For thousands at Alphabet, compliance isn't just a checkbox – it is the bedrock of trust. At the heart of this critical function stood the GGRC application, a tool relied upon by 5k+ users. But as Alphabet's landscape rapidly evolved, GGRC’s outdated architecture and fragmented functionality created bottlenecks, confusion, and escalated costs. A resounding 52% of users were dissatisfied with it. This wasn't just a technical problem; it was a challenge to the very foundation of how Google managed risk and ensured compliance, demanding a bold, user-centric transformation.

Critical challenge

How might we create a more unified GRC solution that eliminates user confusion, integrates fragmented data, increases user adoption, and reduces engineering costs?

What I loved about this project

Exploring the unknown. At the time, experiences were so siloed and people lived in fear of upsetting a delicate balance between legal processes, their domains, and poor experiences. I thoroughly enjoyed partnering with UX Research and real users to have the space to think deeply about what they actually wanted and needed based on their journey, and to determine how and when to present the data they normally went to different apps for, in a way that engaged users without disrupting their flow. Equally enriching was being able to push past the existing limitations of compliance, imagining the possibilities of an ideal world.

Key contributions

Strategy, design team lead, design execution, research, branding

Outcomes

Created an engaging, user-centric product that stakeholders and research participants praised for it’s ability to converge data and UX to create a complete picture of preparedness by showing the relationships between risks and controls, so that a product area can adequately demonstrate their ability to manage a risk.

Facilitated a cross functional workshop to establish the product vision and roadmap for the next 3 years which included visualizing the risk and compliance ecosystem story.

Reduced costs on engineering by delivering reusable features using Google Material components, and patterns.

Designed and built a centralized location for all controls and compliance objects, Onboarded ~3k compliance objects from 4 Governance organizations, adoption for 20 product areas, > 1.6K products and systems, including deprecating licenses for 2 now unnecessary tools, from the launch in Q3.

Risk & Compliance ecosystem map