Officer Workspace
Priority Queue prestige.table - span 12 - signed
| Priority | Work | Item | Owner | When | Trace |
|---|---|---|---|---|---|
| unknown | Tenant-scoped APIs | Loading operating-day queue from signed compliance endpoints | SBI Compliance | on page load | /api/v1/officer/dashboard |
Evidence Lineage prestige.detail - span 6 - signed
| Display instructions | verified 2026-06-15.prestige-display.v3 |
|---|---|
| Tenant-scoped data | unknown resolved by browser bootstrap |
| Signed audit chain | unknown required before proof can turn green |
Agent Activity prestige.feed - span 4 - signed
- Display contract loadedctx-swiss-2.0.0
- Tenant bootstrap pending/api/v1/officer/dashboard
Why This Surface learn.why-line - span 12 - content
Prestige renders this operator desk from signed data plus authored display instructions; new capabilities change instructions, not screens.
What To Do Today The shortest path to what is overdue, breaching appetite, awaiting your decision, or due in the next 7 days.
| Priority | What | Item | Owner | When | Trace |
|---|---|---|---|---|---|
| loading today's queue… | |||||
This Week At A Glance Numbers a head of compliance must know before the weekly meeting.
Board Line For This Week Auto-generated from live data.
- loading…
What Is Due Aggregated from monitoring checks, actions, evidence requests, risk reviews.
| When | Item | Owner | Source | Severity |
|---|---|---|---|---|
| loading calendar… | ||||
Why This Surface learn.why-line - span 12 - content
Document intelligence stays evidence-led: extracted facts are shown only with source and processing state.
Document Intelligence Ingested documents, processing state, extracted fields, and Volta semantic-index readiness.
| Title | Type | Status | Semantic index | Expiry | Extracted | Action |
|---|---|---|---|---|---|---|
| loading documents… | ||||||
Why This Surface learn.why-line - span 12 - content
Risk is a territory view because residual exposure must be read against appetite and coverage.
Top Enterprise Risks Highest residual exposure first. Click a row to mark reviewed.
| Code | Title | Owner | Inherent | Residual | Appetite | Next review |
|---|---|---|---|---|---|---|
| loading risks… | ||||||
Why This Surface learn.why-line - span 12 - content
Monitoring is a line view because cadence, status, owner, and evidence must move in sequence.
Compliance Monitoring Program Scheduled checks. Red means overdue or non-compliant.
| Check | Owner | Frequency | Due | Status |
|---|---|---|---|---|
| loading checks… | ||||
Why This Surface learn.why-line - span 12 - content
Evidence lineage is the proof spine; unknown or insufficient evidence cannot render as verified.
Evidence Lineage The proof layer — every claim traces back to a source.
Open the lineage for any risk, action, monitoring check, finding, intake submission, or document to walk this chain end-to-end. The auditor pack bundles the signed audit-chain segment for the period.
| Item | Type | What it is | Trace |
|---|---|---|---|
| loading lineage entry points… | |||
Evidence Sufficiency Verdicts SBI Compliance reads your evidence and flags weak proof before an auditor does.
| Verdict | Why | Open | Source |
|---|---|---|---|
| loading verdicts… | |||
Why This Surface learn.why-line - span 12 - content
Agentic work is surfaced as a decision desk; the model proposes and the human disposes.
Agentic Proposals AI-proposed actions held for human disposition. The model proposes; you approve or reject. Nothing is enacted without your decision, and every proposal carries its citations.
| Action type | Summary | Risk | Citations | Proposed | Decision |
|---|---|---|---|---|---|
| loading proposals… | |||||
Proposals appear here when an AI reasoning surface is enabled and a human review is pending.
Why This Surface learn.why-line - span 12 - content
Regulatory change is a territory view because clauses, controls, impact, and jurisdiction must cross-map.
Regulatory Horizon Tracked regulators and recent clause changes.
| Regulator | Name | Jurisdiction | Type | Status |
|---|---|---|---|---|
| loading regulators… | ||||
Recent Clause Changes
| Regulator | Clause | Change | Impact | When |
|---|---|---|---|---|
| loading clause changes… | ||||
Mapping Candidates Clause → control. Confidence and source shown; no auto-adjudication.
| Clause | Control | Status | Conf. | Action |
|---|---|---|---|---|
| loading mappings… | ||||
Why This Surface learn.why-line - span 12 - content
Critical services are a territory map of dependencies, gaps, and DORA accountability.
Critical Services & DORA Register Critical services and the third-party / system dependencies that support them.
| Service | Function | Criticality | Customer facing | RTO / RPO | ICT | Vendor | Other |
|---|---|---|---|---|---|---|---|
| loading services… | |||||||
Why This Surface learn.why-line - span 12 - content
Assurance is a line view because review, finding, response, and remediation are sequenced work.
Assurance Reviews & Findings Plan → fieldwork → finding → management response → action. Findings link back to actions.
| Code | Title | Severity | Status | Target close | Response by |
|---|---|---|---|---|---|
| loading findings… | |||||
Why This Surface learn.why-line - span 12 - content
Controls and SoA are the core territory cross-map across frameworks, controls, status, and evidence.
Control Library Objectives, owner, type, applicability, implementation. Operator-maintained — not automated-tested.
Runtime lifecycle spine: /api/v1/officer/controls → /api/v1/officer/evidence/assess → /api/v1/officer/controls/:id/review → /api/v1/officer/renewal-docket.
Client operating day spine: officer lifecycle /api/v1/officer/controls; staff PDF evidence capture /api/v1/evidence/capture; auditor portal /api/v1/auditor/me; client trust center /api/v1/trust-center/public/:tenant; cadence and notifier gates.
| Code | Title | Owner | Type | Applicability | Implementation | Next review | |
|---|---|---|---|---|---|---|---|
| loading controls… | |||||||
Statement of Applicability Coverage is derived from the mapped controls and their applicability/implementation — not a score.
Control Exceptions Risk-accepted deviations with approval and expiry.
| Code | Reason | Status | Approved by | Expires |
|---|---|---|---|---|
| loading exceptions… | ||||
Control Monitoring Evidence that controls are checked over time. Runs are operator-recorded and attested — connector-backed only when a connector is actually configured.
| Source / probe | Linked control | Owner | Kind | Config status | Schedule | Last result | |
|---|---|---|---|---|---|---|---|
| loading monitoring sources… | |||||||
Connector Posture Honest configuration state read only from the real connector record — never inferred from environment. Connector execution runs only when a connector is configured.
Connector Sync Durable, hash-attested sync-run records over configured connectors — operator/cadence-triggered with DB-leased dispatch (no daemon). Failed or partial syncs raise remediation actions. The mock provider is gated for proof only, labelled, and never counted as a real provider; real connector execution lands in the connector slices.
| Connector | Trigger | Status | Probes (pass/fail) | Coverage | Finished |
|---|---|---|---|---|---|
| loading connector sync runs… | |||||
Why This Surface learn.why-line - span 12 - content
Policies are lifecycle evidence: draft, approval, publication, review, exception, and attestation.
Policy Register Operator-maintained. A policy publishes only when linked to a published document version. Lifecycle transitions are hash-chained audit events (signed when an active signing key is configured).
| Code | Title | Owner | Category | Status | Effective | Next review | Published doc | |
|---|---|---|---|---|---|---|---|---|
| loading policies… | ||||||||
Policy Exceptions Risk-accepted deviations with approval and expiry; approval requires expiry or decision notes.
| Code | Reason | Status | Approved by | Expires |
|---|---|---|---|---|
| loading exceptions… | ||||
Why This Surface learn.why-line - span 12 - content
Training is not proof by itself: Prestige renders the lesson and quiz, while completion becomes evidence only through a recorded attestation/audit trace.
Training Campaigns Operator/import-managed. A campaign activates only when its linked policies are published, a due date is set, and at least one assignment exists. Transitions are hash-chained audit events (signed when an active signing key is configured).
| Code | Title | Owner | Type | Status | Due | Policy links | |
|---|---|---|---|---|---|---|---|
| loading campaigns… | |||||||
Assignments & Attestations Pending / completed / overdue / waived. Attestation and waivers are operator-recorded; waivers require reason, expiry, and reviewer.
| Assignee | Status | Due | Completed | Attestation | |
|---|---|---|---|---|---|
| select a campaign or load assignments… | |||||
Why This Surface learn.why-line - span 12 - content
Vendor risk is a territory view because third-party proof depends on linked services and dependencies.
Vendor Register Operator/import-managed third-party register. A vendor activates only with a code, an owner, a real risk tier, and at least one same-tenant linked control. Transitions are hash-chained audit events (signed when an active signing key is configured).
| Code | Vendor | Risk tier | Status | Owner | Next review | Control links | |
|---|---|---|---|---|---|---|---|
| loading vendors… | |||||||
DORA Outsourcing Dependencies Critical-service / ICT dependencies from the DORA register, cross-linked to the vendor register where the dependency resolves to a registered vendor.
| Critical service | Dependency | Vendor register link |
|---|---|---|
| loading dependencies… | ||
Why This Surface learn.why-line - span 12 - content
Incident management is a line view because every status transition has gated evidence and clocks.
Incident & Breach Register Operator-maintained. Lifecycle open→investigating→contained→notifying→closed→post-mortem. Notify needs a clock + a notification; close needs clocks completed/waived + remediation done. Operator-set clocks, no auto-classification, no real send.
| Code | Title | Type | Severity | Lifecycle | DORA | Owner | |
|---|---|---|---|---|---|---|---|
| loading incidents… | |||||||
Why This Surface learn.why-line - span 12 - content
Privacy is a territory map of processing, lawful basis, processors, transfers, and assessments.
Processing Activities (ROPA) Purpose, legal basis, processors, recipients, transfers. Transfers recorded, never auto-adjudicated.
| Code | Name | Legal basis | Data categories | Processors | Status |
|---|---|---|---|---|---|
| loading processing activities… | |||||
DPIA / TIA / Transfer Assessments Reviewer-entered decisions; high-risk and remediation drive deterministic actions.
| Code | Title | Kind | State | High risk | Residual | Review by |
|---|---|---|---|---|---|---|
| loading assessments… | ||||||
Why This Surface learn.why-line - span 12 - content
Access review is a line view because certification moves campaign by campaign to decision closure.
Access Review Campaigns Periodic certification of who has access. Progress is real entry-decision counts.
| Code | Name | Scope | Status | Due | Progress |
|---|---|---|---|---|---|
| loading campaigns… | |||||
Why This Surface learn.why-line - span 12 - content
Approvals are a line view because version state changes must stay auditable and ordered.
Document Approvals & Sign-off Versioned approval workflow with required approver counts.
| Title | Version | State | Required | Submitted by | Updated |
|---|---|---|---|---|---|
| loading approvals… | |||||
Why This Surface learn.why-line - span 12 - content
Trust Center is a decision desk; only approved resources and access grants may face clients.
Trust Center Profile The external face of the operating layer. Only approved, published resources are ever exposed.
Published Resources
| Title | Kind | Visibility | Version |
|---|---|---|---|
| loading resources… | |||
Access Requests & Grants
| Requester | Kind | Status | Detail |
|---|---|---|---|
| loading access… | |||
Why This Surface learn.why-line - span 12 - content
Board view compresses the same live data into executive claims and pack links without new facts.
Executive Briefing The board / audit / regulator view — same live data, compressed.
- loading…
Open The Packs Real, signed surfaces — not previews.
Why This Surface learn.why-line - span 12 - content
Actions are line work: source, owner, priority, due date, status, and closure evidence.
Actions Needing An Owner Or Closure Drawn from monitoring failures, risk reviews, incidents, evidence gaps.
| Code | Title | Assignee | Priority | Due | Status |
|---|---|---|---|---|---|
| loading actions… | |||||
Why This Surface learn.why-line - span 12 - content
Registers are territory because entries cluster by source register, status, owner, and escalation.
Registers COI, gifts, fit-and-proper, complaints, breach log. One source of truth.
| Register | Type | Entries | Open | Pending | Owner |
|---|---|---|---|---|---|
| loading registers… | |||||
Authority Inputs & Standards Subscriptions Subscribed standard-setters and regulators feed reviewed alerts before controls change.
| Authority | Cadence | Topics | Permission | Terms | Last poll |
|---|---|---|---|---|---|
| loading authority subscriptions… | |||||
Agent Change Alerts Fetched changes wait for human review before entering controls, clauses, or dockets.
| Alert | Severity | State | Recommended action | When | Review |
|---|---|---|---|---|---|
| loading authority alerts… | |||||
Authority Library Acquired standards and regulator documents visible through the same document spine.
| Document | Authority | Framework | Permission | Indexing | Preview |
|---|---|---|---|---|---|
| loading authority library… | |||||
Framework Clauses Clause previews from seeded/acquired framework libraries.
| Framework | Clause | Title | Criticality |
|---|---|---|---|
| loading framework clauses… | |||
Why This Surface learn.why-line - span 12 - content
Event intake is a desk because new signals must be triaged before they enter the compliance spine.
Unscheduled Event Intake Self-report breach / complaint / HR / error. Routes to actions and registers automatically.
| Code | Summary | Type | Status | Linked to | When |
|---|---|---|---|---|---|
| loading intake submissions… | |||||