StatusPage for Compliance: web dashboard frontend

[p4gs]

Summary

Build the "StatusPage for Compliance" — a radically transparent web dashboard showing real-time and historical control effectiveness, powered by OCEAN's REST API.

This is the primary visual interface for the project's core vision: a shareable compliance status page analogous to status.io but for security controls.

Key Views

1. Control Overview

• Grid/list of all controls with current status (effective/ineffective/unknown)
• Color-coded status indicators (green/red/yellow)
• Last checked timestamp and confidence level
• Framework mapping badges (SOC2 CC6.1, ISO 27001 A.9.4.2, etc.)

2. Control Detail

• Time-series chart of effectiveness over configurable period
• Uptime percentage (e.g., "99.94% effective over 180 days")
• Evidence timeline showing both passive observations and active test results
• Test transcript viewer for active verification evidence
• Provenance verification status per evidence record

3. Framework View

• Group controls by compliance framework (SOC2, ISO 27001, NIST CSF, CIS)
• Show coverage: how many mapped controls are monitored vs. total
• Roll-up effectiveness metrics per framework

4. Evidence Explorer

• Searchable evidence list with filters (control, source, time, confidence)
• Raw evidence viewer (JSON/YAML)
• Attestation chain viewer with verification status

Tech Considerations

• Static SPA that consumes the existing OCEAN REST API
• Could be embedded in the Go binary or served separately
• Consider: React, htmx, or plain HTML+JS for minimal dependencies
• Must work with Bearer token auth

Acceptance Criteria

• Dashboard shows all controls with current status
• Time-series visualization for control history
• Uptime percentage calculation displayed
• Framework grouping view
• Evidence detail with attestation verification
• Responsive design (desktop + tablet)
• Embeddable in the OCEAN binary (single binary distribution)