Ringkasan Eksekutif
Cadangan Pembangunan Perkhidmatan Digital Portal Rasmi JKPTG
Nilai Projek
RM450,360
Termasuk SST 8%
Tempoh Pelaksanaan
24 Minggu
Termasuk buffer kelulusan
Tempoh Waranti
12 Bulan
Defect Liability Period
Kitaran Hayat Platform
5+ Tahun
Dengan pelan migrasi
Konteks Strategik
Cadangan ini bukan sekadar pembangunan semula portal, tetapi merupakan transformasi perkhidmatan digital JKPTG yang merangkumi:
- Tadbir Urus Digital - Struktur kawalan, kelulusan kandungan, dan akauntabiliti
- Pematuhan Piawaian - MAMPU, WCAG 2.1 AA, PDPA, MyGDX-readiness
- Keselamatan Bersepadu - Bukan sekadar VA/PT, tetapi governance framework
- Kelestarian Operasi - Pelan migrasi, pemilikan, dan kesinambungan perkhidmatan
Justifikasi Platform
Mengenai Joomla 5 LTS: Walaupun sokongan rasmi Joomla 5 LTS dijadualkan sehingga 2027, cadangan ini merangkumi pelan migrasi ke Joomla 6 LTS (dijangka Q4 2026) dalam Tahun 2 operasi. Kos migrasi dianggarkan dan dimasukkan dalam pelan kelestarian.
Kenapa Joomla (Bukan Custom Build)
- Pematuhan piawaian MAMPU untuk CMS kerajaan
- Komuniti pembangun tempatan yang aktif
- Ketersediaan sumber manusia untuk penyelenggaraan
- Kos pemilikan jangka panjang lebih rendah
- Audit trail dan logging terbina dalam
- Migrasi antara versi telah terbukti stabil
Pelan Mitigasi Risiko Platform
- Pembangunan menggunakan Joomla 5.2+ (versi terkini)
- Kod custom mengikut Joomla coding standards
- Template menggunakan Bootstrap 5 (platform-agnostic)
- Migrasi ke Joomla 6 LTS dalam DLP (Tahun 1)
- Dokumentasi teknikal lengkap untuk vendor succession
- Source code escrow arrangement
Skop Perkhidmatan Digital
| Komponen | Skop | Pemilikan |
|---|---|---|
| Portal Awam | 25+ halaman, responsive, WCAG 2.1 AA compliant | JKPTG |
| Sistem CMS | Joomla 5.x dengan custom template dan extensions | JKPTG |
| Chatbot | Freshwork dengan knowledge base terkawal | Lesen 2 tahun |
| Dokumentasi | Teknikal, operasi, pengguna, dan keselamatan | JKPTG |
| Source Code | Custom template, extensions, configurations | JKPTG |
UNIJAYA RESOURCES SDN BHD (585248-K)
D-6-8 Megan Avenue 1, 189 Jalan Tun Razak, 50400 Kuala Lumpur
Tel: 03-2166 6558 | Email: info@unijaya.com | CP: W10181032100126
Tel: 03-2166 6558 | Email: info@unijaya.com | CP: W10181032100126
Tadbir Urus & Akauntabiliti
Struktur kawalan, kelulusan, dan tanggungjawab operasi
Model Tadbir Urus Perkhidmatan Digital
Hierarki Kelulusan Kandungan
Peringkat 3: Kelulusan Penerbitan
Pengarah / Ketua Bahagian
↓
Peringkat 2: Semakan & Pengesahan
Penyelia Kandungan
Pegawai Korporat
↓
Peringkat 1: Penyediaan Kandungan
Editor Bahagian A
Editor Bahagian B
Editor Bahagian C
Matriks Peranan & Tanggungjawab (RACI)
| Aktiviti | Super Admin | Publisher | Editor | Author |
|---|---|---|---|---|
| Konfigurasi sistem | R/A | - | - | - |
| Pengurusan pengguna | R/A | C | - | - |
| Kelulusan penerbitan | A | R | C | I |
| Semakan kandungan | I | A | R | C |
| Penyediaan kandungan | I | I | C | R |
| Audit log review | R/A | C | - | - |
R = Responsible, A = Accountable, C = Consulted, I = Informed
Workflow Kelulusan Kandungan
Proses Penerbitan Kandungan
- Draft - Author mencipta kandungan, status: Draft
- Review - Editor menyemak dan mengemaskini, status: Pending Review
- Approval - Publisher meluluskan atau reject, status: Pending Approval
- Publish - Kandungan diterbitkan secara automatik atau dijadualkan
- Archive - Kandungan tamat tempoh dialihkan ke arkib
Audit Trail: Setiap perubahan status direkodkan dengan timestamp, user ID, dan IP address.
Polisi Operasi
Polisi Kata Laluan
- Minimum 12 aksara
- Kombinasi huruf, nombor, simbol
- Tukar setiap 90 hari
- 5 percubaan gagal = kunci akaun
Polisi Sesi
- Auto-logout selepas 30 minit idle
- Single session per user
- Session token rotation
- HTTPS enforced
Polisi Log Retention
- Audit logs: 24 bulan
- Access logs: 12 bulan
- Error logs: 6 bulan
- Backup logs: 36 bulan
Pemindahan Pemilikan
Handover Checklist
Pada akhir projek, item berikut akan diserahkan kepada JKPTG:
| Item | Format | Pemilikan |
|---|---|---|
| Source code (template, extensions) | Git repository + ZIP archive | 100% JKPTG |
| Database schema & documentation | SQL + ERD diagram | 100% JKPTG |
| Technical documentation | PDF + DOCX | 100% JKPTG |
| User manual | PDF + Video | 100% JKPTG |
| Admin credentials | Encrypted document | 100% JKPTG |
| SSL certificates | PEM files | 100% JKPTG |
Pematuhan Piawaian
Mapping kepada piawaian kerajaan dan antarabangsa
Pematuhan Garis Panduan MAMPU
| Piawaian | Keperluan | Status | Implementasi |
|---|---|---|---|
| GPKTMK | Garis Panduan Keselamatan TMK | Patuh | SSL/TLS, 2FA, audit logging, password policy |
| GPPDP | Garis Panduan Pengurusan Data | Patuh | Data classification, retention policy, backup |
| GPWAK | Garis Panduan Web Agensi Kerajaan | Patuh | Struktur navigasi, aksesibiliti, dwi-bahasa |
| MyGDX | Government Data Exchange | Bersedia | API endpoints boleh dibangunkan bila diperlukan |
Pematuhan WCAG 2.1 Level AA
| Prinsip | Garis Panduan | Implementasi |
|---|---|---|
| Perceivable | 1.1 Text Alternatives | Alt text untuk semua imej, ARIA labels |
| 1.3 Adaptable | Semantic HTML, proper heading hierarchy | |
| 1.4 Distinguishable | Contrast ratio 4.5:1, resizable text 200% | |
| Operable | 2.1 Keyboard Accessible | Full keyboard navigation, visible focus |
| 2.4 Navigable | Skip links, breadcrumbs, descriptive titles | |
| Understandable | 3.1 Readable | Language declaration, abbreviation expansion |
| 3.2 Predictable | Consistent navigation, clear form labels | |
| Robust | 4.1 Compatible | Valid HTML5, ARIA compliance |
Pematuhan PDPA 2010
Data Peribadi Yang Dikumpul
- Nama dan alamat (borang maklum balas)
- Nombor telefon (pilihan)
- Alamat e-mel
- IP address (untuk keselamatan)
Kawalan PDPA
- Notis privasi di setiap borang
- Consent checkbox sebelum submit
- Data retention: 24 bulan maksimum
- Prosedur deletion atas permintaan
Klasifikasi Data
| Klasifikasi | Contoh Data | Kawalan |
|---|---|---|
| TERBUKA | Berita, pengumuman, FAQ, maklumat perkhidmatan | Tiada sekatan akses |
| TERHAD | Dokumen dalaman, laporan draft | Login required, role-based access |
| SULIT | Data peribadi pelanggan, audit logs | Encryption, audit trail, admin only |
Keselamatan & Kawalan
Framework keselamatan bersepadu, bukan sekadar checklist
Role-Based Access Control (RBAC) Matrix
| Peranan | Config | Users | Publish | Edit | Create | View |
|---|---|---|---|---|---|---|
| Super Administrator | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Administrator | - | ✓ | ✓ | ✓ | ✓ | ✓ |
| Publisher | - | - | ✓ | ✓ | ✓ | ✓ |
| Editor | - | - | - | ✓ | ✓ | ✓ |
| Author | - | - | - | Own | ✓ | ✓ |
Kawalan Keselamatan Teknikal
Network Layer
- SSL/TLS 1.3 enforced
- HSTS header enabled
- WAF integration ready
- Rate limiting (100 req/min)
- IP whitelist untuk admin
Application Layer
- OWASP Top 10 compliance
- SQL injection prevention
- XSS protection (CSP)
- CSRF token validation
- Input sanitization
Data Layer
- Password hashing (bcrypt)
- Database encryption at rest
- Backup encryption (AES-256)
- PII data masking in logs
- Secure credential storage
Prosedur Respons Insiden
| Fasa | Aktiviti | Tanggungjawab | SLA |
|---|---|---|---|
| 1. Detection | Monitoring alerts, user reports | Helpdesk / System Admin | - |
| 2. Triage | Assess severity, classify incident | IT Security Officer | 15 minit |
| 3. Containment | Isolate affected systems | System Admin | 30 minit |
| 4. Eradication | Remove threat, patch vulnerability | Vendor / System Admin | 4 jam |
| 5. Recovery | Restore services, verify integrity | System Admin | 8 jam |
| 6. Post-Incident | Root cause analysis, report | IT Security Officer | 48 jam |
Backup & Disaster Recovery
Polisi Backup
| Full Backup | Mingguan (Ahad 2:00 AM) |
| Incremental | Harian (2:00 AM) |
| Database | Setiap 6 jam |
| Retention | 30 hari on-site, 90 hari off-site |
| Testing | Restore test bulanan |
Recovery Objectives
| RTO (Recovery Time) | 4 jam |
| RPO (Recovery Point) | 6 jam (max data loss) |
| MTTR | 2 jam (target) |
| Availability Target | 99.5% (excl. maintenance) |
Skop VA/PT Assessment
Vulnerability Assessment & Penetration Testing
VA/PT akan dilaksanakan oleh pihak ketiga bertauliah sebelum Go-Live:
| Kategori | Skop |
|---|---|
| Infrastructure | Server, firewall, network configuration |
| Application | OWASP Top 10, business logic flaws |
| Authentication | Password policy, session management, 2FA |
| Authorization | RBAC bypass, privilege escalation |
| Data Protection | Encryption, data leakage, PII exposure |
Deliverable: Laporan VA/PT dengan severity rating (Critical/High/Medium/Low) dan remediation plan.
Seni Bina Sistem
Logical architecture, deployment topology, dan environment separation
Logical Architecture
3-Tier Architecture
Presentation Tier (Frontend)
Browser (Desktop/Mobile)
Chatbot Widget
↓ HTTPS (TLS 1.3) ↓
Application Tier (Backend)
Joomla 5.x CMS
PHP 8.2 / Apache
Freshwork API
↓ Encrypted Connection ↓
Data Tier (Storage)
MySQL 8.0
File Storage
Backup Storage
Deployment Topology
Production Environment
CDN / WAF (Optional)
Cloudflare / AWS CloudFront
↓
Load Balancer (Future)
Nginx / HAProxy
↓
Web Server
Apache 2.4 + PHP-FPM 8.2
↓
Database Server
MySQL 8.0 (Primary)
MySQL (Replica - Future)
Environment Separation
| Environment | Tujuan | Akses | Data |
|---|---|---|---|
| DEV | Pembangunan dan unit testing | Pembangun sahaja | Dummy / sanitized data |
| UAT | User Acceptance Testing | JKPTG testers + vendor | Sanitized production-like |
| STAGING | Pre-production verification | Limited (final check) | Production mirror |
| PROD | Live production | Public (portal), Admin (CMS) | Real data |
Technology Stack
| Layer | Technology | Version | Justifikasi |
|---|---|---|---|
| CMS | Joomla | 5.2.x LTS | MAMPU compliant, proven migration path |
| Language | PHP | 8.2+ | Performance, security, Joomla requirement |
| Database | MySQL | 8.0.x | Stability, support lifecycle until 2026+ |
| Web Server | Apache | 2.4.x | Joomla native support, .htaccess |
| CSS Framework | Bootstrap | 5.3.x | Responsive, accessible, maintainable |
| Chatbot | Freshwork | SaaS | AI-powered, multilingual, gov-ready |
Hosting Requirements
Nota: Hosting disediakan oleh JKPTG. Spesifikasi berikut adalah keperluan minimum untuk prestasi optimum.
| Komponen | Minimum | Disyorkan |
|---|---|---|
| CPU | 4 vCPU | 8 vCPU |
| RAM | 8GB | 16GB |
| Storage | 100GB SSD | 200GB NVMe SSD |
| OS | Ubuntu 22.04 LTS / RHEL 8+ | |
| SSL Certificate | Required (OV or EV recommended) | |
Tadbir Urus Chatbot
Governance framework untuk AI chatbot dalam konteks kerajaan
Peringatan: Chatbot adalah alat bantuan, bukan sumber autoritatif. Semua maklumat kritikal tentang urusan tanah mesti dirujuk kepada pegawai JKPTG atau dokumen rasmi.
Knowledge Base Governance
Pemilikan Knowledge Base
- Owner: JKPTG (Bahagian Korporat)
- Custodian: Webmaster JKPTG
- Approver: Ketua Bahagian berkaitan
- Lokasi: Freshwork cloud (data sovereignty: MY)
Skop Knowledge Base
- FAQ perkhidmatan am
- Waktu operasi dan lokasi
- Prosedur permohonan (umum)
- Pautan ke borang dan dokumen
- TIDAK TERMASUK: Nasihat undang-undang, status kes spesifik
Workflow Pengemaskinian
| Langkah | Aktiviti | Tanggungjawab | SLA |
|---|---|---|---|
| 1 | Cadangan kemas kini knowledge base | Bahagian berkaitan | - |
| 2 | Semakan ketepatan maklumat | Subject Matter Expert | 3 hari bekerja |
| 3 | Kelulusan penerbitan | Ketua Bahagian | 2 hari bekerja |
| 4 | Kemas kini di Freshwork | Webmaster | 1 hari bekerja |
| 5 | Ujian dan pengesahan | Webmaster | 1 hari bekerja |
Mitigasi Risiko Hallucination
Kawalan Untuk Mencegah Maklumat Salah
- Restricted Scope: Chatbot hanya menjawab berdasarkan knowledge base yang diluluskan, bukan general AI
- Confidence Threshold: Jika confidence < 70%, chatbot akan direct ke pegawai
- Escalation Path: "Saya tidak pasti. Sila hubungi pegawai kami di..."
- No Legal Advice: Chatbot dikonfigurasi untuk menolak soalan nasihat undang-undang
- Audit Trail: Semua conversation dilog untuk quality review
Disclaimer & Liability
Disclaimer Chatbot (Akan Dipaparkan)
"Chatbot ini menyediakan maklumat umum sahaja dan bukan nasihat undang-undang. Maklumat yang diberikan mungkin tidak lengkap atau terkini. Untuk urusan rasmi berkaitan tanah, sila hubungi pegawai JKPTG atau rujuk dokumen rasmi di portal ini. JKPTG tidak bertanggungjawab atas sebarang tindakan yang diambil berdasarkan maklumat chatbot semata-mata."
Metrik & Monitoring
| Metrik | Target | Tindakan Jika Tidak Capai |
|---|---|---|
| Resolution Rate | > 60% | Review dan tambah knowledge base |
| Escalation Rate | < 30% | Identify gaps in knowledge base |
| User Satisfaction | > 70% | Improve response quality |
| Response Accuracy | > 95% | Immediate correction + root cause |
Jadual Pelaksanaan
24 minggu dengan buffer untuk kitaran kelulusan kerajaan
Tempoh Projek
24 Minggu
6 Bulan
Fasa Pembangunan
5 Fasa
Dengan approval gates
Milestone Bayaran
3 Kali
30% / 40% / 30%
Buffer Kelulusan
4 Minggu
Built-in buffer
Timeline Terperinci
Fasa 1
M1-3
Discovery & Requirements
Mesyuarat kick-off, stakeholder interviews, content audit, requirements gathering, governance structure definition
Deliverables: BRD, FRS, Information Architecture, Project Charter, Governance Matrix
Approval Gate: Sign-off BRD oleh JKPTG
Fasa 2
M4-6
UI/UX Design & Approval
Wireframing, visual design, accessibility review, prototype, stakeholder review sessions, design revisions
Deliverables: Wireframes, UI Mockups (Figma), Style Guide, Interactive Prototype, WCAG Checklist
Approval Gate: Design sign-off oleh Jawatankuasa Teknikal
MILESTONE 1: Design Approval → Bayaran 30% (RM135,108)
Fasa 3
M7-14
Development (4 Sprint)
Sprint 1 (M7-8): Environment setup, Joomla installation, core template
Sprint 2 (M9-10): Homepage, navigation, main pages
Sprint 3 (M11-12): Custom modules, forms, integrations
Sprint 4 (M13-14): Chatbot setup, content population, optimization
Sprint 2 (M9-10): Homepage, navigation, main pages
Sprint 3 (M11-12): Custom modules, forms, integrations
Sprint 4 (M13-14): Chatbot setup, content population, optimization
Deliverables: Working portal on UAT environment, Chatbot configured
Sprint Reviews: Demo setiap 2 minggu kepada JKPTG
Fasa 4
M15-20
Testing, Security & UAT
M15-16: QA testing (functional, compatibility, accessibility)
M17-18: VA/PT assessment oleh pihak ketiga
M19-20: UAT dengan JKPTG, remediation, UAT sign-off
M17-18: VA/PT assessment oleh pihak ketiga
M19-20: UAT dengan JKPTG, remediation, UAT sign-off
Deliverables: Test Reports, VA/PT Report, Remediation Evidence, UAT Sign-off Document
Approval Gate: UAT acceptance oleh JKPTG
MILESTONE 2: UAT Sign-off → Bayaran 40% (RM180,144)
Fasa 5
M21-24
Deployment, Training & Handover
M21: Production deployment, DNS cutover, SSL configuration
M22: Post-launch monitoring, issue resolution
M23: Training (3 hari hands-on)
M24: Documentation handover, project closure
M22: Post-launch monitoring, issue resolution
M23: Training (3 hari hands-on)
M24: Documentation handover, project closure
Deliverables: Live Portal, Training Materials, User Manual, Technical Docs, Source Code
Approval Gate: PAC (Provisional Acceptance Certificate)
MILESTONE 3: PAC Issuance → Bayaran 30% (RM135,108)
Defect Liability Period (DLP)
12 Bulan Selepas PAC
Tempoh waranti merangkumi:
- Bug fixing tanpa caj tambahan
- Security patching (Joomla updates)
- Technical support (waktu pejabat: 9am-5pm)
- Minor enhancements (< 8 jam effort)
- Joomla 6 migration (jika dikeluarkan dalam tempoh DLP)
SLA: Critical issues: 4 jam response, 24 jam resolution. Non-critical: 2 hari bekerja.
Kos & Pembayaran
Pecahan kos terperinci dengan justifikasi
Jumlah Keseluruhan
RM450,360
Termasuk SST 8%
Kos Pembangunan
RM370,000
88.7% daripada jumlah
Kos Sokongan
RM47,000
Chatbot, VA/PT, Training
SST 8%
RM33,360
Cukai perkhidmatan
Pecahan Kos Pembangunan Portal (RM370,000)
Kategori
Anggaran (RM)
1. Project Management
PM effort: 24 minggu x 0.5 FTE
30,000
2. Business Analysis & Requirements
BA effort: 3 minggu, stakeholder workshops, documentation
25,000
3. UI/UX Design
Designer effort: 3 minggu, wireframes, mockups, prototype
35,000
4. Custom Template Development
Frontend dev: Custom Joomla template, responsive, accessible
60,000
5. Custom Extensions Development
Backend dev: Custom modules, plugins, components
50,000
6. CMS Configuration & Setup
Joomla installation, 3rd party extensions, configuration
25,000
7. Content Population
25+ pages setup, initial content entry (based on JKPTG provided content)
20,000
8. Integration (Chatbot, Analytics)
Freshwork widget integration, Google Analytics, social media
15,000
9. QA Testing
Functional, compatibility, accessibility, performance testing
30,000
10. UAT Support
6 minggu UAT support, bug fixing, iterations
25,000
11. Deployment & Go-Live
Production setup, DNS, SSL, migration, monitoring
20,000
12. Documentation
Technical docs, user manual, admin guide, video tutorials
15,000
13. 12-Month DLP Warranty
Extended warranty, includes Joomla 6 migration if needed
20,000
Subtotal Pembangunan Portal
370,000
Komponen Sokongan (RM47,000)
| Komponen | Skop | Harga (RM) |
|---|---|---|
| Chatbot Freshwork | Lesen 2 tahun, setup, knowledge base configuration | 12,000 |
| VA/PT Assessment | Pihak ketiga bertauliah, infrastructure + application | 20,000 |
| Training (3 Hari) | Admin training (2 hari) + Content management (1 hari) | 10,000 |
| PMO (Extended) | Governance setup, stakeholder management | 5,000 |
| Subtotal Sokongan | 47,000 | |
Ringkasan Kos
| Pembangunan Portal | 370,000.00 |
| Komponen Sokongan | 47,000.00 |
| Jumlah Sebelum Cukai | 417,000.00 |
| SST @ 8% | 33,360.00 |
| JUMLAH KESELURUHAN | 450,360.00 |
RINGGIT MALAYSIA: EMPAT RATUS LIMA PULUH RIBU TIGA RATUS ENAM PULUH SAHAJA
Jadual Pembayaran
| Milestone | Trigger | % | Amaun (RM) |
|---|---|---|---|
| Milestone 1 | Design Approval (Minggu 6) | 30% | 135,108.00 |
| Milestone 2 | UAT Sign-off (Minggu 20) | 40% | 180,144.00 |
| Milestone 3 | PAC Issuance (Minggu 24) | 30% | 135,108.00 |
Terma Pembayaran
- Tempoh: 30 hari dari tarikh invois
- Kesahan: 90 hari dari 27 Januari 2026
- Tidak Termasuk: Hosting, domain, SSL certificate (disediakan JKPTG)
Kelestarian & Roadmap
Pelan jangka panjang untuk kesinambungan perkhidmatan digital
Kitaran Hayat Platform (5+ Tahun)
| Tahun | Platform | Aktiviti | Tanggungjawab |
|---|---|---|---|
| 2026 | Joomla 5.2 | Go-Live, DLP support, security patches | Unijaya (DLP) |
| 2027 | Joomla 5 → 6 | Joomla 6 migration (dalam DLP), continued support | Unijaya (DLP) |
| 2028 | Joomla 6 LTS | Maintenance & enhancement contract (optional) | JKPTG / Vendor |
| 2029-30 | Joomla 6 LTS | Continued operation, minor enhancements | JKPTG / Vendor |
| 2031+ | Joomla 7 / Evaluate | Major refresh or platform evaluation | JKPTG |
Pelan Migrasi Joomla 5 → 6
Migrasi Termasuk Dalam DLP
Joomla 6 LTS dijangka dikeluarkan Q4 2026. Migrasi akan dilaksanakan dalam tempoh DLP tanpa kos tambahan:
- Audit compatibility semua extensions
- Update custom code untuk Joomla 6
- Testing di staging environment
- Migration dengan minimal downtime (< 4 jam)
- Post-migration verification
Risiko: Rendah - Joomla mempunyai track record migrasi yang stabil. Template Bootstrap 5 adalah platform-agnostic.
Vendor Succession Planning
Dokumentasi Untuk Vendor Baharu
- Complete source code dengan comments
- Database schema documentation
- API documentation (jika ada)
- Deployment procedures
- Known issues dan workarounds
- Contact list untuk 3rd party services
Knowledge Transfer
- 2 sesi KT kepada vendor baharu (4 jam setiap sesi)
- Walkthrough architecture dan codebase
- Handover documentation
- 30 hari email support selepas handover
Enhancement Roadmap (Cadangan)
| Fasa | Enhancement | Anggaran Kos | Nota |
|---|---|---|---|
| Tahun 2 (2027) | MyGDX API integration | RM50,000 - 80,000 | Jika diperlukan oleh MAMPU |
| Tahun 2 (2027) | Advanced analytics dashboard | RM20,000 - 30,000 | Custom reporting |
| Tahun 3 (2028) | Mobile app (PWA) | RM80,000 - 120,000 | Optional enhancement |
| Tahun 3 (2028) | AI-enhanced search | RM30,000 - 50,000 | Semantic search |
*Anggaran kos adalah indikatif dan tertakluk kepada skop sebenar