Methodology
The Evie Project Controls Maturity Index
A weighted score of your controls operating model across six domains, calibrated against UK infrastructure, engineering and building-contractor benchmarks. Built to stand up to the kind of scrutiny a director-level review would apply.
Scoring
Each question uses a 5-point behavioural scale from 0 (we don't do this) to 4 (embedded and audited). A domain score is the sum of its answers divided by its maximum, expressed out of 100. The overall Maturity Index is a weighted mean across the six domains.
Commercial & Change Control, Schedule Integrity and Data Integration carry a slightly higher weight (×1.15) because those three domains generate the largest observed commercial and delivery exposure across our ICP.
Bands
Reactive
0–39You are firefighting. Reporting is retrospective; leadership questions surface as surprises rather than early warnings.
Developing
40–59Controls exist but sit in silos. Leadership questions still take days to answer with confidence and change is loosely linked to programme.
Controlled
60–79Integrated data, timely reporting, disciplined change and early warning. You catch most issues before they become disputes.
Predictive
80–100Leading indicators are embedded. Leadership gets board-ready answers in minutes and commercial protection is baked into the operating model.
Domains
01. Schedule Integrity & Forensic Planning
×1.15How trustworthy your programme is as a decision-making artefact — logic quality, float discipline, baseline control, and what actually changed between updates.
What good looks like · Baselined programme with clean logic, disciplined float, a live change log between every reporting period, and forensic-grade traceability of every date movement.
02. Cost Control & EVM
×1.00Do you actually run earned value, or is cost reporting a monthly spreadsheet exercise that trails reality by weeks?
What good looks like · Live CPI/SPI per WBS element, integrated cost-schedule dataset, forecast that leadership trusts, and reporting effort measured in hours, not days.
03. Commercial & Change Control
×1.15How fast and how well you price, agree and link change to programme impact — the single biggest source of commercial risk on infrastructure and building projects.
What good looks like · Change priced and agreed within the contract's window, register fully live, every change linked to a programme fragment showing time impact.
04. Risk & Early Warning
×1.00Whether risk is a live operational discipline with quantitative teeth — or a spreadsheet the QSRA team refreshes twice a year.
What good looks like · Register refreshed continuously, QSRA / QCRA run at least quarterly, leading indicators visible on the exec dashboard, and instability in the programme flagged before it hits critical path.
05. Data Integration & Single Source of Truth
×1.15How fragmented your controls stack is, how much time you spend reconciling instead of intervening, and whether leadership actually trusts the numbers.
What good looks like · P6 / MSP, cost system and contract data (CEMAR-style) reconciled continuously into a single view — controls team spends its time interpreting, not stitching spreadsheets together.
06. Leadership Reporting & Decision Velocity
×1.00How fast leadership gets useful answers, and whether the reporting cycle actually improves decisions or just documents them after the fact.
What good looks like · Board-ready answers within the hour, insight-led narrative not status theatre, and a reporting rhythm that feeds intervention rather than paperwork.
Reference frameworks
Question wording and mature-state benchmarks draw on NEC4 guidance, AACE International recommended practices (notably 29R-03 and 52R-06), ISO 21500 terminology, and DCMA 14-point schedule assessment principles. JCT, FIDIC, IChemE and other suites are handled via contract-specific helper text on the Commercial & Change Control domain, so the benchmark reflects the mechanism the user actually operates under.
What the index does not do
It does not replace an on-site controls audit or a forensic dispute review. It is a self-assessment calibrated to expose the gaps that most consistently drive delivery risk and commercial exposure across UK infrastructure and building contractors. Treat it as a director-level thinking tool, not a certification.
