September 15, 2017
Government auditors evaluate the adequacy of a contractor’s internal controls to provide a basis for establishing the scope of subsequent audits of cost representations. The internal controls are those attributes that, through the normal course of day-to-day business, result in either the prevention or timely detection of any errors or irregularities.
Contractor cost representations include such submittals as forward pricing proposals, invoices and incurred cost proposal submissions. Auditors will comment or opine on the adequacy of a business system’s internal controls whenever they issue an audit report involving a company’s cost representations, regardless of any specific contractual requirements.
However, there are several contract clauses included in the Federal Acquisition Regulation that require the implementation and maintenance of such systems, with explicit administrative remedies for noncompliance. The U.S. Department of Defense Federal Acquisition Regulation Supplement (DFARS) specifies six specific clauses requiring system implementation and maintenance, and delineating specific attributes for these systems that could be included in your contract:
- DFARS 252-215.7002, Cost Estimating System Requirements;
- DFARS 252.234-7002, Earned Value Management System;
- DFARS 252.242-7004, Material Management and Accounting System (MMAS);
- DFARS 252.242-7006, Accounting System Administration;
- DFARS 252.242-7001, Contractor Purchasing System Administration; and
- DFARS 252.245-7003, Contractor Property Management System Administration.
The Defense Department also has promulgated DFARS 252.242-7005, Contractor Business Systems, which is included in your contract if one or more of the clauses listed above apply, and the contract also is covered by full or modified coverage under the Cost Accounting Standards. The presence of a business system clause does not necessarily mean that an audit of that specific system will be performed. Nevertheless, if a clause is in your contract, then you have agreed to comply with its requirements.
The end result of inadequate findings is, at best, increased audit scrutiny of your cost representations and difficulty in negotiation, administration and settlement of your contracts. Potential consequences could also include increased costs to support additional U.S. government audit and administrative oversight, interim payment or financing reductions and non-award of contracts. As such, you should consider taking a proactive posture towards business system compliance.
Announcements of impending audits or other oversight are almost always accompanied by requests for existing documentation and data to be provided within a short period of time. Without advance preparation, such announcements will result in a chaotic scramble to identify and collect the artifacts necessary to satisfy the requests. Consequently, it is best to gather and maintain the necessary information in the normal course of business.
U.S. government oversight officials provide a plethora of oversight guidance to their auditors and technical specialists. Most of this guidance can readily be found on the internet at U.S. government websites. Hard copies may also be available via the Government Printing Office, commercial publishing companies or through use of requests under the Freedom of Information Act (FOIA). This guidance is easily adaptable for use by contractors in self-assessing their degree of compliance.
The results of the self-assessments can be used as the basis for implementing appropriate internal controls to meet U.S. government contractual requirements and oversight officials’ related expectations as well as to organize the information and data that will be necessary to satisfy audit and oversight requirements.