IG: Infighting hampers oversight of Defense contractors

The lack of cooperation between two key Defense Department oversight agencies might be allowing contractor performance problems to slip through the cracks, according to new findings by a department watchdog.

In a report released on Wednesday, the Defense Department inspector general sustained allegations that on two occasions in 2008, the Defense Contract Management Agency failed to provide its audit counterpart with sufficient time to review an unnamed contractor's compliance with Earned Value Management guidelines. Earned Value Management is a tool Defense and industry use to provide early warnings of potential contract cost overruns and schedule performance problems.

The report said DCMA's Earned Value Management Center in Tucson, Ariz., provided the Defense Contract Audit Agency with an "unreasonably short time frame" to meaningfully participate in the 2008 reviews.

"Consequently, the center issued its conclusions on the acceptability of the contractor's Earned Value Management System without adequately resolving DCAA-reported noncompliances or obtaining any DCAA expert audit advice," the IG said.

Problems between DCAA and DCMA are not new. Former Rep. Christopher Shays, now a co-chairman of the Commission on Wartime Contracting, referred to the agencies' relationship as "dysfunctional" during an August 2009 hearing.

DCAA is responsible for auditing contractors' purchasing, cost estimation and other business systems. But the agency only has the authority to make recommendations for improvements based on its audits. DCMA ultimately decides whether shortcomings in a contractor's systems warrant withholding payments or disqualifying the company from contract awards.

The most recent problems began in April 2008 when the center and DCAA conducted a joint review of the contractor's Earned Value Management System. Within six weeks, DCAA issued an audit finding noncompliance with two guidelines. But, the results were too late. Two weeks after the review began, DCMA held an exit conference with the contractor to advise it of the results and provide a list of deficiencies.

The two-week time frame was standard operating procedure for performing compliance reviews at major Defense contractor facilities, the center's director told the IG.

In response to the report, DCMA Director Charlie E. Williams Jr. said the review would have been compromised by waiting for DCAA.

"EVMS reviews lose their effectiveness and impact if our results are presented to the contractor long after the review has been completed," Williams wrote. The director disagreed with many of the report's conclusions, although he generally accepted the IG's reform recommendations.

DCAA's director at the time, April Stephenson, expressed concern that the two-week time frame was insufficient to perform an adequate review and detail final conclusions. The two agencies still have not developed a process for future compliance reviews, the IG found.

"The center should not have established an arbitrary and inflexible time frame to conduct reviews at all major DoD contractors," the report stated. "The established time frame should be based on a careful consideration of the risks and circumstances at each contractor location."

DCAA also did not participate in a follow-up review of the contractor in August 2008 because the DCMA center set a four-day deadline to perform the analysis and report on the results. In addition, the audit agency was not pleased DCMA told the contractor ahead of time that the agencies were evaluating programs and cost reports. The IG said the disclosures gave the "appearance that DCMA was not sufficiently independent or objective."

Rather than acquiesce to the concerns, the center used an ex-DCAA auditor on its staff to follow up on the audit agency's concerns. Ultimately, the center failed to resolve DCAA's reported findings prior to making a final determination that the contractor was in compliance with all 32 Earned Value Management guidelines, the report said.

Investigators found other questionable activities between the DCMA center and its contractors. For example, on two occasions, representatives in the Tucson office held joint activities with the contractor to identify causes of various deficiencies and to develop a corrective action plan.

"DCMA officials charged with determining system compliance should not participate with the contractor in developing corrective action plans or performing internal audits," the report said. "Participation in such activities may compromise the ability of DCMA to independently determine system compliance and continued acceptability of the Earned Value Management System."

Williams argued, however, that it is not useful to isolate the contractor from the review process. "We believe establishing and maintaining a cooperative government-contractor relationship is an efficient and effective way of reaching the government's EVMS goals," he said.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from GovExec.com.
We think these reports might interest you:

  • Sponsored by G Suite

    Cross-Agency Teamwork, Anytime and Anywhere

    Dan McCrae, director of IT service delivery division, National Oceanic and Atmospheric Administration (NOAA)

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Federal IT Applications: Assessing Government's Core Drivers

    In order to better understand the current state of external and internal-facing agency workplace applications, Government Business Council (GBC) and Riverbed undertook an in-depth research study of federal employees. Overall, survey findings indicate that federal IT applications still face a gamut of challenges with regard to quality, reliability, and performance management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.