Assurance report executive summaries
The executive summary may be the only part of an assurance report the Senior Responsible Owner or governance body reads, so it is critical that it contains what they need to know to make well informed decisions.
The System Assurance team plays a key role in ensuring the quality of assurance services provided to agencies by third party assurance providers.
As part of this role, we review the quality of assurance reports for high risk digital investments. We have identified the following lessons learned from our reviews to help you avoid some of the common pitfalls that we see.
- An assurance report should always have an executive summary. A summary of findings, introduction or background are not the same as or an alternative to the executive summary.
- Language should be targeted for the audience – independent assurance reviews are typically for senior executives so executive summaries should be brief and to the point, i.e. what are the key messages and avoid technical language and terminology.
- There should always be an assessment of delivery confidence – this helps the reader to quickly determine the level of confidence in the project or programme to successfully deliver based on the next significant milestone.
- The purpose and scope of the review should be clear – what are the questions being asked by the review or the areas of concern identified by key stakeholders; what’s in scope (and what’s not) and why.
- The major findings that are most relevant to the review should be outlined – these should be evidence-based and well reasoned.
- The key recommendations should be outlined – these are the recommendations that will ‘make the difference’; don’t concern the governance body with low priority recommendations.
- The key decisions required should be outlined including when these decisions are required by – prioritise and timeline the decisions for the governing body.
- Ensure the SRO includes a management response to accept the findings or to record if there is a disagreement over a finding or recommendation.