Circular No : 09/2013 Dated 02-04-2013

Code No. of the Department : H9004

Number of pages of Circular : 04
Running circular No of the Bank : 02/2013
All CBS Branches/ Controlling Offices

Reg: User Management in CBS environment through UPM menu – Procedure to be followed by
branches / controlling offices.

Detailed guidelines have been issued regarding user maintenance and related issues vide HO IT cir No.
07/2011 dated 14.02.2011 and HO IT Cir No. 43/2011 dated 23/09/2011. However, instances have come
to our notice that branches are not adhering to the same in letter and spirit. The instructions are re-
iterated for ready reference and strict compliance by all stake holders in their day to day operations to
avoid any kind of procedural lapse leading to pecuniary loss to the Bank.
nd
I. User Maintenance at Branch Level by BM/ 2 Man designate:

All CBS branches have been provided access to UPM menu with limited functionality like change
of password / Role Id/ Work class / disable User Id to Branch In-charge and Second Man
designate for the smooth functionality of branch day to day operations. Branches should adhere to
the guidelines given below while modifying the password / Role Id / Work Class / disabling the user Id
for the effective control of the User operations at branch level.

Various audit reports have been provided in the CBS environment for the effective monitoring of the
same by the branch / users / inspectors / auditors / controlling offices.

a) Change of Password:

The branch in-charge / second man designate should change the password of any employee at
the branch after obtaining the consent of the concerned employee in writing as per proforma
given at Annexure - A. The request letter should be properly filed for future audit/ inspection
purposes.

The branch should ensure that the same is recorded in the UPM register in terms of HO IT Cir.
No. 7/2011 dt 14.02.2011 after getting written request from the concerned user as per proforma
and after getting the user maintenance register signed by the user whose id is modified along
with the signature of modifier (i.e. BM / second Man designate).

The following audit reports should be generated daily and filed by the branch duly signed by the
branch in-charge and second man. The same should be verified by the controlling offices /
inspectors / auditors during their periodical visits. Users also can verify the correctness of
changes/ activities with the help of these reports and any deviation should be brought to the
notice of the Branch in-charge / concerned authority immediately.

Sno Report Name Menu - Module Report Remarks

Number
1 User Login Detail Report PSBRPT- AUDIT 1001 Gives Login/logout date, time, PC IP Address
2 UPM Audit Report PSBRPT- AUDIT 1002 The various User level changes done by giving
details of modified User Id, Modifier user Id, date,
time and nature of modification done on the
modified User Id.
3 User Login Failure Report PSBRPT- AUDIT 1003 Useful in identifying the forceful / intruder login
attempts for necessary remedial action.
Reg: User Management in CBS environment through UPM menu – Procedure to be followed by
branches / controlling offices.

b) Change of Role Id / Work Class:

nd
Branch in-charge /2 Man designate of the branch should modify the Role Id and Work Class of
an employee after recording the details in the UPM register in terms of HO IT Cir. No. 7/2011
dated 14/02/2011. Duly signed office order should be filed properly for future audit / inspection
purposes. Branch should ensure that matching work class has been assigned while changing the
Role Id for proper Menu access. For details, refer to HO IT Cir. No. 7/2011 dated 14/02/2011.

c) Marking of Leave/ Official Duty/ Suspension/ Training/ Retirement/ VRS etc.:

The Branch In-charge / second man of the branch should disable the user Id of the employee
who is on Leave (even for one day)/ Official Duty/ Suspension/ Training/ Retirement/ VRS etc.
through UPM menu to avoid any potential misuse of the user Id.

d) Number of Second Man Role in a CBS branch:

nd
Branches should strictly ensure that the 2 Man role(s) assigned at their level are within the
permissible limit as approved by HO P & D Department for their branch category as given below.
The branch category can be viewed in Free Code 2 field through BRTI menu.

nd
Branch category Free code 2 Value in BRTI Number of permissible 2
Menu Man Roles
Small S 1
Medium M 1
Large L 2
Very Large VL 2
Extra Large/ Exceptionally EL 3
Large

Any modification in branch category should be taken up with HO IT CBS Cell for necessary
updation in the CBS system through zonal offices.

II. Change of own password:

System shall enforce the user to change the old password immediately on first login after change of
password by authorized official(s). Further, the user can change his/her password any time through
PWMNT menu option.

III. Creation of user in CBS for newly Joined employee:

The branch should send the complete details of the employee (newly joined or employee whose ID is not
yet created in CBS) to HO IT CBS Cell, Naraina, as per the proforma given in Annexure B. The
proforma duly signed by the employee as well branch in-charge should be sent through courier /
Fax (011-25790420) to HO IT CBS Cell, Naraina for creation of user in CBS environment. The
complete details can be sent to HO IT CBS Cell through Email also for immediate creation of User Id.
However, the duly signed hard copy should be submitted at the earliest to HO IT CBS Cell, Naraina for
record purposes. A copy of the same may be maintained at branch level also for future audit / inspection
purposes.

Branch / office should get the PF code for the newly joined employee from HO PF department
immediately on joining of the employee and share the same with CBS Cell for creation of the user.
Reg: User Management in CBS environment through UPM menu – Procedure to be followed by
branches / controlling offices.

IV. Creation / Change of SOL of User in CBS on Transfer from another branch:

The branch should share the details of the employee who has joined on transfer from another branch,
with HO IT CBS Cell as per proforma given in Annexure B for making necessary creation / updation in
CBS system.

V. Action to be taken by CBS branches while relieving of an employee :

a) Disable the User Id :

The branch should disable the User Id through UPM menu whenever an employee is relieved
from the CBS branch on transfer/ retirement/ resignation /VRS etc. The details of such employee
should be shared with HO IT CBS Cell, Naraina for updating / disabling the user in the system.
The relieving letter given to the employee should contain the following:

i. That User Id of the relieved employee has been disabled in the system.
ii. That Inventory has been transferred from the relieved employee.

A copy of the relieving letter should be addressed to HO IT CBS Cell also for permanently
disabling the user in CBS.

b) Transfer of Inventory:

The branch should ensure that the inventory if any, pending with the employee is transferred to
another staff member before the employee is relieved from the branch or proceeding on leave
/ official duty / training etc. Branch can view the inventory outstanding in the User Id of the
employee through ISIA menu and/or ICRA report. The outstanding inventory should be
transferred to another employee through IMC menu.

c) Modification of Authorised User in UPM Menu:

nd
Normally, user Id of Branch in-charge or 2 Man shall be given as Auth User against the rest of
User Ids of the branch in UPM menu. Such authorised user can authorise movement of inventory
in the absence of regular authorizing user. Branch should share the details of another authorized
user with HO IT CBS Cell, Naraina for updating in the system whenever the employee being
relieved is an authorized user for inventory in UPM menu.

Zonal Offices / Inspecting Officials / Vigilance Officers / CCAs are advised to ensure compliance
with the above guidelines in letter and spirit.

General Manager (IT)

 ANNEXURE –A

PUNJAB & SIND BANK

(A Government of India Undertaking)
B/o:__________________________.

Application for Change of Password

Place:___________________
Date:____________________
To
The Branch In-charge,
Punjab & Sind Bank,
B/o________________.

Dear Sir,

Sub: Change of Password

I am a registered user of Finacle CBS. I have forgotten my password. As such, I request you to change
my password as per the Bank rules. I am aware that I have to change the default/modified password
assigned by you immediately on my first login. My details are as follows:

1. Name of User:
2. Designation:
3. PF Code:
4. User ID:

Yours faithfully,

Signature of the employee

--------------------------------------------------------------------------------------------------------------------------------------------
ANNEXURE –B

PUNJAB & SIND BANK

(A Government of India Undertaking)
B/o:__________________________.

Proforma for creation /Updation of User details in CBS environment

Name and SOL Id of branch: Date:

PF Code :
Name of Employee :
Designation :
Date of Birth :
Role ID : BM /2ndMan /ScaleIV/ScaleIII /ScaleII /Officer /Spl.Assistant /Head Cashier / SWOP-B /SWOP-A
Authorized User for : Yes / No
Inventory

Signature of Employee Signature of Branch Incharge

In view to the security measures and protection against unauthorized access a
strengthen
stronger password must be created in Finacle with following criteria which are already
incorporated in the system.

1. The length ofthe password should not be less than 6 characters.

2. Characters in the password should be a combination of alpha, numeric and special
characters.
3. The list of special characters are! @ # S % & *

4. Password in not case sensitive.

5. System will prompt to change password after every 3 days.

6. The system will not allow the users to repeat their last two pasword.
7. Passwords are encrypted wherever stored and the system prohibit any user inciuding
the system/security administrator from printing or viewing enerypted passwords.
8. Password should not be same as the user ID of the employee.
9. Password secrecy be maintained and should not be shared to any one.
10. Password should not be written anywhere so that it may be readable by others.