DCAA Compliance, DCAA Review, and DCAA Audit
Oversight is the purview of the federal agency with the most risk. For example, for for-profit companies, this is the agency with the largest dollar amount of negotiated contracts, including options. Often, other agencies engage the Defense Contract Audit Agency (DCAA) and the Defense Contract Management Agency (DCMA) to perform such oversight for them. The Department of Defense maintains a large staff dedicated specifically to DCAA Reviews and DCAA Audits. Because DCAA performs the most rigorous and largest portion of GovCon audits, this article focuses on DCAA Compliance. A goal of strict DCAA Compliance, no significant findings in any DCAA Review, and no questioned or unsupported costs in a DCAA Audit will prepare the company for oversight by any other federal government agency.
Companies with oversight from the federal government are typically subject to six different kinds of reviews. Each review verifies that one major business system or contractor-wide process complies with regulations and award documents.
- Accounting System (not the compliance of the general ledger software, per se, but the compliance of company policies, procedures, supporting documentation and implemented – observable – processes)
- Estimating System (cost proposal “build” process)
- Material Management and Accounting (planning, controlling, and accounting for the acquisition, use, issuing, and disposition of material)
An audit covers any of many verifications. As examples, focus might target one type of supporting documentation (e.g., timecards including “floor checks”), a post-award review (or a defective pricing negotiation).
- Not the Estimating System, but Price Proposals and Forward Pricing Rate Proposals
- Cost-reimbursable and Other Flexibly-priced Contracts (especially billings)
- Incurred Cost (ICE Model)
DCAA Compliance commonly refers to an absence of findings in an evaluative report from a federal government agency. Such a report analyzes policies, procedures, plus supporting documentation and observations. These are contrasted with regulations and contractual terms and conditions (including public laws). A lack of discrepancies equates to DCAA Compliance. The specific topics evaluated are the DCAA Review of business systems plus (not limited to) the DCAA Audit subjects shown above.
Proposals and contractual awards from the federal government require certification of compliance. Signing a proposal or contract forms legally binding agreement that the company is in compliance. The burden of proof is on the contractor.