ZipGRC

An example of a compliance training and assessment conversation within ZipGRC Microsoft Teams Bot.
Compliance Dashboard login with Azure Active Directory
Compliance Dashboard inbox displays exception requests and incidents that employees report through the ZipGRC Microsoft Teams Bot.

Inspiration

Existing compliance training tools are old and clunky. Employees are often required to log into legacy web-based interfaces to complete basic compliance training. This results in low employee participation for all compliance-related activities within companies.

What it does

ZipGRC is a compliance training and assessment tool for Microsoft Teams. The goal is to increase employee participation for compliance-related activities such as policy training, exception management and incident reporting.

Compliance managers can create policy training sessions using the app's form builder interface (not within Microsoft Teams). When managers save their training session, every employee within the company receives a notification through Microsoft Teams.

Employees can view the training material and complete an assessment quiz (that was previously created using the form builder) all within Microsoft Teams. With existing compliance tools, employees would have had to take the same assessment through a web form that is usually available only on the desktop. Now, employees can quickly complete their assessments anywhere (web or mobile) using the ZipGRC bot for Microsoft Teams.

Employees can also request policy exceptions and report policy violation incidents directly within the same Microsoft Teams bot.

How I built it

I used a number of technologies to build ZipGRC

Microsoft Graph
Microsoft Teams
Microsoft Azure Active Directory
CosmosDB
Microsoft Bot Framework
botbuilder Node.js libraries
Node.js
Vue.js

The solution consists of an Compliance Dashboard and the Microsoft Teams bot.

Challenges I ran into

A few challenges that I ran into:

I was unable to automatically start the ZipGRC bot conversation for all employees in Azure Active Directory unless they had previously interacted with the bot (I needed the interaction to store their conversation meta data in the database)
Converting a web form into a bot conversation took some effort but was ultimately doable

Accomplishments that I'm proud of

Converting assessments built using the web-based form-builder into a Microsoft Teams bot dialog

What I learned

Bots and conversations have a lot more untapped potential than common use cases like travel booking, polls etc. They can be used to solve important business needs if done right.
It is easier to build bots than to build interfaces for most single-purpose apps

What's next for ZipGRC

Support for rich training cards including video, images and documents
Better analytics and reporting within the Compliance Dashboard
Trials runs at real companies

Built With

graph-api
microsoft-teams
botplatform
node.js
cosmosdb
azure-active-directory
vue.js

Updates

Nagarjun Palavalli started this project — Nov 17, 2017 07:20 AM EST

Leave feedback in the comments!

Log in or sign up for Devpost to join the conversation.