Active Responder

Before walking through how the product evolved, this is the surface itself: SOP attributes on the left, the task feed in the centre, location and template metadata beneath. Every decision in the phases below maps back to a region of this page, so it's worth orienting once.

Get the core execution loop right before adding anything else. Each task lived in a card that collapsed to a single status line so operators scanning 20+ tasks could orient instantly, and expanded to reveal the form with Submit and Skip. Every state, pending, in-progress, restricted, completed, was readable without interaction. The sidebar held SOP attributes; the right panel held the task feed. Intentionally minimal.

Walkthroughs after launch showed analysts leaving the app mid-incident to look up location details and contacts elsewhere, breaking focus at the worst possible moment. I brought a location panel, live points of contact with one-tap call / Teams / email, and SOP template metadata directly into the page. The PDF export shipped here too, answering a long-standing compliance ask from supervisors.

As the platform scaled to multi-region use, the two-column layout couldn't show how work was divided across a distributed team. I moved to a three-column model, SOP metadata, task columns grouped by workflow stage, and a review-and-close column, that mirrored how teams actually split responsibility during a live incident. A check-updates badge flagged when a remote colleague had acted on a shared task, cutting duplicate and conflicting submissions.

The same template often ran across multiple locations, with input/output variables, instance prefixes and process ownership defined per instance. Technically the most complex design challenge on the project. I prototyped the full configuration flow in Axure across five progressive states and used it to align the PM and engineering lead before any build, saving weeks of rework.

Every feature ticket had the same skeleton: what is it, why is it needed, impact of not having it, minimum required, nice to have, UX considerations. Developers had enough context to make good decisions without me in every standup, design intent survived a fast release cadence, and by Phase 3 the format was team practice.

While working on some previous products, we faced challenges regarding consistency and repeated design and dev efforts by creating multiple copies of design elements. So, we decided to make a universal design library for all the JCI products. Components, app bars, modals, tokens and patterns were defined once and consumed across teams, which cut review cycles and gave every JCI product a recognisable, accessible baseline.

Safety-critical design isn't about interaction complexity, it's about the cost of getting it wrong. A poorly labelled button in a standard product causes frustration; the same mistake in a live bomb-threat response causes someone to hesitate or act on the wrong information. I stopped asking 'is this understandable?' and started asking 'is this unambiguous to someone already stressed, under time pressure, managing three things at once?' Different question, different answers.