Documente Academic
Documente Profesional
Documente Cultură
Chapter 5 ! overview
This chapter is about how a well-planned and properly executed project assurance process can
provide significant support to the project and its sponsors. The key to success is that the process
is fully risk scaled and that it is applied in an integrated manner. Targeting the windows of oppor-
tunity when decisions are taken and leveraging external insights and experience is most valuable.
Hence ‘real time’ involvement requires a high trust environment to be created, where behaviours
are conducive for knowledge transfer and continuous improvement.
Chapter 5 ! outline
5.1 How to set up an effective assurance framework
5.2 Executing assurance
5.3 The human element in delivering effective assurance
5.4 The Wind Farm
88
925836-02_106_17-Feb-15_08:41:21_walter
the scene and money at work
Chapter 5
Value and project
assurance
by Guus Kessler
In setting the definition, it is important to make a clear differentiation between ‘controls’ and
‘assurance’. In the common language, we talk about ‘assurance’ when we really mean controls.
With the ‘controls’ in the domain of engineering project management, the integrated checks and
balances are meant to help the manager ensure that she stays in control of the core engineer-
ing and project management process and drives towards desired outcomes. Assurance builds
thereupon. It primarily covers the process of checking the strengths and completeness of those
controls by a respected and credible party that is external to the project team.
Unfortunately, there are very few hard data on the impact of the assurance process and its
effectiveness on project outcomes. The Independent Project Analysis (IPA) company and other
institutes have plenty of data showing the correlation between (and the need for) appropriate
front-end loading in the project definition and planning, and the resulting project performance
and predictability. However, there are very few statistical data that show the impact of the assur-
ance activities on the project outcomes. One of the reasons for this may be its integrated and
advisory nature, where the process of ‘executing assurance’ is not seen as a specific and meas-
urable activity and often carries a wide overlap with the core delivery process. Nevertheless,
experience shows that the independent assurance of projects has helped project managers to
avoid, or at least better navigate, the very complex risk spectrum that they often face.
89
925836-02_107_17-Feb-15_08:41:21_walter
M a n a g e m e n t o f e n gi n e e r i n g P rojects
90
925836-02_108_17-Feb-15_08:41:24_walter
the scene and money at work
conveniently called control effectiveness reviews. These reviews are operated on a more the-
matic basis, encompassing a number of relevant and interrelated controls and then verify their
collective effectiveness.
The second line of defence provides independent project assurance over the total project delivery
process, including its integrated controls. This assurance provision is usually milestone-based
and it is used to safeguard the quality of the decisions and readiness to pass the milestone. Often
the assurance provider reports out to the project manager and at the same time also to the spon-
sors of the project.
The final line of defence is made up by the auditors. They study the design and operational
effectiveness of the assurance and control framework. They check compliance, mostly in a rath-
er mechanistic and very focused manner, looking for hard evidence, without too much further
diagnostics. Auditors can be very powerful because they look for conclusive evidence and do
not rely on experience or opinions. As such auditors’ results are often indisputable, triggering the
required reaction and follow-up, but they are also quite inefficient and ‘expensive’ given the need
to find conclusive evidence.
Clearly if the control layer functions as well as the first line of defence, there is reduced need for
assurance and audit. One would therefore expect that the manager focuses primarily on this. In
reality the exact opposite often occurs. Due to poor understanding by the project team of the
value of appropriately designed and executed controls, the manager often decides to minimise
them for the sake of efficiency. This then leads to increasing reliance on the other layers of
defence, with a much higher risk of recycle, because the controls are by definition much more
integrated in the work process than the assurance provision.
A good framework achieves the balance where assurance provision keeps the control providers
sharp. It provides an external perspective, making sure that there are no blind spots and the
project does not fall in some sort of a ‘boiling frog’ type of trap where due to the intimacy and
closeness of the project control providers, they allow the project to drift away from the optimal
outcomes and decision quality.
Independent assurance
LOD 3 under a specific mandate
of the Board
LOD 2
Business
Assurance Management
in Control
LOD 1
Control Effectiveness
Monitoring
Management Controls
91
925836-02_109_17-Feb-15_08:41:30_walter
M a n a g e m e n t o f e n gi n e e r i n g P rojects
92
925836-02_110_17-Feb-15_08:41:30_walter
the scene and money at work
their anticipated level of support. After this mapping, it is important to proactively seek alignment
with them and establish a form of ‘contract’ on which the project delivery can be conditioned.
Understanding and respecting accountabilities is also very important in the assurance domain,
as assurance holds the potential to dilute the single point accountability principle that is critical
to project success. This is particularly the case when the assurance provider becomes a ’sign-off’
signature on a milestone event or key decision. While clearly it is important that the assurance
provision has sufficient impact, it should always leave the final accountability intact. Figure 5.2
illustrates this point, where the manager is accountable for the controls and the assurance pro-
vider only verifies the strength of those controls.
In adopting this principle, it is expected that assurance providers assess the decision quality and
recommend the decision to be re-evaluated by the accountable person in case of significant
shortfalls, but it would not be acceptable for the assurance providers to require a specific decision
outcome.
Assurance Control
93
925836-02_111_17-Feb-15_08:41:30_walter
M a n a g e m e n t o f e n gi n e e r i n g P rojects
A confident and well-functioning project team should approach this meeting as an opportunity
to seek help early, by being honest and open about their own strengths and weaknesses, rela-
tive to the project objectives and risk management needs. The assurance plan then formalises
this ‘help request’ and turns it into an aligned agreement between the project and the wider
functions (who are mostly external to the project). Once complete, the plan is shared with those
involved in providing assurance, with the necessary backup documentation to facilitate correct
interpretation. This process provides the assurance community the opportunity to engage pro-
actively, and combines their formal role of exercising independent assessment with a level of
constructive peer support. It sets up the project for success early on.
The assurance plan needs to be scaled and balanced appropriate to the specific project, both in
terms of the risks it aims to mitigate versus the cost and time required to exercise the assurance,
but also in terms of the organisational capacity that is required and upon which it relies. The
impact and effectiveness of the plan will be strongly affected by its complexity and the effort
needed for administration and (document) management of it. Making the plan truly ‘fit for pur-
pose’ is critical to its success. Less is more in this context.
Assurance is still often seen as a ‘policing function’ that is conducted at the back end of a pro-
ject delivery activity. In some cases, assurance is only called for when there are already strong
indications that the project is running off the rails. This rather reactive application of assurance is
suboptimal, as the possibility to influence the outcomes is often severely compromised by that
time. Instead, the assurance and control provision should really be treated as an integral part of
the core project delivery process and planned in detail to achieve this.
Specific care is to be taken with quality of the control points that are designed for sign-off by
authorities external to the project team. The project team should be resourced appropriately
to deliver its objectives with only a limited amount of external control and assurance. Typically,
anything over 30 control points per phase, rapidly becomes a game of diminishing returns and
can be detrimental to project success. Delegation of functional authorities to some of the key
project team members is often preferred to keep the data management and sign-off process
manageable. Furthermore, it is important that the entire assurance provision does not end up in a
massive administrative burden and ‘a tick the box’ exercise. This is particularly true when dealing
with contractors, for example during the detailed design or construction phases.
In general, it is better to conduct a number of controls well, than to have a heap of controls
that are a drag on the project and undermine the sense of ownership by the project team. Each
of these controls needs to have accountabilities assigned as part of the plan, and those people
need to be involved early, helping to focus the engineering activities and indicating where in the
maturation process the technical authority can exercise positive influence and knowledge.
The project initiation note provides a critical input into the assurance planning process by con-
cisely and clearly articulating the project’s key risks, objectives and decisions. The document also
sets targets around competitiveness and affordability based on the inherent characteristics of
the project and relevant benchmarks. This document guides and bounds the solution space and
creates alignment between internal and external stakeholders on the objectives and the degree
of risk management, plus corresponding front-end loading that must be achieved. The docu-
ment also needs to prioritise the value drivers, as in many cases these are not compatible (as is
illustrated in Figure 5.3) and should be signed off by the project sponsor to ultimately provide the
context against which an assurance framework could function well.
94
925836-02_112_17-Feb-15_08:41:33_walter
the scene and money at work
For some project managers, this elaborate planning process comes across as unnecessary, and in
their eagerness to get started they choose to avoid early dialogue with their functional support
providers, and settle for a very elaborate assurance plan that aims at satisfying all main stake-
holders. Clearly this gives them a bit of a head start indeed, or at least it looks like it. This gain is
very short-lived however and during execution they will pay dearly for the poor planning and
lost scalability. In many cases they will now have an impractical control framework, which is not
adding value and distracts the team from focusing on the true decision quality. ‘Failing to plan is
planning to fail’, according to the common wisdom.
Good assurance can only be achieved if it is well planned and fully integrated, provided it delivers
(smart) actionable recommendations to the right accountable party at the right time, to improve
decision quality, focus and outcomes. Good assurance must be focused on key decisions, and
relates those back to the desired outcomes and degree of risk management/reduction that needs
to be achieved. Deliverables are merely a demonstration of those core objectives.
The terms of reference for an assurance event focus the scope of the review and form the basis
to plan the optimal review team composition. This should be a two-way process; the supporting
functions are encouraged to indicate where they believe they should take part in the assurance
provision process (based on their perception of risk and decision quality). At the same time, the
95
925836-02_113_17-Feb-15_08:41:33_walter
M a n a g e m e n t o f e n gi n e e r i n g P rojects
project team indicates the kind of functional assurance expertise they believe they need. The
terms of reference help create the right focus, but caution should be taken in allowing this to
define rigid scope boundaries. Value assurance teams in particular need to maintain the freedom
to follow their judgement as required, and are mandated to follow the value chain and assess the
full-risk landscape.
Case example
To illustrate the assurance principle, consider the example of a voluntary car inspection
by your car dealership and the role of the dealer’s car mechanic. The mechanic must be
credible, representing a level of authority in the area that is the subject of the assurance
you are seeking. At the same time, when the mechanic finds defects, he must be
convincing when pointing out consequences and risks based on credible experience,
in order to get you to take action (given this was a voluntary inspection).
Ideally the mechanic re-emphasises your accountability for the car’s safety and
mechanical fitness rather than diluting it. For example if the tyres are found to be worn,
the mechanic should question you on how often you check your own tyres, pointing
out that this condition significantly deteriorates the safety performance for which you
are ultimately accountable. Ideally, the mechanic convinces you to not only replace your
tyres, but also to inspect the tyres yourself at regular intervals. In this way the assurance
provision strengthens the ‘management controls’, the first layer of defence, rather than
becoming the backstop that you start to rely on and in so doing, further relax your own
controls and alertness, and also dilute your own accountability.
The case study shows the importance of the assurance provider spending time in explaining the
rationale for the recommendations. The most sensitive point about effective assurance delivery
is the actual handover of the recommendations to the project and its sponsor organisation.
Best practice calls for the use of specific mission ‘verbs’ in articulating recommendations, which
are well catalogued and understood, to avoid any ambiguity around the exact interpretation. The
military is typically very good at this. There will be no doubt in the officer’s mind when asked to
‘neutralise’ the enemy forces of what that exactly entails. It would not be helpful at that point to
start having a discussion about what ‘neutralizing’ exactly means.
Creating ownership for the assurance recommendations is not always easy. Again the human and
behavioural aspects play a critical role, with the project team naturally being defensive, and resist-
ing painful recommendations (like the ones that impact on project schedule or resourcing).
96
925836-02_114_17-Feb-15_08:41:33_walter
the scene and money at work
The handover process should be approached in both a bottom-up and top-down manner. It
is important that the sponsor also understands the importance of the recommendations and
enforces them from the top. At the same time though, the responsible people in the project team
who will actually need to do the work must be on-board, and need to understand the observa-
tions. This requires an element of dialogue with opportunity given to challenge and debate the
observations and rationale that led to the recommendation. Without this in place, the team may
just pay lip service to the recommendations and miss their objective and main intent. In practice,
this happens on a regular basis and significantly erodes the value added from assurance.
An assurance event that is conducted in a detached and non-inclusive manner will therefore
often be ineffective. Assurance providers actually have little to no direct authority to influence
the project outcomes. Their authority is indirect and stems from their professional credibility and
interpersonal skills. Their messages may be hard-hitting, but their reception – and hence their
value – will depend on this credibility and the style and effectiveness of their communication. The
human element in effective assurance provision cannot be over-emphasised.
97
925836-02_115_17-Feb-15_08:41:36_walter
M a n a g e m e n t o f e n gi n e e r i n g P rojects
The price of establishing the right culture is significant and allows assurance provision to become
fully integrated into the engineering and execution planning, where the project team can opti-
mally leverage the assurance expertise and insights, and use these proactively to optimise the
forward plans.
98
925836-02_116_17-Feb-15_08:41:36_walter
the scene and money at work
self-assessment in place, the team will be focused on the differences between that and the review
outcome, drawing them into the dialogue and improving the transfer of knowledge and learning.
Projects assessing their own status and performance are often overrated, possibly due to the fact
that we do not want ourselves to be seen as underperforming or simply because we are unaware
of the pitfalls that are approaching. Due to this subjectivity, it remains important that self-assess-
ment is seen as part of the assurance framework and does not replace it.
Self-assessment prior to an assurance event can also improve the handover and acceptance
of the recommendations. Handover is always a critical point in the assurance process. In most
value improvement practices, it is common practice that the external facilitator steps back during
the course of the review, and lets the project team themselves report the findings to the spon-
sor. However, for the assurance provision this is not realistic, given the independence of the
assurance team, which excludes project team participants. With self-assessment in place, the
assurance lead can link at least some of the assurance recommendations to the gaps identified
during self-assessment, thereby showing that the assurance frequently builds from established
insights rather than solely highlighting new gaps.
Too much
Outcomes detailed
In order information
to build Focus on
‘effectiveness’ the ‘why’
Focus on the and‘what’
‘when’, ‘where’ Watch for the
In order
Too much ‘who’ system becoming to build
detailed
control PARALYSED ‘knowledge’
Actions Plans
Focus
on the Too much
In order
‘how’ detailed
to build
‘alignment’ instructions
Figure 5.4: Project delivery cycle and the compatible leadership attributes, objectives and ‘shadow side’
99
925836-02_117_17-Feb-15_08:41:41_walter
M a n a g e m e n t o f e n gi n e e r i n g P rojects
However this figure also illustrates the importance of maintaining the right leadership focus and
communication during the project management cycle, starting first and foremost with the spon-
sor creating complete clarity around the key business objectives and drivers, thereby making
sure that there is zero ambiguity and misalignment. Stating the business objectives is more than
just articulating what success looks like; it also means articulating the priorities and what choices
could and should be made if it comes to it. During project execution, especially when the project
is facing challenges, it is important to keep reconfirming that the business objectives remain the
key focus, rather than the completion of the project as originally defined. Value tracking through-
out the project lifecycle and delivery activities is critical to avoid this drift from occurring. During
the early dialogue, it is important that critical background knowledge, context and constraints
are set for the project delivery team to act within. At this stage, care must be taken to avoid the
pitfall (or ‘shadow side’) of too much detailed information, which can overwhelm the project
team and works counter-productive.
The project team must then translate the business objectives into a realistic and actionable plan.
The concept of ‘back briefing’ has evolved from a predominantly military process to something
now also used in business leadership context. Back briefing is a simple, yet powerful, process
to ensure that core business objectives are understood and translated into realistic plans. This
creates absolute alignment and tests whether the plans indeed reflect a deep understanding
of the core objectives with alignment across all organisational layers. The realism behind the
plans needs testing by the sponsor, while strictly avoiding dictation of the rules and tactics at the
individual activity level. Activity planning and optimisation falls within the remit of the project
manager, and to do that well, she must be allowed maximum autonomy.
The control and assurance framework must also be aligned to this evolving leadership perspec-
tive in relation to the project maturity and scope. Assurance must ask the right questions at the
right time, and the controls should be appropriate to the phase of the project, thereby support-
ing the leadership behaviours that enable a high-performance environment. In the early project
phases, it should focus on the clarity of the objectives set, and the organisational alignment on
these. Later, it moves to testing the design of the ‘winning plan’ to realise the business objectives.
Evidence that this back briefing is working successfully is critical before the most optimal plan
can be selected.
With these principles in mind, an appropriately designed and executed control and assurance
plan reinforces the right leadership focus and performance culture, helping to maximise project
autonomy while also testing for strict alignment.
100
925836-02_118_17-Feb-15_08:41:43_walter
the scene and money at work
In order to enhance the quality of their decision, the owner’s team has requested an
integrated value and project assurance review to be conducted on the recommended
outcome of the project team’s work by an independent team comprising of various
experts. This independent expert team is carefully chosen to match the risk and
opportunity spectrum of the wind farm scope, and includes a project engineer, a
commercial manager, a social performance specialist to look after the local stakeholder
management plan, and a senior wind farm operator.
The review team engages key players of the project – and the owner’s leadership team –
through a series of interviews. The key project documentation is being used as pre-read
by the review team, from which potential issues are distilled that set the agenda for the
interviews. The latter are conducted in a very positive manner, building trust and allowing
the interviewees to express their concerns openly and without fear for repercussions.
The review team takes an integrated business perspective, to help with the difficult
concept select choice and to help improve the project predictability and business case.
The team captures and hi-grades its observations in a comprehensive and simple
close-out document with prioritised recommendations made to both the project team
and the owner’s team. While the review team ultimately supports the recommended
concept (and explicitly states that), it also makes a number of important observations and
recommendations pertaining to the forward plan, the contracting and procurement tactics
with Allwind, the stakeholder management plan and the overall attractiveness of the
business case.
The project manager and sponsor subsequently discuss these recommendations and
agree to act upon them, thereby also inviting the review team to return in six months’
time when the project has completed its basis for design and will be moving on to the
final round of turnkey contract negotiations with Allwind.
101
925836-02_119_17-Feb-15_08:41:44_walter