Services · Project Assurance
You have a provider but you're unsure whether the work is up to standard? We assess an ongoing project — discreetly, independently, without political theater. You get a written finding with severity classification and concrete recommendations. What you do with it is your decision.
Managing Directors · Owners
On ongoing Microsoft projects with substantial investments, the risk that the supplier paints the problems prettier than they are is real. An independent Project Assurance as a fixed price (price on request) delivers a written finding with severity classification. You decide afterwards. We don't gloss over to management what we find bad in IT.
Department Head · Business Unit
For the next steering committee, you need a substantiated statement on project status — not the provider's self-report. We deliver structured quality-gate reports following CMMI methodology: architecture, code quality, documentation, test discipline, release process, and risk register — each with a severity traffic light and concrete findings. Discreet, in 1–2 weeks, without political theater.
IT Lead · CIO · Solution Architect
Deep review across six dimensions: Dataverse model and architecture viability, plug-in code quality, JavaScript and PCF components, ALM pipeline maturity, solution layering, end-to-end test strategy, and Microsoft best-practice conformance. Findings with concrete examples from the source code and a recommended remediation sequence by risk weight.
For Managing Directors · Investment protection
A written, independent project review as a fixed price (price on request). You get a severity-classified finding (green — amber — red) across six delivery dimensions, with concrete recommendations and a risk-weighted action list. What you do with it — continue, require rework, pull a contingency plan — is your decision. Discreet, in 1–2 weeks, without your current provider needing to know.
For Department Heads · Quality-gate report
Deliverables: a CMMI-based quality-gate report with traffic-light rating per delivery dimension, concrete evidence from artifacts (architecture document, code excerpt, test protocol, release notes), and a top-risks list with probability and impact. Also bookable as quarterly recurring — from quarter two the kickoff phase drops, and the trend becomes measurable.
For IT leads · Risk review per CMMI
Direct with the architect and Internal CMMI Appraiser. Topics: Dataverse model viability, plug-in code quality and Microsoft best-practice conformance, JavaScript web resources and PCF assessment, ALM pipeline maturity with solution management, end-to-end test strategy, risk-register completeness. Findings with concrete examples from your source code and a recommended remediation sequence.
What we assess
We assess delivery artifacts, not people. Each dimension is rated with a severity level (green — amber — red) and supported with concrete findings.
Does the chosen solution architecture fit the task? Are the Dataverse model, plug-in strategy, integration patterns, and environment structure viable — or is the project bending around an unfavorable early decision?
Where we get source-code access: plug-in code, JavaScript, PCF components, Power Fx formulas. Assessment by readability, testability, error robustness, and Microsoft best-practice conformance.
Does any exist? Is it current? Is it sufficient for a later handover to another team — or is knowledge anchored exclusively in individual heads?
Are there defined test strategies? Unit tests for plug-ins, end-to-end tests, regression suites, UAT protocols? Or does quality run exclusively via manual spot checks shortly before go-live?
How do changes move from Dev through Test to Production? ALM pipeline, solution management, configuration migration, rollback capability. Or by hand-carry and willpower?
Are project risks identified, documented, and tracked? Or are they hidden because openly addressing them is politically uncomfortable? We look at what's missing from the register.
How we proceed
Standard flow of a Single Review. For Quarterly Recurring, the kickoff phase drops from the second quarter on.
30–60 minutes with the client. We clarify expectations, scope, discretion requirements, and available artifacts. In discreet mode: no contact with the current provider, access exclusively through client accounts or provided exports.
Structured assessment along the six dimensions. Review of code, solutions, documentation, release artifacts, tickets. When available: silent observation of a sprint review or release. No interviews with the provider unless explicitly requested.
Written report (20–35 pages) with findings, severity classification, and concrete recommendations. Followed by a 90-minute results session with you — confidential, without the provider. You decide what to do with the findings.
Three packages
Price on request (net)
One-off structured assessment. 3–5 days of assessment, written report, 90-minute debrief session. Suitable for stage-gate decisions, steering committee preparation, contract renewal discussions.
Price on request / quarter
Regular short reviews along the project trajectory. Per quarter: 1–2 days of assessment, short report, 60-minute session. Early-warning system for large projects and multi-year programs.
individual
Embedded support across the full project term. Defined days per month, participation in steering committee, architecture reviews, release gates. Suitable for strategic programs with significant investment volume.
Frequently asked questions
You decide. By default we work discreetly — the existing provider does not learn of the assessment. If you want an open setup (with provider participation), that's also possible. We recommend the discreet format when the assessment serves as a basis for a contract decision.
We document the findings in writing with severity classification and recommendations. You decide how to act on them — internal discussion, conversation with the provider, contract adjustment, or change. We offer to represent the findings together with you, but we do not take over conflict escalation on your behalf.
Generally yes, but that's not the goal. Project Assurance is calculated as an independent second opinion. If you consider taking over after the review, we discuss a separate Take-Over Assessment. The separation protects the independence of the assessment — and your negotiation position.
No. Independent Assurance has been established in the Anglo-Saxon market for decades (Big Four, boutique reviewers) and is gaining acceptance in DACH. We assess delivery quality, not people. That's legitimate, can be cleanly framed contractually, and is in everyone's interest — including the existing provider, when they do good work.
Dynamics 365 (CE, F&O, BC), Power Platform (Apps, Flows, Pages, Copilot Studio), Microsoft 365 (Teams apps, SharePoint solutions), Azure integrations. Pure Azure infrastructure projects without a Microsoft Cloud reference we only accept after pre-coordination — other specialists are better suited there.
Related services
When you first need a technical baseline without project politics.
Read more →
When the review leads to an engagement change — structured intake before takeover.
When the project needs a strong steering role — PM, PO, or Solution Architect on a time-bound basis.
Read more →
Request project review
30-min initial conversation — we clarify scope, discretion requirements, and format. Single Review, Quarterly Recurring, or Full Embedded. You get a written finding so you can walk confidently into the next decision.
Take-away · two materials
Two depths for different reading needs. The factsheet is a quick reference (3–5 min) and instantly downloadable. The whitepaper is market education with methodology and comparison data (15–30 min) — you get it by email after a short request.
3–5 min read · Direct download · no form
Compact overview: scope, key metrics, pricing model, process — ideal to forward to CFO, procurement, or the business unit.
15–30 min read · by email after request
Methodology, comparison data, recommendation framework — material for internal argumentation toward stakeholders.
