This “cut-out and stick on the fridge” A-Z guide is for anyone thinking about setting up a project assurance function.

It strikes that difficult balance between bureaucracy and intuition, between rote and impact, between defensiveness and helpfulness.

Prepared by Matthew Symes, who leads our Project Assurance and Recovery services, this is practical advice definitely not found in any procedures manual!

Amber is an easy grading to give
“Cop out corner”, where the reviewers dodge giving a Green or a Red grading. It’s a grade that the project love too …. A perfect compromise for all long-grass aficionados. Nobody loses face.

Benefits realisation
Will the project deliver the benefits? Are they measurable? Does the team have a cost-benefit-time trade-off in place to guide decision-taking? Probably not!

Capability reviews
How does an organisation deliver projects reliably, time after time? Does it have the capability and capacity to do that? Does it train, grow, manage and nurture its project managers?

Devil is in the detail. True or false?
Deep dive reviews aren’t usually worth it. Misalignment with corporate objectives, weak stakeholder engagement, low sponsorship and resource shortages are the usual suspects.

Early warning
External assurance provides early warning of issues, or confirms that all is well. Both results are invaluable! Take prompt action if there are issues and build momentum if there aren’t.

Failing projects
They are part of life. Support them quickly with extra resources, or by adjusting the performance / time / cost / objectives. No “blame games” – focus instead on the future!

Green grading
The reviewers must be absolutely certain that the project will deliver its intended benefits, on time and on budget. How many projects actually do that? Green takes real courage.

High risk reviews
Some projects have immoveable deadlines, complex stakeholder communities, multiple external dependencies or large elements of innovation. Use a top-flight review team.

Integrated assurance.
To avoid “review overload”, develop an integrated assurance approach – deciding on the reviews, their sequence, the data exchange process and the interviewees well in advance.

Joint review teams
Supplement your internal team with experienced external reviewers, who may take on the team leader role. This mixes fresh perspectives with valuable internal know-how.

Knowledge sharing
A mature assurance function will absorb the knowledge gained from different project reviews. It will capture that and cycle the learning back through the organisation.

Low risk projects
Don’t ignore these! True, they might not need the intense assurance scrutiny of high risk projects, but large numbers of errant low risk projects can become problematic.

Mobilisation reviews
Ready, steady…… all fall over. Carry out a review a few months after the business case is reviewed and check it’s on track. Mobilisation is a particularly vulnerable period.

Nurture and grow reviewer capability
Assurance is an art, requiring insight, good listening, interpersonal and project management skills and commercial nous. Good reviewers are a rare breed – beware “tick box” monkeys!

OGC (ie the Office of Government Commerce, RIP, now Cabinet Office) Gateway Reviews
The OGC developed Gateway Reviews 20 years ago, based on Shell’s techniques. Despite the reduction in support and leadership recently they are still going strong. A lesson in real embedment!

Portfolio reviews
Organisations should step above “project level” and review portfolio performance, picking up lessons learned, trends, corporate governance and portfolio management issues.

Quick is good!
Reviews should take just a few days, with the report delivered on the final day on site. Immediacy is key, so projects that are in difficulty receive support quickly. Every day counts!

Red reviews are hard to deliver
A “Constructive Red” is tough message that is accepted by the team and that forms the basis for action planning. Anyone can deliver a Destructive Red result. That’s not the point.

SRO – the Senior Responsible Owner
This is the person most likely to initiate action from the review and the whole report should be geared with that in mind. Recommendations should be practical, owned and acted upon.

Turnaround and recovery
It’s all very well grading projects but, for those in difficulty, where is the recovery support? Mature organisations will have recovery capability in the shape of experienced people and agile processes.

Undermining behaviours
Some teams will undermine assurance reviews. Briefings on lines to take, “red herring” interviews, and staff unavailability are all tricks an experienced reviewer will recognise and solve.

Validation reviews
Early validation of a project’s objectives, concept and approach (way upstream of the first business case) is a very good idea. This can be run in a workshop style in a day. Its high-value assurance.

Will the team adopt the recommendations?
Recommendations should have an owner, be short and be crystal clear about the outcomes. They should be timed and pass a clear YES / NO test. Have they really been achieved?

Xmas and Turkeys*….
Projects that are in trouble rarely welcome reviews….. Look out for projects that are slipping off the assurance hook, or are being “reset” and make sure they are thoroughly checked out.

You must communicate!
It’s a good idea to communicate at the end of each day with the SRO about emerging issues. This airs any emerging issue, enabling more investigation if needed.

Zzzzzz –
There should be no such thing as a boring assurance report! Informative, straight to the point and a gripping read. Designed to help, with clear recommendations.