The Project Audit Process

The Simple Steps for a Project Audit

Initiation

The process of carrying out a project audit starts with initiation. In this activity a meeting with the prime stakeholder is held where the scope of the audit is agreed, a list the questions that need to be answered is drawn up and basic facts about the project such as scale, locations, goals, history, and progress to date are garnered. The output of the initiation is a plan of attack of the audit.

Enquiry and reporting

The twin tasks carried out during the audit are enquiry and reporting.

Research tasks

The first step is to understand the project “landscape” (who is who, what are they doing, where are they doing it) and status (where are they up to). This is normally accomplished by reading documents such as the brief, PID and highlight reports, and talking to the sponsor and the current project manager. It is at this stage that the overall context of the project at the organisation is clarified.

The second step is to select interview candidates, and then to carry out semi structured interviews – these will be recorded for ease of transcription. Some interviews will inevitably raise further questions and lead to more rounds of interviewing or follow-up (which can be done by email if there are matters of clarification) – revisiting some people and other meetings. Interviewees may be drawn from both in- and outside the project team (for example from the program office). Simultaneously, I would normally acquire and study relevant project documents and files during this process to see if good practice is in place. The status of the technical artifact as it currently is will be investigated by investigating the operational software and by carrying out reviews of the code – but this is likely to be confined to an assessment by the TDA.

Reporting – report contents

  • Summary
  • Background
  • <sections specific to questions being addressed>
  • Quantified risk assessment, showing for each major risk:
    • Nature of risk
    • Risk likelihood
    • Risk avoidance strategies
    • Outcomes if risk materializes (with probabilities for best vs worst cases)

Royston