prompt-pack-legal-technology-rfp
Rating is derived from the repo's GitHub stars and shown for reference.
network_access
name: prompt-pack-legal-technology-rfp
description: Use when a legal department or law firm is issuing a request for proposal (RFP) for a legal technology solution such as a contract management system, e-billing platform, matter management system, or legal research tool. Produces a structured RFP covering functional and technical requirements, security standards, integration needs, evaluation criteria, and pricing. Applicable to corporate legal departments and law firms of all sizes.
license: MIT
metadata:
id: prompt-pack.legal-technology-rfp
category: prompt-pack
practice_area: legal-ops-billing
priority: P2
intent: [drafting, legal-technology-rfp]
related:
- prompt-pack-outside-counsel-guidelines
- prompt-pack-legal-department-kpi-dashboard
- prompt-pack-legal-budget-forecast
- prompt-pack-master-services-agreement
source: Louis — HAQQ Legal AI (github.com/sboghossian/mini-claude-for-legal)
version: "1.0"
Legal Technology RFP
When to use this
Use this skill to draft a formal request for proposal for a legal technology product or service. The RFP structures the selection process, ensures vendors address the department's specific requirements, and creates a documented basis for the final vendor selection decision.
Triggers:
- "We need to select a contract lifecycle management system — draft us an RFP."
- "Issue an RFP for an e-billing platform."
- "We're buying a matter management system — what should the RFP cover?"
- "We need a legal research platform for our regional offices in the UAE and KSA."
Required inputs
| Input | Why it matters | Default |
|---|---|---|
| Technology category | Scopes the functional requirements (CLM, e-billing, matter management, legal research, e-discovery, AI legal assistant) | Ask user |
| Company name and department | Names the RFP and contextualizes the requirements | Ask user |
| Current systems / integrations needed | Determines technical compatibility requirements | Ask user |
| Timeline for selection and deployment | Enables vendors to plan response and implementation | Ask user |
| User base size | Affects pricing; enterprise vs mid-market requirements | Ask user |
Optional inputs
- Budget range (including for RFP anonymity — many organizations do not disclose budget in RFP)
- Geographic scope of deployment (single-country vs multi-region — important for MENA multi-language requirements)
- Data residency requirements (sensitive for government-linked entities in UAE/KSA with local data residency obligations)
- Existing vendor relationships to preserve or eliminate
- Diversity / ESG requirements for vendors
RFP structure
Section 1: Introduction and Background
- Brief description of the issuing organization and legal department
- Purpose of the RFP: selecting a [solution type] to support [business objectives]
- Current-state description: existing tools, pain points, reason for change
- Timeline: RFP issue date, questions deadline, response deadline, shortlist announcement, demonstrations, final selection
Section 2: RFP Process
- Submission instructions (format, file type, contact details)
- Confidentiality: vendor responses treated as confidential
- Reservation of rights: company may reject any or all proposals, negotiate with multiple vendors, request additional information
- Conflict of interest disclosure requirement
Section 3: Functional Requirements
List requirements by priority: Required (must-have) vs Preferred (nice-to-have).
For a Contract Lifecycle Management (CLM) system, example requirements:
| Req. ID | Requirement | Priority | Vendor response (Meets / Partial / Does not meet) |
|---|---|---|---|
| F01 | Self-service contract request intake by business users | Required | |
| F02 | AI-assisted contract drafting from approved templates | Required | |
| F03 | Clause library with pre-approved alternative positions | Required | |
| F04 | Automated routing for approval workflows | Required | |
| F05 | E-signature integration | Required | |
| F06 | Contract repository with full-text search | Required | |
| F07 | Obligation tracking and deadline alerts | Required | |
| F08 | Reporting: contract volume, cycle time, risk profile | Preferred | |
| F09 | Multilingual interface (Arabic / English) | Required for MENA deployment | |
| F10 | Support for Arabic right-to-left text in contracts | Required for MENA deployment |
Adapt the requirements table to the specific technology category (e-billing, matter management, AI assistant, etc.).
Section 4: Technical Requirements
| Req. ID | Requirement | Priority |
|---|---|---|
| T01 | Cloud-hosted (SaaS) with [SOC 2 Type II / ISO 27001] certification | Required |
| T02 | Single sign-on (SSO) via [SAML 2.0 / OAuth 2.0] | Required |
| T03 | API availability for integration with [ERP / HRIS / existing tools] | Required |
| T04 | Mobile application (iOS and Android) | Preferred |
| T05 | Data export in standard formats (CSV, JSON, PDF) | Required |
| T06 | Uptime SLA ≥ 99.5% | Required |
| T07 | Data residency: option to host data in [UAE / GCC / EU / US] region | Required / Preferred |
| T08 | Multi-tenant or dedicated instance | Specify per company requirement |
Section 5: Security and Data Protection
- Data encryption in transit and at rest (AES-256 standard or equivalent)
- Access control: role-based permissions; principle of least privilege
- Audit logs: full activity logging, exportable for compliance review
- Data retention and deletion policies
- Penetration testing: frequency and most recent report availability
- Compliance: GDPR, UAE Personal Data Protection Law, KSA PDPL compliance confirmation
- Incident response: defined SLA for notification of data breaches
Section 6: Integration Requirements
List all systems the solution must integrate with:
- ERP (SAP, Oracle, etc.)
- HRIS (Workday, SAP SuccessFactors)
- E-signature (DocuSign, Adobe Sign, or local alternatives)
- E-billing platform (if separate)
- Document management (SharePoint, NetDocuments)
- Identity provider (Azure AD, Okta)
Section 7: Implementation and Support
- Implementation timeline: expected go-live date and milestone schedule
- Implementation methodology: vendor-led vs customer-led; professional services available?
- Training: type (live, on-demand, documentation) and scope
- Support model: SLA for support tickets (P1 critical, P2 major, P3 minor); named account manager?
- Maintenance windows and patch notification process
- Roadmap visibility: how does vendor share upcoming feature releases?
Section 8: Pricing
Request:
- Per-seat / per-user pricing model with volume tiers
- Module pricing if the solution is modular
- Implementation and professional services costs
- Annual maintenance and support fees
- Multi-year pricing options (3-year commitment discount)
- Payment terms
Do not disclose the company's budget in the RFP; allow vendors to propose pricing based on requirements.
Section 9: Evaluation Criteria
| Criterion | Weight |
|---|---|
| Functional fit to requirements | 30% |
| Technical architecture and security | 20% |
| Vendor stability and references | 15% |
| Implementation plan and timeline | 15% |
| Total cost of ownership (3 years) | 15% |
| MENA / Arabic language support | 5% |
Section 10: Vendor Information Required
- Company overview, ownership, financial stability, years in operation
- Client references: 3 clients of similar size and in similar industry
- Current client count and retention rate
- Subcontractors / hosting providers
- Litigation and regulatory proceedings (if any)
MENA-specific requirements to include
- Arabic language support: full RTL (right-to-left) interface and document support is essential for UAE, KSA, Egypt, Lebanon deployments where Arabic-language contracts must be drafted and managed.
- Data residency: UAE and KSA government-linked entities may be required to store data locally. Confirm whether the vendor can offer UAE or KSA data centers.
- Local customer references: ask for references from existing MENA or GCC clients.
- VAT / e-invoicing compliance: e-billing platforms must support VAT in UAE and KSA (including KSA Phase 2 e-invoicing ZATCA compliance).
Common mistakes
- Issuing an RFP without internal alignment on must-haves: results in conflicting feedback during demos and inability to make a decision.
- Not specifying integration requirements: vendors will assume standard integrations; non-standard integrations discovered post-contract cause cost overruns.
- Omitting data residency and privacy requirements: critical oversight for MENA-region entities subject to local data protection laws.
- Accepting vendor SaaS terms without review: standard SaaS agreements favor vendors; negotiate data ownership, exit rights, and SLAs before signature. Use [[prompt-pack-master-services-agreement]] as a negotiation starting point.
Related skills
- [[prompt-pack-outside-counsel-guidelines]]
- [[prompt-pack-legal-department-kpi-dashboard]]
- [[prompt-pack-legal-budget-forecast]]
- [[prompt-pack-master-services-agreement]]