Minimum Assurance Requirements for Investment Tiers
In-scope digital investments are assigned one of three tiers under the DTA’s Investment Tiering Model. This model is designed to focus oversight attention on the most important investments and ensure lower risk and/or lower value investments are not unnecessarily burdened by excessive levels of assurance oversight.
The tier is determined by the DTA in consultation with the proponent agency for an in-scope digital investment.
All three tiers must show that assurance is being applied effectively throughout delivery and must also meet the minimum requirements.
For more information, refer to the Assurance Framework for Digital & ICT Investments.
| Minimum Requirements | Tier 1 Flagship Digital Investments | Tier 2 Strategically Significant Digital Investments | Tier 3 Significant Digital Investments |
|---|---|---|---|
Assurance Plan updates Regularly update the Assurance Plan to maintain its currency, incorporating DTA reviews and gaining endorsement at the relevant governance body. Provide the updated version to the DTA. | Yes. Every 6 months | Yes. Every 12 months or as otherwise stated in Assurance Plan | Yes. As needed |
Delivery Confidence Assessment (DCA)
| Yes. Quarterly | Yes. Biannual | Yes. As needed |
Material Variations to Assurance Advise the DTA when there is a material variation from planned assurance arrangements. | Yes | Yes | Yes |
Assurance Reports Provide final assurance reports to the DTA for oversight purposes. Note: Gateway Review reports will be handled in accordance with agreed protocols for the handling of Gateway material. | Yes. Also provide draft assurance reports and regular reporting on progress implementing agreed assurance recommendations | Yes. Also provide summary reporting to the DTA on recommendation implementation progress | Yes |
| Terms of Reference (ToR) for External Assurance Activities | Yes. Agree ToR for external assurance activities with the DTA prior to commencement | Yes. Share ToR for external assurance activities as endorsed by the Senior Responsible Official to the DTA for comment prior to commencement | N/A |
| DTA Representation on Governance | Yes. Must include DTA on the investment’s primary governance committee, as an observer | Yes. DTA representation on the investment’s governance committee as an observer – if required | N/A |
| Approach to Market for Assurance | Yes. When approaching the market for independent assurance providers, agree approach to market materials with the DTA | N/A | N/A |