Thalorin

back button icon

Role

Founding Product Designer

Responsibilities

Full Design Control

Tools

Figma

timeline

Ongoing
NHSTA redesign shown in laptop renders

Revolutionizing Regulatory Compliance

Challenge

Security and compliance software uses decades old processes, and Thalorin's founder had plans to change that. I was brought on to Thalorin in the early stages of  help them build an MVP product that could streamline the process of tracking compliance.

Process

A startup this early has lots of challenges regarding process. I worked to streamline design so that development could happen quickly in order to get the prototype in the hands of potential customers and VCs.

Results

The MVP was completed in January of this year and continues to help the company draw new interest. Design and development are ongoing as we continue to progress as a company.

01 - Some background

Regulatory compliance for network systems has long been trapped in outdated processes. Organizations face hundreds of individual "controls" within regulations, each requiring:

  • Evidence of compliance
  • Assignment of responsible personnel
  • Consistent tracking and documentation

The industry currently relies on archaic compliance software or simple Excel spreadsheets to manage this complex process. This presented a clear opportunity for innovation: What if large compliance documents could be automatically parsed into tickets within a project management dashboard?

I joined Thalorin in its early stages to tackle this exact design challenge.

The Startup environment

Thalorin exemplified the classic startup balancing act: ambitious vision constrained by practical realities. We had secured initial venture capital funding, creating both opportunity and pressure. Several potential enterprise clients had signed letters of intent to implement our platform once developed, giving us validation but also establishing firm delivery expectations.

When I joined the team, I discovered a significant gap between the product vision being pitched to investors and the actual state of development. The founding team had successfully communicated the transformative potential of automating compliance workflows, but the existing prototype lacked the sophistication and usability needed to deliver on these promises.

My role became threefold:

  • Elevate the design language to match the enterprise-grade expectations of our target market
  • Create intuitive interfaces for complex regulatory processes without overwhelming users
  • Establish design patterns that could scale as we added more regulatory frameworks to the platform

Operating under the venture capital timeline meant we couldn't perfect everything at once. We adopted a strategic approach of "move fast, but build something substantial" – focusing our limited resources on the core differentiating features while ensuring the foundation was robust enough to support future iterations. This required daily prioritization discussions and a willingness to make difficult tradeoffs between immediate feature delivery and long-term platform sustainability.

Key Terminology

To understand the software that we're building, it's important to first clarify some key terminology.

Regulation
A complete compliance standards document from a specific regulatory body.
Control family
A category of related controls within a regulation.
Control
A specific compliance requirement that becomes a task in the system.
Control enhancement
Additional specifications or requirements for a control.

02 - Defining the MVP

To establish clarity on our minimum viable product, I created journey maps and user flows to visualize the system's functionality. These simple maps facilitated crucial discussions with the founder about:

  • Essential features for the MVP
  • Logical placement of features within the application
  • Supporting elements needed to make core features work

These mapping exercises helped us focus on what would make Thalorin truly unique while ensuring we built the necessary foundation.

Old NHTSA search barOld NHTSA ratings search

03 - Digitizing Regulations

We designed a digital library that transformed unwieldy PDFs into interactive resources with two key innovations:

  1. A reusable hierarchical structure for various regulation types:
    • Analyzed frameworks like NIST, HIPAA, and SOC2 to identify common patterns
    • Developed a flexible taxonomy for different regulatory terminology
    • Created a database schema preserving relationships between all elements
  2. A control-focused interface for efficient interaction:
    • Treated each control as a discrete, actionable item
    • Highlighted key compliance requirements with visual prominence
    • Provided contextual information within the regulatory framework

The result was a card-based interface with intuitive sub-navigation:

  • Regulation cards with summary information and statistics
  • Control family cards with collapsible sections
  • Control cards showing requirements and guidance
  • Progressive disclosure revealing details only when needed

User testing showed this approach reduced time to locate compliance requirements by approximately 70% compared to traditional methods.

Old NHTSA search barOld NHTSA ratings search

04 - Generating Tasks from Regulations

The process works in three key stages:

  1. Control selection - Users navigate a hierarchical tree view of regulations:
    • Browse through regulation families to locate relevant controls
    • Filter controls by keywords, risk levels, or implementation status
    • Select individual controls, entire families, or any combination in between
    • See real-time counts of selected items for project scope estimation
  2. Task creation - The system transforms selected controls into structured tasks:
    • Automatically generates task titles from control descriptions
    • Extracts compliance steps from the regulation text
    • Maps relationships between interdependent controls
    • Assigns default priority levels based on regulatory risk assessments
  3. Assignment workflow - Users distribute responsibility for compliance tasks:
    • For the MVP, we simplified this to control family assignment
    • Team leads can assign entire sections to appropriate departments
    • The interface provides visibility into workload distribution
    • A smart suggestion system displays previously assigned similar controls

This approach allows organizations to precisely tailor compliance projects to their specific needs, whether implementing a new regulation from scratch or addressing gaps in existing compliance. While we kept the MVP focused on basic functionality, our roadmap includes plans for an AI-assisted system that can analyze control text, recommend assignees based on expertise, and predict implementation timelines based on historical data.

05 - Familiar Task Management

The main workspace in Thalorin uses a familiar Kanban board view, displaying tasks automatically generated from selected controls. This provides:

  • A comfortable, intuitive interface for project management
  • Clear visual organization of compliance tasks
  • Familiar workflow patterns for teams

Task Detail View

When viewing a specific task, users access a slide-out tray containing:

  • Standard task management elements
  • Compliance steps specific to Thalorin
  • Evidence submission functionality for each step

These compliance steps represent the specific actions required to satisfy a control, with evidence (typically screenshots) uploaded directly within the interface.

06 - What's next?

As Thalorin continues to secure funding and market interest, we're expanding the platform's capabilities:

  1. Enhanced Communication: Redesigning chat functionality to aggregate comment threads into a centralized location
  2. AI Integration: Developing intelligent features to:
    • Summarize regulations
    • Provide actionable insights
    • Make project generation smarter and more intuitive
    • Reduce the need for manual adjustments after project creation

Compliance is entering an exciting new chapter, and I'm stoked to be contributing to Thalorin's vision of transforming this traditionally cumbersome process into a streamlined, intelligent system.

Continue on to the next case study.
Next case study
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
Let's work together
·
...and create
something ¡new!