DG Systems, CBEC, New Delhi

CBEC-GST Application ACL Module

User Mapping

www.cbec.gov.in https://cbec-gst.gov.in

Introduction to

ACL Module

User

activation

User

mapping

request

Access to

CBEC-GST

Application

Topics for the session

All Departmental users of the application are Makers and ACL Admin (Comm admin) are Chekers.

Users request for Formation mapping, Transfer, Leave etc. in the application and ACL admin approves the same.

This system will effectively address the delay that happened in the mapping process earlier.

All department officers to check and confirm mapping done by ACL Admin to ensure that right formation and permissions are assigned.

Responsibility fixed for all officers with e-sign feature.

ACL Admin is not a profile but a permission set. Thus, any one can become ACL Admin in future. S

Importance of ACL for Department Officers

Introduction to ACL

Session-1

ACL authorizes users to use application as per their Roles and Responsibilities

ACL determines who has access to what data, and what actions user can perform on such data.

What is ACL Module?

Types of Users

Administrative users have the permissions to map SSOIDs to a formation/permission set

Admins can exist at various levels in the formation hierarchy, from All-India level all the way down to Divisional level.

India level (i.e., “India Admins”) will have the additional privileges to create/delete/edit formations, jurisdictions, permission sets

Other admins will only be allowed to do mappings

Normal users do not have the power to map users, but can just view their own mappings.

A normal user may request for additional charge etc. and a notification will be sent to the administrative user to process the same with required approvals.

Different Levels of Admin

INDIA ADMIN

ACL ADMIN -COMMISSIONERATE

ACL ADMIN - DIVISION

Concepts of Access Control Logic in CBEC GST Application

FORMATION JURISDICTION PERMISSION

Access Control Logic works on the basis of these three concepts:

CBEC has many verticals to handle different functions assigned to it.

Example

―Executive Setup( Field formations)

―Directorates ( Systems, DGGSTI, Audit, DRI etc., Appeal Commissionerates etc.,)

The functions of the verticals are unique and quite different and also the jurisdiction and individual Officers role.

In order to provide access to CBEC-GST software to the officers working in these verticals, in ACL Module a new concept has been introduced known as “Formation”.

Now the Officers of different verticals can be are mapped based on the Formation they are working.

CB

EC

Executive

Commissionerates

Directorates

Audit Commissionerates

Appeal Commissionerates

Non-CBEC Formations

Other CBEC Formations

Formation

Formation Mapping in ACL

Each officer is mapped to one or more field formations.L1

India

L2

(ex: Zone)

L3

(ex: Commte)

L4

(ex: Division)L4*

L5

(Ex: Range)

Ln (taxpayer)

i.e., GSTIN

Officer

Parent Formation Zone Commissionerate Division Type of Formation

Executive Setup Tamil Nadu Coimbatore Coimbatore -I Base Formation

Executive Setup Tamil Nadu Coimbatore (HQ) -Adjudication

AdditionalFormation

Executive Setup Tamil Nadu Coimbatore (HQ) -Statistics

AdditionalFormation

Example of Mapping to Multiple Formations

Parent Formation Zone Commissionerate Division Range Type of Formation

Executive Setup Tamil Nadu Coimbatore Coimbatore -I Range A Base Formation

Executive Setup Tamil Nadu Coimbatore Coimbatore – I -Refunds

AdditionalFormation

Executive Setup Tamil Nadu Coimbatore Coimbatore – I -RTI

AdditionalFormation

Additional Formations at Commissionerate Level

Additional Formations at Division Level

Jurisdiction is the functional area in which the Officer exercise his authority provided by the law.

The different veridical have different jurisdiction to execute the authority and it different Officer to officer.

The Officers of different verticals after mapping the “Formation” has to be assigned with “Jurisdiction”.

Executive

Zone

Commissionerate

Division

Range

Directorates

Zonal

Regional

Audit

Commissionerate

Circle

Group

Jurisdiction

Permissions are different set of privileges given to an officer to access and perform the allotted work in CBEC-GST software depending upon his functional powers as per law , formation and jurisdiction.

The officer can also now be assigned with Additional responsibility

Ex;

―ACL Admin

―Divisional Asst. Commr

―CPC Supdt

―CPC Inspector

―RSP

• Commissioner

• ADC/JC

• Hqrs AC/DVN-AC/DC

• Hqrs-Supdt/Range Supdt

• Inspectors

Executive Commissionerates

• Director General

• Addl. Director General

• ADDL/JD

• DD/AD

• Supdt / SIO

Directorates

• Commissioner

• ADC/JC

• Hqrs AC/DVN-AC/DC

• Hqrs-Supdt/Audit Supdt

• Inspectors

Audit

Permissions

Permission Mapping in ACL

And in each such formation, the officer has one or more permission sets.

L1

India

L2

(ex: State/Zone)

L3

(ex: Commte)

L4

(ex: Division)L4*

L5

(Ex: Range)

Ln (taxpayer)

i.e., GSTIN

Officer Permissions B, Permissions C

What is new to user in the ACL module ?

From the ACL Module itself, send request for the mapping and activation

Viewing the

―Base permission allotted in various modules

―TASK of other formations

Sending intimations to ACL Admin

―About transfer from a formation

―Addl. Charge request.

―Intimation about Leave/ out office

Mapping Request by the User

Session-2

In this session let us try under stand how to map in the ACL module:

―Do you have your SSO-ID?

―Which formation do you belong to?

―What is your Area of Operation (ZCDR)?

―What are your key Responsibilities in your current posting?

The new user request the ACL Admin to get access permission.( Offline work)

Access permission to software is given by the Saksham Team

User requests for mapping to a particular formation and permission

ACL Administrator of that formation receives a notification

If ACL Administrator approves, user is mapped now to the formation

User notified of mapping

Advantages:

―Long delays in mapping eliminated

―Onus is on user to raise a request and ensure timely mapping.

First time user: Workflow

Request for

mapping to CBEC-

GST Application

through ACL Admin

Mapping to a

Commissionerate

and application by

SI

Request for the

formation and

permission by the

user

Mapping of the

user by ACL Admin

Checking for the

proper mapping

Steps involved for user mapping

Workflow

Tax Payer

Saksham Seva

Maps the user to

CBEC-GST software

intimates to All India

admin and ACL Admin

ACL Admin

Sends request to

Saksham Seva to Map

the user to CBEC GST

Software

User

Login to the CBEC-GST

Software. Sends

request through

software to map him to

the formation and

jurisdiction

Off line

saksham.seva@icegate.gov.in

User

ACL Admin

Maps the user to the

formation and

jurisdiction Views the request

status and starts

working

Opening screen

21

Ctrl+Alt+Del

Open IE Browser

Enter URL http://appstore.cbec.gov.in

Citrix login page

Application page

First time log in screen

Sending Formation Request –Screen-1

Step-2 –Selection of Formation Type

Step -3 Selection of Formation

Submission of request along with attachment, if any

Submission confirmation

Confirmation of submission

Check the submission status

Notification for the request made

Mapping the user by the ACL Admin

Session-3

Request lands to ACL Admin Dash Board

Initiating action –ACL Admin

Viewing the mapping request

Mapping the permission set

Check for the permission given

Confirmation

Approval of mapping

Reading the notification-Raised

Login to check mapping by ACL Admin

Session-4

ACL Menu

Dynamic menu after mapping the user to formation, jurisdiction and permission

Menu after grating the permissions

View request status

View the permissions

Transfer request

Additional Charge request-Select the formation

Leave and Out of office

Leave requests

Basics of ACL Module

How to activate the user for CBEC-GST Application

Sending mapping request to ACL Admin by user after first time

login

Mapping the user by ACL Admin for formation, jurisdiction and

permissions,

Sending transfer request/additional charge / leave intimation to

ACL Admin

Recap

Difference Between ACES and CBEC GST

Session- 5

ACL - ACES vs GST

ACES CBEC-GST

Works for CDR only

SSOID mapped to a particular

Designation/Commissionerate offline (by

SI helpdesk)

SI performs on SSOID

creation/updation and gives authentication

to access the application including the

jurisdiction (Com’te)

Works for various verticals

SSOID along with all the details will be

created in SI. Authentication is done in SI

and Authorisation is done in GST

Differences (cont.)

ACES CBEC-GST

Only one officer of the same designation

can be mapped in the same CDR

jurisdiction

Officers of the same designation having

similar privileges (say DSR), cannot

perform concurrently at various formations

Many officers of the same designation

can be mapped in SZCDR formation. In

such cases, the workflow would happen

on round-robin-load balancing basis -

CPC officers

Officers of the same designation at

various formations CAN perform

concurrently

Differences (cont.)

ACES CBEC-GST

ACL Admin, i.e. COM ADMIN is a

profile. He/she cannot perform in any

other CDR formations, say in a Range

concurrently, since it would lead to

workflow conflicts.

Only Two Types of Administrators viz.

HQADMIN & COM ADMIN are available

ACL Admin, i.e. COM ADMIN is not a

profile. It is a Permission Set. He/she can

perform in any other CDR formations, say

in a Range besides Admin.

Many Administrators viz. INDIA ADMIN

at all India level and ACL ADMINs at State

/ Commissionerate, etc.

Differences (cont.)

ACES CBEC-GST

For every officer mapping, the admin

was selecting the list of transactions

manually, by creating duplicate roles and

role groups.

In GST , India Admin creates a standard

permissions set for all which is available

for mapping.

Differences (cont.)

ACES GST

One SSO ID couldn’t be mapped to

multiple formation and no additional

charge could be given.

Whenever, designation is changed,

access privileges are not altered in the

application automatically.

One SSO ID can be mapped to multiple

formation and additional charge also can

be given.

Whenever, designation is changed, the

permission set and the formation are

made as NIL automatically by GST

Application based on the inputs from SI

(SSO ID updation) dataflow.

Activity and Q&A

Session-5

During user mapping, permissions are mapped first. Later, each formation and jurisdiction is mapped based on the permission given. Agree or Disagree.

Only India Admins have the additional privileges to create/delete/edit formations - Agree or Disagree.

An ACL user has an option to change his formation in the application using the ‘Transfer’ feature. - Agree or Disagree.

Permission sets can also be created by ACL Admins in the application - Agree or Disagree.

Can Normal User prepone / advance his/her leave - Agree or Disagree.

Activity- Agree / Disagree

Thank You