Project assurance is a key part of making sure that projects are fit for purpose. Assurance is the function that assesses whether the project management processes and other elements such as funding and resources, are there to support the success of the project. Assurance is a way of checking that the project has the best possible chance of success.
Typically, the assurance function prepares an independent report that is shared with the stakeholders. This enables them to focus on which areas should be improved to make the project more likely to succeed. The assurance team might report, for example, that more money is required to deliver all the functionality, or that the testing team need more training. The assurance report normally includes recommendations – otherwise, it’s not that helpful to the project manager and project sponsor trying to improve their project environment.
Assurance in UK government major projects
Earlier this year, the UK National Audit Office (NAO) produced a report about assurance for major government projects. Obviously, spending tax payers’ money means that there is intense scrutiny on public sector project so a strong assurance function is important to ensure that projects have the right conditions to succeed and deliver a successful outcome in a cost-effective way.
Types of assurance
The NAO report explains that there are several types of project assurance. These are:
Internal: assurance function is carried out by someone within the organisation such as an internal audit department.
External: assurance function is carried out by a third party, for example an external auditing firm who are brought in specifically to carry out a project review.
Planned: assurance activity is scheduled into the project plan and the project manager knows when the review is going to take place. This can be scheduled to take place at a particular time in the project lifecycle.
Consequential: the NAO define this as assurance activity happening after a particular event that triggers a concern i.e. as a consequence of something else. So, for example, if a particular workstream was running late or a project board was not happy with the status update from a project manager, assurance activity might be triggered to try to establish what could be improved in the project environment to improve the project overall.
Point-in-time: this is a short-term review, such as a one-off exercise to carry out an assurance analysis and produce a report.
Continuous: this is a situation where the assurance team is embedded in the project team on a long-term, ongoing basis. I don’t know in what circumstances this would be relevant, but for many business-led project I imagine this type of assurance would be overkill.
The role of the assurance team
In government projects, the Major Projects Authority does most of the legwork when it comes to assurance reviews. They are responsible for:
- Validating the plan for assurance activity with other key stakeholders
- Planning assurance reviews
- Scheduling resources to do the reviews
- Briefing the reviewers on the projects
- Producing the assurance reports and then issuing them to the relevant parties
- Escalating any relevant concerns
- Managing the whole assurance system and processes and updating them when necessary.
In most companies, these functions will be fulfilled by the PMO. The PMO may include a team of dedicated assurance staff, who review all projects and report back to the PMO team and the project manager on their findings. The PMO team are in a great place to be able to collate information from a number of projects and ensure that the learnings from one assurance report are implemented in another project.
The PMO team will also have the tools required to manage the assurance review. For example, they may gather information during a brainstorming session with the project team members in Seavus DropMind or another mindmapping tool. This type of open forum session could help the assurance team uncover any issues that are bothering the project team, while not being judgemental.
Do the responsibilities of the Major Projects Authority reflect the assurance role in your company?