ICT Investment review

Learn about the Information and Communication Technology (ICT) investment review process and its alignment with gated assurance.

The Queensland Government Customer and Digital Group (QGCDG) provides whole of government assurance over significant digital and ICT enabled initiatives to verify:

strategic whole of government and agency business alignment
that best practice is applied to ensure initiatives are planned for success
that initiatives represent wise investments; and
to identify potential for cross agency collaboration.

The ICT Investment review supplements existing agency governance arrangements with independent reviews at set points within the initiative lifecycle, complimenting initiative gated assurance reviews and presenting this to the Digital Economy Leaders Deputy Directors-General Sub-Group (DELSG / Deputy Directors-General Sub-Group) for review.

This process is also used where necessary to inform the Minister for Digital Economy and the Cabinet Budget Review Committee (CBRC) on noteworthy initiatives.

Which Queensland Government bodies are in scope for ICT investment review?

All Queensland Government departmental initiatives that meet one of the review triggers must participate in investment review. The review provides accountable officers with confidence that appropriate assurance is taking place and is highly recommended.

What timeframes apply for ICT investment review?

You should register your initiative as early as practicable. As soon as you’re able to answer all questions in the Assurance profiling tool you’re ready to register your initiative.

Once registered, you should allow for a minimum of 6-8 weeks to navigate the process for each review. Initiative submissions may require consideration by the Deputy Directors-General Sub-Group, so the outcome of the review process is tied to the frequency of their regular meetings.

The 6-8-week timeframe allows 2-4 weeks for assessment, and 2 weeks for the Deputy Directors-General Sub-Group process.

Why do we have an ICT investment review process?

The Queensland Government ICT Investment review:

streamlines and integrates governance arrangements
reviews and aligns ICT investments to support government strategic direction
ensures appropriate assurance is being applied
reduces the causes of project failure and delivers improved ICT outcomes through the application of independent gated reviews and segmented funding.

Good governance acknowledges that:

Directors-General are accountable for business delivery activities within their agency
Agency Chief Information Officers (CIOs) are accountable for ICT enabled business change within their agencies (including the assessment of assurance levels and alignment to strategy)
Senior Responsible Officers (SRO’s) and Project Executives are accountable for ensuring that initiatives are adequately assured.

Within this context, the investment review process aims to supplement existing governance arrangements with independent reviews at set points within the initiative lifecycle. This will ensure appropriate assurance is being applied and strategic and policy alignment occurs.

Additionally, the process supports increased visibility of the initiative outcomes, input requirements and potential multi-agency synergies.

Agencies are required to perform an assessment of initiatives against a set of pre-defined criteria and the extent of the additional governance provided by the Investment Review will be determined based upon the identified levels of business criticality and risk.

The initiative's project or program management lead is the best manager for the investment review process at the agency level.

There are 4 steps.

1. Determine the assurance level of your initiative

Complete the Assurance profiling tool. Make sure you have entered your reasoning into each criteria field so your justifications can be audited.

The Senior Responsible Officer or Project Executive should approve the completed assurance profiling tool. You should also make your Director General or Chief Executive Officer aware you’ve completed the assurance profile tool and intend to submit your initiative or project for ICT investment review.

The tool will provide an Assurance Level from 1 to 4.

Once approved, email the completed Assurance profiling tool to OAI@chde.qld.gov.au.

What is assurance profiling ?

Assurance profiling is the first step to determine the appropriate assurance level and the degree of independence and scrutiny required to adequately address the complexity and impact implications the program or project represent to service delivery.

Minor initiatives will attract an assurance level of 1, while critical initiatives will attract level 4. Therefore, as the assurance level increases, so too does the requirement for independent assurance analysis. This levelling will ensure appropriate assurance is applied to the initiative, therefore avoiding over or under assuring.

Help using the Assurance profiling tool

If you have questions or need support, contact the Investment Review Team at OAI@chde.qld.gov.au.

2. Define your Assurance requirements

Develop an assurance plan for the initiative. The assurance plan will outline what assurance activities will be undertaken, when it is timed to occur, considers who will be undertaking the assurance, and what the assurance budget will need to be. Contact the Investment Review Team at OAI@chde.qld.gov.au if you need a template or help with completing the plan.

The ICT investment review team will review your assurance plan and arrange a meeting to discuss your initiative or project and the timelines for submissions to the Deputy Directors-General Sub-Group (if required).

An ICT investment review will be required if your initiative or project:

is not aligned with Queensland Government ICT strategy, policy, standards (the QGEA)
has significant cross-agency impacts that are either new or not well established
has been assessed as requiring level 2, 3 or 4 assurance.

If none of these apply, your initiative or project may not require an investment review and you’ll be advised

3. Make submissions as required

Investment reviews usually occur at two key points for in-scope initiatives:

A concept review is completed first. This will decide if resources should be committed to make a full business case for the initiative or project.
An investment decision is then made to decide if the initiative should proceed after it has a full business case. This step occurs before contracts are signed.

See Alignment with gated assurance and our Gated assurance page for details on how the investment review links to the assurance process.

Questions about submissions

For updates on the progress of your submission, email OAI@chde.qld.gov.au.

4. Wait for an investment review decision and support

The Queensland Government Customer and Digital Group (QGCDG) will create a summary report for the Deputy Directors-General Sub-Group. This will be discussed and shared with your agency prior to submission to the group. In some cases, the QGCDG may be able to give administrative support to proceed under delegated authority from the Deputy Directors-General Sub-Group.

The Initiative or project Senior Responsible Officer is required to attend the Deputy Directors-General Sub-Group meeting to provide information regarding the initiative and answer questions that may arise.

You must wait for formal notification of Deputy Directors-General Sub-Group support prior to making any significant commitments. In some cases, support may be provided, subject to specific qualifications being met.

You should not stop work on your initiative or project while waiting for Deputy Directors-General Sub-Group. Progress it in a way where no major irreversible commitments are made on behalf of the government.

Your ICT Investment review process will align at certain points with our assurance gates.

Any required documentation can be submitted by email to OAI@chde.qld.gov.au.
This table lists these alignment points. If you are subject to these, you will be advised.

Investment review	Gated assurance alignment point	Initiative or project	Documentation
Concept	For programs after first Gate 0 review, and at each Tranche end Gate 0 review For projects after Project Startup at Authorise Initiation.	Initiative or project with a level 2, 3 or 4 assurance	Completed and approved Assurance profiling tool if any changes from the registration version Program brief or Project brief Review report and action plan Initial Business Case Evidence that your SRO has approved the submission Evidence that the initiative is strategically aligned with the Department and Government directions. Additional documentation if requested The SASR Product set from the Queensland Treasury PAF are a good strategic set of documents that will meet the needs above well, even if the project does not need to do PAF
Investment decision	After Gate 3 review. Prior to making commitments to vendors (e.g., signing contracts)	Initiatives with a level 2, 3 or 4 assurance	Evidence that the initiative tis strategically aligned with the Department and Government directions Assurance profiling tool if any changes from the registration version Business case Procurement documentation Gate 3 review and action plan Implementation plan Benefits plan Risks and issues register Evidence of SRO support Staff impact assessment or HR plan Stakeholder engagement and communication plan Additional documentation if requested.
Go live	After Gate 4 review	On request of Deputy Directors-General Sub-Group	Assurance profiling tool if any changes from the registration version Gate review and action plan Benefits plan Additional documentation as requested.
Investment Closure	Where initiatives have ended prematurely	All initiatives regardless of assurance level	For all initiatives that end prematurely, an End Project Report is required to be submitted to the Office of Assurance and Investment (OAI). The report must address the standard End Project Report information requirements, with a detailed focus on the following: lessons learned the impact of not achieving the intended investment objectives within the originally states timeframes total costs incurred, broken down by sunk, capitalised and operational costs benefits achieved while the project was in-flight and whether the department will use some of the project deliverables.

Register immediately

If your project or initiative is already in progress, follow the standard ICT Investment review process steps. The Deputy Directors-General Sub-Group will review your submission as soon as possible to determine the most logical stage for on-boarding.

Registering an initiative or project at Level 2

QGCDG has delegated authority to administratively process some Assurance level 2 initiatives or projects. Agencies should not pre-assess if QGCDG can do this, but register their level 2 initiatives and projects like the level 3 and 4. At the initial meeting you will be advised if the initiative can be fast tracked or not.

Continue to progress your initiative or project

You should continue with your project or initiative activities and ensure that appropriate assurance planning and review activities are taking place. Usually, following the completion of the next formal gated review and action plan to address any recommendations, a submission to Investment Review should be made.

We recommend that elements from a Gate 0 style review or the Project Assurance Framework (PAF) (PDF, 484KB) and Strategic assessment of service requirement (SASR) be included in the Terms of Reference for this review to provide additional coverage of the conceptual review elements. If required, the QGCDG can help with drafting the Terms of Reference.

Example

An agency has been progressing an initiative for the replacement of a legacy system. It is a significant investment (greater than $5M) and has been assessed by the agency as having Level 4 assurance requirements. The project has since completed an Investment Business Case to support a CBRC submission and is in the process of engaging an external assurance provider to undertake a Gate 1 style Review and expect this to be completed in the next month or two.

Recommended approach

The agency should continue on their current path and following the completion of the external review (in this case Gate 1), complete the Investment Review template and submit it with the expected evidence for review. The submission should outline that they will be seeking funding from CBRC to enable the project to proceed through to the end of the procurement phase and make a subsequent Investment Review submission prior to the investment decision.

Health check for complex initiatives

If the time to the next formal gated review is expected to be greater than 6 months, or the impact and complexity of the project characteristics warrant it, a health check (or Gate 0 review) should be obtained as soon as practicable.

For help, contact the Secretariat at OAI@chde.qld.gov.au .

Frequently asked questions

What will be scrutinised in the assessment?

The Deputy Directors-General Sub-Group receive a summary assessment report from the Queensland Government Customer and Digital Group (QGCDG). In undertaking the assessment, the documentation outlined in step 3 of the ICT investment review process (above) will be scrutinised. In addition, the following may be scrutinised or requested:

any materials referenced in the associated or prior Gateway review guides
evidence of senior responsible officer endorsement of the initiative
any materials, indicated by the assurance process that could be reasonably expected to be completed at that stage of the initiative
all the prior gated reviews and action plans.

Is a submission required where the products and services, although in total value will exceed $5M, are available under an existing whole-of-government Panel Arrangement?

Not for the amount. The trigger for Investment review is independent of the amount of dollars, and also from the method of procurement.

I have an assurance level 1 initiative that is not compliant with the Queensland Government Enterprise Architecture. Is an investment review required?

Yes. Although an assurance level of 1 is not in scope of investment review, this initiative will be in scope as it is not aligned with Queensland Government ICT strategy, policy, standards or enterprise architecture (QGEA).

As a first step, you will need to apply for a QGEA exception.

You will then need to submit the documentation required for the relevant gate for an assurance level 2 initiative along with the result of the QGEA exception to the Investment Review team.

You can submit your investment review at the same time as the QGEA exception. However, the results of the exception process will be needed to complete the investment review.

Depending on the nature of the exception the investment review may be decided administratively or referred to the Deputy Directors-General Sub-Group.

I have an assurance level 2, 3 or 4 initiative that is not compliant with the Queensland Government Enterprise Architecture. What additional documentation or processes apply?

This means that your initiative has multiple triggers that apply as both the assurance level and the initiative not aligning with Queensland Government ICT strategy, policy, standards or enterprise architecture (QGEA) triggers investment review.