I had loads of trouble sourcing a decent template that defined the "riding instructions" for an independent Quality Audit of my project, so ended up developing this - hope it helps anyone out there tha might need similar: INDEPENDENT QUALITY AUDIT (IQA) Requirements
1. Overview
It is anticipated that there are three distinct elements to the provision of the services required.
There will be a development of processes to cover:
• How the parties will engage once the need for services is identified for a project
• The processes by which the services will be carried out. Examples include the provision of information that the project needs to provide, the scheduling of activities etc.
• Reporting requirements such that all like services use a common report template (but there may be a different template for each type of service)
• Performance measurement i.e. what determines successful IQA?
• The delivery of Project IQA services (see paragraphs 2 and 3 below)
The review of IQA activities at an aggregated level e.g. is there recurring issues that might require the Corporation to change its project management methodology?
The supplier will have a direct Input into the lessons learned log for the projects requiring IQA.
2. IQA Supplier Responsibilities
The IQA supplier will be responsible for the following tasks:
Agreement with the IS Manager or Project Sponsor or nominated representative regarding the Project IQA services required for a specific project or projects, and agreeing the following schedule for each:
Context [a brief description of the reasons why the IQA is needed]
Scope [clear statement of the scope of the IQA (i.e. what it will include and will not include)]
Services [detailed description of services to be provided]
Resourcing [resources that will be used to provide these services, their experience levels]
Deliverables [detailed description of deliverables]
Standards [any applicable service and deliverable standards (e.g. Government Web Guidelines for web-development Services), metadata frameworks, etc.]
Timeframe [details of commencement date(s), milestone dates for deliverables, tasks, completion, etc.]
Charges [details of Fixed Charges and/or Hourly Rate(s) applicable +GST (if any)]
Status Reporting [details of expected Status Reporting during the IQA]
Service Agreement [Confirmation of arrangement under which the IQA(s) will be performed in order to protect the Corporation’s IP, confidentiality, etc. (e.g. Head Agreement, MOU, etc.)]
Establishing the facts through analyses of project artifacts, interviews with appropriate people (key stakeholders, project team members, business representatives, contractors, vendors etc. depending on the nature of the service)
Determination of the status of the project(s) in relation to the IQA subject area(s)
Discussion of draft findings and recommendations with appropriate parties, but usually including the IS Manager, including any remediation options where applicable
Formal reporting of findings and recommendations and agreement regarding any remedial activities.
3. Specifications
Project Quality Assurance
This component covers the management of the change including the continued alignment of project scope and outputs with business expectations and the appropriate management of testing, handover to production, user documentation etc. The following are typical topics for project quality assurance (not an exhaustive list):
• Review and advise on the establishment and progress of the project in accordance with the PMBOK Guidelines and/or PRINCE2, as well as other relevant known and agreed best practice Frameworks.
• Specific attention for the identification and management of project risks and dependencies, plus analysis of the organisation risks and dependencies.
• Monitor the progress and report on compliance with public sector guidelines, industry best practice and progress in accordance with the agreed milestones and deliverables.
• Review and comment on the appropriateness of the governance and management structure for the project or cluster of projects
• Review and comment on the likelihood that project outputs will meet the documented business needs (or not)
• Review and comment on the accuracy of forecast to complete costing’s and timescales preferably using a form of reference forecast
• Review and comment on the appropriateness of testing regimes, handover to production process, user documentation etc.
Technical Quality Assurance
Review and advise on the technical design. Provide an independent high level opinion and advice on the approach, technology and commercial “reasonableness” of the design. Engage with the Corporation Architects to ensure that the design fits with the desired strategy architecture and standards for the Corporation ICT. Key considerations for this are:
• The solution is designed and implemented to industry best practice and aligned with the Corporation’s strategy and architecture;
• provides a robust, scalable and stable platform for all of the Corporation’s users;
• helps position the Corporation to meet its future business and technology needs;
• complies with Corporation architecture and standards;
• is secure (i.e. meets the Corporation’s and industry security requirements);
• is able to be efficiently and effectively managed;
• is cost effective;
• meets the overall objectives of the original business case;
• integrates with existing and planned Corporation and partner applications and infrastructure;
• testing regimes are accurate and provide for Corporation requirements;
• has appropriate contingency built in – eg information for escrow, DR etc;
• is fully documented, with agreed project change control and acceptance testing processes followed;
Where the solution is a tactical compromise i.e. deliberately does not comply with the above criteria, the key consideration is that the solution will be appropriately partitioned in the production environment and that there is an approved plan to remove it at its end of life or to modify it such that it does comply and can be integrated into the production environment correctly.
Audit / Benefits Review
Provide an independent high level review and audit on the expenditure, commercial “reasonableness” and value for money of the project and associated risk. Report on compliance with public sector guidelines if applicable, industry best practice and progress in accordance with the agreed milestones and deliverables to ensure delivery of expected benefits.
Deliver a report using as a baseline the benefits that have been stated in the initiating business case, note points of approved review of benefits as the project progresses to ensure that changes have been agreed and tracked, and confirm that the benefits are on track to be delivered.
A possible report would contain the following information:
Review the expenditure on the project, opinion as to value for money, areas of likely savings, confirm the ongoing operational costs as being reasonable.
