Self Directed
Product Designer
Claude + Myself
3 days
Snapshot
A working, deployed prototype of a compliance workspace for an agentic GRC platform, the kind where a fleet of AI agents tests controls, pulls evidence, scores risk, and drafts remediations on the operator's behalf. The product question wasn't "how do we show what the AI is doing" - it was "how do you make autonomous agents legible, accountable, and addressable to someone whose job depends on defending every decision in an audit." I led the design end-to-end, with Claude as build partner.
Core Problem
Compliance officers operate inside a defensibility-first culture - every decision has to be reconstructable years later, in front of an auditor or regulator. Agentic AI breaks that contract by default: the agent is opaque, the work is invisible, the chain of reasoning gets lost. Three product gaps follow:
Legibility gap: Operators can't tell what an agent is doing in real time, or with what evidence. The agents feel unaccountable.
Authority gap: Primary actions assume agent autonomy and skip the operator's input moment, the exact moment that establishes felt control.
Defensibility gap: Agent outputs aren't sourceable. A passing control, a risk score, a drafted answer all arrive without a "why" the operator can surface to an auditor.
If these gaps aren't designed, operators don't adopt the product. They turn off the autonomy and use it as a glorified spreadsheet.
Approach
Strategy
Reframed the design question from transparency to trust. Showing what the AI is doing solves a UI problem; designing for trust solves a product-adoption problem.
Anchored the work in one persona's defense posture: a Head of GRC at a Series-B SaaS company, 90 days from a SOC 2 audit. Every empty state and copy choice was pressure-tested against "would this hold up in front of an auditor?"
Audited adjacent categories - enterprise compliance, AI agent UIs, observability. Compliance reads conservative, agent UIs read noisy. The brief was to keep the conservative spine and let agentic affordances in selectively.
Interaction & Systems
Four structural design decisions shaped the rest of the work.
1 - IA anchored in the operator's existing mental model, not the agent fleet's.
The spine is Frameworks → Controls → Evidence, mirroring how compliance officers already work in their spreadsheets and audit binders. Agents sit as an ambient layer on top. A deliberate move against the obvious "agents-first" structure, because the operator's existing model is the trust scaffold, not the thing to disrupt.
2 - Live activity feed as a first-class dashboard surface, not a notification corner.
"What's happening right now" is the operator's primary anxiety in agentic work, and burying it in a bell would make agents feel unaccountable. Promoted, then paired with a rule: ambient updates can be muted, user-action toasts cannot. The operator never gets punished for their own actions.
3 - Conversation as a first-class affordance for every agent.
Every agent run opens a side panel with two tabs: a forensic Run timeline and an Ask Agent chat. Operators ask "why this score?" or "what evidence am I missing?" in plain language. Chat persists per-agent across close and reopen, so a conversation doesn't vanish when the operator pivots. Conversation became the primary surface for accountability; configuration moved to secondary.
4 - A three-layer disclosure pattern for AI legibility.
Ambient (stat cards, KPIs) → narrated (activity feed in colleague-voice prose) → forensic (run panel with timeline, evidence, chat). Each layer reveals more on demand. The pattern recurs across the product, holding information density without overwhelming.
Execution
Shipped in three days by treating Claude as a junior engineering pair-up. I held the spec, the audit list, and every taste call; Claude held the syntax and the cross-file plumbing.
Iterated in a local sandbox so every micro-decision landed in under a second. Canvas-first tools couldn't keep up with the audit cadence I wanted.
Wrote the system before the components - one icon library at a single weight, a CSS-variable token system for dark and light parity, a written copy voice for agent narration. The rules existed before the files did.
Deployed via CI/CD to a public URL so the work is a clickable link, not a screenshot. Shipping the prototype made me design with deployment constraints in view from the first frame.
Visual Evidence
Live Prototype: https://ghoshanoushka.github.io/compliance_dashboard/
Impact
A working, deployed prototype at a public URL - operators can move through the surface and feel the trust pattern, not just see a static mock.
Established a reusable ambient → narrated → forensic disclosure pattern that generalizes beyond compliance to any agentic product where defensibility matters (legal, audit, healthcare, financial reporting).
Validated that conversation as a first-class affordance for AI legibility is more honest than configuration UIs - it preserves the operator's agency without forcing them to micromanage.
Demonstrated a repeatable working method for designing with AI as a collaborator · the case study is half about the product, half about the practice.