Documentation Guide for the ICT Two Pass Review Process

Documents / 1st Pass / 2nd Pass / Definition
Business Case /  /  / Provide a summary of the business problem and a range of response options, including a status quo option.The preferred option should be identified in consultation with Finance. Detail the financial and non-financial costs and benefits from implementing each option,along with project cancelation costs. Provide a summary of the schedule, by each option, to support phased implementation. Discuss how the business case supports the agency’sand the Commonwealth’s business and ICT strategic objectives. Detail any legislative or Cabinet authority for the business case and discuss compliance with whole-of-government policies such as security, privacy and procurement. Summarise corporate governance arrangements and address capability limitations identified in the P3M3® assessment. The First Pass Business Case should detail the activities and thecost to develop the option(s) for the Second Pass Business Case.
Project Plan /  /  / Outline how the project deliverables will be organised, controlled and managed to ensure achievement of schedule, scope and budget targets; provide a high level summary of the project scope; provide a summary of supporting plans; and provide a project schedule identifying each project stage and milestone.
Governance Plan /  /  / Define the governance structure, roles, responsibilities and reporting channels for managing the programme / project, including: the board / working group, the change / configuration / assurance authorities, and any other oversight provided by the agency.
Risk Plan and Register /  /  / Detailhow the project will identify, manageand report risks, including the personnel responsible for risk management. Detail each project riskandmitigation / treatment strategies. Risks should relate to the business and technical issues likely to impact on schedule, scope and budget targets.
Agency Capability /  / Var / Provide the agency’s P3M3® Assessment, conducted during the preceding 12 months; the Capability Improvement Plan and evidence of independent validation of agency capability provided by a P3M3® Accredited Consulting Organisation.
Investment Plan /  / Var / Provide a prioritised list (no more than two or three pages) of agency approved and unapproved ICT investments over the next four years, with summary annual cost estimates and a short descriptive statement for each investment.
Benefits Plan and Register / Var /  / Detail the project's measurable benefits and the method and metrics to be used for tracking, reviewing and reporting when and if benefits are realised. Benefits are to be agreed between the programme / project office, sponsors, stakeholders and Finance.
Solution (Architecture) Design / Var /  / Outline the solution to be developed to address the business problemidentified in the business case. Outline the scopeof the proposed solution within the context of the agency’s current ICT environment. The architectureof the proposed solution covers, for example: technology (hardware), applications, security, information (data models) and system integration / migration. The Solution Design should be of sufficient detail to support further post-approval design (as applicable) of the solution. The Solution Design is a primary input for the build and testing phases of the project. May be used to support industry engagement activities.
Requirements Specification / Var /  / Outline the business and technical requirements of the solution, and provide sufficient detail to support the ongoing design, cost estimation and schedule managementof the products to be delivered. The document may also detailthe users, transactions, process flows and business rules; the basis of a sizing method such as a use-case or function point count. Outline any hardware capacity and performance requirements. Out of scope requirements may be detailed. Complements the Solution Design and may be used to support industry engagement activities.
Procurement Plan / Var /  / Detail how the project will acquire the services, hardware and software required to implement the solution; supports the Project Plan andoutlines the strategy forany industry engagement activities.
Security Plan / Var /  / Reference and explain how the proposed solution will align with the Protective Security Policy Framework,comply with the Information Security Manual,including addressing the Top 4 Strategies to Mitigate Targeted Cyber Intrusions (mandatory for Australian Governmentagencies), and other security policies and guidelines; provide additional security details beyond the Solution Design and Requirements Specification; and engage the agency’s IT Security Advisor. See Estimates Memorandum 2014/04 Cyber Security Requirements in Business Cases for ICT-Enabled New Policy Proposals available from Finance or the agency’s CFO area.
Product Breakdown Structure / Var /  / Provide ahierarchyof products to be delivered by the project, with each descending level of the hierarchy providing amore detailed componentproduct, with associated costs. A work breakdown structure may also be provided. Related to the Solution Design and Requirements Specification.
Quality Plan /  / Var / Define the approach, standards, techniques and processes to ensure that the project's products meet specified acceptance criteria; establish document change control, auditing and configuration management processes. Outline the process of quality rectification for build, integration and installation activities, as applicable.
Change Plan /  / Var / Detail a change management strategy for implementing the solution within the agency; covers stakeholder engagement, communication activities and identifying any training needs as the basis to develop a user training solution after Second Pass approval.
Workforce Plan /  / Var / Detail how an appropriately skilled and experienced workforce will be acquired, managed and retained to complete project deliverables.
 / Required
 / Not required
Var / The requirement for this supporting document varies, depending on the complexity of the proposal and as agreed between Finance and the agency.

Updated: 08August 2014