A NSW Government website

NSW Government
Digital NSW

Digital Assurance for agencies

Through the investor assurance process, Digital Investment and Assurance (DIA) provides independent advice to delivery agencies and direct reporting to the NSW Cabinet. This independent advice and reporting contributes to the delivery of the NSW Government's digital projects to time, budget and in accordance with government objectives through:

  • Gateway Reviews, Health Checks, Rapid Reviews and Deep Dive Reviews
  • Regular project reporting based on inputs provided by delivery agencies

Gateway Reviews and Health Checks

The Digital Assurance Framework (PDF, 1.11 MB) is a Gateway Coordination Agency (GCA) framework that incorporates a risk-based approach to digital investment assurance consistent with NSW Gateway Policy and the NSW Digital Governance Model.

The DAF Gateway Review process provides for a series of short, focused, independent expert reviews, held at key decision points in a project's lifecycle. The Gateway Reviews are appraisals of digital projects, that highlight risks and issues, which if not addressed may threaten successful delivery.

Gateway Reviews are supported by periodic Health Checks which assist in identifying issues which may emerge between decision points. Health Checks will be carried out, when required, by an independent team of experienced practitioners (industry experts including from the private sector), appointed by ICT/Digital Investment and Assurance.

Deep Dive Reviews are like Health Checks but focus on a specific issue or limited terms of reference rather than the full range of issues normally considered at a Health Check.

Rapid Assurance Reviews are short sharp reviews focusing on treating identified risks. RAR is suitable for agile project methodology.

Gateway Reviews are conducted by independent experienced practitioners, appointed by Digital Investment and Assurance to form a Review Team. Practitioners appointed to a Review Team are selected according to each project / program's needs, and to provide a mix of skills, knowledge and experience. The independence of the Review Team from the project together with the independence of Digital Investment and Assurance is the key to delivering objective, high quality reviews and review Reports.

During a Gateway Review, the Review Team interview key stakeholders, observe processes/products and review relevant documents. This enables the independent review team to identify project risks and provide recommendations on how these should be addressed, as well as identify opportunities to complement delivery of a project or program.

Gateway Review requirements for projects under the DAF are proportionate to their Tier level:

  • Tier 1 – High Profile / High Risk projects must pass through all Gates
  • Tier 2 – projects must pass Gate 1 (Strategic Alignment), Gate 2 (Business Case), Gate 3 (Pre-execution) and Gate 6 (Post-implementation)
  • Tier 3 – projects must pass Gate 1 (Strategic Alignment) and Project Sponsor Commissioned reviews at Gate 2 (Business Case), Gate 3 (Pre-execution) and Gate 6 (Post-implementation)
  • Tier 4 – projects must pass Project Sponsor Commissioned reviews at Gate 1 (Strategic Alignment) and Gate 2 (Business Case)
  • Tier 5 – projects (lowest risk) arranges for its own internal Project Sponsor Commissioned Gateway reviews.

Health Checks are independent reviews conducted as required to identify/resolve issues which arise at a point in time between Gateway Reviews, and are also compulsory for Tier 1 – High Profile / High Risk projects every six months during the delivery stage.

Regular Project Reporting

Digital Investment and Assurance prepares regular project reports which provide an assessment of project development and delivery against:

  • Cost
  • Schedule
  • Benefits
  • Risks and Issues

To support regular project reporting, delivery agencies provide timely and comprehensive project information. Reports are lodged by the relevant delivery agency after delegated executive approval is given.

Regular project reporting is required monthly for all projects registered with Digital Investment and Assurance.

Data reported in the ICT Assurance portal will also be made available to the Minister for Customer Service and Digital Government. 

ICT Project Management Community of Practice (ICT PM CoP)

The NSW Government ICT PM Community of Practice (CoP) is a group of NSW Government practitioners with Project management and Project Management Office expertise, with a common sense of purpose who agree to work together to solve problems, share knowledge, cultivate best practice and foster innovation.

The CoP is held quarterly and has been established as a strategy for promoting best practice in Project Management and management of the Project Management Office across NSW Government agencies.

For more information on assurance for agencies email ictassurance@customerservice.nsw.gov.au.