IT Consultation Full case study

HQ Web Portal + POS System — Full SRS & Architecture Design

Malaysian Enterprise Client (Confidential) Enterprise operations · Malaysia

"Needed a complete system requirements specification and architecture design for a 22-module enterprise portal and POS system before approaching any development vendor — without exposing their plans to competitors."

Modules scoped

PDPA

Compliant

DuitNow

QR integrated

Vendor

Ready spec

Deliverables

SRS Document

22 modules — full functional spec

System Architecture

Database, API, PDPA, DuitNow

Vendor RFQ Package

Scoped spec for vendor evaluation

PDPA Compliance Framework

Data handling architecture

The challenge

A major software investment. No documentation. No architecture. And a vendor process that couldn't start without both.

This Malaysian enterprise client was planning a significant investment in a custom HQ web portal and point-of-sale system spanning 22 functional modules. The operational scope was complex — multi-outlet management, HQ approval workflows, PDPA-compliant customer data handling, and DuitNow QR payment integration at the POS level. They knew what they needed the system to do. They did not have it documented in a form any vendor could build from.

The standard route — sending a vague brief to five vendors and comparing the proposals — was not viable. Without a proper specification, every vendor would scope the project differently. Proposals would be incomparable. The "cheapest" option would likely be cheap because it scoped less. And sharing detailed operational plans with vendors who were also tendering to competitors created an unacceptable confidentiality risk.

The brief to Trendtive Digital was specific: act as an independent consultant to produce a complete SRS and system architecture — one they could own, control, and use to run a proper vendor evaluation — without Trendtive Digital being in contention for the build contract itself. Independence was the point.

Our approach

Understand the operations first. Document the system second.

We began with a structured stakeholder interview process — separately engaging HQ management, operations leads, finance, and IT. The goal was not to ask what features they wanted, but to understand how the business actually operated: where decisions were made, where information flowed, where current processes created friction, and what compliance constraints existed. The SRS grew out of operational reality, not a feature wishlist.

Requirements Study

Structured stakeholder interviews across HQ management, operations, finance, and IT. Workflow mapping for all 22 module areas — process flows, decision points, user roles, approval chains, and edge cases documented before any specification was written.

Stakeholder interviewsWorkflow mappingGap analysis22 modules

Full SRS Document

Complete Software Requirements Specification covering all 22 modules — functional requirements, user stories, acceptance criteria, role-based access matrix, non-functional requirements (performance, security, availability), and integration requirements.

Functional requirementsUser storiesRole matrixNon-functional

System Architecture Design

Full architecture covering database schema design, API surface definition, PDPA-compliant data handling framework, DuitNow QR payment integration specification, hosting architecture, and technology stack recommendations with rationale.

Database schemaAPI designPDPA frameworkDuitNow QR

Vendor-Ready RFQ Package

Vendor evaluation package assembled from the SRS — scoped specification structured for RFQ distribution, evaluation criteria for comparing proposals on a consistent basis, and commercial model guidance covering CAPEX versus OPEX considerations.

RFQ documentEvaluation criteriaCAPEX/OPEXVendor-ready

How we delivered it

Stakeholder interviews

HQ · Operations · Finance · IT — separately

Workflow mapping

Process flows · Decision trees · Edge cases · Role matrix

SRS drafting

22 modules · Functional & non-functional requirements

Architecture design

Database · API · PDPA · DuitNow · Hosting

RFQ package & handover

Vendor spec · Evaluation criteria · Sign-off

The consultation approach

Independence was the value. Not technical advice alone.

Most IT consultation engagements come with a conflict of interest: the consultant who defines what you should build also wants to build it. That creates pressure — conscious or not — for the specification to favour the consultant's strengths, preferred stack, and delivery model.

Trendtive Digital engaged this client with explicit independence from the build contract. We were not bidding for the development work. That independence allowed us to make architecture recommendations based purely on what was right for the client's business — not what would be easiest for us to deliver.

The result was a specification the client owned completely. They controlled who saw it, who they shared it with, and which vendors they chose to invite. The PDPA compliance framework and DuitNow integration spec were designed to be portable — any competent vendor receiving the package could build to it without further input from Trendtive Digital.

SRS scope coverage

HQ Web Portal

Multi-module · approval workflows · reporting

↕

POS System

Outlet operations · DuitNow QR · sync

↕

PDPA Compliance

Data handling · consent · retention rules

↕

Vendor RFQ Package

Portable spec · any vendor can build to it

Client owns the spec — independent of Trendtive Digital

The outcome

22 modules documented.
Vendor-ready from day one.

Modules fully specified — functional and non-functional

Every module in the HQ portal and POS system documented with functional requirements, user stories, acceptance criteria, and edge case handling. Vendors receive a specification they can build to, not a brief they have to interpret.

PDPA

Data handling architecture compliant with Malaysian requirements

The architecture design includes a PDPA compliance framework covering data collection consent, storage handling, retention rules, and access control — built into the specification so compliance is a design decision, not a post-launch retrofit.

DuitNow

QR payment integration specified for POS at architecture level

DuitNow QR payment flow included in the system architecture — API integration specification, transaction handling, reconciliation logic, and failure state handling documented so any vendor can implement it without ambiguity.

Vendor

RFQ package ready for distribution to shortlisted vendors

The client entered the vendor evaluation phase with a specification package they owned and controlled. All vendors received the same document — ensuring proposals were comparable, scoped to the same requirements, and evaluated on a consistent basis.

Start a project

Have a similar challenge? Let's talk.

Book a free 30-minute consultation with Jack. If you need independent IT consultation before committing to a build, we'll tell you what that engagement looks like — and whether we're the right fit.

Jack Chang

Director, Trendtive Digital Sdn Bhd

Your consultant for this session

30 minutes · Free · No obligation

Format: Microsoft Teams

With: Jack Chang, Project Director — Trendtive Digital

What we'll cover

Your planned system and what documentation you currently have

Whether an independent SRS or consultation engagement makes sense

Realistic scope, timeline, and engagement model

No credit card · No commitment · Response within 24 hours