Cheque Book Management System

Check Book Management System
Version: 1.0
2019
Contact Information
Data Processing & IT System Management, IFIC Bank Limited, Head Office,
IFIC Tower, 61, Purana Paltan, Dhaka-1000, Bangladesh.
Table of Contents
Introduction:........................................................................................................................................................... 4
Functionality: .......................................................................................................................................................... 5
Type of Users:...................................................................................................................................................... 5
Functionality as per user role: .............................................................................................................................. 5
Administrator: ..................................................................................................................................................... 6
Branch Users ....................................................................................................................................................... 7
Service and Estate ............................................................................................................................................... 7
Security features:.................................................................................................................................................... 8
Authentication:.................................................................................................................................................... 8
Authorization: ..................................................................................................................................................... 8
Encryption: .......................................................................................................................................................... 8
Application activity logging: ................................................................................................................................. 8
User Specific Data Sources: .................................................................................................................................. 8
Web application firewall (if webapp): .................................................................................................................. 8
Application Security Testing:................................................................................................................................ 8
Interface requirements with other systems: ........................................................................................................... 9
Three types of interface can be defined ............................................................................................................... 9
The stages involved in identifying the interface requirements are: ...................................................................... 9
System Documentation: ....................................................................................................................................... 10
Installation Manual:.............................................................................................................................................. 11
User Manual: ........................................................................................................................................................ 12
Administrator (super) ........................................................................................................................................ 12
Menu: ............................................................................................................................................................ 12
Manage Service: ............................................................................................................................................ 13
Manage Vendor: ............................................................................................................................................ 15
Manage Branch.............................................................................................................................................. 16
Manage User ................................................................................................................................................. 18
Manager Account Type .................................................................................................................................. 22
Manage Prefix ............................................................................................................................................... 24
Manage Role.................................................................................................................................................. 25
Branch User ....................................................................................................................................................... 29
Data Processing and IT System Management,

IFIC Bank Limited, Head Office, Dhaka Page 2
Maker (Add New Request) ............................................................................................................................. 29
Checker (Check Cheque Book Requests) ........................................................................................................ 30
Service and Estate (CCS Module) ....................................................................................................................... 31
Authorize Check Book Requests ..................................................................................................................... 31
Generate Report By vendor ........................................................................................................................... 32
Upload Printing Vendor Acknowledgement.................................................................................................... 33
Cheque Books Receive at S&E ........................................................................................................................ 34
Bundle wise Cheque Books ............................................................................................................................ 35
Cheque Books at Support Service (Deliver Chequebook) ................................................................................ 35
Contact Center (activation) ............................................................................................................................ 36
Emergency Administrative procedure:.................................................................................................................. 37
Scope ................................................................................................................................................................ 37
Break Glass solution .......................................................................................................................................... 38
Pre-staging Accounts ..................................................................................................................................... 38
Distributing Accounts ..................................................................................................................................... 38
Monitoring Use of Accounts........................................................................................................................... 39
Cleaning Up After Account Usage................................................................................................................... 39

Introduction:
Cheque Book Management System was developed to track the cheque book status from request being
placed to delivery to customer. In between it tracks information between printing and delivery vendor and
then between delivery vendor and customer.
In simple words what it does is:

 Takes request for Cheque Book.
 Then generates Lib number.
 After that sends to vendor for printing.
 Then tracks information between printing and delivery vendor.
 Then tracks information between delivery vendor and customer.
 And finally request process to CBS.
But it needs an administrator to manage Service, Vendor, Branch, User, Account Type, Prefix, and Roles
assigned.
3 different users can access Cheque Book Management System

1. Administrator
2. Branch User
3. Service and Estate
The Cheque Book Management System displays different menu options to different users based on their
role.

Functionality:
Type of Users:
Sl. User Type Details
1 Admin User Admin can manage Service, Vendor, Branch, User,
Account Type, Prefix, and Roles assigned
2 Branch User Checker and Maker

3 Service and Estate to view account statement, cheque book enquiry report
Functionality as per user role:

Sl. Menu Operations User Level
1 Manage Service : Add, Edit or Delete a Service Admin
2 Manage Vendor : Add, Search Vendor Admin
3 Manage Branch : Add, Edit, Delete, Search a Branch Admin
4 Manage User : Add, Edit, Delete, Search a User Admin
6 Manager Account Type : Add, Edit, Search Account type Admin
7 Manage Prefix : Add, Edit, Search Prefix Admin
8 Manage Role : Add, Edit and Delete, Role Admin
9 Add New Request : Maker makes a chequebook request Branch User
10 Check Book Requests : Checker checks the Cheque Book Request Branch User/ Service
and Estate
12 Generate Report By : Generate cheque book reports by vendor Service and Estate
vendor
13 Upload Printing Vendor : Upload Acknowledgement Service and Estate

Acknowledgement

14 Cheque Books Receive at : Shows list of cheque books on printing Service and Estate
S&E
15 Bundle wise Cheque : Ensures after receiving Cheque books Service and Estate
Books
Ensures delivered from Support Service.
16 Cheque Books at Support : Service and Estate
Service
Activates the cheque books with Account
17 Contact Center : Number. Contact Center
Administrator:
Administrator can manage Service, Vendor, Branch, User, Account Type, Prefix, and Roles assigned.
Menu options for administrator are:
 Manage Service: Here admin can ‘Add, Edit or Delete a Service’. To do that you have to provide
the 'Service Name' and 'Service Path'. Description of the service is also needed. Next step is to
choose if the status will be hidden or not and its security level. Furthermore admin can do the
Activation and add 'Account Type', 'Branch', 'Prefix', 'Request', 'Role', 'Service' and 'User'.
 Manage Vendor: To add a vendor, you have to provide 'Vendor’s Name', 'Address' and 'Status'.
The page will also portrait a list of Vendors. Admin can also choose the number of entries that
will be displayed on this page. 'Vendor Search' is another properties of Mange Vendor.
 Manage Branch: Again admin can ‘Add, Edit or Delete a Branch’. In that case, you have to
provide ‘Branch Name’, ‘Branch Code’ and ‘Description’. The page also portrays a list of Branches
with their Branch code, Name and Routing number. Admin can also choose the number of
entries that will be displayed on this page too. ‘Search’ is another properties of Mange Branch,
through which admin can search for any branch.
 Manage User: Admin can ‘Add, Edit or Delete a User’. To Add a user, you have to provide the
‘User ID’, ‘User Name’, ’Branch Code’, ’Branch Name’, ‘Branch Mnmo’, ‘Email’, ‘User Type’ and
their ‘Roles Assigned.’. The Manage User page portraits a list of Users along with their ID, Name
and Current Location. ‘Search User ' is another properties of 'Manage User'
 Manager Account Type: In Manager Account Type admin can ‘Add and Edit Account Type’. To
do that admin has to provide ‘Product’, ‘Account Type’ and ‘BB Transaction Code’. The page also
portrays a list of Account type with their BB Transaction Code. Admin can also choose the
number of entries that will be displayed on this page. 'Search' is another properties of this page
to search for an Account Type.
 Manage Prefix: Similarly admin can ‘Add and Edit a Prefix’ here. To add a prefix admin has to
provide ‘Prefix’, ‘Product’, ‘Vendor’, ‘First Serial’, ‘Last Serial’ and ‘Sequence’. This page displays
list of Prefix with their respective ‘Product’, ‘Vendor’, ‘Sequence’ and ‘Status’. The number of

entries that will be displayed on this page can be chosen by admin. Again with 'Search' property
admin can search for any Prefix details.
 Manage Role: Admin can ‘Add, Edit and Delete, Role’ of a User here. To add a role admin has to
provide ‘Role name’, ‘Description’, ‘Security level’ and ‘Assigned services to the user’. This page
shows a list of Role with description along with an option ‘Actions’ that can be done on it.
Branch Users
Maker makes a Cheque Book request and then Checker checks the request.
 Add New Request: Maker makes a chequebook request from here. To make a request maker
has to provide the ‘Account Number’ which will fetch all the necessary information of the
Customer. Maker has to provide some additional information like ‘Printing Name’, Deliver
Branch’, Cheque Book Leaf’, ‘No, of Book’, ‘Amount per leaf’ and whether it is ‘Urgent’ or not.
 Check Book Requests: Checker checks the Cheque Book Request and accept them.
Service and Estate

Starting from authorizing cheque book request they tracks the whole process till activation.
 Check Book Requests: Here authorizer authorizes regular Check Book Requests and urgent
Check Book Requests.
 Generate Report By vendor: Here user can generate cheque book reports by vendor. To
Generate report provide ‘Cheque book Type’ and ‘Vendor’.
 Upload Printing Vendor Acknowledgement: Acknowledgement Files from Printing vendor and
Courier Service are uploaded from here.
 Cheque Books Receive at S&E: Shows list of cheque books on printing with their ‘Bundle
Number’, ‘Branch Code’, ‘Branch Name’, ‘Creation Date’ and ‘Actions’ (that can be done on
them). User can also choose the number of entries that will be portrayed on this page. With
'Search' property user can search for a Cheque Book detail.
 Bundle wise Cheque Books: When Service and Estate department receives cheque books they
ensure it by pressing ‘Received at Service & Estate’
 Cheque Books at Support Service: When Service and Support delivers the cheque books they
press the control button to mark as delivered from Support Service.
 Contact Center: Contact center activates the cheque books with Account Number.

Security features:
Authentication:
A. Single Sign on: Single sign-on (SS O) is a session/user authentication process that lets
users enter their name and password in only one place, and access multiple related
applications. It authenticates the user for all the applications they’re authorized to
access and eliminates login prompts when switching between applications in a single
session.
Authorization:
A. Application Access as per user role: Control application access on a per-user role, or
per-user basis. This typically includes a role-based menuing system, which displays
different menu options to different users based on their role.
B. Row-level (or multi-tenant) security: Multiple users can access the same
application, but only view the data they’re authorized to see.
Encryption:
After a user has been authenticated and is using the application, other security measures such as
Encryption can protect sensitive data from being seen or even used by a cybercriminal.
Application activity logging:

Application log files provide a time-stamped record of which aspects of the application were
accessed and by whom.
User Specific Data Sources:

Building a single application that accesses different data sources depending on the user .
Web application firewall (if webapp):

A web application firewall works by inspecting and, if necessary, blocking data packets that are
considered harmful.
Application Security Testing:

A necessary process to ensure that all of these security controls work properly.

Interface requirements with other systems:
Most systems must operate with other systems and the operating interfaces must be specifies as
part of the requirements.
Three types of interface can be defined

1. Procedural interface: APIs
2. Data Structures: passed from one subsystem to another
3. Data Representation: order of bits.
The stages involved in identifying the interface requirements are:
1. Identify the sources of required data

2. Identify the data items and data structures required for the exchange
3. Consider alternatives or select methods of data exchange
4. Identify relevant protocols for the data exchange
5. Document or reference the technical requirements for data exchange including: the
source; data items; data structures; timing, method; and protocols

System Documentation:
Title Cheque Book Management
Branch and GB Operation

Department Using
2019
Tentative Date of Development
Sumon Basak
Developed by
Programming Language used C#

Crystal Report
Tools Used
Windows or AS400
Language of OS
1.5
Current Version
1.0
Initial Version
http://192.168.1.114:1085
Publishing Link
//192.168.1.114/
Source Code location C:\Software\CentralizedCheckBookProcssing_final.v5\C
entralizedCheckBookProcssing\CCBP.web
Inhouse Develop
Server Name
//192.168.1.114
Server IP address
Application OS Windows Server 2008 R2 Standard
MS SQL Server
Database name
MS SQL Server
Database version
Database OS Windows

Installation Manual:
A. Install Server component

I. Install .net4.5
II. Install IIS
III. Install MS Sql Server 2012
B. Configure Application
I. Create iSereis ODBC
II. Upload the application in the server as per the IIS configuration
III. Create Database and place the database information in the file web.config file.

User Manual:
Administrator (super)
Menu:
Log in with the referred Uniform Resource Locator (URL) into the application. The following
screen will appear. That is you have logged in as ‘Super Admin’. This screen shows all the menu
options based on ‘Super admin’s’ role.

Manage Service:
Click on ‘Mange Service’ from Menu this screen will appear. Click on ‘Add’ to add a service.
Add a Service
To add a Service provide ‘Service Name' and 'Service Path' and ‘Description’. Then choose ‘Hidden’ and
‘Security Level’.

Edit Service
Go to ‘Mange Service’ from Menu, then click on ‘Actions’ beside a respective service and choose Edit to
edit a service.
Delete Service
Go to ‘Mange Service’ from Menu, then click on ‘Actions’ beside a respective service and choose Delete to
delete a service.

Manage Vendor:
Click on ‘Mange Vendor’ from Menu, this screen will appear. Click on ‘Add’ to add a vendor. You can also
find an existing vendor from search box. Admin can also choose the number of entries that will be
displayed on this page.
Add Vendor:
To add a Vendor, provide ‘Name’, ‘Address’ and choose ‘Status’. Then click on add.

Manage Branch
Click on ‘Mange Branch’ from Menu, this screen will appear. Click on ‘Add’ to add a Branch. You can also
find an existing branch from search box. Admin can also choose the number of entries that will be
Add Branch
To add a Branch, provide ‘Branch Name’, ‘Branch Code’ and ‘Description’. Then click on add.

Edit Branch
Go to ‘Mange Branch’ from Menu, then click on ‘Actions’ beside a respective branch and choose Edit to
edit a service
Delete Branch
Go to ‘Mange Branch’ from Menu, then click on ‘Actions’ beside a respective branch and choose Delete to
delete a service

Manage User
Click on ‘Mange User’ from Menu, this screen will appear. Click on ‘Add’ to add a User. You can also find an
existing user from search box. Admin can also choose the number of entries that will be displayed on this
page.

Add User
To add a User, provide ‘User ID’ and click on fetch to fetch all information. Next add assigned roles. Then
click on add.

Edit User
Go to ‘Mange User’ from Menu, then click on ‘Actions’ beside a respective user and choose Edit to edit a
user just like ‘Add’ option. You can also Reset Password here.

Delete User
Go to ‘Mange User’ from Menu, then click on ‘Actions’ beside a respective user and choose Delete to
delete a user.

Manager Account Type
Click on ‘Mange Account Type’ from Menu, this screen will appear. Click on ‘Add’ to add an
account/product type. You can also find an existing account/product from search box. Admin can also
choose the number of entries that will be displayed on this page.

Add Account Type
To add an account type, provide all the information that appears on the screen. Then click on add.
Edit Account Type

Go to ‘Mange Account Type’ from Menu, then click on ‘Actions’ beside a respective Account Type and
choose Edit to edit an Account Type.

Manage Prefix
Click on ‘Mange prefix’ from Menu, this screen will appear. Then click on ‘Add’ to add an Prefix. You can
also find an existing Prefix from search box. Admin can also choose the number of entries that will be
Add Prefix
To add an Prefix, provide all the information that appears on the screen. Then click on add.

Edit Prefix:
Go to ‘Mange prefix’ from Menu, then click on ‘Actions’ beside a respective Prefix and choose Edit to edit
an prefix.
Manage Role
Click on ‘Mange Role’ from Menu, this screen will appear. Click on ‘Add’ to add a Role.

Add Role
To add a Role, provide all the information that appears on the screen. Then click on add.

Edit Role
Go to ‘Mange Role’ from Menu, then click on ‘Actions’ beside a respective Role and choose Edit to edit an
Role.

Delete Role
Go to ‘Mange Role’ from Menu, then click on ‘Actions’ beside a respective Role and choose Delete to
delete a Role.

Branch User
Maker (Add New Request)
To make a request maker has to provide the ‘Account Number’ which will fetch all the necessary
information of the Customer. Maker has to provide some additional information like ‘Printing Name’,
Deliver Branch’, Cheque Book Leaf’, ‘No, of Book’, ‘Amount per leaf’ and whether it is ‘Urgent’ or not.

Checker (Check Cheque Book Requests)
Checker checks the Cheque Book Request and accept them.

Service and Estate (CCS Module)
Authorize Check Book Requests
Authorizer
Here authorizer clicks on ‘Accept’ to authorize regular Check Book Requests.
Authorize Urgent Request

Authorizer clicks on ‘Accept’ to authorize Urgent Check Book Requests .

Generate Report By vendor
To generate cheque book reports by vendor provide ‘Chequebook Type’ and ‘Vendor’. Then click on
‘Generate Report’

Upload Printing Vendor Acknowledgement
Printing vendor acknowledgement
Acknowledgement Files from printing vendor are uploaded from here.
Courier Acknowledgement
Acknowledgement Files from Courier Service are uploaded from here.

Cheque Books Receive at S&E
Shows list of cheque books on printing with their ‘Bundle Number’, ‘Branch Code’, ‘Branch Name’,
‘Creation Date’ and ‘Actions’ (that can be done on them). User can also choose the number of entries that
will be portrayed on this page. With 'Search' property user can search for a Cheque Book detail.

Bundle wise Cheque Books
When Service and Estate department receives cheque books they ensure it by clicking ‘Received at Service
& Estate’
Cheque Books at Support Service (Deliver Chequebook)

When Service and Support delivers the cheque books they press the control button to mark as delivered
from Support Service.

Contact Center (activation)
Contact center activates the cheque books with Account Number.

Emergency Administrative procedure:
Break glass refers to a quick means for a person who does not have access privileges to certain
information to gain access when necessary. Break–glass is based upon pre–staged “emergency”
user accounts, managed in a way that can make them available with reasonable administrative
overhead.
The system administrator should document any actual emergency access for later audit & review.
Typically, a special audit trail is created to monitor such access. Standard access controls should
be established with sufficient rules to minimize the number of times break–the–glass needs to
occur.
Scope
An emergency access solution should be used only when normal processes are insufficient
Examples of situations when ‘break glass’ emergency access might be necessary:
 Account problems:
o Forgotten Username/Password
o Locked Password
o No User Account
 Authentication problems:
o Central Authentication System failure
o Smart Card or biometrics reader failure
Note: In cases where the authentication system fails, there should be an alternate
authentication mechanism such as username/password.
 Authorization problems:
o An emergency situation thrusts an individual into a role where s/he lacks sufficient
access rights

Break Glass solution
The break–glass solution is based on pre–staged emergency user accounts, managed and
distributed in a way that can make them quickly available without unreasonable administrative
delay. This solution should be simple, effective, and reliable.
Pre-staging Accounts
Emergency Accounts should be created in advance to allow careful thought to go into the access
controls and audit trails associated with them. The following factors should be considered:
 Username should be obvious and meaningful

 Strong passwords should implemented
 Account Permissions should be set to minimum necessary privilege. Limit emergency
access to the minimum data and functionality needed to perform the task.
 Auditing should be enabled if available, to log details of the account usage and details of
the work carried out while using the account.
Note: Ensure that the individuals who create the accounts are not the ones reviewing the
audit trails since this can be a source of abuse.
The ‘break glass’ accounts and distribution procedures should be documented and tested
as part of implementation.
Distributing Accounts
Pre–staged accounts need to be carefully managed to provide timely access when needed Some
distribution possibilities for break–glass emergency accounts include the following:
 Kept behind glass in a cabinet, where access to the accounts requires literally breaking
the glass
 Maintained within sealed envelopes, where a broken seal would be an obvious indication
that the accounts have been accessed;
 Locked in a desk drawer that only specific people can access;
 Sealed and taped to the side of a monitor visible to many so it will be obvious when it is
missing or damaged.
 For cases where more than one person is needed to declare an emergency, locked in a
safe or cabinet where one person knows the combination or has the cabinet key and a
different person has the key to the room.

Monitoring Use of Accounts
The use of emergency accounts needs to be carefully monitored. The audit mechanisms should
be used and a procedure defined to examine the security audit trails on a regular basis to identify
any use of the emergency accounts.
Documentation should describe the intended use of such accounts and the consequences of their
inappropriate use. It should be clear that all use of emergency accounts is closely monitored. A
periodic review and retraining of staff should be done to make sure the break–glass procedure
continues to be relevant.
Each use of an emergency account should be reviewed. The use of an emergency account may
be valid, or it might indicate a malicious act. Unacceptable use needs to be recorded and acted
upon. Frequent use may indicate problems with the normal user authentication mechanism.
Cleaning Up After Account Usage

A procedure should be established to clean up after an emergency account has been used.
Consider addressing the following:
 Disable or delete the emergency account(s) that were used to prevent re–use now that
the password is known. Some systems may be capable of automatically deactivating
emergency accounts after first use or passage of a selectable period such as 8 hours or 1
day. Avoid disabling the account during the period of emergency use.
 Reconcile the data acquired and audit trails to reflect the proper operator’s name.
 Make entries in disclosures if appropriate Review activities performed including data
acquired/accessed
 Determine if the emergency account procedure and operation worked effectively and
adjust if necessary


Cheque Book Management System

Uploaded by

Copyright:

Available Formats

Cheque Book Management System

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Cheque Book Management System

Uploaded by

Copyright:

Available Formats

Check Book Management System

Data Processing and IT System Management,

Data Processing and IT System Management,

In simple words what it does is:

3 different users can access Cheque Book Management System

Data Processing and IT System Management,

2 Branch User Checker and Maker

Functionality as per user role:

1 Manage Service : Add, Edit or Delete a Service Admin

2 Manage Vendor : Add, Search Vendor Admin

3 Manage Branch : Add, Edit, Delete, Search a Branch Admin

4 Manage User : Add, Edit, Delete, Search a User Admin

6 Manager Account Type : Add, Edit, Search Account type Admin

7 Manage Prefix : Add, Edit, Search Prefix Admin

8 Manage Role : Add, Edit and Delete, Role Admin

9 Add New Request : Maker makes a chequebook request Branch User

13 Upload Printing Vendor : Upload Acknowledgement Service and Estate

Data Processing and IT System Management,

Data Processing and IT System Management,

Service and Estate

Data Processing and IT System Management,

Application activity logging:

User Specific Data Sources:

Web application firewall (if webapp):

Application Security Testing:

Data Processing and IT System Management,

Three types of interface can be defined

1. Identify the sources of required data

Data Processing and IT System Management,

Title Cheque Book Management

Branch and GB Operation

Programming Language used C#

Application OS Windows Server 2008 R2 Standard

Data Processing and IT System Management,

A. Install Server component

Data Processing and IT System Management,

Data Processing and IT System Management,

Data Processing and IT System Management,

Data Processing and IT System Management,

Data Processing and IT System Management,

Data Processing and IT System Management,

Data Processing and IT System Management,

Data Processing and IT System Management,

Data Processing and IT System Management,

Data Processing and IT System Management,

Data Processing and IT System Management,

Data Processing and IT System Management,

Edit Account Type

Data Processing and IT System Management,

Data Processing and IT System Management,

Data Processing and IT System Management,

Data Processing and IT System Management,

Data Processing and IT System Management,

Data Processing and IT System Management,

Data Processing and IT System Management,

Data Processing and IT System Management,

Authorize Urgent Request

Data Processing and IT System Management,

Data Processing and IT System Management,

Data Processing and IT System Management,