My framework
Initial assumptions
Introduction
This case study addresses a complex problem related to access management, onboarding, and offboarding in large companies, where the impact is not only operational but also financial and security-related.
Rather than starting with screens, I approached the problem using a framework similar to the Blueprint Hub to structure decisions, identify real gaps, and design a system that scales.
The process focused on understanding what already "existed" in the product, what could be reused, and what needed to evolve, avoiding ad-hoc solutions. From a product and visual perspective, the dashboard was designed as a kind of refactoring of existing components, taking inspiration from well-established patterns used in tools like Factorial, with the goal of creating a scalable and familiar solution for IT, People, and Finance teams.
To accelerate exploration and validation, I used ChatGPT as a strategic thinking partner to structure assumptions, metrics, and flows; Framer to prototype a first high-fidelity interface focused on structure; and Lovable to polish the idea until it was presentation-ready and self-explanatory.
Problems to solve
1. Unnecessary costs
Licenses assigned to inactive or offboarding employees
Paid licenses that are not being used
Lack of visibility into ideal vs actual cost
2. Security risks
Ex employees with active access
Inconsistent permissions across roles and teams
3. High operational load
IT manually handling every joiner, leaver, and change
Managers lacking safe autonomy
No clear system-level visibility or alerts
Hypotheses to validate
Most unnecessary software costs come from misaligned employees, roles, and licenses, not from the number of tools.
A role-based access model reduces onboarding time and human error more effectively than managing access tool by tool.
Planning changes in advance (onboarding, offboarding, role changes) reduces security risks and operational stress.
A dashboard with clear, actionable metrics allows teams to detect problems before they turn into financial loss.
Blueprint
1. Trigger. What drives the need for this project?
Companies lose time and money because access, roles, and licenses are not synchronized with reality.
Without a system view, issues are detected too late.
Signals identified
Inactive employees still holding paid licenses
Access assigned manually without standardization
Long onboarding and offboarding times
IT teams overloaded with every joiner and leaver
Managers lacking visibility and alerts
Why this is so critical (business impact)
The lack of automation:
increases software costs
raises security risks
reduces customer satisfaction
negatively affects retention
2. Mapping. Context map
Key stakeholders
IT: defines rules, roles, and automations
People / HR: manages employee status and lifecycle
Managers: manage access for their own teams
Finance: controls and optimizes software spend
Orio (the system): detects, alerts, and guides decisions
Current onboarding
HR manually informs IT about a new hire
IT reviews role and team
IT assigns access app by app
Managers confirm via Slack or email
No centralized record exists
Current offboarding
HR notifies IT about a departure
IT checks every app manually
Access is revoked one by one
No alerts if something remains active
Outcome
→ slow process
→ high cost
→ operational risk
3. Scanning. What exists today in Orio?
Strengths
1,000+ SaaS integrations
Centralized permissions panel
SSO already integrated
Cost visibility for Finance
Limitations
No HRIS integration
No official employee directory
No automatic role-based access
No alerts or inconsistency metrics
No automated offboarding process
4. Gap Map. Identified gaps
This first version intentionally covers the most critical gaps:
No official employee source → Employee Directory
Manual access decisions → Role-based access
Reactive offboarding → Planned changes via Calendar
Hidden waste → Unused license detection
Lack of system visibility → Consistency and cost metrics
Remaining gaps (out of scope for V2)
advanced automation
predictive optimization
ML-driven recommendations
5. DECISION LOG. What to build and why
This version prioritizes structural clarity over feature quantity:
Roles are the core abstraction, not tools
Planning matters as much as execution
Metrics drive decisions, not gut feeling
Autonomy is distributed but controlled
Second iteration to Scale
Usage pattern detection with machine learning
Automatic license reassignment
Company-specific workflows
Advanced financial reporting
Prototype summary
1. Dashboard (Home)
The dashboard acts as a system health and cost control panel. Each card answers a key question: Is everything okay? Where are we losing money? What should I do next?
Consistency Score as the main system health metric
Orphan Licenses and Estimated Savings directly connect operations with financial impact
At-Risk Employees, Onboarding, and Offboarding highlight risks and bottlenecks
Clear CTAs to move from insight to action
It answers, at a glance:
Is the system consistent?
Where are we losing money?
What needs attention right now?
Key elements:
Consistency Score (licenses vs employees)
Ideal vs actual cost
Unused licenses
At-risk employees
Onboarding and offboarding status
Cost per team
This turns the dashboard into a decision tool, not just reporting
2. Employee Directory
The operational core of the product. It centralizes people, access, and costs.
clear employee states
visible cost per employee
entry point to access and role management
3. Roles
The heart of the system:
define which tools belong to each role
centralize access logic
reduce human error
scale better than HR integrations alone
4. Tools
Provides visibility into:
real usage
unused licenses
immediate cost impact
5. Calendar
Makes the system proactive instead of reactive:
onboarding and offboarding are planned
changes are visible before they happen
6. Virtual assistant
The cherry on top :)
Thanks
Time spent: 9hs (4 problem solving idea) + 1 (design decisions) + 4 framer
v2 lovable (70 credits): +2hs