Source-grounded governance posture
This site is derived from the public Tourism PMU / consultancy RFP and does not claim a live Tourism PMIS, live dashboard, or live destination data feed.
Governance / deployment
This page describes alignment targets and safe deployment posture without claiming a live PMIS, live dashboard, or production certification.
This site is derived from the public Tourism PMU / consultancy RFP and does not claim a live Tourism PMIS, live dashboard, or live destination data feed.
Designed to align with GIGW 3.0 guidance on accessibility, usability, content quality, security, and performance.
Prepared for deployment within state-controlled hosting environments, including MeghRaj-aligned or NIC/NICSI-style cloud setups.
Prepared for security review and VAPT-style assurance workflows that commonly rely on CERT-In empanelled audit capacity.
Security scope
The prototype remains a TOR-derived PMU review site today. A live departmental workflow would require controlled hosting, identity, logging, and review controls.
The current build is a static frontend. The PMIS review pack is simulated from public TOR requirements only. There is no Tourism Department database, no live dashboard feed, and no persistent storage.
For a live deployment, keep the workflow inside a state-controlled hosting environment, align UI and lifecycle practices with GIGW 3.0, and place application infrastructure within NIC / MeghRaj-style hosting arrangements.
Role-based access, audit logs, encryption in transit and at rest, data retention policy, and security review through a CERT-In-aligned audit process should be non-negotiable before any live workflow data is handled.
It should not auto-approve, silently alter official records, pull unrelated departmental data, or send workflow files to external services without explicit government approval and deployment design.