# UI-012 Finding Exceptions Queue | Field | Value | | --- | --- | | Route | `/admin/finding-exceptions/queue` | | Source | `FindingExceptionsQueue` | | Area / scope | Governance / workspace | | Archetype | Exceptions / Accepted Risk | | Design depth | Strategic Surface | | Repo truth | repo-verified | | Screenshot | `Spec 354 browser proof: ../../specs/354-finding-exceptions-accepted-risk-resolution-guidance-v1/artifacts/screenshots/spec354-ui-026-finding-exceptions-queue-guidance.png` | | Browser status | Re-validated through direct workspace queue routes for expiring and expired accepted-risk states. | ## First Five Seconds The page should answer three questions before the operator reads the table: 1. which exception is in focus 2. whether the accepted-risk record is ready, expiring, expired, pending, or incomplete 3. what the next safe action is without widening current approval or rejection authority ## Productization Review - Decision-first: now explicit. The focused review lane starts with a dominant accepted-risk guidance card before secondary diagnostics. - Evidence-first: owner, review due, expiry, decision history, and related finding context stay visible in the same first-screen lane. - Context: workspace-owned monitoring surface with explicit `exception` focus and optional governance-inbox continuity. - Customer/auditor safety: high because this queue decides whether accepted risk can still be relied on as actively governed. - Diagnostics: secondary. Header actions, sidebar detail, and the queue table remain source-owned under the guidance summary. ## Information Inventory Default content should show dominant governance state, reason, impact, next step, related finding/exception links, owner, review due, expires, current decision, and the surrounding queue context. ## Dangerous Actions Approve and reject actions remain high impact and stay in the existing header-controlled flow. The new guidance must not invent unsupported remediation buttons or bypass confirmation, authorization, and audit semantics. ## Spec 354 Follow-up - Accepted-risk queue guidance is now derived from existing finding/exception truth through one bounded adapter. - The queue shows one dominant guidance case with existing repo-backed secondary links only. - Governance Inbox continuity remains intact on downstream exception detail links. - Browser proof: - `spec354-ui-026-finding-exceptions-queue-guidance.png` captures the expiring first-screen hierarchy. - The same queue route was also re-validated for the expired state in the integrated browser. ## Target Direction Keep this surface as the workspace-owned accepted-risk decision queue. Future changes should extend the bounded guidance adapter or existing queue actions, not create a parallel decision rail or fake auto-fix layer.