02 / AI Workflow Design
RiskLink
Designing and Engineering a voice-led
cyber-risk assessment workflow.
“The goal was to make the first conversation more useful before a human needed to step in.”
Follow the workflow ↓
The team needed risk context
before they could evaluate risk.
RiskLink sold cyber-risk insurance. Before a quote or underwriting conversation, the team needed to understand a prospective customer's network environment and current security posture.
That first assessment was necessary, but repetitive and time-consuming. An average call took about 2 hours.
What a RiskLink Team Member Needed to Learn
How is the customer's environment set up?
Which security practices are already in place?
Where are the gaps or follow-up areas?
What context is needed before a human conversation?
What the intake looked like before
The problem was not a lack of expertise. It was that human time was spent repeatedly gathering foundational information before the team could focus on higher-value judgment.
The first conversation should collect context — not consume all the expert time.
The Product Insight
The first conversation
is a workflow.
It can be made more consistent, less repetitive, and easier to hand off — without making the AI pretend it can make the final decision.
What we chose to build first
The MVP focused on one reliable path from conversation to structured output — not a complete underwriting engine.
Intentional scope
We intentionally did not try to build personalization, historical tracking, compliance mapping, advanced cross-domain intelligence, or a fully automated underwriting engine in the first version.
Making the risk conversation structured
The conversation needed to surface enough context across core security domains to give the RiskLink team a structured starting point for follow-up.
Where I contributed
Understanding the intake workflow
Worked with the client-side owner of RiskLink to understand what their team needed to learn before moving toward a quote or insurance decision.
Voice interaction concept
Helped shape the idea of using OpenAI Realtime to make the first interaction feel more natural than a static questionnaire.
Structured outputs
Helped define how conversational responses could become structured JSON data rather than unorganized call notes.
Report-generation flow
Helped connect the structured assessment output to PDF report generation for team follow-up.
Product boundaries
Helped shape where the AI should ask clarifying questions, answer directly, or defer to the RiskLink team.
Useful AI also knows when to defer.
When users asked questions outside the product's authority — quote timelines or final insurance decisions — the system did not invent certainty. It clarified the next step and handed the conversation back to the RiskLink team.
A user asks
“When will I get a quote?”
“Can you tell me whether I qualify?”
“What is my final insurance decision?”
The product response
“A member of the RiskLink team will follow up with you.”
RESPONSIBLE HANDOFF
The system paused at the boundary of its authority and passed the conversation to a human — every time.
Turning a conversation into something the team could use
Structured assessment outputs were converted into a final report through a JSON-to-template generation flow.
What This Flow Makes Possible
Conversation becomes structured input
Structured data feeds a repeatable report
The report creates a usable handoff for the team
The MVP did
guide a first risk conversation
capture structured answers
ask clarifying questions
organize information across eight domains
generate a report
create a human follow-up path
The MVP did not try to
replace underwriting judgment
make final insurance decisions
fully personalize every question path
map every compliance framework
predict risk outcomes
automate future steps of the customer journey
What I would validate next
I would test how different conversation structures affected completion quality, user comfort, and how useful the resulting report was for the RiskLink team.
Testing Loop