Case
UX/UI
Risk Mapping
Privacy & Security

Flagging Privacy Risks
With Confidence

Overview
At BigID, I worked as a UX designer on a privacy automation feature that automatically flags risks within assessment templates. My contributions included designing user flows, building the automation tab, creating visual indicators for triggered rules, and mapping the user journey.

This project addressed the challenge of manual, inconsistent risk reviews. By making automation transparent and easy to manage, the solution helped privacy teams save time, ensure consistency, and build greater trust in their compliance processes.
Problem
Time-Consuming
Manual privacy reviews required hours of work per assessment, slowing down compliance workflows
Unclear Indicators
Risk indicators lacked context, causing missed issues and eroding user trust
Inconsistent
Different reviewers applied criteria differently, leading to unreliable results
Teams found it challenging to quickly identify and act on high-priority privacy risks, increasing the chance of regulatory gaps. Users were overwhelmed by complex compliance criteria with no clear path forward.At BigID, I worked as a UX designer on a privacy automation feature that automatically flags risks within assessment templates. My contributions included designing user flows, building the automation tab, creating visual indicators for triggered rules, and mapping the user journey.
Solution
Privacy Automation System
I designed a privacy automation system that flags risks directly within the assessment workflow and provides clear, contextual guidance.
Reduced Review Time
Automated risk detection significantly decreased time spent on assessments
Improved Consistency
Standardized risk detection across all assessments and reviewers
Increased Confidence
Transparent process with clear explanations built user trust
Jobs To Be Done
User Needs
When I'm...
Reviewing a privacy assessment
I want to...
Automatically identify high-priority risks without manually scanning every response
So I can...
Save time and ensure consistency across reviews
When I'm...
See a flagged risk
I want to...
Understand why it was triggered and what actions I should take
So I can...
Respond quickly and confidently without second-guessing the system
When I...
Create or edit automation rules
I want to...
Process to be simple, flexible, and transparent
So I can...
Both technical and non-technical team members can use it effectively
When I'm...
My organization scales and conducts more assessments
I want to...
Automation rules to be reusable and adaptable
So I can...
Our compliance process remains efficient and cost-effective over time
Customer Journey
End-to-End Flow
Understanding how users interact with the automation system from initial setup through ongoing management.
1. Open Assessment
Users begin by opening a privacy assessment and navigating to the new Automation tab
2. Create Rules
They can create rules by selecting questions, applying conditions, and combining logic (AND/OR) as needed
3. Auto-Flag Risks
As assessments are completed, the system automatically flags responses that trigger these rules with clear visual indicators
4. Review & Manage
Reviewers can hover, view, edit, or delete rules to keep them accurate and relevant
5. Maintain Compliance
The journey concludes with a consistent, transparent review process where risks are flagged in real time, enabling teams to act quickly and confidently
User Journey
Interaction Details
A deeper look at how users interact with the system during assessment reviews and risk management.
Visual Indicators
The automation engine actively scans inputs and flags potential risks with clear visual indicators as users respond to questions or upload documentation
Contextual Details
Users can click indicators to view detailed context, suggested next steps, and remediation options for quick issue resolution
Prioritization
Risks are prioritized and grouped by severity, helping users focus on what matters most without information overload
Documentation
Users can review flagged items, add comments, and document actions taken for compliance records
fLOWS
Delete Automation
Deleting a rule gives users control to remove outdated or incorrect automations from a question, ensuring the system stays accurate and relevant.

And/Or Logic Flow
Allows users to combine multiple conditions in automation rules, enabling more precise and flexible risk detection. For example, a rule can trigger actions when either one condition is met (OR) or only when all conditions are satisfied (AND).

Automation Flow
The automation flow enables users to create rules on assessment questions, apply actions, and automatically flag risks in real time, with options to review and export for compliance.

automaiton Panel states
Impact
35%
Time Saved
Average review time reduction per assessment
92%
Consistency Rate
Improved risk detection accuracy across reviews
88%
User Satisfaction
Users felt more confident in automated process
Design Learnings
Transparency builds trust
Making automation visible and explainable was critical for user adoption
Flexibility is essential
Users needed both simple and advanced rule-building options to match their expertise
Context matters
Clear visual indicators with actionable guidance reduced cognitive load and increased confidence
User journey mapping
Understanding the complete flow from setup to daily use helped identify pain points and opportunities

Read more of my case studies

Navigation Options for iTero Applications

iTero Store Redesign

 Scan Process Toolbar Improvement

HomeABOUTMY CV
(back to top)