Secure and Govern Primary Use Cases
Hello all. I'm going to try something new this year and I'll need your help. In past years, I've spent most of my time trying to keep track of what you're all doing by reading issue discussions and reviewing your designs. I haven't spent a lot of time on the current UI though because it's been so far behind what you've all been designing that it hasn't made a lot of sense to spend my time there. Over the past year or so, our dev counterparts have been diligently building out your backlogged designs. So now I'm going to try and put a process in place for myself that I (hopefully) can follow consistently throughout the year.
Strategy
-
Gather Primary Use Cases & Scenarios: List out the main tasks that users are expected to accomplish using each group's interface. What are the specific activities or functions that the UI is designed to support?
- Create a list of use cases. They should describe the user's interaction with the UI to accomplish a specific goal.
- Prioritize use cases based on their importance to the user's Jobs and how frequently they are likely to occur.
- For each use case, outline various scenarios including different user conditions and environments to better understand how different conditions and environments might affect the user's interaction with the UI.
- Assess the impact of each task on the overall user experience (see next section, Heuristic Evaluations). High-impact tasks should be given priority in the evaluation order.
-
Heuristic Evaluations: Select from the highest priority, primary use cases. Complete heuristic evaluations using the UX Scorecard’s Journey Map template (using the adjustments I added) and the scoring rubric.
- Create an Experience Recommendation issue following the UX Scorecards Part 2 template.
- Review: Review recommendation findings with the group's DRI designer.
Help Needed
I'll need your help with step 1: Gather Primary Use Cases & Scenarios for each of the groups you support. FigJam
- Compliance
- Audit Events
- Compliance Management
- Release Evidence
- Security Policies
- Security Policy Management
- Threat Insights
- Vuln Management
- Dependency Management
- SBoM
- Static Analysis
- SAST
- Secret Detection
- Code Quality
Edited by Justin Mandell