RGCI---Cost-Accounting-for-The-Federal-Risk-and-Authorization-Management-Program-(FedRAMP)

If you want to provide cloud-based services to Federal Agencies, you will need to get your service approved through the Federal Risk and Authorization Management Program (FedRAMP) managed by the FedRAMP Program Management Office.

How Does the Government Pay Me to Get Approved?

Simply put – the Government does not pay you to get approved. The process of getting an Authority to Operate (ATO) is a complex technical undertaking that will be financed on the backs of your current contracts for the most part.

How Does That Work?

Redstone GCI has written a whitepaper that works through the Federal Acquisition Regulation (FAR), Cost Accounting Standards (CAS), and Generally Accepted Accounting Principles (GAAP) requirements and expectations as to how the cost of acquiring and maintaining your FedRAMP approval should be accounted for. The process and accounting break down into the following basic requirements:

Stage of the Approval Process

Accounting

Preparation – Ensuring the contractor and product/application is ready to undergo the authorization process.

Expense in the period incurred – Most likely in the same manner as Independent Research and Development (IR & D).

Authorization – Completing the detailed review process to obtain the Authority to Operate.

Capitalized and expensed over the future periods during which sales of the FedRAMP service will be recorded.

Continuous Monitoring – The on-going activities necessary to maintain a security authorization.

Expense in the period incurred – Most likely as an indirect overhead expense.

I do suggest that your planned accounting be discussed with your Administrative Contracting Office (ACO) and, if possible, enter into an advance agreement. This will hopefully reduce the chances that a friendly member of an audit organization will question the timing of the expense accounting after the fact.

It’s Just That Simple?

Not a chance. You need to have a plan for the technical hurdles as well as a plan for when you will be moving from one stage to the next. The Redstone whitepaper suggests when we believe the transition between stages occurs, however it comes down to the process you will be undertaking and your position on the stages. Develop a plan that both your accounting and technical personnel can commit to and stand by. Then socialize the plan with the Government and your financial auditors.

How Can Redstone Government Consulting Help?

Redstone provides a range of services to assist Government contractors with FedRAMP compliance. Our team can draft accounting plans tailored to your FedRAMP approval process and create accompanying policies and procedures to support your objectives. Our expertise extends to developing or reviewing annual cost calculations with precision. Additionally, we offer training sessions focused on software and FedRAMP accounting requirements, ensuring your team is well-equipped to navigate these complexities effectively.

Redstone GCI assists contractors throughout the U.S. and internationally with understanding the Government’s requirements and implementing the necessary policies and procedures as well as training to support compliance with government cost accounting. We would be happy to be part of your team.

Learn More About Our DCAA Approved Accounting System Compliance Services

Written by John C. Shire, CPA

John C. Shire, CPA John is a Director with Redstone Government Consulting, Inc. providing government contract consulting services to our clients primarily related to the DFARS business systems, CAS Disclosure Statements, and DCAA/DCMA compliance preparation, advisory, and defense. Prior to joining Redstone Government Consulting, John served in a number of capacities with DCAA/DCMA for more than 30 years. Upon his retirement, he was based in Texas as an SES-level Corporate Audit Director for DCAA, managing a staff of 300 auditors at one of the largest DOD programs. Professional Experience John began his career in the late 80s working in the Clearwater, FL audit office and over the next three decades he progressed through a number of positions within both DCAA and DCMA with career highlights as DCAA Program Manager at Ft. Belvoir, Chief of Technical Programs Division, Deputy Assistant Director-Policy, Director of the DCMA Cost and Pricing Center, the SES-level Lockheed Martin Corporate Audit Director, and Director of Integrity and Quality Assurance. John’s three decades of experience in performing and leading DCAA auditors and DCMA reviewers provides a wealth of expertise to our clients. John’s role, not only in the performance of audits, but also in the development of audit policy affords him unique insights into the defense of audit findings and the linkage of audit program steps to the underlying regulatory framework. He is an expert in FAR, DFARS, and other agency acquisition regulation, as well as a subject matter expert in the Cost Accounting Standards having reviewed and provided audit feedback on many of the largest and most complex cost accounting practices during his tenure with the DCAA. John’s tenure with DCAA and DCMA came at a critical time during each agency’s history where a number of changes were occurring such as the response to the ICS backlog, development of audit approaches to the DFARS Business Systems and implementation of new audit initiatives as a result of Congressional oversight through the NDAA process. John’s leadership at the DCMA Cost & Pricing center saw oversight of all major DOD pricing actions, leadership of should cost review teams, the Commercial Pricing group and many other areas of strategic value to our clients. His involvement in these and other Agency initiatives is of great value to our clients due to his in depth understanding of DCAA and DCMA’s internal policy directives. Education John holds a Master of Business Administration and a B.A. in Accounting from the University of South Florida. Certifications Certified Information Systems Auditor State of Alabama Certified Public Accountant

About Redstone GCI

Redstone GCI is a consulting firm focused on fulfilling the needs of government contractors in all areas of compliance. With a singular mission to help contractors through the multiple layers of “red tape,” we allow contractors to focus on what they do best – support their mission with the U.S. Government. We are home to a group of consultants made up of GovCon industry professionals, CPAs, attorneys, and retired government audit and acquisition professionals.

Our focus and knowledge of audit and compliance functions administered by DCAA and DCMA will always be at the heart of what we do. However, for the past decade, we’ve strategically grown to support other areas of the government contractor back-office with that same level of focus and expertise. We’ve added expertise in contracts management, subcontract administration, proposal pricing, various software systems, HR and employment law, property administration, manufacturing, data analytics/reporting, Grant specialists, M&A, and many other areas. When we see a trend in the needs of contractors, we act to ensure we can provide the best expertise in the market to fulfill those needs.

One thing our clients can be certain of is that with the Redstone GCI Team in your corner, there is no problem too big and no issue too technical for our team to tackle.

Topics: Compliant Accounting Infrastructure, DCAA Audit Support, Government Regulations, Cost Accounting Standards (CAS), Federal Acquisition Regulation (FAR)