Tuesday, October 23, 2012

Understanding Agencies Roles in Purchasing System Reviews

FAR Part 44 lays out the purpose for evaluating contractor purchasing systems. The objective of a contractor purchasing system review (CPSR) is to evaluate the efficiency and effectiveness with which the contractor spends Government funds and complies with Government policy when subcontracting. The review provides the administrative contracting officer (ACO ) a basis for granting, withholding, or withdrawing approval of the contractor's purchasing system.

The administrative contracting officer (typically Defense Contract Management Agency or DCMA) has primary responsibility for reviewing contractor purchasing systems. DCMA has a CPSR review team that specializes in performing these contractor purchasing system audits. DCAA (Defense Contract Audit Agency) plays a subordinate (and often unwelcome) role in the review. DCAA's audit objective is the adequacy of the internal controls over the system and the contractor's monitoring of compliance with its controls.

The DCMA CPSR normally covers many DCAA concerns regarding internal control objectives, but not always all of them. Therefore before commencing any audit of a contractor's purchasing system, the auditor is required to coordinate with the contracting officer. There should be mutual agreement in the planning stage on what additional audit steps will be necessary to address any DCAA concerns.

Where DCMA has planned a CPSR, but he scheduled CPSR does not coincide with DCAA's cycle for evaluating purchasing system internal controls, DCAA will, to the extent possible, adjust its schedule to perform the internal control evaluation as part of a joint DCMA/DCAA CPSR. If a CPSR has not recently been performed and if there is no CPSR scheduled within the normal DCAA cycle for accounting and management system audits but the Agency believes a purchasing system internal control audit is required based on risk, the DCAA auditor is to discuss those concerns with the cognizant ACO. Where the ACO agrees with those concerns, the auditor should perform a purchasing system internal control audit (not a CPSR). The key here is the term "based on risk". The auditor must have some basis for believing an immediate audit is critical for protecting the Government's interests.

Where agreement is not reached with the ACO, and the Agency believes that the Government is at risk, these concerns should be elevated to the regional office prior to any audit effort. It seems unlikely to us that this would ever occur.

If the auditor initiates a purchasing system audit without DCMA, you need to inquire as to why and request to know the risk factors they considered in scheduling the audit.

No comments:

Post a Comment