Risk Visualization Dashboard for KeyBank

About this project

KeyBank hired our team to design and implement a dashboard for key stakeholders, with the goal of improving technology risk visibility across the organization. With a tight timeframe to deliver, I took the lead as the UX Designer, guiding the project from discovery through to final design.

My responsibilities included:

  • Analyzed quantitative data provided by the client to understand the underlying challenges

  • Created mockups and prototypes to propose actionable, user-centered solutions

  • Designed the dashboard using KeyBank’s existing design system

  • Contributed new components and patterns back into their design system to support long-term scalability

This project required balancing speed, precision, and deep collaboration with KeyBank’s technology and risk teams to deliver a solution that met both business and user needs.

My Role: UX & Product Designer
Client: KeyBank
Project Type: Internal Dashboard for Technology Risk Management
Timeframe: June-July 2024

The Challenge

KeyBank’s executive and IT leadership needed a way to monitor the bank’s enterprise-level technology risk posture in real-time. The data lived across multiple tools and spreadsheets, making it difficult for upper management to understand risks, assign accountability, and take decisive action.

A specific challenge was making risk data actionable and attributable—especially in the Vulnerability & Configuration Management category, which posed a serious threat if left unmanaged.

Goals

  • Provide a centralized dashboard for technology risk visibility

  • Enable filtering by DCIO (Divisional Chief Information Officer) to assess ownership

  • Break down complex risk areas like Vulnerability & Configuration Management into digestible, actionable components

  • Support trend analysis and impact tracking for high-level reporting

  • Equip senior leaders with fast, reliable insights into potential breach risks

Primary User Persona

Title: Director of IT Risk & Governance
Pain Points:

  • Fragmented risk data across business units

  • Difficult to attribute risk to responsible owners

  • Overwhelming or unstructured dashboards

Needs:

  • Filter data by individual leaders (DCIOs)

  • Understand key risk categories in depth

  • Track trends over time

  • Shareable insights with stakeholders

Well Managed Dashboard

The Well Managed Dashboard was designed as a high-level control center, giving management an at-a-glance view of current performance and trends.

Key Features:

  • Tabs:

    • Vulnerability and Configuration Management

    • Historic Trend

  • Filtering by DCIO

    Enabled managers to isolate data relevant to their direct reports, encouraging accountability and focused action.

  • Breakdown by Risk Type
    Designed an expandable component under the “Vulnerability and Configuration Management” section to show a detailed breakdown by type (e.g., unpatched software, misconfigured systems).

Note: Due to a non-disclosure agreement and to protect the client’s sensitive information, certain details—including specific metrics, names, and full-screen designs—have been intentionally omitted. Where necessary, these elements have been replaced with placeholder copy.

Breach Status Report Dashboard

The Breach Status Report was developed as a more granular, cross-domain view of how different aspects of technology infrastructure were performing in terms of risk mitigation and compliance.

It served as the “deep dive” companion to the Well Managed Dashboard.

Categories Included:

  • Vulnerability and Configuration Management

  • Tech Lifecycle Management

  • Data Protection & Governance

  • Reliability & Resiliency

  • Identity & Access Management

Design Goals:

  • Help users identify which domain(s) posed the highest risk

  • Allow vertical and horizontal navigation for better scanning

  • Enable reporting and screenshot-friendly views for leadership meetings

Note: Due to a non-disclosure agreement and to protect the client’s sensitive information, certain details—including specific metrics, names, and full-screen designs—have been intentionally omitted. Where necessary, these elements have been replaced with placeholder copy.

Results & Outcomes

Although I no longer have access to the final implementation metrics, the dashboards were:

  • Approved by internal risk and tech stakeholders

  • Rolled out to senior managers at KeyBank

  • Considered a core tool in their tech risk management strategy

Qualitative Outcomes:

  • Reduced confusion about risk ownership

  • Made vulnerabilities and breach risks more visible and actionable

  • Helped leadership prioritize remediation efforts more effectively

  • Increased stakeholder engagement and responsibility across business units