What is the CADMID Assessment phase?

Assessment is the second phase of the UK MoD's CADMID acquisition lifecycle. The option set is investigated in depth, a preferred solution is selected, and the Full Business Case is built for the Main Gate / IPA Gate 2–3 decision. It is the phase where the controls function moves from option-level comparison to integrated, defensible cost and schedule modelling.

What project controls deliverables are required at CADMID Assessment?

An AACE Class 3 cost estimate per remaining option, an integrated Quantitative Cost-Schedule Risk Analysis (QCSRA) for the preferred option, a baseline programme draft covering Demonstration and Manufacture at sufficient detail for gate review, a working operational risk register with decimal probabilities and three-point impact distributions, and HM Treasury Green Book–compliant optimism-bias treatment built into inputs.

What is the difference between CADMID Concept and Assessment for controls?

Concept produces a Class 5 cost range and an option-level QRA for option-set winnowing. Assessment produces a Class 3 estimate per option, an integrated QCSRA, a baseline programme draft, and a working risk register that reconciles to the QRA. The volume of work steps up by an order of magnitude and the methodology must withstand external scrutiny — at Concept the reviewer tests whether the team is being honest, at Assessment whether the analysis would survive forensic review.

What does IPA Gate 3 test at the end of CADMID Assessment?

IPA Gate 3 is the investment decision test. Reviewers examine whether the contingency provision is defensible given the QRA methodology and identified risks; whether the optimism-bias adjustment is built into inputs rather than bolted on; whether the cost breakdown reconciles to the technical scope; and whether the risk transfer arrangement to the contractor is genuine rather than a paper transfer that the MoD will absorb anyway.

Guide

CADMID Assessment Phase: Full Business Case, QCSRA and Main Gate

Assessment is where the option set is narrowed, the Performance Measurement Baseline is shaped, and the Full Business Case is built for Main Gate. A practitioner's view of what project controls must deliver, what IPA Gate 2 / 3 reviewers test, and the failure modes that get programmes red-rated.

Adam O'Neill16 May 20269 min readPart of Defence & government project controls

What is CADMID Assessment phase?

CADMID Assessment is the second phase of the UK MoD's acquisition lifecycle. Options are evaluated in detail, a preferred solution is selected, and the Full Business Case is built for Main Gate. Controls deliverables: AACE Class-3 estimate per option, integrated QCSRA, baseline programme draft, and Green Book–compliant optimism-bias treatment.

What controls must produce at Assessment — and what Main Gate / IPA Gate 2–3 reviewers actually look for.

Phase	Deliverable	AACE / methodology reference	Reviewer test
Assessment (early)	Option-set comparison framework	Treasury Five Case Model	Are options assessed on a like-for-like basis?
Assessment (mid)	Class-3 cost estimate per remaining option	AACE 18R-97 / 47R-11	Is the estimate supported by quantitative inputs at the right level of definition?
Assessment (mid)	Integrated QCSRA per option	AACE 57R-09 / 113R-20 / 118R-21	Are cost and schedule sampled together with realistic correlation?
Assessment (mid)	Baseline programme draft (preferred option)	AACE 27R-03 / DCMA-style screening	Is the critical path genuine and the schedule logic robust?
Assessment (late)	Optimism-bias treatment in line with Green Book	HM Treasury Green Book	Is the uplift built into inputs, not bolted on at the end?
Assessment (end)	Full Business Case controls evidence pack	Treasury Five Case Model / IPA Gateway 2/3	Is the case affordable, achievable, deliverable and assured?

Where Assessment fits in CADMID

Assessment is the second of CADMID's six phases. The option set carried out of Concept is now investigated in depth: candidate solutions are designed to a level of definition that supports meaningful cost and schedule estimation, the integrated risk picture is developed for each, and a preferred solution is selected. The phase ends with the Full Business Case and the Main Gate decision — the investment commitment to enter Demonstration. On Major Projects this aligns with IPA Gate 2 (delivery strategy) and Gate 3 (investment decision), and the controls evidence is the artefact the reviewers actually work from.

For the controls function, Assessment is where the volume of work steps up by an order of magnitude. The estimates move from Class 5 to Class 3. The QRA moves from option-comparison to integrated QCSRA. The schedule moves from outline to a baseline draft with genuine logic. The risk register moves from strategic v0.1 to a working operational document. Most importantly, the methodology becomes the defensible artefact: at Main Gate the reviewers are not testing whether the team can produce a number, they are testing whether the number can withstand scrutiny.

What controls must deliver at Assessment

The cost estimate at Assessment is an AACE Class 3 — supported by quantitative inputs at the level of definition the preferred design now provides. Class 3 expects an accuracy range in the order of -20% to +30%, materially tighter than Concept. The estimate has to be built on a defined cost breakdown structure, with each major element traceable to a quantitative basis — engineering definition, supplier engagement, reference-class data — and not asserted as a single judgement.

The QRA at Assessment is integrated QCSRA: cost and schedule sampled together against the same risk register, with realistic correlation between risks that affect both. The P50 is established as the basis of the funding case; the P80 sits as the contingency envelope expected by HM Treasury Green Book and the MoD Cost Assurance and Analysis Service. The methodology is published — typically Safran Risk, Primavera Risk Analysis, @Risk or Acumen Risk, against AACE 57R-09 and 113R-20 — and the model file is auditable.

The baseline programme draft covers Demonstration and Manufacture at sufficient detail to support gate review. The critical path is identifiable, the schedule logic is genuine (not a series of FS-0 links concealing a missing path), and DCMA-style screening has been run before the schedule goes into the FBC. A schedule that fails its own DCMA test before submission is a schedule the reviewer will notice — DCMA screening is the cheapest way to find the problems first.

The risk register is now a working operational document. It has decimal probabilities and three-point impact distributions (not just RAG bands), each risk is mapped to specific schedule activities and cost lines, and the top risks reconcile to the QRA outputs. A risk register that does not reconcile to the QRA is one or the other being wrong; both being right is the standard the programme is held to.

What Main Gate and IPA Gate 2–3 reviewers test

Main Gate is the MoD investment decision. IPA Gate 2 tests delivery strategy ("is this deliverable?"); IPA Gate 3 tests the investment decision itself ("is this affordable and assured?"). On Major Projects the two often run close together, and the controls evidence is the same evidence pack from the programme team's point of view. The reviewers, however, are testing different things.

At Gate 2 the test is whether the delivery strategy is buildable. Is the PMB achievable given the technical maturity? Is the supply chain capable? Is the schedule logic robust enough to survive contact with the contractor? Is the proposed EVMS arrangement going to produce real data rather than reconciled-from-spend earned value? Reviewers will ask whether the team has thought about how the schedule degrades under realistic contractor delays, and whether the QCSRA results would still support the funding case if the supplier base assumptions tighten.

At Gate 3 the test is investment confidence. Is the contingency provision defensible given the QRA methodology and the risks identified? Has the optimism-bias adjustment been built into the inputs (the right place) or bolted on at the end (the wrong place, because the reviewer can strip it out)? Does the cost breakdown reconcile to the technical scope? Is the risk transfer arrangement to the contractor realistic, or is it a paper transfer that the MoD will end up bearing anyway? The Gate 3 reviewer is asking whether they would commit Treasury money on the basis of this case.

The recurring failure modes

The most common Assessment-phase failure is a QRA whose distribution shape is too tame for the technical maturity. The ranges in the three-point inputs are too narrow, correlation between risks is absent or token, the opportunity side of the distribution is empty, and the P80 sits within touching distance of the deterministic estimate. The MoD Cost Assurance and Analysis Service and the SSRO both publish guidance on this and both will press on a QRA whose underlying inputs look engineered rather than calibrated.

The second failure is the bolted-on optimism bias. The team has run the QRA, produced a P80, and then added a late-stage uplift to satisfy Green Book without re-running the inputs. Reviewers strip out the late uplift, look at the underlying P80, and ask whether the model would still support the funding case without it. If the answer is no, the case is fragile.

The third failure is the schedule that cannot survive contractor reality. The Assessment baseline is built top-down to fit the desired Main Gate date, with logic constructed to support the constraint rather than reflecting the real activity dependencies. DCMA screening, run by the reviewer if not by the team, exposes this immediately — high constraint counts, suspect float distributions, missing successor links on tasks that should not be terminal.

The fourth failure is the risk register that does not tie to the QRA. The register has its own top-ten list, and the QRA has its own — and they are not the same list. Either the register or the model is wrong; usually both are right in isolation and wrong in combination, and the reviewer asks the question that exposes it: which five risks, if they materialised in combination, would breach the P80?

What good looks like at the end of Assessment

A well-run Assessment phase produces a Full Business Case whose controls evidence is internally consistent, externally defensible, and operationally usable. The cost estimate is Class 3 with quantitative bases for each major line. The QCSRA produces a P50 and P80 that the team can defend, with correlation and optimism-bias treatments built into inputs. The baseline programme passes DCMA-style screening before submission. The risk register reconciles to the QRA in detail — the same top risks, with quantified exposures that match the model.

The narrative ties the artefacts together. The FBC reads as one document, not five appendices. The cost basis, the risk basis, the schedule basis, the supply-chain basis and the assurance basis all reference the same set of assumptions, and the assumptions are stated explicitly enough that a reviewer can sensitivity-test them. The team can answer the second-order question without referring to the office: what are the three things that, if they went wrong, would breach the P80, and how is each being managed?

How SOMA supports CADMID Assessment

SOMA Project Controls works at Assessment stage in three engagement shapes. The first is independent QCSRA on the preferred option — a structured AACE-compliant integrated cost-schedule risk analysis whose methodology and outputs will satisfy IPA Gate 2 and Gate 3 scrutiny. The second is FBC controls assurance — a structured pre-Gate review of the evidence pack covering the cost estimate basis, the QRA model, the schedule logic and the risk register, identifying the gaps a reviewer is most likely to flag. The third is supplier engagement on the EVMS arrangement — making sure the Demonstration-phase EVMS will produce real data rather than the technically compliant but operationally disconnected reporting that triggers red ratings later. All three are delivered by senior practitioners who have built controls evidence packs that have passed Main Gate on real UK defence and government programmes.

FAQ

Frequently asked

What is the CADMID Assessment phase?: Assessment is the second phase of the UK MoD's CADMID acquisition lifecycle. The option set is investigated in depth, a preferred solution is selected, and the Full Business Case is built for the Main Gate / IPA Gate 2–3 decision. It is the phase where the controls function moves from option-level comparison to integrated, defensible cost and schedule modelling.
What project controls deliverables are required at CADMID Assessment?: An AACE Class 3 cost estimate per remaining option, an integrated Quantitative Cost-Schedule Risk Analysis (QCSRA) for the preferred option, a baseline programme draft covering Demonstration and Manufacture at sufficient detail for gate review, a working operational risk register with decimal probabilities and three-point impact distributions, and HM Treasury Green Book–compliant optimism-bias treatment built into inputs.
What is the difference between CADMID Concept and Assessment for controls?: Concept produces a Class 5 cost range and an option-level QRA for option-set winnowing. Assessment produces a Class 3 estimate per option, an integrated QCSRA, a baseline programme draft, and a working risk register that reconciles to the QRA. The volume of work steps up by an order of magnitude and the methodology must withstand external scrutiny — at Concept the reviewer tests whether the team is being honest, at Assessment whether the analysis would survive forensic review.
What does IPA Gate 3 test at the end of CADMID Assessment?: IPA Gate 3 is the investment decision test. Reviewers examine whether the contingency provision is defensible given the QRA methodology and identified risks; whether the optimism-bias adjustment is built into inputs rather than bolted on; whether the cost breakdown reconciles to the technical scope; and whether the risk transfer arrangement to the contractor is genuine rather than a paper transfer that the MoD will absorb anyway.
What is the most common Assessment-phase QRA failure?: A QRA whose distribution shape is too tame for the technical maturity — narrow input ranges, token correlation between risks, no opportunity-side distribution, and a P80 that sits within touching distance of the deterministic estimate. The MoD Cost Assurance and Analysis Service and the SSRO both press on this exact pattern, because it is the signature of inputs engineered to support a target number rather than calibrated to the actual risk profile.

← Back to guides

More guides

Keep reading.

Guide

Project Controls in UK Defence — CADMID Lifecycle, MPRP Gateways, IPA Assurance

A practitioner's guide to project controls on UK defence programmes — what the controls function must deliver across the six CADMID phases, how MoD MPRP, IPA and DEF STAN test it, and where SOMA's defence consultancy work plugs in.

11 min read

Guide

CADMID Concept Phase: Project Controls Deliverables and Failure Modes

The Concept phase is where the controls function earns its right to be in the room — or fails to. A practitioner's view of what project controls must deliver at MoD CADMID Concept, what IPA Gateway 1 reviewers actually test, and the failure modes that recur on real programmes.

8 min read

Guide

CADMID vs PRINCE2: How the UK MoD Lifecycle Differs from Generic PM

CADMID is a defence acquisition lifecycle. PRINCE2 is a generic project-management method. They do different jobs and they are not interchangeable. A practitioner's view of where each one belongs, what controls each demands, and how they coexist on real UK defence programmes.

9 min read

Guide

Cost vs Schedule Contingency — and Why Teams Confuse Them

The structural difference between cost and schedule contingency, how three-point estimates feed both, the EMV vs QRA distinction, and how to defend the contingency number in a board paper.

10 min read

Working on a CADMID programme?

SOMA provides independent project controls consultancy for UK defence and government programmes — QRA, EVMS, IPA Gateway readiness, and the assurance evidence that stands up to MPRP scrutiny.

Book a CADMID readiness call Defence sector consultancy →