Secure System Systems security is very essential for the department for the safeguarding information against unauthorized use, disclosure or modification, damage or loss. The department needs to undertake the following for safeguarding the systems. 1. Develop an overall security plan, that covers the building of awareness, establishes clear policies and standards and defines monitoring and enforcement processes 2. The department staff have a understanding of security requirements, vulnerabilities and threats, and they understand and accept their own security responsibilities 3. Logical access controls, which ensure that access to the systems, data and programs is restricted to authorized users, are implemented 4. Third-party evaluation of security policy and systems is conducted periodically 5. The user management process is centralized and system provides the means to identify and assign authorizations to users in a standard and efficient manner 68
7.4. Monitoring 7.4.1. Monitor the processes The IT systems after implementation must be continuously monitored for efficiency and effectiveness. The process for the software development must be monitored. The user requirements must be met by the IT systems. 7.4.2. Assess internal control adequacy There must be periodic review of the security procedures. The disaster recovery and the business continuity plan must be continuously checked and test runs conducted. 7.4.3. Provide for independent audit and obtain independent assurance An audit of the IT systems must be done by a third party regularly for the following: (1) Security policy adherence (2) Network systems (3) IT applications 69
CHAPTER 8: IMMEDIATE POSSIBLE COMPUTERIZATION INITIATIVES 70
8. Immediate possible computerization initiatives With the egovernance readiness level being Low and level of computerization being Low the activities that the department can undertake immediately are: (1) Creation of IT function / cell (as mentioned in Chapter-7) (2) Preparation of detailed project reports (DPRs) for a. Hardware requirements b. Software requirements (Functionality Requirement Specification, SRS etc) c. Networking (LAN infrastructure) d. Connectivity (Between the offices of the department) e. Training (Training need analysis) f. Web site g. Data digitization (3) Approval of DPRs (4) Data Digitization (5) Start the process of developing software as mentioned in gap assessment section (6) Implementation of software (7) Start capacity building 71
CHAPTER 9: ANNEXURES 72
9. Annexure 9.1. Annexure -I: Contact details of the department Details of head of the department and nodal officer involved in the as is assessment exercise Table 21 : Address and contact details Department of Basic Education Directorate of Basic Education Nishat Ganj Lucknow 226 001 Name Designation Contact No Mobile Fax email HOD Mrs. Achala Khanna Director SCERT 0522-2781040 9415596859 0522-2781125 dscert@up.nic.in Sri D.C.Kanaujia Director 0522-2780412 9415021592 0522-7780412 Not available Dr. Daljeet Singh Puri Director 0522-2613776, 2626329 9415014154 0522-2202568 ds_puri@yahoo.co.in Shri J. S. Deepak Secretary Basic Education, Govt. of U.P. & State Project Director, Sarva Shiksha Abhiyan 0522-2780384 0522-2780998 0522-2781128 updpep@sancharnet.in upefa@upefa.com upedulko@eth.net 73
9.2. Annexure -II: Solution deployment model Solution Deployment Models The presence of department is spread across the entire state. Most of the operations are performed at the district / divisional level and administrative execution and monitoring is upto the Head office level. The services of the core departmental application software need to available for the employees at all locations. Application architecture, data consolidation requirements, availability of the connectivity between the locations and its performance are some key parameters based on which solution deployment model for the department can be designed. The department application shall ideally be based on an n/three tier architecture. The implementation of state wide area network (SWAN) for the government communication needs is one of the projects which shall be undertaken under the state e-governance roadmap plan. Hence, centralized deployment architecture is the most preferred and recommended solution for the department, which provides administrative control, ease of management of the solution and several other benefits as discussed in the table below. For the centralized deployment, as discussed above a dedicated and high performing network solution is required and the SWAN can be leveraged in this regard. Table 22 : Comparison of solution deployment models Pros Option 1 - Centralized Option 2 - Hybrid Option 3 - Decentralized Ease of integrating applications within and outside the department Ease of software and systems management (version control, upgrades, etc) Data updation control and integrity management would be easier Lower cost of system software. Increased control of managing disparate information systems Maintenance of data confidentiality is high Ease of implementation/ roll outs Efficient resource utilization Data availability risk is localized to a district at a time Relatively lower no. of locations to manage Individual locations have control over their data Availability of service at one district is independent of all other district. 74
Option 1 - Centralized Option 2 - Hybrid Option 3 - Decentralized Reduced cost of ownership Reduced cost of management Reduced cost of implementation Cons High reliability on communication Single point of failure - Need for redundant site/ hardware/communications etc. Data availability risk is higher as compared to de-centralized architecture Delay in rollout to all the field units High reliability on communication Version control of applications in different locations is complex Skilled IT personnel at each location Higher hardware investments Higher communication cost Higher maintenance and IT management costs Increased application complexity Replication between databases Interfaces Difficulty in integration of inter-district and inter - departmental information Delay in rollout to all the districts Version control of applications in different locations is complex Skilled IT personnel at each location Higher hardware investments Higher maintenance and IT management costs Higher system software cost. Considering the pros and cons of the three deployment models and keeping in view that the SWAN will be available in the state providing reliable and high performance networking infrastructure and facilities, it is recommended to implement the solutions on a centralized basis. The following diagram depicts the illustrative solution deployment for centralized deployment model discussed above. 75
Figure 6 76
9.3. Annexure -III: Training requirements of the department The implementation of e-governance projects will be creating a totally transformed work environment for employees in the department and will radically redefine the way services are offered to citizens and also the internal functioning will undergo changes. Employees at all levels in the department need to be equipped with the necessary skills and abilities to perform in accordance with the changing requirements. To promote egovernance in the department, it is suggested that 10% of the total employees in the department be identified as e-champion. This is in addition to the egovernance directorate (Centre of Good Governance) structure as per the DIT, Government of India guidelines on creation of SeMT / DeMT / PeMT The table below lists down some areas where training is required to be given to the department staff: Table 23 : Training area and the target group of the department S. No. Training Area All H.O. Field offices DeMT PeMT E - Champion A General 1. E Governance & its importance 2. General Management 3. Project Management 4. Technology Management 77
S. No. Training Area All H.O. Field offices DeMT PeMT E - Champion 5. Process Reform Management 6. Financial Management B Information Technology 1. Basic Skills/Office Suite/ Internet 2. Basics of Operating Systems, Basics of Software Applications 3. Basics of Hardware and Networking Concepts 4. Basics of Programming Languages and Small Application Development, Basics of Algorithms 78
S. No. Training Area All H.O. Field offices DeMT PeMT E - Champion 5. Web Technologies and Other Technologies 6. Basics of Database Management (Concepts) and Hands on Experience in DBMS 7. Regular Back-up Procedures 8. Disaster Recovery Plan Training contents for the training area as mentioned in the previous table Table 24 : Training content for the identified training area S. No Training Area Broad contents 1. E Governance & its importance What is e-government Goals of e-government Challenges in e-government egovernance Vs Computerization National e-governance Plan (NeGP) 79
S. No Training Area Broad contents 2. General Management IT Planning Communications Inter-personal skills Managing Change 3. Project Management Target setting Activity scheduling Resource allocation Budgeting Reporting Monitoring & evaluation techniques Project management tools MS Project 4. Technology Management Systems Requirement Specification Systems Integration Solution Architecting Software Development Life Cycle (SDLC) Technology Selection Technology Trends 5. Process Reforms Management Government Process Reengineering Simplifying Procedures etools for GPR 6. Financial Management IT Project Appraisal Project Viability Analysis 80
S. No Training Area Broad contents Management of IT Projects 7. Basic Skills/Office Suite/ Internet Introduction to Computers Office automation software (like word processing, spreadsheets, etc) E-mail 8. Basics of Operating Systems, Basics of Software Applications Introduction to OS Different types of OS (Windows & Linux) Computer viruses Introduction to Software Development Software Applications 9. Basics of Hardware and Networking Concepts Basic Components of Computer(including devices) Introduction to Computer Networks Client-Server Architecture Distributed Systems 10. Basics of Programming Languages and Small Application Development, Basics of Algorithms Algorithm and pseudo code designing Introduction to Programming Languages Software Development - Design, Implement, Test Integration...etc 11. Web Technologies and Other Technologies Introduction to Internet technologies (HTML, DHTML, XML) Scripting Languages (JavaScript, VBscript,) 81
S. No Training Area Broad contents Content Management System (CMS) Offline tools 12. Basics of Database Management (Concepts) and Hands on Experience in DBMS (Oracle/Post gre sql). Introduction to DBMS RDBMS Oracle Postgress MySql MS-Access 13. Regular Backup The need of backup and what back ups are to be taken Frequency of backups Roles & responsibilities regarding backups The media and its usage policy Destruction policy Storage policy Archival policy Retrieval policy 14. Disaster Recovery Introduction The need for Disaster recovery plan and alternate site Roles and responsibilities 82
9.4. Annexure -IV: Best practices on Information technology usage on IT policies, standards and guidelines Best practices mentioned here are the relevant extracts that we have studied from other states of India. Best practices mentioned in this report are for illustrative purposes only. Government of Uttar Pradesh needs to take initiatives to develop the policies, standards and guidelines as mentioned in the State egovernance Roadmap. The areas on which initiatives need to be undertaken are: Table 25 : Best practices in security Best Practice 1: Authenticate users prior to accessing services. Access to the application systems and the supporting IT Infrastructure should not be provided without user authentication. Authenticating users provides accountability for the transactions/activities performed within the system. Best Practice 2: Use Public Key/Private Key technology for authenticating the users for providing access to the sensitive transactions Departments need to perform a risk assessment of the services/transactions processed using the Information Systems. For the critical and sensitive online transactions (e.g. submission of tender response in e- procurement), PKI based authentication shall be used. Digital signatures are most useful for transactions requiring high degree of authentication and authorization. Departments can also consider the usage of digital certificates/biometrics for authentication of users performing critical transactions in the system (e.g. for performing changes to the tax related values (master tables in the system), PKI/biometrics based authentication can be used). Best Practice 3: Use token-based or strong password based authentication where public key certificates are not feasible. Token-based systems are an improvement over passwords. Where token-based identification and authentication is not possible, a password policy based on best practices can provide an acceptable level of security. 83
Table 26 : Best practices for privacy Best Practices Placing an approved privacy policy statement on all relevant Internet, extranet, and intranet sites. Online privacy policy statements should reflect approach to privacy that addresses internal and external aspects of good privacy practice. Including privacy policy components in all relevant internal and external documents and media. Obtaining consent, when appropriate, from individuals for any personal data collection activities that the organization declares in its privacy policy. Consent can be obtained by using online forms containing checkboxes or by asking individuals to sign and return a written consent form. Designing and implementing data flagging mechanisms within systems to ensure that mechanisms for declining to consent operate effectively, or that data masking requirements can be satisfied. Ensuring that adequate protection and security of personal data are maintained by developing or revising agreements with third-party data processors or organizations to which data transfers are to be made. Enhancing data security and integrity practices by implementing additional application and Web security measures, using mechanisms like improved access control, encryption, personnel security, and backup procedures. Communication mechanisms should be created to ensure that citizens, employees, and external service providers are fully aware of the privacy policy. Effective implementation of a privacy policy can be used to demonstrate, internally and externally, that appropriate structures, controls, processes, training, and compliance systems are operational. Table 27 : Best practices for disaster recovery and business continuity planning Best Practice 1: Disaster Recovery (DR) Site Establishment of an alternate data center i.e. disaster recovery center which shall be available in the event of a major event impacting the State s main data center. State can establish its own DR site or such services can be contracted with external data center service providers. The delivered hardware will have the same capacity or at least 50 % of the capacity required for performing the State operations. Best Practice 2: Infrastructure Appropriate redundancy shall be provided in the critical IT Infrastructure including Servers, firewalls, switches and routers etc. Currently, various options exist for providing the redundancy in the Infrastructure supporting the State operations. Clustered Solution, implementation of two nodes with fault tolerant and automatic fail-over features Remote failover Solution, implementation of clustered nodes with a remote node availability in the State 84
owned DR site Disaster recovery service contract; implementation of clustered nodes with remote node availability in a DR site owned and operated by a third party service provider i.e. ISP. Stand-by system; to be implemented in case of a failure in the primary infrastructure servers. This option does not provide real time fail over capabilities. Best Practice 3: Network The offices are spread across the geography of a state and availability of communication channel from the office to the respective district head quarters is critical in service provisioning and continuation of day-to-day operations. Appropriate redundancy need to be built into the connectivity between the locations based on the bandwidth requirements. For the State, the primary connectivity option shall be a terrestrial leased line with redundancy in the network connectivity using ISDN services or VSAT connectivity. Best Practice 4: Data The security and availability of the data is critical in continuation of the operations and service delivery of the State. State shall implement appropriate data storage and archiving policies to ensure availability of the data in the event of a disaster. State should design a data backup policy which shall capture the data items for backup, frequency of data backup, data restoration procedures etc. State shall implement a secure and fireproof data storage vault, which shall be used for storing the data backup locally in the State. Access to the data backup shall be restricted for authorized personnel only. State shall also implement a secured off-site storage facility and the backup of the data, preferably in the encrypted format, shall be stored in the offsite location. In addition to the business data, the application software, system design documents, user manuals, database structures, operating system, database and other critical data shall be stored in the secured offsite location. 85
Table 28 : Best practices in database designing and implementation Best Practice 1: Use a relational database management system (RDBMS). Although there is cost and effort associated with an object-relational model, the relational data model is much more adaptive and understandable. RDBMS allows new relationships and data mappings to be easily defined. As applications and associated databases age, applications tend to depreciate because business needs change over time, while data and databases appreciate because of the valuable information contained within. Best Practice 2: When using a relational database with object-oriented programming, design the relational data model first. Object models are typically more complex than the relational model. If the object model is built first, building the relational model that matches it may not be possible. Best Practice 3: When creating an object-relational mapping between the object model and the RDBMS, keep it simple. Simple relationship mappings between objects and relational databases provide ease of use and better performance. Use the primary and foreign key relationships in the RDBMS to assist in mapping relationships between objects. Best Practice 4: Replicate stable data, based on business and performance requirements. Replication should not be used unless it is required for performance or decision support. A replication infrastructure is simpler to design for stable data. If replicated data is updated frequently (i.e., not stable), it is much more difficult to design and maintain a replication infrastructure. 86
Table 29 : Best practices for software architecture Best Practice 1: Design for the N-tier service oriented architecture. While many of the problems inherent in the monolithic and two-tier applications can be overcome by implementing applications with a three-tier architecture, large, complex projects that are anticipated to have high usage volumes and/or long life spans will be better served by an n-tier service oriented architecture N-tier applications are easily modified to support changes in business rules N-tier applications are highly scaleable N-tier architecture offers the best performance of any application architecture Any combination of user interfaces (e.g. graphical, web browser, and telephone interfaces) may be implemented in an N-tier application N-tier applications are less expensive to build and maintain because much of the code is prebuilt and shared by other applications. Best Practice 2: Do not focus on platforms or deployment Department should not focus on where application components will execute (i.e., where they will be deployed) or what platforms they will execute on Department must avoid platform-specific or hard-coded interfaces that are difficult to change. Best Practice 3: Generalize application interfaces The code providing input and output to the user interface should be designed to provide input and output to as wide a range of interfaces as possible. This should include other applications as well as other types of user interfaces Do not assume that application components will always be accessed via a graphical user interface (or any other user interface) Avoid assuming a specific page size, page format, layout language or user language whenever possible. Best Practice 5: Make business rules platform-neutral Implement business rules in a non-proprietary, cross-platform language This approach provides platform independence and portability. 87
Best Practice 6: Implement business rules as discrete components - Implement business rules as discrete executable components or services. Best Practice 7: Access data through business rules Design applications so business rules control access to data. Data is created and used by business processes. In computer applications, data must be created, used by, and managed by the application component that automates the business process Accessing data in any way other than by business processes bypasses the rules of the module that controls the data. Data is not manages consistently if multiple processes or users access it Centralized data should be used wherever possible to assure data accuracy and simplify data management. Best Practice 8: Achieve working system first - Once the detailed application design is complete, concentrate on achieving a working system utilizing off-the-shelf components whenever possible. This will allow the system to be tested first and then optimized later. Early implementation of a working system provides: A test platform for proof of concept Validation of the application design early in the development life cycle Early warning of performance issues Early validation or detection of issues provides a greater opportunity to take corrective action. Best Practice 9: Design for manageability - Design applications so they can be managed using the enterprise s system management practices and tools. Applications and their components require the following management functions: Software distribution Start-up, shutdown, and restart of components Starting multiple instances of a component. Configuration of components 88
Logging of component operations Communication of errors, exceptions, and unexpected events Security Installation, removal, and update of application modules Version control. Best Practice 10: Adopt coding standards Adopt coding standards, in all languages, on all platforms. Coding standards make debugging and maintenance easier. They should address (but not be limited to): Naming conventions for variables, constants, data types, procedures and functions Code flow and indentation Error and exception detection and handling Source code organization, including the use of libraries and include files Even the earliest code developed in a project should adhere to the standards. Best Practice 11: Design for ease of testing Design application components so they can be easily tested and debugged Testing is a critical step in the development of client/server applications Application components with consistent interfaces are easier to test on an application-wide basis Error handling, tracing, and check pointing should be included These functions should be implemented in the earliest phases of development. Table 30 : Best practices for technology infrastructure Best Practices Centralize remote systems management for mission critical applications. Implement products that use standard protocols and interfaces i.e. the infrastructure selected for Departments shall support network management and monitoring protocols and standards such as simple network management protocol (SNMP), RMON etc. Infrastructure deployed in data centers must be configured to facilitate remote management and support. An Infrastructure management console room shall be established which is physically separated from the premises where the infrastructure hosted. The administration 89
of the systems and servers shall be managed from the console room. For any emergency system operations the system administrators shall access the physical infrastructure. Systems management functions for data center should be remotely performed. System components should be configured to proactively alert in advance of failure including predictive capability. Inventories of hardware and software configurations should be maintained real-time. A reporting mechanism should be implemented for monitoring and reviewing the infrastructure performance results. Table 31 : Best practices for integration technologies Best Practice 1: Anticipate future usage. Whenever an application integration interface is constructed, anticipate future usage so the technology will be adaptable and scaleable. Best Practice 2: Use application integration strategy for online transactions, not decision support systems (DSS). Data warehouses or other solutions should be used in decision support applications. Best Practice 3: Design an integration solution that does not write directly to an operational database. Existing application logic or business rules should be used when updating an application database. An external user or application could inadvertently corrupt operational data. Best Practice 4: Recommended priority of using components of application integration are interface engine first, middleware systems second, direct program to program interface as third and last alternative. This will reduce integration effort substantially. The recommendation assumes that all three alternatives are applicable in a given situation. Best Practice 5: Use direct program-to-program interfaces for high transaction volumes. Direct program-to-program interfaces pass only the required information between applications, so performance and throughput is at the optimal level. 90
Best Practice 6: When designing an application integration solution using an interface engine, give careful consideration to the design and planning of the application interfaces and connectivity. At the beginning of the design stage, involve application developers who are knowledgeable in the business rules and interfaces to each system that needs to be accessed. Table 32 : Best practices for adoption of local language Category Using Requirement Recommendation Migrating existing application ISCII Existing environment of all systems and storage applications should be 8 bit and support win-1252 standard for storage. Data storage in ISCII. Data has to be converted to font code for display. Migration path for Unicode implementation should be specified. Unicode Existing environment and storage application should be Unicode enabled. This is applicable irrespective of nature of application, client server applications etc. Data storage un Unicode. Migration path for existing ISCII data should be specified. Backward compatibility with legacy applications needs to be specified. Creating new application ISCII Environment of all systems and storage applications Data storage in ISCII. Data has to be converted to font code for display. Migration path for UNICODE implementation should be specified. 91
Category Using Requirement Recommendation should be 8 bit and support Win 1252 standard for storage. Unicode Only environment (such as OS) and storage application, which are Unicode enabled, can be supported. This is applicable irrespective of nature of application like desktop/client server applications etc. Data storage in Unicode. Migration path for existing ISCOO data and interfacing with existing ISCII applications should be specified. 92
9.5. Annexure -V: Suggestive Information directory for the website Online features Online submission of forms Online submission of complaints and grievances Acts & Rules Main functions of the department Information on functioning of the department Departments procedures Government Orders Various GOs of department News Recent news of Government departments Recent developments of the department Various judgements related litigations RTI Information under the RTI Status of application Status of the application Name of the officer handling / dealing with the application FAQs Download Various types of applications Tender Links Links to other Government of India s web site Link to other relevant sites of GoUP Email Government officials 93
9.6. Annexure -VI: Data digitization guidelines Table 33 : Guidelines for data digitization S. No. Guidelines 1 An assessment need to be performed to identify the database requirements for the application software envisaged for the department. The data requirements in terms of master data, transaction data need to be identified, which is required for the envisaged solution. 2 Based on the initial assessment and the project timelines, the department needs to analyze whether the data digitization can be performed using the department employees or to outsource such requirement to private operators. 3 While making such decision, it is vital to evaluate the current level of skill sets existing with in the department in using computers for data digitization, the timeframe required to train the department employees in data digitization and whether such timelines are permissible within overall project timelines. 4 If department wishes to outsource the data digitization process to a private organization, department need to enter into a non disclosure agreement with the vendor to protect the privacy of the information and to ensure accuracy of digitized data. And department shall have the complete rights over the digitized data and the data digitization vendor shall not possess the department data, partly or completely. The agreement between department and the vendor need to incorporate such which ensures complete ownership of data for the department. 5 Department needs to define the data quality standards and target data formats prior to the commencement of the Data digitization. 6 The software for performing data entry must be properly designed after an adequate study of the data to be digitized. The software must have adequate validations built in to reduce errors during data entry. 7 The software deployed must be adequately tested before deployment. It is preferable to test data using live data from some of the department records that are to be digitized 8 Appropriate controls such as audit trail etc must be built into the software to ensure that changes to entered data are tracked. 9 Data entry personnel must be adequately trained in using the software. 10 The data entry personnel must also be trained adequately on understanding the 94
S. No. Guidelines structure and contents of department records which is to be digitized so as to reduce the incidence of errors while data entry 11 It is preferable to carry out data digitization at a premises designated by the department, so as to have better control over the physical registers. 12 Physical security of the premises must be ensured adequately, by restricting entry to authorized personnel only. It should be ensured that registers and other materials provided to the vendor are kept in the designated premises at all times. 13 The department must, at all times maintain track of the registers being digitized by the vendor by maintaining a log of the same. 14 Every register must be checked for number of pages, number of entries (if possible) before they are handed over to the vendor for digitization. The same must be cross checked when the register is returned after digitization 15 The department may appoint suitable personnel to supervise the work of the vendor and be available to answer queries relating to data in the registers (in case they are illegible, unclear etc) 16 The vendor may be asked to perform a first level of validation of the entered data against the data in the physical registers, before the same is submitted to the department for validation. 17 The vendor on completion of data entry and first level of validation would provide printouts of the digitized data for validation to the department. 18 Validation of the digitized data would be performed by personnel from the department level by comparing the printouts provided by the vendor with the physical registers. The department will be required to validate 100% of the digitized records to ensure that they are error free 19 Every official involved in the validation process must check a prescribed percentage of the entered records and a sign need to be obtained for the verification performed. 20 The errors so found would be marked clearly using special ink on the printouts and returned to the vendor for correction under acknowledgement, a copy of the corrected checklist would be retained by the department staff. 21 The vendor shall correct the errors marked out at no extra cost. He would then submit a print out of the corrected records for validation by the department 22 All officers and staff involved in the data validation process shall be required to submit a certificate in writing declaring the fact that he/she has verified the required percentage of records as mandated including the corrections, if any. In order to ensure compliance and accountability, all officers would be required to put their 95
S. No. Guidelines official stamp, signature and date on every record verified by them 23 The progress of the vendor must be tracked on a regular basis to ensure that the prescribed number of records are digitized within the timeframe defined for the process 96