• Increase font size
  • Default font size
  • Decrease font size
Home News Archive Perpetual Audit

Perpetual Audit

E-mail Print PDF

The Defense Contract Audit Agency performs a variety of audits, many of which the average contractor never experiences. For most contractors, their experience of DCAA is gained through an audit of a cost proposal submitted in the hope of winning a contract. The auditor shows up, looks at the proposed costs (both direct and indirect), looks at the support for the proposed costs, and then expresses an opinion on whether or not the proposed costs were adequately supported. Then the auditor departs and the next time the contractor hears about the audit is during negotiations.

Some contractors have their proposals audited well after contract award, in order to validate that the contractor complied with the requirements of what used to be called the Truth-in-Negotiations Act (TINA) but which is now called by some other name. Those audits used to be called “post-award audits” or sometimes “defective pricing audits”—but they are now called “Truth in Negotiation audits” because that’s what DCAA is calling them these days.

Contractors with cost-type (or perhaps T&M) contract types know that DCAA audits a different type of proposal: the annual proposal to establish final billing rates (commonly known as the “incurred cost proposal”). These contractors often submit provisional billing rate proposals to establish the indirect rates to the used for contract invoicing until final billing rates can be established. Still other contractors submit forward pricing rate proposals that are audited, negotiated, and (hopefully) become forward pricing rate agreements.

Thus, speaking in a very broad sense, the average DCAA auditor spends most of their time auditing some form of contractor proposal; and the average contractor’s experience of DCAA is having some form of proposal being audited. But that’s not all DCAA does.

DCAA reviews contractor business systems, of course. At least three of the six business systems formalized in the DFARS fall under DCAA’s cognizance. Contractors’ business systems were a big deal five or six years ago; but by now the ritual Kabuki Dance between auditor, contractor, and contracting officer is well known and it’s a rare event when a business system is failed. That’s not to say that pre-award accounting system reviews—which are performed by DCAA—are easy to pass; indeed, they are not easy to pass and too many new contractors fail their first (or second) pre-award reviews. But once that hurdle is passed the DFARS contractor business system oversight regime is pretty much a paper tiger at this point. It’s not even enforced at any but the largest of the defense contractors.

In addition to all the activity listed above, DCAA also performs what it terms “mandatory annual audit requirements” (MAARs). Each MAAR audit is to be performed each year. (Thus: “annual audit”.) For a long time, MAAR audits used to be performed on an individual basis, but that didn’t always work out. It became clear that DCAA was deferring the required MAAR audits—even though they were “mandatory”—because of “resource constraints”. That posed a problem because an audit performed in 2014 has little relevance to an audit of a contractor’s 2007 incurred costs; yet, that was how the audit agency was applying the findings. It was a problem because the MAAR testing results were supposed to give the auditors assurance that the systems that fed incurred costs (such as purchasing and labor accounting) were working adequately. Without that assurance, it was difficult to support a valid conclusion on the accuracy of a contractor’s claimed costs.

A couple of years ago somebody at Fort Belvoir figured out that there would be a higher probability of the MAARs being performed timely if they baked the requirements into the incurred cost audit program. So now the MAARs are linked to that audit. At about that same time, somebody else decided that “mandatory annual audits” were only mandatory, on an annual basis, at “major” contractors. MAAR audits would only be performed at non-major contractors once every 3 years. Those two decisions helped MAAR audits get back into sync with incurred cost audits.

There are eighteen individual MAAR audits, but often some are performed in the background (so to speak) and the contractor is barely aware of them. Other MAAR audits, on the other hand, require contractor participation and support.

The two most obvious “in your face” MAAR audits are MAAR 6 and MAAR 13. MAAR 6 is commonly known as a labor “floor check” audit and MAAR 13 is known as a “purchase existence and consumption” audit. (We should note that, technically, the MAAR 6 audit can be either a floor check (observation) or an employee interview. But everybody calls it a floor check even if it’s chock-full of employee interviews.) Both those two audits are labor intensive and can take significant contractor resources to support. And both those two audits can take a long time to perform.

In fact, we believe that those two MAAR audits are now at the point that they are never, ever, completed.

From the auditor’s perspective, of course the audits are completed; they have to be. If there are no findings the auditor prepares a Memorandum for the Record and that ends the annual exercise. But that’s not what a contractor experiences.

First, when the auditor prepares a Memorandum for the Record to document the work performed and lack of findings, there is no requirement for an exit conference. There is no formal feedback. From the contractor’s perspective, there is only silence. Is the audit over? The contractor may never know.

Second, in order to comply with DCAA’s interpretation of GAGAS (Generally Accepted Government Auditing Standards), auditors are directed to select their transaction samples from throughout the year. In earlier times, the MAAR random sample was selected at a single point, or perhaps the samples were selected from a quarter’s worth of transactions. No longer. Nowadays auditors are told to select their sample so that the entire year is covered. This means that the auditors are requesting multiple transaction universes as the year progresses, and making multiple sample selections for testing. Which means that the contractor has to support the audit throughout the entire fiscal year.

In other words, the audit never, ever, stops.

Each month, or each quarter, the auditor requests a transaction universe and makes a selection. The contractor provides the supporting documentation. Questions are asked and answered. Then the next month (or quarter) arrives and the cycle repeats. If all goes well, the auditor prepares a Memorandum for the Record at year-end.

And then the cycle starts again the next month, or quarter, for the next year’s MAAR coverage.

Remember, the contractor doesn’t see the Memorandum for the Record. From the contractor’s perspective there is an endless cycle of transaction universe requests and transaction samples to be supported. There may or may not be a new year’s entrance conference, but there is no other indication that there is a new audit. For the contractor, it must seem like a never-ending audit.

It must seem like a perpetual audit.



In March 2009, Nick Sanders’ article “Surviving Government Audits: Have the Rules of Engagement Changed?” was published in Government Contract Costs, Pricing & Accounting Reports (4 No. 2 GCCPAR P. 11). Apogee Consulting, Inc. is proud to announce that Mr. Sanders’ article was selected for reprint and publication in Thomson West’s The New Landscape of Government Contracting.  Mr. Sanders, Apogee Consulting’s Principal Consultant, joins such distinguished contributors as Professors Steven Schooner and Christopher Yukins, Luis Victorino and John Chierachella, Joseph West and Karen Manos, Joseph Barsalona and Philip Koos and Richard Meene, and several others.  The text covers a lot of ground, ranging from the American Recovery and Reinvestment Act (ARRA) to Business Ethics and Corporate Compliance, and includes several articles on the False Claim Act and the Foreign Corrupt Practices Act.  In addition, the text includes the full text of many statutory and regulatory matters affecting Government contract compliance.


The book may be found here.