Blueprint Application

Center for Medicare & Medicaid Services (CMS)

Graphics of the application in a browser window.
As a Product Designer at Fearless, I spent one year working on the UX for Blueprint – an application from CMS that clarifies Rapid ATO expectations and reduces burden in system security planning.

It’s an interactive tool that ISSOs and other security professionals will use to manage the Rapid ATO process for their systems.

timeline

2021-2022

TEAM

Product Manager
Lead Designer (me!)
Product Designer
Service Designer
Engineers (5)

PARTNER

CivicActions

Context

The application was built for a specific set of users within CMS, and came with unique challenges. Our goals for this project were ambitious.

Problem

The  users who go through the ATO process are Information Systems Security Officers (ISSOs) and Cyber Risk Analysts (CRAs) who have a high technical understanding and use another application of record called CFACTS. However, the burden of working in CFACTS is high, with less user-friendly interfaces and limited ability for new users to join.

Solution

Create a proof-of-concept application with forward-thinking, automated features that users can collaborate on to document a system security plan.

Goals

Our goals for the product were ambitious, and we narrowed our work down to specific priorities for the first iteration of the application.

Business Goals

  • Allow users at different experience levels to collaborate in the app
  • Enable automation by encouraging the use of reusable components that can be shared across teams
  • Recommend and pre-populate projects with a collection of modularized compliance components.
  • Reduce the burden of navigating changes in policies

Design and Research

Over the project's lifetime, the design team conducted 52 user tests and interviews; I ran six prototypes through user testing.

Top priorities were:

  • Redesigning and rebuilding the application
  • User workflows
  • Onboarding new teams
  • Project setup, building, and maintenance
Screenshot of the Welcome to Blueprint page in the application
The app used plain language and clear steps to introduce users
Screenshot of the Dashboard page in the application
The app has a project dashboard that users can collaborate on with their team

Outcomes

When the contract ended, I spent several weeks on documentation for future teams.

Deliverables

  • Working application
  • Prototypes
  • Service blueprint
  • Repository with artifacts and future recommendations

Want more details?