Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
Deposit and Credit Guarantee Fund (DCGF)
Naxal, Kathmandu, Nepal
Terms of Reference (TOR)
For
"Development of Centralized Web Based MIS system for
Credit Guarantee Fund (DCGF)"
Issued By
Department of Information Technology
April, 2018
Page 2
Table of Contents
Glossary .......................................................................................................................................... 5
Introduction ..................................................................................................................................... 7
Objectives: ...................................................................................................................................... 7
Scope of Work ................................................................................................................................ 8
Key Stakeholders ............................................................................................................................ 9
Data Services and facilities to be provided by Client PMU ......................................................... 10
Major Actors of CGFMIS ............................................................................................................. 10
Components of CGFMIS .............................................................................................................. 10
Subsystem and Modules of CGFMIS ........................................................................................... 11
1. Credit Guarantee Subsystem Module ................................................................................... 11
i. Livestock Guarantee Module ......................................................................................... 11
ii. Micro-Finance And Deprived Sector Credit Guarantee Module ................................. 11
iii. SME Guarantee Module .............................................................................................. 11
iv. Agriculture Guarantee Module .................................................................................... 12
2. Investment Sub System Module ............................................................................................. 12
3. Administration, Accounting and Inventory Subsystem ......................................................... 13
4. Cross Cutting Modules ......................................................................................................... 14
5. Financial Management Information Systems (FMIS)........................................................... 15
High Level Diagram for CGFMIS ................................................................................................ 17
....................................................................................................................................................... 17
Investment Module Investment Process Flow ........................................................................... 18
Credit Guarantee Module Process Flow .................................................................................. 19
General Guidelines for System Architecture DCGF .................................................................... 19
Service Oriented Architecture and Loose Coupling ................................................................. 20
Key Non Functional Requirement ............................................................................................. 20
Requirement for Application Software...................................................................................... 22
Requirement for Programming Language ................................................................................ 22
Requirement for Software Interface Language ......................................................................... 22
Requirement for Input Data Language ..................................................................................... 22
Requirement for System Configuration and Management ........................................................ 23
Page 3
Requirement for Compatibility with Operating System ............................................................ 23
Requirement for Browser support ............................................................................................. 23
Requirement for GUI Design .................................................................................................... 23
Requirement for Development Tools ........................................................................................ 23
Requirement for Database Software and Design...................................................................... 23
Requirement for Database Management System ...................................................................... 24
Requirement for Database Security .......................................................................................... 24
Requirement for Web Services .................................................................................................. 25
Requirements for Scalability ..................................................................................................... 25
Requirement for Modularity and Flexibility ............................................................................. 26
Requirement for Logging and Audit Trails ............................................................................... 26
Requirement for Searching and Reporting ............................................................................... 27
Backup and Recovery ................................................................................................................ 27
Requirement for Security: ......................................................................................................... 27
Requirement for Session Management...................................................................................... 28
Requirements for PKI Based Authentication and Authorization .............................................. 28
System interfacing and integration Requirement ...................................................................... 29
Test Data Generation .................................................................................................................... 29
Response Time .............................................................................................................................. 29
Data Center & Infrastructure ........................................................................................................ 30
Quality Assurance Plan ................................................................................................................. 30
Change Request Management ................................................................................................... 31
Requirement for Multi User Environment .................................................................................... 31
Requirement for User Interfaces Design .................................................................................. 32
Software Standards and Performance ........................................................................................... 33
Open Standards ......................................................................................................................... 33
Government Enterprises Architecture (GEA) ........................................................................... 33
Government Interoperability Framework (NeGIF) .................................................................. 33
System Performance ..................................................................................................................... 33
Software Performance and key cross cutting characteristics ........................................................ 34
Page 4
Input/output Validation ............................................................................................................. 34
Capacity Building, knowledge transfer and Training ................................................................... 35
Testing........................................................................................................................................... 36
Security testing of the System .................................................................................................... 36
Stress and Performance testing ................................................................................................ 37
Installations, Commissioning and User Acceptance Testing (UAT) ........................................ 37
Data Archival and Housekeeping ................................................................................................. 38
Licensing and Intellectual Property .............................................................................................. 38
CGFMIS Documents and Deliverables ........................................................................................ 39
Technical/User Manual Content ................................................................................................... 39
Technical Manual (For Engineers/ Developers) ...................................................................... 39
User Manual (Operator/Users) ................................................................................................ 40
Consultant Qualifications.............................................................................................................. 40
Legal Document ........................................................................................................................ 41
Qualification and Experience Required for the Proposed Personnel ...................................... 41
Consultant’s Personnel ............................................................................................................. 44
Proposal Requirement ................................................................................................................... 45
Duration of the Work and support: ............................................................................................... 46
Duration of Work ...................................................................................................................... 46
Support ...................................................................................................................................... 46
DCGF Related Laws & Bye Laws ................................................................................................ 47
Appendix ....................................................................................................................................... 48
Page 5
Glossary
ACL Access Control Level
BFIs Banks and Financial Institutions
BoQ Bill of Quantity
DC Data Center
DCGF Deposit and Credit Guarantee Fund
CGFMIS Credit Guarantee Fund Management Information Systems
DR Disaster Recovery
EOI Expression of Interest
FMIS Financial Management Information Systems
GEA Government Enterprise Architecture
GoN Government of Nepal
GUI Graphical User Interface
HTTP Hypertext Transfer Protocol
HTTPS Hypertext Transfer Protocol Secure
ICT Information and Communication Technologies
INGO International Non-Government Organization
IP Internet Protocol
LOI Letter of Intent
MIS Management Information System
NASCII Nepal Analysis Standard Code for Information Interchange
NeGIF Nepal Government Interoperability Framework
NGO Non-Government Organization
NRB Nepal Rastra Bank
ODBC Open Database Connectivity
OPSEC Open Platform For Security
OWASP The Open Web Application Security Project
PMU Project Management Unit
RFP Request for Proposal
SOA Service-Oriented Architecture
Page 6
SOAP Simple Object Access Protocol
SRS Software Requirements Specification
SSL Secure Socket Layer
TB Terra Byte
TCP Transmission Control Protocol
TFA Two-Factor Authentication
TOGAF The Open Group Architecture Forum
TOR Terms of Reference
UAT User Acceptance Test
UDDI Universal Description, Discovery, and Integration
UI User Interface
W3C World Wide Web Consortium
WSDL Web Services Description Language
WMI Windows Management Instrumentation
Page 7
Introduction
Financial stability is one of the topical issues that has been accorded increased attention from
central bank, government, market players, borrowers and deposit insurer. As a deposit insurer,
Deposit and Credit Guarantee Fund (DCGF) has started the deposit guarantee scheme in Nepal
from the year 2010. Deposit guarantee/insurance is recognized globally as an important component
of a country's financial safety net and has been implemented in more than 120 countries around
the world. It is a system that protects depositors against the loss of their guaranteed deposits placed
with banks and financial institutions (BFIs) in the case of unlikely event of the BFIs failure. DCGF
has given the statutory responsibility to perform both the deposit guarantee and credit guarantee
function through it's own "Deposit and Credit Guarantee Fund Act, 2073". In the DCGF Board
there has been representation of six from the government and one from Nepal Rastra Bank.
Obviously, DCGF is a government sponsored and administered separate entity. Generally, deposit
guarantee system is a government-sponsored scheme. In Nepal, deposit guarantee scheme is
confined to BFIs namely
Commercial Banks
Development Banks
Finance Companies and
Micro Credit Development Banks
Objectives:
Main Objectives
Design and implementation of the MIS system which helps to guarantee the credit
advanced by the banks and financial institutions presently in livestock, SMEs including
priority sector, deprived and micro-finance sector and to compensate the loss under a risk
sharing modality as per the concerned regulation in case of the proven death and
permanently infertile of livestock and indisputable default of other loans.
The other objectives of the system are:
1. To identify the key components to be designed and developed in the CGFMIS.
Page 8
2. Analysis, design and implement the different modules identified and mentioned in
CGFMIS.
3. Develop an interactive client web interface and mobile application (if necessary) for the
different CGFMIS stakeholders and users.
4. To enhance the capability of the system so as to make monitoring and supervision of the
DCGF work more effective.
5. To enhance the capability of the system so as to make it more interactive and responsive to
the stakeholders.
6. To make the system more user-friendly and faster.
7. To ensure high availability of the system.
8. To ensure the stability of the system.
Scope of Work
The consultant shall undertake to perform the services with the highest standards of professional
and ethical competence and integrity. The consulting agency is required to:
1) Consult to DCGF Staff on the most appropriate policy and system architecture and central
system requirement gathering. Also Consult DCGF staff for all related task during the
requirement gathering, system analysis, designing, development and deployment.
2) Detailed requirement gathering and analysis of existing of documents types and
applications generating such documents.
3) Design, development and deployment of solution.
4) Migration of existing data into to new system.
5) System documentation covering technical design, configuration details, administrative task
and operational aspect of the system.
6) Knowledge transfer and training to DCGF Users.
7) Technical support for one year after deployment of the system in the server.
8) Additional requirements may be covered during the analysis phase.
9) Recommend hardware and software requirement.
Page 9
Key Stakeholders
The following section describes the key stakeholders for the CGFMIS Implementation
1. Project Management Unit (PMU)
2. Application Development Agency (Consultant)
3. Nepal Rastra Bank (NRB)
4. Ministry of Finance
The PMU consists of the CGFMIS Design consultant and representative from DCGF. The
responsibility of the PMU includes the following
Overall project planning and management in collaboration with DCGF, includes planning
supervising and overall progress of the project, monitor conformance with the timeliness,
budgets and serve levels
Review the scope and technological solutions covering all components by the CGFMIS
Acceptance testing and Acceptance
Perform structural transition and rollout
Post Deployment reviews
Confirm and monitor service levels through the engagement with the CGFMIS through
periodic reviews
Monitor the implementation of the project according to the project plan and report to the
DCGF Board
Review the request for proposals
Issue the LOI to the Selected Consultant
Contract signing with Selected Consultant
Ensures proposer training arrangements
Page 10
Data Services and facilities to be provided by Client PMU
Nominate the counterpart in all areas of works in order to facilitate execution of project in
a timely manner
Provide the relevant reports and the information /data available with DCGF, however
collection of the data from different sources if required will be done by the consultant with
the consent of DCGF.
Timely review inputs on the deliverables submitted by the Application Development
Agency
Provide Access to the system and documentation related to the project
Facilitate necessary meetings /discussions with the external stakeholders
Administrative support in setting up meetings with other project organization
Major Actors of CGFMIS
1. Development Banks / Banks
a. "A" Class Commercial Banks
b. "B" Class Development Banks
c. "C" Class Finance Companies
d. "D" Class Micro Finance Institutions
2. DCGF branch staffs
3. Nepal Rastra Bank
4. Ministry of Finance (MOF)
5. INGOs
6. NGOs
Components of CGFMIS
The proposed CGFMIS will have following components:
1. Credit Guarantee Subsystem
2. Investment Sub System
3. Administration, Accounting, Human Resource and Inventory Subsystem
4. Subsystem for Cross Cutting Modules
Page 11
5. Financial Management Information System
Subsystem and Modules of CGFMIS
1. Credit Guarantee Subsystem Module
i. Livestock Guarantee Module
Membership Registration
Contract Management
Credit Guarantee Process Management
o By Member Organization
o By Non Member Organization (BFIs, INGO, NGO)
Livestock Type, Credit Limit, Numbers
Livestock Guarantee Fee management
Tag Management
Document and Report management
Claim and Payment Management
Form and Report Management according to Schedule (Anusuchi) of related
product
ii. Micro-Finance And Deprived Sector Credit Guarantee Module
Membership Registration
Contract Management
Credit Guarantee Process Management
Fee management
Document and Report management
Claim and Payment Management
Form and Report Management according to Schedule (Anusuchi) of related
product
iii. SME Guarantee Module
Membership Registration
Contract Management
Page 12
Credit Guarantee Process Management
Fee management
Document and Report management
Claim and Payment Management
Form and Report Management according to Schedule (Anusuchi) of related
product
iv. Agriculture Guarantee Module
Membership Registration
Contract Management
Credit Guarantee Process Management
Fee management
Document and Report management
Claim and Payment Management
Form and Report Management according to Schedule (Anusuchi) of related
product
2. Investment Sub System Module
DCGF will call for an investment proposal to different banks in which all the investment fund and
time for investment will be provided. The Banks that will quote for higher interest will be awarded
to use the fund provided by DCGF.
Membership Registration
Contract Management
Investment Interest Management
Bid Document Management
Report management
Form and Report Management according to Schedule (Anusuchi) of related product
Investment Notice Management
Investment Application Management
Investment Record Management
Page 13
Investment Comparative Bid Analysis Management
Investment Board User Management
3. Administration, Accounting and Inventory Subsystem
i. Administration Module
o Darta
o Chalani
o Tippani
o Board Members Management
o Office Minute
ii. Accounting Module
a. Charts of Accounts
b. Voucher
c. Ledger
d. Tax
e. Payroll
iii. Procurement and Contract Management Module
iv. Stock and Inventory
a. Item Entry and Opening Stocks
b. Item and Category Management
c. Demand Collection and Approval
d. Demand Disbursement
e. Purchase Order
f. Purchase Entry
g. Vendor/Supplier Management
h. Action Management
i. Vehicle and Fuel Management
j. Store Ledger
v. HR Module
a. Recruitment and Selection
b. Employee Details
Page 14
c. Attendance Record
d. Leave
e. Overtime
f. Training
g. Awards
h. Punishment
i. Deputation
j. Transfer
k. Retirement
4. Cross Cutting Modules
i. Security Management Module
a. User Role Management
b. User Management
c. Module / Sub Module Based Access Control Level (ACL)
ii. Reporting Module
a. Account and Inventory Related Reports
i. All the Voucher entry
ii. Issued Receipt
iii. Monthly Report
iv. Total Ledger & Product Wise Ledger
v. Minute
b. Loan wise report
i. Product wise Loan report
c. District wise report
i. Number of loans in number of district according to product
d. Pradesh wise report
i. Number of loans in number of Pradesh according to product
e. Business wise Report
i. Agriculture
ii. Service
Page 15
iii. Industry
f. Animal Wealth wise ledger report
i. Buffalo, Cow, Goat, Pig, etc. wealth wise ledger report etc.
g. Money Capping Wise Loan Ledger Report
i. Money Capping Wise Loan Ledger Report i.e.
1. Within 10000
2. Within 100000
3. Within 200000
4. Within 300000
5. Within 500000, etc.
h. Member Institutions Branch wise report
i. Member Institutions Branch wise loan / claim
i. Animal Wise ledger report
iii. Lookup, System Setting and Configuration Module
5. Financial Management Information Systems (FMIS)
FMIS accumulate and analyze financial data in order to make good financial management
decisions in running the business of DCGF. FMIS shall be integrated with various other Sub
Systems like Procurement and Contract, Investment, Inventory, HR and Payroll and accounting
subsystem for proper working. DCGF FMIS includes the following Module.
Source of Fund Management
Fiscal Year Setup – Link with Accounting
Accounts Heads and Charts of Accounts - Link with Accounting
Expenditure Management
o Expenditure Statements
o Recurrent Expenditure Statements
o Capital Expenditure Statements
Revenue Management
o Statement of Revenue Collection
o Source of Revenue
General ledger Management
Program and Activity Formulation
Budget Planning
Page 16
Budget Formulation /Allocation
Budget Disbursement
Budgetary Status
Cash Flow
Financing – Loan, Debt, Investment, Advance Payments,
Reimbursement etc.
Financial Statements
o Revenue vs. Expenditure
Interlink with / Integration with
o Integration with Procurement and Contract
o Integration with Accounting and Payroll System
o Integration with Investment Module
o Integration with Credit Module
o Integration with Inventory Module
Financial Audit Record
Beruju Farchaut according to the policy of DCGF
Foreign Aid Management
Security Deposits
Budget Heading Change / Rakamantar
Budget Source Change / Srotantar
Reporting
o Revenue Collection Summary and Detail Reports, Months, Year Wise
Revenue Collection
o Expenditure Summary and Detail Reports, Months, Year Wise
Expenditure
o Expenditure Type wise Report – Recurrent Expenses, Capital
Expenditure
o Source of Fund wise
o Budget Head Wise
o Sector Wise
o Investment Sector Wise
Page 17
High Level Diagram for CGFMIS
Member
Organization Web
Portal
Database
Data
Interface
Input Data Processing
Raw Import
Clean Up
Validate
MIS
Report Generation
Configuration
CGFMIS
Credit
Investment
Claim & Payment
Filtering
Parameter
List Generation
Accounting
DCGF Users
Data Verification
Retrieve Data for
Verification
Batch Data File
Fig: High Level Diagram for CGFMIS
Page 18
Investment Module Investment Process Flow
Page 19
Credit Guarantee Module Process Flow
General Guidelines for System Architecture DCGF
1. DCGF shall be designed as Web Based n-tired solution with informational, collaborative
and transaction services
2. Shall be unified solution for all DCGF services which provides interface for managing and
operating all the functionalities of the system
3. The solutions follow the tired approach allowing for horizontal and vertical scalability at
the access tier. Integration tier and database and hardware level. Possibly to provide for
redundancy at the web level or add another DBMS at the Database layer without making
changes to other tiers
4. Shall provide role based access to various stakeholders with associated role based
functionalities
5. Solution shall be designed to handle exception with meaningful messages
Page 20
6. Solution shall be designed through use case scenarios which shall be part of the functional
requirement specification
7. Shall allow for independent components registration and availability
8. Shall enabled ad-hoc MIS report generation
9. Integration Mechanism shall conform to GEA guidelines, the NeGIF and TOGAF
framework for SOA Approved by GoN
10. Shall be accessed from remote locations with minimal connectivity and the architecture
shall be designed to be operated in low bandwidth environment
11. Solution shall have to capacity to handle at least 10,000 users and should support at least
200 concurrent connects to the applications
12. Solution implement best practices for online security based on the transaction type and the
architecture should be designed to enable imaging security, secure socket layer (SSL), one
time Passwords and Digital Signature for signing/approval of documents.
Service Oriented Architecture and Loose Coupling
The System architectures shall be developed following SOAs based loosely coupled components,
for System resiliency, stability and maintainability of the proposed solutions, which leads
1. Easy way to add or change made in components without having to make reflective changes
to other components in the architecture/systems.
2. Choose the right enabling technology for the processes without concerning themselves with
technical dependencies, such as Database Technology, security models.
3. Components are protected from each other and can better recover from component failure.
4. The failure of a single component should not take down other components in the system
5. Creating a failover subsystem, moving from one instance of a component to another without
affecting the other components in the SOA.
Key Non Functional Requirement
Openness The developed system shall be open standard where possible. It should not be
vendor specific and depend on some vendor specific technology. There should not be
implementation of any vendor specific component, software, middleware, and firmware to
Page 21
avoid the vendor-locking situation. The proposed architecture, database, programming
language and any technology used to develop and implement system should use 'Open
Standard' whenever such standards are available and applicable to meet the specification.
Standards: The system shall be centralized web enabled system and the application
architecture of the system should be platform and vendor independent. The system should
be designed by following the open standards like SOA i.e. interoperable in nature and
design and development should be based on SOA. Shall be adherence with GEA, NeGIF.
Modularity: The designed modules of the system should be highly granular and highly
cohesive, loosely coupled which supports easy addition/removal of one more modules as
and when required. The solution architecture should have multi-tired architectures that
allow infrastructure simplicity and standardization.
Integrity and reliability: The solution shall ensure data safety and integrity in the event
of communication channels operation failures, software and hardware operability failures.
Availability: The availability of the system shall be high, solution should be designed to
remove all single points of failure and the solutions should provide the ability to recover
from failures.
Scalability and performance: The system shall have ability to scale up as and when the
new business applications and services are added without compromising the performance
of the overall solution. The chosen Architecture pattern and framework should be proven
to be highly scalable and capable of delivering high performance as and when transaction
volumes increase. Master Database for modules should be properly indexed so that
searching performance of the system provides high performance.
Error Messages and Handling: The system shall display appropriate warning messages.
System should display alerts and reminders for the user.
Usability: The home screen shall be designed with a better user interface. The System
should allow user to organize the Search results sort by clicking on table header. The
System should facilitate easy navigation of the screen i.e. back, forward, refresh options
should be made available to the user. Whenever the user enters the modules the system
should have a provision to display the description for all modules and sections
Page 22
Extensibility and Integration Support: The solution shall support Plugging in of other
authentication methods in the future. The Solutions must be capable of integration with a
payment gateways for paid user services
Requirement for Application Software
The software should be developed in reliable programming languages and programming standard
must be generic data acquisition, access coding using web based application technology. The
programming language should be selected so that it can easily communicate with printer for
printing.
Requirement for Programming Language
The software should be Web Based Application. The chosen programming language must have
readily available compiler and host environments for windows based operating system.
Applications for the web server would be developed in JavaScript, Asp.Net with appropriate
languages (C# etc.)
Requirement for Software Interface Language
The web-based application shall have Nepali and English Languages, words and characters. The
application should use Nepali Language for Interface, instructions and messages. English
Language should be used where Nepali language is not possible. The system should have provision
to use both Nepali and English Date values in standard format. There should be a module to change
date from Nepali to English Date format and vice versa.
Requirement for Input Data Language
The System Database consists of data values both in Nepali and English language. Hence, the
forms and related interfaces should be designed to input, store and process both Nepali and English
languages. For Nepali language input data values, Nepali Unicode should be used. All the Static
and Dynamic text should be displayed and saved in English and Nepali
Page 23
Requirement for System Configuration and Management
The Application should be highly configurable; there should be minimal hard coded options. The
developed application should be parameter driven. The options, choices, popup for various data
should be configurable using software option and database configuration.
Requirement for Compatibility with Operating System
The developed system should be compatible and could be hosted and compatible to any widely
used operating system. The Windows system is more preferable and should avoid any vendor
specific system. The consultant should provide the detail hardware specification required to install
the system.
Requirement for Browser support
The developed web based system should be run at client end using most popular browsers. The
system should be compatible to at least following browsers. Mozilla Firefox, Internet Explorer,
Google Chrome, Opera, Safari, Edge. A personalized local access directory must be maintained.
Requirement for GUI Design
The system should facilitate full utilization of screen space (Adjustable to type of device, screen
resolution). There should be a facilitate access control, the user should be able to view / work on
the screens which are applicable for his/her role.
Requirement for Development Tools
The consultant will be responsible for development software and tools required to develop the
proposed task. Consultant should fulfil the license, API development and any other requirement
themselves. There should not be any cost in the implementation of the system.
Requirement for Database Software and Design
The database should be selected so that it can handle very large amount data. The database must
be RDBMS. The Database server would be having Oracle etc.
Page 24
The database should contain the following features
1. Good design/planning, Normalization
2. Good naming standards and documentation
3. Domain values should be properly handled and maintain proper data integrity
4. Maintain recovery, concurrency control, Automatic Backup and others
5. Maintain integrity
6. Stored procedures to access data
7. Proper testing
8. Recovery pattern/schedule
Requirement for Database Management System
1. The system should be able to support high level of concurrent usage and should be scalable
2. The system should be configured in a clustered mode at the data center to ensure high
availability and failover
3. The system should be able to currently store at least 20 TB of data and should be scalable
4. The Database Schema should be designed in an efficient manner and should have ability
to incorporate the appropriate normal form of database design
5. The System should have proper facilities to define backup schedules
Requirement for Database Security
1. The system should not allow direct access to the data from any non-application software
platform, such as Database prompt
2. The system should not provide access to the database prompt for accessing the application
data. Access to the database should be restricted only through the application software
interface
3. Whenever, the database is accessed for administration related purpose, the access should
be audit trailed or logged
Page 25
Requirement for Web Services
1. System shall based on industry standards (e.g. W3C) and should not be limited by
proprietary platforms of any kind
2. The system shall be designed with the objectives of efficient delivery of other solution
components
3. The system shall be open to interface with Other Departments systems for required data
exchanges and validations
4. The system shall be able to expose its service delivery functionality on request from other
departments and on approval of the same by DCGF
5. The system shall have the capacity of being deployed in load balanced clusters to provide
availability and scalability
6. The system shall be built on Open Standards and have Web Interfaces for the client access
7. The system shall have scalability to meet future transactions so that change or upgrade in
Operating System, Software Platform and Tools or any other components used, must not
render the system incompatible and limited use
8. System shall provide for necessary validations/ alerts to avoid wrong entries or to prompts
in case of wrong entries
9. The system shall have capability to logically partitioning the switching system to avoid
interfaces with other set of users
Requirements for Scalability
1. The system architecture shall be scalable and capable of delivering high performance as
and when the number of users and transactions increase
2. The system shall sustain the increased number of transactions in future
3. The Application and deployment architecture shall provide for Scale up and Scale out on
the Application and Database Servers and all their solutions components
Page 26
Requirement for Modularity and Flexibility
1. The system shall cover a range of business processes modules within application and it
should be capable of adding more functionality, modules or number of users. The system
should be able to integrate with other system / products / applications on open standards
2. The system shall be adoptable to changing practices and in case need arises to customize
specific needs, the system should be flexible to integrate with new add-ons and processes
that can be plugged-in with the existing system
Requirement for Logging and Audit Trails
1. The system must keep an un-modifiable audit trail capable of automatically capturing and
storing information about All the Actions (Create/ Update/Delete), The user initiating and
carrying out the actions, Date and time of the events.
2. Once the audit trail functionality has been activated the system must track events without
manual intervention and store in the audit trail information about them.
3. The system shall have a timeframe for which old audit logs will be maintained for ready
reference in the system. The old records should be archived in the DCGF database.
4. The system shall have the functionality to log all application transaction details including
time stamps, operators, approver, Update/ Modification trails etc., Browser information, IP
Address etc.
5. Any critical log information, which requires urgent attention, such as issues can lead to
downtime, shall be captured properly and an appropriate alert be generated and sent to
department officials as well as the technical support team.
6. The system shall have a secure and preferably embedded log repository to store logs that
do not require separate database expertise to administer and manage.
7. The System shall support the following methods for log collection
a. Windows Management Instrumentation (WMI) for remote collection from the
Windows Events log
b. Syslog
c. Open Database Connectivity (ODBC) Text Log
Page 27
d. Open Platform For Security (OPSEC)
Requirement for Searching and Reporting
1. The system should have the provision to store, load and delete customer queries to each
user for easy retrieval
2. In the Query builder reports, the reports should have features to save the report data and
retrieve the saved report and also delete the same
3. System should provide the user with search hints/ tips on the data fields such as Names,
Locations and Objects
4. Users should be able to choose a search options. Users should be provisioned on option to
add additional filtering criteria to that search such as adding AND OR conditions
Backup and Recovery
1. The system should have the backup solution for regular/ scheduled backups
2. The system should have the facility to backup the data and stored within the CGFMIS
database in accordance with backup policy
3. The system shall have asymmetric encryption of data backup files such that encryption can
be done using a public key of the authorized user and decryption can be done using the
private key of the same user.
4. Consultant should provide the Data Recovery Plan for the backup data and there should be
no effect in the system after data recovery.
Requirement for Security:
1. Configurable Two factor authentications (TFA) will be used for security purpose
(Administrator can configure either TFA enable or disable).
2. The system shall develop according to the OWASP Web Security Guideline. The system
should be free from security vulnerability like SQL Injection, XSS, CSRF, Session
Hijacking, Google Hacking, Directory Traversal, Broken Session, IDS /IPS.
3. There should be Audit trails mechanism.
Page 28
4. The System shall have a Role Based / Module Based ACL.
5. There should be a Password Validation Requirement Checking.
6. The system shall force to change the password of users in every 3 months (it should be
parameterization based i.e. Administrator can set the period of forced password change
policy.
7. Consultant is not allowed to use any existing CMS for the development, however, can use
Existing Security proven and scalable Software architectural, Design Patterns, Framework
or Class Libraries.
8. Before launching the system, the Consultant should perform the independent Third party
Audit and Vulnerability Assessment and Penetration Testing (VAPT) of the system and
must submit the report. After the Security Audit report evaluation, if the Consultant is
passed in Security Audit then only the final instalment of payment will be released to the
consultant.
Requirement for Session Management
1. The system shall limit more than one session per user or Process ID
2. The system Shall limit on the maximum time length of an idle session
3. The system, users should be able to explicitly terminate the session
4. The system should not store authentication credentials on client computers after a session
terminates
5. The system shall map the sessions with the client machines and should store the appropriate
data
Requirements for PKI Based Authentication and Authorization
System should support PKI based Authentication and Authorization, in accordance with Electronic
Transaction Act of Nepal, using the Digital Certificates issued by the Certifying Authority
Approved by Govt. of Nepal
Page 29
System interfacing and integration Requirement
1. The DCGF portal shall bring all of its services under one umbrella and provide a unified point
of access to citizens, internal users and other intended users to avail services.
2. The System shall support TCP/IP, HTTP, and HTTPS for all traffic between user screens and
the applications.
3. The Proposed solutions shall provide interfaces and formats for data transfer between external
agencies and relevant stakeholders as per the requirement.
4. The DCGF shall include various tools /adaptors to interface with various software applications
implemented and used by the various departments.
5. Provide integration capabilities to support data collection and data synthesis services related
to DCGF used by various departments to provide the services specified in the modules of the
DCGF portal.
Test Data Generation
Consultant should generate the automated test data to verify the smooth operation of the system
before the implementation of the system in DC & DR site.
Response Time
The response time of the system should be as under:
For data transaction like – add, update, edit, delete etc. Response time shall be less than
one second or less.
For complex transactions: Response time will be two seconds but in any case time for
completion of the transaction shall not exceed five seconds
Response time for “help, exit/entry of menus, scrolling or paging, error processing etc.
shall be one second or less.
The response time of the system shall be less and the system shall be workable within 512
Kbps Bandwidth.
Page 30
Data Center & Infrastructure
1. Server will be hosted in Data Center within DCGF premises and Disaster Recovery Center
(Out of Kathmandu Valley, will be reveled later). Consultant shall implement the system
in DR site as well.
2. All the configuration and system implementation shall be carried out in DCGF premises
and DR Site thus consultant shall manage all the expenses for transportation and other
arrangements.
3. Currently DCGF has following infrastructure
a. Database Server – 300 GB x 6 (RAID 5)
b. Application Server – 300 GB x 3 (RAID 5)
c. CISCO 2960 G Catalyst Switch (24 Ports)
d. KVM Layout Device
e. KVM Switch
f. ATS
g. NVR
h. Cisco ASA 5505 Series Firewall
i. Reverse Cable PDU x 2
j. Universal PDU x 1
4. Through study of existing infrastructure Consultant shall provide the detail of additional
hardware (including Server, Network, UPS, Racks and other necessary equipment) and
system requirement for smooth operation of CGFMIS including Bill of Quantity (BoQ) for
hardware for DC and DR site.
Quality Assurance Plan
To ensure the final system is of the utmost quality, consulting firm must develop and approve the
following documentation as part of quality assurance during system design and development. The
Plan must contain stakeholders responsible for Quality Assurance, Tasks and Responsibilities of
each stakeholders, Standards and Guidelines followed, Quality Measurement metrics, Tools,
Page 31
Techniques, and Methodologies used to ensure quality of the system and Frequency of Quality
assurance program
1. Formal Technical Review plan, Walk through, Inspection and Audit (Process and Product)
Plan
2. Process and Product Audits
3. Verification and Validation Plan
4. Test Plan
5. Software Development and deployment Plan
6. Configuration and Change Request Management Plan
7. Risk Resolution Plan
8. Resolution and Corrective Action for Deviations and Non – Compliances
9. Recording and Analyzing Deviations and Noncompliance Items
10. Documentation Plan
Change Request Management
1. Changes may be generated by the identification of new required functionalities during design,
errors or defects in the current implementation and high priority requests to enhance existing
functionalities. Consulting firm must define the appropriate Change Request Management
process to incorporate the changes occurred during system design and development phase.
Information about the change, including scope, feasibility, and impacts to existing
requirements and technical architecture, shall be needed for the reviewed and approved by the
DCGF.
2. Consulting firm shall develop the well-managed mechanism to incorporate the changes in the
system using standard configuration and version management systems like GIT/SVN. It
creates an ease to make any modification or changes in the requirement as well as particular
functionality or even in a single file of the system.
Requirement for Multi User Environment
The developed application should be multi user web based application. The application should
support multiple user login and work on the system concurrently. The developed application
Page 32
should be designed and developed in such a way the administrator can create and assign a differ
roles and assign users to that role i.e. Role based ACL (Access Control system) on modules.
Requirement for User Interfaces Design
1. The system should have unified, easy, flexible and user friendly interface enabling the
following settings
a. Personnel User Menu
b. Personnel user settings
c. Field composition on Screen
d. Webpage Navigation on the Screen
2. The Chosen technical platform for UI should adhere to GEA/ NEGIF and Other Standards
developed by GON
3. Should include the latest web integration features
4. Should support latest industry standards for Portal Development
5. Should support personalization of UI if required at user level
6. Should able to initiate appropriate workflows based on applicable business rules
7. Should provide contextual online help to users
8. The System should have uniformity in screen resolution. The Pictures and documents
should be displayed in optimum resolution for the user to view it properly
9. The GUI Form Administration should support the following without coding effort:
a. Changing Fields or tab labels
b. Hiding fields or tabs
c. Changing the Position or size of the fields or labels
d. Adding restrictions like mandatory or not
e. Setting default value in a field
Page 33
Software Standards and Performance
Open Standards
GEA recommends Service-Oriented Architecture (SOA) as an architecture style to deliver services
to any stakeholders. Hence, the DCGF shall be designed and developed following the underlying
principles of SOA.
1. Should Support Service Oriented Architecture
2. Portal platform should support SSL for Secure Communication over web
3. Support for a broad range of web services technology adhering to standards including but
not limited to SOAP, WSDL, UDDI
Government Enterprises Architecture (GEA)
System shall be developed following the standards and compliance defined by GEA and generic
dataset published in NeGIF for development and implementation of ICT systems. The system
should adopt, comply and adhere with the recommended standards for data, design, architecture,
security architecture etc. The main system, subsystem, component, design, document and any part
that is implemented and used for this task will comply with following guideline documents where
applicable.
Government Interoperability Framework (NeGIF)
System shall be developed following the standards and compliance defined by generic
dataset published in NeGIF for development and implementation of ICT systems.
System Development shall adopt the coding standards given in Nepal Analysis Standard
Code for Information Interchange (NASCII)
System Performance
- The Consulting firm is required to devise performance test criteria to ensure that the system
functions as required in the production environment.
Page 34
- The Consulting firm must indicate the average response time for the various functions of
the system. The response time refers only to server and network response time (i.e.
transaction time) – not to the functional time required to process the actual transactions
Software Performance and key cross cutting characteristics
The Application /system should offer in memory caching minimizing un-necessary
regeneration of Application portal pages for performance improvements.
The System solution shall follow the ISO 27001 / BS 7799 Standards for information,
Network and Application Level security
The System architecture shall be designed in such a way that the system responses time of
the system shall be fast, the system must support comprehensive analytics module to track
portal community traffic, searched keywords, system responses time, document
downloads, user turnover, visit duration etc.
Input/output Validation
1. The developed system shall be properly validated on the client side as well as server side
also, consultant shall ensure that any input validation performed on the client is also
performed on the server
2. Input validation should be applied on both syntactical and semantic level
3. Input validation should be based on Calculation of Premium Value and Rate of the Product
of DCGF
4. Input validation can be implemented using effective enforcement of syntactic and semantic
correctness which shall cover
a. Data type validators
b. Type conversion
c. Minimum and maximum value range check for numerical parameters and dates,
minimum and maximum length check for strings
d. Array of allowed values for small sets of string parameters
e. Regular expressions for any other structured data
f. File Upload
5. Client-side validation to provide interactive UI
Page 35
6. Server-side validation to validate the data securely within our system.
7. The following common strategies for data validation can be used:
Accept known good (allow list or positive validation): Accept only data that satisfies
specific criteria, and reject all other. It is the most secure approach. So our design
considers this Strategy as primary validation strategy for CGFMIS system validation.
Reject known bad (block list or negative validation)
Sanitize: Eliminate or translate characters in an effort to make the input safe.
Capacity Building, knowledge transfer and Training
The Consulting firm shall bear all the expenses cost which may include Logistics, training
resource person and manuals and hands out. DCGF will not bear any type of cost related
to training and knowledge transfer however DCGF will facilitate to arrange the participant
and trainee.
The Consulting firm shall develop training materials illustrated with screen shots of all user
interfaces of the application.
The Consulting firm shall conduct needs-based training sessions for the staff of DCGF and
other concern stakeholders to fully acquaint them with the operation and maintenance of
the system along with application features and functionality.
The Consulting firm is required to develop standard operating policies to ensure smooth
handover following completion of the project. The operating policies should include
guidance to DCGF on standards of performance for and maintenance of all aspects of the
system, backups, changes to the system, and access controls including roles.
The Consulting firm shall prepare written operations, and system’s management
procedures. Full system documentation will be provided in electronic version in
English/Nepali.
The training of users must be conducted in batches of fifteen (7) days to ensure the DCGF
stakeholders and users feels comfortable in using the new system.
The training materials must also facilitate training for trainers, and must be developed with
a view that relevant authorities' staff in conducting future trainings can use them.
Page 36
For system administrators, it is expected that within one (1) month from post-
implementation, knowledge transfer will be completed and at least two (2) officials from
DCGF will be fully trained so that competent authorities are able to maintain and operate
the system independently without Consulting Firm support.
The Consulting firm will work to put in place a support-desk mechanism that the DCGF
can use to foster long-term sustainability of the project. This includes:
Structure and organization of a support infrastructure
Development of knowledge base and frequently asked-questions resources that are
online and searchable.
Testing
Test Plan
The Consulting firm will submit to Test Plan for Security Testing, Stress, Performance and User
Acceptance Testing (UAT) for review and approval.
Security testing of the System
The Consulting firm will perform a full characterization of the System for the purposes of
information security to identify the boundaries, resources and information that are part of
the System for the purposes of developing a systematic penetration test strategy. This will
form a key component of the Security Test Plan
The Consulting firm will submit to Security Test Plan for review and approval.
The Consulting firm will develop a cyber-incident response plan that covers:
o Procedures for mitigating and protecting against cyber attack
o Procedures for mitigation and isolation of affected systems, systems cleanup
o Procedures to minimize loss of data during attack
o Cross-reference to any business continuity plans that need to be activated during
cyber attack
Page 37
Stress and Performance testing
The Consulting firm will perform stress testing of the system in order to determine the
operating limits of the environment deployed.
The Consulting firm will perform performance testing of the system in order to determine
the response characteristics of the system under load.
Before commencing with performance and stress testing the Consulting firm will develop
test plans, in coordination with the competent authorities, which will be approved by the
DCGF. These plans should, at minimum, include the following:
o Identification and characteristics of the test environment
o Identification of performance acceptance criteria
o Plan and design of tests to be carried out. Tests should approximate anticipated
workloads and follow commonly accepted test methodologies. The Consulting firm
should explain in detail each of the tests to be run.
o Test execution
o Analysis of test runs
o Reporting and recommendations for remediation as needed
Upon completion of the tests, the Consulting firm will deliver a report that summarizes
results and as appropriate, suggest remediation
Installations, Commissioning and User Acceptance Testing (UAT)
The software system provided shall undergo a proper testing plan to make sure that the
software when signed off to DCGF is free from deficiencies. The DCGF shall inspect, test,
and approve functionality of each module in the system before signing it off as complete.
The complete system shall be declared “Go Live” after completion of the final User
Acceptance Test (UAT) and approved by DCGF. The consulting firm is responsible for
developing the UAT Plan and Approved from DCGF before starting the UAT. The UAT
plan shall be include the following
o Test cases demonstrating all functionality and system requirements stated in the
System Design Document
Page 38
o Test cases and procedures to demonstrate integrated functioning of system
components and sub components of this TOR and SRS document that is to be
prepared including external systems (if any identified during requirement analysis)
o Test procedure to demonstrate high availability, performance, manageability and
security of the System
o Test procedure to demonstrate the process and tools deployed for measurement and
enforcement of parameters related to standards to be followed
The consulting firm shall co-ordinate with the PMU for completion of installation and
commissioning of CGFMIS solution and the system software.
Consulting agency shall be responsible for ensuring operational readiness for the developed
system.
Both consulting firm and DCGF shall sign the report of the installation and commissioning
inspection, which shall be part of the User Acceptance Test (UAT).
Data Archival and Housekeeping
For the high availability of the data and the system there should be proper:
a. Provision for data archival and housekeeping
b. Provision for configuring data archival and housekeeping method, device type, time of
archiving and retrieval situation.
c. Provision for storing achieved requests separately from the active requests and shall have
separate search and reporting options. However, it shall be noted that the requests, once
archived, cannot be modified, deleted, or moved back to the active state.
Licensing and Intellectual Property
All source code, database files and all the documentation related to this system shall be the
ownership of DCGF and it has intellectual property. However we will manage the license
of Operating System, Database Server and infrastructural related licenses.
Ownership of the system shall be the transferred to DCGF and there will be no any claim
of any Intellectual property by consultant for this system.
Page 39
CGFMIS Documents and Deliverables
The project reporting must be performed in continuity throughout the project, these
include, among others, progress reports and documentation of mid-project change requests
and impact assessments.
The Consulting firm will deliver the complete source code and technical documentation,
including the right to use, modify and study without any limitation to DCGF.
The consulting firm is required to handover all source code and documentation and the
ownership of which shall rest on DCGF. System documentation shall be descriptive with
snapshots. Such documents should cover:
S.N. Document/Deliverables Type Form of Submission
1 Inception Report Duly Signed and stamped Hardcopy
2 System Requirement Specification
(SRS)
Duly Signed and stamped Hardcopy +
Editable version on CD or on USB
3 Technical design and diagrams
(System Design Specification- SDS)
Duly Signed and stamped Hardcopy +
Editable version on CD or on USB
4 System configuration and setup
documentation, User Documentation
Hardcopy + Editable version on CD or
on USB
5 Administrative support
documentation
Hardcopy + Editable version on CD or
on USB
6 Source Code (Both application and
database Level)
Ready to deployed/ Executable Editable
version on CD or on USB
Technical/User Manual Content
Technical Manual (For Engineers/ Developers)
Consulting firm shall prepare a descriptive technical manual with detail of the process and modules
of the software. The prepared manual will contain following:
Page 40
a) Requirement of the software (like hardware requirement, software requirement, third
party/ middleware if necessary etc.)
b) Installation process
c) Components/Function/ Modules of developed system with input/output parameters
d) Troubleshooting and maintenance procedures (bug fixing, performance enhancement
and up gradation), A troubleshooting section detailing possible errors or problems that
may occur, along with how to fix them
e) Data exchange procedures (Data import / export)
f) Data Backup and restoration procedures
g) Some Frequently asked question about the System
User Manual (Operator/Users)
A consulting firm shall prepared a comprehensive user manual and submit to DCGF which
containing the overall operation of the software, so that it can be used for future reference.
Basically data entry, processing and report generation manual will be sufficient for operation level
staffs. The major content of the user manual will be as follows:
a. A description of form data entry and processing
b. A guide on how to use main functions of the system
c. Creating User / Assigning Roles and responsibilities (Only for top authorized level
executives)
d. System login, using system menus and their functions.
e. List of module of the system
a. Data/Form Entry,
b. Form Processing/Modifications
c. Report Generation
Consultant Qualifications
The consultant shall:
Be a registered company/firm in Nepal.
Have submitted tax clearance certificate for the last 3 fiscal years i.e. 073/74, 072/073.
071/072.
Page 41
The consultant shall submit certificate stating that they have been providing similar
services for the last 7 years.
The consultant should have supplied similar solutions and services to at least two different
clients (of similar scale: NRs. 7 million each) in the last 3 year. Authentic user certificate
or proof from the end user should be provided in the proposal.
Have permanent operational office in Nepal and should be available to respond to post
implementation, guidance and support.
The consultant should have an average annual turnover of at least NRs. 17 million in the
at least 3 years with positive Net-worth in last fiscal year. Financial Audited Report should
be submitted for the 3 years. Consultant must submit the audited financial reports (Balance
Sheet and Profit & Loss Account) of last 3 fiscal years.
Legal Document
The consultant shall submit notarized copy of
Firm Registration Certificate
Business Registration Certificate
VAT and PAN Registration Certificate
Copy of Tax Clearance Certificate / Tax return submission evidence for last Fiscal Year
(2073/74)
A written declaration made by the consultant, with a statement that s/he is not ineligible to
participate in the procurement proceedings; has no conflict of interest in the proposed
procurement proceedings, and has not been punished for a profession or business related
offense
Power of Attorney letter
Qualification and Experience Required for the Proposed Personnel
The following key personnel are required during the project period:
Page 42
SN Expertise Qualification Minimum Experience
1 Project Manager /
Team Leader
Master’s degree in IT
or Management
related subject
The Project Manager/Team Leader
shall have minimum 12 years of general
experience in management of IT
projects.
2 System Analyst Master’s degree in IT
or equivalent
The System Analyst shall have at least
12 years’ experience in System
Analysis, Design and Development.
3 Web Programmer Bachelor’s degree in
IT or equivalent
The Web Programmer shall have
minimum 5 years’ experience in Web
based System Development.
4 Graphic Designer Bachelor’s degree in
IT or equivalent
The Graphic Designer shall have
minimum 5 years’ experience in graphic
design.
5 Database Designer Bachelor’s degree in
IT or equivalent
The Database Designer shall have
minimum 5 years of general experience
in RDBMS.
6 Budgetary and
Finance Expert
Master’s degree in
Finance or equivalent
The Budgetary and Finance Expert
shall have minimum 10 years of general
experience in Nepal Government
Budgetary or Financial Institution.
7 SOA / GEA Expert Bachelor’s degree in
IT or equivalent
The SOA / GEA Expert shall have
minimum 5 years of general experience
in SOA / GEA.
8 Quality Assurance
Expert
Bachelor’s degree in
IT or equivalent
The Quality Assurance Expert shall
have minimum 5 years of general
experience in Quality Assurance /
Quality Control.
9 Network / System
Administrator
Bachelor’s degree in
IT or equivalent
The Network / System Administrator
shall have minimum 5 years of general
Page 43
SN Expertise Qualification Minimum Experience
experience in Networking / System and
Server Administration with certification.
10 Insurance Domain
Expert
Bachelor’s degree in
Management or
equivalent
The Insurance Domain Expert shall
have minimum 5 years of general
experience in Insurance.
11 Documentation/
Technical Writer
Bachelor’s degree in
any field
The Documentation / Technical
Writer shall have minimum 2 years of
general experience in Technical Writing.
12 System Support
Staff
Bachelor’s degree in
IT or equivalent
The System Support Staff shall have
minimum 2 years of experience in
system development and support.
13 Administrative Staff Intermediate Level or
equivalent
The Administrative Staff shall have
minimum 1 year of experience in
administrative.
Page 44
Consultant’s Personnel
The input of the consultant’s key personnel has been envisaged to be as follows.
SN Expertise Jobs to be Done Total man-hr
1 Project Manager /
Team Leader
Supervise the project team to ensure
quality and prompt services to the project.
Plan, execute and finalize the project.
2100
2 System Analyst Requirement gathering, Preparation of
SRS and SDS as part of system analysis
and design.
875
3 Web Programmer Coding, Debugging and pre/post System
Testing as part of system implementation.
8400
4 Graphic Designer Design a suitable user-friendly web
interface for both end user as well as
system administrators.
1050
5 Database Designer Design of relational database and
document archive.
525
6 Budgetary and
Finance Expert
Design of required form, report formats for
the entire financial and accounting module.
350
7 SOA / GEA Expert Design of SOA and GEA for the system. 175
8 Quality Assurance
Expert
Design of Test Plan, Functionality Testing
to ensure the quality of the system.
1400
9 Network / System
Administrator
Design of Network to DC and DR site,
Planning of Failover, Clustering and
perform the security in the server to secure
the system.
175
10 Insurance Domain
Expert
Understanding the policy of various
products of DCGF and providing
knowledge to the team.
525
Page 45
SN Expertise Jobs to be Done Total man-hr
11 Documentation/
Technical Writer
Preparation of inception report, technical
manuals for system administrator, end-
user, training manuscripts and help
manuals.
700
12 System Support
Staff
System Installation, Configuration, User
Orientation, Post implementation support.
2100
13 Administrative Staff Logistics management, coordination and
support during system development.
1400
Proposal Requirement
Application Process
Interested Consulting Firm, kindly submit the following documents:
a. Duly accomplished Letter of Confirmation of Interest and Availability using the template
provided by DCGF.
b. Personal CV, indicating all past experience from similar projects, as well as the contact details
(email and telephone number) of the Candidate.
c. After the received EOI document evaluation by DCGF team only 3-6 numbers of qualified
consultants with minimum obtained marks will be selected and DCGF will call for RFP
(Request for Proposal) to only those qualified consultants.
d. In RFP the consultant shall submit the Technical and Financial Proposal in sealed envelope
separately.
e. Financial Proposal indicates the entire inclusive fixed total contract price, supported by a
breakdown of costs, as per template provided.
Page 46
Duration of the Work and support:
Duration of Work
Total Contract Period is 24 Months. 12 Months period is estimated for System Analysis, design
and Development and 15 Months period is estimated for post implementation support activities
i.e. for maintenance phase)
Support
The Consulting Firm must assist in running the system on a daily basis until the end of the contract.
The Consulting Firm shall remain available for on-call support, by ensuring physical presence of
at least 2 staff, until the deployment of the system.
Once the new system is complete and handed over, the Consulting Firm and DCGF staff shall be
responsible for monitoring and reporting on all aspects of the operations of the system (including
uptime, availability, and response time) for the duration of the contract.
The following scenarios and activities must be scheduled and coordinated with DCGF’s staff:
Operational procedures including Archival/backup (on-site and off-site) / restore
procedures.
Systems Management housekeeping routine tasks (scheduled software and hardware
maintenance, security support activities for servers including patches for server
software, troubleshooting, maintaining logs and journals).
Security probing (Access Controls, Network availability, Database and Application).
Access control management and reports (access log, controls on username/password,
application controls, and audit logs).
Business continuity (including drills and simulations) in order to enhance competent
authority’s capacity to prevent or reduce systems downtime or outages.
Page 47
DCGF Related Laws & Bye Laws
निक्षेप तथा कर्ाा सुरक्षण कोष ऐि, २०७३
बार्षाक प्रनतवेदि २०७१/७२
निक्षेप सुरक्षण निदनेिका, २०७३
पिुधि सुरक्षण नवनियमावली, २०७३
लघु नवत्त तथा नवपन्न वर्ा कर्ाा सुरक्षण नवनियमावली, २०७३
सािा तथा मझौला उद्यम कर्ाा सुरक्षण नवनियमावली, २०७३
कृनष कर्ाा सुरक्षण नवनियमावली, २०७३
कमाचारी सेवा नवनियमावली, २०७३
लर्ािी निदनेिका, २०७३
आन्तररक लेखा परीक्षण काया निदनेिका, २०७३
कार्र्ात धुल्याउिे नवनियमावली, २०७३
नललाम सम्बन्धी नवनियमावली, २०७३
कमाचारीहरुकाको काया नववरण
खररद तथा आर्थाक प्रिासि नवनियमावली, २०७३
सुरनक्षत निक्षेपकाको नववरण पठाउँदा प्रयोर् र्िुापिे तानलका
Page 48
Appendix
List of Reference Documents for Different modules requirement
1. Livestock Guarantee Module
[http://dcgf.org.np/uploaded/biniyamawali/samsodhan/pashudhan_samsodhan.pdf]
2. Micro-Finance And Deprived Sector Credit Guarantee Module
[http://dcgf.org.np/uploaded/biniyamawali/samsodhan/laghubitta_samsodhan.pdf]
3. SME Guarantee Module
[http://dcgf.org.np/uploaded/biniyamawali/samsodhan/sme_samsodhan.pdf]
4. Agriculture Guarantee Module
[http://dcgf.org.np/uploaded/biniyamawali/samsodhan/krishi_samsodhan.pdf]
5. Security Deposit Module
http://dcgf.org.np/uploaded/biniyamawali/Deposit_guarantee_directive.pdf
6. Investment Module
[http://dcgf.org.np/uploaded/biniyamawali/dcgf-lagani-nirdeshika-full-2073.pdf]
7. Procurement and Contract Management Module
[http://dcgf.org.np/uploaded/biniyamawali/kharid-arthik-prasasan-biniyamawali.pdf]
8. Auction Management Module
http://dcgf.org.np/uploaded/biniyamawali/Lilami-biniyamawali-full.pdf
9. HR Module
http://dcgf.org.np/uploaded/biniyamawali/Karmachari-biniyamawali-full.pdf