Time for a new dialogue on project assurance?

I recently attended a presentation given by a special interest group on assurance. However, there didn’t appear to be much evolution in thinking among the audience, on the subject. Two unchallenged remarks stuck out particularly as entrenching some misconceptions about assurance; “the sponsor mostly needs assurance on the time, cost and quality aspects of the project” and “assurance is very costly“.

Surely the sponsor needs assurance on the realisation of her business case? Particularly, the attainment of value long before she should get excited about performance within the constraints? Yes, time, cost and quality are interesting and possibly even important, since they inform the cost and risk elements of the business case and point to the professional competence of the project manager. However they are of second order importance. They will tell you next to nothing about the probability and proximity of the benefits, the raison d’etre of the project. Why is nobody looking at how the sponsor gains assurance of these?

The cost argument is possibly even more perplexing. Is assurance like audit in people’s minds, fundamentally based on a retrospective review process? “Have we done what we said we would and followed the mandated process?” being the question that it asks? Then yes, it is clearly a significant additional cost for no additional value. However, if we take a prospective view of assurance and change the question to “are we set up to succeed; do we have the necessary resources, skills, mechanisms and appetite to be confident of success?” then you are adding value in the reduction of cost of failure. This is something that a retrospective view cannot.

Perhaps the real problem with moving the dialogue forward is that many view assurance as a ‘bolt on’ to the project, frequently as a series of reviews held at the end of phases or processes. Worse it is often viewed as being owned by a third party, for example Audit. Assurance is really more a perspective and mind-set than a process. It is an essential function of the governance framework, sponsor and project manager. It’s not a part of audit’s remit or any notional ‘third line of defence’.

Is anybody else exercised by or interested in this?