Website Policy

Material featured on this website may be reproduced free of charge. However, the material has to be reproduced accurately and not to be used in a derogatory manner or in a misleading context. Wherever the material is being published or issued to others, the source must be prominently acknowledged. However, the permission to reproduce this material shall not extend to any material which is identified as being copyright of a third party. Authorisation to reproduce such material must be obtained from the department/copyright holder concerned.

Content Contribution, Moderation & Approval policy (CMAP)

The content to be published on the website is contributed by the DGCA’s domain directorate in a consistent fashion to maintain uniformity and to bring in standardization. In order to present the content as per the requirement of the viewer, the content is categorized and to retrieve the relevant content efficiently, and the content is contributed to the website through a Content Management System which is web-based having user-friendly interface. Once the content is contributed it is approved and moderated prior to being published on the Website. The moderation could be multilevel and is role based. If the content is rejected at any level then it is reverted back to the originator of the content for modification.

Each of the links available in the website and the Sections/Officers which are responsible for the Content Ownership, Moderation and Approval are enumerated in the matrix given below: -

Sl.No	Content Element	Moderator	Approver	Contributor
1	About	Website Team	DG’s Office	DG’s Office
2	What’s New, Regulations, Guidance, Announcements	Website Team	DG’s Office	Respective Directorate
3	Online Web Applications	IT Team	Respective Directorate	TCS
4	Aircraft	Website Team	DG’s Office	Respective Directorate
5	Aircraft Operations	Website Team	DG’s Office	Respective Directorate
6	Personnel	Website Team	DG’s Office	Respective Directorate
7	Aerodromes	Website Team	DG’s Office	Respective Directorate
8	Air Navigation Services	Website Team	DG’s Office	Respective Directorate
9	Data and Reports	Website Team	DG’s Office	Respective Directorate
10	Regulations and Guidance	Website Team	DG’s Office	Respective Directorate
11	Publications/Reports	Website Team	DG’s Office	Respective Directorate
12	Contact Details	Website Team	DG’s Office	DG’s Office
13	Tenders /Jobs	Website Team	DG’s Office	DG’s Office
14	RTI related	Website Team	RTI Officer	RTI Officer
15	Vigilance	Website Team	Chief Vigilance Officer	Chief Vigilance Officer

Content Archival Policy

The content components are created with metadata, source and validity date. Validity of some of the components may not be known at the time of creation. Such content is treated as perpetual and the validity date shall be ten years from the date of creation. The content shall not be displayed on the Website after the validity date.

Some of the short lived content components like tenders, resolutions, draft for discussion etc. which will not have any relevance on the website after the event or intended purpose. The content components like documents, reports, may be archived based on the merit of the document concerned as decided by the website team.

The content is normally reviewed at least two weeks prior to the validity date and if required revalidate the content and modify the validity date. If content is not relevant, then the content is archived and no longer published on the Website.

Sl.No	Content Element	Entry Policy	Exit Policy
1	About	As per government resolution of	Perpetual, may change for any ’s role change.
2	What’s New, Regulations, Guidance, Announcements	As and when generated in	Archived perpetually and can be retrieved as and when required
3	Aircraft	As and when generated in	Archived perpetually and can be retrieved as and when required
4	Aircraft Operations	As and when generated in	Archived perpetually and can be retrieved as and when required
5	Personnel	As and when generated in	Archived perpetually and can be retrieved as and when required
6	Aerodromes	As and when generated in	Archived perpetually and can be retrieved as and when required
7	Air Navigation Services	As and when generated in	Archived perpetually and can be retrieved as and when required
8	Data and Reports	As and when generated in	Archived perpetually and can be retrieved as and when required
9	Regulations and Guidance	As and when generated in	Archived perpetually and can be retrieved as and when required
10	Tenders	As and when published by	Archived perpetually and can be retrieved as and when required
11	DGCA’s Annual Publications	Every Year	Archived perpetually and can be retrieved as and when required
12	Data Statistics	Every Quarter	Archived perpetually and can be retrieved as and when required
13	RTI related	Issued through the gazette/ Passed by the Central or State Government
14	Vigilance	As and when published by	Archived perpetually and can be retrieved as and when required

Content Review Policy

All possible efforts need to be taken to keep the content on the Website current and up-to-date. This Content Review Policy defines the roles and responsibilities of the website content review and the manner in which it need to be carried out. Review Policies are defined for the diverse content elements. The Review Policy is based on different type of content elements, its validity and relevance as well as the archival policy. Gives below the essential Content Review Policy for ’s website:

The entire website content would be reviewed for syntax checks once in quarter by the ’s website team.
Data pertaining to various directorate would be updated as and when such rules are updated.

Hyperlinking policy

Links to website by other websites:

We do not object to anybody linking directly to the information that is hosted on this web site and no prior permission is required for the same. However, we would like anybody to inform us about any links provided to this website so that the party can be informed of any changes or updates therein. Also, we do not permit our pages to be loaded into frames on 3rd party site. The pages belonging to this website must load into a newly opened browser window of the User.

Links to external websites/portals:

At many places in this website, one will find links to other websites/portals. These links have been placed for user convenience. Directorate General of Civil Aviation is not responsible for the contents of the linked websites and does not necessarily endorse the views expressed in them. Mere presence of the link or its listing on this website should not be assumed as endorsement of any kind. We cannot guarantee that these links will work all the time and we have no control over availability of linked destinations.

TERMS & CONDITIONS

Website Designed, Developed and Hosted By - TATA Consultancy Services Limited

Contents provided by - Directorate General of Civil Aviation (DGCA).

Though all efforts have been made to ensure the accuracy and currency of the content on this website, the same should not be construed as a statement of law or used for any legal purposes. In case of any ambiguity or doubts, users are advised to verify/check with the Directorate General of Civil Aviation (DGCA) and/or other source(s), and to obtain appropriate professional advice.

Under no circumstances will Directorate General of Civil Aviation (DGCA) be liable for any expense, loss or damage including, without limitation, indirect or consequential loss or damage, or any expense, loss or damage whatsoever arising from use, or loss of use, of data, arising out of or in connection with the use of this website.

These terms and conditions shall be governed by and construed in accordance with the Indian Laws. Any dispute arising under these terms and conditions shall be subject to the jurisdiction of the courts of India.

The information posted on this website could include hypertext links or pointers to information created and maintained by nonGovernment/private organisations. Directorate General of Civil Aviation (DGCA) is providing these links and pointers solely for your information and convenience. When you select a link to an external website, you are leaving the Directorate General of Civil Aviation (DGCA) website and are subject to the privacy and security policies of the owners/sponsors of the external website. Directorate General of Civil Aviation (DGCA) does not guarantee the availability of such linked pages at all times. Directorate General of Civil Aviation (DGCA) cannot authorise the use of copyrighted materials contained in a linked website. Users are advised to request such authorisation from the owner of the linked website. Directorate General of Civil Aviation (DGCA) does not guarantee that linked websites comply with Indian Government Web Guidelines.

Website Monitoring Plan

Persons responsible:

The following persons are responsible for the monitoring activity from:

DGCA IT Officer
Programming Officer
IT Support personnel

Frequency of monitoring:

The site is automatically monitored by HIPS system for any suspicious network activity 24x7.
On the functional aspects ’s IT team routinely monitors the site twice on a day. The logs are analysed twice weekly and necessary corrective actions are taken if required.

Monitored Parameters:

At the end the following parameters are monitored regularly.

Site loading time
Visiting user’s IP
Antivirus signature updation issue at OS level
Windows event viewer
Data driven page loading behaviour

Utility of Monitored Parameters:

The parameters are primarily used for server and site tuning for optimum performance.

Contingency Management Plan

Contingency Plan in the event of defacement:

Defacement Protection Policy:

The website is security audited for application vulnerabilities and performance as per STQC guidelines
Any application level modification on the website implies re-audit of the website as per STQC guidelines.
All the servers’ configuration and logs are monitored timely.
Only system administrator users are allowed to access the servers for doing administration and configuration tasks.
All servers are in lock and net secured.
Contents are updated through secured FTP using VPN.

Monitoring of Defacement of Website:

The ’s IT team monitors the website regularly. In case of any eventuality of defacement whoever notices it first shall inform the HoD (IT) on Phone as well as through email. The same will also be informed to coordinator at Ministry of Civil Aviation, Aurobindo Marg, Opp. Safdarjung Airport, New Delhi

Actions to be taken after defacement:

As soon as the IT team receives the information regarding the defacement of the website, the following steps will be taken:

Stoppage/partial stoppage of the website according to the degree of defacement.
Analyzing log files and troubleshooting the source of defacement and blocking of the service.
Analyzing type of defacement and fixing it.
In case of complete loss of data, restoring the website data from backup.
Fixing of all vulnerabilities on the basis of security recommendations and re-auditing of applications.

Contact details in case of any eventuality of defacement:

Head (IT), Ph: 011-24641450 Ext 523
Email: pawan.dgca@nic.in

Time for Restoration of the website after defacement:

The time taken for restoration of the website depends on the degree of defacement and services affected by the defacement. Ideally it will take 2 hour to 8 hours for the restoration.

Data Corruption:

TCS has rigid mechanism for backup of website data. The same backup happens once in a day. Also IT team takes regular offline backup through VPN connectivity. In case of any eventuality existing database will be replaced by the restored database. There are less chances of data corruption/loss as there is no any OLTP module.

Hardware/Software Crash:

Though such an occurrence is a rarity, still in case the server on which the website has been hosted crashes due to some unforeseen reason, the web hosting service provider (AWS) has enough redundant infrastructures available to restore the website at the earliest.

Contingency Plan in case of Natural Disasters/Calamity:

There could be circumstances whereby due to some natural calamity (due to reasons beyond the control of any person), the entire AWS cloud data centre where the website has been hosted gets destroyed or ceases to exist. In such an eventuality, TCS will start operations from AWS AZ2. During downtime the site would not be available.

DR Plan:

In case of any eventuality rendering system unavailability the following options are available with the ’s technical team.

If the machine crashes and TCS cloud team can’t repair the same can delete the existing virtual machine(VM) and rebuild the same in 1 hour. The latest backups from AWS would be restored for restarting of the site.
If the application crashes/issues the latest backups from AWS would be restored for restarting of the site.
For all other eventuality TCS’s DR plan would come into the picture.

Time for DR Restoration:

The normal site restoration may be carried out in maximum of 1 hr time post availability of backup set from AWS cloud.

Security Policy

Security Policy of Website:

has a responsibility to protect from disclosure to unauthorized parties the personally identifiable information (name, address, date of birth, etc.) of its website users.

Notice and Disclosures:

will not sell, trade and disclose the personally identifiable information of its website users to any third parties.

Data Quality and Access:

takes all steps possible to ensure that the data on the website is accurate. If something is found to be inaccurate, every effort will be to correct the same as quickly as possible. The information contained on the website is subject to change without prior advance notice. While using the website certain information such as IP address and time spent on pages may be collected. This non-personal information is collected in order to monitor any unauthorized use or access to the site. Anyone caught attempting to harm, steal information from, or otherwise damage the website will be prosecuted under the relevant law.

Data Security:

website is hosted at AWS and is being developed and managed by a team of TCS. TCS has taken every precaution to secure information on website. The website is placed in protected zone with implementation of firewalls and IDS (Intrusion Detection System) and high availability solution.

The site has been audited for website security by CERT-IN empanelled agency and has certified to be safe for hosting. The hardening of the server has been done as per the guidelines given by the STQC team. The access to the server is restricted both physically and through the network as far as possible. The Logs are being maintained for authorized physical access to server.

All the development work is done on separate development environment locally and well tested on staging server before updating it on the production server. The website contents on the AWS servers are uploaded using secured SSH and VPN through a single point from network.

Audit and Log of all activities referring to the operating system, access to the system and access to applications are maintained and archived. All rejected accesses and services are logged and listed in exception reports for further scrutiny. All newly released system software patches, bug fixes and upgrades are deployed regularly and reviewed. The Antivirus has been deployed on the servers and is updated online.

Server’s passwords at AWS are changed at the interval of one month by TCS’s technical team.