Centralising user management for Drova

June 2023 - November 2023

The problem

Drova could not scale and drive product cross-sell across it’s platform if it’s suite of legacy and emerging products each had it’s own system for managing users and teams. The up keep also created increasing technical debt and wasted engineering time.

Our team and I were tasked to architect and deliver a solution that could centralise users and teams across 3 disparate products into one location for Drova.

Outcome and impact

Over five months, our team and I designed and released the new user management system for Drova, unifying three separate user systems into one scalable solution.

Key outcomes:

  • Maintained continuity for paying TrilineGRC customers with no disruption.

  • Created the foundation for cross-sell into Drova’s new products: Operational Resilience and Double Materiality Assessment.

  • Reduced future tech debt and supported Drova’s transition out of Ansarada.

My design process

Model and learn from best-in-class systems

Because complex user management is a solved problem from many best-in-class products, I created system models complex products used internally in Ansarada (e.g. Atlassian, BambooHR) to map out the structure of potential user management solutions we could leverage ourselves for Drova.

Alongside this, I reviewed internal training manuals and conducted internal stakeholder interviews to understand the pain points, emotions and frustrations with managing system access across multiple teams.

Proposing my concept design

I combined the insights from my research along with the projects requirements to create multiple concept designs for design review.

Creating multiple solutions was critical because it surfaced two major challenges:

  1. Senior stakeholder’s lacked alignment on project scope and goals.

  2. Our product team lacked clarity on whether to support legacy or emerging products first.

Overcoming technical difficulties

Fundamentally, this project was a technical challenge rather than a design problem.

Creating a user management system that could retro fit legacy products and scale to support emerging products requires a first and foremost, a documented and shared understanding of the technical limitations our team had to work with.

What I did to facilitate and bring shared understanding was by leading regular design reviews, identifying key risks (either in requirements or designs) and documenting uncertainties so each problem could be systematically addressed.

By maintaining frequent communication and involving key decision-makers in our design and product development process, we gradually refined our team’s priorities and scope.

This enabled us to come to a final design that we could iteratively and scalably deliver over multiple releases.

Final design

I designed the People & Teams system in three phased releases, prioritizing TrilineGRC (Legacy) and Operational Resilience (newly released) to support existing customers and cross-sell opportunities.

Our solution enabled both existing and new customers to set up teams and manage users in a single, centralized location by:

  1. Role-Based Access Control: "Role" concept to ensure backward compatibility with legacy products (TrilineGRC) while supporting new products.

  2. Teams vs. Security Groups: Replaced "Security Groups" with "Teams”. Administrators could assign people to multiple teams instead of needing to create unique security groups per person, simplifying access rights management.

  3. People and Teams Filter: Drova targeted SME’s with typically 6-15 users, so we implemented a view switcher to help Administrators easily review users or teams across the organisation.