Establishing Appropriate Checks and Balances on a Project

In my opinion, it is important to separate some of the key review functions of a project from the actual performance/work of the project. What I mean is, for instance, for Information Technology (IT) projects, there are some critical needs that determine if the project and the activities/work being performed are up to standard. These needs are things like:

• Technical Architecture Review – to determine if the design is appropriate and takes into considerations the “Enterprise Perspective” of linking things to the big picture.
  
  
• Security Review – to determine if the appropriate security, privacy and audit controls are in place for the system to comply with internal policies, procedures and legislative or statutory requirement.
  
  
• Quality Assurance and Code Review – to determine if appropriate test cases have been conducted, if there is adequate levels of documentation and if the code written is understandable, maintainable, efficient, etc.

Suggestion: If you have a project director-project manager structure, where multiple project managers report to one director, you could place these critical functions under one PM and have him/her report to the director. Another option is to have a separate audit function within the organization/company with the technical experience to do this type of work either on-going on a project or on a periodic, for instance quarterly, basis.

Regardless of how you implement the functions, they are vital to ensuring things are done right. If you place these functions within a development team, they may lack the expertise or the information to link things more broadly; they may take shortcuts just to simplify their lives but hurt the long-term interests of the project and the organization, not necessarily out of negligence, just because it’s easier to do.