User Management SOP

Overview

This document describes various users of the HCM system and lays out the processes to manage the access and provisioning-related aspects. Broadly, the users can be categorised as permanent users of the HCM system who will be identified by their individual usernames and passwords, and the users who will be provisioned in the system for temporary durations and identified by the codes assigned (henceforth referred to as coded users). The user management module of the HCM platform will provide the interface to create and manage all types of users.

Types of users

Provisioning process for each user type

1. Supervisors at Central, Provincial and District levels

• Information is sent from NMCP to CHAI for provisioning via email.

• CHAI provisions the users and sends the list of created users back to NMCP.

1. Local monitors

• CHAI sends the list to eGov before the campaign for bulk provisioning.

• eGov will send the list to CHAI after provisioning with codes and defaulted passwords.

• During the campaign, the CHAI help desk will provision the new local monitor or LM, (if any), using the DIGITs user management UI.

• These will be deactivated from the system once the campaign ends based on inputs from CHAI team.

Note : All the communication to be on emails.

1. Registrars

• CHAI sends the list to eGov before the campaign for bulk provisioning.

• eGov team will do the bulk provisioning using backend APIs.

• eGov will send the list of created users to CHAI after provisioning with codes and defaulted passwords.

• During the campaign, the CHAI help desk will provision the new LM (if any) using the DIGITs user management UI, one by one.

• These will be deactivated from the system once the campaign ends based on inputs from the CHAI team.

1. Warehouse users

• Information is sent from NMCP to CHAI for provisioning.

• CHAI provisions the users and sends the list of created users back to NMCP.

1. Help desk staff: With system admin functionality

• CHAI sends the list to eGov before the campaign for bulk provisioning.

• eGov will send the list to CHAI after provisioning with codes and defaulted passwords.

1. Temporarily provisioned users for UAT/Training

• CHAI will send the list of users to eGov a week before the UATs/training for provisioning into the system.

• eGov will send the list to CHAI after provisioning with usernames and passwords.

• These will be deleted once the UAT/training is over.

Password reset mechanism

• For all kinds of users , the password reset would be managed by the system admin, who will be a part of the help desk.

• Users who have forgotten their passwords can reach out to the help desk on the designated helpline number and request for a new password.

• System admin would reset their passwords using a two-factor authentication. The email ID for retrieving the passwords would be the same for all users and would be managed by the system administrator.

• The system administrator would regenerate the password and communicate to the users over a phone call or in a WhatsApp group.

Template for user creation

Recommendations around managing usernames

1. A username, once created during user creation, must not be changed.

- Regarding the use of special characters: It is recommended that only commonly-known special characters such as period (.) be used in the username to make it easy to remember.

- Regarding the use of the capital case: It is recommended to use either all lowercase or all uppercase characters to make it easy for users to remember and enter the login credentials (lowercase preferred).

- It is recommended to keep passwords simple (and defaulted to a single value/string) so that mobile app users do not forget the password, and hence, do not face a barrier in using the app.

It has been assumed that user creation for temporary users, who keep changing during the campaign, would be taken care of by the help desk team.