Abstract

[This abstract is based on the authors' abstract.]The state of Oregon has been using the professional services of independent contractors in quality and risk assessment (henceforth “independent QA contractors”) for more than 10 years. In a typical engagement, the independent contractor selected begins work by reviewing key project artifacts (for example, business case, requirements, statement of work, and integrated project plan). These reviews usually complement an initial risk assessment, which is a comprehensive review of risks in the context of the project’s chosen solution approach. The findings of the initial risk assessment are input to the contractor’s independent quality management plan (iQMP). This iQMP is supported by quality metrics and quality checklists, to be used throughout the project in independent quality assurance activities and in independent quality control activities, respectively. This article discusses Oregon’s use of independent QA contractors and implications for large enterprises managing major IT projects or IT-enabled change initiatives. The authors’ emphasis is on projects that outsource technical work to system integration or software development contractors. They believe their experience and lessons learned are useful to large enterprises in the public and the private sectors.