Your examination of the costs, benefits and risks of each option forms the core argument of your business case.
The decision-makers should be able to understand the comparative advantages, costs and weaknesses of each option, assessed against the organisation’s capability to deliver the solution.
Your conclusion and recommended option should be clearly supported by this evidence.
Explore viable options in detail and assess how they will achieve the desired outcomes. Assess each option against the desired outcomes to identify strengths and weaknesses. Consider the comparative costs, benefits, and risks of each solution. Different options may deliver different benefits and costs for similar outcomes. Accurately calculating the costs and benefits of each option will help decision-makers compare the different options presented in the business case. It is important to be clear how you will measure the costs and benefits for each option.
Similarly, assessing the risks of each option make them easier to compare. You need to consider risks based on how they may impact the desired outcomes, the organisation, and the government. There may be some risks which are common across all options, while the impact of the risk may be different.
Test the viability of implementing each option. You should consider the capability of your organisation to implement each option. You should also consider if other government organisations or the private sector need to be engaged in developing or implementing a solution. You may need to approach the market to identify whether there is an existing solution to the business problem, or to clarify the costs of implementing a solution.
Understanding the costs and benefits
Decide how you will calculate the costs of the proposal
There are many methods available for generating costings depending on the experience of those preparing the business case. There is no universally recognised single best approach for developing costs, but other government agencies such as your Finance or Treasury Department (or equivalent) may guide you. The size, complexity and type of initiative may determine whether you use an agile or waterfall funding model. For example, waterfall project management approaches may be appropriate when updating ICT infrastructure. More agile approaches may be more useful to help you build services that meet complex user needs, or to deliver value quickly.
Make sure you explain any assumptions made. Initial cost estimates may be imprecise but will become more accurate as you work through the business case process.
Involve a variety of people and subject matter experts to inform your costs
Talk to the people who will be making decisions on the business case to understand what they want included. Relevant groups within your organisation can also help you establish the costs of internal services and resources. Subject matter experts and other stakeholders outside your organisation are another good source of costing advice.
Cost based on scope and implementation approach
Options with greater ICT complexity and scope are likely to cost more. The choice of delivery method will also affect the way costs are calculated. Agile and waterfall approaches will each require unique considerations.
Quantitative and qualitative measurements of benefits
Give a broad overview of the benefits each option will deliver. Include both quantitative and qualitative measurements of the outcomes. For example, you might intend to measure changes in staff hours (quantitative) and gain feedback on customer experience through a survey (qualitative). Work with the people who will be implementing the project to define the metrics that are most valuable.
Conduct detailed cost and benefit analysis on the preferred option
Perform a more detailed analysis of the costs and benefits once decision-makers have agreed with the preferred option. Look for guidance and templates on conducting cost benefit analysis from agencies in your government with responsibility for overseeing business case processes.
Understanding the risks
Determine the level of risk the organisation is willing to take
Talk to people within the organisation to understand what level of risk and reward is acceptable to address the problem. For example, an organisation may not accept risks which, introduce complexities for customer interactions with the organisation.
Understand what could go wrong for each option
There are various types of risks to consider. These include technology, business, funding and implementation risks. Ensure you consider the same type of risks across each option, so they are easy to compare. Remember, there will be risks for not doing anything at all.
There are actions that can be taken to reduce risks to an acceptable level (or risk mitigation activities).
Think about different ways to avoid or minimise the risk. Look to include different approaches to reduce the probability and impact of the risk occurring. Your options can also be supported by including risk ratings before, and after mitigation, to assist decision-makers in their evaluation of the proposal.
Plan how you will manage risk
Use a risk management approach which works for your organisation. There may be existing tools and templates available from your organisation to help guide you. As part of your implementation approach (refer to Draft the business case), define a process to continually identity and manage risks. Give specific consideration on how cyber security and privacy risks will be managed.
Questions to consider
Understanding the costs and benefits
- Who can help with developing costing models?
- What degree of costing competence or maturity do you have within your organisation?
- Can you draw organisation expertise into the development of costs?
- How are you going to measure the size and complexity of the problem?
- What are the current digital and ICT support and maintenance costs?
- How complex are the business requirements and the digital and ICT capability?
- How much do staff cost and how long will they be required for?
- How long are staff required over the implementation period?
- How many people will use the new digital and ICT capability?
- What will the organisation require to maintain and support the new digital and ICT capability once it is implemented?
- Have you agreed on the benefits with the relevant stakeholders?
- What is happening within your organisation, government, industry, and globally that might affect your business case?
- When, where, why and how are things likely to divert from your proposed outcomes? Think about categories of risk: e.g. operational, strategic, reputational, ICT and infrastructure, stakeholder relationships, contracts and procurement, service interruptions, the public, workforce capability and capacity.
- Are the risks internal or external?
- Who might be involved or affected if something goes wrong?
- Are there any risk dependencies (will treating one risk impact your determination of another risk)?
- Are you regularly engaging stakeholders to ensure the risks stay up-to-date?
- Have you considered privacy risks?
- Have you considered cyber security risks?
- Have you considered the legal risks that might affect the options in your business case?