Working in Agile flow, another designer and I were equally responsible for understanding how users manage risks in the company and how to conduct risk assessments in order to design a useful and clear experience.
Many companies would approach the process of risk management and the risk assessment manually and have no automated way to keep clear communication with stakeholders who should be involved at different stages of the process.
The result of it could lead to missing key information and big gaps in the process which would lead to a decrease in efficiency and frustration within the company.
Some initial assumptions:
New risk assessment would be only conducted if a new feature or product is to be released
There is currently no easy way to monitor how risks are progressing after controls or treatments have been implemented
There are a number of stakeholders that should be included in the process at different stages.
There is no convenient way to remember who should be included and when which can lead to missing information which would require for the process to start from the beginning.
All the stakeholder’s feedback should be addressed in the appropriate matter which currently has no way to keep organised.
Identify the journey that a Risk Assessment Manager has to undertake in order to complete a risk assessment and how those risks are being controlled.
Based on conducted research we were able to design a software solution where every accountable person was assigned to its own individual tasks and the progression is attributed to the individual.
To start the project, we were introduced to some documentation from the client which was reviewed in detail and we also did some research to understand the subject better.
Based on our understanding we were able to write a set of questions and highlighted some areas/subjects which we want to cover in our interviews with stakeholders.
We conducted a set of interviews with stakeholders in order to understand what was their vision of the project and what assumptions they may have. We also wanted to highlight what expectations and requirements they have from the project.
By the end of that session, we were able to identify key objectives and set of expectations from this project.
After the project kick-off, we wanted to dig deeper in order to gain a better understanding of how the process works and what information/data could help us.
We found examples of Risk Assessments which helped us to highlight some common areas in different industries for risk assessment.
We also were able to shape a better understanding of the hierarchical structure and which stakeholders should be involved in the process and when would be the appropriate time to do so.
Understanding of the hierarchical structure also helped us to understand the difference between risk owners vs control owners.
Workshop with Stakeholders and Subject Matters
Research findings helped us to gain a better understanding of how the risk management process works but we still wanted to gain a better understanding and test some of our assumptions with subject matters, as they have been involved in the process for over ten years which gave them a deeper understanding of challenges and pains of the Risk Management process.
The goal of the workshop was to map out the process of Risk Management and try ourselves to conduct the Risk Assessment. That exercise helped us to empathise more with the users who are involved in the process and understand each step on their way when assessing new risks.
The goal of the concept model was to visualise how stakeholder and different departments would communicate and interact with each other.
That was a helpful way to reorganise our thoughts around the involvement in the process and helped us to identify key areas we wanted to understand what steps some individuals have to undertake on their journey.
The interviews focused on gaining a better understanding of what steps particular individuals have to go through on their journey. Even though we had a good overall understanding of the process we wanted to dig for more details and understand what challenges and pain points people are facing.
We were able to conduct research with people who are in charge of Risks, Controls and Treatments.
The research helped us to gain lots of data and much better user understanding and their pain points in the process.
By analysing data we wanted to organise and synthesise our findings.
By analysing research findings we were able to create our personas.
Each persona is a representation of three main stakeholder types we were focusing on due to restrictions and limitations of the project.
There are more stakeholders types to discover and analyse in the future for project iteration.
Based on research finding we were able to understand that desktop software would be the most useful for our users.
We sketched some initial ideas of how the software may look like.
With the help of our knowledge of the users and the language they use, we were able to define the structure of how users will interact with our design.
We were able to get feedback from a subject matter and implemented a few changes to the Information Architecture
We created user flow in order to visualise the complete user path when he is interacting with our platform/application.
Wireframes were created in order to create the design structure of the design.
This helped us to present visual input for the team and stakeholders in order to gain valuable feedback.
Based on wireframes and feedback that we got from stakeholders we were able to create the first design version of the high fidelity interactive prototype for software.
We conducted a set of user testing sessions in order to test the usability of the design solution.
This is a final version of the design which is currently at the development phase.
We are looking forwards to start work on “Further steps”:
Introduce new software to the banking company which we were working closely with on the research and design phase
Gain feedback from internal users and possibly iterate some feature within the software