What does CADMID stand for?

CADMID stands for Concept, Assessment, Demonstration, Manufacture, In-Service, and Disposal — the six phases of the UK Ministry of Defence's acquisition lifecycle. The framework governs how every UK defence programme moves from initial requirement definition through operational service to eventual decommissioning.

Is CADMID still used by the UK MoD?

Yes. CADMID remains the core framework for UK MoD acquisition. It is supplemented by the Major Projects Review Process, the Single Source Regulations Office cost-control regime on non-competitive contracts, and the Infrastructure and Projects Authority's Gateway Review system on Government Major Projects. CADMID describes the lifecycle; MPRP, SSRO, and IPA describe the assurance and oversight applied to it.

How does CADMID compare to commercial project lifecycles?

CADMID differs from commercial capital-project lifecycles in three material ways. First, it explicitly includes In-Service and Disposal phases — defence equipment is operationally fielded for decades and the through-life cost is often greater than the acquisition cost. Second, the assurance overlay is heavier: IPA, NAO, and Single Source Regulations Office scrutiny apply at multiple gates. Third, classification and security requirements affect how cost and schedule data is handled, transferred, and reported.

Guide

Project Controls in UK Defence — CADMID Lifecycle, MPRP Gateways, IPA Assurance

A practitioner's guide to project controls on UK defence programmes — what the controls function must deliver across the six CADMID phases, how MoD MPRP, IPA and DEF STAN test it, and where SOMA's defence consultancy work plugs in.

Adam O'Neill23 April 2026Last updated 22 May 202611 min readPart of Defence & government project controls

What is CADMID?

CADMID is the UK Ministry of Defence's six-phase acquisition lifecycle: Concept, Assessment, Demonstration, Manufacture, In-Service and Disposal. Every UK defence programme moves through these phases under MoD MPRP, IPA Gateway and SSRO assurance, with distinct project controls deliverables at each stage.

The six CADMID phases at a glance — what the controls function must produce at each stage, and the failure mode reviewers most often flag.

Phase	Goal	Key controls deliverables	Typical assurance	Common pitfall
Concept	Define the requirement; outline business case	Class-5 cost estimate; outline programme; option-level QRA; risk register v0.1	OBC review; IPA Gate 0/1	Cost ranges that ignore option-set uncertainty — a single point estimate dressed up as a range, with no reference-class comparison
Assessment	Compare options; full business case; main-gate decision	Class-3 estimate per option; integrated QCSRA; baseline programme drafted; HM Treasury Green Book compliance	Main Gate review; IPA Gate 1/2	QRA outputs that fail Green Book optimism-bias scrutiny — narrow ranges, no correlation, no reference class adjustment
Demonstration	Develop, integrate and test the chosen solution	PMB established; EVMS in place; risk-managed schedule; Class-2 cost estimate	IPA Gate 2/3; MPRP gate review	PMB set before scope and schedule are stable, forcing repeated rebaselines that erase trend data the reviewers need to see
Manufacture	Production, integration, acceptance	Full EVMS reporting (BCWS/BCWP/ACWP/SPI/CPI/EAC); active QRA refresh; commissioning schedule; SSRO cost reporting on non-competitive contracts	IPA Gate 3/4; Annual MPR	EVMS reports that drift from delivery reality — earned value reverse-engineered from spend, CPI hovering at 1.00 while the schedule slips
In-Service	Operational sustainment, often spanning decades	Through-life cost (TLC) tracking; reliability-driven cost forecast; refresh QRA at major upgrade gates	IPA Gate 4; periodic capability reviews	TLC models that miss obsolescence and capability-upgrade risk, understating the back-end of the through-life cost profile
Disposal	Decommissioning, withdrawal, asset disposition	Disposal cost estimate; risk register for environmental / radiological exposure; decommissioning schedule	IPA Gate 5; site licence / regulatory review	Disposal liabilities not provisioned in earlier phases — the cost only appears on the balance sheet when withdrawal begins

What is CADMID?

CADMID is the United Kingdom Ministry of Defence's six-phase project lifecycle: Concept, Assessment, Demonstration, Manufacture, In-Service, and Disposal. Every UK defence acquisition programme — from a small radio refresh to a Type 26 frigate — moves through these phases under a structured assurance framework that links each phase to specific gateway reviews, controls deliverables, and decision points.

The phases in order: Concept (defining the requirement and outline business case), Assessment (option analysis and full business case), Demonstration (development, integration and testing of the chosen solution), Manufacture (production and acceptance), In-Service (operational sustainment, often spanning decades), and Disposal (decommissioning, withdrawal and asset disposition). Each transition between phases is governed by a Main Gate decision and, on Major Projects, by Infrastructure and Projects Authority Gateway Reviews.

Each CADMID phase places different demands on the project controls function. Concept and Assessment focus on option-level risk and cost-confidence analysis under high uncertainty. Demonstration and Manufacture demand full Earned Value Management, Performance Measurement Baseline discipline, and detailed schedule integration. In-Service controls track through-life cost and sustainment over decades. Disposal carries its own commercial, regulatory, and (on radiological or environmental platforms) risk-management complexity.

Understanding which CADMID phase a programme is in — and what the controls function must produce at that phase — is the difference between a controls capability that survives Major Projects Review Process scrutiny and one that gets red-rated. The rest of this guide walks through what good looks like at each stage, against the framework that NAO, IPA, and the Single Source Regulations Office actually apply.

Why defence is different

Project controls in UK defence operates within a framework that has no direct equivalent in the commercial infrastructure sector. The CADMID lifecycle (Concept, Assessment, Demonstration, Manufacture, In-Service, Disposal), the MoD Major Projects Review Process, IPA gateway reviews, and the Earned Value Management requirements that apply to many MoD contracts create a controls environment where the demands on schedule, cost and risk management are among the most rigorous in the world.

This is not an accident. Defence programmes are publicly funded, often classified, technically complex, and operate at timescales that stretch over decades. The controls framework exists because the consequences of controls failure — cost overruns measured in billions, capability gaps that affect national security, and the NAO scrutiny that follows — are severe. If you work in defence project controls and you have not seen a Major Projects Report, you are not yet in the environment where the controls actually matter.

Understanding this framework is not optional for a controls practitioner working on a defence programme. It shapes everything from how the WBS is structured to how QRA results are presented to a Programme Board, and it is what distinguishes a controls function that adds value from one that adds paper.

CADMID and what controls must deliver at each stage

Concept stage is where project controls should begin — and where it most often does not. At concept, the requirement is being defined, options are being assessed, and the feasibility of different approaches is being tested. The controls contribution at this stage is to the business case: credible cost and time estimates that reflect the uncertainty of the concept definition, structured to support option comparison and to identify the key uncertainties that will drive cost and schedule variability.

Assessment stage is where the design is developed to the point where a solution can be selected and a cost and schedule baseline can be established. Controls at assessment stage must produce: a Class 3 or better cost estimate (AACE classification); a programme that covers the Demonstration and Manufacture phases at sufficient detail to support gate review; and a risk register that identifies the key threats and opportunities with three-point estimates. The QRA produced at assessment stage is often what the Programme Board uses to set the contingency for the next phase.

Demonstration stage is where the selected solution is proven technically and the Manufacture phase programme is confirmed. Controls at demonstration stage must maintain the performance measurement baseline against which EVM is reported, update the QRA as technical risk resolves (or does not), and manage the compensation event or change process as design matures.

Manufacture stage is full production — the stage with the greatest cost and schedule exposure and the highest controls intensity. EVMS reporting is mandatory on many MoD Manufacture contracts. The controls function must maintain a fully integrated cost-schedule model, report BCWS, BCWP, ACWP and EAC on the MoD's required cadence, and produce monthly reports that give the Programme Director the leading indicators they need to intervene before problems become crises.

MoD MPRP and IPA gateway reviews

The Major Projects Review Process (MPRP) is the MoD's internal assurance framework for the largest and most complex defence programmes. Programmes on the MoD Major Projects Portfolio are subject to MPRP gates at key decision points — typically at assessment approval, manufacture approval, and in-service review.

IPA (Infrastructure and Projects Authority) reviews are government-wide assurance applied to the largest and highest-risk programmes in the Government Major Projects Portfolio. For defence programmes that reach the GMPP threshold, IPA reviews sit alongside MPRP gates and bring additional scrutiny from independent reviewers who are not part of the MoD.

What reviewers actually look for at MPRP and IPA gates is different from what programme teams typically prepare for. Reviewers are not primarily interested in the format of the QRA report or the colour of the risk register. They are interested in: whether the programme director can articulate the key cost and schedule drivers and how they are being managed; whether the contingency provision is defensible given the QRA methodology and the risks identified; whether the critical path is genuine and whether the team understands what is driving it; and whether the controls function is providing useful intelligence or just producing reports.

The most common failure mode at gateway review is not missing documentation — it is that the controls function has produced documentation that does not reflect reality. A risk register that lists fifty risks with identical probability and impact scores. A QRA that always produces a P80 within 5% of the target figure. A programme that has been constrained to show the required completion date without modelling the logic that connects the activities. Reviewers who have seen many programmes recognise these signatures immediately.

CADMID gateway reviews — what auditors actually test

IPA Gateway Reviews follow a defined progression: Gate 0 (strategic assessment, applied to programmes rather than single projects), Gate 1 (business justification, typically aligned with the Outline Business Case at end of Concept), Gate 2 (delivery strategy, aligned with the Full Business Case at end of Assessment), Gate 3 (investment decision, immediately before contract award and the move into Manufacture), Gate 4 (readiness for service, before In-Service entry), and Gate 5 (benefits realisation and operational lessons learned). At each gate the reviewers test a different question, and the controls evidence required shifts accordingly. At Gate 1 reviewers test whether the cost and time ranges are honest and whether the option set has been genuinely compared — not whether one preferred option has been engineered into looking best. At Gate 2 they test whether the delivery strategy is buildable: whether the Performance Measurement Baseline is achievable, whether the supply chain has the capacity, whether the schedule logic is robust enough to survive contact with the contractor. At Gate 3 the focus is investment confidence — the QRA must demonstrate that the contingency provision is defensible and the risk transfer arrangement to the contractor is realistic.

The recurring red flags raised by NAO and the MPRP review teams are remarkably consistent across programmes. A QRA whose P80 sits suspiciously close to the available funding envelope. A schedule with a critical path that runs through float — meaning the path the team thinks is critical is not actually the path that drives completion. An optimism-bias adjustment that has been bolted on at the end of the analysis rather than built into the input ranges, and which the reviewers can therefore strip out to test the underlying numbers. EVMS reports where the earned value line and the actual cost line are nearly identical, indicating that earned value is being reverse-engineered from spend rather than measured from physical progress. A through-life cost model that has not been refreshed since the business case was approved, and which therefore reflects a configuration the in-service programme has long since moved away from.

Defensible controls evidence at gate has three characteristics. First, the analysis is traceable — every number in the gate report can be tied back to a model file, a workshop output, a contract data line, or an audited cost report. Second, the assumptions are stated explicitly and tested by sensitivity analysis, so reviewers can see how the conclusions move when the most uncertain assumptions are flexed. Third, the controls team can answer the second-order question without a calculator: what are the three things that, if they went wrong, would breach the contingency provision, and how is each being managed? Programmes whose controls team can give that answer extempore tend to clear gate. Programmes whose controls team needs to refer the question back to the office tend not to.

EVMS on MoD contracts

Earned Value Management System (EVMS) requirements on MoD contracts are specified in the contract data and typically reference either AACE 11R-88 (the Earned Value Management System standard) or the MoD's own EVMS guidance. The requirement is to establish, maintain and report against a performance measurement baseline that integrates the authorised scope, budget and schedule.

In practice this means: a WBS that maps to both the contract structure and the technical scope; a schedule that is resource-loaded at the level required for EV measurement; an EVMS that assigns a budget to every WBS element and records earned value against a defined measurement technique; and a monthly report that presents BCWS, BCWP, ACWP, SPI, CPI and EAC in the format specified by the contract data.

The most common EVMS failure on MoD contracts is the gap between the contract-required EVMS and the programme's actual planning and reporting system. Contractors often have a separate EVM reporting tool and a separate scheduling tool that are reconciled manually at month-end. The reconciliation is where errors are introduced and where the EV data loses its connection to the delivery reality. An integrated cost-schedule system — where the schedule drives the BCWS and the progress measurement drives the BCWP — is harder to set up but produces data that is genuinely useful rather than technically compliant.

Security classification affects how EVMS data is handled. On classified programmes, the cost and schedule data may be classified at a level that affects who can access the reporting system, how data is transferred to the MoD's programme office, and how the programme interacts with non-cleared subcontractors. A controls practitioner working on a classified programme needs to understand the classification level and its implications for data handling before designing the system.

Common controls failure modes by CADMID phase

The failure modes that get programmes red-rated cluster predictably by CADMID phase. At Concept, the recurring pattern is a cost estimate that ignores option-set uncertainty — the team has produced what looks like a three-point range, but each option carries the same percentage uncertainty regardless of how technically mature it is. A bespoke airframe option and a Military Off-The-Shelf variant cannot rationally have the same coefficient of variation on the cost estimate, and reviewers familiar with AACE classification (5 for Concept-stage estimates, 4 at the end of Concept) will press on exactly that point. Closely related is the absence of a reference class — the estimate is built from first principles without any check against what comparable programmes have actually cost, which is the single most effective de-biasing technique available and the one HM Treasury Green Book guidance specifically calls for.

At Assessment, the recurring pattern is a QRA that fails Green Book optimism-bias scrutiny. The ranges in the three-point inputs are too narrow, correlation between risks is absent or token, the opportunity side of the distribution is empty, and the resulting P80 sits within touching distance of the deterministic estimate. When the reviewer strips out the late-stage optimism-bias uplift and looks at the underlying model, the uncertainty has been engineered away. The MoD Cost Assurance and Analysis Service and the SSRO both publish guidance on this and both will challenge a QRA whose distribution shape looks too tame for the technical maturity of the programme. At Manufacture, the recurring pattern is EVMS reports that drift from delivery reality — Schedule Performance Index and Cost Performance Index both reported close to 1.00 for months, then a step-change correction when the truth surfaces at a milestone or an independent assessment. The drift is almost always the same root cause: progress is self-reported by package managers who carry the incentive to show momentum, and the earning rules are either undocumented or inconsistently applied, so the BCWP figure is closer to forecast than to physical fact.

At In-Service, the recurring pattern is a through-life cost model that has not been refreshed since contract award and which therefore misses obsolescence risk, capability-upgrade cost, and the disposal liability that should have been provisioned through the operating life. Electronic components on a thirty-year platform will go end-of-life multiple times across the service period, and the cost of redesign, requalification and retest is rarely modelled at Concept. A TLC model that assumes today's configuration persists unchanged through the In-Service phase is, by construction, optimistic. The recurring NAO finding on long-running platforms — that the in-service support cost has materially exceeded the figure used in the original business case — is in large part a controls failure at this exact point: the model that supports the original decision is never reconciled against the reality of sustainment as the platform ages.

What good controls looks like in defence

Good project controls in defence is characterised by integration, earliness, and honesty. Integration means the schedule, cost and risk functions work from the same data model and produce consistent outputs — not three separate views that are reconciled in the report. Earliness means controls are embedded from concept stage, not introduced at manufacture when the baseline is already under pressure. Honesty means the QRA model reflects the risks the programme actually faces, not the risks that produce the numbers the Programme Board wants to see.

The controls function on a well-run defence programme is not a reporting function. It is an intelligence function. Its job is to give the Programme Director the earliest possible warning of problems — schedule logic that is deteriorating, cost performance that is trending below 1.0, risks that are crystallising faster than the register assumed — so that decisions can be made while options are still available.

The worst controls environments in defence are characterised by a separation between the controls function and the delivery team — where the planners and cost engineers are seen as overhead, where the monthly report is produced by the commercial team from data the delivery team does not trust, and where the QRA is something that happens before gateway reviews rather than something that is maintained continuously. If that description fits a programme you are working on, the controls function is not delivering value, and the programme is more exposed than the reports suggest.

How SOMA supports CADMID programmes

SOMA Project Controls works on defence and government programmes through three repeating engagement shapes: independent Quantitative Risk Analysis on Concept and Assessment-stage business cases where the team needs a defensible contingency figure that will withstand IPA and SSRO scrutiny; Earned Value Management System implementation reviews on Demonstration and Manufacture contracts where the EVMS reporting is technically compliant but operationally disconnected from the delivery team; and IPA gateway readiness reviews and through-life cost modelling on long-running In-Service platforms. The work is delivered by senior practitioners who have led controls on UK infrastructure, water, nuclear and defence programmes, and who treat the controls function as an intelligence function for the Programme Director rather than a reporting overhead. The relevant SOMA services for CADMID programmes are Quantitative Risk Analysis, Cost Management & Earned Value, and the Project Controls Advisory engagement.

FAQ

Frequently asked

What does CADMID stand for?: CADMID stands for Concept, Assessment, Demonstration, Manufacture, In-Service, and Disposal — the six phases of the UK Ministry of Defence's acquisition lifecycle. The framework governs how every UK defence programme moves from initial requirement definition through operational service to eventual decommissioning.
What are the six CADMID phases?: The six CADMID phases in order are: Concept (defining the requirement and outline business case), Assessment (option analysis and full business case), Demonstration (development, integration and testing of the chosen solution), Manufacture (production and acceptance), In-Service (operational sustainment, often spanning decades), and Disposal (decommissioning, withdrawal and asset disposition). Each transition between phases is governed by a Main Gate decision and, on Major Projects, by Infrastructure and Projects Authority Gateway Reviews.
What project controls are required at each CADMID phase?: Project controls demand differs across the CADMID phases. Concept and Assessment focus on option-level risk and cost-confidence analysis under high uncertainty, with QRA used to compare alternatives. Demonstration and Manufacture demand full Earned Value Management, Performance Measurement Baseline discipline, and detailed schedule integration. In-Service controls track through-life cost and sustainment over decades. Disposal carries its own commercial, regulatory, and (on radiological or environmental platforms) risk-management complexity.
Is CADMID still used by the UK MoD?: Yes. CADMID remains the core framework for UK MoD acquisition. It is supplemented by the Major Projects Review Process, the Single Source Regulations Office cost-control regime on non-competitive contracts, and the Infrastructure and Projects Authority's Gateway Review system on Government Major Projects. CADMID describes the lifecycle; MPRP, SSRO, and IPA describe the assurance and oversight applied to it.
How does CADMID compare to commercial project lifecycles?: CADMID differs from commercial capital-project lifecycles in three material ways. First, it explicitly includes In-Service and Disposal phases — defence equipment is operationally fielded for decades and the through-life cost is often greater than the acquisition cost. Second, the assurance overlay is heavier: IPA, NAO, and Single Source Regulations Office scrutiny apply at multiple gates. Third, classification and security requirements affect how cost and schedule data is handled, transferred, and reported.

← Back to guides

More guides

Keep reading.

Guide

CADMID Concept Phase: Project Controls Deliverables and Failure Modes

The Concept phase is where the controls function earns its right to be in the room — or fails to. A practitioner's view of what project controls must deliver at MoD CADMID Concept, what IPA Gateway 1 reviewers actually test, and the failure modes that recur on real programmes.

8 min read

Guide

CADMID Assessment Phase: Full Business Case, QCSRA and Main Gate

Assessment is where the option set is narrowed, the Performance Measurement Baseline is shaped, and the Full Business Case is built for Main Gate. A practitioner's view of what project controls must deliver, what IPA Gate 2 / 3 reviewers test, and the failure modes that get programmes red-rated.

9 min read

Guide

CADMID vs PRINCE2: How the UK MoD Lifecycle Differs from Generic PM

CADMID is a defence acquisition lifecycle. PRINCE2 is a generic project-management method. They do different jobs and they are not interchangeable. A practitioner's view of where each one belongs, what controls each demands, and how they coexist on real UK defence programmes.

9 min read

Guide

The Baseline You Can Actually Defend

How to set a controls baseline that survives the project — scope, schedule, cost — and how to tell legitimate rebaselining from commercial cover-up.

11 min read

Working on a CADMID programme?

SOMA provides independent project controls consultancy for UK defence and government programmes — QRA, EVMS, IPA Gateway readiness, and the assurance evidence that stands up to MPRP scrutiny.

Book a CADMID readiness call Defence sector consultancy →