Online Legal Research System
Provide law practices with access to legal research materials, precedents, legal opinions, journals, legislation, and other legal materials that they may harness.
Instructions
This page helps you prepare "Solution Requirements" section in Vendor Management Portal and you will see the exact questions and flow.
🔴 Mandatory questions: Must answer "Yes" to continue
🟡 Preferred questions: Can answer either way and continue
Follow the question flow as indicated
Q1 🔴 Mandatory - Cloud and Multi-Device Accessibility
Main Question: Does your solution allow for cloud-based, mobile-based, and/or web-based usage?
🔴 Answer: ○ Yes [Next: Q2] ○ No [⚠️ Cannot Proceed]
Q2 🔴 Mandatory - Comprehensive Legal Database Access
Main Question: Does the solution provide access to a wide range of legal databases containing legal research materials, precedents, legal opinions, journals, legislation, and other relevant legal materials?
🔴 Answer: ○ Yes [Next: Q3] ○ No [⚠️ Cannot Proceed]
Q3 🔴 Mandatory - Research Materials Search
Main Question: Is your solution able to search research materials (e.g. cases, precedents, law reports, etc.) across multiple countries within a single search?
🔴 Answer: ○ Yes [Next: Q4] ○ No [⚠️ Cannot Proceed]
Q4 🔴 Mandatory - Search Results Filtering
Main Question: Is your solution able to filter search results by content type, jurisdiction, and legal topic to narrow results more quickly and identify the most relevant documents?
🔴 Answer: ○ Yes [Next: Q5] ○ No [⚠️ Cannot Proceed]
Q5 🟡 Preferred - Case Understanding and Related Content Discovery
Main Question: Does your solution have features (e.g. case status icons, location of report, appellate history, related cases cited with judicial treatment, legislation cited, Journal articles and commentary citing) which allow users to get a clear understanding of a particular case quickly, such as being able to discover related cases, and trace case lineages?
🟡 Answer: ○ Yes [Next: Q6] ○ No [Next: Q6]
Q6 🔴 Mandatory - Current and Updated Content
Main Question: Does your solution automatically update to include the latest cases and changes in legislation?
🔴 Answer: ○ Yes [Next: Q7] ○ No [⚠️ Cannot Proceed]
Q7 🔴 Mandatory - Alert Options
Main Question: Does your software have alert options to manage your updates?
🔴 Answer: ○ Yes [Next: Q8] ○ No [⚠️ Cannot Proceed]
Q8 🔴 Mandatory - Dashboards and Analytics
Main Question: Does the system provide dashboards, reporting, and analytics capabilities to track and analyse user interactions, search patterns, document access, and other relevant metrics, enabling insights for system optimisation and user behaviour understanding?
Dashboard Requirements: Your digital solution should have one or more dashboards that provide an at-a-glance overview of key metrics/indicators with at least 4 charts/graphs to help users analyse data through data visualisation.
Interactive Features Required: The dashboard must include at least one of the following interactive features:
Option 1: Interactive charts/graphs that allow users to interact with one chart and apply that interaction as a filter to other charts on the dashboard, and vice versa
Option 2: At least three common filters/slicers applicable to ALL charts/graphs on the same dashboard
🔴 Answer: ○ Yes [Next: Q9] ○ No [⚠️ Cannot Proceed]
Q9 🔴 Mandatory - Annotation and Collaboration Tools
Main Question: Does the solution provide tools for users to annotate, tag, and collaborate on legal research materials, enabling efficient teamwork and knowledge sharing within the law practice?
🔴 Answer: ○ Yes [Next: Q10] ○ No [⚠️ Cannot Proceed]
Q10 🔴 Mandatory - Customisation and Personalisation
Main Question: Does the solution allow users to access their search history, customise their research experience, save preferences, and personalise their access to legal materials based on their specific areas of practice and interest?
🔴 Answer: ○ Yes [Next: Q11] ○ No [⚠️ Cannot Proceed]
Q11 🟡 Preferred - System Integration - Legal Specific
Main Question: Does your solution support integration with other systems such as legal practice management systems, case management tools, document management systems, or any news sites that a firm subscribes to?
🟡 Answer: ○ Yes [Next: Q12] ○ No [Next: Q13]
--
Q12 🔴 Mandatory Follow-up - System Integration - Legal Specific - Elaboration
This question appears only if you answered "Yes" to Q11
Main Question: List the external systems and solutions that your solution is integrated with.
Confirmation Requirement: Click "Yes" to confirm you have completed the instructions.
🔴 Answer: ○ Yes [Next: Q13] ○ No [⚠️ Cannot Proceed]
Text Elaboration Required: [Text Box for Description/Details]
Q13 🟡 Preferred - AI Features
Main Question: Does your solution incorporate AI in your core features and functions?
🟡 Answer: ○ Yes [Next: Q14] ○ No [Next: Q15]
--
Q14 🔴 Mandatory Follow-up - AI Features - Elaboration
This question appears only if you answered "Yes" to Q13
Main Question: Describe your AI feature and its benefits. Examples are:
Examples: a. Generate output, identify items, or provide recommendations based on training models to improve decision-making b. Recognise text, images to shorten time taken for manual inputs of forms c. Others, please specify
Confirmation Requirement: Click "Yes" to confirm you have completed the instructions.
🔴 Answer: ○ Yes [Next: Q15] ○ No [⚠️ Cannot Proceed]
Text Elaboration Required: [Text Box for Description/Details]
Q15 🔴 Mandatory - Business Data Extraction
Main Question: Can your solution enable SMEs to efficiently extract business data in various discrete formats such as CSV, XLSX, XML, and TSV?
🔴 Answer: ○ Yes [Next: Q16] ○ No [⚠️ Cannot Proceed]
Q16 🟡 Preferred - Personal Data Collection
Main Question: Does your digital solution collect, use, disclose, process or dispose personal data?
🟡 Answer: ○ Yes [Next: Q17] ○ No [Next: Q19]
--
Q17 🔴 Mandatory Follow-up - Personal Data Protection
This question appears only if you answered "Yes" to Q16
Main Question: Can your solution demonstrate compliance with the following Personal Data Protection requirements?
Compliance Requirements: Digital solutions that collect, use, disclose, process or dispose personal data should incorporate features that support the obligations under the Personal Data Protection Act (2020).
Mandatory Action: To comply with this requirement, you MUST complete the Personal Data Protection Requirements form at https://go.gov.sg/pdp.
🔴 Answer: ○ Yes [Next: Q18] ○ No [⚠️ Cannot Proceed]
--
Q18 🔴 Mandatory Follow-up - Vulnerability Assessment/Penetration Testing (VA/PT)
This question appears only if you answered "Yes" to Q17
Main Question: Has your solution undergone a comprehensive security vulnerability assessment/penetration testing (VA/PT) conducted by a qualified third-party within the last 12 months?
Scope Requirements: The scope of the VA/PT must cover network security; application security; data protection measures and access control (if applicable); API security testing (if applicable); Cloud security configuration review (if applicable). Specifically, for web application security, the scope must cover minimally all OWASP Top 10 vulnerabilities.
Submission Requirements: Please submit the VA/PT report (dated maximum 1 year from the checklist submission date). The VA/PT Report must include Executive summary; Detailed findings and risk ratings; Remediation recommendations; Evidence of vulnerability fixes or mitigation plans; Testing methodology used; Scope of assessment; Assessor's qualifications and certifications.
Reseller Note: If you are the reseller of the solution, please obtain the VA/PT report from your product principal. SOC 2 Type II report can be accepted if the detailed technical vulnerability assessment results are part of the SOC2 Type II scope.
Qualified Third-Party Definition: Qualified third-party refers to: CREST-certified companies [https://www.crest-approved.org/members/] or companies with security professional with relevant CREST certifications; Security professionals with recognised certifications such as: Offensive Security Certified Professional (OSCP); EC-Council Certified Penetration Testing Professional (CPENT); GIAC Penetration Tester (GPEN); or other equivalent industry-recognised certifications.
Confirmation Requirement: Click "Yes" to confirm you have completed the instructions.
🔴 Answer: ○ Yes [Next: Q19] ○ No [⚠️ Cannot Proceed]
Date of Issue Required: [Date Field] Upload Supporting Document Required: [File Upload]
Q19 🟡 Preferred - Cybersecurity Compliance - Cyber Essentials Mark (CEM)
Main Question: Are you the Product Principal of the solution that you are submitting for pre-approval?
🟡 Answer: ○ Yes [Next: Q20] ○ No [Next: Q22]
--
Q20 🟡 Preferred - CEM for Product Principal
This question appears only if you answered "Yes" to Q19
Main Question: Has your organisation achieved CSA Cyber Essentials for ICT Vendor Mark certification or equivalent recognised cybersecurity certifications (including but not limited to Cyber Trust Mark or ISO27001) that validate the implementation of appropriate security controls against common cyber threats in your organisation and the solution you are submitting for pre-approval?
Compliance Timeline: Vendors are encouraged to comply at application and are required to meet this requirement by the Annual Review, where it will be assessed as mandatory.
Reference Note: For more information on Cyber Essentials mark, please refer to https://www.csa.gov.sg/cyber-essentials/
🟡 Answer: ○ Yes [Next: Q21] ○ No [Assessment Finished]
--
Q21 🔴 Mandatory Follow-up - CEM for Product Principal - Elaboration
This question appears only if you answered "Yes" to Q20
Main Question: Please specify the following information:
Required Information: i. The certificate demonstrating your organisation has attained Cyber Essentials for ICT Vendors ii. The cybersecurity certification the organisation has met iii. The scope of the certification
Document Submission: Please also upload a copy of the Certification and indicate the Certification Issuance Date in the date field.
Confirmation Requirement: Click "Yes" to confirm you have completed the instructions.
🔴 Answer: ○ Yes [Assessment Finished] ○ No [⚠️ Cannot Proceed]
Text Elaboration Required: [Text Box for Description/Details] Date of Issue Required: [Date Field] Upload Supporting Document Required: [File Upload]
Q22 🟡 Preferred - CEM for Resellers
This question appears only if you answered "No" to Q19
Main Question: Has your organisation achieved CSA Cyber Essentials Mark certification or equivalent recognised cybersecurity certifications (including but not limited to Cyber Trust Mark or ISO27001) that validate the implementation of appropriate security controls against common cyber threats in your organisation and the solution you are submitting for pre-approval?
Compliance Timeline: Vendors are encouraged to comply at application and are required to meet this requirement by the Annual Review, where it will be assessed as mandatory.
Reference Note: For more information on Cyber Essentials mark, please refer to https://www.csa.gov.sg/cyber-essentials/
🟡 Answer: ○ Yes [Next: Q23] ○ No [Assessment Finished]
--
Q23 🔴 Mandatory Follow-up - CEM for Resellers - Elaboration
This question appears only if you answered "Yes" to Q22
Main Question: Please specify the following information:
Required Information: i. The cybersecurity certification the organisation has met ii. The scope of the certification
Document Submission: Please also upload a copy of the Certification and indicate the Certification Issuance Date in the date field.
Confirmation Requirement: Click "Yes" to confirm you have completed the instructions.
🔴 Answer: ○ Yes [Assessment Finished] ○ No [⚠️ Cannot Proceed]
Text Elaboration Required: [Text Box for Description/Details] Date of Issue Required: [Date Field] Upload Supporting Document Required: [File Upload]
Preparing for submission?
Your submission should contain screenshots and write-ups that clearly demonstrate compliance with each mandatory requirement sub-point. Contact us if you need help.
Last updated