Designing for Compliance
UX Designer at Kertos GmbH
Kertos empowers organizations to achieve and maintain compliance by providing reliable data and streamlined workflows. I collaborated across teams to gather user feedback and optimize the platform’s user experience, creating an intuitive interface that offers seamless access to compliance insights and processes.
01
My Role & Impact at Kertos
Research
Conducted extensive competitor analysis, numerous user interviews, a user journey mapping workshop and multiple rounds of user testing. Synthesized a wealth of insights into actionable design ideas, ensuring continuous user-centric improvements.
Design
Led a comprehensive app redesign informed by user feedback and the updated CI. Developed User Journey maps, wireframes and high-fidelity prototypes to deliver a seamless user experience. Prepared meticulously organized design files for smooth developer handoff. The redesign led to an increase in time spent on the platform and garnered overwhelmingly positive customer feedback on the improved UX.
Branding
Assisted the Marketing and Customer Success teams with CI adoption, design templates for slides, posters, marketing materials on social media amongst other such initiatives. Maintained continuous and efficient communication with both Product and the other teams. This ensured strong project alignment and high efficiency throughout the design process.
02
Problem
The primary challenge was that users felt lost upon arriving on the platform, often stopping at the platform Dashboard due to a lack of clear direction on what to do next. Additionally, they struggled to understand what actions they should take to prepare for an audit to be certified as ISO 27001 compliant. Customers expressed a desire for more clarity from Kertos to build trust and confidence in their purchasing decisions.
03
Challenge
How can we enhance a compliance platform to be more intuitive, empowering compliance teams to easily navigate and understand asset and data relevance, onboard smoothly, and build a trusted relationship with our brand, ultimately simplifying complex compliance workflows?
60%
of businesses are unaware of fines or potential legal consequences under GDPR, despite operating in the EU.
47%
of surveyed companies in the EU have reported experiencing a data breach incident since 2021.
72%
of EU citizens express concerns over how companies use and manage their personal data, demanding higher transparency.
03
Research
Competitor Analysis
I conducted an in-depth analysis of direct and analogous competitors in the compliance automation and IT asset management space, including these platforms:
Direct: Vanta, SecJur, Drata, Sprinto, Secfix
Analogous: SayMine, OneTrust, TrustArc
The analysis showed that these platforms prominently feature detailed compliance dashboards, automated reminders, and clear success metrics, providing users with step-by-step guidance on achieving certifications. Additionally, they prioritize transparency around security measures and compliance progress, helping organizations build trust and streamline audits effectively.
User Interviews
I led user interviews with a diverse group of participants (current Kertos customers and domain experts) who prioritize efficient compliance management and secure data handling.
04
Design
The Dashboard and other sections of the app underwent two iterations based on user feedback and testing. Since we were still adding features to achieve parity with our competitions, we would ship an MVP and then in a second iteration ship the optimized versions. Shipping the MVP first also allowed us validate or alter our assumptions about user behavior. Key insights from user feedback included:
Visibility into Compliance
Users seek clarity on where they stand in their compliance journey, with real-time data that makes it easy to track progress and identify risks.
I designed the Citations section within the Controls area to enable users to clearly identify which specific parts of the framework they are addressing with their compliance measures. This feature enhanced user trust in the system.
Goal Progression
Users on the have a Compliance goal they want to achieve. Knowing where they stand in their compliance journey, with real-time data that makes it easy to track progress and identify areas for improvement.
We created a simple dashboard that displays metrics for each subscribed framework. Since many frameworks share common measures, progress in one also counts toward others. To support cross-selling, I included progress indicators for frameworks outside the user's current plan.
Reminders and Task Management
Users requested a basic task management solution to help with collaboration with other stakeholders within a organization and clarity on what's pending in their compliance journey.
I designed the Task section with simplicity and collaboration in mind, grouping tasks by their originating app section. Quick filtering chips allow for easy sorting.
Step-by-step Guidance
Users also wished for additional guidance in the Controls section, which are essentially a pre-defined list measures taken to be compliant within a framework.
We created a section that presents steps users can check off in a familiar checklist format to fulfill each control. Additionally, we included a small radial progress indicator, 'cause dials are cool as heck.
05
Key Learnings
Collaboration and Communication
I recognized the crucial role of effective collaboration and communication with my team and stakeholders in achieving project success. By ensuring clear alignment and maintaining seamless communication with developers, we were able to implement design changes accurately and efficiently.
Importance of Iterations
Our iterative approach enabled continuous design refinement. Each testing and feedback cycle led to meaningful improvements, prompting us to critically examine our design rationale. This process ensured our solutions were user-centric and directly addressed their immediate needs.