Persona App (Direction D build)
The chosen IA built out — the app subdivided into five persona seats (Security/Finance/Executive/Engineering/Compliance), with the net-new governance deep pages reachable from the seats that own them. Entry: governance-ia-v1 / persona-partitioned.
Phase 2 — divergent wireframes exploring fixes to the wf1 agent-governance deficits.
Design Specs
Pages
Finance deep page — Agent Spend & Cost: token/$ per agent and per LLM vendor, budget burn + forecast, spend alerts, and team chargeback. Closes Phase 1's biggest gap (no cost dimension in wf1).
Executive deep page — Governance Posture Board: hero governance index + trend, five posture-category bars, open high-risk findings, coverage at-a-glance, and a board-narrative export. Board-legible departure from the operator pages.
Security deep page — Agent Registry: master-detail registry of every agent (owner, model, credential, data-scope, risk) with a live selected-agent profile panel; ungoverned/unowned agents surfaced first.
Security/Engineering deep page — Egress Control Matrix: a 2D allow/deny matrix (agents × destination classes), default-stance control, policy rules, and recently-blocked/uncovered egress.
Security/Compliance deep page — Sensitive-Data → LLM Flow: a data-type → agent → destination flow diagram with the flagged PII-to-unapproved-LLM path highlighted, a flows table, and a detections breakdown.
Executive/Compliance deep page — Risk Register & Board Report: a ranked risk ledger (severity/status/owner/$ exposure) plus a document-style board-report export preview.
Security deep page (reframe of /traffic/requests) — Agent Egress Audit Trail: filterable forensic request log with verdict + sensitive-data columns and a per-request detail panel; defaults to the flagged PII request.
Engineering deep page (reframe of /stacks/adapters) — Enforcement Stacks & Adapters: stack list + ordered enforcement pipeline with per-node allow/block telemetry; the OFF "Require Owner Before Egress" node flagged as a gap.
Engineering deep page (reframe of deployments + qtap) — Sensor Coverage: % of agent egress observed, an environment coverage grid with the data-vpc blind spot, and the sensor fleet list.
Engineering deep page (reframe of availability + performance) — Agent Reliability: per-agent SLO (availability, p95, error rate), latency/error trend charts, and a retry-storm flag that links reliability to spend.
Compliance deep page (reframe of /orgs/settings/views) — Dataset Views & Scoping: least-privilege data scopes, bound agents/people per view, field-level redaction toggles, and an All-access warning.
Compliance deep page (reframe of /orgs/settings/services) — Data Residency & Services: residency/retention posture, data-store inventory with location + what each holds, and a storage-cost link to Finance.