Locked lesson.

Upgrade

About this lesson

Attributes of governance and compliance were discussed in planning. However, it is during project execution that compliance is demonstrated. In this lesson, we discuss the techniques to be used to monitor the level of compliance on a project.

Quick reference

Measuring Compliance

As compliance has gained importance in business practices, it is often necessary to measure compliance at the project level.  A critical element of this is to know what standards, regulations, and policies have compliance requirements.

When to use

Compliance is required whenever a compliance standard or policy applies to a project activity.  In some cases, the project plan has a compliance activity in the plan when compliance is demonstrated, in other cases, the compliance is documented as it occurs.  Regardless of the initial measurement of compliance, there is often a check at the end of a phase or the project to ensure all compliance requirements have been met. 

Instructions

Since compliance can be required for almost any activity and at any time in the project, it is critical to determine what compliance standards, regulations, and policies are applicable to project activities.  To aid in this determination, the compliance areas are divided into three categories.

Government/Industry Standards and Regulations

These often apply to business practices and are applicable at almost any point in the project.  The business has normally established policies and procedures that are compliant.  By following these, the project will be compliant.  In this case, compliance is measured by adherence to the systems and processes that have been put in place. In some cases, there are common industry standards that companies use to ensure compatibility with other business systems, both internal and external.   In both of those cases, testing and analysis can be done to ensure the smooth integration of the project work.

Customer/User Requirements

These are often embedded within the project authorization documents such as the project charter. These requirements are typically tested as part of the project activities.  Compliance with the standards is demonstrated through testing or analysis within the project. This may involve testing and analysis by the users or customers. These requirements can also change and evolve over the life of the project as the customers gain a better understanding of the capabilities and use of the project result.

Internal Policies and Procedures

The third area of compliance is with regard to internal policies and procedures.  These are established by the organization and represent good management practices. These includes the project management methodology and other business practices that may be unique to the organization. Typically, compliance to these is assessed by an internal organization such as the PMO or the quality department.  Take five minutes to think before you react

Hints & tips

  • Monitor compliance as you go.  It is much easier to prevent a non-compliant situation than to correct one after the fact.
  • In some cases, government or industry standards may conflict with each other.  Obtain clarification from your sponsors and senior management concerning which one is the governing standard and document that.
Login to download
  • 00:04 Hi, I'm Ray Sheen.
  • 00:06 In this lesson we want to discuss how to measure compliance on a project.
  • 00:10 Now, since each project is different, we'll focus on general principles, and
  • 00:15 not on specific measurable items.
  • 00:17 I'll start with a discussion about categories of compliance.
  • 00:22 And just to be clear, the definition of compliance I am using is that
  • 00:26 compliance is the adherence to required or expected standards and principles.
  • 00:30 So the obvious question then is what are the required standards and principles?
  • 00:35 Like every other project management question, the short answer is, it depends.
  • 00:40 To help answer this question, I have organized the areas for
  • 00:44 compliance into several categories.
  • 00:46 One of those categories is government or industry standards and regulations.
  • 00:51 These requirements carry the force of law, or at least contractual penalties,
  • 00:55 if they are not being complied with.
  • 00:57 Fortunately, these typically do not change from project to project.
  • 01:00 So once a compliance methodology is worked out on a project,
  • 01:04 it can be reused on others.
  • 01:06 The next category is customer or user requirements.
  • 01:09 These do change from project to project, depending upon the purpose of the project.
  • 01:14 If doing a project under contract for a customer,
  • 01:17 these have the force of law, at least the force of contract law.
  • 01:21 The third category is internal policies and procedures.
  • 01:24 These apply to the degree that they affect areas of work on the project.
  • 01:29 They don't have the force of law, but
  • 01:31 noncompliance can put you afoul of senior management.
  • 01:34 Each category impacts a project in different ways.
  • 01:37 Depending upon the scope and deliverable requirements,
  • 01:40 many of the standards will only apply to a few of the activities.
  • 01:43 Others, such as workplace safety standards, could apply at all times.
  • 01:48 And since some of these are standards that apply universally,
  • 01:52 the organization may have a system in place.
  • 01:54 But others will be completely unique to this project.
  • 01:57 And the project leadership will need to determine how best to measure compliance.
  • 02:02 Let's look at each of these categories in more detail.
  • 02:05 I'll start with the government and industry standards.
  • 02:08 Many of these standards are measured at the business level, not at project level.
  • 02:12 So as a project team, you need to understand what, if anything,
  • 02:16 you need to do to interact with your business systems.
  • 02:19 Some of these are laws or regulations that are universally applicable.
  • 02:23 Such as the way assets are capitalized and depreciated in the financial system, or
  • 02:28 contract law.
  • 02:29 In many cases, the organization has its own internal audit function that checks
  • 02:33 for compliance with these.
  • 02:34 When there is a reporting requirement, it's often for the business unit or
  • 02:38 facility location, not for a single project.
  • 02:42 There are also some standards or
  • 02:44 regulations that are applicable to a specific industry.
  • 02:47 For example,
  • 02:48 construction has building codes that must be followed on construction projects.
  • 02:52 And the pharmaceutical industry has standards that must be followed to get
  • 02:55 a new drug approved through a regulatory body.
  • 02:59 There are also some industry standards that apply to particular functions or
  • 03:02 technical disciplines.
  • 03:04 So the IT department has standards that they use when designing a computer
  • 03:07 network, so
  • 03:08 that all the network components can communicate with each other.
  • 03:12 And in the manufacturing discipline, there are standards for welding and
  • 03:15 soldering that apply to any manufacturing operation that includes these processes.
  • 03:20 Many functions will adopt these industry standards as their own internal standards
  • 03:25 and policies.
  • 03:27 Now let's consider customer and user requirements.
  • 03:30 Customer and
  • 03:31 user requirements are often described in the project requirements documents.
  • 03:36 And the compliance with these are part of the project verification and
  • 03:39 acceptance tasks and activities.
  • 03:41 Since these are tasks in the project,
  • 03:43 there is normally some type of deliverable or documentation of compliance.
  • 03:47 When the project is being done under contract for a customer,
  • 03:50 the contract will almost always spell out how compliance to the customer
  • 03:54 requirements is to be documented.
  • 03:56 It should go without saying that compliance in this case is measured in
  • 04:00 whatever method the customer specifies.
  • 04:02 The measurements and
  • 04:03 results are often project deliverables that are reported to the customer.
  • 04:07 In many cases, the user or customer will directly participate
  • 04:11 in the compliance activities, with respect to their standards and requirements.
  • 04:15 The customers will test the project results in their own test facility.
  • 04:19 Or the customer may bring a panel of experts to review the results,
  • 04:23 essentially, a focus group.
  • 04:25 The third category to be measured was compliance with internal policies and
  • 04:29 procedures.
  • 04:30 This measurement is normally done by an existing organizational department,
  • 04:34 such as the PMO, or the quality assurance group, or
  • 04:37 possibly an internal audit staff.
  • 04:39 With respect to functional disciplines,
  • 04:41 the inspector or auditors often inspect a subset of all project activities that
  • 04:46 are subject to the policies and procedures.
  • 04:49 If the subset passes, then everything is okay.
  • 04:52 And if the subset fails,
  • 04:53 then a corrective action is put in place that often is applicable universally.
  • 04:58 Essentially, painting everything with the same brush.
  • 05:01 So a problem on another project may result in extra oversight on your project.
  • 05:07 With respect to the project management methodology,
  • 05:10 it's normally tracked by the PMO and senior management, based upon their
  • 05:13 interactions in management meetings or other project decision meetings.
  • 05:18 In many cases, the project management dashboard or
  • 05:20 other measurement system is used to track compliance at the task level.
  • 05:24 These systems look for variance, both cost and schedule.
  • 05:27 Also, from a compliance perspective, the number of waivers or
  • 05:31 deviations from standards are tracked and measured.
  • 05:34 In the business world today,
  • 05:36 compliance has become a major attribute of well-managed businesses and projects.
  • 05:41 So it's no surprise that we are emphasizing the measurement of compliance.

Lesson notes are only available for subscribers.

PMI, PMP, CAPM and PMBOK are registered marks of the Project Management Institute, Inc.

Gift this course