KPMG
NHI Lab · AGT UI Options
Static comparison mockups for KPMG mode
Microsoft Agent Governance Toolkit · pattern source

Four UI directions for governing agent actions, identities, sandboxes, and evidence.

These are not implementation screens yet. They are human-readable wireframes for choosing the AGT experience we want inside Trident: executive demo, policy authoring, audit replay, or runtime operations.

Shortlist

Pick the story before picking the components

AGT spans policy enforcement, identity, sandboxing, audit, and SRE. One page cannot do all of that well. These options deliberately bias toward different audiences and demo moments.

live evidence ready workbench UI AGT pattern

1 · Control Room

Best first-screen dashboard for partners and CISOs. It shows governed calls over the Trident estate.

5Demo
3Build
4Exec

2 · Policy Studio

Best builder surface. It makes allow, deny, and step-up policies inspectable before deployment.

4Demo
4Build
2Exec

3 · Evidence Replay

Best trust story. It turns every governed tool call into a replayable audit artifact.

5Demo
3Build
5Exec

4 · Runtime Ops

Best operator view. It focuses on SLOs, sandboxes, kill switches, and agent blast radius.

3Demo
4Build
3Exec
1

Agent Governance Control Room

A CISO-friendly command center. Lead with scale shock, then prove that real agent identities are being governed through allow, deny, and step-up decisions. This is the safest default for a KPMG partner demo.

AudienceCISO / Partner
ModeLive + workbench
Hero beat52,524 NHIs
Best tabDashboard
Dashboard Agents Policies Evidence
D
A
P
E
52,524Non-human identities
8,473Agent identities
1,218Governed calls today
99.2%Evidence completeness
10:42:18dsar-export-agent · export:piistep-up
10:41:55soc-triage-agent · read:alertsallow
10:40:07sandbox-coder · delete:filedeny
10:38:29grid-ops-agent · read:ot-telemetryallow
Policy outcomes by tier
Tier 1
82%
Tier 2
54%
Tier 3
31%
Step-up
43%
2

Policy Studio and Decision Simulator

A workbench for writing and testing the governance layer. It explains how AGT-style rules become Trident policies over OPA/Cedar, and how step-up maps to human approval.

AudienceBuilder / Architect
ModeWorkbench
Hero beatPolicy proof
Best tabPolicies
Dashboard Policy Studio Test cases Deploy
# rewritten AGT-style policy, not vendored
name: tier2-pii-export
default_action: step-up
rules:
  - name: allow-read
    condition: action.type == "read"
    action: allow
  - name: pii-export-step-up
    condition: action.type == "export" and data.class == "PII"
    action: step_up
    approvers: ["privacy-ops"]
  - name: deny-destructive
    condition: action.type in ["delete", "drop", "truncate"]
    action: deny
17Unit cases
3Golden paths
0Fail-open paths
3

Evidence Replay and Audit Flight Recorder

The strongest trust-building design. Start with one risky agent action, replay every decision step, and prove the record is tamper-evident. This is the best design for CEOs, CISOs, auditors, and skeptical buyers.

AudienceCEO / CISO / Audit
ModeLive evidence
Hero beatProve it happened
Best tabEvidence
Dashboard Policy Evidence Replay Export pack

Replay frame: why was this allowed?

Agent
dsar-export-agent-142
source_system=Microsoft Graph · object_id=entra:sp:7f31...b92
Decision
step_up → allow
reason=PII export requires privacy approval
Policy
tier2-pii-export
policy_hash=42fa8b8c...9ad1
Evidence root
integrity valid
merkle_root=91bc0d9e70bb6421f0a6d0f2a8f6aa3c
4

Runtime Ops and Sandbox Reliability Console

An operator screen for the agent runtime: sandbox health, circuit breakers, error budgets, kill switches, and containment status. This is less flashy for executives, but essential once the lab runs real agents.

AudienceSecOps / Platform
ModeLive operations
Hero beatContainment
Best tabRuntime
Agents Runtime Sandboxes Incidents

govern() latency

p95 18ms · budget 50ms

Sandbox pool

42 warm · 9 cold starts

Denied actions

31 denied · 4 high-risk

Audit writer

healthy · no dropped records

Entra bridge

Graph reachable · token fresh

Policy backend

govern() gate online · fail-closed armed

Emergency action

Suspend all Tier 3 agents, revoke sandbox egress, and require human approval for every write action.

Recommendation

Build a two-layer dashboard: Control Room first, Evidence Replay second

For KPMG partner demos, the first page needs to be immediately legible. Then it needs to survive a skeptical technical question. That argues for Option 1 as the landing screen and Option 3 as the proof drill-down.

recommended do not lead with compliance badges
DecisionChoiceReason
Default dashboard Option 1 · Control Room It gives the sales audience scale, risk, and action in one glance, without requiring policy-engine knowledge.
Proof path Option 3 · Evidence Replay It turns AGT from "security dashboard" into "show me the governed decision and the sealed evidence."
Builder path Option 2 · Policy Studio Useful for internal demos and architects, but too detailed as a first screen for CEOs or partners.
Ops path Option 4 · Runtime Ops Required after P0 is running. Keep it behind an operator tab, not the main showroom.

Reuse from AGT

  • govern() wrapper ergonomics
  • allow / deny / require approval semantics
  • policy and audit-chain concepts
  • SRE vocabulary for agent reliability

Rewrite in Trident

  • OPA/Cedar-backed policy evaluation
  • source-stamped evidence store
  • Entra Agent ID / SP-backed bridge
  • micro-VM sandbox lifecycle

Do not overclaim

  • Do not present import checks as control evidence
  • Label live, workbench, simulation, and overview
  • Show object IDs and timestamps for live claims
  • Keep vendor capability claims verifiable