Value of assurance
Good assurance supports governance bodies in their decision-making, helps identify key risks to delivery and enables early intervention before they start to impact on outcomes.
Our pocket guide to understanding the value of assurance summarises the information on this page.
Whilst assurance itself does not deliver outcomes, effective risk management and assurance are critical components of good governance. Good governance helps to build trust and confidence in digital public services.
The governance body plays a key role in supporting the Senior Responsible Owner (SRO) to exercise their decision-making authority. An effective governance body provides oversight and challenge with a focus on key risks and issues. This includes ensuring that there is a robust assurance regime in place.
High quality assurance information enables better conversations about risks to successful delivery and helps governance bodies to focus on actions that will ‘make the difference’.
Case study – Canadian Federal Government Transformation of Pay Administration Initiative (Phoenix)
The objective of this initiative was to transform the way in which the Canadian Government processed its pay for its 290,000 employees. An independent report completed 18 months after go-live by the Auditor-General of Canada found that:
- there were over 494,500 outstanding pay requests
- about half a billion dollars was owed to staff who had been paid incorrectly
- 49,000 employees had been waiting for more than a year to have a pay request processed.
The audit found that ‘there was no real or independent oversight of the massive project; that executives did not understand the importance of the warnings they received; and that the decision to implement the system was unreasonable.’
The SRO has overall accountability for the success of the investment and is the key decision maker. Their role is to ensure that the delivery team is focused on achieving its objectives and provide confidence to the Chief Executive that the investment will deliver the expected outcomes and benefits.
A key responsibility of the SRO is to ensure the assurance approach is fit-for-purpose. This means the SRO needs to engage with and approve the following artefacts:
- assurance plan
- terms of reference for independent assurance reviews
- assurance reports.
Being engaged in assurance planning enables the SRO to insist on a tailored and insightful review. This means that they can be confident in making an informed decision based on accurate information about risks and issues and their impact on outcomes.
Case study – NZ Police HRMIS Programme
In July 2014 New Zealand Police commenced the implementation of a new payroll and HR management information system.
John Bole – Senior Responsible Officer:
‘It would be difficult to overstate the value which independent assurance brought to this project. It was a vital tool for the project governance team and an important consideration for the Ministerial oversight.
Assurance not only had a key role in the delivery of the project but in addition greatly upskilled the Police team.
I would never consider undertaking such a project without comprehensive independent assurance.’
It is easy to get caught up in the day-to-day activity of delivery. We are managing issues every day and have them under control. So why do we need assurance? The reality is that we often cannot see the ‘wood for the trees’ and underestimate the likelihood of risks impacting on us (optimism bias).
Assurance can help us step back from the day-to-day activity and identify potential ‘blind spots’ so that we have early warning and can rectify them before they start to impact on outcomes.
Assurance can help to reduce optimism bias by providing an objective and evidence-based view of the likelihood of key risks occurring and their potential impact on outcomes. By focusing on the areas of greatest risk and ensuring that actions are in place to manage them, delivery teams will be in a stronger position to provide delivery confidence to key stakeholders.
Case study – NZ Customs Joint Border Management System
The Joint Border Management System (JBMS) was put in place to deliver technology to modernise ageing computerised border systems and improve risk management and intelligence activities. The programme was a large multi-agency programme, to be delivered over multiple years in partnership with a multinational software vendor.
Murray Young – Senior Responsible Owner:
‘Assurance needs to be planned and monitored for effectiveness from the outset. To get the most out of assurance it is important to target assurance activity to specific audiences and to have a clearly defined purpose of what it is setting out to achieve. Plan for early technical assurance where necessary and focus your assurance on forward-looking activities that assess risks to delivery of programme/organisational outcomes, rather than solely on compliance activities.’
Assurance is most effective when you adopt an integrated approach to planning and coordinating assurance activities that takes into account a range of different stakeholder needs.
This is becoming increasingly important where there are a number of agencies and other partners involved. Multiple stakeholders are likely to have different assurance needs and an integrated approach to assurance planning can help to establish a single set of requirements that will meet all stakeholders’ needs.
An integrated approach, based on a shared view of risk across all stakeholders, helps to avoid assurance gaps and ensures focus is on the key risks. It also helps to reduce the compliance burden on delivery teams and maximise value for money.
Case study – MSD Simplification Programme
Simplification was a programme of work designed to simplify the provision to clients of financial assistance and support by redesigning the experience for clients with a simpler service that made far greater use of digital channels and automating and streamlining transactional processing. The outcomes achieved were a better client experience, reduced cost and increased accuracy, efficacy and timeliness in processing client transactions.
Liz Jones – Programme Director:
‘For Simplification the value proposition of assurance was to integrate ‘assurance by design’ in everything we did, across the layers of the programme through its delivery stages. This meant we were able to identify early any divergence or risk of divergence from the path to our benefits realisation. We incorporated regular reviews and advice assurance activities from a variety of internal and external individuals and groups to help manage risk and improve delivery confidence.’