# DGA Oversight Platform ## Digital Government Authority - Saudi Arabia **National Digital Transformation Oversight & Governance System** ### 🏛️ Overview The DGA Oversight Platform is a comprehensive digital governance system designed for the Digital Government Authority (DGA) of Saudi Arabia to monitor, track, and manage digital transformation initiatives across 158 government entities. ### 📊 Two Main Modules #### 1️⃣ **DGA Module - Performance Monitoring & Oversight** - **158 Government Entities** monitored across 5 regions (Target: 100% coverage) - **300+ Digital Programs** tracking (Digital Transformation, Infrastructure, AI, Cybersecurity, etc.) - **691 Users** with 7 role-based access levels - **SAR 2.48+ Billion** budget oversight and allocation - **Real-time KPI Tracking** and performance analytics - **Multi-region Architecture** (Central, Western, Eastern, Northern, Southern) - **Interactive DataTables** with sorting, filtering, pagination, and export #### 2️⃣ **GRC Module - Governance, Risk & Compliance** (Production-Ready) - **Risk Management** - Identify, assess, and mitigate organizational risks - **Compliance Tracking** - Monitor compliance with standards (NCA ECC, PDPL, ISO 27001) - **GRC Dashboard** - Executive overview of GRC metrics - **Insights & Analytics** - AI-powered recommendations and trends - **Complete CRUD Operations** - Full risk and compliance record management ### 🚀 Technology Stack **Backend:** - Node.js 18+ with Express.js - PostgreSQL (Prisma Cloud hosted) - JWT Authentication with bcrypt - Knex.js ORM - RESTful API architecture **Frontend:** - React 18 with Vite - React Router for navigation - Axios for API calls - Tailwind CSS for styling - Recharts for data visualization **Security:** - PDPL (Personal Data Protection Law) compliant - NCA ECC (Essential Cybersecurity Controls) aligned - Role-Based Access Control (RBAC) - Audit trail logging - SSL/TLS encryption ### 📁 Project Structure ``` DGA/ ├── backend/ # Node.js/Express API │ ├── src/ │ │ ├── config/ # Database & app configuration │ │ ├── controllers/ # Business logic │ │ ├── middleware/ # Auth, validation, error handling │ │ ├── routes/ # API endpoints │ │ └── utils/ # Helper functions │ └── database/ │ ├── migrations/ # Database schema │ └── seeds/ # Initial data ├── frontend/ # React/Vite UI │ ├── src/ │ │ ├── api/ # API client │ │ ├── components/ # Reusable components │ │ ├── context/ # State management │ │ └── pages/ # Application pages │ └── public/ └── docs/ # Documentation ``` ### 🗃️ Database Schema **10 Core Tables:** 1. `users` - User authentication and management (691 users) 2. `dga_entities` - Government ministries & agencies (Target: 158 entities, 100% coverage) 3. `dga_programs` - Digital transformation programs (300+ programs) 4. `dga_projects` - Implementation projects 5. `dga_budget` - Financial tracking (Complete budget coverage) 6. `dga_kpi_reports` - Performance metrics (Comprehensive KPI tracking) 7. `dga_milestones` - Project milestones 8. `dga_audit_trail` - Security audit logs 9. `dga_tickets` - Support tickets 10. `dga_notifications` - System alerts **5 Extended Tables:** 1. `kpis` - Entity-level KPI tracking 2. `compliance_records` - Compliance monitoring (PDPL, NCA ECC, ISO 27001) 3. `risks` - Risk management 4. `stakeholder_consensus` - Stakeholder agreements 5. `digital_maturity_scores` - Digital maturity metrics ### 🔐 Login Credentials Please contact your system administrator for login credentials. ### 🛠️ Installation & Setup #### Prerequisites - Node.js 18+ - npm 9+ - PostgreSQL database (or use Prisma Cloud) #### Backend Setup ```bash cd backend npm install cp .env.example .env # Configure DATABASE_URL in .env npm run migrate npm run seed npm run dev ``` #### Frontend Setup ```bash cd frontend npm install npm run dev ``` ### 🌐 API Endpoints **Authentication:** - `POST /api/auth/login` - User login - `POST /api/auth/register` - New user - `GET /api/auth/me` - Current user profile **Entities:** - `GET /api/dga/entities` - List all entities - `GET /api/dga/entities/:id` - Entity details - `POST /api/dga/entities` - Create entity - `PUT /api/dga/entities/:id` - Update entity **Programs:** - `GET /api/dga/programs` - List all programs - `GET /api/dga/programs/:id` - Program details - `POST /api/dga/programs` - Create program **Budget:** - `GET /api/dga/budget/overview` - National overview - `GET /api/dga/budget/entity/:id` - Entity budget **Reporting:** - `GET /api/dga/reporting/overview` - Dashboard data - `GET /api/dga/reporting/region/:region` - Regional report - `GET /api/dga/reporting/kpis` - KPI reports **🚀 Advanced Analytics:** - `GET /api/advanced/analytics/budget-trends` - Budget utilization trends & predictions - `GET /api/advanced/analytics/predict-budget/:id` - AI-powered budget forecasting - `GET /api/advanced/analytics/digital-maturity/:id` - Digital maturity scoring - `GET /api/advanced/analytics/risk-analysis` - Comprehensive risk assessment - `GET /api/advanced/analytics/benchmarks` - Regional performance benchmarks **🛡️ Compliance Monitoring:** - `GET /api/advanced/compliance/report` - PDPL, NCA ECC, ISO 27001 compliance - `GET /api/advanced/compliance/history/:id` - Compliance trends over time - `GET /api/advanced/compliance/audit` - Detailed audit trail reports **⚙️ Workflow Automation:** - `POST /api/advanced/workflow/initiate` - Multi-level approval workflows - `POST /api/advanced/workflow/approve/:id` - Process approvals - `GET /api/advanced/workflow/budget-alerts` - Real-time budget monitoring - `POST /api/advanced/workflow/schedule-report` - Automated report scheduling - `POST /api/advanced/workflow/batch-operation` - Bulk operations **See `ADVANCED_FEATURES.md` for complete documentation** ### 📈 Regional Distribution - **Central Region (Riyadh):** 42 entities - **Western Region (Jeddah, Makkah):** 38 entities - **Eastern Region (Dammam):** 28 entities - **Northern Region (Tabuk):** 24 entities - **Southern Region (Abha):** 26 entities ### 👥 User Roles 1. **DGA Admin** - Full system access (51 users) 2. **Regional Manager** - Regional oversight (75 users) 3. **Program Director** - Program management (150 users) 4. **Financial Controller** - Budget oversight (100 users) 5. **Compliance Auditor** - Compliance monitoring (75 users) 6. **Analytics Lead** - Data analysis (75 users) 7. **Ministry User** - Entity-level access (165 users) ### 🚀 Deployment #### Vercel (Recommended) ```bash # Install Vercel CLI npm install -g vercel # Deploy backend cd backend vercel --prod # Deploy frontend cd frontend vercel --prod ``` See `VERCEL_DEPLOYMENT.md` for detailed instructions. #### Azure (Phase 8) Azure deployment guide coming in Phase 8 implementation. ### 📚 Documentation - **DATABASE_ARCHITECTURE.md** - Complete database documentation - **VERCEL_DEPLOYMENT.md** - Vercel deployment guide - **DEPLOYMENT_README.md** - Quick deployment reference - **DGA.txt** - Original project plan and specifications ### 🛡️ Security Features - Password hashing with bcrypt (10 salt rounds) - JWT tokens with 24-hour expiry - Role-based access control (RBAC) - Regional access restrictions - Audit trail for all operations - Rate limiting (100 req/15min) - CORS protection - Helmet.js security headers ### 📊 Key Metrics - **158 Government Entities** tracked - **171 Digital Programs** monitored - **691 Active Users** across 7 roles - **SAR 2,480,000,000+** budget managed - **5 Geographic Regions** covered - **10 Database Tables** with 4,000+ records - **19 API Endpoints** operational ### 🎯 Vision 2030 Alignment This platform directly supports Saudi Vision 2030 objectives: - Digital government transformation - Service delivery excellence - Data-driven decision making - Transparency and accountability - E-government maturity ### 📅 Project Phases - [x] **Phase 0:** Project Setup & Foundation - [x] **Phase 1:** Database Implementation & Testing - [x] **Phase 2:** Frontend Development - [ ] **Phase 3:** Multi-Region Setup - [ ] **Phase 4:** Analytics & Reporting - [ ] **Phase 5:** Security & Compliance - [ ] **Phase 6:** Integration & Testing - [ ] **Phase 7:** Training & Documentation - [ ] **Phase 8:** Azure Deployment - [ ] **Phase 9:** Go-Live & Handover ### 🤝 Contributing This is a proprietary government project. Access restricted to authorized DGA personnel only. ### 📄 License PROPRIETARY - Digital Government Authority, Kingdom of Saudi Arabia ### 📧 Contact **Digital Government Authority (DGA)** Kingdom of Saudi Arabia Project Lead: Head of Accounts --- **Built for Vision 2030 🇸🇦** *Empowering Digital Government Transformation* Oversight Platform ## 🏛️ Digital Government Authority - National Oversight System Complete end-to-end platform for monitoring, governing, and optimizing all digital transformation initiatives across the Kingdom of Saudi Arabia. ## 📊 Project Overview **Authority**: Digital Government Authority (DGA) **Coverage**: 158 Government Entities | 5 Regions | SAR 2.48B Budget **Project Lead**: Head of Accounts, DGA **Status**: Phase 0 - COMPLETE ✅ | Phase 1 - IN PROGRESS ## 🎯 Key Features - ✅ **Multi-Region Architecture** - 5 regional data centers - ✅ **158 Government Entities** - Pre-mapped ministries & agencies - ✅ **Budget Oversight** - SAR 2.48 Billion tracking - ✅ **Program Management** - 162+ digital transformation programs - ✅ **Real-time Analytics** - AI-powered insights & forecasting - ✅ **Full Compliance** - PDPL, NCA ECC, Vision 2030 aligned - ✅ **Role-Based Access** - 7 user roles, 625+ users - ✅ **Audit Trail** - Complete action logging ## 🚀 Quick Start ### Using Docker (Recommended) ```bash # Clone repository git clone cd dga-oversight-platform # Start all services docker-compose up -d # View logs docker-compose logs -f # Access services Backend API: http://localhost:5000 Frontend App: http://localhost:5173 pgAdmin: http://localhost:5050 ``` ### Manual Setup #### Backend ```bash cd backend npm install copy .env.example .env npm run dev ``` #### Frontend ```bash cd frontend npm install npm run dev ``` ## 📁 Project Structure ``` dga-oversight-platform/ ├── backend/ # Node.js + Express API │ ├── src/ │ │ ├── config/ # Database, environment │ │ ├── controllers/ # Business logic │ │ ├── middleware/ # Auth, validation │ │ ├── routes/ # API endpoints │ │ ├── services/ # Services layer │ │ └── server.js # Main server │ ├── database/ │ │ ├── migrations/ # Schema migrations │ │ └── seeds/ # Initial data │ └── tests/ # API tests │ ├── frontend/ # React + Vite app │ ├── src/ │ │ ├── api/ # API client │ │ ├── components/ # UI components │ │ ├── pages/ # Page components │ │ ├── hooks/ # Custom hooks │ │ └── store/ # State management │ └── public/ # Static assets │ ├── docs/ # Documentation ├── docker-compose.yml # Container orchestration └── README.md ``` ## 🌍 Regional Coverage ### Central Region (Riyadh) - 42 Entities Ministry of Interior, SDAIA, NCA, MOH, MOE, MOJ, MOC, ZATCA, MHRSD... ### Western Region (Jeddah) - 38 Entities Ministry of Hajj & Umrah, Jeddah Municipality, Mawani, Tourism... ### Eastern Region (Dammam) - 28 Entities Aramco Digital, Royal Commission, Energy, KFUPM... ### Northern Region (Tabuk) - 24 Entities NEOM Authority, Defense Services, Border Guard... ### Southern Region (Abha) - 26 Entities MOH Southern, Education Cluster, Development Authority... ## 👥 User Roles 1. **DGA Admin** - Full system access 2. **Regional Manager** - Regional oversight 3. **Program Director** - Program management 4. **Financial Controller** - Budget & finance 5. **Compliance Auditor** - Audit & compliance 6. **Analytics Lead** - KPI & insights 7. **Ministry User** - Entity-level access ## 📊 Technology Stack ### Backend - Node.js 18+ - Express.js - PostgreSQL 15 - JWT Authentication - Winston Logger ### Frontend - React 18 - Vite - React Router - Axios - Recharts - Bootstrap ### Infrastructure - Docker & Docker Compose - Azure Cloud (Production) - CI/CD with GitHub Actions ## 🔐 Security - JWT-based authentication - Role-based access control (RBAC) - Password encryption (bcrypt) - API rate limiting - SQL injection prevention - XSS protection - Audit logging - PDPL compliant - NCA ECC aligned ## 📈 Performance Targets - ✅ API Response Time: <200ms - ✅ System Uptime: 99.9% - ✅ Concurrent Users: 10,000+ - ✅ Data Accuracy: 99.8% - ✅ Test Coverage: 80%+ ## 🎯 Implementation Phases ### ✅ Phase 0: Project Setup (COMPLETE) - Project structure created - Backend API foundation - Docker configuration - Development environment ready ### 🔄 Phase 1: Database & Core API (IN PROGRESS) - Database schema creation - 158 entities seed data - 50+ API endpoints - Authentication system ### 📅 Phase 2-9: Coming Soon See DGA_COMPREHENSIVE_PLAN.md for full roadmap ## 💰 Budget Summary **Development**: SAR 376,000 (18 weeks) **Monthly Operations**: SAR 221,650 **First Year Total**: SAR 3,080,800 **Expected ROI**: 1,361% (SAR 45M benefits) ## 📞 Contact & Support **Project Lead**: Head of Accounts, DGA **Email**: [email protected] **Technical Support**: [email protected] **Documentation**: /docs folder ## 📄 Documentation - [Comprehensive Plan](./DGA_COMPREHENSIVE_PLAN.md) - Full project blueprint - [Backend README](./backend/README.md) - API documentation - [Frontend README](./frontend/README.md) - UI documentation - [Database Schema](./docs/database-schema.md) - Data structure - [API Reference](./docs/api-reference.md) - Endpoint details ## 🛠️ Development Commands ```bash # Start all services docker-compose up -d # View logs docker-compose logs -f # Stop services docker-compose down # Backend only cd backend && npm run dev # Frontend only cd frontend && npm run dev # Run tests cd backend && npm test # Database migration cd backend && npm run migrate # Seed data cd backend && npm run seed ``` ## 🎓 Training Resources - Video Tutorials: /docs/videos - User Manuals: /docs/manuals - Training Slides: /docs/training ## 📝 License **Proprietary** - Digital Government Authority, Kingdom of Saudi Arabia --- ## 🏆 Project Status **Current Phase**: Phase 0 Complete, Phase 1 In Progress **Completion**: 10% (2 of 18 weeks) **Next Milestone**: Database schema + seed data **Target Go-Live**: Week 15 --- **Prepared by**: DGA Technical Team **Approved by**: Head of Accounts, DGA **Date**: November 19, 2025 **Version**: 1.0.0 # dgaapp