3. All Departmental users of the application are Makers and ACL Admin
(Comm admin) are Chekers.
Users request for Formation mapping, Transfer, Leave etc. in the
application and ACL admin approves the same.
This system will effectively address the delay that happened in the
mapping process earlier.
All department officers to check and confirm mapping done by ACL
Admin to ensure that right formation and permissions are assigned.
Responsibility fixed for all officers with e-sign feature.
ACL Admin is not a profile but a permission set. Thus, any one can
become ACL Admin in future. S
Importance of ACL for Department Officers
5. ACL authorizes users to use
application as per their Roles and
Responsibilities
ACL determines who has access to
what data, and what actions user can
perform on such data.
What is ACL Module?
6. Types of Users
Administrative users have
the permissions to map
SSOIDs to a
formation/permission set
Admins can exist at various
levels in the formation
hierarchy, from All-India level
all the way down to Divisional
level.
India level (i.e., “India
Admins”) will have the
additional privileges to
create/delete/edit formations,
jurisdictions, permission sets
Other admins will only be
allowed to do mappings
Normal users do not have
the power to map users, but
can just view their own
mappings.
A normal user may request for
additional charge etc. and a
notification will be sent to the
administrative user to process
the same with required
approvals.
7. Different Levels of Admin
INDIA ADMIN
ACL ADMIN -
COMMISSIONERATE
ACL ADMIN - DIVISION
8. Concepts of Access Control Logic in CBEC GST Application
FORMATION JURISDICTION PERMISSION
Access Control Logic works on the basis of these three concepts:
9. CBEC has many verticals to handle different
functions assigned to it.
Example
―Executive Setup( Field formations)
―Directorates ( Systems, DGGSTI, Audit, DRI etc.,
Appeal Commissionerates etc.,)
The functions of the verticals are unique and
quite different and also the jurisdiction and
individual Officers role.
In order to provide access to CBEC-GST
software to the officers working in these
verticals, in ACL Module a new concept has
been introduced known as “Formation”.
Now the Officers of different verticals can be
are mapped based on the Formation they are
working.
CBEC
Executive
Commissionerates
Directorates
Audit Commissionerates
Appeal Commissionerates
Non-CBEC Formations
Other CBEC Formations
Formation
10. Formation Mapping in ACL
Each officer is mapped to one or more field formations.
L1
India
L2
(ex: Zone)
L3
(ex: Commte)
L4
(ex: Division)
L4*
L5
(Ex: Range)
Ln (taxpayer)
i.e., GSTIN
Officer
11. Parent Formation Zone Commissionerate Division Type of Formation
Executive Setup Tamil Nadu Coimbatore Coimbatore -I Base Formation
Executive Setup Tamil Nadu Coimbatore (HQ) -
Adjudication
Additional
Formation
Executive Setup Tamil Nadu Coimbatore (HQ) -
Statistics
Additional
Formation
Example of Mapping to Multiple Formations
Parent Formation Zone Commissionerate Division Range Type of Formation
Executive Setup Tamil Nadu Coimbatore Coimbatore -I Range A Base Formation
Executive Setup Tamil Nadu Coimbatore Coimbatore – I -
Refunds
Additional
Formation
Executive Setup Tamil Nadu Coimbatore Coimbatore – I -
RTI
Additional
Formation
Additional Formations at Commissionerate Level
Additional Formations at Division Level
12. Jurisdiction is the functional area in
which the Officer exercise his
authority provided by the law.
The different veridical have
different jurisdiction to execute the
authority and it different Officer to
officer.
The Officers of different verticals
after mapping the “Formation” has
to be assigned with “Jurisdiction”.
Executive
Zone
Commissionerate
Division
Range
Directorates
Zonal
Regional
Audit
Commissionerate
Circle
Group
Jurisdiction
13. Permissions are different set of privileges
given to an officer to access and perform
the allotted work in CBEC-GST software
depending upon his functional powers as
per law , formation and jurisdiction.
The officer can also now be assigned with
Additional responsibility
Ex;
―ACL Admin
―Divisional Asst. Commr
―CPC Supdt
―CPC Inspector
―RSP
• Commissioner
• ADC/JC
• Hqrs AC/DVN-AC/DC
• Hqrs-Supdt/Range Supdt
• Inspectors
Executive Commissionerates
• Director General
• Addl. Director General
• ADDL/JD
• DD/AD
• Supdt / SIO
Directorates
• Commissioner
• ADC/JC
• Hqrs AC/DVN-AC/DC
• Hqrs-Supdt/Audit Supdt
• Inspectors
Audit
Permissions
14. Permission Mapping in ACL
And in each such formation, the officer has one or more permission sets.
L1
India
L2
(ex: State/Zone)
L3
(ex: Commte)
L4
(ex: Division)
L4*
L5
(Ex: Range)
Ln (taxpayer)
i.e., GSTIN
Officer Permissions B,
Permissions C
15. What is new to user in the ACL module ?
From the ACL Module itself, send request for the mapping and activation
Viewing the
―Base permission allotted in various modules
―TASK of other formations
Sending intimations to ACL Admin
―About transfer from a formation
―Addl. Charge request.
―Intimation about Leave/ out office
17. In this session let us try under stand how to map in the ACL module:
―Do you have your SSO-ID?
―Which formation do you belong to?
―What is your Area of Operation (ZCDR)?
―What are your key Responsibilities in your current posting?
18. The new user request the ACL Admin to get access permission.( Offline work)
Access permission to software is given by the Saksham Team
User requests for mapping to a particular formation and permission
ACL Administrator of that formation receives a notification
If ACL Administrator approves, user is mapped now to the formation
User notified of mapping
Advantages:
―Long delays in mapping eliminated
―Onus is on user to raise a request and ensure timely mapping.
First time user: Workflow
19. Request for
mapping to CBEC-
GST Application
through ACL Admin
Mapping to a
Commissionerate
and application by
SI
Request for the
formation and
permission by the
user
Mapping of the
user by ACL Admin
Checking for the
proper mapping
Steps involved for user mapping
20. Workflow
Tax
Payer
Saksham
Seva
Maps the user to
CBEC-GST software
intimates to All India
admin and ACL Admin
ACL
Admin
Sends request to
Saksham Seva to Map
the user to CBEC GST
Software
User
Login to the CBEC-GST
Software. Sends
request through
software to map him to
the formation and
jurisdiction
Off line
saksham.seva@icegate.gov.in
User
ACL
Admin
Maps the user to the
formation and
jurisdiction
Views the request
status and starts
working
52. Basics of ACL Module
How to activate the user for CBEC-GST Application
Sending mapping request to ACL Admin by user after first time
login
Mapping the user by ACL Admin for formation, jurisdiction and
permissions,
Sending transfer request/additional charge / leave intimation to
ACL Admin
Recap
54. ACL - ACES vs GST
ACES CBEC-GST
Works for CDR only
SSOID mapped to a particular
Designation/Commissionerate offline (by
SI helpdesk)
SI performs on SSOID
creation/updation and gives authentication
to access the application including the
jurisdiction (Com’te)
Works for various verticals
SSOID along with all the details will be
created in SI. Authentication is done in SI
and Authorisation is done in GST
55. Differences (cont.)
ACES CBEC-GST
Only one officer of the same designation
can be mapped in the same CDR
jurisdiction
Officers of the same designation having
similar privileges (say DSR), cannot
perform concurrently at various formations
Many officers of the same designation
can be mapped in SZCDR formation. In
such cases, the workflow would happen
on round-robin-load balancing basis -
CPC officers
Officers of the same designation at
various formations CAN perform
concurrently
56. Differences (cont.)
ACES CBEC-GST
ACL Admin, i.e. COM ADMIN is a
profile. He/she cannot perform in any
other CDR formations, say in a Range
concurrently, since it would lead to
workflow conflicts.
Only Two Types of Administrators viz.
HQADMIN & COM ADMIN are available
ACL Admin, i.e. COM ADMIN is not a
profile. It is a Permission Set. He/she can
perform in any other CDR formations, say
in a Range besides Admin.
Many Administrators viz. INDIA ADMIN
at all India level and ACL ADMINs at State
/ Commissionerate, etc.
57. Differences (cont.)
ACES CBEC-GST
For every officer mapping, the admin
was selecting the list of transactions
manually, by creating duplicate roles and
role groups.
In GST , India Admin creates a standard
permissions set for all which is available
for mapping.
58. Differences (cont.)
ACES GST
One SSO ID couldn’t be mapped to
multiple formation and no additional
charge could be given.
Whenever, designation is changed,
access privileges are not altered in the
application automatically.
One SSO ID can be mapped to multiple
formation and additional charge also can
be given.
Whenever, designation is changed, the
permission set and the formation are
made as NIL automatically by GST
Application based on the inputs from SI
(SSO ID updation) dataflow.
60. During user mapping, permissions are
mapped first. Later, each formation and
jurisdiction is mapped based on the
permission given. Agree or Disagree.
Only India Admins have the additional
privileges to create/delete/edit formations
- Agree or Disagree.
An ACL user has an option to change his
formation in the application using the
‘Transfer’ feature. - Agree or Disagree.
Permission sets can also be created by
ACL Admins in the application - Agree or
Disagree.
Can Normal User prepone / advance
his/her leave - Agree or Disagree.
Activity- Agree / Disagree