Venmonitor

Venmonitor — Background & Context

Vendor risk management teams were increasingly expected to assess more vendors, across more risk domains, with higher scrutiny and in less time. Despite this growing complexity, the industry lacked a unified tool that allowed teams to proactively evaluate vendor risk before contract execution and strategically prioritize risk management efforts after onboarding.‍

Most organizations relied on:
• Disconnected reports
• Manual reviews across multiple platforms
• Reactive risk assessments conducted only after a vendor was already in use

Venminder saw an opportunity to stay ahead of the market by creating a single, extensible product that consolidated multiple third-party risk domains into one cohesive monitoring experience by creating Venmonitor.

Vendor screening is a time-consuming process that can be frustrating when vendors fail to respond to questionnaires or provide reliable documentation, resulting in an unclear assessment. Before the development of the screening tool I helped create, there was no similar tool available on the market, making it truly unique.

Vendor risk teams needed to answer two critical questions, but had no single tool to support both:

1. “Should we work with this vendor?”  (Pre-contract screening)
2. “Where should we focus our risk management efforts?”  (Ongoing prioritization & remediation)

Core challenges:

• Risk data lived in silos across risk partners and reports
• Inconsistent scoring, terminology, and visual language with different risk domains
• No clear way to compare risk across domains
• Teams spent more time interpreting data than acting on it

Research

I partnered closely with product managers and key stakeholders, including the company founder, to shape the vision for Venmonitor. We identified the core risk domains customers needed to evaluate both before onboarding vendors and through ongoing monitoring. Upon doing that, we conducted user interviews with a small group of power users to validate our decisions and ensure the proposed solution would meaningfully support their due diligence and ongoing monitoring workflows. From there, we focused on finding the right risk domain partners, specifically those with APIs that allowed risk data to flow directly into Venmonitor.

Risk domains validated:

• Cybersecurity
• Privacy
• Business Health & Credit Risk
• Know Your Vendor (KYV)
• Adverse Media
• Environmental, Social, and Governance (ESG)

Unifying Risk Provider Data 🛠️

Each risk provider delivered data through its own API and visualization patterns, creating inconsistent widgets across domains. But finding the right partners was itself part of the design challenge — I was involved in researching and evaluating potential risk data vendors, assessing not just data quality but how their outputs could realistically integrate into a cohesive product experience.

Once partners were selected, I redesigned how their data was surfaced in the UI, developing a unified visual framework flexible enough to accommodate different risk types while maintaining the consistency Venmonitor needed to function as a true single pane of glass.

Example: Cybersecurity Risk Data – Provider's API widget
A wealth of data was available, but the organization was difficult to understand at a glance, and the color palette did not align with Venminder’s risk color system.

‍

Example: Cybersecurity Risk Data – Redesigned for Clarity & Consistency
I reworked the provider data to align with Venminder’s risk color system and introduced a more structured layout, helping users quickly interpret cybersecurity risk without digging through dense information.

‍

Planning for Data States & Variations

To support development and ensure flexibility as data scaled, I planned and documented both 50% and 100% data variations across Venmonitor widgets.

This included designing clear empty and no-data states so edge cases were accounted for and developers had a complete picture of how each component should behave, even when data was incomplete or unavailable.

Defining Layout 🛠️

Once the risk provider widgets were unified visually, a new challenge popped up:

How do we fit all of this onto a single page without it feeling overwhelming?

I explored different layout options to make the best use of space while still giving each widget room to breathe. This led to a two-column layout for most domains, with flexibility for full-width widgets when the data was more complex or required a dual-panel interaction.

‍

‍

‍

‍

‍

‍

‍

‍Initial designs prioritized a uniform grid, but layout testing uncovered the need for mixed widget dimensions to improve at-a-glance readability.

‍

Final Design

The final Venmonitor experience brings multiple risk domains together into a single, cohesive view.

I designed Venmonitor to turn fragmented, multi-provider risk data into a single, actionable experience. By bringing multiple third-party risk domains into one unified view, I helped reduce the cognitive load teams previously faced and made it easier for them to quickly understand risk and make confident vendor decisions.

• Faster decisions: Teams can quickly screen potential vendors before onboarding using clear, at-a-glance risk signals, helping them move forward with confidence.

• Unified Risk View: The redesigned interface consolidates intelligence from cybersecurity, privacy, business health, KYV, adverse media, and ESG into one cohesive dashboard, making cross-domain comparisons intuitive and actionable.
  

• Enhanced Ongoing Monitoring: The Daily Refresh and Dashboard views enable teams to continuously monitor suppliers for emerging threats, allowing risk owners to proactively identify and address issues rather than react after they escalate.
  

• Adoption & Trust: Built on industry-leading risk intelligence sources, Venmonitor provided a single subscription to vetted data, eliminating the need for multiple external tools and simplifying enterprise risk programs!