Risk Approval Workflow
In this project, my top deliverable is to design custom-tailored workflows, with the flexibility to update internal terminology but still providing guidance details. For users, these guidance streamlines the process for the users to keep up with their assigned tasks and help continuously monitor each risk/ control life cycle across entire organizations.
Role
UX Designer
Team
1 Scrum Team
1 Product Manager
Status
Shipped
Duration
Q1 2022
Achievement
Establish workflow component
THE PROBLEM
No flexibility to set customized workflow
Currently, as there are multiple moving parts in the IT ecosystem, to keep track of daily tasks has become a top priority. Most engineers are working as an assigned owner to help keep track of the object, including risk populate from the inventories, or sometimes a missing/exiting compliance that will need to be implement.
Fixed Stages
Different organization manage to create 4-stages of risks to make it aligned with OT default workflow
Inconsistent Guidance
No approval status
SOLUTION OVERVIEW
Customizable workflow elements to better keep track of the objects
We provide integrated stage guidance and documentation to engage and accelerate with first-line response
EMPATHIZE WITH THE USERS
Understanding the Users
There are two major types of users in the current ITRM platform, including manager who setup workflow versus specialists who manage and tackle risk tasks during the entire risk workflow cycle.
USER JOURNEY
Understanding expected approval process
To make the stage auto-advance by approval status, I created user flows that helps me to layout the major functions and learn the auto-rule engines that work behind the scene.
WE HYPOTHESIZED THAT
DESIGN STRATEGY
Custom approval workflow with guidance
Starting initial with the goal to optimize rule engines, we also ensure admin and both executive level of users easily walk through and identify key decision required for their assigned objects, including risk, required compliance, or launching assessment to evaluate the overall status of the assets.
DESIGN CONSIDERATION
Custom approval workflow with guidance
With these pieces in I scoped out the default risk/ controls workflows for most customers within their organizations, but along with flexibility to customize different stages if needed. With this enhancement, it helps implement defined business processes that have been defined. In order to minimize the.place, I could brainstorm features and functionality that would improve engagement and provide an engaging user experience, this also allowed to initiate better dialog with different stakeholders.
Exploration on Guidance
To make sure users are onboard with task guidance, we try to make the guidance more visible for users.
Enable Custom Action
Proposed to allow users to set custom title for users to view and setup custom button with display name
FEATURE 1
Configure stage details & Set up approval stage
Before showing and providing the guidance to the risk/control owner, their managers will come in and configure the standard workflow for the entire team.
FEATURE 2
Workflow & Approval tab to review all comment
Allow users to view multiple approvers and reviews along on the risk/ control page. Approvers could also change review on risks.
FEATURE 3
Set automation rules on risks/ controls
Allow users to set automated actions when meeting setup conditions, along with setting up approvers to review when moving into review stage.
USER FEEDBACK & TESTING
Propose new "Workflow" component for users
Based on user feedback, we noticed that most standard and custom stages are reasonable for users in terms of the flow of configuration. However, for users who interact with the pages daily, there are still fair usability enhancement on how to distinguish key actions between key attributes for risk owner to move forward on their daily tasks.
