OP

Workspace cues

Sections are operational lanes — evidence and approvals bind here once workflow services connect.

Posture signal scenario

Corporate HeadquartersElevated Workplace Violence Risk

Boundary · Corporate HQ campus · executive floors · public lobby · parking structures

Risk · ElevatedAwaiting standards reviewRecords need refresh
In revisionv1.3-revisionSite · Corporate HeadquartersRisk · Elevatedssp-hq-01

Corporate Headquarters · Security Plan Workspace

System boundary: Corporate HQ campus · executive floors · public lobby · parking structures

Owner · Corporate Security · Governance · Updated May 7, 2026, 4:10 PM

← SSP portfolio

Scenario workflow traceability

One easy-to-follow thread: assessment findings → living security plan → readiness event or exercise → playbook steps → standards alignment → short leadership summary.

Linked Assessment

RA-HQ-WV-2026-01

Corporate Headquarters — Workplace Violence Risk Assessment

Status language standardized for demo.

AssessmentReview Required
Readiness insight · Awaiting standards review
Open Assessment

Linked SSP

ssp-hq-01

Corporate Headquarters · Security Plan Workspace

Evidence lockers and section readiness gates.

SSPIn Revision
Readiness insight · Records need refresh
Open SSP

Linked Readiness event

INC-HQ-WV-2026-07

Corporate Headquarters — Workplace Violence Monitoring

Topic under watch with status cadence (placeholder).

Readiness eventMonitoring
Readiness insight · Topic under watch
Open Readiness event

Linked Playbook

pb-wv-response-01

Workplace Violence Response

Checklist + escalation triggers + comms templates.

PlaybookReady
Readiness insight · Ready for approval
Open Playbook

Linked Governance

gov-std-wv-001

Workplace Violence Prevention Standard

Subscription-ready standards + maturity tags.

GovernanceMember access
Readiness insight · Standard vs. site mismatch
Open Governance

Linked Report

RPT-QTR-POSTURE-2026-Q2

Quarterly Security Posture Brief

Board-briefing shell aggregates posture.

ReportIn review
Readiness insight · Executive visibility required
Open Report

Sticky progress · completion gates

Review window open (mock)Evidence partial

Treat this workspace as a live governance surface: draft lanes, confirm evidence anchors, then route to approval.

Linked operational items

Evidence-driven governance ties assessments to control narratives and playbook readiness.

Linked assessment

RA-2025-011

Payments Processing Cell — readiness assessment

Complete
Updated Apr 28, 2026Tier · Moderate
Open in assessments →

Linked assessment

RA-2025-009

Regional distribution center — physical readiness baseline

Draft
Updated Apr 19, 2026Tier pending
Open in assessments →

Linked playbook

pb-ops-disruption-bridge

Operations disruption response bridge

Campus-level continuity event

Ready
Open playbooks workspace →

Linked playbook

pb-vendor-continuity

Critical vendor continuity disruption

Tier-1 facilities services vendor

Exercise
Open playbooks workspace →

Stakeholder-facing posture statement and scope boundaries.

Executive Summary

Section gate90%Traceable

Stakeholder-facing posture statement and scope boundaries. Drafted statements and structured fields bind here. This is intentionally not a document editor — it’s a governance lane with operational evidence anchors.

Evidence locker

Evidence locker · Exec summary

Placeholder binders

Drop artifacts, cross-links, and control citations to make this section attestable.

Facility footprint, mission alignment, and organizational context.

Site Overview

Section gate85%Traceable

Facility footprint, mission alignment, and organizational context. Drafted statements and structured fields bind here. This is intentionally not a document editor — it’s a governance lane with operational evidence anchors.

Evidence locker

Evidence locker · Site

Placeholder binders

Drop artifacts, cross-links, and control citations to make this section attestable.

Mission-critical spaces, services, and dependency registry for the site.

Critical Assets

Section gate72%Traceable

Mission-critical spaces, services, and dependency registry for the site. Drafted statements and structured fields bind here. This is intentionally not a document editor — it’s a governance lane with operational evidence anchors.

Evidence locker

Evidence pointers · Assets

Placeholder binders
  • ev-022 · Critical asset inventory extract

Operational and physical risk themes, regional context, and site-relevant historical signals.

Threat Landscape

Section gate68%Traceable

Operational and physical risk themes, regional context, and site-relevant historical signals. Drafted statements and structured fields bind here. This is intentionally not a document editor — it’s a governance lane with operational evidence anchors.

Evidence locker

Evidence locker · Threats

Placeholder binders

Drop artifacts, cross-links, and control citations to make this section attestable.

Preventive, detective, and corrective measures mapped to architecture.

Security Controls

Section gate80%Traceable

Control narratives and implementation statements reconcile against the mapping matrix. Inheritance, POA&M linkage, and evidence binding are stubbed.

Control mapping matrix

Obligation traceability — authoritative frameworks attach via catalog integration.

ControlCoverage
PL-02
Perimeter & lobby monitoring program
NIST SP 800-171 · 3.1.12
Partial
AC-03
Physical access provisioning & badging
FedRAMP Moderate · AC-3
Full
IR-04
Incident assessment & declaration criteria
ISO 27001:2022 · A.5.26
Planned
CP-10
Alternate processing for continuity
HIPAA · §164.308(a)(7)
Gap

Escalation paths and coordination loops with security, facilities, and crisis partners.

Incident Procedures

Section gate65%Traceable

This lane is operational by design — incident bridges and communications must align to playbook readiness and governance thresholds.

Linked playbook

pb-ops-disruption-bridge

Operations disruption response bridge

Campus-level continuity event

Ready
Open playbooks workspace →

Linked playbook

pb-vendor-continuity

Critical vendor continuity disruption

Tier-1 facilities services vendor

Exercise
Open playbooks workspace →

Continuity, restoration priorities, and alternate processing paths.

Recovery Procedures

Section gate55%Traceable

Continuity, restoration priorities, and alternate processing paths. Drafted statements and structured fields bind here. This is intentionally not a document editor — it’s a governance lane with operational evidence anchors.

Evidence locker

Evidence locker · Recovery

Placeholder binders

Drop artifacts, cross-links, and control citations to make this section attestable.

Third-party concentration, assurance artifacts, and exit strategies.

Vendor Dependencies

Section gate60%Traceable

Third-party concentration, assurance artifacts, and exit strategies. Drafted statements and structured fields bind here. This is intentionally not a document editor — it’s a governance lane with operational evidence anchors.

Evidence locker

Evidence locker · Vendors

Placeholder binders

Drop artifacts, cross-links, and control citations to make this section attestable.

Framework obligations traceable to controls and evidence artifacts.

Compliance Mapping

Section gate70%Traceable

Framework obligations traceable to controls and evidence artifacts. Drafted statements and structured fields bind here. This is intentionally not a document editor — it’s a governance lane with operational evidence anchors.

Evidence locker

Evidence locker · Compliance

Placeholder binders

Drop artifacts, cross-links, and control citations to make this section attestable.

Attestable artifacts, retention posture, and auditor retrieval hooks.

Evidence Attachments

Section gate45%Traceable

Evidence locker

Evidence attachments (workspace)

This pane becomes the controlled evidence locker: classification labels, checksums, retention gates, and reviewer attestation chains.

Placeholder binders

  • Campus perimeter diagram — Rev K

    ev-001 · Diagram

    Section · security-controlsMay 1, 2026

  • Annual physical security assessment summary

    ev-014 · Attestation

    Section · evidence-attachmentsApr 12, 2026

  • Critical asset inventory extract

    ev-022 · Policy

    Section · critical-assetsApr 30, 2026
Evidence intake · disabled (mock)

Reviewer lineage, sign-off packets, and publication gates.

Review & Approval

Section gate30%Traceable

Reviewer lineage, sign-off packets, and publication gates. Drafted statements and structured fields bind here. This is intentionally not a document editor — it’s a governance lane with operational evidence anchors.

Evidence locker

Evidence locker · Review

Placeholder binders

Drop artifacts, cross-links, and control citations to make this section attestable.