Wayne Murdock

Recent Posts

Are Work Authorizations Required by DCAA for an Adequate Accounting System?

As incurred cost audits are becoming more prevalent and voucher audits are taking off like wildfire, there is emphasis placed on the use of work authorizations by government contractors.  There is no specific regulatory authority that can be cited which requires work authorizations as a part of a contractor’s Labor/Timekeeping System.  This argument, although accurate, is not the rationale which will be used by a DCAA auditor when “disclosing” deficiencies in a contractor’s labor system and ultimately rendering an inadequate opinion with respect to the accounting system, when the work authorization process is absent. 

Read More

Topics: DCAA Audit Support

Government Contract Audits Without DCAA

The question of when and how DCAA will again perform audits for non-DoD agencies remains open, irrespective of that agency’s proposed reauthorization by the FY 2017 National Defense Authorization Act (NDAA). When, because among other things we have not yet seen final passage of the FY 2017 NDAA. And how, because we wonder if non-DoD agencies will allow DCAA to follow their own internal guidance for selection of annual incurred cost submissions for audit (or more controversial, those deemed low-risk and not audited). Of course, selection of submissions to be audited is not entirely at DCAA’s discretion since non-DoD audits are requested and funded by the non-DOD agency. However, once requested, DCAA may or may not reject requests based upon factors to include risk and dollar thresholds. From a budgetary and funding standpoint, since all non-DoD audits are subject to reimbursable funding to DCAA, it doesn’t make sense to reject any non-DOD requests for audit(s). But, for discussion purposes, let’s assume DCAA honors all requests without any limitations.

Read More

Topics: DCAA Audit Support

Be Aggressive with Your MMAS Compliance - DCAA Will

MMAS (Material Management and Accounting System reviews are a very complex undertaking for both the company involved and auditors assigned.  MMAS encompasses several areas, which by themselves can be difficult to grasp, but when combined into one overarching system can present issues often not encountered in other business system audits. DCAA auditors themselves usually do not have day-to-day exposure to most of the automated aspects of an MMAS such as with ERP systems, MRP, or grouping pegging and distribution. Through no fault of their own, the vast majority of auditors do not use or even understand the inner workings of these systems, do not use them in their review duties, and are not trained to properly address the various aspects of them. Sure, they may become exposed to them via the reviews of certain reports generated by ERP type systems, but in almost all cases, they do not understand the underlying computerized aspects of them. Most contractor personnel will have a more extensive knowledge of the various systems, but in actuality, most are only vaguely familiar with most areas other than the functional discipline they are assigned to.

Read More

Topics: DFARS Business Systems, DCAA Audit Support

DCAA Should Resume Its Full Mission

Practically speaking, DCAA’s performance/productivity has been abysmal for several years. Irrespective of what DCAA’s Management reports on the state of its operations, it cannot justify an average of one audit report issued per auditor per year, or approximately 4,000 total audit reports. Compare those statistics to a time in the not-too-distant past, when the Agency as a whole annually issued over 44,000 audit reports with slightly fewer auditors. There are many reasons for this reduction, not the least of which is DCAA’s own overreaction to GAO reports issued in 2008 and 2009, as well as recommendations around the same time frame by the Wartime Commission.

Read More

Topics: DCAA Audit Support

Work Authorizations Missing During Labor Floor Checks?

DCAA’s Inevitable Link with an Inadequate Accounting System

There is no specific regulatory authority that can be cited which requires work authorizations as a part of a contractor’s Labor/Timekeeping System. This argument, although accurate, is not the rationale which will be used by a DCAA auditor when “disclosing” deficiencies in a contractor’s labor system during a routine labor floor check. The auditor will ultimately render an opinion of inadequacy with respect to the accounting system citing DFARS 252.242-7006(c)(1), which states “The contractor’s system will provide for a sound internal control environment, accounting framework, and organizational structure”. You may and, probably will, ask where is there a mention of work authorizations anywhere in DFARS 252.242-7006 Accounting System Administration? The short answer; there isn’t. The DCAA answer, and the only one it thinks matters, is that the regulation it cites does not have to specifically address work authorizations but a link can be inferred within the highly general requirement for a “sound internal control environment”.

Read More

Topics: DCAA Audit Support

Hacking Is Not the Only Concern for a Contractor’s Computer Systems

“A sound internal control environment, accounting framework, and organizational structure” is criteria number one in DFARS 252.242-7006 Accounting Systems. In fact, all six of the business systems identified in DFARS 252.242-7005 Contractor Business Systems, or commonly known as the “DFARS Business Systems Rule”, references adequate internal controls and the reliability of data. Even more far-reaching than DFARS is that FAR, adhered to by most, if not all US Federal Government agencies, requires adequate contractor internal controls over financial data relied upon for acquisitions. For the purposes of this blog, we shall focus primarily on the DFARS Business Systems Rule as it applies to defense contractors because of the activities of DCAA.

Read More

Topics: Small Business Compliance, DFARS Business Systems, DCAA Audit Support

DCMA and the Upcoming “Business Systems Tsunami”

The simple English Wikipedia encyclopedia defines a Tsunami as “a series of fast moving waves in the ocean caused by powerful earthquakes or volcanic eruptions”. Arguably one can equate negative DOD Inspector General Reports to powerful earthquakes or volcanic eruptions at least to those organizations in the path of these Government oversight tidal waves. What tidal waves you may ask? Well, let’s look at two recent reports from the DOD IG very critical of DCMA; Report No. DODIG-2015-139 and Report No. DODIG-2016-001.  

Read More

Topics: DFARS Business Systems, Government Regulations

Is DCAA’s Changed MMAS Audit Approach Value Added?

DCAA has had MMAS (Material Management and Accounting System) audit cognizance or review responsibility for DOD contractors since the advent of the DFARS Business Systems Rule in 2012. DCAA’s scope of audit is to determine if a contractor’s MMAS complies with the ten criteria or standards set forth in DFARS 252.242.7004.

Read More

Topics: DFARS Business Systems, DCAA Audit Support, Material Management and Accounting System (MMAS)

Update: The New Contractor Purchasing System Reviews (CPSR)

In March 2013, we blogged about “a new Sheriff in town”. That blog commented on DFARS 252.244-7001 Contractor Purchasing System Administration which sets forth 24 criteria to be used in the determination of an adequate contractor purchasing system. It also reflected on DCMA-INST 109 Contractor Purchasing System Reviews issued November 2012 which has since been revised in January 2014. At the time it was unclear as to just what DCMA would be including in its reviews.  Specifically what criteria would it use when evaluating a contractor’s purchasing system. Late last year we began seeing a bad trend from DCMA reviewers. 

Read More

Topics: Contracts & Subcontracts Administration, DFARS Business Systems, DCAA Audit Support, Contractor Purchasing System Review (CPSR)

DoD Contractors’ Purchasing Systems and Counterfeit Parts

As published in the Federal Register on May 6, 2014 the Department of Defense has issued a final rule amending the DFARS to require certain qualifying contractors to adequately address the detection and avoidance of counterfeit electronic parts.  This was done to implement those sections of the NDAA for fiscal years 2012 and 2013 respectively dealing with the same subject and is effective May 6, 2014.

Read More

Topics: Contracts & Subcontracts Administration, Government Compliance Training, DFARS Business Systems, DCAA Audit Support, Contractor Purchasing System Review (CPSR)