All posts
March 13, 20265 minThe Panaptico team

Three decks, one rollout

Every Friday afternoon at a lot of companies, a PM sits down and builds three decks. One for the CTO, one for engineering, one for the CISO. All three describe the same rollout. By Monday all three are stale.

Every Friday afternoon at a lot of companies, a PM sits down and assembles three decks.

One for the CTO: one page, mostly green, a risk or two, a burn number.

One for engineering leadership: task graph, blockers, dependency chain, who is waiting on who.

One for the CISO: control coverage, evidence gaps, exceptions, compliance mapping.

All three decks describe the same rollout. All three decks drift from each other the moment they are sent. By Monday morning, something has changed in the implementation and all three decks are a little bit wrong.

This is an absurd use of a PM's time.

Why it happens

Every stakeholder wants progress in their own shape. That is reasonable. The CTO is not going to read the task graph. The staff engineer is not going to read the exec summary. The CISO cares about the eight controls that map to their framework, not the 240 tasks in total.

The problem is not that different audiences want different views. The problem is that today the only way to produce those views is to manually translate the implementation into three separate artifacts, every week, and hope none of them go stale before Monday.

What the alternative looks like

One live implementation graph. Three projections of it.

Exec composite: status, risk, burn, generated from the graph, always current.

Engineering drilldown: every task, every blocker, every dependency, at the level the people doing the work actually need.

Security posture view: controls mapped to evidence, exceptions flagged, gaps visible, tied to the systems still bound by each.

All three projected from the same source. No manual assembly. No drift between what the exec sees and what the engineer is executing. No Friday afternoon deck ritual.

The honest version

We built this because a PM on our team spent an entire afternoon every week assembling the same three decks from the same information, and we got tired of watching it happen.

A rollout is one thing. The audiences that need to see it are many things. The translation between the two should not be a human job.

Related problem

Stakeholder Reporting

Progress in the language each audience needs — exec, engineering, security.

Read how we solve it

More from the blog

April 17, 2026

How I picked an observability platform without trusting a single demo

Three vendors, three polished demos, three curated sample environments. By the end of the week I had no real idea which one would survive a Tuesday incident. So I ran the evaluation inside my own stack instead.

April 10, 2026

Cloudflare One and Tailscale, connected

I run both. That sentence makes some people twitch. Here is why, what it took to make them actually coexist at the DNS, identity, and routing layers, and what the evaluation surfaced before anything shipped.

April 3, 2026

Vendor demos are rigged, and it is not the vendor's fault

Every vendor demo runs on a rigged environment. We do not mean dishonest. We mean set up in advance to make the product look its best. The problem is not the demo. The problem is when you mistake it for an evaluation.