Getting Started

First Steps for Tenant Administrators

After signing up and receiving your Tenant Admin user details, these are the essential first steps required to initialize and configure your organization's workspace:

1

Populate the Employee Database

Compile and upload your active roster. You can download the pre-formatted Excel template, fill it with your team's details, and upload employees in bulk to seed your user directory instantly.

2

Add your Baseline Hazards — Risk Library

Configure your organization's threat posture. Seed the central Risk Library with baseline hazards and exposures specific to your industrial sector and geographic locations.

3

Create Checklist Form Templates

Deploy digital inspections. Use the Dynamic Form Builder or seeded template store to create the custom checksheets, safety logs, and audits for operators to submit in the field.

4

Setup User Roles & Access Controls

Define administrative boundaries. Configure your organizational Roles (such as Safety Rep, Manager, or Clerk) and customize granular access permissions (CRUD toggles) for each.

5

Invite your Operators & Staff

Onboard your personnel. Navigate to User Management to invite users to your tenant directory, assigning them their appropriate operational role for system access.

Offline Performance Pro-Tip
For the best field experience, encourage operators to use the "Add to Home Screen" option on their mobile browser to install Omnisafe as a progressive web application (PWA). Installing the app locally guarantees uninterrupted access to forms and supports robust offline data capture and automated local draft synchronization even without cellular connectivity.

Module 1: Analytics Dashboard & Tenant Config

The Operational Dashboard is the primary landing area. It aggregates checklist completion statistics, critical risk tallies, active employee logs, and safety activity counts in real-time. This layout is fully responsive, resizing for desktop monitors down to mobile field-inspection devices.

https://omnisafe.app/dashboard
Desktop Dashboard
Figure 2.1: Executive desktop workspace view compiling safety metrics and audit scores. πŸ” Expand

Tenant Workspace Configuration

From the Tenant Settings panel, Tenant Administrators can customize workspace metadata, configure business regions, choose currency configurations, choose industrial sectors, and link external document storage databases.

https://omnisafe.app/settings/tenant
Tenant Settings Page
Figure 2.2: Workspace sector, regional, and metadata editor. πŸ” Expand

Platform Usage Metering

The SaaS Usage view provides absolute accountability regarding plan quotas, actively stored document bytes, data transactions, and active user limits.

https://omnisafe.app/settings/usage
Tenant Settings Usage
Figure 2.3: Operational quota, document storage, and ledger usage monitors. πŸ” Expand

Module 2: Roster Management & Granular Access Control

Omnisafe references staff by unique Employee Numbers, which act as the relational backbone of the entire system. Roster records capture identity details, occupied departments, positions, employment statuses, and contact scopes.

https://omnisafe.app/employees
Employee Roster
Figure 3.1: Complete corporate directory roster showing personal IDs and employment stats. πŸ” Expand

Granular Role Management

To safeguard sensitive data, Tenant Administrators configure custom Roles (Manager, Safety Rep, Clerk) and toggle individual **Create, Read, Update, Delete (CRUD)** permissions on a per-page, per-table basis.

https://omnisafe.app/settings/roles
Access Control Management
Figure 3.2: Dynamic CRUD toggles for custom organizational role security. πŸ” Expand

Detailed Employee Profiles

Selecting an employee opens their primary dossier. This displays HR profiles, active contracts, safety training inductions, qualifications, and personal safety equipment records in a unified view.

https://omnisafe.app/employees/EMP206
Arika Profile Detail
Figure 3.3: Detailed employee record compiles training, qualifications, and equipment history. πŸ” Expand

Module 3: Safety File Indexes & Document Vaults

The Safety File Index provides an organized compliance checklist structure. Document uploads (compensation certificates, SARS standings, driving permits, medical clear cards) undergo a rigorous audit verification workflow.

Defining Safety File Index Requirements

From Tenant Settings, administrators define mandatory safety checklists. They establish links, choose required frequencies, and decide target bindings (global vs specific employee).

https://omnisafe.app/settings/safety-index
Safety Index Builder
Figure 4.1: Defining custom requirements for safety and audit files. πŸ” Expand

Linking Index Items to Employees

Administrators can link a requirement directly to an employee record. Users can navigate from the Safety File index to specific vaults and inspect individual qualifications.

https://omnisafe.app/settings/safety-index/detail
Safety Index Detail
Figure 4.2: Linking safety files directly to employee records and compliance vaults. πŸ” Expand

Employee Safety Vaults

Selecting an employee's index opens their personal storage vault. This lists all physical document evidence uploads alongside their validity dates.

https://omnisafe.app/employees/EMP206/vault
Employee Vault
Figure 4.3: Secure PDF upload portal for driver licenses and certifications. πŸ” Expand

Expiry Alert Banners

When a document approaches its expiration date, the system triggers high-visibility warning banners across related managers dashboards, alerting them 30 days in advance.

https://omnisafe.app/alerts/expiry
Expiry Alerts
Figure 4.4: High-visibility warning alert banners for expiring safety credentials. πŸ” Expand

Module 4: Risk Mitigation & Task Tracking

Omnisafe features a Live Risk Register. Rather than entering hazards as static text, inspections link safety occurrences to registered hazards. This gives administrators quantitative data regarding mitigation efficacy.

Live Risk Registry

Identified hazards are compiled in a central directory, mapping out exposure details, department allocations, inherent risk metrics, active controls, and review cycles.

https://omnisafe.app/risks/register
Live Risk Register
Figure 5.1: Central Risk ledger detailing active block exposures and threat levels. πŸ” Expand

Corrective Task Assignments

When a hazard is logged during an assessment, safety reps assign immediate corrective tasks to site supervisors. Tasks display due dates, progress states, and action owners.

https://omnisafe.app/risks/tasks
Mitigation Tasks
Figure 5.2: Monitoring safety mitigations, assignments, and resolution states. πŸ” Expand

Module 5: Auditing & Site Inspections

Compliance audits (e.g., ISO 45001, GlobalG.A.P., SANS standards) are essential to verify that safety programs are functioning effectively. The Auditing & Site Inspections Module allows tenants to schedule safety walkthroughs, track assessor routes, calculate quantitative compliance scores, and automatically generate corrective action tasks (CAPAs) for failed checklist sections.

Audit Scheduling & Planner

Located at /pages/AuditScheduler.tsx, the scheduler allows safety officers and managers to plan recurring audit sweeps (Daily, Weekly, Monthly, or Annually). Parameters include: Target Site/Location, Assessor (Employee ID), Audit Template, and Due Date. Scheduled events display on the assessor's dashboard calendar.

Quantitative Compliance Calculations

Completed walkthrough records (AuditRecordView.tsx) calculate quantitative compliance scores automatically:

Compliance Score = (Passed Items / Total Applicable Items) * 100

Items marked "Not Applicable" are automatically excluded from the calculation, protecting assessors from skewed audits.

Walkthrough Execution & Signature Gating

Assessors complete OHS checklists on-site via mobile web or PWA. Each item accepts a Yes/No/NA answer, custom notes, and multiple photos. Audits require a digital signature from the site representative at the conclusion of the walkthrough.

Corrective Actions (CAPAs) Integration

When a critical compliance check is marked "Failed", the checklist engine automatically spawns a corresponding MitigationTask assigned to the site supervisor. These tasks remain linked to the historical Audit Record for full regulatory audit traceability.

Module 6: Quick Finding Recorder (AI-Powered)

The Quick Finding Recorder is a mobile-first, friction-reducing tool allowing field personnel to report safety observations on-the-go. Instead of typing long forms, workers simply record a brief audio memo and snap photos of the hazard.

Multimodal AI Ingestion Pipeline

When an observation is captured, the device compresses the images and audio (mono AAC/MP3) to minimize data usage. Once synced, a Cloud Function routes the media to the Gemini Multimodal API, which transcribes the audio, analyzes the images, matches findings to the Hazard Library, and determines hazard severity (Low to Critical).

Human-in-the-Loop Approval Inbox

Observation drafts are stored in the Form Records database under the "Safety Findings" template with a Pending Action status. QHSE Managers review drafts, edit details, approve tasks, and finalize records before they log as active action items.

Subscription Gating
Access to this AI-powered module is gated by the tenant's subscription. The system checks the quick-finding-recorder flag in Firestore's enabledModules array before displaying UI buttons or processing backend payloads.

Module 7: Omnichannel WhatsApp Hub Configuration & Data Flows

The WhatsApp Hub shifts regulatory compliance from passive document tracking to proactive field engagement. Given the South African landscape, this channel bypasses connectivity and hardware barriers by enabling workers to use cheap WhatsApp social bundles to interact with the app.

7.1 Conversational Field-to-Form Ingestion

Field personnel can execute mandatory OHS checks, log hazards, and submit photo evidence directly through conversational prompts. Data parsing layers extract text fields, process image attachments, and write SQL entries to the database automatically.

7.2 On-Demand OHS Guidance

Workers can query the system via WhatsApp text message commands to fetch safety instructions, standard operating procedures, or regulatory guidelines on-demand, getting instant answers without loading heavy pages.

7.3 Automated Campaign Scheduling (Toolbox Talks)

The automatedCampaignScheduler routine polls the database daily, selects the oldest inactive toolbox talk briefing from the library, and broadcasts it to the targeted workforce group, pushing safety topics directly to employee chat streams.

7.4 Task Management via WhatsApp

Supervisors receive automated WhatsApp alerts when tasks are assigned to them. They can view details, update progress states, upload completion photo evidence, and close out tasks straight through conversational messages.

Module 8: Cognitive AI Auditing & Training Systems Architecture

8.1 The 15-Layer Hybrid Compliance Router

Omnisafe guarantees corporate security while containing token expenditure by routing tenant files across four computational families:

  • Deterministic Algorithmic Auditing (Zero Token Cost): Validates database signatures, metadata boundaries, and index layouts.
  • Statistical & Temporal Sampling: Evaluates metrics by random selection models to track compliance patterns.
  • Cognitive Multimodal Inspection: Streams files securely to Vertex AI Gemini 1.5 Flash to verify stamps, signatures, and dates.
  • Cross-Referencing: Correlates active workforce profiles with qualification registries.

8.2 AI-Guided Adaptive Training & Fraud Prevention

Our training player represents the future of e-learning. It conducts interactive RAG safety check conversations grounded in corporate policies via WhatsApp or mobile chat. To eliminate compliance fraud, it enforces a strict Voice Authenticity Constraint: trainees must submit a spoken voice recording, which is verified and integrated into their certified Portfolio of Evidence (PoE) PDF.

Module 9: WYSIWYG Form Builder & Checklist Templates

The integrated Form Builder allows Tenant Admins to decommission paper checklists. They can create interactive, compliant digital forms with deep field-validation parameters, conditional visibility, and mandatory digital signatures.

Seeded Templates Store

The Template Store provides a library of pre-configured regulatory checksheets (OHS inspections, forklift pre-uses, incident statements) ready to import into the tenant workspace.

https://omnisafe.app/checklists/store
Form Template Store
Figure 6.1: Importing pre-configured compliance templates into the workspace. πŸ” Expand

Custom Form Builder Design Workspace

The drag-and-drop workspace allows administrators to design form fields, place layout spacers, establish logical branching rules, and customize submission actions.

https://omnisafe.app/checklists/builder/design
Form Builder Design
Figure 6.2: Designing field elements and layouts in the WYSIWYG editor. πŸ” Expand

Rich Input Fields Library

A dynamic form supports diverse input types: numbers with validation limits, checkboxes, signatures, custom lookup selectors, and audio-recording summarizes.

https://omnisafe.app/checklists/builder/fields
Form Fields Catalog
Figure 6.3: Catalog of input fields, data collectors, and design Spacers. πŸ” Expand

Advanced Option Lists Configurations

Dropdown elements can load directly from dynamic tenant Option Sets, linking checklist selections to live database registers.

https://omnisafe.app/checklists/builder/fields/dropdown
Dropdown Field Builder
Figure 6.4: Adding options, placeholder strings, and defaults to dropdown lists. πŸ” Expand

Detailed Controls Directory & Configuration Matrix

The WYSIWYG Form Builder exposes a rich catalog of input fields. Each control supports advanced configuration options and compliance scoring parameters to enforce absolute audit compliance.

Control Type Primary Use Cases Advanced Configuration Options Scoring & Compliance Weight
Layout Elements
Section Header Organizes complex forms into distinct structural steps, sections, or categories. Custom header typography styles, collapsibility settings, descriptive optional subtext. Neutral
Structure only; has no scoring weight.
Rich Text (Static) Displays inline operating instructions, terms and conditions, safety rules, or legal warnings. Full Markdown and rich HTML rendering, text alignments, embedding static hyperlinked resources. Neutral
Static read-only context block.
Repeater Section Sub-tables or looped inputs (e.g. logging crew member details or multiple equipment checklist statuses). Dynamic row generation (add/remove items), strict minimum and maximum loop limits, child field nesting permissions. Neutral *
Propagates compliance scoring of nested child controls.
Inputs
Text (Short) Serials, license numbers, tags, or quick employee names. Regex validation patterns (e.g. custom permit formatting constraints), character length boundaries, placeholders. Neutral
Holds raw alphanumeric text data.
Text (Long) Narrative summaries of occurrences, detail investigations, and corrective justifications. Paragraph spacing settings, minimal length boundaries, and text auto-expand heights. Neutral
Holds qualitative context summaries.
Date Safety induction dates, validity certificates, incident calendar logging. Restricted date limits (past only / future only / specific ranges), timezone stamps, preset default dates. Neutral
Tracks compliance and expiry calendar timelines.
Time Checking shift times, logging emergency events, or equipment checklist tracking. Time limits (e.g. within operational window), 12/24 hour display modes, current time prefill defaults. Neutral
Tracks chronological sequence order.
Yes / No / N/A Binary checklist inspections (e.g. "Is the backup generator clear?"). Pass/Fail score mapping, child fields conditional triggers (e.g. require photo ONLY if "No" is ticked), custom failures alerts. High / Critical
Drives overall compliance scores; "No" can trigger immediate warning states.
Selection
Dropdown (Single) Choosing one value out of a static option catalog list (e.g. Farm Blocks, departments, shifts). Static list seeding, dynamically loaded backend Option Sets, preset options mapping, conditional layout rules. Medium
Can allocate distinct compliance values to specific selection options.
Dropdown (Multi) Selecting all applied options (e.g. indicating which safety gears were verified on team roster). Multi-select parameter bounds (e.g. select at least 2), dynamic option arrays, and tokenized badges display. Medium
Aggregates items checked; score can change with quantity selected.
Lookups
Employee (Single) & (Multi) Assigning single incident owners or identifying multiple crew attendees at a safety toolbox meet. Filters by operational status, specific department exclusions, dynamic user profiles popup links. Neutral
Establishes secure, linked HR roster isolation records.
Hazard (Single) & (Multi) Linking checklist safety violations directly to one or more baseline organizational Risk Library hazards. Filters by risk levels (Critical only), department risk indexes, live linked mitigation progress indicator drawers. Neutral
Allows structural threat tracking and statistical reporting.
Lookup: Custom (Single) & (Multi) Connecting checklist inputs directly to backend databases (e.g. assets tables, chemical registers, vehicles). Dynamic SQL Data Connect queries binding, multi-selector allowances, structural reference properties maps. Neutral
Enables deep relational schema lookup integrations.
Media
File / Photo Upload Submitting on-site incident photos, certificate uploads, physical damage proof. Mandatory live-camera enforcement (blocks loading pre-existing gallery images), custom compression thresholds, barcodes scan limits. Medium
Critical for empirical evidence; can block submission if missing on safety failures.
Signature Binding operator compliance agreements, incident witness sign-offs, supervisor approvals. Embedded GPS coordinates mapping, UNIX datetime stamps hashing, signee user-role alignment checks. High
Enforces absolute legal accountability and audit trial validation.
Voice Recording Hands-free compliance note capture, high-fidelity audio recordings of on-site toolbox briefs. Audio format compression settings, auto-transcription mapping variables, speech language profiles. Neutral
Saves rich voice context metadata alongside checklists.

Pre-Publication Test Sandbox

The **Live Preview Sandbox** allows creators to thoroughly test validation limits, voice summarizing features, and formatting behavior before publishing templates live.

https://omnisafe.app/checklists/builder/preview
Form Preview Page
Figure 6.5: Interactively validating fields and conditional logic in the sandbox. πŸ” Expand

AI Field Mapping Assistant

Omnisafe leverages a secure **AI Assistant** inside the Form Builder. This tool maps custom fields to existing backend data structures, drafts report templates, and suggests field types based on compliance standard prompts.

https://omnisafe.app/checklists/builder/ai-assistant
AI Form Assistant
Figure 6.6: AI Assistant suggesting field configurations and audit compliance mappings. πŸ” Expand

Module 10: Offline Sync Centre & Submission Audits

Field blocks and remote workshops often lack stable cellular connectivity. Omnisafe uses a local **Offline Sync Centre** to manage local drafts in IndexedDB until a network connection is detected, ensuring data integrity.

https://omnisafe.app/sync-center
Sync Centre
Figure 7.1: Offline drafts queue with sync and edit commands. πŸ” Expand
https://omnisafe.app/checklists/records
Submitted Records
Figure 7.2: Submission audit ledger with status indicators and search filters. πŸ” Expand

Submitted Form Detailed Audit View

Selecting a submitted checklist displays the **Detailed Audit View**. This panel presents the raw transactional log, validation checkpoints, uploaded media files, and digital signature records.

https://omnisafe.app/checklists/records/REC305
Record Audit View
Figure 7.3: Detailed compliance logs, field values, and signatures. πŸ” Expand

PDF Report Template Designer

Administrators can format PDF export templates to meet corporate styling guidelines. You can define exact A4 portrait margins, add header logos, place dynamic data tables, and configure signature blocks.

https://omnisafe.app/checklists/builder/report-designer
Report Designer
Figure 7.4: A4 PDF exporter layout builder and margin configurations. πŸ” Expand

The integrated **AI Report Assistant** automates the formatting process, allowing administrators to prompt the builder to structure double-column margins, apply company logo themes, and dynamically map table columns.

https://omnisafe.app/checklists/builder/report-designer/ai-assistant
AI Report Designer
Figure 7.5: Prompting the AI Assistant to inject sections and format custom PDF report layouts. πŸ” Expand

Module 11: Policies & SOP Knowledge Base

The Knowledge Library houses standard operating procedures (SOPs), safety policies, emergency protocols, and regulatory references, linking them to daily on-site safety assessments.

Global Policies, Procedures, Work Instructions etc. Library

This module displays structural induction packets, chemical safety handbooks, first-aid workflows, and legal policy updates.

https://omnisafe.app/knowledge/library
Knowledge Library
Figure 8.1: Directory of safety sheets, operating protocols, and legal updates. πŸ” Expand

SOP Entry Editor

Safety officers enter corporate SOPs using this interface. They can add compliance references, upload PDF copies, and assign mandatory re-induction schedules.

https://omnisafe.app/knowledge/library/new
New SOP Editor
Figure 8.2: Creating compliance articles and uploading documents. πŸ” Expand
https://omnisafe.app/knowledge/library/induction-sop
Sample SOP Detail
Figure 8.3: Fully indexed safety document detailing chemical handling safety protocols and PDF attachments. πŸ” Expand

Module 12: Voice AI Transcriptions & Meeting Notes

Omnisafe includes a **Voice AI Notes** system. This feature converts meeting discussions or field observations into summarizations, actionable checklists, and task registers based on standard compliance prompts.

Recording Compliance Meetings

Supervisors record toolboxes or daily updates directly in the app. The system streams audio to our secure cloud transcription services.

https://omnisafe.app/meetings/record
Record Meeting Page
Figure 9.1: Capturing toolbox meetings and safety sessions in the field. πŸ” Expand

AI-Generated Summaries & Task Registers

Our AI engine analyzes the transcription to generate summaries, action items, assignees, and target dates in the workspace.

https://omnisafe.app/meetings/details/M802/ai-summary
AI Notes Summary
Figure 9.2: AI-generated summaries, transcripts, and mitigation tasks. πŸ” Expand

Module 13: OmniAudit AIβ„’ β€” Automated AI & Hybrid Compliance Auditing

OmniAudit AIβ„’ is the federated auditing brain of the OmniShieldβ„’ Corporate Supervisor Portal. It automates contractor safety file compliance verification across multi-tenant environments. By combining low-cost deterministic database checks with advanced multimodal Generative AI audits (via Vertex AI Gemini 1.5 Flash), the system optimizes speed, security, and computational budgets.

Safety File & Rules Manager

The Safety File Manager combines the index builder, document uploads, and granular audit configurations into a single, cohesive workspace. Safety reps can map rule pipelines directly onto individual index slots. Badges indicate active rules (e.g., green shields for configured rules, gray outlines for none). Smart type-restrictions prevent runaway token budgets by limiting specific checks (e.g., temporal checks for checklists, OCR/completeness checks for employee docs).

https://omnisafe.app/compliance/safety-file
Safety File Manager
Figure 10.1: Centralized rules mapper with smart restrictions and Active Indicators. πŸ” Expand

Audit Scheduler & Task Sync

The Audit Scheduler provides an Outlook-style weekly/monthly calendar to plan automated sweeps and manual compliance tasks. Creating a manual audit generates a matching task in the Tasks system. Once workers complete the task, a Firestore trigger syncs the completion state, compiles an Audit Record with supervisor signatures, and archives legacy records to prevent legacy files from being audited repeatedly.

https://omnisafe.app/compliance/scheduler
Audit Scheduler
Figure 10.2: Unified calendar coordinating automated background scans and manual inspections. πŸ” Expand

Compliance Ledger & Audit Records

The Audit Records dashboard compiles historical execution outcomes, featuring average rating scorecards, active warning/red flag logs, token consumption metrics, and printable A4 PDF summaries. PDF reports feature a server-certified SHA-256 fingerprint hash (preventing tampering) and utilize local storage checks to prevent quota budget exhaustion.

https://omnisafe.app/compliance/records
Audit Records Ledger
Figure 10.3: Historical run ledger detailing average ratings, warnings, and Vertex AI token usage. πŸ” Expand

Federated Compliance & Cascades

Through Omnisafe Linkβ„’, parent corporate tenants define standardized index templates that link/align with contractor workspaces. Rule evaluation follows a strict cascading hierarchy:
1. Contractor-Specific Section Overrides (in corporate space) → 2. Corporate Default Configurations → 3. Contractor's Local Rules.
When scheduled/triggered by a corporate supervisor, Vertex AI and storage billing are routed automatically to the corporate tenant's account, protecting standard contractors from financial penalty.

Decoupled Queue Pattern & Rate Guardrails
OmniAudit AIβ„’ runs asynchronously to prevent execution timeouts. A cron-scheduled dispatcher function (hourlyAuditSchedulerOrchestrator) enqueues pending schedules into a global queue, and isolated workers (processAuditQueueItem) process them individually. Automatic token reservation checks prevent Vertex AI API quota exhaustion by aborting runs gracefully.

The Hybrid Audit Matrix: 17 Core Engines

The engine employs a hybrid execution routing system. Simple database and metadata checks are performed algorithmically (zero-token cost), while visual checks and semantic understanding are delegated to multimodal GenAI.

Category Audit Type Core Execution Model Compute Cost Safety & Business Objective
I. Deterministic Algorithmic Audits (Zero-Token Cost)
Algorithmic Presence Check Document Exist Query Free Verifies a file exists in the target slot. Skips archived files.
Algorithmic Expiry Scan Date metadata vs. Epoch Free Flags expired credentials (e.g. Letter of Good Standing).
Algorithmic Multi-File Completeness Structural index count Free Ensures a package of files is completely uploaded in complex index slots.
Algorithmic Signature Tag Check Database field search Free Confirms existence of digital signatures on native app form submissions.
II. Statistical & Sampling Audits
Statistical Random N-Sampling Fisher-Yates selector + scan Low Audits a random subset of files (e.g. 5) to draw representative scores.
Statistical Risk-Tiered Sampling Outlier filter + 100% check Low Performs 100% auditing on high-risk nodes (e.g. failed forms) and samples others.
Statistical Temporal Completeness Daily calendar record audit Low Verifies cadence requirements (e.g. daily toolbox talk submitted on all active days).
III. Cognitive Multimodal AI Audits (Vertex AI GenAI)
Cognitive AI Seal & Stamp Check Gemini Visual OCR High (AI) Detects official commissioner of oaths stamps or municipal crests.
Cognitive AI ID Reconciliation Gemini OCR + Entity Match High (AI) Ensures credentials belong to the correct profile employee (prevents fraud).
Cognitive AI Semantic Scope Match Gemini Semantic Proximity High (AI) Checks if welding method statement matches high-level weld risk scope.
Cognitive AI Ink Signature Audit Gemini Handwriting Detection High (AI) Detects missing signatures on scanned paper attendance rosters.
Cognitive AI Template Struct Audit Gemini Schema Validation High (AI) Confirms uploaded files strictly follow legal formatting structures (e.g. Annexure 3).
Cognitive AI Fraud Detection Gemini Tampering Analysis High (AI) Visually and structurally analyzes documents to detect digital tampering, forgery, white-outs, or font mismatches.
Cognitive AI Expiry Reconciliation Gemini OCR + Metadata Match High (AI) Reconciles the physical expiry date printed on the document with database metadata (fails if mismatched or missing).
IV. Relational Cross-Referencing Audits
Relational Role-to-Training Sync Multi-collection join query Free Blocks workers from task assignment if role-required qualifications are missing.
Relational Risk-to-Plan Alignment Risk registry vs. index slots Free Checks if active mitigation plans exist for all site-registered high priority hazards.
Relational Employee Completeness 100% Active employee audit Free Verifies that 100% of currently active staff possess non-expired, valid credentials.

Role-Specific User Journeys

Omnisafe uses robust, role-based authorization rules to ensure compliance data isolation. Below is the interactive mapping of operational user roles, expected permissions, and standard workflows.

Tenant Administrator Full Access (Owner)
Target User: Operations Owner, Company SHEQ Executives, IT Leads

The master bootstrapping role with administrative ownership over the entire tenant workspace directory. Responsible for general configuration and legal isolation setup.

Core Daily Journey:

  • Tenant Setup: Creates the workspace and configures sector properties, storage folders, and region properties.
  • Roster Maintenance: Invites employees to join the tenant, assigning dedicated operational roles (Safety Officer, Site Supervisor).
  • Master Seeding: Enters the first batch of Hazards in the Risk Library and populates the employee ledger with correct numbers.
  • Audit Oversight: Oversees records across all modules, correcting formatting issues or removing invalid duplicate entries.
Operations & Block Manager Manager Read/Write
Target User: Farm Manager, Workshop Lead, Production Block Directors

Oversees daily operational efficiency, equipment checklist compliances, hazard occurrences, block safety metrics, and employee rosters.

Core Daily Journey:

  • Status Check: Reviews workspace KPIs, monitoring checklist completion and unresolved safety complaints.
  • Attendance: Logs team attendance on-site, syncing records with individual employee databases.
  • Risk Assessment: Reviews the risk matrix before assigning heavy machinery operators to complex tasks.
  • Leave Administration: Reviews and approves employee leave applications, assigning proxy supervisors.
Safety (SHEQ) Officer Safety Focus Read/Write
Target User: SHEQ Directors, Field Safety Overseers, Risk Consultants

Responsible for daily on-site safety assessments, hazard mitigations, incident logs, corrective actions, and first-aid compliance.

Core Daily Journey:

  • Safety Audits: Conducts daily physical conditions checklists and equipment OHS inspections.
  • Incident Investigations: Files records for any accidents, near misses, or active hazards reported on site.
  • Action Tracking: Allocates corrective procedures to site supervisors, monitoring compliance until resolution.
  • Risk Development: Builds templates in the Hazard Library, mapping residual severity risks for company reference.
HR & Training Coordinator HR Read/Write
Target User: HR Clerks, Competency Managers, Training Directors

Manages employees personal files, competency indices, qualifications certificates, medical clearances, and regulatory training matrices.

Core Daily Journey:

  • Employee Registration: Keeps employee database files current (occupations, IDs, personal records).
  • Training Audits: Enters completed first aid, hazardous chemical licensing, and forklift competency certifications.
  • Medical Tracking: Audits annual physical examinations, flagging upcoming expirations inside specific safety vaults.
Compliance Officer Evidence & Audit Focus
Target User: Corporate Auditors, Client Onboarding Officers, Compliance Planners

Maintains operational audit alignment, global company files, tax standing records, SARS certifications, and liability document uploads.

Core Daily Journey:

  • Vault Organization: Uploads fresh SARS, public liability, and tax status certificates into corporate storage.
  • Audit Preparations: Exports historical checklist sheets and signatures as auditor compliance evidence packs.
  • SOP Checks: Links newly issued government safety mandates directly into the static Knowledge Library.
SaaS Application Administrator Global Platform Superuser
Target User: Omnisafe SaaS Operators, IT Operations Directors, Support Engineers

Global SaaS platform superuser. Operates outside individual tenant contexts, managing the general system framework, support tickets, and performance.

Core Daily Journey:

  • SaaS Status: Monitors global server structures, Data Connect queries, and storage usages.
  • Tenant Onboarding: Bootstraps complex multi-company registrations, managing database boundaries.
  • Support Interventions: Evaluates storage allocations, metadata corruption issues, and query failures.
  • Data Operations: Reviews general platform statistics, confirming all transactional data routes through SQL Connect.

SaaS Onboarding & Subscriptions Billing System

Omnisafe incorporates a secure, package-driven onboarding configurator and billing ledger to manage subscriber entitlements automatically. The architecture bridges regional payment handling with multi-tenant database isolation.

Interactive Workspace Configurator

During sign-up, new tenants use the onboarding configurator to customize active features, user seats, storage quotas, and monthly AI tokens. The system looks up standard unit pricing catalog items in Firestore (/billingConfig/pricing/{packageId}) to render real-time ZAR cost calculations and dynamic invoices.

Paystack Payment Gateway Integration

Transactional security relies on Paystack integration for South African credit card and EFT processing. Paystack checkout sessions redirect users to standard banking secure pathways. Upon transaction completion, a secure webhook delivery engine (functions/src/webhooks.ts) processes transaction tokens, validates payloads, updates the payment state machine, and issues automated PDF invoices.

Multi-Tenant Security & Isolation

Entitlements are strictly isolated at both database and client levels. Firebase dynamic custom claims block unauthorized users. Firestore security rules (firestore.rules) verify the active tenant claim matching the resource path, and Firebase Data Connect PostgreSQL tables enforce dynamic row-level tenant keys.

Entitlement Enforcement Gating

The frontend sidebar navigation checks active modules via the PermissionContext, which maps to the tenant's `enabledModules` array in Firestore (e.g. quick-finding-recorder or whatsapp-hub). If a module is missing or inactive, related entry points are completely hidden.