How is your project going? If your answer is ‘it depends on who you ask’, trust me, you could benefit from better project assurance.

Project assurance is all about giving confidence to stakeholders that projects are delivering what they are expected to, that is, that their objectives – in terms of cost, time, scope, quality, benefits – are being met. Don’t get me wrong, I’m certain that organisations have project teams that work with maximum integrity and the departure point for any assurance function shouldn’t be one of distrust! However, it’s also fair to say that some organisations are so focused on speed to deliver that they end up overlooking some early warning indicators.

Others have a culture of blamestorming, where people don’t feel comfortable in presenting the reality of their projects and end up painting their projects with a stretched optimism. Have you heard of watermelon reporting? Yes, that’s what I’m talking about – projects that look green on the outside until someone actually looks closer and realises that they are of a bright red on the inside. While not a silver bullet on its own, assurance can help in instilling a culture of responsibility and transparency, where it is accepted that a red indicator is not necessarily ‘someone’s fault’ but where there is an appreciation for other factors which can be outside the project manager’s control and where red can be a cry for help. Resources, anybody?

Did I get your attention? Then let’s talk a bit more about what good looks like.

6 Principles of Project Assurance

To be effective, according to the Association for Project Management (APM)’s Guide to Integrated Assurance, assurers should be guided by six fundamental principles:

1) Independence:

Assurance providers should be independent, that is, they need to be objective in their evaluation and not emotionally attached to what is being assured. After all, we want facts, not opinions. Such independence should be demonstrated both in fact and in appearance by promoting an environment in which the assurer is free of any influence, interest or relationship that might impair professional judgment or objectivity. Therefore, it is preferable, for instance, to secure assurance resources from outside a project rather than having a (dedicated) project support office completing that role – they would be too close to the assured entity and therefore can threaten independence by having a vested interest or advocating for a certain result. Even if that is not the case, perception does matter.

2) Accountability

Effective assurance turns a culture of blame into a culture of accountability, where different roles carry different responsibilities, and everyone knows what is expected of them and where do they sit in the lines of the defence model. By following this principle, organisations establish governance and reporting systems that facilitate that accountability and where trust, transparency and visibility reinforce it. As for the assurance function itself, accountability is also demonstrated through how empowered it is – assurance should be given due authority with strategic sponsorship and commitment to drive the function forward.

3) Proportionality

Assurance should be reasonably practicable, otherwise, we risk ‘death by assurance’. This means that the volume of assurance work carried out should be proportionate to the complexity and risk associated with the area under review, having regard, as appropriate, to the financial impact, health and safety, operational continuity, reputation, and legal and regulatory compliance. The proportionality of assurance can be facilitated through an initial complexity/risk assessment coupled with a tailoring matrix, to maximise effective use of resources and avoid duplication of effort. After all, a 3-months, a single-division project may not have the same potential of risk as a 3-years, company-wide one and therefore will require a different level of controls and a different assurance effort. ‘How much assurance?” should be proportionate to the project scale and risk profile.

4) Risk-based

Unless you have a very small portfolio and/or don’t have any shortage of resources, it is likely that you won’t be able to have a dedicated assurer for each of your projects. So, where to start? You guessed it right, you will have to prioritise your effort. Assurance work should be planned so as to focus attention on areas of highest risk to the organisation. This poses an interesting challenge to many organisations, as it required a single view of the project risk profile which goes beyond delivery and the sum of the risks identified in a risk register but instead it is also informed by business risks. A risk assessment should be completed from the offset – responding to the proportionality principle as well – and be validated at the project stage gates.

5) Planning & Coordination

Effective assurance uses a no-surprises approach, that is, assurance engagements should be properly planned, including defining the engagement’s objective, scope, timing and resource allocation. This principle is achieved through the Integrated Assurance and Approvals Plan, which aims to ensure proper coverage and minimise duplication of efforts. In the context of integrated assurance, it should also be clarified how the multiple assurance providers, internal and external, are going to coordinate activities and share information.

6) Impact, Follow-up & Escalation

Make no mistake, effective assurance does not end with the identification of findings and recommendations. Each of the remedial actions arising out of assurance engagements should have a defined owner assigned and an agreed timescale for completion. Also, there should be a process of follow up to confirm that all significant agreed actions were indeed implemented. Likewise, areas of good practice identified through assurance activity should be communicated to other areas of the business as appropriate with the aim of improving control across the organisation. The value of assurance is a result of the impact of assurance.

Good assurance is therefore one which is designed to be proportionate, risk-based, independent, and coordinated and planned; one which is delivered by competent professionals, is based on evidence, supports continuous improvement, spreads good practice, and leads to action. Ultimately, project assurance should help you make better and informed decisions with confidence.

How assured are you of your project assurance capability? If you are simply seeking reassurance (see what I did there?) or want to upskill your PMO/Assurance teams, get in touch to find out more about our APM-accredited Assurance Practitioner training course, we would love to hear from you!

APM Accredited Assurance Practitioner Training Course

The 2-day Wellingtone Project Assurance Practitioner training course provides a comprehensive and practical view of the strategies, competencies required, and tools and techniques available to design, set up and deliver effective and integrated project assurance in organisations. The course emphasises an approach of ‘learning by doing’, which sees delegates using a case study from end-to-end, enabling the doing of the right projects in the right way, and allowing opportunities to develop certain key soft skills relevant to Project Assurance Practitioners, such as giving and receiving feedback.

This can be delivered in-house for teams of up to 10 delegates or individuals can book on to one of our public courses below.