Application Development Standards and Guidelines

FLORIDA DEPARTMENT OF AGRICULTURE AND CONSUMER SERVICES

APPLICATION DEVELOPMENT STANDARDS AND GUIDELINES

VERSION 8.5

Creation Date: 04/21/2000 Last Updated: 07/12/2017

Application Development Standards

TABLE OF CONTENTS ECTION 1: PURPOSE ...... - 4 - SECTION 2: SCOPE ...... - 4 - SECTION 3: CHANGE PROCEDURES FOR THE APPLICATION DEVELOPMENT STANDARDS ...... - 5 - SECTION 4: SECURITY ...... - 5 - SECTION 4.1: NETWORK USER ACCOUNT ACCESS TYPES ...... - 6 - SECTION 4.2: ORACLE DATABASE LOGINS AND SECURITY ...... - 7 - SECTION 4.3: MICROSOFT ACCESS SECURITY ...... - 12 - SECTION 4.5: PASSWORDS ...... - 13 - SECTION 5: 60-8.001 FLORIDA ACCESSIBLE AND ELECTRONIC INFORMATION TECHNOLOGY RULE ...... - 14 - SECTION 5.1: TECHNICIAL STANDARDS ...... - 14 - SECTION 5.2: INFORMATION, DOCUMENTATION, AND SUPPORT ...... - 16 - SECTION 5.3: PROCUREMENT AND DEVELOPMENT CRITERIA ...... - 16 - SECTION 6: PUBLIC RECORDS & ELECTRONIC RECORDKEEPING REQUIREMENTS - 17 - SECTION 6.1: SOCIAL SECURITY NUMBERS ...... - 17 - SECTION 6.2 APPLICABILITY ...... - 17 - SECTION 6.3: CHAPTERS 1B-24 AND 1B-26.003, FLORIDA ADMINISTRATIVE CODE...... - 17 - SECTION 7: DATA INTEGRITY...... - 19 - SECTION 8: FDACS ENTERPRISE SYSTEMS AND DATA ...... - 20 - SECTION 8.1: ENTERPRISE SYSTEMS ...... - 20 - SECTION 8.2: EMPLOYEE DATA ...... - 22 - SECTION 8.3: EXTERNAL USERS ...... - 25 - SECTION 8.4: EMPLOYEE OBJECTS...... - 25 - SECTION 8.5: LOOK-UP TABLE ...... - 26 - SECTION 8.6: ABBREVIATIONS AND ACRONYMS...... - 26 - SECTION 9: ENTITY RELATIONSHIP DIAGRAM (E/R)GUIDELINES ...... - 27 - SECTION 9.1: ENTITY ...... - 27 - SECTION 9.2: ATTRIBUTE GUIDELINES ...... - 27 - SECTION 9.3: PRIMARY UNIQUE IDENTIFIER ATTRIBUTES ...... - 27 - SECTION 9.4: RELATIONSHIPS ...... - 28 - SECTION 10: AUDITING ...... - 29 - SECTION 10.1 AUDIT COLUMN ...... - 29 - SECTION 10.2 HISTORY TABLES ...... - 29 - SECTION 11: MISCELLANEOUS ORACLE REQUIREMENTS ...... - 30 - SECTION 12: GUIDELINES FOR NAMING DATABASE OBJECTS ...... - 32 - SECTION 12.1: GUIDELINES FOR TABLE NAMES ...... - 32 - SECTION 12.2: GUIDELINES FOR COLUMN/FIELD NAMES ...... - 32 - SECTION 12.3: TABLE VIEWS AND TABLE SYNONYMS ...... - 33 - SECTION 12.4: PRIMARY AND FOREIGN KEY COLUMNS...... - 33 - SECTION 12.5: CONSTRAINTS ...... - 34 - SECTION 12.6: PACKAGES, PROCEDURES, TRIGGERS, ETC...... - 35 - SECTION 13: DATABASE LINKS...... - 36 - SECTION 14: INDEXES ...... - 36 -

Page - 2 - of 113 Application Development Standards SECTION 15: FILE NAMES ...... - 37 - SECTION 16: TABLESPACES ...... - 37 - SECTION 17: TNSNAMES.ORA FILE ...... - 39 - APPENDIX 1: STANDARD DATA ELEMENTS ...... - 40 - APPENDIX 2: LOCATIONAL DATA STANDARDS ...... - 44 - APPENDIX 3: ENTITIES ...... - 58 - APPENDIX 4: ACRONYMS AND ABBREVIATIONS ...... - 65 - APPENDIX 5: EXAMPLE RELATIONSHIP NAME PAIRS ...... - 104 - APPENDIX 6: ORACLE APPLICATION SERVER STANDARDS ...... - 105 - APPENDIX 7 - FONTS AND PRINTING IN ORACLE REPORTS ...... - 108 - APPENDIX 8: .NET APPLICATION STANDARDS ...... - 110 -

Page - 3 - of 113 Application Development Standards

SECTION 1: PURPOSE

This document should be used in conjunction with the Administrative Policy and Procedure 1-2 – Information Technology Life Cycle (ITLC). The ITLC policy contains references to other Administrative Policies and Procedures, Florida Statutes and Florida Administrative Code governing public records requests, electronic records management, application development, and security that must be adhered to when developing or enhancing information systems.

Review of the most current version of this document should occur during the Needs Assessment Phase of the ITLC. You will find it most beneficial to read through this entire document to avoid having to make changes later in the application development process.

The purpose of this document is to provide a common basis for analysis and development of business systems at the Florida Department of Agriculture and Consumer Services (FDACS) using relational databases. The standards and conventions established by this document are intended to assist in the integration of applications across all business areas within the department. It is expected that the standards contained herein will continue to evolve to support the changing needs of FDACS. The standards have been reviewed and accepted by the Operational Steering Committee. The department has adopted separate Internet and Intranet Web Standards (June 23, 2005) and all department web sites must be Section 508, subsection 1194.22 compliant.

Oracle and SQL Server are the FDACS standard for relational database management systems. Custom applications and COTS applications must be compatible with the department’s existing database versions and configurations. They must also be compatible with the current Microsoft Windows and UNIX operating systems versions and configurations.

SECTION 2: SCOPE

This document applies to all custom application development efforts done in-house or by outside consultants/contractors developed for FDACS. If the application/database meets any of the following criteria, you should be following these standards.

 Data that will be shared: data that is received from others, provided to others, or for which there are other stakeholders (such as local governments or private sector collaboration).  Data involved in inter or intra-agency efforts: community data, created or used by multiple organizations, or divisions within FDACS.  Public data: data that is accessible to the public.  Data for current systems development or integration projects: to realize internal data integrity improvements for projects currently underway.  Data involved in current modeling efforts: Data naming standards should be developed for the naming of entities, relationships, and attributes on object and data models. Without good naming standards on models, it will be difficult to transform model information to real data and be difficult to integrate models or share data.

Page - 4 - of 113 Application Development Standards

SECTION 3: CHANGE PROCEDURES FOR THE APPLICATION DEVELOPMENT STANDARDS

 The documents will be maintained on a shared drive at tlhadmfilesrv02\THADAG_Share\APPLDEV\Application Standards and the OATS Intranet page.  Any changes (additions, updates, deletions) to the appendices should be submitted to the data administrator for review. The data administrator will be responsible for keeping the documents updated.  Changes to the Application Development Standards and Guidelines should be submitted to the data administrator for coordination and review with the ITLC/Data Administration Subcommittee of the Operational Steering Committee. The data administrator will be responsible for keeping the documents updated. All division information officers (DIO) will be informed of changes when they occur.

SECTION 4: SECURITY

SECURITY STANDARDS for NETWORK and APPLICATION AUTHENTICATION from Administrative Policy and Procedure 8-14 – Systems and Application Security Planning

Application security must follow Administrative Policy and Procedures Chapter 8 (Department Information Resource Security Program and Policies). If an alternative access, authentication, or security method is proposed, it shall be provided to and approved by the department Information Security Manager, in conjunction with designated OATS staff, prior to any programming work commencing.

Divisions must submit the proposed network and application security method to be used in the application when known, but no later than completion of the ITLC design process for the project. The proposed security method must be verified and approved by the department Information Security Manager before programming/coding begins. This document must include diagrams which designate the security method to be implemented. Adhering to this standard can avoid costly re-programming later.

Any exceptions to the policy should be documented in the final version of the Security Plan prior to production implementation and approved by the Information Security Manager.

Administrative Policy and Procedure 8-10, Section V, states the following: “The application owner, or his/her designee, is responsible for periodic monitoring (quarterly, semi-annual, or minimum annually) of user accounts for his/her applications. The designee should not be involved in development, maintenance, or custodial activities for the application. Monitoring is required to ensure the user is still employed with the department, and the user’s access privileges are based on the user’s current duties and responsibilities. The monitoring activities must be documented to satisfy auditing requirements and must be able to be provided on request.”

To ensure the application owner can comply with the policy, all new applications developed in- house or by a vendor, regardless of software environment (Oracle Developer, SQL Server, .Net Framework, MS Access, etc.) must provide to the application owner, or their designee, the ability to run a report at any time that provides at a minimum, the following information:

Page - 5 - of 113 Application Development Standards  User account (e.g. pricep);  User Name (e.g. Joe Smith);  Application Role assigned to user (e.g. DISI_ADMIN);  Application Roles and their privileges (what access level: insert, update, delete, select) granted to the application tables, views by the role;  If access is not provided by a role, individual privileges granted to users or to the folder location of the application must be provided to the owner.

As a reminder, network and application accounts shall be created with the security principle of least privilege in mind. This principle means giving a user account only those privileges/access which are essential to that user being able to carry out their job functions, therefore ensuring account privileges be kept at a minimum at all times. Additionally, separation of duties is a fundamental element of account access control. No single user should have complete control of a function from beginning to end. This is to avoid any one user from knowingly, or unknowingly, subverting or damaging information resources.

Divisions must report all purchases of SSL certificates to the department Web Manager who will maintain a listing of servers where SSL certificates are installed.

SECTION 4.1: NETWORK USER ACCOUNT ACCESS TYPES

1. Department employees must authenticate against the Windows DOACS Domain, currently utilizing Active Directory. This can be accomplished by:

a. Direct infrastructure connection. An example of this would be a user on a Local Area Network (LAN) at an office connected to the state’s RTS Wide Area Network (WAN). b. Virtual Private Network (VPN) - Internet Protocol Security (IPsec) based VPN. Requires specialized software on the workstation and VPN approval form for access. c. Remote Access Services (RAS) – Dial up connectivity to the department network, through the department Remote Access Server. d. Web (SSL) VPN – access is to be limited to specific web applications which may require access to internal network resources. No software other than a compatible web browser is required, but approval for VPN access still needs to be authorized. Currently the capacity for concurrent users for this method is limited by infrastructure constraints.

2. Contractors / Consultants, OPS Employees, and Partners (example: verified external users with cooperative agreements, e.g. veterinarians trained to conduct data entry for Animal Industry applications) – This class of users will be issued an Active Directory Domain account through the department approved access process. The need for user access will be evaluated on an individual basis and security requirements for these accounts must meet or exceed those of regular department employees. It is the responsibility of the project manager responsible for managing the contractor/consultant and/or partner to submit the necessary request for initial access, as well as the revocation of access once the contractor/consultant no longer needs access. It is the responsibility of the OPS employee’s supervisor to submit the request for access and revocation of access upon termination. These accounts will be set to expire every ninety (90) days if there is no account activity (idle) unless justification not to expire the accounts is documented and approved by the Information Security Manager.

3. Unverified External Web Users (e.g., general public, permit holders, producers, no- solicitation registrants) – This class of users will not be provided domain accounts under any circumstances; accounts will be provided by web applications through application level

Page - 6 - of 113 Application Development Standards security. Access to applications will be provided via secure certificates, on a basis determined by the data being entered. If the data being entered is determined to meet privacy criteria (example: driver’s license number, birth dates, etc.), then a secure certificate is required for the web application. Database security will be handled as described in the sections below. Divisions should report all purchases of SSL certificates to the department Web Manager who will maintain a listing of servers where SSL certificates are installed. At a minimum, passwords must be set to expire every ninety (90) days unless justification not to expire the passwords is documented and approved by the Information Security Manager. Each application owner is responsible for orphaned accounts and management of user IDs and passwords.

4. Passwords for network accounts must meet the following criteria:

a. Passwords must expire at least every ninety (90) consecutive days. b. Password must be at least eight (8) characters. c. Password must contain at least three of the following four criteria: uppercase letter ((English A-Z), lowercase letter (English a-z), special character, one digit (base 10 digits 0-9). d. Password must not be the same or similar as the user-id. e. Password must be different from the previous five passwords (5) used. f. If an invalid password is entered, the system will re-query for a valid entry. g. The password must be stored in encrypted form. h. After five (5) consecutive login attempts, the account must lock for a period of not less than fifteen (15) minutes. i. User sessions must time-out after sixty (60) minutes of inactivity. User authentication shall be requested to proceed with usage of the system.

SECTION 4.2: ORACLE DATABASE LOGINS AND SECURITY

Internal Access

1. All internal users will authenticate against the Windows DOACS Domain (Active Directory). After authenticating to Active Directory, the possible methods for internal users to access the Oracle database(s) are:

a. Application captures Windows credentials  Active Directory takes care of password requirements.  Application uses Active Directory account to associate users to roles in application database tables.  Application owner must approve application users and manage orphaned accounts (accounts for users who no longer have approved access).  The application connects to Oracle with department-approved dedicated application user-id (DAU). The DAU and password are stored in encrypted format in a secure file on the web server to which only the application code, the server administrator and database administrator have access. A department-approved tool must be used to encrypt the connection string.  The application populates the audit fields (CRE_USER and MOD_USER) with the Active Directory (Network) user-id; or the DAU may be used provided it is linked back to the unique Active Directory (Network) user-id through table relationships, maintained by referential integrity.  The application must provide the ability to run a report detailing user privileges to the application for user account review by the application owner.

Page - 7 - of 113 Application Development Standards b. Application requires additional authentication with application-maintained credentials. (Example: web map service.)  Application owner must approve application users and manage orphaned accounts (accounts for users who no longer have approved access).  Application maintains list of unique application user-id’s and passwords in an application table.  Application is responsible for implementing password requirements according to Administrative Policy and Procedure 8-10 (see “2. Passwords” below).  Application connects to Oracle with a dedicated application user-id (DAU). The DAU and password are stored in a secure file on the web server to which only the application code, the server administrator, and database administrator have access. A department-approved tool must be used to encrypt the connection string.  The application populates the CRE_USER and MOD_USER fields with the unique application user-id; or the DAU may be used provided it is linked back to the unique application user-id through table relationships, maintained by referential integrity.  The application must provide the ability to run a report detailing user privileges to the application for user account review by the application owner.

c. Application requires additional authentication with a unique Oracle account and password.  Oracle will enforce the password requirements.  Oracle passwords will not be stored by the application.  The application must handle Oracle expiration messages and provide a way for the user to change their password.  The application populates the CRE_USER and MOD_USER fields with the unique Oracle user-id. d. Authenticate to Application through Oracle Application Server (AS)  May use a unique Oracle user-id and password, or may use a dedicated application user-id (DAU) stored in the Oracle Database Access Descriptor (DAD).  If using a unique Oracle user-id, Oracle will enforce the password requirements according to Administrative Policy and Procedure 8-10 (see “2. Passwords” below).  The application populates the CRE_USER and MOD_USER fields with the unique Oracle user-id; or the DAU may be used provided it is linked back to the unique application user-id through table relationships, maintained by referential integrity.  AS handles Oracle expiration messages and provides a way for the users to change their password. (Example: AIMS)

2. Passwords - Users who will be inserting, updating and deleting records must have individual logins to the database or to the application. This aids in auditing procedures on the tables and database security. The database enforces the following security requirements for individual logins; if user authentication (username/password) is being processed at the application level, rather than the database level, the application must include functionality to enforce these requirements (Please note: Oracle has slightly different requirements that Microsoft):

a. Passwords must expire at least every ninety (90) consecutive days. b. Password must be at least eight (8) characters. c. Password must start with a letter. d. Password must contain at least one letter (Oracle passwords are not case sensitive) one digit (base 10 digits 0-9), and one special character consisting of only the following : ~ ` ! ^ * ( ) _ - = [ ] { } | : ; < > ? , .

Page - 8 - of 113 Application Development Standards e. Password must not be the same or similar as the user-id. f. Password must be different from the previous five passwords (5) used. g. If an invalid password is entered, the system will re-query for a valid entry. h. The password must be stored in encrypted form. i. After five (5) consecutive login attempts, the account must lock for a period of not less than fifteen (15) minutes. j. User sessions must time-out after sixty (60) minutes of inactivity. User authentication shall be requested to proceed with usage of the system. k. Password cannot be reused for thirty (30) days.

External Access

1. The methods for external users (General Public) to access the Oracle database(s) are:

a. Using Microsoft Internet Information Services (IIS) (Example: Enterprise E- Commerce)  Application resides on a web server in the DMZ.  Access to the database goes through Oracle Connection Manager.  Application connects to Oracle with a dedicated application user-id (DAU). The DAU and password are stored in a secure file on the web server to which only the application code, the server administrator, and the database administrator have access.  Application provides web-based user a method to register for an application account.  User receives email verification of account and password. At a minimum, passwords should be set to expire every ninety (90) days unless justification not to expire the passwords is documented and approved by the department Information Security Manager.  Changes to production data must be processed through a “queue” (database table) for review by program area staff before update to production program tables occurs. If a different process for external production updates must occur, justification for the process must be documented and approved by the Information Security Manager.  CRE_USER and MOD_USER fields will be populated with the unique application user-id; or with the DAU provided it is linked back to the unique web-based application user-id through table relationships, maintained by referential integrity.

b. Using Oracle Application Server (AS) (Example: AES Continuing Education Units)  Application resides on a web server in the DMZ.  Access to the database goes through Oracle Connection Manager.  Application connects to Oracle with a dedicated application user-id (DAU). The DAU and password are stored in an Oracle DAD on the web server to which only the database administrator has access.  Application provides web-based user a method to register for an application account.  User receives email verification of account and password. At a minimum, passwords should be set to expire every ninety (90) days unless justification not to expire the passwords is documented and approved by the Information Security Manager.  Changes to production data must be processed through a “queue” (database table) for review by program area staff before update to production program tables occurs. If a different process for external production updates must occur, justification for the process must be documented and approved by the department Information Security Manager.

Page - 9 - of 113 Application Development Standards  CRE_USER and MOD_USER fields will be populated with the unique application user-id; or with the DAU provided it is linked back to the unique web-based application user-id through table relationships, maintained by referential integrity.

SECTION 4.3: SQL SERVER DATABASE LOGINS AND SECURITY

Internal Access

a. Application captures Windows credentials.  Active Directory takes care of password requirements.  Application uses Active Directory account to associate users to roles and privileges stored within the application. This can be based on the individual user or user’s membership in an Active Directory security group.  Application owner must approve application users and manage orphaned accounts (accounts for users who no longer have approved access).  The application connects to the database with a dedicated application user-id (DAU). The DAU and password are stored in encrypted format in a secure file on the web server to which only the application code, the server administrator and database administrator have access.  A department-approved tool must be used to encrypt the connection string.  The application populates the audit fields (CRE_USER and MOD_USER) with the Active Directory (Network) user-id; or the DAU may be used provided it is linked back to the unique Active Directory (Network) user-id through table relationships, maintained by referential integrity.  The application must provide the ability to run a report detailing user privileges to the application for user account review by the application owner.

b. Application requires additional authentication. (Example: web map service.)  The application presents a login window; the user authenticates with a unique application user-id and password.  The application handles creating and maintaining unique user-id’s and passwords, which are stored in an application table; the password must be stored in an encrypted format.  The application must implement and maintain password requirements according to Administrative Policy and Procedure 8-10 (see “2. Passwords” below).  The application owner must approve application users and manage orphaned accounts (accounts for users who no longer have approved access).  The application connects to the database with a dedicated application user-id (DAU). The DAU and password are stored in a secure file on the web server to which only the application code, the server administrator, and the database administrator have access.  A department-approved tool must be used to encrypt the connection string.  The application populates the audit fields (CRE_USER and MOD_USER) with the unique application user-id; or the DAU may be used provided it is linked back to the unique application user-id through table relationships, maintained by referential integrity.  The application must provide the ability to run a report detailing user privileges to the application for user account review by the application owner.

Page - 10 - of 113 Application Development Standards c. For the development SQL Server(s) only:  Active Directory domain groups will be created as needed based on divisions or specific applications.  Developers’ unique Active Directory domain accounts will be added to the appropriate group(s).  A SQL Server database user will be created for each Active Directory group.  Developers will be able to access the SQL Server using SQL Server management Studio (SSMS) console or an ODBC connection setup on their workstation.  Developers will be required to enter their Active Directory login and password each time they access the SQL Server.

2. Passwords - Users who will be inserting, updating and deleting records must have individual logins to the application. This aids in auditing procedures on the tables and database security. Active Directory enforces the following security requirements for individual logins; if user authentication (username/password) is being processed at the application level, rather than the Active Directory level, the application must include functionality to enforce these requirements:

External Access

1. The method for external users (general public) to access the SQL Server database(s) is Microsoft Internet Information Services (IIS). (Example: Food, Nutrition, and Wellness CNP application)

a. Application resides on a web server in the DMZ. b. Application connects to the database with a dedicated application user-id (DAU). The DAU and password are stored in a secure file on the web server to which only the application code, the server administrator, and the database administrator have access. c. Application provides web-based user a method to register for an application account. d. User receives email verification of account and password. e. At a minimum, passwords should be set to expire every ninety (90) days unless justification not to expire the passwords is documented and approved by the Information Security Manager. f. Changes to production data must be processed through a “queue” (database table) for review by program area staff before update to production program tables occurs. If a different process for external production updates must occur, justification for the process must be documented and approved by the department Information Security Manager. g. The application populates the audit fields (CRE_USER and MOD_USER) with the unique application user-id; or with the DAU provided it is linked back to the unique web- based application user-id through table relationships, maintained by referential integrity.

Page - 11 - of 113 Application Development Standards h. The application must provide the ability to run a report detailing user privileges to the application for user account review by the application owner

SECTION 4.4: MICROSOFT ACCESS SECURITY

Internal Access (Intranet and Internal Network Drive)

The recommended back-end databases for applications with multiple users storing sensitive or mission critical information are Oracle and SQL Server.

There are three levels of protection when considering options for securing Microsoft Access databases at design time:

1. Create a user password for those who will access the database. This method only secures the Microsoft Access application as a whole. It does not protect individual databases files. As such, this is not a viable option unless the database can only be opened from the server that houses it and all users of that server are forced to enter a password each time they start Microsoft Access. 2. Create a password for the database. This method helps protect data by only allowing users with these credentials to access the data inside the database. Unfortunately, this option is not 100% secure as there are several tools available for download that will discover both file-level passwords and user-level passwords. 3. Add the database to a specific workgroup. This method ensures that only computers that are a part of the workgroup may access the database, regardless of whether or not they have the correct login information. If the server which hosts the application needs to interact with databases that are not a part of the workgroup then this method cannot be used.

The best possible mix of protection for using MS Access databases is to: a. Force all users to log into MS Access individually. b. Set passwords on each MS Access database file. c. Create an isolated workgroup for the hosting server that is not shared among remote workstations.

Intranet Access

1. Intranet read only – the owner of the database is the one editing the database directly then replacing the database file on the intranet.

2. Intranet read/write – the Microsoft Access database is modified by an ASP script or a .Net application and may show specific text within the database on a web page. (Examples: sign- up applications, forum applications, FAQ applications).

External Access

Microsoft Access is not allowed for any new external facing application after the release of Version 8 of the Application Development Standards. The recommended back-end databases for Internet applications are SQL Server and Oracle.

1. Legacy Microsoft Access databases interacting with a .NET application using the .NET 2.0 or above Framework, must reside within the App_Data folder. This folder is not accessible via the Internet if the website is properly configured to use the .NET 2.0 or above Framework. 2. Legacy Microsoft Access databases interacting with Classic ASP or .NET 1.0 application must reside outside of the web site root directory.

Page - 12 - of 113 Application Development Standards

SECTION 4.5: GEOGRAPHIC INFORMATION SYSTEM SECURITY

Internal

a. Access may be direct (using desktop tools such as ESRI ArcCatalog, ArcMap, Google Maps, etc.), or through a department-approved map service or application. b. For direct access, users will connect with their unique Oracle user-id. c. Oracle accounts must be approved by the OATS GIS data administrator. d. Map services will use a dedicated application user-rid (DAU); the connection string must be stored encrypted in a file accessible only by the server administrator. e. For inserts/updates/deletes, the unique application user-id or unique Oracle user-id must be stored in the CRE_USER/MOD_USER fields. f. For production and control/beta/test environments, only the OATS GIS data administrator and delegates will have insert, update, or delete privileges; select privileges will be granted to appropriate viewer roles for each schema; these roles will be granted to appropriate division personnel. The OATS GIS data administrator may approve update privileges to an application (e.g. PEC). g. The division GIS data custodians will have insert/update/delete/select privileges on their division’s schemas in the development environment. h. Division GIS data custodians will notify the OATS GIS data administrator of the appropriate privileges required for GIS data in division specific schema of the Test and Production environments.

External

a. No direct access permitted; all access will be through department-approved map services or applications. b. Only read-only access is allowed. c. Map services will use a dedicated application user-id (DAU); the connection string must be stored encrypted in a file accessible only by the server administrator.

SECTION 4.6: PASSWORDS - General

In general, any users who will be inserting, updating and deleting records must have individual logins to the database or to the application. This includes commercial off-the-shelf applications and externally hosted applications, such as cloud-based solutions. This aids in auditing procedures and application security. If user authentication (username/password) is being processed at the application level, rather than the database level, the application must include functionality to enforce these requirements (please review the separate sections for Network, Oracle, SQL Server, Microsoft Access, and GIS for any specific password criteria required):

Page - 13 - of 113 Application Development Standards i. User sessions must time-out after sixty (60) minutes of inactivity. User authentication shall be requested to proceed with usage of the system.

If the application cannot meet all of the password requirements, and the Division assumes the risk, exceptions must have the approval of the department Information Security Manager prior to implementation/use. This should be documented in the Security Plan for the application.

SECTION 5: 60-8.0011 FLORIDA ACCESSIBLE AND ELECTRONIC INFORMATION TECHNOLOGY RULE

As of January 23, 2007, Chapter 60-8 was adopted to implement Sections 282.601-.606 Florida Statutes. The purpose of the Florida Accessible Electronic and Information Technology Rules is to promulgate rules for the development, procurement, maintenance and use of electronic information technology. The purpose and compliance with the rule is to ensure that individuals with disabilities have access to and use of information and data that is comparable to the access and use by members of the public who are not individuals with disabilities, unless an undue burden would be imposed on the agency. “Compliance” also means compliance with the standards set forth in Rule 60-8.001, F.A.C., ensuring that state employees with disabilities have access to and are provided with information and data comparable to the access and use by state employees who are not individuals with disabilities, unless an undue burden would be imposed on the agency. These requirements should be considered starting at the Needs Assessment Phase of the ITLC so that redesign does not occur later in the application development process.

SECTION 5.1: TECHNICIAL STANDARDS

The list of standards below is taken directly from 60-8-1.002. It should be noted that our adopted Internet Web Standards (Internet and Intranet Web Standards) already incorporate many of the items on this list:

(1) The following technical standards shall be applicable to the development, procurement, maintenance and use of electronic and information technology: (a) Technical Standards 1. Software applications and operating systems.

i. When software is designed to run on a system that has a keyboard, product functions shall be executable from a keyboard where the function itself or the result of performing a function can be discerned textually. ii. Applications shall not disrupt or disable activated features of other products that are identified as accessibility features, where those features are developed and documented according to industry standards. Applications also shall not disrupt or disable activated features of any operating system that are identified as accessibility features where the application programming interface for those accessibility features has been documented by the manufacturer of the operating system and is available to the product developer. iii. A well-defined on-screen indication of the current focus shall be provided that moves among interactive interface elements as the input focus changes. The focus shall be programmatically exposed so that assistive technology can track focus and focus changes. iv. Sufficient information about a user interface element including the identity, operation and state of the element shall be available to assistive technology.

Page - 14 - of 113 Application Development Standards When an image represents a program element, the information conveyed by the image must also be available in text. v. When bitmap images are used to identify controls, status indicators, or other programmatic elements, the meaning assigned to those images shall be consistent throughout an application’s performance. vi. Textual information shall be provided through operating system functions for displaying text. The minimum information that shall be made available is text content, text input caret location, and text attributes. vii. Application shall not override user selected contrast and color selections and other individual display attributes. viii. When animation is displayed, the information shall be displayable in at least one non-animated presentation mode at the option of the user. ix. Color coding shall not be used as the only means of conveying information, indicating an action, prompting a response, or distinguishing a visual element. x. When a product permits a user to adjust color and contrast settings, a variety of color selections capable of producing a range of contrast levels shall be provided. xi. Software shall not use flashing or blinking text, objects, or other elements having a flash or blink frequency greater than 2 Hz and lower than 55 Hz. xii. When electronic forms are used, the form shall allow people using assistive technology to access the information, field elements, and functionality required for completion and submission of the form, including all directions and cues.

2. Web-based intranet and internet information and applications.

i. A text equivalent for every non-text element shall be provided (e.g., via “alt”, “longdesc”, or in element content). ii. Equivalent alternatives for any multimedia presentation shall be synchronized with the presentation. iii. Web pages shall be designed so that all information conveyed with color is also available without color, for example from context or markup. iv. Documents shall be organized so they are readable without requiring an associated style sheet. v. Redundant text links shall be provided for each active region of a server-side image map. vi. Client-side image maps shall be provided instead of server-side image maps except where the regions cannot be defined with an available geometric shape. vii. Row and column headers shall be identified for data tables. viii. Markup shall be used to associate data cells and header cells for data tables that have two or more logical levels of row or column headers. ix. Frames shall be titled with text that facilitates frame identification and navigation. x. Pages shall be designed to avoid causing the screen to flicker with a frequency greater than 2 Hz and lower than 55 Hz. xi. A text-only page, with equivalent information or functionality, shall be provided to make a web site comply with the provisions of this part, when compliance cannot be accomplished in any other way. The content of the text-only page shall be updated whenever the primary page changes. xii. When pages utilize scripting languages to display content, or to create interface elements, the information provided by the script shall be identified with functional text that can be read by assistive technology. xiii. When a web page requires that an applet, plug-in or other application be present on the client system to interpret page content, the page must provide a link to a plug-in or applet that complies with rule sub-subparagraphs 60-8-1.002(1)(b)l.-16, F.A.C.

Page - 15 - of 113 Application Development Standards xiv. When electronic forms are designed to be completed online, the form shall allow people using assistive technology to access the information, field elements, and functionality required for completion and submission of the form, including all directions and cues. xv. A method shall be provided that permits users to skip repetitive navigation links. xvi. When a timed response is required, the user shall be alerted and given sufficient time to indicate more time is required.

SECTION 5.2: INFORMATION, DOCUMENTATION, AND SUPPORT

Section 60-8.002(3) states the following: a. Product support documentation provided to end-users shall be made available in alternate formats upon request, at no additional charge. b. End-users shall have access to a description of the accessibility and compatibility features of products in alternate formats or alternate methods upon request, at no additional charge. c. Support services for products shall accommodate the communication needs of end-users with disabilities. d. Nothing in this rule chapter shall be construed to require fundamental alteration in the nature of a product or its components. e. Products located in spaces frequented only by service personnel for maintenance, repair, or occasional monitoring of equipment are not required to comply with this rule chapter.

SECTION 5.3: PROCUREMENT AND DEVELOPMENT CRITERIA

1. Section 60-8.003, F.A.C. - Electronic and Information Technology Procurements section states that when procuring electronic and information technology resources, all effort shall be made to procure products which comply with the accessibility standards provided in Rule 60-8.002 F.A.C., when such products are available in the commercial marketplace or developed in response to a solicitation. The following language must be included in solicitations and contracts: Accessible Electronic Information Technology: Vendors submitting responses for this solicitation must provide electronic and information resources in complete compliance with the accessibility standards provided in Rule 60-8.002, F.A.C. (see Section 5.1). These standards establish a minimum level of accessibility.

2. Section 60-8.004, F.A.C. – Electronic and Information Technology Development section states that when designing, developing, and maintaining electronic and information technology resources, state agencies shall develop those processes or products which comply with the accessibility standards provided in Rule 60-8.002, F.A.C.(see Section 5.1).

3. Sections 60-8.003 and 1.004, F.A.C. – When procuring a product, or designing, developing and maintaining electronic and information technology resources, if a state agency determines that compliance with any provision of Sections 282.601 -.606, Florida Statutes, or this rule chapter imposes an undue burden, the documentation by the state agency supporting the procurement or determination of undue burden in design/development shall explain specifically why, and to what extent, compliance with each such provision creates an undue burden.

Page - 16 - of 113 Application Development Standards

SECTION 6: PUBLIC RECORDS & ELECTRONIC RECORDKEEPING REQUIREMENTS

SECTION 6.1: SOCIAL SECURITY NUMBERS

Section 119.071(5)(a)5, Florida Statutes, states that social security numbers held by an agency are confidential and exempt from s. 119.07(1) and s. 24(a), Article 1 of the State Constitution. Please refer to AP&P 1-9 – Public Records Inspection and/or Duplication Fees, which identifies other department information which is exempt from the provisions of Chapter 119, Florida Statutes.

Section 119.071(5)(a)2.a., Florida Statutes, states an agency may not collect an individual’s social security number unless the agency has stated in writing the purpose for its collection and unless it is: (I) Specifically authorized by law to do so; or (II)Imperative for the performance of that agency’s duties and responsibilities as prescribed by law. An agency collecting an individual’s social security number shall provide that individual with a copy of the written statement (s. 119.071(5)(a)3,F.S.).

SECTION 6.2: APPLICABILITY

Chapter 119.011(11), Florida Statutes concerning “public records” includes electronic records. Electronic records is any electronically recorded data which is (1) made or received pursuant to law or ordinance or in connection with the transaction of official business, or (2) any material prepared in connection with official agency business which is intended to perpetuate, communicate, or formalize knowledge of some type. Examples may include: 1. data files, 2. databases, 3. machine readable indexes, 4. word processing files, 5. electronic spreadsheets, 6. electronic mail and messages, 7. as well as other text or numeric information.

SECTION 6.3: CHAPTERS 1B-24 and 1B-26.003, FLORIDA ADMINISTRATIVE CODE

Chapter 1B-24, Florida Administrative Code is the Rule that outlines Public Records Scheduling and Disposition. Each division has a Records Management Liaison (RML) and in some divisions, each bureau has a RML (Department RML List). The RML should be contacted during the application requirements gathering to determine the “Records Retention Schedule” and, when possible, be made part of the application design. The department has two policies concerning Public Records and Records Management, AP&P 1-9 Public Records Inspection and/or Duplication Fees and AP&P 4-18 Records Management.

Chapter 1B-26.003 Florida Administrative Code is the Rule that outlines minimum requirements for the creation, utilization, maintenance, retention, preservation; storage and disposition of electronic record (master) copies, regardless of the media (Electronic Recordkeeping).

The Department of State has developed the State of Florida Electronic Records and Records Management Practices Handbook (DOS Electronic Records Handbook) to

Page - 17 - of 113 Application Development Standards assist State agencies in complying with all the Florida Statutes pertaining to records management. The handbook also lists questions that should be considered when the system is in development or system rewrite to address electronic records. The questions stated in the State of Florida Electronic Records and Records Management Practices are: 1. What is the system's purpose? Does it serve different purposes for different users'? Do the different purposes reflect different needs for retained data? 2. What inputs are needed and how long should they be retained? Are they needed for legal or audit purposes? 3. How long does information need to be kept online? Are online retention requirements directly indicated onto unit records or data sets? 4. If the agency no longer needs data online, does it need to retain it offline and for how long and in what format? 5. Can requirements for retention and disposition of data be integrated with system design and operations? For example: with update procedures, regular backup operations, creation of history files, subset files, and public use data sets? 6. What will be done with the reports, either on paper or computer output microfilm (COM), generated by the system? 7. Are multiple copies of the data needed? If so, in what format and media? In what locations? Do all media need to be maintained for the same length of time? What will happen to the different media, and when? How will the integrity and authority of the data be ensured'? 8. Is the information in the system part of the agency's vital records program? If so, what provisions must be made to ensure availability of the information in emergency situations. 9. Who is responsible for maintaining up-to-date, authoritative documentation of the system and the data it contains? Where will the documentation be maintained? 10. Which medium containing the data must be given special care to ensure data preservation for long term operational needs or for archival purposes?

The handbook (DOS Electronic Records Handbook) covers the following areas concerning electronic records and should be read in its entirety: 1. Recording requirements 2. Management roles and responsibilities 3. Organizing and controlling electronic records 4. Email as a public record 5. Maintenance and use of electronic records 6. Disposition of electronic records

These rules outline the documentation that must be kept pertaining to any electronic records system and must be able to be produced upon request from the public for information. These documents include:

1. A narrative description of the system, including all inputs and outputs of the system; the organization and contents of the files and records; policies on access and use; security controls; purpose and function of the system; update cycles or conditions and rules for adding information to the system, changing information in it, or deleting information; and the location and media in which electronic records are maintained and their retention requirements to ensure appropriate disposition of records in accordance with Chapter 1B-24, F.A.C.; 2. The physical and technical characteristics of the records, including a record layout or markup language that describes each file or field including the name, size, starting or relative position, and description of the form of the data (type such as alphabetic (character), decimal, or numeric) or a data dictionary or the equivalent information

Page - 18 - of 113 Application Development Standards associated with a database management system including a description of the relationship between data elements in databases; 3. For information coming from geographic information systems (GIS), the physical and technical characteristics of the records must be described including a data dictionary, a quality and accuracy report and a description of the graphic data structure; 4. Any other technical information needed to read or process the records. 5. Chapter 60-8 F.A.C.. Information, Documentation and Support for accessibility states the following: a. Product support documentation provided to end-users shall be made available in alternate formats upon request, at no additional charge. b. End-users shall have access to a description of the accessibility and compatibility features of products.

SECTION 7: DATA INTEGRITY

Every effort should be made to ensure the integrity and quality of data in the department. Data integrity is an umbrella term that refers to the consistency, accuracy and correctness of the data stored in a database. Think of data integrity in terms of the old adage: “garbage in- garbage out’”. Data integrity is about keeping the garbage out. The following guidelines should be followed.

1. There are four primary types of data integrity:

a. Entity Integrity – applies to the row level and ensures that each row in the table is uniquely identified to ensure a table does not have duplicate rows. Entity integrity ensures that each row has a unique identifier most often enforced by placing a primary key constraint on a specific column or a unique constraint (see next section for naming standards).The primary key constraint forces each value inserted into a column (or combination of columns) to be unique and will cause an insert to fail if a user attempts to insert a duplicate value into a column. i. A composite primary key is a primary key that consists of more than one column and it is used when none of the columns in the composite key is unique by itself. ii. Non-primary key columns on which uniqueness is enforced are referred to as alternate keys and are used as an “alternative” to the primary key for indexing or joining on. b. Domain integrity – is referred to as attribute integrity. It requires that a set of data values fall within a specific range (domain) in order to be valid and should be used whenever possible to aid in data quality and consistency. In other words, domain integrity defines the permissible entries for a given column by restricting the data type, format, or range of possible values (used as a drop down list). i. Examples of domain integrity would be to ensure an entry in an ‘age’ field is an integer and must be between the values of 0 and 120. ii. Domain integrity can be enforced with default constraint, foreign key, check constraint, data types, etc. For example:

CREATE TABLE employees (employee_id numeric(4), employee_name varchar2(50), employee_gender varchar2(1), CONSTRAINT employees_id_ck CHECK (employee_id BETWEEN 100 and 9999) CONSTRAINT employees_name_ck

Page - 19 - of 113 Application Development Standards CHECK (employee_name = upper(employee_name)) CONSTRAINT employees_gender_ck CHECK (employee_gender in ('F', 'M'));

c. Referential Integrity – occurs at the table level and means that the relationship between two tables must be preserved when records are inserted, updated and deleted. The primary objective of referential integrity is to prevent “orphans” in the database. i. Referential integrity is typically enforced with a primary key (PK) and foreign key combination (FK). A FK is a column or combination of columns in one table (child table) that takes its value from the PK in another table (parent table). ii. In order for referential integrity to be maintained, the FK in the “child” table can only accept values that exist in the PK of the “parent” table. iii. Referential integrity is most often implemented with a PK-FK combination, but triggers or stored procedures can also be used. iv. Please refer to Section 11, item 4 for information on foreign key indexes.

d. User-defined integrity - refers to specific business rules not covered by other integrity categories and is typically implemented through triggers and stored procedures.

SECTION 8: FDACS ENTERPRISE SYSTEMS AND DATA

To minimize duplication in collecting, processing, storing and distributing data and to enable the department to share data among the divisions and outside agencies, there are systems and tables which must be used in all application development. A division or office should not duplicate at the division level, the processes and data in the systems listed below.

SECTION 8.1: ENTERPRISE SYSTEMS

FDACS maintains an inventory of all applications/systems in the department in an Oracle web application named Department Information Systems Inventory (DISI) which is maintained in OATS by the data administrator. Read-only access is available to anyone in the department having an Oracle account in the DOA instance via the OATS intranet site. All Division Information Officers have update into DISI. When development starts on a new application, it must be added to DISI.

This application maintains a comprehensive inventory of business and technical components, application owners and descriptions and location of the data related to FDACS information systems and resources. It is used to produce reports for the Auditor General, Legislature and Governor's Office as well as used internally.

The other enterprise systems that are used by all divisions in an effort to minimize duplication of effort and ensure that the data being used by the divisions is as accurate as possible are:

1. Administration Imaging Management System (AIMS/TRAVEL) - this application includes online requests for travel, bids, requisitions, change orders, leases, vouchers and contracts with an electronic approval process and document imaging. The Travel module in AIMS provides an automated data entry application to capture and track the processing of travel documents and authorizations.

2. Agency Clerk Filings System - this application tracks the department's administrative actions involving fines and penalties of regulated statutes and rules that fall under agency

Page - 20 - of 113 Application Development Standards jurisdiction. The Agency Clerk Filing System provides a mechanism for program areas to input information regarding an administrative complaint and obtain a number that will be used to track the administrative action throughout the settlement process and filing with the agency clerk. This application allows fines to be tied back to revenue.

3. Contract Administration and Tracking System - this application tracks the department contracts in the Division of Administration Office of the Director. Contract Managers enter preliminary information into CATS by using the web based portion of Administration Imaging Management System (AIMS). The route slip is printed from the preliminary information and sent to the Office of the Director with the draft contract. The Office of the Director is responsible for assigning unique contract numbers and verifying the information for the contract before the contract is executed. E-mail is sent to all active contract managers each month as a reminder to review their contracts. 4. Coop and Personal Assets System - employee roles and emergency contact information has been added to the DACS employee tables to allow for this information to be stored/updated in one location. Supervisors and other authorized users are allowed to update the information from an intranet application for coop roles, business address and phones and emergency location. Home information will remain updated in State system People First. The Personal Assets portion of the system permits authorized individuals (usually department supervisors) to insert, query and update information about the various sensitive property items issued to department employees and external users.

5. Department of Agriculture and Consumer Services System - this application provides a means to maintain the department level tables such as the data related to personnel, firms, and look-up tables such as counties. It tracks employees as well as ops, contractors, temporary employees, and federal employees who perform work for the department. The employee roles (coop and others) are included as part of this system. The tables for address validation are also in the DACS schema.

6. Disbursements - this application allows department users to enter disbursement information, scan backup documentation, and forward the information to the Bureau of Finance and Accounting (F&A) for approval. When the disbursement is reviewed by F&A, it can be returned to the division for further information or approved. After approval, disbursement records are electronically uploaded to state FLAIR system. Users in the disbursement section can correct any errors and upload the records again. The application allows users to track the status of the disbursement through the process.

7. Enterprise E-Commerce System - this is an Internet Division of Administration web site for e-commerce. The division programs currently using e-commerce for payment from the public are the Division of Fruit and Vegetables CitraNet/Haulers subscription), Division of Agricultural Environmental Services (Pesticide Product Brand Registrations new and renewal), Division of Food Safety (Food Re-inspection Fees and Food Export Certificates) and Division of Consumer Services ((LPGAS license renewal, LPGAS training and class registration, LPGAS exam), Motor Vehicle Registration Renewal and Game Promotion/sweepstake and Do Not Call Purchase List). The application provides the public a way to renew and pay online (internet). This system allows for receiving and reconciling department revenues electronically; integration with department applications, department of financial services, flair, financial institutions. There is outsourcing of the gateway vendor Govolution and Bank of America.

8. Enterprise Imaging System – this is a web-based (intranet) document management system that is available to the department. A feature of the system is the capability of configuring multiple applications (categories of documents) and restricting access by

Page - 21 - of 113 Application Development Standards individual users and or groups of users. In addition, users and groups can be limited to a set of functions by individual or a role assignment. Administration, AgLaw, Plant Industry, Marketing, Agriculture Water Policy and AES are using the system.

9. Financial Information System - this application is a warehouse of the department's financial information. Many of the tables belonging to this schema are loaded from data received from the State FLAIR system each night. The disbursement subsystem is also part of the FIS schema.

10. Forms Management System - this application is used to manage the department forms which have gone through an approval process and have been issued an official form number. The primary user is the forms manager in the Division of Administration, but there is an intranet search feature that is used by all divisions.

11. GIS Enterprise Data Library - the GIS database library provides a direct link to current and accurate GIS base map layers needed for all department mapping products as well as linkage to program specific data that resides in division maintained Oracle databases and/or other SDE data libraries.

12. GIS Metadata Catalog - this application provides an inventory of all available spatial data in SDE available throughout the department and gives department GIS managers the ability to annotate their metadata

13. Remedy Asset Inventory - this application is the OATS Help Desk problem/call tracking database utilized by OATS personnel, DIOs, and all agency technicians. Reports produced include computer problem/resolution statistics, identifying training needs, identifying application/network or telephone system issues, and hardware maintenance contract compliance.

14. Revenue Online Collection - (ROC) internet portal allows any agency customer to pay renewal fees or invoices online. There is a single point of entry to ROC the via egov-online authentication system. Prior to ROC, the standard operating procedure was for the external customer to mail their payments and supporting documents to Finance and Accounting's revenue section to be processed manually. The ROC internet portal allows the customer to attach their supporting documents with their online payment. A cash sheet will continue to be sent to the divisions once payment has been received from payment processor and entered into the Revenue system. The Revenue Online Collection (ROCFDACS) intranet site provides the divisions a search screen to view the scanned documents that have been submitted by the customer.

SECTION 8.2: EMPLOYEE DATA

There is a centralized employee table in a schema called DACS in the DOA database that was deployed in 1999. A view of this table is available for all the divisions to use instead of duplicating or maintaining their own employee data. A specialized view can be created for each division so that the division views only their information. The initial employee record is created by the Bureau of Personnel when they receive a start date for a new employee. At that time, the minimum information necessary is input into the database: employee last name, first name, SSN, and organizational number. This allows for the user account information (Oracle, Network, etc) and the FDACS employee ID information to be linked to the employee record. To gain access to these tables, please contact the Division Information Officer for the Division of Administration, at 617-7023

Page - 22 - of 113 Application Development Standards There is an update process nightly from People First to populate the rest of the employee information when it has been input into the People First database. As of April 26th, 2006, employee business address information is being updated directly to the DACS Employee tables and not downloaded from People First. Employees update their home information in People First which is in the nightly download.

There is a Bureau of Personnel approved DACS.ALL_EMPLOYEES_V view of employee data for general use that contains OPS, Career Service, SES, SMS and external users (contractors, vendors, other State and Federal personnel). There are other views containing employee information by the employee type: DACS.EMPLOYEE_V DACS.OPS_EMPLOYEES_V DACS.EXTERNAL_USERS

Should your division require additional attributes for any of these views, you must contact the Bureau Chief for Personnel or the Assistant Division Director for Administration as some employee information is restricted and/or confidential.

The current attributes in the DACS.ALL_EMPLOYEES_V view approved by Bureau of Personnel for general use are:

Attribute Name Type PK NUMBER(10) CLASS_TITLE VARCHAR2(45) CRE_DATE DATE CRE_USER VARCHAR2(10) CONF_INDIC VARCHAR2(1) EMP_TYPE VARCHAR2(12) EMPLOYEE_ID VARCHAR2(10) END_DATE DATE FIRST_NAME VARCHAR2(25) FULL_NAME VARCHAR2(52) LAST_NAME VARCHAR2(25) MIDDLE_INITIAL VARCHAR2(1) MOD_DATE DATE MOD_USER VARCHAR2(10) NAME_CHANGE_INDIC VARCHAR2(1) NAME_PREFIX VARCHAR2(20) NAME_SUFFIX VARCHAR2(7) NICK_NAME VARCHAR2(10) ORG_CODE VARCHAR2(24) ORG_NAME VARCHAR2(45) POS_NUM VARCHAR2(6) SEPARATION_DATE DATE SWORN_INDIC VARCHAR2(1) TELECOMMUTE_INDIC VARCHAR2(1) VET_PREF_INDIC VARCHAR2(1)

The current attributes in the DACS.EMPLOYEES_V view (Career Service, SMS, SES only) approved by Bureau of Personnel for general use are:

Attribute Name Type PK NUMBER(10) CRE_DATE DATE CRE_USER VARCHAR2(10) LAST_NAME VARCHAR2(25) CDL_STATUS VARCHAR2(1) CDL_STATUS_DATE DATE CLASS_TITLE VARCHAR2(45) CONF_INDIC VARCHAR2(1) CONT_SERVICE_DATE DATE

Page - 23 - of 113 Application Development Standards CURRENT_MONTHS_SERVICE NUMBER(3) EDUCATION_LEVEL VARCHAR2(2) EDUCATION_MAJOR VARCHAR2(3) END_DATE DATE FIRST_NAME VARCHAR2(25) FULL_NAME VARCHAR2(52) HOLIDAY_TAKEN_DATE DATE HOME_COUNTY_NUM VARCHAR2(2) INITIAL_HIRE_DATE DATE LEAVE_ACCRUAL_DATE DATE MIDDLE_INITIAL VARCHAR2(1) MIDDLE_NAME VARCHAR2(25) MOD_DATE DATE MOD_USER VARCHAR2(10) NAME_CHANGE_INDIC VARCHAR2(1) NAME_PREFIX VARCHAR2(20) NAME_SUFFIX VARCHAR2(7) NICK_NAME VARCHAR2(10) NON_DRIVER_INDIC VARCHAR2(1) OLO_CODE VARCHAR2(4) OLO_NAME VARCHAR2(50) ORG_CODE VARCHAR2(24) ORG_NAME VARCHAR2(45) POS_NUM VARCHAR2(6) SEPARATION_DATE DATE STATE_DIRECTORY_NICK_NAME VARCHAR2(1) STATE_DIRECTORY_OMIT VARCHAR2(1) SWORN_INDIC VARCHAR2(1) TELECOMMUTE_INDIC VARCHAR2(1) VET_PREF_INDIC VARCHAR2(1)

The current attributes in the DACS.OPS_EMPLOYEES_V view (OPS only) approved by Bureau of Personnel for general use are:

Attribute Name Type PK NUMBER(10) CLASS_TITLE VARCHAR2(45) CONF_INDIC VARCHAR2(1) CRE_DATE DATE CRE_USER VARCHAR2(10) CONT_SERVICE_DATE DATE DUAL_EMPLOYMENT_INDIC VARCHAR2(1) EDUCATION_LEVEL VARCHAR2(2) EDUCATION_MAJOR VARCHAR2(3) END_DATE DATE FIRST_NAME VARCHAR2(25) FULL_NAME VARCHAR2(52) HOME_COUNTY_NUM VARCHAR2(2) INITIAL_HIRE_DATE DATE LAST_NAME VARCHAR2(25) MIDDLE_INITIAL VARCHAR2(1) MIDDLE_NAME VARCHAR2(25) MOD_DATE DATE MOD_USER VARCHAR2(10) NAME_CHANGE_INDIC VARCHAR2(1) NAME_PREFIX VARCHAR2(20) NAME_SUFFIX VARCHAR2(7) NICK_NAME VARCHAR2(10) NON_DRIVER_INDIC VARCHAR2(1) ORG_CODE VARCHAR2(24) ORG_NAME VARCHAR2(45) POS_NUM VARCHAR2(6) SEPARATION_DATE DATE STATE_DIRECTORY_NICK_NAME VARCHAR2(1) STATE_DIRECTORY_OMIT VARCHAR2(1) STUDENT_TYPE VARCHAR2(0)

Page - 24 - of 113 Application Development Standards SWORN_INDIC VARCHAR2(1) TELECOMMUTE_INDIC VARCHAR2(1) TOTAL_HOURS NUMBER VET_PREF_INDIC VARCHAR2(1)

SECTION 8.3: EXTERNAL USERS

There is a table in the DACS schema for housing the external users of our data and network (contractors, vendors, other state and Federal agencies). This table links the external user to a FDACS employee who is responsible for notifying the Help Desk when the external users’ account/access is no longer needed. It can also be used to store other information about the external users such as account names.

The current attributes in the DACS.EXTERNAL_USERS_V view are:

Attribute Name Type PK NUMBER(10) COMMENTS VARCHAR2(2000) CRE_DATE DATE CRE_USER VARCHAR2(10) EMP_PK NUMBER(10) END_DATE DATE EXTERNAL_EMAIL VARCHAR2(100) EXT_EMPLOYER_PK NUMBER(10) FIRST_NAME VARCHAR2(25) FULL_NAME VARCHAR2(52) INITIAL_HIRE_DATE DATE LAST_NAME VARCHAR2(25) LOCATION_BUILDING VARCHAR2(40) LOCATION_CITY VARCHAR2(80) LOCATION_STATE VARCHAR2(2) LOCATION_STREET VARCHAR2(80) LOCATION_ZIP VARCHAR2(5) LOCATION_ZIP4 VARCHAR2(4) MIDDLE_INITIAL VARCHAR2(1) MOD_DATE DATE MOD_USER VARCHAR2(10) NICK_NAME VARCHAR2(10) OPS_EMP_PK NUMBER(10) PHONE_NUMBER NUMBER(11) ROOM_NUM VARCHAR2(10) ANTICIPATED_SEPARATION_DATE DATE COOP_CONTACT_EMP_FK NUMBER(10) COOP_FUNCTION_FK NUMBER(10)

SECTION 8.4: EMPLOYEE OBJECTS

This table is used to store objects for an employee or external user such as Sonitrol cards, phone access cards, e-mail addresses, photo id badges, network user-id, Oracle user-id, purchasing cards, pagers, fuel cards, etc. Other objects could be added to accommodate the needs of the divisions.

The current attributes in the DACS.EMPLOYEE_OBJECTS_V view are:

Attribute Name Type PK NUMBER(10) CRE_DATE DATE CRE_USER VARCHAR2(10) ID VARCHAR2(30) OBJ_TYPE_PK NUMBER(10) COMMENTS VARCHAR2(255) EMP_PK NUMBER(10)

Page - 25 - of 113 Application Development Standards MOD_DATE DATE MOD_USER VARCHAR2(10) OPS_EMP_PK NUMBER(10) ISSUE_DATE DATE RETURN_DATE DATE DB_INSTANCE_NAME VARCHAR2(30) SONITROL_CARD_NUM VARCHAR2(15) PHOTO_NAME VARCHAR2(50) OUTSIDE_EMP_PK NUMBER(10) SONITROL_SECURITY_LEVEL VARCHAR2(2) DESCRIPTION VARCHAR2(250) LAST_MONITORED_DATE DATE REQUESTED_CANCELLATION_DATE DATE LU_EMP_OBJ_DISPOSITION_FK NUMBER(10) SERIAL_NUMBER VARCHAR2(100) ALT_ID VARCHAR2(100) MODEL_NUMBER VARCHAR2(100) RECEIVED_DATE DATE MANUFACT_FK NUMBER(10) PURCHASE_PRICE NUMBER(12,2)

SECTION 8.5: LOOK-UP TABLES

There are look-up tables in the DACS schema in the DOA instance for counties (DACS.LU_COUNTIES), countries (DACS.LU_COUNTRIES), divisions (DACS.FUNCTIONAL_DIVISION_BUREAU), FDACS organizations (DACS.LU_ORGS), phone numbers (DACS.LU_PHONE_TYPES) and others that should be used for consistency in the department. There are also look-up tables that must be used if collecting locational data (such as GPS, geo-coding, digital map interpolation). Those tables are:

DACS.LU_COLLECTION_METHOD DACS.LU_COLLECTION_MTH_TYPES DACS.LU_COORDINATE_ACCURACY DACS.LU_DATUM DACS.LU_OBJECTS_OF_INTEREST DACS.LU_POINT_PROXIMITY.

The department has address validation and geo-coding software available through procedures and web services. Information on the address validation would be available through the Information on the geo-coding services through the OATS Enterprise Platforms and Computer Operations Section (850 245-1065).

SECTION 8.6: ABBREVIATIONS AND ACRONYMS

Use abbreviations only when necessary. This makes remembering the spelling of the database entity easier. Try to remember that the users and other programmers will be trying to determine the contents of tables, packages, procedures, triggers, functions and columns by name. Abbreviations should be clear to the users, not codified for the developer. When using abbreviations, please review the approved list for the agency (Appendix 4) so that consistency is maintained (for instance using “num” instead of “no” or “#” for number). If the word is not on the list, refer to The Princeton Language Institute 21st Century Dictionary of Acronyms and Abbreviations (ISBN 0743486870) or check the following web site: http://www.acronymfinder.com/ .

Page - 26 - of 113 Application Development Standards

SECTION 9: ENTITY RELATIONSHIP DIAGRAM (E/R) GUIDELINES

SECTION 9.1: ENTITY

The representation of a distinguishable person, place, thing, concept, event or state which has characteristics, properties, or relationships, which are of interest to someone. The purpose of the e/r diagram is, at a minimum, to show relationships between tables. The same thing can be accomplished with a data model. A document showing relationships between data elements in databases is required Chapter 1B-26 FAC (see Section 6 of this document).

1. Entity name: a. Shall be unique within the application or schema (owner), but not within the agency. For example, more than one application within the FDACS might require an investigation entity. Prefixing the entity name with the application identifier (e.g. ST_INVESTIGATIONS, FOOD_INVESTIGATIONS, etc.) will uniquely identify the table within the database instance (e.g. DOA), thus allowing public synonyms and other benefits. Note: Refer to Appendix 3 for a list of already existing entities before naming a new entity. b. Shall be uppercase, singular and alphabetic with no special characters or dashes and cannot duplicate an Oracle reserved word. c. Entity name shall be brief but descriptive, Oracle allows 30 characters. Be sure to consider whether you will need public synonyms when considering the length of the table name. d. Each entity must have an appropriate description/definition.

SECTION 9.2: ATTRIBUTE GUIDELINES

Attribute is the name given to a representation of any detail that serves to qualify, identify, classify, quantify or express the state of an entity.

1. Attribute name must be: a. Upper case, singular and alphabetic with no special characters or dashes and cannot duplicate an Oracle reserved word. b. Brief but descriptive; maximum 25 characters. Date fields will have the word DATE included in the attribute name. For example, HIRE DATE. c. Attributes should be designated as the Primary Unique Identifier (UID), mandatory attribute (not null) or optional attribute (may be null) on the Entity Relationship Diagram

SECTION 9.3: PRIMARY UNIQUE IDENTIFIER ATTRIBUTES

Attributes that are part of a primary unique identifier (UID) will eventually be part of the primary key of a table. It should be listed first on the attribute list. Caution should be exercised when deciding what will be used as the primary UID for the entity/table. If there is any remote chance that the data might need to be changed in the future, do not use it as the primary UID.

An example of a change that occurred but was not expected is COUNTY_CODE, which originally was based upon county population is now done alphabetically. NAME shall not be used as a primary key of a table.

1. TABLENAME_PK or TableShortName_PK (example: emp_pk) is used for a UID that contains a system-generated number and is used internally during processing to access or

Page - 27 - of 113 Application Development Standards link data. The values are meaningful only as pointers or keys, and usually do not show on end user reports or screens.

2. When the primary key is based upon an intelligent data column such as PART_NUMBER, the primary key name will be in the format of the data column name, followed by an underscore followed by PK. PART_NUMBER would be PART_NUMBER_PK.

SECTION 9.4: RELATIONSHIPS

1. Each end of the relationship has a name that enables the user to understand the relationship easily. Remember that relationships are documenting business rules and will be used to explain the model to end-users. Refer to Appendix 5 of this document for examples of possible relationship name pairs. Relationships are bi-directional, that is, you should be able to read the relationship starting at either end:

Each department may be the employer of one or more employees. Each employee must be employed by one and only one department.

EMPLOYEE

employed by

employer of DEPARTMENT

2. The relationship name must be: a. Alphabetic b. Relationship text should be in lower case. Use single space as separator of relationship names. c. The degree of a relationship (cardinality) indicates how many entity instances may exist at one end of the relationship for each entity instance at the other end: d. A forked end (known as crow’s foot) signifies a relationship degree of “many”. Must be able to be read as being “one or more.” e. A single point signifies a relationship end degree of “one”. Must be able to be read as being “one and only one.” f. Minimize the use of bent lines and avoid crossing lines as much as possible.

3. The optionality indicates the minimum number of entity instances (rows) that are possible at one end of the relationship for each entity instance at the other end. a. A broken line signifies an optional relationship end. Must be able to be read as “may be.” b. A solid line signifies a mandatory relationship end. Must be able to be read as “must be.”

Page - 28 - of 113 Application Development Standards

SECTION 10: AUDITING

SECTION 10.1 AUDIT COLUMN

Audit capabilities are required in all systems developed for the agency. Auditing a table means keeping track of activities performed on the table. Every entity must contain the following four audit attributes:

1. CRE_DATE Date 2. CRE_USER Varchar2(30) 3. MOD_DATE Date 4. MOD_USER Varchar2 (30)

These audit attributes are to be detailed in the logical models for any entity. The columns will need to be populated by a database trigger fired upon insert and update of a row. Do not put these columns in the history tables.

SECTION 10.2 HISTORY TABLES

There may be situations where there is a need to know updates and deletes occurring on a table with a before look at the data. This would create the need for separate audit/history tables. These tables should have the name appended with HIST. Following the example will make the actual use of the history table easier. Record in MY_TABLE before update:

DATA MY_TAB_PK MOD_DATE MOD_USER CRE_DATE CRE_USER XXXX 10011 09-SEP-99 JONESP 02-MAR-98 SMITHT

Record in MY_TABLE after update:

DATA MY_TAB_PK MOD_DATE MOD_USER CRE_DATE CRE_USER SSSSSS 10011 25-DEC-99 BROWNW 02-MAR-98 SMITHT

Data in MY_TABLE_HIST after update:

DATA MYTAB_FK MOD_DATE MOD_USER CRE_DATE CRE_USER HIST_DATE HIST_USER XXXX 10011 09-SEP-99 JONESP 02-MAR-98 SMITHT 25-DEC-99 BROWNW ACTION_TYPE MY_TAB__HIST_PK U 000001

The MY_TABLE_HIST shows the record of MY_TABLE getting inserted when an update or delete of the record occurs. The data in the MY_TABLE_HIST will be the snapshot of the data before update or delete. NOTE: If the record were deleted, the MY_TABLE_HIST may be the only “snapshot” of what the data looked like before being deleted and who deleted the record. The MY_TABLE_HIST will also have its own PK (MY_TAB_HIST_PK).

The DBA section should be made aware of these history tables due to the possible growth potential. They will require monitoring and will be created in a separate tablespace called: ?_HIST_DATA and ?_HIST_INDEX.

Page - 29 - of 113 Application Development Standards

SECTION 11: MISCELLANEOUS ORACLE REQUIREMENTS

1. Do not use the data type "LONG." It has been deprecated as of Oracle 9i. Also, experience has shown that SQL*Forms do not work properly when an attribute with a LONG data type is included in a query. Consider using VARCHAR2 or LOB’s. If using LOBs, contact the OATS DBA section for assistance.

2. For alphanumeric columns, the VARCHAR2 data type should be used. The maximum length for VARCHAR2 is 4,000 characters. In assigning width to a column, allot enough space for all real future possibilities. Oracle does not store blanks at the end of VARCHAR2 columns as it does with CHAR. If a column is defined as VARCHAR2(30) but the actual data only needs 15 characters, it only stores the 15 characters. If a column has nothing in it (NULL), Oracle will not even store a blank space. The only effect that choosing a higher number will have is in the default SQLPLUS column formatting. SQLPLUS will create default headings the same width as the column definition.

3. Schema Creation- When requesting a new schema in a Development (DV) environment, an approved ITLC Project Charter should have already been submitted to the ITLC Review Panel. For new schemas in the Controlled Test (TE) and Production environments, please refer to the AP&P 1-2 for required deliverables. The following information needs to be provided to the DBAs for all application environments; this can be provided in a Change Log: a. Application full name b. Preferred schema name (usually application acronym) c. Estimated tablespace size requirements. The DBA section will create a minimum of two tablespaces for all applications, usually using the application short name, like FOOD_DATA and FOOD_INDEX. The tablespace should be specified in scripts for creating tables, indexes, primary keys, and unique key constraints. Please see the Section 14 on Tablespaces. d. Application specific roles required for the schema. Roles should be prefixed with the application acronym or identifier (LPGAS_USER) e. Script for creation of any public synonyms. Public synonyms must be prefixed with the application acronym or identifier. f. Information for the creation of any database links including the schema and database being linked to (Note: format for database link is Global_Database_name@connect_to_userid) g. Information for any Import or Export requested. 4. Un-indexed foreign keys are the biggest single cause of deadlocks in Oracle due to the fact that an update to a parent table's primary key or the removal of a parent record will place a table lock on the child table (no modifications to the child table will be allowed until the statement completes). This locks many more rows than it should and decreases concurrency and causes slow transaction time in the database. In addition to the table lock issue, an un-indexed foreign key is bad in the following cases as well: a. When you have an ON DELETE CASCADE and have not indexed the child table, the child table will be fully scanned once for each parent row deleted. b. When you query from the parent to the child. c. In general, the only time you do not need a foreign key index when all of the following conditions are met: o You do not delete from the parent table.

Page - 30 - of 113 Application Development Standards o You do not update the parent table's unique/primary key value, either purposely or by accident (via a tool). o You do not join from the parent table to the child table, or more generally the foreign key columns do not support an important access path to the child table and you do not use them in predicates to select data from this table. 5. Do not create objects under your personal username in production or test databases. In development databases, never create functions, triggers, packages, or procedures under your personal username that matches the name of one owned by an application user as you will not be able to execute it. These objects should be created by the application user (i.e. FOOD,LPGAS). After the application user creates a function, package or procedure, a public synonym must be created by the DBA section. Also, the application user must grant execute for the object to a role that will later be granted to the users needing to execute the object (GRANT EXECUTE ON object_name TO ROLE_NAME).

6. The DBA section needs to be informed of the progress of the application and require a minimum of two weeks’ notice prior to the application moving to production. This gives them the opportunity to do the server side requirements necessary on the production platform and time to review the scripts (DDL) for the objects that will be created for the application. A Change Log form located on the OATS Intranet site should be completed.

7. The DBAs will run the scripts (DDL) provided by the developers, which should include sizing for the tables and indexes. The object names should be prefixed with the schema name (e.g., create table schema_name.table_name). For more information see Section 16: Tablespaces #7.

The DDL scripts should be separated into the following:

01_cre_tbls.sql Create tables – include tablespace and storage clauses 02_cre_comments.sql Add comments 03_cre_views.sql Create views 04_cre_pk.sql Create primary keys (using “alter table…add constraint…”); include tablespace and storage clauses 05_cre_fk.sql Create foreign keys (using “alter table…add constraint) 06_cre_uk_ind.sql Create unique keys and other indexes, include tablespace and storage clauses 07_cre_seq.sql a) Do not use “nocache” (Caching sequences improves performance of inserts and bulk- loading). b) Don't use “order” (Using order negatively impacts performance). c) If it is necessary to guarantee the value is in order with no gaps, assign the value through the code.

Do not rely on sequences to be: a) gap free b) sequential c) always increasing d) only think of them as unique - nothing more, nothing less 08_cre_func_pkg.sql Create functions, packages, and

Page - 31 - of 113 Application Development Standards procedures 09_cre_trg_sql Create triggers 10_cre_syns.sql Create public synonyms 11_cre_roles.sql Create and grant database roles 12_gr_privs.sql Grant privileges needed for the system, for example: from schema owner to DAU or roles or from other schemas to schema owner, DAU, or roles 13_populate.sql Insert values into look-up tables, etc.

8. Use bind variables in “where” clauses whenever possible for performance enhancement. A bind variable is a placeholder in a query. For example, to retrieve the record for a particular employee, you can query:

Select * from employees where empno = :empno;

The value of empno would be supplied at query execution time. Bind variables allow a query to be compiled once and then stored in the library cache, from which it can be retrieved and reused multiple times. Everyone who submits the same exact query that references the same object will use the compiled plan.

9. No user or application will be granted Data Base Administrator privileges. No user will be granted Resource privileges except in development databases when specifically requested.

SECTION 12: GUIDELINES FOR NAMING DATABASE OBJECTS

SECTION 12.1: GUIDELINES FOR TABLE NAMES Review entity naming in the Entity section on page 9.

1. Use English words that are meaningful and descriptive with underscores used to separate words (e.g., field_tests). Oracle allows for 30 characters, but be careful to allow for the addition of _V to the table name for views and public synonyms.

2. Use plurals for table names.

3. Minor entity tables, also known as domain tables and look-up tables, should be prefixed with LU followed by an underscore (for example, LU_STATES, LU_COPES_CLASSES). These should usually (at the DBA’s discretion) be created in a special tablespace created for the application look-up tables (for instance: FOOD_LU_DATA, FOOD_LU_INDEX).

SECTION 12.2: GUIDELINES FOR COLUMN/FIELD NAMES

1. A column name should be the same as the name of the attribute from which the column was mapped, with the spaces translated to underscores. Oracle allows for 30 characters.

2. If the column is not based on an attribute, then it should be named using the naming standard set forth for attributes with the exception that an underscore is used instead of spaces.

3. A column name should not be plural.

Page - 32 - of 113 Application Development Standards 4. All columns that contain a date must have the word date appended to the name (such as BIRTH_DATE, HIRE_DATE).

5. The appropriate grants on the table or view will be made to ROLES. If users for select only need access, a role should still be created granting select on the view or table. Using grant select to public is discouraged due to data security issues.

SECTION 12.3: TABLE VIEWS AND TABLE SYNONYMS

1. If a view is created exactly like the table, the view name will be identical to the table name followed by an underscore and the letter “V”. An example would be EMPLOYEES_V. Oracle allows you to restrict access to the column level. Views created for report purposes or to restrict data, should have a name that describes its use, such as a view restricting employee data to a single division, might be named AI_EMPLOYEES_V for Animal Industry.

2. The appropriate grants on the table or view will be made to ROLES. If users for select only need access, a role should still be created granting select on the view. Using grant select to public is discouraged due to data security issues.

3. Applications will only use public synonyms, not private synonyms. The public synonym will be the object name preceded by an application identifier. For example:

Create synonym st_deposits for suntrack.deposits

4. Data Base Administrators will create the synonyms as required.

SECTION 12.4: PRIMARY AND FOREIGN KEY COLUMNS

If the primary key represents an unintelligent, system generated value (e.g. sequence); it should always be named Table_name_PK or tableshortname_pk. Only columns used in the table’s Primary Key constraint should end in “_PK”.

1. If the primary key is based upon an intelligent data column such as part number, the primary key name will be in the format of the column name, followed by an underscore, then PK. An example would be PART_NUMBER_PK. Only columns used in the table’s Primary Key constraint should end in “_PK”.

2. If the foreign key column references an unintelligent primary key column (Table_name_PK) it should always be named the referenced table name or table short name followed by _FK. A foreign key column referencing the EMPLOYEES table PK would be named EMP_FK. Only columns used in Foreign Key constraints (from the table they are referencing the PK of another table) should end in “_FK”.

3. If the foreign key column references an intelligent primary key column, it should always be named the referenced table name or table short name followed by the column name (abbreviated if necessary) followed by _FK. A foreign key column referencing the ORDERS table PART_NUMBER_PK would be named ORD_PART_NUM_FK. Only columns used in Foreign Key constraints (from the table they are in, referencing the PK of another table) should end in “_FK”. 4. History tables (named “_HIST”), Data Warehouse tables (named “_WH”), and Data Warehouse materialized views (named “_WH_V”) may contain non-key columns ending in “_PK” or “_FK” which are based on source table column names. The “source_table” name can be the short name;

Page - 33 - of 113 Application Development Standards abbreviations may be necessary in order to keep the object name length less than or equal to 30 characters.

*Please see Section 11 – Item 4 for foreign key indexing.

SECTION 12.5: CONSTRAINTS

1. Constraint names must not exceed 25 characters in length. This limitation permits the constraint name to be used in the construction of the index name.

2. Constraint names will conform to the following guidelines. Any manually created constraints must conform to this standard.

a. Primary Key Constraints

Primary key constraint =

_PK

Example: For the table CUSTOMER with the alias CUST the primary key constraint will be: CUST_PK

b. Unique Key Constraints

Unique key constraint =

__UK

Where the UID Name is the name specified for a secondary unique identifier on the entity. Example: The table called ORDERS (ORD) has two unique identifiers named ORD2 and ORD3. The unique key constraints will be named: ORD_ORD2_UK ORD_ORD3_UK

c. Foreign Key Constraints

Foreign key constraint names are named with the following process:

Foreign key constraint =

_FK

Example: ORDER _LINES (ORDLIN) >------ORDERS (ORD)

The foreign key constraint on ORDER_LINES will have the foreign key constraint name named as ORDLIN_ORD_FK.

However, if a table has multiple foreign keys to one other single table, then the algorithm for the first foreign key constraint will be the same as above. However, the second constraint with be named as follows:

Foreign Key Constraint =

_relationship name_FK

Where ‘relationship name’ is the text associated with the relationship as depicted on the logical model.

Page - 34 - of 113 Application Development Standards

Example: shipped from ORDERS >------LOCATIONS (LOC) (ORD) >------LOCATIONS returned to

The foreign key constraints on ORDERS will have the foreign key constraint names generated as: ORD_LOC_FK ORD_LOC_RETURNED_TO_FK d. Check Constraints

The naming convention for a check constraint is:

Check constraint =

_ what is being checked_CK

Where ‘what is being checked’ is either a column name or some abbreviated text to describe the condition being validated.

Example: The table called Location_History (LOCHIST) has a check constraint to enforce an arc relationship. The check constraint will be named: LOCHIST_ ARC_ CK

Example: The table called CP_X_Competitors (COMPET) has a check constraint on the column END_DATE to ensure it is greater than the start date. The check constraint will be named: COMPET_ END_DATE_CK

SECTION 12.6: PACKAGES, PRODECURES, TRIGGERS, ETC.

1. Database objects such as packages, procedures, functions should be named with a suffix indicating the object type as follows:

_pkg – package or package body _prc – procedure (not required for procedures defined within packages) _seq - sequences _fun – function (not required for functions defined within packages).

2. Triggers should follow the following convention: azzz_YYYYYYY_TRG

Where A = a for after or b for before zzz = u (update) and/or (insert) and/or d (delete) YYYY = table name or table short name _TRG = (literal) indicates this is a trigger

Optional: An indicator can be added to the above mandatory prefix to indicate if it is a row or statement trigger Examples: STANDARDS.AUDS_FIRMS_TRG – (AUDS) AFTER UPDATE DELETE STATEMENT - This trigger fires once after an update or delete transaction.

Page - 35 - of 113 Application Development Standards

STANDARDS.BIUDR_FIRMS_TRG - (BIUDR) BEFORE INSERT UPDATE DELETE ROW - This trigger fires before each row is inserted, updated, or deleted.

SECTION 13: DATABASE LINKS

1. The standard for a database link is:

global_name_of_linked_to_db@connect_to_user

For example, if you needed to connect from the DOA instance to the user FOOD on the instance MOBLDV the database link would be:

mobldv.doacs.state.fl.us@FOOD

2. When global names = TRUE in a database, all database links from that database (to any database, whether the “to” database has global names TRUE or FALSE) must be named the global name of the linked-to database. To allow for uniqueness and also help make database links more recognizable, append the “@connect_to_user”.

3. The OATS DBA section will create all database links on the Oracle production, test, and development databases. If you have any questions, please contact the OATS DBA section.

SECTION 14: INDEXES

1. Primary and Unique Key Indexes

Oracle10 and newer versions implicitly create the index when creating primary and unique key constraints in the database.

2. Foreign Key Indexes

Foreign key index = _IDX

Example: For the foreign key ORDLIN_ORD_FK, the resulting foreign key index name would be ORDLIN_ORD_FK_IDX

Please see Section 11 item 4 for information of foreign key indexes

3. Non-Key Indexes

a. For indexes created manually that are not related to any keys, the naming convention will be:

Non-key index =

__NU_IDX ‘NU’ stands for non-unique.

b. If the index to be created is a bit-mapped index then the standard is:

Page - 36 - of 113 Application Development Standards Non-key index =

__BM_IDX ‘BM’ stands for bit-mapped.

4. If the index is on multiple columns it is called a concatenated index. The first column named in the index create statement will be the first column in the name series.

Example: To improve query performance, an index on the columns City, State and Zip columns of the Employee table Employee (EMP) is created. The index name will be:

EMP_CITY_STATE_ZIP_NU_IDX

SECTION 15: FILE NAMES

File names should be meaningful and descriptive of what the file is used for. Divisions may have their own folder and file naming standards. Please check with the division DIO.

SECTION 16: TABLESPACES

To allow for maximum flexibility in database tuning and application performance tuning and backup procedures, the DBA section can create an unlimited number of tablespaces for an application if required, but at a minimum, two will be created to separate the data and indexes. The application short name, like FOOD_DATA and FOOD_INDEX, will be used to prefix the tablespace name. The proper tablespace should be specified in a create table command for the table or index based upon the following guidelines:

TABLESPACE TYPE EXAMPLE

?_DATA Tables FOOD_DATA ?_INDEX Indexes FOOD_INDEX

?_HIST_DATA History tables (auditing) FOOD_HIST_DATA ?_HIST_INDEX History indexes FOOD_HIST_INDEX

?_TEMP_DATA Temporary tables FOOD_TEMP_DATA ?_TEMP_INDEXES Temporary indexes FOOD_TEMP_INDEX

?_ARC_DATA Archive, backup tables FOOD_ARC_DATA ?_ARC_INDEX Archive, backup indexes FOOD_ARC_INDEX

?_LU_DATA Look-up tables (code value) FOOD_LU_DATA ?_LU_INDEX Look-up table indexes FOOD_LU_INDEX

?_?_DATA Tables w/special needs FOOD_VIOLATIONS_DATA ?_?_INDEX Special indexes FOOD_VIOLATIONS_INDEX

1. Specify the _DATA tablespace when creating MOST tables. Use the _INDEX tablespace for MOST indexes and constraints. 2. Specify the _HIST_DATA and _HIST_INDEX for tables and indexes that are related to auditing the transactions on a table (insert, update, delete). Please review Auditing on page 7). These tables can grow rapidly and need to be monitored by the DBA section.

Page - 37 - of 113 Application Development Standards 3. Archived data or backup of tables and associated indexes should be created in _ARC_DATA and _ARC_INDEX 4. Specify the _LU_DATA and _LU_INDEX for code value/lookup tables and associated indexes. 5. Tables that have special requirements due to size, transaction volume, or other needs should be created in special tablespace specified by the DBA section. 6. Specify TEMP_DATA and _TEMP_INDEX for temporary tables and indexes (used temporarily for holding data for reports or queries) or for Oracle defined temporary tables/indexes. 7. The DBA section requires storage information to be provided in the create table, create pk, and create index scripts in the following format:

01_cre_tbls.sql ======CREATE TABLE . (

04_cre_pk.sql ======ALTER TABLE . ADD CONSTRAINT _PK PRIMARY KEY () USING INDEX TABLESPACE xxxx_index STORAGE (INITIAL 16K NEXT 32K MINEXTENTS 1 PCTINCREASE 0) /

06_cre_uk_ind.sql ======CREATE UNIQUE INDEX .

__idx ON .

() STORAGE (INITIAL 16K NEXT 32K MINEXTENTS 1 PCTINCREASE 0) TABLESPACE xxxx_INDEX / --or—

Page - 38 - of 113 Application Development Standards

ALTER TABLE . ADD CONSTRAINT .

__UK UNIQUE () USING INDEX TABLESPACE xxxx_index PCTFREE 10 INITRANS 2 MAXTRANS 255 STORAGE (INITIAL 16K NEXT 32K MINEXTENTS 1 PCTINCREASE 0) /

1. The definition of a temporary table is visible to all sessions, but the data in a temporary table is visible only to the session that inserts the data into the table. To create a temporary table, use the CREATE GLOBAL TEMPORARY TABLE. The ON COMMIT keywords indicate if the data in the table is transaction-specific (the default) or session-specific:

o ON COMMIT DELETE ROWS specifies that the temporary table is transaction specific and Oracle truncates the table (delete all rows) after each commit. o ON COMMIT PRESERVE ROWS specifies that the temporary table is session specific and Oracle truncates the table when you terminate the session.

This example creates a transaction-specific temporary table:

Create global temporary table food_temp (startdate DATE, Enddate DATE, class VARCHAR2) on commit delete rows;

Indexes can be created on temporary tables. They are also temporary and the data in the index has the same session or transaction scope as the data in the underlying table.

SECTION 17: TNSNAMES.ORA File

In an effort to keep consistent tnsnames files used by the department, the OATS DBA section must be contacted for any changes needed to tnsnames files. No one else should create or edit a tnsnames file. This includes tnsnames files running on servers in the divisions and in the DMZ. A copy of the most current tnsnames file for internal use will be located on the following share drive:

Tlhadmfilesrv02\TLADAG_Share\APPLDEV\TNSNAMES file\tnsnames.ora When the tnsnames file needs to be changed by the OATS DBA section, the Change Management policy will be followed.

Page - 39 - of 113 Application Development Standards

APPENDIX 1: STANDARD DATA ELEMENTS Adopted by the Information Technology Resource Committee 5/27/2004

“Standard” data elements are those pieces of data where a clear, distinct definition can be established. Standard data elements are potential key linkage points between information systems. Whenever a standard data element is used, it always has the same meaning and definition. If a system contains a data element that has a slightly different definition, that element must be given a different name.

A standard “domain” of possible data values may be added to further qualify the definition of a standard data element. For example, the element “Country Name” may have a list (“domain”) of country names attached to it. If a particular application uses country names which are not part of the domain of the standard data element, then that application is not using the “standard data element” and should choose a different name for their data element.

The implementation of a standard data element process will take time, since legacy systems may contain a multitude of disparate instances of data. All new or reengineered systems should use the standard data elements to the extent reasonable before creating new data elements. Because standard data elements are potential linkage points between systems, each system must strictly adhere to the definition of these standard data elements to allow data to be combined across databases.

A committee from the Operational Steering Committee will be established an as needed basis to identify additional data elements that should be promoted to standard data elements.

**Special Note: If you are using a standard data element in a table that identifies the entity, it is optional to repeat the entity name in the column name. For instance, for a table called LU_Counties, you would not want to repeat County_Name for the column name when Name would be sufficient in this example to identify the data.

When using Oracle, SQL Server or any database that allows VARCHAR2 use the VARCHAR2 data type instead of CHAR for alphanumeric type data.

Page - 40 - of 113 Application Development Standards

Data Element Name DATA Length COMMENTS TYPE Fixed or variable NAME_PREFIX CHAR 20 V Identifies the prefix or title used in an individuals name (Dr., Ms., Mrs., Rev., The Honorable) FIRST_NAME CHAR 40 V This is the first name of an individual. MIDDLE_NAME CHAR 40 V This is the second name of an individual. MAIDEN_NAME CHAR 40 V This is the original surname of an individual before changed by marriage. LAST_NAME CHAR 40 V This is the last name or surname name of an individual. NICK_NAME CHAR 40 This is an alternative name used by an individual. It is usually the name a person uses in a personal, non-official situation, not an alias. E.g. Bob for Robert, Jim for James, Liz for Elizabeth. NAME_SUFFIX CHAR 50 V This is an individuals name suffix (i.e. Jr., Sr., III, IV, MD, CPA, PhD, Brigadier General USAF) EMAIL_ADDRESS CHAR 100 V The string used to specify the source or destination of an electronic mail message. e.g. "[email protected]". SSN CHAR 9 V Social Security Number FEID CHAR 9 V Federal Employers ID FIRM_NAME CHAR 75 V This is the name of a sole proprietorship, partnership, corporation, engaging in activities regulated, overseen or licensed by FDACS. Synonyms include: business, client, entity, company, or establishment. MAIL_ADDRESS CHAR 60 V This is address portion of the mailing address. This is the address line immediately above the City/State/Zip line and contains the street address, post office box number, rural route number and box, or the highway contract route number and box. For mail addressed to offices in a multi-unit building, the suite or room number, mail room number, should be included at the end of this delivery address line. When it is necessary to reduce the length of the delivery address line, you must place the office number or other unit designator on the “Mail Information Line, which would appear immediately above the Mail Delivery Address. MAIL_CITY CHAR 28 V This is the city portion of the mailing address. This is the full city, town, community, or municipality name. Note that for a mailing

Page - 41 - of 113 Application Development Standards address, this may be the city where the Post Office is located. MAIL_STATE CHAR 2 V This is the state portion of the mailing address .The Federal Processing Standards (FIPS abbreviation for a state within the U.S. (Also known as the U.S. Postal Service abbreviation). MAIL_ZIP_5 CHAR 5 V The first five digits of the address zip code as designated by the U.S. Postal Service. MAIL_ZIP_4 CHAR 4 V The last four digits of an address zip code as designated by the U.S. Postal Service. DEL_POINT_BAR NUM 3 V Delivery Point Bar Code (DPBC) BER COUNTRY_NAME CHAR 50 V Full text description of a country as provided from the FIPS Pub 10-4 and the International Organization for Standardization (ISO 3661- 1) This list is maintained in the DACS.LU_COUNTRIES table as column DESCRIPTION. FIPS_COUNTRY_CODE CHAR 2 V This code is the FIPS Pub 10-4 two character code maintained in the DACS.LU_COUNTRIES as column name FIPS_10_4_CODE. ISO_COUNTRY_CODE CHAR 2 V This code is the International Organization for Standardization (ISO 3661-1) two character code maintained in the DACS.LU_COUNTRIES as column name ISO_A_2_CODE. ISO_COUNTRY_NUM_CO CHAR 3 V This code is the numeric code for countries as DE designated by the International Organization for Standardization (ISO 3661-1). The code is maintained in the DACS.LU_COUNTRIES table as column name ISO_NUMBER_CODE. COUNTY_NAME CHAR 25 v The name of the administrative sub-division of a state. The county list for Florida counties is maintained in the DACS.LU_Counties table. FIPS_COUNTY_CODE CHAR 3 V The standard code used to identify Counties and equivalent entities of the U.S., its possessions and associated areas as defined within the Federal Information Processing Standards (FIPS Pub 6-4). A county code is only unique if it is combined with the two character state code or the character number code (FIPS Pub 5-2). An example would be, Alachua = FL001 or 12001, Miami-Dade = FL086 or 12086. PHONE_NUM CHAR 10 V This domestic phone number includes the 3

Page - 42 - of 113 Application Development Standards digit area code and the 7 digit local phone number. PHONE_EXT CHAR 7 V The telephone number extension is used when several phones share a common phone number. INTL_PHONE_NUM CHAR 15 V The length and format of foreign telephone numbers will vary, but will generally include a country routing code and may include a city routing code. Initial numbers dialed to access international services may be specific to a long distance company and should not be included in this data field. CRE_DATE DATE This date is the date the record was created. The default is sysdate. CRE_USER CHAR 30 V This is the user id of the person creating the record. MOD_DATE DATE This is the date of the last modification to the record. The default is sysdate. MOD_USER CHAR 30 V This is the user id of the last person to modify the record.

Page - 43 - of 113 Application Development Standards APPENDIX 2: LOCATIONAL DATA STANDARDS

Required Metadata for Latitude/Longitude Data Fields Adopted by the ITR Steering Committee on 9/30/2004 (revised 03/2009)

Cadastral Survey Georeferenced Required GeoCode New and satellite imagery Inherit Inherit Data Element Data Type & Address Pre- Digital & aerial from from Size Matching GPS existing Map photography Unknown Site Feature Collection Method *Look-up Yes Yes Yes Yes Yes Object of Interest *Look-up Yes Yes Yes Yes Yes Yes Yes Yes Point Proximity (Relationship to Object) *Look-up Yes Yes Yes Yes Yes Latitude Measure Num 9.6 Yes Yes Yes Yes Yes Yes Longitude Measure Num 9.6 Yes Yes Yes Yes Yes Yes Datum *Look-up Yes Yes Yes Collector Last Name* Char – 40 Yes Yes Yes Yes Collector First Name* Char – 40 Yes Yes Yes Yes Collector Affiliation Char – 75 Yes Yes Yes Collector Division *Look-up Yes Collection Date Date Yes Yes Yes Yes GPS Unit Make and Model Char – 75 Yes GPS Unit Number Char – 25 Yes Surveyor License Number New – Y Char – 15 Pre - N Name and Version of software Char – 75 Pre – Y Map Layer used as reference Char – 50 Yes Map type Char – 50 Yes Data Source Char – 75 Yes Yes Yes Coordinate Accuracy Level *Look-up Yes Yes Yes Yes Yes Physical Address Char – 60 Yes Physical City *Look-up Yes Physical Zip5 Char- 5 Yes Physical Zip4 Char- 4 Yes Physical State *Look-up Yes Geocode Match Level *Look-up Yes Fly Date of Data Source Date Yes Yes Resolution Char – 10 Yes Yes Verification Method *Look-up Yes Yes Yes Yes

Page - 44 - of 113 Application Development Standards

Cadastral Survey Georeferenced Required GeoCode New and satellite imagery Inherit Inherit Data Element Data Type & &Address Pre- Digital & aerial from from Size Matching GPS existing Map photography Unknown Site Feature Verifier Last Name Char – 40 Yes Yes Yes Yes Yes Yes Yes Verifier First Name Char – 40 Yes Yes Yes Yes Yes Yes Yes Verifier Affiliation Char – 75 Yes Yes Yes Yes Yes Yes Yes Verifier Division *Look-up Yes Yes Yes Yes Yes Yes Yes Verification Date Date Yes Yes Yes Yes Yes Yes Yes

*Look-up Table exists in DOA/DACS

# All fields, except the object of interest, will also be inherited. The object of interest will describe the feature that is receiving the inherited data.

Optional Metadata Elements

Latitude Measure – Yes Yes Yes Yes Yes Yes Yes Yes Degrees Num – 3 Latitude Measure – Yes Yes Yes Yes Yes Yes Yes Yes Minutes Num – 2 Latitude Measure – Yes Yes Yes Yes Yes Yes Yes Yes Seconds Num – 6.4 Longitude Measure – Yes Yes Yes Yes Yes Yes Yes Yes Degrees Num – 3 Longitude Measure – Yes Yes Yes Yes Yes Yes Yes Yes Minutes Num – 2 Longitude Measure – Yes Yes Yes Yes Yes Yes Yes Yes Seconds Num – 6.4 Offset Range Yes Char – 25 Offset Compass Bearing Yes Num – 3 Offset Measurement Yes Method Char 25 Physical County Name Yes Yes Yes Yes Yes Yes Yes Yes *Look-up Physical County Number Yes Yes Yes Yes Yes Yes Yes Yes *Look-up Location Description Char - 250

Page - 45 - of 113 Application Development Standards

Required Element Definitions

Collection Method Definition: The method or mechanism used to derive the measurements. DACS.LU_Collection_Method PK_COLLECTION_METHOD Application Column Name: COLLECTION_METHOD NOT NULL NUMBER(10) Shapefile Column Name: COL_METH COLLECTION_METHOD Data Type: Char NOT NULL VARCHAR2(8)

COLLECTION_METHOD_DESCRIPTION Data Size: 8 VARCHAR2(250)

CRE_DATE Domain: Method - Description NOT NULL DATE ADDR-IQ8 – Address matching using IQ8 software CRE_USER AGPS – Recreational grade GPS (Garmin, Magellan, etc.) NOT NULL VARCHAR2(10) CSUR-NEW – Professional land survey CSUR-PRE – Pre-Existing professional land survey END_DATE DATE DGPS – Professional grade GPS (Trimble, Leica, etc.) with differential correction MOD_DATE DMAP – Digital Map Interpolation DATE GDAP – Georeferenced digital aerial photography

MOD_USER GGPS – Surveyor quality GPS (Trimble, Leica, etc.) VARCHAR2(10) GSAT-I – Georeferenced satellite imagery INHF – Inherit from feature LU_COLLECTION_MTH_TYPE_FK INHS – Inherit from site NUMBER(10) UNKN – Unknown Method COLLECTION_MTH_USE WGPS – Recreational grade GPS (Garmin, Magellan, etc.) with WAAS VARCHAR2(10) activated ZIPC-IQ8 – Zip Code Centroid using IQ8 Look up Table Name: DACS.LU_Collection_Method

Object of Interest Definition: The entity of interest (the description of the entity that the point DACS.LU_OBJECTS_OF_ represents) INTEREST LU_OBJ_OF_INTEREST_PK Application Column Name: OBJECT_OF_INTEREST_TYPE NOT NULL NUMBER(10)

CRE_DATE Shapefile Column Name: OBJECT NOT NULL DATE Data Type: Char CRE_USER Data Size: 30 NOT NULL VARCHAR2(10)

END_DATE Domain: DATE Object_of_Interest_Type & Object_of_Interest _Description MOD_DATE BACKSTOP – A screen or fence used specifically for keeping a ball from leaving a playing DATE field. BLDG ADMIN – A structure created primarily for human occupation and to facilitate an activity MOD_USER (headquarters, office building, training). VARCHAR2(10) BLDG ANIMAL – A structure created for animal occupation or to facilitate an activity involving animals (barn, milking bldg., stable). LU_OBJECT_TYPE BLDG BATHOUSE – A separate building with the primary purpose of providing clothes NOT NULL VARCHAR2(30) changing and showering facilities (the building may or may not also contain toilet facilities). BLDG DORMITORY – A structure that provides sleeping accommodations for individuals or LU_OBJECT_DESCRIPTION groups. VARCHAR2(250) BLDG EQUIP – A permanent structure built for storage of equipment and other possessions such as fire equipment, motor vehicles, boats (may be a pole barn). CAN_OCCUPY BLDG FARMERS MARKET – A FDACS owned and managed facility for the promotion and VARCHAR2(1) sale of agricultural products. BLDG FOOD – A dining hall, eating establishment or concession that provides food.

Page - 46 - of 113 Application Development Standards BLDG GREENHOUSE – Usually a glass enclosed structure used for cultivating plants under controlled conditions. BLDG HANGAR – A large, garage like structure where aircraft are stored or maintained. BLDG HISTORIC – A structure dating from or preserved from a past time or culture (includes grist mill). BLDG INSPECTION – A vehicle inspection facility operated by the Office of Agricultural Law Enforcement. BLDG LAB – A room or building where scientific experiments, testing or research takes place. BLDG LAUNDRY – A structure used to house equipment for laundering clothes or linens BLDG PAVILION – A structure used for recreation or shelter that is not enclosed. BLDG PLANT – A manufacturing or processing building used to facilitate an activity (packing house, processing plant). BLDG RESIDENCE – A structure used primarily as home or dwelling. BLDG RESTROOM – A separate building with the primary purpose of providing hand washing and toilet facilities. BLDG SHOP – a structure used for fabrication, repair or maintenance of equipment which may include offices. BLDG TRAILER – A semi-permanent, furnished structure drawn by a truck or automobile and used as a residence or place of business when parked. BOARDWALK – An elevated walkway constructed of planking BOAT RAMP – An improved slope for launching boats COMMUNICATIONS TOWER – A structure created to facilitate telecommunications activity at an elevated level (includes cell and microwave towers but not fire towers). DOCK – A wooden structure with piers capable of being used to load/off load boats mooring and fishing. FIELD – Land free of woods or structures that may be fenced for crops, grazing, paddock or open land. FIRE TOWER – An elevated structure built for occupation and fire control observation. Telecommunications equipment may be attached to structure but is an auxiliary use. FIXED GENERATOR – A stationary electrical generator providing power to a department managed facility. KIOSK – A small, stand-alone structure used to provide information or vend merchandise or services LAKE – A natural inland body of standing water including a natural pond. MOBILE HOME SITE – a designated area where a mobile home is placed having access to electrical power, potable water and sewer services. OBSERVATION PLATFORM – An elevated structure used for observation of swimmers (lifeguard stand) or wildlife viewing. OUTLET – The point at which discharge leaves a pipe. PUMP HOUSE – A structure that houses pump equipment. RADIO HOUSE – A small structure that houses radio equipment including controllers, etc. RETENTION POND – A man-made pond, catch basin or agricultural holding pond used to collect run-off. SHED – A small, one storied structure, open or enclosed, usually portable that is used for the storage of materials, supplies or equipment (not for storage of motor vehicles or firefighting equipment). SLAB – An unimproved, flat area of concrete or pavement used for a specific purpose. SPRING – A point where groundwater flows out of the ground; a source of water issuing from the ground. TANK – A storage vessel (water, milk, LPGAS, etc.). UNKNOWN – Unidentified WEATHER STATION – A station used for taking, recording and reporting meteorological observations WELL – A well for water, oil or other substance Look Up Table Name: Yes = DACS.LU_Objects_Of_Interest

Relationship to Object Definition: What the geometry represents relative to the object of interest (see DACS.LU_POINT_PROXIMITY Object of Interest above). (For example, is the point the exact location of the object or the center of the site/facility containing the object PK_POINT_PROXIMITY Application Column Name: POINT_PROXIMITY NOT NULL NUMBER(10)

CRE_DATE Shapefile Column Name: REL_FEAT NOT NULL DATE

CRE_USER Data Type: Char NOT NULL VARCHAR2(10)

END_DATE Data Size: 6 DATE

Page - 47 - of 113 Application Development Standards

MOD_DATE Domain: DATE ADMIN - Administrative office position of the facility or site containing the MOD_USER object of interest VARCHAR2(10) ALTEN – An alternative entrance of the facility or site containing the object of interest POINT_PROXIMITY NOT NULL VARCHAR2(6) BNDY – Boundary of site or facility containing object of interest CENTR – The physical center position of the facility or site containing the POINT_PROXIMITY_DESCRIPTION object of interest VARCHAR2(250) ENTRA – The main public entrance to the facility or site containing the object of interest EXACT – Exact object of interest location GCPDE – The approximate position of the facility or site containing the object of interest based on address geo-coding INHERT – The position is inherited from another object of interest OFFST - Offset to Exact Object of Interest Location UNKN – The relationship to the object of interest is unknown Look Up Table Name: DACS.LU_Point_proximity Look Up Table Short Name: PPC

Latitude Measure – Decimal Definition: The degrees (in decimal degree format) of the angular distance on a Degrees meridian north or south of the equator. Application Column Name: LATITUDE_DD Shapefile Column Name: LAT_DD Data Type: Number Data Size: 9.6 Domain: +23.000000 though +31.999999 (for the Florida landmass and surrounding waters) Look Up Table: No

Longitude Measure – Definition: The degrees (in decimal degree format) of the angular distance on a Decimal Degrees meridian east or west of the prime meridian. Measurements west of the prime meridian are by convention regarded as negative, the standard provides for the storage of negative values to conform to current practice. Application Column Name: LONGITUDE_DD Shapefile Column Name: LONG_DD Data Type: Number Data Size: 9.6 Domain: -79.000000 through -87.999999 Look Up Table: No

Datum Definition: The horizontal reference for measuring locations on the Earth’s DACS.LU_DATUM surface. Application Column Name: DATUM PK_DATUM Shapefile Column Name: DATUM NOT NULL NUMBER(10)

CRE_DATE Data Type: Char NOT NULL DATE

CRE_USER Data Size: 10 NOT NULL VARCHAR2(10)

Domain: The following datum are supported for the Florida landmass and DATUM NOT NULL VARCHAR2(10) coastal waters: CAC – Cape Canaveral

Page - 48 - of 113 Application Development Standards DATUM_DESCRIPTION HARN – High Accuracy Reference Network VARCHAR2(250) HPGN – High Precision GPS Network

END_DATE NAD27 – North American Datum of 1927 DATE NAD83 – North American Datum of 1983 WGS84 – World Geodetic System of 1984 MOD_DATE DATE

MOD_USER VARCHAR2(10)

Look Up Table Name: DACS.LU_Datum

Collector Last Name Definition: The last name, of the person taking a measurement, conducting interpolation, performing a survey, or using appropriate software. Application Column Name: COLLECTOR_LNAME Shapefile Column Name: COL_LNAM Data Type: Char Data Size: 40 Domain: Free text Look Up Table: No

Collector First Name Definition: The first name of the person taking a measurement, conducting interpolation, performing a survey, or using appropriate software. Application Column Name: COLLECTOR_FNAME Shapefile Column Name: COL_FNAM Data Type: Char Data Size: 40 Domain: Free text Look Up Table: No

Collector Affiliation Definition: The agency or company for whom the collector works. Application Column Name: COLLECTOR_AFFILIATION Shapefile Column Name: COL_AFF Data Type: Char Data Size: 75 Domain: Free text Look Up Table: No

Collector Division Definition: The DACS division for which the measurement is being made. DACS.LU_DACS_DIVISION Application Column Name: COLLECTOR_DIVISION PK Shapefile Column Name: COL_DIV NOT NULL NUMBER(10) Data Type: Char DIVISION_NAME VARCHAR2(60)

DIVISION_ABBREVIATION VARCHAR2(5)

END_DATE DATE

DIVISION_SHORT_NAME VARCHAR2(35) Data Size: 60

Page - 49 - of 113 Application Development Standards Domain: see Look Up Table Look Up Table Name: DACS.LU_DACS_DIVISION

Collection Date Definition: Collection Date will be defined as the date and time when LAT/LONG measurement was taken, interpolation conducted, survey completed or software used. Application Column Name: COLLECTION_DATE Shapefile Column Name: COL_DATE Data Type: Date Data Size: Domain: Any valid date/time Look Up Table: No

GPS Unit Definition: GPS make and model. Application Column Name: GPS_UNIT Shapefile Column Name: GPS_UNIT Data Type: Char Data Size: 75 Domain: Free Text Look Up Table: No

GPS Unit Number Definition: GPS Serial Number. Application Column Name: GPS_UNIT_NUMBER Shapefile Column Name: GPS_NUM Data Type: Char Data Size: 25 Domain: Free Text Look Up Table: No

Surveyor License Number Definition: License Number of the person performing or who performed the survey. Application Column Name: SURVEYOR_LICENSE_NUM Shapefile Column Name: SUR_LIC_NUM Data Type: Char Data Size: 15 Domain: Free Text Look Up Table: No

Name and Version of Definition: Name and version of the software used for cadastral survey. Software Application Column Name: SOFTWARE_NAME_VERSION Shapefile Column Name: SW_NAME_VER Data Type: Char Data Size: 75 Domain: Free Text Look Up Table: No

Page - 50 - of 113 Application Development Standards

Map Layer Used as Definition: A subset of information on a map with a common theme (e.g. Reference roads, county boundaries, hydrography, topography, etc.). Application Column Name: MAP_LAYER_USED Shapefile Column Name: MAP_LAYER Data Type: Char Data Size: 50 Domain: Free Text Look Up Table: No

Map Type Definition: Type of map used (e.g. USGS Topographic, NOAA Nautical Charts, FDOT County Maps, other thematic maps) Application Column Name: MAP_TYPE Shapefile Column Name: MAP_TYPE Data Type: Char Data Size: 50 Domain: Free Text Look Up Table: No

Data Source Definition: The organization and/or technology that captured, processed and georeferenced the imagery used in a map. Application Column Name: MAP_SOURCE Shapefile Column Name: MAP_SOURCE Data Type: Char Data Size: 75 Domain: Free Text Look Up Table: No

Coordinate Accuracy Level Definition: The measured, estimated or deduced degree of correctness of the DACS.LU_COORDINATE_ACCURACY measurement.

PK_COORDINATE_ACCURACY Application Column Name: COORD_ACCURACY_LEVEL NOT NULL NUMBER(10)

COORDINATE_ACCURACY NOT NULL NUMBER(10)

COORDINATE_ACCURACY_DESC VARCHAR2(250)

CRE_DATE NOT NULL DATE

CRE_USER NOT NULL VARCHAR2(10)

END_DATE DATE

MOD_DATE DATE

MOD_USE VARCHAR2(10)

Shapefile Column Name: COORD_AC Data Type: Number Data Size: 1 Domain: (as defined in the DACS GPS standards):

Page - 51 - of 113 Application Development Standards 1. < 0.01 meter 2. 0.01 to 1.0 meter 3. 1.0 meter to 10 meters 4. 10 meters to 20 meters 5. 20 meters to 50 meters 6. > 50 meters Look Up Table Name: DACS.LU_COORDINATE_ACCURACY

Physical Location Address Definition: Street address that describes the true physical location of that feature. (address components not parsed) Application Column Name: PHYSICAL_ADDRESS Shapefile Column Name: PHY_ADD Data Type: Char Data Size: 60 Domain: Free Text Look Up Table: No

Physical Location City Definition: City or place name of the physical location of that feature. Application Column Name: PHYSICAL_CITY Shapefile Column Name: PHY_CITY Data Type: Char Data Size: 30 Domain: If not standardized for geo-coding, list from DACS.LU_CITIES Look Up Table: DACS.LU_CITIES

Physical Location Zip5 Definition: The first five digits of the address zip code as designated by the U.S. Postal Service for the physical location of that feature. Application Column Name: PHYSICAL_ZIP_5 Shapefile Column Name: PHY_ZIP5 Data Type: Char Data Size: 5 Domain: Free Text Look Up Table: No

Physical Location Zip+4 Definition: The 4-digit add-on number of the address zip code as designated by the U.S. Postal Service for the physical location of that feature. Application Column Name: PHYSICAL_ZIP_4 Shapefile Column Name: PHY_ZIP4 Data Type: Char Data Size: 4 Domain: Free Text Look Up Table: No

Physical Location State Definition: The state of the physical location of that feature. The Federal Processing Standards (FIPS abbreviation for a state within the U.S. (Also known as the U.S. Postal Service abbreviation). Application Column Name: PHYSICAL_STATE Shapefile Column Name: PHY_ST Data Type: Char Data Size: 2 Domain: FIPS State abbreviations Look Up Table: DACS.LU_STATES

Page - 52 - of 113 Application Development Standards

Geocode Match Level Definition: Match code from geo-coding software, indicating the precision of DACS.LU_ACE_GEO_MATCH_CODE the latitude and longitude assignment. The lower the number, the more precise the assignment.. PK Application Column Name: GEO_MATCH NOT NULL NUMBER(2)

MATCH_CODE_MEANING Shapefile Column Name: GEO_MAT NOT NULL VARCHAR2(255) Data Type: Number Data Size: 1 Domain: Code – Description 0 Matched in address level 1 9-digit ZIP match in Centroid 4 7-digit ZIP match in Centroid 5 5-digit ZIP match in Centroid 7 No match in Centroid 8 Not matched in address level. 9 Both options tried, but no match in either. Look Up Table: DACS.LU_ACE_GEO_MATCH_CODE

Fly Date of Data Source Definition: The fly date of the data source used for digital map, georeferenced satellite imagery or aerial photography. Application Column Name: FLY_DATE Shapefile Column Name: FLY_DATE Data Type: DATE Data Size: Domain: Free Text Look Up Table: No

Resolution Definition: Resolution of the digital map, georeferenced satellite imagery or aerial photography. Application Column Name: RESOLUTION Shapefile Column Name: RESOLUTION Data Type: Char Data Size: 10 Domain: Free Text Look Up Table: No

Verification Method Definition: The method or mechanism used to verify the longitude/ latitude of DACS.LU_Collection_Method current data for a feature or site, usually with a higher degree of accuracy. If

PK_COLLECTION_METHOD the data is confirmed as correct and longitude and/or latitude not updated, then NOT NULL NUMBER(10) the verification fields are completed. If when verifying data, a change is made to the longitude and/or latitude this would be a new collection method and the COLLECTION_METHOD NOT NULL VARCHAR2(8) collection fields would be updated rather than the verification fields.

COLLECTION_METHOD_DESCRIPTION Application Column Name: VERIFY_METHOD VARCHAR2(250)

CRE_DATE Shapefile Column Name: VER_METH NOT NULL DATE Data Type: Char CRE_USER Data Size: 4 NOT NULL VARCHAR2(10)

END_DATE Domain: DATE Domain: Method - Description

Page - 53 - of 113 Application Development Standards MOD_DATE AGPS – Recreational grade GPS (Garmin, Magellan, etc.) DATE CSUR-NEW – Professional land survey

MOD_DATE CSUR-PRE – Pre-Existing professional land survey DATE DGPS – Professional grade GPS (Trimble, Leica, etc.) with differential correction MOD_USER DMAP – Digital Map Interpolation VARCHAR2(10) GDAP – Georeferenced digital aerial photography LU_COLLECTION_MTH_TYPE_FK GGPS – Surveyor quality GPS (Trimble, Leica, etc.) NUMBER(10) GSAT-I – Georeferenced satellite imagery WGPS – Recreational grade GPS (Garmin, Magellan, etc.) with WAAS activated COLLECTION_MTH_USE Look Up Table Name: DACS.LU_COLLECTION_METHOD VARCHAR2(10)

Verifier Last Name Definition: The Last name of the person verifying the measurement. Application Column Name: VERIFIER_LNAME Shapefile Column Name: VER_LNAM Data Type: Char Data Size: 40 Domain: Free text Look Up Table: No

Verifier First Name Definition: The first name of the person verifying the measurement. Application Column Name: VERIFIER_FNAME Shapefile Column Name: VER_FNAM Data Type: Char Data Size: 40 Domain: Free text Look Up Table: No

Verifier Affiliation Definition: The agency or company for whom the verifier works. Application Column Name: VERIFIER_AFFILIATION Shapefile Column Name: VER_AFF Data Type: Char Data Size: 75 Domain: Free text Look Up Table: No

Verifier Division Definition: The DACS division performing the verification. DACS.LU_DACS_DIVISION Application Column Name: VERIFIER_DIVISION PK Shapefile Column Name: VER_DIV NOT NULL NUMBER(10) Data Type: Char DIVISION_NAME VARCHAR2(60)

DIVISION_ABBREVIATION VARCHAR2(5)

END_DATE DATE

DIVISION_SHORT_NAME VARCHAR2(35) Data Size: 60 Domain: See Look Up Table Look Up Table Name: DACS.LU_DACS_DIVISION

Page - 54 - of 113 Application Development Standards

Verification Date Definition: The date and time on which the verification was performed. Application Column Name: VERIFICATION_DATE Shapefile Column Name: VER_DATE Data Type: Date Data Size: Domain: Any valid date Look Up Table: No

Optional Elements Definitions

Latitude Measure –Degrees Definition: The degrees portion of the angular distance on a meridian north or south of the equator. Application Column Name: LATITUDE_D Shapefile Column Name: LAT_D Data Type: Number Data Size: 3 Domain: +23 though +31 (for the Florida landmass and surrounding waters) Look Up Table: No

Latitude Measure - Minutes Definition: The minutes portion of the angular distance on a meridian north or south of the equator. Application Column Name: LATITUDE_MM Shapefile Column Name: LAT_MM Data Type: Number Data Size: 2 Domain: +0 through +59 Look Up Table: No

Latitude Measure - Seconds Definition: The seconds portion to four significant digits of the angular distance on a meridian north or south of the equator. Application Column Name: LATITUDE_SS Shapefile Column Name: LAT_SS Data Type: Number Data Size: 6.4 Domain: +0.0000 through +59.9999 Look Up Table: No

Longitude Measure –Degrees Definition: The degree portion of the angular distance on a meridian east or west of the prime meridian. Measurements west of the prime meridian are by convention regarded as negative, the standard provides for the storage of negative values to conform to current practice. Application Column Name: LONGITUDE_D Shapefile Column Name: LONG_D Data Type: Number Data Size: 3 Domain: -79 through -87 Look Up Table: No

Page - 55 - of 113 Application Development Standards

Longitude Measure –Minutes Definition: The minute portion of the angular distance on a meridian east or west of the prime meridian. Application Column Name: LONGITUDEMM Shapefile Column Name: LONG_MM Data Type: Number Data Size: 2 Domain: +0 through +59 Look Up Table: No

Longitude Measure - Seconds Definition: The second portion to four significant digits of the angular distance on a meridian east or west of the prime meridian. Application Column Name: LONGITUDE_SS Shapefile Column Name: LONG_SS Data Type: Number Data Size: 6.4 Domain: +0.0000 through +59.9999 Look Up Table: No

Offset Range Definition: Distance and measurement units for Offset to Exact Object of Interest Location. Application Column Name: OFFSET_RANGE Shapefile Column Name: OFF_RANG Data Type: Char Data Size: 25 Domain: Free text Look Up Table: No

Offset Compass Bearing Definition: Compass bearing (degrees) for Offset to Exact Object of Interest Location. Application Column Name: OFFSET_BEARING Shapefile Column Name: OFF_BEAR Data Type: Number Data Size: 3 Domain: 1 to 360 Look Up Table: No

Offset Measurement Method Definition: Mechanism used to measure the range and bearing for Offset to Exact Object of Interest Location was measured due to some obstruction to the satellite signal. By measuring the direction and distance from the object of interest to a point where the measurement can be taken Application Column Name: OFFSET_MEASURE_METHOD Shapefile Column Name: OFF_METH Data Type: Char Data Size: 25 Domain: Free text Look Up Table: No

Physical Location County Definition: The name of the administrative sub-division of a state for the Name physical location of that feature. DACS.LU_COUNTIES Application Column Name: PHYSICAL_COUNTY_NAME Shapefile Column Name: PHY_CNAM

Page - 56 - of 113 Application Development Standards LU_COUNTY_PK Data Type: Char NOT NULL NUMBER(10) Data Size: 25

COUNTY_NAME NOT NULL VARCHAR2(25)

FIP_COUNTY_CODE VARCHAR2(3)

CRE_DATE NOT NULL DATE Domain: CRE_USER Look Up Table: DACS.LU_COUNTIES NOT NULL VARCHAR2(30)

MOD_DATE DATE

MOD_USER VARCHAR2(30)

END_DATE DATE

ALPHA_COUNTY_CODE NUMBER(2)

Physical Location County Definition: The FIPS number of the administrative sub-division of a state for Number the physical location of that feature. A county code is only unique if it is DACS.LU-COUNTIES (SEE combined with the two character state code or the character number code (FIPS ABOVE) Pub 5-2). An example would be, Alachua = FL001 or 12001, Miami-Dade = FL086 or 12086. Application Column Name: PHYSICAL_FIPS_COUNTY_CODE Shapefile Column Name: PHY_CFIPS Data Type: Char Data Size: 3 Domain: Look Up Table: DACS.LU_COUNTIES

Page - 57 - of 113 Application Development Standards

APPENDIX 3: ENTITIES

ENTITY Current definition ACTION Activity required as a result of a triggering event such as a compliance inspection. ACTIVE INGREDIENT A chemical compound that is contained within a particular brand of pesticide. ACTIVITY An action taken by FDACS in the course of fulfilling its regulatory responsibilities. AGENCY An organization created through political action that exercises regulatory authority. These organizations may be established at the local, state, federal, or international level. Examples include: USDA, FDA, DEP, Suwannee River Water Management District, International Trade Commission AGENT/OFFICER Florida resident or corporation that acts as the representative for a business/company. AGREEMENT A binding agreement between FDACS and another party (vendor, private/public organization, or person). The agreement may involve the other party providing goods or services to the FDACS, or FDACS providing goods or services to the other party. Examples include: Southeastern States Forest Fire Compact (Florida Forest Service), FEPP and State Excess Property lease/sale agreements (Florida Forest Service), Land Acquisition Agreement (Florida Forest Service), ESF/EOC (Florida Forest Service, OALE, Marketing), Florida Forest Service Training Contract (Florida Forest Service), State Purchasing Contracts (Department of Management Services). ANALYTICAL RESULT The data resulting from the application of prescribed analytical procedures (tests) to a sample or survey. Examples: Octane rating (Standards-Gasoline Lab), Result of virus testing (Plant Industry), Pest Identification (Florida Forest Service),% Fat (Food Safety-field inspector) APPLICANT A person, business, or other entity that submits an application to FDACS. This application may be for employment opportunities, regulatory compliance, grant requests, registration, or land lease/purchase. APPLICATION Designated documents required by FDACS for submittal for employment, new registrations, registration renewals, lemon law arbitration, claims APPLICATOR Individual licensed to apply pesticides. ASSIGNMENT An activity scheduled to fulfill FDACS regulatory responsibilities. BID A price offered by a vendor to complete a job. BOND A certificate with monetary value that is held by the department used to protect business in case of a dispute. BRAND A unique pesticide registered with FDACS. BROKER One who is responsible for getting a product placed in the market to retailers. BUDGET ITEM The actual line item as it appears in the appropriations bill passed by the Legislature. Example: category of expenditure BUREAU The subdivisions within a FDACS division. BUSINESS A sole proprietorship, partnership, or corporation engaging in activities regulated, overseen, or licensed by FDACS. Synonyms include: firm, client, entity, establishment, company BUYER One who buys a product or service from FDACS. CALL Information pertaining to a consumers call on the 800 number. CERTIFICATE A document issued by FDACS, or to FDACS, that authorizes a business or individual to perform certain functions or activities. Synonyms include: permit, registration, license, authorization CIVIL ACTION A legal proceeding filed in civil court. CLAIM Request for a refund against a business (entity, firm, owner).

Page - 58 - of 113 Application Development Standards CLIENT A sole proprietorship, partnership, or corporation engaging in activities regulated, overseen, or licensed by FDACS. Synonyms include: firm, business, entity, establishment, company CLIPS Newspaper and magazine articles of particular interest to FDACS. COMPANY A sole proprietorship, partnership, or corporation engaging in activities regulated, overseen, or licensed by FDACS. Synonyms include: firm, client, entity, business, establishment COMPLAINT A report, notice, correspondence or other indication that (1) a person believes he has been injured by a business; (2) a person believes he has been the victim of a crime or deceptive practice; or (3) a person believes a business is engaged in deceptive trade practices or has violated a law. The business may or may not be regulated by FDACS. A complaint may be against actions of FDACS. A complaint must be received in a written format. COMPLIANCE METHOD The terms and agreement that a violator will pursue to remove or improve a substandard product or device which will correct a violation. COMPONENT One piece of a system used for weighing or measuring. COMPOUND Compound that is contained within a laboratory sample. CONDITION 1.) The state of being of an object or thing during inspection. 2.) A provision making the effect of a legal instrument contingent upon the occurrence of a future event as in the conditions of a warning letter. CONSUMER People when interacting with FDACS in a non-regulatory capacity. Persons, group or company whose interest is protected by regulations enforced by FDACS. Synonyms include: general public, citizen CONTACT A person within an organization, company, industry, business who has information needed by FDACS. Synonym: representative CONTRACT A binding agreement between FDACS and another entity (vendor, public or private organization or person) to arrange for the supply of goods or services to FDACS. CORRECTIVE ACTION A scheduled way of completing tasks recommended by auditors. PLAN CORRESPONDENCE Communication generated or received which the date received, person assigned to, and response due date requires tracking. CP LABORATORY A test or series of tests performed on products submitted to the laboratory. These ANALYSIS tests are specific to product specifications furnished or published by State agencies or education product specifications. CP SAMPLE Commodities or products utilized in various state agencies/institutions such as carpet, paint, custodial chemicals, office supplies that are submitted to the laboratory for testing against established specifications. CP SAMPLE SOURCE The agency or vendor contracting for testing services. CROP Cultivated plants grown within the state of Florida as reported by FDACS. CROP-SITE Location where a pesticide is used. CUSTODY Responsible party for a sample at a point in time. CUSTOMER An identified user or consumer of goods or program services provided by FDACS. DEALER One who sells FDACS products. DEVICE An instrument used for weighing or measuring a commodity. DEVICE TEST The test is an evaluation of the performance of a device done by determining how accurately it measures a known standard. DIAGNOSIS Investigation or analysis of the cause or nature of a condition, situation, or problem. DISASTER A natural weather situation that causes great destruction.

DISTRICT The geographical area to which FDACS employees are assigned to conduct

Page - 59 - of 113 Application Development Standards regulatory operations. Synonyms: region. Examples include: Florida Forest Service districts (Florida Forest Service), work centers (Florida Forest Service), regional office (Office of the Commissioner)

DIVISION A functional unit within FDACS. Example: Food Safety, Florida Forest Service EMPLOYEE Person recognized by COPES as being associated with FDACS for the purpose of providing a service to FDACS for pay. This would include OPS (Other Personnel Services), Career Service, SES (Select Exempt Service and SMS (Senior Management Service). It would not include volunteers. EMPLOYEE Certification/accreditation of employees (lab evaluation officer, certified sampler, CREDENTIALS rating officer, bulk milk hauler examiner. EMPLOYEE TIME AND Report of actual time employee worked each day during an established two-week ATTENDANCE pay period. ENTITY A sole proprietorship, partnership, or corporation engaging in activities regulated, overseen, or licensed by FDACS. Synonyms include: firm, business, client, establishment, company ENFORCEMENT A penalty or warning issued to a business or individual that is not complying with regulatory requirements under the purview of FDACS in order to encourage current and future compliance. Examples include: administrative fines, warning letters, license suspension, license revocation, probation, stop sales, arrest ENVIRO-FATE-STUDY Environmental fate study reports received on EF forms. Examples: Product chemistry summary, leaching and absorption/de-absorption studies, soil column studies ENVIRONMENT A complex of physical, chemical and biotic factors (i.e., climate, soil, flora, fauna) associated with or surrounding an activity or action of FDACS, or businesses regulated by FDACS. The environment could include the premises and facilities involved in the activity. Examples include: pest biology and distribution (Plant Industry), blood borne pathogen program, asbestos evaluation and abatement program (General Services), ground water, surface water, or other environmental media (AES), exotic or sensitive species (Florida Forest Service) Premises / facilities containing livestock (Animal Industry) EQUIPMENT A process by which a piece of equipment, such as a test weight, is compared to a CALIBRATION physical standard with a known value and either adjusted to be within acceptable parameters or its actual value is defined so that corrections can be calculated by its end user. EQUIPMENT ITEM Object used by an employee to assist in the performance of their duties. EQUIPMENT OWNER Same as owner: entity that submits a standard for calibration. ESTABLISHMENT A sole proprietorship, partnership, or corporation engaging in activities regulated, overseen, or licensed by FDACS. Synonyms include: firm, business, client, entity, company EXPENSES Cost associated with and activity or a product. EXTERNAL External factors that can impact an agency program. Examples: economy, social ENVIRONMENT and political climates, competing activities and stakeholders and unusual events such as a weather event or strike. ESTABLISHMENT A sole proprietorship, partnership, or corporation engaging in activities regulated, overseen, or licensed by FDACS. Synonyms include: business, entity, company, client, firm FACILITY Buildings and grounds used by FDACS. Examples include: State market (Marketing), Fire tower (Florida Forest Service),District office (Florida Forest Service), Conner Building, Gainesville (Plant Industry) Mayo Building FAUNA Animals characteristic of a region, period, or special environment. FEE The cost for providing a particular service. FINANCIAL Includes all accounting items resulting from action by FDACS. These items are

Page - 60 - of 113 Application Development Standards ultimately the responsibility of the Bureau of Finance and Accounting, or the Bureau of Planning and Budgeting. Examples include: fees (Food Safety), billings (accounts receivable) (Fruit and Vegetables, Animal Industry), budget, General Revenue funds, Trust funds, appropriations/allocations FINANCIAL Identifies charges and receipts such as permit fee, fine, sample fees. TRANSACTION FINE Monetary payment to FDACS as a result of a violation. FIRM A sole proprietorship, partnership, or corporation engaging in activities regulated, overseen, or licensed by FDACS. Synonyms include: Business, client, entity, establishment, company FLORA The plant or bacterial life characteristic of a region, period, or special environment. FOREST A land area supporting a growth of trees and underbrush. The forest may be managed by FDACS (state forests), or by the landowner with or without the assistance of FDACS. Examples: Withlacoochee State Forest, Private Non- Industrial Forest (PNIF), State parks ("owned" by DEP; managed by FDACS) HAZARD Possible risks that may occur as a result of a specific pesticide use. HEARING Details about a hearing that may result from an inspection that determines non- compliance. INCENTIVES A monetary or other award for use of a FDACS program. Example: Fresh from Florida program INCIDENT An event reported to FDACS, which may result in action by FDACS. Examples include: smoke report (Florida Forest Service), a fire, or group of fires, that goes beyond the capability of the Bureau of Forest Protection to control (Florida Forest Service), telephone call (Consumer Service 800 service), food borne illness report INDUSTRY GROUP A non-government organization representing an industry, industries, or point of view that provide input to FDACS or through whom FDACS provides information to the industry. Examples include: Tomato Committee (Fruit and Vegetables), Florida Fire Chief's Assoc. (Florida Forest Service), Florida Forestry Assoc. (Florida Forest Service), Florida Petroleum Marketers Association (Food Safety, Consumer Services) INSPECTION The action of visiting a business, user, or consumer site to determine via visual and/or field analytical testing if the business, business site, procedures, and/or product(s) are in compliance with applicable Florida laws, code and rules. Inspections may also be visual and/or analytical testing of FDACS equipment for compliance with State and Federal safety and health laws, codes and rules.

INSPECTION ROUTE An assigned region of the state in which an inspector is responsible for testing all devices and performing related W&M testing and investigating duties. INSPECTOR An employee of FDACS who conducts inspections to determine compliance with applicable Florida laws, codes and rules. INVESTIGATION Research into the activities, records, processes, or procedures of a business, person, or industry to determine compliance with applicable Florida laws, codes and rules. Investigations will generally result from an incident or violations found during inspections or testing. Investigations will generally be more in-depth than inspections; they are more directed towards determining possible violation of the law than research. INVOICE A statement of services or products rendered and the cost of those services or products. The invoice may be issued to FDACS by vendors for services/products provided, or by FDACS to external entities for services/products provided. Example situations where invoices are provided: veterinary testing (Animal Industry), citrus billing for inspection/grading (Fruit and Vegetables), tree seedlings (Florida Forest Service), fire suppression (Florida Forest Service),

Page - 61 - of 113 Application Development Standards commercial feed testing (AES). LAND A portion of Florida’s solid and aquatic surface distinguishable by boundaries or ownership. LICENSE A document issued by FDACS, or to FDACS, that authorizes a business or individual to perform certain functions or activities. Synonyms include: permit, registration, certificate, authorization

LAB ANALYSTS Chemist or technician preparing, analyzing, or handling the sample. LABORATORY A facility with appropriate instruments and professional employees where samples are analyzed according to prescribed methods for the purpose of determining compliance with established standards. Examples include: Fertilizer Laboratory (AES), Chemical Residue Laboratory (Food Safety), Petroleum Testing Laboratory (Consumer Services), commercial laboratories MANUFACTURER Entities that register with FDACS for authorization to produce and sell a specific pesticide brand. ORGANIZATION Florida Department of Agriculture and Consumer Services ORGANIZATION UNIT A sub-unit of FDACS. Examples: Division of Food Safety, OATS, Bureau of Personnel Management OWNER The person, persons, or corporate entity identified as being responsible for the actions of the business, the legal holder of the property, or the source of information necessary to conduct regulatory action with the business. Synonyms include: landowner (Florida Forest Service), custodian (Animal Industry), purchaser (Animal Industry), corporate officer (AES) PAYMENT Money paid to FDACS by a business, firm, entity, or owner as a result of a financial transaction. Example: registration fee, permit fee, application fee PENALTY Penalty and/or fines against a business, firm, entity, owner based on hearing results. PERMIT A document issued by FDACS, or to FDACS, that authorizes a business or individual to perform certain functions or activities. Synonyms include: license, registration, certificate, authorization PERMIT STATUS Identifies condition of a permit (active, temporary, cancelled, inactive). PERMIT LAB METHOD Identifies lab and method for which a permit is accredited. PERSON An individual who is regulated or licensed by FDACS. Not an employee of FDACS. Examples: Pest Control Operator (AES), Qualifier (LPGAS) PESTS An injurious plant or animal (insect) intended to be controlled by use of a pesticide or herbicide. POSITION An organization unit corresponding to one person. PROCEDURE 1.) A specific laboratory procedure to identify or measure a disease agent or altered body state caused by such agent. The established laboratory operating procedures. 2.) A specific laboratory procedure used to test for the existence and quantity of an analytes. Prescribed and documented series of steps to assure the collection of a valid documentary or physical sample. PROCUREMENT Attainment of resources or non-Career Service personnel. Examples: materials, equipment, and contractors. PRODUCT An assortment of products or services sold or provided by FDACS. Examples: tree seedlings (Florida Forest Service), Fresh From Florida shirts (Marketing)

PRODUCT WEIGHT Statistical weighing of products within the National Institute of Standards and TEST Testing. PROPOSAL A package of documentation and plans put forward for consideration for acceptance and action. Examples: Contract proposals, lease proposal, CARL acquisition proposals, Rural Development Grant Proposals.

Page - 62 - of 113 Application Development Standards REFERRAL Complaint, investigations, or information requests which are referred to another agency. The other agency could be a different division within FDACS, another State of Florida agency, a Federal agency, an agency of another state or country. REGION The geographical area (territory) which FDACS employees are assigned to conduct regulatory operations. Synonyms: district Examples: Florida Forest Service districts (Florida Forest Service), work centers (Florida Forest Service), regional office (Office of the Commissioner). REGISTRATION Businesses that have received some type of authorization through FDACS. REGULATED PROCESS An activity or procedure that is regulated or overseen by FDACS. Examples: Forestry Best Management Practices, Nitrate Best Management Practices, Temik application control REIMBURSEMENT A refund of an overpayment for a registration. REMEDY Recommended resolution for a violation discovered during an investigation. Examples: fines, revocation REPRESENTATIVE Employees or people with a significant ownership or stake in the business. Synonym: contact REQUEST An external or internal request for services of or action by FDACS or one of its employees. For example, request may be a citizen’s complaint, a request for licensing information, or a request from a senior agency manager for information. Usually assigned (assignments) to an agency employee action (action taken, activity). RESOURCE Funds, equipment, personnel and material available or proposed to accomplish a FDACS action plan. RENEWAL Annual renewal information received from a business. SALES The act of FDACS transferring ownership of property, or resources of the property for a financial consideration. Examples: timber sales (Florida Forest Service), property sales (Florida Forest Service, General Services), tree seedlings (Florida Forest Service), Fresh From Florida materials (Marketing)

SAMPLE A representative portion of a product, or a single item from a larger group, that is analyzed to determine the biological, chemical, or physical characteristics of the product. SCHEDULE The time and sequence of events/actions. Examples include: Inspection schedule, prescribed burn schedule, shift work schedule, appointment schedule, equipment maintenance schedule SHIPMENT A transportation of goods wherein the goods, or the action of moving those goods, may be regulated or overseen by FDACS. SPECIES A biological classification of organisms. STORAGE TANK A container/well at a farm or plant used to store a substance that is regulated by FDACS. TEST 1.) An analytical evaluation or examination of a product, sample, specimen, or devise, following prescribed procedures, yielding analytical results defining the contents or characteristics of the analytes. Examples: Hobart fat test, livestock scale calibration 3.) A written, verbal, or demonstrative examination administered to a person to determine knowledge or skill relative to the subject matter of the examination. Examples: pest control operator examination, restricted use pesticide applicator examinations

TRAINING Skills, knowledge, or processes conveyed, or desired to be conveyed, to an individual or organizational unit. Examples include: Supervisor training, WordPerfect training, Basic Fire Control Training (Florida Forest Service) TRANSACTION TYPE Financial transaction type, such as permit fee, fine, sample fee

Page - 63 - of 113 Application Development Standards UNIT of MEASURE Identifies the unit of measure for the sample item lot size. Examples: gallon, pound, item count VENDOR Businesses that provide goods or services to FDACS. These businesses may be manufacturers or distributors who submit samples for testing in conjunction with either State purchasing or Florida education facilities program (Standards- Commodity Testing Lab.).

VIOLATION Non-compliance with rules and regulations administered by FDACS. WITNESS People who have been contacted to gain information about an investigation.

Page - 64 - of 113 Application Development Standards

APPENDIX 4: ACRONYMS and ABBREVIATIONS

Acronym / Definition Division or Application where used Abbreviation

A&A Able and available for work AES AAGNT Account Agent AES ABI Available balance indicator FIS AC Available credits AES ACCT Account, accounts FIS, FOOD, AES ACCTR Account relations AES ACPTD Accepted AES ACQ Acquire, acquired ACT Action, activity FOOD, AES ADDL Additional ADMIN, AES ADDR Address DACS, FAVR, SUNTRACK, ADJ Adjust, adjustment, adjusted ADMIN, FOOD ADJCT Adjudicate AES ADMIN Administrative, administration ADMIN, AES ADP Automated Data Processing AES AEIT Agency for Enterprise Information Technology State AES Division of Agricultural Environmental Services Department wide AG Agriculture ALL AGCY Agency AGLAW Office of Agricultural Law Enforcement Department wide AGNT Agent AES AGR Agreement AGWATER Office of Agricultural Water Policy Department wide AHIST Account History AES AICC Aquaculture Interagency Coordinating Council AQUA AIMS Administration Imaging Management System ADMIN AITC Animal Industry Technical Council ANIMAL ALLOC Allocation, allocate FIS, FOOD, AES ALT Alternate FOOD, FAVR, SUNTRACK, AES ALTEN Alternative entrance to a site or facility Department wide – Locational Data Standards ALW Allow AES AMB Agriculture Market Bulletin Marketing AMENDMT Amendment AES

Page - 65 - of 113 Application Development Standards AMT Amount DACS, AES ANAL Analysis ANLY Analyst ANN Annual ANNIV Anniversary DACS ANS Answer APPL Applicant FAVR, APPLN Application REV APPR Approved, also appropriation FAVR, Admin APPRC Appearance AES APPROX Approximate APPT Appointment FAVR, DACS APRVD Approved Admin ARC Aquaculture Review Council AQUA ARCH Archive REV, DACS ASMT Assessment AES ASSG Assignment ASSOC Associate AES ASSP After School Snack Program (USDA) FOOD, NUTRITION & WELLNESS ASST Assistance, assistant, assist ATOZ A to Z Guide Consumer Services ATRNY Attorney AES ATTMPS Attempts AES ATTN Attention ATTND Attend, attendance AU Agency unique FIS AUD Audit AES AUNIT Account Unit AES AUTH Authorization, authority, authorize, authorized AES AUTO Automatic AUX Auxiliary AES AVAIL Available, availability AES AVG Average DACS BAU Brix Acid Unit System Fruit & Veg BCKGRND Background AES BAL Balance ADMIN, FOOD, DACS, FIS BCM Bureau of Compliance Monitoring AES BDGT Budget ADMIN BE Budget Entity ADMIN

Page - 66 - of 113 Application Development Standards BEG Begin, beginning FIS, FAVR, AES BENF Benefit AES BEPC Bureau of Entomology & Pest Control AES BF Benefiting FIS BFCFI Benefiting certified forward indicator FIS BGSI Bureau of General Services Inventory ADMIN BLCLM Blocked claim AES BK Book AES BKG Banking, bookkeeping FIS, BKRPT Bankrupt AES BKUP Backup FIS, REV BLDG Building AES BLK Block, blocked AES BMP Best Management Practices AgWater, Florida Forest Service BMPTS Best Management Practices System AgWater BNDY Boundary of a site or facility containing an object of Department Wide – Locational Data interest. Consumer Services BPI-IMS Bureau of Petroleum Inspection – Information Consumer Services Management System BPIN Beginning property item number FIS BPSM Florida Board of Professional Surveyors and Consumer Services Mappers BTCH Batch AES BUS Business FOOD, FAVR BWE Benefit Week Ending AES BYB Benefit Year Beginning AES BYE Benefit Year Ending AES CACFP Child and Adult Care Food Program (USDA) FOOD, NUTRITION & WELLNESS CACP Customer Assistance Certification Program FRUIT & VEG CAL Calendar ADMIN CALC Calculation, calculate FOOD, FIS, DACS, AES CAPAS COOP and Personal Assets System ADMIN CAPPR Court appearance AES CARR Carrier AES CAT Category FIS, AES CATS Compliance & Actions Tracking System AES CBILL Closure Bill AES CCEP-S PDA Sentinel Survey Inspection Application PLANT CDE Code FOOD, AES CDTR Creditor AES

Page - 67 - of 113 Application Development Standards CELS Cooperative Equipment Lease System Florida Forest Service CERT Certified, certificate, certification FOOD, FAVR, AES CEU Continuing Education Unit List AES CFI Certified forward indicator ADMIN, CFDA Catalog of Federal Domestic Assistance State CFSA Catalog of State Financial Assistance State CG Contracts and grants ADMIN CGIP Citrus Germplasm Introduction Program Plant CG_FTI Contracts and grants flow through indicator ADMIN CG_LOC Contracts and grants letters of credit ADMIN CHAP Chapter AES CHAR Character State CHG Change AES CHK Check ADMIN CHRG Charge AES CHRP Citrus Health Response Program PLANT CIMCA Complex Incident Management Course Application Florida Forest Service CIP Capital Improvements Program All CIPP Capital Improvements Program Plan All CIRC Circuit AES CLBYE Claim BYE AES CLI Client CLK Clerk AES CLKLTR Clerk letter AES CLM Claim AES CLMT Claimant AES CLO Close, closed, closing AES CLR Clear, clearance AES CLRNG Clearing AES CLS Class, classification AES CLTR Closure Letter AES CMPL Complete, completed AES CMT Comment AES CNCL Cancel, canceled, cancellation ADMIN, AES CNFRM Confirm AES CNFRMATN Confirmation AES CNP Child Nutrition Program (USDA) FOOD, NUTRITION & WELLNESS CNT Count FOOD, AES CNTMCY Contumacy AES

Page - 68 - of 113 Application Development Standards CNTR Center AES CNTRY Country CNTY County SUNTRACK CNVRSTN Conversation AES CO Company AES COL Column AES COLL Collection, collect, collectible AES COMM Commodity COMMUN Communication COMP Compensation DACS COMPLI Compliance AES COMPT Comptroller AES CONCLM Continued Claim AES COND Condition CONT Contract FIS CONTC Contact CONTD Continued, continue AES CONTR Contracter AES CONTRIB Contributory AES CONV Convert, conversion AES COOP Continuity of Operations Department COORD Coordinate CORP Corporation, corporate AES CORR Correspondence AES COV Coverage AES CPS Claims Processing System FOOD, NUTRITION & WELLNESS CQ Contributory Quarter AES CR Credit AES CRE Create, created Department CRE Coordinated Review Effort (USDA) FOOD, NUTRITION & WELLNESS CRED Credentials CRIT Criteria AES CRL Chemical Residue Lab Food Safety CRSE Course CRT Court AES CSE Case AES CTR Center AES CENTR The physical center position of the site containing Department-Locational Data Standards the object of interest.

Page - 69 - of 113 Application Development Standards CTH Central Transaction History – Dept. Financial ADMIN Services CTIS Commerce Transport Imaging System CTRL Control CTRS Citrus AES CTY City AES CUM Cumulative CURR Current FAVR, AES CUST Customer DACS CWC Combined Wage Claim AES CWCH Crew Chief AES CYL Cylinder DACS Department of Agriculture & Consumer Services Department System DAT Data AES DAFS Division of Administration File System ADMIN DB Debit AES DB/CR Debit/Credit AES DBPR Dept. of Business & Professional Regulation AES DCSN Decision AES DECRE Decree AAES DED Deduct, deducted, deduction FAVR DEL Delete AES DEPT Department DACS DESC Description FAVR, FOOD, DACS, LPGAS, FIS, AES DETN Determination AES DETSEQ Determination Sequence AES DET Determine AES DFDNT Defendant AES DFLT Default DFS Department of Financial Services ADMIN DGT Digit AES DIFF Difference AES DIR Director DISB Disbursement ADMIN, FOOD DISCHRG Discharge AES DISI Department Information Systems Inventory OATS DISMIS Dismissal AES DISP Disposition FOOD

Page - 70 - of 113 Application Development Standards DIST District FOOD, FAVR, SUNTRACK, AES DITC Dairy Industry Technical Council FOOD DIV Division DACS DLQ Delinquent AES DLY Daily AES DOACR Div. of Admin. Correspondence Control System ADMIN DOB Date of birth FAVR DOC Document FOOD, DACS, AES DOC Department of Corrections (Florida) MARKET DOCS Division of Consumer Services System CONSUMER SERVICES DOD Department of Defense MARKET DOE Department of Education (Florida) MARKET DOF Division of Forestry FLORIDA FOREST SERVICE DOH Florida Department of Health FOOD DOH Date of Hire ADMIN DOH Department of Health PLANT DOI Department of Interior FLORIDA FOREST SERVICE DOR Department of Revenue AG LAW ENF DOT United States or Florida Department of CONSUMER SERVICES Transportation DP Data Processing ADMIN DPB Affiliate of Planning and budgeting - Executive Office FOOD of Governor DPI Division of Plant Industry PLANT DPI Directors Personnel Information System ADMIN DPS Data Processing Services ADMIN DPST Deposit AES DROP Deferred Retirement Option Program ADMIN DSGI Division of State Group Insurance ADMIN DSL Division of State Lands FLORIDA FOREST SERVICE DSO Defense Supply Office (part of DOD) MARKET DSST Department Supervisory Standards Training ADMIN DT Date ADMIN DTE Date SUNTRACK DTL Detail AES DTT Department Training Team ADMIN DTTM Department Training Team Members ADMIN DU DUE AES DUA Disaster Unemployment Assistance AES DUPL Duplicate

Page - 71 - of 113 Application Development Standards DVAR Data variable AES DVMO District Veterinary Medical Officer ANIMAL DWN Down AES EAP Employee Assistance Program ADMIN EDI Electronic Data Interchange ADMIN EDMS Electronic Document Imaging System LICENSING EEC Environmental Education Center ADMIN EEE Eastern Equine Encephalitis ANIMAL EEO Equal Employment Opportunity ADMIN EEOC Equal Employment Opportunity Commission ADMIN EFF Effective FAVR, AES EFT Electronic Funds Transfer ADMIN EGC E-Government Center ADMIN, AES, Consumer Services., Fruit and Vegetables, Plant EGIS GIS Enterprise Data Library Department wide EIA Equine Infectious Anemia ANIMAL EIS Electronic Inspection System FOOD EIS Enterprise Imaging System AgLaw, Plant, AES, FNW, ADMIN ELA Enzyme Labeled Antibody ANIMAL ELEC Electric ELH Entity Life History ADMIN ELIG Eligible, eligibility AES ELISA Enzyme Linked Immunoabsorbant Assay Test ANIMAL EM Electron Microscopic Examination ANIMAL EMIS Equipment Management Information System ADMIN EMIT Employment Management Initiative Team ADMIN EMP Employee FOOD, FAVR, LPGAS, DACS, AES EMP Employee Earnings System ADMIN EMPID Employer Identification AES EMPM Employment AES EMPR Employer AES EN End AES ENCUM Encumber, encumbrance ENF Enforce AES ENTRA The main public entrance to the facility or site Department wide – Locational Data containing the object of interest. Standards ENTY Entity AES ENVLP Envelope AES EO Expansion Option Identifier ADMIN, FIS EOC Emergency Operation Center ANIMAL, MARKET

Page - 72 - of 113 Application Development Standards EOG Executive Office of the Governor ADMIN EOG/OPB Executive Office of the Governor/Office of Planning ADMIN and Budgeting EOY End of the Year ADMIN EP Equine Piroplasmosis ANIMAL EPA U.S. Environmental Protection Agency ALL EPM Equine Protozoal Myeloencephlitis ANIMAL EPPC Exotic Plant Pest Council FLORIDA FOREST SERVICE EQP Equipment EQUIP Electronic Quality Inspection Process ERC Environmental Regulation Commission FLORIDA FOREST SERVICE ERD Entity Relationship Diagram ADMIN ERN Earn AES ERP Environmental Resource Permit FLORIDA FOREST SERVICE ERR Error, erroneous AES ERS Economic Research Office ADMIN ERV Equine Rhinopneumonitis ANIMAL ES Environmental Specialist AES ESA Endangered Species Act (enforced by the US Fish FLORIDA FOREST SERVICE and Wildlife Service) ESF Emergency Support Function ANIMAL ESF II Emergency Support Function II MARKET EST Estimate, estimated FOOD ESTB Establish AES ETM Earned too much AES EU European Union MARKET EUSAFEC Eastern US Agricultural and Food Export Council, MARKET Inc. EVA Equine Viral Arteritis ANIMAL EVAL Evaluation DACS EXCPT Exception AES EXCS Excess AES EXCL Exclude AES EXH Exhaust, exhausted AES EXMR Examiner AES EXPR Expire AES EXP Expenditure, expense EXST Existing AES EXT Extend, extension AES EXTCOV Extended coverage AES

Page - 73 - of 113 Application Development Standards EXTRNL External AES F & A Bureau of Finance and Accounting - DACS ADMIN F & V Division of Fruit & Vegetables FRUIT & VEG F&RP Forest and Resource Protection ADMIN FA Field Auditor AES FA Fire Alarm ADMIN FA Fluorescent Antibody ANIMAL FAA Florida Aquaculture Association MARKET FAC or F.A.C Florida Administrative Code ALL FACHPA Florida Agriculture Center and Horse Park Authority MARKET FACP Fire Alarm Control Panel ADMIN FACTS Florida Accountability Contract Tracking System Department of Financial Services FACTS Florida Agriculture Client Tracking System Marketing FAD Foreign Animal Disease ANIMAL FADD Foreign Animal Disease Diagnostician ANIMAL FAITC Florida Agriculture in the Classroom MARKET FALM Florida Association of Livestock Markets ANIMAL FAME Florida Alligator Marketing and Education Advisory MARKET Committee FAMFES Florida Association of Milk, Food, and Environmental FOOD Sanitarians FAP Fire Alarm Panel ADMIN FAPC Florida Agricultural Promotional Campaign MARKET FAPCTF Florida Agricultural Promotional Campaign Trust ADMIN Fund FAR Fair Adjustment Ratio AES FAS Foreign Agricultural Service MARKET FAS Field Auditor Supervisor AES FASB Financial Accounting Standards Board ADMIN FASS Florida Agricultural Statistics Service MARKET FAVR Fruit and Vegetables Realm F & V FAW Florida Administrative Weekly ADMIN, FOOD FAX Facsimile AES FBCL Florida Biological Control Laboratory PLANT FBI Food borne Illness FOOD FBrCA/CTVTF Florida BrCA/Citrus Tristeza Virus Task Force PLANT FCA Florida Cattlemen's Association ANIMAL, MARKET FCB Fuel Card Billing System ADMIN FCC Florida Council of Cooperatives MARKET FCCTATF Florida Citrus Canker Technical Advisory Task Force PLANT

Page - 74 - of 113 Application Development Standards FCHR Florida Commission on Human Relations ADMIN FCO Fixed Capital Outlay ADMIN FCOJ Frozen Concentrated Orange Juice FRUIT & VEG FCS Food Consumer Services ADMIN FCTR Federal Cash Transactions Report ADMIN FCWA Florida Cattle Women’s Association MARKET FD Food Distribution MARKET FDA (U.S.) Food and Drug Administration ALL FDACS Florida Department of Agriculture and Consumer ALL Services FDLE Florida Department of Law Enforcement AG LAW ENF FDOC or DOC Florida Department of Citrus FOOD, MARKET FEI Forestry Equipment Inventory FLORIDA FOREST SERVICE FED Federal LPGAS, AES FEHA Florida Environmental Health Association FOOD FELV Feline Leukemia ANIMAL FEMA Federal Emergency Management Agency ADMIN FEPP Federal Excess Personal Property FLORIDA FOREST SERVICE FF Filing Fee AES FF Fact finding AES FFVP Fresh Fruit and Vegetable Program (USDA) FOOD, NUTRITION & WELLNESS FF&VP Fresh Fruits and Vegetables (Department of MARKET Defense) FFA Florida Forestry Association FLORIDA FOREST SERVICE, MARKET FFA Future Farmers of America MARKET FFAC Florida Forever Advisory Council FLORIDA FOREST SERVICE FFB or FFBF Florida Farm Bureau Federation ANIMAL, MARKET FFD Fruit fly detection PLANT FFDCA Federal Food, Drug, and Cosmetic Act FOOD FFF Fresh From Florida MARKET FFF Florida Forests Forever MARKET FFFC Fresh From Florida Careers ADMIN FFGA Florida Fern Growers Association MARKET FFMIS Florida Financial Management Information System ADMIN FFS Florida Forest Services Florida Forest Service FFUSA From Florida USA MARKET FFVA Florida Fruit and Vegetable Association FOOD, FRUIT & VEG, MARKET FFY Federal Fiscal Year ADMIN FGFSA Florida Gift Fruit Shippers Association FOOD

Page - 75 - of 113 Application Development Standards FGGA Florida Grape Growers= Association MARKET FGS Farm Gate Sign MARKET FHD Functional Hierarchy Diagram ADMIN FHM Forest Health Monitoring FLORIDA FOREST SERVICE FHP Forest Health Protection FLORIDA FOREST SERVICE FHTET Forest Health Technology Enterprise Team FLORIDA FOREST SERVICE FIATC Florida International Agricultural Trade Council MARKET FICA Federal Insurance Contribution Act ADMIN FICC Florida Interagency Coordination Center FLORIDA FOREST SERVICE FICMNEW Federal Interagency Committee for Management of FLORIDA FOREST SERVICE Noxious and Exotic Weeds FID Fund identifier FIS, ADMIN FIFRA Federal Insecticide, Fungicide and Rodenticide Act AES, FOOD FIMS Food Inspection Management System FOOD FIN Financial AES FINL Final, Agency Clerk Filings System AES, ADMIN FIP Feline Infectious Peritonitis ANIMAL FIP Forestry Incentives Program ADMIN FIPS Federal Identification Processing System AES FIS Financial Information System ADMIN FIST Florida Interdiction Smuggling Team FOOD FIV Feline Immunodeficiency Virus ANIMAL FL Food Lab FOOD FLAIR Florida Accounting Information Resource ADMIN FLDDIST Field District AES FLDOFC / FO Field Office AES FLEET Fleet Communication System Florida Forest Service FLG Flag FLSA Fair Labor Standards Act ADMIN FLWUP Follow up AES FMB Florida Market Bulletin MARKET FMIS Fire Management Information System Florida Forest Service FMLA Family and Medical Leave Act ADMIN FMNP Farmers Market Nutrition Program aka WIC/FMNP MARKET FMP Forest Management Plan FLORIDA FOREST SERVICE FMP Financial Management Program ADMIN FMSALES Forest Management Timber Sales System FLORIDA FOREST SERVICE FNA Florida Nurses Association ADMIN FNAI Florida Natural Areas Inventory FLORIDA FOREST SERVICE

Page - 76 - of 113 Application Development Standards FND Fund AES FNGA Florida Nurserymen and Growers Association MARKET FNM Food and Nutrition Management FOOD, NUTRITION & WELLNESS FNS Food Nutrition Service ADMIN FNW Division of Food , Nutrition & Wellness FOOD, NUTRITION & WELLNESS FOB Freight on Board (shipping statement) ADMIN FOB Free-On- Board (Agricultural prices not including MARKET transportation charges) FOOD Food Safety System FOOD FOFAC Florida Organic Foods Advisory Council MARKET FOIA (Federal) Freedom of Information Act FOOD FORCST Forecasting AES FOREST Forest Management System FOREX Foreign Exchange ADMIN FORM Forms Management System ADMIN FP Foreign Produce - as it relates to CoO. FOOD FP Forest Protection Bureau FLORIDA FOREST SERVICE FP Food Pantry MARKET FPB Fresh Products Branch FRUIT & VEG, MARKET FPC Florida Petroleum Council CONSUMER SERVICES F-PERC another name for the FPGSERC CONSUMER SERVICES FPGA Florida Propane Gas Association CONSUMER SERVICES FPGSERA Florida Propane Gas Safety, Education and CONSUMER SERVICES Research Act FPGSERC Florida Propane Gas Safety, Education and CONSUMER SERVICES, MARKET Research Council FPI Final payment indicator FIS FPMA Florida Petroleum Marketing Association CONSUMER SERVICES FPO Field Purchase Order ADMIN FPPA Florida Peanut Producers Association MARKET FPYMNT First Payment AES FQPA Food Quality Protection Act of 1996 FOOD FQSC Florida Quality Systems Certification FRUIT & VEG FR Federal Register FOOD FRA Florida Restaurant Association MARKET FRD Fraud AES FRED University of Florida Food and Resource Economic MARKET Department FREQ Frequency FOOD, AES FreshNet Citrus Manifest Application F&V

Page - 77 - of 113 Application Development Standards FRM Firm FOOD FRM From AES FRMT Format AES FRNH Furnish AES FRP Food Recovery Program MARKET FRS Florida Retirement System ADMIN FS Division of Food Safety ADMIN FS Forest Stewardship ADMIN FS Financial Statements ADMIN FS or F.S. Florida Statute(s) FOOD, PLANT FS&Q Food Safety and Quality Program ADMIN FSA Farm Service Agency (USDA) MARKET, FRUIT & VEG FSCA Florida State Collection of Arthropods PLANT FSEIS Food Safety Electronic Inspection System FOOD FSFA Florida State Fair Authority ADMIN FSIS Food Safety and Inspection Service (USDA) FOOD and FRUIT & VEG FSIS Federal State Inspection Service FRUIT & VEG FSLIMS Food Safety Laboratory Information Management Food Safety System FSMIP Federal/State Marketing Improvement Program MARKET FSN Food and Nutrition Service (USDA) FOOD, NUTRITION & WELLNESS FSR Financial Status Report ADMIN FSRDC Florida State Rural Development Council ADMIN FST First AES FT Full Time AES FTAA Free Trade Agreement of the Americas MARKET FTBA Florida Thoroughbred Breeders Association MARKET FTBOA Florida Thoroughbred Breeder's and Owners' ANIMAL Association FTC Federal Trade Commission CONSUMER SERVICES FTDC Florida Trade Data Center MARKET FTE Fulltime Equivalent Position ANIMAL, ADMIN FTFFA Florida Tropical Fish Farms Association MARKET FTSATF Florida Tropical Soda Apple Task Force PLANT FVMA Florida Veterinary Medical Association ANIMAL FWA Florida Watermelon Association MARKET FWC Fish and Wildlife Conservation Commission MARKET FY Fiscal Year CONSUMER SERVICES FYE Fiscal Year Ending ADMIN FYI For Your Information FOOD

Page - 78 - of 113 Application Development Standards G/A Grant and Aids ADMIN GAA General Appropriations Act ADMIN GAAFR Governmental Accounting, Auditing, Financial ADMIN Reporting GAAP Generally Accepted Accounting Principles ADMIN GAL Gallon GAMS Graphic Assets Management System Marketing GAO Government Accounting Office FOOD GAO General Accounting Office FOOD GAPs Good Agricultural Practices FOOD GARN Garnish AES GASB Governmental Accounting Standards Board ADMIN GATT General Agreement on Tariffs and Trade MARKET GC Gas chromatography or gas chromatograph FOOD GCC Gulf Cooperation Council MARKET GCPDE The approximate position of the facility or site Department wide – Locational Data containing the object of interest based on address Standards geo-coding GDI Geospatial Data Integration Department wide GEN General AES GF Governmental Accounting, Auditing, and Financial ADMIN Reporting (GAAFR fund type) GFA Georgia, Florida, Alabama Peanut Association FRUIT & VEG GGG Gift Givers Guide Consumer Services GHB/GBL Gamma - Hydroxy - Butyrate / Gamma - FOOD Butyrolactone GIS Geographical Information System AES, ADMIN, PLANT GITF General Inspection Trust Fund ADMIN, AES, ANIMAL GL General ledger FIS GLC General Ledger Code ADMIN GMPs Good Manufacturing Practices FOOD GNRL General AES GOPB Governors Office of Planning and Budgeting ADMIN GOVT Government AES GPS Global Positional System FLORIDA FOREST SERVICE GR General Revenue Fund ANIMAL, AES, ADMIN GRP Group AES GRS Gross AES GRAS Generally Recognized as Safe FOOD GSC Gross Salary Charge ADMIN GSM102 Export Credit Guarantee Program MARKET

Page - 79 - of 113 Application Development Standards GSM103 Intermediate Export Credit Guarantee Program MARKET GT Greater than AES GVL Global Vet Link Electronic Health Certificates ANIMAL GY Grant Year ADMIN HACCP Hazard Analysis and Critical Control Point FOOD, MARKET HACP * Hazard Analysis and Critical Control Program ADMIN HB House Bill ADMIN HEPA High-Efficiency Particulate Air ADMIN HHST Higher Heat Short Time FOOD HI Heat Inactivation ANIMAL HIST History FOOD, DACS, AES HMIC Head Man in Charge FOOD HMO Health Maintenance Organization ADMIN HP Hewlett Packard ADMIN HQ Headquarters DACS, ADMIN HRNG Hearing AES HRS Hours, hour REV, FOOD, FAVR, AES HSUS Humane Society of the United States ANIMAL HTST High Temperature Short Time FOOD HVAC Heating, Ventilation and Air Conditioning ADMIN I&A Inholding and Additions Acquisition Programs FLORIDA FOREST SERVICE I&DC Insect and Disease Control ADMIN IAMFES International Association of Milk, Food and FOOD Environmental Sanitarians, Inc. IB Interstate Benefits AES IBBS International Boston Seafood Show MARKET IBD Infectious Bursal Disease ANIMAL IBI Internal budget indicator FIS, DACS, ADMIN IBR Individual Benefit Ratio AES IBR Infectious Bovine Rhinotracheitis ANIMAL IC Initial Claim AES ICS Internal Control Structure ADMIN ICS Incident Command System FLORIDA FOREST SERVICE, ADMIN ICSSL Interstate Certified Shellfish Shippers List FOOD ID Identify, identification, identifier SUNTRACK, FAVR, FOOD,LPGAS, FIS, REV, DACS, AES IFA Indirect Fluorescent Antibody Test ANIMAL IFA Imported fire ant PLANT IFAS Institute of Food and Agricultural Sciences ANIMAL, FOOD, MARKET, PLANT (University of Florida)

Page - 80 - of 113 Application Development Standards IFO Immediate final order PLANT IFPA International Fresh-cut Produce Association FOOD IFT Institute of Food Technologists FOOD IG Inspector General ADMIN IHS In His Service (Warehouse) MARKET IIBI Inter/intra department indicator FIS IMM Immediate AES IMS Conference Interstate Milk Shippers Conference FOOD IMSAT Immediate Satisfaction AES IMSL Interstate Milk Shippers List FOOD IMT Incident Management Teams FLORIDA FOREST SERVICE INA Inactive AES INC Incorporated AES INCORR Incorrect AES INDBT Indebtedness AES INDIC Indicator FIS, AES INDPC Independent Contractor AES INDTL Indebtedness Detail AES INDX Index AES INDY Industry AES INELIG Ineligible AES INFO Information SUNTRACK, FAVR INHERT Inherit – the position if inherited from another object Department wide – Locational Data of interest Standards INIT Initial(s), initiated SUNTRACK, FOOD INJ Injunction AES INS Immigration and Naturalization Service ADMIN, AES INSP Inspect, inspection, inspector FOOD INST Institution AES INSTL Install AES INSTN Instruction AES INT Interest AES INTF Interface AES INTL International INTRL Internal AES INTRV Interview INTSP Initial State/Political Instrumentality AES INV Invoice AES INVEN Inventory

Page - 81 - of 113 Application Development Standards INVEST Investigate, investigations AES IPM Integrated Pest Management FOOD, PLANT IQS Incident Qualifications System FLORIDA FOREST SERVICE IRIS Immediate Response Information System ADMIN, OATS IRM Information Resource Management ADMIN IRR Information Resource Request ADMIN IRS Internal Revenue Service ADMIN, AES ISDM Information Systems Development Methodology ADMIN ISM Information Security Manager ADMIN ISO International Standards Organization CONSUMER SERVICES ISP Internet Services Provider ADMIN ISS Issue, issued AES ISSC Interstate Shellfish Sanitation Conference FOOD, MARKET ISSO Information Systems Security Office ADMIN IT Information Technology ADMIN ITB Invitation to Bid ADMIN ITC Instructor Training Course ADMIN ITF Incidental Trust Fund ADMIN ITLC Information Technology Life Cycle DEPARTMENT ITR Information Technology Resource ADMIN IW Information Warehouse ADMIN JAD Joint Applications Development ADMIN JEOP Jeopardy AES JNL Journal ADMIN JOA Joint Opportunity Announcement ADMIN JRNL Journal AES JT Journal Transfer ADMIN JUDG Judgment AES KATS K9 Activity Tracking System AGLAW KCCO Kansas City Commodity Office FRUIT & VEG KCMO Kansas City Management Office FRUIT & VEG KSA Knowledge, Skills and Abilities ADMIN KW Kilowatt L/S Lump Sum ADMIN L1 Organization level 1 FIS L2 Organization level 2 FIS L3 Organization level 3 FIS L4 Organization level 4 FIS L5 Organization level 5 FIS

Page - 82 - of 113 Application Development Standards LAB Laboratory FOOD LAC Licensed Asbestos Consultant ADMIN LAMAC Land Acquisition and Management Advisory Council FLORIDA FOREST SERVICE LAN Local Area Network ADMIN LAS/PBS Legislative Appropriations System /Planning and ADMIN Budgeting Subsystem LAT Latex Agglutination Test ANIMAL LBL License and Bond Licensing Applications MARKET LBR Legislative Budget Request DCS, FOOD LC or HPLC High pressure liquid chromatography or high FOOD pressure liquid chromatograph LCI Livestock Conservation Institute ANIMAL LCTRL Lan Control AES LDGR Ledger LEA Livestock Exporters Association MARKET LEAS Lease AES LEG Legal LEGIS Legislature AES LEN Length AES LEO Laboratory Evaluation Officer FOOD LEV Level AES LFATF Leatherleaf Fern Anthracnose Task Force PLANT LGACT Legal Action AES LIAB Liability AES LIC License, licensed FAVR, DACS, LPGAS, AES LICG Licensing Reflections System LICENSING LIMS Laboratory Information Management System FOOD LIQ Liquidated AES LM or Lm Listeria monocytogenes FOOD LMRT Land Management Review Teams FLORIDA FOREST SERVICE LMT Limit LOA Leave of Absence AES LOC Location, local FAVR, FOOD, FIS, AES LOD Limit of detection FOOD LOQ Limit of quantitation FOOD LPG Liquefied Petroleum Gas, the most common of ADMIN, Consumer Services which is propane LPGAS Liquefied Petroleum Gas System Consumer Services LPYMNT Last Payment AES LQAB Laboratory Quality Assurance Branch FOOD

Page - 83 - of 113 Application Development Standards LRPP Long Range Program Plan All LSO Location Safety Officer ADMIN LST Last AES LT Less than AES LTD Life to date FIS LTD Long Term Disability ADMIN LTEA Leaf Tobacco Exporters Association MARKET LTR Letter AES LTRRCL Letter Recall AES LWOP Leave Without Pay ADMIN LVY Levy AES L/W Lien/Warrant M&D Division of Marketing and Development ADMIN MAG Magnetic AES MAINT Maintenance, maintain ADMIN, AES MAL Mail AES MAP Market Access Program MARKET MARS Maintenance Request System ADMIN MAX Maximum FOOD

MBAAO Minority Business Assistance and Advocacy Office ADMIN MBE Minority Business Enterprise ADMIN MBF Thousand Board Feet FLORIDA FOREST SERVICE MBI Memo blanket indicator FIS MCF Thousand cubic feet FLORIDA FOREST SERVICE MCI Market Cattle Investigation ANIMAL ME Mercaptoethanol ANIMAL MECH Mechanical, mechanism MED Media Medfly Mediterranean fruit fly PLANT MERCOSUR Southern Common Market MARKET METH Method AES Mexfly Mexican fruit fly PLANT MFPH Pseudorabies Monitored Feeder Pig Herd ANIMAL MFR Manufacturer FOOD Mg Mycoplasma gallisepticum ANIMAL MGMT Management AES MGR Manager SUNTRACK, FOOD MHD Mass Household Distribution MARKET

Page - 84 - of 113 Application Development Standards MIATCO Mid-America International Agri-trade Council MARKET MIC Management Information Center ADMIN MILLIMS Mobile Irrigation Laboratory Information AgWater Management System MIN Minimum FOOD, FIS, AES MINIT Middle initial AES MIS Management Information Systems ADMIN MISC Miscellaneous FAVR MISSG Missing AES MITF Market Improvement Trust Fund ADMIN MIWCTF Market Improvement Working Capital Trust Fund ADMIN MKT Division of Marketing and Development ADMIN MMI Maximum Medical Improvement ADMIN MMWR Morbidity & Mortality Weekly Report FOOD MO Money Order ADMIN MOA Memorandum of Agreement ADMIN MOAB Marketing Order Administration Branch FRUIT & VEG MOC Marketing Order Clearance (Certificate) FRUIT & VEG MOD Modify, modification, modifier MODL Module AES MOS Memorandum of Supervision ADMIN MOTF Motion Filed AES MOU Memorandum of Understanding ADMIN MPAG Management Plan Advisory Groups FLORIDA FOREST SERVICE MQs Minimum Qualifications ADMIN MRO Medical Review Officer ADMIN Ms Mycoplasma synoviae ANIMAL MS Mass spectrometry or mass spectrometer FOOD MSG Message REV, FOOD, AES MST Market Swine Test ANIMAL MTD Month to date FIS MTG Meeting AES MTH Month ADMIN, AES MTHLY Monthly MULTI Multiple AES MV Repair Motor Vehicle Repair (program in Division of ADMIN Consumer Services) MVR Motor Vehicle Repair DSC NA Not Applicable Department wide NAAMO North American Agricultural Marketing Officials MARKET

Page - 85 - of 113 Application Development Standards NACE National Association of Corrosion Engineers CONSUMER SERVICES NACMCF National Advisory Committee on Microbiological FOOD Criteria for Food NAFRI National Advanced Fire & Resource Institute Florida Forest Service NAFTA North American Free Trade Agreement MARKET, FOOD NAHEMS National Animal Health Emergency Mgt. System ANIMAL NAHLN Nat’l Animal Health Laboratory Network Animal NAICS North American Industry Classification FRUIT & VEG NME Name AES NAPMM National Association of Produce Market Managers MARKET NAPSR National Association of Pipeline Safety Regulators CONSUMER SERVICES NARUC National Association of Regulatory Utility CONSUMER SERVICES Commissions NASDA National Association of State Departments of MARKET Agriculture NASF National Association of State Foresters FLORIDA FOREST SERVICE NASLP National School Lunch Program MARKET NASMFIED National Association of State Meat and Food FOOD Inspection Directors NASPHV National Association of Public Health Veterinarians, ANIMAL Inc. NASS National Agriculture Statistics Service FRUIT & VEG NASS National Agricultural Statistics Service MARKET NAVLAP National Voluntary Laboratory Accreditation CONSUMER SERVICES Program NBS National Bureau of Standards FOOD NCASI National Council for Air & Stream Improvement FLORIDA FOREST SERVICE NCHG Non-charge AES NCIMS National Conference on Interstate Milk Shipments FOOD NCIMS National Council of Interstate Milk Shippers FOOD NCWM National Conference on Weights and Measures CONSUMER SERVICES ND None detected FOOD NDT Nondestructive Testing CONSUMER SERVICES NEC National Electrical Code CONSUMER SERVICES NEHA National Environmental Health Association FOOD NEO New Employee Orientation ADMIN NESHAP National Emission Standards for Hazardous Air ADMIN Pollutants NESB New Employee Sign-up and Benefits ADMIN NFC Not From Concentrate FRUIT & VEG NFI National Fisheries Service MARKET

Page - 86 - of 113 Application Development Standards NFPA National Fire Protection Association FOOD, CONSUMER SERVICES NGL No Gross Lesion ANIMAL NHIRE New Hire AES NIOSH National Institute for Occupational Safety and Health ADMIN NIPF Non Industrial, Private Forest Landowner FLORIDA FOREST SERVICE NIST National Institute of Standards and Technology FOOD, CONSUMER SERVICES NMDRDB National Milk Drug Residue Database FOOD NOAA National Oceanic and Atmospheric Association MARKET NOD Notice of Default NOI Notice of Injury ADMIN NONMON Non-monetary AES NOTC Notice AES NOTIF Notification, notify AES NOV Notice of Violation AG LAW ENF NPB National Plant Board PLANT NPC National Peanut Council MARKET NPGA National Propane Gas Association CONSUMER SERVICES NPIP National Poultry Improvement Plan ANIMAL NPPC National Pork Producers Council ANIMAL NPS National Park Service FLORIDA FOREST SERVICE NPSP Non-Point Source Pollution FLORIDA FOREST SERVICE NQ Non-quarter AES NQR Non-quarter fee AES NR Not Reported Department NREC North Florida Research and Education Center ADMIN NSF Not Sufficient Funds ADMIN NSLP National School Lunch Program (USDA) FOOD, NUTRITION & WELLNESS NTA Notice to Appear AG LAW ENF NTEP National Type Evaluation Program CONSUMER SERVICES NUM Number FOOD, SUNTRACK, REV, AES NVSL National Veterinary Services Laboratory ANIMAL OALE Office of Agricultural Law Enforcement AG LAW ENF OAPPR Ordered Appearance AES OATS Office of Agriculture Technology Services ADMIN OAWP Office of Agricultural Water Policy ADMIN OBA Open Burn Authorization Florida Forest Service OBJ Object code FIS OBLG Obligate AES OCA Other Cost Accumulator FIS, ADMIN

Page - 87 - of 113 Application Development Standards OCC Occupational AES OCCR Occurrence OCO Operating Capital Outlay AES, ANIMAL, FOOD, ADMIN OCR Optical Character Reader AES OCV Official Calfhood Vaccinate ANIMAL OCV Official Certificate of Veterinary Inspection ANIMAL OFC Office AES OFF Oriental fruit fly ADMIN OFF Organized Fishermen of Florida MARKET OFF Oriental fruit fly PLANT OFW Outstanding Florida Waters FLORIDA FOREST SERVICE OIML International Organization for Legal Metrology CONSUMER SERVICES OJ Orange Juice FOOD OLO/OLO'S Operating Level Organizations ADMIN ONRW Outstanding National Resource Waters FLORIDA FOREST SERVICE OOB Out Of Business FOOD OOE Office of Energy OFFICE OF ENERGY OP Overpayment AES OPD Overfill Prevention Device CONSUMER SERVICES OPEC Organization of Petroleum Exporting Community MARKET OPPAGA Office of Program Policy Analysis and Governmental ADMIN Accountability OPS Other Personnel Services DEPARTMENT OPS Office of Pipeline Safety, US Department of CONSUMER SERVICES Transportation OPT Option AES O/R On Request AES ORD Order ORG Organization, REV, FOOD, FAVR, DACS, FIS ORIG Original, origin SUNTRACK, FOOD, FAVR, FIS, DACS OS Operating System ADMIN OSC Operational Steering Committee ADMIN OSHA Occupational Safety Health Administration ADMIN OT Overtime ADMIN OUTSTG Outstanding AES OVER Overdue AES OWM Office of Weights and Measures CONSUMER SERVICES OWNR Owner AES P & B Bureau of Planning and Budgeting - DACS FOOD P & E Poultry and Egg FOOD

Page - 88 - of 113 Application Development Standards P&SA Packers and Stockyards Administration MARKET PA Planning Assistance ADMIN PAC Peanut Administrative Committee FRUIT & VEG PACA Perishable Agricultural Commodities Act FRUIT & VEG PACA Perishable Agricultural Commodities Act MARKET PACA Perishable Agricultural Commodities Act MARKET PAD Penalty After Date AES PAR Payroll Account Reporting ADMIN PARM Parameter AES PARTL Partial AES PAT Project Tracking System ADMIN PB2 Performance Based Budgeting FOOD PB2 Performance Based Budgeting ADMIN PBA Police Benevolent Association ADMIN PBB Performance Based Budgeting ADMIN PC Program Component ADMIN PC Personal Computer ADMIN P-Card Purchasing Card ADMIN PCFIA Particle Concentration Fluorescence Immunoassay ANIMAL Test PCR Polymerase Chain Reaction Test ANIMAL PCT Percent, percentage FOOD, FAVR PCTF Pest Control Trust Fund ADMIN PCTF Pest Control Trust Fund AES PCW Previous Compensable Week AES PD Position Description ADMIN PD Police Department AG LAW ENF PD Paid AES PDCFD Paid Certified Funds AES PDMS Personnel Data Management System ADMIIN PDN Primary Document Number ADMIN PDP Pesticide Data Program FOOD PEGG Federal Poultry and Egg Database FOOD PE&C Pest Eradication and Control PLANT PEN Penalty AES PER Period AES PERC Propane Education & Research Council (Nat’l CONSUMER SERVICES version of the FL program) PERF Performance PERS Personal, person

Page - 89 - of 113 Application Development Standards PETN Petition AES PG Pay Grade ADMIN PGM Program FIS PGMI Plumbing, Gas, Mechanical Inspectors CONSUMER SERVICES pH pH - Indicator of acidity, the reciprocal of the FOOD logarithm of [H+] concentration PHM Pink Hibiscus Mealybug System PLANT PHN Phone AES PHRNG Protest Hearing AES PHYS Physical PI Division of Plant Industry ADMIN PI Plant Inspection PLANT PI Principal/Interest AES PI3 Para influenza 3 ANIMAL PIA Property Inventory System ADMIN PICS Pest Incident Control System ADMIN PID Purchasing Identification Code ADMIN PIN Personal Identification Number AES PIP Performance Improvement Plan ADMIN PIQ Partners In Quality Level 1 fee ADMIN PIQ Partners In Quality FRUIT & VEG PIR Property Inspection Report PLANT PIRSAC Private Investigation, Recovery & Security Council LICENSING PITC Plant Industry Technical Council PLANT PITF Plant Industry Trust Fund PLANT, ADMIN PITR Plant Inspection Trust Revenue system PLANT PJ Personnel Jacket ADMIN PK System generated primary key DACS, FOOD, P.L. Public law AES PL/SQL Procedural Language extension to SQL ADMIN PM Postmark AES PMA Produce Marketing Association MARKET PMO Pasteurized Milk Ordinance FOOD PMO Pasteurized Milk Ordinance FOOD PMS Payment Management System ADMIN PMT Permit FOOD PMYACT Primary Account AES PN Position Number ADMIN PND Pending ADMIN

Page - 90 - of 113 Application Development Standards PNDG Pending AES PNIF Private Non Industrial Forest Landowner FLORIDA FOREST SERVICE PO Purchase order PO Purchase Order ADMIN POA Power of Attorney AES POC Proof of Claim AES POR Plan of Re-organization AES POT Potential AES POS Position FOOD, FAVR, DACS, AES PP Pay Period ADMIN PPB Processed Products Branch FRUIT & VEG PPB Processed Products Branch MARKET ppb or PPB Parts Per Billion FOOD PPD Bovine Purified Protein Derivative Tuberculin Test ANIMAL PPE Plant Property and Equipment ADMIN PPI Prior period indicator FIS PPIS Processing Plant Inspection Section ADMIN ppm or PPM Parts Per Million FOOD PPQ Plant and Pest Quarantine FOOD PPQ Plant Protection Quarantine FRUIT & VEG PPQ Plant Protection and Quarantine PLANT PPST Plant Pathology Specimen Tracking PLANT ppt or PPT Parts Per Trillion FOOD PR Payroll ADMIN, AES PR (APR) Performance Report (Annual Performance Report) FOOD PRED Predecessor AES PRELIM Preliminary FAVR PREP Preparation, prepared AES PREPASS Commercial Vehicle Information System AGLAW PREV Previous AES PRF Proof AES PRFREN Preference AES PRIM Primary AES PROB Problem PROC Process, procedure AES PROD Product FIS, FOOD PROG Program PROJ Project PROP Property

Page - 91 - of 113 Application Development Standards PROS Prosecutable AES PRP Preventive Release Program PLANT PRT Print AES PRTST Protest AES PRV Pseudorabies ANIMAL PSA Public Service Announcement MARKET PSI Print Shop Inventory System ADMIN PSWD Password AES P/T Part-time AES PTD Permanent Total Disability ADMIN PUBS Publications System ADMIN PURCH Purchasing AES PW Primary Worker ADMIN PW Pulpwood FLORIDA FOREST SERVICE PY Prior Year ADMIN PYCN Prior Year Cancellation ADMIN PYMT Payment AES QA Quality Assurance FOOD, CONSUMER SERVICES QADJ Quarter Adjustment AES QA/QC Quality Assurance/Quality Control AES QAS Quality Action System ADMIN QAT Quality Action Team ADMIN QAT Quality Assurance and Training FOOD QC Quality Control CONSUMER SERVICES QC Quality Control PLANT QHRPTF Quarter Horse Racing Promotion Trust Fund ADMIN QN Herd Qualified Pseudorabies-Negative Herd ANIMAL QRPT Quarter Report AES QRT Quality Response Team ADMIN QTD Quarter to date FIS QTR Quarter AES QTRLY Quarterly AES QTY Quantity QUAL Quality QUEST Questionnaire AES RAC Raw agricultural commodity FOOD RAD Rapid Application Development ADMIN RAD Reportable Animal Disease ANIMAL RAL Regulatory Action limit FOOD

Page - 92 - of 113 Application Development Standards RAPP Review and Performance Planning ADMIN RCCI Residential Child Care Institution MARKET RCFC Rural Community Fire Protection ADMIN RCL Recall AES RCMD Recommend AES RCPCOV Reciprocal Coverage AES RCPT Receipt ADMIN, AES RCVBL Receivable AES RCVY Recovery AES RCW Red Cockaded Woodpecker FLORIDA FOREST SERVICE RD Rural Development ADMIN RDBMS Relational Database Management System ADMIN REC Reclassification ADMIN RECD Received, recorded FAVR, AES RECR Record AES REDET Redetermination AES REF Reference DACS REG Registration, registered, registry SUNTRACK, FAVR, AES REIMB Reimbursable AES REIN Reinstate AES REJ Rejected, reject AES REL Related, release ADMIN, FOOD, LPGAS, AES REN Renewal FOOD REORG Reorganization AES REQ Request, require, requisition FOOD, LPGAS, AES RESLIMS Access Lab Information System – Chemical Residue AES Sample RESP Response AES RETNT Retention AES REV Revenue FIS, REV, FOOD, AES REV Revenue System ADMIN RFA Rural Forestry Assistance ADMIN RFNAL Refund Allocation AES RFND Refund AES RFP Request for Promotion ADMIN RFP Request for Proposal ADMIN RFP&C Rural Fire Prevention and Control ADMIN RFR Request for Reassignment ADMIN R/I Request investigation AES

Page - 93 - of 113 Application Development Standards RIMS Regulatory Information Management System FOOD RINDBT Rate Indebtedness AES RLTNS Relationship AES RM Division of Risk Management ADMIN RMIS Resource Management Information System Florida Forest Service RMLO Records Management Liaison Officer ADMIN RMSF Rocky Mountain Spotted Fever ANIMAL RMT Remittance, remit AES RMTHD Report Method AES RMTL Remit Allocation AES RNGE Range AES RO Rating Officer FOOD R/O Reopen AES ROC Revenue Online Collection ADMIN ROSS Resource Ordering and Status System Florida Forest Service RPA Report of Personnel Action ADMIN RPHIST Reporting Period History AES RPR Reporting period AES RPT Report FAVR, AES RPTNG Reporting AES RQ Rembursable Quarter AES RQC Revenue Quality Control AES RRR Revenue Reporting System ADMIN RSLN Resolution AES RSLV Resolve AES RSN Reason AES RSPA Research and Special Programs Administration (part CONSUMER SERVICES of US Dept. of Transportation) RSRCH Research AES RSV Reserves, reserved ADMIN RSVP Rapid Service Voice Processing AES RT Rate AES RTC Resolution Trust Corporation AES RTD Returned FOOD, FAVR, DACS, AES RTE Route FOOD, FAVR, DACS RTNG Rating AES RTN P Return Processed AES RTO Ratio AES RTS Registration Tracking System AES

Page - 94 - of 113 Application Development Standards RVCN Revocation AES RVKE Revoke AES RVRS Reverse AES RVS Revise AES RVSN Reversions ADMIN RVW Review AES RTW Returned to work AES S&PF State and Private Forestry (branch of U.S. Forest FLORIDA FOREST SERVICE Service) SA State Attorney AG LAW ENF SAAC Seafood and Aquaculture Advisory Committee MARKET SAB Schedule of Allotment Balance Report ADMIN SAE State Administrative Expense ADMIN SAF Society of American Foresters FLORIDA FOREST SERVICE SAFIS Southern Annual Forest Inventory System FLORIDA FOREST SERVICE SAFTA Southern America Free Trade Agreement MARKET SAHA Southern Animal Health Association ANIMAL SAI State Application Identifier ADMIN SAL Salary, salaries ADMIN SAMAS State Automated Management Accounting ADMIN Subsystem SAMPCOR Sample Related Correspondence AES SAP Substance Abuse Professional ADMIN SAR Sysout Archival & Retrieval System AES SASDA Southern Association of State Departments of MARKET Agriculture SART State Agriculture Response Team Department wide SATIS Satisfaction AES SATTYP Satisfaction Type AES SAVE Systematic Alien Verification for Entitlement AES SB Senate Bill ADMIN SBA U.S. Small Business Administration ADMIN SBCCI Southern Building Code Congress International FOOD SBP Schools Breakfast Program (USDA) FOOD, NUTRITION & WELLNESS SBPNA Subpoena AES SC Summer Camps MARKET SCDEX State Cooperative Data Exchange ADMIN SCH Schedule SUNTRACK, FOOD, AES SCH Florida State Clearinghouse ADMIN SCT Single Cervical Test ANIMAL

Page - 95 - of 113 Application Development Standards SEAS Shellfish Environmental Assessment Section ADMIN SEC Security AES SECT Section SUNTRACK, DACS, FIS SECUR Secured AES SEED Forest Management Seed Tracking Florida Forest Service SEL Selection, select AES SEMA Southeastern Meat Association FOOD SEMAP Southeastern Measurement Assurance Program CONSUMER SERVICES SEOC State Emergency Operation Center ANIMAL SEP Separate, separation AES SEQ Sequence SUNTRACK, LPGAS, FOOD, AES SER Salary Exception Request ADMIN SER Series AES SERO Southeast Regional Office (of USDA) MARKET SERT State Emergency Response Team MARKET SES Select Exempt Service ADMIN SESA State Employment Security Agency AES SF State fund FIS, ADMIN SFA Southeastern Fisheries Association FOOD, MARKET SFA State Fire Assistance FLORIDA FOREST SERVICE SFI Sustainable Forestry Initiative FLORIDA FOREST SERVICE SFL Shade Florida System PLANT SFM State Farmers Markets MARKET SFSP Summer Food Service Program (USDA) MARKET & FOOD, NUTRITION & WELLNESS SFY State Fiscal Year ADMIN SGGC Southern Grape Growers Co-op MARKET SGSF Southern Group of State Foresters FLORIDA FOREST SERVICE SHB Small hive beetle PLANT SHERF Sheriff AES SHRD Shared AES SHW Show AES SI Salary Increase ADMIN SI Site Index (a relative measure of the productivity of a FLORIDA FOREST SERVICE given site) SIA Supply Inventory System ADMIN SIAL Salon Internationale de Alimentation (French) MARKET SIC Standard Industry Codes AES SIMMONS Food Distribution System MARKETING SIP Strategic Information Plan ADMIN

Page - 96 - of 113 Application Development Standards SIT Sterile Insect Technique PLANT SK/FB Soup Kitchens/Food Banks MARKET SL Sick Leave ADMIN SLAMS State Lands Analysis & Management System Florida Forest Service SLP Sick Leave Pool ADMIN SMI School Meals Initiative (USDA) FOOD, NUTRITION & WELLNESS SMP Special Milk Program (USDA) FOOD, NUTRITION & WELLNESS SMS Senior Management Service ADMIN SMZ Special Management Zone FLORIDA FOREST SERVICE SN Serum Neutralization Test ANIMAL SNAFU A tactical error FOOD SNAPS State Negotiated Agreement for Price Schedule ADMIN SNPIIS Special Nutrition Program Integrated Information ADMIN System SO Sheriff’s Office AG LAW ENF SOA Statement of Account AES SOC Solicitation of Contributions DCS SOD Sudden Oak Death PLANT SOFTWR Software AES SOP Standing Operating Procedure FOOD, CONSUMER SERVICES SOQ Statements of Qualifications ADMIN SOS Secretary of State AES SOT Sellers of Travel DSC SOT Society of Toxicology FOOD SPARTECA South Pacific Australian Regional Trade and MARKET Economic Cooperation Agreement SPB Southern Pine Beetle FLORIDA FOREST SERVICE SPB Southern Plant Board PLANT SPCL Special AES SPCLIN Special Instructions AES SPON Sponsor SPS Agreement Agreement on Application of Sanitary and MARKET Phytosanitary Measures SPURS Statewide Purchasing Subsystem ADMIN SQL Structured Query Language ADMIN S REAS Satisfaction Reason AES SRALIMS Seed Registration and LIMS System AES SRCE Source AES SRCH Search AES SRT Sort AES

Page - 97 - of 113 Application Development Standards SRVC Service AES SSA Social Security Administration AES SSC Site Sensitivity Class FLORIDA FOREST SERVICE SSHC Sunshine State Horse Council ANIMAL SSN Social Security Number FAVR, FOOD, LPGAS, DACS, AES SSO State Security Officer ADMIN SSO Seamless Summer Option (USDA) FOOD, NUTRITION & WELLNESS SSOP Sanitation Standard Operating Procedures FOOD ST State AES ST Saw timber FLORIDA FOREST SERVICE STATS Statistics AES STD Standard FOOD, FIS, AES STH SAMAS Transaction History – department ADMIN accounting data STMT Statement AES STO State Technology Office ADMIN STR Section, Township and Range FLORIDA FOREST SERVICE SUBM Submission AES SUBS Subsystem AES SUBST Substitution AES SUCCN Succession AES SUCCR Successor AES SUFX Suffixe AES SUNTRACK Entomology and Pest Control System AES SUPP Supplemental ADMIN SUPPL Supplement, supplemental FIS, FOOD, AES SUPV Supervisor FOOD SUPR Suppress AES SUSP Suspend AES SUSTA Southern United States Trade Association MARKET SVNDR Software Vendor AES SVRTY Severity AES SW Switch AES SWCC Soil & Water Conservation Council AgWater SWD State wide document FIS SWDN State wide document number ADMIN SWMA Southern Weights and Measures Association CONSUMER SERVICES SWPTF Saltwater Products Promotions Trust Fund ADMIN SYS System AES

Page - 98 - of 113 Application Development Standards SZ Size AES T/B Trial Balance ADMIN T-GAP Tomato Good Agricultural Practices FRUIT & VEG TA Tobacco Associâtes MARKET TA Technical Assistance PLANT TAARS Time Allocation & Accomplishments System FLORIDA FOREST SERVICE TAC FLORIDA FOREST SERVICE Technical Advisory Council (Revised the Silviculture BMP Manual in 1993) TAR Travel Authorization Request MARKET TB Tuberculosis ANIMAL TD Tax due AES TDD Temporary Total Disability ADMIN TECH Technology TEFAP The Emergency Food Assistance Program MARKET TEMP Temporary FOOD, FAVR, SUNTRACK TERM Terminal, termination, terminate FAVR, FIS, AES TERR Territory FOOD TF Trust Fund ADMIN TFAC Tropical Fruit Advisory Council PLANT TFF Telephone Fact Finding Interview AES TGE Transmissible Gastroenteritis ANIMAL THRES Threshold AES TICK Tickler AES TIP Training Investment Program AES TL Tax liquidated AES TMD Transportation Market Development ADMIN TMDLs Total Maximum Daily Loads FLORIDA FOREST SERVICE TMPL Template AES TMSTMP Time stamp AES TNC The Nature Conservancy FLORIDA FOREST SERVICE TOT Total FOOD, FAVR, AES TPA Time Payment Agreement AES TRA Trade Adjustment Allowances AES TRANP Transportation AES TREK Tropical Associates MARKET TREE Forestry Tree Seedlings Sales Florida Forest Service TRF Transfer Admin TRGT Target AES TRK Track AES

Page - 99 - of 113 Application Development Standards TRMS Transmission AES TRS Township, range, section PLANT TRSTE Trustee AES TRV Travel Reimbursement Voucher Admin TRVL Travel AES TRW Technology Review Workgroup Admin TSA Tropical soda apple PLANT TSI Thermal System Insulation ADMIN TSI Timber Stand Improvement FLORIDA FOREST SERVICE TUR Total Unemployment Rate AES T/W Tax/wage AES TWA Time-Weighted Average ADMIN TX Tax AES TXBL Taxable AES TXBLY Taxability AES TXT Text FOOD TYP Type AES U&CF Urban and Community Forestry FLORIDA FOREST SERVICE U&CFA Urban and Community Forestry Assistance ADMIN UAR Unidentified analytical response FOOD UC Unemployment Compensation ADMIN UES Unified Export Strategy MARKET UF University of Florida ANIMAL, PLANT UFA Urban Forestry Assistance ADMIN UFFVA United Fresh Fruit and Vegetable Association MARKET UHT Ultra High Temperature FOOD UI Unemployment Insurance AES UL Underwriters Laboratories CONSUMER SERVICES UMR or UM&R Uniform Methods and Rules ANIMAL UNALLOC Unallocated AES UNCOLL/UNC Un-collectible/un-collect AES UNDL Undeliverable AES UNDR Under AES UNEXP Unexpended ADMIN UNKN Unknown – the relationship to the object of interest Department wide – Locational Data is unknown Standards UNRSLV Unresolved AES UNRT Un-rated AES UP Ultra Pasteurized FOOD

Page - 100 - of 113 Application Development Standards UPD Update, updated DACS,FAVR,FIS,LPGAS,FOOD,REV,A ES USAHA United States Animal Health Association ANIMAL USAHA United States Animal Health Association FOOD USAID United States Amusement Identification Number CONSUMER SERVICES USDA United States Department of Agriculture ANIMAL, FOOD, FLORIDA FOREST SERVICE, MARKET, CONSUMER SERVICES, PLANT, FAVR USDA/APHIS/VS US Dept of Ag., Animal & Plant Health & Inspection ANIMAL Service, Veterinary Services USDOC U.S. Department of Commerce FOOD USDOL U.S. Department of Labor AES USFS U. S. Forest Service FLORIDA FOREST SERVICE USLGE United States Livestock Genetics Exports, Inc MARKET USPHS United States Public Health Service FOOD UST Underground Storage Tank ADMIN UTC Uniformed Traffic Citation AG LAW ENF UV Ultra Violet ANIMAL VA Veteran's Affairs ADMIN VA Avian Viral Arthritis ANIMAL VAC Viticulture Advisory Council MARKET VAL Value VALD Valid AES VAR Variable Adjustment Ratio AES VARADJ Variable Adjustment AES VBS Vendor Bid System ADMIN VCMS Vector Control Management System AES VCON Voluntary Contribution AES VEE Venezuela Equine Encephalitis ANIMAL VEND Vendor FOOD, FIS, AES VER Verification, verify DACS, AES VFA Volunteer Fire Assistance FLORIDA FOREST SERVICE VMO Veterinary Medical Officer ANIMAL VNR Video News Release MARKET VOHR Voucher AES VOL Volunteer Tracking System Florida Forest Service VOLY Voluntary AES VP Valuing People ADMIN VP Veteran's Preference ADMIN

Page - 101 - of 113 Application Development Standards VP or Vp Vibrio parahaemolyticus FOOD VQ Voluntary Quit AES VS Vesicular Stomatitis ANIMAL VS Veterinary Services ANIMAL, ADMIN VV or Vv Vibrio vulnificus FOOD W&M Florida Bureau of Weights and Measures CONSUMER SERVICES WAM Wholesale Alternative Market ADMIN WAMTRACK Weights & Measures Tracking System Consumer Services WARR Warrant AES WBFT Web-Based Fast Track Licensing WC Workers Compensation ADMIN, AES WC Warrant Cancellation ADMIN WCOMP Workers Compensation DACS WCTF Working Capital Trust Fund ADMIN WDTS Web Domain Tracking System OATS WEE Western Equine Encephalitis ANIMAL WFC Withlacoochee Forestry Center FLORIDA FOREST SERVICE WHO World Health Organization FOOD WIC Women, Infant and Children's Farmers Market MARKET Nutrition Program WIC FMNP Women, Infant and Children's Farmers Market ADMIN Nutrition Program WILN Wages in Lieu of Notice AES WINCC Fuel Tracking – WINCC system FLORIDA FOREST SERVICE WITM Wage item AES WK Week AES WKS Weeks AES WMA Wildlife Management Area FLORIDA FOREST SERVICE WMD Water Management District FLORIDA FOREST SERVICE WPRS Worker Profiling and Reemployment Services AES WPS Worker Protection Standard AES WPV Workplace Violence ADMIN WRK Work AES WRT Warrant ADMIN WSRC Wage Source AES WT Warrant ADMIN WTC Withlacoochee Training Center FLORIDA FOREST SERVICE WTO World Trade Organization FOOD, MARKET WUSATA Western US Agricultural Trade Association MARKET WVM Water Vending Machines FOOD

Page - 102 - of 113 Application Development Standards WW Waiting week AES WWW World Wide Web ADMIN XFER Transfer AES YLD Yield AES YR Year FOOD, FIS, AES YTD Year to date FIS, LPGAS, DACS ZIP Zip Code AES

Page - 103 - of 113 Application Development Standards

APPENDIX 5: EXAMPLE RELATIONSHIP NAME PAIRS

Crows Foot Side (Many) Single Side (One)

Condition for Subject to Modification of Modified by Usage of Used for Attached to Inclusive of Based on The basis for Based on The originator of Billed to Billed for Characterized by The characteristics for Classified by The classification for Copied from The original for Defined as Used to define Defined by Used to define Described by The definition for Described by The description of Described by Used to describe Employed by Employer of For Subject to Fulfilled by Used to fulfill Further defined by A further definition of Further described by Used to describe Further described by A further description of Included in Comprised of Involved in Part of Located at The location of Made from Composed of Made by The creator of Manufactured by The producer of Caused by The cause of Part of Detailed by Part of Composed of Paid by The payer of Performed on The receiver of Rated by The rating for Received by The receiver of Requested by Issued for Requested by The requestor of Required by Issued to Results from Result in Returned from Returned to Shipped from Shipped to Shipped to The destination of Stored in The storage of Submitted by The submitter of The purpose for Used for the purpose of Used by In need of

Page - 104 - of 113 Application Development Standards

APPENDIX 6: ORACLE APPLICATION SERVER STANDARDS

Last update 1/24/2011 Generating Forms, Reports and Menus

Each division will have one or two Oracle AS Administrators who will have a UNIX account on the Oracle AS development/test server (AGBETA). The Oracle AS Administrator will be able to ftp .fmb, .rdf, .gif files, etc. to the Oracle AS development/test server and will be able to compile forms. The Oracle AS Administrator should NOT create scripts or any other unauthorized files on the Oracle AS server. If there are additional needs, contact the OATS DBA section. **** Note: to ensure compliance with AP&P 8-18 Systems and Information Integrity, only the DBA section will make changes on the production Oracle AS servers. **** Each application area has appropriate directories for forms, reports, images, and html. The forms and reports directories are included in the FORMS_PATH and REPORTS_PATH environment variables respectively, which are used by the system when the Forms and Reports Services are started. The images directories are aliased in the httpd.conf file, and can be referenced using the alias name. The html directories are located in subdirectories $ORACLE_HOME/Apache/Apache/htdocs, and can be referenced as indicated below. PSP’s (PL/SQL Server Pages code) should be stored in application subdirectories under /oracle/app/oracle/users.

Since forms and reports are stored in separate directories for each application area, it is extremely important to use names which will be unique. Form and report names should be prefixed with a two- to four-character application identifier (eg: pitr_invoice.rdf, dacs_research.fmb, etc.).

To compile a form, the Application Web Administrator should:

1) Log on to the Oracle AS server  Puts user in the appropriate subdirectory under /oracle/forms or /oracle/reports and establishes appropriate environment variables.  If in reports, change directories to the appropriate application subdirectory under /oracle/forms.

2) Enter the following command:

 Compile

 (This executes an interactive script which allows the user to select a form, database, and schema/password, then generates the form. The output is stored in formname.fmb.log)

OR -- Enter the compile command manually:

 Frmcmp_batch module=formname.fmb userid=schema/[email protected] >> formname.fmb.log

To compile menus, etc., enter the compile command manually: 1) Log on to the Oracle AS server

Page - 105 - of 113 Application Development Standards  Puts user in the appropriate subdirectory under /oracle/forms or /oracle/reports and establishes appropriate environment variables.

 If in reports, change directories to the appropriate application subdirectory under /oracle/forms.

2) Enter the compile command manually:

 Frmcmp_batch module_type=type module=modulename userid=schema/[email protected] > modulename.log

 Note: Module type is one of these values: form, menu, library, pecs.

Note that the fully qualified database name must be used. (The compile script supplies this for you.)

Keymap File

To prevent password information being visible in the URL, a keymap entry can be set up. For example, if the program would issue the URL

http://ag450:7778/reports/rwservlet?report=myreport.rdf&userid=myuser/mypwd @doadv.doacs.state.fl.us&destype=cache&desformat=pdf

A keymap entry can be set up so the URL used will be

http://ag450:7778/reports/rwservlet?myreport.rdf&destype=cache&desformat=pdf

If needed, the Application Web Administrator should request this by an email to the Help Desk and copy the DBA section.

Application Configuration

Height, width, initial screen/form, etc. can be setup in the config file. Send request to the Help Desk and copy the DBA section.

DAD’s (Database Access Descriptors)

Database Access Descriptors (DAD’s) are used to associate applications with database schemas. When a new DAD is needed, the Application Web Administrator should request this by an email to the Help Desk and copy the DBA section. The DAD will have the same name on AGBETA (pointing to the development database) and on AG450 (pointing to the production database).

File extensions and Locations Forms

Forms have extensions .fmb (before being compiled) and .fmx (after being compiled) and are located in

/oracle/forms/application/

where application is the application-specific subdirectory (e.g. _aims, _animal, _conserv, _dacs, _pitr, etc.)

Page - 106 - of 113 Application Development Standards

Form names should be prefixed with a two- to four-character application identifier (eg: pitr_invoice.fmx, dacs_research.fmb, etc.).

Reports Reports have the extension .rdf and are located in

/oracle/reports/application/

where application is the application-specific subdirectory (e.g. _aims, _animal, _conserv, _dacs, _pitr, etc.)

Report names should be prefixed with a two- to four-character application identifier (eg: pitr_invoice.rdf, dacs_research.rdf, etc.).

PSP’s

PL/SQL Server pages have the extension .psp and are located in

/oracle/app/oracle/users/application/

where application is the application-specific subdirectory (e.g. _aims, _animal, _conserv, _dacs, _pitr, etc.)

PSP names should be prefixed with a two- to four-character application identifier (eg: pitr_send_mail.psp, etc.).

Images

Images have extensions .jpg or .gif and are located in the directory

/oracle/app/oracle/users/application/images where application is the application-specific subdirectory (aims, _animal, _conserv, _dacs, _pitr, etc.) The image directories are referenced by the alias applicationi, (aimsi, animali, conservi, dacsi, pitri, etc.) (Note the “i” following the application name and no underscore preceding the application name in the alias.)

HTML Directory Reference Items Using $ORACLE_HOME/Apache/Apache/htdocs/application application/yourname.html

where application is the application-specific subdirectory (e.g. aims, _animal, _conserv, _dacs, _plnt, etc.)

Note to users of Oracle Web Applications: Do not use special characters in your Oracle password as Application Server does not handle them properly. The following characters cause a problem: @ # $ % & + ? { } ‘ “

Page - 107 - of 113 Application Development Standards Appendix 7: Fonts and Printing in Oracle Reports

FONTS Last update 6/20/2013

*Please note that this document will be updated when new printers are installed and Oracle Reports is updated.

 It is recommended that the output type from Oracle Reports be designated as PDF. Other output types are not supported with the Font Solutions software that OATS has installed.

 Reports developed on a Microsoft Windows workstation may not display properly once run from AGBETA, AG450, SUNIAS, or SUNOAS because Microsoft and Solaris do not have the same fonts installed.

 To view the available Windows fonts on AGBETA, AG450, SUNIAS, and SUNOAS, use the links below: . http://agbeta.doacs.state.fl.us:7778/reports/rwservlet?fonts . http://ag450.doacs.state.fl.us:7778/reports/rwservlet?fonts . http://sunias.doacs.state.fl.us:7778/reports/rwservlet?fonts . https://sunoas.doacs.state.fl.us/reports/rwservlet?fonts

 The same fonts rendered on different operating systems, monitors, and printers will not be identical and may be offset by several pixels.

 There are only a limited number of True Type fonts (*.TTF) that OATS can add to AGBETA and AG450. If there is a font already installed that is similar to the one needed, consider substituting the one already on the server.

 If only one character is required from the requested font, consider converting the character into a graphic.

 If a new font is required to be installed on AGBETA and AG450, it must be copyright-free or purchased before it can be installed.

 Please allow at least two weeks to get a new font installed on AGBETA . There are several ways to install fonts and OATS staff will work with you in determining which solution is right for you.

PRINTING

 It is recommended that current printing solutions for Oracle Reports be continued if requirements are being met.

 All of the Windows virtual printers defined from the EBS Fiery print server which is being utilized on the SAVIN printer are available from AGBETA and AG450 from within Solaris. These virtual printers can be used for batch jobs that execute Oracle reports.

 Additional virtual printers can be created and maintained on the EBS Fiery by OATS staff. Please contact OATS staff to determine if a virtual printer has already been established that would meet your requirements.

Page - 108 - of 113 Application Development Standards

 Printing from the SAVIN printer is NOT available on AGBETA and AG450 under Oracle Reports. OATS is transitioning to a new printer.

 OATS is in the process of procuring a replacement printer and print server. Once the new printer is in place, direct printing from within Oracle Reports will be re-addressed if there are requests for this service

Page - 109 - of 113 Application Development Standards Appendix 8: .NET Application Standards Adopted by the Operational Steering Committee 02/04/2009

Definition of Classes This table is intended to provide an understanding of the terms used in this document.

Class Definition Preferred This is the preferred technology for developing, customizing, or acquiring new applications. Accepted This technology will be permitted if there is a compelling case why the preferred technology cannot be used and the request has been signed off by the ITLC Review Panel. Supported New applications should not be developed, customized or acquired using these technologies. However, this technology can be used for applications that have already been developed or acquired using these technologies and the scope of the project is to enhance or maintain these applications. Prohibited No development in these technologies will be permitted. Technologies not in the above sections are implicitly prohibited until such time that the department is prepared to implement and support them.

.NET Application Installation Method Critical settings for enterprise application servers have been optimized to secure web applications. To maintain the integrity of web services and applications, all modifications and server settings must be easily identified to determine purpose and impact on security.

Preferred Provide a zip file that includes installation files, and a task list with identification of folder settings, IIS settings, and any software dependencies. Accepted A division may choose to use MSI files when installation of an application (commercial off the shelf, and custom developed in-house or by vendor) is performed on an isolated server so it does not affect other division applications or compromise security for the department. Prohibited MSI files are prohibited from being installed on an enterprise application server due to the possibility of affecting other applications on the server.

Page - 110 - of 113 Application Development Standards SECURING A WEB.CONFIG FILE

Custom Error Settings Applications must provide mechanisms to handle errors to prevent unauthorized users from accessing detailed system information which can result in denial of service and/or crash the server. The section enables configuration of what to do if/when an unhandled error occurs during the execution of a request. Specifically, it enables developers to configure html error pages to be displayed in place of an error stack trace.

Preferred PRODUCTION: The custom errors section of a web application’s web.config file shall be set to OR if an error page is available for redirecting the user. Accepted TEST: The custom error settings can be enabled, but at the completion of test, prior to the move to production, the web.config file must be tested with the secure production settings. Prohibited PRODUCTION: The custom errors section of a web application’s web.config file shall NOT be set to or .

Trace Settings A trace log represents a wealth of information: the .NET versions that the server is running; a complete trace of all the page methods that the request caused, including their times of execution; the session state and application state keys; the request and response cookies; the complete set of request headers; form variable histories (can include e-mail addresses, username and passwords, etc), and QueryString variables; and finally the complete set of server variables which could contain the physical path of the web application on the server. Web.config files do not have the trace element included in a default web.config, therefore it must be explicitly set.

Preferred PRODUCTION: The web.config file must disable the trace viewer completely by setting the enabled attribute of the trace element to false. For example, Accepted TEST: If the trace viewer must be enabled to debug your application, then the following can be set to . At the completion of test, prior to the move to production, the web config file must be tested with the secure production settings. Prohibited PRODUCTION: When the trace element is enabled for remote users of web applications any user can view an incredibly detailed list of recent requests to the application simply by browsing to the page trace.axd. The following is prohibited:

Page - 111 - of 113 Application Development Standards Debug Settings When a developer runs the application in Visual Studio, it automatically modifies the web.config file to allow debugging. If debugging is enabled, a user may gain access to the actual source code of the page where the error occurred.

Preferred PRODUCTION: The debug setting must be set to false as follows: Accepted TEST: The debug settings can be enabled, but at the completion of test, prior to the move to production, the web.config file should be tested with the secure production settings. Prohibited PRODUCTION: The default debug setting is prohibited. The debug setting must be set to false. The following is prohibited: .

Encryption Part of securing an application involves ensuring that highly sensitive information is not stored in a readable or easily decodable format. Examples of sensitive information include user names and passwords found in connection strings. Storing sensitive information in a non-readable format improves the security of your application by making it difficult for an attacker to gain access to the sensitive information, even if the attacker gains access to your configuration file.

The OATS Web Office uses Protected Configuration to apply encryption using the RSAProtectedConfigurationProvider class and encrypt sections in the web.config where connections strings are found such as in the or sections. Encryption is applied at the server level by the OATS Web Office. Little to no changes are required for a .NET application to work using the Protected Configuration encryption.

Preferred PRODUCTION: The connectionStrings section has encryption applied. If connection strings are found within the appSettings that section must be encrypted as well.

Prohibited TEST AND PRODUCTION: Clear text passwords are prohibited.

Page - 112 - of 113 Application Development Standards SEPARATING APPSETTINGS AND CONNECTIONSTRINGS FROM THE WEB.CONFIG FILE

It is recommended that the appSettings and connectionStrings sections within a web.config are separated into their own config files to increase manageability and decrease the likely hood of overwriting secure settings placed within the web.config file.

Follow the steps below to accomplish this recommendation:

1. Create a “configs” folder in the application’s root directory. 2. Open the applications web.config file and copy the entire section including the tags. If converting the connectionStrings section, you’ll want to copy the entire section including the closing and opening tag. 3. Create a new text document and paste the section in the file. Save as “appSettings.config” or “connectionStrings.config”. Be sure to use the quotes so it does not append the .txt extension. 4. Go back to the web.config and change the and tags as follows:

This will replace the coordinating closing tag so make sure they don’t stay behind.

Page - 113 - of 113