Enter your credentials to view this document.
Below is the honest picture — what the maximalist version asks for, what I’ve verified is real, and what I’d commit to delivering. Aim: both of us walk into the DGE conversation knowing exactly what we’re putting on the table. Today is 22 May; 15 June is 24 days away.
Brendan’s framing, page 3 of the Blueprint — the highest-priority scope, production-grade, with executive surfaces shipping behind:
Behind those four surfaces sit a backend engine, an integrations layer, an AI stack, a platform foundation, a compliance workstream, and a content/localisation effort. The sections below break each of these into discrete modules. The intent is not to litigate scope but to map it.
The pre-populated profile depends on data flowing in from several sources before any user sees a screen.
| # | Module | What it is | Why it’s product-scale |
|---|---|---|---|
| 01 | HR Systems Integration | Pipeline pulling employee records from DGE’s HR systems into the profile store. | Schema mapping, identity reconciliation, change-data-capture, data access agreements. Workday / SAP SuccessFactors integrations are 6-month projects in normal contexts. |
| 02 | LinkedIn Ingestion | Pull employee LinkedIn profiles into the system. | LinkedIn API access tier, OAuth per employee, ToS compliance, data refresh cadence. |
| 03 | CV / Resume Parsing | Extract structured data from uploaded CVs and resumes. | NLP/LLM pipeline, format variance (PDF / Word / scans), Arabic CV handling, confidence scoring. |
| 04 | Internal Workforce Data Ingestion | Pull from HR-adjacent systems — LMS history, performance reviews, certifications. | Per-source connector, transformation logic, conflict resolution between sources. |
Everything the employee or manager actually touches. Each surface is its own design+build workstream.
| # | Module | What it is | Why it’s product-scale |
|---|---|---|---|
| 05 | Welcome Experience | Personalised onboarding, embedded video / podcast, walkthrough, Ask Symphony intro. | Content production, video hosting, personalisation rules, bilingual narration. |
| 06 | Pre-populated Profile UI | Review and edit interface for the AI-generated profile. | Diff-vs-AI-suggestion UX, conflict resolution, audit trail of edits, bilingual fields. |
| 07 | Assessment Surface | ~20-min self-assessment across Skills, Generic Attributes, Behavioural Competencies. | Survey engine, progress tracking, autosave, branching logic, mobile-first responsive, bilingual instrument with RTL. |
| 08 | Evidence Upload UX | Attach evidence (project refs, peer validation, certifications) for ratings ≥ 80%. | File upload, peer-validation request flow, certification verification, per-employee evidence library. |
| 09 | Manager Review Queue | Manager-facing dashboard of pending assessments with per-capability review. | Queue management, SLA visibility, batch operations, role-context switching. |
| 10 | IDP Surface | Individual Development Plan generation and presentation. | Goal tracking, deadline management, manager-approval gate, progress visualisation. |
| 11 | My Academy Surface | Personalised learning recommendations from integrated providers. | Provider-agnostic course display, deep-linking, progress sync, bilingual UX. |
From p. 7 of the Blueprint. Each one is a distinct ML product with its own data, prompts, evaluation, and guardrails.
| # | Module | What it is | Why it’s product-scale |
|---|---|---|---|
| 12 | AI Job Description Generator | Drafts and refines role scope from prompts and HR data. | Prompt engineering, in-environment LLM, JD-quality evaluation, refinement UX, bilingual output. |
| 13 | AI Role Mapping | Maps employees to SFIA capabilities and proficiency targets. | Embedding model on SFIA taxonomy, similarity scoring, confidence handling, RAG over framework. |
| 14 | AI Gap Ranking | Impact-weighted composite ranking of gaps. | Multi-input scoring function (criticality × contribution × strategic flag), tunable weights, explainability for managers. |
| 15 | AI Next-Best-Action | Recommends specific learning and IDP actions per gap. | Catalog ranking across three providers plus internal, gap-to-action mapping, 70/20/10 heuristic, freshness. |
| 16 | Ask Symphony Agent | Conversational layer over employee’s profile, assessment, IDP. | RAG retrieval index, conversation state, safety / PII guardrails, bilingual conversation. |
The scoring, framework, and assessment engines — plus the API contract that lets the experience layer talk to them.
| # | Module | What it is | Why it’s product-scale |
|---|---|---|---|
| 17 | Scoring Engine | Weighted composite (50 / 30 / 20), per-capability proficiency, Score publication. | Math accuracy, audit trail, versioning when weights change, replay capability. |
| 18 | Capability Framework Service | Source of truth for SFIA v9 — capabilities, levels 1–7, descriptors. | Framework versioning, capability metadata, taxonomy queries. |
| 19 | Assessment Engine | Survey logic, response storage, state machine (Draft → Submitted → Approved → Returned). | Event-sourced state, idempotency, retry semantics, time-in-state SLAs. |
| 20 | Engine API | The seven endpoints on p. 11 — the contract between experience and engine. | Auth, versioning, error formats, pagination, rate limiting, documentation, UI SDK. |
| 21 | Notification Engine | Triggered emails — manager review, IDP reminders, SLA overdue, status changes. | Template management, bilingual content, delivery tracking, opt-out, queueing. |
Each provider integration is a multi-week project of its own — auth, catalog sync, recommendation calls, completion handling, error states.
| # | Module | What it is | Why it’s product-scale |
|---|---|---|---|
| 22 | Coursera Integration | Course recommendation plus completion sync. | OAuth, catalog ingestion, recommendation API, completion webhook, license / seat management. |
| 23 | Pluralsight Integration | Same shape for Pluralsight. | Same shape, different API and contract terms. |
| 24 | Udemy Integration | Same shape for Udemy. | Same shape, different API and contract terms. |
The non-functional substrate that earns the “production-grade” label in the Vision doc. None of these are negotiable for a licensed deployment inside the DGE environment.
| # | Module | What it is | Why it’s product-scale |
|---|---|---|---|
| 25 | Identity & SSO | Integration with DGE identity provider, SSO, MFA. | SAML / OIDC negotiation, token handling, session lifecycle, MFA enforcement for elevated roles. |
| 26 | RBAC System | Five-role permission model enforced at the engine API layer. | Role definitions, scope-based access, n ≥ 5 suppression for executive aggregates, anti-tampering. |
| 27 | Audit Logging | Every action logged, audit trail UI for HR, retention ≥ 2 years. | Append-only store, query UI, retention / archival, AI-use logging. |
| 28 | i18n Framework + RTL System | All UI strings, survey instrument, IDP content, emails, admin docs in EN and AR. | Translation management, RTL CSS framework, Arabic typography (numerals, dates, names), translator workflow. |
| 29 | Sovereign Hosting | Deployment inside the DGE environment, in-country UAE. | Infrastructure design, deployment pipeline, hosting agreements, data residency enforcement. |
| 30 | 99.9% SLA Architecture | High availability, multi-AZ, auto-failover. | Load balancing, DB replication, monitoring, runbooks, SLA reporting. |
| 31 | Disaster Recovery | RPO ≤ 1 hour, RTO ≤ 4 hours, documented runbook, quarterly tests. | Backup strategy, restoration tooling, regular DR drills. |
| 32 | Performance Engineering | Hit the budgets — 1.5s p95 load, 3s submission, 5s IDP gen. | Caching strategy, query optimisation, load testing rig, p95 monitoring. |
| 33 | Observability Stack | Logging, metrics, traces, alerting. | APM, log aggregation, SLA dashboard, on-call rotation. |
| 34 | Admin Console | Platform config, integration management, role assignment, audit log access. | Self-service for HR / Admin, no engineer-in-the-loop for daily ops. |
External audits with their own timelines, independent of the build. None of these can be compressed by adding engineers.
| # | Module | What it is | Why it’s product-scale |
|---|---|---|---|
| 35 | WCAG 2.1 AA Conformance | Audit and remediation across both experiences. | 2–4 week external audit, remediation cycles, conformance statement. |
| 36 | Third-party Pen Test | Security assessment, remediation, sign-off. | 4–8 week external engagement minimum. |
| 37 | UAE PDP Compliance | UAE Federal Decree-Law No. 45 of 2021, Abu Dhabi data-classification standards. | Privacy impact assessment, processing register, consent flows, breach notification process. |
| 38 | Encryption / Key Management | At-rest, in-transit, customer-managed keys where required. | KMS integration, key rotation policy, audit trail. |
Translation and content production are usually the schedule risks nobody books for. Worth surfacing now.
| # | Module | What it is | Why it’s product-scale |
|---|---|---|---|
| 39 | SFIA Translation (EN → AR) | ~150 skills × 7 levels × 4 axes — thousands of strings. | Government-grade Arabic, terminology consistency, SME review, sign-off. |
| 40 | Onboarding Video / Podcast | Welcome experience media. | Bilingual scripts, production, hosting, captions, accessibility. |
| 41 | Manager Training Content | Materials to train managers on the rubric and review workflow. | Rubric explainer, scoring guidance, evidence assessment, bilingual. |
| 42 | System Admin Documentation | Reference materials for ongoing operation. | Runbooks, troubleshooting, escalation paths, bilingual. |
Forty-two modules, grouped into nine team-owned product clusters. The right-hand column is a realistic team size for a credible 15 June production launch.
| # | Product Cluster | Modules | Realistic team size |
|---|---|---|---|
| 01 | Profile & Onboarding | 01, 02, 03, 04, 05, 06 | 1 PM + 3–4 engineers + content / data |
| 02 | Assessment & Evidence | 07, 08, 19 | 1 PM + 2–3 engineers |
| 03 | Manager Workflow | 09, 17, 21 | 1 PM + 2 engineers |
| 04 | IDP & Learning | 10, 11, 22, 23, 24 | 1 PM + 3 engineers + integrations |
| 05 | AI Surfaces | 12, 13, 14, 15, 16 | 1 PM + 3 ML/AI engineers + ops |
| 06 | Backend Engine | 17, 18, 19, 20 | 1 PM + 3–4 engineers |
| 07 | Platform Foundation | 25–34 | 1 EM + 4–5 platform engineers |
| 08 | Compliance | 35, 36, 37, 38 | 1 compliance lead + external auditors |
| 09 | Content / Localisation | 39, 40, 41, 42 | 1 content lead + translators + producers |
Three honest brackets when assessing whether a small team can ship a complex platform. The picture below cuts across all three, applied to the confirmed reality of what exists today.
| Bracket | The status, confirmed | |
|---|---|---|
| A | What’s already built & reusable | Per what you’ve shared: SkillsTX FUSION TX (the assessment engine), the Lovable prototype (visual design system, 52 components, exec dashboard chrome — not production-grade), and the Symphony visual language. Nothing else. No EMEA build team. No prior Symphony codebase. No reusable scoring or framework engine. |
| B | What’s integration-bounded | Schedules set by external parties that cannot be compressed by adding engineers: third-party pen test (4–8 weeks), WCAG audit (2–4 weeks), DGE HR integration window, SkillsTX API contract and sandbox access, Arabic translation workflow, sovereign hosting inside the DGE environment. Each runs on someone else’s calendar. |
| C | What’s coordination-bounded | Work that scales sub-linearly with team size: distributed delivery across ESPER + Kyndryl (HUMAIN-committed, not DGE) + DGE in three time zones; 30–40% throughput loss in the first month before working norms settle; cross-discipline handoffs; manager UAT cycle. Adding people would slow this down, not speed it up. |
This is why Section 13 is framed as the only buildable scope, not a negotiation starting position. The arithmetic doesn’t shift based on confidence — but I want this to land for both of us. Hold this scope and 15 June ships clean; widen it and the date moves.
Before I’d commit to the MVP scope, I needed to know what SkillsTX actually exposes and what
of the Lovable build is reusable. Done. The summary below is from a live walk on 12 May
(see Client Material/skillsTX-mobile-app-feasibility.md) and a code audit of
richandfancy/remix-of-symphony-ai-insights. Three findings tightened the picture
meaningfully.
| Finding | What it changes for the MVP | |
|---|---|---|
| A | SkillsTX public API — concrete and scoped | 40 endpoints across 7 clusters (account · jobs/roles · evidence · actions · relationships · badges · bulk SFTP). OAuth2 client-credentials, JWT bearer. The integration adapter (N1) is sized: ~5–7 endpoints to wrap, not a multi-week exploration. |
| B | Magic-link is a working escape hatch | GET /v1/account/{key}/link generates a deep-link that drops a user into the SkillsTX self-assessment UI authenticated as themselves. Module 07 doesn’t need to rebuild the rating screens. Native shell + embedded SkillsTX rating step (“Option A”) is feasible today. |
| C | Arabic + RTL: SkillsTX already shipped it | An undocumented internal API (observed live) exposes /api/contents/{lang} returning 13,504 fully-translated SFIA items in Arabic with inline RTL. /api/jobs/rolebasedsurveyjobs returns the 40 named roles. /api/languages confirms Arabic as a first-class option. Module 28 collapses from “translate the SFIA framework” to “translate ~100 UI strings.” Role taxonomy is fetchable, not hand-built. |
| D | Lovable repo — partial reuse confirmed | 52 Symphony visualisation components (HeroKpi, KpiTile, SkillHeatmap, GapList, RadarChart, ProgressRing, etc.) plus design-system tokens. React 18 + Tailwind 3.4 in the repo; our prototype is React 19 + Tailwind 4 — ~30–50% portable with light work. Cuts the Executive Overview (N2) build by roughly half. Design tokens and visual chrome carry over cleanly. |
Direct ask to Paul Collins / Prem Singh (named in the proposal team). Both can be answered in one email.
/api/companies/brandinglogo suggests per-tenant theming is supported — needs explicit confirmation for the survey screens./api/companies and /api/lors returning 401 (not 404) confirm the higher-privilege tier exists. If granted, “Option B” opens up — full native UI on SkillsTX’s content endpoints, no embedded SkillsTX chrome at all.If both answers come back “yes” — we ship Option B (full native, no embedded chrome). If only the first — we ship Option A (native shell + embedded rating screens). Either way, the MVP in Section 13 holds. The Pre-Flight Check confirms we’re building on something real, not guessing.
Forty-two modules is the maximalist read. Below is what I’d commit to shipping by 15 June with the team that actually exists. The framing is deliberately narrow — under-promise, over-deliver. Hold this line and 15 June lands clean; widen it and the date moves.
Six modules from the larger list plus two new ones — sized for the €12k UX engagement plus a focused integration effort on the engineering side.
| # | Module | In what form for 15 June |
|---|---|---|
| 07 | Assessment Surface | Native mobile-first shell wrapping the SkillsTX assessment flow via magic-link (Option A, verified feasible). Symphony-branded intro, progress, and return-to-app moments; SkillsTX’s own screens for the actual rating step. Upgrades to full native (Option B) if partner-tier API confirmed. |
| 10 | Report Screen | Native render of the job-match payload from GET /v1/account/{key}/job/{jobType} — same data SkillsTX returns, redesigned mobile-first with clean radial chart, plain-language gap statements, and a single “next step” CTA. PDF download as a stretch. |
| 09 | Manager Review Queue | Native list driven by GET /v1/account/{key}/relationships/employee + per-report job-match fetch. Acknowledge or comment per direct report. No per-capability rubric in v1. |
| 25 | Identity & SSO | Pilot-level. DGE SSO if available before launch; magic-link invitations as fallback. No MFA in v1. |
| 26 | RBAC — Three Roles | Employee · Manager · Executive. No n ≥ 5 suppression for the pilot — the exec view is anonymised by aggregation only. |
| 28 | i18n + RTL (UI only) | ~100 UI strings translated to Arabic with RTL layout. Confirmed pre-flight: SkillsTX returns the 13,504-item Arabic SFIA content pack natively, so the framework itself is not in our translation scope. |
| N1 | SkillsTX Integration Adapter (BFF) | Cloudflare Workers + Hono BFF holding the SkillsTX client_secret. Wraps ~5–7 endpoints (account, job/list, job-match, evidence, relationships, magic-link), handles return-to-app deep-link. Engineering work, not UX — sits outside the €12k UX scope. Estimated effort: 5–7 days with AI-augmented build (Claude Code / Cursor agents on a tight TS codebase). |
| N2 | Executive Overview Screen | Single workforce view: completion %, headline top-N gaps, segmentation by role/department. Aggregation pattern: nightly batch via 150 × GET /v1/account/{key}/job/{jobType} calls cached in the BFF. ~30–50% of the chrome reusable from the Lovable repo (HeroKpi, KpiTile, SkillHeatmap, GapList). |
Real Blueprint capabilities — deferred to a Phase 2 conversation, not cancelled.
| # | Category | Deferred because |
|---|---|---|
| 01–04 | Data ingestion | Use a simple CSV upload of the 150 cohort. HR, LinkedIn, CV parsing all deferred — integration windows alone exceed our 25 days. |
| 05, 06 | Welcome video + AI profile setup | Minimal intro screen; employee fills basic info inline if needed. No video production, no AI JD generator at pilot stage. |
| 11, 22–24 | Learning provider integrations | Show SkillsTX’s native recommendations as links; no Coursera / Pluralsight / Udemy API integration in v1. |
| 12–16 | The five AI surfaces | Use SkillsTX’s built-in scoring, mapping, and recommendation logic. Don’t build parallel AI surfaces yet. |
| 17–20 | Custom backend engine | SkillsTX is the engine. We don’t build a parallel scoring service, capability framework, or assessment engine for the pilot. |
| 21 | Notification Engine | Pilot-level email triggers only — assessment invite, completion confirm. No templated bilingual messaging system. |
| 27, 29–34 | Platform foundation (full posture) | Pilot-level audit logging, hosting, SLA, DR, performance, observability, admin console. Formalised post-launch as the cohort scales. |
| 35–38 | Compliance & encryption | Pilot PIA and statement-of-conformance. Formal WCAG audit and third-party pen test booked for post-launch (4–8 week windows). |
| 39–42 | Content production | SkillsTX likely provides Arabic SFIA already. Short written guides for manager training; no video. |
Seven screens that walk the full pilot flow — employee onboarding through to the executive view. Symphony brand palette (dark green · antique gold · teal), Lovable design system. Scroll horizontally.
Swipe through
These mockups visualise the eight modules in Section 13 in their composed form. Every screen renders against real data flowing through the SkillsTX adapter (N1). The dark executive view (07) borrows its visualisation chrome from the existing Lovable repo — not built from scratch.
Brendan — I’ll commit to shipping the eight modules in Section 13 by 15 June. The scope is tight on purpose. Under-promising is how I win, and how DGE gets a working pilot rather than a half-finished one. I’d rather over-deliver against this scope than miss a wider one.
Two things I need from you to hold the date: which of the eight modules are firm (what you don’t want to lose at the pilot stage), and how we staff the adapter work (N1). The adapter is engineering, not UX, and sits outside the €12k scope. Three options: expand the engagement, find a Kyndryl resource on the DGE side, or sequence it as a separate phase. Your call — but I’d want to know by end of this week to hold 15 June with any confidence.