Guest Post by Malcolm Peart (first posted on CERM ® RISK INSIGHTS – reposted here with permission)
We have many kinds of assurance in the project management world. These, generically include business assurance to track the economic viability of a project, technical assurance for the technical integrity of a product, process or system, and user assurance to check that specified requirements have been met. Assurance demonstrates compliance to a project’s business case, meeting end user’s operational requirements, and that there is technical compliance against codes, standards or specifications.
However, assurance, by definition, is about providing confidence. It’s a positive declaration providing a promise that something has been scrutinised and that, in the opinion of the scrutineer the criteria and evidence used for scrutiny are both sufficient and appropriate to substantiate their opinion. That’s correct, “their opinion”; assurance is not a guarantee.
Projects, at least in their planning stage never go wrong. But, to offset potential failure, we often find that a plethora of management plans are specified. These require every knowledge area to be addressed as well as every aspect of a project so that, at least on paper, 100% compliance will be achieved. This deluge of documentation is, inevitably and almost certainly critically reviewed, critiqued, and commented on prior to any acceptance, approval, or non-objection by a variety of specialists who may even purport to be experts in such plans and their assurance.
However despite the plans and a multiplicity of audits against them during project execution, as well as the generation of countless comments and reviews projects experience problems with compliance as well as cost and time expectations…but why?
Assurance and Assurances
Project assurance has many forms and each comes with its own codes, interpretations and specialised practitioners. These include Quality Assurance to ISO 9001, Systems Assurance to EN 50126, Risk Assurance under ISO 31000, and Safety Assurance to ISO 45001. Audits are seen as an essential part of assurance and these come under ISO 19001 as does the need for continuously ensuring that audit program objectives are in line with the management system policies and objectives. Assurance isn’t a one-off exercise, and it should be addressed and progressed in real time so that problems are identified and addressed contemporaneously.
But assurances are no guarantee of a successful outcome. Consequently, and in the absence of certainty, there is risk. Assurance is a means to an end and that end is, or rather should be, the delivery of a successful project and not just purveying a promise at its end. Assurance is not a single event based upon some unique audit or project review but a continuous process reflecting the development of a project from its requirements through documentation, design, procurement, manufacture, testing, commissioning and, for some, operation and even decommissioning and disposal.
Projects require the skills of both specialists and generalists alike and so does assurance. For some specialists their calling is an end in itself rather than the means to an end. Each facet of project assurance can become its own discipline and every aspect is expanded and expounded so that absolutely no stone of potential non-compliance is left unturned, and problems are perceived, or even generated at every such turn. For others an attitude of “near enough is good enough” may prevail at one extreme and, at the other, a predilection to that of doubting Thomas’ who question everything and anything.
Ticks and Crosses
Obtaining assurance for some is merely gathering a tick in the box against each aspect of some checklist or other and some cursory evidence to support a ‘tick’ and avoid a ‘cross’. For others each tick requires substantiation and justification beyond a reasonable amount of doubt and in such minutiae that any semblance of reasonableness is at best questionable and at worst useless.
Assurance is, ultimately, binary; either it’s assured or it’s not. But we often find that as part of the assurance process those who purport to assure and provide their progressive approvals merely provide intermediate caveats. These come in the form of comments and observations which, far from progressing matters only serve to require the project executioners to do more work than was originally perceived or is absolutely necessary.
These comments can and do mount up. Although such comments may be deemed so innocuous that they allow the project to progress they cannot be considered inconsequential to any final assurance even if they are, for some, opinionated or even argumentative. Without a tick in the appropriate box the open comment is a nil return and its crossing out and closure is a prerequisite to any completion.
Ticking Time Bombs
Assurance can be carried out in a variety of ways; an in-house department with self-certification through to an independent external party, or a multi-tiered arrangement involving several agencies. And each of these assurers will have their input and their opinion as to whether “project compliance” has been achieved, or otherwise. The checking of checklists required by any progressive assurance process may allow the project to proceed but overall assurance is part of completion and some form of “sign-off” or final certification is required.
There can be two extremes of assurers. There are the confident who can decide rapidly based on knowledge and experience tempered against a pragmatic but optimistic approach to risk. And then, there are the more hesitant who, despite possibly similar knowledge and experience are more risk averse. When it comes to the impact on the outcome of a project both can be similar.
Optimistic approvals of interim assurance steps may give the impression of positive progress, but important aspects of assurance may be missed. Rubber stamping style box-ticking may indicate that all’s well but the encouragement of a carte blanche approach to assurance activities may lead to things being missed…the devil is always in the detail. In the progressive elaboration of a project missing early critical items may well impact the commissioning of a project, or its operation and implementation.
The converse is also true. An imposed draconian approach to assurance takes time and, in a project environment this time equates to money; money spent on addressing comments, money spent on meetings to explain matters, and lost economic opportunities because of late delivery. An inability to approve, or provide the requisite tick, has its downside too for the same reasons…when bombs explode they are indiscriminate as to who they affect.
Conclusion
Project Assurance comes at a price, not only that of the people, specialists and organisations engaged to carry it out but also the potential time wasted in seeking perfection or not spent on meeting requirements. Perfection can result in the gold plating of processes which, in turn can delay delivery, and create unnecessary work to “convince” reviewers of compliance which, while producing tomes of documentation, adds little, if any, real value.
And then there’s a more complacent approach which, while ensuring on-time or even early delivery merely goes through the motions of assurance allowing boxes to be ticked despite a dearth of evidence. Such an approach can result in the late recognition of project problems which at best can mean late delivery but, at worst, deferment, recall, or even abandonment.
Assurance can backfire if it’s not done correctly. If it becomes an end-in-itself then, rather than the means-to-the-end, then the punctiliousness of pessimistic perfectionists can make mountains out of molehills as they justify their existence. On the other hand, optimistic idealists may well ignore assurance if it’s seen as a “bolt on”. Ignorance may be bliss, but correctly documented, timely, and relevant assurance is ignored at one’s peril.
Bio:
Malcolm Peart is an UK Chartered Engineer & Chartered Geologist with over thirty-five years’ international experience in multicultural environments on large multidisciplinary infrastructure projects including rail, metro, hydro, airports, tunnels, roads and bridges. Skills include project management, contract administration & procurement, and design & construction management skills as Client, Consultant, and Contractor.
Leave a Reply