Independent Programme-Level Risk Assurance — Sellafield Ltd

The brief

Sellafield Ltd needed an experienced, independent risk manager to conduct a programme-level assurance review of a major nuclear capital programme valued in excess of £1bn. The specific programme is under NDA and is not named in this case study.

The client required constructive challenge — someone senior enough to interrogate delivery confidence, pressure-test contingency, and present findings directly to senior stakeholders without softening the picture.

Independent risk assurance at this scale in a nuclear context has a particular character. The reviewer has to be sufficiently expert to challenge on the substance — modelling assumptions, risk-mapping logic, correlation treatment — but sufficiently senior to hold the attention of programme directors who are not looking for a compliance report. Too junior and the challenge is dismissed; too detached from delivery and the findings don’t land. The brief was explicit on both counts.

Our role

SOMA was contracted to provide an expert risk manager operating as an independent reviewer — distinct from the teams delivering the programme itself. The role combined hands-on Quantitative Risk Analysis experience with the senior-stakeholder credibility needed to challenge from a position of evidence rather than opinion.

The scope targeted the two questions senior decision-makers care about most: is the delivery confidence position realistic, and is contingency sized appropriately for the actual risk profile?

Independence mattered in practice as much as in principle. The reviewer was not embedded in the delivery team, not reporting to the programme director, and not evaluated on the programme’s own performance metrics. That separation is what allowed the findings to be framed as decision support for the client rather than as defence of the programme team’s position.

Our approach

A structured assurance approach aligned to the client’s governance cycle:

• Delivery confidence review — scrutinising schedule and cost forecast positions against the underlying programme evidence: plans, risk register, historic performance, and scope maturity.
• QRA and contingency interrogation — reviewing Monte Carlo modelling assumptions, correlation treatment, risk-mapping discipline, and contingency sizing against P50 / P80 outputs.
• Risk-mapping challenge — testing whether identified risks were mapped to the right activities and cost lines, and whether the quantitative inputs held up against the qualitative narrative.
• Structured findings — clear, traceable observations with recommended actions, separating items that change the confidence position from items that strengthen governance for the next review cycle.
• Senior-stakeholder engagement — presenting findings and recommendations directly to the client’s senior decision-making forum, with constructive challenge rather than commentary.

What nuclear-context assurance looks like

Risk assurance in a nuclear environment is not the same as risk assurance in a generic capital delivery context. The programme schedule is part of a broader safety case. Baseline control sits within a regulated framework. Confidence levels presented to senior stakeholders feed decisions that have public-interest implications as well as commercial ones. That context shapes the nature of the challenge.

In practical terms, the review pays particular attention to the relationship between the QRA model and the narrative risk register. A model that quantifies risks the register describes weakly — or a register that describes risks the model omits — is not a model that can support a defensible confidence position. Closing that gap is often where the most valuable assurance work happens.

The assurance also tests whether the contingency position is consistent with the way the organisation actually approves drawdown. A P80-sized contingency means nothing if the drawdown approval process releases money at P50 confidence in practice. We look at both the number and the governance that determines how the number behaves during delivery.

What we delivered

The engagement gives the client, on a recurring review cycle:

• An independent view of delivery confidence — grounded in evidence, not optimism.
• A defensible position on contingency — with assumptions, sensitivities, and downside drivers stated up front.
• Structured findings with recommended actions — each tied back to the governance decision it informs.
• Senior-stakeholder engagement delivered directly, with constructive challenge that supports better decisions rather than just flagging concerns.

Why constructive challenge works where compliance reporting doesn’t

Much of the assurance effort on major nuclear programmes in the UK is absorbed by compliance reporting — forms completed, gates passed, evidence files populated. That work is necessary but it does not, on its own, change decisions. The value of independent expert challenge is that it surfaces the questions a decision-maker would ask if they had the time and the technical depth to ask them directly.

Constructive challenge also protects the delivery team. A risk position that has been independently interrogated and stands up to scrutiny is a risk position the programme director can defend at the next gate without apology. The goal is not to catch the team out — it is to strengthen the position they are presenting, or to surface where that position needs to shift before it is presented as decided.