A production-aligned Laravel 12 platform that centralizes ISO 21001 data collection, analytics, and accreditation reporting for Computer System Servicing (CSS) learners at Jose Rizal University. The system combines real-time dashboards, AI-assisted compliance scoring, and privacy-by-design safeguards to support continual improvement cycles.
- Overview
- Features
- Technology Stack
- Architecture
- Installation & Setup
- Configuration
- Usage & Operations
- Development
- Documentation
- Support
This platform provides a comprehensive solution for ISO 21001 compliance management, featuring:
- Survey Management: ISO 21001-aligned survey intake, analytics, and reporting tailored for CSS learners and administrators
- AI-Powered Analytics: AI-assisted compliance scoring via a Flask microservice (
App\Services\FlaskAIClient) with PHP-ML fallback logic - Privacy-First Design: Consent-aware workflow that prevents duplicate submissions and auto-validates prior consent for authenticated students
- Admin Workspace: Live dashboards, QR distribution, indirect metrics ingestion, and export tooling
- Automated Reporting: Weekly and monthly compliance reports, audit trails, and multi-format exports for accreditation evidence
- Consent enforcement and validation
- Data minimization principles
- Indirect metrics support
- Encrypted storage with duplicate-response detection
- Controller:
SurveyController
- Cached dashboards for performance
- Compliance scoring automation
- Data clustering and sentiment analysis
- Keyword extraction
- Controllers/Services:
AnalyticsController,VisualizationService,AIService
- Complete audit trail with
AuditServiceandAuditMiddleware - Consent logging via
ConsentService - Data minimization enforcement
- Automated retention and cleanup with
DataRetentionService
- Scheduled email reports (
MonthlyComplianceReport,WeeklyProgressReport) - QR code batch generation and statistics (
QrCodeService) - Multi-format exports (PDF, Excel)
- Goal tracking and metrics
- Dedicated student authentication flow
- Email verification system
- Admin dashboards with real-time updates
- Session diagnostics
- Legacy HTML prototypes for communication aides
- Framework: Laravel 12, PHP 8.3
- Authentication: Sanctum
- Architecture: Service-layer pattern under
app/Services - PDF Generation: DomPDF
- Excel Export: Laravel Excel
- Email: Resend mail driver
- Templates: Blade views in
resources/views - Styling: Tailwind CSS 4 compiled by Vite 7
- JavaScript: Axios-backed dashboards
- Components: Reusable components in
resources/js
- Database: SQLite (default), MySQL, PostgreSQL support
- Encryption: AES-256 via
EncryptionService - Privacy: Anonymization hashing, consent tracking, retention policies
- AI Service: Flask AI service with circuit breaker (default
FLASK_AI_SERVICE_URL) - Fallback: PHP-ML for local processing
- Queue System: Laravel queue-ready jobs
- Scheduling: Cron-friendly artisan commands
Project-ISO/
├── app/
│ ├── Http/Controllers/ # Entry points for web and API routes
│ ├── Services/ # Business logic and integrations
│ ├── Console/Commands/ # Scheduled tasks and automation
│ ├── Mail/ # Email templates and notifications
│ └── Models/ # Eloquent models
├── database/
│ ├── migrations/ # Database schema evolution
│ └── seeders/ # Default data (AdminSeeder)
├── resources/
│ ├── views/ # Blade templates (admin, student, survey)
│ └── js/ # Frontend JavaScript
├── routes/
│ ├── web.php # Web routes
│ └── api.php # API routes
├── config/ # Configuration files
├── docs/ # Implementation guides and runbooks
└── public/ # Compiled assets and QR downloads
- Controllers:
app/Http/Controllerswith alignedroutes/web.phpandroutes/api.phpdefine student, admin, analytics, AI, and export entry points - Services:
app/Servicesencapsulate analytics, AI integration, caching, consent, data minimization, retention, encryption, and visualization logic - Automation:
app/Console/Commands,app/Mail, andapp/Notificationsautomate weekly aggregation, reporting, diagnostics, and compliance messaging - Database:
database/migrationsanddatabase/seedersmaintain ISO 21001 schema evolution and ship default admin accounts - UI:
resources/viewsand the Vite/Tailwind pipeline deliver the interface;public/hosts compiled assets and QR downloads - Documentation:
docs/holds implementation guides and runbooks, whilehtml/preserves earlier static prototypes for reference
- PHP 8.3+ with Composer
- Database engine (SQLite default; MySQL/PostgreSQL supported)
- Node.js 18+ with npm for asset compilation
- Python 3.10+ (optional, for Flask AI microservice)
- Redis (optional, for cache/queue backends)
-
Clone the repository and install dependencies:
git clone <repository-url> cd Project-ISO composer install npm install
-
Prepare environment variables and application key:
cp .env.example .env php artisan key:generate
-
Configure your database connection in
.envand run migrations:php artisan migrate --seed
Note: The
AdminSeederprovisions default admin account:kwadrateam@gmail.com / Admin@1 -
Compile or watch assets:
npm run build # production bundle npm run dev # Vite dev server with hot reload
-
Launch the application:
php artisan serve
Tip: For an end-to-end local development loop, run
composer devto start PHP, queue listener, Laravel Pail, and Vite concurrently. -
Optional: Configure Flask AI service: Set
FLASK_AI_SERVICE_URL,FLASK_AI_API_KEY, and related toggles in.envto connect to the remote or local Flask AI service.
For deeper setup guidance, see docs/LOCAL_DEVELOPMENT_GUIDE.md.
Key environment variables to configure in .env:
FLASK_AI_SERVICE_URL- Flask AI service endpointFLASK_AI_API_KEY- API key for authenticationAI_*- Additional AI configuration options- Configuration file:
config/ai.php
RESEND_API_KEY- Required for scheduled reports (MonthlyComplianceReport,WeeklyProgressReport)- Mail driver configuration in
config/mail.php
CACHE_DRIVER- Cache backend (file, redis, etc.)SESSION_DRIVER- Session storage driverQUEUE_CONNECTION- Queue backend (sync, redis, database, etc.)CacheServicecentralizes tagged cache usage
- Configuration file:
config/privacy.php - Services enforce encryption, anonymization, consent logging, and retention
- See
docs/DATA_PRIVACY_IMPLEMENTATION.mdfor details
FILESYSTEM_DISK- Storage disk for report delivery and QR storage- DomPDF and Laravel Excel drive export formats
- AI Service: Configure endpoints and circuit breaker options in
.envandconfig/ai.php - Email: Set
RESEND_API_KEYfor scheduled reports - Privacy: Review
config/privacy.phpfor encryption, anonymization, and retention settings - Storage: Configure
FILESYSTEM_DISKfor file storage
The following artisan commands are scheduler-ready and should be added to your cron:
app:aggregate-weekly-metrics- Aggregates weekly metric dataapp:send-weekly-progress-reports- Sends weekly progress reports via emailapp:generate-monthly-reports- Generates monthly compliance reportsdata:retention-cleanup- Enforces data retention policies
Example cron configuration:
* * * * * cd /path-to-project && php artisan schedule:run >> /dev/null 2>&1- QR Code Management:
QrCodeControllersupports batch generation, exports, download, and statistics for survey distribution - Indirect Metrics:
IndirectMetricsControlleringests CSV uploads and manual updates for non-survey metrics - Debug Routes:
/debug-login,/debug-authsurface session diagnostics in non-production environments
Keep analytics responsive by running queue workers:
php artisan queue:workFor cache warming:
php artisan cache:warmupRun the full test suite:
php artisan testFilter by class or method for focused scenarios:
php artisan test --filter SurveyResponseTest
php artisan test tests/Feature/AnalyticsIntegrationTest.phpTest Structure:
- Feature tests:
tests/Feature/- Includes ISO 21001 compliance checks - Unit tests:
tests/Unit/- Service and model tests
Enforce coding standards with Laravel Pint:
./vendor/bin/pintVerify production assets:
npm run build
# or
vite build --mode productionComprehensive documentation is available in the docs/ directory:
docs/iso-21001-system-documentation.md- End-to-end system blueprint and compliance mappingdocs/DATA_PRIVACY_IMPLEMENTATION.md- Encryption, anonymization, consent, and retention playbookdocs/AUDIT_COMPLIANCE_IMPLEMENTATION.md- Audit logging, compliance dashboards, and reporting workflows
docs/LOCAL_DEVELOPMENT_GUIDE.md- Environment provisioning, tooling, and troubleshootingdocs/USER_ADMIN_MANUAL.md- Student and admin journey walkthroughsdocs/qr-code-documentation.md- QR generation, scanning analytics, and remediation tips
docs/DEPLOYMENT_README.md- General deployment guidelinesdocs/cloudways-deployment.md- Cloudways-specific deploymentdocs/fly-deployment.md- Fly.io deployment guide
Revisions.md- Internal change logs and revision history
- Primary Contact: support@kwadrateam.dev
- Internal documentation and change logs:
docs/directory andRevisions.md - Issue tracking and bug reports: Please contact the development team via email
Last Updated: 2025-11-07