This proposal is a controlled document. All revisions are tracked below. Distribution is restricted to nominated representatives of the Digital Transformation Management Company (DTM) and the Supreme Judiciary Council (SJC).
| Version | Date | Prepared By | Reviewed By | Approved By | Notes |
|---|---|---|---|---|---|
| 0.1 | [DD Mon YYYY] | {{brand.name}} Proposal Team | {{brand.name}} Solution Architect | — | Internal draft for technical review |
| 0.9 | [DD Mon YYYY] | {{brand.name}} Proposal Team | {{brand.name}} Engagement Lead | — | Pre-submission review draft |
| 1.0 | [DD Mon YYYY] | {{brand.name}} Proposal Team | {{brand.name}} Engagement Lead | Managing Partner | Initial submission against tender {{proposal.tenderRef}} |
| Name | Role | Organisation | Copy |
|---|---|---|---|
| [Recipient Name] | Tender Committee Chair | DTM / SJC | Master |
| [Recipient Name] | Programme Director | DTM | Working |
| {{brand.name}} Engagement Lead | Account Owner | {{brand.name}} | Internal |
This document contains information that is proprietary and confidential to {{brand.name}}. It is provided to DTM and SJC solely for the purpose of evaluating {{brand.name}}’s response to tender reference {{proposal.tenderRef}}. Disclosure, reproduction, or distribution outside the evaluation team — whether in whole or in part — requires prior written consent from {{brand.name}}.
| Proposal validity | {{proposal.validityDays}} calendar days from submission date |
| Commercial validity | As stipulated in Tender {{proposal.tenderRef}} |
| Reference | DTM-T-011-25 · Unified Digital Platform |
| Submission language | English |
The proposal is organised into 19 sections, mirroring the evaluation themes set out in the tender and arranged to take the reader from business context through to commercials, terms, and acceptance.
Sections 01–04 establish context; 05–13 cover the proposed work; 14 is commercial; 15–22 cover terms, governance, and acceptance.
Every section cross-references the originating clause in C4 Scope of Work and the relevant Annexure(s) 1–12.
A separate Commercial Pack contains Annexure 12 Pricing Schedule and the priced BOQ, submitted in compliance with C5.
The Supreme Judiciary Council is consolidating its services — notarial, case management, execution, inheritance, eligibility, inspection, finance, technical office, and legal notification — onto a single, AI-native Unified Digital Platform (UDP). {{brand.name}} proposes to design, build, integrate, deploy and operate this platform as a long-term venture partner, in alignment with Oman Vision 2040 and SJC’s 2040 Strategic Plan.
SJC operates a federation of legacy systems — Qadaya, Tawthiq, Najez, Almotaqadeen, the Unified Judicial Portal — built up over more than a decade. These systems work, but they were not designed to operate as one. Workflows cross system boundaries; data is re-keyed; integrations are bilateral rather than platform-level; AI and analytics live outside the operational fabric; and users — citizens, lawyers, judges, and SJC staff — navigate the seams between products rather than the journey of a case.
The mandate of this tender is to replace that federation with a single, secure, intelligent platform that brings every judicial service onto one architecture, that integrates natively with the Government Unified Portal (GUP), Tajawob, Theqa PKI, ROP, the national HRMS, MTCIT and the Unified Call Center, and that hosts the next decade of judicial innovation — emerging AI, smart courtrooms, the Judiciary Services Operations Center, and self-service kiosks across the Sultanate.
| Outcome | What changes | Measured by |
|---|---|---|
| Service Consolidation | 177 legacy services reengineered into 44 streamlined journeys with consistent UX across channels. | Service inventory; channel parity |
| Cycle-time Reduction | Manual and semi-automated steps replaced with workflow automation, RPA, and AI-assisted drafting on the highest-volume notary, inheritance, and execution journeys. | Median time-to-complete per service |
| Accessibility | Anytime/anywhere access across web, mobile, kiosk, WhatsApp, IVR, Sanad, and smart courtroom channels; PKI-authenticated for citizens, OAuth-federated for partners. | Active channels · PKI adoption |
| Decision Support | Judges and prosecutors receive AI-generated case summaries, precedent retrieval, and predictive workload forecasts — with full audit and human approval. | Adoption · AI assist usage |
| Operational Visibility | A 24×7 Judiciary Services Operations Center monitoring KPIs and SLAs across every service and channel in real time. | SLA compliance · incident MTTR |
| Future Readiness | API-first, modular architecture with a single source of truth — ready for AR/VR courtrooms, blockchain notarisation, and continuous AI evolution. | API coverage · module independence |
| Workstream | Indicative Share |
|---|---|
| Discovery, design & UX | [%] |
| Platform build & configuration | [%] |
| Integrations & data migration | [%] |
| AI & emerging technology | [%] |
| Smart courts, kiosks & JSOC | [%] |
| Cloud hosting & managed services | [%] |
| Training, knowledge transfer & ICV | [%] |
| Total firm-fixed | OMR [Total] |
Refer to Section 14 and the separate Commercial Pack (C5 Schedule of Prices, Annexure 12) for full pricing detail.
Begin with an 8-week Discovery & Alignment sprint that locks the 44 reengineered services, confirms the integration matrix with each partner entity, and validates the architecture against SJC’s migration to Oracle Cloud Infrastructure.
This protects the timeline, reduces re-work risk during build, and gives DTM and SJC a fully scoped, fixed-price baseline for the remainder of the engagement.
SJC and DTM are pursuing a single, decisive transformation: collapse a federation of long-serving systems into one platform that runs every judicial service for the Sultanate. The requirements expressed across the tender — C4, C3, and Annexures 1–12 — share a common shape. We summarise our reading below.
| Domain | Today |
|---|---|
| Core applications | Tawthiq (notary), Qadaya Management System & Qadaya Judicial System (cases), Almotaqadeen (litigants portal), Najez (online requests), Unified Judicial Portal. |
| Channels | Service counters, web portals, mobile apps (in-flight), ONEIC-operated kiosks under outsourced agreement. |
| Users | Citizens, residents and visitors; attorneys and law firms; private sector and government entities; judges; SJC staff; experts. |
| Service catalogue | ~177 services delivered across legacy systems; reengineered to 44 streamlined services under the To-Be model. |
| Integrations | One-way and two-way integrations with ROP, e-payment, MOL, public prosecution, MOCIIP, CBO, MOH, MTCIT, Civil Status, Muscat Municipality, Malaa, Tajawob, GUP, Theqa PKI, and others. |
| Infrastructure | Windows-2016+ and Linux server estate; SQL Server & PostgreSQL; on-premises with active migration to Oracle Cloud Infrastructure. |
Continued on the next page — how each requirement theme is covered in this proposal.
Each tender theme is mapped here to {{brand.name}}’s reading of the requirement and to the place in this proposal where it is answered. The mapping is exhaustive against C4 §3 and Annexures 1–10.
| Theme | Client Need | {{brand.name}} Understanding | Coverage in this proposal |
|---|---|---|---|
| Service digitisation | Move all SJC services into a single fully-digital environment and decommission legacy interfaces. | End-to-end digital rebuild of the 44 reengineered services, not a wrapper over legacy. | §5, §10 |
| Process automation | Streamline workflows, reduce manual handoffs, raise straight-through processing. | Configurable BPM/workflow engine with rule configurator and RPA where appropriate (e.g. minor guardianship triggers). | §4, §5 |
| Integration | Seamless interoperability with internal SJC systems and external government/private entities via MTCIT’s central integration platform. | API-first integration hub aligned to MTCIT standards; full register of 25+ integrations with direction, method, and SLA. | §9, Annex IM |
| Unified experience | One modern, intuitive, accessible portal for citizens, lawyers, businesses, and government — Arabic-first, bilingual. | Single design system spanning web, mobile, kiosk, WhatsApp; WCAG 2.1 AA accessibility baseline. | §4, §5 |
| AI & emerging tech | Embed Generative AI, OCR, video analytics, transcription, AR/VR readiness, and the Judiciary LLM “Moeen”. | Minimum of 10 governed AI use-cases per technology, mapped to core journeys (litigation, execution, inheritance), with audit and HITL approval. | §4, §5 |
| Smart courtrooms | Equipped smart court rooms with judicial video, recording, transcription, and analytics (Annexure 8). | Solution scope, BOQ-aligned roll-out plan, and integration with case management. | §5, §8 |
| Kiosks | 50 nationwide self-service kiosks integrated with CMS (Annexure 9). | Hardware spec, deployment plan, accessibility & assisted-service mode, and unified content distribution. | §5, §8 |
| JSOC | 24×7 Judiciary Services Operations Center monitoring services, channels, KPIs, and SLAs (Annexure 10). | Tooling, runbooks, escalation matrix, and dashboards covering every UDP service. | §5, §18 |
| Data migration | Migrate historic and live data from legacy systems with full integrity and continuity. | Cataloguing → classification → extraction → mapping → loading → reconciliation → testing, with formal sign-off gates. | §5, §10 |
| Cybersecurity & compliance | Alignment with national framework, MTCIT digital standards, and international best practice. | Layered security model, governance, audit trail, identity, encryption in-transit/at-rest, DR, and incident response. | §9, §18 |
| ICV | In-Country Value requirements: local employment, SME participation, knowledge transfer. | Local delivery base, SME work-allocation plan, structured knowledge transfer programme. | §5, §20 |
The tender, the To-Be Business Report (Annexure 4), and our analysis of the current environment surface several real challenges. We name them here so the solution we propose in §4 is read against the right problem.
If the next 24 months go well, by the close of the engagement SJC will be able to point to:
Decommissioning sequence per legacy system · ownership of master data domains · the final list of AI use-cases prioritised for first release · the Judiciary LLM (“Moeen”) integration boundary · the geographic roll-out plan for kiosks and smart courtrooms.
{{brand.name}} proposes a unified, AI-native digital platform composed of nine concentric layers: presentation, application core, support, solution enablers, data & analytics, integration, security, infrastructure, and emerging technology. Every layer is designed to be modular, API-addressable, and independently evolvable.
One platform. One experience. One source of truth. The UDP is the single operating system for the judiciary — the place where every service is rendered, every case lives, every decision is taken, every notification is sent, every payment is collected, and every emerging capability is surfaced. It is built once and evolved continuously.
| Capability cluster | What it does |
|---|---|
| Core Judicial Modules | Case Management, Notary, Execution, Inheritance, Eligibility, Inspection, Technical Office, Finance, Legal Notification. |
| Channels | Unified Service Portal (external & internal), mobile apps (iOS/Android), kiosks, WhatsApp, IVR/Unified Call Center, social media, Sanad centres, smart courtrooms, chatbot. |
| Solution Enablers | SSO, RBAC, audit, BPM & rule configurator, digital signature/PKI, search, notifications, KPI/SLA tracking, DevOps, UX/UI design system, ePayment, admin console. |
| Support Systems | Document Management, Content Management, Judicial Video Management, Smart Courts Management, IT Service Management, JSOC, Capability Building, Knowledge Base. |
| Data & Analytics | Data lake, warehouse, marts, ETL, reporting engine, BI/visualisation, open data, integrated data repository. |
| Integration Spine | REST/SOAP API hub aligned to MTCIT CGIP; partner-specific adaptors; webservice wrappers; database adaptors; file/event streams. |
| Security | IAM, PAM, threat prevention, data encryption, DB activity monitoring, vulnerability scanning, API security, code review, backup & restore, DR. |
| Emerging Tech | Generative AI, AI-Driven OCR, Data/Video AI analytics, AI Transcription & Translation, Facial/Body/Emotion Recognition, AR/VR, RPA, Blockchain, the “Moeen” Judiciary LLM. |
| Stakeholder | Today | With UDP |
|---|---|---|
| Citizens, residents, visitors | Navigate multiple portals; visit a counter for many services; status updates are partial. | One portal/app/kiosk; PKI-authenticated; case & service status in real time; bilingual; payments embedded. |
| Attorneys & law firms | Manage matters across Najez, Almotaqadeen, and offline coordination. | Single workspace; e-filing; case tracking; calendar integration; document collaboration; secure exchange with courts. |
| Judges | Work across Qadaya and supporting tools; reference legal sources manually. | Unified judge workspace; AI-generated summaries & precedent retrieval; smart courtroom integration; e-signature. |
| SJC staff | Re-key across legacy systems; manual notifications. | Single workflow desk; automated routing; bulk operations; integrated notifications; full audit trail. |
| Government & private entities | Bilateral, sometimes manual integrations. | Standard API contracts via GUP/CGIP; versioned, monitored, SLA-backed. |
| SJC leadership | Reports compiled periodically from disparate sources. | Real-time BI dashboards, workload forecasts, and JSOC visibility. |
In line with C4 §3.2, {{brand.name}} will propose a minimum of ten use-cases per emerging technology in Discovery. The seed direction below is drawn from Annexure 4 (Future Services) and the To-Be Business Report.
| Technology | Indicative seed use-cases |
|---|---|
| Generative AI | Draft judgments & case summaries · legal recommendation engine · precedent retrieval · citizen self-service drafting assistant · multilingual response generation. |
| AI-Driven OCR | Digitise legacy paper archives · auto-extract parties, dates, claims & amounts · index notarised documents · feed structured fields into case management. |
| Data & Video Analytics | Forecast court workload · detect recurring contract clauses leading to disputes · identify high-risk labour cases · post-hearing event reconstruction. |
| Transcription & Translation | Real-time courtroom transcription · Arabic↔English live translation · searchable hearing minutes. |
| Facial / Body / Emotion | Participant identification at hearings · attendance verification at smart courtrooms · access-control overlays for sensitive zones (with governance). |
| Judiciary LLM (Moeen) | Q&A over Omani legislation · semantic search across rulings · agentic assistance for clerks. |
| RPA | Automatic guardianship onboarding · bulk notification of execution updates · cross-entity record sync. |
| AR / VR | Remote hearing readiness · scene walk-throughs for evidence review · immersive training for new staff. |
| Blockchain | Notarised document provenance · tamper-evident judgment registry · inter-entity attestation trails. |
The platform is API-first, modular, and event-driven. New services, new channels, new AI capabilities, and new integration partners can be added without re-architecting the core. The roadmap continues past go-live through warranty, managed services and the venture-partner model described in §20.
A single-glance read of what the Unified Digital Platform delivers. Four capability clusters — full-stack ownership, native integration, full lifecycle automation, and every experience surface — each underpinned by the cross-cutting properties shown beneath.
Detailed module-level scope follows in Section 5.
The functional scope below covers all modules listed in C4 §3.3.2 (Application Layer) and is fully cross-referenced to Annexure 1 (Solution Requirements), Annexure 3 (Service Catalogue), and the priced BOQ (Annexure 12).
| Module | What is delivered | Included | Reference |
|---|---|---|---|
| Case Management | Full case lifecycle from registration through verdict: filing, scheduling, document handling, status tracking, reporting, hearing management, judgment drafting. | Yes | C4 §3.3.2.1 · Anx 1, 3, 4 |
| Notary (Tawthiq) | Authentication, certification, registration of documents and legal contracts for individuals and businesses; replaces the Tawthiq App. | Yes | C4 §3.3.2.2 · Anx 1, 3 |
| Execution Management | Enforcement of judgments, asset seizure, auction processes, settlement tracking, e-payment integration. | Yes | C4 §3.3.2.3 · Anx 1, 3 |
| Inheritance | Inheritance requests, document verification, share calculation (Sharia-compliant), distribution and registration. | Yes | C4 §3.3.2.4 · Anx 4 |
| Eligibility | Guardianship requests, custody, mental capacity, suspension/lifting orders, related notifications. | Yes | Anx 4 (Eligibility) |
| Inspection | Scheduling, execution, reporting, and follow-up of judicial inspection activities. | Yes | C4 §3.3.2.5 |
| Technical Office | Advisory opinions, expert opinions, technical case reviews, judicial documentation. | Yes | C4 §3.3.2.6 |
| Finance | Fees, fines, refunds, budget allocation, reconciliation with Maliya (MOF). | Yes | C4 §3.3.2.7 |
| Legal Notification | Preparation, issuance, tracking of legal notices and summons across SMS, email, WhatsApp, in-app, and registered channels. | Yes | C4 §3.3.2.8 |
| Investment & Trade Courts | Specialised journeys for commercial, investment and trade-court matters. | Yes | C4 §3.3.2 |
Continued on the next page — channels & presentation surfaces.
A single design system, identity, and content layer renders judicial services consistently across every surface citizens and staff use — from a smart courtroom to a kiosk in a Sanad centre.
| Channel | Coverage |
|---|---|
| Unified Service Portal (external) | Citizens, residents, visitors, attorneys, businesses, government entities. PKI-authenticated; Arabic-first; bilingual. |
| Internal Portal | SJC employees, judges, experts. SSO; role-based workspaces; integrated tools. |
| Mobile applications (iOS, Android) | Native apps with offline support for selected actions; biometrics; push notifications. |
| Self-Service Kiosks (50 nationwide) | Hardware procurement, deployment, accessibility, assisted-service mode — per Annexure 9. |
| WhatsApp Business | Service status, notifications, conversational requests for high-volume journeys. |
| Unified Call Center / IVR (MTCIT) | Integration with MTCIT’s national unified call center. |
| Sanad Centres | Online–offline integration for assisted service delivery. |
| Smart Courtroom | Hearing UX, judicial video, transcription, evidence presentation — per Annexure 8. |
| Social media & public website | Announcements, updates, public information, with content workflow. |
| Chatbot | AI-driven assistant for guidance and common tasks; escalation to human channels. |
| Program | Scope summary | Reference |
|---|---|---|
| Smart Court Rooms | Design, BOQ-aligned supply, install, configure and integrate equipped smart courtrooms (judicial video, recording, transcription, evidence display, AI assist, integration with Case Management). Roll-out plan per phase. | Annexure 8 |
| Self-Service Kiosks (50 units) | Hardware procurement, configuration, deployment, accessibility features, assisted-service mode, content management, and integration with CMS. Nationwide roll-out plan. | Annexure 9 |
| Judiciary Services Operations Center (JSOC) | 24×7 monitoring of services and operations against defined KPIs and SLAs. Tooling, dashboards, runbooks, escalation matrix, on-call rota. | Annexure 10 |
| GUP Integration | End-to-end alignment to Oman’s Government Unified Portal — services published, identity federated, payments routed. | Annexure 6 |
| Tajawob Integration | Suggestions & complaints flow integration with the national Tajawob platform. | Annexure 7 |
| Future Services Implementation | Implementation of the future-state services across Litigation, Execution, Eligibility, Inheritance, Documentation, and Shared Judicial Services per Annexure 4. | Annexure 4 |
{{brand.name}} will execute a controlled migration from the legacy estate (Qadaya, Tawthiq, Najez, Almotaqadeen, Unified Judicial Portal) to the UDP, covering structured (relational), binary and file-stream data classes.
| Stage | Activities | Acceptance gate |
|---|---|---|
| Cataloguing & classification | Inventory all source datasets, schemas, ownership, sensitivity. | Catalogue sign-off |
| Extraction & analysis | Profile source data, identify quality issues, define mappings. | Mapping document |
| Cleansing & augmentation | Deduplicate, standardise, enrich, validate. | Cleansing report |
| Mapping & transformation | ETL into the integrated data repository & target schemas. | Sample-set sign-off |
| Loading | Mock, delta, and final cut-over loads. | Load reconciliation |
| Reconciliation & acceptance | Row-level, business-key and aggregate reconciliation; UAT validation. | Final migration sign-off |
This section sets out what {{brand.name}} will deliver beneath the application layer — the technical, deployment, training, and support scope that surrounds the platform.
| Area | Scope |
|---|---|
| Frontend | Web (responsive, RTL-first), iOS and Android native apps, kiosk UI, smart-courtroom UI; shared design system; WCAG 2.1 AA accessibility. |
| Backend | Microservices on a managed container platform; domain-driven boundaries per module; event-driven workflows; queue-based async processing. |
| Database | Relational (PostgreSQL / SQL Server) for transactional data, object storage for binary, search index for full-text, data lake for analytics. |
| API layer | API gateway with versioning, rate limits, auth, schemas; OpenAPI catalogue. |
| Integration | REST + SOAP adaptors; MTCIT Central Government Integration Platform; SJC Integration Hub; webservice wrappers; database adaptors; file/event streams. |
| Identity | PKI (Theqa) for citizens; OAuth 2.0 / OIDC for partners; AD/LDAP for SJC staff; MFA for privileged actions. |
| Logging & monitoring | Centralised application + infra logs; metrics; traces; alerting; SIEM integration. |
| Backup & DR | Daily incremental + weekly full backups; cross-region DR on Oracle Cloud Infrastructure; documented RTO/RPO; quarterly DR drills. |
| Environments | DEV · QA · UAT · STAGING · PROD with parity; isolated tenant data; promotion via CI/CD. |
| Performance | Indicative targets: portal < 2s, kiosk < 3s, API p95 < 800ms; concurrency & throughput targets confirmed in Discovery. |
| Audience | Format | Outcome |
|---|---|---|
| SJC staff / clerks | Role-based instructor-led + self-paced modules in the Capability Building module | Day-1 productivity per role |
| Judges | Workshop-style judge enablement; smart-courtroom sessions | Confidence on judge workspace & AI assist |
| Administrators | Admin certification programme | Independent admin operations after handover |
| Technical teams | Architecture deep-dive, code walkthroughs, runbooks | Operational ownership transfer |
| Support staff | JSOC and Knowledge Base onboarding | Triage and L1/L2 support capability |
| Trainer of trainers | Cascaded enablement programme | Sustained internal training capacity |
A 12-month warranty period from go-live covering defect resolution, with optional managed services thereafter for support, monitoring, change requests, and continuous improvement. Detailed SLA targets are set out in §18.
In line with C4 §3.5.25, {{brand.name}}’s delivery model is structured to maximise In-Country Value. The model below is indicative and will be finalised against the ICV scorecard in Discovery.
| Framework / Policy | Compliance |
|---|---|
| MTCIT Digital Transformation Standards & Policies | Committed Architectures, APIs and operations aligned. |
| Oman National Cybersecurity Framework | Committed Controls, audits, and reporting. |
| Oman Vision 2040 / Tahawul Program (MTCIT) | Committed Strategic alignment. |
| SJC 2040 Strategy & Operational Plans | Committed Direct mapping to strategic outcomes. |
| Theqa PKI / Oman National PKI | Committed Integrated for citizen identity and signature. |
| Data privacy & sovereignty | Committed Data residency on OCI Oman regions. |
| Source-code ownership (C4 §3.5.19) | Committed Source code escrow and handover per C3. |
| Exit strategy (C4 §3.5.22 / C3 §12) | Committed Documented exit plan and cooperation. |
Quality is built into every phase: requirements traceability matrix; design review gates; test pyramid (unit → integration → contract → end-to-end); security testing (SAST, DAST, penetration); accessibility audits; performance & load testing; UAT cycles with formal exit criteria.
Per C4 §3.5.19 and C3 §39, all source code developed under this contract is the property of SJC. Third-party licences and any commercial off-the-shelf components are listed separately in Appendix 5 (Proposed Software List).
The following items are not included in this proposal unless explicitly agreed in writing as a separate change. Listing them up-front protects DTM, SJC and {{brand.name}} from ambiguity later.
| Exclusion | Explanation |
|---|---|
| Third-party licence costs | Licences, subscriptions and renewals for third-party products (e.g. courtroom AV hardware OEMs, specific COTS modules) are pass-through unless explicitly priced in Annexure 12. |
| Network & OGN provisioning | Provisioning of network links, Oman Government Network connectivity and last-mile telco services to courts and kiosks is the responsibility of SJC / DTM. |
| Civil works & site preparation | Building, electrical, HVAC and physical works at smart-courtroom and kiosk locations beyond what is specified in Annexure 8/9 BOQs. |
| Data cleansing of legacy records | Domain-level cleansing decisions on legacy data (e.g. arbitrating duplicate citizen records) remain with SJC’s data owners; {{brand.name}} provides tooling and analysis. |
| Unspecified integrations | Integrations not listed in the Integration Matrix (Annexure 2) or scoped during Discovery are out of scope. |
| Custom features outside the To-Be catalogue | Functionality outside the 44 reengineered services and the modules listed in §5 will be handled through formal change request. |
| Government fees | Government fees, certifications, hosting registration fees, and similar statutory costs. |
| Payment gateway fees | Per-transaction fees levied by acquiring banks or payment processors. |
| App-store fees | Apple and Google Play developer account fees and any policy-related work. |
| Translation beyond Arabic/English | Other languages are excluded unless added through change request. |
| AI model training on private SJC data | Initial model deployment uses governed pre-trained models; bespoke fine-tuning on confidential SJC data sets is excluded unless explicitly scoped. |
| Hardware beyond Annexures 8 & 9 | End-user devices for SJC staff or judges (laptops, monitors) are excluded. |
| Operations beyond warranty | Post-warranty managed services, support, and enhancements are priced separately as a renewable annual service. |
| Major scope changes post sign-off | Material change to the agreed scope is handled through the Change Request Process (§19). |
This exclusion list is intended to be exhaustive of foreseeable items. Any ambiguity discovered during Discovery will be resolved against the master tender documents in the order set out in C3 §1.
The architecture mirrors C4 §3.2 — a layered, modular reference that separates concerns and lets each layer evolve independently. The diagram below summarises the layers; descriptions follow.
An at-a-glance read of how the platform is organised — users at the top, every supporting layer beneath, security cutting across the whole. Each row corresponds to a tier in the formal architecture defined in C4 §3.3.
The detailed responsibilities of each layer are described on the next page (Architecture Description).
| Principle | What it means in practice |
|---|---|
| Single platform, single UX | One design system, one identity, one workflow engine, one data model across every channel and module. |
| API-first | Every capability exposed through a versioned API before it is exposed through a UI; nothing internal-only by accident. |
| Modular by module | Core modules are independently deployable; module boundaries match domain ownership. |
| Event-driven | Long-running judicial workflows are choreographed via events; state is observable. |
| Sovereign by default | Data resides in-country on OCI Oman; cross-border data movement requires explicit policy approval. |
| Governed AI | AI never decides for a judge; AI proposes and humans approve. Every prompt and output is logged. |
| Observable | Every service emits metrics, logs and traces; JSOC sees real status, not after-the-fact reports. |
| Reversible | Every deployment is rollback-able; every migration has a back-out plan; every workflow has manual override. |
| Layer | Responsibility |
|---|---|
| Presentation & Accessibility | All user-facing surfaces. Web, mobile, kiosk, WhatsApp, IVR, Sanad, smart-courtroom UX, chatbot. Reaches users over internet, OGN, mobile network, VPN, and offline tech. |
| Application — Core | The judicial business modules listed in §5.1. Each owns its bounded context and persistence. |
| Application — Support | Document & content management, ITSM, JSOC, capability building, knowledge base, judicial video, smart-courts management. |
| Application — Solution Enablers | Cross-cutting platform services: IAM/SSO, BPM & workflow, rule configurator, search, notifications, e-payment, e-signature, KPI/SLA, DevOps tooling. |
| Emerging Technology | AI capabilities (Gen AI, OCR, video, transcription, Moeen LLM, etc.) consumed by core modules through clean interfaces. |
| Data & Analytics | Operational DB → data lake → warehouse → marts → reporting/BI/open-data. Curated, governed, with lineage. |
| Integration | The SJC Integration Hub paired with MTCIT’s Central Government Integration Platform; protocol adaptors; partner contracts. |
| Information Security | IAM, PAM, encryption in transit & at rest, API security, SIEM, DB activity monitoring, code review, backup & restore, DR — applied across every layer. |
| Cloud Hosting | OCI Oman main region + DR region + managed services. Networked into the SJC estate via Annexure 5 links. |
The stack below is the {{brand.name}} reference baseline for the SJC UDP. Each choice is justified by a national standard, an established enterprise pattern, or a defensible cost/operations advantage on Oracle Cloud Infrastructure. Final selections are confirmed during Solution Design.
| Layer | Technology baseline | Rationale & standards alignment |
|---|---|---|
| Frontend — Web & Mobile | React 18 + TypeScript + Tailwind (web); React Native with PKI modules (iOS & Android); shared design system in Storybook | Single component library across surfaces; RTL-native for Arabic; large engineer pool. |
| Backend services | Java (Spring Boot) for core judicial modules; Node.js (NestJS) for BFFs & integration adaptors | Enterprise-grade JVM for core; lighter Node stack for I/O-heavy edges. Both run as containers. |
| Container platform | OCI Container Engine for Kubernetes (OKE) | Managed Kubernetes inside OCI tenancy; HA across availability domains. |
| API gateway | OCI API Gateway + Kong (for partner-facing endpoints) | Centralised auth, rate limiting, schema validation, mTLS for partner traffic. |
| Workflow / BPM | Camunda 8 (Zeebe) | BPMN 2.0 standard; visual rule modelling; rule configurator surface. |
| Identity & SSO | Keycloak (OIDC/OAuth 2.0) federated with Theqa PKI & SJC AD | Open-standards SSO across staff, partners and citizen channels. |
| e-Signature | Theqa PKI (national) via signed JWT flows + PAdES for PDF signing | Mandatory national PKI alignment. |
| Data tier | PostgreSQL (transactional) & SQL Server (legacy coexistence); OpenSearch with Arabic analysers; OCI Object Storage with retention locks | Open-source primary; bilingual full-text search; tamper-evident storage for judgments & signed documents. |
| Analytics & BI | OCI Big Data Service + Autonomous Data Warehouse + Oracle Analytics Cloud; open OData feeds | Sovereign-cloud-native analytics; self-service BI for SJC analysts; open feed for the open-data portal. |
| Messaging / events | OCI Streaming (Kafka-compatible) | Event-driven workflows; partner async integration; durable replay. |
| AI — LLM | Moeen LLM (judiciary) · OCI Generative AI service for general drafting | National LLM where available; governed fallback for general drafting. |
| AI — OCR / Speech / Vision | OCI Document Understanding + Tesseract Arabic (OCR); OCI Speech (transcription); OCI Vision (video analytics, face detection) | Governed managed services with audit logs; bilingual extraction; structured feed into case management. |
| RPA | UiPath Automation Suite (on OCI) | Bulk operations against legacy systems where APIs are unavailable. |
| Notifications | OCI Notifications + national SMS gateway + WhatsApp Business API + SMTP relay | Multi-channel delivery with delivery receipts. |
| CI/CD & observability | GitLab Self-Managed on OCI (signed artifacts, SBOMs); OCI Monitoring + Logging + APM; Prometheus / Grafana app-level | Trunk-based development with full deploy audit; single pane of glass for JSOC. |
| Security tooling | SAST (SonarQube) · DAST (OWASP ZAP) · SCA (Snyk/Trivy) · SIEM (OCI Logging Analytics or Splunk) · WAF (OCI WAF) | Layered defence at code, runtime and edge. |
| Backup & DR | OCI Backup; cross-region replication; immutable retention | RPO/RTO targets confirmed in Discovery; quarterly DR drills. |
The indicative sizing below is dimensioned against the SJC volumes referenced in C4 §3.5.4 (expected users), the integration count in Annexure 2 (≈25 partners), Annexure 5 (≈206 access links), Annexure 9 (50 kiosks) and Annexure 8 (smart courtrooms). Sizing is validated under load testing in Phase 5 and re-baselined for production cut-over.
| Workload | vCPU / Memory | Replicas (prod) | Sizing basis |
|---|---|---|---|
| API gateway / BFF tier | 8 vCPU / 16 GiB | 3 | 2 AZ active-active + 1 standby; peak 1,500 RPS. |
| Core judicial services (per module) | 4 vCPU / 8 GiB | 2–3 | Per module independently scaled; HPA on CPU + RPS. |
| Workflow engine (Camunda) | 8 vCPU / 16 GiB | 3 | Cluster mode; peak 200 concurrent long-running flows. |
| Integration adaptors | 4 vCPU / 8 GiB | 2 per partner cluster | One cluster per partner SLA tier (Critical / High / Medium). |
| OpenSearch cluster | 8 vCPU / 32 GiB | 3 | Hot tier for last 24 months; warm tier for archives. |
| Kafka / OCI Streaming | Managed | 3-broker | Topic partitioning per module; 7-day retention. |
| PostgreSQL primary | 16 vCPU / 64 GiB | 1 + 2 replicas | HA with sync replica + async DR replica. |
| SQL Server (legacy coexistence) | 16 vCPU / 64 GiB | 1 + 1 replica | Decommissioned per legacy retirement plan. |
| Object Storage | — | — | Estimated 80 TB year-1; growth 25–40 TB/year; immutable retention for signed documents. |
| Data Warehouse | Autonomous DW Medium | 1 | Auto-scaling; analytics & reporting workloads. |
| AI inference (managed) | OCI managed | — | Pay-per-call; budgets per use-case tracked monthly. |
| Internet ingress | OCI Load Balancer with WAF + DDoS protection; public endpoints for Unified Service Portal, mobile API, partner APIs. |
| OGN ingress | FastConnect (private connectivity) into OCI tenancy; redundant pairs; encrypted at network layer. |
| Partner connectivity | mTLS over public internet for low-volume partners; FastConnect / dedicated VPN for high-volume partners (ROP, Theqa, GUP). |
| Kiosk connectivity | 50 kiosks over OGN / managed broadband; per-site VPN; failover to 4G/LTE for retail-style locations. |
| Smart courtroom | Dedicated VLAN per site; QoS for live video; recordings replicated to OCI Object Storage. |
| DR connectivity | Secondary FastConnect to DR region; cross-region traffic replication. |
| Env | Purpose | Data | Approx. sizing vs PROD |
|---|---|---|---|
| DEV | Engineer workspace | Synthetic | ~10% |
| QA | Automated tests, CI | Synthetic + masked sample | ~25% |
| UAT | Business validation | Masked production subset | ~40% |
| STAGING | Pre-prod parity for release rehearsal | Production-like (masked) | ~80% |
| PROD | Live service | Production | 100% |
| DR | Disaster recovery | Replicated from PROD | 100% capacity, scaled to 50% standby |
AI inside the judiciary cannot be a black box. Every AI capability we ship is governed by a documented operating model: a human approval layer, scoped data access, monitored quality, and a reversible kill-switch per capability.
| Control | What it means in the UDP |
|---|---|
| Human-in-the-loop | No AI output is auto-applied to a case, a judgment, or a citizen-facing record. A named human reviewer approves every consequential output. Drafts can be edited freely before approval. |
| Use-case approval | Each AI use-case enters production only after a written approval recording the data scope, model used, evaluation results, escalation rules, and the off-switch owner. |
| Per-role AI access | AI features are role-bound. A clerk sees drafting assist; a judge sees case-summary assist; a citizen-facing channel only sees guided assistance with no system-level prompts. |
| Prompt & output logging | Every prompt, model, version, and response is logged with the responsible identity, timestamped, and retained per data classification. |
| Data scope enforcement | Each AI capability is provisioned a narrow data scope. Generative drafting on a case sees that case only; cross-case retrieval sees only redacted public corpora. |
| Quality & bias monitoring | Periodic evaluation against gold-standard sets; bias and fairness review per release; quality dashboards reviewed at the JSOC. |
| Capability kill-switch | Each AI capability is feature-flagged and can be disabled instantly without affecting the core workflow. |
| Model versioning | Pinned model versions in production; new versions enter via a Discovery → A/B → cutover path with rollback. |
| Vendor & sovereignty | AI workloads run on OCI-hosted services within the Oman region. National LLM (Moeen) takes precedence for judicial drafting where available. |
| Citizen disclosure | Where an AI-generated output is shown to a citizen (e.g. chatbot answer, drafting assistant), the interface labels it as AI-assisted with an explicit human-review route. |
Per C4 §3.2, {{brand.name}} delivers at least 10 use-cases per emerging technology. The matrix below is the inclusion baseline; the prioritised first-release shortlist is finalised in Discovery.
| Capability | Included | Approval layer | Indicative scope |
|---|---|---|---|
| AI assistant (citizen-facing chatbot) | Yes | Guardrail filter + monitored handoff | Guidance on services, status queries, eligibility checks. |
| AI drafting assistant (judges/clerks) | Yes | Reviewer approval | Drafts judgments, summaries, notifications. |
| AI agents (workflow-level) | Yes | Per-action approval | Cross-system coordination for routine flows; scoped tools. |
| AI workflow automation (RPA + GenAI) | Yes | Scheduled review | Bulk operations; reconciliations. |
| AI analytics & predictive insight | Yes | Analyst review | Workload forecasts; risk pattern detection. |
| AI OCR & document extraction | Yes | Field-level validation | Bilingual OCR; structured field capture. |
| AI transcription & translation | Yes | Reviewer approval for record | Hearing transcripts; Ar↔En translation. |
| Facial / emotion recognition | Conditional | Strict governance | Limited to access control + identity confirmation; not used for decisions. |
| Custom AI model fine-tuning on SJC data | Optional | Programme committee | Opt-in workstream (O1 in Section 14.2). |
| Integration with national LLM (Moeen) | Yes | Reviewer approval | Default LLM for judicial drafting. |
| AR / VR pilots | Optional | Programme committee | Opt-in pilot (O5). |
| Blockchain attestation | Optional | Programme committee | Opt-in pilot (O6). |
Integration and security are the two architecture concerns most likely to determine programme success. We treat each as a first-class workstream, not a side-effect of delivery.
Critical High Medium — 25+ partner integrations, all routed through one governed integration hub.
| Partner / System | Direction | Method | Purpose | Tier |
|---|---|---|---|---|
| Royal Oman Police (ROP) — National Records | Two-way | REST / SOAP | Civil registry, vehicle, residency, family-tree, report verification. | Critical |
| Theqa PKI / MTCIT eSignature | Two-way | PKI | Citizen identity, digital signing of judgments and notarised documents. | Critical |
| Government Unified Portal (GUP) — MTCIT | Two-way | REST | Service publication, identity federation, citizen front door — per Annexure 6. | Critical |
| Tajawob (Vision 2040) | Two-way | REST | National suggestions & complaints — per Annexure 7. | High |
| e-Payment Gateway (banks) | Two-way | REST | Fees, fines, refunds, settlement. | Critical |
| Ministry of Labour (MOL) — Mawred Plus / Ejadah | Two-way | REST | HRMS data & performance management. | High |
| MOCIIP — Oman Business Platform | Two-way | REST | Business registration, trade-name, commercial records. | High |
| Public Prosecution | Two-way | REST / SOAP | Criminal case coordination. | Critical |
| Ministry of Finance (MOF) — Maliya | Two-way | REST | Public finance, budgeting, reconciliation. | High |
| National Records & Archives Authority (NRAA) — Wosool | Two-way | REST | Records & correspondence management. | Medium |
| Service Catalogue & Unified Call Center — MTCIT | Two-way | REST | Service registry & unified call-centre integration. | High |
Continued on the next page — remaining partner integrations.
Continuation of the integration register from the previous page, covering medium-priority and one-way data dependencies.
| Partner / System | Direction | Method | Purpose | Tier |
|---|---|---|---|---|
| Civil Status Authority | One-way | REST | Civil identity data. | High |
| Ministry of Housing & Urban Planning | One-way | REST | Property & ownership records. | Medium |
| Central Bank of Oman | One-way | REST | Financial system references. | Medium |
| General Directorate of Traffic | One-way | REST | Vehicle & traffic records. | Medium |
| Muscat Municipality | One-way | REST | Property & permits records. | Medium |
| Malaa Credit & Financial Information Center | One-way | REST | Credit information for execution & financial cases. | Medium |
| Social Protection Fund / Ministry of Social Development | One-way | REST | Social protection & family case context. | Medium |
| Ministry of Justice & Legal Affairs | Two-way | REST | Legal coordination. | High |
| Reconciliation & Settlement Committee | Two-way | REST | Pre-litigation reconciliation. | Medium |
| SMS Gateway / Telecom Operators | One-way | SMPP / REST | Notifications & OTP. | High |
| Attendance & HR (internal) | One-way | REST | SJC staff attendance. | Low |
Full integration register, payload schemas, SLAs and ownership per partner are captured in the Integration Matrix (Annexure 2) and confirmed during Discovery.
Integrations are owned by {{brand.name}}’s Integration Lead with a named contact in each partner entity. A weekly forum confirms readiness; a joint test pack is signed before any integration enters production.
Security is layered across the entire architecture, aligned to Oman’s national cybersecurity framework, MTCIT digital policies, and international best practice. The table below summarises the control set; the Discovery phase produces the full controls catalogue and threat model.
| Control Domain | Controls |
|---|---|
| Identity & Access | SSO for internal users; PKI for citizens; OAuth/OIDC for partners; MFA for privileged actions; RBAC with least privilege; periodic access recertification. |
| Privileged Access | PAM for all administrative access; session recording; just-in-time elevation; vault-managed secrets. |
| Data Protection | TLS 1.3 in transit; AES-256 at rest; field-level encryption for sensitive data; tokenisation where applicable. |
| API Security | Gateway-enforced authentication, rate limiting, schema validation; signed payloads; mTLS for partner traffic. |
| Application Security | SAST/DAST/SCA in CI; secure coding standards; manual code review; quarterly penetration tests; bug-bounty option. |
| Threat Prevention | WAF, IPS, anti-malware, DDoS mitigation, anomaly detection. |
| Monitoring & SIEM | Centralised log collection; SIEM correlation; 24×7 SOC alerting; integration with SJC and national incident response. |
| Database Activity Monitoring | DAM for sensitive databases; query anomaly detection; DBA action auditing. |
| Vulnerability Management | Continuous scanning; patch SLAs by severity; risk-based remediation cadence. |
| Backup & Restore | Immutable backups; tested restores; recovery time / recovery point objectives documented per workload. |
| Disaster Recovery | DR region on OCI; documented runbooks; quarterly DR drills with stakeholders. |
| Privacy & Compliance | Data classification; data residency in Oman; data minimisation; access logs; retention policies; right-to-be-informed flows. |
| Audit Trail | Every business action (view, edit, approve, reject, sign) attributed and timestamped; tamper-evident storage; retention per data class. |
| AI Governance | Human-in-the-loop approval on every AI suggestion; prompt & output logging; per-role AI access; bias and quality monitoring; escalation rules. |
The platform scales horizontally on OCI, with services packaged in containers and orchestrated by a managed control plane. Modular boundaries make it possible to evolve a single module without redeploying the platform. The API-first approach lets new channels and new partner integrations be added without re-engineering the core.
{{brand.name}} delivers under a hybrid model: structured outer governance (PRINCE2-style gates aligned to C4 §3.5) wrapped around iterative inner delivery (agile module teams). Each phase has an explicit input, output, and exit gate.
| # | Phase | Purpose & Key Activities | Outputs / Exit Gate |
|---|---|---|---|
| 1 | Discovery & Alignment | Confirm scope, services, integrations, and assumptions. Run workshops with SJC business owners, judges, IT, and external partner liaisons. Finalise the 44 To-Be service definitions, the AI use-case list, and the data migration approach. | Discovery report; finalised requirements traceability matrix; integration register; baseline plan and risk register. Signed gate G1. |
| 2 | Solution Design | Translate requirements into design: UX flows, system architecture, module decompositions, data model, integration contracts, security model, deployment topology. | Solution Design Document (SDD); High-level & Low-level designs; signed API contracts; security architecture document. Signed gate G2. |
| 3 | Build & Configuration | Iterative development of each module by domain team. CI/CD with automated tests and code reviews. Continuous demo cadence to SJC product owners. | Module-by-module incremental releases into QA / UAT. Signed gate G3 per release train. |
| 4 | Integration | Stand up the integration hub. Land each partner integration with its owner, test in joint integration environments, sign integration test reports. | Integration test pack; partner sign-offs; production-ready adaptors. Signed gate G4. |
| 5 | Testing & QA | System integration testing, security testing (SAST/DAST/pen), performance & load, accessibility, regression. | Test reports; defect log closed to agreed thresholds; performance & security clearance. |
| 6 | UAT | Business users validate against agreed scenarios. Daily triage; rapid turnaround on findings. SJC’s UAT champions own scenario coverage. | UAT sign-off per module and per integration. |
| 7 | Go-Live, Training & Knowledge Transfer | Production cut-over, data migration final cut, hyper-care; deliver role-based training; publish runbooks and operating model to SJC operations. | Production live; training completion records; operational handover. |
| 8 | Warranty / Operations | 12-month warranty with stabilisation, defect resolution, and continuous improvement; optional managed services beyond warranty. | Monthly service reviews; quarterly business reviews; KPI dashboards. |
Weekly working-level steering; bi-weekly programme steering; monthly executive steering with DTM and SJC sponsors. Stage-gate reviews at G1–G7 with formal sign-off.
Indicative 24-month delivery, followed by 36 months of operations & managed services. Exact dates confirmed at the close of Discovery.
| # | Milestone | Target | Dependency |
|---|---|---|---|
| M01 | Contract signature & mobilisation | M0 | Award |
| M02 | Discovery sign-off (G1) | M2 | SJC business availability |
| M03 | Solution Design sign-off (G2) | M4 | Architecture approvals |
| M04 | First module to UAT | M10 | Build train completion |
| M05 | JSOC stand-up | M12 | Tooling & staffing |
| M06 | First smart courtroom live | M14 | BOQ procurement & site readiness |
| M07 | UAT closure | M22 | Defect threshold |
| M08 | Production go-live | M24 | Sign-off across modules |
The timeline above is indicative and will be finalised after discovery and scope confirmation.
Every deliverable below has a named owner, an agreed format, and an acceptance gate. The list aligns to C4 §3.5 and the deliverables expected at each project gate.
| # | Deliverable | Description | Format | Phase |
|---|---|---|---|---|
| D01 | Project Management Plan | Programme plan, governance, communication, risk, quality, change. | PDF / MS Project | P1 |
| D02 | Discovery Report | Confirmed scope, services, integrations, assumptions, risks. | P1 | |
| D03 | Requirements Traceability Matrix | Mapping of every requirement to design, build, test, sign-off. | Excel | P1–P7 |
| D04 | Solution Design Document (SDD) | End-to-end design across UX, services, data, integration, security. | P2 | |
| D05 | UX/UI Design System & Screen Library | Design tokens, components, journeys, prototypes (Figma). | Figma / PDF | P2 |
| D06 | Architecture & Security Documents | HLD/LLD; security model; threat model; controls catalogue. | P2 | |
| D07 | Integration Specification & Contracts | API specs (OpenAPI), payloads, SLAs per integration. | YAML / PDF | P2–P4 |
| D08 | Data Migration Plan | Catalogue, mapping, ETL plan, reconciliation approach. | PDF / Excel | P2–P7 |
| D09 | Source Code & Build Artefacts | Repositories, branching model, build pipelines, SBOMs. | Git / CI artefacts | P3–P7 |
| D10 | Test Strategy, Plans & Reports | Unit/integration/E2E, security, performance, accessibility. | PDF / Excel | P3–P6 |
| D11 | Integration Test Pack & Sign-offs | Partner-by-partner test results and acceptance. | P4 | |
| D12 | UAT Support & Sign-off Pack | UAT scenarios, daily triage logs, defect reports, sign-off. | PDF / Jira | P6 |
| D13 | Smart Courtroom Roll-out Pack | BOQ-aligned installation, configuration, acceptance per site. | P3–P7 | |
| D14 | Kiosk Deployment Pack | 50-unit deployment, acceptance per site, asset register. | PDF / Excel | P4–P7 |
| D15 | JSOC Operating Model | Runbooks, escalation, on-call, dashboards. | P5 | |
| D16 | Deployment & Cutover Plan | Production deployment plan with rollback procedures. | P7 | |
| D17 | Training Materials | Role-based curricula, videos, manuals, assessments. | Mixed | P7 |
| D18 | Admin & User Guides | Living documentation in the Knowledge Base. | Online + PDF | P7 |
| D19 | Operational Handover Pack | SLAs, support model, key contacts, escalation, exit criteria. | P7 | |
| D20 | Warranty & Service Reports | Monthly & quarterly service performance reports. | P8 | |
| D21 | Exit Plan | Per C3 §12 / C4 §3.5.22 — orderly handover documentation. | P8 |
Clear ownership accelerates decisions. The RACI below covers the most consequential activities; the full RACI is delivered as part of the Project Management Plan in Phase 1.
| Activity | {{brand.name}} Eng. Lead | {{brand.name}} Sol. Arch. | {{brand.name}} Delivery | DTM Sponsor | SJC Business | SJC IT | Partner Entity |
|---|---|---|---|---|---|---|---|
| Programme governance & reporting | A | C | R | A | C | C | I |
| Requirements confirmation | C | R | R | A | R | C | C |
| Solution design | A | R | C | A | C | C | I |
| Build & configuration | A | C | R | I | I | I | — |
| Integration with partner systems | A | C | R | A | C | C | R |
| Infrastructure provisioning (OCI) | C | C | R | A | I | R | — |
| Data provisioning & ownership | I | C | C | A | R | R | C |
| Data migration execution | A | C | R | A | C | R | I |
| Testing — system, integration, security | A | C | R | I | I | C | C |
| UAT execution & sign-off | C | C | R | A | R | C | I |
| Production deployment | A | C | R | A | I | C | I |
| Training delivery | A | C | R | I | A | C | — |
| Warranty support | A | C | R | I | I | C | I |
| JSOC operations (post go-live) | A | C | R | A | I | R | I |
| Change requests | A | C | R | A | C | C | I |
R Responsible · A Accountable · C Consulted · I Informed
| Role | Headline responsibility | Allocation |
|---|---|---|
| Engagement Lead | Single point of accountability for {{brand.name}} delivery. | Full |
| Programme Manager | Plan, governance, risk, status, financials. | Full |
| Solution Architect | Architectural integrity across modules. | Full |
| Module Tech Leads (×N) | One per core module — Case, Notary, etc. | Full |
| Integration Lead | Partner integration register & delivery. | Full |
| Data & Migration Lead | Migration plan, ETL, reconciliation. | Full |
| AI Lead | Emerging-tech use-cases & governance. | Full |
| Security Lead | Security model, controls, audits. | Full |
| UX Lead | Design system & journey integrity. | Full |
| QA / Test Lead | Test strategy & release readiness. | Full |
| JSOC Lead | Operations center stand-up & runbooks. | Full |
The commercial summary below is structured to align with the priced BOQ (Annexure 12) and the C5 Schedule of Prices. The detailed priced BOQ is submitted as a separate Commercial Pack in compliance with the tender instructions.
| # | Workstream | Unit | Qty | Unit Price (OMR) | Total (OMR) |
|---|---|---|---|---|---|
| 1 | Discovery, design & UX | Lumpsum | 1 | [—] | [—] |
| 2 | Platform build — Core Modules | Lumpsum | 1 | [—] | [—] |
| 3 | Platform build — Support Systems & Enablers | Lumpsum | 1 | [—] | [—] |
| 4 | Channels — Portal, Mobile, Chatbot, WhatsApp | Lumpsum | 1 | [—] | [—] |
| 5 | Integrations (per Annexure 2 Integration Matrix) | Lumpsum | 1 | [—] | [—] |
| 6 | Data migration & reconciliation | Lumpsum | 1 | [—] | [—] |
| 7 | AI & Emerging Technology (per technology, ≥10 use-cases each) | Lumpsum | 1 | [—] | [—] |
| 8 | Smart Court Rooms (per Annexure 8 BOQ) | Per courtroom | [N] | [—] | [—] |
| 9 | Self-Service Kiosks (per Annexure 9) | Per kiosk | 50 | [—] | [—] |
| 10 | Judiciary Services Operations Center (JSOC) | Lumpsum | 1 | [—] | [—] |
| 11 | Cloud hosting (OCI — main + DR, 3 years) | Per annum | 3 | [—] | [—] |
| 12 | Managed services & operations (3 years) | Per annum | 3 | [—] | [—] |
| 13 | Training, knowledge transfer & capability building | Lumpsum | 1 | [—] | [—] |
| 14 | Project management, QA & governance | Lumpsum | 1 | [—] | [—] |
| 15 | Warranty (12 months from go-live) | Lumpsum | 1 | [—] | [—] |
| Sub-total (OMR, ex-VAT) | [—] | ||||
| VAT @ 5% | [—] | ||||
| Grand Total (OMR, incl. VAT) | [—] | ||||
| # | Optional Item | Description | Price (OMR) |
|---|---|---|---|
| O1 | Bespoke fine-tuning of Moeen LLM on SJC corpus | Adds a fine-tuning workstream with governance, evaluation, and refresh cadence. | [—] |
| O2 | Additional smart courtrooms beyond baseline | Per-courtroom unit price applies. | [—] |
| O3 | Additional kiosks beyond 50 | Per-kiosk unit price applies. | [—] |
| O4 | Extended managed services beyond Year 3 | Annual rate; subject to scope review. | [—] |
| O5 | AR / VR pilot use-cases | Two pilots with hardware and content production. | [—] |
| O6 | Blockchain attestation registry pilot | Production-ready pilot with one partner entity. | [—] |
| Milestone | Trigger | % of Total |
|---|---|---|
| M01 | Contract signature & mobilisation | 10% |
| M02 | Discovery & Solution Design sign-off (G1 + G2) | 15% |
| M03 | First module release into UAT | 15% |
| M04 | Integration completion & partner sign-offs | 15% |
| M05 | JSOC stand-up & first smart courtroom live | 10% |
| M06 | UAT closure across all modules | 15% |
| M07 | Production go-live & operational handover | 15% |
| M08 | End of warranty period | 5% |
| Total | 100% |
Payment milestones are indicative and aligned to C3 §4 and §24. Final milestone weights are agreed at contract signature.
| Currency | {{pricing.currencyFull}} ({{pricing.currency}}), unless stated otherwise. |
| VAT | VAT at the prevailing rate is shown separately and is in addition to listed prices. |
| Validity | This commercial offer is valid for {{proposal.validityDays}} calendar days from submission. |
| Payment terms | Invoiced upon achievement of each milestone; payable net 30 days after acceptance. |
| Hosting | OCI hosting fees are pass-through where SJC holds the OCI contract directly; otherwise charged at OCI list less any {{brand.name}} partner credit. |
| Change requests | Charged at agreed day rates listed in Annexure 12, or by separately quoted lumpsum. |
| Performance bond | As required by C3 §5; bond instrument to be agreed at contract signature. |
| Source-code escrow | Per C3 §40, at {{brand.name}}’s cost; agent agreed with SJC. |
| Pricing assumptions | This price is for the scope described in §5–§6 only. Material additions are handled per §19. |
| Role | Day rate (OMR, ex-VAT) |
|---|---|
| Engagement Lead | [—] |
| Solution Architect | [—] |
| Module Tech Lead | [—] |
| Senior Engineer | [—] |
| Engineer | [—] |
| UX / Designer | [—] |
| QA Engineer | [—] |
| Project Manager | [—] |
| Business Analyst | [—] |
| DevOps / SRE | [—] |
The proposal price and timeline are predicated on the assumptions and dependencies below. Material deviation from any of these will be handled through the Change Request Process (§19).
| Assumption / Dependency | Impact if not met |
|---|---|
| SJC will appoint a single empowered Business Owner and a Technical Owner from M0. | Decisions stall; design rework risk increases. |
| SJC will nominate UAT champions per module and commit availability throughout Phase 6. | UAT cycles extend; go-live moves right. |
| DTM / SJC will provide timely access to legacy systems for data extraction. | Data migration timeline slips. |
| Each external partner entity will commit a technical contact and engage in joint integration testing. | Specific integrations move into a second wave. |
| OCI infrastructure (main + DR) will be available and contracted by M2. | Environment-readiness milestone slips. |
| The 44 To-Be services are baseline scope; further reengineering is treated as change. | Scope expansion handled per §19. |
| National PKI (Theqa) sandbox access is available from M2 for development & testing. | Signature-dependent flows slip. |
| Network connectivity (OGN, internet, last-mile to courts & kiosks) provisioned by SJC / DTM. | Kiosk and courtroom go-lives delay. |
| Smart-courtroom sites and kiosk locations are civil-works-ready in line with the roll-out plan. | Per-site go-lives slip. |
| Source data quality is sufficient for migration with a defined cleansing window; data ownership disputes are resolved by SJC owners. | Extended migration cycle. |
| MTCIT Central Government Integration Platform contracts and conventions are available for use. | Bilateral integrations as fallback (cost & time impact). |
| Statutory and regulatory approvals (security, privacy, public services) are processed within stated SLAs. | Schedule risk per affected approval. |
| The Moeen LLM (or equivalent) provides documented APIs and licensable access for SJC use. | Alternate LLM substituted; capability scope adjusts. |
| SJC trainees attend training as scheduled. | Reduced day-one adoption; refresher cost. |
| Decisions raised in the steering committee are taken within a 5 working-day SLA. | Cumulative slippage on the critical path. |
Final decommissioning sequence per legacy system · master-data ownership map · prioritised AI use-case shortlist · smart-courtroom roll-out sequence · kiosk roll-out sequence · bespoke fine-tuning decision for Moeen.
Acceptance is the formal step that closes each phase. Criteria are objective, testable, and tied to deliverables. The full acceptance matrix is part of the Project Management Plan (D01).
| Area | Acceptance criteria |
|---|---|
| Discovery | Discovery report and updated requirements traceability matrix signed by SJC and DTM. Risks logged. Plan baselined. |
| Solution Design | HLD/LLD, integration contracts and security model approved. UX design system & key journey prototypes signed by SJC product owners. |
| Core modules | All in-scope features implemented, mapped 1:1 to the requirements matrix; UAT closed with all Critical and High defects resolved and Medium defects below agreed threshold. |
| Workflows | All To-Be workflows configured and validated end-to-end with SJC business owners. |
| Users & roles | RBAC implemented; pilot users provisioned across all roles; SSO and PKI integration validated. |
| Integrations | Every partner integration tested with the partner, evidence captured, and joint sign-off issued. |
| Data migration | Final reconciliation passes for row-count, business-key and aggregate checks within agreed tolerances. Exceptions cleared or documented. |
| Dashboards & reports | JSOC dashboards live; SJC reports available and validated against source data. |
| Performance | Load and stress tests meet agreed targets for concurrency and response time. |
| Security | Penetration test passes with no Critical and no High findings open. SAST/DAST findings remediated to agreed thresholds. |
| Accessibility | WCAG 2.1 AA audit passes for public-facing journeys. |
| Smart courtrooms | Each courtroom site accepted on its commissioning checklist (AV, recording, transcription, network, integration). |
| Kiosks | Each kiosk accepted on its commissioning checklist (hardware, content, accessibility, monitoring). |
| JSOC | Runbooks, dashboards and on-call rota in operation; first month of operational evidence reviewed. |
| Training | Training delivered per plan; attendance records completed; assessments closed. |
| Production go-live | Cut-over executed per plan; smoke tests pass; rollback not invoked; hyper-care started. |
| Warranty closure | SLA targets met for 12 months continuous; defect log closed; operational handover signed. |
The risks below are the ones {{brand.name}} considers most consequential for this engagement. Each has an owner, a mitigation, and a contingency. The live risk register is maintained from M0 and reviewed at every steering meeting.
Programme-level risks plotted on likelihood × impact. Mitigations and ownership detailed in the table below.
| Risk | Likelihood | Impact | Mitigation | Contingency |
|---|---|---|---|---|
| Scope creep — growth beyond the 44 To-Be services | High | High | Strong scope baseline at end of Discovery; explicit out-of-scope list (§7); formal CR process (§19). | Time-boxed CR triage; protect critical path with parallel CR delivery track. |
| Integration partner availability | Med | High | Early partner engagement; signed integration contracts; standing weekly integration forum. | Sequence non-blocking integrations first; use mock services for late-arriving partners. |
| Legacy data quality | High | Med | Discovery profiling; explicit cleansing window; SJC data-owner sign-off gates. | Phased migration; defer non-critical datasets; coexistence period. |
| Smart-courtroom site readiness | Med | Med | Pre-installation site survey; published site-readiness checklist; coordination with SJC facilities. | Re-sequence affected sites in roll-out wave. |
| Kiosk site readiness & logistics | Med | Med | Site survey; phased waves; local logistics partner; bench stock for hardware. | Substitute order of waves; pre-imaged units. |
| User adoption | Med | High | Role-based training; UX research; hyper-care; in-app guidance; capability building module. | Targeted refresher training; champion network. |
| Security approval delays | Med | High | Early engagement with national security authorities; design-by-control; periodic reviews. | Hold-points planned at known approval gates. |
| AI quality & governance | Med | Med | HITL by design; quality evaluation set; bias monitoring; rollback per capability. | Disable individual AI features without affecting core workflows. |
| Resource availability (SJC business SMEs) | Med | High | SME calendars secured at programme start; backups identified per role. | Re-baseline ceremony cadence; written sign-off path. |
| Third-party COTS / licence dependency | Low | High | Component selection during Discovery; vendor SLAs; escrow. | Alternate-component playbook; isolation per module. |
| Concurrent SJC initiatives (e.g. cloud migration) | Med | Med | Joint roadmap with SJC IT; shared change calendar. | Schedule freezes during critical cut-overs. |
A 12-month warranty period from production go-live with defined response and resolution SLAs, followed by an optional renewable managed-services contract for ongoing operations and continuous improvement.
| Severity | Definition | Examples | Response | Workaround | Resolution |
|---|---|---|---|---|---|
| S1 — Critical | Production blocking; service unavailable to a large user group. | Portal down · core integration broken · PKI failure | 15 min | 2 hrs | 4 hrs |
| S2 — High | Major function unavailable, no workaround. | Module-level outage · single high-volume service down | 30 min | 4 hrs | 1 business day |
| S3 — Medium | Partial impact; workaround exists. | Non-critical screen broken · slow performance | 4 hrs | 1 business day | 5 business days |
| S4 — Low | Minor issue or question. | Cosmetic defect · how-to question | 1 business day | — | 10 business days |
Times measured against the support clock defined in the agreement. Final SLAs are confirmed at contract signature.
| Coverage | 24×7 for S1/S2 incidents · business hours (Sun–Thu 08:00–17:00 GST) for S3/S4 unless otherwise agreed. |
| Channels | JSOC ticketing portal · email · 24×7 hotline for S1 · monthly service review. |
| Reporting | Monthly service report (SLA performance, incidents, changes, capacity) · quarterly business review. |
| Service credits | Service credits applied per C3 §27 against missed SLAs over the measurement window. |
Any functionality not explicitly included in the approved scope is handled through a formal change request — transparent, time-bounded, and aligned to C3 §26 (Variation Procedure).
| Step | Activity | SLA |
|---|---|---|
| Raise | SJC submits CR through the agreed channel with a description, business rationale, and target date. | — |
| Triage | {{brand.name}} acknowledges and confirms whether the CR is in or out of scope, and what category applies (effort tier). | 5 business days |
| Impact assessment | {{brand.name}} provides estimated effort, schedule impact, dependencies, risk, and cost. | 10 business days for material CRs; 5 BD for small |
| Approve | Joint steering decides go / no-go / defer. Decision recorded in the CR register. | — |
| Implement & test | CR delivered through the agile delivery train; tested per the standard quality gates. | As estimated |
| Deploy & close | Released in the next release window or hot-fix path if S1; signed off; invoiced. | — |
Small CRs (≤10 days) are charged at day rates (§14.5). Larger CRs are quoted as fixed-price addenda. Bundling related CRs into a release train is encouraged to optimise testing and deployment cost.
For production-critical defects (S1/S2 in §18), a hot-fix path bypasses the standard CR triage and runs through the on-call rota with after-action review at the next service meeting.
{{brand.name}} is an intelligence venture studio that designs, builds and scales AI-driven software ventures from zero to market and beyond. We are not a vendor running a delivery factory; we are a venture partner that builds AI-native products and stays through their evolution.
| {{brand.name}} strength | How it shows up on this engagement |
|---|---|
| AI-native engineering | Generative AI, OCR, video analytics, transcription and Moeen are designed into the workflows of judges, clerks, and citizens — not added as side-projects. |
| Venture-studio discipline | We treat the UDP as a venture — staged investment, evidence-based decisions, measurable outcomes per release. |
| Product thinking | We obsess over the user’s journey: citizens get clarity, lawyers get a workspace, judges get a workbench. |
| Engineering depth | Modern cloud, modular architecture, CI/CD, observability, and security baked in from day one. |
| Long-term partnership | We stay through warranty and into managed services, evolving the platform with SJC — not handing it off. |
| Governance & transparency | Weekly status, fortnightly steering, monthly executive review — with one PM owning the truth. |
| National-scale alignment | Designed to plug into Oman Vision 2040, MTCIT’s Tahawul programme, and the national digital stack. |
| ICV commitment | Local team, SME partners, structured knowledge transfer — an explicit ICV plan, not an afterthought. |
| Human-centric | Adoption is the measure of value, not features shipped. |
| Team work | SJC SMEs are partners in delivery, not stakeholders we report to. |
| Win-win | Commercial terms are balanced, transparent, and structured to align incentives across milestones. |
| Intelligence | Where AI helps, we deploy it. Where it does not, we say so. |
| Energy & humanity | Premium delivery, with warmth. Confidence without arrogance. |
| Organic growth | Phased scale, real users at every release, no big-bang risk. |
The appendices below accompany this proposal as separate documents in the submission pack, in compliance with C4 §4 (Appendices) and §5 (Annexures).
| Appendix | Content | Tender Reference |
|---|---|---|
| A1 | Bidder Profile — {{brand.name}} | C4 §4.1 (Appendix 1) |
| A2 | Key Personnel CVs | C4 §4.2 (Appendix 2) |
| A3 | Bidder Resource Details | C4 §4.3 (Appendix 3) |
| A4 | Bidder Resource Deployment Plan | C4 §4.4 (Appendix 4) |
| A5 | Proposed Software List | C4 §4.5 (Appendix 5) |
| A6 | SME Work Allocation | C4 §4.6 (Appendix 6) |
| A7 | Proposal Structure (this document) | C4 §4.7 (Appendix 7) |
| A8 | Pre-bid Clarifications & Responses | C4 §4.8 (Appendix 8) |
| X1 | Solution Requirements (compliance matrix) | Annexure 1 |
| X2 | Integration Matrix (responses) | Annexure 2 |
| X3 | Service Catalogue (responses) | Annexure 3 |
| X4 | To-Be Business Report — mapped coverage | Annexure 4 |
| X5 | Infrastructure Catalog — responses | Annexure 5 |
| X6 | GUP Integration Requirements — responses | Annexure 6 |
| X7 | Tajawob Integration Requirements — responses | Annexure 7 |
| X8 | Smart Court Rooms Scope & BOQ — responses | Annexure 8 |
| X9 | Self-Service Kiosks — responses | Annexure 9 |
| X10 | Judiciary Services Operations Center — responses | Annexure 10 |
| X11 | Unpriced BOQ — responses | Annexure 11 |
| X12 | Priced BOQ & Schedule of Prices (Commercial Pack) | Annexure 12 / C5 |
This document (Sections 01–22) is the {{brand.name}} Technical & Commercial Proposal. The Commercial Pack (priced BOQ, schedule of prices, payment plan) is delivered as a separate sealed submission per the tender instructions.
By signing below, the parties acknowledge receipt of this proposal and the intent to proceed under the commercial and technical terms set out herein, subject to the execution of the formal contract as defined in C3 (Conditions of Contract).
{{brand.name}} appreciates the opportunity to respond to tender {{proposal.tenderRef}}. We look forward to the next stage of discussions and to building the SJC Unified Digital Platform together.