Methodology · Six-stage process

How to Run a UX Audit

The operational methodology, from scope to roadmap. How senior practitioners actually run audits that produce findings the team ships, rather than documents that get filed and never reopened.

Jamie Pow 22 min read Cluster spoke Updated 2026

An audit done well is the most economical UX intervention a team can commission. An audit done badly is a waste of two weeks and a wedge of credibility. The difference is process, not talent. Senior practitioners follow the same six-stage methodology every time. The framework below is the one I've used across retail (Selfridges), travel, scientific publishing, and now JD.com.

Audits are not won at the report-writing stage. They are won at scoping and lost at presenting. Spend disproportionate time on the first and last steps.

Stage one: plan and scope

Scope is where audits collapse. Teams agree to a vague "audit the product" brief, the practitioner spends two weeks producing fifty findings, half of which the team considers out of scope. The deliverable lands flat.

Scope on three axes.

Scoping framework

The three axes of audit scope

  • Surface. Which screens, flows, user roles, devices. If it's not on this list, it's not in the audit.
  • Depth. Heuristic only? Plus accessibility? Plus performance, content, mobile parity? Each layer adds time and cost.
  • Audience. Who needs to see the findings, in what format, by when. The audience determines the deliverable shape.

Write the scope as a single paragraph. Read it back to the stakeholder. Get explicit written sign-off before any walking-the-product begins. The paragraph is the document everything else hangs off. Without it, the audit drifts and the report becomes negotiable.

Worked example

"Audit the checkout flow on iOS and web for a UK retail client. Scope covers from cart to order confirmation, including guest and account-holder paths. Heuristic review against Nielsen's 10 plus WCAG 2.2 AA accessibility coverage. Output: written report with prioritised findings, a one-hour stakeholder presentation, and a recommended roadmap for the next two sprints. Delivered within three weeks of kickoff."

That paragraph names the surface, the depth, and the audience. The team can disagree with it before work starts. After work starts, scope creep becomes a change request.

Stage two: align stakeholders

Before any screen is reviewed, the audit needs three things from the team: an owner, an authority, and a list of constraints.

  • The owner is the person responsible for actioning findings after delivery. Usually a head of product or head of design. They sign off on scope and attend the final presentation.
  • The authority is the senior figure who can unlock budget and engineering time when the audit lands. Sometimes the same as the owner; often a level higher.
  • The constraints are the things the audit shouldn't bother flagging because the team already knows about them. Existing tickets, planned migrations, known design system drift. A constraints document at the start saves you embarrassing both parties later.
Practitioner note
The constraints document is the single most under-asked-for artefact in audits. Without it, you'll spend the presentation listening to "we know about that one" twenty times in a row, and credibility leaks away from the findings the team genuinely didn't know about.

Run a 30-minute kickoff with the owner. Hand over the scope paragraph. Ask for the constraints document. Confirm the presentation date. Then begin.

Stage three: gather evidence

This is the longest stage in elapsed time and the easiest one to underestimate. Two passes through the in-scope surface, with different mindsets each time.

Pass one: walk as a user

Do the tasks. Open the app cold, sign up, complete the core flow, abandon halfway, come back, sign in, recover a password. Don't take notes yet. The first pass is for impression, not findings. You're looking for the moments that feel wrong, the points where you slow down, the places where you accidentally tap the wrong thing.

Pass two: walk as an auditor

Now systematically. Screen by screen, with the heuristic and WCAG checklists open beside you. For each finding:

  • Screenshot the issue.
  • Name the heuristic or success criterion it violates.
  • Note the path that surfaces it (URL, user role, device).
  • Capture an initial severity guess (you'll refine in stage four).
  • Note a candidate fix.

Capture findings the moment they appear. Writing-up at the end of a day loses thirty percent of the detail. Use the UX audit checklist as the working document; the categories and severity columns are built for this stage.

Tools that earn their place

For the deterministic parts of the audit, lean on tools. They run faster and don't get tired. The contrast checker for colour pairs, the focus state checker for the new WCAG 2.2 criteria, WAVE for an automated accessibility pass, PageSpeed Insights for performance baselines. None of these replaces expert review; all of them speed up the parts of expert review that are mechanical.

Stage four: score severity

An unscored finding is a suggestion. A scored finding is a decision the team has to make. The scoring stage is where the audit transitions from observation to prescription.

0–4 severity rubric

Scoring each finding

  1. 0 — Not a problem. Reframe or drop. If it survives the cut, it shouldn't be on the list.
  2. 1 — Cosmetic. Fix when there's time. Visual polish, mild inconsistencies.
  3. 2 — Minor. Workable; users find the way through. Fix this quarter if possible.
  4. 3 — Major. Slows or stops users routinely. Fix before next release.
  5. 4 — Catastrophe. Blocks users, loses data, breaks the law. Fix immediately.

Severity has three component questions. Apply them honestly to every finding.

  • Frequency. How often will users encounter this? Every session, or once a year?
  • Impact. When they encounter it, what happens? Minor friction, dropped task, financial harm?
  • Persistence. Does it improve with familiarity (people learn around it) or does it get worse (each repeated encounter erodes trust)?

The temptation is to score everything as severity 3. Resist it. A flat severity distribution is a failure of the rubric. Aim for roughly one third 1–2, one third 3, less than ten percent 4. If everything is major, nothing is.

Stage five: recommend fixes

Findings without recommendations are complaints. The recommendation is what makes the audit actionable.

For each finding, the recommendation should answer three questions:

  • What changes? A specific behavioural description, not a pixel-level mock. "Surface the saved-card state during the payment step so users don't re-enter card data unnecessarily."
  • What does it cost? An effort estimate in T-shirt sizes: S (under a day), M (one to three days), L (a sprint), XL (multiple sprints).
  • What does it gain? Expected impact in plain terms: "Reduces drop-off in payment step. Estimated lift: low-to-moderate."
Practitioner note
Write recommendations in behavioural language, not visual language. "Make the CTA more prominent" is unactionable. "Move the primary CTA above the fold and remove the secondary CTA from the same row" is shippable. The audit's job is to describe the change, not to draw it.

If a recommendation needs a sketch to be understood, include the sketch. But the sketch supports the behavioural description; it does not replace it.

Stage six: present findings

The deliverable is not the document. The deliverable is the team understanding what to do next. A finely typeset report that doesn't change behaviour is a failed audit.

Lead with the top three

An audit can produce forty findings. A team can act on three. The executive summary opens with the three highest-severity findings, the business impact of each, and the recommended action. Everything else is appendix.

Walk it live

Don't email the deck. Run a 45 to 60 minute working session with the team. Engineering will surface implementation constraints. Product will surface roadmap constraints. The recommendations sharpen. Ownership transfers.

Capture the next sprint live

End the session with the team agreeing which findings ship in the next sprint. Write the tickets there and then. Audits that don't generate tickets in the room rarely generate them later.

See the example audit report for what good looks like end to end. Audit templates include the report structure, executive summary format, and presentation deck.

Turning audit into roadmap

The roadmap is a separate artefact from the report, even though it's derived from it. Score every finding on a two-axis grid of impact and effort.

Impact × effort quadrants

How findings become roadmap items

  • High impact, low effort. Quick wins. Ship in the current sprint. Justifies the audit budget on its own.
  • High impact, high effort. Strategic. Next quarter. These usually require design system or platform-level changes.
  • Low impact, low effort. Sweep. Bundle into a quiet sprint or pair with adjacent work.
  • Low impact, high effort. Park. Revisit only if context changes.

Most audits surface ten to twelve findings in the high-impact-low-effort quadrant. That's the first sprint's worth of work and the audit's most visible return on investment. Present the quadrant grid as a single slide; teams adopt it faster than they adopt long ranked lists.

Practical companion

The UX audit checklist

The 60-point structured checklist mapped against Nielsen and WCAG 2.2. Use it as the working document during stages three and four.

Interactive Print PDF
Open the checklist Browse templates

Common failure modes

Five ways a methodologically correct audit still ends up filed and forgotten. Avoid these and you're already in the top quartile.

  • Scope creep accepted in silence. Mid-audit, the stakeholder asks "while you're at it, can you also look at...". Saying yes without changing the timeline is the fastest way to a poor deliverable.
  • Severity inflation. Everything is severity 3. The team treats the list as a flat backlog and drops it in the parking lot.
  • Recommendations that read as design ideas. "Try a sticky CTA pattern" is a suggestion. "Add a sticky CTA pattern to the payment step where the in-place CTA falls below the fold on iOS" is a recommendation.
  • Presenting only to leadership. The senior stakeholder loves it. The team that has to ship the fixes never sees it. Six months later nothing has changed.
  • No follow-up. A two-week check-in after the audit closes the loop. Without it, the audit is theatre.

Frequently asked questions

How do you scope a UX audit?

On three axes: surface (screens, flows, roles), depth (heuristic / accessibility / performance / content), and audience (who will see findings). Write the scope as a single paragraph and get sign-off from the most senior stakeholder.

How do you score severity?

0–4 scale. 0 not a problem; 1 cosmetic; 2 minor; 3 major; 4 catastrophe. Severity is a function of frequency, impact and persistence. Score honestly.

How long should a UX audit take?

Focused single-flow audit: three to five days. Full product audit: two to four weeks. Most slippage happens at scoping.

Who should the audit be presented to?

The team that will action the findings. Engineering, design, product, content. Live walk-through, not emailed deck.

How do you turn the audit into a roadmap?

Score every finding on impact and effort. High impact, low effort goes in this sprint. High impact, high effort goes in the next quarter. Low impact items backlog or park.

Continue in the cluster
Hub

The complete UX audit guide

The full evergreen reference. Process, types, tools, presentation, roadmap conversion.
Framework

Heuristic evaluation

Nielsen's 10 heuristics with practical failure patterns and severity scoring.
Example

UX audit report example

An anonymised real audit walkthrough. Executive summary through roadmap conversion.
Downloads

UX audit templates

Report structures, scoring frameworks, presentation decks.
JP
Jamie Pow
Associate Director, Experience Design at JD.com · Previously Head of UX at Selfridges & Co · Building UX Companion