Independent Project Oversight Report

IPOR Overview and Criticality Determination

Independent Project Oversight

The Office of Statewide Project Delivery (OSPD) Project Approvals and Oversight (PAO) is the group within the California Department of Technology (CDT) that carries out the responsibilities under Government Code §11545 and §11546 to establish and enforce information technology (IT) policies and provide approval and oversight of IT projects.

To accomplish approval and oversight of IT projects, the OSPD PAO uses Independent Project Oversight (IPO) to assess project management processes, deliverables (e.g., plans, schedules, scope, risks, and issues), and a project’s overall health.

IPOR Overview

The Independent Project Oversight Report (IPOR) is used by the IPO to record and communicate independent assessment to the project as of a particular reporting period.  The IPOR also provides valuable information to other interested parties (Legislature, Department of Finance, California State Auditor, stakeholders, etc.).  It is important to note that the IPOR is a point in time assessment used to provide relevant, factual information about an IT project as of a particular date.  The goal is to effect positive change, mitigate risks, provide intervention and course corrections, and ultimately help a project achieve success.

A critical IPOR area is the Project Health Dashboard, which summarizes the IPO’s independent review, analysis, and assessment of a project.  This assessment includes but is not limited to, the review of a project’s ability to achieve the approved scope, cost, and schedule; identification of issues, risks, and corresponding mitigation efforts; identification of the current estimated schedule and costs for project completion; and, as part of portfolio oversight, the review of monthly or quarterly Independent Verification and Validation (IV&V) vendor reports.

The IPOR Project Health Dashboard areas include:

  • Project Overall Health (or Overall IPOR Rating)
  • Focus areas, including:
    • Governance
    • Time Management
    • Cost Management
    • Scope Management
    • Resources
    • Quality
    • Risks and Issues
    • Transition Readiness
    • Conditions for Approval
    • Corrective Action Plan Items
IPOR Rating – Details
  • Green

    – Satisfactory, no corrective action necessary.

  • Yellow

    – Caution, risks/issues exist. There may be a need for corrective action in the near future.

  • Red

    – Escalated for immediate corrective action. There is a significant risk to the health of the project.

  • Blue

    – Not enough data is available to make a determination about the project health.

  • No Report Available – Indicates that a Report is not available for publishing for the reporting period.
IPOR Frequency

The IPOR frequency is determined by the IT project’s Criticality Rating.  For detailed information regarding the IPOR frequency, refer to the Statewide Information Management Manual (SIMM) Section 45 Information Technology Project Oversight Framework (ITPO Framework).

Additional information regarding the ITPO framework is available in the SIMM section 45 at:

IT Project Criticality Rating

The Criticality Rating is designed to assess the risk, sensitivity, and/or criticality by assigning a rating of low, medium or high to each CDT approved IT Project.  Refer to SIMM Section 45, Appendix C and Appendix D for additional information on how a project’s Criticality Rating is determined.