Third-Party Risk Management Platform
Designed the product strategy and core user experience for a Third-Party Risk Management (TPRM) platform serving large enterprise customers — from discovery through engineering handoff.
Product Management Intern (PPO) · Avasant
2021
The Problem
Enterprise organizations lacked a structured, scalable way to assess and monitor third-party vendor risk. Existing processes relied on email-based questionnaires, disconnected spreadsheets, and inconsistent risk scoring methodologies — creating blind spots in compliance and procurement oversight.
My Role
Led end-to-end product discovery as the sole PM on this workstream — from client interview recruitment to backlog synthesis. Produced all PRDs, wireframes, and user flows. The UX team translated wireframes into visual design; engineering owned sprint execution. Senior leadership reviewed and approved the final prioritised backlog.
Discovery & Research
Conducted 20+ client interviews and 5 SME sessions across legal, compliance, and procurement stakeholders. Used a structured interview guide covering current workflow, pain points, and decision-making authority. Synthesised findings into a frequency-severity matrix to prioritise features by impact and urgency.
The Approach
Spearheaded product discovery through 20+ client interviews and 5 SME sessions across legal, compliance, and procurement stakeholders. Built a data-driven product backlog prioritized by frequency, severity, and user segment. Produced detailed PRDs, UX wireframes, and user flows that translated complex risk workflows into an intuitive, role-appropriate interface for both risk analysts and executive reviewers.
Key Decisions
Designed risk scoring as a configurable engine rather than a fixed formula — allowing clients to weight risk dimensions by their industry context, which was the single most requested customisation point in discovery.
Prioritised role-appropriate interfaces for both analysts and executives over a one-size-fits-all dashboard — discovery showed that the two personas had opposite needs: analysts wanted drill-down detail, executives wanted a single risk number.
Architecture / System Design
Designed the risk assessment framework as a configurable scoring engine — allowing customers to weight risk categories (financial, operational, cybersecurity, regulatory) based on their industry context. Defined data ingestion patterns for both manual questionnaire-based inputs and automated third-party data enrichment. Established engineering handoff standards (PRD + wireframes + acceptance criteria) that achieved 100% on-time delivery.
What I'd Do Differently
I'd have run a light usability test on the wireframes before engineering handoff. We had strong discovery data but limited validation on whether the interface we designed actually matched how users wanted to navigate risk data — and we caught a few friction points only after build.
Outcomes
Product backlog and discovery outputs directly informed the core feature set of AvaSense's supplier risk module. Feature adoption increased by 25% versus prior versions of the risk product, attributed to the user research-driven prioritisation.