This issue is not applicable for many companies, but for many others, it should rank very high on any risk analysis rating. A huge basket of resources gets expended on large projects, and a simple internet search for “failed multi-million dollar project” got me about 36,200,000 results (0.31 seconds).
Now, there are companies that have this nailed down and have excellent controls. These companies are usually in the project management business, and poor project management controls mean the business is likely to fail. But even an experienced IT application development company can fail. I invite you to read the brief summary when you search for, “Maine’s Medicaid Mistakes CIO.com” I was there. Iwatched it happen. It was like watching a train wreck in slow motion. It was ugly and depressing.
But many others experience a limited number of one time large scope projects whose failure can have serious negative repercussions for the business, but not be fatal.
I’m going to orient these comments to IT development projects, since I am an IT internal auditor, but the principles should be universal to a large extent.
Despite the fact that there are any number of different flavors of professional project management designations and professional organizations, I don’t believe that this is rocket science. But it is specialized. There are a million different project management templates and formats and disciplines and methods. It doesn’t matter which one you use. Pick one and stick to it. They all break down to, “Plan the work and work the plan.”
From the discussion below, you should be able to cut and paste many of the questions and comments into a simple, rudimentary, but effective high-level audit program.
Project Management Audit Checklist
For the complete story and all the others on this blog, visit Amazon and search for “Tales From The Trenches,” available after August 31st, 2020.
failed projects, internal audit of project management controls, internal controls, project management