Integrated assurance and the role of the PMO
Upcoming SlideShare
Loading in...5
×
 

Integrated assurance and the role of the PMO

on

  • 220 views

This was a presentation given by Roy Millard of TfL to the APM South East branch membership. This event, which was the South East branch's AGM 2014 event, was held at Mercure Tunbridge Wells.

This was a presentation given by Roy Millard of TfL to the APM South East branch membership. This event, which was the South East branch's AGM 2014 event, was held at Mercure Tunbridge Wells.

This event looked at the role of the PMO, the people involved and took a more focussed look at assurance processes with specific examples from TfL.

Following on from Eileen Roden's presentation Roy Millard, Senior Audit Manager at TfL and Chair of the APM Assurance Specific Interest Group (SIG) introduced the latest thinking about integrated assurance, referring to the SIG’s emergent thinking and how it can be used.

Using examples from his work at TfL, Roy demonstrated how this can and is being put into practice.

Statistics

Views

Total Views
220
Views on SlideShare
198
Embed Views
22

Actions

Likes
0
Downloads
15
Comments
0

1 Embed 22

http://www.apm.org.uk 22

Accessibility

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Integrated assurance and the role of the PMO Integrated assurance and the role of the PMO Document Transcript

  • 1 Integrated Assurance and the role of the PMO Presentation by Roy Millard, Senior Audit Manager, Transport for London, and Chairman of APM Specific Interest Group on Assurance for SE Branch Event – ‘The role of PMO in assurance’ and AGM, 5th June 2014 A little bit of background... 18 Oct 06 2 Audit Committee Assurance Specific Interest Group
  • 2 18 Oct 06 3 “I need assurance because.... ...I need to know that everything is under control”. ...I need to know whether what I am being told is correct”. ...I need to be confident that I am going to get what I want”. ...I need to know whether the project is going to finish on time and within budget”. ...I need to know if things are going horribly wrong and whether I should can the project!”. But what exactly is assurance? • assurance n. Emphatic declaration, guarantee; self-confidence, assertiveness; insurance esp. of life; certainty. (Source: The Pocket Oxford Dictionary.) • assurance noun 1.the act of assuring 2.the state of being assured; sureness; confidence; certainty 3.something said or done to inspire confidence, as a promise, positive statement, etc.; guarantee (Source: www.yourdictionary.com) • P3 assurance The process of providing confidence to stakeholders that projects, programmes and portfolios will achieve their scope, time, cost and quality objectives, and realise their benefits. (Source: APM) 18 Oct 06 4
  • 3 18 Oct 06 5 Internal Audit External Audit Quality Assurance Health & Safety OGC GatewayTM Independent Engineer reviews PMO/PMCoE Control Self Assurance NAO Policies Standards Processes Systems Project Audits Contract Audits Peer Reviews 18 Oct 06 618 Oct 06 6 Internal Audit External Audit Quality Assurance Health & Safety OGC GatewayTM Independent Engineer reviews PMO/PMCoE Control Self Assurance NAO Policies Standards Processes Systems Project Audits Contract Audits Peer Reviews Audit Committees Sponsors MDs & Directors Project Boards / SROs Programme Boards Governing Bodies Shareholders Investors Public & media Aargh!
  • 4 18 Oct 06 7 Project assurance scope Approval & Initiation Requirements Capture Scope Definition Closure Management Organisation & Governance Planning Procurement and Letting of contracts Progress monitoring and control Risk management Quality Management Configuration management Change Control E&I Management Stakeholder management Benefits management Filing and records management DDA Compliance Financial Control Fraud risk Security/counter terrorism risk HS&E Management DPA/FOI Engineering Risk 18 Oct 06 8 Approval & Initiation Requirements Capture Scope Definition Closure Management Organisation & Governance Planning Procurement and Letting of contracts Progress monitoring and control Risk management Quality Management Configuration management Change Control E&I Management Stakeholder management Benefits management Filing and records management DDA Compliance Financial Control Fraud risk Security/counter terrorism risk HS&E Management DPA/FOI Engineering Risk Project assurance scopePMO Approval & Initiation Requirements Capture Scope Definition Closure Management Organisation & Governance Planning Procurement and Letting of contracts Progress monitoring and control Risk management Quality Management Configuration management Change Control E&I Management Stakeholder management Benefits management Filing and records management DDA Compliance Financial Control Fraud risk Security/counter terrorism risk HS&E Management DPA/FOI Engineering Risk
  • 5 18 Oct 06 9 Approval & Initiation Requirements Capture Scope Definition Closure Management Organisation & Governance Planning Procurement and Letting of contracts Progress monitoring and control Risk management Quality Management Configuration management Change Control E&I Management Stakeholder management Benefits management Filing and records management DDA Compliance Financial Control Fraud risk Security/counter terrorism risk HS&E Management DPA/FOI Engineering Risk Project assurance scope Approval & Initiation Requirements Capture Scope Definition Closure Management Organisation & Governance Planning Procurement and Letting of contracts Progress monitoring and control Risk management Quality Management Configuration management Change Control E&I Management Stakeholder management Benefits management Filing and records management DDA Compliance Financial Control Fraud risk Security/counter terrorism risk HS&E Management DPA/FOI Engineering Risk PMO Internal Audit Approval & Initiation Requirements Capture Scope Definition Closure Management Organisation & Governance Planning Procurement and Letting of contracts Progress monitoring and control Risk management Quality Management Configuration management Change Control E&I Management Stakeholder management Benefits management Filing and records management DDA Compliance Financial Control Fraud risk Security/counter terrorism risk HS&E Management DPA/FOI Engineering Risk 18 Oct 06 10 Approval & Initiation Requirements Capture Scope Definition Closure Management Organisation & Governance Planning Procurement and Letting of contracts Progress monitoring and control Risk management Quality Management Configuration management Change Control E&I Management Stakeholder management Benefits management Filing and records management DDA Compliance Financial Control Fraud risk Security/counter terrorism risk HS&E Management DPA/FOI Engineering Risk Project assurance scope Approval & Initiation Requirements Capture Scope Definition Closure Management Organisation & Governance Planning Procurement and Letting of contracts Progress monitoring and control Risk management Quality Management Configuration management Change Control E&I Management Stakeholder management Benefits management Filing and records management DDA Compliance Financial Control Fraud risk Security/counter terrorism risk HS&E Management DPA/FOI Engineering Risk PMO Approval & Initiation Requirements Capture Scope Definition Closure Management Organisation & Governance Planning Procurement and Letting of contracts Progress monitoring and control Risk management Quality Management Configuration management Change Control E&I Management Stakeholder management Benefits management Filing and records management DDA Compliance Financial Control Fraud risk Security/counter terrorism risk HS&E Management DPA/FOI Engineering Risk Internal Audit PMO & Internal Audit Approval & Initiation Requirements Capture Scope Definition Closure Management Organisation & Governance Planning Procurement and Letting of contracts Progress monitoring and control Risk management Quality Management Configuration management Change Control E&I Management Stakeholder management Benefits management Filing and records management DDA Compliance Financial Control Fraud risk Security/counter terrorism risk HS&E Management DPA/FOI Engineering Risk IIPAG
  • 6 Integrated Assurance Framework (or Strategy) • Content: – Purpose and Overview – Background – Scope of the Framework – Principles and Standards – Protocols and Behaviours – Roles and Responsibilities – Derivation – Assurance Plan Structure – Framework and Plan Approval and maintenance – References – Appendix – Statutory and Regulatory Requirements 18 Oct 06 11 • Content: – Purpose and Overview – Background – Scope of the Framework – Principles and Standards – Protocols and Behaviours – Roles and Responsibilities – Derivation – Assurance Plan Structure – Framework and Plan Approval and maintenance – References – Appendix – Statutory and Regulatory Requirements Integrated Assurance Framework (or Strategy) • Principles and Standards – Proportionality – Risk based planning – Independence – Competence – Engagement planning – Documentation of evidence – Reporting – Action – Follow up – Spreading good practice – Quality control 18 Oct 06 12
  • 7 18 Oct 06 13 10 criteria: • Client & scope • Risks & opportunities • Planning and scheduling • Organisational capability and culture • Supply Chain • Solution • Finance • Social responsibility and sustainability • Performance • Governance ORGANISATION’S RISKS First Line of Defence Outcome: Control of risks ORGANISATION’S RISKS CONTROLS Application of a Management System, comprising policies, procedures, processes, standards, etc. ASSURANCE Management Second Line of Defence Outcome: Confirmation of control of risks (Verification) First Line of Defence Outcome: Control of risks ORGANISATION’S RISKS CONTROLS Application of a Management System, comprising policies, procedures, processes, standards, etc. COMPLIANCE Management assurance, comprising monitoring, checks and audits by Risk Management, Quality Assurance, PMOs, etc. ASSURANCE ASSURANCE Management Management Second Line of Defence Outcome: Confirmation of control of risks (Verification) First Line of Defence Outcome: Control of risks Third Line of Defence Outcome: Strategic overview of system of control ORGANISATION’S RISKS CONTROLS Application of a Management System, comprising policies, procedures, processes, standards, etc. COMPLIANCE Management assurance, comprising monitoring, checks and audits by Risk Management, Quality Assurance, PMOs, etc. INDEPENDENT REVIEW Assurance through independent reviews by Internal Audit, External Audit (e.g. NAO), independent peers, or external scrutiny. ASSURANCE ASSURANCE ASSURANCE Management Management Board & external stakeholders 18 Oct 06 14 Three Lines of Defence Model for Assurance
  • 8 18 Oct 06 15 Assurance maps Assurance SIG 18 Oct 06 16 • There are five work streams currently under way or in the process of being born: – Integrated assurance • Developing an approach to collaborative working between assurance providers – Project Auditing • Sharing approaches and experiences in project auditing, and developing best practice guidance – Measures for Assuring Projects • Investigating and developing guidance on measures that can be used to gain assurance – Assurance of Agile projects • Development of guidance to applying assurance principles in fast-moving Agile environments – Assurance of organisational change • Plus, we have two others at the idea stage: – The Business Case for assurance – Maturity modeling for assurance
  • 9 18 Oct 06 17http://www.apm.org.uk/news/new-apm-book-release-guide-integrated-assurance-video#.U427QKz1DRk Questions 18 Oct 06 18