Docstoc

ATSC-Deliverables

Document Sample
ATSC-Deliverables Powered By Docstoc
					                                                                     ATSC


Functional Area                    Published in   Unique ID   BB          Parent
                                   Release #                              Requirement No.

Audit Trails and System Controls   7              ATSC-0001   14.01.001




Audit Trails and System Controls   8              ATSC-0002   14.02.085


Audit Trails and System Controls   7              ATSC-0003   14.02.083




Audit Trails and System Controls   7              ATSC-                   ATSC-0003
                                                  0003.01

Audit Trails and System Controls   7              ATSC-                   ATSC-0003
                                                  0003.02
Audit Trails and System Controls   7              ATSC-0004   14.01.005




Audit Trails and System Controls   7              ATSC-0005   14.02.084




Audit Trails and System Controls   7              ATSC-0006   14.01.009


Audit Trails and System Controls   7              ATSC-0007   14.01.014


Audit Trails and System Controls   7              ATSC-                   ATSC-0007
                                                  0007.01

Audit Trails and System Controls   7              ATSC-                   ATSC-0007
                                                  0007.02

Audit Trails and System Controls   7              ATSC-                   ATSC-0007
                                                  0007.03

Audit Trails and System Controls   7              ATSC-0008   14.01.020



Audit Trails and System Controls   7              ATSC-                   ATSC-0008
                                                  0008.01

Audit Trails and System Controls   7              ATSC-0009   14.01.021




Audit Trails and System Controls   7              ATSC-0011   14.01.025




Audit Trails and System Controls   7              ATSC-0012   14.02.071


Audit Trails and System Controls   7              ATSC-0013   14.01.027




                                                                    Page 1
                                                          ATSC


Audit Trails and System Controls   7   ATSC-0014   14.01.028




Audit Trails and System Controls   7   ATSC-0015   14.01.030




Audit Trails and System Controls   7   ATSC-0016   14.01.031




Audit Trails and System Controls   7   ATSC-                   ATSC-0016
                                       0016.01

Audit Trails and System Controls   7   ATSC-                   ATSC-0016
                                       0016.02


Audit Trails and System Controls   7   ATSC-                   ATSC-0016
                                       0016.03

Audit Trails and System Controls   7   ATSC-                   ATSC-0016
                                       0016.04

Audit Trails and System Controls   7   ATSC-0017   14.01.032




Audit Trails and System Controls   7   ATSC-0019   14.01.034




Audit Trails and System Controls   7   ATSC-0020   14.01.035




Audit Trails and System Controls   7   ATSC-0021   14.01.036


Audit Trails and System Controls   7   ATSC-0022   14.01.037




Audit Trails and System Controls   7   ATSC-0023   14.02.073




Audit Trails and System Controls   7   ATSC-0024   14.01.039




Audit Trails and System Controls   7   ATSC-0025   14.01.040




                                                         Page 2
                                                          ATSC


Audit Trails and System Controls   7   ATSC-0026   14.01.041




Audit Trails and System Controls   7   ATSC-0027   14.01.042




Audit Trails and System Controls   7   ATSC-0028   14.01.043




Audit Trails and System Controls   7   ATSC-0029   14.02.072




Audit Trails and System Controls   7   ATSC-0030   14.02.074


Audit Trails and System Controls   7   ATSC-0031   14.01.046




Audit Trails and System Controls   7   ATSC-0032   14.01.047




Audit Trails and System Controls   7   ATSC-0033   14.01.048




Audit Trails and System Controls   7   ATSC-0034   14.01.049




Audit Trails and System Controls   7   ATSC-0035   14.01.050


Audit Trails and System Controls   7   ATSC-0036   14.01.051


Audit Trails and System Controls   7   ATSC-0037   14.01.052




Audit Trails and System Controls   7   ATSC-0038   14.01.053




                                                         Page 3
                                                          ATSC


Audit Trails and System Controls   7   ATSC-0039   14.01.054




Audit Trails and System Controls   7   ATSC-0040   14.01.055




Audit Trails and System Controls   7   ATSC-                   ATSC-0040
                                       0040.01
Audit Trails and System Controls   7   ATSC-                   ATSC-0040
                                       0040.02
Audit Trails and System Controls   7   ATSC-0041   14.01.056




Audit Trails and System Controls   7   ATSC-0042   14.01.057


Audit Trails and System Controls   7   ATSC-0043   14.01.058


Audit Trails and System Controls   7   ATSC-0044   14.01.059




Audit Trails and System Controls   7   ATSC-0045   14.01.060


Audit Trails and System Controls   7   ATSC-0046   14.01.061


Audit Trails and System Controls   7   ATSC-0047   14.01.062




Audit Trails and System Controls   7   ATSC-0048   14.01.063


Audit Trails and System Controls   7   ATSC-0049   14.02.001




Audit Trails and System Controls   7   ATSC-                   ATSC-0049
                                       0049.01



Audit Trails and System Controls   7   ATSC-                   ATSC-0049
                                       0049.02


Audit Trails and System Controls   7   ATSC-                   ATSC-0049
                                       0049.03


Audit Trails and System Controls   7   ATSC-                   ATSC-0049
                                       0049.04




                                                         Page 4
                                                          ATSC


Audit Trails and System Controls   7   ATSC-0050   14.02.002




Audit Trails and System Controls   7   ATSC-                   ATSC-0050
                                       0050.01


Audit Trails and System Controls   7   ATSC-                   ATSC-0050
                                       0050.02



Audit Trails and System Controls   7   ATSC-0051   14.02.003




Audit Trails and System Controls   7   ATSC-0052   14.02.009


Audit Trails and System Controls   7   ATSC-0054   14.02.012


Audit Trails and System Controls   7   ATSC-0055   14.02.013




Audit Trails and System Controls   7   ATSC-0056   14.02.014




Audit Trails and System Controls   7   ATSC-0059   14.02.044




Audit Trails and System Controls   7   ATSC-0060   14.07.001




Audit Trails and System Controls   7   ATSC-0061   14.07.004


Audit Trails and System Controls   7   ATSC-0062   14.07.003




Audit Trails and System Controls   7   ATSC-0063   14.03.058



Audit Trails and System Controls   7   ATSC-0064   14.02.051


Audit Trails and System Controls   7   ATSC-0065   14.02.052




                                                         Page 5
                                                          ATSC


Audit Trails and System Controls   7   ATSC-                   ATSC-0065
                                       0065.01


Audit Trails and System Controls   7   ATSC-0069   14.03.066


Audit Trails and System Controls   7   ATSC-                   ATSC-0069
                                       0069.01
Audit Trails and System Controls   7   ATSC-                   ATSC-0069
                                       0069.02
Audit Trails and System Controls   7   ATSC-0070   14.03.067




Audit Trails and System Controls   7   ATSC-0071   14.03.068


Audit Trails and System Controls   7   ATSC-                   ATSC-0071
                                       0071.01
Audit Trails and System Controls   7   ATSC-                   ATSC-0071
                                       0071.02
Audit Trails and System Controls   7   ATSC-0072   14.02.059




Audit Trails and System Controls   7   ATSC-                   ATSC-0072
                                       0072.01

Audit Trails and System Controls   7   ATSC-                   ATSC-0072
                                       0072.02

Audit Trails and System Controls   7   ATSC-                   ATSC-0072
                                       0072.03

Audit Trails and System Controls   7   ATSC-0073   14.02.060




Audit Trails and System Controls   7   ATSC-0074   14.02.061




                                                         Page 6
                                                          ATSC


Audit Trails and System Controls   7   ATSC-0075   14.02.062




Audit Trails and System Controls   7   ATSC-0076   14.02.063




Audit Trails and System Controls   7   ATSC-0078   14.07.012




Audit Trails and System Controls   7   ATSC-0080   14.07.008




Audit Trails and System Controls   7   ATSC-0081   14.07.011




Audit Trails and System Controls   7   ATSC-0082   14.03.015




Audit Trails and System Controls   7   ATSC-0083   14.03.016


Audit Trails and System Controls   7   ATSC-0084   14.03.017


Audit Trails and System Controls   7   ATSC-0085   14.03.018




Audit Trails and System Controls   7   ATSC-0086   14.03.019

Audit Trails and System Controls   7   ATSC-0087   14.03.020




                                                         Page 7
                                                          ATSC


Audit Trails and System Controls   7   ATSC-0089   14.03.022


Audit Trails and System Controls   7   ATSC-0091   14.07.015


Audit Trails and System Controls   7   ATSC-0095   14.07.019




Audit Trails and System Controls   7   ATSC-0096   14.07.020




Audit Trails and System Controls   7   ATSC-0101   14.07.025




Audit Trails and System Controls   7   ATSC-0102   14.01.077




Audit Trails and System Controls   7   ATSC-                   ATSC-0102
                                       0102.01


Audit Trails and System Controls   7   ATSC-                   ATSC-0102
                                       0102.02

Audit Trails and System Controls   7   ATSC-                   ATSC-0102
                                       0102.03

Audit Trails and System Controls   7   ATSC-0104   14.01.068


Audit Trails and System Controls   7   ATSC-                   ATSC-0104
                                       0104.01
Audit Trails and System Controls   7   ATSC-                   ATSC-0104
                                       0104.02
Audit Trails and System Controls   7   ATSC-0105   14.01.069




Audit Trails and System Controls   7   ATSC-                   ATSC-0105
                                       0105.01




                                                         Page 8
                                                          ATSC


Audit Trails and System Controls   7   ATSC-                   ATSC-0105
                                       0105.02


Audit Trails and System Controls   7   ATSC-                   ATSC-0105
                                       0105.03


Audit Trails and System Controls   7   ATSC-0107   14.01.071


Audit Trails and System Controls   7   ATSC-                   ATSC-0107
                                       0107.01
Audit Trails and System Controls   7   ATSC-                   ATSC-0107
                                       0107.02

Audit Trails and System Controls   7   ATSC-0108   14.01.073




Audit Trails and System Controls   7   ATSC-0109   14.01.074




Audit Trails and System Controls   7   ATSC-0110   14.01.075


Audit Trails and System Controls   7   ATSC-0111   14.02.066




Audit Trails and System Controls   7   ATSC-                   ATSC-0111
                                       0111.01


Audit Trails and System Controls   7   ATSC-0112   01.02.006




Audit Trails and System Controls   7   ATSC-0113   09.01.026




Audit Trails and System Controls   7   ATSC-0114   14.03.040




Audit Trails and System Controls   7   ATSC-                   ATSC-0114
                                       0114.01

Audit Trails and System Controls   7   ATSC-                   ATSC-0114
                                       0114.02
Audit Trails and System Controls   7   ATSC-0115   14.03.041




Audit Trails and System Controls   7   ATSC-0116   14.03.042



Audit Trails and System Controls   7   ATSC-                   ATSC-0116
                                       0116.01




                                                         Page 9
                                                          ATSC


Audit Trails and System Controls   7   ATSC-                   ATSC-0116
                                       0116.02
Audit Trails and System Controls   7   ATSC-0117   14.03.043




Audit Trails and System Controls   7   ATSC-0119   02.01.169




Audit Trails and System Controls   7   ATSC-                   ATSC-0119
                                       0119.01
Audit Trails and System Controls   7   ATSC-                   ATSC-0119
                                       0119.02
Audit Trails and System Controls   7   ATSC-                   ATSC-0119
                                       0119.03
Audit Trails and System Controls   7   ATSC-0120   14.03.045




Audit Trails and System Controls   7   ATSC-                   ATSC-0120
                                       0120.01
Audit Trails and System Controls   7   ATSC-                   ATSC-0120
                                       0120.02

Audit Trails and System Controls   7   ATSC-0121   01.05.016




Audit Trails and System Controls   7   ATSC-                   ATSC-0121
                                       0121.01

Audit Trails and System Controls   7   ATSC-                   ATSC-0121
                                       0121.02
Audit Trails and System Controls   7   ATSC-                   ATSC-0121
                                       0121.03
Audit Trails and System Controls   7   ATSC-0122   14.03.046




Audit Trails and System Controls   7   ATSC-                   ATSC-0122
                                       0122.01


Audit Trails and System Controls   7   ATSC-                   ATSC-0122
                                       0122.02

Audit Trails and System Controls   7   ATSC-0123   14.03.027




Audit Trails and System Controls   7   ATSC-0124   08.03.054




                                                         Page 10
                                                          ATSC


Audit Trails and System Controls   7   ATSC-0125   14.03.054


Audit Trails and System Controls   7   ATSC-                   ATSC-0125
                                       0125.01

Audit Trails and System Controls   7   ATSC-                   ATSC-0125
                                       0125.02

Audit Trails and System Controls   7   ATSC-                   ATSC-0125
                                       0125.03

Audit Trails and System Controls   7   ATSC-                   ATSC-0125
                                       0125.04

Audit Trails and System Controls   7   ATSC-0126   14.03.055




Audit Trails and System Controls   7   ATSC-                   ATSC-0126
                                       0126.01
Audit Trails and System Controls   7   ATSC-                   ATSC-0126
                                       0126.02
Audit Trails and System Controls   7   ATSC-                   ATSC-0126
                                       0126.03
Audit Trails and System Controls   7   ATSC-                   ATSC-0126
                                       0126.04
Audit Trails and System Controls   7   ATSC-                   ATSC-0126
                                       0126.05
Audit Trails and System Controls   7   ATSC-0127   14.03.056




Audit Trails and System Controls   7   ATSC-0128   14.03.057




Audit Trails and System Controls   7   ATSC-                   ATSC-0128
                                       0128.01
Audit Trails and System Controls   7   ATSC-                   ATSC-0128
                                       0128.02



Audit Trails and System Controls   7   ATSC-0129   14.03.059


Audit Trails and System Controls   7   ATSC-0130   14.03.060



Audit Trails and System Controls   7   ATSC-                   ATSC-0130
                                       0130.01
Audit Trails and System Controls   7   ATSC-                   ATSC-0130
                                       0130.02
Audit Trails and System Controls   7   ATSC-                   ATSC-0130
                                       0130.03
Audit Trails and System Controls   8   ATSC-                   ATSC-0130
                                       0130.04

Audit Trails and System Controls   7   ATSC-0131   14.03.061




Audit Trails and System Controls   7   ATSC-0132   14.03.062



Audit Trails and System Controls   7   ATSC-0133   14.03.063




                                                         Page 11
                                                          ATSC


Audit Trails and System Controls   7   ATSC-0134   14.03.064


Audit Trails and System Controls   7   ATSC-0147   14.04.028

Audit Trails and System Controls   7   ATSC-0148   14.04.029



Audit Trails and System Controls   7   ATSC-0153   08.03.029



Audit Trails and System Controls   7   ATSC-0154   01.03.007




Audit Trails and System Controls   7   ATSC-0155   01.02.011




Audit Trails and System Controls   7   ATSC-                   ATSC-0155
                                       0155.01

Audit Trails and System Controls   7   ATSC-                   ATSC-0155
                                       0155.02

Audit Trails and System Controls   7   ATSC-0156   01.05.024




Audit Trails and System Controls   7   ATSC-0157   01.05.026




Audit Trails and System Controls   7   ATSC-0158   01.05.027




Audit Trails and System Controls   7   ATSC-0159   01.05.053




                                                         Page 12
                                                          ATSC


Audit Trails and System Controls   7   ATSC-                   ATSC-0159
                                       0159.01
Audit Trails and System Controls   7   ATSC-                   ATSC-0159
                                       0159.02
Audit Trails and System Controls   7   ATSC-                   ATSC-0159
                                       0159.03
Audit Trails and System Controls   7   ATSC-                   ATSC-0159
                                       0159.04
Audit Trails and System Controls   7   ATSC-                   ATSC-0159
                                       0159.05
Audit Trails and System Controls   7   ATSC-                   ATSC-0159
                                       0159.06
Audit Trails and System Controls   7   ATSC-                   ATSC-0159
                                       0159.07
Audit Trails and System Controls   7   ATSC-                   ATSC-0159
                                       0159.08
Audit Trails and System Controls   7   ATSC-0160   01.05.054




Audit Trails and System Controls   7   ATSC-                   ATSC-0160
                                       0160.01
Audit Trails and System Controls   7   ATSC-                   ATSC-0160
                                       0160.02
Audit Trails and System Controls   7   ATSC-                   ATSC-0160
                                       0160.03
Audit Trails and System Controls   7   ATSC-0164   14.05.004




Audit Trails and System Controls   7   ATSC-                   ATSC-0164
                                       0164.01


Audit Trails and System Controls   7   ATSC-                   ATSC-0164
                                       0164.02


Audit Trails and System Controls   7   ATSC-                   ATSC-0164
                                       0164.03


Audit Trails and System Controls   7   ATSC-                   ATSC-0164
                                       0164.04

Audit Trails and System Controls   7   ATSC-0167   14.05.007


Audit Trails and System Controls   7   ATSC-                   ATSC-0167
                                       0167.01
Audit Trails and System Controls   7   ATSC-                   ATSC-0167
                                       0167.02
Audit Trails and System Controls   7   ATSC-                   ATSC-0167
                                       0167.03
Audit Trails and System Controls   7   ATSC-                   ATSC-0167
                                       0167.04
Audit Trails and System Controls   7   ATSC-0171   14.02.070


Audit Trails and System Controls   7   ATSC-0172   14.03.048


Audit Trails and System Controls   7   ATSC-0173   14.03.049

Audit Trails and System Controls   7   ATSC-0174   14.03.050


Audit Trails and System Controls   7   ATSC-0175   14.03.051




                                                         Page 13
                                                          ATSC


Audit Trails and System Controls   7   ATSC-0176   14.03.052




Audit Trails and System Controls   7   ATSC-0177   14.03.053


Audit Trails and System Controls   7   ATSC-0178   14.02.075




Audit Trails and System Controls   7   ATSC-0179   14.02.076




Audit Trails and System Controls   7   ATSC-0180   14.02.077




Audit Trails and System Controls   7   ATSC-0181   14.02.078


Audit Trails and System Controls   7   ATSC-0182   14.04.011


Audit Trails and System Controls   7   ATSC-0183   14.04.012


Audit Trails and System Controls   7   ATSC-0184   14.04.013


Audit Trails and System Controls   7   ATSC-0185   14.04.014

Audit Trails and System Controls   7   ATSC-0186   14.04.015


Audit Trails and System Controls   7   ATSC-0187   14.04.016


Audit Trails and System Controls   7   ATSC-0190   14.02.079




Audit Trails and System Controls   7   ATSC-0191   14.02.080



Audit Trails and System Controls   7   ATSC-0192   14.02.081


Audit Trails and System Controls   7   ATSC-0193   14.02.082




                                                         Page 14
                                                          ATSC


Audit Trails and System Controls   7   ATSC-0194   14.02.086




Audit Trails and System Controls   7   ATSC-0195   14.02.087




Audit Trails and System Controls   7   ATSC-0196   14.02.088



Audit Trails and System Controls   7   ATSC-0197   14.06.001


Audit Trails and System Controls   7   ATSC-0198   14.06.002




Audit Trails and System Controls   7   ATSC-0199   14.06.003




Audit Trails and System Controls   7   ATSC-0200   14.06.004


Audit Trails and System Controls   7   ATSC-0201   14.06.005




Audit Trails and System Controls   7   ATSC-0202


Audit Trails and System Controls   9   ATSC-0208

Audit Trails and System Controls   7   ATSC-0226   05.06.011


Audit Trails and System Controls   7   ATSC-0228   05.06.013




Audit Trails and System Controls   7   ATSC-0230   05.06.014




Audit Trails and System Controls   7   ATSC-0232   05.06.017




Audit Trails and System Controls   7   ATSC-0234   05.06.018




Audit Trails and System Controls   7   ATSC-0237   05.06.019




                                                         Page 15
                                                          ATSC


Audit Trails and System Controls   7   ATSC-0239   05.06.020




Audit Trails and System Controls   7   ATSC-0241   05.06.022


Audit Trails and System Controls   7   ATSC-0243   05.06.023




Audit Trails and System Controls   7   ATSC-0245   05.06.024


Audit Trails and System Controls   7   ATSC-0247   05.06.025


Audit Trails and System Controls   7   ATSC-0249   05.06.026


Audit Trails and System Controls   7   ATSC-0251   05.06.027


Audit Trails and System Controls   7   ATSC-0253   05.10.012




Audit Trails and System Controls   7   ATSC-0255   05.11.005


Audit Trails and System Controls   7   ATSC-0257   05.12.002


Audit Trails and System Controls   7   ATSC-0258   05.12.003




Audit Trails and System Controls   7   ATSC-0260   05.12.005




Audit Trails and System Controls   7   ATSC-0263   05.12.007




Audit Trails and System Controls   7   ATSC-0266   05.12.008




                                                         Page 16
                                                          ATSC


Audit Trails and System Controls   7   ATSC-0267   05.12.009




Audit Trails and System Controls   7   ATSC-0269   05.12.011




Audit Trails and System Controls   7   ATSC-0271   05.12.012




Audit Trails and System Controls   7   ATSC-0273   05.12.013



Audit Trails and System Controls   7   ATSC-0275   05.12.014




Audit Trails and System Controls   7   ATSC-0277   05.12.015




Audit Trails and System Controls   7   ATSC-0280   05.12.016




Audit Trails and System Controls   7   ATSC-0282   05.12.017




Audit Trails and System Controls   7   ATSC-0284   05.12.018




Audit Trails and System Controls   7   ATSC-0285

Audit Trails and System Controls   7   ATSC-0286   05.12.019


Audit Trails and System Controls   7   ATSC-0288   05.12.021




Audit Trails and System Controls   7   ATSC-0290   05.12.022


Audit Trails and System Controls   7   ATSC-0292   05.12.024




Audit Trails and System Controls   7   ATSC-0293




Audit Trails and System Controls   7   ATSC-0294   05.12.025


Audit Trails and System Controls   7   ATSC-0296   05.12.027




Audit Trails and System Controls   7   ATSC-0297   05.15.001




                                                         Page 17
                                                          ATSC


Audit Trails and System Controls   7   ATSC-0300   05.17.001




Audit Trails and System Controls   7   ATSC-0301   05.18.001


Audit Trails and System Controls   7   ATSC-0303   05.18.004


Audit Trails and System Controls   7   ATSC-0304   05.18.011




Audit Trails and System Controls   7   ATSC-0305   05.18.012


Audit Trails and System Controls   7   ATSC-0306   05.19.001




Audit Trails and System Controls   7   ATSC-0307   05.19.002


Audit Trails and System Controls   7   ATSC-0308   05.19.003


Audit Trails and System Controls   7   ATSC-0309   05.19.004



Audit Trails and System Controls   7   ATSC-0310   05.19.005




Audit Trails and System Controls   7   ATSC-0311   05.19.006


Audit Trails and System Controls   7   ATSC-0312   05.19.007

Audit Trails and System Controls   7   ATSC-0313   05.19.008


Audit Trails and System Controls   7   ATSC-0314   05.19.009




Audit Trails and System Controls   7   ATSC-0315


Audit Trails and System Controls   7   ATSC-0319   05.21.004


Audit Trails and System Controls   7   ATSC-0323   05.20.002




Audit Trails and System Controls   7   ATSC-0328   05.21.003




                                                         Page 18
                                                          ATSC


Audit Trails and System Controls   7   ATSC-0330   05.21.005




Audit Trails and System Controls   7   ATSC-0332   05.21.006




Audit Trails and System Controls   7   ATSC-0334   05.21.007




Audit Trails and System Controls   7   ATSC-0336   05.21.008




Audit Trails and System Controls   7   ATSC-0337   05.22.006




Audit Trails and System Controls   7   ATSC-0338




Audit Trails and System Controls   7   ATSC-0379

Audit Trails and System Controls   7   ATSC-0587

Audit Trails and System Controls   7   ATSC-0753




Audit Trails and System Controls   7   ATSC-0872   01.05.043




Audit Trails and System Controls   7   ATSC-0897   05.04.023




Audit Trails and System Controls   7   ATSC-0997   01.05.009


Audit Trails and System Controls   7   ATSC-1000   14.01.076




Audit Trails and System Controls   8   ATSC-1229




                                                         Page 19
                                                          ATSC


Audit Trails and System Controls   7   ATSC-1419   14.03.039




Audit Trails and System Controls   7   ATSC-1420   14.03.028




Audit Trails and System Controls   8   ATSC-1485



Audit Trails and System Controls   7   ATSC-1519




Audit Trails and System Controls   9   ATSC-1527


Audit Trails and System Controls   7   ATSC-1620   14.01.064




Audit Trails and System Controls   7   ATSC-1621   14.01.065



Audit Trails and System Controls   7   ATSC-1622   14.01.066


Audit Trails and System Controls   7   ATSC-1623   14.07.026




Audit Trails and System Controls   7   ATSC-1624   14.07.027




Audit Trails and System Controls   7   ATSC-1625   14.03.026


Audit Trails and System Controls   7   ATSC-1627   14.03.029




Audit Trails and System Controls   7   ATSC-1628   14.03.030




                                                         Page 20
                                                          ATSC


Audit Trails and System Controls   7   ATSC-1629   14.03.031




Audit Trails and System Controls   7   ATSC-1630   14.03.032




Audit Trails and System Controls   7   ATSC-1631   14.03.033




Audit Trails and System Controls   7   ATSC-1632   14.03.034




Audit Trails and System Controls   7   ATSC-1633   14.03.035




Audit Trails and System Controls   7   ATSC-1634   14.03.036




Audit Trails and System Controls   7   ATSC-1635   14.03.037




Audit Trails and System Controls   7   ATSC-1636   14.03.038




Audit Trails and System Controls   7   ATSC-1637   14.07.002




Audit Trails and System Controls   7   ATSC-1638   14.07.005




Audit Trails and System Controls   7   ATSC-1639   14.07.028




                                                         Page 21
                                                          ATSC


Audit Trails and System Controls   7   ATSC-1640   14.07.029




Audit Trails and System Controls   7   ATSC-1641   14.07.030




Audit Trails and System Controls   7   ATSC-1655




Audit Trails and System Controls   7   ATSC-1656


Audit Trails and System Controls   7   ATSC-1657


Audit Trails and System Controls   7   ATSC-1658


Audit Trails and System Controls   7   ATSC-1659

Audit Trails and System Controls   7   ATSC-1660


Audit Trails and System Controls   7   ATSC-1661




Audit Trails and System Controls   7   ATSC-1662


Audit Trails and System Controls   7   ATSC-1663




Audit Trails and System Controls   7   ATSC-1664




Audit Trails and System Controls   7   ATSC-1665




Audit Trails and System Controls   7   ATSC-1666



Audit Trails and System Controls   7   ATSC-1668




                                                         Page 22
                                                          ATSC


Audit Trails and System Controls   7   ATSC-1669


Audit Trails and System Controls   7   ATSC-1670




Audit Trails and System Controls   7   ATSC-1671

Audit Trails and System Controls   7   ATSC-1673   05.22.001


Audit Trails and System Controls   7   ATSC-1674   05.22.002



Audit Trails and System Controls   7   ATSC-1675   05.22.003




Audit Trails and System Controls   7   ATSC-1676   05.22.004




Audit Trails and System Controls   7   ATSC-1677   05.22.008




Audit Trails and System Controls   7   ATSC-1678   05.22.010




Audit Trails and System Controls   7   ATSC-1679   05.22.011




Audit Trails and System Controls   7   ATSC-1680   05.22.012



Audit Trails and System Controls   7   ATSC-1681   05.22.013



Audit Trails and System Controls   7   ATSC-1682   05.22.014




Audit Trails and System Controls   7   ATSC-1683   05.22.015


Audit Trails and System Controls   7   ATSC-1684   05.22.016




                                                         Page 23
                                                          ATSC


Audit Trails and System Controls   7   ATSC-1685   14.01.072




Audit Trails and System Controls   7   ATSC-1686   14.02.064




Audit Trails and System Controls   7   ATSC-1687   14.02.065




Audit Trails and System Controls   7   ATSC-1688   14.02.067


Audit Trails and System Controls   7   ATSC-1689   14.02.068

Audit Trails and System Controls   7   ATSC-1690   14.02.069


Audit Trails and System Controls   7   ATSC-1691   14.03.044




Audit Trails and System Controls   7   ATSC-1692   14.03.047


Audit Trails and System Controls   7   ATSC-1695   14.03.065


Audit Trails and System Controls   7   ATSC-1696   14.04.017


Audit Trails and System Controls   7   ATSC-1697   14.04.018


Audit Trails and System Controls   7   ATSC-1698   14.04.019




Audit Trails and System Controls   7   ATSC-1699   14.04.020




Audit Trails and System Controls   7   ATSC-1700   14.04.021




                                                         Page 24
                                                          ATSC


Audit Trails and System Controls   7   ATSC-1701   14.04.022


Audit Trails and System Controls   7   ATSC-1702   14.04.023


Audit Trails and System Controls   7   ATSC-1703   14.04.024




Audit Trails and System Controls   7   ATSC-1704   14.04.025


Audit Trails and System Controls   7   ATSC-1705   14.04.026


Audit Trails and System Controls   7   ATSC-1706   14.04.027




Audit Trails and System Controls   7   ATSC-1707   14.05.001




Audit Trails and System Controls   7   ATSC-1708   14.05.002




Audit Trails and System Controls   7   ATSC-1709   14.05.003




Audit Trails and System Controls   7   ATSC-1711   14.05.005




Audit Trails and System Controls   7   ATSC-1712   14.05.006




Audit Trails and System Controls   7   ATSC-1719   05.06.009


Audit Trails and System Controls   7   ATSC-                   ATSC-1719
                                       1719.01

Audit Trails and System Controls   7   ATSC-1720   05.17.002



Audit Trails and System Controls   7   ATSC-                   ATSC-1720
                                       1720.01



Audit Trails and System Controls   7   ATSC-1721   05.17.003




Audit Trails and System Controls   7   ATSC-                   ATSC-1721
                                       1721.01


Audit Trails and System Controls   7   ATSC-1722   05.20.001




                                                         Page 25
                                                          ATSC


Audit Trails and System Controls   7   ATSC-                   ATSC-1722
                                       1722.01




Audit Trails and System Controls   7   ATSC-                   ATSC-1722
                                       1722.02

Audit Trails and System Controls   7   ATSC-                   ATSC-1722
                                       1722.03




Audit Trails and System Controls   7   ATSC-1723   05.21.002




Audit Trails and System Controls   7   ATSC-                   ATSC-1723
                                       1723.01

Audit Trails and System Controls   7   ATSC-1724   05.22.005




Audit Trails and System Controls   7   ATSC-                   ATSC-1724
                                       1724.01




Audit Trails and System Controls   7   ATSC-1725   05.22.007




Audit Trails and System Controls   7   ATSC-                   ATSC-1725
                                       1725.01


Audit Trails and System Controls   7   ATSC-1726   05.22.009



Audit Trails and System Controls   7   ATSC-                   ATSC-1726
                                       1726.01


Audit Trails and System Controls   7   ATSC-1727   05.22.017




Audit Trails and System Controls   7   ATSC-                   ATSC-1727
                                       1727.01




                                                         Page 26
                                                                                  ATSC


Functional Requirement                                                                            DFAS Process Name                  Accounting
                                                                                                                                     Transaction

To support the Audit Trails process, the Core financial system must provide automated      Audit Trails
functionality to generate an audit trail of transactions recorded as a document moves from
its source through all document statuses. The initial source may be documents that were
entered online, system-generated, interfaced from other systems or modules, or
converted during implementations or software upgrades.

To meet operations requirements, the core financial system must deliver the capability to         Operations (TLI)
restore archived data based on agency-defined criteria such as date, accounting period,
or vendor/customer.
To meet operations requirements, the core financial system must deliver a document                Operations (TLI)
archiving capability. Include the ability to define, establish, and maintain archival criteria,
such as date, accounting period, closed items, and vendors/customers inactive for a
specific time period. Archiving of closed or completed detail transactions must not affect
related general ledger account balances.

The system shall deliver a document archiving capability. Include the ability to define,          Operations (TLI)
establish, and maintain archival criteria, such as date, accounting period, closed items,
and vendors/customers inactive for a specific time period.
The system shall assure archiving of closed or completed detail transactions must not             Operations (TLI)
affect related general ledger account balances.
To support the Document Referencing and Modification process, the core financial                  Document Referencing and
system must provide automated functionality to re-open a closed document to allow                 Modification (SMC)
further processing against it, without requiring a new or amended document number.

To meet operations requirements, the core financial system must support data archiving            Operations (TLI)
and record retention in accordance with rules published by the National Archives and
Records Administration (NARA), GAO, and National Institute of Standards and
Technology (NIST).
To support the Audit Trails process, the Core financial system must provide automated             Audit Trails (SME)
functionality to capture all document change events (additions, modifications and
cancellations), including the date/time and User ID.
To support the Document and Transaction Control process, the Core financial system                Document and Transaction Control
must provide automated functionality to suspend documents that fail transaction                   (SMB)
processing edits, funds control edits, or tolerance checks.
The system shall suspend documents that fail transaction processing edits.                        Document and Transaction Control
                                                                                                  (SMB)

The system shall suspend documents that fail funds control edits.                                 Document and Transaction Control
                                                                                                  (SMB)

The system shall suspend documents that fail tolerance checks.                                    Document and Transaction Control
                                                                                                  (SMB)

An automated Defense Finance and Accounting Service (DFAS) system shall maintain or Internal Controls
create controls to ensure that all transactions are processed correctly. These controls
should include tools to identify and track numbers, types, and dollar amounts of the
transactions received and generated by DFAS.
The system shall process the numbers, types, and dollar amounts of transactions timely  Internal Controls
and accurately.

An automated Defense Finance and Accounting Service (DFAS) system shall maintain or Internal Controls
create controls to ensure that specific edits are applied by type of transaction in each
finance or accounting system. Those transactions that fail to pass edits shall be assigned
for research and correction by DFAS and/or the DoD Component.

To support the General Ledger Analysis and Reconciliation process, the Core financial       Classification Framework
system must generate the Daily General Ledger (GL) and Subsidiary Ledger Exception
Report. Result is a list of GL control accounts by internal fund code whose balances differ
from the subsidiary ledgers. Report lines include the GL control account balance, the
balance of the open documents in the subsidiary ledger, and the difference.

To meet Interoperability requirements, the Core financial system must deliver a capability        Interoperability (TLD)
to import and process standard transactions generated by other systems.

An automated Defense Finance and Accounting Service (DFAS) system shall maintain or Internal Controls
create controls to ensure that all transactions generated are edited to assure accuracy,
e.g., that the transaction is identified correctly in terms of the type of transaction, reported
quantity(ies), and dollar amount(s).




                                                                                Page 27
                                                                               ATSC


An automated Defense Finance and Accounting Service (DFAS) system shall ensure that Internal Controls
all transactions that occur during a reporting period are uniquely identified with the
reporting period and processed in order to meet the reporting schedule due dates.

To support the Document and Transaction Control process, the Core financial system             Document and Transaction Control
must validate that duplicate documents are not recorded, e.g., by editing document             (SMB)
numbers or storing additional information that make the document number unique (as in
date stamp on a utility bill).
To support the Document and Transaction Control process, the Core financial system             Document and Transaction Control
must notify the user when online documents fail funds control edits, transaction               (SMB)
processing edits, or tolerance checks. Provide the notification on the document entry
screen, and include the nature of each error and the validation level (rejection, warning or
information only). Retain errors with the document until they have been resolved.

The system shall notify the user when online documents fail funds control edits providing      Document and Transaction Control
notification on the document entry screen to include the nature of each error and the          (SMB)
validation level (rejection, warning or information only).
The system shall notify the user when online documents fail transaction processing edits       Document and Transaction Control
providing notification on the document entry screen to include the nature of each error and    (SMB)
the validation level (rejection, warning or information only).

The system shall notify the user when online documents tolerance checks providing              Document and Transaction Control
notification on the document entry screen to include the nature of each error and the          (SMB)
validation level (rejection, warning or information only).
The system shall retain errors with the document until they have been resolved when            Document and Transaction Control
online documents fail funds control edits, transaction processing edits, or tolerance          (SMB)
checks. .
To support the Document and Transaction Control process, the Core financial system             Document and Transaction Control
must validate transaction accounting classification elements. Prevent the recording of         (SMB)
transactions with missing, invalid or inactive classification elements or values.

To support the General Ledger Analysis and Reconciliation process, the Core financial          Classification Framework
system must generate the GL Supporting Documents Report as of the current system
date. Parameters include a GL control account and Treasury Account Symbol (TAS) or
internal fund code. Result is the GL account balance, and a list of the open documents
and balances supporting the GL account balance.
To support the Financial Reporting process, the Core financial system must provide             Classification Framework
automated functionality to validate Federal Agencies’ Centralized Trial-Balance System
(FACTS) I and FACTS II data prior to submission of the FACTS I and FACTS II Adjusted
Trial Balances (ATBs) and the Government wide Financial Report System (GFRS) report
to Treasury's Financial Management Service (FMS) and provide the option to run
validation edits on demand.
To support the Document and Transaction Control process, the Core financial system             Document and Transaction Control
must validate transaction-associated FACTS attributes. Prevent the recording of                (SMB)
transactions with missing, invalid or inactive FACTS attributes.
To support the Audit Trails process, the Core financial system must provide automated          Audit Trails (SME)
functionality to capture the following additional information on converted documents:
  • Legacy system identifier
  • Legacy system document number.

To meet Interoperability requirements, the Core financial system must deliver the              Interoperability (TLD)
capability to suspend erroneous Application program interface (API) transactions.
Suspense processing must include the ability to perform the following functions:
• Report suspended transactions
• Retrieve, view, correct and process, or cancel suspended transactions
• Automatically re-process transactions
• Report re-processed transactions.
To support the Document and Transaction Control process, the Core financial system             Document and Transaction Control
must provide automated functionality to define over tolerances for all obligations or by       (SMB)
obligation type.



To support the Document and Transaction Control process, the Core financial system             Document and Transaction Control
must provide automated functionality to define the valid values for the following              (SMB)
acquisition information:
 • North American Industry Classification System (NAICS) business codes
 • Standard Industrial Classification (SIC) codes
 • Product and service codes
 • Free On Board (FOB) shipping points
 • Ship to locations (destination codes).




                                                                             Page 28
                                                                               ATSC


To support the Document and Transaction Control process, the Core financial system              Document and Transaction Control
must provide automated functionality to capture the following document line item                (SMB)
information on spending documents:
• Quantity
• Unit of measure
• Unit Price
• Extended Price
• Description
• Product service codes
• FOB shipping points
• Ship to locations (destination codes).
To add value to the Document and Transaction Control process, the Core financial                Document and Transaction Control
system should provide automated functionality to define tolerances by percentage, dollar        (SMB)
amount or quantity for final payments that are less than the referenced obligation
document line amounts, and use them to control erroneous de-obligations of the funds.


To support the Audit Trails process, the Core financial system must provide automated           Audit Trails (SME)
functionality to query document additions, modifications and cancellations. Parameters
include: • User ID • Document number • Document type • Change type (add, modify,
cancel) • Transaction date range • Accounting period. Results include all parameter
values, document numbers, date and time stamps.
To meet Interoperability requirements, the Core financial system must deliver data record       Interoperability (TLD)
layouts for all standard transactions that can be accepted by the application's API facility.
Transactions must include sufficient data to enable complete validation and processing by
the receiving system.
To meet Interoperability requirements, the Core financial system must generate API              Interoperability (TLD)
transaction edit error records using a data layout defined by the vendor (i.e., provide two-
way interface support).
To support the Document and Transaction Control process, the Core financial system              Document and Transaction Control
must provide automated functionality to capture a unique system-generated or agency-            (SMB)
assigned document number for each document and document modification.

To support the Document and Transaction Control process, the Core financial system              Document and Transaction Control
must provide automated functionality to capture a unique system-generated number to             (SMB)
identify each general ledger transaction. Associate one or more general ledger
transactions with a document and document modifications.
To support the Document and Transaction Control process, the Core financial system              Document and Transaction Control
must provide automated functionality to associate referenced documents in the                   (SMB)
processing chain, such as when an obligation document references one or more prior
commitment documents.
To support the Document and Transaction Control process, the Core financial system              Document and Transaction Control
must provide automated functionality to capture a reimbursable agreement number and             (SMB)
one other agency-assigned source document number in separate fields on all spending
documents. The agency-assigned source document number may be a purchase
requisition number, contract number and associated delivery /task order number,
purchase order number, blanket purchase agreement number and associated call
number, grant number, travel order number, etc.

To support the Document and Transaction Control process, the Core financial system              Document and Transaction Control
must provide automated functionality to define document numbering as system-generated           (SMB)
or agency-assigned by document type.
To support the Document and Transaction Control process, the Core financial system              Document and Transaction Control
must provide automated functionality to capture the source system and the source system         (SMB)
document number of each interfaced document.
To support the Document and Transaction Control process, the Core financial system              Document and Transaction Control
must provide automated functionality to capture goods delivery and service performance          (SMB)
period start and end dates on documents where the period of performance is a validation
for future processing, e.g.,
• Contracts
• Blanket purchase agreements
• Reimbursable agreements
• Travel orders
• Grants.
To support the Document and Transaction Control process, the Core financial system              Document and Transaction Control
must provide automated functionality to capture the following data elements when                (SMB)
establishing reimbursable agreements:
• Reimbursable agreement number
• Reimbursable agreement amount
• Billing limit
• Billing terms
• Accounting classification information
• Source (federal, other non-federal entities, or public).




                                                                              Page 29
                                                                               ATSC


To support the Document and Transaction Control process, the Core financial system             Document and Transaction Control
must provide automated functionality to prevent the recording of erroneous transactions        (SMB)
by rejecting documents that fail transaction processing edits.

To support the Document and Transaction Control process, the Core financial system             Document and Transaction Control
must provide automated functionality to allow users to hold documents for completion or        (SMB)
processing at a later date. Segregate held from suspended documents

The core financial system shall provide automated functionality to allow users to hold         Document and Transaction Control
documents for completion or processing at a later date.                                        (SMB)
The core financial system shall provide automated functionality to segregate held from         Document and Transaction Control
suspended documents.                                                                           (SMB)
To support the Document and Transaction Control process, the Core financial system             Document and Transaction Control
must provide automated functionality to process suspended documents when external              (SMB)
referenced data that caused the system to suspend processing of a document is
corrected, such as when funds become available or the Central Contractor Registration
(CCR) vendor status changes from expired to active.
To support the Document and Transaction Control process, the Core financial system             Document and Transaction Control
must provide automated functionality to allow users to cancel (permanently close) posted       (SMB)
documents.
To support the Document and Transaction Control process, the Core financial system             Document and Transaction Control
must provide automated functionality to allow users to delete held or suspended                (SMB)
documents.
To support the Document and Transaction Control process, the Core financial system             Document and Transaction Control
must provide automated functionality to validate that valid values for the following           (SMB)
acquisition information are captured on spending documents:
• NAICS business codes
• SIC codes
• Product service codes
• FOB shipping points
• Ship to locations (destination codes).
To support the Document and Transaction Control process, the Core financial system             Document and Transaction Control
must provide automated functionality to validate that the sum of all document line items is    (SMB)
equal to the document total.
To support the Document and Transaction Control process, the Core financial system             Document and Transaction Control
must provide automated functionality to derive the default accounting period from the          (SMB)
transaction date. Prevent user override.
To support the Document and Transaction Control process, the Core financial system             Document and Transaction Control
must provide automated functionality to record subsequent activity against a document          (SMB)
with the transaction date of that activity (e.g., the payment voucher), not the transaction
date of the original document (e.g., the referenced obligation).

To add value to the Document and Transaction Control process, the Core financial               Document and Transaction Control
system should provide automated functionality to define under tolerances for all               (SMB)
obligations or by obligation type.
To meet Operations requirements, the Core financial system must deliver an event               Operations (TLI)
logging capability for systems, transactions, tables, and system parameters. The logs
must include the following:
• User ID
• System date
• Time
• Type of activity (i.e., add, modify, delete)
• Old value
• New value. (For example, provide a log of all attempts to log onto the system or track
changes to the prompt pay interest rate value.)
To meet Interoperability requirements, the core financial system must deliver an event         Operations (TLI)
logging capability for systems. The logs must include the following: User ID; System date;
Time; Type of activity (i.e., add, modify, delete); Old value; New value. (For example,
provide a log of all attempts to log onto the system or track changes to the prompt pay
interest rate value.)
The system must deliver an event logging capability for transactions. The logs must            Operations (TLI)
include the following: User ID; System date; Time; Type of activity (i.e., add, modify,
delete); Old value; New value. (For example, provide a log of all attempts to log onto the
system or track changes to the prompt pay interest rate value.)
The system must deliver an event logging capability for tables. The logs must include the      Operations (TLI)
following: User ID; System date; Time; Type of activity (i.e., add, modify, delete); Old
value; New value. (For example, provide a log of all attempts to log onto the system or
track changes to the prompt pay interest rate value.)
The system must deliver an event logging capability for system parameters. The logs            Operations (TLI)
must include the following: User ID; System date; Time; Type of activity (i.e., add, modify,
delete); Old value; New value. (For example, provide a log of all attempts to log onto the
system or track changes to the prompt pay interest rate value.)




                                                                             Page 30
                                                                                ATSC


To meet Interoperability requirements, the Core financial system must deliver API              Interoperability (TLD)
processing controls to ensure real time transactions or batch transactions files are
received from authorized sources, complete and not duplicates. In addition, the API must
ensure that where batch files are used:
• The number of transactions in a received file matches a control record count
• The dollar total of transactions in a file matches a control amount
• The sender is notified of erroneous transactions
• The erroneous transactions are automatically returned to the sender.
To meet Operations requirements, the core financial system must deliver API processing         Interoperability (TLD)
controls to ensure real time transactions or batch transactions files are received from
authorized sources, complete and not duplicates.

To meeting Operations requirements, the core financial system must ensure where batch          Interoperability (TLD)
files are used: The number of transactions in a received file matches a control record
count; The dollar total of transactions in a file matches a control amount; The sender is
notified of erroneous transactions; The erroneous transactions are automatically returned
to the sender.
To meet Operations requirements, the Core financial system must deliver a process              Operations (TLI)
scheduling capability. Allow the agency to define, initiate, monitor and stop system
processes (e.g., online availability, batch jobs, and system maintenance).

To meet Interoperability requirements, the Core financial system must process API              Interoperability (TLD)
transactions using the same business rules, program logic, and edits used by the system
in processing transactions submitted through the application client.
To meet the system's documentation requirements, the Core financial system must keep           Documentation (TLK)
all documentation (software, system, operations, user manuals, operating procedures,
etc.) up-to-date and readily available for examination.
To meet the system's documentation requirements, the Core financial system must keep           Documentation (TLK)
user documentation in sufficient detail to permit a person, knowledgeable of the agency's
programs and of systems generally, to obtain a comprehensive understanding of the
entire operation of each system.
To meet the system's documentation requirements, the Core financial system must keep           Documentation (TLK)
technical system documentation such as requirements documents, systems specifications
and operating instructions shall be adequate to enable technical personnel to operate the
system in an effective and efficient manner.
To facilitate the system's training requirements, the Core financial system must provide       Documentation (TLK)
adequate training and appropriate user support to the users of the core financial systems,
based on the level, responsibility and roles of individual users. Training shall enable the
users of the systems at all levels to understand, operate and maintain the system.

To meet security requirements, the Core system must deliver integrated security                Security (TLH)
functionality compliant with the National Institute of Standards and Technology (NIST)
Security Standards. Note: The DoD the security controls published in DoDI 8500.2,
“Information Assurance (IA) Implementation,” for all DoD information systems based on
information sensitivity/classification and the impact or effect on mission success, which is
consistent with NIST security standards as confirmed by letter dated June 6, 2007 from
NIST to DoD CIO. Accordingly, a DoD information system may be considered to satisfy
14.07.01 if the system complies with 14.07.26.

To meet security requirements, the Core system must ensure that the appropriate security Security (TLH)
controls are consistently enforced in all modules, including software used for ad-hoc data
query/report generators.
To meet security requirements, the Core system must deliver the capability to control      Security (TLH)
function access (e.g., system modules, transactions, approval authorities) and data
access (i.e., create, read, update, delete) by assigned:
• User ID
• Functional role (e.g., payable technician) or
• Organization.
Enable the agency to define access rules based on any combination of these attributes.

To meet Workflow/Messaging requirements, the Core financial system must deliver a              Workflow/Messaging (TLE)
workflow calendaring capability to generate date-based process exception reports and
alerts. For example, notify an accounts payable office when invoices are held over 30
days with no matching receiving report.
To add value to the Operations functionality, the Core financial system should deliver the     Operations (TLI)
capability to process queued jobs (i.e. reports, transaction files from interfacing systems,
bulk record updates) with no online performance degradation.
To meet the system's documentation requirements, the agency's financial management             Documentation (TLK)
systems and processing instructions shall be clearly documented in hard copy or
electronically in accordance with (a) the requirements contained in the core financial
system requirements document issued by FSIO or
 (b) other applicable requirements.




                                                                              Page 31
                                                                               ATSC


To meet the system's documentation requirements, the agency's financial management             Documentation (TLK)
systems and processing instructions shall be clearly documented in hard copy or
electronically in accordance with (a) the core financial system requirements document
issued by FSIO or (b) other applicable requirements.
To meet Document Management requirements, the Core financial system must deliver               Document Management (TLF)
the capability to index and store file reference materials received or generated by the
agency in electronic format.
The system shall deliver the capability to index and store file reference materials received   Document Management (TLF)
by the agency in electronic format.
The system shall deliver the capability to index and store file reference materials            Document Management (TLF)
generated by the agency in electronic format.
To add value to the Document Management functionality, the Core financial system               Document Management (TLF)
should deliver the capability to electronically image, index and store file reference
materials delivered in a hard copy format (e.g., a signed contract, bill of lading, vendor
invoices).
To add value to the Document Management functionality, the Core financial system               Document Management (TLF)
should deliver the capability to notify the user of the presence of associated document
images. Deliver on-screen display of imaged material.
The system shall deliver the capability to notify the user of the presence of associated       Document Management (TLF)
document images.
The system shall deliver on-screen display of imaged material.                                 Document Management (TLF)

To meet Documentation requirements, the Core financial system must deliver                Documentation (TLK)
documentation that identifies all software and hardware products needed by an agency to
install, operate, access, and maintain the application. Delivered hardware and software
documentation must specifically identify those products that are intended to be purchased
or licensed as part of the product licensing agreement, and those products needed to
meet any technical and functional requirement that must be acquired separately by the
agency.
The core financial system must deliver documentation that identifies all software and     Documentation (TLK)
hardware products needed by an agency to install, operate, access, and maintain the
application.
The core financial system must deliver documentation that identifies those products that  Documentation (TLK)
are intended to be purchased or licensed as part of the product licensing agreement.

The core financial system must deliver documentation that identifies those products            Documentation (TLK)
needed to meet any technical and functional requirement that must be acquired
separately by the agency.
To meet Documentation requirements, the Core financial system must deliver application         Documentation (TLK)
design documentation. This documentation must include the following:
• Description of the application's design/architecture and integrated technologies
• Database specifications
• Data dictionary
• Entity relationship diagrams
• Internal file record layouts
• Cross references between internal files, database tables and data-entry screens
• Program module specifications including firmware and program source code
• System flowcharts. Application documentation must identify known problems (software
bugs) and recommended work around.
To meet Documentation requirements, the Core financial system must deliver product             Documentation (TLK)
installation and maintenance documentation. Installation documentation must describe
the following items:
• Product release content
• Third party software configuration requirements
• Database installation steps
• The directory structure for locating application data, programs, files, tables including
drive mappings
• Hardware driver installation and configuration
• Application security set-up and maintenance
• Software configuration instructions
• Operating parameter definitions and any other required set-up data
• Software build instructions
• Vendor supplied configuration tools
• Interface processes to be installed
• Startup scripts needed to initiate the software
• Test steps needed to verify correct installation.




                                                                             Page 32
                                                                              ATSC


To meet Documentation requirements, the Core financial system must deliver system          Documentation (TLK)
operations and user manuals. Documentation must explain the following system
operations:
• System start-up
• Shutdown
• Monitoring
• Recovery/re-start
• Internal processing controls
• Archiving and application security.
User documentation must explain in detail how to execute available functionality in each
application component and must cover instructions for the following:
• Access procedures
• User screen layout
• Standard report layout and content
• Transaction entry
• Workflow
• Batch job initiation
• GL and transaction maintenance
• Year-end processing
• Error codes with descriptions
• Recovery steps
• TroubleDocumentation requirements, the Core financial system must deliver
To meet shooting procedures.                                                               Documentation (TLK)
documentation updates concurrent with the distribution of new software releases. Release
notes must clearly identify all changes made to the system's functionality, operation or
required computing hardware and software.
To meet system security requirements, all agencies shall implement and maintain a          Security (TLH)
program to assure that adequate security is provided for all agency information collected,
processed, transmitted, stored or disseminated in general support systems and major
applications. Note: The DoD implements this OMB requirement through the DoD IA
Program. Accordingly, a DoD information system may be considered to satisfy 14.07.12 if
the system complies with 14.07.26 and 14.07.27.

To meet security requirements, an automated system shall incorporate technical,              Security (TLH)
operational, and management controls into the application and application rules (as
appropriate) to prevent harm from authorized individuals engaged in improper activities,
whether intentional or accidental. Examples of such controls are:
• separation of duties,
• least privilege and
• individual accountability.
Note: A DoD information system may be considered to satisfy 14.07.08 if the system
complies with 14.07.26.
To meet security requirements, an automated system shall provide adequate security to        Security (TLH)
protect government information, commensurate with the risk and magnitude of harm,
which could result from the loss, misuse, unauthorized access to, or modification of such
information. Note: A DoD information system may be considered to satisfy 14.07.11 if
the system complies with 14.07.26 and 14.07.27.
An automated accounting system shall record, preserve, and make accessible sufficient        Control Framework
information to: (1) ensure the adequate management and accountability of an agency
program, and (2) protect the legal and financial rights of the Federal Government.

An automated accounting system shall incorporate records management and archival             Control Framework
functions into the design, development, and implementation of the information systems.

An automated accounting system shall collect or create only the information necessary for Control Framework
the proper performance of agency functions and which has practical utility.

An automated accounting system must follow the guidelines for Electronic Information         Control Framework
Collection.
Executive agencies under Sections 1703 and 1705 of the Government Paperwork
Elimination Act (GPEA), P. L. 105-277, Title XVII are required to provide the:
  (1) option of the electronic maintenance, submission, or disclosure of information, when
practicable as a substitute for paper; and
  (2) use and acceptance of electronic signatures, when practicable.
Agencies will follow the provisions in OMB Memorandum M-00-10, "Procedures and
Guidance on Implementing of the Government Paperwork Elimination Act."
An automated accounting system must ensure that records management programs                  Control Framework
provide adequate and proper documentation of agency activities.
An automated accounting system shall limit the sharing of information that identifies        Control Framework
individuals or contains proprietary information to that which is legally authorized, and
impose appropriate conditions on use where a continuing obligation to ensure the
confidentiality of the information exists.




                                                                            Page 33
                                                                                ATSC


An automated accounting system shall limit the collection of information, which identifies Control Framework
individuals to that which is legally authorized and necessary for the proper performance of
agency functions.
To meet system security requirements, application security plans shall ensure that          Control Framework
information shared from the application is protected appropriately, comparable to the
protection provided when information is within the application.
To meet system security requirements, the use of Public Key Infrastructure (PKI)            Control Framework
certificates and biometrics for positive authentication shall be in accordance with
published DoD policy and procedures. These technologies shall be incorporated in all
new acquisitions and upgrades whenever possible.

To meet system security requirements, foreign exchange personnel and representatives           Security (TLH)
of foreign nations, coalitions or international organizations may be authorized access to
DoD information systems containing classified or sensitive information only if all of the
following conditions are met:
• Access is authorized only by the DoD Component Head in accordance with the
Department of Defense, the Department of State (DoS), and Director of Central
Intelligence (DCI) disclosure and interconnection policies, as applicable.
• Mechanisms are in place to strictly limit access to information that has been cleared for
release to the represented foreign nation, coalition or international organization, (e.g.,
North Atlantic Treaty Organization) in accordance with DoD Directive 5230.11, for
classified information, and other policy guidance for unclassified information such as
reference DoD Directive 5230.20E and DoD Instruction 5230.27.
To meet system security requirements, all Information Assurance (IA) or IA-enabled IT           Security (TLH)
hardware, firmware, and software components or products incorporated into DoD
information systems must comply with the evaluation and validation requirements of
National Security Telecommunications and Information Systems Security Policy
(NSTISSP) Number 11. Such products must be satisfactorily
evaluated and validated either prior to purchase or as a condition of purchase (i.e.,
vendors will warrant, in their responses to a solicitation and as a condition of the contract,
that the vendor’s products will be satisfactorily validated within a period of time specified
in the solicitation and the
contract). Purchase contracts shall specify that product validation will be maintained for
updated versions or modifications by subsequent evaluation or through participation in the
National IA Partnership (NIAP) Assurance Maintenance Program. IA shall be considered
as a requirement for all systems which are used to enter, process, store, display, or
transmit national security information. IA shall be achieved through the acquisition and
appropriate implementation of evaluated or validated Government-Off-the Shelf (GOTS)
or Commercial Off-the-Shelf (COTS) IA and IA-enabled IT products. These products
should provide for the availability of the systems, ensure the integrity and confidentiality of
information,the Audit Trails process, the Core financial system must provide automated
To support and ensure the authentication and non-repudiation of parties in                      Audit Trails (SME)
functionality to generate an audit trail of all accounting classification structure additions,
changes and deactivations, including the effective dates of the changes.

The system shall provide automated functionality to generate an audit trail of all             Audit Trails (SME)
accounting classification structure additions, including the effective dates of the changes.


The system shall provide automated functionality to generate an audit trail of all             Audit Trails (SME)
accounting classification structure changes, including the effective dates of the changes.

The system shall provide automated functionality to generate an audit trail of all             Audit Trails (SME)
accounting classification structure deactivations, including the effective dates of the
changes.
To support the Document and Transaction Control process, the Core financial system             Document and Transaction Control
must provide automated functionality to allow users to select suspended and held               (SMB)
documents for continued processing.
The system shall provide automated functionality to allow users to select suspended            Document and Transaction Control
documents for continued processing.                                                            (SMB)
The system shall provide automated functionality to allow users to select held documents       Document and Transaction Control
for continued processing.                                                                      (SMB)
To support the Document and Transaction Control process, the Core financial system             Document and Transaction Control
must provide automated functionality to define tolerances by percentage, “not-to-exceed”       (SMB)
dollar amounts, or “not-to-exceed” quantities at the document line level, and use them to
control overages by document line for the following relationships: • Obligations to
commitments • Receipts to obligations • Invoices to obligations

The system shall provide automated functionality to define tolerances by percentage at         Document and Transaction Control
the document line level to control overages by document line for the following                 (SMB)
relationships: Obligations to Commitments; Receipts to Obligations; Invoices to
Obligations.




                                                                              Page 34
                                                                                ATSC


The system shall provide automated functionality to define tolerances by "not-to-exceed"         Document and Transaction Control
dollar amounts at the document line level to control overages by document line for the           (SMB)
following relationships: Obligations to Commitments; Receipts to Obligations; Invoices to
Obligations.
The system shall provide automated functionality to define tolerances by "not-to-exceed"         Document and Transaction Control
quantities at the document line level to control overages by document line for the following     (SMB)
relationships: Obligations to Commitments; Receipts to Obligations; Invoices to
Obligations.
To support the Document and Transaction Control process, the Core financial system               Document and Transaction Control
must provide automated functionality to derive the default transaction date from the             (SMB)
current system date.
The system shall provide automated functionality to derive the default transaction date          Document and Transaction Control
from the current system date.                                                                    (SMB)
The system shall provide the automated functionality to capture an agency-specified              Document and Transaction Control
transaction date (i.e., allow the agency to override the default transaction date with a date    (SMB)
in any open accounting period).
To support the Document and Transaction Control process, the Core financial system               Document and Transaction Control
must provide automated functionality to validate transactions that would post to United          (SMB)
States Standard General Ledger (USSGL) accounts (e.g., borrowing authority, contract
authority, or investments) to ensure that the associated fund code is designated as having
the appropriate RT7 code.
To support the Document and Transaction Control process, the Core financial system               Document and Transaction Control
must provide automated functionality to capture the following dates on all transactions:         (SMB)
• Transaction date - The date a transaction is effective in the general ledger (i.e., the date
a financial event is recognized).
• System date - The actual date a transaction is processed by the system. This date is
assigned by the computer and may not be modified.

To add value to the Document and Transaction Control process, the Core financial                 Document and Transaction Control
system should record transactions in both foreign currency and U.S. dollars in all Core          (SMB)
system modules
To support the Document Referencing and Modification process, the Core financial                 Document Referencing and
system must provide automated functionality to associate documents in the processing             Modification (SMC)
chain, and bring forward accounting and non-financial information from one document to
another, when the previously recorded document is referenced, (e.g., commitment to
obligation, receivable to collection). This is to include accounting classification, vendor
and customer information.
The system shall provide automated functionality to bring forward accounting and non-            Document Referencing and
financial information from one document to another, when the previously recorded                 Modification (SMC)
document is referenced (e.g., commitment to obligation, receivable to collection) by
associating documents in the processing chain.
To support the Document Referencing and Modification process, the Core financial                 Document Referencing and
system must provide automated functionality to update the balance of open documents by           Modification (SMC)
accounting line item as they are referenced by subsequent documents in the processing
chain. For example, reduce commitments when referenced by obligations, reduce
obligations when referenced by expenditures, reclassify obligations when referenced by
advances, and reduce accounts receivable when referenced by collections.

To support the Document Referencing and Modification process, the Core financial                 Document Referencing and
system must provide automated functionality to associate documents with related source           Modification (SMC)
documents (e.g., reimbursable agreements, purchase orders, contracts and delivery
orders, Blanket Purchase Agreement (BPAs) and call numbers, and grants) so that
queries show all related activity.
To support the Document Referencing and Modification process, the Core financial                 Document Referencing and
system must provide automated functionality to capture document modifications at the             Modification (SMC)
accounting line item level that affect the general ledger, including changes to dollar
amounts and accounting classifications. Validate that funds are available prior to
recording the modifications.
The system shall proved automated functionality to capture document modifications at the         Document Referencing and
accounting line item level that affect the general ledger, including changes to dollar           Modification (SMC)
amounts and accounting classifications.
The system shall validate that funds are available prior to recording the modifications.         Document Referencing and
                                                                                                 Modification (SMC)
To support the Document Referencing and Modification process, the Core financial                 Document Referencing and
system must provide automated functionality to capture document modifications that do            Modification (SMC)
not affect the general ledger, such as changes to vendor names, descriptions, etc.

To support the Document Referencing and Modification process, the Core financial                 Document Referencing and
system must provide automated functionality to associate document modifications and              Modification (SMC)
cancellations with the original documents so that queries show all related activity.

The system shall provide automated functionality to associate document modifications             Document Referencing and
with the original documents so that queries show all related activity.                           Modification (SMC)




                                                                              Page 35
                                                                              ATSC


The system shall provide the automated functionality to associate document cancellations      Document Referencing and
with the original documents so that queries show all related activity.                        Modification (SMC)
To support the Document Referencing and Modification process, the Core financial              Document Referencing and
system must provide automated functionality to reference multiple documents and               Modification (SMC)
document lines in the processing chain. For example, reference multiple commitments or
commitment lines on an obligating document, or reference multiple receivable documents
or document lines on a collection.
To support the Document Referencing and Modification process, the Core financial              Document Referencing and
system must provide automated functionality to query documents. Parameter includes any        Modification (SMC)
document number. Result is a list of all document numbers in the document's processing
chain with document statuses and balances at the document level. Drill-down from each
document number to its document details (e.g., vendor/customer name, description and
amount).
The system shall be able to query documents by any document number.                           Document Referencing and
                                                                                              Modification (SMC)
The system query shall provide a list of all document numbers in the document's               Document Referencing and
processing chain with document statuses and balances at the document level.                   Modification (SMC)
The system query shall allow drill-down from each document number to its document             Document Referencing and
details (e.g., vendor/customer name, description, and amount).                                Modification (SMC)
To support the Document Referencing and Modification process, the Core financial              Document Referencing and
system must provide automated functionality to query transactions. Parameter is any           Modification (SMC)
document number. Result is a list of all general ledger transactions in the document's
processing chain, including:
• Transaction numbers
• Amounts
• GL debits and credits
• Accounting classification elements.
The system shall be able to query transactions by document number.                            Document Referencing and
                                                                                              Modification (SMC)
The system query shall provide a list of all general ledger transactions in the document's    Document Referencing and
processing chain, including: Transaction numbers; Amounts; GL debits and credits;             Modification (SMC)
Accounting classification elements.
To support the Document Referencing and Modification process, the Core financial              Document Referencing and
system must provide automated functionality to query documents. Parameter(s) include          Modification (SMC)
any one or a combination of the following:
• Document type
• Document status (e.g., open, closed)
• Vendor number
• Vendor Data Universal Numbering System (DUNS)+4 numbers
• Customer number
• Accounting classification elements.
Result is a list of selected document numbers with document statuses and balances at
the document level. Drill-down from each document number to its document lines and
detailed GL transactions.
The system shall be able to query documents by any one or a combination of the                Document Referencing and
following: Document type; Document status (e.g., open, closed); Vendor number; Vendor         Modification (SMC)
DUNS+4 number; Customer number; Accounting classification elements.
The system query shall provide a list of selected document numbers with document              Document Referencing and
statuses and balances at the document level.                                                  Modification (SMC)
The system query shall allow drill-down from each document number to its document             Document Referencing and
lines and detailed GL transactions.                                                           Modification (SMC)
 To add value to the Document Referencing and Modification process, the Core financial        Document Referencing and
system should provide automated functionality to update accounting data at the                Modification (SMC)
accounting line level when accounting classification elements are restructured, i.e., by
reversing GL and subsidiary ledger transactions and reposting them with the new values.
Generate an audit trail from the original postings to the final postings.

The core financial system should provide automated functionality to update accounting         Document Referencing and
data at the accounting line level when accounting classification elements are restructured,   Modification (SMC)
i.e., by reversing GL and subsidiary ledger transactions and reposting them with the new
values.
The core financial system should generate an audit trail from the original postings to the    Document Referencing and
final postings for the automated functionality to update accounting data at the accounting    Modification (SMC)
line level when accounting classification elements are restructured.
All components of an agency’s integrated financial management system must provide             Document Referencing and
timely and efficient access to complete and accurate information, without extraneous          Modification (SMC)
material, to those who are internal and external to the agency and require the information.

To add value to the Document Referencing and Modification process, the Core financial         Document Referencing and
system should provide automated functionality to update related open documents when           Modification (SMC)
users modify classification information on a document in a processing chain.




                                                                            Page 36
                                                                               ATSC


To meet Workflow/Messaging requirements, the Core financial system must deliver an             Workflow/Messaging (TLE)
integrated workflow management capability to automate internal routing of documents,
transactions, forms or reports for online approval processing.
The Core financial system shall provide the capability to deliver an integrated workflow       Workflow/Messaging (TLE)
management capability to automate internal routing of documents for online approval
processing.
The Core financial system shall provide the capability to deliver an integrated workflow       Workflow/Messaging (TLE)
management capability to automate internal routing of transactions for online approval
processing.
The Core financial system shall provide the capability to deliver an integrated workflow       Workflow/Messaging (TLE)
management capability to automate internal routing of forms for online approval
processing.
The Core financial system shall provide the capability to deliver an integrated workflow       Workflow/Messaging (TLE)
management capability to automate internal routing of reports for online approval
processing.
To meet Workflow/Messaging requirements, the Core financial system must deliver the            Workflow/Messaging (TLE)
capability to customize workflow processes to automate agency-defined business rules,
required approvers, pooled or proxy approving authorities and workload balancing.
Agency customization must include the capability to apply start and end dates to
approvers and their proxies.
The Core financial system shall provide the capability to customize workflow processes to      Workflow/Messaging (TLE)
automate agency-defined business rules.
The Core financial system shall provide the capability to customize workflow processes to      Workflow/Messaging (TLE)
automate required approvers.
The Core financial system shall provide the capability to customize workflow processes to      Workflow/Messaging (TLE)
automate pooled or proxy approving authorities.
The Core financial system shall provide the capability to customize workflow processes to      Workflow/Messaging (TLE)
automate workload balancing.
The Core financial system shall provide the capability to apply start and end dates to         Workflow/Messaging (TLE)
approvers and their proxies.
To meet Workflow/Messaging requirements, the Core financial system must deliver the            Workflow/Messaging (TLE)
capability to define multiple levels of document approvals based on agency-defined
criteria, including dollar amounts, types of items purchased, and document types.

To meet Workflow/Messaging requirements, the Core financial system must deliver the            Workflow/Messaging (TLE)
capability to define multiple approval levels to a single user. Prevent a user from applying
more than one level of approval to the same document in order to conform to the principle
of separation of duties. For example, a disbursing officer must not be allowed to certify
payment of an invoice he/she entered, and a certifying officer must not be allowed to
schedule a payment he/she certified.
The Core financial system shall provide the capability to define multiple approval levels to   Workflow/Messaging (TLE)
a single user.
The Core financial system shall provide the capability to prevent a user from applying         Workflow/Messaging (TLE)
more than one level of approval to the same document in order to conform to the principle
of separation of duties. For example, a disbursing officer must not be allowed to certify
payment of an invoice he/she entered, and a certifying officer must not be allowed to
schedule a payment he/she certified.
To meet Workflow/Messaging requirements, the Core financial system must deliver the            Workflow/Messaging (TLE)
capability to capture approval actions by transaction, including the time/date and
approving party.
To meet Workflow/Messaging requirements, the Core financial system must deliver the            Workflow/Messaging (TLE)
capability to route action requests/status messages internally to individuals, groups or
external trading partners. Supported communications channels must include agency e-
mail, Blackberry, internal application messaging.
The Core financial system shall provide capability to route action requests/status             Workflow/Messaging (TLE)
messages internally to individuals.
The Core financial system shall provide the capability to route action requests/status         Workflow/Messaging (TLE)
messages internally to groups.
The Core financial system shall provide the capability to route action requests/status         Workflow/Messaging (TLE)
messages externally to trading partners.
The Core financial system shall provide the capability to route action requests/status         Workflow/Messaging (TLE)
messages via supported communications channels including; agency e-mail, Blackberry,
or internal application messaging.
To meet Workflow/Messaging requirements, the Core financial system must deliver the            Workflow/Messaging (TLE)
capability to generate workflow event-based user alerts. For example, at the point an
emergency travel voucher is approved, electronically notify the affected traveler.

To meet Workflow/Messaging requirements, the Core financial system must deliver the            Workflow/Messaging (TLE)
capability to generate user alerts based on agency defined thresholds (i.e., trigger
events). For example, electronically warn a budget officer when available funds reach
50% of the allotment.
To add value to the Workflow/Messaging functionality, the Core financial system should         Workflow/Messaging (TLE)
deliver a business process modeling capability.




                                                                             Page 37
                                                                                ATSC


To add value to the Workflow/Messaging functionality, the Core financial system should       Workflow/Messaging (TLE)
generate auditable records of changes made to the workflow approval routing design.

To add value to the Ad Hoc Query functionality, the Core financial system should deliver     Ad Hoc Query (TLJ)
the capability to optimize queries.
To add value to the Ad Hoc Query functionality, the Core financial system should deliver a   Ad Hoc Query (TLJ)
"dashboard" reporting capability that can be used to continuously display agency-defined
performance metrics on a manager's desktop (e.g., a graphical view of the agency's
budget status).
To support the System-Generated Transactions process, the Core financial system must         System-Generated Transaction
provide automated functionality to capture start and end dates and posting frequency         (SMD)
(monthly, quarterly, or specified number of days) of recurring entries and reversals such
as accruals and obligations.
To support the System-Generated Transactions process, the Core financial system must         System-Generated Transaction
provide automated functionality to generate recurring entries and reversals in future        (SMD)
accounting periods (e.g., payroll and travel accruals), when the specified transaction
dates are reached. This is to include entries that cross fiscal years.

To support the System-Generated Transactions process, the Core financial system must System-Generated Transaction
provide automated functionality to process future date transactions in subsequent            (SMD)
accounting periods (i.e., when the specified transaction dates are reached). The system
must also provide automated functionality to validate the transaction upon initial entry and
re-validate the transaction at the point it is recorded.

The core financial system must provide automated functionality to process future date        System-Generated Transaction
transactions in subsequent accounting periods (i.e., when the specified transaction dates    (SMD)
are reached).
The core financial system must provide automated functionality to validate the transaction   System-Generated Transaction
upon initial entry and re-validate the transaction at the point it is recorded.              (SMD)

To support the System-Generated Transactions process, the Core financial system must         System-Generated Transaction
provide automated functionality to generate batched reversal transactions by any one or a    (SMD)
combination of the following parameters:
• Accounting period
• Transaction or document type
• Accounting classification elements
• System date
• Transaction date
• Source system ID.
For example, reverse payroll transactions posted on January 1, 2006.
To support the System-Generated Transactions process, the Core financial system must         System-Generated Transaction
provide automated functionality to validate that transaction reversals do not violate the    (SMD)
integrity of the document chain. For example, do not reverse obligations that have been
liquidated by payments.
To support the System-Generated Transactions process, the Core financial system must         System-Generated Transaction
provide automated functionality to generate a report of posted and un-posted reversal        (SMD)
transactions. Parameters are:
• Accounting period
• Transaction or document type
• Accounting classification elements
• System date
• Transaction date
• Source system ID.
Result is a list of transactions including:
• System date
• Transaction date
• Original document and accounting line numbers
• Status (posted or un-posted)
• Accounting classification elements
• GL transaction ID number
• GL debits and credits.
To support the include document Transactions process, the Core financial system must
Sorting options System-Generatednumber and reversal status.                                  System-Generated Transaction
provide automated functionality to deliver the capability to send/receive financial          (SMD)
transactions from Government wide mandated applications:
• Central Contractor Registration (CCR)
• Electronic Certification System (ECS)
• Federal Agencies Centralized Trial Balance System I (FACTS I)
• Federal Agencies Centralized Trial Balance System II (FACTS II)
• Government Online Accounting Link System (GOALS II)
• Intra-governmental Payment and Collection System (IPAC)
• Treasury Offset Program (TOP)
• Secure Payment System (SPS).




                                                                              Page 38
                                                                              ATSC


The core financial system must send/receive financial transactions from the Central           System-Generated Transaction
Contractor Registration (CCR).                                                                (SMD)
The core financial system must send/receive financial transactions from the Electronic        System-Generated Transaction
Certification System (ECS).                                                                   (SMD)
The core financial system must send/receive financial transactions from the Federal           System-Generated Transaction
Agencies Centralized Trial Balance System I (FACTS I).                                        (SMD)
The core financial system must send/receive financial transactions from the Federal           System-Generated Transaction
Agencies Centralized Trial Balance System II (FACTS II).                                      (SMD)
The core financial system must send/receive financial transactions from the Government        System-Generated Transaction
Online Accounting Link System (GOALS II).                                                     (SMD)
The core financial system must send/receive financial transactions from the Intra-            System-Generated Transaction
governmental Payment and Collection System (IPAC).                                            (SMD)
The core financial system must send/receive financial transactions from the Treasury          System-Generated Transaction
Offset Program (TOP).                                                                         (SMD)
The core financial system must send/receive financial transactions from the Secure            System-Generated Transaction
Payment System (SPS).                                                                         (SMD)
To add value to the System-Generated Transactions process, the Core financial system          System-Generated Transaction
should provide automated functionality to deliver the capability to send/receive financial    (SMD)
transactions from Government wide mandated applications:
• eTravel
• CA$HLINK II
• Government wide Accounting (GWA) system
The core financial system should provide automated functionality to deliver the capability    System-Generated Transaction
to send/receive financial transactions from eTravel.                                          (SMD)
The core financial system should provide automated functionality to deliver the capability    System-Generated Transaction
to send/receive financial transactions from CA$HLINK II.                                      (SMD)
The core financial system should provide automated functionality to deliver the capability    System-Generated Transaction
to send/receive financial transactions from GWA.                                              (SMD)
To meet General Design/Architecture requirements, the Core system must ensure the             General Design/Architecture (TLA)
delivered system generates output reports, query results and data files using multiple
formats as specified by functional requirements. Specified formats can include online
display, printed report, Portable Document Format (PDF), MS Word, Excel, ASCII or
delimited text file. In cases where an output format is not specified within a requirement,
the requested information must be viewable to the agency online, using the application
user interface.
The core financial system must ensure the delivered system generates output reports           General Design/Architecture (TLA)
using multiple formats as specified by functional requirements. Specified formats can
include online display, printed report, Portable Document Format (PDF), MS Word, Excel,
ASCII or delimited text file.
The core financial system must ensure the delivered system generates query results            General Design/Architecture (TLA)
using multiple formats as specified by functional requirements. Specified formats can
include online display, printed report, Portable Document Format (PDF), MS Word, Excel,
ASCII or delimited text file.
The core financial system must ensure the delivered system generates data files using         General Design/Architecture (TLA)
multiple formats as specified by functional requirements. Specified formats can include
online display, printed report, Portable Document Format (PDF), MS Word, Excel, ASCII
or delimited text file.
The core financial system must ensure that in cases where an output format is not             General Design/Architecture (TLA)
specified within a requirement, the requested information is viewable to the agency online,
using the application user interface.
To add value to the General Design/Architecture functionality, the Core financial system      General Design/Architecture (TLA)
should deliver a reports management capability to enable online retrieval, viewing, re-
printing, and permanent archiving of system-generated reports.
The core financial system should deliver a reports management capability to enable            General Design/Architecture (TLA)
online retrieval of system-generated reports.
The core financial system should deliver a reports management capability to enable            General Design/Architecture (TLA)
viewing of system-generated reports.
The Core financial system should deliver a reports management capability to enable re-        General Design/Architecture (TLA)
printing of system-generated reports.
The Core financial system should deliver a reports management capability to enable            General Design/Architecture (TLA)
permanent archiving of system-generated reports.
To add value to the Infrastructure functionality, the Core financial system should operate    Infrastructure (TLB)
in an Apple Macintosh system environment.

To meet User Interfaces requirements, the Core financial system must deliver an online        User Interfaces (TLC)
graphical user interface (GUI). The GUI must provide consistent data entry, navigation
and information presentation across all modules and sub-systems.
To meet User Interfaces requirements, the Core financial system must comply with              User Interfaces (TLC)
Section 508 of the Rehabilitation Act, as detailed in 36 CFR 1194, Subpart B.
To meet User Interfaces requirements, the Core financial system must deliver a context-       User Interfaces (TLC)
sensitive, online help facility. This facility must be customizable by the agency.

To meet User Interfaces requirements, the Core financial system must deliver the              User Interfaces (TLC)
capability to customize error message text.




                                                                            Page 39
                                                                              ATSC


To meet User Interfaces requirements, the Core financial system must incorporate user       User Interfaces (TLC)
interface features designed to reduce the amount of direct keying required for transaction
processing, such as:
• Default values based on system maintained transaction and user profiles
• Value look-up tables
• Highlighting or accentuating required fields
• Grayed data fields that are unavailable for user entry
• Auto tabs
• Automatic data recall
• Auto fill text
• Cut, copy and paste functionality
• Keyboard shortcuts (e.g., function keys to invoke help facility, clear screen, etc.)
• Menu mode of screen navigation
• Undo/redo
• Disabling of non-supported function keys
• Ability to select records from a list by scrolling or typing only part of an entry.
• Ability to pass common data from field to field, screen to screen and transaction to
transaction. to the User Interfaces functionality, the Core financial system should support User Interfaces (TLC)
To add value
integration with other common desktop applications (e.g., word processing, spreadsheets,
data management)
To meet Interoperability requirements, the Core financial system must deliver the           Interoperability (TLD)
capability to connect to an agency operated e-mail system. This capability must include
the ability to distribute application generated text messages with attached files.

To add value to the Interoperability functionality, the Core financial system should support Interoperability (TLD)
direct EDI translation compliant with American National Standards Institute (ANSI) X-12
standards to enable electronic data exchanges with designated trading partners


To add value to the Interoperability requirements, the Core financial system should deliver Interoperability (TLD)
an integrated Extensible Markup Language (XML) parsing capability.



To add value to the Interoperability requirements, the Core financial system should deliver Interoperability (TLD)
a capability to exchange data using the Extensible Business Reporting Language.

To meet Internet Access requirements, the Core financial system must ensure the              Internet Access (TLG)
delivered system supports Transmission Control Protocol/Internet Protocol (TCP/IP) for
application component connectivity.
To meet Internet Access requirements, the Core financial system must deliver browser         Internet Access (TLG)
access to all system modules/functionality.

To add value to the Internet Access functionality, the Core financial system should deliver Internet Access (TLG)
the capability to receive vendor invoices and payments from the public via the Internet.

To add value to the Internet Access functionality, the Core financial system should         Internet Access (TLG)
support secure Internet access to the integrated ad hoc data query facility.
To add value to the Internet Access functionality, the Core financial system should         Internet Access (TLG)
support operations via a Virtual Private Network (VPN) system capability for secure
remote access.
To add value to the Internet Access functionality, the Core financial system should deliver Internet Access (TLG)
the capability to use Public Key Infrastructure technology to control system access.

To meet Operations requirements, the Core financial system must Maintain internal        Operations (TLI)
database consistency at all times. In the event of a system failure the system must have
the capability to:
• Back out incompletely processed transactions
• Restore the system to its last consistent state before the failure occurred
• Re-apply all incomplete transactions previously submitted by the user
• Validate internal database consistency to ensure duplicate postings are avoided
• Report any data or transactions that failed to process completely.
To meet Operations requirements, the Core financial system must Generate online status Operations (TLI)
messages to the operator. Include job or transaction type, name, when processing
initiates, when it completes, and any processing errors encountered.

To meet Operations requirements, the Core financial system must Deliver a restart        Operations (TLI)
capability for all application’s online and batch processing components. Batch jobs must
be segmented to facilitate restart in the event of a system failure.
To meet Operations requirements, the Core financial system must Deliver common error- Operations (TLI)
handling routines across functional modules. Generate meaningful and traceable error
messages that allow the user or \system operator to identify and respond to reported
problems.




                                                                             Page 40
                                                                                ATSC


To meet Operations requirements, the Core financial system must maintain and report            Operations (TLI)
application usage statistics. Productivity statistics should include concurrent users, job
submissions, transactions throughput, and system availability.

To meet Operations requirements, the Core financial system must deliver a capability to        Operations (TLI)
override the system date value used to automatically default document effective date and
related transaction posting date/period. This capability is intended for system testing.

To add value to the Operations functionality, the Core financial system should deliver the     Operations (TLI)
capability to customize system logging features. Allow the agency to specify which
parameters (or tables) to log. Allow the agency to turn logging feature on or off as
needed).
To meet the System Performance requirements, the Core financial system must process            System Performance (TLL)
the agency’s specified accounting workload without adversely impacting projected online
response time.
To meet the System Performance requirements, the Core financial system must process            System Performance (TLL)
all scheduled work (e.g., batch jobs) within an agency specified processing window.
Scheduled work can include:
• Daily systems assurance reports
• Daily backups
• Daily interface processing
• Core GL posting
• Table updates
• Standard reporting.
To meet the System Performance requirements, the Core financial system must maintain           System Performance (TLL)
the agency’s specified current and historical financial data (e.g. general ledger records,
documents, transactions, lines, and vendor records) storage needs with no degradation to
online or batch processing performance.
To meet the System Performance requirements, the Core financial system must support            System Performance (TLL)
concurrent access to functional modules for the agency’s specified user community.

To add value to the System Performance functionality, the Core financial system should         System Performance (TLL)
deliver computing performance metrics for platforms and systems environments that the
application is certified to run on. Performance metrics provided by the vendor should
describe:
• Transaction processing throughput capacity,
• Expected workstation client response time by transaction type,
• Data storage capacity, and
• Limitations on concurrent user connectivity.
The system shall have the capability to identify and handle error conditions in an
expeditious manner through the use of error messages and error logs without providing
information that could be exploited by adversaries.
The system shall provide the capability for retention of Foreign Military Sales documents
and financial records for a period of 10 years from date of case closure.
To support the Internal and External Reporting function, the Revenue System must be            Reporting Framework
able to create, compute, and post all necessary financial transactions.

To support the Internal and External Reporting function, the Revenue System must be            Reporting Framework
able to support provision of data for the preparation of consolidated financial statements
as required by the Federal Accounting Standards Advisory Board (FASAB) and the
current Office of Management and Budget (OMB) Bulletin on Form and Content of
Agency Financial Statements requirements
To support the Internal and External Reporting function, the Revenue System must be            Reporting Framework
able to report financial activity transactions by any element within the accounting
classification structure (e.g., individual or hierarchical organization code, project code).

To support the Internal and External Reporting function, the Revenue System must be     Reporting Framework
able to support production of daily on-line Available Funds report(s) for each TAS/TAFS
that is subject to Federal Agencies’ Centralized Trial-Balance System (FACTS) II
reporting requirements. Support must be provided for the parameters established by FMS.

To support the Internal and External Reporting function, the Revenue System must be          Reporting Framework
able to Provide on-line subsidiary revenue activity summary at the internal fund,
organization, and TAS/TAFS levels. The subsidiary summary must provide the following
minimum data elements for each applicable general ledger account: • The balance at the
beginning of the accounting period, • The total amount of debits by transaction type for the
accounting period, • The total amount of credits by transaction type for the accounting
period, and • The cumulative ending balance for the accounting period.

To support the Internal and External Reporting function, the Revenue System must be            Reporting Framework
able to support reporting of FACTS I and FACTS II data as required by the core financial
management system.




                                                                               Page 41
                                                                                ATSC


To support the Internal and External Reporting function, the Revenue System must be             Reporting Framework
able to produce an on-line transaction register at the internal fund, organization, and
TAS/TAFS level for each accounting period, that provides the following data elements:
• Fiscal year;
• TAS/TAFS;
• Internal fund;
• Document number;
• Document entry date;
• Document entry time;
• Document entry User ID;
• Document transaction date;
• Transaction type;
• Debit account number;
• Debit account object class;
• Debit amount;
• Credit account number;
• Credit account object class;
• Credit amount;
• United States Standard General Ledger (USSGL) attribute domain headings; and
• USSGL attribute values associated with the transaction.
The register must include all transactions that occurred within the accounting period
specified.
To support the Internal and External Reporting function, the Revenue System must be             Reporting Framework
able to report the financial information required for program management performance
reporting.
To support the Internal and External Reporting function, the Revenue System should              Reporting Framework
provide the capability to “Drill down” to detail transactions for any summary level within a
report for transactions originally input and maintained within the accounting and/or
financial management system.
To support the Internal and External Reporting function, the Revenue System should              Reporting Framework
provide the capability to save customized report/query routines and/or results with the
capability to transmit either electronically.
To support the Internal and External Reporting function, the Revenue System should              Reporting Framework
provide the capability to report process compatibility with both database and application
security protocols.
To support the Internal and External Reporting function, the Revenue System should              Reporting Framework
provide the capability to perform exception and data ranking reporting based on user-
defined parameters.
To support the Internal and External Reporting function, the Revenue System should              Reporting Framework
provide the capability to define and modify customized reports.

To support Proprietary and Budgetary Accounting functions of the USSGL, the Revenue             Control Framework
System must provide control features that ensure that the amounts reflected in the funds
control structure agree with the related general ledger account balances at the end of
each update cycle.
To support the Deposit Account Function, the Revenue System must provide the                    Reporting Framework
capability to provide monthly statements of transaction activity in paper and/or electronic
form.
To support the Transaction Validation activity, the Revenue System must provide the             User Interfaces (TLC)
capability to interface with the core financial system to record transactions consistent with
USSGL posting rules.
To support the Transaction Validation activity, the Revenue System must provide the             User Interfaces (TLC)
capability to allow users to define and maintain standard rules that control subsidiary
ledger account postings for all accounting events when accounting transactions are
recorded in a subsidiary ledger within the Revenue System. The process of defining
posting rules can be accomplished in a variety of ways, including (but not limited to)
using: transaction codes, screen “templates,” derivation rules, and others.

To support the Transaction Validation activity, the Revenue System must provide the             User Interfaces (TLC)
capability to allow users to define and process system-generated transactions, such as
automated accruals (e.g., interest accrual entries), pre-closing and closing entries, and
transactions that generate other transactions in those cases where a single transaction is
not sufficient.
To support the Transaction Validation activity, the Revenue System must provide the             User Interfaces (TLC)
capability to control the correction and reprocessing of all erroneous transactions
gathered through interfaces through the use of error/suspense files. Erroneous
transactions must be maintained until corrected and posted at the specific request of a
user.
To support the Transaction Validation activity, the Revenue System must provide the             Monitoring and Compliance
capability to provide immediate, on-line notification to the user of erroneous transactions
obtained through direct data entry. Advise reason for error and provide the ability to enter
corrections on-line.




                                                                              Page 42
                                                                                   ATSC


To support the Transaction Validation activity, the Revenue System must provide the                  Control Framework
capability to provide controls to prevent the creation of initial duplicate transactions. For
example, prevent the use of the same unique transaction identification number (e.g.,
document number).
To support the Transaction Validation activity, the Revenue System must provide the                  Reporting Framework
capability to validate the fields for all accounting classification elements required to
process the transaction prior to posting [e.g., fields pertaining to Treasury Account
Symbol/Treasury Appropriation Fund Symbol (TAS/TAFS), revenue source, invoice
number, debtor or customer code and organization].
To support the Transaction Validation activity, the Revenue System must provide the                  Control Framework
capability to enter, edit, and store transactions in the current accounting period for
automatic processing in a future accounting period for one-time events and/or monthly
recurring entries.

To support the Transaction Validation activity, the Revenue System must provide the             Classification Framework
capability to capture the six-digit trading partner code (as specified by Treasury) when
processing all transactions that directly involve another Federal entity (i.e., both parties to
a transaction are Federal entities).
To support the Transaction Validation activity, the Revenue System must provide the             Classification Framework
capability to capture transaction dates (effective date of the transaction) and posting dates
(date transaction forwarded to core financial system or posted to the general ledger).

To support the Transaction Validation activity, the Revenue System must provide the          Classification Framework
capability to determine (automatically) the posting date from the system date for all
transactions. Automatically associate a default accounting period for each transaction, but
allow authorized user to override.
To support the Transaction Validation activity, the Revenue System must provide the          Classification Framework
capability to reverse (automatically with prior discretion of user) entries by the following
parameters: transaction or document type, date range, schedule numbers, transaction
identification number (i.e., document number) range, and trading partner.

To support the Transaction Validation activity, the Revenue System must provide the                  Classification Framework
capability to permit posting to the current and prior months concurrently until the prior
month closing is complete while interacting with the core financial system within that fiscal
year.
To support the Transaction Validation activity, the Revenue System must provide the                  Classification Framework
capability to post to the current fiscal year and prior fiscal year concurrently until prior year-
end closing is complete while interacting with the core financial system within that fiscal
year.
The revenue system shall provide the capability to post to the current fiscal year and prior         Classification Framework
fiscal year concurrently until prior year-end closing is complete.
To support the Transaction Validation activity, the Revenue System must provide the                  Classification Framework
capability to record different transaction types at the detailed transaction level.

To support the Transaction Validation activity, the Revenue System must provide the                  Classification Framework
capability to employ appropriate edits at the point of entry to ensure that all required data
have been entered and to validate the accuracy of the data prior to acceptance.

To support the Transaction Validation activity, the Revenue System must provide the                  Classification Framework
capability to record the user’s identification as part of the transaction record.

To support the Transaction Validation activity, the Revenue System must provide the                  Classification Framework
capability to reject a transaction or provide a warning message when attempting to post a
transaction that would cause general ledger debits and credits to be out-of-balance at a
level below the TAS/TAFS (e.g., organization level).
The revenue system shall provide the capability to reject a transaction or provide a                 Classification Framework
warning message when attempting to post a transaction that would cause general ledger
debits and credits to be out-of-balance at a level below the TAS/TAFS (e.g., organization
level).
To support the Transaction Validation activity, the Revenue System must provide the                  Classification Framework
capability to process and track transactions in both foreign currency and U.S. dollars.

To support the Transaction Validation activity, the Revenue System should provide the          Classification Framework
capability to perform validation checks for use of certain general ledger accounts
associated with specific authority (e.g., Cashiers fund, borrowing authority) prior to posting
a transaction.
To support the Automated Reconciliation function, the Revenue System must provide              Classification Framework
detailed subsidiary record amounts used to compare with amounts in the general ledger
resulting in the creation of reports for those accounts that are out of balance. This
capability must be available for all open accounting periods and at frequencies defined by
the user, such as daily, weekly and monthly.




                                                                                  Page 43
                                                                                   ATSC


To support the Audit Trail function, the Revenue System must provide the capability to              Audit Trails (SME)
provide audit trails to trace transactions from their initial source through all stages of
related system processing within the installation accounting/financial management
system. The initial source may be source documents, transactions originating from other
systems (e.g., feeder systems), or internal system-generated transactions.

To support On-Line Query Capability, the Revenue System must provide the capability to              Access and Retrieval
record all transactions for a specific accounting record.

To support On-Line Query Capability, the Revenue System must provide the capability to              Access and Retrieval
assign user level capability for ad hoc query access.

To support On-Line Query Capability, the Revenue System must provide the capability to Access and Retrieval
provide and maintain on-line queries and reports on balances separately for the
current/prior months and current/prior fiscal years. At a minimum, queries must be
maintained on-line for current/prior months and current/prior fiscal years until the prior
month/year closing is complete.
To support the On-Line Query function, the Revenue System should provide the capability Access and Retrieval
to generate reports by geographic location.

To effectively support Ad-Hoc Query Capability, the Revenue System must allow users to Access and Retrieval
create and submit parameter-based query scripts or to store them in a common library for
future use.

To effectively support Ad-Hoc Query Capability, the Revenue System must allow users to              Access and Retrieval
run queries on-line or in batch mode and to stage output for later access by authorized
users.
To effectively support Ad-Hoc Query Capability, the Revenue System must provide run-                Access and Retrieval
time controls to limit "run-away" queries and large data download requests.

To effectively support Ad-Hoc Query Capability, the Revenue System must support             Access and Retrieval
graphical output display on the desktop. Output display should also support dynamic
report reformatting, regrouping and drill-down to detail records from summary report lines.

To effectively support Ad-Hoc Query Capability, the Revenue System must allow                       Access and Retrieval
authorized users to download selected financial data. This download capability must be
able to automatically reformat downloaded information for direct access by common
desktop applications (e.g., American Standard Code for Information Interchange (ASCII)
formatted).
To effectively support Ad-Hoc Query Capability, the Revenue System must provide the                 Access and Retrieval
ability to preview a report, form, or other query result before printing.

To effectively support Ad-Hoc Query Capability, the Revenue System must support                     Access and Retrieval
access to current year and historical financial data.
To provide additional Ad-Hoc Query Capability, the Revenue System should provide the                Access and Retrieval
capability to allow users to automatically distribute copies of report/query results via e-
mail to multiple pre-identified individuals or groups.
To provide additional Ad-Hoc Query Capability, the Revenue System should provide the                Access and Retrieval
capability to provide the following ad hoc query interface features:
• The ability to “point and click” on selectable table, data, and link objects for inclusion in a
custom query;
• An active data dictionary to provide users with object definitions;
• The ability to share user developed query scripts with other authorized agency users and
query optimization; and
• On-line help.
The revenue system shall provide the ability to “point and click” on selectable tables, data,       Access and Retrieval
and link objects for inclusion in a custom query.

To support Interface requirements, the Revenue System must provide the capability to                User Interfaces (TLC)
interface with Cost and Acquisition Systems to update cost data needed for services
performed under a Reimbursable Agreement (RA).
To support the Records Retention function, the Revenue System must provide retention                Retention Schedule
of system records in accordance with Federal regulations established by National
Archives and Records Administration (NARA), Government Accountability Office (GAO)
and others. Prevent the purging of transactions prior to the proper period in accordance
with regulations governing the retention of documents and transactions.

To support Interface requirements, the Revenue System must provide the capability to    User Interfaces (TLC)
provide for uploading and downloading data to other systems and databases in a personal
computer environment.




                                                                                 Page 44
                                                                                 ATSC


To support Interface requirements, the Revenue System must provide the capability to           User Interfaces (TLC)
provide controls over interfaced data to ensure that files are transmitted by an authorized
source to an authorized destination and they are complete and not duplicates. In addition,
controls over each file should ensure (1) the number of transactions in the file matches
control records; (2) the dollar total of transactions in the file matches control records; (3)
the sender is notified of any erroneous transactions; and (4) erroneous transactions are
automatically returned to the sender.

To support Interface requirements, the Revenue System must provide the capability to             User Interfaces (TLC)
provide an application user face that complies with the software application standards
required by section 508 of the Rehabilitation Act, as detailed in 36 CFR 1194, subpart 9.


To support Interface requirements, the Revenue System must provide the capability to        User Interfaces (TLC)
interface with the Central Contractor Registration (CCR), an existing on-line database that
is the single validated source of data on vendors doing business for the government, for
the exchange of identification data and EFT routing information in business transactions
and other data elements required by OMB’s “Business Rules for Intragovernmental
Transactions.”
To support Interface requirements, the Revenue System must provide the capability to        User Interfaces (TLC)
link to other applications and data sources (e.g., strategic plans, performance measures
and data warehouse).


To support the Security function, the Revenue System must provide the capability to limit        Security (TLH)
the capability of users to selected functions (i.e., create, read, update, and delete) as well
as have the capability to define functional access rights (e.g., to modules, transactions
and approval authorities) and data access rights (e.g., record, create, read, update and
delete) by assigned user ID, functional role (e.g., payable technician) and owner
organization. User profiles can be added, deleted, modified or changed by the system
administrator.
The system shall generate records of: Individual disbursements and collections made by
DoD disbursing offices and DoD bill settlement offices. Amounts entered on individual
lines on daily accountability statements of DoD disbursing officers. Individual
disbursements and collections made by other Federal departments for DoD. Adjustments
made by DoD accounting offices to reclassify individual disbursements and collections.
Foreign currency purchased, used in accommodation exchange and held by DoD
Disbursing Officers. Records of individual transactions made by DoD Disbursing Officers
for checks, deposits, EFT, and IPAC.

The system shall provide the capability for an authorized user to query a system
generated listing using specified selection criteria.
The system shall provide the capability for an authorized user to view daily transactions
“For Others” cross disbursing details.
To support the Accounting Classification Management process, the Core financial system Classification Framework
must provide automated functionality to maintain a TAS structure that includes the
following components defined by Treasury and OMB: Subclass; Agency code; Hyphen
(when co-owner is not null); Transfer agency; Fiscal year (period of availability); Main
account number; Sub-account symbol.
To support the Treasury Information Maintenance process, the Core financial system        Classification Framework
must provide automated functionality to maintain ALC Business Activities.



To support the Treasury Information Maintenance process, the Core financial system       Classification Framework
must provide automated functionality to define transactions that impact the FBWT and are
reported on the Financial Management Service (FMS) 224, Partial 224, or through the
Government wide Accounting (GWA) system as "IPAC", "CA$HLINK II", "Treasury
Disbursing Office (TDO) Payments", or "Reclassifications".

The system (Core Financial System) must electronically establish and update a Master         Control Framework
Appropriation File (MAF) on the U.S. Treasury's Federal Agencies' Centralized Trial
Balance System (FACTS).
To support the General Ledger Analysis and Reconciliation process, the Core financial        Access and Retrieval
system must provide automated functionality to query general ledger account balances.
Parameters include beginning and ending accounting period, and TAS or internal fund
code. Result is beginning account balances, period activity, and ending account balances
for the period and TAS, or internal fund code, specified. Drill-down from period activity to
supporting general ledger transactions; from general ledger transactions to supporting
documents; and from supporting documents to other documents in the document chain.

The system shall provide a capability to replicate all operational data to the COOP site.




                                                                               Page 45
                                                                                ATSC


With regard to security and internal controls, the acquisition/financial must provide a      Monitoring and Compliance
mechanism to monitor changes to software coding and the responsible individual
(authorized user).



All components of an agency’s integrated financial management system must provide            Interfacing Framework
timely and proper sharing of common information between the acquisition and core
financial systems, and other mixed systems, e.g., property management systems.

The system shall establish a Continuity Of Operations Plan (COOP) site as a fully
functional operational backup site.


Agency systems must maintain, store, and permit ready retrieval of financial information.
The time frames for various parts of this requirement differ depending on the subject
matter. The single integrated financial management system must be sufficiently flexible to
retain and purge information consistent with varying record keeping requirements.

The system must produce audit trail reports to support data transferred from external
systems to the financial system, including an error listing.

An automated Defense Finance and Accounting Service (DFAS) system shall ensure that Internal Controls
the preparation of all financial reports is consistent from one reporting period to another
reporting period and the same financial information is used as the source for different
reports whenever the same information is reported.
An automated Defense Finance and Accounting Service (DFAS) system shall ensure that Internal Controls
the ending balances for one reporting period will be perpetuated as the beginning
balances for the subsequent reporting period and shall be carried forward without change.

An automated Defense Finance and Accounting Service (DFAS) system shall ensure that Internal Controls
all transactions applicable to the effective period of the report have been edited and
posted to the official accounting records.
All DoD ISs shall be implemented using the baseline DoD IA controls in accordance with Control Framework
DoDI 8500.2. Note: The effectiveness of the implementation of these same controls for a
DoD IS is validated and assessed during the certification and accreditation of the system
in accordance with the DIACAP, as required by 14.07.27.

All DoD information systems shall be certified and accredited in accordance with DoDI        Monitoring and Compliance
8510.01, DoD Information Assurance Certification and Accreditation Process (DIACAP).




All components of an agency’s integrated financial management system must provide            Interfacing Framework
complete, accurate, and prompt generation and maintenance of acquisition/financial
records and transactions.
All components of an agency’s integrated financial management system must provide            Control Framework
Adequate management controls, including internal and security controls, policies, and
procedures intended to protect the agency’s key systems, data, and interfaces from
disruption and unauthorized access or alteration, as prescribed in a variety of statutes and
regulations, including, but not limited to, OMB Circulars A-123 and A-130.

To facilitate the reconciliation of information that is common to the core financial      Interfacing Framework
management system and to one or more of the financial mixed systems (e.g., acquisition
systems and property management systems) described in the JFMIP Framework
document and other JFMIP requirements documents, the single integrated financial
management system must provide for:
• multiple levels of system access, transaction authorization, and approval authority;
• single source data entry;
• validation of funds availability prior to scheduling payment;
• communication of the need for additional funds;
• simultaneous posting of budgetary and proprietary accounts;
• prepayment examinations from diverse locations;
• controls to ensure transaction processing in proper chronological/numeric sequence; and
• standard edits for shared data.




                                                                              Page 46
                                                                              ATSC


To facilitate the reconciliation of information that is common to the core financial         Interfacing Framework
management system and to one or more of the financial mixed systems (e.g., acquisition
systems and property management systems) described in the JFMIP Framework
document and other JFMIP requirements documents, the single integrated financial
management system must provide audit trails to trace transactions from source
documents, original input, other systems, and system-generated transactions.

To facilitate the reconciliation of information that is common to the core financial         Control Framework
management system and to one or more of the financial mixed systems (e.g., acquisition
systems and property management systems) described in the JFMIP Framework
document and other JFMIP requirements documents, the single integrated financial
management system must provide transaction details to support account balances.

To facilitate the reconciliation of information that is common to the core financial         Interfacing Framework
management system and to one or more of the financial mixed systems (e.g., acquisition
systems and property management systems) described in the JFMIP Framework
document and other JFMIP requirements documents, the single integrated financial
management system must provide the capability to relate data elements to each other as
discussed, through an integrated data query facility that supports ad hoc query access to
financial information described in the document and also provides data analysis reporting
tools.
With regard to security and internal controls, the acquisition/financial system must provide Control Framework
flexible security facilities to control user access at varying degrees including: overall
system access, capability to perform specific functions (inquiry, update), and access to
certain functionality.

With regard to security and internal controls, the acquisition/financial system must provide Security (TLH)
capability to define access to specific functions by user name, class of user, and position.



With regard to security and internal controls, the acquisition/financial system must provide Security (TLH)
for multiple levels of approvals based on user-defined criteria, including dollar limits, type
of document processed, etc.


With regard to security and internal controls, the acquisition/financial system must provide Security (TLH)
the capability to perform: reconciliation routines for internal participant accounts, ledgers,
and funds; and to identify unsuccessful reconciliations via error log or error report


With regard to security and internal controls, the acquisition/financial system must          Security (TLH)
establish appropriate administrative, technical and physical safeguards to ensure the
security and confidentiality of records and to protect against anticipated threats or hazards
to record security or integrity which could result in substantial harm, embarrassment,
inconvenience, or unfairness to any individual on whom information is maintained.

To meet Security requirements, the Core system must ensure that the management,              Security (TLH)
operations and technical baseline security controls are implemented in accordance with
Federal Information Processing Standards (FIPS) 199 Standards for Security
Categorization of Federal Information and Information Systems and other current NIST
guidance on selecting the appropriate security controls. Note: The DoD categorizes risk
impact levels and applies the appropriate set of security controls published in DoDI
8500.2 based on information sensitivity/classification and the impact or effect on mission
success, which is consistent with NIST security standards as confirmed by letter dated
June 6, 2007 from NIST to DoD CIO. Accordingly, a DoD information system may be
considered to satisfy 14.07.02 if the system complies with 14.07.26.
To meet Security requirements, the Core system must deliver the capability to restrict       Security (TLH)
access to sensitive data elements, such as social security numbers, banking information
by user ID, assigned role or organization.



All DoD ISs with an authorization to operate (ATO) shall be reviewed annually to confirm     Monitoring and Compliance
that the IA posture of the IS remains acceptable. Reviews will include validation of IA
controls and be documented in writing.




                                                                            Page 47
                                                                               ATSC


The head of each [Federal] agency shall develop and maintain an inventory of major              Monitoring and Compliance
information systems. Note: for major DoD IS, the system is considered to be compliant
with 14.07.29 if it is registered in the DoD Information Technology Portfolio Registry
(DITPR).


The system must be FISMA-compliant. Note: Although the FISMA of 2002 does not                   Monitoring and Compliance
specify system-level requirements, all federal IS are subject to standards and guidelines
as promulgated under the authority of FISMA by the Director, OMB (through NIST), the
Secretary of the DoD, or the Director of Central Intelligence, as appropriate. Additionally,
the FISMA requires Federal agencies to maintain an inventory of major information
systems. Accordingly, a DoD IS may be considered to be FISMA-compliant if the IS
complies with 14.07.26, 14.07.27, and 14.07.28, as confirmed by letter dated June 6,
2007 from NIST to DoD CIO. In addition, if the DoD IS is a major IS, it must also comply
with 14.07.29.
The system must provide the capability for a user with special authorization to establish       Accounting Classification (SMA)
and maintain an accounting classification structure that includes the elements described
in the Common Government-wide Accounting Classification (CGAC) structure document.
The system must maintain each classification element independently.

The system must provide the capability to establish and maintain at least five (5) agency       Accounting Classification (SMA)
mission-specific accounting classification data elements in conformity with Common
Government-wide Accounting Classification (CGAC) guidance.
SMA-03 The system must classify accounting transactions by any element of the                   Accounting Classification (SMA)
accounting classification structure, including any or all of the five agency mission-specific
classification elements.
Derive full accounting classifications on transactions from abbreviated user input.             Accounting Classification (SMA)
Examples of methods include entering shorthand codes, deriving elements from an
entered field, or providing users with a list of values from which to choose.
The system must allow a qualified end user to maintain accounting classification elements       Accounting Classification (SMA)
without the need to request technical support.
The system must provide automated functionality that controls the use of accounting             Accounting Classification (SMA)
classification elements based on validity periods (start and end dates) as defined by a
user with special authorization.
The system must provide the automated capability to query document accounting data              Accounting Classification (SMA)
using query parameters that must include all standard and agency-defined accounting
classification elements. Result is a list of selected document accounting lines that display
the document number, accounting classification elements, and accounting line amounts.
The system also must enable drill-down from accounting lines to general ledger
transaction details, including transaction numbers, transaction and system dates, and
debits and credits. – transfer to reporting 'RPC-05???

Maintain a revenue source code structure to classify types of revenue and receipts as           Accounting Classification (SMA)
defined by the agency, such as rental income, sales by product type, and income by type
of service performed.
The system must provide the capability for a user with special authorization to establish       Accounting Classification (SMA)
and maintain a TAS structure that includes the individual components described in the
Common Government-wide Accounting Classification (CGAC) structure document. List
of specific data elements will be included in the functional specification document.

The system must provide the capability for a user with special authorization to establish     Accounting Classification (SMA)
and maintain additional (lower) levels of hierarchical Common Government-wide
Accounting Classification (CGAC) data elements (that is, establish parent-child
relationships with the ability to summarize, distribute funds, and report data at all defined
levels).
The system must provide the capability to maintain the common government-wide and             Accounting Classification (SMA)
agency-specific data relationships prescribed in the Common Government-wide
Accounting Classification (CGAC) document guidance, including the following::
-Treasury Account Symbol (TAS) to multiple internal funds
- Internal fund to multiple USSGL attributes and fund attributes
-Program to multiple USSGL attributes, internal funds, projects, organizations, or
activities
-Strategic goal to multiple programs and projects.
(Removed data elements from requirement. List of specific data elements will be included
in the functional specification document.)
The system must provide the capability for a user with special authorization to establish       Accounting Classification (SMA)
and maintain standard (OMB Circular No. A-11) object class codes and (agency-specific)
object class extension codes consistent with the Common Government-wide Accounting
Classification (CGAC) structure document.
The system must provide the automated capability to load government-wide (e.g.,                 Accounting Classification (SMA)
Treasury, OMB) and agency-specific classification elements.




                                                                              Page 48
                                                                               ATSC


The system must provide the automated capability to derive accounting classification          Accounting Classification (SMA)
element values based on agency-defined data relationships or business rules, e.g., derive
the TAS from the internal fund code.
The system must provide the automated capability to derive USSGL account attributes           Accounting Classification (SMA)
from the internal fund code and use them to classify accounting transactions for reporting
to Treasury government-wide financial systems (e.g., FACTS I, FACTS II, GFRS, and
GTAS).
The system must provide the capability to link a fund origination year to an internal fund    Accounting Classification (SMA)
code.zzzzzzz
To support the Security function, the Revenue System must provide the capability to allow     Security (TLH)
entry into system only to those individuals who are authorized and only during times
authorized.
To support the Security function, the Revenue System must provide the capability to           Security (TLH)
perform annual revalidation of the user.


To support the Security function, the Revenue System must provide the capability to     Security (TLH)
maintain a history of password changes over a specified amount of time and preclude the
consecutive use of the same password, including changes and lost passwords.




To support the Security function, the Revenue System must provide the capability to        Security (TLH)
require the use of unique user identifications and passwords for authentication purposes.
Passwords must be non-printing and non-displaying. The application must allow for the
enforcement of password standards (e.g., minimum length and use of alpha, numeric and
special characters). The application must also allow for the establishment of a specified
period for password expiration to provide changes on a regular basis, accommodate
prohibiting the user from reusing recent passwords and be capable of periodic change, at
option of user, and of mandatory change, at the option of the system administrator after a
specified period of time.
To support the Security function, the Revenue System must provide the capability to allow Security (TLH)
the user to void a transaction within the same day the original posting is made prior to
batch processing. Controls should be in effect to prevent transactions from being voided
on a date other than the date the transaction was originally posted.

To support the Security function, the Revenue System must provide the capability to alert     Security (TLH)
and record when invalid access is attempted or when user ID limit is exceeded.




To support the Security function, the Revenue System must provide the capability to           Security (TLH)
prevent the alteration of financial data (i.e., voids) except through the posting of
transactions that are entered through the normal edit and update process under proper
security.


To support the Security function, the Revenue System must provide the capability to            Security (TLH)
comply with the National Institute of Standards and Technology (NIST) Security
Standards relating to the applications integrated security features. See http://csrc.nist.gov/
for more information.
To support the Security function, the Revenue System must provide the capability to            Security (TLH)
control access to the application, functional modules, transactions, and data by having
integrated security features that are configurable by the system administrator.

To support the Security function, the Revenue System must provide the capability to           Security (TLH)
query the audit log by type of access, date and time stamp range, user identification, or
terminal ID.


To support the Security function, the Revenue System must provide the capability to           Security (TLH)
comply with Federal Information System Controls Audit Manual (FISCAM) standards.

To support Security function, the Revenue System should provide the capability to provide Security (TLH)
confidential Internet based communication from customer to system.




                                                                             Page 49
                                                                                 ATSC


To support the Document and Transaction Control process, the Core financial system          Document and Transaction Control
must provide automated functionality to capture an agency-specified transaction date (i.e., (SMB)
allow the agency to override the default transaction date with a date in any open
accounting period).

To support the Document and Transaction Control process, the Core financial system             Document and Transaction Control
must provide automated functionality to define the level of fund control edits and tolerance   (SMB)
checks as one of the following:
• Rejection
• Warning (override authority needed to post transaction)
• Information only (no override needed).
To support the Document and Transaction Control process, the Core financial system             Document and Transaction Control
must provide automated functionality to capture the following accounting line item detail      (SMB)
on all documents:
• Line item number
• Line item amount
• Line item accounting classification information.
To meet Infrastructure requirements, the Core financial system must ensure the delivered       Infrastructure (TLB)
system includes a Structured Query Language (SQL) compliant relational database.

To add value to the Infrastructure functionality, the Core financial system should operate     Infrastructure (TLB)
in a mainframe environment Operating System (OS).
To add value to the Infrastructure functionality, the Core financial system should operate     Infrastructure (TLB)
in a server computing environment running under UNIX, LINUX, and Windows Server
2000 or above.
To support the Document Referencing and Modification process, the Core financial               Document Referencing and
system must provide automated functionality to capture the latest system processing            Modification (SMC)
status on all documents:
• Held: The user has decided to save (hold) the document and not allow the system to
process it. (Note: This status is distinguished from invoices that are processed and
warehoused, then “held” from inclusion in the payment schedule.)
• Suspended: The document has failed one or more system validations (edits) and is
prevented by the system from processing. The document is automatically stored for later
processing. Suspended documents may be automatically processed by the system upon
changes to underlying data, such as available funds.
• Pending Approval: The document has passed all system validations. The system will not
process the document until all approvals required by the agency's workflow configuration
have been applied. Not all documents require approvals.
• Approved: The document has passed all system validations (edits) and all required
approvals have been applied. The document is available for processing.
• Processed: All related accounting events have been recorded and system tables have
been updated.
• Open: The document has been processed but not liquidated or only partially liquidated.
The document is available for further processing.
• Closed: The document has been processed and completely liquidated. The system will
not add value to the Document Referencing and Modification process, the Coreuser.
To allow further processing against the document unless it is reopened by the financial        Document Referencing and
system should provide automated functionality to reclassify accounting data from the           Modification (SMC)
beginning of the current fiscal year or fiscal month.
To add value to the Workflow/Messaging functionality, the Core financial system should         Workflow/Messaging (TLE)
ensure the delivered system complies with the current Workflow Management Coalition
(WFMC) Workflow Standard - Interoperability.
To meet Ad Hoc Query requirements, the Core financial system must deliver an                   Access and Retrieval
integrated ad hoc query capability to support agency access to and analysis of system
maintained financial data.
To meet Ad Hoc Query requirements, the Core financial system must deliver the                  Access and Retrieval
capability to define parameter-based query scripts that can be queued for execution,
stored for re-use and shared with other authorized agency users.
To meet Ad Hoc Query requirements, the Core financial system must process submitted            Access and Retrieval
queries and queue output on-line for access by authorized users.




To meet Ad Hoc Query requirements, the Core financial system must distribute query             Access and Retrieval
results or notifications of online query result availability to pre-defined individuals or
groups.



To meet Ad Hoc Query requirements, the Core financial system must deliver run-time             Access and Retrieval
controls to prevent "run-away" queries and to restrict very large data download requests.




                                                                               Page 50
                                                                                ATSC


To meet Ad Hoc Query requirements, the Core financial system must deliver the                 Access and Retrieval
capability to display graphical output on the desktop with dynamic report reformatting.

To meet Ad Hoc Query requirements, the Core financial system must deliver an on-line          Access and Retrieval
"drill-down" capability from summary amounts in queries to supporting detail records.

To meet Ad Hoc Query requirements, the Core financial system must deliver the                 Access and Retrieval
capability to download selected query data. Reformat downloaded query information for
direct access by common desktop applications (e.g., spreadsheet, ASCII text, ","
delimited).
To meet Ad Hoc Query requirements, the Core financial system must deliver the                 Access and Retrieval
capability to preview a query, form, report, or other result before printing.

To meet Ad Hoc Query requirements, the Core financial system must deliver capability to       Access and Retrieval
access current year and historical financial data.

To meet Ad Hoc Query requirements, the Core financial system must deliver the following Access and Retrieval
ad hoc query interface features:
• Graphical display of data sources
• The ability to "point and click" on selectable table, data, and link objects for inclusion in a
custom query, and
• An active data dictionary to provide users with object definitions.
To meet General Design/Architecture requirements, the Core system must ensure the                 General Design/Architecture (TLA)
delivered system is modular, highly scalable and incorporates an open-systems
architecture.


To meet General Design/Architecture requirements, the Core system must ensure the             General Design/Architecture (TLA)
delivered system is customizable to meet agency-defined business practices. Agency
customizable features must be table/parameter driven.


To meet General Design/Architecture requirements, the Core system must ensure the             General Design/Architecture (TLA)
delivered system is upgradeable to accommodate changes in laws, regulations, best
practices or new technology.


To meet General Design/Architecture requirements, the Core system must deliver fault-         General Design/Architecture (TLA)
free performance in the processing of date and date related data (including, calculating,
comparing, and sequencing) by all hardware and software products included as part of
the application both individually and in combination (i.e., be Y2K compliant).

To add value to the General Design/Architecture functionality, the Core system should         General Design/Architecture (TLA)
ensure the delivered system is capable of processing online transactions, batch jobs and
transactions submitted via system interface simultaneously.

To support the Internal and External Reporting function, the Revenue System must be           Reporting Framework
able to export data from the Revenue System to the Core financial system.

The revenue system shall provide the capability to export data from the Revenue System        Reporting Framework
to the Core Financial System.

To support the Audit Trail function, the Revenue System must provide the capability to        Control Framework
identify document input, change and approval by user.


The revenue system shall provide an audit trail capability by associating transaction input, Control Framework
modification, deletions, and approvals by user ID.



To support the Audit Trail function, the Revenue System must provide the capability to        Monitoring and Compliance
select items for review based on user-defined criteria by type of transaction (e.g., by
receivable transactions, debtor, date range). For example, to select items for financial
statement audits.
The revenue system shall provide the capability to select items for review based on user-     Control Framework
defined criteria.


To support the Records Retention function, the Revenue System must provide temporary          Retention
restoration to the on-line system for browsing and reporting.




                                                                              Page 51
                                                                              ATSC


The system shall provide an authorized user the capability to retrieve archived data on-       Control Framework
line.




The system shall provide an authorized user the capability to browse archived data on-         Control Framework
line.

The system shall provide an authorized user the capability to report on archived data          Reporting Framework
retrieved on-line.




To support Interface requirements, the Revenue System must provide the capability to           Interfacing Framework
provide integration or appropriate interfaces between system modules and have the ability
to simultaneously update or interface with the various systems or modules without the
need for duplication
The revenue system shall provide the capability to integrate or appropriate interfaces         Interfacing Framework
between system modules and have the ability to simultaneously update or interface with
the various systems or modules.
To support the Security function, the Revenue System must provide the capability to            Control Framework
maintain an audit logging capability to record access activity of every user and every
terminal including:
• Time and date of use;
• Type of transaction;
• All log- in/log-out attempts by user and workstation;
• User submitted transactions;
• Initiated processes;
• System override events; and
• Direct additions, changes or deletions to application maintained data.
The revenue system shall provide an audit logging capability to record access activity of      Control Framework
every authorized user and terminal to include the following information: • time and date of
use • type of transaction • all log-in/log-out attempts by authorized user and workstation •
authorized user submitted transactions • initiated processes • system override events •
direct additions, changes or deletions to application maintained data

To support the Security function, the Revenue System must provide the capability to allow Control Framework
the system administrator to restrict access to sensitive data elements such as social
security numbers and banking information by named user, groups of users, or functional
role.
The revenue system shall allow the system administrator to restrict access to sensitive   Control Framework
data elements by user, groups of users, or functional role.


To support the Security function, the Revenue System must provide the capability to limit Control Framework
access to data files and programs by individuals attempting to access them both through
the system and through access methods external to the system for other than the data
base administrator.
The revenue system shall limit access to data files and programs by individuals           Control Framework
attempting to access them both through the system and through access methods external
to the system for other than the data base administrator.

To support Security function, the Revenue System should provide the capability to         Control Framework
maintain general profile identity attributes that could consist of a customer’s:
• Username;
• Name;
• Address;
• Home telephone number;
• Social Security Number;
• Date of birth;
• Personal e-mail address;
• Employer name;
• Employer address;
• Employee telephone number;
• Employer e-mail address; and
• Confidential questions and answers.
The revenue system shall provide the capability to maintain general profile identity      Control Framework
attributes that consist of a customer’s: • username • name • address • home telephone
number • social security number • date of birth • personal e-mail address • employer name
• employer address • employee telephone number • employer e-mail address •
confidential questions and answers




                                                                             Page 52
               ATSC


BEA Mappings             Internal Control Activities


                         Authorization
                         Certifying Officer Legislation (COL)




                         Design and use of Documents and
                         Records

                         Design and use of Documents and
                         Records




                         Design and use of Documents and
                         Records

                         Design and use of Documents and
                         Records
                         Design and use of Documents and
                         Records


                         Authorization
                         Certifying Officer Legislation (COL)


                         Authorization
                         Certifying Officer Legislation (COL)

                         Authorization
                         Certifying Officer Legislation (COL)

                         Authorization
                         Certifying Officer Legislation (COL)

                         Authorization
                         Certifying Officer Legislation (COL)

                         Authorization
                         Certifying Officer Legislation (COL)

                         Authorization
                         Certifying Officer Legislation (COL)


                         Authorization
                         Certifying Officer Legislation (COL)

                         Certifying Officer Legislation (COL)




                         Certifying Officer Legislation (COL)




                         Authorization
                         Certifying Officer Legislation (COL)

                         Authorization
                         Certifying Officer Legislation (COL)




               Page 53
ATSC


          Certifying Officer Legislation (COL)




          Authorization
          Certifying Officer Legislation (COL)


          Authorization
          Certifying Officer Legislation (COL)




          Authorization
          Certifying Officer Legislation (COL)

          Authorization
          Certifying Officer Legislation (COL)


          Authorization
          Certifying Officer Legislation (COL)

          Authorization
          Certifying Officer Legislation (COL)

          Authorization
          Certifying Officer Legislation (COL)


          Certifying Officer Legislation (COL)




          Certifying Officer Legislation (COL)
          Design and use of Documents and
          Records
          Valuation of Recorded Amounts


          Authorization
          Certifying Officer Legislation (COL)

          Authorization




          Certifying Officer Legislation (COL)
          Design and use of Documents and
          Records




          Authorization
          Design and use of Documents and
          Records
          Summarization of Accounting Data
          Valuation of Recorded Amounts

          Authorization
          Design and use of Documents and
          Records
          Segregation of Duties
          Valuation of Recorded Amounts




Page 54
ATSC


          Authorization
          Certifying Officer Legislation (COL)




          Authorization
          Design and use of Documents and
          Records
          Summarization of Accounting Data
          Valuation of Recorded Amounts

          Authorization




          Design and use of Documents and
          Records


          Design and use of Documents and
          Records

          Authorization




          Design and use of Documents and
          Records


          Authorization
          Certifying Officer Legislation (COL)


          Authorization




          Authorization


          Authorization
          Certifying Officer Legislation (COL)

          Authorization




          Authorization




Page 55
ATSC


          Authorization
          Certifying Officer Legislation (COL)


          Authorization




          Authorization

          Authorization

          Authorization




          Authorization


          Authorization


          Authorization




          Authorization


          Authorization


          Authorization




          Authorization


          Certifying Officer Legislation (COL)
          Design and use of Documents and
          Records




          Design and use of Documents and
          Records



          Design and use of Documents and
          Records


          Design and use of Documents and
          Records


          Design and use of Documents and
          Records




Page 56
ATSC


          Certifying Officer Legislation (COL)
          Design and use of Documents and
          Records




          Certifying Officer Legislation (COL)
          Design and use of Documents and
          Records

          Certifying Officer Legislation (COL)
          Design and use of Documents and
          Records


          Design and use of Documents and
          Records


          Design and use of Documents and
          Records

          Design and use of Documents and
          Records

          Design and use of Documents and
          Records


          Design and use of Documents and
          Records


          Design and use of Documents and
          Records



          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Certifying Officer Legislation (COL)
          Rights and Obligations
          Segregation of Duties




          Independent Checks


          Certifying Officer Legislation (COL)
          Segregation of Duties




          Authorization



          Design and use of Documents and
          Records

          Design and use of Documents and
          Records




Page 57
ATSC


          Design and use of Documents and
          Records


          Design and use of Documents and
          Records

          Design and use of Documents and
          Records
          Design and use of Documents and
          Records
          Design and use of Documents and
          Records


          Design and use of Documents and
          Records

          Design and use of Documents and
          Records
          Design and use of Documents and
          Records
          Design and use of Documents and
          Records




          Design and use of Documents and
          Records

          Design and use of Documents and
          Records

          Design and use of Documents and
          Records

          Design and use of Documents and
          Records




          Design and use of Documents and
          Records




Page 58
ATSC


          Design and use of Documents and
          Records




          Design and use of Documents and
          Records


          Authorization
          Independent Checks




          Adequate Safeguards Over Access
          To and Use of Assets and Records




          Adequate Safeguards Over Access
          To and Use of Assets and Records



          Design and use of Documents and
          Records


          Design and use of Documents and
          Records

          Design and use of Documents and
          Records

          Approval
          Presentation and Disclosure




          Design and use of Documents and
          Records
          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Authorization




Page 59
ATSC


          Authorization


          Adequate Safeguards Over Access
          To and Use of Assets and Records

          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Authorization
          Rights and Obligations

          Authorization




          Adequate Safeguards Over Access
          To and Use of Assets and Records




          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Authorization

          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Authorization

          Authorization


          Authorization


          Authorization


          Authorization

          Authorization

          Authorization
          Certifying Officer Legislation (COL)




          Authorization
          Certifying Officer Legislation (COL)




Page 60
ATSC


          Authorization
          Certifying Officer Legislation (COL)


          Authorization
          Certifying Officer Legislation (COL)


          Authorization


          Authorization

          Authorization


          Authorization




          Authorization




          Authorization


          Design and use of Documents and
          Records




          Design and use of Documents and
          Records


          Design and use of Documents and
          Records




          Design and use of Documents and
          Records



          Design and use of Documents and
          Records



          Design and use of Documents and
          Records

          Design and use of Documents and
          Records
          Design and use of Documents and
          Records


          Design and use of Documents and
          Records


          Design and use of Documents and
          Records




Page 61
ATSC


          Design and use of Documents and
          Records
          Design and use of Documents and
          Records



          Design and use of Documents and
          Records




          Design and use of Documents and
          Records
          Design and use of Documents and
          Records
          Design and use of Documents and
          Records
          Design and use of Documents and
          Records




          Design and use of Documents and
          Records
          Design and use of Documents and
          Records

          Design and use of Documents and
          Records




          Design and use of Documents and
          Records

          Design and use of Documents and
          Records
          Design and use of Documents and
          Records
          Design and use of Documents and
          Records




          Design and use of Documents and
          Records


          Design and use of Documents and
          Records

          Design and use of Documents and
          Records


          Design and use of Documents and
          Records




Page 62
ATSC


          Authorization


          Authorization


          Authorization


          Authorization


          Authorization


          Authorization




          Authorization

          Authorization

          Authorization

          Authorization

          Authorization

          Authorization




          Authorization




          Authorization

          Authorization




          Authorization


          Authorization



          Authorization

          Authorization

          Authorization

          Authorization


          Authorization




          Authorization



          Design and use of Documents and
          Records
          No Significant Control




Page 63
ATSC


          Design and use of Documents and
          Records

          Design and use of Documents and
          Records
          Summarization of Accounting Data



          Design and use of Documents and
          Records


          Design and use of Documents and
          Records



          Design and use of Documents and
          Records




          Design and use of Documents and
          Records

          Design and use of Documents and
          Records

          Design and use of Documents and
          Records




          Design and use of Documents and
          Records


          Design and use of Documents and
          Records




          Design and use of Documents and
          Records




Page 64
ATSC


          Design and use of Documents and
          Records
          Design and use of Documents and
          Records
          Design and use of Documents and
          Records
          Design and use of Documents and
          Records
          Design and use of Documents and
          Records
          Design and use of Documents and
          Records
          Design and use of Documents and
          Records
          Design and use of Documents and
          Records
          Design and use of Documents and
          Records




          Design and use of Documents and
          Records
          Design and use of Documents and
          Records
          Design and use of Documents and
          Records
          Design and use of Documents and
          Records




          Design and use of Documents and
          Records


          Design and use of Documents and
          Records


          Design and use of Documents and
          Records


          Design and use of Documents and
          Records

          Design and use of Documents and
          Records

          Design and use of Documents and
          Records
          Design and use of Documents and
          Records
          Design and use of Documents and
          Records
          Design and use of Documents and
          Records
          Design and use of Documents and
          Records
          No Significant Control
          Design and use of Documents and
          Records

          Design and use of Documents and
          Records
          Design and use of Documents and
          Records

          Design and use of Documents and
          Records




Page 65
ATSC


          Design and use of Documents and
          Records




          Design and use of Documents and
          Records

          Design and use of Documents and
          Records


          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records

          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records

          Presentation and Disclosure


          Design and use of Documents and
          Records
          No Significant Control
          Design and use of Documents and
          Records
          No Significant Control
          Design and use of Documents and
          Records
          No Significant Control
          Authorization

          Authorization


          Authorization


          Design and use of Documents and
          Records




          Design and use of Documents and
          Records


          Design and use of Documents and
          Records

          Design and use of Documents and
          Records




Page 66
ATSC


          Design and use of Documents and
          Records


          Design and use of Documents and
          Records


          Design and use of Documents and
          Records


          Design and use of Documents and
          Records

          Design and use of Documents and
          Records




          Design and use of Documents and
          Records


          Design and use of Documents and
          Records

          Design and use of Documents and
          Records




          Adequate Safeguards Over Access
          To and Use of Assets and Records



          Design and use of Documents and
          Records
          Presentation and Disclosure
          Design and use of Documents and
          Records
          Presentation and Disclosure


          Design and use of Documents and
          Records
          Presentation and Disclosure

          Design and use of Documents and
          Records
          Presentation and Disclosure


          Design and use of Documents and
          Records
          Presentation and Disclosure




          Design and use of Documents and
          Records
          Presentation and Disclosure




Page 67
ATSC


          Design and use of Documents and
          Records
          Presentation and Disclosure




          Design and use of Documents and
          Records
          Presentation and Disclosure
          Design and use of Documents and
          Records
          Presentation and Disclosure

          Design and use of Documents and
          Records
          Presentation and Disclosure
          Design and use of Documents and
          Records
          Presentation and Disclosure
          Design and use of Documents and
          Records
          Presentation and Disclosure
          Design and use of Documents and
          Records
          Presentation and Disclosure
          Design and use of Documents and
          Records
          Presentation and Disclosure

          Design and use of Documents and
          Records
          Presentation and Disclosure
          Design and use of Documents and
          Records

          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records
          Presentation and Disclosure


          Design and use of Documents and
          Records



          Design and use of Documents and
          Records



          Authorization
          Design and use of Documents and
          Records
          Rights and Obligations




Page 68
ATSC


          Design and use of Documents and
          Records


          Design and use of Documents and
          Records
          Presentation and Disclosure


          Design and use of Documents and
          Records
          Presentation and Disclosure
          Summarization of Accounting Data

          Design and use of Documents and
          Records


          Design and use of Documents and
          Records


          Authorization
          Design and use of Documents and
          Records

          Design and use of Documents and
          Records



          Design and use of Documents and
          Records


          Design and use of Documents and
          Records


          Design and use of Documents and
          Records
          Design and use of Documents and
          Records
          Presentation and Disclosure
          Design and use of Documents and
          Records
          Valuation of Recorded Amounts

          Authorization
          Design and use of Documents and
          Records
          Design and use of Documents and
          Records


          Design and use of Documents and
          Records
          Valuation of Recorded Amounts

          Design and use of Documents and
          Records

          Design and use of Documents and
          Records
          Valuation of Recorded Amounts

          Design and use of Documents and
          Records
          Valuation of Recorded Amounts




Page 69
ATSC


          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records


          Authorization
          Design and use of Documents and
          Records
          Authorization
          Design and use of Documents and
          Records
          Authorization
          Design and use of Documents and
          Records


          Authorization
          Design and use of Documents and
          Records
          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Authorization

          Authorization
          Design and use of Documents and
          Records
          Authorization
          Design and use of Documents and
          Records
          Authorization
          Design and use of Documents and
          Records

          Authorization
          Design and use of Documents and
          Records


          Authorization
          Design and use of Documents and
          Records
          Authorization
          Presentation and Disclosure
          Authorization
          Design and use of Documents and
          Records
          Authorization
          Design and use of Documents and
          Records




          Authorization
          Design and use of Documents and
          Records
          Design and use of Documents and
          Records
          Presentation and Disclosure
          Design and use of Documents and
          Records
          Valuation of Recorded Amounts



          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records




Page 70
ATSC


          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records




          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records

          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records


          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records

          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records




          Design and use of Documents and
          Records



          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records

          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records


          Design and use of Documents and
          Records

          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Authorization
          Design and use of Documents and
          Records



          May Be a Control Risk




Page 71
ATSC


          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Authorization
          Design and use of Documents and
          Records

          Authorization
          Design and use of Documents and
          Records

          May Be a Control Risk




          Adequate Safeguards Over Access
          To and Use of Assets and Records

          Adequate Safeguards Over Access
          To and Use of Assets and Records


          Design and use of Documents and
          Records


          Design and use of Documents and
          Records

          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Presentation and Disclosure
          Valuation of Recorded Amounts

          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Certifying Officer Legislation (COL)
          Design and use of Documents and
          Records


          Design and use of Documents and
          Records

          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records


          Design and use of Documents and
          Records
          Valuation of Recorded Amounts




Page 72
ATSC


          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records



          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records


          Design and use of Documents and
          Records




          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records

          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records

          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records

          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records

          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records


          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Rights and Obligations




          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Approval
          Authorization
          Rights and Obligations

          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Certifying Officer Legislation (COL)
          Valuation of Recorded Amounts




Page 73
ATSC


          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Certifying Officer Legislation (COL)
          Valuation of Recorded Amounts


          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Certifying Officer Legislation (COL)
          Valuation of Recorded Amounts




          Summarization of Accounting Data




          Summarization of Accounting Data


          Summarization of Accounting Data


          Summarization of Accounting Data


          Summarization of Accounting Data

          Summarization of Accounting Data


          Summarization of Accounting Data




          Summarization of Accounting Data


          Summarization of Accounting Data




          Summarization of Accounting Data




          Summarization of Accounting Data




          Summarization of Accounting Data



          Summarization of Accounting Data




Page 74
ATSC


          Summarization of Accounting Data


          Summarization of Accounting Data




          Summarization of Accounting Data

          Approval
          Authorization
          Rights and Obligations
          Approval
          Authorization
          Independent Checks
          Rights and Obligations
          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Authorization
          Design and use of Documents and
          Records
          Presentation and Disclosure

          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Approval
          Authorization
          Presentation and Disclosure
          Rights and Obligations



          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records

          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records
          Presentation and Disclosure

          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Authorization
          Design and use of Documents and
          Records

          Adequate Safeguards Over Access
          To and Use of Assets and Records


          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Authorization

          Authorization
          Design and use of Documents and
          Records
          Presentation and Disclosure
          Rights and Obligations
          Adequate Safeguards Over Access
          To and Use of Assets and Records

          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records




Page 75
ATSC


          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records

          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records


          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records


          Design and use of Documents and
          Records

          Design and use of Documents and
          Records
          Design and use of Documents and
          Records

          Design and use of Documents and
          Records




          Design and use of Documents and
          Records
          Rights and Obligations
          Design and use of Documents and
          Records

          Design and use of Documents and
          Records
          Presentation and Disclosure
          Design and use of Documents and
          Records
          Presentation and Disclosure
          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records
          Presentation and Disclosure

          Adequate Safeguards Over Access
          To and Use of Assets and Records
          Design and use of Documents and
          Records
          Presentation and Disclosure

          Design and use of Documents and
          Records




Page 76
                                                                         ATSC


                                                                                      Design and use of Documents and
                                                                                      Records
                                                                                      Presentation and Disclosure
                                                                                      Design and use of Documents and
                                                                                      Records
                                                                                      Presentation and Disclosure
                                                                                      Design and use of Documents and
                                                                                      Records
                                                                                      Presentation and Disclosure

                                                                                      Design and use of Documents and
                                                                                      Records
                                                                                      Presentation and Disclosure
                                                                                      Design and use of Documents and
                                                                                      Records
                                                                                      Presentation and Disclosure
                                                                                      Design and use of Documents and
                                                                                      Records
                                                                                      Presentation and Disclosure



                                                                                      Adequate Safeguards Over Access
                                                                                      To and Use of Assets and Records
                                                                                      Design and use of Documents and
                                                                                      Records

                                                                                      Adequate Safeguards Over Access
                                                                                      To and Use of Assets and Records
                                                                                      Design and use of Documents and
                                                                                      Records

                                                                                      Adequate Safeguards Over Access
                                                                                      To and Use of Assets and Records
                                                                                      Design and use of Documents and
                                                                                      Records

                                                                                      Adequate Safeguards Over Access
                                                                                      To and Use of Assets and Records
                                                                                      Design and use of Documents and
                                                                                      Records

                                                                                      Adequate Safeguards Over Access
                                                                                      To and Use of Assets and Records
                                                                                      Presentation and Disclosure

Process: Generate Receivable Pro Forma Entries; OV6CDiagram: FV - Record and          Design and use of Documents and
Manage Receivable; Activity: Establish Accounts Receivable; ActivityID: A8121;        Records
OV5Diagram: Manage Receivables                                                        Presentation and Disclosure
Process: Generate Receivable Pro Forma Entries; OV6CDiagram: FV - Record and          Design and use of Documents and
Manage Receivable; Activity: Establish Accounts Receivable; ActivityID: A8121;        Records
OV5Diagram: Manage Receivables                                                        Presentation and Disclosure
Process: Establish Receivable; OV6CDiagram: FV - Record and Manage Receivable;        Authorization
Activity: Establish Accounts Receivable; ActivityID: A8121; OV5Diagram: Manage        Design and use of Documents and
Receivables                                                                           Records
                                                                                      Valuation of Recorded Amounts
Process: Establish Receivable; OV6CDiagram: FV - Record and Manage Receivable;        Certifying Officer Legislation (COL)
Activity: Establish Accounts Receivable; ActivityID: A8121; OV5Diagram: Manage        Design and use of Documents and
Receivables                                                                           Records
                                                                                      Valuation of Recorded Amounts

Process: Establish Receivable; OV6CDiagram: FV - Record and Manage Receivable;        Certifying Officer Legislation (COL)
Activity: Establish Accounts Receivable; ActivityID: A8121; OV5Diagram: Manage        Valuation of Recorded Amounts
Receivables

Process: Establish Receivable; OV6CDiagram: FV - Record and Manage Receivable;        Authorization
Activity: Establish Accounts Receivable; ActivityID: A8121; OV5Diagram: Manage        Design and use of Documents and
Receivables                                                                           Records
                                                                                      Presentation and Disclosure
Process: Maintain Accounts Receivable Balances; OV6CDiagram: FV - Record and          Design and use of Documents and
Manage Receivable; Activity: Manage Accounts Receivable Balance; ActivityID: A8122;   Records
OV5Diagram: Manage Receivables




                                                                       Page 77
                                                                           ATSC


Process: Maintain Accounts Receivable Balances; OV6CDiagram: FV - Record and          Adequate Safeguards Over Access
Manage Receivable; Activity: Manage Accounts Receivable Balance; ActivityID: A8122;   To and Use of Assets and Records
OV5Diagram: Manage Receivables                                                        Approval
                                                                                      Design and use of Documents and
                                                                                      Records

Process: Maintain Accounts Receivable Balances; OV6CDiagram: FV - Record and          Authorization
Manage Receivable; Activity: Manage Accounts Receivable Balance; ActivityID: A8122;   Design and use of Documents and
OV5Diagram: Manage Receivables                                                        Records
Process: Maintain Accounts Receivable Balances; OV6CDiagram: FV - Record and          Adequate Safeguards Over Access
Manage Receivable; Activity: Manage Accounts Receivable Balance; ActivityID: A8122;   To and Use of Assets and Records
OV5Diagram: Manage Receivables                                                        Authorization
                                                                                      Summarization of Accounting Data


                                                                                      Design and use of Documents and
                                                                                      Records


                                                                                      Design and use of Documents and
                                                                                      Records

                                                                                      Adequate Safeguards Over Access
                                                                                      To and Use of Assets and Records
                                                                                      Authorization




                                                                                      Adequate Safeguards Over Access
                                                                                      To and Use of Assets and Records
                                                                                      Authorization



Process: Establish Customer Information; OV6CDiagram: FV - Record and Manage          Adequate Safeguards Over Access
Receivable; Activity: Establish Accounts Receivable; ActivityID: A8121; OV5Diagram:   To and Use of Assets and Records
Manage Receivables                                                                    Authorization

                                                                                      Adequate Safeguards Over Access
                                                                                      To and Use of Assets and Records
                                                                                      Rights and Obligations

                                                                                      Adequate Safeguards Over Access
                                                                                      To and Use of Assets and Records
                                                                                      Rights and Obligations

                                                                                      Adequate Safeguards Over Access
                                                                                      To and Use of Assets and Records
                                                                                      Rights and Obligations

Process: Establish Customer Information; OV6CDiagram: FV - Record and Manage          Adequate Safeguards Over Access
Receivable; Activity: Establish Accounts Receivable; ActivityID: A8121; OV5Diagram:   To and Use of Assets and Records
Manage Receivables                                                                    Authorization
                                                                                      Design and use of Documents and
                                                                                      Records




Process: Establish Customer Information; OV6CDiagram: FV - Record and Manage          Adequate Safeguards Over Access
Receivable; Activity: Establish Accounts Receivable; ActivityID: A8121; OV5Diagram:   To and Use of Assets and Records
Manage Receivables                                                                    Authorization
                                                                                      Design and use of Documents and
                                                                                      Records




                                                                         Page 78
                                                                     ATSC


Sources


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SME-01




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLI-08


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLI-06




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLI-06


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLI-06

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-07




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLI-07




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SME-02


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-13


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-13


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-13


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-13


Source: DoDFMR Vol 06A, Ch 02; Source Date: 11/1/2008; Source Number: 020202.B.1



Source: DoDFMR, Volume 6A, Chapter 2; Source Date: 3/1/2008; Source Number:
020202.B.1

Source: DoDFMR Vol 06A, Ch 02; Source Date: 11/1/2008; Source Number: 020202.B.3




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: GLE-02




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLD-01


Source: DoDFMR Vol 06A, Ch 02; Source Date: 11/1/2008; Source Number: 020202.B.2




                                                                     Page 79
                                                                     ATSC


Source: DoDFMR Vol 06A, Ch 02; Source Date: 11/1/2008; Source Number: 020202.B.4




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-06




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-12




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-12


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-12




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-12


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-12


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-30




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: GLE-03




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: GLG-08




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-31


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SME-05




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLD-04




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-20




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-22




                                                                     Page 80
                                                                     ATSC


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-24




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-35




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SME-03




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLD-02




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLD-06


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-01




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-02




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-03




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-04




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-05


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-07


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-08




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-09




                                                                     Page 81
                                                                     ATSC


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-11




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-14




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-14

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-14

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-15




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-17


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-18


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-23




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-25


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-27


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-29




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-36


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLI-09




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLI-09




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLI-09



Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLI-09




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLI-09




                                                                     Page 82
                                                                        ATSC


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLD-05




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLD-05




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLD-05




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLI-01




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLD-03


Source: OMB Circular A-127; Source Date: 1/1/2009; Source Number: Sec. 6.K


Source: OMB Circular A-127; Source Date: 1/1/2009; Source Number: Sec. 6.K




Source: OMB Circular A-127; Source Date: 1/1/2009; Source Number: Sec. 6.K




Source: OMB Circular A-127; Source Date: 1/1/2009; Source Number: Sec. 6.L




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLH-01




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLH-04


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLH-03




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-05



Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLI-12


Source: OMB Circular A-127; Source Date: 1/1/2009; Source Number: Sec. 6.K




                                                                      Page 83
                                                                        ATSC


Source: OMB Circular A-127; Source Date: 1/1/2009; Source Number: 6.K




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLF-01


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLF-01

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLF-01

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLF-02




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLF-03


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLF-03

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLF-03

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLK-01




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLK-01


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLK-01


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLK-01


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLK-02




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLK-03




                                                                        Page 84
                                                                         ATSC


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLK-04




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLK-05




Source: OMB Circular A-130; Source Date: 11/1/2000; Source Number: Appendix III, Sec.
A.3




Source: OMB Circular A-130; Source Date: 11/1/2000; Source Number: Appendix III, Sec.
B.a.2.c




Source: OMB Circular A-130; Source Date: 11/1/2000; Source Number: Sec. 8.a.1.g




Source: OMB Circular A-130; Source Date: 11/1/2000; Source Number: Sec. 8, a.1.j




Source: OMB Circular A-130; Source Date: 11/1/2000; Source Number: Sec. 8, a.1.k


Source: OMB Circular A-130; Source Date: 11/1/2000; Source Number: Sec. 8, a.2


Source: OMB Circular A-130; Source Date: 11/1/2000; Source Number: Sec. 8, a.3




Source: OMB Circular A-130; Source Date: 11/1/2000; Source Number: Sec. 8, a.4.a

Source: OMB Circular A-130; Source Date: 11/1/2000; Source Number: Sec. 8, a.9.c




                                                                       Page 85
                                                                         ATSC


Source: OMB Circular A-130; Source Date: 11/1/2000; Source Number: Sec. 8, a.9.b


Source: OMB Circular A-130; Source Date: 11/1/2000; Source Number: Appendix III, Sec.
A.3.b.2.f

Source: DoDD 8500.01E, Cert.; Source Date: 4/1/2007; Source Number: Sec. 4.8.2




Source: DoDD 8500.01E, Cert.; Source Date: 4/1/2007; Source Number: Sec. 4.9 4.9.2




Source: DoDD 8500.01E, Cert.; Source Date: 4/1/2007; Source Number: Sec. 4.17
Source: NSTISSP No. 11; Source Date: 7/1/2008; Source Number: Sec. 5




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SME-04




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SME-04




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SME-04


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SME-04


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-16


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-16

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-16

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-19




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-19




                                                                       Page 86
                                                                     ATSC


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-19




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-19




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-26


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-26
Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-28
Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-26
Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-28

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-32




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-33




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-34


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-01




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-01




Source: FSIO OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-02




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-03




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-04




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-04


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-04

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-05




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-06



Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-06




                                                                     Page 87
                                                                        ATSC


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-06

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-08




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-10




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-10

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-10

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-10

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-11




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-11

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-11


Source: FSIO OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-12




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-12


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-12

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-12

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-13




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-13




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-13


Source: JFMIP SR-02-02; Source Date: 6/1/2002; Source Number: page 59




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-15




                                                                     Page 88
                                                                     ATSC


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-01


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-01


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-01


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-01


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-01


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-02




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-02

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-02

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-02

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-02

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-02

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-03




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-04




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-04

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-04




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-06


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-07



Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-07

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-07

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-07

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-07


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-08




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-09



Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-10




                                                                     Page 89
                                                                     ATSC


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-11


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLJ-12

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLJ-13



Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMD-01



Source: FSIO OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMD-02




Source: FSIO OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMD-03




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMD-03


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMD-03


Source: FSIO OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMD-04




Source: FSIO OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMD-05




Source: FSIO OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMD-06




Source: FSIO OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMD-07




                                                                     Page 90
                                                                     ATSC


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMD-07

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMD-07

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMD-07

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMD-07

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMD-07

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMD-07

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMD-07

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMD-07

Source: FSIO OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMD-08




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMD-08

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMD-08

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMD-08

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLA-04




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLA-04




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLA-04




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLA-04



Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLA-04


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLA-07


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLA-07

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLA-07

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLA-07

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLA-07

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLB-04


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLC-01


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLC-02

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLC-03


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLC-04




                                                                     Page 91
                                                                     ATSC


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLC-05




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLC-06


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLD-07




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLD-08




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLD-09




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLD-10


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLG-01


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLG-02


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLG-03


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLG-04

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLG-05


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLG-06


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLI-02




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLI-03



Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLI-04


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLI-05




                                                                     Page 92
                                                                         ATSC


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLI-10




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLI-11




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLI-13



Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLL-01


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLL-02




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLL-03




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLL-04


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLL-05




Source: Special Publication 800-53, Revision 2; Source Date: 12/1/2007; Source Number:
SI-11

Source: DoDFMR, Volume 1, Chapter 9; Source Date: 4/1/2009; Source Number: Para.
090201
Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: IER-3


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: IER-5




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: IER-6




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: IER-9




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: IER-10




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: IER-11




                                                                        Page 93
                                                                       ATSC


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: IER-12




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: IER-14


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: IER-15




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: IER-16


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: IER-17


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: IER-18


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: IER-19


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: BPA-12




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: DAS-5


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: TV-2


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: TV-3




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: TV-5




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: TV-7




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: TV-8




                                                                       Page 94
                                                                      ATSC


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: TV-9




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: TV-11




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: TV-12




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: TV-13



Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: TV-14




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: TV-15




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: TV-16




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: TV-17




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: TV-18




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: TV-18

Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: TV-19


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: TV-21




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: TV-22


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: TV-24




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: TV-24




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: TV-25


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: TV-27




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: AR-1




                                                                      Page 95
                                                                       ATSC


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: AT-1




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: OLQ-1


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: OLQ-4


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: OLQ-11




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: OLQ-12


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: AHQ-1




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: AHQ-2


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: AHQ-3


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: AHQ-4



Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: AHQ-5




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: AHQ-6


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: AHQ-7

Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: AHQ-8


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: AHQ-9




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: AHQ-9


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: I-4


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: AD-2




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: I-3




                                                                      Page 96
                                                                         ATSC


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: I-5




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: I-6




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: I-7
Source: OMB Memorandum M-07-03; Source Date: 11/1/2006; Source Number:




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: I-8




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: S-6




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: GLC
Source: OMB Circular A-127; Source Date: 7/1/1993; Source Number:




Source: GAO/AIMD-00-21.3.1; Source Date: 11/1/1999; Source Number:
Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLH-03
Source: DFAS 7000.10-I; Source Date: 9/1/2007; Source Number: Para. C6.6.3.2.1.5

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMA-09




Source: FSIO OFFM-NO-0106; Source Date: 1/1/2006; Source Number: FBA-03




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: FBA-10




Source: TFM, Vol I, Part 2, Chapter 4700 Sec. 4707.20a; Source Date: ; Source Number:


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: GLE-01




Source: DoDI 8500.2, February 2003; Source Date: ; Source Number: req. CODB-2
Source: Special Publication 800-53, Revision 2, December 2007; Source Date: ; Source
Number: req. CP-6




                                                                        Page 97
                                                                         ATSC


Source: JFMIP SR-02-02; Source Date: 6/1/2002; Source Number: page 61




Source: JFMIP SR-02-02; Source Date: 6/1/2002; Source Number: page 59




Source: DoDI 8500.2, February 2003; Source Date: ; Source Number: req. COAS-1, req.
COAS-2
Source: Special Publication 800-53, Revision 2, December 2007; Source Date: ; Source
Number: req. CP-7
Source: JFMIP SR-02-02, 63; Source Date: 6/1/2002; Source Number: Pg. 63; 09.06.22




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SME-01
Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLD-04

Source: DoDFMR Vol 06A, Ch 02; Source Date: 11/1/2008; Source Number: 020202.B.5




Source: DoDFMR Vol 06A, Ch 02; Source Date: 11/1/2008; Source Number: 020202.B.6



Source: DoDFMR Vol 06A, Ch 02; Source Date: 2/1/2009; Source Number: 020202.B.7.a


Source: DoDI 8500.2; Source Date: 2/1/2003; Source Number: Sec. 5.7.4
Source: DoDI 8510.01; Source Date: 11/1/2007; Source Number: Sec. 4.5



Source: DoDD 8500.01E, Cert.; Source Date: 4/1/2007; Source Number: Sec. 4.13
Source: DoDI 8500.2; Source Date: 2/1/2003; Source Number: Sec. 5.7.5
Source: DoDI 8510.01; Source Date: 11/1/2007; Source Number: Sec. 4.1




Source: JFMIP SR-02-02; Source Date: 6/1/2002; Source Number: page 59


Source: JFMIP SR-02-02; Source Date: 6/1/2002; Source Number: page 59




Source: JFMIP SR-02-02; Source Date: 6/1/2002; Source Number: page 60




                                                                        Page 98
                                                                        ATSC


Source: JFMIP SR-02-02; Source Date: 6/1/2002; Source Number: page 60




Source: JFMIP SR-02-02; Source Date: 6/1/2002; Source Number: page 60




Source: JFMIP SR-02-02; Source Date: 6/1/2002; Source Number: page 60




Source: JFMIP SR-02-02; Source Date: 6/1/2002; Source Number: page 61




Source: JFMIP SR-02-02; Source Date: 6/1/2002; Source Number: page 61




Source: JFMIP SR-02-02; Source Date: 6/1/2002; Source Number: page 61




Source: JFMIP SR-02-02; Source Date: 6/1/2002; Source Number: page 61




Source: JFMIP SR-02-02; Source Date: 6/1/2002; Source Number: page 61




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLH-02




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLH-05




Source: DoDI 8510.01; Source Date: 11/1/2007; Source Number: Sec. 4.9




                                                                        Page 99
                                                                         ATSC


Source: FISMA of 2002; Source Date: ; Source Number: Sec. 305(c)(2)




Source: DoDI 8510.01; Source Date: 11/1/2007; Source Number: Sec. 1.5




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMA-01




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMA-02


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMA-03


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMA-04


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMA-05

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMA-06


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMA-07




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMA-08


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMA-09




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMA-10




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMA-11




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMA-12



Source: FSIO Exposure Draft; Source Date: 7/1/2009; Source Number: SMA-14
Source: FSIO Exposure Draft; Source Date: 2/1/2010; Source Number: XFA-14




                                                                        Page 100
                                                                      ATSC


Source: FSIO Exposure Draft; Source Date: 7/1/2009; Source Number: SMA-15
Source: FSIO Exposure Draft; Source Date: 2/1/2010; Source Number: XFA-15

Source: FSIO Exposure Draft; Source Date: 7/1/2009; Source Number: SMA-16
Source: FSIO Exposure Draft; Source Date: 2/1/2010; Source Number: XFA-16


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMA-17

Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: S-1


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: S-2



Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: S-3




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: S-4




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: S-8




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: S-10




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: S-11




Source: 31 CFR; Source Date: ; Source Number: 1.22 (d) (3) (i)
Source: 41 CFR; Source Date: ; Source Number: 301-71.3
Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: S-12

Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: S-13



Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: S-14




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: S-15


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: S-16




                                                                     Page 101
                                                                      ATSC


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-28




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-10




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMB-21




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLB-01


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLB-02

Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLB-03


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-09




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: SMC-14


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLE-12


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLJ-01


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLJ-02


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLJ-03




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLJ-04




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLJ-05




                                                                     Page 102
                                                                       ATSC


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLJ-06


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLJ-07


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLJ-08




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLJ-09


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLJ-10


Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLJ-11




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLA-01




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLA-02




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLA-03




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLA-05




Source: OFFM-NO-0106; Source Date: 1/1/2006; Source Number: TLA-06




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: IER-1


Source: DFAS 7900.4G, Ver 6.0,; Source Date: 1/1/2007; Source Number:
Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: 05.06.09, IER1

Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: AT-2



Source: DFAS 7900.4G, Ver 6.0,; Source Date: 1/1/2007; Source Number:
Source: JFMIP-SR-03-01,; Source Date: 1/1/2003; Source Number: AT-2; 05.17.02



Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: AT-3




Source: DFAS 7900.4G, Ver 6.0,; Source Date: 1/1/2007; Source Number:
Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: AT-3; 05.17.03


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: AD-1




                                                                      Page 103
                                                                        ATSC


Source: DFAS 7900.4G, Ver 6.0,; Source Date: 1/1/2007; Source Number:
Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: AD-1; 05.20.01




Source: DFAS 7900.4G, Ver 6.0,; Source Date: 1/1/2007; Source Number:
Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: AD-1; 05.20.01

Source: DFAS 7900.4G, Ver 6.0,; Source Date: 1/1/2007; Source Number:
Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: AD-1; 05.20.01




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: I-2




Source: DFAS 7900.4G, Ver 6.0; Source Date: 1/1/2007; Source Number:
Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: I-2: 05.21.02

Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: S-5




Source: DFAS 7900.4G, Ver 6.0,; Source Date: 1/1/2007; Source Number:
Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: S-5; 05.22.05




Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: S-7




Source: DFAS 7900.4G, Ver 6.0,; Source Date: 1/1/2007; Source Number:
Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: S-7; 05.22.07


Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: S-9



Source: DFAS 7900.4G, Ver 6.0.; Source Date: 1/1/2007; Source Number:
Source: JFMIP-SR-03-01, S-9, Jan 2003; Source Date: 1/1/2003; Source Number: 0S-9;
5.22.09

Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: S-17




Source: DFAS 7900.4G, Ver 6.0.; Source Date: 1/1/2007; Source Number:
Source: JFMIP-SR-03-01; Source Date: 1/1/2003; Source Number: S-17 05.22.17




                                                                     Page 104
                                                              Business_Rules


Functional Area                    Published in   Unique ID   Func Rqmt   Func Rqmt   Business Rule
                                   Release #                  Unique ID   Parent ID   Title/Name
Audit Trails and System Controls   7              ATSC-BR-                            Management
                                                  0006                                Information System




Audit Trails and System Controls   7              ATSC-BR-                            Control Framework
                                                  0007




Audit Trails and System Controls   7              ATSC-BR-                            Registration
                                                  0008




Audit Trails and System Controls   8              ATSC-BR-                            Classification
                                                  0009




Audit Trails and System Controls   8              ATSC-BR-                            Tracking
                                                  0010



Audit Trails and System Controls   8              ATSC-BR-                            Audit Trail
                                                  0011




Audit Trails and System Controls   8              ATSC-BR-                            Access and Retrieval
                                                  0012




                                                                  Page 105
                                                  Business_Rules


Audit Trails and System Controls   8   ATSC-BR-                    Record Transfer,
                                       0013                        Archive, and Interface




Audit Trails and System Controls   7   ATSC-BR-                    Retention Schedule
                                       0014




Audit Trails and System Controls   8   ATSC-BR-                    Record Retirement
                                       0015                        (Destruction)




Audit Trails and System Controls   8   ATSC-BR-                    Disaster and
                                       0016                        Continuity of
                                                                   Operations Recovery
                                                                   Program




Audit Trails and System Controls   8   ATSC-BR-                    Training
                                       0017




                                                    Page 106
                                                  Business_Rules


Audit Trails and System Controls   7   ATSC-BR-                    Monitoring and
                                       0018                        Compliance




                                                    Page 107
                                                                          Business_Rules


Business Rule Description                                                                          DFAS Process Name

A Management Information System provides information to support operational control,
management control, and decision-making functions in an organization. An information
system can be considered as an arrangement of a number of elements that provides
effective information for decision-making and control of functionalities of an organization.
Information is an entity that reduces uncertainty about an event or situation. Enterprises
use information systems to reduce costs, control wastes, or generate revenue. The
information system has far reaching effects for smooth and efficient operation.

The control framework for financial records refers to all the laws, regulations, policies and
procedures that provide assurance that records are created, managed, and used in
support of the government’s financial accountability requirements. Records management
controls work on the assumption that all transactions are to be clearly documented and
recorded, and the documentation is to be readily available for as long as necessary to
meet operational, legislative, regulatory and accountability requirements.

All financial records should be registered and classified as the foundation for managing
their use, retention and eventual disposal. Registration provides evidence that a record
has been created or received into a records system. It formalizes the capture of the
record. It involves recording brief descriptive information about the record in a register,
and assigning the record a unique identifier. Although implicit in computerized financial
management systems, capturing the date of the transaction at the time of registration is
an important part of the registration process. Registration, as a process is vital for
accountability. It is also a key point at which a variety of data that can facilitate the
accessibility and management of a record can be captured and made available.

The Department of Defense shall utilize a classification system for financial databases. A
classification system for financial transaction records comprises the revenue and
expenditure categories established by the government to plan revenues, expenditures,
funding (financing) and other financial flows in the budget/planning system, and
subsequently used as codes in the accounting system to classify actual revenues,
expenditures, financing and other flows, and to record assets and liabilities. (Note -
Classification systems enable an organization to organize, describe and provide improved
access, retrieval, use and dissemination of its records, as appropriate. It organizes files
and documents into a logical (i.e. hierarchical) arrangement to facilitate controlled access
and disposal).
The Department of Defense shall have the capability to track all transactions. Tracking is
critical to aid retrieval and ensure that records are not lost or misfiled. Staff should be able
to determine in a timely and efficient manner the location of every transaction record or
file, as appropriate, for which they are responsible. Tracking is also an important control
for deterring unauthorized access.
The Department of Defense shall have the capability to produce an audit trail for all
transactions. An audit trail is required to ensure that transactions can be traced from
creation, through processing, to the final statements. (Note - The system must be able to
trace records in order to provide sufficient and reliable evidence that only valid
transactions have been processed. The audit trail should ensure that all transactions
could be followed through the financial system, from originating documents to the financial
statements and vice versa. The record keeping system must permit the auditor to trace
transactions between the creation of the originating document, manual transaction
registers, journals and ledgers), in both directions, and through successive levels of
summarization. The record keeping system must ensure that all relevant data and
financial audit trail information is retained for a sufficient time to complete the audit.
The Department of Defense shall protect records and associated data within their
Databases. Records must remain useable throughout their lifetime; however, access
must be restricted to authorized individuals to protect the integrity of the records. Records
should be physically identified and arranged to facilitate retrieval by authorized individuals
for the entire period of their retention. (Note - It is important to maintain finding aids that
document the location of all financial records storage facilities, and the location of
particular records series. Strategies for retaining electronic records and associated
metadata removed from current records systems have to be formulated to ensure that
electronic records remain accessible throughout the entire period of their retention. Such
strategies must be integrated into all systems design processes).




                                                                               Page 108
                                                                         Business_Rules


Department of Defense records must be transferred according to agreed disposal
instructions to demonstrate compliance with the legal and regulatory framework and to
maintain efficiency. (Note - There are several reasons why records should be transferred
from the custody or ownership of the agency that created them, including restructuring
within the organization, the outsourcing of business activities or transfer to a records
centre or archives according to requirements laid down in retention schedules. When
records are transferred to a records center, ownership is usually retained by the
transferring agency. The records center is simply the custodian of the records,
responsible for protecting them, tracking their movement within and outside the center,
and ensuring their proper destruction. In transferring records, it is essential to determine




Records must be managed in accordance with retention schedules to ensure that records
are kept as long as they are required for evidence, and disposed of as soon as possible to
maintain efficiency. A retention schedule is an instrument to standardize decision-making
in the disposal of records. It consists of a formally approved schedule of records series,
retention periods and appropriate disposal actions, which is submitted for approval by an
external authority, such as a national records advisory committee. Any financial records
created or captured must have a retention period assigned so it is clear how long they
should be maintained.
The Department of Defense shall ensure all records are destroyed according to
authorized disposal instructions to demonstrate compliance with the legal and regulatory
framework and to maintain efficiency. (Note - Records must be destroyed in a controlled
and secure manner and in accordance with authorized disposal instructions. The
destruction of records must be clearly documented to provide evidence of destruction
according to an agreed program. Physical destruction of records must be undertaken by
methods appropriate to the confidentiality of the records and in accordance with disposal
instructions. An audit trail documenting all destruction of records should be maintained by
the creating agency. Certificates of destruction should be obtained for all destruction
undertaken by third parties. Where disposal schedules are not in place, the written
authorization of the national records and archives institution should be obtained prior to
destruction).
The Department of Defense shall have a Continuity of Operations Recovery Program in
place. (Note - A vital records protection program will protect against some disasters and
lessen the damage of others, but disasters will still happen and the results can be
devastating to an organization unless it has implemented policies and procedures to
protect its records. When a disaster does occur there must be a disaster recovery




service. A disaster recovery program should consist of three parts: prevention,




The Department of Defense shall establish a plan that ensures all staff must receive
training in managing records. This will vary in method of delivery, duration, and scope
according to the role and stage of development of individual staff members. Induction
training should be provided in a timely fashion to all staff. Included in this should be basic
guidance on the rules and regulations governing the creation and handling of records,
particularly the legal responsibilities conferred on all staff by the national records and
archives act. In addition, records staff should receive more detailed guidance in their
induction training to help them understand the structures and duties of the government
records management system. Accounting staff should also receive guidance in the day to
day management of financial records.




                                                                              Page 109
                                                                    Business_Rules


The program for managing financial records should be monitored on a regular basis.
Monitoring should be carried out according to an agreed program to ensure the continued
evidential and legal accountability of an organization’s records management system for
financial records and its continuing effectiveness. The monitoring processes must be
documented to provide evidence of compliance with policies, procedures, and standards
for managing records adopted by the organization. Compliance monitoring will involve
reviewing and inspecting different aspects of the performance of the records control




of work flow processes through sampling to ensure adherence to policies and procedures;




documentation meets the required standard.




                                                                        Page 110
               Business_Rules


BEA Mappings                Internal Control Activities




                 Page 111
Business_Rules




  Page 112
Business_Rules




  Page 113
          Business_Rules


Sources




            Page 114
                                                               Best_Practices


Unique ID   BPTitle                          Practice                                BPSource

ATSC-BP-    Radio Frequency Identification   RFID systems consist of a number        Defense Finance and Accounting
0001        Device (RFID)                    of components including tags,           Service (DFAS)
                                             handheld or stationary readers,         Commercial Pay Business Line
                                             data input units and system             (CPBL)
                                             software. The tags are the              Standardized Business Initiative for
                                             backbone of the technology and          Systems Development and
                                             come in all shapes, sizes and read      Deployment
                                             ranges including thin and flexible      Concept of Operations
                                             "smart labels" which can be              (CONOPS) v5, 3/18/05
                                             laminated between paper or plastic.     Appendix A, Section A.04
                                              Automatic identification and data
                                             capture by new generations
                                             transponders that afford multi-read
                                             capabilities and functions via
                                             current and next generation
                                             electronic reading, writing, and
                                             storage technologies. Data transfer
                                             rates range from low to reasonably
                                             high (i.e., 64 kb) - transfer and
                                             storage rates depend on device
                                             and carrier frequency. Close
                                             proximity (inductive systems) to
                                             tens of meters (radiating systems),
                                             without the need for line-of-sight
                                             nterrogation, depending on type of
                                             transponders and interrogation
                                             hardware. Robust constructions
                                             available allowing use in
                                             reasonably harsh conditions.


ATSC-BP-    Standard Report Templates        Templates and formatting are            Defense Finance and Accounting
0002                                         consistent across enterprise            Service (DFAS)
                                             organizations eliminating the need      Commercial Pay Business Line
                                             for redundant close activities.         (CPBL)
                                             Leverages existing resources and        Standardized Business Initiative for
                                             ensures comparability and               Systems Development and
                                             consistent use of information.          Deployment
                                                                                     Concept of Operations
                                                                                      (CONOPS) v5, 3/18/05
                                                                                     Appendix A, Section A.04
ATSC-BP-    Open Standards and Common        1.18.1.513 Adaptable architecture       Defense Finance and Accounting
0003        Interfaces                       achieves integration and                Service (DFAS)
                                             interoperability through the use of     Commercial Pay Business Line
                                             open, industry standards to the         (CPBL)
                                             maximum extent at every system          Standardized Business Initiative for
                                             level.                                  Systems Development and
                                                                                     Deployment
                                                                                     Concept of Operations
                                                                                      (CONOPS) v5, 3/18/05
                                                                                     Appendix A, Section A.04
ATSC-BP-    Integrated Source of Data        Integrated data with business rule      Defense Finance and Accounting
0004                                         validation provides required            Service (DFAS)
                                             reliability and accuracy for timely     Commercial Pay Business Line
                                             reporting.                              (CPBL)
                                                                                     Standardized Business Initiative for
                                                                                     Systems Development and
                                                                                     Deployment
                                                                                     Concept of Operations
                                                                                      (CONOPS) v5, 3/18/05
                                                                                     Appendix A, Section A.04
ATSC-BP-    Wireless                         Provide capability to allow users to    Defense Finance and Accounting
0005                                         access business information             Service (DFAS)
                                             (networks and/or web portals/sites)     Commercial Pay Business Line
                                             from both onsite and offsite            (CPBL)
                                             locations via satellite, enterprise     Standardized Business Initiative for
                                             wireless points (WAP) and public        Systems Development and
                                             WAPs while either at a fixed            Deployment
                                             location (on or offsite) and/or while   Concept of Operations
                                             mobile.                                  (CONOPS) v5, 3/18/05
                                                                                     Appendix A, Section A.04



                                                                   Page 115
                                                                 Best_Practices


ATSC-BP-   Barcodes                            A bar code is the small image of      Defense Finance and Accounting
0006                                           lines (bars) and spaces that is       Service (DFAS)
                                               affixed to a product to identify a    Commercial Pay Business Line
                                               particular product number, person,    (CPBL)
                                               or location. The code uses a          Standardized Business Initiative for
                                               sequence of vertical bars and         Systems Development and
                                               spaces to represent numbers and       Deployment
                                               other symbols. A bar code symbol      Concept of Operations
                                               typically consists of five parts: a    (CONOPS) v5, 3/18/05
                                               quiet zone, a start character, data   Appendix A, Section A.04
                                               characters (including an optional
                                               check character), a stop character,
                                               and another quiet zone.


ATSC-BP-   Standardized data                   Standard use of data definitions      Defense Finance and Accounting
0007                                           and data elements. Provide            Service (DFAS)
                                               consistent definitions and defined    Commercial Pay Business Line
                                               data elements across all              (CPBL)
                                               businesses and organizations.         Standardized Business Initiative for
                                               Eliminate the time required to        Systems Development and
                                               provide translations and ensure       Deployment
                                               elements are used with a common       Concept of Operations
                                               understanding.                         (CONOPS) v5, 3/18/05
                                                                                     Appendix A, Section A.04
ATSC-BP-   Web Servers                         A Web server is a program that,       Defense Finance and Accounting
0008                                           using the client/server model and     Service (DFAS)
                                               the World Wide Web's Hypertext        Commercial Pay Business Line
                                               Transfer Protocol (HTTP), serves      (CPBL)
                                               the files that form Web pages to      Standardized Business Initiative for
                                               Web users (whose computers            Systems Development and
                                               contain HTTP clients that forward     Deployment
                                               their requests). Every computer on    Concept of Operations
                                               the Internet that contains a Web       (CONOPS) v5, 3/18/05
                                               site must have a Web server           Appendix A, Section A.04
                                               program.
ATSC-BP-   Electronic Data Interchange (EDI)   EDI is the electronic exchange of      Defense Finance and Accounting
0009                                           business information between           Service (DFAS)
                                               organizations in a structured          Commercial Pay Business Line
                                               format. Computer-to-computer           (CPBL)
                                               exchange of business documents         Standardized Business Initiative for
                                               in a standard format.                  Systems Development and
                                                                                      Deployment
                                                                                      Concept of Operations
                                                                                       (CONOPS) v5, 3/18/05
                                                                                      Appendix A, Section A.04
ATSC-BP-   Barcode Readers                     A barcode reader, also called a        Defense Finance and Accounting
0010                                           price or point-of-sale (POS)           Service (DFAS)
                                               scanner, is a hand-held or             Commercial Pay Business Line
                                               stationary input device used to        (CPBL)
                                               capture and read information           Standardized Business Initiative for
                                               contained in a bar code. A barcode Systems Development and
                                               reader consists of a scanner, a        Deployment
                                               decoder (either built-in or external), Concept of Operations
                                               and a cable used to connect the         (CONOPS) v5, 3/18/05
                                               reader with a computer. Because a Appendix A, Section A.04
                                               barcode reader merely captures
                                               and translates the barcode into
                                               numbers and/or letters, the data
                                               must be sent to a computer that
                                               contains the appropriate software
                                               application to translate barcode
                                               data into relevant numbers and/or
                                               letters.




                                                                     Page 116
                                                                  Best_Practices


ATSC-BP-   Enterprise Application Integration   EAI is a business computing term        Defense Finance and Accounting
0011       (EAI)                                for the plans, methods, and tools       Service (DFAS)
                                                aimed at modernizing,                   Commercial Pay Business Line
                                                consolidating, and coordinating the     (CPBL)
                                                computer applications in an             Standardized Business Initiative for
                                                enterprise. Typically, an enterprise    Systems Development and
                                                has existing legacy applications        Deployment
                                                and databases and wants to              Concept of Operations
                                                continue to use them while adding        (CONOPS) v5, 3/18/05
                                                or migrating to a new set of            Appendix A, Section A.04
                                                applications that exploit the
                                                Internet, e-commerce, extranet, and
                                                other new technologies. EAI may
                                                involve developing a new total view
                                                of an enterprise's business and its
                                                applications, seeing how existing
                                                applications fit into the new view,
                                                and then devising ways to
                                                efficiently reuse what already exists
                                                while adding new applications and
                                                data.
ATSC-BP-   eXtensible Business Reporting        XBRL is an XML-based, royalty-          Defense Finance and Accounting
0012       Language (XBRL)                      free, and open standard being           Service (DFAS)
                                                developed bya consortium of voer        Commercial Pay Business Line
                                                170 companies and agencies,             (CPBL)
                                                delivering benefits to investors,       Standardized Business Initiative for
                                                accountants, regulators,                Systems Development and
                                                executives, business and financial      Deployment
                                                analysts, and informaiton providers.    Concept of Operations
                                                 XBRL provides l information that        (CONOPS) v5, 3/18/05
                                                can be delivered promptly to have       Appendix A, Section A.04
                                                common platform for critical
                                                business reporting processes and
                                                improves the reliability and ease of
                                                communicating financial data
                                                among users internal and external
                                                to the reporting enterprise.

ATSC-BP-   Relational Databases                 A relational database is a collection   Defense Finance and Accounting
0013                                            of data items organized as a set of     Service (DFAS)
                                                formally-described tables from          Commercial Pay Business Line
                                                which data can be accessed or           (CPBL)
                                                reassembled in many different           Standardized Business Initiative for
                                                ways without having to reorganize       Systems Development and
                                                the database tables. A relational       Deployment
                                                database is a set of tables             Concept of Operations
                                                containing data fitted into              (CONOPS) v5, 3/18/05
                                                predefined categories. Each table       Appendix A, Section A.04
                                                (which is sometimes called a
                                                relation) contains one or more data
                                                categories in columns. Each row
                                                contains a unique instance of data
                                                for the categories defined by the
                                                columns.

ATSC-BP-   Virtual Private Network (VPN)        A VPN (virtual private network) is a    Defense Finance and Accounting
0014                                            way to use a public                     Service (DFAS)
                                                telecommunication infrastructure,       Commercial Pay Business Line
                                                such as the Internet, to provide        (CPBL)
                                                remote offices or individual users      Standardized Business Initiative for
                                                with secure access to their             Systems Development and
                                                organization's network. A virtual       Deployment
                                                private network can be contrasted       Concept of Operations
                                                with an expensive system of owned        (CONOPS) v5, 3/18/05
                                                or leased lines that can only be        Appendix A, Section A.04
                                                used by one organization. The goal
                                                of a VPN is to provide the
                                                organization with the same
                                                capabilities, but at a much lower
                                                cost.




                                                                      Page 117
                                                              Best_Practices


ATSC-BP-   Business Process Modeling        A meta-language for the modeling       Defense Finance and Accounting
0015       Language (BPML)                  of business processes, just as XML     Service (DFAS)
                                            is a meta-language for the             Commercial Pay Business Line
                                            modeling of business data, BPML        (CPBL)
                                            provides an abstracted execution       Standardized Business Initiative for
                                            model for collaborative and            Systems Development and
                                            transactional business processes       Deployment
                                            based on the concept of a              Concept of Operations
                                            transactional finite-state machine.     (CONOPS) v5, 3/18/05
                                                                                   Appendix A, Section A.04
ATSC-BP-   Enterprise Metadata Management   A Metadata Strategy should             Defense Finance and Accounting
0016       (Governance function)            address all aspects of metadata        Service (DFAS)
                                            management for all knowledge of        Commercial Pay Business Line
                                            interest to the enterprise. A          (CPBL)
                                            metadata management program is         Standardized Business Initiative for
                                            needed to nurture and sustain          Systems Development and
                                            useful metadata for the following      Deployment
                                            enterprisewide activities: (a)         Concept of Operations
                                            Information Management, (b)             (CONOPS) v5, 3/18/05
                                            Knowledge Management, and (c)          Appendix A, Section A.04
                                            Information and Data Stewardship.
                                            The Metadata Strategy needs to
                                            promote an Information
                                            Management Policy that provides a
                                            focus for managing and sharing the
                                            knowledge assets of the
                                            organization. The Information
                                            Management Policy should define
                                            information quality-related
                                            responsibilities, including
                                            stewardship, along with a plan for
                                            implementing it.
ATSC-BP-   Operational Data Store (ODS)     An ODS is more of a design             Defense Finance and Accounting
0017                                        construct than a product that          Service (DFAS)
                                            provides a clean, consolidated, and    Commercial Pay Business Line
                                            highly available source of data for    (CPBL)
                                            reporting and real time access.        Standardized Business Initiative for
                                            ODS may speed up decision              Systems Development and
                                            making by simplifying the use of       Deployment
                                            decision engines and/or activity       Concept of Operations
                                            monitors and expediting operational     (CONOPS) v5, 3/18/05
                                            reporting.                             Appendix A, Section A.04
ATSC-BP-   Drill Down Capability            Ability to drill down to transaction   Defense Finance and Accounting
0018                                        level detail to better understand      Service (DFAS)
                                            summarized financial results.          Commercial Pay Business Line
                                                                                   (CPBL)
                                                                                   Standardized Business Initiative for
                                                                                   Systems Development and
                                                                                   Deployment
                                                                                   Concept of Operations
                                                                                    (CONOPS) v5, 3/18/05
                                                                                   Appendix A, Section A.04
ATSC-BP-   Drill Down Capability            Ability to identify a transaction from Defense Finance and Accounting
0019                                        summarized data and trace              Service (DFAS)
                                            transaction back to its source for     Commercial Pay Business Line
                                            research or review purposes. Also, (CPBL)
                                            vice versa (i.e. trace a transaction   Standardized Business Initiative for
                                            to the summarized data level).         Systems Development and
                                                                                   Deployment
                                                                                   Concept of Operations
                                                                                    (CONOPS) v5, 3/18/05
                                                                                   Appendix A, Section A.04




                                                                  Page 118
                                                                  Best_Practices


ATSC-BP-   Workflow Management                  Use workflow functionality to           Defense Finance and Accounting
0020                                            disseminate reports for timely          Service (DFAS)
                                                approval/certification. Provides        Commercial Pay Business Line
                                                controlled routing and an audit trail   (CPBL)
                                                for the approval process and may        Standardized Business Initiative for
                                                eliminate the need for sequential       Systems Development and
                                                approvals that can be done              Deployment
                                                concurrently. Digital signatures        Concept of Operations
                                                would be used with this process.         (CONOPS) v5, 3/18/05
                                                Use workflow functionality to           Appendix A, Section A.04
                                                reduce the time to provide reports
                                                to individuals requiring the
                                                information. Timely information is
                                                provided throughout the enterprise
                                                to improve understanding and
                                                decision making resulting in a
                                                timely report dissemination.
ATSC-BP-   Centralize Validation                Establish centralized validation      Defense Finance and Accounting
0021       Tables/Controls                      tables and controls to ensure         Service (DFAS)
                                                validation of information at the      Commercial Pay Business Line
                                                source.                               (CPBL)
                                                                                      Standardized Business Initiative for
                                                                                      Systems Development and
                                                                                      Deployment
                                                                                      Concept of Operations
                                                                                       (CONOPS) v5, 3/18/05
                                                                                      Appendix A, Section A.04
ATSC-BP-   Data Management at the Source        Establish single point of data entry, Defense Finance and Accounting
0022                                            validation and correction at the      Service (DFAS)
                                                source. Establish, at the source      Commercial Pay Business Line
                                                process level, a clear line of        (CPBL)
                                                accountability for the integrity of   Standardized Business Initiative for
                                                data recorded.                        Systems Development and
                                                                                      Deployment
                                                                                      Concept of Operations
                                                                                       (CONOPS) v5, 3/18/05
                                                                                      Appendix A, Section A.04
ATSC-BP-   Independent Audit Trails             Independent Audit Trails. Audit trail Title 21 CFR Part 11
0023                                            must be independently generated.
                                                All changes to records within a 21
                                                CFR Part 11-compliant system
                                                should include time and date-
                                                stamped audit trails.

ATSC-BP-   Link and Maintain Document,          Link and Maintain Document,         Title 21 CFR Part 11
0024       Metadata, and electronic signature   Metadata, and electronic signature.
                                                Ensure that system maintains a
                                                irrefutable link between documents,
                                                metadata and the electronic
                                                signature. When electronic records
                                                are signed within 21 CFR Part 11-
                                                compliant systems, there must be
                                                an irrefutable link between the
                                                electronic record (document and/or
                                                associated metadata) and the
                                                electronic signature.
ATSC-BP-   Presence of signature and record     Presence of signature and record.       Title 21 CFR Part 11
0025                                            Establish clear electronic signature
                                                manifestations for all electronic
                                                records.

ATSC-BP-   Validate System                      Validate the system to ensure           Title 21 CFR Part 11
0026                                            accuracy, reliability, consistent
                                                intended performance, and the
                                                ability to recognize invalid or altered
                                                records.
ATSC-BP-   Establish role-based access and      Establish role-based access and         Title 21 CFR Part 11
0027       control                              control. The system must provide
                                                adequate security controls to
                                                prevent unauthorized access.




                                                                      Page 119
                                                               Best_Practices


ATSC-BP-   Establish password and             Establish password and               Title 21 CFR Part 11
0028       identification controls            identification controls. 21 CFR Part
                                              11.300 requires that password
                                              controls be unique and protected.

ATSC-BP-   Avoid hybrid systems               Avoid hybrid systems, where         Title 21 CFR Part 11
0029                                          practical. A hybrid system is
                                              defined as an automated process
                                              which combines electronic records
                                              and manual paper records.

ATSC-BP-   Do not over customize technology   Do not over customize technology    Title 21 CFR Part 11
0030       solutions                          solutions. Over customization has
                                              resulted in accelerated costs for
                                              compliance with 21 CFR Part 11.
                                              Be practical.




                                                                   Page 120
                                  Best_Practices


BPSourceNbr   DoDApplicable         DoDAdopted           BPRqmts

                          FALSE                  FALSE




                          FALSE                  FALSE




                          FALSE                  FALSE




                          FALSE                  FALSE




                          FALSE                  FALSE




                                    Page 121
        Best_Practices


FALSE                FALSE




FALSE                FALSE




FALSE                FALSE




FALSE                FALSE




FALSE                FALSE




          Page 122
        Best_Practices


FALSE                FALSE




FALSE                FALSE




FALSE                FALSE




FALSE                FALSE




          Page 123
        Best_Practices


FALSE                FALSE




FALSE                FALSE




FALSE                FALSE




FALSE                FALSE




FALSE                FALSE




          Page 124
        Best_Practices


FALSE                FALSE




FALSE                FALSE




FALSE                FALSE




FALSE                FALSE




FALSE                FALSE




FALSE                FALSE




FALSE                FALSE




FALSE                FALSE




          Page 125
        Best_Practices


FALSE                FALSE




FALSE                FALSE




FALSE                FALSE




          Page 126
               Best_Practices


Published in
Release #
6




6




6




6




6




                 Page 127
    Best_Practices


6




6




6




6




6




      Page 128
    Best_Practices


6




6




6




6




      Page 129
    Best_Practices


6




6




6




6




6




      Page 130
    Best_Practices


6




6




6




8




8




8




8




8




      Page 131
    Best_Practices


8




8




8




      Page 132

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:6
posted:11/28/2011
language:Latin
pages:132