DLP Responsive Responsive Web application Design Challenge

Welcome to "DLP (Data Loss Prevention) Responsive Web application Design Challenge"

In this challenge, we are looking to design a responsive web application for building a digitized application for Data Loss Prevention (DLP), for the modules ClickWrap as well as NotifyFollowup.
We are really excited to kick off this Design Challenge.

Round 1

Submit your initial designs for a checkpoint feedback

- As a part of your checkpoint submission, you must upload your submission to MarvelApp so we can provide direct feedback on your designs.
- Make sure to include a URL/comment the link to your marvelapp while uploading your submission
- Make sure all pages have the correct flow! Use correct file numbering. (00, 01, 02, 03)

Round 2

Submit your final designs with all checkpoint feedback implemented.

- As a part of your checkpoint submission, you must upload your submission to MarvelApp so we can provide direct feedback on your designs.
- Make sure to include a URL/comment the link to your marvelapp while uploading your submission
- Make sure all pages have the correct flow! Use correct file numbering. (00, 01, 02, 03)

Background Information:
Misusing of sensitive data within the company is called an incident. This application will serve as a one-stop shop for raising data movement incidents, monitoring their journey through the validation procedures, identification of corrective actions (actions are taken against the employee misuse it and appropriate correction is taken) and closure post-action completion.

The various benefits of this app will be as follows:
- Process automation including automatic reminders and automated workflows for defined scenarios.
- Removal of email as a validation and followup tool.
- Access rights protection as well as sensitive data protection.
- Digitization of associated legal declaration and/or corrective action.
- Reports and Dashboards for easy interpretation.
- Email Notifications and Alerts to the DLP team on application availability or unavailability.

Required Screens
A. Admin:
01 Access Control Page

• Access Provisioning/revocation page for both security incident report (SIR) and Data Loss Prevention (DLP)
• Backup (for role created) access provisioning for incident handlers.

02 Incidents Page

• All incidents from the master database should be displayed.
• Details like (incident Handler, Incident ID, Employee Involved, Documentation Status, Corrective Action Status, etc)
• Should be able to add, reassign, edit, delete all incident categorized by both security incident report (SIR) and Data Loss Prevention (DLP)

03 Template and Corrective actions (CAN) modification page
- In this page, admin should be able to modify declarations formats/add or remove corrective actions if needed.

B. Incident Handler:  
04 Incidents Page:

• An incident handler should see all his / her incidents from the master database with all attributes of the incident.

• Should be able to add, reassign and edit their incidents in their respective category assigned DLP/SIR

• If they click on the “Add” button, a form should popup requesting details like

  • Incident details (Incident ID, Incident Description, etc) & Involved employee details like email ID, ADID (Active Directory), etc). 

  • Features to add additional employee/violator details required to address when violators are more than one (post outcome of incident analysis)

  • Once they enter employee ADID, auto-populate employee details from SAP like employee band, employee name, manager email id, HR email ID, location, last ITMS completion, Last Corrective action acknowledged (if present), etc 

  • and Save all the details.

• After pushing all the details, the Incident handler should choose whether to issue a declaration or Skip. Then the Incident handler will issue the corrective action.

  • Declaration - > Required / Not Required

  • Corrective Action - > Required / Not Required

• If Incident handler clicks Required Declaration, it should redirect to the declaration template page

• If the Incident handler clicks Required Corrective Action, it should redirect to the corrective action page. 

04 1 Corrective action page

1. Predefined corrective actions defined by admin will be displayed in the checkbox input format, so the incident handlers will have the freedom to check multiple corrective actions based on the gravity of the incident.

2. Corrective actions like ITMS, COBC, Counselling, Warning, Termination, MSI Freeze, No-Rehire, Unclean exit, and Backlist/Penalize contract/vendor agency.

3. Admin will have the authority to add or remove corrective action from their window.

4. Sub flow differentiates for each of corrective action, which is defined below:

   1. If CA is ITMS -> check last ITMS completion date -> if < 1 year, mail should go to the employee and should display in my worklist to complete ITMS within 2 days.

   2. If CA is COBC -> Mail should go to HR for further action and should be displayed in HR’s Worklist. Once HR takes action, he/she should let the incident handler which corrective action he/she has taken (in textbox format) on the employee.

   3. If CA is either of Counselling/Warning check if this CA is already taken 

      1. If it is already taken, intimate IRMC Information protection team head for Review before proceeding to re-issue action after revising by head send CA for employee acknowledgment to complete it within 2 days.

      2. If it not taken before, send email and display in the employee’s my Worklist to acknowledge within 2 working days.

   4. If CA is either of Termination / MSI Freeze IRMC Information protection head approval Route to HR to do the needful in taken CA after approval of IRMC Information protection team’s head

   5. If CA is No-Re hire /Unclean exit, IRMC Information protection head approval intimate Wipro exit team to update in SAP.

   6. If CA is Blacklist / Penalize contact/ vendor agency IRMC Information protection head approval intimate CPO team to update the CA.

   7. If CA acknowledgment is not done within 5 business days then should be blocked.

   8. If CA acknowledgment is done, then intimate Recordroom HRSS to update in employee’s docket.

   9. If CA is pending with the manager for more than 2 days, the  reminder escalations mails should automatically be sent to the manager

      1. Until than 2 days – Reminder to complete the action

      2. Greater than 3 days–Reminder to complete the action + with L2 manager in the loop

      3. Greater than 4 days–Reminder to complete the action + with L2 & L3 manager in the loop

   10. Counseling and warning letter should be supervised by the manager with C1 and above the band. Escalation emails should loop manager till band D2. Even after not acknowledged mark Group HR’s hierarchy till CHRO.

   11. If the employee location (Country) is any of the European regions excluding the UK

C. Employee Login:

• Auto-populate employee details from SAP like employee band, employee name, manager email id, HR email ID, location. 

• Declaration / Corrective action template to be displayed.

• Predefined corrective actions defined by admin will be displayed in the checkbox input format, so the incident handlers will have the freedom to check multiple corrective actions based on the gravity of the incident.

D. Manager (Reporting Manager / HR / Legal Lead / IRMC Process Head) Login:

• Auto-populate employee details from SAP like employee band, employee name, manager email id, HR email ID, location. 

• List of pending incidents (Each incident Incident ID / Status / Summary ), Action Button

Design Considerations
- We are looking for a simple, easy-to-use, Informative, modern design
- Have your designs of size:
- - Desktop: 1366 x 768px
- - Mobile: 750 x 1334px
- We have provided branding guidelines in the forums, please follow that!

Important:
- Keep things consistent. This means all graphics styles should work together.
- All of the graphics should have a similar feel and general aesthetic appearance.
- Focus on User Experience / how the user interacts

MarvelApp Prototype
- We need you to upload your screens to the Marvel App
- Please send your Marvel app request to csystic@gmail.com (Challenge Copilot)
- You MUST include your Marvel app URL in notes /comments while uploading (in your marvel app prototype, click on share and then copy the link & share it within your notes while you upload).

Target Audience
- Security and Control team
- All the employees, HR Manager, Legal team

Judging Criteria
- How well you plan the user experience and capture your ideas visually.
- Cleanliness of your graphics and design.
- Overall design, UI and user experience.
- Consistency across the UX/UI

Submission & Source Files
Preview Image
Please create your preview image as one (1) 1024x1024px JPG or PNG file in RGB color mode at 72dpi and place a screenshot of your submission within it.

Submission File
- Submit JPG/PNG for your submission files
- Submit Marvelapp as part of your submission.

Source Files
All original source files of the submitted design. Files should be created in Adobe Photoshop, Illustrator, XD, or Sketch!

Final Fixes
As part of the final fixes phase, you may be asked to modify your graphics (sizes or colors) or modify overall colors. We may ask you to update your design or graphics based on checkpoint feedback.