Let’s not kid ourselves: audits can be frightening, especially if it is the first time you are part of one. Just the word ‘audit’ – it immediately sounds like serious business, right?

Project audits are a detailed and formal enquiry of the management of a project, its processes, expenses, progress, risks, etc. and for many they are – incorrectly, I must say – seen as the last resort in the assurance of the project. This has to do with how audits are triggered, mainly – where there are concerns regarding the governance of the project, its financials, and/or to determine its continuing viability. The project is understood as a ‘troubled’ project. Additionally, project audits may not always be welcomed with open arms because they are often conducted by a party external to the project and, sometimes, the organization (e.g., project office or independent auditor). However, project audits don’t need to be scary! As a matter of fact, they should be received as another assurance review type, aimed at strengthening the three lines of defence model, planned as part of the Integrated Assurance and Approvals Plan of the project, and embedded in assurance ‘business as usual’.

If you are still not convinced or if this is the first time you are taking part in an audit for your project (whether as the project management team or in the PMO/Assurance function coordinating assurance) keep reading on. Let’s discuss some steps that you can take to make this a smoother, stress-free process!

Before the audit:

  • Use an audit checklist: simple but effective, checklists will allow you to quickly list what is needed vs what is ready for the audit;
  • Agree who/what/when: the terms of engagement should be clearly defined before the audit is initiated; this includes a clear identification of should be involved/consulted, what is in scope for the audit, and the timeline for the audit.
  • Develop an audit timeline and assign responsibilities: when it comes to assurance ‘no surprises’ is always a winning strategy. Thus, having visibility of when evidence is going to be collected or when the team can expect the results of the audit is paramount to success; this also includes a clear understanding of the responsibilities during and post-audit.
  • Get acquainted with the auditor: you don’t want to compromise the independence that should exist as a principle in the audit (we should give auditors the space they need to do their work). However, having a pre-audit meeting won’t do any harm and will help you build rapport (and be more relaxed for when the actual audit takes place).
  • Ask questions: audits follow structured lines of enquiry to avoid ‘grey areas’ open to interpretation. However, it can be useful to know what is the modus operandis of the auditor or to simply confirm how does s/he wants to gain access to the project data to be consulted.
  • Prepare the paperwork: audits can be bureaucratic, with several documents to be prepared, reviewed, and later shared as output. Don’t neglect the importance of having up to date configuration item records, clarifying which version of a document is the latest and/or where it can be found. Make it easy for the auditor to find what s/he is looking for.
  • Prepare your staff: setting the scene on why the audit is needed, what is going to happen as next steps, or just clarifying some misconceptions about what an audit entails helps to build the right mindset amongst the project team and to incorporate the project audit in the day-to-day activities of the project without much disruption.

During the audit:

  • Be collaborative: be mindful of the ultimate purpose of the audit – is not to flag your weaknesses (either as manager, project, or organization), but to help the project succeed by proposing preventive and remediation actions. For that reason, being cooperative when you are asked to provide a piece of information or clarify an aspect of the project is fundamental;
  • Be proactive: don’t just apply a laissez-faire- attitude. Be available and proactive in the audit by offering to help where appropriate and disclosing any information that you believe could be of use to the auditor;
  • Relax: the audit is underway, the auditor knows what s/he is doing, you’ve done your preparation. Now, just breathe. The results will be with you shortly.

After the audit:

  • Implement actions: assurance on the project doesn’t end when the project audit results are out – it should be action-oriented; based on the terms of reference for the engagement, an action plan should be implemented, identifying clear owners, timescales and priorities for each action;
  • Learn from the past: project audits should be a manifest of consequential assurance and leading to knowledge creation and transfer that could be useful not just for the remaining stages of the project, but also for future projects in the organization. Make no mistake: assurance is only valuable if leading to better decisions! What is the ‘so-what?’ answer to the project audit?

What about now? Are you more prepared for your next project audit? I do hope so but, if you would like to continue the conversation and uncover other review types in the fascinating world of project, programme, and portfolio assurance, just get in touch or have a look at our APM-accredited Assurance Practitioner course!

On This Page

Monthly Newsletter

By: Marisa Silva (The Lucky PM)

Marisa Silva (The Lucky PM)
PPM specialist with extensive experience in industry with a focus on collaboration, PMO conception & strategy, method and capability development. Marisa also retains depth expertise in Microsoft PPM having led a large number of client deployments.

Published: 4 November 2022

Upcoming Courses

Book onto an Event

Related Articles & Insights

Talk to us about your project & portfolio management ambitions.

Wellingtone Limited will use the information you provide on this form to contact you as outlined in our Privacy Statement.