Assumptions note
The numbers and breakdowns here are illustrative. This page is meant to show how to communicate cost and resourcing in a case study — clearly, with governance and control points.
1) Resourcing model
A clean resourcing view answers three questions: Who is needed? When? and What are they responsible for?
| Workstream / role | Typical allocation | Notes |
|---|---|---|
| Delivery Lead / PM | 1.0 FTE | Plan, RAID, governance cadence, dependency control, stakeholder rhythm |
| Product Owner | 0.8–1.0 FTE | Scope, backlog, acceptance criteria, release priorities |
| Tech Lead / Architect | 1.0 FTE | Architecture decisions, integration approach, cross-team technical alignment |
| Engineering | 3–6 FTE | App + backend/API integration + lifecycle hardening |
| UX / Research | 1–2 FTE | Journey mapping, accessibility-first design, usability testing |
| QA / Test | 1–3 FTE | Automation, regression, UAT support, release sign-off readiness |
| Security / Privacy | 0.5–1.0 FTE | DPIA, security gates, pen testing coordination, compliance readiness |
| Change & Communications | 0.5–1.0 FTE | Adoption planning, citizen guidance, stakeholder updates |
2) Cost model (structure first, numbers second)
I like to present costs in a way that makes governance easy: clear categories + a review rhythm. Even when numbers are unknown, the structure can be defined.
| Cost line | What it typically includes | Control approach |
|---|---|---|
| People | Internal allocation + contractors | Monthly forecast vs actual, resourcing approval thresholds |
| Cloud / Infrastructure | Environments, scaling, monitoring, storage | Spend dashboards, alerts, quarterly optimisation reviews |
| Tools & Licenses | Dev/test tools, analytics, workflow tools | License rationalisation, approvals for new tools |
| Security & Compliance | Audits, pen tests, assurance work | Gate-based approvals, documented sign-offs |
| Change & Adoption | Comms, onboarding, training materials | Rollout plan + KPI tracking + feedback loops |
| Contingency | Unknowns, remediation, unplanned spikes | Only released via change control |
3) What I would show in a steering update
- Forecast vs actual: current month + next two months, with variance reasons.
- Top cost drivers: what changed (scope, resourcing, infra demand).
- Change control summary: approved changes and their cost/time impact.
- Cost risks: risks that can turn into spend (security remediation, performance, compliance delays).
- Decision asks: what leadership needs to decide this month.
The goal isn’t “perfect estimates.” The goal is controlled reality: visibility, choices, and early correction.