Vendor Security Questionnaire Management Design Concepts Challenge

User Experience (UX) DesignFigmaAdobe XDUser Interface (UI)

BONUS: 5‌ CHECKPOINTS AWARDED WORTH ‌$100‌ EACH

Register
Submit a solution
The challenge is finished.

Challenge Summary

Welcome to the Vendor Security Questionnaire Management Design Concepts Challenge. In this challenge, we are looking for help to come up with design concepts for a web application that will help the users in managing the vendor security questionnaire.

CHALLENGE OBJECTIVES

  • UI/UX design concept for web screens
  • Design for 6 unique screens
  • How well your design solves the problem and provides a seamless user experience.

Round 1

Submit your initial designs and any notes you might have for checkpoint review.
1.1 Assessment History
2.1 Create Security Assessment Overview
3.1 Initial Risk Assessment
5.1 Security Questionnaire 

  • As part of your checkpoint submission, you must upload your submission to MarvelApp so we can provide direct feedback on your designs. Please include the MarvelApp URL in your notes.txt
  • Make sure all pages have the correct flow. Use the proper file numbers, (1, 2, 3, etc.)

Round 2

Submit your initial designs plus checkpoint feedback implemented for the final review.
1.1 Assessment History
2.1 Create Security Assessment Overview
3.1 Initial Risk Assessment
4.1 Manage Questions
4.2 Add/Edit Question
5.1 Security Questionnaire 

  • As part of your Final submission, you must replace your checkpoint submission with the final submission into MarvelApp so we can provide direct feedback on your designs. Please include the MarvelApp URL in your notes.txt
  • Make sure all pages have the correct flow. Use the proper file numbers, (1, 2, 3, etc.)
  • If you're not submitting in the Checkpoint/Round 1, you are not eligible to submit in the Final/Round 2

PROJECT OVERVIEW

  • This application is used for maintaining the risk profile of the vendors.
  • The main users of this vendor management application are Internal users and Vendors.
  • Internal users will be responsible for the following functionalities:
    • Assessment History
      • Internal Users will be able to check whether the vendor has taken the security assessment or not
      • All users will be able to see the workflow
      • Internal users will be able to create a new security assessment overview.
      • Perform Initial Assessment
      • Generate Security Questionnaire and email it to vendors
      • Once the vendors complete the security questionnaire, a security assessor goes through the answers and then generates a pdf that will be used by the internal users to check which category of risk the vendor falls in.
    • Managing Questions
      • Internal users will be able to create and manage the questions.
  • Vendors
    • Vendors will answer the security questionnaire and once answered they will be shown a thank you message

TARGET AUDIENCE

  • Internal Users
  • Vendors

SCREENS / FEATURES REQUIREMENTS
For this challenge, we are looking for you to create a set of screens that are easy to use for the following scenarios. Remember that this is only a starting point, so feel free to take creative liberties when designing the screens.

A. INTERNAL USERS
1.1 Assessment History
This page will show the list of assessments that had been handled so far.
Need the ability to search and filter the list, users should be able to do the following:

  • Search Field
  • Filter options:
    • By Vendor
    • By Assessor
    • Date Range
    • Workflow Stage (Security Assessment Overview, Initial Risk Assessment, Security Questionnaire, Security Evaluation, Threat Assess Report, and Outcome)
    • Security Questionnaire Completed (Yes / No) - this filter will help us determine whether the vendor has completed the questionnaire for this year or not.
  • Provide a button at the top to add a new vendor to the assessment history, it could be called “Create New Security Assessment Overview” (please see 2.1 Create Security Assessment Overview)
  • We need the details below to be captured for the Assessment History, you can think on how to put this up on the screen / maybe a table or a grid view etc - up to you!
    • Vendor Name
    • Vendor Product/Service
    • Vendor Contact
    • Link to Initial Risk Assessment
    • Workflow Stage (Security Assessment Overview, Initial Risk Assessment, Security Questionnaire, Security Evaluation, Threat Assess Report, and Outcome) - think how well you can present this information on the screen.
  • Once the initial assessment is completed, we need to provide an option to generate a unique URL for the Security Questionnaire.
  • Every year the vendor is required to take the Security Questionnaire, so we can show some kind of indication that the vendor needs to take the “Security Questionnaire” incase if it is more than a year since they have taken the assessment. Also, provide an option to regenerate the link to Security Questionnaire
  • Include a pagination option as required.
  • Including the above details shouldn't make the UI complex, please try to keep the UI simple & clean.
2.1 Create Security Assessment Overview:
Internal users will create the security assessment overview, below details will need to be included in the form:
Internal User Details
  • System Name
  • System Owner
  • Function or Process Owner
  • Project ID and Name
  • Solution Architect
  • Business Consultant
  • Security Assessor
  • BIA DRIMS ID (this will be a link)
  • Sensitivity (from BIA) (this will be a text)
  • Criticality (from BIA) (this will be a text)
  • PII (from BIA) (this will be a text)
  • Architecture Rating (from AIA) - This will be a drop-down with options (High Impact, Low Impact, Medium Impact)

Vendor Details

  • Vendor Name
  • Vendor Product/service
  • Vendor Contact
  • Vendor URL
Once this step is completed, users will be able to fill up the Initial Risk Assessment form, so think about what should happen once they complete the overview form.

3.1 Initial Risk Assessment:
Reference: Vendor Risk Assessment - References > Sheet "01 Initial Assessment"

  • Once the Security Assessment Overview is created, they are required to enter the details of the initial assessment.
  • They will have about 6 to 7 questions to answer, these will be multiple-choice questions
  • Example questions: please refer to the attached google sheets (link shared in forums)
  • Based on the answers to these questions - the security questionnaire is generated.

4.1 Manage Questions:

  • This page will have all the questions / we have provided an excel sheet that shows an example of what type of questions it could be
  • Include a way for the users to search and filter through the questions
  • Include the option to create new questions
  • Provide a way to bulk import questions?
4.2 Add/Edit Question
  • Users will be able to create a new question or edit a question.
  • Question Description
  • Options to Save & Cancel

B. VENDOR 
5.1 Security Questionnaire
Reference: Vendor Risk Assessment - References > Sheet "02 Security Questionnaire"
Vendors will receive a unique link to the security assessment

  • There will be more than 24 to 30 Questions, think about how best to have these on the page. Questions will be descriptive.
  • Answers to the questions will be of Yes/No type with the ability to add some description for each question.
  • We can provide a way for the user to attach files
  • Once the vendor has submitted their answers for the questions, include a page that shows a thank you message

JUDGEMENT CRITERIA

  1. Creativity: Impactful; the solution is different or unique from what is already out there and can be implemented.
  2. Exploration: Out of the box; consider the screen requirements and guidelines as a draft or start point. Provide alternate experiences or workflows to achieve what we are proposing in the requirements and satisfy the user goals.
  3. Aesthetics: Hi-fidelity design; provide a top-notch finished-looking visual design.
  4. Branding: Open; propose a fresh new branding option.

DEVICE SPECIFICATIONS
Desktop: 1366px width and Height as required

BRANDING GUIDELINES
Please follow the colors and font from the provided branding guidelines

MARVEL PROTOTYPE

  • We need you to upload your screens to Marvel App
  • Please request for marvel app in the challenge forum
  • You MUST include your Marvel app URL (in your marvel app prototype, click on share and then copy the link & share it with your notes/comment on this link while you upload.
SUBMISSION AND SOURCE FILES
Submission File
  • Submit JPG/PNG image files based on Challenge submission requirements stated above
  • MarvelApp link for review and to provide feedback
  • Declaration files document contains the following information:
Source Files
All source files of all graphics created in either Adobe XD, Figma, or Sketch.

Please read the challenge specification carefully and watch the forums for any questions or feedback concerning this challenge. It is important that you monitor any updates provided by the client or Studio Admins in the forums. Please post any questions you might have for the client in the forums.

How To Submit

  • New to Studio? ‌Learn how to compete here
  • Upload your submission in three parts (Learn more here). Your design should be finalized and should contain only a single design concept (do not include multiple designs in a single submission).
  • If your submission wins, your source files must be correct and “Final Fixes” (if applicable) must be completed before payment can be released.
  • You may submit as many times as you'd like during the submission phase, but only the number of files listed above in the Submission Limit that you rank the highest will be considered. You can change the order of your submissions at any time during the submission phase. If you make revisions to your design, please delete submissions you are replacing.

Winner Selection

Submissions are viewable to the client as they are entered into the challenge. Winners are selected by the client and are chosen solely at the client's discretion.

ELIGIBLE EVENTS:

2022 Topcoder(R) Open

Challenge links

Screening Scorecard

Submission format

Your Design Files:

  1. Look for instructions in this challenge regarding what files to provide.
  2. Place your submission files into a "Submission.zip" file.
  3. Place all of your source files into a "Source.zip" file.
  4. Declare your fonts, stock photos, and icons in a "Declaration.txt" file.
  5. Create a JPG preview file.
  6. Place the 4 files you just created into a single zip file. This will be what you upload.

Trouble formatting your submission or want to learn more? ‌Read the FAQ.

Fonts, Stock Photos, and Icons:

All fonts, stock photos, and icons within your design must be declared when you submit. DO NOT include any 3rd party files in your submission or source files. Read about the policy.

Screening:

All submissions are screened for eligibility before the challenge holder picks winners. Don't let your hard work go to waste. Learn more about how to  pass screening.

Challenge links

Questions? ‌Ask in the Challenge Discussion Forums.

Source files

  • Sketch
  • Adobe XD
  • Figma

You must include all source files with your submission.

Submission limit

Unlimited

ID: 30197958