Everyone wants to get their project right. Yet when it comes time for a project audit, we turn our noses up. Yet a project management review is an excellent way to demonstrate your capability and the control you have over your project. It gives assurance to your client, sponsor, and stakeholders. And, it’s a way to learn and give your project and your team a boost towards true excellence.
So, in this article, we’ll be looking at all aspects of project management review – and seeing the different ways people use related terms like project assurance and project audit.
We’ll split our article into 6 sections…
Let’s start by understanding why we need to review our projects.
First and foremost, it’s an opportunity to find issues and challenge the mis-handling of the execution of a project. It is, therefore, a part of the oversight role of project governance.
A project audit will be able to determine the status of work performed by a project and compare it with central planning documents like the statement of work, schedule, and budget.
And finally, project reviews are an opportunity for valuable positive feedback. They also allow the project team and sponsor a chance to see what is working well, and further embed good practices as well as challenge bad ones.
Positive feedback is highly motivating to project team members and can give performace a real boost. A nit-picking approach of focus solely on small, low-significance faults will do nothing to improve performance and much to damage morale.
The first thing we are not talking about explicitly in this article is a Post-Implementation Review.
That said, whether you conduct your project review during or after a project, the process is pretty much the same, so this article will be useful as a basis for planning a post-project review too.
And secondly, we are not talking about the quality processes of Quality Control (QC) or Quality Assurance (QA).
Finally, we are not talking about Gateway or Stage Gate reviews.
The first distinction to draw among the kinds of project review we are talking about is whether it is routine in nature, or remedial.
These are part of your project process, or part of the organization’s oversight process. Often they will be built into the scope of services that a Project Management Office (PMO) will provide to the organization
The alternative trigger for a project review is when someone within the organization has a concern about a project. They would want the project review to:
This situation can arise in a number of ways. For example:
Where you have routine project reviews, projects could either be selected at random, as part of a sampling procedure or receive a review as a matter of course at one or more pre-determined points.
But what might trigger a remedial review if no-one noticed a problem? It can make sense to develop a list of criteria that would trigger an audit. These could identify projects that need additional scrutiny as a result of:
This brings us on to the terms Project Audit, Project Review, and Project Assurance. There is no consensus out there that I can find on definitive uses of these terms nor consistent distinctions between them.
Form these different usages, I will define ours.
And then I’ll abandon the definitions and use them all interchangeably!
What matters is that you recognize the different elements that are encompassed by these terms, and also that you can be sensitive to how they are used in your organization. Note, by the way, that PMI has no coverage of these ideas in its Project Management Body of Knowledge 6th edition (the PMBOK Guide).
PRINCE2 talks about Assurance, but in far more general terms. Only the Association for Project Management addresses the topic head-on in its APM Body of Knowledge 7th Edition, the APMBoK.
For me, Project Audit focuses on the status of the project, looking at things like:
As such, it is often a leading indicator of the extent to which a project can achieve its time, cost, quality, scope, and benefit objectives.
The other aspect of the word ‘audit’ that is important is that of independence. APM says:
A key principle is that the auditor is independent of the area being audited. Auditors are often deployed from a project, programme, or portfolio management office (PMO), from a wider organisational internal audit function or from a third party provider (typically, a consultancy or an accreditation body).APM Body of Knowledge, 7th Edition, Association for Project Management, 2019.
A Project Review typically has more of a focus on the project process, and the conduct of the project. Its emphasis is on learning and documenting lessons that can improve practices on the project and on future projects. You could therefore call it a Project Implementation Review.
At its most sophisticated, a project review can look at the maturity of the project management practices against an agreed Project management Maturity Model.
Also, from APM’s definition of project audit, we might reasonably infer that project reviews may be carried out by people close to – or even a part of – the project team.
I take project assurance to be a wider term, encompassing all activities that give the sponsoring organization comfort about the conduct of a project. It would therefore take in both:
Again, this is consistent with APM view:
Assurance is the process of providing confidence to stakeholders that projects, programmes and portfolios will achieve their objectives and realise their benefits.
Assurance focuses on ensuring that the governane, processes and controls that are planned are fit for purpose, and that they are implemented as planned.APM Body of Knowledge, 7th Edition, Association for Project Management, 2019.
There are three tiers of players in the Project Assurance Process.
The players here are:
My goodness, there are a lot of potential stakeholders. Some of the commonly occurring important (to the project review process) stakeholders are:
The project assurance team – whether internal or external to the project.
Whilst a project management review could be all-encompassing, that can sometimes involve too great a resource commitment. It can be more efficient to focus your audit processes on one or more principal aspects of your project.
If the review is remedial, these would reflect the known concerns. If it is routine, you would only widen the review if findings indicated a need. Aspects include:
One of the first questions to answer is: ‘so what?’
There is no point in conducting any form of review unless you intend to use the knowledge and insights it generates. So, before you carry out a review – indeed, before ever commission one – ask yourself:
What will we do with the findings of the review?
Typical outcomes you can expect range from:
In reality, most findings will lie somewhere between these. But you must have a mechanism to handle findings anywhere in that range.
In particular, you need to think through questions like:
Let’s get to practicalities and look at the basic steps for running a project review. I have gone for a simple Five Step Process:
As with any project, start with generating agreement around the scope and objectives for the review. The previous section on outcomes will also be relevant here.
Before you get into the detailed planning and preparation, there are three ther things to consider:
I’d certainly recommended you use an external facilitator to lead your project review. Ideally the team would all be independent of the project. This has the twin benefits of:
The latter means disgruntled or genuinely concerned staff and stakeholders are far more likely to speak freely to the review team.
You will need to plan your review and research interviews with two things in mind. You will need to gather both:
Here are the main things you’ll need to cover in your planning:
Assuming you are familiar with the core project information, the meat of your investigation will be interviews with:
Some people take the view that you should work down the list in the order I have presented it above (‘top-down’). This allows you to assess the perceptions of senior players and then test them with the people doing the detailed work, and finally with the stakeholders.
The alternative is to work in the opposite direction, to learn how stakeholders and team members perceive the project. Then to see how the perception of increasingly senior people matches up to that reality. This is a ‘bottom-up’ approach.
The latter approach can be more adversarial. So, my own preference is to start top-down, but reserve the right to meet again with senior people if you discover mismatches that you want to explore with them further.
Carry out a full review of the documentary evidence you have gathered. This can include:
Collate what you learned and look for patterns and exceptions. Index and store original copies of interview records.
From the information you have, you can:
Your report will contain your findings and your conclusions.
Document and prioritize your findings and recommendations. I’d also suggest you allocate priorities to each, using a simple system like High-Medium-Low or Red-Amber-Green.
Remember to give credit and praise where it is due.
Many organizations prefer to present findings along with an overall score for one or both of:
Whilst a RAG status can work, I prefer something more acutely attuned to the impact of the findings. A framework like this can work well, if you adapt it to fit your organization’s culture:
Typically, this is where the project management review process starts to become political. How, where, and to whom you present your findings will be a matter of policy and practice, culture, and political judgment.
Remember the vital importance of transparency: an audit document that is swept under the corporate carpet is nothing more than a deceit. A good project audit process must have a mechanism for raising an alert at the highest levels of the organization.
Determine a follow-up régime to ensure that the project team acts on the recommendations you make in your report.
Ensure that the final report and the record of follow-up becomes part of the formal record of your project, according to your internal procedures.
The first element of success are less ‘secrets’ and more essential criteria.
True audit needs the ability to seek out findings without fear or favor.
Both the audit process and the implementation of any findings need full organizational commitment to provide adequate resourcing. this means people, materials, time, and budget.
But the starting point for enterprise support is a clear intent to pay attention to the project management review results… and act on them.
Any form of assurance process, whether project assurance or full audit must not be just a check-box activity. And neither must it be purely about holding people to account in an adversarial manner.
Rather, it must be part of the business cycle and integrated into all organizational processes.
Finally, the methodology must be publicly available. This means either working from a standard process, or the review team publishing their process.
And, of course, the team needs a mechanism to publish its findings to an appropriate audience.
Finally, I’d like to offer some practical tips from my experience of carrying out project management reviews of other project managers’ projects, as a senior project manager.
Whatever questions you have in any structured interview, your last questions should always be:
Is there anything else you think I need to know, which we haven’t covered?
This is the question that allows for the fact that, in preparing for your meeting, you don’t know what you don’t know.
As with so many things, success will flow from a good process, executed well. Once you have worked diligently to design an appropriate project review process (or adapt an existing one to the circumstances), trust that process.
Always start with the data and draw conclusions from it. Never start with a hypothesis and look for data to support it. If you must start with an hypothesis, then look for evidence to falsify it, and then find a new hypothesis that fits the data you have.
Regular readers will know how fond I am of a ‘checklist and template’ approach. I’ll be working on additional content for our Project Management Template Kit and Project Management Checklists, to support the Project review process. We also sell a super-value Productivity Bundle with both packs at a reduced price.
I’m interested in your experience. How do you define project review, project assurance, or project audit, and what have you learned for making them effective processes. Please leave your comments below and I’ll look forward to reading them and responding.
Dr Mike Clayton is one of the most successful and in-demand project management trainers in the UK. He is author of 13 best-selling books, including four about project management. He is also a prolific blogger and contributor to ProjectManager.com and Project, the journal of the Association for Project Management. Between 1990 and 2002, Mike was a successful project manager, leading large project teams and delivering complex projects. In 2016, Mike launched OnlinePMCourses.
Please log in again. The login page will open in a new tab. After logging in you can close it and return to this page.