Fuel, fleet cards, deliveries, mobility, contracts, and document routing — for the Deputy Chief of Coast Guard Staff for Logistics and every unit it serves, end to end.

The platform
Each module owns one logistics function under CG-4's mandate — sharing one directory, one access model, and one audit trail.
Route, track, and act on CG-4 documents end to end — with deadlines, routing slips, and a full audit trail.
Fuel slip issuance, approval, release, and station-side consumption — QR-verifiable end to end.
POL procurement paperwork: delivery advices, invoices, and disbursement vouchers, reconciled.
Government fleet-card inventory and monthly consumption reporting across every unit and district.
Land-vehicle registry, preventive maintenance, repairs, and monthly inventory for the whole fleet.
Procurement and infrastructure contracts through their full lifecycle, with milestone tracking.
Operations & admin support — activities, meetings, and the command calendar in one place.
Report an issue or request help — a tracked ticket, open to every active user.
What's new
Every change to the platform is logged here as it ships.
Accounts and sign-in, the hierarchical access model, and the module framework — all standing on the new cloud foundation, with an approval wall for new accounts and a full audit trail from day one. Module-by-module release notes will land here next.
Security is the foundation of the platform, not an add-on. The directorate's records and the integrity of its transactions are protected at every layer — on infrastructure trusted by governments and enterprises worldwide.
The underlying cloud network is independently audited to the standards above. The platform itself is engineered to those same controls — encryption, strict access control, and full auditability — and aligns with DICT and Data Privacy Act requirements.
All traffic is served over HTTPS/TLS with automatically-managed certificates; the database and every uploaded file are encrypted at rest. There is no unencrypted path in or out.
Each is protected with PBKDF2-HMAC-SHA-256 — 100,000 iterations, a unique per-user salt — and compared in constant time, the current OWASP-recommended approach.
A random 256-bit token in an HTTP-only, Secure cookie; the server keeps only its SHA-256 hash. Even a full database disclosure cannot reveal a usable session, and accounts revoke instantly.
A hierarchical role model is checked on the server for every single action — never merely hidden in the interface. Deny-by-default: no client is ever trusted.
New accounts start with no permissions and wait behind an approval wall until an administrator explicitly grants them. There is no self-service escalation.
Every consequential action is logged — who did it, what changed before and after, and when — as a permanent, attributable record for command review.
The managed database supports point-in-time recovery to any moment within the retention window, and data is replicated across the provider's global network.
No servers to buy, no software to install, no per-seat licenses. It runs in any modern browser and updates deploy instantly — with no on-premise box to maintain.
Operating on secure, certified cloud infrastructure rather than an unmanaged local server is exactly what DC No. 2017-002 mandates for government agencies. The 2020 amendment adds the guarantees that matter most:
The platform is designed in alignment with the Act and National Privacy Commission principles through four concrete controls:
Questions command asks
A server in one building has no geographic redundancy — hardware failure, power loss, fire, flood, or theft can make its data unrecoverable, and it must be monitored, patched, and physically secured around the clock by staff. The certified cloud replicates data across multiple locations automatically, so no single event causes data loss, and a dedicated security team defends it continuously.
The DICT Cloud First Policy sets a high bar for any on-premise alternative: it must be demonstrably superior in security, features, cost, and deployability at once. Certified cloud infrastructure clears all four — annual independent security audits, managed databases and backups out of the box, a far lower true cost of ownership than procurement-plus-maintenance, and provisioning in minutes rather than the 6–18 months government hardware procurement typically takes.
Only authenticated users with the appropriate role. Every action is tied to a verified account and scoped strictly to what that role requires. The platform uses the cloud only as underlying infrastructure — not as a data processor with visibility into the records — and the Philippine government retains sole control of its own data under the 2020 Cloud First amendment.