Omnichannel Retail Management (OCRM)

Allows a retailer to deliver a seamless shopping experience across various customer touchpoints, and to have real-time product and inventory visibility, reducing stocking issues.

Instructions

• This page helps you prepare "Solution Requirements" section in Vendor Management Portal and you will see the exact questions and flow.

• 🔴 Mandatory questions: Must answer "Yes" to continue

• 🟡 Preferred questions: Can answer either way and continue

• Follow the question flow as indicated

Q1 🔴 Mandatory - Operational Accessibility

Main Question: Is the solution cloud-based or accessible through a user-friendly interface, allowing authorised personnel to easily access and manage the OCRM solution from various devices and locations?

Example: Store managers access sales and inventory data from tablets and smartphones to make real-time decisions off-site.

🔴 Answer: ○ Yes [Next: Q2] ○ No [⚠️ Cannot Proceed]

Q2 🔴 Mandatory - Physical Sales Transactions Support

Main Question: Does the solution allow the processing of customer transactions in physical stores using cash and cashless methods?

Example: Staff uses POS or Mobile-POS for entering of product codes, calculating totals, accepting various modes of payment, processing payment securely and generating receipts.

🔴 Answer: ○ Yes [Next: Q3] ○ No [⚠️ Cannot Proceed]

Q3 🔴 Mandatory - Multiple Touchpoints for Customer Engagement and Sales Transactions

Main Question: Does the solution allow retailers to promote and sell products and services online over multiple touchpoints?

Example: The customer sees content, browses products, makes purchases, and completes transactions online on either an Online Store/Brand.com, Social media channels (e.g. Facebook, Instagram, Tik Tok), chat applications (e.g. WhatsApp, Telegram), or Marketplaces (e.g. Lazada, Shopee, Amazon).

🔴 Answer: ○ Yes [Next: Q4] ○ No [⚠️ Cannot Proceed]

Q4 🔴 Mandatory - Seamless Customer Experience Across Touchpoints

Main Question: Does the solution allow the delivery of a seamless experience across customer touchpoints, complementing the customer experience at its physical stores?

Note: Customer touchpoints include physical stores, online stores, social media & chat commerce channels, online market places, etc.

Example: The customer sees a promotion on any of the online touchpoints, purchases a product online, and choose between home delivery or in-store pickup for collection.

🔴 Answer: ○ Yes [Next: Q5] ○ No [⚠️ Cannot Proceed]

Q5 🔴 Mandatory - Inventory Levels Management

Main Question: Does the solution help retailers to manage their inventories to ensure efficient operations and meet customer demands across channels?

Example: The solution monitors, organises, and optimises inventory levels such that popular items are always in stock.

🔴 Answer: ○ Yes [Next: Q6] ○ No [⚠️ Cannot Proceed]

Q6 🔴 Mandatory - Customer Loyalty and Retention - Relationship Management

Main Question: Does the solution help retailers manage their relationships with customers and increase customer loyalty?

Example: The solution captures customer data and segment customers, delivering personalised marketing messages such as discounts on favourite menu items based on past purchase history.

🔴 Answer: ○ Yes [Next: Q7] ○ No [⚠️ Cannot Proceed]

Q7 🔴 Mandatory - Dashboards and Reports (OCRM)

Main Question: Can your solution provide dashboards and reporting capabilities to optimise business performance?

Dashboard Requirements: Your digital solution should have one or more dashboards that provide an at-a-glance overview of key metrics/indicators with at least 4 charts/graphs to help users analyse data through data visualisation.

Interactive Features Required: The dashboard must include at least one of the following interactive features:

• Option 1: Interactive charts/graphs that allow users to interact with one chart and apply that interaction as a filter to other charts on the dashboard, and vice versa

• Option 2: At least three common filters/slicers applicable to ALL charts/graphs on the same dashboard

🔴 Answer: ○ Yes [Next: Q8] ○ No [⚠️ Cannot Proceed]

Q8 🟡 Preferred - Supplier Relationship Management

Main Question: Does the solution help retailers to transact with the supplier partners and streamline the ordering process, ensuring that new stock arrives on time?

Example: Store managers track delivery times and manage incoming consignment inventory.

🟡 Answer: ○ Yes [Next: Q9] ○ No [Next: Q9]

Q9 🟡 Preferred - GenAI-Powered Customer Responses

Main Question: Does your solution offer natural language processing (NLP) capability for understanding user intent and sentiment, allowing for fast, accurate, and personalised support?

Example: An LLM Chatbot answers FAQs and urgent queries such as return policies, delivering relevant information instantly to improve customer satisfaction and drive sales.

🟡 Answer: ○ Yes [Next: Q10] ○ No [Next: Q10]

Q10 🟡 Preferred - Personalised Product Recommendations

Main Question: Can your solution recommend personalised product recommendations based on customer behaviour and purchase history?

Example: Customers are given personalised product recommendations and dynamic pricing offers based on their purchase history and browsing behaviour.

🟡 Answer: ○ Yes [Next: Q11] ○ No [Next: Q11]

Q11 🟡 Preferred - Marketing and Customer Segmentation

Main Question: Can your solution segment and create marketing campaigns to target different customer groups?

Example: The solution optimises marketing campaigns using AI-powered content personalisation to different segments of customers based on purchasing behaviour.

🟡 Answer: ○ Yes [Next: Q12] ○ No [Next: Q12]

Q12 🟡 Preferred - AI Features

Main Question: Does your solution incorporate AI in your core features and functions?

🟡 Answer: ○ Yes [Next: Q13] ○ No [Next: Q14]

--

Q13 🔴 Mandatory Follow-up - AI Features - Elaboration

This question appears only if you answered "Yes" to Q12

Main Question: Describe your AI feature and its benefits. Examples are:

AI Feature Categories: a. Generate output, identify items, or provide recommendations based on training models to improve decision-making b. Recognise text, images to shorten time taken for manual inputs of forms c. Others, please specify

Text Elaboration Required: [Text Box for Description/Details]

🔴 Answer: ○ Yes [Next: Q14] ○ No [⚠️ Cannot Proceed]

Q14 🔴 Mandatory - Business Data Extraction

Main Question: Can your solution enable SMEs to efficiently extract business data in various discrete formats such as CSV, XLSX, XML, and TSV?

🔴 Answer: ○ Yes [Next: Q15] ○ No [⚠️ Cannot Proceed]

Q15 🔴 Mandatory - Personal Data Protection

Main Question: Can your solution demonstrate compliance with the following Personal Data Protection requirements?

Compliance Requirements: Digital solutions that collect, use, disclose, process or dispose personal data should incorporate features that support the obligations under the Personal Data Protection Act (2020).

Submission Requirements: To comply with this requirement, you MUST complete the Personal Data Protection Requirements form at https://go.gov.sg/pdp.

🔴 Answer: ○ Yes [Next: Q16] ○ No [⚠️ Cannot Proceed]

Q16 🔴 Mandatory - Vulnerability Assessment/Penetration Testing (VA/PT)

Main Question: Has your solution undergone a comprehensive security vulnerability assessment/penetration testing (VA/PT) conducted by a qualified third-party within the last 12 months?

Scope Requirements: The scope of the VA/PT must cover network security; application security; data protection measures and access control (if applicable); API security testing (if applicable); Cloud security configuration review (if applicable). Specifically, for web application security, the scope must cover minimally all OWASP Top 10 vulnerabilities.

Submission Requirements: Please submit the VA/PT report (dated maximum 1 year from the checklist submission date). The VA/PT Report must include Executive summary; Detailed findings and risk ratings; Remediation recommendations; Evidence of vulnerability fixes or mitigation plans; Testing methodology used; Scope of assessment; Assessor's qualifications and certifications.

Additional Requirements: If you are the reseller of the solution, please obtain the VA/PT report from your product principal. SOC 2 Type II report can be accepted if the detailed technical vulnerability assessment results are part of the SOC2 Type II scope.

Qualified Third-party Definition: [1] Qualified third-party refers to: CREST-certified companies [https://www.crest-approved.org/members/] or companies with security professional with relevant CREST certifications; Security professionals with recognised certifications such as: Offensive Security Certified Professional (OSCP); EC-Council Certified Penetration Testing Professional (CPENT); GIAC Penetration Tester (GPEN); or other equivalent industry-recognised certifications.

Date of Issue Required: [Date Field] Upload Supporting Document Required: [File Upload] Text Elaboration Required: [Text Box for Description/Details]

🔴 Answer: ○ Yes [Next: Q17] ○ No [⚠️ Cannot Proceed]

Q17 🟡 Preferred - Cybersecurity Compliance - Cyber Essentials Mark (CEM)

Main Question: Are you the Product Principal of the solution that you are submitting for pre-approval?

🟡 Answer: ○ Yes [Next: Q18] ○ No [Next: Q20]

--

Q18 🟡 Preferred - CEM for Product Principal

This question appears only if you answered "Yes" to Q17

Main Question: Has your organisation achieved CSA Cyber Essentials for ICT Vendor Mark certification or equivalent recognised cybersecurity certifications (including but not limited to Cyber Trust Mark or ISO27001) that validate the implementation of appropriate security controls against common cyber threats in your organisation and the solution you are submitting for pre-approval?

Compliance Timeline: Vendors are encouraged to comply at application and are required to meet this requirement by the Annual Review, where it will be assessed as mandatory.

Additional Information: Note: For more information on Cyber Essentials mark, please refer to https://www.csa.gov.sg/cyber-essentials/

🟡 Answer: ○ Yes [Next: Q19] ○ No [Assessment Finished]

--

Q19 🔴 Mandatory Follow-up - CEM for Product Principal - Elaboration

This question appears only if you answered "Yes" to Q18

Main Question: Please specify the following information:

Required Information: i. The certificate demonstrating your organisation has attained Cyber Essentials for ICT Vendors ii. The cybersecurity certification the organisation has met iii. The scope of the certification

Submission Requirements: Please also upload a copy of the Certification and indicate the Certification Issuance Date in the date field.

Date of Issue Required: [Date Field] Upload Supporting Document Required: [File Upload] Text Elaboration Required: [Text Box for Description/Details]

🔴 Answer: ○ Yes [Assessment Finished] ○ No [⚠️ Cannot Proceed]

Q20 🟡 Preferred - CEM for Resellers

This question appears only if you answered "No" to Q17

Main Question: Has your organisation achieved CSA Cyber Essentials Mark certification or equivalent recognised cybersecurity certifications (including but not limited to Cyber Trust Mark or ISO27001) that validate the implementation of appropriate security controls against common cyber threats in your organisation and the solution you are submitting for pre-approval?

Compliance Timeline: Vendors are encouraged to comply at application and are required to meet this requirement by the Annual Review, where it will be assessed as mandatory.

Additional Information: Note: For more information on Cyber Essentials mark, please refer to https://www.csa.gov.sg/cyber-essentials/

🟡 Answer: ○ Yes [Next: Q21] ○ No [Assessment Finished]

--

Q21 🔴 Mandatory Follow-up - CEM for Resellers - Elaboration

This question appears only if you answered "Yes" to Q20

Main Question: Please specify the following information:

Required Information: i. The cybersecurity certification the organisation has met ii. The scope of the certification

Submission Requirements: Please also upload a copy of the Certification and indicate the Certification Issuance Date in the date field.

Date of Issue Required: [Date Field] Upload Supporting Document Required: [File Upload] Text Elaboration Required: [Text Box for Description/Details]

🔴 Answer: ○ Yes [Assessment Finished] ○ No [⚠️ Cannot Proceed]