Ministry of Panchayati Raj e-PRI Study Project - Phase IV Detailed

Ministry of Panchayati Raj

e-PRI Study Project - Phase IV

Detailed Project Report

for

Panchayati Raj Institutions

in

West Bengal

By

National Informatics Centre Services Inc.

March, 2010

ePRI Study Project (Phase IV) Detailed Project Report – West Bengal

National Informatics Centre Services Inc. Page 2 of 181

Confidentiality Statement

This report is intended solely for the information and use of the Ministry of Panchayati Raj, Government of

India, State Panchayati Raj Department, Government of West Bengal, National Informatics Centre and

should not be used, circulated, quoted or otherwise referred to for any other purpose by any institution or

individual other than the Ministry, State PR department and National Informatics Centre, nor included or

referred to in whole or in part in any document without the prior consent of National Informatics Centre

Services Inc. or the Ministry.



Acknowledgment

The ePRI Mission Mode Project holds great promise for the rural masses as it aims at streamlining the

delivery of government services to them through Panchayats. This is a one of its kind nation-wide IT

initiative initiated by Ministry of Panchayati Raj, Government of India (GoI). Being a part of this

endeavor to computerize the Panchayati Raj Institutions has been an enriching experience for the

entire e-PRI team.

On behalf of National Informatics Centre Services Inc. (NICSI), we would like to express our gratitude

towards the Central Line Ministries, State Government officials, the State Panchayati Raj department,

the officials and stakeholders at various levels of PRIs, for their kind support and guidance during the

course of study.

We would like to extend special thanks to Shri. A.N.P. Sinha, Secretary, MoPR for his continued

support and thought leadership in defining the vision and objectives for this study.

Also we are thankful to Shri. D.K. Jain, Joint Secretary, MoPR, for providing continuous guidance and

support in formulating the contours of the project and intervening at crucial times to iron out issues

faced by us during the process of interactions with various government officials.

Our sincere thanks to Dr. B.K. Gairola, Director General, NIC for providing opportunity to participate in

this unique initiative with potentially far reaching impact, for sharing his vision and insights on

empowerment of Panchayati Raj Institutions through computerization and also for providing his

valuable guidance and directions to the team for effectively executing the project.

Our special thanks to Mr. D.C. Misra, Senior Technical Director, and Ms Rama Hariharan, Technical

Director, NIC in setting overall guidelines and roadmap for project execution, in thrashing out critical

issues faced by the field teams, in ensuring support from NIC state and District officials and in

proactively addressing the issues to ensure timely execution at each step of the project.

The availability of right infrastructure is one of the critical elements in smooth execution of a project

and we would like to extend our thanks to Ms. Junu Kailay, MD, NICSI who ensured a smooth take off

for the project.

The constant guidance and coordination support extended by the State Informatics Officers of NIC

state units and the various District Informatics Officers of NIC District units was a considerable enabler

for the state team as it helped us to complete the state and district level study and carry out extensive

interactions with senior officials in the state and districts within the stipulated time.

Last but not the least; we take this opportunity to thank all the members of the central team, consisting

of Ms. Anjali Dhingra, Technical Director, NIC, Shri. Adesh Gupta, Senior Systems Analyst, NIC, Ms.



Meghna Shrimali, Principal Consultant, Mr. Anand Dubey, Senior Consultant, Mr. Ashish Nasa, Senior

Consultant, Ms. Barkha Shah, Senior Consultant and Ms. Seela Swain, Senior Consultant who have

admirably rendered their responsibilities with team spirit throughout the execution and management of

this huge study project.

The involvement and support of all these senior officials has enabled us to understand the

expectations of the project clearly. This will go a long way in defining the overall success of the project

ePRI Project – West Bengal Team

Dr. Subir Roy, SIO

Mr. Amitava Bose, NIC

Mr. Kaushik Lahiri, DIO, Murshidabad

Mr. Uditendu Sarkar, DIO, Jalpaiguri

Mr. Amalendu Ghosh, Retd. IAS, Former Commissioner, State P&RD Dept.

Tarun Banerjee, Lok Kalyan Parishad

Neela Chettri, Lok Kalyan Parishad

Amrut Sayan Patnaik, Pr. Consultant, Murshidabad

Dipankar Maitra, Pr. Consultant, Jalpaiguri

Pallab Bhattacharjee, Sr. Consultant(s)

Rakesh Gedam, Sr. Consultant(s)

Muktak Mehta, Jr. Consultant(s)

Danish Raza, WCS, Jr. Consultant(s)



Table of Content

1 EXECUTIVE SUMMARY .................................................................................................................................. 8

2 PROJECT BACKGROUND ............................................................................................................................ 11

3 APPROACH AND METHODOLOGY ............................................................................................................. 17

4 ASSUMPTIONS / PRE-REQUISITES ............................................................................................................ 20

5 REQUIREMENTS FOR E-PRI APPLICATION DEVELOPMENT ................................................................. 23

6 REQUIREMENTS FOR ICT AND CONNECTIVITY ...................................................................................... 69

7 CAPACITY BUILDING REQUIREMENTS ..................................................................................................... 75

8 CHANGE MANAGEMENT REQUIREMENTS ............................................................................................... 93

9 IMPLEMENTATION STRATEGY .................................................................................................................. 104

10 PROJECT MANAGEMENT STRUCTURE .................................................................................................... 116

11 FINANCIAL SOLUTION ................................................................................................................................. 137

12 RECOMMENDATION AND CONCLUSION .................................................................................................. 142

13 WAY FORWARD ............................................................................................................................................ 144

14 ANNEXURE .................................................................................................................................................... 145



LIST OF TABLES

TABLE 1-NAME & NO. OF PANCHAYATS IN WEST BENGAL ........................................................................................ 13 TABLE 2 LISTS OF SERVICES IDENTIFIED ................................................................................................................. 14 TABLE 3 USER ACCESS/GUI APPLICATION LAYER ................................................................................................... 33 TABLE 4 FUNCTIONALITY OF EACH MODULE ............................................................................................................. 51 TABLE 5- SUPPORT COMPONENT ........................................................................................................................... 53 TABLE 6 APPLICATION SECURITY COMPONENT LAYER .............................................................................................. 57 TABLE 7- G2E INFORMATION ECOSYSTEM .............................................................................................................. 58 TABLE 8 G2C / G2B SERVICE RELATED INFORMATION EXCHANGE ECOLOGY .............................................................. 61 TABLE 9-G2G DATA & APPLICATION SYSTEM .......................................................................................................... 65 TABLE 10 BASE DATA FOR BILL OF MATERIAL AND COSTING .................................................................................... 73 TABLE 11 NO. OF OFFICES FOR IMPLEMENTATION ................................................................................................... 73 TABLE 12- ICT SPECIFICATION .............................................................................................................................. 74 TABLE 13- ADDITIONAL POST REQUIRED ................................................................................................................ 77 TABLE 15- TRAINING MODULES ............................................................................................................................. 88 TABLE 16-EXISTING TRAINING FACILITIES IN PRI ..................................................................................................... 90 TABLE 17- NO. OF OFFICIAL TRAINED ..................................................................................................................... 92 TABLE 18 MAPPING THE ENTIRE CRITICAL STAKEHOLDER COMMUNITY ..................................................................... 94 TABLE 19 AWARENESS AND COMMUNICATION PLAN ............................................................................................... 103 TABLE 20 PROJECT PLAN WITH TIMELINES ............................................................................................................ 110 TABLE 21- DETAILED IMPLEMENTATION PLAN ........................................................................................................ 115 TABLE 22- DETAILS OF STATE LEVEL REVIEW MEETING ......................................................................................... 128 TABLE 23- STATE LEVEL FIELD MONITORING COMPONENT .................................................................................... 129 TABLE 24- LIST OF REPORT ................................................................................................................................. 131 TABLE 25 - RISK MITIGATION ............................................................................................................................... 136 TABLE 26- TOTAL COST OF E-PRI ........................................................................................................................ 137 TABLE 27- YEAR WISE BREAK UP ........................................................................................................................ 138 TABLE 28- YEAR WISE AND HEAD WISE COST ESTIMATES (IN CRORES) .................................................................. 138 TABLE 29- MONTHLY PAYOUT TABLE TO PRIS ...................................................................................................... 140 TABLE 30- STATE LEVEL ICT COST ...................................................................................................................... 148 TABLE 31- DISTRICT ICT COST ............................................................................................................................ 150 TABLE 32- PMU COST ........................................................................................................................................ 152 TABLE 33- OVERALL TRAINING COST ................................................................................................................... 153 TABLE 34 CUSTOMER USER GROUP .................................................................................................................... 158 TABLE 35 CHANNELS WILL BE USED FOR ACCESSING THE EPRI APPLICATION ........................................................... 161 TABLE 36 COMMUNICATION MEDIA ....................................................................................................................... 162 TABLE 37- SPECIFICATION OF HARDWARE COMPONENTS ...................................................................................... 180



List of Figures FIGURE 1: PROJECT APPROACH ............................................................................................................................. 17 FIGURE 2- APPROACH AND METHODOLOGY FOR DPR .............................................................................................. 18 FIGURE 3- ENVISAGED SCENARIO ........................................................................................................................... 25 FIGURE 4- PROPOSED BPR SOLUTION G2C ............................................................................................................ 26 FIGURE 5- LOGICAL ARCHITECTURE ........................................................................................................................ 28 FIGURE 6- APPLICATION ARCHITECTURE ................................................................................................................. 31 FIGURE 7-G2E INFORMATION ECOSYSTEM .............................................................................................................. 59 FIGURE 8- G2C SERVICE RELATED INFORMATION EXCHANGE RELATED ECOLOGY...................................................... 62 FIGURE 9-G2G DATA APPLICATION INTERACTION SYSTEM ....................................................................................... 66 FIGURE 10-BUSINESS LAYER SECURITY COMPONENTS ............................................................................................ 68 FIGURE 11-DEPLOYMENT ARCHITECTURE ............................................................................................................... 70 FIGURE 12-TRAINING METHODOLOGY ..................................................................................................................... 81 FIGURE 13: CENTRAL LEVEL BODY FOR EPRI MMP IMPLEMENTATION PROGRAM MANAGEMENT ............................... 117 FIGURE 14: CPMU STRUCTURE ............................................................................................................................ 119 FIGURE 15: PROGRAMME GOVERNANCE STRUCTURE AT STATE LEVEL .................................................................... 121 FIGURE 16: SPMU STRUCTURE ............................................................................................................................ 123 FIGURE 17: PROGRAMME GOVERNANCE STRUCTURE AT DISTRICT LEVEL ................................................................ 126 FIGURE 18: DPMC STRUCTURE ........................................................................................................................... 126 FIGURE 19 - RISK AREA MAPPING ......................................................................................................................... 136 FIGURE 21 - ACCESS LAYER ARCHITECTURE ......................................................................................................... 155



1 Executive Summary

The Ministry of Panchayati Raj (MoPR), as part of its mandated responsibility to strengthen the Panchayati Raj

Institutions (PRIs) across the country, is keen to introduce e-Governance in all the PRIs of the country. The e-

PRI Mission Mode project is a project of immense stature initiated by MoPR in association with National

Informatics Centre (NIC).

The needs of PRIs and citizens vary from state to state, due to variations in level of governance in PRIs and ICT

readiness of states and PRIs. The e-PRI MMP was therefore, preceded by a comprehensive study to assess the

current information and services needs of citizens, PRIs and other stakeholders (ISNA), identify the scope for re-

engineering various functions and services carried out by PRIs, (BPR) culminating in the cost estimate for

implementing the recommendations in a state wise Detailed Project Report (DPR). In West Bengal study was

conducted in Jalpaiguri and Murshidabad District Panchayats, Sadar and Jalangi & Berhampore Block

Panchayats, Kharia, SagarPara, Bhakuri-1 and HatiNagar Gram Panchayats

Intent of DPR - The key intent of Detailed Project Report on ePRI is to consolidate the findings of ISNA Phase

with Process Re-engineering suggestions from BPR Phase. DPR showcases the ePRI Project Implementation &

Program Management Plan along with time & resource requirements. The DPR serves as the roadmap for

operationalization of the e-PRI MMP in West Bengal. It provides details of the estimated cost for implementing

the MMP in West Bengal, which includes ICT Infrastructure Requirements, state-specific software applications,

Data Digitization requirements, Project Management cost etc. The implementation plan for a period of 3 years is

also provided. The DPR also proposes the Project Management and Monitoring structure for supervising the

implementation.

Proposed Implementation Plan – Implementation of the ePRI project in the State of West Bengal is proposed

to be undertaken in a Service Procurement Model (SPM) whereby a Service Procurement Agency (SPA) would

be selected through a competitive and transparent bidding process. The SPA would provide the required ICT

Infrastructure as well as provide trained computer literate manpower. The SPA would be provided adequate

monthly service charges, as defined through the bidding process, to carry out the desired tasks. The

implementation would be spread over a period of 3 years and would comprise of the following phases:

• RFP Phase – In this phase the RFP template provided by the MoPR will be customised to reflect the State-

specific requirements. The outcome of this phase would be the selection of the Implementation Agency (IA).

• Deployment Phase – This phase would comprise installation and commissioning of the hardware at all the

PRIs as well as augmentation of ICT infrastructure at the State Data Centre or the NIC Data Centre for

hosting the State-specific software applications, which will be developed at State level. Certain core common

software applications have also been identified, which would be developed centrally by NIC and customised

for each State. Trainings will be provided on the usage of these software applications and one trained

computer literate Panchayat Level Operator (PLO) will be provisioned at each PRI for backlog data entry and

provision of services, both G2C and G2G, on an ongoing basis.



• Operations and Maintenance Phase – The manpower provisioned for data entry would continue providing

operational support for a period of three years, during which the Panchayat officials / members are expected

to enhance their skill sets and become sufficiently able to use computers including the various software

applications.

To implement this project across the State in time-bound and effective manner the following 3-tier project

management structure is proposed:

1. Central Level Body – Headed by Secretary, MoPR

2. State Level Body – Headed by Principal Secretary, P&RD Department, West Bengal

3. District Level Body – Headed by CEO, ZP of the respective districts

The State level body would be supported by a Project Management Unit (PMU) for monitoring the

implementation and operations of the project. To ensure robust monitoring a Block Support Group (BSG),

comprising of one resource at each block, is also envisaged. These resources would monitor the project

activities at all PRIs in their assigned blocks and provide inputs to the PMU for monitoring.

Cost estimates for West Bengal state - The total ePRI project cost for the State of West Bengal is estimated at

Rs 113.75 Crores, which includes costs for ICT (Rs 79.87 Cr. approximately), Training (Rs 9.17 Cr.

approximately), IEC (Rs 0.73 Cr. approximately) and Project Management Unit (Rs 7.30 Cr approximately) at the

state level and Block Support Group (Rs. 16.69 Cr approximately.) at block level. The ICT cost estimates

include:

a) Costs for provision of ICT infrastructure to the PRIs at the State/ZP/BP/GP level as well as to the data

centre and Project Management Unit

b) Cost of Application development- This includes cost of development of modules at the State,

customization cost of modules developed at the Centre and cost of integration of existing PRI

applications and their customization.

c) Cost for trained PLO to be deployed at all GP, BP and ZP (Rs. 45.57 Cr. approximately)

Considering the above costs, the average monthly service charges for a ZP would be Rs 7779.35 , BP would be

Rs 5510.87 and for a GP Rs 5720.76 approximately. However, the actual payouts would be considerably

reduced owing to the local market dynamics realized through the competitive bidding process.

The suggested implementation strategy and estimated costs provided in this report have been calculated on

certain underlying assumptions, both, common across the states and specific to the state of West Bengal.

Some key common assumptions include:

• Using NICSI empanelment rates for costing

• The implementation will start within one year of the release of this report

• The civil infrastructure requirements of the PRIs, if any, will be funded by other sources such as NREGS,

BRGF, RGSY, Finance commission grants etc.



• Provision for training to be made with respect to the ePRI application only

Pre-requisites and assumptions specific to West Bengal include:

• e-PRI MMP will leverage existing technology infrastructure projects (SWAN, SDC, SSDG, etc) and physical

infrastructure where available. Likewise, the laptops, desktops, UPS, printers and internet connections that

currently exist will be leveraged by the e-PRI MMP. Such inclusions / exclusions have been factored into the

DPR costing

• In order for the team’s recommendations to hold good, there are certain legal changes that have been

identified. These have to be perused by the State PR Department and promulgated prior to the e-PRI MMP

implementation and roll out.

• The State shall approve the use of technology advancements such as Digital signatures and pass

appropriate amendments to facilitate ICT adoption through e-PRI

Subsequent to the presentation and approval of this document, the cost estimates in the State DPRs will be

finalized. All the state DPRs would then be consolidated into a National DPR at the central level.



2 Project Background Panchayati Raj Institutions (PRIs) in India are an indigenous concept of local self governance which promotes

decentralized governance by participation of the ordinary public in their own governance. This process of

democratic decentralization was set in motion with the Constitution (Seventy Third Amendment) Act passed by

the Indian Parliament in 1992, which enabled decentralized governance through PRIs in rural areas.

PRIs function at the village, intermediate (block) and district level. There are approximately 2,34,030 Gram

Panchayats at the village level, 6,053 Block Panchayats at the block level and 535 Zilla Panchayats at the

district level. There are more than 31 lakh elected representatives at all three tiers.

PRIs offer India’s rural villagers an opportunity to participate in village planning processes, to engage with the

various developmental schemes being implemented by the Government and to interact with their elected

representatives directly to ensure that their interests are being effectively served and their money properly

spent.The PRIs are also saddled with the problems of inadequate capacity vis-à-vis physical and financial

resources, technical capabilities and extremely limited computerization. This has limited the usefulness of PRIs

as the preferred delivery channel for the schemes of State and Centre as well as for citizen services.

Computerization and IT enablement of government functioning has received a high impetus with the

implementation of the National eGovernance Programme of Government of India and various states have

realized the importance of eGovernance. This has led to a concerted thrust towards computerizing the

functioning of the state line departments in most of the states. The result of this is cognizable and has brought

in its wake significant efficiencies in the departmental functioning.

While some computerization efforts for PRIs have been made by NIC over the years; unfortunately, the

eGovernance revolution sweeping the country has not touched the PRIs yet in significant measure. The Ministry

of Panchayati Raj, Government of India has realized this and decided to take up the computerization of PRIs on

a mission mode basis.

The Ministry of Panchayati Raj is mandated to ensure effective local self governance in rural areas and is

therefore committed to strengthening the PRIs. To achieve this MoPR in association with NICSI has

conceptualized a nation-wide study to take stock of the needs and expectations of various stakeholders from

PRIs and also the needs and expectations of PRIs from various stakeholders. This study is expected to result in

drafting the requirements of computerization for PRIs across the country and is being undertaken across 27

states within duration of 23 weeks.

This initiative poses unique challenges, as the coverage of the programme is in itself unprecedented not only in

India but perhaps globally too. The geographic and demographic coverage of the programme, therefore, makes

it a challenging initiative to rollout. Fathom



In addition, the level of devolution of powers to PRIs across the country varies depending upon the provisions of

the State Panchayati Raj Act and the spirit with which the devolution has been undertaken in a particular State/

UT. This implies that the services that could be delivered to the citizens by Village Panchayats in one State/ UT

could differ from another. Consequently, design of the process re-engineering, computerization and capacity

building programme would face significant challenges. This also leads to related challenges around

stakeholder’s involvement in the programme.

This project entails carrying out the following three activities:

1. Identification of Information and Services Needs of Stakeholders

2. Process Re-engineering and

3. Preparation of Detailed Project Report for the MMP

The project execution primarily was carried out across the following five tiers:

1. Central Line Ministries level

2. State level

3. Zilla Panchayat level (Zilla Parishad)

4. Block Panchayat level (Panchayat Samiti)

5. Gram Panchayat level

2.1 Introduction The recommendations of the Balwantrai Mehta Committee, the West Bengal Panchayat Act, 1957 was passed

setting up a two-tier Panchayat system at village level and at the union level. The West Bengal Zilla Parishads

Act, 1963 further introduced two tiers at block level and district level thus providing for four-tier structure

consisting of Zilla Parishad, Anchalik Parishad, Anchal Panchayat and Gram Panchayat in the State. For various

reasons the system did not work after some time and these bodies were superseded in late sixties.

A further initiative was taken to frame a consolidated piece of legislation namely the West Bengal Panchayat Act,

1973 which paved the way for introducing a three tier system with Zilla Parishad at the district level, Panchayati

Samiti at the block level and the Gram Panchayat at the anchal (cluster of villages) level. The Act came into

force on 1st January, 1974 in the whole of West Bengal except coalfield areas in the district of Burdwan,

Bankura and Purilia and Tea Gardens, Cinchona Plantations and Reserve Forests. Twenty six amendments to

the Act have been made till date.

The State went ahead of the 73rd Constitutional Amendment Act, 1992 by institutionalizing village assembly i.e.

Gram Sabha; and reserved one-third of the seats for women and proportional seats for Scheduled Castes and

Scheduled Tribes in 1992 in line with the Constitutional provisions. The West Bengal State Election Commission

was constituted in 1994 and since then it has been conducting elections to the rural and urban Local Self-

governments. The last elections to the Panchayats of 17 districts were held in May, 2008 as per Govt. Of India

(GOI) order in the year 2006. The status of Activity Mapping to do with the devolution of functions (GOI 2006) are

through the West Bengal Panchayat Act 1973, the State has devolved all 29 functions included in the Eleventh



Schedule of the Constitution, to the three levels of Panchayats through the West Bengal Panchayat

(Amendment) Act, 1994.

The three tiers of the Panchayat system are the Zilla Parishad, Panchayat Samiti, and the Gram Panchayat.

Apart from this, there is a de-facto fourth and lowest tier of the Panchayat namely the Gram Unnayan Samiti.

One GP is equivalent to about 20 Sansads (roughly) and one Sansad has about 2 villages.

Name & No. of Panchayats in West Bengal at each level:

Table 1-Name & No. of Panchayats in West Bengal

For West Bengal state, study team has identified 18 services for process re-engineering, these services were

reengineered to bring in process rationalization and provide ease and convenience to the citizens. All of these

services were prioritized keeping in mind the perspective of village citizens’, line departments, PRI’s

requirements captured during ISNA phase. The table below presents the list of services undertaken for re-

engineering.

The lists of services identified under the ePRI for study are:

Sl. No. Identified Services

1. Registration of citizens for job cards under NREGS

2. Issue of Birth and Death Certificate

3. Payment of Wages to job card holders under NREGS

4. Approval of Shishu Shiksha Kendra and Madhyamik Shiksha Kendra

5. Registration of Group for Piped water supply

6. Disbursement of Pension to Fisherman

7. Disbursement of Pension to Artisan

8. Registration / Application for SC/ ST scholarship disbursement scheme

9. Disbursement of Old Age Pension

10. Disbursement of Widow Pension

11. Disbursement of Disability Pension

12. Issue of Caste Certificate

13. Issue of Disability Certificate

Sl.No Level of

Panchayat Name used Numbers Name used for the chairman

1 District Panchayat Zilla Parishad 18 Sabhadhipati

2 Intermediate

Panchayat Panchayat Samiti 341 Sabhapati

3 Village Panchayat Gram Panchayat 3354 Pradhan



Sl. No. Identified Services

14. Issue of Income Certificate

15. Issue of Residential Certificate

16. Issue of Legal Heir Certificate

17. Disbursement of funds under Scheme (National Family Welfare)

18. Issue of BPL Card

Table 2 Lists of services identified

2.2 Summary of Key ISNA Findings

a. ICT

i. Lack of adequate infrastructure: Although computers are provided at various level of PRIs

under different schemes, however, these infrastructure are not been utilized optimally. This

makes the data collection, consolidation and processing cumbersome and time consuming

ii. Lack of Automation: Data collection, storage, record keeping is manual across the PRIs

leading to data inconsistency, data duplication, data corruption and lack of data security.

iii. Content Management: The grassroots level data is sought by various departments for

different purposes. Data inconsistencies are often noticed in data from different

departments. Also, every department has data collection, management and coding systems

aligned to their specific requirements, which lends the data unusable by other departments.

iv. Information dissemination: Lack of an authentic central repository of scheme guidelines,

Government Orders (GOs), plans, beneficiaries list, Minutes of Meetings (MoMs) of Gram

Sabha, Gram Sansad & Standing Committees meetings etc, makes information availability a

bottleneck in effective functioning.

v. Integrated portals for all schemes/services: Various schemes / services are provided by

different line departments. Separate software, user interfaces, menu styles make it difficult

for the users to become adept in using the software.

b. Panchayat Functions

i. Use of software applications - PlanPlus is used only for BRGF scheme management at

ZP level. There is no use of softwares at BP & GP level for planning. Manual plans are

prepared for all other schemes across PRIs, which is a time consuming & tedious process.

For accounting, IFMS & GPMS softwares are being used for managing ZP, BP & GP

accounts.

ii. Planning: The data for planning is sought from grassroots. Due to non availability of ICT

infrastructure at Gram Sansad level, the data is provided to GP in handwritten form, leading



to excessive paper work and inordinate process delays. Also, the consolidation of data at

the GP level is usually done manually lending a high probability of inaccurate data

consolidation.

iii. Gathering information at GUS (Gram Unnayan Samiti) Meetings: All the demands and

requirements of the villagers should be captured in the standard template and classified

according to the schemes to make planning efficient.

c. Monitoring & Reporting: For monitoring purpose, most line departments use manually prepared

progress reports, which are prone to calculation and/or data entry errors. Analysis of the manual

report is dependent on the skill-sets of the individual reading the report and does not always

generate decision making inputs. The utilization of manual reports is limited as they cannot be

customized easily. Also, storage and retrieval of these reports is cumbersome and time consuming.

d. Capacity

i. Availability of adequate, trained & skilled manpower: Computer literate manpower for

data entry is not readily available at the GP level. At BP & ZP levels too, the available

manpower is not adequate to handle the existing workload.

e. Service Delivery

i. Easy and Quick service delivery: A clear need for delivery of government service at the

door step of the citizen emerged as a part of the Information & Services Needs assessment

exercise.

ii. Low reach of service delivery: Citizens need to travel to district/tehsil to avail services.

They expect Gram Panchayats to act as ‘Single Window’ for availing any service including

those delivered by other Line Departments

iii. Service delivery time is required to be defined: Due to lack of specific service levels for

most services provided by PRIs, there is little accountability of PRI processing and is highly

individual dependent.

iv. A grievance handling system: A grievance handling mechanism at GP level was almost

non-existent. Adhoc grievance handling by Pradhan / Officials was observed.

v. Low Awareness Level: There is low awareness among citizens regarding schemes &

services. Citizens are not fully aware of their entitlements and the responsibilities of the GP

towards them

vi. Health Needs: Availability of information on diagnostic facility, doctors’ availability, OT

status, blood bank status, child immunization programme, free health campaigns, etc are

required to cater health needs of the citizens.

2.3 Summary of Key BPR Recommendations The following is a brief summary of the recommendations detailed in the BPR report:



a. ICT i. Provision of adequate IT hardware to ZPs, BPs and GPs to enable them to deliver the services

ii. Providing last mile connectivity to GPs through broadband.

iii. Provision of LAN to the ZP and BP offices and hubs at the GP offices

iv. Digitization of the existing registers and documents / records

v. Provision of common, standard and integrated software for correspondence and communication

(emailing and messaging software) amongst all levels of PRIs.

b. Panchayat Functions

i. It is recommended that standardized software & formats be used across PRIs for Panchayat

functions such as planning, monitoring, implementation & accounting to ensure data consolidation &

sharing. Automation of the Panchayat functions will make process fast, more accurate and storage

and retrieval of reports easy and speedy. Further it will also bring transparency by providing real

time data.

ii. It is recommended that all existing applications related to rural areas like IFMAS, GPMS etc. should

be integrated with the proposed ePRI application to eliminate the duplication of effort.

iii. Provision for comprehensive database on socio-geographic resources, local people skill sets,

projects running and assets created for better implementation of schemes

iv. Computerization of basic PR functions such as automatic generation of PF, Payroll, Monthly MIS

reports for fund utilization, revenue collection, No of applications received and ones processed within

SLAs etc

c. Capacity i. At least one computer literate manpower to be provisioned on contract, at all three levels of PRIs.

ii. IT Training for PRI officials and members to be rolled out on a large scale.

iii. Basic IT skills to be made a key entry requirement for GP staff.

d. Service Delivery i. Process – GP Office proposed to be made one stop shop for all G2C services. Standardization of

service delivery processes by using common process components like application verification,

application approval, application rejection etc. is proposed to be introduced. Updating / creation of

Citizen Charter, Providing acknowledgement receipts, option of printing certificate directly from

system in local language and defining escalation matrix.

ii. Technology – It is proposed to have online applications / service requests / Certificates / Notices /

POs; Digitization of key record and registers; Standardization of service request, with a pre printed

serial number using Web based software for all services.

iii. A well structured and PRI-focused awareness campaign should be designed to increase awareness

among citizens. The campaign may include frequent meetings, new channels of communication like

street-plays, SMS, animated films etc.



3 Approach and Methodology

3.1 Overall Approach for e-PRI study project

A phased approach, dividing the project into four phases, each focusing on different aspects of the ePRI MMP

initiative was undertaken. These included assessing requirements, recommending changes and improvements,

and defining the rollout strategy and budget for the initiative.

Figure 1: Project Approach

Initiation and Planning phase (Phase I) Focused on setting the tone for execution of the project. The key

outcomes of this phase were identification of stakeholders, finalization of the consultation mechanism with the

stakeholders, and common templates for data gathering and deliverables.

Information and Services Needs assessment phase (Phase II) involved interaction with the identified

stakeholders. This phase resulted in forming an understanding of the information needs of stakeholders. The

citizen centric services that are currently being delivered through PRIs and the services that are expected to be

delivered through PRIs were also identified and studied.

The Process Re-engineering phase (Phase III), entailed in-depth analysis of the identified services and the

administrative framework associated with PRIs. This analysis led to the identification of key gaps in the current

processes and the creation of a BPR framework. This framework was designed to be customizable for every

state/UT to address state-specific requirements, while also taking into cognizance the similarities existing across

the country. Eventually a To-Be scenario encompassing PRI internal automation, citizen service delivery and

internal functions of Planning, Monitoring, Implementation and Accounting was defined.



The current phase, namely DPR preparation (Phase IV), is the eventual outcome of the study which defines the

plan for implementation of ePRI MMP in each State/UT. The DPR primarily defines the ICT requirements across

the three tiers of PRIs, the manpower and training requirements and the roll-out strategy along with the overall

program governance and management structure. The budgetary requirements for this project have also been

estimated.

3.2 Approach for DPR

In order to arrive at a budget and implementation plan for implementing the recommendations made in the BPR,

the BPR recommendations were translated into requirements. For each requirement, the associated costs were

determined. Subsequently, a program management structure at the central, state and district level was designed,

to supervise and co-ordinate the rollout over 3 years. An implementation plan was also defined for implementing

the recommendations over 3 years in different phases.

The key recommendations made in the BPR phase involved the following aspects:

• Improvements in internal functions of PRIs viz. Planning, Monitoring, Implementation and Accounting

• IT applications for supporting the above internal functions and services

• Service delivery mechanism to be followed for the re-engineered processes

• ICT infrastructure required to support the above recommendations

• Manpower and skills required for implementing the above recommendations

• Requisite legal changes needed to implement the Envisaged Scenario

These recommendations were translated into requirements and budgetary estimates as illustrated in the

following figure.

Phase III – BPR

Civil Infrastructure Requirements

Envisaged (To-Be) ScenarioService Delivery

Internal Functions

BPR Framework

Phase IV – DPR

Logical Architecture

ePRIApplication

Access Channels

External Interfaces

Users

Application Architecture

Application Modules

Support Functions

Common Components

High Level FRS

Technology Solution

Deployment Architecture

Database Architecture

Security Architecture

Program Management

Governance Structure

Change Management

Implementation Strategy

Capacity Building

Project Cost


Phase III – BPR


Envisaged (To-Be) ScenarioService Delivery

Internal Functions

BPR Framework

Phase IV – DPR

Logical Architecture

ePRIApplication

Access Channels

External Interfaces

Users

Application Architecture

Application Modules

Support Functions

Common Components

High Level FRS

Technology Solution

Deployment ArchitectureDeployment Architecture





Program Management

Governance Structure

Change Management

Implementation Strategy

Capacity Building

Project Cost


Figure 2- Approach and Methodology for DPR



The step-wise approach used for determining the requirements is detailed below:

Step 1: Translate automation recommendations into function solution and technical solution. The technical

solution consists of applications to be developed, databases to be deployed and related content

management aspects. The associated budgetary estimates were also computed.

Step 2: Translate computerization recommendations into ICT requirements – This includes defining the

requirements and budget for ICT hardware, networking infrastructure and infrastructure for deployment

in data centre.

Step 3: Translate capacity gaps into manpower requirements and training requirements for PRI functionaries

and elected representatives and the associated budget.

Step 4: Design plan for awareness and communication about ePRI MMP to PRI officials, elected representatives

and rural citizens

Step 5: Define strategy for implementation of ePRI MMP in the States/UTs over 3 years. This includes a

phased implementation plan with specific timelines and deliverables for each phase.

This enabled defining the total state-wise outlay for implementation of ePRI MMP. The following sections of the

report explore the various aspects mentioned above in greater detail.



4 Assumptions / Pre-Requisites

This section enlists the assumptions and pre-requisites for e-PRI project. These have been considered in the

overall solution definition for e-PRI.

4.1 Assumptions

4.1.1 Manpower

• As a part of the study, the teams have identified the gaps in the sanctioned posts versus the occupied

posts with intent to know the capacity gap in day-to-day government functioning of the Panchayati Raj

Department. The State DPRs and the National DPR will not budget for the addressing this gap. The

DPRs will only budget for sourcing computer literate Panchayat Level Operators.

4.1.2 Training

• Although study team has proposed various trainings related to soft skills, behavioral skills, Project

Management etc but DPR shall only budget for ICT based trainings to elected members & PRI officials.

• Training for PRI officials & Elected Members - To be trained on basic ICT skills, common applications

and state specific applications

4.1.3 Application Development

• Application preparation (from URS phase to maintenance phase) for the most common applications will

be done centrally. The associated budget will be added to the National DPR. It will also necessitate the

need for State specific applications. The State specific applications need to be developed by the State,

hosted and managed by them

• All state-specific applications should include multi-lingual support. As per the guidelines under e-PRI

EFC Note, all applications developed under e-PRI (whether central or state-specific) should be Unicode

enabled and should be developed in open source software.

• In West Bengal some applications have already been developed by the State, then e-PRI state DPRs

will also budget for integration with these existing applications.

4.1.4 Hosting, Network & ICT

• Application management (hosting) – This will be done centrally for common applications. For

applications that are specific to a particular state, the hosting will be done at the state level. The

associated budget will be added to the State DPRs. Therefore, assuming that almost all states will have

such specific requirements, we will need to budget for hosting infrastructure at each state

• It shall be assumed that an operational data centre will be existing in the State. This DPR will not budget

for building a data centre.



• For budgeting for server requirements, NICSI central empanelment rates will be used. Only if NICSI

central empanelment rates are not available for a particular aspect, then the market rate can be used.

• As we are assuming that there will already be a data centre in the State (SDC or NIC), this DPR does

not budget for firewall, intrusion protection system etc., as they would already be installed in the data

centre. Only the following aspects will be accounted for:

Servers

Storage space (SAN)

Backup

Hosting charges (assume NIC charges)

• Hosting of Databases - For common databases, the database design, development, and hosting will be

done centrally by NIC. However, on completion, NIC will only act as the caretaker of the database and

state will have complete ownership of the database. Accordingly, all charges related to common state-

specific databases will not be added to state DPRs.

• The DPR shall include cost for security audit of applications

• Mail Server – This DPR assumes NICemail. The cost for additional mail servers, if any, will be added

centrally and not in the state-specific DPRs.

• This DPR budgets for computerizing all 3 levels of PRIs. However, this is also dependent on the specific

inputs provided by the State PR Department.

4.1.5 Civil Infrastructure

• In view of the existing initiatives like RG Seva Kendra etc. which are already in the process of providing

civil infrastructure to PRIs, the e-PRI DPRs will not budget for civil infrastructure or office furniture in the

GPs.

4.1.6 Budgeting

• The budgeting horizon considered for the DPR is a period of 3 years. The operating costs beyond this

time period have not been factored.

• In order to budget for hardware, application preparation and management, sourcing manpower, and

training, the central NICSI empanelment rates will be considered. These common rates will be used by

all state teams to budget for the state requirements for hardware, applications, manpower and training.

4.1.7 Legal

• It is assumed that the spirit of democratic decentralization will not get diluted by any steps either at the

Centre or at the State level. In this regard the 73rd Amendment and its enforcement is expected to get a

fillip in the years to come. Hence investment in e-PRI MMP will bear benefits beyond the initial 4-5 years.



4.1.8 Others

• e-PRI MMP will leverage existing technology infrastructure projects (SWAN, SDC, SSDG, etc) and

physical infrastructure where available. Likewise, the laptops, desktops, UPS, printers and internet

connections that currently exist will be leveraged by the e-PRI MMP. Such inclusions / exclusions have

been factored into the DPR costing.

4.2 Pre-requisites

This section lists the key pre-requisites that need to be in place for this DPR to holds good.

4.2.1 Civil Infrastructure

• Currently 70% of the Gram Panchayats in West Bengal have Panchayat bhawan’s in place for the

implementation of the e-PRI project. Rest 30% of the Panchayat Bhawans will be constructed prior to roll

out of the project.

4.2.2 Manpower and Capacity Building

• The DPR mandates certain governance structures which need to be put in place for the implementation

and rollout of the e-PRI MMP. This is a pre-requisite for the successful implementation of the e-PRI

MMP.

4.2.3 Legal / Regulatory

• The report recommends certain governance structures, like State Project Management Committee etc,

which need to be constituted for the implementation and rollout of the e-PRI MMP. This is a pre-requisite

for the successful implementation of the e-PRI MMP.

• Adequate office infrastructure should be ensured at any site (ZP, BP, GP) before installation and

commissioning of the ICT infrastructure at that site.

• The legal changes recommended in the State BPR reports, have to be necessary perused by the State

PR Department and promulgated prior to the e-PRI MMP implementation and roll out.

• The State shall approve the use of technology advancements such as Digital signatures and pass

appropriate amendments to facilitate ICT adoption through e-PRI.



5 Requirements for e-PRI Application Development

5.1 Envisaged Scenario The BPR framework proposed in BPR Report would result in overall improvement and enablement of PRIs

institution to take up duties and functions as charted under the 73rd Amendment of the Constitution of India. The

basic premise of bringing in local self governance through the PRI institution which are enabled and capacitated

through tools required for discharge of their roles and responsibilities could be achieved through the proposed

BPR solution. Further, the proposed e-PRI BPR framework when implemented would translate into improved

functioning of Panchayat Raj Institution both in the external – citizen centric function and internal – government

functions of the PRIs.

5.1.1 Government to Government Functions

The proposed BPR solution has resulted in highly integrated ‘Government to Government’ services of Planning,

Implementation, Monitoring and Accounting across all levels of PRI institution – District level, Block level and

Village level institution. It aims at providing a common solution with defined workflows and functionalities

resulting in high work integration for achieving overall work outcome. This would also help in high data integrity,

access of information, tracking of work progress, monitoring and reporting functions, etc.

During the assessment phase, it was observed that all the three levels of PRIs are participating together for

successful completion of Planning, Implementation, Monitoring and Accounting functions. The functions of PRIs

are either flowing from a ‘Bottom up’ or a ‘Top down’ for successful completion. The datasets relating to the

above mentioned functions are moving along the workflow on which other tiers of PRIs are acting upon. The

current solution, in a way, attempts to integrate the overall function from all perspective using IT technology thus

enabling the ‘end to end’ automated system with respect to Planning, Implementation, Monitoring and

Accounting functions of the PRIs.

This section details the envisaged scenario (for both G2G & G2C services) and the Application

Logical Architecture derived from the functional solution proposed in BPR phase. Further it

explains the modules that will form the part do application architecture. It also detail out sub-

components of logical architecture, which includes access channels, security framework etc.

The section will have impact on total project cost in terms of ICT Infrastructure, application

development and data digitization. The overall cost for implementing the proposed e-PRI

application in West Bengal is estimated at Rs.0.52 Cr



A high level representation of workflow for Planning, Implementation, Monitoring and Accounting across all levels

of PRI institution resulting from current BPR solution showing the interaction as well as flow of the work across

all the tiers of PRIs is given below –



Figure 3- Envisaged Scenario

Please refer to Annexure 14.3 for detailed explanation on each of G2G functions



5.1.2 Government to Citizen Functions

The proposed BPR solution has provided a high citizen centric interface for availing government services at their

doorstep. In the solution, the entire service lifecycle has been logically divided in 3 distinct phases – service

request submission, service processing and service delivery. Various options could be utilized by the citizen as

per their convenience to make service request thereby eliminating the need of physically visiting government

departments. Further, a ‘window’ to have access to information on their service request has been embedded in

the system where the citizens are continuously updated on the status of their service request. The service

delivery against the service request has also been streamlines to provide options to the citizen to receive the

output.

Figure 4- Proposed BPR Solution G2C

Following are the key steps to be followed in the overall process –

• Application Submission: Post implementation of ePRI, citizens shall submit all applications at their

respective GP Offices. The operators at the GP Office or Service kiosks shall accept the applications

and verify them for ensuring all supporting documents have been submitted. Post successful verification,

operator shall register the application in the ePRI System and scan and upload required documents

against it. e-PRI System shall issue an Application Tracking Number (ATN) and allow operator to print

the Acknowledgement Receipt. This Acknowledgement Receipt shall include the ATN, Date of receipt



and expected date of delivery, Payment received and payment due. On receipt of payment, operator

shall update payment details against ATN as well as make voucher entries in the Accounting System.

Moreover, for the case, application is submitted at Service kiosks, the operator will deliver the application

docket to the GP office.

If citizen wants to make an online application, then he registers as an authentic user at e-PRI

application, opens the service specific module, selects required service and fills online the application

form, attaches the required supporting documents as specified for the service after scanning it, makes

online payment (if required for the service) through payment gateway and receives a system generated

acknowledgement number for reference.

• Application Processing: Once application has been registered, the ePRI System shall send an

electronic mail alert to the respective officials in GP/BP/DP Office with instructions for processing the

same. Incase if application is to be processed by the Line department, the operator will deliver the

application docket to the respective office. On receiving the application docket and mail alert the

respective officers shall process the application. During processing the officer may conduct a physical

verification and update his comments against the ATN using his Digital Signature. They may also do an

online verification using the various ePRI Databases and update their comments against the ATN using

their Digital Signatures. On every status update the ePRI System shall inform the applicant directly if his

mobile no. is available or inform the operator to inform the applicant about the applications status. All

applications shall be approved or rejected by the respective officers using their Digital Signatures.

• Service Delivery: If application is being processed by the line department and it has been approved, the

Line departments shall print the documents, endorse it and deliver it to the respective GP Office. On

receipt of these documents from the line department, operator shall update the status against ATN and

inform the applicant to collect the documents. Incase if application is processed by the GP Office, the

ePRI System shall inform the operator to print the document and issue it to the citizen on approval. On

receiving intimation the citizen shall visit the respective GP Office, make payment if required and collect

the document from the operator.

5.2 Logical Architecture Logical Architecture of the e-PRI System presents a high level view of all the components that shall be included

as a part of e-PRI System. The interactions between these components and with other components of the e-PRI

application have been presented in the figure below.



Figure 5- Logical Architecture

.

• Delivery Channel and Access Points: This component will cater to ensure smooth and secure access

to the ePRI System. It will include the various user groups that can access the ePRI System along with

the access channels through which the ePRI System can be accessed. It also caters to the Access



points or locations from where the user groups can access the ePRI System. It will also dwell on how

these sub-components will interact with each other and the next layer to provide a secured service

delivery to the users.

• Applications: This layer describes the internal structure of the ePRI System. It caters to the Business

Logic of the ePRI System. It will focus on various core components required to deliver services as well

as to carry out Internal PRI functions, the service delivery components that will interact with the Delivery

channels, other support components that will facilitate execution of core functions and the workflow

components that will interact with the next layer in the Architecture.

• Middleware: These are the components that will facilitate interaction between the Application layer and

the ePRI databases. These will act like a bridge between the two layers. These are also the components

that will facilitate interaction between two different applications that may be a part of the ePRI System as

a whole, but are developed using different technologies.

• Databases: This layer acts as the storage layer for the ePRI System. It ensures data are stored in

standard and reusable formats and are readily accessible to authorized users as and when required.

This layer will not only describe what data is stored in the ePRI System, but will also describe how each

database shall interact with the other in order to ensure smooth service delivery and efficient functioning

of core PRI functions. This layer shall allow authorized users to Create, Update, Modify, and Delete and

Read data as and when required. It will also ensure that while these activities are being performed data

security and data redundancy are being taken care of. It will also ensure that history of all database

transactions is being maintained.

• System Software: This layer refers to the Operating systems and the utility programs that manage

computer resources in the ePRI System. This layer shall describe the various system softwares that

would be required to run the ePRI System as a one, rather than disparate systems.

• Hardware Infrastructure and Networking: This layer will act as the backbone of the entire ePRI

System. It will focus on all the hardware components required to run the ePRI System. It will also talk

about the locations where these hardware components will reside in the State and how they will interact

with each other from their respective locations. It will also focus on various security components that will

be installed at different locations in order to ensure maximum information security for the ePRI System.

This layer will also deal with how this layer will leverage other MMP projects in order to implement the

ePRI System in a comprehensive and efficient manner.

The main objective of this layer is to facilitate users to get easy access to data and the ePRI Applications. The

key objectives would be

• Providing users access to application and data regardless of location, access and delivery channels

• Providing users a single interface to different interoperable applications and modules

• Providing users with a common look and feel by re-using applications wherever possible

• Cater to the special needs of villagers where literacy rates are not very high, and citizens need

assistance in availing services



Benefits to be accrued with this architecture

• 24/7 Access: Current system of ePRI does not support high availability of services. In future as

villages develop, this architecture will therefore ensure that citizens are able to avail services

beyond office hours

• Improved and faster business transactions: Current system involves substantial manual intervention

and lot of paper-work. With this architecture, application processing will be mostly online and faster.

• Better access to services: having access to all government services through a single window will

ensure that citizens can interact with the PRIs in a timely manner.

• Sharing infrastructure and Software Services: This Architecture would help PRIs avoid the “Silo”

approach to IT provision where separate software, hardware and infrastructure is procured and

delivered to support individual channels.

• Lowering overall costs: overall cost of providing services is reduced due to shared infrastructure.

Detailed explanation of the all the major components of the logical architecture are presented in Annexure 14.4.

5.3 Application Architecture and Functionality The application architecture is based on the BPR framework presented in BPR report. It briefly describes the

logical functioning of application components and modules; it is classified into various layers like G2G, G2C,

Service Components, Support components, etc. The layer talks about the Business Logic required for carrying

out the PRI functions both core and service delivery functions. The overall Application Architecture for the ePRI

System is explained in figure below. This Architecture has been developed with the following objectives.

• Provide users with a Single interface for accessing different applications

• Re-use existing applications developed by the State or NIC wherever possible.

• Use standard and common components for all the services to be delivered by the PRIs

• Reduce effort and cost of development through re-use and interoperability

Based on these objectives the application architecture will talk about layers that club common components which

can be re-used across services, Core G2C and G2G layers that will provide the Business Logic, Components

that will support the other layers as well as the Security layer that will talk about the managing security of data

and applications.



Figure 6‐ Application Architecture

Of the multiple layers, few ones are discussed in sub sections in this section. The other layers in the

diagram such as Security layer, Data layer, Infrastructure layer and presentation layer have been discussed

in separate sections in the document.

As evident in the above figure, the Application architecture shall have following components

5.3.1 User Access/ GUI Application Layer This layer shall act as the Front – end of the ePRI Application. Users accessing the ePRI Application shall

connect with the back-end processes and databases through this layer. This layer will provide a Graphical

Interface to the user which would be menu driven, form based and more interactive and simple to use. It should

be developed keeping in mind the capabilities of various user groups in the State PRI. For devices like self-

service kiosks this interface will also have voice based GUI.

Functionality of each sub-component is explained in the table below:

User Access / GUI Layer

Web Based forms

Menu driven components

Interactive voice based GUI for

Interactive GUI for query processing

Alerts & Notification

Service Delivery Components

Information Component

Form Availability

Status tracking

Application receipt

Payment component

Data layer

G2C Databases

G2G Databases

Line Dept. Databases

G2C Modules G2G Modules

Certificate & Registration

RBDModule

Pensions Module

Grievance registration

Grievance Redressal

ScholarshipModule

RTI Module

BPL Updation Module

ResidenceModule

PlanPlus

GPMS / IFMAS

HRMS & Training

Project Mgmt.

Asset Tracking

E ‐Procurement

Support components

Content Mgmt.

e‐Mail Mgmt.

SMS gateway

Payment gateway

Work flow Mgmt.

Support Modules

File Management

Business Intelligence

PRI Meetings Management

Knowledge Management

Account Mgmt.

Application Security Components

User Access Management

OS Access Management

I/P –O/P Data Validation

Internal Messaging

Access log Management

Source code Management

Remote Access

Panchayati Raj Module



PS: Annexure 14.4 defines the different user groups that are referred below

S# Module/Component

Functionality User Group

1. Web based forms

Since ePRI application will be a Web based

application, this component shall provide the user with

forms that can be accessed through the use of Web

browsers. These forms shall provide the user with

following functionality

• Allow users to capture data as required

• Communicates with Data validation component

to ensure correct and valid data is being

entered and to minimize data-entry errors and

redundancies

• Pre-populate form fields with data pulled from

back-end, or from some internal logic

• Provide facility to collect both online and offline

data

• Allow integration of paper based data with

online data

• Upload updated forms with no downtime

• Integrate data collected with other core

components and databases

All user groups who need

to interact with the system

for the purpose of data

entry except the users from

the Service Consumers

Group.

2. Menu driven interface

This is a user interface component that allows users to

use menus to communicate with the ePRI system. It is

an interface with series of screens which can be

navigated by choosing options from lists i.e. menus.

Users shall avail following functionalities to

communicate with the system

• User shall have a list of items to choose from

and can make a selection by highlighting one

• Shall also respond to user event like typing,

mouse clicks, etc. wherever required

• Shall also provide users with options other than

text lists like, set of pictures, audio menus, or

set of animations

• User shall have an option to choose a

language for the interface like English or

Bengali.

• The menus should we well categorized so as






Group



Table 3 User Access/GUI Application Layer

to make it easier for the user to access the

desired information

• Each item on the interface should be attached

with a self help tool for indicating the function

of that tool

3. Interactive voice based GUI

This component shall allow user to communicate with

the ePRI system through voice/ speech. This shall

provide user with following functionality:

• Provide users with animated components to

choose for providing feedback

• Allow users to record voice based feedback

• Convert voice based/ animated data into text

so as to be able to store them in databases

• Provide voice based information/ help to users

for availing services

Specifically for service

consumers with little or no

computer literacy. To be

used on self service kiosks

4. Interactive GUI for query processing

This is an extension of the menu driven interface that

will allow users to query databases and generate

reports in an easier way. Users can avail following

facilities

• Create own queries by having a combination of

items to view without having to enter SQL

commands

• Use pre-de-fined queries for generating

standard reports

• Specify formats in which they want to view the

data

• Interact with the Business Intelligence

component to generate reports






Group

5. Alerts & Notifications

This component shall provide the ePRI users with

alerts and notifications on following occasions

• Alerts on violation of data- entry rules

• Alerts incase of any malicious software attacks

• Alerts on status change/ updates

• Notifications on scheduled events

• Alerts/ reminders on scheduled events

• Alerts on escalations






Group



5.3.2 Service Components Application Layer

• Service Delivery Components: This layer will host all the common components that can be used

across all services. These will provide the user with a gateway to interact with the Core Business Logic

components of the application. Sub components under this layer will mainly focus on the service delivery

aspects like registration of applications, status tracking, provision of application forms and provision of

service related information. These components will interact with the database layer for storing and

retrieving information on services and applications. Service delivery end-points (SWS operators, GP-

Secretaries) would be the user group who would be using these components on a regular basis.

Table below explains functionality of each component:


S# Module Functionality User Group

1 Information Component

The module shall have following functionality :

• Allow the Content Management Agency/ NIC to upload the

information content into the e-PRI Application which has

been sent by the Designated Authority from line

department/ PRI functionary

• Shall send a Mail alert to concerned line dept. to review the

information uploaded and approve it for publishing on the

Application or on the Portal.

• Shall allow the respective Line Department/ PRI Authority to

log in-to the e-PRI Application review the uploaded content

and approve it or suggest changes with their digital

signatures

• On approval it shall automatically publish the information on

the portal.

• Shall allow the authenticated user to retrieve any

information related to a G2C service.

It shall capture following details:

• Information on all the G2C services w.r.t. centres for

availability & submission of forms

• Process flow / procedural information

• SLAs including Service fee, TAT, etc.

• Information on supporting documents required, along with

details like No. of photocopies required, Originals required

or not, etc.

• Stake-holders involved & their roles and responsibilities in

the service rendered

User groups would include the: 1. Citizens 2. G2C Service

delivery point / channel (web based)




• Validation process involved in some of the services. e.g.

validating the authenticity of Ration card, Property details,

BPL certificate, Birth / Death certificate

• Escalation Matrix

• Link for RTI Procedure related to the service, wherever

applicable

2 Form Availability Component

The Form availability component shall have following

functionality

• Allow the Content Management Agency/ NIC to upload the

proforma for application form into the e-PRI Application

which has been sent by the Designated Authority from line

department/ PRI functionary

• Shall send a Mail alert to concerned line dept. to review the

proforma of the application form uploaded and suggest

changes or approve it for publishing on the Application or on

the Portal.

• Shall allow the respective Line Department/ PRI Authority to

log in-to the e-PRI Application review the uploaded proforma

and approve it with their digital signatures.

• On approval it shall automatically publish the proforma of the

application form on the portal.

• Shall allow the authenticated user to retrieve and print any

such uploaded application form related to a G2C service

• Shall allow users to download approved application form

proforma through the portal.

User groups would

include the:

1. Citizens

2. G2C Service

delivery point /

channel (web

based)

3 Application Receipt Component

The application receipt component shall have following

functionality

1. Shall allow user to retrieve and print application forms using

the Form Availability component.

2. Shall load the required application form on the system once

the user logs in using his credentials. This form shall be an

e-form/ web form that can allow the user to fill in the

information as entered by the applicant.

3. Allow the user to submit the filled in application form.

4. Before accepting the details filled in the application it shall

validate the information entered and check its\completeness.

5. It shall save details entered in the respective e-form post

successful validation in the respective e-PRI database

User groups would

include the:

1. Citizens

2. G2C Service

delivery point /

channel (web

based)




against a unique reference number called as the

Acknowledgement Identification Number (AIN).

6. The AIN can be generated by leveraging the District and

Village codes from the National Panchayat Directory and

appending service category, Service, service date and serial

number to it

7. It shall allow user to scan and upload supporting documents

against the application and save them against the AIN.

8. It shall auto check if the selected service requires the

applicant to make payment during the application. If required

it shall call the payment component.

9. Post acceptance of application and payment (if applicable) it

shall generate an Acknowledgement receipt. This receipt

shall contain following details

• Acknowledgement Identification Number

• Applicant details

• Service Type

• Date of Issue

• Payment amount (payment receipt) if payment is

accepted at the time of application

• Payment amount due if Payment is deferred.

• Expected date of delivery

10. This Acknowledgement receipt / acknowledgement

identification number shall allow proper status tracking.

11. It shall allow the user to print the Acknowledgement

receipt

4 Payment Component

The Payment component shall have following functionality

• Check if payment is to be made upfront or is to be deferred

• For deferred payments it shall populate the

Acknowledgement receipt with the payment amount and

expected date of payment and mark the receipt as deferred

• For upfront payments, it shall inform the operator to collect

payment along with the amount to be collected

• It shall allow the operator to enter the payment details

against the AIN along with the payment mode.

• For PRI payments, it shall allow the operator to make a

voucher entry in the PRI Accounting System under

respective head

Service Delivery

end-points and

Service Customers




• For line department payments it shall mark the AIN

accordingly and restrict the operator from making a voucher

entry in the PRI Accounting System

• For all upfront payments it shall populate the

Acknowledgement receipt with amount paid, payment mode,

and receipt no.

• Payments that are received through cheque / DD shall be

accrued in the PRI Accounting System post realization

• Shall allow the operator to Collate / prepare weekly summary

reports for fees collected under each service type specifically

for those that are delivered by the Line departments.

• Shall allow the operator to update the status of

acknowledgement received from the respective Line

department once weekly payments are deposited with them.

5 Status Tracking Component

The Status tracking component shall have following

functionality

1. Shall automatically detect a Status change/update for every

application entered in the system and ensure that the Status

field against the AIN reflects the same.

2. On detection of status change it shall

• Alert the operator for updating the same on the notice

board

• Send SMS alert to the applicant if his mobile number

is registered against the AIN

3. It shall allow operator/ citizen to feed in the AIN through the

portal or through e-PRI application and retrieve the

application status against the AIN.

4. Status updates shall have following types:

• ‘Application submitted’

• ‘Application rejected’.

• Application rejected and rejection letter issued’

• ‘Application submitted and forwarded to concerned

line dept’.

• ‘Application on hold’, in case of any issues / query with

the verification process by line dept.

• ‘Payment received’, in case of submission of Utility

bills

• ‘Application received, payment deferred’, in case



3. Government functionaries at the various tiers of PRIs, Line Departments & State Administration




payment would be made by the applicant after

receiving processed application / certificate

• ‘Application received, physical verification due’, in

case the application has been forwarded for physical

verification by the field verification / enquiry officer

• ‘Processed application / certificate received’. As soon

as the operator updates the status to processed

application / certificate received, SMS shall be

automatically sent to the applicant if mobile no is

registered against the AIN

• ‘Applicant informed about the processed application’,

this shall happen as soon as SMS is sent to the

applicant. In case the applicant’s mobile is not

registered, status shall be updated after the data entry

operator puts the list on the notice board.

• ‘Processed application / certificate delivered’ to the

applicant

5. It shall also maintain the date when the status was updated.

6. It shall maintain the history of all status updates along with

their dates for generation of Monthly report for tracking

where the SLAs have been breached in terms of delay in

delivery of processed application along with the reason for

delay.

7. It shall alert respective officer / operator if there has been no

change in the status of an application for a specified period

as mentioned in the SLAs

6 Grievance Registration Component

• Shall allow citizens to register grievances through Help

Desks, Self Service kiosks, web portal as well as through

SWS

• Shall generate a grievance tracking number just like the

AIN. This number shall act as the reference no. for tracking

the status of grievance registered

• Shall allow user to track the progress of the grievance

registered by entering the grievance no.

• Shall communicate with the grievance redressal module for

further routing the grievance to appropriate authority

Service Delivery

end-points and

Service Consumers




• Shall communicate with the status tracking component to

alert on status updates regarding the progress of

grievances

7 Application Verification component

This component shall have the following functionality

1. Shall allow the user to verify applicant details through

• Details stored in the PRI databases

• Physical verification

2. Should query the respective database based on the criteria

entered by the Verifying officer and retrieve & display the

details against it to the officer. This shall be a Read Only

access to the respective database

3. Allow the officer to reject the application using Application

rejection component if the verification is unsuccessful

4. Shall allow the officer to Approve the application using the

Application Acceptance component if verification is

successful and no further verification is required

5. Shall send a mail alert to the Field verifying / enquiry officer

to conduct physical verification (if required)

6. Shall allow the Field verifying / enquiry officer to upload the

verification report against the AIN and his approval /

rejection status

User groups would

include the:

1. Citizens

2. G2C Service

delivery point /

channel (web

based)

3. Government

functionaries at

the various tiers

of PRIs, Line

Departments &

State

Administration

8 Delivery Component

This component shall have the following functionality

1. Shall alert the operator to inform the applicant to collect the

service delivery output when triggered

2. Shall allow operator to enter AIN and retrieve the final output

3. Shall populate the final certificate/document/output with

required information which shall also be endorsed with the

digital signature of the final approving authority and allow the

operator to print it.

4. Shall call the payment component in case of deferred

payments

5. Allow operator to update the delivery status against the AIN

once the document is delivered to the citizen.




Table 6 Service Delivery components



5.3.3 G2C Application Layer

• G2C/G2B/G2G Components: This layer forms the core Business Logic of the ePRI Application. It

defines the applications and supporting capabilities that would manage the processes and information

needed to support the Business and performance objectives of the PRIs. This layer shall contain sub-

components that support service delivery as well as the Internal PRI Functions. Each component is

represented as a module and each module may cater to multiple services or functions. Modules of G2C

and G2G have been described in separate boxes. Modules under the G2G section leverage the existing

applications that have been developed by NIC. Each module will interact with the database layer for

executing functions.

Table below describes G2C modules and their required functionality:


Sr. No.

Module Functionality User Group

1. Certificate and Registration Module

The Module shall help the PRIs to generate various certificates

and register the applicant for services. The key functionalities are:

• Generate and print different certificates, citizen have

applied for.

• Keeping track of registration details and issuing authority.

• Application acceptance for various certificate issuances

from citizen.

• Generate automated alerts to next level as per defined

workflow.

• Provision of physical verification reports update in the

application.

• Repository of supporting documents.

Service Delivery

Owners / Project

Managers, Service

Delivery Machinery

/ Back Office Users

and Service

Delivery end-points

2. Pension Module

• Shall interact with common components like

- Information component (for providing information on services

related to residential proof)

- Status Tracking component

- Application component

• Shall send automatic email alerts to designated authorities for

further processing

• Shall also interact with the RBD Database, 'Read only access to

RIMS Database and Residence Database for verification

• Shall allow user to identify and populate list of eligible

beneficiaries by referring the Residence database

• Shall automatically update list of approved beneficiaries in the

Service Delivery

Owners / Project

Managers, Service

Delivery Machinery

/ Back Office Users

and Service

Delivery end-points



Sr. No.


pensions database

3. BPL Updation Module

Module would enable the PRI to update BPL list of receiving

application from the citizens: The key functionalities are:

• Application acceptance from citizen.

• Generate automated alerts to next level as per defined workflow.

• Provision of physical verification reports update in the application.

• Repository of supporting documents.

• Keeping track and modification in BPL list.




4. Grievance Redressal Module

This module has been proposed for PRI officials to receive and

deal with complaints and grievances in a professional manner and

encourage feedbacks as an opportunity for improvement. The key

functionalities are:

• Application acceptance for the service.

• Assignment to the concerned authority.

• Keeping track of registration details and timelines/SLAs.

• Generate automated alerts to next level as per defined workflow for taking actions.

• Log the resolution for the complaint/grievances




5. Birth & Death Registration Module


- Information component (for providing information on births and

deaths registration)


- Application receipt component

- Payment component

• Shall retrieve, store or validate data from the Registration of

Births and Deaths (RBD) database based on the service

requirements

• Shall allow creation of new records in the RBD database based

on the service requirements

Service Delivery

Owners / Project

Managers, Service

Delivery Machinery

/ Back Office Users

and Service

Delivery end-points



Sr. No.


• Shall allow user to search record based on pre-defined search

criteria

• Shall display an error message if records are not found

• Shall automatically populate birth / death certificate in case

registration is already done and no approval from GP Secretary

is required

• Shall automatically attach authorized digital signatures if records

are found for respective service type


further processing based on the defined workflow for the

respective service type

6. Scholarship Module

This module shall be used for Scholarship related services

(Handicap students, SC/ST students). The key functionalities are:

• Shall keep track of registration details

• Shall generate automated alerts to next level as per defined workflow.

• Shall be able to track the status of the application

• Shall generate the analytical reports on following:

o No of applicants

o No of beneficiaries

o Total scholarships released etc

• Shall be able to transfer scholarship amount to the applicant’s account.






Sr. No.


7. Residence Module


- Information component (for providing information on

services related to residential proof)



- Payment component

• Shall retrieve, store or validate data from the Residence

database based on the service requirements

• Shall allow creation of new records in the Residence database

based on the service requirements

• Shall allow user to search record based on pre-defined search

criteria

• Shall display an error message if records are not found

• Shall automatically populate pre-defined forms like Income

certificate, Residence certificate, etc. if desired records are

found

• Shall automatically attach authorized digital signatures if

records are found for respective service type


further processing based on the defined workflow for the

respective service type

• Shall also interact with the Land Records Database for

retrieving information on Land records

• Shall calculate house tax amount due based on assessment/

valuation and due dates/ last payment dates

• Shall send automatic email alert to the designated authority

when re-assessment is due

• Shall maintain history of all certificates issued for an applicant

in a given period

• Shall allow user to modify contents of an already issued

certificate like Residence certificate/ Income certificate

Service Delivery

Owners / Project

Managers, Service

Delivery Machinery

/ Back Office Users

and Service

Delivery end-points



Sr. No.


8. RTI Module • Shall interact with common components like

- Information component (for providing information on RTI service)



- Payment component


further processing based on the defined workflow for the service

l

• Shall allow user to update comments against the request

• Shall maintain history of all the applications received, registered,

processed and rejected

Service Delivery

Owners / Project

Managers, Service

Delivery Machinery

/ Back Office Users

and Service

Delivery end-points

Table 7 List of G2C Modules



5.3.4 G2G Application Layer

Table below describes G2G modules and their required functionality:

(Refer Annexure 14.4 for detailed explanation on different user groups that are referred below)

Sr. No.


1 Planning • This module shall provide following features:

- Shall facilitate the PRIs to prepare Perspective and Micro

Plans based on analysis of the Grass Root data for

simplifying & strengthening Planning process at the Grass

root level

- Shall facilitate Need based planning rather than Scheme

based planning

- Shall enable convergence of various funds that are available

under different schemes for a particular work and also the

available local funds (local revenue generated through taxes

etc).

- Shall provide well defined & distinct 11 roles of the

functionaries involved in Planning process

- Shall use data from the Funds flow database for getting

budget allocations

- Shall collate data collected at the grass root level and be able

to prepare analytical reports for that can be used for planning

- Shall make use of base data for allowing conscious and

concrete decisions

- Base data shall include data on population, land, income

sources and so on

- Shall prepare graphical reports to help the Planner as well as

the District Planning Committee to take a view of the

investment profile of the Plan. This would help in ensuring

that the Plan is not unjustifiably skewed in favor of a particular

sector

- Shall support other local languages other than the five

languages that it currently supports

Visionaries/

sponsors, Guide

posts/ steering

committees,

Service Delivery

Owners/ Project

Managers



Sr. No.


- Use spatial data for planning by integrating it with the GIS

feature

PS: Most of these features are already available in PlanPlus. It is

proposed that PRIs should leverage PlanPlus for planning related

activities

2 Accounting • This module shall provide following features:

- Allow user to maintain accounts using Cash based Double

Entry System of Accounting

- Keeping track of Assets & Liabilities

- Allowing addition of new Accounts as per the wish of the

department

- Maintaining uniform codes for various categories

- Shall have provision of data capturing at all tiers of PRIs and

can be sent through mail, also had feature to keep back-up of

the data

- Shall interact with other databases to get transaction

information.

- Shall also interact with the Funds Flow Database to check

against the Funds allocated and spent for a scheme or project

• Shall maintain standard templates for conducting audits

• Shall send periodic audit alerts before audits

• Integrate with PlanPlus so as to monitor expenses against the

budgets allotted

• Shall generate periodic financial statements like Revenue and

Expenditure Accounts for PRIs, Assets and Liabilities of PRIs as

well Outstanding report (Payables and Receivables)

PS: State is already using GPMS/ IFMS for panchayat accounts. Most

of the above features are already available in the existing s/w.

However, state could analyse the other s/w available like PRIAsoft to

enhance the functionalities of existing s/w, if required

Visionaries/

sponsors, Guide

posts/ steering

committees,

Service Delivery

Owners/ Project

Managers/

Service delivery

end points

3 e-procurement

• This module shall provide following features:

• Shall allow registration of vendors

Service delivery

owners/ Project



Sr. No.


Module • Shall allow users to prepare tender/ RFP/ RFQ documents by

providing them with standard formats and a facility to customize

them as per requirements

• Shall allow users to vet the tender/RFP/RFQ documents

• Shall allow users to float vetted tender/RFP/RFQ documents on

web portal

• Shall allow users to publish tender notices on web portal

• Shall allow registered bidders to submit their bids online

• Shall allow users to evaluate bids and upload evaluation report

online

• Shall facilitate users in selecting the vendor

• Shall allow users in preparing the standard contract documents and

getting them vetted from respective authorities

• Shall allow user to register details of services/ products procured

• Shall interact with the Accounting Database to account for the

Services / products procured

• Shall allow users with features to manage vendors like

- Renewal of contract

- Vendor performance management

- Vendor contact management

PS: Most of these features are already available in e-Procurement

s/w used by State for tendering & Bid Management. The existing s/w

will be studied at the time of implementation to integrate with the

proposed ePRI application and if required more functionalities shall

shall be proposed to enhance its functionalities.

Managers

4 Project Management Module

• Shall allow user to prepare project plans with following

- Schedule of activities

- Milestones and timelines

- Work Breakdown structure for resource allocation

• Shall allow user to update physical progress against the plan

• Shall alert users on upcoming milestones as well as when

milestones are overdue

• Shall allow users to generate project progress/ status reports

• Shall provide users with dashboards for tracking project progress.

These will contain financial, physical as well as social progress

• Shall allow users to drill down to investigate issues with the help of

dashboards

• Shall allow users to create summary dashboards of different

Visionaries/

sponsors, Guide

posts/ steering

committees,

Service Delivery

Owners/ Project

Managers



Sr. No.


projects

• Shall allow users to report prioritize and manage risks as well as

issues

• Shall allow users to calculate impact of risks and allocate tasks to

resolve risks

• Shall allow users to manage change requests

• Shall allow users to import/ export project plans from other

applications

• Shall allow users to create project reports like actual vs planned

task wise reports etc.

• Shall allow user to close projects

• Shall interact with the Accounting database for accounting

expenses incurred on implementation of projects

• Shall interact with the e-Procurement database for recording

services/ products procured for implementing projects

• Shall interact with the Planning & Budgeting database for mapping

projects under annual plans

5 Assets Tracking Module

• Shall allow users to record details of new assets purchased and

maintain fixed assets register

• Track maintenance costs, repairs, leases and other expenses.

Integrate this feature with the Accounting database

• Allow users to create, scan and print barcode labels

• Calculate monthly and annual depreciation and integrate this

feature with the Accounting system

• Allow users to track missing assets

• Allow users to records details on sale/ scraping of assets

• Allow users to create report on assets

• Shall interact with the Accounting database for accounting asset

values

• Shall interact with the Projects database for recording assets

created due to implementation of new projects

• Shall interact with the e-Procurement database for getting details

on new assets procured

Service Delivery

Owners/ Project

Managers

6 HRMS & Training

Shall provide user with following features

• Employee profile creation, updation and deletion

Visionaries/

sponsors,



Sr. No.


• Leave management and integrate it with payroll management

• Time/ Attendance management and integrate it with payroll

management

• Payroll management and integrating it with the Accounting

database

• Loan history management and integrating it with the Accounting

database

• Employee transfer, promotions and increments

• Employee appraisals

• Training management

• Recruitment management (plans and requests)

• Retirement / termination management

• Reports on recruitment, employees, leaves and attendance,

payroll, appraisals and training.

Delivery Owners/

Project

Managers/ Back-

office staff

7 National Panchayat Directory

• Shall integrate the current features of the software with the ePRI

application

Back office

users

Table 8 G2G Application layer

5.3.5 Support Function Application Layer

• Support Modules: These modules will automate the supporting functions of PRIs and help them in their

day-to-day activities. The objective here is to reduce paperwork as much as possible and manage PRI

documents and reports in an efficient way such that, their storage and retrieval is also easy. Some of

these modules will leverage the applications that are being developed by NIC.

Table below explains the functionality of each module under this layer:


Sl NO.


1 File / Record Management

• Shall allow user to create, store, maintain and retrieve

documents.

• Shall allow user to track file movements & its status via

unique file nos. which would be same as AIN

• Shall facilitate in maintaining proposals, contracts, tenders,

etc and also to automate the workflows

• Shall act as a document management System by assigning

a unique file / folder No. for each application that is being

All ePRI users

except Service

consumers



Sl NO.


processed

• Shall allow users to organize file in folders for easy retrieval

• Shall allow users to protect access to files by setting

passwords

• Shall allow users to maintain version history

• Shall allow users to manage documents like MOMs, Notices,

Memos, Government orders, Meeting agendas

2 Business Intelligence

This component shall provide feature like

• Providing reports as per requirements

• Balanced Scorecards

• Alerts on exceptions

• Analytical and monitoring based dashboards

• Drilldown across reports for details

• Collaboration of various data

• Multi-dimensional charting

• Real-time data cleansing and modeling for viewing in a re-

usable format

Visionaries/

Sponsors,

Steering

committees,

Service delivery

owner and

project managers

3 PRI Meetings Management

• Shall allow user to schedule PRI meetings (Date, time,

location and subject)

• Shall notify selected (multiple) users when meetings are

scheduled

• Shall send reminders before the meeting schedule

• Shall allow users to book meeting venues online

• Shall provide users with list on invitees to select from

• Shall communicate with File/Record management module to

circulate Moms when they are uploaded (alert attendees

when MOMs are uploaded)

• Shall allow users to set auto alerts for meetings to be held

periodically

All ePRI users

except Service

consumers

4 Knowledge Management

• Shall allow users to identify, create and re-distribute

information on PRIs

• Shall allow users to upload and share reference documents,

case studies, rule and guidelines

• Shall send notifications when new documents are uploaded

for sharing

• Shall allow users to search information based on subject,

keywords, author, department, etc.

All ePRI users

except Service

consumers



Sl NO.


• Shall allow users to have discussion forums

• Shall allow users to save information based on category,

subject

Table 4 Functionality of each module

5.3.6 Core Technology Layer

• Support components: Components in this layer will support the backend operations of the PRIs. These

would be required for managing content, or the workflow or even user accounts. The Back-end office

staff would generally interact with these components so as to simplify working for front-end users.

Table below describes each of the support components in detail.


SI. NO.

Module/Component Functionality User Group

1. Content Management This component should enable the PRIs to

manage repositories of unstructured content. It

should provide following functionality

• Ability to manage dynamic web site

content

• Ability to efficiently manage and search

documents in differing digital formats

• Archiving, i.e. ability to store mass digital

data for access by various internal and

external stakeholders

• Ability to convert paper based documents

to digital formats for inclusion within the

overall content management solution.

• Control access to data based on user

roles

• Manage redundancy and version history

• Ability to dynamically publish stored

documents on a website

Back end office staff, IT

coordinators

2. email Management This component shall allow the ePRI application All PRI Functionaries



SI. NO.


to send and receive email messages. It should

provide users with following functionality

• Draft and send email messages

• Manage emails (storage, signatures)

• Search emails by keywords, subject,

sender etc.

• Delete and/ or archive emails

• Set priorities and rules

• Manage contact list and provide

addresses of all the Sate employees

• Call unread emails

• Options to add multiple recipients and CC

and BCC

• Allows user to provide permissions on the

sending and receiving emails

• Allows email encryption

3. SMS Gateway This component will allow the ePRI Application to

communicate with mobile phones by leveraging

the wireless and telephony protocols and data

formats supported by mobile devices. This

component shall have the following functionality

• Identify numbers from stored in the

database and send automatic text

messages to the mobile device.

• Ensure that messages are transmitted in

a secure way

• Shall provide with delivery and read

acknowledgement facilities

• Allow users to define templates for pre-

defined messages and auto – response

messages

• Allow users to send SMS to a single

number or multiple nos.

• Allow user to add or import contacts

This component will

automatically triggered

by other components of

the application

4. Payment gateway This component shall allow users to process

payment transactions. It shall have following

features

Service delivery owners



SI. NO.


• Supports all transaction types, including

authorization

• Allows electronic funds transfer to

beneficiary bank accounts

5. Workflow management

This component shall automate all the pre-

defined procedures or process flows for executing

the business logic. This shall have following

features

• Review applications/ documents

• Edit documents

• Update comments and status

• Approve or reject documents/

applications

• Route applications/ documents to the

next tier in the process

• Allow users to digitally sign the

documents

• Track and audit applications/ documents

and business processes

• Generate notifications and alerts to

ensure proper scheduling and task

balancing

• Integrate the SLAs in the workflow for

managing escalations

Back-office staff

Table 5- Support Component

5.3.7 Application Security Component Layer

• Application Security Components: This layer defines the security components of the ePRI application.

These components would be required to manage secured and authorized access to the application. This

layer would also provide application level security in way that the applications functionality is not getting

tampered. It considers security for both functional and non-functional components of the Application.

Table below describes the functionality of each component




Sl No


1. User Access Management

This Component shall allow the IT Administrator to

create and manage User Accounts. It shall provide

the user with following functionality

• Ability to create user accounts and

allocate user names and passwords

• Ability to assign role based access rights

to the user for accessing the e-PRI

Application and databases

• Ability to delete a user profiles

• Allows user to create multiple accounts at

a time

• Informs user to change password

periodically by sending mail alerts

• If Passwords are not changed periodically

allows user to block/ de-activate accounts

• Allows user to re-activate accounts

• Allows user to modify access rights

• Allows user to map these user accounts

with their email addresses

• Allows users to change their passwords as

and when required.

Back –Office staff,

specifically users like

System Administrators.

2. OS Access Management

This component should be able to provide security

services like user authentication, authorization,

configuration settings as well as system wide

security permissions. It shall provide the user with

following functionality

• User Authentication and Authorization

mechanisms

• Map the user accounts to the Operating

system

• Allow access to resources based on

allotted access rights

• Allow user to manage audits and track

requests and use of resources

• Allow users to share resources like files,

printers and so on but in a secured way

when connected on the intranet. This

Back –Office staff,

specifically users like

System Administrators



Sl No


should be done using standard protocols

like FTP, SMTP and so on

• Allow user to configure software firewalls

for protection against unauthorized access

3. Input/ Output data validation

This component will provide the user with various

data validation techniques so as to ensure that

whatever data is stored in the system is valid,

semantically correct and not redundant. This

functionality can be included as a part of the

application code. To implement this functionality it

is essential that Standard Data formats and data

validation procedures be finalized for storage of

data in databases. Based on these formats, the

validations can be implemented. This component


• Allow user to enter data in pre-defined

formats

• Provide user with guidelines to enter data

in pre-defined formats

• Allow user to validate if input data is

following standard formats like date,

characters, numbers

• Allow user to validate if input data and

number of characters abide by the

standards

• Allow users to check if input data is

already existing in the databases

• Provide alerts to users if input data does

violates standard formats and rules

• Restrict users from saving invalid data to

the database.

• Allow users to create, modify and delete

data based on the access rights

• Ask for confirmation from the user before

saving the data in the database

All users except Service

consumers

4. Internal Messaging Integrity

This component shall allow the users to maintain

integrity of the contents on which multiple users

are working. This content may be a single

Back-office staff like

System Administrators will

use access this



Sl No


message, shared content, policies and so on. It


• Ensure that contents are received exactly

the way they were sent, though the

formats used for sending and receiving

them may be different

• While accessing or writing data to the

database, this component shall generate

integrity reports that will record every

incident along with details like date, time,

authorization id, terminal id, Application

and so on

component

5. Source Code Management

This component would help the users to detect

and report vulnerabilities in the applications source

code. This component shall have following

functionality

• Protect the source code against

unauthorized access

• Restrict unauthorized copying and

distribution

• Track all vulnerabilities in the code that

may cause malfunctioning

• Track existence of other malicious codes



use access this

component

6. Access Log Management

This component shall help back-end users like IT

Administrators to maintain a log of all the activities

happening on the PRI Network. This component

shall provide the following functionality

• Maintain a log of all the users logging into

the ePRI Application with the time, date,

access id and location from where they

logged in

• Maintain a log of all the activities

happening on the ePRI Application with

time, date, user, location, activity

• Maintain a trail of all the activities

happening once a user has logged in like

modules accessed, databases accessed,

reports accessed, data created, deleted



use access this

component



Sl No


or modified

• Maintain a log of all security incidents

taking place while a user is logged in

• Maintain a log of all unauthorized users

trying to log in

• Generate security incident report as and

when required based on the log file

7. Remote Access Management

This component shall allow ePRI users to access

the e-PRI application from any remote location.

This component shall provide following

functionality

• Shall allow only authorized user to connect

to the ePRI network through a remote

location

• Shall communicate with the User access

management component to establish

Authentication and Authorization for

accessing ePRI application

• Once remote access is established, it

should provide secured transmission of

data from the ePRI application to the user.

This shall be done using mechanisms like

encryption.

• Shall allow access to the ePRI network

based on access rights only, rest of the

network shall be restricted from the user.



use access this

component

Table 6 Application Security component layer

5.4 Logical Databases Architecture

5.4.1 G2E Information Ecosystem Following table and diagram in the sub section describes the integration, purpose and various stakeholders of

the proposed G2E database architecture:

Sr. Database

Type

Creator Owner User Purpose

a. Core HR

data

State PR

Dept

State PR

Dept.

State

All Line Depts.

It contains two main types of

databases:



Sr. Database

Type

Creator Owner User Purpose

ZP/BP/GP

ZP/BP/GP

Citizens

Employee master database

Organization structure, hierarchies,

positions, transfers and vacancies etc

b. Transaction

data

State PR

Dept

ZP/BP/GP

State PR

Dept.

State

All Line Depts.

ZP/BP/GP

Citizens

It will contain the following databases:

A database to capture details like

Employee salary & benefits, monthly

attendance, PF etc

Database to capture daily attendance,

time-in, time-out, leaves etc

A database maintaining a record of

qualification and skills of employees,

training, performance management

and disciplinary data

Table 7- G2E Information Ecosystem

The Database architecture describes the data sharing / exchange between different databases and applications.

The below architecture describes the G2E Information System:



Figure 7‐G2E Information Ecosystem



5.4.2 G2C / G2B service related information exchange ecology Following table and diagram in the sub section describes the integration, purpose and various stakeholders of

the proposed G2C database architecture.

Sr. Database Type Creator Owner User Purpose

1. De Novo

model for

Citizen UID

− ZP/BP/G

P

− State Line

Depts.

(Respectiv

e)

− MMP for

Passport,

Election

ID etc

− MMP for

Passport,

Election ID

etc

− State PR

Dept.

− e-PRI

application

A database system to identify the citizen

uniquely will be based on de-dup check

considering ration card / PAN card /

Passport / Election ID etc

It is a non-debatable fact, that one of the

major challenges faced for PRI is ‘data

creation’. As such, while the UID initiative is

going to be piloted in urban areas to start

off, PRIs (through e-PRI) should be

leveraged for data creation. This should be

looked at as a symbiotic relation, where in

both can gain as follows:

• UID initiative: Over a period of 3 years,

a de-novo database will be available for

rural areas, which can be leveraged

when UID initiative will be planned to be

implemented in rural areas.

• PRIs: This partnership model can be a

source of revenue generation. The UID

initiative should consider PRIs as a

partner is data generation. Hence,

deserving revenue can be shared with

the PRIs by UID initiative, as in the

absence of data; UID initiative may not

be able to achieve the desired results.

2. Citizen

Master − ZP/BP/

GP

− State PR

Dept.

− State PR

Dept.

− e-PRI

applicatio

n

− All line

depts.

A citizen master will be derived from

through the de-novo model. It can be further

mapped to biometrics database.

3. Service & − ZP/BP/ − State PR − State The database will contain the information



Sr. Database Type Creator Owner User Purpose

Scheme

master

GP

− All line

depts.

Dept.

− All Line

Depts.

− ZP/BP/GP

− Citizens

and details as follows:

• Guidelines: It will have various

guidelines updated regarding BPL,

various schemes etc

• G2C Service Master: It will contain the

details of what services have been

availed by various citizens/household.

This would be helpful in having critical

data that will help in taking intelligent

decisions about which services or

schemes need revamp or restructuring

based on the local needs.

4. BPL and

Beneficiary

master

− CEO

BP

Revenue

Dept. − State

− All Line

Depts.

− ZP/BP/GP

− Citizens

It will contain the BPL and the identified

beneficiary list of various schemes.

5. RTI /

Grievances − Citizens

− State PR

Dept.

− State

− All Line

Depts.

− ZP/BP/GP

− Citizens

RTI / Grievances database will gather and

maintain information relating to RTI /

grievances lodged with departments in

regards of services/schemes.

6. Service

Transaction

Master

− GP − State PR

Dept.

− State

− All Line

Depts.

− ZP/BP/GP

− Citizens

Service Transaction Master is the database

where various service requests get parked.

This database in turn interacts with other

databases depending on the type of service

request.

7. G2C

services

related

databases

− All Line

Depts.

− ZP/BP/

GP

− State PR

Dept.

− State

− All Line

Depts.

− ZP/BP/GP

− Citizens

These databases are specific to the

services requested at the Gram Panchayats

and will hold information related to land

records, local taxes, birth & death, RTO,

licenses, NOCs, utilities related, line dept.

related etc.

Table 8 G2C / G2B service related information exchange ecology



Figure 8‐ G2C Service related Information Exchange Related Ecology



The below architecture describes the G2G data Application Interaction System:

5.4.3 G2G data & Application interaction system Following table and diagram in the sub section describes the integration, purpose and various stakeholders of

the proposed G2G database architecture.

Sr Database Creator Owner User Purpose

1. Planning &

Budgeting

database

− Planner

− DPC

− Administra

tive

approver

− Work

definer

− Scheme

definer

DPC − State

− All Line

Depts.

− ZP/BP/GP

− DPC

− Citizens

− It will facilitate decentralized planning

with a defined planning work flow

− Help in converging rural & urban plans to

generate an integrated district plan.

− Supporting need/activity based planning

rather than scheme-driven

− Assists in converging flow of funds from

different central and state sponsored

schemes

− Acting as a decision support tool through

the use of supporting GIS and Graphs

2. Citizen

needs

database

Gram

Panchayat

PR Dept. − State

− All Line

Depts.

− ZP/BP/GP

− DPC

− Citizens

Various needs of citizen from various levels

get collected and parked in this database

3. Project

Management

database

− Planner

− DPC

− Administra

tive

approver

− Work

definer

− Scheme

definer

DPC − State

− All Line

Depts.

− ZP/BP/GP

− DPC

− Citizens

Stores unfinished Projects and assist in

project management

4. G2G

Content

Management

Database

− All Line

Depts.

− ZP/BP/GP

PR Dept. − State

− All Line

Depts.

− ZP/BP/GP

− DPC

− Citizens

Host various scheme guidelines, previous

year plans, tenders, vendor contracts,

proposals and empanelment documents




5. e-

procurement

database

Gram

Panchayat

PR Dept. − State

− All Line

Depts.

− ZP/BP/GP

− DPC

The Register basically maintains that have

been purchased by the Panchayats. Other

details which are included are the quantities

of the items, price paid, suppliers from which

item obtained, the order details and finally

the payment details.

6. Assets

database

Gram

Panchayat

PR Dept. − All Line

Depts.

− ZP/BP/GP

− DPC

To keep a record of the company assets and

their respective values and attributes. It will

manage and maintain unique id to assets

owned by Panchayats and will be linked to

various G2G applications for planning,

accounting etc.

7. Grass-root

data

database

Stats

Assistant

Statistical

officer − State

− All Line

Depts.

− ZP/BP/GP

− DPC

− Citizens

Collection of grass-root level data from field

at various levels. It hosts various types of

spatial and non-spatial data like:

− Geographic Details

− Demographic Details

− Election Details

− Education Details

− Health Facilities

− Drinking Water Facilities

− Infrastructure Details

− Population details/break-up

− School details etc

8. Fund flow

database − State

− All Line

Depts.

− ZP/BP/GP

PR Dept. − State

− All Line

Depts.

− ZP/BP/GP

− DPC

− Citizens

− It will facilitate in automating the tracking

of Financial progress for Monitoring &

Reporting

− Making available information of Fund

flow across sectors and schemes /

projects to bring in transparency and

Social accountability. It will also give the

details of unused / lapsed funds

− It will also trigger the process of Funds

release in time or in-advance

− It would be of great help to support

Electronic Funds Transfer mechanisms

9. Accounting

and auditing − State

− All Line

PR Dept. − State

− All Line

− Captures voucher level accounts of

Panchayats and generates reports as




database Depts.

− ZP/BP/GP

Depts.

− ZP/BP/GP

− DPC

− Citizens

per their requirements

− Maintains sources of fund information

i.e. budget envelope provided by Central

and State Govts., local revenues etc.

− Facilitates generation of Scheme-wise

expenditure and utilization certificates

− Hosts audit plans, priorities, audit history

and audit requirements

10. Sectoral /

scheme

database

− ZP/BP/GP

State

Line

Depts.

(Respecti

ve)

− State

− All Line

Depts.

− ZP/BP/GP

− DPC

− Citizens

The Physical and Social progress databases

will hold the status of physical and social

progress (based on social indicators) to

periodically monitor the progress.

Table 9-G2G data & Application system



Figure 9‐G2G Data Application Interaction System



The different databases have to be made secure by implementing the following security controls:

a) Protecting the database environment – ACCESS Control

b) Follow the principle of least privilege (READ, WRITE, EXECUTE)

c) Public privileges (READ, WRITE, EXECUTE)

d) Enforce password management

e) Lock and expire default user accounts

f) Changing default user passwords

g) Change passwords for administrative accounts

h) Change default passwords for all users

i) Enable Logging

j) Securing batch jobs

k) Restrict permissions on run-time facilities

l) Authenticate clients

m) Restrict operating system access

n) Harden the operating system

o) Encrypt network traffic

p) Apply all security patches

5.5 Security Architecture Information Security is defined as the protection of information from a wide range of threats to ensure business/

service continuity, minimize governmental risk, and maximize return on investment and opportunities. Achieving

information security across PRIs can be only accomplished by implementing a consistent architecture and

supporting security controls. Selection and implementation of security controls will be critical decisions for

protecting the security of PRIs information and information systems. These will be the management, operational,

and technical safeguards or countermeasures to protect the confidentiality, integrity, and availability of

information systems and its information.

Figure below gives a structure of the Information Security Architecture, which shall help PRIs in managing

information security across all the layers of the Logical Architecture.



Business Layer Security Components

Information Security Policy

Governance council

Asset tracking &

Management

Physical Security

Human Resource Security

Incident Management

Identity Protection & Management Components

Identity proofing and Vetting

Access Management and Control

Antivirus Protection Application/

OS Layer

Security Assessment & Monitoring Components

PRI Directory Services

PRI Public Key Infrastructure

Security Permissions and Configuration

PRI Event Logging an

d Auditing

Data Layer

Technology/ Network Layer

Data Validation

Anti Spyw

are/ M

alware

Protection

System

files & Source

code Protection

Vulnerab

ility Detection

Firewall/ Routing Service

Encrypted Access to Network (VPN)

Intrusion Detection and Protection

Figure 10-Business Layer Security Components

In considering the protection of information across PRIs, information security is more essential rather than just IT

security. Information security for PRIs will consider risk-based approach that considers information not only in

traditional technical assets such as computers, but also in assets such as people, which could pose weak points

in the organization. The above architecture considers that information resides within people, processes and

technology, and therefore focuses on security of each aspect. The objective of this architecture is to

• Facilitate a more consistent, comparable, and repeatable approach for assessing risk, and selecting and

specifying security controls for PRI systems

• Provide a recommendation for minimum security controls to be used for the PRI systems

The requirements of the Information Security Architecture applies to all PRI entities and to all information assets

owned by them including hardware, software, media, facilities, data, and information stored electronically that

may be owned, leased, or otherwise in the custody of PRIs.

The above architecture therefore defines mandatory requirement for protecting information and talks about

security in terms of Business layer, Identity protection and management as well as Security Assessment and

monitoring. Each layer and its sub components are explained in Annexure 14.5



6 Requirements for ICT and Connectivity

6.1 Deployment Architecture The deployment architecture mainly emphasizes on the application deployment strategy. This includes the

location where application will be installed and how it will be connected to other locations. This also shows the

plan of how the application will be connected to other NeGP initiatives like SWAN and State Data Center (SDC).

The s/w applications that are identified as common across the country will be developed and hosted centrally.

However, .applications, which are specific to West Bengal will be hosted in the Data Center at State. Moreover,

the databases of central applications and that reside in the particular state will be synchronized in real time using

the interoperability of SWAN and NICNET.

This section assesses the ICT and connectivity requirements for the implementation of the ePRI

application and proposes a deployment architecture with due consideration to factors of scalability,

performance, availability, interoperability, security and manageability. In addition, high level network

architecture has been proposed for hosting the ePRI application. Further the information security

has been dealt with in the section and a four layer (User, Network, Infrastructure and Application

layers) security architecture has been detailed. Keeping in mind all these and the ICT requirements

at the client sites at the state/district/block/GP, an indicative bill of materials has been presented.

The overall estimated cost of implementing the technology solution is estimated at Rs 34.30 Crores. This includes the cost of ICT hardware and networking components required State PR

department and PRIs as well as cost of software development and data digitization.



Figure 11-Deployment Architecture

1. Components at State Data Center: The Data Center at State which will be built-up as a NEGP initiative

of Department of IT, Govt. of India will already have the necessary infrastructure components included to

host the Mail Messaging, LDAP and various miscellaneous components. Apart from the already present

components of State Data Center like Firewall, DMZ switch, SAN Storage, additional Database Server,

application Server and Web Server for hosting the e-PRI application at State level has been considered.

The Database servers are to be configured in cluster configuration for providing redundancy. The web-

server to be installed in the DMZ zone of the Data Center.

2. SWAN: The state wide Area Network is been installed to provide a vertical connectivity of minimum 2

Mbps from the State HQ NOC to the District level and from district HQ to block level. SWAN will be used

as the main backbone of the connectivity for accessing the application from various offices. However all

the ZPs and more than 70% BPs are connected through SWAN.

3. District/Block office: The user office of Block and District will access the application using the SWAN.

Last mile connectivity to the District/block office will be provided from the nearest POP of the particular

district/Block. Local LAN will be established in the District/Block office for providing the access to all the

users.

4. Gram Panchayat: During the study it is observed that the connectivity is available till the Block Level

and in some places till GP level via other medium. It is recommended by the P&RD Department of the



state that connectivity to the GP office can be provided via Dial-up or Broadband connection. Utilization

of the SWAN connectivity can also be considered for GP. This will decrease the cost of setting up a new

internet infrastructure at the GP.

6.2 Network Architecture The network architecture emphasizes on the application connectivity plan to external and internal users. This

includes the connection to the ePRI application through SWAN and through internet.

1. State PR department, Zila Panchayat and Block Panchayat

Connectivity at State PR department, Zilla Parishad and Panchayat Samiti shall be established through SWAN

using the Point of Presence (PoP). The nearest PoP shall provide connectivity to the PRI switches installed at

every location. The switch shall further distribute the connectivity to the departmental Local Area Network (LAN),

proposed to be setup for every office location mentioned above. The PoP shall provide connectivity using fiber

optic/ leased line of at least 2 Mbps bandwidth.

2. Connectivity at GP offices:

Some GP already have internet connectivity. However, for GPs where will explore other options for connectivity

such as Broadband or Dial up. As SWAN is only extended till Block level, possibility of connectivity to GP

through SWAN can also be considered, once the SWAN in fully operational across the state.

Few of the GPs already have internet connectivity through their own initiatives. However, for GPs where there is

no connectivity, the option of BSNL broadband is recommended. Moreover, option of connecting GPs through

SWAN can also be considered, if the State plans to extent the existing SWAN project till GP level.





6.3 Bills of Material Bills of Material with brief specification are presented below. Detailed specification of each of the products is

presented in Annexure 14.2.

Base Data for Bill of Material and Costing

ePRI Durations (Months) 36

Inflation Rate 8%

Total Number of Districts in State 18

Total Number of Zilla Parishad in State 18

Total Number of Block Panchayat in State 341

Total Number of Village Panchayat in State 3354

License Cost for Standard Applications 22%

Development/ Maintenance cost for ePRI Application

22%

Table 10 Base Data for Bill of Material and Costing

Total No of officesGram Panchayat 3,354 Block Panchayat 341 Zilla Parishad 18

Total 3,713 Table 11 No. of Offices for implementation

ICT Specification

Sr Component Remarks/Specifications Number/ Quantity

A Hardware and Hosting at SDC

Database Server Specification is provided in Annexure 14.6 2

Application Server Specification is provided in Annexure 14.6 2

Web server Specification is provided in Annexure 14.6 2

B System Software

Operating System Open source ( Linux - Red Hat) 6

Web/ Application Server J BOSS 2

Database MY SQL/ Postgre 2

C Client Site Hardware



ICT Specification

Sr Component Remarks/Specifications Number/ Quantity

PC PC ( optional wireless cards) 3713

Network Printer One for each office locations, excluding to

GP

2

UPS For each Computer ( 600VA) 3713

Laser printer Only for senior officials and GP 3713

Document Scanner Each office locations 3713

Digital Signature For Senior officials and Pradhan 4050

D Network

Office LAN (CAT6)for 20 users For every office with LAN facility 0

Office LAN (CAT6)for 10 users For every office with LAN facility 341

Switches For Zila and Block 341

Table 12- ICT Specification



7 Capacity Building Requirements

7.1 Capacity Building and Training Strategy

During Information and Service Need Assessment, the study team found that most of the PRI Officials are

not aware of Schemes/ services, West Bengal Panchayati Raj Act. Hence to enhance and improve the

service delivery mechanism in To Be scenario, it is

essential to impart PRI Officials different type of

training. Capacity building broadly has been classified

as capacity building related to Human Resources and

Capacity building related to enhancement of Skill set.

Human Resource is further classified as Existing

Posts and Desired posts. On the other hand skill set

has been further classified as desired skill set and

Training required.

7.1.1 Skill development methodology An important component of capacity building is skill

set enhancement. Skill set enhancement is a

complex exercise to undertake without a proper

methodology in place. Various rounds of length

training sessions which have already been

conducted in the state have not resulted in a

success. So as to improve the current skill set of the

PRI’s a structured skill set development methodology

has been proposed for the West Bengal Panchayati

Raj Institution. Primarily four factors have been

considered for developing skills. All these four factors

collectively impact and enhance the skills of an

individual. Right mixture of all four factors is imperative in producing the desired results. The following

diagram presents the skill development methodology that shall be considered for PRI in West Bengal.

Current section focuses on building capacities and capabilities of PRIs in West Bengal. This

section identifies the manpower requirements and strategies to fulfil them. It also identifies the

training requirements and the proposed training plan for building skill sets in the PRIs. Total Cost of

expected to be incurred towards trainings and manpower are Rs.9.17 Crores & Rs. 45.57Crores

respectively

West Bengal Skill development methodology



1. Knowledge Transfer: Knowledge Transfer is the first phase of skill development. Skill development

exercise can’t be initiated without a proper theoretical knowledge transfer to the individuals. Hence

skill development program is only as good as the theory behind it.

2. Practice: Knowledge once transferred gets dormant if not practiced. Some skills development efforts

require a few minutes; others take hundreds of hours. Even those with great aptitude blessed with a

large dose of talent must practice endlessly to be successful in skill development

3. Motivation: In our methodology, a person serious about skill development must be

internally/externally motivated to perfect the skill. It is unrealistic to expect any training session to

motivate the apathetic or the lazy to perfect developing a skill. Hence PRI would have to define

consequences for desired and the undesired behaviors.

4. Feedback: Skill development requires feedback. There are two ways to get feedback: do it yourself

or get others to do it for you. Second type of feedback is more influential and beneficial for enhancing

skills. Hence it is imperative for PRI’s to have skilled coaches/trainers who can provide positive and

negative feedbacks

7.1.2 Manpower PRI are currently equipped with inadequate manpower to support their operations. There are number of

vacant post that needs to be taken into consideration by the PRI and appropriate personnel’s should be

deputed/ recruited. Certain personnel’s with in PRI shall be engaged for the execution of the project, but they

shall be required to upgrade their existing skill set to one that is desired for successful implementation. In

some cases certain new positions shall be created within PRI for successful implementation of the e-PRI

project. The following section describes the manpower plan that needs to be undertaken for e-PRI project.

7.1.2.1 Additional posts required The current sub section provides a list of posts that needs to be build/bought for the PRI for successful

implementation of the project. Building of manpower symbolizes the enhancement of capacities of the

department official designated for the post where as ‘buy’ symbolizes procurement/recruitment/sub

contracting of manpower for the respective posts.

The following table presents the additional posts that need to be undertaken by PRI’s for successful

implementation of e-PRI project.



Tier Designation Build / Buy

No of additional posts

Total no of additional posts recommended

Rationale

Zila

Par

isha

d (D

P)

Data entry

Operator

Buy 1 18 Though data entry operators are

present at Zila Parishad (ZP) but a

dedicated data entry operator shall

be required at Zilla Parishad for

effective implementation.

Panc

haya

t Sam

iti

(BP)

Data entry

operator


present at Panchayat Samiti

(Block Panchayat) but a dedicated

data entry operator shall be

required at Block Panchayat for


Gra

m

Panc

haya

t

Data entry

operator


present at Gram Panchayat but a

dedicated data entry operator shall

be required at Gram Panchayat for


Table 13- Additional Post Required

7.1.3 Training Strategy Three categories of trainings i.e. trainings related to change management, competency building, and soft

skills has been proposed for West Bengal e-PRI project. It has been envisaged to provide these trainings

using combination of both methods, Cognitive Training methods shall be mixed with few of the behavioral

training methods to seek the effectiveness of both the type of training methods. So as to ensure effectiveness

of these trainings regular module wise tests have been proposed. The following section presents the training

strategy for the West Bengal PRI’s in detail.

Please Note: The following trainings have been proposed to provide all round development and ensure motivation of the workforce, but only trainings related to ICT have been included in budgetary estimates for e-PRI project.

The following section presents the training strategy for PRI’s in the state of West Bengal.

Procedure for Training PRI Officials and Trainers: A. Training delivery strategy should be decided on the basis of following:

• List of Holidays

• Working timelines



• Work-load at a particular location / group of officials

• Geographic spread of locations to be covered during the training

• Number of people to be covered by the training at a particular location

• Dissemination media through which the contents need to be delivered

B. On the basis of these inputs, a delivery strategy should be devised which should cover the following:

• Timelines for delivery of training

• Locations to be covered during a said period

• List of holidays at a particular location

• Officials to be addressed

C. Once the delivery roadmap is finalized, the same should be communicated to all stakeholders D. The training and awareness material should be developed on the basis of the following

• Schemes/ Services

• Panchayati Raj Act

• Motivation aspect

• G2G Functions

• Roles and Responsibilities





• Computer Skill

• Internet, E-mail

E. During the training sessions all the above mentioned topics should be covered. Training will be

imparted to all officials as per the agreed schedule.

F. Officials should be imparted training through following different means. • Email to all employees

• Posters

• Workshop Material

• Quiz Material

• Group Exercise

• Computer-Based Training

G. Training should be delivered as per schedule.

H. Feedback should be taken from all officials’ on content, trainer, delivery channel through various

means like attendance, CBT Score, Quiz Score, and Discussion with officials. I. Feedback should be incorporated in next delivery schedule



Training Methodology: The training methodology detailed below is proposed in line with the requirements of PRI. It will guide the process of creating the appropriate training

curriculum and ensure that end users receive training that is appropriate to their job in the new environment. The overall methodology is summarized below.

Figure 12‐Training Methodology

The above figure demonstrates the recommended key steps, as shown in the first box at the top of each column. Supporting these steps are the activities

listed in boxes below the first box, culminating in a targeted outcome for each step (vertical boxes). This result becomes an essential input for the next key

step. Together, these steps, activities, and outcomes form the Training Methodology.

Step 1: Understand the Audience: The first step in the training methodology is to assess and analyze the potential System user community. In conjunction

with other change management activities, the purpose of this step is to gain a better understanding of the current skills and job functions of end-users in each

agency. In addition, information will be gathered on the current training environment. The activities listed in this step will need to be conducted for each

stakeholder group, and components will be included in the Stakeholder Group Implementation Plan. The information pertaining to this step is already captured

during the ISNA phase.



Step 2: Design the Course Curriculum: Based on the information collected in the analysis step, the

Change Management/Training team will begin to define specific end-user needs and define the course

curriculum. Outputs from this step will include an overall recommendation for the development of the State’s

training solution.

Step 3: Develop Training Materials: Several types of training materials and content will be built by the

project to support the training and education of stakeholders in using the new System. The materials

prepared will fit the training needs of the users as identified in the earlier steps of this methodology.

Step 4: Deliver the Learning: The delivery of training must be organized and useful to the end-user. Here

PRI personnel will be imparted training in a phase wise manner.

Step 5: Measure/Evaluate the Learning: Measurement is a key component to assure the success of any

project. In terms of training, this measurement may be based on assessments and evaluations. Several

types of evaluations will be used at the end of each course to determine the value and effectiveness of the

training efforts.

7.1.3.1 Training requirements The strategy for training shall focuses on inducing strategic vision development at a senior management

level at PRI and the develop skills required by the middle and lower management of PRI. The training and

capacity building has been categorized under three categories.

A. Change Management and IT Sensitization and B. PRI Competency Building C. Soft skill related training

Change Management training program focuses on trainings specifically linked to the implementation of e-PRI

system. Five types of training have been identified for the PRI officials and elected member. They are listed

below:

A) Change Management and IT Sensitization Training:

Change management training program focuses on trainings specifically linked to the implementation of e-PRI

system. Five types of training have been identified for the PRI officials and elected member. They are listed

below:

1. Change Management & IT Sensitization Training: This training has been envisaged for senior

functionaries of PRI who are involved in decision making at the highest level and are expected to drive

the initiative in the organization. It basically includes the following:

To impart working knowledge and skills related to :



• Process Re-engineering

• Building Technology architecture and standards

• Program Management

• Change Management

2. Basic Computer Awareness Training:

Without preliminary operational knowledge of computers, PRI Officials cannot be expected to work in an

automated environment. The basic computer training requirement is indispensable in nature for all its

officials and elected members at PRI.

3. Role based application Training:

This training is suggested for all functionaries at PRI. This training is targeted to make users confident of

their roles and functions in proposed system.

4. Training on re-engineered processes:

This training is targeted at key functionaries of PRI. This training aims at enlightening key functionaries

on re-engineered process, objectives, benefits etc.

5. Specialized Technology Training:

This training aims to create technical capacity within the PRI structure about the e-PRI system.

B) PRI competency Building Trainings

The following list presents the PRI competency building training programs proposed for effective functioning

of PRI.

• Executive and managerial skills

• Functional management area

• Financial management

• Corporate Governance

• Project Management

C) Soft skills related training

• Orientation and Leadership Training.

• Motivation Training

• Conducting effective Gram sabhas

• Encouraging community participation by all officials and elected members.

The following table presents a summary of the key designations vis a vis the training requirement/ trainings

proposed.



Trainings

State Level District level (ZP) Block level (PS) Gram level

GP)

Prin

cipa

l Se

cret

ary

Joi

nt S

ecre

tary

D

eput

y Se

cret

ary

Com

mis

sion

er

Sabh

adhi

pati

CEO

Add

ition

al C

EO

Prog

ram

Offi

cer

Fina

nce

C

ontr

olle

r

DPR

DO

Sabh

apat

i

BD

O

PDO

PAA

O

Cle

rk

Prad

han

Secr

etar

y D

ata

Entr

y O

pera

tor

Trainings facilitating Change management Change Management and IT sensitization X X x x X X x Basic computer awareness X X x x X X x x X x x x x x x x x > Basic of Hardware and Software X X x x X X x x X x x x x x x x x > Basic of Troubleshooting and Networking X X x x X X x x X x x x x x x x x > e-Mail and Office application X X x x X x x x X x x x x x x x x Roles Based application training x x x x X x x x x x x x x X Training on re-engineered process x x x x X x x x x x x x x Competency Building Trainings Executive and Managerial Skills X x x x x x x Functional management areas >Decentralized planning x x x x x x >Roles and responsibility of Committees x x x x x x >Relevant acts , notifications x x x x x x Financial Management Areas >Basic x x X x x x x x >Advanced X x x Corporate Governance X x x x Project Management x x x x x x Soft Skills Personality Development Areas



>Attitudes and Behavior x x x x x x >Human Values and Ethics x x x x x x >Business Writing x x x x x x >Communication skills x x x x x x >Public speaking Skills x x x x x x Conducting effective gram sabhas x Encouraging community participation x x x



After assessing the training needs, various training modules should be created to impart trainings to officials at

various levels.

Training Target Audience Aim Delivery

mode Type of training

Trainings related to change management

Change Management and IT sensitization

Senior functionaries

e.g. Principal

Secretary, Secretary,

Joint secretary,

Commissioners,

President Zilla

Parishad, CEO Zilla

Parishad,

Best Practices on e-Governance

implementation, social, economic

and political benefits, awareness

on issues related on e-security,

Change Management,

Architecture and technology

standards, Leadership Training,

Business Process Reengineering,

Business Transformation and

Standardization, Broad

Philosophy, Critical Success

Factors for the Project

Instructor led Classroom-

Based

Basic computer awareness

All officials and

employees

Computer awareness, basics of

hardware, basics of networking,

basics of trouble shooting,

internet, e-mail and Office

applications


based

Role based application training

All officials and Data

entry Operators

recruited for training

Application usage training,

knowledge sharing,

standardization and integration

aspects


based

Training on re-engineered process

All Officials Training on re-engineered

processes, process improvement

techniques, benefits of new

processes

Audio –

Visual/instruct

or led

Classroom-

Based

Competency building trainings

Executive and Managerial Skills

Senior functionaries Transformational Leadership ,

Leadership excellence through

Team & work excellence


Based





Functional management areas

Senior and middle

level functionaries

Decentralization, Roles and

Responsibility of Committees,

Relevant acts and notification,


Based

Financial Management

Functionaries

performing respective

roles

Basic concept of accounting and

book keeping, Budgeting,

Auditing


Based

Accounts officers and

Accountants

Advance Financial Management.

Including Strategic Financial

Planning


Based

Corporate Governance

Senior Functionaries

(Principal Secretary,

Joint Secretary...)

Fundamental significance of

corporate governance,

Corporate governance structures

and risk management policies,

Moral and policy considerations

underpinning stakeholders, board

of directors, auditors, senior

management and directors. New

strategies to improve their

corporate performance. Corporate

governance best practices,

Regulatory compliance


Based

Project Management

Elected Senior

officials and Senior

officials of PRI

Basic Framework, Project time

management, Scope

Management, Cost and quality

management, Human resource

management, communication

management, procurement

management, risk management


Based

Soft skill

Personality Development

Senior Officials and

Senior elected

members of PRI

Attitudes and Behaviour, Human

Values and Ethics,

Communication skills, Business

Writing, public speaking

Instructor led Classroom

Conducting effective gram

Pradhan (GP) To equip the officials and elected

body to conduct Gram sabhas






sabhas effectively

Encouraging community participation

Pradhan and Senior

elected body

Encouraging community

participation


Table 14- Training Modules

7.1.3.2 Training Facilities

Training is the essential component in the growth of any organization. It provides continuous skills up gradation

that is an essential part of modern work life. In this context it is extremely important that the PRI be provided

adequate training to enable correct and efficient discharge of their duty. It is observed that the existing

Infrastructure for training is good in terms of connectivity, hardware equipment, Hostel facility etc and will be

leveraged for providing trainings to officials of PRI under ePRI implementation.

To meet the ever increasing demand for trainings, several in-campus and off-campus trainings were conducted by

the officials of the department either at SIPRD or in ETCs. The State Institute of Panchayats & Rural

Development (SIPRD) located at Kalyani, Nadia District is the apex institute for organizing formal training

programmes. This process has been further supplemented by the Extension Centres (ETCs) located at Burdwan,

Coochbehar, Raiganj and Midnapore. Each ETC takes care of the training requirement of the GP level

functionaries of the adjoining districts.

These institutes organize training programmes mainly for the functionaries of Zilla Parishads and Panchayat

Samitis as well as field level government officials of Block, Sub-divisions and District levels along with the

representatives of NGOs. As noted earlier ETCs supplement the process of capacity building by providing training

to the functionaries at the GPs. Off campus training programmes (for enhancing outreach) of SIPRD take place at

different ETCs. Besides holding training programmes .the institute also develops study materials for training. It

undertakes researches and publishes paper, periodicals and books in the field of Panchayat and Rural

development. The institute also offers consultancy services to the different stakeholders in those fields.

HUMAN RESOURCES AND INFRASTRUCTURE The institute has two separate campuses, namely Gandhi Bhawan and Benoy Bhawan at Kalyani in Nadia

district.

Gandhi Bhawan

1. Administrative-cum-faculty building

2. Office Building



3. Computer Centre (for conducting training of 20 heads at a time)

4. Conference Hall (for 60 heads)

5. Composite Training Centre (composite building to accommodate 36 seats with a provision of a

training hall and an auditorium for 60 heads and a dining hall)

6. Hostel-I-accommodates 48 heads in double-seated rooms with attached bath

7. Hostel-II-accommodates 28 heads in single seated rooms with attached bath and with a provision of

common dining room

8. Guest House-accommodates 12 guests in seven guest rooms

9. Faculty Quarters-provides accommodation of six flats for faculty members

10. Staff quarters-ten flats for the employees

11. Library

12. Books depository building-stores published materials of the institute

13. Two storied go-down cum office building-to accommodate seating arrangement for the faculty in

the first floor as well as provides space for store

14. School sanitation-Model school sanitation toilet block has been constructed with funding of

UNICEF for demonstration purpose.

Benoy Bhawan

1. Administrative-cum-Faculty Building.

2. One classroom-with capacity to accommodate 30 heads.

3. One Auditorium with capacity to accommodate 65 heads.

4. Hostel with capacity to accommodate 50 heads.

5. Book depository Building over the existing single storied garage.

Library The library at Gandhi Bhawan is housed in a spacious building having a rich collection of more than 21,393

valuable books. In order to augment its capacity further a five storey building is at the point of completion. 57

nos. journals are subscribed regularly. Another library at Benoy Bhawan has collection of more than 7,878

books and 10 nos. journals. The libraries provide facilities like (a) Browsing computerized catalogue, (b)

Reference Services, (c) Referral Services, (d) Current Awareness Service (e) Bibliography service, (f)

Documentation, (g) Browsing information through INTERNET, (h) Reading rooms and (I) Reprography

Services. The library also publishers PARD ALERTS (A quarterly documentation services of Panchayats and

Rural Development) which contains an index of selected articles published in the journals / periodicals currently

received at the SIPRD library. Both the libraries are used by the trainee officers, faculty members, staff

members and departmental Officers of this institute. Apart from that the student, scholars and faculty members

of different universities and institutions especially in social science disciplines also use these libraries.



TRAINING INFRASTRUCTURE AT EXTENSION TRAINING CENTRES (ETCS) SL. NO.

LOCATION OF ETC

TRAINING HALL INCLUDING COMPUTER

TRAINING HALL

CAPACITY HOSTEL ACCOMMODATION

CAPACITY

EQUIPMENT

1 ETC, Cooch Behar

2 65 40 21 Computers, 1 LCD Projector, 1 K-Yan, 1 OHP, 3 White Boards etc

2 ETC, Raigunj 3 70 40 19 Computers, 1 K-Yan, 1 LCD Projector, 1 White Board etc.

3 ETC, Burdwan

2 90 40 18 Computers, 1 K-Yan, 3 White Boards etc.

4 ETC, Rajarhat 3 110 98 16 Computers, 1 K-Yan, 3 White Boards etc.

5 ETC,Paschim Medinapur

2 70 Does not have own hostel

18 Computers, 1 K-Yan, 2 White boards etc.

Table 15-Existing Training facilities in PRI

Having observed that the Infrastructure with above mentioned training centers is good in terms of connectivity,

hardware equipment etc, these shall be leveraged in their respective districts for providing trainings to PRIs

7.1.4 Training effectiveness and support In the current scenario, one of the key reasons for consistent failure of most capacity building programmes is in

addressing the accountability and results of the activities. Too often, success is measured, not by improvements

in the performance of the PRI members but by the numbers of workshops conducted, participants attended etc. It

is never easy to audit the results of capacity building activities. Therefore, evaluation of the effectiveness of

training becomes a critical aspect. The below section details out the various methods that could be adopted to

measure the training effectiveness:

A. Formal and Informal feedback After the training, feedback sheet should be filled by PRI Officials wherein PRI Officials should provide feedback

about the following:

a) Content of training

b) Knowledge of Instructor



c) Speed of Instructor

d) Infrastructure of training

PRI Officials should be encouraged to give informal training feedback to after training sessions to training

imparting agency and senior PRI Officials. These feedbacks should be incorporated in next training session.

B. Quiz Score A quiz is very effective way of assessing the effectiveness of training. Quiz score should have questions related to

training content. Once the training is over, quiz should be conducted. Compilation of score should be done at GP,

BP and ZP level to assess the content improvement.

7.1.5 Design consideration for Training

Following design consideration shall be used by PRI while providing training to PRI officials, this would lead to

effective training being imparted to PRI officials and would lead to superior post training results.

1. The training vendor shall submit a Training Schedule and Training Curriculum to the Program

management Unit for approval prior to the delivery of any training

2. Maximum number of attendees for each training session shall be decided by the PMU

3. The Training vendor shall ensure that regular test shall be conducted on the last session of each training

module. The training vendor shall provide a set of 500 questions for each training module. The Project

shall choose the questions for the tests to be conducted by the Training vendor

4. The average marks obtained across all the attendees in each training batch shall be at least 50%. If the

average score is less than 50%, the training vendor must repeat the training with a new trainer

5. All attendees scoring less than 50% shall be considered failed and be provided with repeat training and

shall undergo a retest after the completion of the training. For the retraining and reassessment no

additional cost shall be provided to the Training vendor. If even after the retraining, the attendee fails to

achieve at least 40% marks. The trainer shall be provided with cost of the retraining undertaken by the

vendor and PRI shall provision for entering remarks in the service book of the employee



7.2 Bills of Material Owing to the mammoth structure of the PRIs, it may not be possible, imparting training to every PRI member.

Therefore by the virtue of past experiences, cascading mode of training has been recommended.

Based on the above recommendations Bill of material detailing the number of participants to be trained at each

level of PRI is given below. The total numbers of participants that are required to be trained have been distributed

on a year-wise basis.

Level Officials Members Total

ZP 6 2 8

BP 3 1 4

GP 1 1 2

Table 16- No. Of official trained

PRI Officials To

Be Trained (Number)

Participants To Be Trained (Number)

Level Year 1 Year 2 Year 3

ZP 108 36 36 36

BP 1026 342 342 342

GP 3354 1118 1118 1118

Total Cost 64752864

PRI Members To

Be Trained (Number)


Level Year 1 Year 2 Year 3

ZP 36 12 12 12

BP 342 114 114 114

GP 3354 1118 1118 1118

Total Cost 26922648



8 Change Management Requirements

Organizational change encompasses process improvement which includes Business Process Re-engineering;

improved ‘To-Be’ processes, etc., management interventions like project implementation, training and capacity

building etc. and external relations which includes pattern of government interaction with citizen, private

participation, etc.

Introducing reforms needs to be accompanied by efforts to communicate the change implication to all the

stakeholders. This will include communication to citizens on how to avail services in the proposed system; the

employees should be skilled to deliver the services in an altogether new way etc.

In order to ensure a smooth transition of employees into a new role, a well-calculated and well-designed

strategy needs to be adopted. In this regard, it is necessary to formulate a change management strategy and to

plan appropriate interventions for capacity building, training and stakeholder communications so as to

effectively implement and manage the change in e-PRI project

Some of the objectives of change management plan are enlisted below –

• To acquaint stakeholders to appreciate the new process and system proposed under e-district project for

the selected services

• To acquaint citizen with the new process and system proposed for making service request and receiving

service delivery and ‘point of interface’ for the same

• To motivate, train and capacitate government employees to undertake the revised roles and

responsibilities associated with their job responsibilities

• To streamline transition of all aspect of selected services covered under e-district project in consideration

of all associated stakeholders of the project

• To ensure successful implementation of e-PRI project and embed sustainability of the project

This section describes the strategy and roadmap for Change management to ensure

smooth transitioning from the current state to the desired level. The objective is to

highlight certain activities that shall be required for smooth transition and would be

imperative for successful implementation of the e-PRI project.

The overall cost of Change management in West Bengal which includes cost for

Information, Education and Communication is estimated at Rs. 0.73 Crores.



8.1 Mapping the Entire Critical Stakeholder Community

STAKEHOLDER IMPACT RATING

INFLUENCE

RATING INVOLVEMENT

RATING COMMUNICATION

CHANNEL OWNER

Citizen High Low Medium In Gram Sabha, notice boards, announcements, Audio visuals

Pradhan and Block Panchayat

PRI’s High High High Letters, emails, meetings, trainings

Project Manager

Line department Low Low Medium Letters and emails Secretary PR

State PR department

Medium High High Meetings and emails

Project Manager

Implementation vendor

Low High High Meetings, mails, letters

Project Manager

Table 17 Mapping the Entire Critical Stakeholder Community

8.2 Information Education and Communication Plan

The whole attitude about IEC plan is that we keep stakeholders informed as we go along implementing and

operating the e-PRI project. The plan described in this section has been categorized under two main sub heads,

Monitoring related and sensitization related communication plan. Monitoring related plan focuses on

communication that shall be required to be sent out to different stakeholders primarily officials and Implementation

vendor for better monition the e-PRI project, on the other hand sensitization related plan deals with

communications that shall be sent out with an objective to inform and sensitize the stakeholders towards the

change foreseen by implementing the proposed system.



8.2.1 Sensitization related Communication plan Sensitization related communication plan focuses on informing the citizens and the officials about the change that shall be brought up by implementing the e-

PRI system. It regards to citizen, it is imperative to win their confidence for the new system and processes. Citizen centric communication has been designed

for addressing some of the key concerns that shall be faced by citizens. Due to introduction of radically changed processes and systems, citizens may have

the following concerns:-

• Information dissemination on e-PRI system

• Ease of accessibility of the system

• Reliability of the system

• Availability of the system

On the other hand, another perspective to the Sensitization related communication plan is towards Officials of PRI and State PR department. Having a

number of years of experience of implementing ICT related initiatives in Public sector organizations and Government bodies; it has been observed that

Officials/employees at times resist the change. There are number of well known reasons which include vested interest, loss of authority, fear of the unknown,

reluctance to make the effort involved, upsetting a well established routine, fear of failure, lack of conviction in the change causes, lack of proper

communication, etc. Hence it is very important to acknowledge these feelings and address them through continuous interaction & strategized communication

plan, rather than withholding information or not acknowledging employee reactions, fears, and doubts. It is also important to remember that apart from

managing resistance from the employees, it has to be ensured that the citizens have access to undisrupted services in the new system and framework.

Keeping the above issues at focus, creating awareness among the employees about the new system is of prime importance. The table below briefly

describes the sensitization related communication plan.



Name/Nature of Communication

From To Content Provided by

Launch of Communicatio

n

Frequency Delivery Media

Remarks

State PR department

Orientation towards leading change

Third party

Vendor

Secretary PR

and

Commissioner

Third party vendor Prior to Starting

of the project

Once Workshop The workshop shall

address the issues related

to change management

and how lead a change

e-PRI Information Digest

Project

Manager –

SPMU

Officials of

State PR

department

Change

management

expert and Team

Manager

Starting of the

project

Monthly e-PRI Monthly

periodical(

magazine)

This shall be printed till the

Go-Live of all three

Waves(phases) and if

found effective shall be

continued (as required)

Citizens

Information dissemination about e-PRI project

Project

Manager –

PMU

Citizen Change

Management

expert – PMU and

team manager

15 days Go-Live of

Phase

- Advertisem

ent in local

newspaper

Advertisement for a period

of 3 months

Permanent Go-Live of

Phase

- Hoardings

to be

displayed

on Gram

Panchayat

Bhawan

- Display on

notice

board/Post

ers






n


Remarks

1 month Month Prior

to Go-Live

of a phase

- Radio

telecast

For a period of 3 months,

telecast should focus on

informing citizens about

the benefits and ease the

system shall provide and

how can the citizen avail

services

15 days Go-Live of

Phase

- Announce

ment in

villages

through

duggie

For a period of 3 months

Addition/Change of services

Project

Manager –

PMU

Citizen Change

Management

expert – PMU and

team manager

- As Needed - Notice

board of

GP

PRI

Information on provision of new services

Secretary PR

department

PRI Project Managers,

Team Manager

and Members

Provision of

New service

Once Government

Order and

website

The same GO shall be

uploaded on website

Information Digest about e-PRI

Project

Manager –

SPMU

Officials and

employees

Change

management

expert and Team

Manager

Starting of the

project

Monthly e-PRI Monthly

periodical(

magazine)

This shall be printed till the

Go-Live of all three

Waves(phases) and if

found effective shall be






n


Remarks

continued (as required)

Change Champions Secretary PR

department

PRI Project Managers

and approved by

Secretary

Start of

Implementation

of a Phase

Quarterly Awards to be

provided to

nominated

Change

Champions

These shall be printed in

the monthly periodical

published to be distributed

to officials

Initiating the change Project

Manager –

SPMU

PRI Project manager Start of

Implementation

of a Phase

Quarterly Workshop District wise workshop.

Line departments

Informing about e-PRI project and devolved services

Secretary PR Line

Department

Change

Management

expert-SPMU

Kick off of

implementation

- Government

Order

Government Order for the

e-PRI to be provided to

line department

Launch of e-PRI Project

Manager –

SPMU

Line

department

Team Manager 2 months prior

to Go-Live

- Letter

* The team manager mentioned above is corresponding to the Implementation Vendor/ Implementation agency that shall be engaged for implementing the project.

8.2.2 Monitoring related Communication Plan

NAME/NATURE OF

COMMUNICATION FROM TO CONTENT

PROVIDED BY FREQUENCY FORMAT

USED DELIVERY MEDIA REMARKS



NAME/NATURE OF




STATE PR DEPARTMENT

URGENT ISSUES Project

Manager

Secretary PR

and

Commissioner

Project

Managers and

Team Manager

As needed Any Verbal, E-mail,

Memos

The Project Manager will

collect the issue and add an

entry in the Issues Log.

ISSUES UPDATES/ RESOLUTIONS

Secretary

PR

Project

Manager

Executive

Sponsor

As needed - Verbal, E-mail,

Memos

The Project Manager will

update the Issues Log.

STATUS REPORT Project

Manager

Secretary PR

and

Commissioner

Team Manager,

Team members

Weekly Status

Report

form

E-mail or Shared

Storage

The Project Manager will pull

information gathered from the

program status reports.

SPECIAL

PRESENTATION OR

MEETINGS FOR

UPDATING

PRINCIPAL

SECRETARY

Project

Manager

Principal

Secretary

Program

Manager

As needed - Meeting/Presentat

ion

CHANGE REQUEST Project

Managers

Secretary PR Project

Managers with

help of Team

Manager

As needed Standard

Change

Request

form

E-mail These change requests will be

submitted to the Secretary

PR, discussed at the weekly

Status meetings

CITIZENS



NAME/NATURE OF




GO-LIVE OF

PROJECT

State PR

Department

Citizen Project

Manager and

Team Manager

15 days - - Advertisement

in local

newspaper

- Announcement

s in Villages

- Notice board of

GP

For a period of two months to

spread awareness about the

project

PROCEDURE FOR

OBTAINING SERVICE

State PR

department

Citizen Project

Manager and

Team Manager

- - - Notice board of

GP

- Audio visual in

GP

ADDITION/CHANGE

OF SERVICES

Block

Panchayat

Citizen Block

Panchayat

As Needed - - Notice board of

GP

- Announcement

s in Gram

Sabha

PRI



NAME/NATURE OF




PROJECT UPDATES Project

Manager

PRI Project

Managers,

Team Manager

and Members

(1) Weekly

(via the

Project

Status

Report)

(2) As

needed (via

Project

Manager)

(3) As

needed (via

Stakeholder

Meeting

minutes)

(1) Project

Status

Report

form

(2)

Stakehold

er Meeting

Minutes

document

(1) E-mail

(2) Meeting

Minutes

ISSUE ITEMS STATUS

/ UPDATES / RESOLUTION

Project

Managers

PRI’s Project

Managers,

Project Team

Members

(1) Weekly

(via the

Project

Status

Report)

(2) As

needed

(1) Project

Status

Report

form

(1) E-mail (1) If the

status/update/resolution is

received through the Project

Status Report, the Project

Manager will enter it into

Project log.

Status/updates will be

submitted as “Responses” to a

main-topic record in Project



NAME/NATURE OF




Log. If a resolution is received

the project manager will enter

the resolution in the log and

close out the issue/action

item.

CHANGE REQUESTS Project

Managers

PRI Project

Managers and

approved by

Secretary

As needed - E-mail Providing Information for the

changes proposed

SIGN OFF FOR

DELIVERABLES/ COMPLETION OF A

PHASE

Project

Manager

PRI Team Manager As Needed Sign off Email

LINE DEPARTMENTS

NEW ISSUES/ACTION

ITEMS

Line department

Project Manager

Stakeholders As Needed Letter, fax, e-mail

ISSUES/ACTION

ITEMS STATUS, UPDATES, RESOLUTIONS

Project Manager

Line department

Team Manager As-Needed - E-Mail/ Fax/ Letter

PHASE COMPLETION Project Manager

Line department

Project Managers

Phase Completion

- E-Mail/ Fax/ Letter On successful completion of phase



NAME/NATURE OF




REPORT

IMPLEMENTATION VENDOR

CHANGE REQUEST Team

Manager

Project

Manager

Team Manager

and Team

Members

As Needed Change

Request

Form

E-Mail These change requests will be

submitted to the Project

Manager, discussed at the

weekly Status meetings

WORK PACKAGE Project

Manager

Team Manager Project

Manager

On initiation

of completion

of a Work

package

Work

Package

e-Mail

ISSUE Team

Manager

Project

Manager

Team Members As Needed Issue

report

e-Mail

WEEKLY STATUS Team

Manager

Project

Manager

Team Manager Weekly Status

Report

e-Mail

Table 18 Awareness and communication plan



9 Implementation Strategy This section elaborates on the implementation strategy to be adopted for the Rollout of e-PRI MMP in West

Bengal. It covers the important aspects like key considerations for implementation and implementation plan with

timelines.

9.1 Key Considerations for Implementation While considering phasing of the implementation, it is important to identify the factors that influence the phasing

strategy and accordingly define the phases. In this section, the key parameters considered by the team have been

discussed. The key factors are:

1. Proximity to State Capital

2. Terrain related challenges and Infrastructure availability

3. Status of SWAN & SDC

4. Guidance, Ownership and Support from Leadership

5. Successful and Timely Implementation of State Data Centre

6. Level of Expenditure While Implementation

7. Third Party Interventions

8. Awareness among Citizens about the New System

A brief discussion of each of the factors follows.

1. Proximity of State Capital to the Districts:

Description: To begin with e-PRI MMP’s implementation / pilot implementation may be appropriately

anchored in Districts that are closer to the State Capital if the State sees advantage of supervision and

guidance from the State PR Department. Logistics associated with implementation is perhaps easier in

Districts that are closer to the State capital.

On the contrary, e-PRI MMP may serve Government and Citizen needs of Districts that are remote and

away from the State capital. This view gains credence in States where the Government functionaries are

well aware of e-Governance and the State PR department does not see any risk in choosing Districts that

are distant from the State capital for implementation.

Based on which of these two views gains more weightage, the implementation phases could be defined.

2. Terrain related challenges and Infrastructure availability:

While implementing e-PRI MMP, it is important to understand that terrain of Districts and Civil & IT

infrastructure availability plays a vital role. Implementing the MMP is Districts that are easily accessible

may be easier and quicker compared to choosing those that are inaccessible. Plains and valleys may be



easier compared to choosing hilly terrain. Likewise, Districts that have good Civil and IT Infrastructure will

be easier to implement the MMP since the State can leverage the existing infrastructure instead of

investing time & money in creation of infrastructure. Quiet often choosing the ‘low hanging fruits’ first (i.e.,

Districts that have ready infrastructure) will facilitate quicker adoption and easier replication.

3. Status of SWAN & SDC

Since e-PRI MMP envisages leveraging the SWAN infrastructure for connectivity of the PRIs, the status of

SWAN – one of the core MMPs, plays a major role in deciding which Districts are chosen over others. It

may be a natural choice to identify Districts that have SWAN infrastructure over ones where SWAN has

not reached. For e-PRI, SWAN infrastructure and SDC are critical. Presence of SSDG would be an added

advantage in the event where e-PRI MMP’s applications are geared up to leverage SSDG in their

technology architecture.

4. Guidance, Ownership and Support from Leadership: West Bengal, being a large state, proper

guidance and support from leadership is immensely important for the successful implementation of

ePRI project. Capacity building of the PRI members, both elected representatives and government

officials, at the district, block and gram level is one of the major components in the project. Thus, it

becomes imperative for both the elected members as well as the government employees to provide

their assistance in computerisation of the PRI offices and delivery of the citizen services through

electronic mode. Effective coordination among the elected representatives and the government

employees is essential for smooth functioning of the system.

5. Successful and Timely Implementation of State Data Centre: State data centre (SDC) has been

identified as one of the important element of the core infrastructure for supporting e-Governance

initiatives of NeGP. Under NeGP, it is proposed to create state data centres for the states to

consolidate services, applications and infrastructure to provide efficient electronic delivery of G2G, G2C

and G2B services. State data centre is envisaged to act as a mediator and convergence point between

open unsecured public domain and sensitive government environment. It would enable various state

departments to host their services / applications on a common infrastructure leading to ease of

integration and efficient management, ensuring that computing resources and the support connectivity

infrastructure (either through SWAN or ISPs) would adequately and optimally be used. A proposal for

setting up of SDC has already been submitted to GoI and it is expected to be operational by the end of

2010 or early part of 2011. Majorly, the SDC would function as a central repository of government data,

secured store-house of information, information and service portal for citizens and disaster recovery

centre for confidential information in the state. Thus, it can be concluded that the successful and in-time

establishment of the SDC would provide a strong platform for the implementation of ePRI MMP in West

Bengal.

6. Level of Expenditure While Implementation: In West Bengal, the district and block Panchayat offices

are already provided with hardware and basic software applications. However, connectivity is one of the

issues which need immediate attention of the central and the state government. Due to lack of internet



connectivity and skilled manpower, in most of the district and block Panchayat offices, the IT assets are

not utilized optimally. Thus, at the district and the block level, implementation of the project could be

done only by providing connectivity (either through SWAN or ISPs) and by providing technical

manpower. Thus computerisation of the DP and BP office would become cost effective to certain

extent. Thus it would be feasible to take up the computerisation of the DP and BP office at the first

phase of the project implementation.

7. Third Party Interventions: The most important factor influencing the implementation is the proposed

business model for the project. The most rationale business model for implementation of the project is

the involvement of the private agency along with the government machinery. The private agency could

play a pivotal role in daily functioning of the newly introduced computerised setup. The private entity

would be able to provide technical assistance to the PRI officials in their day to day functioning.

Moreover, the technical staffs at the ZP, BP and GP offices could be hired on contract from a private

agency for the first five years of project implementation. The private entity could also provide their

assistance in capacity building of the in-service PRI employees and could organise periodic training

programmes on usage of computers and other software applications. This would, in turn, minimise the

total project cost.

8. Awareness among Citizens about the New System: One of the major target groups of ePRI project

is the citizens. ePRI project aims to re-engineer the delivery mechanism of the citizen services provided

by the PRIs. Post implementation key services identified during the study phase such as birth, death

and marriage registration and issuance of certificates, provision of work under NREGA, provision of

financial assistance for construction of houses or toilets, etc are envisaged to be delivered through

electronic mode. This would enhance the transparency and accountability of the government

machineries towards the citizens. However, dissemination of awareness among citizens would play an

important role in successful implementation of the project. Thus, at the preparatory phase of the project

implementation, awareness level of the citizens is required to be addressed by the state PR

department.

9.2 Project Phasing (Time Schedule) Implementation of e-PRI for West Bengal has been envisaged through coordinated efforts between Centre and

States for the roll out of e-PRI. This approach advocates laying down the common guidelines and project artifacts

(e.g. RFP), along with a robust monitoring and implementation structure at the Center and anchoring the project

implementation at the State. The project will be executed in a Service Procurement Model (SPM), where a Service

Agency (ies) (SA) will be selected through a competitive bidding process by the States. The implementation plan is

divided into the Preparatory Phase, RFP phase, Deployment phase, Operations & Maintenance and Ongoing

Project Management. The deployment is based on assumption that on an average 45-50 PRI sites go up in a day

to complete the deployment phases in 3 months duration. The State may decide to engage multiple SA, region-

wise or district-wise depending on local suitability and the size of implementation as per the number of PRIs in the

state to follow the implementation plan proposed. The phases and activities to be undertaken during

implementation have been presented in the project plan below.



9.3 Project Plan with Timeline Implementation of e-PRI for West Bengal has been envisaged through coordinated efforts between Centre and States for the roll out of e-PRI. This approach

advocates laying down the common guidelines and project artifacts (e.g. RFP), along with a robust monitoring and implementation structure at the Center and

anchoring the project implementation at the State. The project will be executed in a Service Procurement Model (SPM), where a Service Agency (ies) (SA)

will be selected through a competitive bidding process by the States. The States may decide to engage multiple SA, region-wise or district-wise depending on

local suitability. The phases and activities to be undertaken during implementation have been presented in the project plan below.

Sn Tasks

1 2 3 4 5 6 7 8 9 10

11

12

13

14 to

48

A Preparatory Phase

1. Formation of CPMC by MoPR in consultation with CLMs and NIC

2. Visioning workshop for CPMC by MoPR

3. Directing the state governments to form SPMC comprising of SLD and NIC

representatives

4. State-level visioning workshops in states (also involving CEO ZPs)

5. Formation of CPMU to assist the CPMC

6. Selection from empanelled agencies for formation of SPMU

7. Formation of SPMUs to assist the SPMC

8. Directing the 341 Districts to form DPMC (headed by CEO, ZP) comprising of

SLD and NIC representatives

9. District-level visioning workshops in 341 districts



Sn Tasks

1 2 3 4 5 6 7 8 9 10

11

12

13

14 to

48

B RFP Phase

1. Preparation, Approval & Release of Model RFP including SLA at central level

2. State-wise prioritization of services to be rolled out and issue of necessary GOs

3. Data gathering by SPMUs for finalization of BOM based on inputs by DP/BP/GP

4. Customization of Model RFP at states and approval by SPMC

5. Release of RFP, Pre-bid, corrigendum & proposal submission by Service

Agency

6. Techno-commercial evaluation, selection of service agency, negotiations &

contract signing

7. District-level kick-off meetings in 341 districts with vendor

8. Finalization of implementation plan with vendor

C Deployment phase

I. ICT Hardware

1. Site survey for the user level hardware and Network installation

2. Preliminary inspection of hardware and network components

3. Network and hardware Installation and commissioning at data centre

4. Network & hardware Installation & commissioning at P&RD

5. Network & hardware Installation & commissioning at ZP

6. Network & hardware Installation & commissioning at BP



Sn Tasks

1 2 3 4 5 6 7 8 9 10

11

12

13

14 to

48

7. Network & hardware Installation & commissioning at GP

8. Acceptance tests for the network and hardware by Panchayat Secretary, EO-

BP, CEO-ZP

9. Onsite inspection

II. Data Entry

1. Mapping of Data, data entry and validation

III. ePRI application development

1. Preparation of SRS, Design documents and test plans

2. Software development / customization / integration

3. Installation and Configuration of software

4. User Acceptance Testing for state-specific applications

IV. Manpower and Training

1. Deployment of manpower at locations

2. Preparation of state-specific training plan and approval

3. Imparting training as per training plan

4. Training Completion report, feedback and sign offs

D Operations and Maintenance

1. Provide ongoing support



Sn Tasks

1 2 3 4 5 6 7 8 9 10

11

12

13

14 to

48

E Ongoing project management

1. Sustenance Effort

2. Project Evaluation

Table 19 Project Plan with timelines

Key activities covered in the implementation plan has been described below with the list of deliverables that shall be provided by the Implementation at the

time of Implementation

No. Area Scope of work

a. Setting up of Program Management Committees & PMU ( Central &State)

Refer section 10 for detail roles &

responsibilities of Program

management Unit

The preparatory phase beings with the setting up of program management committees at all three levels

Central, State, District. These committees shall perform their roles for implementation of e-PRI. Detailed Roles

and Responsibility of each committee is provided in section 10.

Milestone

Formation of Central Program Review Board, State Program Management Committee and District Program

Management Committees

b. Preparation, Approval & Release of RFP for Implementation Partner

Model RFP (Request for Proposal) for the selection of implementation agency shall be prepared at the central

level and would be provided to the State Program Management Committees for customization and release or

whichever agency would be authorized for such task.

RFP shall include all major tasks to be performed by the implementation agency like training, data digitization,




supply and installation of Hardware and network equipment, customization and development of application,

manage IT services and providing IT trained manpower.

Milestone

• Request for Proposal

c. Evaluation and Selection of Implementation Partner

Various agencies shall bid for the RFP released by SPMC. These bidders shall provide response to the RFP

which shall be evaluated by the evaluation committee/SMPC. Finally the successful bidder shall be awarded

the contract based on evaluation criteria of RFP.

Milestone

• Selection of Implementation Agency

• Awarding contract and Contract Signing

d. Onsite assessment by Implementation Agency

The Implementation Agency (IA) must clearly understand e-PRI’s envisaged scenario requirements and

proposed solution. IA must study the ICT infrastructure needs for e-PRI project and gather the detailed

requirement, understand the setup and perform the gap analysis (if required) with the proposed solution as

given in RFP.

Deliverables:

• Inception report

• Sign off

e. Preparation of FRS( Functional Requirement Study) and SRS(System Requirement Study)

The selected Implementation Agency (IA) shall prepare the Functional Requirement of the application; these

functional requirements shall be vetted by the SPMC. On approval of the FRS the vendor shall proceed to

prepare the System Requirement Specifications.

Milestone:

• Functional Requirement Specification

• System Requirement Specification




• Sign off

f. Solution Design and Solution Architecture

The vendor shall perform the following tasks:

1. Design of State Specific Application considering integration with Core Common Applications at Central /

National level

2. Design of Workflow with well defined business rule for the application

3. Design of LAN and Internet connectivity as per requirement with proper documentation.

4. Design of Application Architecture

5. Design of Network & Security Architecture

6. Data Digitisation and migration methodology.

7. Design of Overall IT Infrastructure

8. Design of Logical and Deployment Architecture

9. Design of Integrations methodology

10. Design of Quality Assurance Plan & Methodology

11. Design reports as required by SPMU

Deliverables:

• Final Bill of Material (BOM) for Solution Implementation

• System Design, solution design and Architecture Document

• All Policy, Plan & Methodology Documents

• Sign off

g. Application Development

The selected Implementation Agency shall develop e-PRI system based on the specifications finalized through

the System Requirement Specifications and Solution design.

Deliverables:

• Delivery of e-PRI Software by the Implementation vendor, Licenses, Operational/Technical manuals,

library files, setup programs etc.




• Sign off

h. Deployment of Hardware and Network Equipment

Implementation Agency shall be required to undertake all the necessary installation of DC. Installation shall

mean, to install and configure / integrate every component and subsystem component, required for functioning

of the e-PRI system

Procurement of infrastructure/facilities as proposed by the implementation vendor in the Bill of Material (BOM)

as per the requirements of new system. IA will be required to provide the proposed IT trained Manpower at

each PRI as proposed in the solution.

Deliverables:

• IT infrastructure required for new proposed solution/system.

• Infrastructure Delivery Certificates.

• IT trained manpower at PRIs

• Sign off

i. Data Digitization & Migration Manpower supplied at PRIs by the Implementation Agency with assistance of PRI’s, would collect data in paper

or electronic form and would digitize it in the required manner for storage and retrieval by the system. The

implementation agency shall be responsible for master data creation. Collection and entry of various historical

data for creating Knowledge Data base for trend analysis, Decision support system and faster retrieval with

document searching facilities.

Deliverables:

• Meta Data & Master Data creation

• Data digitization and migration completion

• sign Off

j. Comprehensive Training and Change Management

Implementation Agency shall impart training to relevant stakeholders and shall undertake Change Management

interventions as identified during the previous stages and improvements thereupon.

Implementation Agency shall be required to train the officials as per the indicative training plan by SPMU to




enable them to effectively operate the system.

Also the Implementation vendor would deploy a single resource for data entry related tasks at all the three

levels of PRI.

Deliverables:

• Training Plan & training strategy

• Undertake Change Management and training interventions as per training plan approved by SPMU

• Training outcomes monitoring

• Documentation such as Training material, User Manuals, Maintenance Manuals, etc on 1:1 basis.

• Sign off

k. Over all Testing and UAT The Implementation Agency shall design Test plan and Cases for the solution testing which will need to be

approved by the SPMU.

The Implementation vendor shall perform the testing of the solution based on the approved test plan, document

the results and shall fix the bugs found during the testing to the satisfaction of the SPMU. The implementation

vendor shall arrange the equipment for testing. The test environment should match the roll-out environment as

closely as possible. SPMU will sign-off on the testing environment. Following shall be the Scope of testing

1. All levels of testing will be conducted at the installation site.

2. Testing must demonstrate that the new systems satisfy the operational and technical performance

criteria.

3. It shall be Agency’s responsibility during the tests to evaluate and recommend any further changes to

the infrastructure & application

4. The Implementation Agency must outline the methodology that will be used for testing.

5. The Implementation Agency must define the various levels or types of testing that will be performed.

6. The Implementation Agency must provide necessary checklist/documentation that will be required for

testing.

7. The Implementation Agency must describe how the testing methodologies will conform to




requirements.

8. The UAT shall be conducted with the real data.

Deliverables:

• Testing approach, Plan and Test Cases.

• Documentation on the results of the software testing

• Error free e-PRI system

• Testing of IT infrastructure solution.

• Signoff

l. Solution Implementation (Go Live) and Operations & Maintenance

Implementation Agency (IA) shall be responsible for implementation of the e-PRI system and overall system

integration. IA shall also provide operations & maintenance support for a period of three years adhering to the

Service Level Agreement (SLA) finalized between State Level Body and the IA.

Deliverables:

• Completion of Solution Implementation

• All the relevant documents related to Implementation.

• Demonstration of few sample transaction of various departments on Live environment

• Sign off

Table 20- Detailed Implementation Plan



10 Project Management Structure

The current section presents the project management structure that shall be constituted for the e-PRI project.

The structure has been proposed to be created for enhancing the current capacities in regards to ICT

implementation at the centre, states and district level.

10.1 Governance Structure - Structure Showing Three Tiers The design and implementation of ePRI MMP is a complex exercise under the federal structure which

involves formulation of detailed scope and project plan with necessary commonalties at the National level

while allowing adequate scope for interplay of local variations, rules, procedures and implementation at the

State level.

Some of the key issues that need to be addressed are:

Clear Roles and Responsibilities

Implementation Structure

Reach till the grass root level

Participation till Grass root level

PRIs function at the village, intermediate (block) and district level. There are approximately 2,34,030 Gram

Panchayats at the village level, 6053 Block Panchayats at the block level and 535 Zilla Panchayats at the

district level. There are more than 31 lakhs elected representatives at all three tiers.

Given the enormity and complexity of the project, the implementation of the same requires a robust and still

flexible project governance and management structure. The objective of project management is ensuring the

implementation of the project as per the defined requirements, timelines, deliverables and budget. The

project monitoring teams will be responsible for managing the overall project execution by the selected

implementing agency (ies) and ensuring that key objectives of the project are met and issues are highlighted

in a timely manner.

It is proposed to have well defined governance structure at Centre i.e. the Program review board with

representatives from MoPR and each State. Further, it is proposed that Project Monitoring Unit (PMU) to be

designed and set up at two critical levels of project implementation namely at the centre – MoPR – and at

the state – State PR.

It is imperative to have participation from all the key stakeholders viz MoPR, NIC, DIT and key Central Line

Ministries at the Central level. Entire project implementation will be led by the centre and states have to be

key participants in this Endeavour. Unlike other MMPs, ePRI MMP program governance structure will have

participation till the grass root level i.e. the Gram Panchayats, which can be made possible by involving the

Districts in the implementation process. Hence a three tier structure is proposed for program governance of

ePRI MMP implementation:



Central Level Body – Headed by Program Review Board (PRB)

State Level Body – Headed by State Programme Management Committee

District Level Body – District Programme Management Committee

Sections below detail out the structure, roles and responsibilities of each of the above mentioned level of

program management structure proposed.

10.1.1 Project Management & Governance Structure at Centre

The project governance structure provides a framework for the operations to support the MoPR and State

PR for various activities and options relevant to successful implementation of the ePRI MMP, right from

project conceptualization stage to complete roll out phase.

The Governance Structure for project at Centre would be a three layered structure as illustrated in the

figure below. The first layer would consist of a Program Review Board. The second layer would consist of

key committees to act as advisory committees to the PRB on various aspects such as Technical,

Functional, eGov Standards and Change management and the third one consisting of Central Programme

Management Unit (CPMU).

Figure 13: Central Level Body for ePRI MMP implementation Program Management

a) Programme Review Board (PRB) - It is proposed to setup Programme Review Board to advise the

government and monitor the progress of the overall programme. The board will have



representatives from all states and NIC under the coverage of e-PRI MMP. This will be chaired by

Secretary, MoPR, GOI and convened by the Mission director / JS, e-PRI.

b) Sub-Committees - As part of the PRB, it is proposed to setup the following sub-committees to

manage the respective areas. These committees will have representation from a few states:

1. Technical and Standards Specification Committee – This will also include members of

technical institutions. Its responsibilities will include:

i) Scan emerging technology scenarios

ii) Provide & finalize technical specifications, keeping in mind the cost and

sustainability issues, so that the same could be adopted in proposed software

iii) It will also include domain experts and members of academia (NIRB, IIPA etc.)

engaged in study and research on matters relating Panchayati Raj and local

governance. Its responsibilities will include:

iv) Ensure adoption of the prevailing suitable standards

v) Develop domain specific standards if any

2. Domain Advisory Committee - Its responsibilities will include provide domain expertise in

the following areas:

i) PlanPlus

ii) ActionSoft

iii) National Panchayat Directory (NPD)

iv) PRIAsoft

v) ServicePlus

vi) Profiler

vii) Taxation

viii) National Panchayat Portal (NPP)

c) Central Programme Management Unit (CPMU) - It is proposed to setup Central Programme

Management Unit, headed by Mission Director i.e. JS, MoPR, to manage the future action plan on

the e-PRI MMP including software development, deployment, operationalization and change

management. The constituents of PMU will include:

i. Officials from NIC and MoPR

ii. Contract / Consulting staff

iii. Support staff

Structure of CPMU for Implementation of ePRI MMP: The team of Central Programme Management

would comprise of 13 personnel, primarily to focus on co-coordinating the whole project at the India

level with all the States. The Central Programme Management Unit (CPMU) would timely avail the

inputs provided by the State project management units (SPMU) and the State representatives.



• Project Leader - 1, NIC

• Project Manager – 1 PC

• Technology Consultant - 1 (SC)

• Capacity Building Consultant - 1 (SC)

• Bid Process Expert – 1 (PC)

• State Project Coordinators – 9 (8 SCs – 1 each for minimum 4-5 implementation sites)

Figure 14: CPMU structure

The CPMU’s primary responsibilities will include: The broad responsibilities include timely completion of the project, Quality of deliverables, SLA Monitoring

mechanism, Risk Assessment Framework, Monitoring and Evaluation mechanism and the Methodology and

framework for reporting. The detailed responsibilities of the Central PMU would include, but not be limited to,

the following:

Execute the guidelines finalized by the PRB

Execute the decisions finalized/approved by MoPR

Analyze proposals on ePRI received from states.

Manage coordination between the sub-committees and the PRB

Provide support to the sub-committees and the PRB.

Oversee day-to-day functioning and

Manage overall coordination and liaisoning with states

Preparation of Project Plan with detailed activities and timelines in consultation with Service

Agency (ies)



Validation of Design formats prepared by Service Agency (ies) for data exchange between

centre and state, to meet the MIS requirements of MoPR

Monitoring of Project Implementation in terms of managing the Project timelines, Quality of

deliverables by close coordination with both Central implementation agencies (NIC) and State

Service Agencies.

Ensuring Strategic control of the project with Centre

Working on the regular inputs provided by the State PMUs

Designing Model RFP for the States to customize according to the state specific requirements

Appraisal of DPRs, RFPs received from the states based on the detailed guidelines, SLA s

issued by the MoPR from time to time

Guiding and assisting the Bid Process Management for the MoPR and State PR departments

for selection of Service Agency (ies).

Ensuring the incorporation of open standards for interoperability, seamless data transfer

between State and Centre in the recommended solutions as per the E-Governance standards.

Coordination and Liasoning by State Project Coordinator with various State PMUs.

Resolve the issues raised by the SPMU on the implementation issues like SLA, technology,

standards and domain issues etc.

Setting Guidelines for SPMU to Review / monitor the progress implementations by the State

agency

Assist to approve release of funds to the states for the project and their utilization.

Guiding and assisting the SPMU on maintaining quality and on time delivery / closure of

milestones of the Project by State Service Agencies.

Design parameters, metrics and methodology for collecting actual hardware and other

supporting infrastructure requirement at the 3 tiers of PRIs for the states.

Designing the MIS reporting & monitoring frameworks for the project

Issue identification, tracking, escalation and resolution management between Centre, SPMU

and state Service agencies in all aspects including customization of core application , data

exchange and interoperability between Centre and States

Coordination with different stakeholders and agencies and ensuring common understanding of

issues between stakeholders

Tracking timelines vis-à-vis the project plan and taking necessary action in case of slippages in

coordination with SPMUs

Validate the various training plans developed by Service Agency(ies) in coordination with

SPMUs

Monitor implementation of training plan in coordination with SPMUs

Vetting of reports and deliverables of the State IA through respective SPMUs

Supporting the MoPR in selection of an agency for conducting 3rd party Audits of the ePRI

MMP, as required under the RFP.

Maintenance of central repositories / tools for best practices, knowledge sharing

Validate the Exit plan for the various Service agency (ies)

Develop detailed Exit plan for the CPMU at the end of contract period



Capacity Building and Knowledge transfer to the MoPR as per the Exit plan

10.1.2 Programme Management and Governance Structure at State The State Governance structure would have three layers as shown in figure below. An Apex State Programme

Management Committee (SPMC) for guidance and direction headed by the Chief Secretary PR of the state,

second level i.e. the State Project e-Mission team headed by Principal Secretary PR, and the third layer

consisting of State Programme Management Unit (SPMU).

Figure 15: Programme Governance Structure at State Level Constitution of the Governance entities at State Level State Programme Management Committee:

Chief Secretary

Principal Secretary (In charge of the PR Department)

Representative of Finance Department

HODs of identified SLDs Department

State IT Secretary

NIC Representative

Internal domain specialist (full-time)



Representative of State DIT

Representative from NIC – (SIO / SIO coordinator)

Representatives from 3-4 District Programme Management Committees on Rotation basis

Technical & Change Management Experts - Internal / Hired from industry and reputed

institutions

Any other person deemed fit by the Secretary

Role of State Programme Management Committee at the State level:

Overall guidance

Decisions on Policy matters

Approval of all deliverables by various agencies/groups

Financial Powers as per delegation

Selection of Service agency / ies at the State

Monitoring and quality audit of activities performed by service agency at the State

Review of FRS at State level

Monitor implementation of BPR and Change management

Exercise Strategic Control

Ensure certification from Certifying agency on application developed before full State level roll-

out

Ongoing support and guidance to

SPMU Structure of State PMU for Implementation of ePRI MMP

Project Manager- 1 (PC)

Technology Consultant- 1 (SC)

Capacity Building Consultant- 1 (SC)

Bid Process Expert - 1 (PC – Part time)

Zonal Coordinators (1 SC and 1 JC, each, for a zone of 5 districts)



Figure 16: SPMU structure Role of State PMU

The broad responsibilities include timely completion of the project, Quality of deliverables, SLA

Monitoring mechanism, Risk Assessment Framework, Monitoring and Evaluation mechanism and

the Methodology and Framework for reporting. The detailed responsibilities of the State PMU would

include, but not be limited to, the following:

Design parameters, metrics and methodology for determining the actual requirements before

project commencement

Designing the MIS reporting & monitoring frameworks for the project

Assist the SPMC in selection of service agency / ies at the State

o Customizing the Model RFP

o Bid Process Management for the State PR for selection of State Service Agency

Pre-bid conference

Techno commercial evaluation

o Negotiation and contract finalization

Preparation of Project Plan with detailed activities and timelines in consultation with State

Service agency (SIA).

Review of FRS



Assist the SPMC in identifying areas of customization needed in the core applications. Monitor

the customization of core applications by SIA.

Validate the IT security/Business Continuity Plan developed by IA and monitor its

implementation

Monitoring of Project Implementation in terms of managing the Project timelines, Quality of

deliverables by close coordination with State Implementation Agencies

Tracking timelines vis-à-vis the project plan and taking necessary action in case of slippages

Assist the SPMC in prioritizing the legal changes required for implementing the reengineered

processes.

Validate Training Plan developed by Service Agency

Monitor implementation of process changes. Assist SPMC in issue of GOs for institutionalizing

the changes

Monitor the imparting of training till GP level by SIA.

Vetting of all progress reports and deliverables of the SIA

Providing the required inputs to the Central PMU on regular basis

Serve as secretariat for SPMC for the Project

Ensure certification from Certifying agency on application developed before full State level roll-

out

Impact assessment after project go live with respect to evaluation parameters gathered during

the baseline survey

Defining detailed Exit plan for the PMU at the end of contract period

o Ensuring knowledge transfer to the SPMC as per the Exit plan

The Zonal Coordinators will have overall responsibility for the implementation of the project in

districts and is accountable to SPMC and Project Manager, SPMU. The responsibilities of the Zonal

Coordinators will be:

Implementation of direction received from SPMC and Project Manager, SPMU

Project implementation in the respective district

Providing directions and guidance to Block Support Group and PRIs

Liasoning and Coordinating with the relevant officers at district level

Enabling full knowledge and systematic application guidance to the implementation agency

team in the initial stages and the testing and approval of the deliverables at the intermediate

stage and finally the monitoring and analysis of reports for their respective districts as well as

centrally for the entire state, to assist the SPMU and SPMC.

Orienting the stakeholders on the structure and methodologies of project implementation and

usage by conducting periodic workshops to discuss progress on the project and to identify and

solve emerging problems

Enabling effective transfer of knowledge and lessons learnt to the people involved in the project

Address concerns / enquiries / complaints referred to the SPMU by stakeholders for their

respective districts under the Zone



Implementing procedures developed by SPMU to regularly monitor the performance of the

project, and preparing regular monitoring reports based upon information submitted by the Block

Support Group and the various service agencies

Guiding Block Support Group to prepare progress reports on a regular basis and collating the

same at SPMU level for their respective districts

Coordination with the other Zonal Coordinators to ensure effective knowledge transfer/

adherence to common guidelines and adoption of best practices across all the districts

Enabling regular monitoring through visits by block support groups to various PRIs under the

blocks and escalating concerns if any.

Enabling effective adherence of SLAs by Service Agencies by setting common standards /

reports to and guiding block support groups to monitor the same for their respective PRIs under

the block.

Monitoring Training Plan and adherence to the same by coordinating and liasoning with the

various stakeholders and service agency

Enabling adherence to the Exit plan by the service agency with help from block support group at

the end of the Contract.

10.1.3 Programme Management and Governance Structure at District

A District Programme Management Committee (DPMC) will be constituted at each District level headed by

the Chairman ZP of the district, for guidance and direction to the Block Development Officers of the

respective blocks who will work in close coordination with the Block support group for monitoring the

implementation of the project in the Gram Panchayats under the respective blocks.

DPMC will have responsibility of district wide successful implementation of the project. The structure of

DPMC is shown below with the help of following organization chart.



Figure 17: Programme Governance Structure at District Level

DPMC will have responsibility of district wide successful implementation of the project. The structure of

DPMC is shown below with the help of following organization chart.

Figure 18: DPMC Structure

DPMC will be headed by Chief Executive Officer, ZP. DPMC should have District Officials of line

departments who are implementing their schemes through PRIs; DIO, NIC for technical support; 3-4 BDOs

on rotation basis; representative from 3-4 GPs on rotation and if required, locally recognized activist working

for improvement of PRIs system in the district.

The DPMC has the responsibility for overall implementation of policy directives of SPMC, guidance and

coordination for all project activities related to ePRI.



The DPMC will play a key role in implementation of project and the systemic reform that the project will

initiate. The DPMC will monitor the district wide ePRI project implementation at district level by coordinating

with the BDOs and the Block Support Group.

DPMC will have following role and responsibilities.

(i) Implementing the direction received from SPMC

(ii) Guiding the work of the BDO and Block Support Group

(iii) Reviewing implementation progress periodically

(iv) Considering recommendations put forward by BDOs

The DPMC is proposed to meet at least monthly although ad-hoc meetings may be convened by the

Chairperson based on needs.

Block Support Group at all the blocks will have the responsibility of providing the necessary support to the

BDO, DIO and assisting the Zonal Coordinators of various districts at the SPMU level.

The responsibilities of the Block support group will be:

Implementation of direction received from Zonal coordinators at SPMU

Project implementation in the respective PRIs under the block

Liasoning and Coordinating with the relevant officers at block level

Assisting the Zonal Coordinators to collect the actual requirement of hardware for the PRIs at Block

and below level.

Liasoning and Coordinating with Service Agency contact person at Block level and below.

Regular Monitoring and reporting on the actual status of implementation, hardware deployment,

training etc.

Enabling adherence to timelines and project plan by effective coordination

Surprise visits to various PRIs under the block to check the actual implementation status and

validate the status reported by the Service agency.

10.2 Monitoring and Evaluation Structure The Monitoring and evaluation mechanism is indispensable for successful implementation of such a large scale

project. A standard approach is required to minimize the risk and deviation of the project from timeline and

scope. Three tier structures have been proposed for monitoring the project as explained under above section.

The various reports along with frequency and content are shown below.

Details of State Level Review Meeting SR

DETAILS MONITORING ASPECTS

PARTICIPANTS

1 Monthly Progress Review

Meeting • Deviation from Project Plan SPMC, SPMU and

respective DPMC



SR

DETAILS MONITORING ASPECTS

PARTICIPANTS

• Key issues in implementation

of Project plan

• District specific challenges

• Strategic decision required

by SMPC

representatives

2 Quarterly Progress Review

Meeting • Strategic decision from

SPMC

• Review of Monthly progress

meeting of SPMU

• Financial and physical

progress of the project

• Support and guidance

required from CPMU

SPMC and SPMU

3 Half Yearly Progress Review

Meeting • Key challenges for

implementation of the project

• Revision of project plan if

required

• Changes in SPMU structure/

staff

SPMC and SPMU

Table 21- Details of State Level Review Meeting SPMC and SPMU should also conduct the field visit to assess the project progress and gaps in implementation.

State level filed monitoring components are shown below.

State Level Field Monitoring Component

SR NO

DETAILS COVERAGE

ASPECTS TO BE COVERED

ACTIVITIES

A State Committee

Surprise Inspections A PRI • Resources provided

to PRIs

• Functioning of PRIs

• PRI elected member

satisfaction

• Citizen satisfaction

• Compliance

report from ePRI

portal

• Grievance from

ePRI portal

• PRI home page



SR NO

DETAILS COVERAGE

ASPECTS TO BE COVERED

ACTIVITIES

at PRI portal

• Interviews and

interactions

• Inspection of

documents

B SPMU

1 Monthly Field

Monitoring Plan

5 district

10 BP

10 VP

• Installation/

functioning of ICT

hardware

• Installation/

functioning of

networking/

connectivity

• Installation/

functioning of ePRI

application

• Functioning of

DPMC and Block

Support Group

• Implementation of

Training Plan

• Key issues hindering

implementation

• Best Practices

• On spot

verification of all

the aspects and

filling up these

details in portal

in detailed

format

developed by

CPMU

Table 22- State Level Field Monitoring Component

The various reports from SPMU to CPMU will be required for enabling regular monitoring by CPMU of the

project. The trigger will be generated to CPMU if SPMU has not submitted the report on time. The CPMU is

responsible for reminding the SPMU for submission of report on time and presenting the multiple default case to

CPMC.

SR

NAME OF THE REPORT INFORMATION CONTENT

1 Monthly Physical

Progress Report • Schemes and service implemented from PRIs

• Installation/ functioning of ICT hardware

• Installation/ functioning of networking/ connectivity



SR


• Installation/ functioning of ePRI application

• Functioning of DPMC and Block Support Group

• Implementation of Training Plan

• Financial and resource requirement for the respective state

2 Monthly Financial

Progress Report • Ratio of Utilization reports from ePRI system and manual

submission

• Total number of Statement of Expenditure (SoE) from ePRI

system

• Fund utilization status of schemes and ePRI project

3 Half Yearly Progress

Report – Financial &

Physical

• Regularity of physical and financial reports from

district/blocks

• Quality of data available in reports

• Deficiency in reporting

4 Quarterly Hardware

Installation report • Issues in functioning of ICT hardware

• Issues in functioning of networking/ connectivity

• Issues in ePRI application

5 Quarterly Training

Status report • Number of people trained in a quarter

• Type of the training and batch size

• Utilization of fund and future requirement

• Estimated number of people to be trained

• Specific training requirements from SPMU

6 Quarterly Networking

report • Connectivity mapping with required and existing

• Approximate uptime of the network

• Issues in functioning of networking/ connectivity

7 Monthly application

development report • Average uptime of the ePRI application

• Extent of usage of ePRI application

• Bugs/ improvement areas in ePR application

• Additional requirement in ePRI application

8 Monthly Service

agency performance • Compliance of SLAs related to ICT hardware, networking,



SR


report Manpower, ePRI application and Training.

Table 23- List of Report

All the reports will be posted using web forms available under MIS and KPIs module of the ePRI application.

The Block reports will be sent through BDOs and DPMCs after their review and then collated at Zonal

Coordinator level at SPMU level. Zonal Coordinator will be responsible for collation of block reports sending it to

Project Manager, SPMU. However, if there is administrative dependency and the delay is because of non

responsiveness of the person out of the control of Zonal Coordinator or Block Support group; the Zonal

Coordinator, Block support group and the BDO should be highlight such case to DPMC and same should be

reflected in the MIS reports.

The same set of the collated report will also be required from SPMU to CPMU with status of their respective

States.

10.3 Bills of Material

The bill of material presented below refers to the program structure created for effective monitoring and

executing control over the implementation. The structure shall be active at State and District level with the

below mentioned positions

• Project Manager- 1 (PC)

• Technology Consultant- 1 (SC)

• Capacity Building Consultant- 1 (SC)

• Bid Process Expert - 1 (PC – Part time)

• Zonal Coordinators (4 SC and 4 JC )

• Support Staff - 2

As mentioned above, District Programme Management Committee (DPMC) will be constituted at each District

level headed by the Chairman ZP of the district, for guidance and direction to the the Block Development

Officers of the respective blocks. BDOs will work in close coordination with the Block support group for

monitoring the implementation of the project in the Gram Panchayats under the respective blocks. In case of

West Bengal 341 BSG have been factored for monitoring the implementation of the project



10.4 Risk Mitigation Strategy Based on the interaction of the study team at State and Districts, the risks identified have been presented in the

current section. Also the study team has analyzed and presented a risk mitigation strategy that shall be

undertaken at the time of implementation of e-PRI project.

Sr Risk Area

Risk Impact Probability

Risk Score

Risk Area

Score

Risk Mitigation factors

1 External Environmental & Social

threats like floods,

strikes, Terror groups

may also lead to a risk of

service unavailability.

3 2 6 8.25 Disaster recovery

strategies can be

developed based on the

criticality of the service

delivery.

Conflicts with existing

State & NeGP initiatives

(such as e-District, CSC,

State initiatives) could

arise if the expectations

and objectives of e-PRI

are not propagated

appropriately to all

interested parties, such

as CSC operators, State

NIC units, State Dept. of

IT, State P&RD Depts.,

etc.

3 3 9 A very robust

Communication Strategy

has to be articulated and

implemented even before

piloting / rolling out e-PRI

so that all such fears are

allayed / addressed in

advance. This would

pave way for smooth

implementation

Lack of funds to

implement and to sustain

the project.

3 3 9 1. Suitable business

model is proposed.

2. PR Department may

take prior approval for

getting operating cost

included as part of their

budget.



Sr Risk Area


Risk Score

Risk Area

Score


Lack of Political will &

Administrative Lethargy:

Political leadership

support &

Administration's

motivation are very

critical to make this

project a success.

3 3 9 Project driven, monitored

and tracked by key

government official /

authority would lead to a

focused approach to

achieve the desired

outcomes.

Co-opting elected

representatives into the

initiative and offering a

perspective of the citizen-

centricity / goodwill

generated by e-PRI

would act as prime

motivators for fostering

political will. Getting

National Consensus on

the MMP from all political

parties could also help.

Civil society needs to be

made aware of the

advantages from the e-

PRI MMP so that they

can exert pressure for a

healthy adoption of the

MMP. This can address

issues such as political

pressures, administrative

lethargy, etc

2 People Capacity related Risks -

Lack of skilled manpower

could be a significant risk

to the successful

implementation of the

project.

4 4 16 12.50 Appropriate trainings can

be imparted to all the

concerned PRI officials.



Sr Risk Area


Risk Score

Risk Area

Score


Resistance from

employees - Existing

staff may resist the use

of new technology

because of fear of extra

work load, more

transparent and

accountable systems.

This threat will lead to a

risk of delayed service

delivery.

3 3 9 1. Building awareness

among the employees to

change the perception

about the technology

usage.

2. Proper change

management can be

adopted for smooth

transaction.

3. Offering a perspective

on 'what is in it for me' is

also vital to get an

appreciation / buy-in from

employees for need for

change

3 Process

& Legal

Owing to legal provisions

such as use of Digital

Signature, electronic

forms etc for G2C

Services

3 3 9 Promulgating a National

level policy to adopt the

legal changes

recommended in the

State BPR reports so that

G2C services are

smoother to implement

and both Citizens and

Govt. functionaries are

not hassled with

bureaucratic hurdles.

4 Project Lack of vision and

strategy for adoption of

e-PRI MMP at the State

level could lead to

inadequate emphasis

and poor adoption

3 3 9 10.50 Build the e-Governance

strategy within a wider

Good governance

strategy and a Citizen

Centric strategy so that

chances of political buy-

in and administrative

facilitation are higher

Improper rollout/change

management: Ineffective

transition from existing

process and techniques

4 3 12 A Phased roll out based

on the pilot

implementation can be

planned. The mantra of



Sr Risk Area


Risk Score

Risk Area

Score


to new application may

lead to employee and

citizen dissatisfaction

'Think Big, Act Small,

Scale Fast' must be

adopted

Failure in managing

costs, quality, scope &

schedule could lead to

failure of the e-PRI

Programme at the State

Level

4 3 12 The implementation

agency should implement

a robust program

management framework.

This should be closely

monitored by a State

Level Agency that would

play the role of Program

Sponsor (such as State

e-Gov Agency)

Project implementation

may get delayed due to

non performance of

implementing agency/

non adherence to the

planned schedule.

3 3 9 Termination/Penalty

clauses should be part of

contract between MoPR /

State PR Dept and

implementing agency.

5 Technolo

gy

Connectivity and

Infrastructure related

risks: Inadequate

connectivity and

electricity availability will

lead to service

interruption.

4 4 16 9.75 1. Alternate electricity

resources - solar energy

equipment, generator

backups may be used.

2. The connectivity to the

GPs is envisaged to be

given through SWAN.

However, other options

can also be explored

(VSAT, BSNL

Broadband, etc).

Data loss or corruption of

data during migration to

the e-PRI systems or

while e-PRI application is

in operation

2 3 6 Adequate backup policy,

failover systems and

subscription to multiple

networks.

Integration issues - Lack

of integration with

existing ICT initiatives at

4 2 8 Solution design should

accommodate existing

ICT infrastructure and



Sr Risk Area


Risk Score

Risk Area

Score


the State & Central level

owing to poor solution

design and / or technical

incompatibilities

factor in ongoing

dependent initiatives

Maintenance - Immediate

support may not be

available at GP level,

Hilly terrain or other

remote areas. This may

result in to the service

disruption

3 3 9 1. Appropriate backup

system to be kept in

place to mitigate such

type of risks.

2. Appropriate support

clause may be

incorporated in the

contract while purchasing

the H/W or S/W

components.

Table 24 - Risk Mitigation

The above details can be better understood with the graphical representation presented below.

Figure 19 - Risk Area Mapping

The risks identified have been rated for Impact (I) and Probability (P) on a scale of 1 to 5 (5 = Very High to 1 –

Very Low).

The above dashboard facilitates in prioritizing the efforts of State and Central Governments to successfully

achieve the objectives of e-PRI. As such the dashboard clearly brings out the below priority based on the risk

rating to have for each area.



11 Financial Solution

This section would detail out the financial requirement for the e-PRI project. It would provide all details of the cost

head which is expected to occur for the project. Further to this a detailed analysis of all the cost head.

11.1 Project costing The e-PRI project implementation in the state of West Bengal is estimated to cost about Rs 113.75 crores including

the cost of provisioning the ICT infrastructure, Training, Manpower, Project management units, Block support group

and Information Education &communication cost. The major assumptions on for financial estimation are listed in

Annexure 14.2

Over all Head Wise Break up Implementing e-PRI project in West Bengal would incur a total cost of Rs. 113.75 cr. This includes costs related to

ICT (Rs. 34.30 cr), deputing IT trained manpower at each level of PRI (Rs. 45.57 cr), training of officials and PRI

members (Rs. 09.17 cr), providing block support group (Rs. 16.69 cr), establishment of State Program Management

unit (Rs. 7.30 cr) and finally towards Information Education and Communication - IEC ( Rs. 0.73cr). The table and

graph below presents a brief snapshot of head-wise break up of total cost that shall be incurred in implementing e-

PRI project in West Bengal.

Table 25- Total Cost of e-PRI

No Head Cost (cr.)

1 ICT 34.30

2 Manpower 45.57

3 Training 09.17

4 BSG 16.69

5 Program Management Unit 7.30

6 IEC 0.73

Total 113.75

This section provides the financial requirement for the e-PRI West Bengal project. It details out the total

project cost as well as head-wise & year-wise cost break up of e-PRI solution proposed to be implemented

in West Bengal. The total cost of implementing e-PRI Project is Rs 113.75 Crores



Year Wise Break up The total cost of the project has been distributed in four years basis the implementation plan provided in section 10.

The table below presents the overview of the year wise breakup of the total cost that shall be incurred during

implementation of e-PRI project.

Table 26- Year Wise Break up

It can be inferred from the table above that

nearly 15% of the cost is estimated to be

incurred in the first year. 32% and 34%

shall be incurred during year 2 and year 3

respectively. Finally the rest 19% of the

total cost would be incurred during year 4.

Yearly – Head wise breakup Broadly the cost estimates have been categorized under State ICT cost, Payout to Service Agency (PRIs ICT &

Manpower), Training related cost, cost related to BSG, Program Management Unit and IEC.

The following table depicts the yearly cost estimates against each of the cost heads.

No Items Year 1 Year 2 Year 3 Year 4 Total

1 State ICT Cost 1.36 0.71 0.76 0.41 3.24

2 Payout (PRIs ICT +

Manpower) 9.79 24.73 26.06 16.04 76.63

3 Training 1.53 3.06 3.06 1.53 9.17

4 BSG 2.05 5.30 5.73 3.61 16.69

4 Program Management Unit 2.20 2.42 2.67 0.00 7.30

5 IEC 0.73 0.00 0.00 0.00 0.73

Total ePRI Project Cost 17.65 36.22 38.28 21.59 113.75

Table 27- Year Wise and Head Wise Cost Estimates (in crores)

No Year # Cost (cr.)

1 Year 1 17.65

2 Year 2 36.22

3 Year 3 38.28

4 Year 4 21.59



• Year 1

Year 1 would be stone setting year for the

project. Project will be kicked off with

constitution of various committees and State

Program Management Unit. It can be inferred

from the graph that 55% of the total cost

incurred during Year 1 shall be towards

deployment of ICT & IT trained manpower at

each tier of PRIs in terms of payout to the

PRIs. The first 5 months as per the suggested

implementation, the RFP will be floated to

select the implementation agency and the

deployment of the IT Hardware and IT

manpower will begin from the 6th month of Year 1. The lump sum IEC cost is provisioned in Year 1 only and may be

utilized by state across 3 years to generate awareness amongst the citizens and PRIs

• Year 2, Year 3 and Year 4

As per the implementation plan, the deployment of

IT Hardware and IT trained manpower will happen

incrementally in 7 months of the 1st year itself.

Year 2 and 3 will see fully fledged operation and

maintenance support of ePRI system at all PRIs,

thus the payout to service agency for hardware

and manpower will be larger as compared to year

1. As the provision for IT manpower is made for 3

years or 36 months for each PRI site, hence in

year 4 the IT manpower support will end

incrementally at PRIs after first 6 months of full

support. The cost incurred during these years

would be heavily constituted of IT skilled manpower deployed at each tier of PRIs, who will be responsible for

rendering the services as per the SLA defined. As seen in the graphs for year 2, 3 and 4, the ICT and IT manpower

payout is the larger cost head. PMU will also continue to provide its services for the duration of 36 months (3 years)

during the ePRI project implementation.

Training cost is budgeted for 36 months staring 6th month of year 1 till year 4. Capex for setting up training

infrastructure is included in year 1 itself.



Monthly Payouts to Service Agency

The roll out of ePRI in West Bengal is proposed to be based on a Service Procurement Model (SPM), where a

Service Agency (ies) (SA) will be selected through a competitive bidding process by the States. The States may

decide to engage multiple SA, region-wise or district-wise depending on local suitability

Once the contract with the SA is finalized a detailed implementation plan will be prepared by the SA in consultation

with the SPMC. The roll-out, in West Bengal, is expected to take 3 months time during which the SA will deploy

computers at all GPs / BPs/ ZPs in the State and also provide trained manpower for providing services to the GPs/

BPs/ ZPs. Once the services start at any GP / BP/ZP the SA will be provided a monthly payout for a period of 36

months as per the following table:

SR NO Year 1 Year 2 Year 3 Year 4

1 ZP 7112.33 7534.06 7989.54 8481.45 2 BP 5096.91 5358.65 5641.32 5946.61 3 GP 5281.49 5559.23 5859.19 6183.14

Table 28- Monthly Payout table to PRIs

The above monthly payouts have been calculated by assimilation of monthly cost incurred to SA on following components:

• CAPEX: This includes the cost of ICT infrastructure commissioned at each tier of PRIs • OPEX: This includes the cost of maintenance of ICT infrastructure • IT Trained Manpower: This includes the cost of IT trained manpower deployed by SA for providing services

to ZP/BP/GP The table below detailed out the monthly cost estimation considered for the calculation of payouts.



Yr1 Yr2 Yr3 Yr4

CAPEX (Monthly) ZP 1840.62 1840.62 1840.62 1840.62

BP 1825.21 1825.21 1825.21 1825.21

GP 1809.79 1809.79 1809.79 1809.79

OPEX (Monthly) ZP 271.70 293.44 316.91 342.27

BP 271.70 293.44 316.91 342.27

GP 471.70 509.44 550.19 594.21

Manpower ZP 5000 5400 5832 6298.56

BP 3000 3240 3499.2 3779.136

GP 3000 3240 3499.2 3779.136

Subtotal(WB) 5.59 14.48 15.64 9.85

Total Monthly Payout

ZP 7112.33 7534.06 7989.54 8481.45

BP 5096.91 5358.65 5641.32 5946.61

GP 5281.49 5559.23 5859.19 6183.14

Annual Payouts ZP 640109.52 1627357.89 1725740.53 1068663.04

BP 8690233.90 21927586.22 23084293.06 14194562.93

GP 88570666.34 223747928.97 235820525.10 145167708.53

Total Payout 97901009.77 247302873.09 260630558.69 160430934.50



12 Recommendation and Conclusion

The current section presents the consolidated recommendations that have been proposed by the study team in

various areas of the e-PRI project implementation. These recommendations have been broadly classified under the

following:

12.1 Application and functional Recommendation • An application framework and its components are proposed for the e-PRI roll-out. Please refer section

5.3 for detail design and component description.

• Electronic MIS generated reporting can significantly improve the timely availability of data/information to all the stakeholders.

• In order to increase the awareness level for the citizens IVRS system would be installed that shall describe the procedure of getting unemployment allowance, time required for processing of unemployment allowance, fees required ( if any), the status of current application, etc.

• Unique service number generated for each service request.

• Application s/w should have multilingual facility.

• Activity level Service Level Agreement(SLA) monitoring for better governance should be in place

• Deployment and administration should be done separately for G2G, G2B and G2C databases.

(For details refer to section 5)

12.2 ICT and Networking related Recommendation • e-PRI Application can be accessed through Internet to the citizens and through SWAN to the internal

officials.

• Proper backup and DR site should be planned to ensure the data security.

• e-PRI application deployment should be at SDC.

• To strengthen perimeter security firewalls must be installed and configured with access control along

with IPS devices. Application access should be ensured through its AAA (Authentication, Authorization

and Accounting).

• The PRIs will require dedicated 500Kbps speed to get connected to PRI application and perform their

day to day activities. Similarly, there are other speed/ connectivity requirements which should be

decided based on need

(for details refer to section 6)

12.3 Capacity Building and Training Skill Development

• The skill development framework shall be used by the PRI’s to upgrade their currents skill set to the

one desired for undertaking the current and the re-engineered functions performed by the PRI



• The skill development framework identifies four possible areas, not just lengthy training sessions, which

shall be focuses on to enhance the current skill set development.

• Training related to Basic IT Skills, State Specific and Common Core Application is proposed

Manpower

• ICT trained manpower is recommended to support each tier of PRIs in their day to day functioning

12.4 Program Governance and Implementation • Three tier Program Governance and Implementation structure proposed for better monitoring and

controlling the project

• Implementation of e-PRI Project has been envisaged through coordinated efforts between Centre and

States .Unlike other MMPs, e-PRI MMP program governance structure will have participation till the

grass root level i.e. the Gram Panchayats, which can be made possible by involving the Districts in the

implementation process

• The Monitoring and evaluation mechanism is indispensable for successful implementation of such a

large scale project. A standard approach with the help of periodic report is proposed to minimize the

risk and deviation of the project from timeline and scope

12.5 Power Backup • The power situation in rural India is characterized by low and inconsistent power supply. In a scenario

where it is envisaged that all Panchayats would be computerized, it becomes imperative to give due

diligence to sources of power. While the mandate of ePRI project does not include provision of power,

some alternatives and associated costs have been evaluated and are mentioned in Annexure 14.7



13 Way Forward This ePRI Study project, which is a precursor to the ePRI MMP, was initiated with a comprehensive study to

assess the current information and services needs of citizens, PRI and other stakeholders. This study lead to

the identification of the information and services needs of various stakeholders, scope for re-engineering

various functions and services carried out by PRIs, formulation of detailed roadmap for the transformation of

Panchayati Raj system from existing state to e-PRI in West Bengal.

The key activities in the DPR phase included: estimating ICT requirements, defining strategy for roll-out,

defining project management structure, defining monitoring and evaluation structure, defining communication

plan, defining change management strategy.

This phase focused on defining these components along with the associated outlays. The implementation plan,

detailing out the activities to be undertaken for project implementation is charted out and the financial model for

executing the ePRI MMP in West Bengal is also defined. This phase has resulted in head-wise cost breakup of

the ePRI MMP in the State, which will be further aggregated with similar cost break up from a similar study

being parallely conducted in other states to arrive at a nation-wide cost for executing the ePRI MMP across the

country.

As a next step, the aggregated National Detailed Project Report along with the Expenditure Finance Committee

(EFC) note will be submitted by Ministry of Panchayati Raj to the Cabinet for approval.



14 Annexure

14.1 Glossary

Terms Description

Anganwadi An early child care centre

ANM Auxiliary nurse midwife

APL Above poverty line

ASHA Accredited social health activist

BPL Below poverty line

GP Gram Panchayat, local governments at village or small town level in India

Gram sabha All women and men above 18 years constitute gram sabha

ICDS Integrated child development scheme

ICT Information and communication technologies

JP Block Panchayat, Panchayat system at Block level

Mandi Whole sale market for fruits, vegetable and grains etc.

Nakal Copy of any legal/official document

NRHM National rural heath mission

Panchayat Elected assembly, e.g. village council

PPP Public private partnership

PRI Panchayati Raj Institution, three tier system of local government in rural India

Pradhan Elected Chairman of Gram Panchayat

Tehsildar chief revenue officer for tehsil

Tendu patta Tobacco leaves

Yuva mandal Youth group

Zilla District

ZP Zila Panchayat, Panchayat raj system at District level



14.2 Detailed Cost

14.2.1 Assumptions

S No. Assumption / Standards used in respective areas Value (If applicable)

A ICT Infrastructure

A.1 Cumulative Security Audit cost for all state modules (INR) 200000

A.2 The PCs at GP level have been estimated at the NICSI empanelled rates and intrernet

connectivity charges have been estimated @ 200 per month per GP. However, the PCs

with internet connectivity may also be procured from the vendors under agreement with

BSNL under USO fund Subsidy.

A.3 States have been divided into two categories.

Large States - 10,000 system users and above is large state and

Small States - below 10,000 system users is small state

A.4 No of users are as per the no of PC proposed e.g. if there is 1 PC proposed at GP then

no of users at GP = 1* total no of GPs

A.5 Internet connectivity charges have been budgeted for only GPs as the ZPs and BPs are

assumed to be connected through a Government Network like SWAN, NICNET etc. If

provision for extension of SWAN upto GP level exists, then the horizontal connectivity for

that must be costed for and the internet connectivity charges at the GP level can be

removed.

A.6 Open Source solutions are being proposed for all system software. Hence, there will be

no CAPEX; only annual support cost will be budgeted for.

A.7 Maintenance cost of hardware is included in the Warranty support of 3 years.

A.8 SWAN charges and connectivity need not to be taken as State directly is considering the

same for all the departments

A.9 SWAN shall be provided till the offices, hence only internal office network and peripherals

have been accounted for

B Training

B.1 Training Costs are budget only for IT training

B.2 Training costs are averaged for all participant irrespective of location at which they are

trained

B.3 No of Training days for PRI officials are assumed is to be 12 days in 3 years 12




B.4 No of Training days for elected members are assumed is to be 6 days in 3 years

6

C Contractual Manpower

C.1 One Contractual resource at each PRI level is provisioned through e-PRI 1 at each PRI

level

C.2 Man Month Rate of Contractual Resource with Basic IT skill set at

I GP Level : INR Per Month 3000

II BP Level : INR Per Month 3000

III ZP Level : INR Per Month 5000

C.3 The Manpower is being provisioned for a period of 3 years

D PMU

D.1 Civil Infrastructure (Rent, Electricity, support infrastructure etc) for PMU is not provisioned

through ePRI and the state PR department is expected to provision for the same. That

Implies No CAPEX cost for PMU is provisioned through ePRI.

D.2 Computing devices (Laptops etc) for External Consultants in PMU will be provisioned by

Empanelled agency themselves and not through ePRI

D.3 OPE is have been provisioned @ 15% of the PMU Cost

D.4 Other Administrative Expenses are considered as 1% PMU Cost

D.5 1 Document Scanner, 1 Network Printer is provisioned at each State PMU and District

PMU

D.6 10% increase in the PMU External Consultant rates every year

D.7 The PMU cost is being budgeted for a period of 3 years irrespective of the project

implementation plan as it is the handholding supporting being provided to the State.

E Application Software

E.1 As a standard each module can be developed by 2 S/w developers in 3 months

timeframe which implies development effort of 6 man months per module. This would

include the entire development activity pertaining to the module including development of

Admin modules for database management.

E.2 Effort of integration of modules developed at State with central modules will be included

in the development effort of 6 months as above




F.3 Customization Effort for central modules at state level is 1 resource for 3 months

F.4 Customization Effort of 3 months for central modules at state level will also include effort

for integration of state specific modules with Central modules

14.2.2 ICT Cost Details This section provides details of Overall cost for ICT for ePRI including State, District, Block and GP. State Level ICT cost

Table 29- State Level ICT cost

Base Data for Bill of Material and Costing

Inflation Rate 8%

Total Number of Districts PRI Departments in State 18

Total Number of Zila Parishad in State 18

Total Number of Block Panchayat in State 341

Total Number of Village Panchayat in State 3354

Maintenance cost for ePRI Application 22%

State Level ICT Cost

CAPEX Data Centre Costs

Hardware Unit Cost Number Total

Web Server 366025 2 732050

Application Server 366025 2 732050

Database Server 1768000 2 3536000

Total Server Side ICT Infrastructure Cost 5,000,100

State Site IT Infrastructure Costs

Application Software Cost

Application Development Cost 4981500

Security Audit Cost 200000

Sub-Total 5181500

Hardware Unit Cost Number Total

PC / Thin Client



Panchayati Raj Department 31243 0 0

Directorate of Panchayati Raj 31243 0 0

Network Printer



State ePRI Project Management Unit 40000 1 40000

UPS (600VA)



Laser printer



Finger Print Scanner



Digital Signature



Document Scanner



State ePRI Project Management Unit 6000 1 6000

Sub-Total 93110

Networking cost Unit Cost NO of Sites Total

Connectivity with SWAN (Horizontal Connectivity)

18000 0 0

Office LAN (CAT6) at office with 20 user 40000 0 0

Office LAN (CAT6) at office with 10 user 25000 0 0

LAN Switch 30000 0 0

Total State Site IT Infrastructure Cost 5274610

Total CAPEX at State Level 10,274,710



OPEX

Heads Annual Cost Year 1 (6 months)

Year 2 Year 3 Year 4 (6 months)

Post implementation support for ePRI application

1095930 547965 1183604.4 1278292.752 690278.0861

Support cost for OS, Database & Application Servers software

2010000 1005000 2170800 2344464 1266010.56

Hosting Charges for Servers (Large States)

2375250 1187625 2565270 2770491.6 1496065.464

SAN (Large State) 509600 254800 550368 594397.44 320974.6176

Tape Backup (Large State) 50000 25000 54000 58320 31492.8

Miscellaneous (5% of CAPEX)

513735.5 256867.75 554834.34 599221.0872 323579.3871

Total 6554515.5 3277257.75 7078876.74 7645186.879 4128400.915

District ICT cost

Table 30- District ICT cost

District Level ICT Cost

CAPEX District Site IT Infrastructure Costs

Hardware Unit Cost

No. Of Per Site

Total

PC / Thin Client

District PRI department 31243 0 0

Zilla Parishad 31243 1 562374

Block PRI 31243 1 10653863

Village PRI 31243 1 104789022

ePRI District PMU 31243 0 0

Network Printer



Block PRI 40000 0 0

Village PRI 40000 0 0


UPS

Total OPEX at State Level 22129722.28





Block PRI 7000 1 2387000

Village PRI 7000 1 23478000

Laser printer



Block PRI 14400 1 4910400

Village PRI 14400 1 48297600


Finger Print Scanner



Block PRI 20000 0 0


Digital Signature



Block PRI 555 2 378510


Document Scanner



Block PRI 6000 1 2046000

Village PRI 6000 1 20124000


Sub-Total 220011409

Networking cost Cost per site Total Sites

Connectivity with SWAN (Horizontal Connectivity)

18000 0 0

Office LAN (CAT6) at office with 20 user

40000 0 0

Office LAN (CAT6) at office with 10 user

25000 341 8525000

LAN Switch 30000 341 10230000

Hub 1000 3354 3354000

Sub-Total 22109000

Total for all District Site ICT CAPEX Infrastructure Cost 242,120,409



OPEX

Heads Annual

Cost Year 1 Year 2 Year 3

Internet Connectivity Charges at GP = ( No. of computers at GP X 200 per month X 12)

8049600 8049600 8693568 9389053

Miscellaneous (5% of CAPEX) 12106020 12106020 13074502 14120462

Total 20155620 20155620 21768070 23509516

Total OPEX for District sites 65433206.23

Total State Level ePRI ICT Infrastructure Cost for three years 32,404,432Total District ePRI ICT Infrastructure Cost for three years 307,553,615

14.2.3 PMU Table 31- PMU Cost

OPEX

Manpower Cost

ePRI PMU Durations (Months) 36

Inflation Rate 8%

Total Number of Districts in State 18

Principal Consultant 200200

Senior Consultant 145200

Junior Consultant 115500

Support Staff 5000

Stat

e

Permanent (100% Availability) No. of Resources

Man-Month Cost

Year 1 Year 2 Year 3

Project Manager, Pr. Consultant 1 2402400 2642640 2906904

CM and CB expert Sr. consultant 1 1742400 1916640 2108304

Technology Expert Sr. consultant 1 1742400 1916640 2108304

Project Coordinator, Sr. Consultant 4 6969600 7666560 8433216

Project Coordinator, Jr. Consultant 4 5544000 6098400 6708240

Support staffs 2 120000 132000 145200

Total Cost for Permanent Resources 18520800 20372880 22410168

Temporary (20% Availability) No. of Resources

Man-Month Cost

Year 1 Year 2 Year 3

Bid Process Expert, Pr. Consultant 1 480480 528528 581381

Total Cost for Temporary Resources 480480 528528 581381



State level ePRI PMU cost 19001280 20901408 22991548.8

Operational CostSt

ate

Heads Year 1 Year 2 Year 3

OPEs 2850192 3135211 3448732

Other Administrative expenses @ 1% 190013 209014 229915

Total State Level Operational Cost for PMU 3040205 3344225 3678648

Total State ePRI PMU Operational Cost 3040205 3344225 3678648

Total State Level ePRI PMU Cost for three years 72957314.69

Total State ePRI PMU Cost for three years 72957314.69

14.2.4 Training Table 32- Overall Training Cost

PRI Officials To Be

Trained (Number)


Cost (In Crores)

Level Year 1 Year 2 Year 3 Year 1 Year 2 Year 3

ZP 108 36 36 36 479952 518400 559872

BP 1026 342 342 342 4559544 4924800 5318784

GP 3354 1118 1118 1118 14905176 16099200 17387136

Total Cost 64752864 19944672 21542400 23265792

Training Cost

PRI Members To Be Trained (Number)


Cost (In Crores)

Level Year 1 Year 2 Year 3 Year 1 Year 2 Year 3

ZP 120 12 12 12 79992 86400 93312

BP 424 114 114 114 759924 820800 886464

GP 9118 1118 1118 1118 7452588 8049600 8693568

Total Cost 26922648 8292504 8956800 9673344

14.3 Envisaged Scenario G2G The envisaged scenario presented in the section 5.1 has been detailed out in a step by step methodology in relation

to Planning, Implementation, Monitoring and Accounting functions in the proposed scenario for PRIs



• Planning & Budgeting: As depicted in the above diagram, planning exercise will start from the Grass root

level (Gram Sansad). It will include the concept of micro planning, Perspective planning as well as Annual

Developmental Plans. As per this process, citizens can provide their feedback, or register their issues at the

respective Gram Panchayat offices either through the Grievance Redressal System or through Gram

Sansad Meetings or Gram Sabha. All issues submitted by the citizens shall get stored in the ePRI System

in respective databases. GP Secretaries shall use this data to understand and prioritize the issues

prevailing in their respective villages. Based on this prioritization GP Secretaries will identify projects and

prepare a Developmental Plan for the village. These will be further discussed in the Gram Sabhas and

finalized. All the finalized GP Plans shall be saved in the ePRI System. The Block Panchayat (Panchayat

samiti) shall refer these GP Plans from the ePRI System to prioritize projects at the BP level and prepare

BP Plans. Finalized BP Plans will again be stored in the ePRI System.

The District Panchayat (Zilla Parishad) follows the same process as Block Panchayats. However, it has

dual role to play, namely, as Panchayats in its own right and as a facilitator for BPs & GPs. In states with

strong DP, it with will also provide the secretarial support for the District Planning Committee (DPC). The

DPC will refer these DP Plans and aim for Sectoral convergence to prepare the Annual Plans. Annual Plans

shall also be saved in the ePRI System. The DPC shall also articulate a District Vision and prepare

Perspective Plans. These will be saved in the ePRI System as well and can be referred by the DP, BP and

GPs for preparing their respective plans. State Administration shall also inform the PRIs about the

Panchayat Window in the Panchayat Budget for helping them prepare their plans. Once all plans and

projects have been approved, they will published to the respective offices through the ePRI System and

further used for the purpose of monitoring.

• Funds Flow and Implementation: Once plans have been approved and funds have been received by the

State Administration, they will transfer the funds via EFT/ DD to the respective offices at the GP, BP and DP

level. These funds shall get accounted under respective heads and respective offices will be informed on

the same. Based on funds received and projects approved DP and GP offices shall procure services/

products and ensure implementation of projects through respective implementation agencies. Based on the

funds expended GP, BP and DP offices shall submit their respective Utilization Certificates through the

ePRI System. Unutilized funds shall automatically get accounted and would be transferred to the State

administration.

• Accounting and Auditing: All transactions happening at the GP, BP or DP level for procurement of

services/ products shall be entered in the ePRI System by the respective PRI Offices. These would

basically include all voucher entries. However, GP, BP and DP offices shall also keep updating the financial

progress on the funds being expended under respective heads. The State Administration and refer to

periodic and Annual Financial Statements of the PRIs. Information can be viewed GP, BP and DP wise.

Results of financial shall be further shared by the GPs with the citizens during Gram Sabhas.

• Monitoring and Reporting: Based on the projects being implemented, the implementing agency shall keep

updating its physical progress in the ePRI System. This can be further monitored against the respective



plans which have been finalized for each GP, BP and DP. Grass Root functionaries shall also update the

data on social progress happening within the village based on the implementation of developmental

projects. DPCs can also monitor the physical and social progress against the plans. Report on the physical

and social progress happening in the village will be shared with the villagers during Gram Sabhas. Every

data on physical and Social Progress shall be stored in the ePRI System for future reference. Feedback

given by the citizens in Gram Sabhas shall also be saved in the ePRI system and can be further used for

the Planning.

14.4 Components Logical Architecture

14.4.1 Access Layer Architecture This layer will manage all the user interactions with the ePRI System and facilitate delivery and management of

PRI services and processes from all other layers to the end users. End user interactions will be achieved via

Access devices and Access/Delivery Channels. Access devices will provide a means to users to communicate with

the ePRI Application while Access/Delivery Channels will provide mechanisms for the ePRI Application and PRIs

to deliver services to the end users or customers. Figure below gives a snapshot of the Access Layer Architecture.

Customer

Customers literacy to use devices for accessing channels

Access DevicesCommunication

MediaServicesAccess Channels

Capability of channels to use media and provide services

Figure 20 ‐ Access Layer Architecture

The above figure describes how different users/ customers will use various devices to connect to the access/

delivery channels, which in turn will connect to the communication media to provide government services. Sections

below will detail out each component in the above architecture.



14.4.2 Customers/ User Groups

The user groups that would be using or accessing the ePRI System have been classified under the six stakeholder

groups as given in the Section 7.11.1 of the ISNA Report. Table below describes each user group and the purpose

of their interaction with the ePRI System.

SL. NO.

USER GROUP PURPOSE

1. Visionaries/ Sponsors These are government functionaries who would be envisioning the

ICT and Developmental needs of the State. These would include

functionaries like the Principal Secretary, Commissioner, , State PR

Secretary, Collectors, Deputy Collectors, and Secretaries of line

departments and the CEO – Zilla Parishad. This user group would

mainly use the ePRI application for following purpose

• To have an overview of the social needs and issues

prevailing at the grass root level

• Analyze needs and finalize developmental projects for the

State

• Monitor both physical and social progress of the State as a

whole

• Monitor Financial progress based on the funds allocated

under various schemes

This user group will basically review the analytical reports generated

by the ePRI System and use them for the purpose of planning and

budgeting as well as for approving plans. 2. Guide Posts/ Steering

Committees

These are government functionaries who would enable plan

execution and steer programs. These would include functionaries

like the members of the District Planning Committees like the Block

Development Officers, CEO-Zilla Parishad, Secretary – IT, Director

– IT, NIC DIOs, SIO, and Gram Panchayat Secretaries. They would

use the ePRI application for the following purpose:

• Analyze needs and prioritize projects identified at the GP,

BP and ZP Level.

• Prepare perspective plans and annual developmental plans

at the district level.

• Approve procurement of services / products

• Monitor and Audit funds expended on the implementation of

projects at the GP, BP and ZP Level.

• Monitor physical and social progress at the GP, BP and ZP

Level.

This user group will access plans submitted by the GP, BP and ZP

and consolidate them to identify and steer developmental projects.



SL. NO.

USER GROUP PURPOSE

They will also access data submitted by the implementation

agencies on the physical progress of the program/ schemes being

implemented at the GP, BP and ZP Level. They will also define

procedures and policies to be followed by the PRI functionaries.

3. Service Delivery Owners/ Project Managers

These are government functionaries with managerial and domain

specific know-how to articulate and manage programs. These would

include functionaries like Gram Panchayat Secretaries, Block

Development Officers, Talathis, ANMs and AWWs. These would be

using the ePRI System for the following purpose:

• Create and manage content on procedures rules, SLAs on

the ePRI system

• Schedule meetings and manage MOMs

• Manage overall service delivery at the respective GP, BP

and ZP Offices

• Plan, monitor and control projects approved under various

schemes and programs

• Implement and manage projects at the Grass Root level

• Manage transaction with vendors and service providers

• Consolidate grass root data and prepare reports on needs

and issues

This user group will mostly be the creators of data in the ePRI

System. They will manage and review data at the Grass root level as

well as ensure that it is being stored in a re-usable format.

4. Service Delivery Machinery/ Back Office users

This group would include functionaries who will execute plans and

will be the end users of back-end applications, such as BDOs, Class

B & Class C staff reporting to line departments and staff reporting to

the CEO- Zilla Parishad. These would be accessing the ePRI

System for the following purpose:

• Deliver and process applications submitted by the citizens

• Access ePRI databases and process applications

• Feed in data on physical and financial progress of projects

being implemented and monitor them against the project

plans

• Create, Update, and Manage grass root data

• Create and manage employee data

• Define standards formats for data storage and access rights

for other PRI employees

This group would basically use the ePRI System for making online



SL. NO.

USER GROUP PURPOSE

verifications while processing applications as well as updating their

comments and providing approval/ rejection

5. Service Delivery end points

These are the citizen facing functionaries who will interface with the

citizens in delivering services and use the front end applications. It

will include functionaries like SWS operators, Gram Panchayat

Secretaries, AWWs, ANMs, Zilla Parishad This group will use the

ePRI System for the following purpose:

• Register applications in the ePRI System

• Feed in grass root data into the ePRI system

• Access system for getting various information on the service

delivery procedures

• Connect to various databases and retrieve information for

the purpose of checking status and verification

• Scan and upload documents

This use group will basically perform operations like data entry and

verification.

6. Service Consumers These would comprise people who avail government services i.e.

citizens. They would access the ePRI System for following purpose

• Submit feedback on services and needs

• Register grievances and issues

• Get information on services and procedures

• Track status

This user group will only access the system for providing feedback

and access information.

Table 33 Customer User Group

14.4.3 Access Devices

These are the mediums that the above mentioned user groups will use the access the ePRI System. The proposed

access devices are explained below:

• Desktops/ Laptops/ Thin Clients: These would be mainly used by the government functionaries from the

first five categories as mentioned above. Selected PRI functionaries specifically those approving authorities

who need frequent travels, will be provided with laptops. Other grass root functionaries, back-end staff, and

SWS operators shall be provided with desktops for accessing the ePRI Application. Irrespective of the

device, each functionary shall have a Thin Client of the ePRI Application residing on their laptops/ desktops.

Each user shall have their own instance of the Application and will be allowed to log in using their login IDs

and Passwords. This Thin Client application will allow the users to navigate through the ePRI web - content



published on the PRI network through a Web Browser. All PRI officials will have to use a Standard Web

Browser like Internet Explorer or Netscape Navigator to access the ePRI System in order to avoid

discrepancies in the functioning of the application. However, whichever Web Browser is standardized it is

necessary that it has following features:

o Allows Bookmarking, i.e. saving a websites location in the Web browser

o Allows caching, i.e. saving websites content in the Web browser

o Facilitates viewing animation, streaming videos etc,

o Facilitates automatic completion of data like URLs, form data by recalling previously accessed

websites

o Allows both keyboard and mouse navigation

o Provides advanced security and privacy features like ability to encrypt data and block malicious

software attacks as well block pop-ups and spam

o Allows content publishers to store user or session information within the browser

o Allows storage of Digital Certificates to store security identification information from various

providers

o It should also support commonly used content formats like HTML, XML, XHTML, CSS, AJAX,

JavaScript, RSS, and so on.

14.4.4 Access/ Delivery Channels

These are access points and mechanisms through which the user groups can access the ePRI Application. The

proposed access channels for the WB State are as follows:

• Single Window Systems: These will be located at every GP, BP & ZP Offices. All users in the Services

consumer group shall avail government services through this channel. Citizens need travel places for

availing services. For any government service irrespective of the department which provides it, citizens

shall submit their applications through this channel and get their service delivery also through this channel.

This channel will act like a One-Stop-Shop for all the services.

• Web Application: This is the access channel that the government functionaries will use to access the

ePRI Application. As mentioned above each functionary shall have a thin client installed on their laptops/

desktops for accessing the application. All interactions between departments internal or external to PRIs

shall happen through the web.

• Web Portal: Initially the purpose of this access channel will be to provide information on the PRIs,

including their functions, projects, procedures, citizen charters, social progress and physical progress and

so on. Later, based on the development in the State this can be extended to provide web services. This

will further enable the citizens to avail government services anywhere anytime. This web portal can be

accessed from any computer having an internet connection.

• Helpdesk: This delivery channel will also be used by the citizens for getting information on services,

application status, and procedures and even for registering complaints. Access to this channel will be

through a toll-free number, which the citizens can call anytime

• Self-service Kiosk: These will also be used by the citizens and they can initially access these at the GP,

BP & ZP offices. These will be interactive voice based kiosks to enable citizens with little or no computer

knowledge to provide feedback and check status.



Table below explains which channels will be used for accessing the ePRI Application G2C functions:

G2C COMPONENT ACTIVITY USER GROUP ACCESS CHANNEL

Application Submission

Obtaining procedural information on

Services

Service Consumer Single Window

System

Web Portal

Help Desk

Self Service Kiosk

All other User

groups

Web Application

Web Portal

Obtain Application Forms Service Consumers Single Window

System

Web Portal

All other User

groups

Web Application

Web Portal

Registration of Application Service Consumers Single Window

System

Service delivery

end-points

Web Application

Make / Collect requisite payment Service Consumers Single Window

System

Service delivery

end-points

Web Application

Issue Application Tracking Number

(ATN)

Service Consumers Single Window

System

Service delivery

end-points

Web Application

Forwarding application docket to

concerned dept. for processing

Service delivery

end-points

Web Application

Manually

Application Processing

Receiving application form Service delivery

end-points

Web Application

Service Delivery

Machinery

Web Application

Manually

Application Processing (Documents

verification, physical verification,

etc.)

Service delivery

Machinery / Back-

office users

Web Application

Manually

Service Delivery

Owners

Web Application

Manually



G2C COMPONENT ACTIVITY USER GROUP ACCESS CHANNEL

Endorsing of service output Service Delivery

Owners / Project

Managers (at PRI)

Web Application

Service Delivery

Owners / Project

Managers (at Line

departments)

Manually

Printing, preparing processed

application

Service delivery

Machinery / Back-

office users

Web Application

Delivery of processed application to

SWS-GP thru ePRI Application

Service Delivery

Owners / Project

Managers (PRIs)

Web Application

Service Delivery

Owners / Project

Managers (Line

departments)

Manually

Service Delivery Informing applicant about

application status

Service delivery

end-points

Web Application

Service consumers SMS

Single Window

Systems

Self Service Kiosks

Help desk

Collect processed application Service Consumers Single Window

System

Update status against ATN Service delivery

end-points

Web Application

Table 34 channels will be used for accessing the ePRI Application

14.4.5 Communication Media

These are mediums that the PRI functionaries will use to provide end-to-end service delivery to the citizens. Table

below describes how each media will facilitate users to access channels.

SL. NO.

COMMUNICATION MEDIA DESCRIPTION USER GROUPS



SL. NO.

COMMUNICATION MEDIA DESCRIPTION USER GROUPS

1. Web This is the online media used to

establish communication between

different PRI offices. All registration,

verifications and approval shall be done

through this media.

All user groups except

service consumers shall

communicate using this

media

2. Email This is also a form of online media with

limited functionalities. This media would

be used for establishing communication

between PRI functionaries and other

government functionaries external to

the PRIs like Line Departments, UT

Administration etc. This would be

mainly to share documents or

instructions or alerts.

All user groups except

service consumers shall

communicate using this

media

3. SMS This is a telephony media and will have

one way communication i.e. between

from the PRI Application to the citizens.

This media would be used to intimate

citizens on the status of their

applications.

Used mainly by Service

Consumers

4. Physical Presence This would be required for submitting

applications, getting services delivered,

physical verifications as well as

conducting meetings

All user groups will use

this media wherever

and whenever required

5. CD/DVD These are mostly used as storage

media. Specifically when large data

needs to be transferred between PRI

and other non-PRI functionaries these

media would be used. These would be

applicable till such time an integrated

Enterprise Architecture is established in

the State

This media would be

mostly used by user

groups other than

service consumers for

the purpose of data

exchange.

Table 35 Communication Media

14.4.6 Service Types

The entire Access Layer Architecture should be able to support four types of services.

• Informational Services: Intended to provide any information that falls under the PRI perspective. It would

include RTI services, Information on service rules, procedures, SLA, Status tracking, etc.



• Transactional Services: Intended to provide all the G2C and G2B services. These would include all kind

of transactions like Payments, Application submissions and service delivery, Application processing and

also other inter-governmental transactions

• Interactive services: Intended to facilitate interaction between different user groups. These would include

communication of government orders, memos and notices, email alerts, meeting schedule, discussion

forums, etc.

• Data sharing services: Intended to share data across PRIs and with other departments. These would

include online verification with common databases, sharing of statistical information as well as reports, etc.

This Access Layer Architecture would require users literacy to use access devices for accessing channels and

leverage on the capability of the access channels to use the right communication media to provide services.

14.5 Information Security Architecture

14.5.1 Business Layer Security Components Business layer forms the crux of PRIs and is the governing layer for all PRI functions and activities. It is at this layer

where information is created and owned. It is therefore important that Information security starts right from this

layer. This layer would mainly involve non-technology assets like people and processes. To ensure security from

these two perspectives following security components are mandatory.

• Governance council:

This is a specific group of functionaries responsible for developing consistent, cohesive polices, processes

and decisions regarding information security. To the form this council, the State Project Management Unit

and the District Project management Unit structures can be leveraged.

• Formation of Information Security Policy

Recognizing the ever-changing environment in which PRI functionaries work it is essential that PRIs along

with the IT department needs to develop a comprehensive Information Security Policy, to be adopted

across the PRIs. This policy shall guide the PRI functionaries in protecting information owned by them and

ensuring that it is being used in the right way. It is essential that this policy should focus on following points

o End-user acceptable use: This shall concentrate on use of resources like email, internet, intranet,

data encryption, security and use of portable devices as well as external users

o Administrator acceptable use: This shall concentrate on use of IT resources by Administrators as

well as describe the auditing and monitoring procedures

o Information security: This would focus on standards like data encryption, and electronic digital

signatures



o Information privacy: This would focus on designating Information privacy officers, performing data

privacy impact assessment, data categorization, user access controls and maintenance of access

logs

o Information sharing/ transmission over the internet: This shall focus on information sharing

standards to be adopted across other government entities. Some recommended standards are

given below

For sensitive transactions like sharing of personal data cryptographic mechanisms should

be used.

Commercial transactions over the Internet shall deploy HTTPS using standards like SSL

version 3 or TLS version 1.0 or version 1.1

HTTPS is the secure version of HTTP (Hyper Text Transfer Protocol) over Secure Socket

Layer (SSL). This standard provides authenticated and encrypted communication.

Transport Layer Security (TSL) and SSL are cryptographic protocols that provide secured

communications on the internet for data transfer as well as enable operation on HTTPS.

For secured electronic email is required, S/MIME (Secured Multi-purpose Internet Mail

Extensions) standards should be used for secure transmission, storage and authentication.

S/MIME is a standard for public key encryption and signing of email encapsulated in MIME

formats.

It is essential that while implementing ePRI the Service Delivery Managers and PRI authorities develop a

comprehensive Information Security Policy to be used across PRIs. This is because with the advent of

technology resources that ePRI will bring in it is necessary that all functionaries irrespective of their

knowledge in ICT should be aware on acceptable use of PRI information and resources. They should also

be aware that any breach in the policy shall risk smooth functioning of PRIs.

• Asset tracking & Management

Implementing ePRI, will require procurement of various IT assets. It is therefore essential that following

policies be defined and implemented as a part of the ePRI

o Asset procurement: Policies and procedures for procuring IT and information assets should be

defined and include things like Asset request and approval procedures, Asset procurement

procedures, as well as standards on procurement modes. This will also include procedures on

allotment of barcodes for procured assets and mapping each asset to the right department

o Asset Allocation: This shall include policies and procedures on asset allocation to a functionary in

PRI. Asset allocation should strictly be role based and policies on acceptable use should be strictly

adhered. This will include mapping of Asset barcodes to the functionary to which it has been

allotted



o Asset tracking: This shall focus on tracking which IT or Information Asset has been allotted to which

PRI functionary. This is very important from the PRI point of view as some functionaries shall be

allotted mobile devices like laptops. Incase if these functionaries travel outside the PRI network, it is

important to keep track and locate the device through which they are accessing the PRI network.

This will also help in secured Remote Access Management in the PRI network.

o Asset Maintenance and repair: This should take care of all the maintenance and repair

requirements of all the IT Assets.

• Physical security: Protecting IT and Information Assets physically is equally important. There are many

external people visiting PRI offices like Vendors, Contractors, Citizens, Consultants, etc. It is therefore,

necessary that these people have a restricted access to PRIs IT and Information Assets. It is therefore

proposed that following be implemented for managing physical security

o Critical or sensitive information processing facilities like data centers should be housed in secure

areas, protected by defined security perimeters, with appropriate security barriers and entry

controls to physically protect them from unauthorized access, damage and interference.

o Such facilities should have physical access points and individuals should be allowed access only on

successful verification of access authorization.

o Fire extinguishers with water suppression systems should be used to save electronic components

from damage.

o Physical access devices like key-lock combinations, card readers etc. should be used to restrict

access to such facilities. Such key-lock combinations should be changed periodically or when keys

are lost or when functionaries transferred or terminated.

• Human Resource Security: This is to sensitize all PRI functionaries and applicable government authorities,

contractors and third party organizations with access to sensitive information with the information security

policies and procedures. It is necessary that these security measures be adhered by every PRI employee

prior to employment, during employment as well as through termination, retirement or transfer. Some of

these security measures include

o Understanding the Security policies and responsibilities towards maintaining information security

during the tenure of employment

o Defining access rights and providing access devices based on the functionaries role during

employment.

o Adapting and adhering to the user acceptance policies as well as other information security and

sharing policies during employment

o Informing on loss of security devices as well as ensuring that printed information is not left

unattended.



o Handing over all allotted PRI IT and information assets back to the respective authorities before

transfer, termination or retirement.

o Ensuring that all access passwords and key codes have been changed to prevent unauthorized

access post transfer, termination or retirement

• Incident Management

This relates to timely communication of information security events and weaknesses. Incidents may be

result of failures or errors in IT Infrastructure. This would include policies and procedures to report a security

incident. This component is very important to ensure continuity of services in the PRI network. This would

require the PRIs to

o Develop responsibilities and procedures for reporting security incidents.

o Define what kind of security incidents can be reported

o Ensure incidents are detected and recorded on time

o These are further classified and investigated and diagnosed

o Ensure that the incident is resolved and closed to maintain business continuity

Incidents could be of various types like phishing, malicious code attacks, website compromise and

propagation of malware as well as network scanning and probing. These kind of attacks if not detected,

reported and handled on time would pose problems on PRIs information security and disrupt functioning of

PRIs thus, interrupting service delivery to citizens. Incident management holds more importance in the PRI

perspective as the no. of incidents being reported in the government networks in India has been increasing

every year. This can be substantiated with the Annual Incident management reports1 published by CERT.

According to this report a total of 2565 incidents have been reported in the year 2008. It is therefore

necessary that a comprehensive Incident Management procedure be implemented for ePRI.

14.5.1.1 Identity Protection and Access Management Components

Identity management deals with identifying individuals within the PRIs and assigning a unique identity to each one

of them based on the roles they play within PRI. Each identity shall be assigned varied access rights based on the

Roles and Responsibilities. Based on these access rights each PRI functionary will be allowed access to the PRI IT

and Information Assets. These components will therefore, enable more secure, identity based access to the ePRI

System within the PRI network from any location or device. It will ensure that this anywhere access is protected and

integrated with other security components. Benefits of implementing Identity Protection and Access Management

components

• Help protect PRI assets from misuse through user provisioning



• Provide more appropriate and secure access to PRI IT and Information assets through strong

authentication

• Simply user account management through delegated self-service capabilities

• Help reduce costs with centralized, automated identity and access management.

It is proposed that IAPM architecture should be centralized to manage authorization services for all PRI levels.

These authorization services shall be valid across all the layers of the Logical Architecture. Each component of

IAPM and standards to be used are explained below:

• Access Management and Control

This component/ software shall administer authentication and authorization processes within the ePRI

System. Following activities should be implemented under this component

o Conduct User Access Management: This activity shall deal with registering users, assigning

privileges and managing user passwords.

- Conduct User Registration: To implement this formal user registration and registration

cancellation procedures need to be in place for granting and revoking access to IT and

Information Assets of PRI. These procedures should include

a) Assigning unique user ids to enable users to be linked to and to be held

responsible for their actions

b) Group ids shall be permitted wherever necessary for operational reasons and

these need to be approved and documented

c) Before assigning user ids a check is necessary that user has authorization from the

system owner (ePRI System owner at the State level) for the use of ePRI System

or service. A separate approval for the access rights from the CEO- ZP should be

made mandatory

d) A check to ensure that level of access granted is appropriate for the Role

e) Giving users a written statement of their rights and requiring users to sign them

indicating that they understand the conditions of access

f) Ensuring that access is not provided until authorization procedures have been

completed

g) Maintaining records of all persons registered to use the system

h) Immediately removing or blocking access rights of users who have changed roles/

terminated/ retired



i) Ensuring redundant user ids are not be issued and blocking them if they have been

issued.

- Conduct Privilege Management and access control: This will control and restrict the

allocation of user privileges to access the ePRI System. Following procedures and

guideline should be developed for controlling access

a) Controlling access to system utilities by use of identification, authentication and

authorization and segregating system utilities from other application software.

Limiting access to system utilities to minimum authorized users, limiting duration of

availability of system utilities as well as logging all use of system utilities are some

of the other access control mechanisms that need to be implemented.

b) Controlling access to ePRI application: Once users successfully log-in to the ePRI

Application, it is very important that the visible information on the users terminal

does not go unattended for a long time as this would be window for security threat.

It is therefore recommended that user sessions should be automatically terminated

after a specific period of inactivity. Not only should sessions be timed-out but

network connections should also be terminated after a specific period of inactivity

so as to prevent intrusion into other parts of the network

- Conduct User Password Management: For password management multi-factor

authentication will be used. Standards recommended for ePRI are

a) Bio-metric technologies like fingerprint verification, signature verification and use of

hardware tokens like smart cards.

b) It is recommended that Bio-metric technology can follow standard data formats and

guidelines provided by NIST Special Publication 500-271. It provides standard data

formats for interchange of fingerprints, facial and other bio-metric information.

These standards can be viewed at http://fingerprint.nist.gov/standard/Approved-

Std-20070427.pdf

- Develop password use policy: This policy should stress formats for creating passwords,

methods for keeping them confidential, changing passwords at regular intervals and using

different password for different ids.

- Enforcing password change and securing passwords: The IAM software should enforce the

user to change password after first log-on and periodically after that. This can be done by

temporarily blocking the user account if passwords are not changed after a specified

period. Protecting passwords from unauthorized disclosures and modifications is equally

important. Prohibiting passwords from being displayed when entered, prohibit password re-

use for a specified period and restrict their lifetime are some of the password management

mechanisms to be carried out under IAM



• Security Permissions and Configuration

Setting security permissions for each user is one of the essential activities for implementing security.

Configuring security permissions on the ePRI System at every layer including applications, database and

networks is mandatory. While assigning access rights it necessary to perform following

o Establishing appropriate division of responsibilities and separating duties as needed to eliminate

conflicts of interests. It is therefore required to divide mission oriented functions and system

information functions among different individuals

o Based on this division of responsibilities access permissions should be assigned to users so as to

define which user can access which devices, applications, databases, and information and network

components.

o It is also important that security permissions be configured in the applications itself during

development. For egg. Applications developed using .NET Framework has a code access security

mechanism that helps applications have limited access to protected resources and operations.

Such mechanisms can be configured during application development itself.

o Since ePRI is going to be a web based application it would be more susceptible to vulnerabilities

like XSS (Cross Site Scripting) where malicious attackers can inject client side scripts into web

pages so that they can bypass access controls. For egg. if proper security permissions are not

configured into the application, malicious attackers can bypass access controls on ePRI

applications and change critical information like Budget envelop, or Accounting entries. It is

therefore important to configure access permissions within the application itself. Techniques like

content filtering can be used to avoid such vulnerabilities. For e.g. If JavaScript is used for

developing web pages JavaScript escaping mechanisms can be used, or HTML numeric entity

coding can be used.

o Other techniques disabling client-side script on the web-browsers or tying session cookies to IP

address of the user who originally logged in will help avoid vulnerabilities to some extent.

• Identity Proofing and Vetting

Identity vetting is the process used to establish identity of the user to whom the credential was issued. This

component outlines the procedure of validating and verifying user’s identity for the purpose of establishing

credentials. ePRI System shall such components that will

- Identify and authenticate specific devices and users before establishing a connection

- While establishing connections from remote locations, encryptions and decryption of user

credentials like user name and passwords.

- User can also be provided with digital credentials like smart cards for identity vetting and proofing.

For creating digital credentials users should provide their physical characteristics like finger prints



which can be stored on smart cards. Smart card readers shall be installed at various locations,

based on which access can be allowed if fingerprint data on smart cards matches the once stored

on database against the user credentials.

- Defining secure log-on procedures: limiting no. of consecutive invalid access attempts is very

important. This should be done by locking the account for a defined period until released by the

administrator

- Before the user enter his credentials, ePRI System should mandatorily display access terms and

conditions to user and access should be allowed only if the user agrees to accept the terms and

conditions.

• PRI Directory Services

The IAM solution must incorporate directory services as a repository to store identity data of PRI users

(User profiles, user account data, desktop logins, roles and entitlements) and make this information

available to multiple functions inside and outside IAM. Information stored under this directory shall be used

for the purpose of authentication and authorization and allowing access to ePRI System. It is recommended

that these directory services should be compatible with standards like LDAP or X.500. X.500 is a series of

networking standards covering electronic directory services while LDAP (Lightweight Directory Access

Protocol) is an application protocol for querying and modifying directory services running over TCP/IP.

• PRI Public Key Infrastructure

Public Key Infrastructure is a technology that helps ensure secure electronic communication by

incorporating digital signatures and encryption technology. PKI will allow PRIs to provide coordinated and

consistent security services like authentication, confidentiality, non-repudiation and integrity of transmitted

as well as stored data. Typically a PKI for PRIs shall include following components to supply required key

and certificate management services.

o Certification Authority (CA): An entity that issues digital certificates and generate public keys for the

certificates. It is a trusted third party, which provides key management services. PRIs need to hire a

third party CA for implementing the PKI and ensure that the CA works with the context of and

overall Certificate Policy which needs to be defined by the PRIs

o Registration Authority (RA): An authority in the PRI network that verifies user request for Digital

Certificates and informs the CA to issue it. Registration Authority plays an important role in PKI

because all other security functions are built on the assumption that the registered user was

sufficiently positively identified. This is more critical for provision of non-repudiation. Typical areas

that fall within the remit of RA include setting security permissions for user certificates, event

logging and auditing, assessing security vulnerabilities, and issuing / revoking public keys. PRIs

need to assign a Registration Authority within the PRI system who shall approve issuing of Digital

certificates



o Public Keys and private keys: A public key is a value provided by the CA as an encryption key that,

combined with a private key can be used to effectively encrypt messages and digital signatures. On

approval these keys become the certificates and digital signatures

o Certificate Repository: This is a database of all the certificates issued. The PRI directory services

can be used here as a certificate repository so that it becomes easy and cost effective to map

digital certificates to respective user profiles

Apart from implementation of the above components it is important that the PKI also takes care of the

following:

o Certificate Revocation: It is important that certificates once issued are revoked on termination/

transfer/ retirement of employees

o Key Back-up and recovery: maintaining back-up is equally important to ensure that issued keys are

not lost

o Management of key histories: this includes maintaining information on which keys have been

issued to which user and the activities performed by the user using the digital certificates issued.

Standards recommended for implementing PKI are given below:

o Public key certificates can be based on the X.509 Standard which is an ITU (International

Telecommunication Union) standard for PKI. This standard includes standard formats for public key

certificates and a certification path validation algorithm.

o Certificate repositories as mentioned can leverage the PRI directory services and the standards

thereof.

o RSA algorithms can be used for Public Key Cryptography and generating Digital signatures.

It should be noted that Implementing PKI for PRIs in West Bengal would require additional cost and time. It is

therefore recommended that PKI implementation should be taken at the UT level rather than at the PRI level.

This would help in reducing overall cost of implementation for ePRI.

• PRI Event logging and Auditing

This infrastructure would provide capability to control and filter all information available from operating

systems and applications to help system administrators track system activities and provide user

accountabilities for events. Coupled with Digital Signatures, auditing and logging a strong authentication

audit capability providing non-repudiation services as well as providing legal accountability for user actions.

PRI event logging and auditing would focus on

o Detecting attacks and unauthorized intrusions into systems and networks

o Supporting evidence needed to take action against offender

o Providing awareness of the volumes and nature of attacks



Preparing audit logs for the ePRI System shall require:

o The PRI Authorities to define which specific system components should carry out auditing activities.

For e.g. auditing should be carried out whenever a user tries to log-in to the ePRI network, or in to

the ePRI application and so on

o Based on a risk assessment exercise, it is also important to decide which events require auditing on

a continuous basis and which events require auditing in response to a specific situation. For. e.g.

Events which create, update or delete critical data from databases like Planning or Accounts

database, should be continuously audited. While events where a user tries to log-in to the ePRI

Application with unsuccessful attempts should be audited whenever there is a single unsuccessful

attempt to log-in through a user id. These should be defined in a way that they support after-the-fact

investigations of security incidents.

o The event logging component should have a capability to compile all the audit records from all the

components in a system wide (logical or physical), time co-related audit trail as well as manage

them centrally

o The audit record should capture information on what events occurred, sources of event as well as

the outcome of events. For each event, the audit record should have following contents

a. Data and time of event

b. Component name (Software, hardware. Network, etc) where the event occurred

c. Type of event

d. Subject identity

e. Outcome (Success or failure)

f. User information (information of the user who was logged in when the event occurred)

g. Location (if the event was triggered from a specific identifiable location)

o This event log component shall also communicate with other Security Assessment and monitoring

components to log details about event detected by them. It will thus, help the PRIs to have a

centrally managed audit trail for all kind of events.

14.5.1.2 Security Assessment and Monitoring Components

Implementing and configuring security controls into the ePRI System is important. But what is more important is to

continuously assess and monitor if these security controls are able to manage know vulnerabilities and avoid

potential risks. It is therefore, necessary to implement these components into the ePRI System. These components

will not only help assess the capability of security controls to avoid potential risks, but also help in detecting new



vulnerabilities and attacks. This will help PRIs take proactive steps to avoid new vulnerabilities in future. The

Security Assessment and Monitoring components that PRIs should implement are explained below.

• Anti-virus Protection/ Antispyware/ Malware Protection

These are software programs that detect, prevent, and remove malware, including computer viruses, worms

and Trojan horses. They also prevent and remove adware, spyware and other forms of malware. Malwares

like spyware can easily get into the users computer and subsequently into the ePRI system even without

the users knowledge. If spywares are not detected and removed them can cause serious effects like

network traffic, unwanted CPU activity, crashing systems. Some malwares can even spy on user accounts

and leak critical user information including access rights. This may further may the ePRI System more

accessible to attackers. It is therefore essential that a comprehensive antivirus/ antispyware program be

implemented within the PRIs. This would require the PRIs

o Define a Malware protection policy that enforces all users to

- scan external media before connecting it to the PRI network

- scan email attachments or compressed files before opening them

- block sending or receiving of certain file types via email

- restricting the use of unnecessary software that are not needed and may contain

vulnerabilities.

- Requiring systems to be kept upto date with latest patches installed

- Restricting use of removable media while on PRI network

- Specifying which type of mobile code can be used from trusted sources

o Installation of Antivirus / antispyware software with following capabilities

- Scanning critical system component such as start-up files and boot records

- Monitoring real-time activities to check for suspicious activities

- Monitoring behaviour of applications like web browsers, email clients

- Scanning files for known viruses on local drives

- Identifying common types of malware like viruses, Trojan horses, worms, malicious

mobile codes, blended threats, spyware, cookies as well as keystroke loggers and

backdoors

- Disinfecting files, i.e. removing malware from files or quarantining files.

- Preventing several methods of spyware installation like blocking pop-up ads, tracking

cookies, and browser hijacking and browser plug-in installations.



o Updating the Anti-virus software with latest signature to improve malware detection and

prevention. For ePRI system it is recommended that the anti-virus software should be managed

in a centralized way. All testing, approving, delivering signature and software updates should

be done centrally

o Other protection mechanisms that can be used are configuring the applications by disabling

unneeded features like

- Blocking suspicious email attachments (e.g. with extensions like .vs., .pif)

- Filtering spam which is used for phishing and spyware delivery

- Filtering website content which block suspicious website and undesired file type

- Limiting Mobile Code execution

- Restricting web-browser cookies

- Blocking web-browser pop-up windows

- Preventing software installation within web-browsers

- Preventing automatic loading of email messages

- Restricting use of macros

Standards recommended by NIST for malware protection can be referred while implementing anti-virus/

antispyware applications. These can be found at http://csrc.nist.gov/publications/nistpubs/800-83/SP800-

83.pdf .

• Data Validation

This is to restrict input and output data entries to the ePRI system. This component will ensure that

o Only authorized personnel are allowed to enter data into the ePRI system. These restrictions

should extend beyond typical access control rights.

o In case of errors in the data entry error messages should be generated and visible only to the

authorized personnel. These error messages will provide useful information without revealing

information that can be exploited. Sensitive information will not be listed in error logs.

o All inputs will be checked for accuracy, completeness and validity as close to the point of origin as

possible before saving them to the ePRI databases.

o All data validations checks shall be done based on the Rules defined for valid syntax like character

set, length, numerical content, acceptable values and so on.



o Inputs passed to interpreters shall be pre-screened to ensure that the content is not unintentionally

interpreted as commands

o All output data is also retained as per the policy and operational requirements defined by ePRI.

• System files and source code protection

This includes ensuring security of data in both testing environment as well as in operational environment.

Following actions should be taken in respective environments

o Testing environment: Test data should be selected carefully and protected and controlled and care

should be taken that operational databases containing personal information or sensitive information

should not be used for testing purposes. Even if they are being used then all sensitive contents

should be removed or modified beyond recognition before use. While using operational data in

testing environment following care should be taken

- All access control procedures which are applicable for operational applications should also

be applicable for test applications

- Separate authorization should be enforced every time operational data is copied into test

environment

- Once tests are completed all operational information should be erased from the test

environment

- Copying and use of operational information should be logged to provide and audit trail

o Operational environment: It is critical to avoid risk of information leakage and following care should

be taken

- All outbound media and communications should be scanned before connecting to the PRI

networks

- Monitoring of resource usage in the ePRI network as well as users and system activities

- Implementing techniques for masking and modulating communications to reduce likely

hood of third party being able to deduce information

- Access to system file and source code should also be restricted.

• Vulnerability management

These components will help PRIs in assessing vulnerabilities in the ePRI system. Key functions that this

system should offer are



• Conducting filtered scans on the ePRI network to detect vulnerabilities to potential attackers and

internal users. This system should provide both external and internal scanning of PRI assets as well

as track individual assets, device criticality, and assignment of owners.

• Conducting unfiltered scans: these would mostly deal with detecting software vulnerabilities which

may arise from deficiencies in the design of ePRI application or mistakes in its implementation.

These would help detect vulnerabilities like Buffer Overflows, Format String bugs, Integer overflows

in the applications, or vulnerabilities that would block availability of system service, or vulnerabilities

that would allow attackers to break into weak links and escalate their privileges.

• Conduct Penetration testing: where tests are conducted using manual methods and scanners and

are more focused towards breaking security controls configured in the system. These tests will help

analyze the capability of security controls implemented into the system

• Conducting remediation: through Patch management for vulnerabilities identified as well as base

lining the security configurations and ensuring that vulnerabilities comply with these baseline

configurations. It should also provide a tool for policy-based workflow management and remediation

tracking

• Provide comprehensive and customizable reporting for multi-scan, group based scan as well as

compliance reporting

• Firewall/ Routing services

Firewall or routing services are systems which filter inbound and outbound traffic to and fro the ePRI

network. They are designed to block unauthorized access while permitting authorized communications.

These will be required to block unauthorized users from accessing the PRI network through the internet or

un-trusted network. These can be dedicated appliances or software running on computers placed between

protected and un-protected networks for inspecting network traffic passing through it and denies or permits

passage based on set of rules.

It is recommended that ePRI systems should

o Dedicated proxy servers with Boundary Routers: These firewalls are more flexible and have

good filtering speed as well as retain proxy control of traffic. They are capable of blocking Denial-of-

service attacks, filter unwanted protocols and perform simple access control. Boundary routers will

be implemented generally at the boundaries of network connections and further connected to

dedicated proxy servers. For e.g. in the ePRI system HTTP proxy server should be connected

behind the boundary router, Users will therefore need to connect to this proxy in order to connect to

the ePRI web server. Use of dedicated proxy servers will help PRIs in prevent attacks like XSS,

scanning and removing viruses as well as malware injected through web page scripting.

o Host based firewall: These firewalls are available in the operating system itself. These should be

implemented for the ePRI servers (like application servers and database servers)



o Personal firewall: These should be installed on the laptops/ desktops of all PRI functionaries

accessing the PRI network.

o Personal firewall appliances: these should be run on specialized hardware like cable modem

WAN routing, LAN routing, Network hub, Network Switch, etc.

While implementing firewall standards and guideline published by NIST can be used. These can be found at

http://csrc.nist.gov/publications/nistpubs/800-41/sp800-41.pdf

• Encrypted Access to Network (VPN)

Virtual Private Networks (VPN) are networks that will provide an encrypted access to the ePRI network via

the Internet or other non-trusted networks thus, ensuring that the remote access is secure. By implementing

VPN for remote access within the ePRI network, all remote access sessions will be encrypted to protect

confidentiality. VPNs will allow PRIs to establish usage restrictions and implementation guidance for

wireless technologies as well as document, monitor and control wireless access to PRI information

systems.

Standard mechanisms like IPSEC with a minimum of 128-bit keys for symmetric encryptions can be used

for VPN tunnelling for remote access. IPSEC (IP Security) is a suite of protocols for securing Internet

Protocol (IP) communications by authenticating and/or encrypting each IP packet in a data stream. It also

includes protocol for cryptographic key establishments.

The above cryptographic mechanism can also be combined with passwords and bio-metric authentication.

Such mechanisms can also be implemented in devices like firewalls and access gateways.

• Intrusion Detection and Protection

These are systems that will help PRIs in monitoring events occurring in the ePRI System or ePRI Networks

and analyzing them for possible incidents which could be violations or imminent threats of violation of

security policies, or acceptable use policies or standard security practices and stop detected possible

incidents. This system will focus on identifying possible incidents, logging information about them,

attempting to stop them and reporting them. Considering the network architecture designed for ePRI in

West Bengal following IDPS systems should be implemented.

o Network based IDPS – This system will monitor the network traffic on the ePRI network and

analyze the network and application protocol activity to identify suspicious activities. This system

shall be implemented near the border firewall or routers, near VPN servers as well as near remote

access servers.

o Wireless IDPS – This system will monitor the network traffic on wireless networks like those

between West Bengal and analyze it to identify the suspicious activities involving wireless

networking protocols. This should be deployed at locations within a range of wireless networks

between GP Offices and PoPs where a wireless connection is established



o Network Behaviour analysis – This system examines network traffic to identify threats that generate

unusual traffic flows, Distributed Denial of Service attacks (DDoS)2, certain forms of malware and

policy violations (e.g. client’s system network providing services to other systems). This system

should be deployed within the intranet at GP Offices as well between office connected via leased

lines

o Host based – This system monitors characteristic of a single host and the events occurring within

that host for suspicious activities. For e.g. This system monitor the system log, application activity,

database access and modifications as well as changes to system configurations. This system

should be deployed on all critical ePRI servers like ePRI database and application servers as well

as the Directory services servers

IDPS components implemented for ePRI should perform following key functions

o Identify security policy problems by duplicating firewall rule sets and sending alerts when it detects

that network traffic that should have been blocked by the firewall has not been blocked due to an

error in the firewall configuration

o Log information about detected threats so as to educate the PRI management about the threats

they are facing. This information should be further sent to centralized Event logging and auditing

components

o Notify system administrators through emails, messages, SNMP traps, etc whenever a potential

threat is detected

o Produce reports on all events detected and summarize the potential threats

o If possible intrusions are detected, the IDPS should respond either terminating network connections

or user sessions that are being used for attacks, or block access to the ePRI system from the

offending user account/ IP address. Thus, like previously explained, if an offended user is trying to

change the Budget envelop in PlanPlus, then the IDPS can detect so and terminate the user

session before any such modifications are affected.

o In some cases the IDPS should also be able to change content by replacing malicious portions to

make it benign.

For implementing IDPS following infrastructure will be required

o Sensor or Agent which monitor and analyze activity in Network, wireless or NBA systems, Agents

are typically used in Host based systems

o Management server is a centralized device that receives information from the sensors and

manages them. They can also analyze events detected by the sensors



o Database servers are used as a repository for event information sensors, agents or management

servers

o Console, which is a program that provides interface for activities like configuring sensors,

monitoring and analysis

While implementing the IDPS systems in the ePRI networks, guidelines provided by National Institute of Standards

and Technologies can be referred. These guidelines give a detailed explanation on how each system should be

implemented and at which points in the network. These guidelines can be found at

http://csrc.nist.gov/publications/nistpubs/800-94/SP800-94.pdf

14.6 Specification of Hardware Components

Component Specification Unit Charges

Laser Printer HP Color Laserjet CP1215 Printer

(A4, 8 PPM , 16 MB RAM, 600 x 600 dpi, 150 sheet input tray 125

output tray, USB interface cable and driver software)

14,400

Web Server Annexure-IV (RS4)4U Rack Mount Server having Dual Intel Xeon

(Duel Core)7120M (3GHz, 800 MHz FSB, 4 MB L3 Cache and 2x

1MB L2 cache or higher processor support for Quad dual core

processor,8GB DDR2-400Mhz FB DIMM or higher ECC memory,

SVGA video Controller with 16 MB RAM, SAS Raid Controller

having 128 MB buffer memory with battery backup and supporting

RAID 0, 1 and 5 Dual Gigabit server Ethernet controller with

Teaming, load balancing and auto fail over Feature, 5 x146GB SAS

HS HDD, IDE DVD ROM Drive, with (N+1)hot swap Redundant Hot

Swap Power Supply

366025

Application Server Annexure-IV (RS4)4U Rack Mount Server having Dual Intel Xeon

(Duel Core)7120M (3GHz, 800 MHz FSB, 4 MB L3 Cache and 2x

1MB L2 cache or higher processor support for Quad dual core

processor,8GB DDR2-400Mhz FB DIMM or higher ECC memory,

SVGA video Controller with 16 MB RAM, SAS Raid Controller

having 128 MB buffer memory with battery backup and supporting

RAID 0, 1 and 5 Dual Gigabit server Ethernet controller with

Teaming, load balancing and auto fail over Feature, 5 x146GB SAS

HS HDD, IDE DVD ROM Drive, with (N+1)hot swap Redundant Hot

Swap Power Supply

366025

Data Base Server Annexure-VI (Config-F), Rack mount Server (6U/7U) equipped with

Quad multi core RISC/ EPIC 64 bit, fully binary compatible to 64 &

32-bit Applications processors (Quad Sun Sparc 64-VII processor,

1768000



Component Specification Unit Charges

2.4 GHz, 1.4Ghz Processor/ Quad Dual Core Intel Itanium2 9140N,

1.66 GHz or higher processor), 16x2GB DDR2-667 with ECC

memory expandable to 192GB, Dual port or higher SAS Controller

supporting RAID 0&1, 2x146GB SAS Hot Swap HDD (10K or higher

rpm), IDE DVD ROM Drive, Dual port Gigabit server Ethernet

controller, One dedicated Ethernet port for OS independent

hardware management (Out of Band management). Server

Equipped to support clustering of servers under Windows & Linux

OS without any additional hardware, virtual media licence, 3 yrs on

site comprehensive warranty support. (Note: Sun Server is with built

in 2x4Gbps HBA Card)

Personal Computer Desktop System with Intel Core 2 Duo E7300 (2.66GHz speed,

3MB-L2 Cache,1066MHz FSB) or higher processor, 2GB DDR-II

800 MHz or higher Memory, 250GB or higher SATA-II HDD, TCO-03

certified 17'' TFT colour monitor, DVD Writer, Gigabit Ethernet Port

& 4xUSB, Keyboard & Optical Mouse with Mouse pad, Preloaded

Windows Vista Business Edt. & Preloaded Anti Virus S/W with 60

days validity).

Complete System with 3 Yr. Warranty onsite warranty support.

31243

Switch AL2012C41 - Ethernet Switch 425-24T with 24 10/100 BaseTX plus

2 combo 10/100/1000/SFP uplink ports plus 2 in-built stacking ports

with 5yrs warranty

37672

Table 36- Specification of Hardware Components

14.7 Power Backup Options Since most of the Gram Panchayats across the country face acute power shortage, it is important that adequate

power backup is provisioned to ensure smooth operations at the Gram Panchayat. The following three alternatives

can be explored depending upon the need and feasibility.

• Inverter

• A typical 1200VA inverter can operate 1 fan, 1 tube light and 1 PC

• Considering the need for 8 hours backup, two inverter batteries would be required for the above load

• Cost – Rs. 25,000 approximately per GP

• Operational Expenses – Battery water

This option is most suitable in situations where power supply is available for 8-10 hours every day as the inverter

battery would need power supply for charging



• GenSet

• A typical 1200VA genset can operate 1 fan, 1 tube light and 1 PC

• Cost – Rs. 30,000 approximately per GP

• Operational Expenses – Rs. 12 – 15 per hour.

This option is feasible in most situations, except in far flung areas where availability of fuel is limited.

• Solar Photo Voltaic Cells

• Off the grid lighting concept based on solar photovoltaic technology is also an upcoming alternative. While

the upfront investment is significantly higher than the other alternatives, the operational expenses are

negligible. It has been tested in the state of Rajasthan has across all 9168 GPs.

• Cost - Rs 3.10 lakhs per GP. This includes 5 years maintenance.

• Operational Expenses – Battery water

In Rajasthan, this option has been implemented in a Service Procurement Model, whereby the service providing

agency shall be paid, based on the number of hours for which electricity is provided. This eliminates the drawback

of high upfront investment. Hence, this delivers the maximum value for money.