CFMS Taking Measures to Mitigate Cyber Security Risk GO.7
AP Govt. has issued GO.01 regarding taking steps to mitigate cyber-security risks. For this reduce the risk in digital financial environment Director of Treasuries & Account adopting security of two factor authentication in CFMS transaction to protect the interest of citizens and employees. Here is complete details of GO. regarding taking measure to mitigate security risk in CFMS.
Government of Andhra Pradesh
Abstract: Finance Department – Information Security – Adoption of Two-Factor authentication – Orders – Issued
FINANCE (BUDGET.II) DEPARTMENT
G.O.Ms.No.7 Dated:11-01-2023
Read the following:-
1. G.O.Ms.No. 192, Finance (IT) Department, dated 07-10-2016.
2. RBI/2020-21/74 DoS.CO.CSITE.SEC.No.1852/31-01-015/2020-21
3. FIN02-18069/7/2023-H-SEC-DTA( (efile No 1958605), dated 10-01-2022
ORDER
- The Government of Andhra Pradesh has adopted information technology (IT) for good governance & effective delivery of services to the citizens.
- In the reference 1st read above, orders were issued implementing Comprehensive Financial Management System (CFMS) encompassing Budget/HR/Works/Cash/Debt Management/ etc.
- The CFMS has created a digital platform, which is public-facing, & therefore is exposed to cyber security risks, which have proliferated in the recent past.
- Duly considering the aforementioned risks, the Reserve Bank of India, has also in the reference 2nd read above, issued the Master Direction on Digital Payment Security Controls.
- To mitigate the cyber-security risk in the digital financial environment of the State, the Director of Treasuries & Accounts, in the reference 3rd read above, has proposed the adoption of the additional security layer of two-factor authentication in CFMS transactions to protect the interest of the citizens & the employees.
- The Government, after careful examination of the aforementioned proposal, hereby issued the following orders.
- Two-factor applications. authentication is mandatory for accessing CFMS/HERB
- All Employees/Pensioners/Persons having a CFMS ID shall link their respective CFMS ID with their Aadhaar & mobile for availing Government & employee services securely.
- One Time Password (OTP) on an Aadhaar-linked mobile number is made mandatory for secure login/delivery of CFMS/HERB services.
| Action Item | Nodal Officers | Timeline |
| DDs/STOs Workshop on e-KYC authentication process | DTA&PAO | 12-01-2023 FN |
| DDOs Workshop on e-KYC authentication process | DTA&PAO | 12-01-2023 AN |
| Verification of Aadhaar/Aadhaar-linked mobile numbers through e-KYC authentication of all DDOs | STOs | 13-01-2023 |
| Verification of Aadhaar/Aadhaar-linked mobile numbers through e-KYC authentication of all other users (employees/pensioners/persons). | DDOs | By 20-01-2023 |
8. The user manual is made available & can be accessed at https://herb.apcfss.in/gos.
9. The DTA, PAO & the CEO, APCFSS shall implement the above orders in coordination with their stakeholders viz. Secretaries to the Government, HODs & the District Collectors, as per the above timelines.
Download GO.07 Mitigating Cyber Risks at CFMS Click Here