P3M3 Assessment Report - Department of Finance

advertisement
P3M3™ Assessment Report
Department of Finance
and Deregulation
P3M3™ Assessment Report
Version
1.2
Updated
Thursday, 30 September 2010
Authors: Robert Way DoFD & TANNER JAMES
.
Classification
Commercial In Confidence
Document Control
Confidentiality Statement
COMMERCIAL IN CONFIDENCE documents are to be kept confidential between restricted individuals
within Tanner James Management Consultants and partnering organisations. In this case the Australian
Government.
This document is uncontrolled if printed.
Page 2 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
Contents
Executive Summary ................................................................................................................... 4
1
Purpose .............................................................................................................................. 8
2
Scope ................................................................................................................................. 8
2.1
2.2
2.3
2.4
3
Current P3M3™ Ratings .................................................................................................. 11
3.1
3.2
3.3
3.4
4
Maturity Summary.................................................................................................. 11
Portfolio Management Maturity Description .......................................................... 12
Programme Management Maturity Description ..................................................... 14
Project Management Maturity Description ............................................................ 17
Recommended Target P3M3™ Ratings .......................................................................... 20
4.1
4.2
4.3
5
Inclusions ................................................................................................................. 8
Exclusions ................................................................................................................ 9
Assessment Background ......................................................................................... 9
Assessment Approach ........................................................................................... 10
Portfolio Management – Target Rating 2 recommendations ................................. 21
Programme Management – Long term Target Rating 3 recommendations .......... 25
Project Management – Target Rating 3 recommendations ................................... 27
Maturing of Specific Attributes ......................................................................................... 30
5.1
5.2
5.3
Portfolio Management – Level 1 to Level 2 ........................................................... 30
Programme Management – Level 2 to Level 3 ..................................................... 31
Project Management – Level 2 to Level 3 ............................................................. 33
Appendix A –Overview DoFD Portfolio of ICT Enabled Change ............................................. 35
Appendix B – P3M3™ Overview .............................................................................................. 36
Page 3 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
EXECUTIVE SUMMARY
The Department of Finance and Deregulation (DoFD) has conducted an independently
validated P3M3™1 Self-Assessment of DoFD’s ICT-enabled change portfolio and constituent
programmes and projects. This is a mandatory requirement of the ICT reforms extending from
the Review of the use of ICT in Government (Gershon, 2008).
The assessment was conducted during June and July of 2010. The assessment team
comprised Robert Way of CIO Division and John Howarth, registered P3M3 consultant at
TANNER JAMES. TANNER JAMES was contracted to provide specialist expertise for
conducting the assessment and to promulgate legitimacy for the independent validation of the
assessment process.
The following P3M3™ Ratings have been derived from that assessment by way of
interviewing selected DoFD staff and reviewing documentation in terms of both centrally
defined guidance for management practices and information from programmes and projects.
Seventeen individuals were interviewed and many documents were considered to assess the
maturity of Portfolio, Programme and Project management practices. Documentary evidence
from committees and boards included meeting minutes, terms of reference, guides and
management and operations manuals. Documents from individual programmes and projects
were examined and the Finance IT Governance Guide and FeSG Project Management
Methodology were examined in detail.
DoFD’s current P3M3™ rating for ICT-enabled change management is:
 Current Rating 1 in the Portfolio Management sub-model. DoFD Executive committees
are establishing controls that will enable the ICT change portfolio to be directed and
prioritised according to their requirements.
Some aspects, such as Benefits
Management, Resource Management and Stakeholder Management are currently not
defined and managed consistently;
 Current Rating 2 in the Programme Management sub-model. DoFD does not formally
recognise programmes, however, it is evident small groups have some documented
controls and skilled resources. Overall, there is insufficient organisational guidance for
key programme concepts such as programme risk management, benefits management
and future state definition and management; and
1 P3M3 is a Registered Trade Mark of the UK Government’s Office of Government Commerce.
Page 4 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
 Current Rating 2 in the Project Management sub-model. DoFD ICT units ensure that
each project is managed according to the various Project Management Frameworks,
however, business areas do not apply a common DoFD framework consistently. Overall,
there is inconsistent application of organisational guidance, and the current framework
lacks detail in key concepts such as project benefits management and resource
management;
Finance today is a product of numerous agency amalgamations and receipt of new
responsibilities which have been absorbed as a result of Government policy changes. Our
operation could be described as an organised federation of service tranches. While this
arrangement allows for subject matter specialisation, it lacks elements such as ‘sharing to
create efficiencies’ and ‘coordinated approaches to boost the effectiveness’ of programme
and project benefits. This shortfall was identified in this assessment and is reflected in the
attained ratings. In order to successfully address these challenges and maintain a high
standard of delivery for our existing responsibilities, we will need to do more to coordinate the
resources that we have - that is, being more efficient and effective at what we do by changing
the way we approach it. Coordinated management of ICT-enabled change is key in allowing
us to improve our effectiveness and efficiency and continuously progress the Department to
success in addressing our current and future responsibilities. Strong ICT portfolio
management will ensure all ICT investments are strategically aligned and create measurable
value having been consciously scrutinised on a cost-risk-benefit basis.
The assessment team recommends that DoFD:
 set a longer term P3M3 target rating of 3 for both Project Management and Programme
Management;
 Portfolio Management should be targeted for a 2 or higher rating; and
 A Capability Improvement Plan (CIP) is developed, endorsed and funded by the
executive.
DoFD should target level 3 maturity in Project Management because:
 There is a substantial investment in the Project Management Framework (FeSG PMM)
that is not delivering its potential benefits. This is largely due to lower PMM usage in
Business areas as opposed to ICT areas; and
 Improvement in the FESG PMM and its use will increase the likelihood of project benefit
success from the many projects run by the organization.
DoFD should target level 3 maturity in Programme Management and a 2 in Portfolio
management because:
 DoFD undertakes a small number of large and often risky initiatives; and
 The people who are governing and managing these initiatives have to work out the
processes for doing so without the benefit of a centrally defined framework that also
addresses key differences between programme and project management.
 DoFD as a lead agency and home to AGIMO and the ICT review change program, would
want to act as an exemplar of better practice in this area; and,
 ensure all ICT investments are strategically aligned and create measurable benefit .
The investment to lift the organisation’s programme management capability could be
funded from the next large programme initiative DoFD undertakes.
Page 5 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
DoFD P3M3 Sub-model Perspectives rating charts:
Portfolio Management – current rating 1
Programme Management – current rating 2
Page 6 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
Project Management – current rating 2
P3M3 scoring can be expressed by the following descriptors (see the appendix for
further information):
1. Awareness process; Organization recognizes portfolio/programme/projects
but has little structured approach to conducting them
2. Repeatable process; Some areas beginning to use standard approaches but
no consistency across the organization
3. Defined process; A consistent set of standards being used across the
organization with clear process owners
4. Managed process; The organization monitors, measures and improves its
delivery processes based on evidence or performance based information
5. Optimized process; Organization focuses on optimization of its quantitatively
managed process taking into account changing business needs & external
factors. Anticipates future capacity & capability requirements.
Terminology:
Benefit: the measurable improvement resulting from an outcome perceived as an advantage by
one or more DoFD stakeholders.
Portfolio: the totality of DoFD’s investment (or segment thereof) in the changes required to
achieve its strategic objectives.
Programme: a temporary, flexible organisation created to coordinate, direct and oversee the
implementation of a set or related projects and activities in order to deliver outcomes and
benefits related to DoFD’s strategic objectives.
Project: a temporary organisation that is created for the purpose of delivering one or more
DoFD business outputs according to a specified business case.
Page 7 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
1 PURPOSE
The purpose of this assessment report is to:

Report upon an independently validated P3M3™ Self-Assessment for DoFD’s ICTenabled initiatives covering Portfolio, Programme and Project Management maturity
assessment;

Document DoFD’s current P3M3™ Ratings;

Document the assessment team’s recommended target P3M3™ ratings;

Provide visibility of the statements which would have to be judged as true regarding
DoFD’s ICT-enabled change initiatives to achieve the P3M3™ Ratings recommended
by the assessment team; and

Document the assessment team’s thoughts on specific management attributes that
could be addressed in improving DoFD’s capability maturity.
2 SCOPE
2.1 Inclusions
The P3M3™ assessment covered the portfolio, programme and project activities across ICTenabled change within DoFD. This included sampling sufficient ICT programmes and
projects to create a representative sample set for the DoFD ICT change portfolio.
The DoFD P3M3 assessment scope/context diagram:
Page 8 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
The work covered both ICT and Business run projects and programmes. In total seventeen
staff were interviewed, noting that the original plan was to interview around twenty people.
The variances from the original plan included:

One person, engaged in the programme sub-model took unexpected personal leave;

One project manager was unavailable during the interview process due to early
retirement; and

A contractor involved in a project had ceased with the organisation.
The assessment team concluded that variances in the sample set would not compromise or
materially change the assessment.
2.2 Exclusions
The following aspects of DoFD program/project management have been excluded from this
assessment:

Property & Construction Division facilities projects due to the construction specific
management practices and fact they are not deemed to be specifically ICT enabled.

DoFD Policy implementation initiatives on the basis that their dependency upon ICT
is largely routine deployment and use of existing ICT infrastructure and applications.
These initiatives are not dependent upon change in ICT.
.
2.3 Assessment Background
This P3M3™ assessment has been triggered in response to the Government’s directive that
Commonwealth Government agencies undertake P3M3™ maturity assessments and plan for
improvement of their capability to realise benefits from ICT-enabled initiatives. Agency
Page 9 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
assessment reports, validation statements and capability improvement plans are to
accompany all ICT related New Policy Proposals (NPPs) from December 2010.
2.4 Assessment Approach
Prior to conducting interviews, the assessment team made an assessment of current
documentation of management processes to gain initial understand of what was and wasn’t
documented as well as a view of how initiatives (portfolios, programmes and projects) should
be managed. At the conclusion of interviews documentation for specific initiatives was
reviewed on-line and in print form.
For this assessment DoFD’s entire scope of ICT-enabled change was treated as a single
Portfolio. Interviews were conducted with individuals in the roles of Portfolio Director and
Investment Committee Member (Executive Board and ITGC members).
Interviews were conducted with individuals at the programme and project levels. These
included Project board members, programme and project sponsors, project and project
managers and project office director.
The assessment team spent approx 120 hours effort in;

The assessment of process documentation including the:
o
DoFD Project Management Methodology (FESG PMM) Manual 2008 v2;
o
DoFD Governance Guide 2008Version 1;
o
intranet site, and;
o
various board and committee meeting minutes.

Interviewing DoFD staff to assess application of portfolio, programme and project
management;

Reviewing evidence of management practices from the change portfolio and
individual projects and programmes; and

Reviewing previous reports from internal audits as requested by DoFD staff,
specifically:
o
Internal Audit.
Section 3 details the current P3M3™ rating attained from assessment of information
gathered from interviewing seventeen individuals across DoFD and an analysis of relevant
process documentation. A description is provided from OGC’s P3M3™ model for each score
attained.
Section 4 details the P3M3™ model statements that are currently true and the statements
that would have to be rendered true for DoFD to achieve the target P3M3™ ratings
recommended by the assessment team for Portfolio, Programme and Project Management.
Section 5 documents the assessment team’s thoughts on specific management attributes
that could be addressed in improving DoFD’s capability maturity. These attributes underpin
the “statements that would have to be rendered true” from Section 4.
Note : The Capability Improvement Plan (CIP) associated with this assessment, documents
DoFD’s target P3M3™ ratings and how DoFD intends to achieve those ratings.
Page 10 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
3 CURRENT P3M3™ RATINGS
3.1 Maturity Summary
Sub-model
Score
Management
Control
Benefits
Management
Financial
Management
Stakeholder
Management
Risk
Management
Organisational
Governance
Resource
Management
Generic
Attributes Score
Process Perspectives
Portfolio
Management
1
2
1
3
1
2
3
1
2
Programme
Management
2
2
2
2
2
2
2
2
2
Project
Management
2
2
2
3
2
3
3
2
2
Portfolio Management Sub-model
Level 1 - DoFD Executive committees are establishing controls that will enable the ICT
change portfolio to be directed and prioritised according to their requirements. Some aspects,
such as Benefits Management, Resource Management and Stakeholder Management are
currently not defined and managed consistently.
Programme Management sub-model
Level 2 -DoFD does not formally recognise programmes, however, it is evident small groups
have some documented controls and skilled resources. Overall, there is insufficient
organisational guidance for key programme concepts such as programme risk management,
benefits management and future state definition and management.
Project Management sub-model
Level 2 - DoFD ICT units ensure that each project is managed according to the various
Project Management Frameworks, however business areas do not apply a common DoFD
framework consistently. Overall, there is inconsistent application of organisational guidance,
and the current framework lacks detail in key concepts such as project benefits management
and resource management.
Page 11 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
3.2 Portfolio Management Maturity Description
Below are the key observations made by the assessment team during the Portfolio
Management assessment. Following the observations are descriptions for each P3M3™
“process perspectives” (seven of) and “generic attributes” (six of).
Key Observations
DoFD does recognise the need for, and have implemented governance arrangements to
guide and oversee investment decisions. While portfolio management discipline exists within
the agency, this is not part of a comprehensive and consistent organisation-wide approach to
the management of all ICT change initiatives (projects and programmes) as a prioritised and
integrated set of IT investments that drive the realisation of planned and documented
benefits. While DoFD focuses on financial management, risk management and process within
portfolio management, it is not balanced equally focussing on benefits and portfolio
coordination of ICT investments and change. We could be stronger in promoting
understanding of the differences in running the business (‘business as usual’ ) to changing
the business (programme and change management) ie investment management. This would
encompass developing a more top-down approach to controlling ICT programs and projects.
DoFD is missing the benefit of having strong ICT portfolio management that will ensure all
ICT investments are strategically aligned and create measurable value through having been
consciously scrutinised by the portfolio executive in light of; total cost vs risk vs benefit.
Management Control (Level 2)
There are some pockets of portfolio discipline within individual departments, but this is based
on key individuals rather than as part of a comprehensive and consistent organization-wide
approach.
Benefits Management (Level 1)
There is a recognition that initiatives may exist within the organizational and divisional
portfolio to enable the achievement of benefits for the organization. However, this does not
translate into a defined benefits realization process.
Financial Management (Level 3)
There are established standards for the investment management process and the preparation
of business cases. Portfolio investment costs are monitored and controlled.
Stakeholder Management (Level 1)
Stakeholder management and communication is rarely used by portfolios as an element of
the delivery toolkit.
Risk Management (Level 2)
There is generally a top-down approach to risk identification, focusing on major organisational
initiatives, but some initiatives are increasingly carrying out bottom-up risk identification.
However, these approaches are inconsistent, not particularly interrelated and often do not
address the actual management of risks.
Organisational Governance (Level 3)
Centrally defined organisational controls are applied consistently to the portfolio(s), with
decision-making structures in place and linked to organisational governance.
Resource Management (Level 1)
Portfolio resource requirements are recognized but not systematically managed.
Resource allocation is ad hoc, with little, if any, profiling of resources to meet the resource
requirements of specific initiatives.
Page 12 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
Generic Attributes Score
Level 2:
Roles & Responsibilities. Level 2 is defined as: roles, responsibilities and
competencies defined in some areas but not consistently across the organisation.
Experience in Portfolio Management. Level 2 is defined as: key individuals may
have practical delivery experience and track record.
Capability development. Level 3 is defined as: training is focused on the
organisation’s approaches and raising competence of individuals in specific roles.
Forums exist for sharing organisational experience to improve individual and
organisational performance.
Planning & estimating processes. Level 2 is defined as Planning seen as activity
tracking rather than proactive/forecasting. Estimation is more “guesstimation” and
does not use standard techniques
Information & documentation. Level 3 is defined as: Information has a refresh
cycle or is regularly accessed. Formal information release management procedures
Organization-wide information standards on confidentiality, availability and integrity.
Scrutiny & review. Level 3 is defined as: independent reviews take place. Scrutiny
largely for compliance reasons, identifying failures rather than opportunities for
improvement.
Page 13 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
3.3 Programme Management Maturity Description
Below are the key observations made by the assessment team during the Programme
Management assessment. Following the observations are descriptions for each P3M3™
“process perspective” (seven of) and “generic attribute” (six of).
Key Observations – Programme Management specific
There is no portfolio guidance on what constitutes a programme vs a project. A conscious
choice needs to be made to effectively manage the investment. DoFD doesn’t have a
programme management framework. Individuals running programmes inconsistently use their
own home grown or framework based methods to varing degrees of success.
There is confusion about the use of the terms “program” and “programme” in terms of their
meaning and their implications for management processes and governance.
The role of Programme Manager is not defined in the DoFD ICT Governance Committee
Guide or the FESG PMM.
Many of the key principles of Programme Management, including visioning, blueprinting,
transition and benefits management, are not included in the FESG PMM and, hence, are not
applied consistently. Some programmes are applying these principles however this is driven
by individual experience and initiative rather than any DoFD framework.
Successful delivery of programmes is highly dependent upon a small pool of skilled and
experienced managers who are determining their own management processes. These
individual processes are not consistent and the FESG PMM does not capture their good
practices. DoFD would benefit from sharing principles adopted within the few areas
successfully practicing programme management.
Key Observations – Programme and Project Management
DoFD has little to no published guidance on programme management (i.e. the FESG PMM is
project specific)
The agency needs to decide if programme and project management should be centrally
guided or Group specific guidance is developed. Centrally managed provides more benefits.
There is no guidance on what initiative should be managed as a programme as opposed to a
project. There was little evidence that the approval to proceed with programmes and projects
took into account the existing workload and capacity for additional work.
The business case ledger would be better balanced if benefits management and stakeholder
management received the same high degree of diligence as financial management.
Guidance is required to assist programme managers on establishing the right steering
committees at the right level. Having the right steering committee will ensure the relevant
probing questions are examined during scoping and delivery phases of programs and
projects.
The FeSG Project Office (CPO) staffing is very limited leaving little capability and capacity to
proactively support DoFD programmes and projects or develop and disseminate strong
organisation wide practices.
Page 14 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
Management Control (Level 2)
Some general understanding exists of the concepts of programme management and its
control mechanisms but adoption is localized.
Benefits Management (Level 2)
Benefits are recognised as an element within programme business cases. There may be
some documentation regarding who is responsible for particular benefits and their realisation,
but this is unlikely to be followed through or consistent.
Financial Management (Level 2)
Programme business cases are produced in various forms and the better and more formal
cases will present the rational on which to obtain organisational commitment to the
programme. Overall cost of the programme is not monitored or fully accounted for.
Stakeholder Management (Level 2)
Some programmes will be communicated to stakeholders, but this is linked more to the
personal initiative of programme managers than to a structured approach being deployed by
the organisation.
Risk Management (Level 2)
Risk management is partially recognized and used on some programmes, but there are
inconsistent approaches within and between programmes, which result in different levels of
commitment and effectiveness.
Organisational Governance (Level 2)
Programme management from an organisational perspective is beginning to take shape but
with ad hoc controls and no clear strategic control. Roles and responsibilities will be
inconsistent, as will reporting lines.
Resource Management (Level 2)
Resources are being deployed across the organisation and individual programmes have an
approach to resource acquisition, planning or management. However there is little evidence
of consistency of approach
Page 15 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
Generic Attributes Score Level 2
Roles & Responsibilities. Level 1 is defined as: No standard roles, and
responsibilities are not defined or are generic.
Experience in Programme Management. Level 2 is defined as: Key individuals
may have practical delivery experience and track record.
Capability development. Level 1 is defined as: Training provision is uncoordinated,
with little or no knowledge sharing.
Planning & estimating processes. Level 2 is defined as plans exist but are not
underpinned by consistent development methodology, yet may still be effective
locally.
Planning seen as activity tracking rather than proactive/forecasting.
Estimation is more ‘guesstimation’ and does not use standard techniques.
Information & documentation. Level 2 is defined as focus on documentation during
start-up and definition, but not maintained over initiative’s life cycle. Localised
information structures, with some information sharing between teams. Limited
localised information controls, with no formal release management arrangements.
Scrutiny & review. Level 2 is defined as: Local reviews, with some corrective
actions undertaken within the group.
Page 16 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
3.4 Project Management Maturity Description
Below are the key observations made by the assessment team during the Project
Management assessment. Following the observations are descriptions for each P3M3™
“process perspective” (seven of) and “generic attribute” (six of).
Key Observations – Project Management specific
ICT projects are generally vertically stove-piped with the organisation’s structure. There are
advantages in managing ICT investments as horizontal to the organisation structures.
There is no organisational mandate to use a common project management approach, nor an
organizational recognized approach (framework). There are significant differences in the way
Business and ICT areas manage projects and project funds.
There needs to be more guidance to the establishment (thresholds etc) and use of the ‘project
boards’ and the Project Board. The FESG PMM and other elements of the ICT change
governance process are seen to be not as comprehensive for higher risk or larger projects as
required.
Managers recognize IT has a significantly reduced budget, however, have the view that the
Project Office lacks capacity, and there is a lack of support capacity.
There is limited attempt to focus on benefits or stakeholder management or promote use of
techniques to map them.
Planning for transition into operational use is suffering due to a lack of attention to resource
management and the cost of on-going support of the change at the end of a project.
Management Control (Level 2)
The concepts of project management will have been grasped by some within the
organisation, and there may be local experts, such as experienced project managers working
on key projects.
Benefits Management (Level 2)
Benefits are recognised as an element within project business cases. There is some
documentation on who is responsible for particular benefits and their realisation.
Financial Management (Level 3)
The organization will have established standards for the preparation of business cases and
processes for the management of business cases throughout the project life cycle.
Project managers will monitor costs and expenditure in accordance with organizational
guidelines and procedures, with defined interfaces with other financial functions within the
organization.
Stakeholder Management (Level 2)
Projects will be communicating effectively, but this is linked more to personal initiative of
programme and project managers than a structured approach being deployed by the
organisation.
Risk Management (Level 3)
Project risk management is based on a centrally defined process that is cognizant of the
organization’s policy for the management of risks.
Page 17 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
Organisational Governance (Level 3)
Project management from an organizational perspective is beginning to take shape but with
ad hoc controls and no clear strategic control.
Resource Management (Level 2)
Resources are being deployed across the organisation and individual projects have an
approach to resource acquisition, planning or management. However there is little evidence
of consistency of approach.
Generic Attributes Score Level 2
Roles & Responsibilities. Level 3 is defined as: roles, centrally managed role
definitions and sets of competencies defined and used to support appointments.
Experience in Project Management. Level 3 is defined as: Forums exist for sharing
organizational experience to improve individual and organizational performance.
Capability development. Level 2 is defined as generic training may be provided in
key concepts, and there may be individuals undertaking qualification training. Local
sharing of knowledge may exist but mostly ad hoc.
Planning & estimating processes. Level 3 is defined as: Plans developed to a
central and consistent standard that is output- or goal-based.
Page 18 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
Information & documentation. Level 2 is defined as focus on documentation during
start-up and definition, but not maintained over initiative’s life cycle. Localised
information structures, with some information sharing between teams. Limited
localised information controls, with no formal release management arrangements.
Scrutiny & review. Level 2 is defined as Local reviews, with some corrective actions
undertaken within the group
Page 19 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
4 RECOMMENDED TARGET P3M3™ RATINGS
The assessment team recommends DoFD set target P3M3 ratings of 3 for both Programme
Management and Project Management and that, Portfolio Management should be targeted for
a 2 or higher rating. The Project Management rating should be achieved in the next 12 to 18
months. The Programme and Project Management ratings should be achieved when the next
big programme is initiated.
DoFD should target level 3 maturity in Project Management because:
 There is a substantial investment in the DoFD Project Management Framework (FESG
PMM) that is not delivering its potential benefits. This is largely due to lower usage in
Business areas as opposed to ICT areas; and
 Improvement in the FESG PMM and its use will decrease the likelihood of project failure
and increase the likelihood of benefits realisation.
DoFD should target level 3 maturity in Programme Management and a 2 in Portfolio
management because:
 DoFD undertakes a small number of large and often risky initiatives; and
 The people who are governing and managing these initiatives have to work out the
processes for doing so without the benefit of a centrally defined framework that also
addresses key differences between programme and project management.
 DoFD as a lead agency and home to AGIMO and the ICT review change program, would
want to act as an exemplar of better practice in this area; and,
 ensure all ICT investments are strategically aligned and create measurable benefit .
The investment to lift the organisation’s programme management capability could be
funded from the next large programme initiative DoFD undertakes.
Page 20 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
4.1 Portfolio Management – Target Rating 2 recommendations
The table below details the statements against each of the seven process perspectives and
generic attributes that are currently true (column one) and that would need to be rendered
true (column two) for DoFD to achieve the assessment team’s recommended target rating of
2 for Portfolio Management.
FROM: Current Rating 1
Management Control (Level 2)
Willingness for the organization to
implement new processes to support and
enable portfolio management but not
implemented consistently
Some recognition that departmental or
divisional portfolios must fit within the
priorities and processes of an
organizational portfolio
Common vocabulary for portfolio
management beginning to evolve
May be specific guidelines on portfolio
management in parts of the organization
Benefits Management (Level 1)
Initiatives may identify some business
benefit generally
Any benefits identified tend to be
subjective rather than objective
May be some statements on the purpose
of some initiatives but not providing a
clear view of what success will look like
Financial Management (Level 3)
Clear, documented and published
investment life cycle addressing new
ideas, feasibility studies, trials,
development and review
Investment management process and
practice in place across organizational
portfolio, within which departmental or
specialist portfolios fit
Common investment management
process and practice within portfolio for
initiative approval, monitoring and
delegation
Business and portfolio planning cycles
work concurrently
Costs, expenditure and forecasts
monitored at portfolio level in accordance
with organizational guidelines and
procedures
Defined interfaces with other financial
functions within the organization
Criteria within portfolio for organizational
Page 21 of 38
Version:
1.2
Updated:
30 September
2010
TO: Target Rating 2
Management Control (Level 2)
Already attained.
Benefits Management (Level 2)
Evidence of individuals or local functions using a
process for defining business benefits, but little
formal benefits tracking, management or
ownership
Some initiatives will be expected to identify
benefits and how to achieve them, but this is
deployed inconsistently
Likely to be overlap and double counting of
benefits between initiatives, with a poorly defined
process to identify these
Some alignment of identified benefits to the
organizational objectives, but likely to be
unquantified and patchy
Financial Management (Level 3)
Already achieved.
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
investment decision-making are clear
and communicated
Portfolio management process includes
effective planning of funding availability
Financial data in management reports
integrated with schedule data and
including trends
Financial modelling of value for money,
using agreed and explicit techniques
Stakeholder Management (Level 1)
Concept of stakeholder engagement may
be acknowledged but is undefined
Portfolio communicates with
stakeholders on ad hoc basis, relying on
individuals within the team taking the
initiative
No structured approach to stakeholder
management and communications
Risk Management (Level 2)
Some initiatives manage risks, but risk
decision making may not consider wider
outcome, focusing on threats to initiative
rather than to portfolio as a whole and
the realization of strategic objectives
Some initiatives analyze risk in terms of
probability, impact (on schedule, cost
and quality of deliverables) and timing
Some proactive management of risk, with
mitigation plans in place, but such plans
are rare and probably unfunded
Focus on risk tracking rather than risk
Management
No escalation procedures for risk
mitigation to pass to more senior
management
May be some effective ownership of risks
and risk actions
Top-down (sometimes “knee-jerk”)
approach to risk identification
unconnected with bottom-up approach
within initiatives, often causing
duplication of effort, competing teams,
nonoptimal resource allocation, and
consequently ineffective management of
organizational risk.
Page 22 of 38
Version:
1.2
Updated:
30 September
2010
Stakeholder Management (Level 2)
Evidence may exist of more sophisticated
analysis and communications planning for
some portfolios
Most stakeholder analysis is basic and
inconsistent, limited to the issue of what
stakeholders are interested in
Portfolios recognize stakeholder groupings but
are limited to local knowledge
Some portfolios have their own communications
plans but they focus on merely transmitting
information
Outgoing communications channels from
portfolios are limited, with focus on email
or websites
Some stakeholders advised or consulted, and
feedback processed
Structured approach beginning to evolve,
but based on good practice of one or two
key individuals
Risk Management (Level 2)
Already Achieved
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
Organisational Governance (Level 3)
The organization has established
documented policies, standards,
processes and governance for change
investments, and has developed an
Executive Board-owned structure to
oversee portfolio performance
Clear, defined vision for organizational
change, with senior management
demonstrating commitment to it
Portfolio is well defined and aligned with
strategic objectives and priorities
Clear governance structure ensuring that
all initiatives are evaluated, prioritized
and approved based on strategic
objectives, and business cases are
continually reviewed for validity and
viability
Organization Portfolio Office monitors
effectiveness of governance and
stakeholder engagement for all initiatives
Legislative and regulatory requirements
incorporated into portfolio management
decision and controls processes
Governance controls integrated into
portfolio controls
Business performance information
acquired and reviewed by Organization
Portfolio Office
Process ownership is clear and related
decision making responsibilities are
clearly defined.
Resource Management (Level 1)
Individual initiatives identify and source
their own resources, creating a high risk
of the organization over-committing key
resources
Little or no coordination of resources
across different initiatives, and limited
alignment to organizational objectives
and priorities, leading to resource
conflicts
Resource acquisition is ad hoc and
uncoordinated
Generic Attributes Score (Level 2)
Roles & Responsibilities. Level 2 is
defined as: Roles, responsibilities and
competencies defined in some areas but
not consistently across the organization
Centrally managed role definitions and
sets of competencies defined and used
to support appointments
Page 23 of 38
Version:
1.2
Updated:
30 September
2010
Organisational Governance (Level 3)
Already Achieved
Resource Management (Level 2)
Resources deployed within specialist or
departmental portfolios, with limited consideration
of the wider organizational portfolio
Some specialist or departmental portfolios have
defined methods of resource acquisition but
these are likely to differ and be applied
inconsistently
Limited assessment of impact on other initiatives
or operational areas when allocating resources
Pockets of good resource management
processes but likely to be limited to specific
initiatives or departments
Problems of not managing resources across
portfolio are beginning to be understood and
solutions starting to be developed in isolated
initiatives or departments
Generic Attributes Score (Level 2)
Roles & Responsibilities.
Already achieved.
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
Experience in Portfolio Management.
Level 2 is defined as: Key individuals
may have practical delivery experience
and track record.
Capability development. Level 3 is
defined as Training is focused on the
organization’s approaches and raising
competence of individuals in specific
roles Forums exist for sharing
organizational experience to improve
individual and organizational
performance.
Planning & estimating processes.
Level 2 is defined as Plans exist but are
not underpinned by consistent
development methodology, yet may still
be effective locally. Planning seen as
activity tracking rather than
proactive/forecasting . Estimation is more
“guesstimation” and does not use
standard techniques.
Information & documentation. Level 3
is defined as: Information has a refresh
cycle or is regularly accessed
Organization-wide information standards
on confidentiality, availability and integrity
Formal information release management
procedures.
Scrutiny & review. Level 3 is defined
as: Independent reviews take place.
Scrutiny largely for compliance reasons,
identifying failures rather than
opportunities for improvement
Page 24 of 38
Version:
1.2
Updated:
30 September
2010
Experience in Portfolio Management.
Already achieved
Capability development. Level 3
Already achieved
Planning & estimating processes.
Already achieved
Information & documentation. Level 3 is
Already achieved
Scrutiny & review. Level 3 is
Already achieved
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
4.2 Programme Management – Long term Target Rating 3
recommendations
The table below details the statements against each of the seven process perspectives and
generic attributes that are currently true (column one) and that would need to be rendered
true (column two) for DoFD to achieve the assessment team’s recommended target rating of
3 for Programme Management.
FROM: Current Rating 2
Management Control (Level 2)
Some general understanding exists of the
concepts of programme management and its
control mechanisms but adoption is localized.
Benefits Management (Level 2)
Benefits are recognised as an element within
programme business cases. There may be
some documentation regarding who is
responsible for particular benefits and their
realisation, but this is unlikely to be followed
through or consistent.
Financial Management (Level 2)
Programme business cases are produced in
various forms and the better and more formal
cases will present the rational on which to
obtain organisational commitment to the
programme. Overall cost of the programme is
not monitored or fully accounted for.
Stakeholder Management (Level 2)
Some programmes will be communicated to
stakeholders, but this is linked more to the
personal initiative of programme managers
than to a structured approach being deployed
by the organisation.
Risk Management (Level 2)
Risk management is partially recognized and
used on some programmes, but there are
inconsistent approaches within and between
programmes, which result in different levels
of commitment and effectiveness.
Organisational Governance (Level 2)
Programme management from an
organisational perspective is beginning to
take shape but with ad hoc controls and no
clear strategic control. Roles and
responsibilities will be inconsistent, as will
reporting lines.
Resource Management (Level 2)
Resources are being deployed across the
organisation and individual programmes have
an approach to resource acquisition, planning
Page 25 of 38
Version:
1.2
Updated:
30 September
2010
TO: Target Rating 3
Management Control (Level 3)
There is a centrally defined and documented
approach to a programme management life
cycle and controls, and it is applied in all
programmes by capable staff that support
programme teams.
Benefits Management (Level 3)
There is a centrally managed and consistent
framework for defining and tracking the
realisation of benefits arising from
programme outcomes.
Financial Management (Level 3)
There are centrally established standards for
the preparation of business cases and
processes for their management throughout
the programme lifecycle. Programme
managers monitor costs and expenditure in
accordance with organisational guidelines
and procedures, with defined interfaces with
other financial functions within the
organisation.
Stakeholder Management (Level 3)
There is a centrally managed and consistent
approach to stakeholder engagement and
communications used by all programmes.
Risk Management (Level 3)
Programme risk management is based on a
centrally defined process that is cognisant of
the organisation’s policy for the management
of risks and is used consistently.
Organisational Governance (Level 3)
Centrally defined organisational controls are
applied consistently to the portfolio(s), with
decision-making structures in place and
linked to organisational governance.
Resource Management (Level 3)
The organisation has a centrally defined and
adopted set of procedures and management
processes for acquiring, planning and
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
FROM: Current Rating 2
or management. However there is little
evidence of consistency of approach
Generic Attributes Score (Level 2)
Roles & Responsibilities. Level 1 is
defined as. No standard roles, and
responsibilities are not defined or are
generic.
Experience in Programme Management.
Level 2 is defined as key individuals may
have practical delivery experience and track
record.
Capability development. Level 1 is defined
as Training provision is uncoordinated, with
little or no knowledge sharing.
Planning & estimating processes. Level 2
is defined as plans exist but are not
underpinned by consistent development
methodology, yet may still be effective
locally. Planning seen as activity tracking
rather than proactive/forecasting. Estimation
is more ‘guesstimation’ and does not use
standard techniques.
Information & documentation. Level 2 is
defined as focus on documentation during
start-up and definition, but not maintained
over initiative’s life cycle. Localised
information structures, with some information
sharing between teams. Limited localised
information controls, with no formal release
management arrangements.
Scrutiny & review. Level 2 is defined as:
Local reviews, with some corrective actions
undertaken within the group.
Page 26 of 38
Version:
1.2
Updated:
30 September
2010
TO: Target Rating 3
managing programme resources.
Generic Attributes Score (Level 3)
Roles & Responsibilities. Level 3 is
defined as centrally managed role definitions
and sets of competencies defined and used
to secure appointments.
Experience in Portfolio Management.
Level 3 is defined as key individuals have
practical delivery experience and track
record.
Capability development. Level 3 is defined
as training is focused on the organisation’s
approaches and raising competence of
individuals in specific roles. Forums exist for
sharing organisational experience to improve
individual and organisational performance.
Planning & estimating processes. Level 3
is defined as plans developed to a central
and consistent standard that is output or goal
based. Plan development takes into account
a range of relevant factors. Evidence of
effective estimating techniques.
Dependencies are identified, tracked and
managed effectively.
Information & documentation. Level 3 is
defined as information has a refresh cycle or
is regularly accessed. Organisation-wide
information standards on confidentiality,
availability and integrity. Formal information
release management procedures.
Scrutiny & review. Level 3 is defined as:
Scrutiny largely for compliance reasons,
identifying failures rather than opportunities
for improvement
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
4.3 Project Management – Target Rating 3 recommendations
The table below details the statements against each of the seven process perspectives and
generic attributes that are currently true (column one) and that would need to be rendered
true (column two) for DoFD to achieve the assessment team’s recommended target rating of
3 for Project Management.
FROM: Current Rating 2
Management Control (Level 2)
The concepts of project management will
have been grasped by some within the
organisation, and there may be local
experts, such as experienced project
managers working on key projects.
Benefits Management (Level 2)
Benefits are recognised as an element
within project business cases. There is
some documentation on who is
responsible for particular benefits and
their realisation.
Financial Management (Level 3)
Standardised approach to project
business case development. Business
cases approved centrally, making budget
limitations explicit. Issues and risks
assessed in financial terms. Guidelines
exist on costs to be included in, and
excluded from, budgets. Projects have
distinct budgets and expenditure against
budget is tracked and reported on.
Clearly defined authorities for
expenditure levels, with cost and
expenditure reported on using agreed
templates or pro-forma reports. Contract
placement using professional
procurement support to ensure best
value for money. Standard financial
estimation and value for money
techniques deployed consistently across
projects. Business cases reviewed at
explicit stages in project life cycle and
actions taken to put projects back on
track. Evidence of operational sign-off for
Page 27 of 38
Version:
1.2
Updated:
30 September
2010
TO: Target Rating 3
Management Control (Level 3)
There is a centrally defined and documented
approach to a project management life cycle and
controls, and it is applied in all projects by
capable staff that support project teams.
Benefits Management (Level 3)
Measures of project success are becoming
defined and explicit. Common approach and
processes that ensure consistency across all
projects in relation to benefits measurement and
realisation. Benefits management process
described within project business case. Changes
to project considered against impact on benefits.
Common set of tools and templates used for
benefits management activities, including their
detailed statement. Benefits documents stored
centrally and subject to change control. Detailed
descriptions explaining how benefits will be
achieved from project deliverables. Benefits
calculated in financial terms against centrally
managed assessment criteria. Clear
responsibilities for benefits realisation cited in
business cases. Post-project benefit reviews
used to report formally on outcomes and benefit
realisation.
Financial Management (Level 3)
Already achieved.
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
FROM: Current Rating 2
any additional costs imposed by project.
Capital and revenue costs accounted for
differently. Centrally agreed project
budgets, making it clear when and where
funding will be available.
Stakeholder Management (Level 2)
Projects will be communicating
effectively, but this is linked more to
personal initiative of programme and
project managers than a structured
approach being deployed by the
organisation.
Risk Management (Level 3)
Standard risk management templates
and tools used extensively and
consistently. Risks identified, assessed
and controlled in accordance with
recognised procedures, across all
projects. Regular reviews, addressing
broader opportunities for improvement as
well as compliance. Reviews seen as a
positive opportunity to improve, not a
threat. Risk management interventions
embedded within project life cycle. Risks
consistently categorised by type (e.g.
commercial, operational or strategic).
Audits of risk within projects. Processes
exist for escalation of project risks. Risks
not limited to internal impact on project
goals. Risk assessment techniques
defined and deployed consistently.
Organisational Governance (Level 3)
Common definition of Project Boards (or
equivalent) & their key roles &
responsibilities, which are in place on
most projects unless there is a clear
reason for them not to be. Central body
monitors and influences progress of all
projects and the optimal balance of
current projects. Consolidated progress
reporting on all projects. All key roles &
responsibilities documented within
individual directors’ terms of reference.
Project ideas evaluated against
consistent criteria prior to approval.
Page 28 of 38
Version:
1.2
Updated:
30 September
2010
TO: Target Rating 3
Stakeholder Management (Level 3)
Centrally defined and consistent approach, and
supporting process, for identifying and analysing
stakeholders. Projects consider stakeholder
needs and stakeholders are actively involved in
decision-making. Corporate communications (or
equivalent) are involved in development of
stakeholder engagement processes and
procedures. Stakeholders have authority and
clearly defined roles within project. Audit trails of
communications maintained for all projects.
Structured, centrally managed communications
plan balances communications from all projects.
Communications channels vary and are used to
target and deliver messages effectively.
Communications budget exists. Much of this
approach is provided by the permanent Project
Office.
Risk Management (Level 3)
Already Achieved
Organisational Governance (Level 3)
Already Achieved
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
FROM: Current Rating 2
Centralised decision making ensures that
projects fit the organisation’s ongoing
needs. Functional activities of sponsor or
project executive can be demonstrated
for all projects. Evidence of sponsor or
project executives ensuring that projects
maintain alignment with organisational
strategy, with interventions as
appropriate. Decisions are auditable.
Clear reporting lines set and maintained.
Legislative and regulatory requirements
built into guidelines. Evidence of
structured start-up and closure of
projects under clear business control.
Resource Management (Level 2)
Resources are being deployed across
the organisation and individual projects
have an approach to resource
acquisition, planning or management.
However there is little evidence of
consistency of approach.
Generic Attributes Score (Level 2)
Roles & Responsibilities. Level 3 is
defined as centrally managed role
definitions & sets of competencies
defined & used to secure appointments.
Experience in Project Management.
Level 3 is defined as key individuals have
practical delivery experience and track
record.
Capability development. Level 2 is
defined as generic training may be
provided in key concepts, and there may
be individuals undertaking qualification
training. Local sharing of knowledge may
exist but mostly ad hoc.
Planning & estimating processes.
Level 3 is defined as plans developed to
a central & consistent standard that is
output or goal based. Plan development
takes into account a range of relevant
factors. Evidence of effective estimating
techniques. Dependencies are identified,
tracked and managed effectively.
Page 29 of 38
Version:
1.2
Updated:
30 September
2010
TO: Target Rating 3
Resource Management (Level 3)
Centrally defined & adopted set of procedures in
place for resource management. Work to be
carried out by third parties or contractors defined
& planned in accordance with documented
procedures and reviewed at key milestones or
project stages. Frameworks in place with external
market for provision of resources to meet
shortages & expertise peaks. Resource utilisation
tracking & productivity monitoring occasionally
undertaken, using industry standard techniques.
Resource planning undertaken in broadest
sense, not limited to human resources. Some
collaboration between project teams or
recognition at organisational level of opportunities
for sharing critical or limited resources. Potential
issues arising from resource availability identified
& escalated. Evidence of induction planning &
activities when joining project teams.
Generic Attributes Score (Level 3)
Roles & Responsibilities.
Already achieved.
Experience in Project Management.
Already achieved
Capability development. Level 3 is defined as
training is focused on DoFD’s approaches and
raising competency of individuals in specific
roles. Forums exist for sharing DoFD experience
to improve both individual & DoFD performance.
Planning & estimating processes.
Already achieved
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
FROM: Current Rating 2
Information & documentation. Level 2
is defined as focus on documentation
during start-up and definition, but not
maintained over initiative’s life cycle.
Localised information structures, with
some information sharing between
teams. Limited localised information
controls, with no formal release
management arrangements.
Scrutiny & review. Level 2 is defined
as: Local reviews, with some corrective
actions undertaken within the group
TO: Target Rating 3
Information & documentation. Level 3 is
defined as information has a refresh cycle or is
regularly accessed. Organisation-wide
information standardisation on confidentiality,
availability and integrity. Formal information
release management procedures.
Scrutiny & review. Level 3 is defined as:
independent reviews take place. Scrutiny largely
for compliance reasons, identifying failures rather
than opportunities for improvement
5 MATURING OF SPECIFIC ATTRIBUTES
This section documents assessment team’s thoughts on specific P3M3 management
attributes that could be addressed in improving DoFD’s capability maturity. These attributes
underpin the “statements that would have to be rendered true” (i.e. the second column) from
Section 4 above.
5.1 Portfolio Management – Level 1 to Level 2
Management Control
 Mandate improvement of the PMM or adopt a mature and proven project management
framework (OGC’s PRINCE2TM2 for project management)
 and mandate adoption of a Programme management framework (eg OGC’s MSPTM3 for
programme management), and
 Consider implementation of a whole of organisation ICT Portfolio, Programme and
Project office (P3OTM4). The office will initially develop manage and control processes
and later coordinate all DoFD ICT programmes and projects as an ICT investment body
of work for the portfolio.
Benefits Management
 Increase the understanding for Executive board, ITGC and project sponsors that benefits
need to be reported as strategically aligned with organization goals, are cost effective
and are being continuously monitored and reported to EB.
Resource Management
 Ensure the organisation defines and adopts a framework for resource capacity and
capability planning; and
 Implements utilisation tracking and productivity monitoring for reporting to EB.
2 PRINCE2 is a Registered Trade Mark of the UK Government’s Office of Government Commerce.
3 MSP is a Registered Trade Mark of the UK Government’s Office of Government Commerce.
4 P3O is a Registered Trade Mark of the UK Government’s Office of Government Commerce.
Page 30 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
Organisational Governance
 A number of interviewees observed that some project committees are failing to identify
and seek answers to “the hard questions”. Introduction of role-based management for
key project management personnel could ensure that each person in a role has a clear
definition of their specific role and responsibilities, which in turn may improve their
assessment and questioning of projects;
 Clarify reporting lines for both the writers and receivers of project reports. This should
address the flow of project information up from team leaders within projects to project
managers, then on to line management, steering committee members and those
engaged in programme management. The PM and Governance manuals should be
better aligned to eliminate duplication of reporting etc; and
 Define the interfaces between project and programme governance arrangements, then
educate staff.
Resource Management
 Define and adopt a framework for resource capacity and capability planning at portfolio
level; and
 Implement utilisation tracking and productivity monitoring.
Generic Attributes
Roles & Responsibilities
o Define the competencies required for key project management roles (e.g.
Business representatives on steering committees must understand the
operational environment into which the deliverables of the project will be
deployed and they must assist the definition of how those deliverables will be
used).
Experience in Portfolio Management
o Ensure that key people have project management experience in balance with
project subject matter expertise.
Capability development
o
Actively train people for their specific roles and responsibilities.
Planning & estimating processes
o Implement goal and output-based planning and estimating methods across
DoFD, noting that some areas have done this; and
o Identify, track and manage inter-project dependencies.
Information & documentation
o Make information refresh cycles and release management practices
consistent across projects.
Scrutiny & review
o Improve the connection between project scrutiny and review (e.g. ANAO
audits and Gateway Reviews) and improvements in project management.
Introduce and mandate post project reviews.
5.2 Programme Management – Level 2 to Level 3
Management Control
Page 31 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
 Define a programme management “framework” that addresses the differences between
better practice project management and programme management. Mandate using this
framework and set threshold statements for assessing when it must be used;
 Ensure that the programme management framework defines the integration points
between programme and project management; and
 Distinguish between operational (i.e. business as usual) “programs” and change
“programmes”.
 Improve method guidance for programme vision/blueprint/future state definition and
ensure that programmes are starting to use this guidance (adopt a proven framework –
OGC’s MSP for example);
 Tighten the definition of and commitment to programme scope and also tighten change
control to reduce the ability of stakeholders to introduce uncontrolled change;
 Adopt consistent reporting across programmes;
 Introduce role-based management for key roles such as Senior Responsible Owners,
Business Change Managers and Programme Managers so that each person in a role has
a clear definition of their specific role and responsibilities;
 Train and support people in their programme management roles; and
 Apply the concept of scheduled tranche reviews in programmes to formally take stock of
progress to date and changes in the programme’s context to make decisions about the
future of the programme.
Benefits Management
 Ensure that processes, templates and tools for benefit management are in place and
being consistently used;
 Ensure that benefits are defined, observable, attributable and measurable (DOAM);
 Improve benefit realisation plans, profiles and schedules including definition of who has
ownership/accountability for benefit realisation;
 Include assessment of benefits harvested to date in tranche reviews; and
 Provide guidance for consistent mapping of deliverables, outcomes and benefits.
Financial Management
 Establish Programme business cases that focus on a journey of change over time,
benefits realisation on the way, islands of stable business capability and the associated
risks (i.e. more than the standard project cost/benefit analysis); and
 Include re-assessment of the business case in tranche reviews to confirm it is still wholly
valid and relevant to programme aims.
Stakeholder Management
 Document the good processes currently used by experienced programme sponsors and
managers and communicate these to all DoFD programme sponsors and managers.
Risk Management
 This would largely be addressed by the actions above on the framework noting that the
essence of Risk Management is no different for Projects and programmes however the
process sequencing is different. For example, one of DoFD’s more experienced
programme management stakeholders described a process whereby risk assessment is
firstly conducted at programme level, then programme representatives engaged in each
Page 32 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
project level risk assessment, then the programme risks were re-assessed to capture
knowledge gained from the projects.
 Communicate the programme risk management processes to all DoFD programme
sponsors and managers; and
 Introduce simple risk perspectives such as Strategic, Operational, Programme and
Project.
Organisational Governance
 Embed Business Change Managers (as per Management Control, above) in programme
decision making and management.
Resource Management
 Define and adopt a framework for resource capacity and capability planning at
programme level; and
 Implement utilisation tracking and productivity monitoring.
Generic Attributes
Roles & Responsibilities
o Define the competencies required for key programme management roles
(e.g. Business Change Managers must understand the operational
environment into which they will deploy the capabilities delivered by the
programme and they must have the authority to drive the associated
operational change).
Experience in Programme Management
o Ensure that key people have programme and project management
experience in balance with programme subject matter expertise.
Capability development
o
o
Train people for their specific roles and responsibilities; and
Implement programme management forums to share learning.
Planning & estimating processes
o Implement goal and output-based planning and estimating methods across
DoFD for consistency, noting that some ICT areas already do this; and
o Identify, track and manage inter and intra-programme dependencies.
Information & documentation
o Make information refresh cycles and release management practices
consistent across programmes.
Scrutiny & review
o Ensure that programmes are scrutinised to identify failures and, preferably, to
also drive improvements in programme management.
5.3 Project Management – Level 2 to Level 3
Management Control
 Improve the PMM or adopt a mature and proven project management framework (OGC’s
PRINCE2 for example);
 Improve understanding and mandate application of a DoFD Project Management
Framework ( Eg the improved FESG PMM) in non-ICT areas of DoFD. Specifically the
assessment team noted;
o the current perception that the FESG PMM is not fully mature and is optional.
Page 33 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
 Ensure that the FeSG PMM defines the integration points between programme and
project management;
 Specifically improve the benefits management and tracking aspects as well as the
resource management and stakeholder management components;
 Improve the up front definition of deliverables and benefits and the ultimate evaluation
against this definition; and
 Mandate Post project reviews to test benefits realisation etc.
Benefits Management
 Increase the understanding for project sponsors and managers that benefits are being
monitored by Senior Executives in relation to their projects and clarify the benefits
management touch points between project sponsors, project managers and finance staff.
Financial Management
 Where projects occur over multiple financial years, include business case re-assessment
in the transition from one year to another in addition to topping up the project funding.
This has been identified as a problem across finance; and
 Address the inconsistency between Business and ICT areas of DoFD regarding project
funding perhaps through a combination of making practices more consistent or improving
understanding about why the inconsistencies exist. Refer Section 3, above, observations
regarding project management.
Stakeholder Management
 Improve documentation of processes (i.e. in the FESG PMM) for stakeholder
engagement and communications to capture the good practices of more experienced
project staff; and
 Raise awareness of FESG PMM stakeholder management tools and techniques.
Risk Management
 Ensure consistent application of the FESG PMM guidance for Risk Management across
ICT and Business. Ensure risk management isn’t just a process but a thorough
evaluation of threats.
Page 34 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
APPENDIX A –OVERVIEW DOFD PORTFOLIO OF ICT ENABLED CHANGE
Page 35 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
APPENDIX B – P3M3™ OVERVIEW
P3M3™ is an overarching model containing three sub-models, Portfolio Management Maturity Model
(PfM3), Programme Management Maturity Model (PgM3) and Project Management Maturity Model
(PjM3);
For each of the three sub-models P3M3™ examines up to 7 different process perspectives (Management
Control, Benefits Management, Financial Management, Stakeholder Management, Risk Management,
Organisational Governance and Resource Management). Within each perspective 5 levels are used to
describe maturity, these levels can be applied independently within each model, or across all three to assess
overall P3M3™ maturity.
3 Sub-models
Portfolio Management
The totality of an organisation’s investment (or a segment thereof) in the changes required to achieve its
strategic objectives. Portfolio Management describes the management of an organisations portfolio of
business change initiatives.
Programme Management
Programmes exist to manage the complexities involved in delivering beneficial change. Programme
Management is focussed on the areas of tension between strategic direction, project delivery and
operational effectiveness.
Project Management
A project is a unique set of coordinated activities, with definite starting and finishing points, undertaken
by an individual or team to meet specific objectives within defined time, cost and performance
parameters as specified in the business case. Project Management guides a project through a visible set
of activities, from controlled start-up, through delivery, to controlled closure, and review.
Page 36 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
7 Process Perspectives
1. Management Control
This covers the internal controls of the initiative and how direction is maintained throughout its life
cycle, with appropriate break points to enable it to be stopped or redirected by a controlling body if
necessary. Best practice is characterised by clear evidence of leadership and direction, scope, stages,
tranches and review processes during the course of the initiative.
2. Benefits Management
This ensures the desired business outcomes are clearly defined, measurable and ultimately delivered
through a structured approach. Best practice recommends that benefits are assessed and approved by the
organisational areas that will deliver them. Benefit dependencies and other requirements should be
clearly defined, and understanding gained on how the initiative’s outputs will deliver the benefits.
3. Financial Management
This ensures that likely costs are captured and evaluated in a formal business case and are categorised
and managed over the investment life cycle. There should be appropriate involvement from the
organisation’s financial functions, with approvals being embedded in the broader organisational
hierarchy. Best practice suggests that a business case should define the value of the initiative to the
business and contain a financial appraisal of the possible options.
4. Stakeholder Management
Best practice suggests that both internal and external stakeholders are analysed and engaged in order to
achieve the initiative’s objectives. Stakeholder Management includes communications planning, the
effective identification and use of different communications channels, and techniques to enable
objectives to be achieved.
5. Risk Management
This views the way in which the organisation manages threats to, and opportunities presented by, the
initiative. Risk Management maintains a balance of focus on threats and opportunities, with appropriate
management actions to reduce or eliminate the likelihood/impact of any identified threat.
6. Organisational Governance
This looks at how the delivery of initiatives are aligned to the organisation’s strategic direction, including
start-up, closure and during the initiative’s lifecycle. This perspective looks at how the impact of external
factors might be controlled/mitigated, as opposed to Management Control, which considers how
internal control is maintained.
7. Resource Management
This covers management of all resources required for delivery, including human resources, buildings,
equipment, supplies, information, tools and supporting teams. A key element is the process for acquiring
resources and how supply chains are utilised to maximise their effective use. In best practice there will be
evidence of capacity planning and prioritisation to enable effective resource management.
Page 37 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
P3M3TM Assessment Report
5 Maturity Levels
Maturity Level 1 - Awareness of Process

Processes are not usually documented, actual practice is determined by events or individual
preferences, and performance is variable.

Successful initiatives are often based on key individuals’ competencies rather than organisationwide capability and past successes can not be repeated consistently.

Processes are undeveloped or incomplete. There is little or no guidance or supporting
documentation and even terminology may not be standardised.
Maturity Level 2 - Repeatable Processes

Basic management practices, e.g. tracking expenditure and scheduling resources, are in place and
being improved. Key individuals are trained and demonstrate a successful track record and
through them, the organisation is capable of repeating success.

Initiatives are performed and managed according to their documented plans; project status and
delivery is visible to management at defined points.

There may still be inadequate measures of success; unclear responsibilities;
ambiguity/inconsistency in business objectives; unintegrated Risk Management; limited Change
Management; and inadequacies in communications strategy.
Maturity Level 3 – Defined Processes

Management and technical processes are documented, standardised and integrated to some extent
with business processes. There is some process ownership and a group responsible for
maintaining consistency and delivering process improvements.

Senior management are engaged consistently, providing active and informed support.

There is an established training programme to develop individual’s skills and knowledge.
Maturity Level 4 – Managed Processes

The organisation has defined processes that are quantitatively managed, i.e. controlled using
metrics. There are quantitative objectives for quality and process performance, and these are
being used in managing processes.

Top management are proactively seeking out innovative ways to achieve goals.

Using metrics, management can effectively control processes and identify ways to adjust and
adapt them to particular initiatives without loss of quality.
Maturity Level 5 – Optimised Processes

There is focus on optimisation of quantitatively managed processes to account for changing
business needs. The organisation exhibits continuous process improvement, and can show strong
alignment of organisational objectives with business plans.

Top managers are seen as exemplars, reinforcing the need and potential for capability and
performance improvement.

Information from process and product metrics enables the organisation to understand causes of
variation and to optimise its performance.
Page 38 of 38
Version:
1.2
Updated:
30 September
2010
Authors:
DoFD &
TANNER JAMES
Download