Integrated assurance – what is it, why do it and do you need it? Association for Project Management, the largest professional body of its kind in Europe, says it should not be an optional extra but an essential part of good governance.
With ever more complex and costly projects and programmes, key stakeholders and sponsors need to be sure that everything is going as it should.
Even with all the checks and balances that a professionally-run project should have in place, how accurate is the answer to the inevitable question: ‘Are we on track, are there any issues and will it be delivered as promised’?
The reality may not be what it seems, which could seriously impact on informed decision-making, cost and even the very success of the project. So it is an essential part of robust governance to not only be able to give assurances but also for stakeholders to have confidence in those assurances.
Which is where integrated assurance comes in. Introducing an overall, independent and shared scrutiny should provide the confidence that stakeholders seek and reduce any risk of failure.
According to A Guide to Integrated Assurance from Association for Project Management (APM), assurance exists to ‘support the delivery of successful projects by providing analysis and peer challenge to the project team’s approach’.
“Most organisations have to put assurance controls in place because their customers expect it and they may be legally required to do so for aspects such as quality assurance and health and safety,” said one of the guide’s authors Roy Millard (pictured), a senior audit manager at Transport for London and chair of APM’s Assurance Specific Interest Group (SIG).
“The problem is that too often this is tackled from a ‘silo’ point of view with no integration across the project, programme or portfolio. By streamlining the approach to give a joined-up perspective avoids duplication, less in the way of intrusive reviews and provides confidence as well as meaningful control.”
Integrated assurance is based on a comprehensive and shared view and works to avoid gaps and overlaps, making more efficient use of resources. It also means that assurance can focus on key risks and controls and provides an effective and appropriate governance hierarchy. This in turn allows more direct attention to important exposures, areas not well covered and interrelationships across the whole project portfolio.
The key is to strike the right balance between too much time and resources spent on assurance and not enough – both of which can be at the expense of successful delivery. Assurance by volume is no guarantee, and individual stakeholders may each have a different assurance requirement. Establishing an effective, integrated model for your organisation in a way that is neither onerous or an added risk in its own right is crucial.
“Having a long and diverse list of assurance providers may not necessarily be a problem,” states the APM guide.
“They may be quite necessary and may each be providing a different perspective. However, there is a risk of duplication between assurance providers that can lead to projects developing a feeling of assurance ‘overload’.”
Then there are external factors such as the environment to consider and so it makes sense that the project’s assurance plan needs to remain dynamic and be continuously reviewed throughout the life of the project.
This is not just another job for the project manager to add to the already demanding list of tasks. Rather it should be led by a group including sponsors, stakeholders and key managers.
Explains Roy Millard: “They can sit back and think it through, look at what can be done about confidence and control and ensure those carrying out assurances and reviews share with others.
“If integrated assurance is carried out properly, it can save money because time isn’t wasted on doing things in the wrong way. There is a small additional cost, but that is mostly in terms of time which can be outweighed by the benefits to the project.”
Every organisation, every project, programme and portfolio is different, so there can be no proscribed ‘one size fits all’ model for building an integrated assurance plan. However, there are common elements to be considered and best practice to examine.
Roy explained how to create a structured approach in the Master Class zone at Project Challenge Expo at Olympia on October 15th. His presentation, Integrated Assurance – how to do it in your organisation, looked at ways of arranging assurance in such a way that it doesn’t become an onerous burden on projects but contributes to good governance.