The everyday operation of the Albanian Customs Administration relays heavily on IT. Also, the future improvements on its work are closely related to the support and further improvement of the IT services, and even depend on them. The aim of the IT Strategy is to support the Albanian Customs in fulfilling its strategic objectives, which are described and defined in the Customs Business Strategy.

1. IT Strategy (Draft)
Dashamir Hoxha
2010-12-17
Contents
1 Introduction 1
1.1 Why is Needed an IT Strategy . . . . . . . . . . . . . . . . . 1
1.2 The Structure of This Document . . . . . . . . . . . . . . . . 2
1.3 References Used . . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.4 Acronyms and Abbreviations . . . . . . . . . . . . . . . . . . 2
2 Mission and Vision 4
2.1 IT Mission . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
2.2 IT Vision . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
3 Customs Blueprints ICT 6
3.1 Aim . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
3.2 Strategic objectives . . . . . . . . . . . . . . . . . . . . . . . . 7
3.3 Key Indicators . . . . . . . . . . . . . . . . . . . . . . . . . . 8
3.3.1 IT management policy . . . . . . . . . . . . . . . . . . 8
3.3.2 IT technical policy . . . . . . . . . . . . . . . . . . . . 9
3.3.3 IT application policy . . . . . . . . . . . . . . . . . . . 9
3.3.4 IT operational policy . . . . . . . . . . . . . . . . . . . 10
3.3.5 IT training . . . . . . . . . . . . . . . . . . . . . . . . 11
3.4 Future developments (electronic customs) important for can-
didate countries . . . . . . . . . . . . . . . . . . . . . . . . . . 11
3.5 Cross references . . . . . . . . . . . . . . . . . . . . . . . . . . 11
3.6 Other Blueprints Related to IT . . . . . . . . . . . . . . . . . 11
3.6.1 Trade Facilitation . . . . . . . . . . . . . . . . . . . . . 12
3.6.2 Cooperation . . . . . . . . . . . . . . . . . . . . . . . . 12
3.6.3 Revenue Collection . . . . . . . . . . . . . . . . . . . . 12
3.6.4 Risk Management . . . . . . . . . . . . . . . . . . . . 13
1

2. 3.6.5 Border And Inland Control . . . . . . . . . . . . . . . 13
3.6.6 Post-Clearance And Audit . . . . . . . . . . . . . . . . 14
3.6.7 Investigation And Enforcement . . . . . . . . . . . . . 14
3.6.8 IPR . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
3.6.9 Supply Chain Security . . . . . . . . . . . . . . . . . . 14
3.6.10 Infrastructure And Equipment . . . . . . . . . . . . . 15
3.6.11 Laboratory . . . . . . . . . . . . . . . . . . . . . . . . 15
4 EU Customs Systems 15
4.1 Customs Operational Systems . . . . . . . . . . . . . . . . . . 15
4.1.1 Automated Import System (AIS) . . . . . . . . . . . . 15
Import Control System (ICS) Safety and Security
Aspects . . . . . . . . . . . . . . . . . . . . . 16
Automated Import System Centralised Clearance
and Simplications . . . . . . . . . . . . . . . 16
4.1.2 New Computerized Transit System (NCTS) . . . . . . 16
NCTS Safety and Security Aspects (including ATIS) 17
NCTS - TIR . . . . . . . . . . . . . . . . . . . . . . . 17
NCTS Enquiry/Recovery . . . . . . . . . . . . . . . 17
4.1.3 Automated Export System (AES) . . . . . . . . . . . 17
Export Control System Phase 1 (ECS1) . . . . . . . . 18
Export Control System Phase 2 (ECS2) . . . . . . . . 18
Automated Export System Centralised Clearance
and Simplications . . . . . . . . . . . . . . . 18
4.2 Trade Access . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
4.2.1 EU Customs Information Portal (ECIP) . . . . . . . . 19
4.2.2 Data Dissemination System (DDS) . . . . . . . . . . . 19
4.2.3 Single Electronic Access Points (SEAP) . . . . . . . . 19
4.3 Customs Tools . . . . . . . . . . . . . . . . . . . . . . . . . . 20
4.3.1 Customs Risk Management System (CRMS) . . . . . . 20
4.3.2 Integrated Tari Environment (ITE) . . . . . . . . . . 21
TARIC 3 . . . . . . . . . . . . . . . . . . . . . . . . . 22
ECICS 2 . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Quota 2 . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Surveillance 2 . . . . . . . . . . . . . . . . . . . . . . . 22
EBTI 3 . . . . . . . . . . . . . . . . . . . . . . . . . . 22
4.4 Economic Operators' Systems . . . . . . . . . . . . . . . . . . 23
4.4.1 Economic Operators' Registration and Identication
System (EORI) . . . . . . . . . . . . . . . . . . . . . . 23
4.4.2 Authorized Economic Operator (AEO) . . . . . . . . . 23
2

3. AEO Phase 1 . . . . . . . . . . . . . . . . . . . . . . . 24
AEO Full System . . . . . . . . . . . . . . . . . . . . . 24
4.4.3 Single Authorization for Simplied Procedures (SASP) 24
4.4.4 Registered Exporters (REX) . . . . . . . . . . . . . . . 25
4.5 Longer Term Projects . . . . . . . . . . . . . . . . . . . . . . 26
4.5.1 Single Window (SW) . . . . . . . . . . . . . . . . . . . 26
4.6 Automated Information Exchange with 3rd Countries . . . . . 26
4.6.1 Single Portal for Entry or Exit of Data (SPEED) . . . 26
4.6.2 EU-Russia exchange of TIR movement data (Pilot project) 27
5 Requirements and Needs for Developments 27
5.1 Integrating With EU IT Systems . . . . . . . . . . . . . . . . 28
5.1.1 EMCS (Excise Movement and Control System) . . . . 29
5.1.2 NCTS (New Computerized Transit System) . . . . . . 29
5.1.3 EORI (Economic Operators Registration and Identi-
cation) . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
5.2 Interoperability on The National Level . . . . . . . . . . . . . 29
5.2.1 Integrated Border Management (IBM) . . . . . . . . . 30
5.2.2 Electronic data exchange with the banking system . . 30
5.2.3 Interagency data exchange (Single Window) . . . . . . 30
5.3 Other Needs for Tools and Software . . . . . . . . . . . . . . . 31
5.3.1 A Web CMS (Drupal) . . . . . . . . . . . . . . . . . . 31
5.3.2 A Tool for planning, tracking and reporting IT expen-
ditures . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
5.3.3 Software for monitoring the functionality of the exist-
ing systems . . . . . . . . . . . . . . . . . . . . . . . . 31
5.3.4 Any tool/software for facilitating feedback from users . 32
5.3.5 HelpDesk system for reporting the problems. . . . . . 32
5.3.6 Knowledge Database . . . . . . . . . . . . . . . . . . . 32
5.3.7 Tools for internal communication and collaboration . . 32
5.3.8 Document Management System . . . . . . . . . . . . . 32
5.3.9 Business Intelligence Tool . . . . . . . . . . . . . . . . 32
5.3.10 Tools for Human Resource Management . . . . . . . . 33
5.3.11 Directory Server for Single Sign-on . . . . . . . . . . . 33
5.3.12 An Inventory/Asset Management System . . . . . . . 33
5.4 IT Documents . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
5.4.1 IT HR Policy . . . . . . . . . . . . . . . . . . . . . . . 33
5.4.2 IT Business Processes . . . . . . . . . . . . . . . . . . 34
5.4.3 System Security Policy . . . . . . . . . . . . . . . . . . 35
5.4.4 IT Budget and Procurement Policy . . . . . . . . . . . 35
3

4. 5.4.5 IT Risk Management Strategy . . . . . . . . . . . . . 35
5.4.6 IT Training Requirements and Strategy . . . . . . . . 36
5.4.7 IT Documentation Standards and Procedures . . . . . 37
5.4.8 IT Telecommunications Policy . . . . . . . . . . . . . . 37
5.4.9 Policy on Freedom of Information, Security and Data
Protection . . . . . . . . . . . . . . . . . . . . . . . . . 37
6 General Guiding Principles 38
6.1 Kosto dhe eksibiliteti . . . . . . . . . . . . . . . . . . . . . . 38
6.1.1 Riperdorim perpara Blerjes dhe perpara Ndertimit . . 38
6.1.2 Nderto llimisht per qeverine . . . . . . . . . . . . . . 38
6.1.3 Reduktimi total i kostove te pronesise . . . . . . . . . 38
6.2 Mundesite e dhenies se sherbimit . . . . . . . . . . . . . . . . 38
6.2.1 Ndiqet partneriteti ne lidhje me dhenien e sherbimeve 38
6.2.2 Produktet dhe Planet behet qe te permbushin objek-
tivat e biznesit doganor . . . . . . . . . . . . . . . . . 38
6.3 Balancimi i Reputacionit kundrejt rreziqeve per dhenien e
sherbimit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
6.3.1 Perdorimi I teknologjive te Provuara . . . . . . . . . . 39
6.4 Risite . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
6.4.1 Zgjidhjet behen duke implemntuar produktet e pran-
uara ne politiken per teknologjine e informacionit . . . 39
6.4.2 Promovimi I avantazheve per biznesin nepermjet per-
dorimit te teknologjive inovative . . . . . . . . . . . . 39
6.5 Kontrolli I aseteve te informacionit . . . . . . . . . . . . . . . 40
6.5.1 Versioni I se vertetes . . . . . . . . . . . . . . . . . . . 40
6.5.2 Nderto besim nepermjet menaxhimit efektiv te infor-
macionit nga klienti . . . . . . . . . . . . . . . . . . . 40
6.6 Rritja e Eciences . . . . . . . . . . . . . . . . . . . . . . . . 40
6.6.1 Nderto ne levishmeri . . . . . . . . . . . . . . . . . . . 40
6.6.2 Maksimizo Automatizimin e Proceseve . . . . . . . . . 40
6.6.3 Pergjigja sa me ne kohe reale per kerkesat e klientit . 40
4

5. 1 Introduction
1.1 Why is Needed an IT Strategy
Having a strategy is important. It is like a map and a compass. Without it
one can spend much time, energy and resources, however will not be able to
go on the right direction, therefore will fail to reach the desired destination.
As they say, having a bad plan is better than having no plan at all.
IT is very important nowadays, since it is the means that facilitates busi-
nesses and keeps them running. Keeping the information in electronic format
and managing business processes through IT systems has indisputable ad-
vantages. Every eort for improving business processes is immediately trans-
lated into requests for improving the IT systems, and the success of the re-
form depends directly on the success of the IT part. If a business/organization
is compared to the human body, then the IT systems and infrastructure of
it are like the nervous system.
The Albanian Customs Administration makes no exception from the prin-
ciples mentioned above. Because the IT is so important and is the key of
success for each improvement or reform, a separate strategic document is
needed for it, besides the Overall Business Strategy of the Customs. This
document should help as a guidance for making strategic decisions about the
issues that are related to IT.
1.2 The Structure of This Document
This strategic document denes the `mission': the purpose of IT in Customs,
why it is used, what it should support, how it should do it, etc. In general,
this is the function of IT and the reason for its existence.
Then it also denes the `vision', which is the goal that IT should reach
on the following years. The main strategic goal is to fulll the standards
that are needed for the acceptance of Albania in EU. So, the span of this
strategic document are the following years, up to the acceptance of Albania
in EU.
The strategy elaborates the goal/vision by describing what are the stan-
dards that should be fullled, identifying also concrete targets and objectives
(the so-called Strategic Objectives).
Then it also tries to set priorities to them, to dene dependencies and
milestones, to elaborate about the steps that are needed to accomplish them,
and to identify any general prerequisites and resources that are needed for
their completion.
5

6. However this document does not go into deep details about how to im-
plement each step. More details about planning and managing the necessary
tasks are provided in the annexes that are attached to this document.
This document is not nal, it should be revised and modied whenever
needed, as future steps become clearer and experience provides guidance for
best practices.
1.3 References Used
The strategic documents where this document is based are:
• The Customs Blueprints (especially the section about ICT)
• Electronic Customs Multi-Annual Strategic Plan (MASP)
• ACA Business Strategy
• National Strategy for e-Government and ICT
1.4 Acronyms and Abbreviations
Table 1: Acronyms and Abbreviations:
Acronym Description
AEO Authorized Economic Operators system
AES Automated Export System
AIS Automated Import System
ATIS Anti-Fraud Transit Information System
BPM Business Process Model
BTI Binding Tari Information
CC Centralized Clearance
CCN Common Communication Network
CCN/CSI Common Communications Network / Common Systems Interface
CRMS Customs Risk Management System
CN Combined Nomenclature
COM European Commission
DDS Data Dissemination System
DG AGRI Directorate General for Agriculture and Rural Development
DG TAXUD Directorate General for Taxation and Customs Union
DG TRADE Directorate General for Trade
Continued on next page
6

7. Table 1: Acronyms and Abbreviations:
Acronym Description
OLAF European Anti-Fraud Oce
EBTI European Binding Tari Information
EC European Commission/European Communities
ECICS European Customs Inventory of Chemical Substances
ECIP EU Customs Information Portal
ECG Electronic Customs Group
ECS Export Control System
EFTA European Free Trade Association
EMCS Excise Movement and Control System
EP European Parliament
EPA Economic Partnership Agreement
EO Economic Operator
EORI Economic Operators Registration and Identication system
FTA Free Trade Agreement
FTSS Functional (Transit) System Specications
GSP Generalised System of Preferences
ICS Import Control System
IRU International Road Transport Union
I(C)T Information (Communications) Technology
MASP Multi-Annual Strategic Plan
MCC Modernised Customs Code
MRN Movement Reference Number
MS Member State(s)
NA National Administration
NCTS New Computerised Transit System
REX Registered Exporters
RIF Risk Information Form
SEAP Single Electronic Access Point
SPEED Single Portal for Entry or Exit of Data
SW Single Window
TARIC Tarif Intégré des Communautés européennes
TIR Transports Internationaux Routiers
UNECE United Nations Economic Commission for Europe
USA United States of America
VAT Value Added Tax
7

8. 2 Mission and Vision
2.1 IT Mission
The everyday operation of the Albanian Customs Administration relays
heavily on IT. Also, the future improvements on its work are closely re-
lated to the support and further improvement of the IT services, and even
depend on them. The aim of the IT Strategy is to support the Albanian
Customs in fullling its strategic objectives, which are described and dened
in the Customs Business Strategy.
Some of the elds where IT can improve the work of the customs and
some of the objectives that require the IT support are these:
• Preparing Albania for the integration with the EU.
• Facilitating the inter-agency and international data exchange, commu-
nication and cooperation.
• Facilitating customs procedures for the traders and increasing their
satisfaction.
• Fighting the illicit activities across the borders and protecting the so-
ciety.
• Improving and facilitating the work of the customs administration itself
(modernization).
• Reducing the possibilities of corruption inside the customs administra-
tion.
• Increasing the eciency of the customs administration and lowering
its operational costs.
• Improving the revenue collection for the government.
In order to fullll these objectives, we try to:
• apply the IT international standards related to the electronic trade and
customs
• integrate our IT systems with the ones used in the EU
• make use of the latest developments in the eld of IT
• improve the IT skills and abilities of our IT sta
8

9. • improve our existing IT systems and implement new ones
• improve IT eciency and lower IT costs
2.2 IT Vision
The main goal (target) of IT is very clear and closely related to the vision
of ACA and of the Albanian Government in general: we want to make sure
that Albania is ready for joining EU before 2020.
This requires that the level of IT is improved to reach the level of the
other EU contries. Not only that, but further more it requires that the IT
level improves to match the EU standards about customs (which other EU
customs administrations are required to match as well).
These standards are described and elaborated in the Customs Blueprints,
which also have a special section about IT.
Another practical requirement for joining EU, is that our IT systems can
be integrated with the customs systems used in EU, like: NCTS, EORI,
EMCS, etc. We should take care to integrate not only with the systems
that are currently working, but also with the systems on which there is work
going on, and which are expected to be operational on the EU level on the
following years. So, we should take into account not only the current level
of the EU systems, but we should consider also the strategic EU documents
about IT, the plans and the work in progress, etc.
The best document that describes the current state and future devel-
opments on the IT eld is the Electronic Customs Multi-Annual Strategic
Plan (MASP), which is created and maintained by DG TAXUD.
By tying to comply with the EU standards, we also achieve compliance
with other international standards about customs and trade (for example
UN standards), since those standards are, in general, harmonized and in
agreement with each-other.
Besides the European and international standards, we should also try
to fulll our national standards about IT, which require a modern, paper-
less, electronic administration, inter-agency data exchange and communi-
cation, etc. These standards are described on the National Strategy for
e-Government and IT and on other related documents. Again, there is a
coherence and harmonization between the national IT standards and the
international ones.
To summarise, in order to reach the main goal of being ready to join EU,
we have to make sure that our IT systems:
9

10. 1. Can be integrated with the EU customs systems, like: NCTS, EORI,
EMCS, and the other systems described in MASP.
2. Fullll the standards of the EU customs as dened and elaborated in
the Customs Blueprints.
3. Are able to interoperate and exchange data with other systems in na-
tional and international level.
4. Provide a modern paperless environment, fully electronic and auto-
mated, for the benet of both the customs administration and the
traders.
3 Customs Blueprints ICT
3.1 Aim
To develop an information and communication technology (IT) service and
integrated IT system environment which fully supports the business strategy
of the customs administration, in accordance with international standards
(e.g. WCO Framework of Standards to Secure and Facilitate Global Trade),
facilitates trade, provides risk management, ensures that customs business
is conducted to the highest level of eciency and provides the best possible
value for money
3.2 Strategic objectives
• Strong political commitment and denition of mandates and leading
roles.
• Development, implementation, update and regular publication of:
an IT strategy for the customs administration which supports the
achievement of its business objectives,
customs IT systems (hard and software) which meet the user re-
quirements of the customs administration, the trade, government
departments and other relevant institutions,
• Ensuring that:
IT systems take advantage of the latest technology to achieve the
customs administration's goals;
10

11. the value of the administration's IT data resources is maximised
by delivering consistently high quality and value-for- money ser-
vices and systems;
technical solutions (including computer architecture, operating
systems, application software, communication methods and database
management systems) for each project are selected on the basis
of value for money, suitability for the task and compliance with
documented IT policies;
there is a balance between facilitation and control in a paperless
customs and trade environment;
the time for the clearing process and the number of manual oper-
ations are reduced as much as possible;
data exchange systems with neighbouring countries are in place
wherever possible;
the qualied human resources needed are available to implement
the strategic objectives.
3.3 Key Indicators
3.3.1 IT management policy
• (22.1) A top-level manager responsible for the IT function in the cus-
toms administration is appointed.
• (22.2) IT strategy is developed, published and regularly reviewed, in-
cluding the idea of a paperless environment.
• (22.3) An IT human resources policy is developed, published and reg-
ularly reviewed.
• (22.4) The IT function is clearly identied throughout the organisa-
tional structure and its roles and responsibilities are dened and pub-
lished.
• (22.5) Systems development priorities and related dependencies are
dened.
• (22.6) Provision is made for the nancing of IT projects and procedures
are in place for estimating and reviewing associated budgets, including
the future maintenance of the requisite systems and infrastructure.
11

12. • (22.7) Project management methodologies are agreed and documented,
including multi-project and portfolio management.
• (22.8) An IT procurement policy is dened and published.
• (22.9) Disaster recovery and business continuity (e.g. security, contin-
gency, fallback and recovery) policies are dened and documented.
• (22.10) Training requirements for users and technical IT experts are
identied, implemented and documented.
• (22.11) Procedures for monitoring the functionality of existing systems
are documented and applied.
• (22.12) Feedback, monitoring, evaluation and control standards are
developed and operational.
• (22.13) A knowledge database strategy is developed and distribution
of information is accessible by Internet/intranet.
3.3.2 IT technical policy
• (22.14) Standard system design methodologies and procedures are doc-
umented and applied throughout the systems development life cycle.
• (22.15) Documentation standards are developed, documented and ap-
plied.
• (22.16) An IT telecommunications policy is dened and published with
appropriate IT infrastructure (including a high-speed network) in place
to support it.
• (22.17) A quality assurance methodology is documented and applied
for all new applications.
• (22.18) Appropriate IT systems capable of accepting electronic data
interchange (EDI) messages and exchanging data electronically with
the trade are in place; this should include the implementation of a
single electronic access point for trade.
• (22.19) Authenticity of the messages is guaranteed (e.g. digital signa-
ture.
• (22.20) Appropriate payment systems, including electronic data ex-
change with the banking system, are in place.
12

13. • (22.21) Appropriate IT systems capable of interfacing with EU systems
(e.g. integrated tari management system (ITMS), Transit) are in
place.
• (22.22) Appropriate IT systems capable of accepting electronic data
interchange (EDI) messages and exchanging data electronically with
other agencies are in place.
3.3.3 IT application policy
• (22.23) A computerised customs declaration processing system is im-
plemented.
• (22.24) A computerised revenue collection and accounting system, in-
cluding bookkeeping, is implemented.
• (22.25) A computerised transit control system is implemented and inte-
grated with the customs declaration processing system. An electronic
client management and administration system must be available.
• (22.26) A computerised selectivity system and tools for analysis of
data generated by customs control activity are in use and in line with
international standards (e.g. risk management).
• (22.27) Computerised information, intelligence and documentation sys-
tem(s) are implemented.
• (22.28) External trade data for statistics are delivered to agreed sched-
ules.
• (22.29) Policy on freedom of information, security, data protection and
health and safety is implemented (in line with guidelines from the UN,
EU etc.).
• (22.30) International trade data element codes, HS tari, UN Edifact
message standards are used in all applicable IT systems.
• (22.31) Customs IT systems are capable of delivering electronic data
for a computerised trade statistics system.
13

14. 3.3.4 IT operational policy
• (22.32) IT business processes are established and documented (user
requirements, functional and technical specications).
• (22.33) Implementation procedures and user acceptance testing proce-
dures are applied when new systems are implemented.
• (22.34) A change of management plan, including impact assessment,
must be operational.
• (22.35) Roles and responsibilities are clearly dened and documented,
including ownership and responsibility for new systems.
• (22.36) The functions needed for access to applications are dened and
documented.
• (22.37) User manuals (preferably electronic) are produced when new
systems are implemented.
• (22.38) The information needed for management is dened and a man-
agement information system is developed.
• (22.39) Appropriate systems are capable of dierent kind of audits
at national and international level. Procedures for the maintenance
of systems and the provision of central and local oce support for IT
systems and their associated components are in place and documented.
• (22.40) A system for feedback (e.g. through the operation of help desks,
hotlines, customs and trade user groups) is in place.
3.3.5 IT training
• (22.41) Training rooms for IT training with the relevant equipment,
database and Internet are available.
• (22.42) A training strategy especially for IT sta is developed.
3.4 Future developments (electronic customs) important for
candidate countries
Candidate countries have to be aware that there are ongoing IT developments
in the EU within the eld of electronic customs which have to be considered
for accession.
14

15. In addition, candidate countries have to keep in mind during the accession
process that:
• appropriate IT systems capable of using the EU CCN and CSI trans-
mission standards/system and the relevant IT applications are in place;
• interoperability between the national and the EU IT systems exists;
• other data codes adopted by the Commission are used in all applicable
IT systems;
• customs IT system are capable of delivering electronic data for an
Intrastat statistics system.
3.5 Cross references
Blueprints on Infrastructure and Equipment, and Trade Facilitation and
Relations with Business.
3.6 Other Blueprints Related to IT
These are key indicators from sections of Blueprints other than Area22-ICT,
which are related somehow to IT or depend on it.
3.6.1 Trade Facilitation
• (7.6) Where possible and appropriate, the required documents and
information from trade are submitted to customs electronically.
• (7.21) Cooperation between customs and other relevant governmen-
tal authorities is promoted, for example through enabling the trading
community to submit information data to various authorities through
a single access point and enhancing practical cooperation models.
• (7.23) Mechanisms are in place to ensure that customs working meth-
ods and IT systems are, where appropriate, developed in cooperation
between customs and trade.
• (7.27) The development of customs declaration processing systems
makes provision for traders to submit declarations and other required
documents electronically.
15

16. • (7.28) Electronic data systems that are used ensure that information is
to be submitted only once and is stored and used for customs purposes
in line with relevant data protection standards and regulations.
• (7.29) Up-to-date and clear information on customs taris, procedures
and requirements is provided to trade through appropriate means of
communication (Internet, brochures, leaets, etc.).
• (7.30) Consultation on customs procedures and technical support on
customs IT systems are made available to trade by means of e-mail,
telephone or personal contact, such as a contact center
3.6.2 Cooperation
• (9.30) IT systems are in place allowing exchange of information be-
tween customs, other customs administrations and all the relevant au-
thorities.
• (9.31) Data exchange through IT systems is based on international
standards, such as the WCO data model, and in accordance with the
regulations on data protection.
3.6.3 Revenue Collection
• (10.1) Adequate information on current regulations and applied taris
is available to trade.
• (10.2) Support information is available to trade on their obligations and
procedures for assessing, declaring and paying their customs liabilities.
• (10.4) A system is in place for ecient centralized accounting of rev-
enue.
• (10.5) A system is in place to register traders' liabilities for customs
revenue.
• (10.6) Accounting systems for all types of payment are in place and
linked to the register of customs liabilities.
• (10.8) The accounting system uses codes to identify revenue items by
tari headings, by types of liabilities, by methods of payment, by cus-
toms regimes and by liable persons to make for eective compilation
of data.
16

17. • (10.20) Management controls are in place to protect and ensure the
integrity of the revenue and personnel.
• (10.22) Registration, processing, accounting and allocation of revenue
liabilities are separate modules of an integrated customs information
system.
3.6.4 Risk Management
• (11.26) High-quality IT systems and programs are in place (instead
of acquired) to exchange the information needed eectively, eciently
and safely.
3.6.5 Border And Inland Control
• (13.3) Intelligence and information systems are established, systemat-
ically developed, utilized and regularly reviewed, as are risk proles,
which take account in particular of the economic situation of the region
concerned, for each location at which customs controls are exercised.
• (13.22) A strategy to implement a single-window concept that allows all
data relating to an import or export transaction required by dierent
authorities and agencies to be submitted (where possible electronically)
to the same access point is dened at national level, with the aim of
avoiding duplication and facilitating trade.
• (13.32) Customs control systems and procedures are automated wher-
ever there are clear benets for both customs and the public (including
the trading public).
3.6.6 Post-Clearance And Audit
• (16.16) The facilities, tools, IT systems and access to information sys-
tems needed for audit units and auditors to implement their duties are
provided.
• (16.25) The national risk management system is established.
3.6.7 Investigation And Enforcement
• (17.15) Facilities (e.g. Internet, e-mail, online access to relevant databases
and information systems) for the receipt of information and intelligence
are in place and working.
17

18. • (17.19) Investigation and enforcement systems and procedures are com-
puterized wherever necessary and appropriate.
3.6.8 IPR
• (18.10) An IPR IT database should be established to provide tools for
customs risk management to help exchange information on counter-
feiting risks, with the possibility of accessing lists of companies, key
products and contacts electronically via the intranet/Internet. This
would enable real-time risk information to be exchanged between ex-
perts.
3.6.9 Supply Chain Security
• (19.6) A trader identication system based on international standards
is developed.
• (19.7) IT support for the electronic submission of pre-arrival/pre-departure
information, for risk assessment and for the issuing of AEO certicates
should be in place.
• (19.12) The risk management system takes account of pre-arrival/pre-
departure information.
3.6.10 Infrastructure And Equipment
• (20.9) An inventory/asset management system is used to monitor the
location, use and state of repair of the customs administration's infras-
tructure and equipment.
• (20.15) Suitable facilities, equipment and information and communi-
cation technology are provided to the nationally agreed standard.
3.6.11 Laboratory
• (21.7) The customs laboratory is suciently equipped with all test-
ing and auxiliary equipment, computing technology, software, refer-
ence materials, standards, chemicals and other consumable materials
to cover the specic needs and priorities of the country.
18

19. 4 EU Customs Systems
4.1 Customs Operational Systems
These are some of the Customs related systems in EU that either are opera-
tional, or are expected to be operational in a few years (according to MASP).
Sooner or later, we will have to integrate our system(s) with them. So this
section provides an overview and a brief description of them (just to create
an idea of the work that has to be done on this direction).
4.1.1 Automated Import System (AIS)
The objective of the AIS is to ensure that import operations starting in
one MS can be completed in another MS without re-submission of the same
information. This includes the exchange of electronic messages related to
the dierent stages of the operations amongst the various actors (customs,
traders and other governmental administrations).
The development of this project has been divided into 2 phases:
1. Import Control System (ICS) Safety and Security Aspects
2. Automated Import System Centralised Clearance and Simplications
Import Control System (ICS) Safety and Security Aspects The
objective of this phase is to provide for the handling of entry summary dec-
larations and the link of the information with risk analysis on the data sub-
mitted.
• Full operation on: July 2009
• Depends on: National risk analysis application, CRMS
• Prerequisite for: AIS
• Related to: AEO, EORI, SPEED
Automated Import System Centralised Clearance and Simpli-
cations The objective is to allow the full computerisation, based on the
national IT systems, of the import procedure in cases where the customs
authorities of more than one MS are involved, enabling electronic exchange
of information between customs oces and traders. It will keep and expand
the functions of ICS, and in particular it will add the notication of arrival
and the presentation of goods, and the centralised clearance approach.
19

20. • Full operation on: May 2013
• Depends on: ICS, AEO, EORI, CRMS
• Prerequisite for: SW
• Related to: ECIP, REX, AES, SEAP, EBTI, SASP
4.1.2 New Computerized Transit System (NCTS)
The objective of the NCTS is to enable full control of the core transit pro-
cedure including the guarantee management and enquiry procedures, with
the support of IT facilities. An additional feature will be the incorporation
of the data elements required by the security amendment to the Community
Customs Code.
An electronic system NCTS, covering Community/common transit, was
fully implemented on and is available from 31 December 2005. The other
parts of the NCTS project are:
1. NCTS Safety and Security Aspects (including ATIS)
2. NCTS - TIR
3. NCTS Enquiry/Recovery
NCTS Safety and Security Aspects (including ATIS) NCTS will
incorporate the additional features arising from the security amendment of
the Customs Code, as well as those resulting from the implementing provi-
sions. The ATIS amendment will enable the system to forward a copy of
transit movements to DG OLAF for movements including sensitive goods.
• Full operation on: July 2009
• Depends on: National risk analysis application, CRMS
• Related to: EORI, AEO, SPEED
NCTS - TIR The objective of this application is to provide full control of
the European leg of TIR movements and to facilitate the termination /dis-
charge of TIR operations within the Community by replacing the physical
return of Voucher No. 2 with the electronic transmission of NCTS messages.
• Full operation on: January 2009
20

21. • Depends on: NCTS
• Related to: CRMS, EORI, NCTS Enquiry/Recovery
NCTS Enquiry/Recovery Upgrade of NCTS enquiry module and in-
troducing the electronic recovery procedure to optimise the use of electronic
systems.
• Full operation: July 2009
• Depends on: NCTS
• Related to: CRMS, AEO, NCTS-TIR, EORI
4.1.3 Automated Export System (AES)
The objective of the AES is to ensure that operations started in one MS can
be nalised in another MS. This includes the exchange of electronic messages
related to the dierent stages of the operations amongst the various actors
(customs, traders and other governmental administrations).
The development of this project has been divided into 3 phases:
1. Export Control System Phase 1 (ECS1)
2. Export Control System Phase 2 (ECS2)
3. Automated Export System Centralised Clearance and Simplications
Export Control System Phase 1 (ECS1) ECS Phase 1, as the initial
step of the AES, is to provide for the full control of the conclusion of ex-
port operations through the electronic exchange of export/exit information
between customs oces of export and customs oces of exit, in particular
where dierent MS are involved.
• Full operation on: July 2007
• Prerequisite for: ECS2, AES
• Related to: CRMS
21

22. Export Control System Phase 2 (ECS2) The objective of this phase
is to provide for the electronic handling of export declarations/exit summary
declarations under the security amendment, and will, inter alia, require ad-
ditional information to be included in export declarations, for safety and
security purposes.
This phase preserves and builds upon the functionalities delivered in ECS
Phase 1, and will allow for a coherent transition period between the phases.
It also oers the possibility to refer to the EMCS system.
• Full operation on: July 2009
• Depends on: ECS1, National risk analysis applications, CRMS
• Prerequisite for: AES
• Related to: AEO, EMCS, EORI, SPEED
Automated Export System Centralised Clearance and Simpli-
cations The objective of this phase is to allow for full computerisation,
based on the national IT systems, of the export procedure, ensuring full
integration of all export-related requirements (e.g. T 5, sanitary controls).
It builds upon and includes the functionalities of ECS Phases 1 and 2. In
particular, it will add the centralised clearance approach.
• Full operation on: May 2013
• Depends on: ECS, AEO, EORI, CRMS
• Prerequisite for: SW
• Related to: ECIP, AIS, SEAP, EBTI, REX, SASP
4.2 Trade Access
4.2.1 EU Customs Information Portal (ECIP)
To enable economic operators to access information related to import/export
requirements, as well as information on the operational status of movements
through a customs information portal. Such a portal would mainly contain
all relevant information about rules on the movement of goods across borders,
and also relevant information from domains other than pure customs (e.g.
agricultural, environmental and other legislation). This approach is in line
with the e-Government roadmap.
22

23. Links will be provided to more detailed and/or national information fea-
turing on the customs information portals of the national customs adminis-
trations. Also national administrations will be provided with an opportunity
to feed info to the EU customs information portal.
• Full operation: February 2011
• Depends on: DDS
• Related to: AIS, AES, SEAP, AEO, EORI, SASP, SW
4.2.2 Data Dissemination System (DDS)
The main purpose of the DDS is to provide up-to-date customs related in-
formation applicable at Community level to both the business community
and Member State administrations. DDS will become an integral part of the
ECIP without losing its own distinctive character as a source of specialised
information.
• DDS: already operational
• DDS2 deadline: September 2009
• Prerequisite for: ECIP
4.2.3 Single Electronic Access Points (SEAP)
SEAPs will allow traders to lodge their electronic entry/exit summary dec-
larations, summary and customs declarations via a single interface of their
choice which connects their system with all Member States' customs systems.
This data is automatically made available to any customs oce responsible
for the location at which goods have been, or are to be, presented, irrespec-
tive of the Member State concerned.
Such access points would either be provided by Member State's customs
services or by private companies authorised by the Member State's customs
service. The service of `access point' providers is, at least at rst, limited
to `passing on' the customs declaration and other required electronic attach-
ments (e.g. electronic certicates) to the competent customs administration
where the declaration will be accepted and further processed.
The single access point concept has no inuence on the customs procedure
as such. Processing of the declaration, any physical control of the goods, and
payment of any debt and release of the goods will be carried out solely at
23

24. the customs oce to which the customs declaration is presented. There is
no task sharing between the customs oce at the place where the importer
is established and the customs oce at which the goods are presented at
import.
Economic operators would only need one access point to lodge declara-
tions, independently of the Member State of destination. From the perspec-
tive of the customs authorities there would be `multiple access points' (=
at least one per MS). With this approach, existing electronic connections
between traders and customs administrations could be maintained and new
electronic connections with the customs administration of their choice could
be established. Specications would be based on formats which are accepted
by the MS.
• Full operation: June 2014
• Related to: AIS, AES, EORI, ECIP, SW
4.3 Customs Tools
4.3.1 Customs Risk Management System (CRMS)
The objective of the Community Customs Risk Management System is to
provide for the rapid, direct and secure exchange of risk information to sup-
port targeting of consignments for customs controls, and for the Commission
to be able to disseminate information concerning Community-wide threats.
The rst phase of the CRMS, the electronic Risk Information Form sys-
tem, was launched in April 2005. The second phase involved an upgrade
of the RIF system to include new user requirements arising from the prac-
tical experience gained by the users of the system. This second phase was
launched in April 2007.
The next phase involves the development of the Common Priority Con-
trol Areas (CPCA) module to permit the secure electronic transmission and
management of Common Risk Criteria.
The RIF and CPCA constitute together the CRMS.
• Full operation of upgraded RIF: January 2008
• Start of operation of CPCA: January 2009
• Depends on: AEO
• Prerequisite for: Full functioning of AIS and AES, Full exploitation of
NCTS
24

25. • Related to: ICS, ECS1, ECS2, AEO, EORI, SASP, SW
4.3.2 Integrated Tari Environment (ITE)
Improve interconnection between the already existing tari-related IT sys-
tems in order to achieve:
1. re-use of data and/or functionality from one system to another (e.g.
descriptions of Combined Nomenclature (CN) codes, owned by the CN
system, and re-used by the TARIC);
2. harmonise the interfaces of the dierent inter-related tari systems,
with the Member States, without redundancy of data.
The concerned systems are CN, TARIC, European Binding Tari Infor-
mation (EBTI), Quota, Surveillance, the European Customs Inventory of
Chemical Substances (ECICS), Suspensions.
The necessary steps to achieve the above-mentioned objectives are:
1. alignment to ensure consistency of data codication between the sys-
tems (e.g. codify geographical areas in the same way in all systems);
2. implementation of organisational procedures between the owners of the
systems so that work and data ows run smoothly (ex: inform EBTI
sector when closing a TARIC code).
The ITE is not a system in itself, but a collection of data ows and proce-
dures, most of which are to be implemented independently of each other as
a continuing process.
Also, in order to minimise impact on resources and development costs,
ITE developments are, when possible, merged with other development ac-
tivities of the customs systems (ex: Quota 2, and TARIC3).
TARIC 3 The main purposes of the TARIC 3 are:
• to provide to the Member States the Community data needed (interpre-
tation, integration and codication) for automated customs clearance
and
• to provide the business community with the up-to-date tari and com-
mercial legislation applicable at Community level, mainly via the DDS
System to be operational in November 2009.
25

26. ECICS 2 Ensure a consistent and harmonised classication of chemical
products in the EU and help customs authorities to identify chemical prod-
ucts. With ECICS already functioning, the current initiative is an update of
the system to improve its performance and add new tools according to the
needs expressed by dierent types of users.
Quota 2 The main purposes of Quota 2 is to ensure the management of
rst come rst served (FCFS) tari quotas and to provide the business
community with authoritative updates of the FCFS tari quotas (via DDS).
• System in operation since: December 2008
• Depends on: TARIC
Surveillance 2 The main purpose of Surveillance 2 is to ensure the col-
lection of data in the framework of import/export monitoring (surveillance).
Automatic delivery of statistics required by several services of the Commis-
sion (DG OLAF, DG TRADE, DG AGRI, etc.).
• System in operation since: January 2007
EBTI 3 Ensure the correct issuing of all BTIs and to have a database of
all applications and issued BTIs. A further evolution could result from the
Modernised Customs Code when the holder of a BTI will have the obligation
to apply the BTI when declaring the covered goods.
• System to be operational by end 2010.
• Depends on: EBTI
• Related to: AES, AIS
4.4 Economic Operators' Systems
4.4.1 Economic Operators' Registration and Identication Sys-
tem (EORI)
The objective of the Economic Operators' Registration and Identication
System (EORI) is to establish a unique EU-wide system of identication for
economic operators. The system will also allow the recognition of all the
authorisations granted to the economic operators.
26

27. Thus, it was proposed to create an integrated Economic Operators' database
covering all EORI and Authorised Economic Operator functions. This will
oer maximum integration of the processes and avoid data duplication at the
central level. It is the intention to have the same IT interface for Authorised
Economic Operator, EORI and other future authorisation schemes such as
SASP and REX.
• Full operation: July 2009
• Prerequisite for: AEO full, AIS, AES, SASP, REX
• Related to: NCTS, ICS, ECS, SEAP, CRMS, SW, ECIP
4.4.2 Authorized Economic Operator (AEO)
To give eect to the concept of AEO as set out in Regulation (EC) No
648/2005. For planning purposes, the number of AEOs is estimated to be in
the hundreds of thousands.
The system is made available centrally for updates and download by MS,
and in order to provide access to the `master le' (trusted source of info). MS
are expected to keep some info in their national systems, such as the AEO
Certicate numbers, for use in the declaration processing system a 24 hour
interval for updating the information from the master le is expected. No
on-line queries will be launched for any verication of an AEO (to be done
on national level). Connections and downloads from third countries with
which mutual recognition exists might be available.
The AEO concept will be introduced in two steps. In the rst stage,
the basic functions will be provided while the second phase will extend the
functionalities of the system to workow and/or collaborative functions. It
was proposed to create an integrated Economic Operators' database covering
all AEO and EORI functions. This will oer maximum integration of the
processes and avoid data duplication at the central level. It is the intention
to have the same IT interface for AEO, EORI and other future simplication
such as the SASP system.
A phased approach has been agreed for establishing the IT system:
1. AEO Phase 1 will provide basic functions as of 1 January 2008;
2. AEO Full System will be extended to integrate workow and/or col-
laborative functions as of 1 July 2009.
27

28. AEO Phase 1 To provide an operational tool at the initial stage of the
AEO introduction. AEO phase 1 system will primarily enable:
• central management of the AEO applications and certicates
• downloading of the information on AEO into the national operational
systems
• publishing the list of AEOs who gave their prior agreement on DDS/Internet
• Full operation: January 2008
• Related to: ICS, ECS, EORI, NCTS, TARIC, ECIP, CRMS
AEO Full System AEO Full System builds on AEO Phase 1 and adds
the workow and/or collaborative functions.
• Start of operation: July 2009
• Depends on: EORI
• Prerequisite for: Full functioning of AES, AIS and CRMS
• Related to: ICS, ECS, NCTS, TARIC, ECIP, SASP, REX
4.4.3 Single Authorization for Simplied Procedures (SASP)
The objective is to create an IT system to manage the application and con-
sultation procedures in respect of single authorisations for simplied pro-
cedures in cases where more than one customs administration is involved.
The system will also enable decisions and information ow related to the
management of:
• Single Authorisations for simplied procedures
• Single Authorisations for customs procedures with economic impact
and end-use
This should be introduced as an extension of the AEO Full system, given
the high degree of common functionality.
• Full operation: January 2011
• Depends on: EORI
• Related to: AEO, CRMS, AIS, AES, ECIP
28

29. 4.4.4 Registered Exporters (REX)
The objective of the Registered Exporters system (REX) is to make avail-
able up-to-date and complete information on registered exporters established
in third countries concerned with the export of goods to the EU enjoying
preferential tari rates based upon compliance with the applicable rules of
origin. Registered Exporters are seen as known and trusted partners in a
particular set of rules of origin. The system will also include exporters to
be registered in the EU for the purpose of exporting to partner countries
who enjoy preferential arrangements (based on reciprocal preferences under
FTAs and/or cumulation of origin).
Only Registered Exporters will be entitled to make out statements on
the origin of the goods they export under preferential arrangements. The
Commission will set up a system to disseminate information concerning Reg-
istered Exporters, which will be available throughout the EU and in the
partner countries for authorised users.
While the system at rst will only cover some preferential arrangements
(GSP and later on ACP-EPAs), it might be expected that a similar approach
could be taken for all preferential arrangements, whereby all information
would be available in a single system.
• Start of operation: January 2013
• Depends on: EORI
• Related to: SW and (partially) AEO, AIS, AES
4.5 Longer Term Projects
4.5.1 Single Window (SW)
The objective of SW is to enable economic operators to lodge electronically,
and once only, all the information required by customs and non-customs leg-
islation for EU cross-border movements of goods. The initiative is currently
presided over by DG TAXUD.
There will be (at least) one SW per Member State. These SW will be
supported by the SEAP functions for lodging of declarations (if available).
The handling of certicates and licences needed for the declaration will be
based on the Community tari and supplementary information specic to
the MS concerned.
Certicates and licences from other MS will be transferred via the con-
nection between the MS, the Commission and 3rd countries (SPEED plat-
29

30. form), as well as between Commission systems, where required. SW shall
also make information available on how to request certicates and licences
from competent bodies.
• Full operation: July 2014
• Depends on: AES, AIS
• Related to: CRMS, ECIP, SEAP, EORI, REX
4.6 Automated Information Exchange with 3rd Countries
4.6.1 Single Portal for Entry or Exit of Data (SPEED)
To provide for a technical solution which will enable automated data ex-
change between MS electronic customs systems and third countries on the
basis of EU bilateral or multilateral agreements. This planned automated
exchange of information is envisaged only with countries outside the EU,
such as e.g. China, Russian Federation and USA.
However, countries which are not an EU MS but are participating in one
or more electronic customs systems, such as EFTA countries, countries which
have a customs union with the EU and candidate countries, will continue to
exchange information via their own CCN/CSI gateway.
The exchange of the information will be organised via a secured portal
connected to the secured network CCN/CSI.
Data requirements, formats and protocols of the envisaged data ex-
changes will be agreed to be as far as possible compatible with the existing
EU customs IT systems such as NCTS, ICS and ECS.
The rst implementation of the envisaged automated information ex-
change with third countries is to be started as a pilot project with volun-
teering EU MS and third countries.
• Depends on: CCN/CSI
• Related to: ECS, ICS, NCTS
4.6.2 EU-Russia exchange of TIR movement data (Pilot project)
Exchange TIR movement data with Russia via the secured portal connected
to CCN/CSI - SPEED.
• Exchange operational on January 2009.
• Depends on: SPEED
30

31. 5 Requirements and Needs for Developments
Comparing the current status of the Albanian Customs with the level of
standards that should be fullled in order to reach the nal goal, we have
tried to identify the systems that need to be developped or improved, and
any other needs that are related to IT or that require the support of IT.
The IT standards that should be fullled are of course described by the
Customs Blueprints, the chapter about ICT and any other cross-referencies
that require ICT support from the other chapters.
Besides the normal strategic objectives and key indicators, the ICT chap-
ter of the blueprints contains also a special section for candidate countries,
which requires that the IT systems of those countries should be able to in-
tegrate and to exchange data with the customs systems of EU, not only
those that are currently operational on EU level, but also those that are in
development and are expected to be fully operational on the following years.
These IT systems that work on the EU level are being developed on the
framework of the the Electronic Customs project, which is initiated by the
European Commission and aims to replace paper format customs procedures
with EU wide electronic ones. They are creating a more ecient and modern
customs environment which is going to enhance security at the EU's external
borders and to facilitate trade, and therefore should benet both businesses
and citizens.
Actually, if we manage to fulll the requirements of the Electronic Cus-
toms project, we would have automatically fullled most of the standards
of the Customs Blueprints itself (about paperless environment, trade facil-
itation, enhanced security, etc.). So, it is important to use the strategic
documents of this project as a guidance for our IT strategy (and our busi-
ness strategy as well). One of these strategic documents is the Electronic
Customs Multi-Annual Strategic Plan (MASP).
However we should always keep in mind the standards of the Customs
Blueprints when dening the needs for IT improvements and developments,
since they are broader and more generic than MASP.
Comparing the Customs Blueprints with the current state of the Alba-
nian Customs has already been done during the year 2010, also with the
help and assistance of EU international experts (mainly from the Austrian
Customs, through a twinning project). The gaps have been identied and
also the needs for improvements have been suggested.
This section of the IT Strategy is built mainly as a summary, reorgani-
zation and restructuring of the needs that are identied during the study of
the Customs Blueprints and the comparison with our current state of IT. A
31

32. special attention is payed to the need for matching the development of IT
systems on the EU level, as dened and described on MASP.
5.1 Integrating With EU IT Systems
The European/Global IT Systems that we need to integrate with, are those
that described on the MASP of the EU Electronic Customs. Our system
(ASYCUDA World) maybe supports some of the features that are required.
However more development and integration needs to be done.
This section presents a list of all these IT systems, describing also the
current state in our AsyW and what needs to be done further, in order to
be fully compatible with the EU IT system.
An estimation of the required eorts is done as well, and also a priority
or level of importance (urgency) is assigned. Some of the rules for assigning
the priorities are these:
1. The systems that are already operational on the EU should have higher
priority, compared to those that are expected to be operational on the
future.
2. The systems that are prerequisites for the other systems should have
higher priorities than those that have no priorities.
3. The systems that need less eorts to be implemented should have
higher priorities compared to the dicult ones.
The estimation of implementation details: times, phases, steps, milestones,
full operation deadlines, etc. will be described in another document (IT
Multi-Annual Strategic Plan), so they are not included here.
(Note: The list has to be completed, including every project described
in MASP.)
5.1.1 EMCS (Excise Movement and Control System)
Currently there is no module in AW about excise. On the beginning of 2011
AW will be upgraded and a new demo module about excise will be installed
(UNCTAD has prepared this module for some other country). Based on this
demo, and also keeping in mind that this module should be able to integrate
with EMCS, the technical requirements will be described and detailed and
the full implementation will be done.
32

33. 5.1.2 NCTS (New Computerized Transit System)
There is actually a Transit Module on AW, and it also supports some fea-
tures related to NCTS, however it remains to be checked what else it should
support, so that Albania can become a member of CTC, and so that it can
be fully integrated with the EU NCTS systems.
Note: Preparing Albania for NCTS is also one of the topics of the Twin-
ning Project. Up to now a Draft (or Template) Action Plan has been pre-
pared (which need to be lled with details). According to the schedule of the
Twinning Project, up to June 2011 the IT requirements for NCTSD should
be nished.
5.1.3 EORI (Economic Operators Registration and Identication)
AW should be integrated with the EORI central database of EU and maybe
also with QRK. The technical requirements and details remain to be speci-
ed.
EORI is a prerequisite for many other systems, so it should have a high
priority.
5.2 Interoperability on The National Level
This includes the inter-agency data exchange and integration, the concept
of the single window, etc.
5.2.1 Integrated Border Management (IBM)
This is one of the objectives of the Twinning Project. There is also an Action
Plan about it, composed some years ago.
5.2.2 Electronic data exchange with the banking system
(BP: 22.20) Revenue collection should be able to integrate with the EU
system as well.
5.2.3 Interagency data exchange (Single Window)
Albanian Customs needs to exchange data with other institutions as well.
These institutions are:
• Ministria e Financave (DPT, Drejtoria e Përgjithshme e Thesarit, etj.)
• METE (QKR, QKL, etj.)
33

34. • Dhomat e Tregëtisë
• Ministria e Bujqësisë (Instituti i Sigurisë Ushqimore dhe Veterinarisë,
etj.)
• Ministria e Shëndetësisë (Qëndra Kombëtare e Kontrollit të Barnave,
etj.)
• Drejtoria e Përgjithshme e Standardizimit
• Ministria e Punëve Publike dhe Transportit (Drejtoria e Përgjithshme
Rregullatore)
• Ministria e Inovacionit dhe Teknologjisë së Informacionit (AKSHI)
• Ministria e Brendshme
• Ministria e Mbrojtjes, etj.
The detailed needs and requirements for data exchange with these institu-
tions remain to be dened and described. There is an action plan about this
and this work is expected to be done on the rst half of 2011.
5.3 Other Needs for Tools and Software
Other software are needed by various sectors of the customs as well, in order
to provide them with a paperless environment and with the necessary tools
that are needed for managing the information electronically.
We can develop these software/modules ourselves, or we can use software
developed by others. In the second case (which is more preferable) we should
install, congure and maintain it, and also integrate it with the rest of our
systems.
5.3.1 A Web CMS (Drupal)
The web page of Albanian Customs is a bit old and not functional enough
for satisfying all the requirements for document and data publishing, both
externally and internally.
It is obvious that it should be replaced by a CMS, and Drupal would
be a good choice, since it is popular, open source, more professional and
customizable than the other alternatives, etc.
34

35. 5.3.2 A Tool for planning, tracking and reporting IT expenditures
(BP: 22.6)
• TaskJuggler could be a good choice. It has features for planning and
tracking projects, and also for recording expenses, and generating re-
ports as well. BP_22.6:
1. Financial working group or committee made responsible for es-
timating future annual IT expenditure and agreeing proposed
spending by individual IT areas
2. Users and managers aware of full cost of running, enhancing and
maintaining its IT systems
3. Long term IT expenditure planning in place
4. Accounting system or procedures in place to track IT expenditure
and regularly report variances against planned spending
5.3.3 Software for monitoring the functionality of the existing
systems
(BP: 22.11)
• Zenoss could be a good choice for monitoring/managing network de-
vices, resources and services.
5.3.4 Any tool/software for facilitating feedback from users
(BP: 22.12)
• Maybe any ticket system, for example Trac
5.3.5 HelpDesk system for reporting the problems.
(BP: 22.40)
• Maybe Trac can be used.
5.3.6 Knowledge Database
(BP: 22.13)
• A knowledge database strategy should be developed and the infor-
mation should be accessible by Internet/intranet. (Maybe it can be
MediaWiki, Drupal, or any other wiki or CMS).
35

36. 5.3.7 Tools for internal communication and collaboration
• OpenFire for internal instant messages and collaboration
• Mailing lists (maybe mailman).
• Email addresses should be in the format Firstname.Lastname@dogana.gov.al,
not F_Lastname@dogana.gov.al (in order to be compliant with the na-
tional standards set by AKSHI).
5.3.8 Document Management System
(BP: 22.27)
• Alfresco can be used to handle elctronically the internal paperwork
(between departments and divisions).
5.3.9 Business Intelligence Tool
(BP: 22.38)
• JasperSoft, Pentaho, etc. can be installed and tried.
5.3.10 Tools for Human Resource Management
• OrangeHRM can be installed, customized and tried.
5.3.11 Directory Server for Single Sign-on
Directory servers are also usefull, among others, for implementing single sign-
on (employees login to dierent applications using the same username and
password, which are stored on the directory server).
This is very important because it makes simple the life of the users: they
have to remember and maintain only one username+password, instead of
having one for email, one for AW, one for Alfresco, one for JasperReports,
one for the CMS etc. It also simplies the task of the system administrators,
because they have to keep and maintain only one list of users, instead of
maintaining a separate list of users for each program/application.
Some directory servers that can be tried are these:
• Apache Directory Server
• 389 Directory Server
36

37. • Open Directory Server
• Open LDAP and phpLDAPadmin
5.3.12 An Inventory/Asset Management System
(BP: 20.9) Such a program/application can be used to monitor the location,
use and state of repair of the administration's infrastructure and equipment.
5.4 IT Documents
Several IT related documents need to be developed, published, reviewed
periodically, maintained, and followed (applied/implemented). These docu-
ments support the IT strategy and are mainly based on the requirements of
the Blueprints. The supporting documents that need to be developed are
listed and described below.
5.4.1 IT HR Policy
(BP: 22.3)
1. There should be a special HR policy for IT, without conicting the
framework of the general/overall HR policy.
2. It should be published and reviewed periodically, and it should be
approved by top-level managers.
3. This HR policy should take into account the special needs and require-
ments of the IT eld.
4. The HR policy for IT can include for example:
• Medium long term plans for sustaining IT management team,
HQ IT development units, operational units and regional admin-
istrators as well as use of IT contractors and consultants.
• Proposed IT stang complement required showing numbers and
grades of IT sta at all levels in HQ and regions
• Skills experience required for each post
• Career path and options for advancement
• In-house and external training
• An overview of the sta reporting and performance appraisal sys-
tem in operation
37

38. • An overview of the communications policy and methods including
particularly, the main procedures for communicating key decisions
and information and for receiving and processing feedback from
sta
• Method of recruitment external and internal
• Incentives and / or bonding schemes
• Terms of employment working hours, holidays, conditions gov-
erning shifts or overtime
5.4.2 IT Business Processes
(BP: 22.32, 22.4, 22.35, and 22.39)
1. IT business processes to be clearly identied and listed.
2. Each business process should be described with activity diagrams (UML),
manuals, etc.
3. IT Roles and responsibilities dened and published in line with HR
management.
4. Network and other conguration diagrams and details should be doc-
umented, both for the HQ and for the remote sites.
5. Maintenance and IT Support Procedures should be documented and
published. Troubleshooting hints should be included as well.
5.4.3 System Security Policy
(BP: 22.36) Documents to be prepared that clearly describe the access rights
of each employee on AW and other systems, according to his position and
functions.
5.4.4 IT Budget and Procurement Policy
(BP: 22.8)
1. Sta in place to review procurement practices, ensure value for money,
ensure specications adheared to by suppliers and any EU rules on
Government or international procurement followed
2. Sta aware of and follow, the documented procurement procedures
38

39. 3. IT procurement is in line with the IT strategy for hardware, software
and communications installation and technical training
4. Centrally negotiated IT procurement contract(s) in place
5. Guidelines on contract management developed and published
5.4.5 IT Risk Management Strategy
(BP: 22.9) Risk Registry, including also Disaster Recovery, Backup and Re-
store, IT Security, etc.
• Disaster recovery
1. Strategic plan for disaster recovery in place including nancial
needs
• IT Security
1. Team in place responsible for IT Security - including assessment
of risks, security standards, user awareness and compliance mon-
itoring
2. IT security policy and guidelines published eg. in System Security
Policy or System Security Operating Procedures documents
3. Security Team Roles and responsibilities published
4. Procedures and policies developed covering:
Risk analysis
Basic countermeasures
Network security
Communications security
PC security
Computer viruses
5. Disposal of computer hardware and storage media
6. Physical access controls in place and tested
7. Logical access controls in place and tested
8. Procedures in place to monitor and record breaches of security
eg. theft of equipment, unauthorised access to systems, misuse of
systems, data or hardware, virus incidents
39

40. • Backup Recovery
1. Network and workstation Backup and Recovery procedures tested
and documented
2. Fallback procedures / Disaster recovery procedures tested and
documented
3. Backup media stored remotely
4. Investment plan elaborated
5. Necessary equipment in place
5.4.6 IT Training Requirements and Strategy
(BP: 22.10 and 22.42) This document should assess the IT training needs
both for the IT experts and for the other sta.
IT is a eld that is improved very quickly and it is important to learn
about the latest developments in order to be able to apply them on the daily
work. So, training should not be considered as an activity that is done only
for the new employees, but it should be considered as an ongoing activity
that is part of the daily work.
Each IT sta should have his own learning targets and objectives, and
their performance should be evaluated not only based on their successfull
completion of the daily routine work, but also on their progress related to
training targets. This is very important for having a successfull IT sta that
is able to perform their duties eciently.
The training strategy should contain besides other things:
• The IT training needs for new employees (of departments other than
IT) and how this training is going to be performent.
• The non-IT training needs for new employees of the IT department
(related to customs procedures etc.)
• The IT training needs for new employees of each sector of the IT de-
partment, so that they can be able to perform the basic duties related
to their position.
• A training plan for improving the skills of the current IT employees,
so that they can be able to perform better their duties.
40

41. 5.4.7 IT Documentation Standards and Procedures
(BP: 22.15) All the work that is done by the IT department, the problems
that are solved, new things and new systems that are developed and im-
plemented, congurations that are done, etc. should be documented and
published, so that they become part of the knowledgebase. The knowledge-
base is the memory the institution that helps to avoid the mistakes done
on the past (not to repeat them again), to solve repeated problems easier
(if they were already solved by somebody on a previous case), to exchange
individual experiences with the rest of the cooworkers, to draw conclusions
and to take decisions based on the past work and activity, etc.
This document should describe the standards and procedures, so that the
documentation is done on the proper and most ecient way (so that it can
be most usefull). This is closely related to the way that the knowledgebase
itself will be implemented.
5.4.8 IT Telecommunications Policy
(BP: 22.16)
5.4.9 Policy on Freedom of Information, Security and Data Pro-
tection
(BP: 22.29)
6 General Guiding Principles
6.1 Kosto dhe eksibiliteti
6.1.1 Riperdorim perpara Blerjes dhe perpara Ndertimit
ACA duhet të konsiderojë të gjitha zgjidhjet me kosto efektive, duke përf-
shirë Open Source (burimet e hapura), për të përmbushur kërkesat e bizne-
sit, duke operuar me një ripërdorimin para se të bleje, dhe/ose perpara se
të ndërtojë strategji. Zgjidhjet qe ekzistojnë brenda ACA ose në Qeveri apo
Departamentet e tjera merren parasysh përpara se të vendoset për të blerë
apo ndërtuar komponente të reja.
6.1.2 Nderto llimisht per qeverine
Ri-përdorimi si zgjidhje dhe dizenjim ku nderthuren ACA, Qeveria dhe Open
Source. Kur ekzistojnë mundësi të identikuara në mënyrë të qartë, zgjid-
41

42. hjet dhe dizenjimet bëhen të gjitha shumerdorimshme per Adminitraten dhe
Qeverinë. Megjithatë zgjidhjet nuk behen për gjera te panevojshme e kur
nuk ekzistojnë kërkesat te qarta.
6.1.3 Reduktimi total i kostove te pronesise
Ne do të miratojmë një kosto te pergjithshme te modelit të pronësisë për
dizenjim, zgjidhje dhe shpërndarje, duke balancuar koston e zhvillimit, mbështet-
jen, ndryshimet e biznesit, fatkeqësite (natyrore apo forca madhore) dhe
amortizimit, kundrejt eksibilitet, gatishmërinë, scalability, lehtësinë e për-
dorimit dhe reduktimin e kompleksitetit
6.2 Mundesite e dhenies se sherbimit
6.2.1 Ndiqet partneriteti ne lidhje me dhenien e sherbimeve
Askush nuk mund t'I beje te gjitha gjerat vete. Na duhet të jemi ne partner-
itet me qytetarët, sektorin vullnetar, etj. Ne inkurajojnë sjellje sipërmarrëse
në komunitetin tone te partnereve .
6.2.2 Produktet dhe Planet behet qe te permbushin objektivat e
biznesit doganor
Projektet dhe programet duhet të kontribuojnë në realizimin e objektivave
tona strategjike dhe qëllimet tona duhet të jetnë ne një linjë.
6.3 Balancimi i Reputacionit kundrejt rreziqeve per dhenien
e sherbimit
6.3.1 Perdorimi I teknologjive te Provuara
Sistemet e integruara dhe zgjidhjet e infrastrukturës teknike duhet të për-
dorin produkte komerciale të vlefshme, dhe të qëndrueshme teknologjikisht
dhe modele. Ato duhet të përputhen me sigurine, kondencialitetin dhe
politikat e privacise se te dhenave.
6.4 Risite
6.4.1 Zgjidhjet behen duke implemntuar produktet e pranuara
ne politiken per teknologjine e informacionit
Ne mbeshtesim zgjidhjet tona kryesore dhe sistemet mbi një platformë të për-
bashkët, e cila realizohet me produktet e pranuara në politikën e teknologjisë
42

43. informacionit duke kërkuar që:
• te kemi zgjidhje të miratuara nga partnerët tanë strategjike
• Përdorimi i teknologjisë se provuar, duke miratuar kombinimet e pro-
dukteve që janë provuar qe funksionojne së bashku. Në thelb, ne kërko-
jmë më parë ri-përdorimin e teknologjisë që janë tashmë brenda ACA
dhe do të shikojmë vetem zgjedhje të produkteve të reja ose zgjidhjeve
kur ato qe janë gjetur të jenë të pamjaftueshme.
6.4.2 Promovimi I avantazheve per biznesin nepermjet perdorimit
te teknologjive inovative
Teknologjia e re
• Miratojmë vetëm bashkepunimin me partnere korrekte ku bilanci i
rrezikut perllogaritet minimal.
• Kërkojmë zgjidhje që do të vendosen dhe të jetojnë në një kontekst të
kuzuar, por për të paktën 12 muaj.
• Do të punojmë së bashku me partnerët tanë për të dhënë një risi në
bashkëpunim
6.5 Kontrolli I aseteve te informacionit
6.5.1 Versioni I se vertetes
Baza e te dhenave kryesore per informacion duhet te jete ne një version të
vetëm e të sakte. Kërkojmë të sigurojmë që të kete vetëm një pikë për kapjen
e informacionit, që të verikojmë se të dhënat jane te sakta sa më shpejt të
jetë e mundur me synim maksimizimin e përdorimit te atyre të dhënave.
6.5.2 Nderto besim nepermjet menaxhimit efektiv te informa-
cionit nga klienti
Jemi te ndergjegjshem se besimi I klienteve tohet nga menyra se si ne
trajtojmë të dhënat e tyre personale. Sigurojme se të dhënat jane te sakta
dhe te ruajtur mirë.
43

44. 6.6 Rritja e Eciences
6.6.1 Nderto ne levishmeri
Sigurohemi se zgjidhjet janë ndërtuar për të lejuar, kur është e përshtatshme,
e sa me ne kohe reale, qe te dhenat aksesohen nga cdo department I qeverise
dhe nga cdo vend.
6.6.2 Maksimizo Automatizimin e Proceseve
Do të automatizojme përpunimin e te dhenave kudo që të jetë e mundur duke
minimizuar nevojën për ndërhyrje manuale, sigurimin e sistemeve të për-
punimit qe janë të efektshme dhe ekonomike. Do të synojmë automatizimin
për shumicën e transaksioneve, sipas standardeve, duke synuar thjeshtesine
ne perdorim.
6.6.3 Pergjigja sa me ne kohe reale per kerkesat e klientit
Kërkojmë ne vazhdimesi ti japim përgjigje kërkesave të klientit sa më shpejt
që të
44