Simplifying Security Audits at Mendix

How I identified and tackled inefficiencies within the security auditing flow to improve the workflow of compliance teams.

Mendix Security Audits

Responsibilities

UX Design

HTML/CSS Support

Date

Q1 2024

Client

Mendix

Ensuring enterprise-grade security by improving efficiencies

At Mendix, the low-code platform powering critical systems for ABN Amro and PostNL, security audits were becoming a bottleneck. With no centralized tracking, communication scattered across platforms, and inconsistent validation methods, their certification process was at risk. This case explores how we transformed their fragmented compliance system into a streamlined security framework.

Production and Color
Production and Color

Challenges addressed

Clarity

Many users weren’t deeply technical and struggled to understand audit data quickly. I redesigned the interface to present audit insights in a more digestible, visual, and prioritized way.

Improved Collaboration

There were inefficiencies in how audit findings were shared across teams. I helped introduce features or workflows that made comments, assignments, or follow-ups more collaborative and trackable, reducing delays and miscommunication.

Prioritization of Issues for Efficient Follow-Up

Users had trouble distinguishing between critical and minor issues. I implemented a triaging or flagging mechanism so teams could address the most pressing problems first.

Design process

Validating the Problem

To confirm the need for AuditON, I interviewed multiple users to identify workflow bottlenecks and past audit data. The results showed that around 70% of certification delays were due to miscommunication and missing evidence.

  • Design a unified dashboard for managing audit steps.
  • Automate validation to reduce manual back-and-forth.
  • Embed a chat feature for real-time collaboration.
Production Details
Production and Color

Key findings

Most of the research was done through Stakeholder interviews with security officers & compliance managers. These were some key findigns:

  • Users needed a dashboard-first approach for visibility.
  • Templates and automated validation could cut down repetitive manual checks.
  • In-app chat had significant potential for reducing delays in communication.

Results

After launching AuditON, we tracked key performance indicators:

2x Faster

Annual Audit Completion Time

This speed was compared to their prior auditing process.

50% less errors

Error reduction from incorrect evidence submissions

Approximation based on input re-writes as opposed to the prior solution.

50% reach

Half of the security officers started using our product in 2012

After this test phase, more security officers would be onboarded.

Final Design & Implementation

I iterated based on feedback and refined the design to include:

  • A Kanban-style audit workflow for better progress tracking.
  • Automated error detection to flag incorrect evidence submissions.
  • Integrated messaging that tagged relevant stakeholders when an issue arose.
Audit Process
Audit Process

Testing roadmap

To validate the impact of AuditON, I'd use the HEART framework (focusing on Happiness, Engagement, Adoption, Retention, and Task Success) to measure how effectively it solves communication gaps, manual errors, and audit delays. Key tests would track user satisfaction through surveys. Other things such as task success and error rate could be tracked in-app (Quantitative).

Audit Process

Recommended projects

PostNL project

PostNL: B2B client acquisition for PostNL

Putting user needs first to optimise client conversion.

View Project
Quiet Network project

Quiet Network

Building a Minimalist Social Platform from Concept to Launch

View Project