Projects are using integrated assurance and approval plans

2.11 The Prime Minister's mandate requires every major project to prepare an integrated assurance and approval plan. Compliance with the agreed integrated assurance and approval plans will normally be a precondition for HM Treasury to release funds to a project.

2.12 Integrated assurance and approval plans set out a schedule for internal and external reviews throughout the project life cycle (Figure 8 overleaf). The plans should help avoid duplicating assurance and contain a timeline that clearly sets out the milestones:

• Assurance review points, including both independent assurance from the Authority and internal departmental assurance and audit reviews.

• Three distinct HM Treasury approval points (strategic outline case; outline business case; full business case) and any further milestones required by HM Treasury.

• Internal departmental approval points.

2.13 HM Treasury and the Authority review draft integrated assurance and approval plans to ensure that they cover assurance and approval requirements and are proportionate to the nature and stage of each project. If assurance plans change during a project's life cycle, they need to be updated and re-validated by the Authority and HM Treasury.

2.14 Integrated assurance and approval plans are increasingly used, but not all are in place and their quality varies across departments. Introducing integrated assurance and approval plans has been staggered in some departments, normally based on project priority. The Authority will find it difficult to plan and resource assurance until it has a complete set of integrated assurance and approval plans.

2.15 Integrated assurance and approval plans have strengthened the link between assurance and approval. The Authority, HM Treasury and departments told us that the explicit link between assurance and approval is beneficial. It forces departments to take a more disciplined approach to assurance and increases accountability. This approach is used in other countries. The Australian Federal Government links assurance to the budget approval cycle, particularly in early business cases. When Ministers submit high-risk projects for funding an assurance review is mandatory.9

2.16 The link between assurance and approval gives HM Treasury hard evidence and recommendations on whether continued funding of a project is in the taxpayer's interest. The Authority reviewed the NHS National Programme for IT in May 2011 and examined the options available to the programme including the potential to re-scope. The review's findings, alongside our work 10 and that of the Committee of Public Accounts,11 were a key factor in the Department's decision to dismantle the programme.

2.17 Departments told us that integrated assurance and approval plans help them to align the sequence and timing of internal and external assurance to minimise the assurance burden and avoid duplicating effort. The Department for Work and Pensions has formed an integrated assurance and approval group that includes representatives from project teams, the Department's programme office, and external and internal assurance partners. The group uses the integrated assurance plans to review all assurance requirements across the department's programme of work to help schedule and align internal and external assurance.

2.18 Project teams told us that integrated assurance plans have also enabled assurance to take place when projects need it rather than only happening before major milestones. For example, the Department for Transport's Crossrail project team highlighted the flexibility and value of undertaking project assessment reviews when the project requires assurance as opposed to for a milestone that has to be passed.

_________________________________________________________________________________________

9 Australian Government, Department of Finance and Administration, Guidance on the Gateway Review Process - A Project Assurance Methodology for the Australian Government, August 2006, available at http://www.fnance.gov.au/publications/gateway-publications/docs/FMG20.pdf

10 Comptroller and Auditor General, The National Programme for IT in the NHS: an update on the delivery of detailed care records systems, Session 2010-2012, HC 888, National Audit Office, May 2011.

11 HC Commitee of Public Accounts, The National Programme For IT In The NHS: An Update On The Delivery Of Detailed Care Records Systems, Forty-fifth report of Session 2010-2012, HC 888, August 2011.