Government contracts generally require stringent internal oversight measures to ensure that your business complies with contract terms and conditions — as well as the expectations of the government agency.
For example, contracts generally require close internal management and control of estimates, material management and accounting systems.
As well, government contract auditors evaluate other systems and process controls to gauge their adequacy and to establish the audit scope for forward pricing, billing and other cost representations.
Your organization’s internal monitoring efforts should ensure that employees follow the guidance provided to them and that the guidance is adequate to ensure compliance with contract requirements and expectations. As a government contractor, your business is expected to have formal procedures to evaluate compliance and report and resolve discrepancies. Many larger U.S. government contractors assign some or all contract and other regulatory oversight to their internal audit department.
The nature, scope and timing of internal supervision and control depends on your business environment. There are many contributing factors, but the primary ones are the terms and conditions of the government contract. Many clauses specify activities, events and error-prevention measures to be put into place. Others list the required characteristics of specific business control systems. On top of all this, the standard programs and guidance documents used by government auditors, analysts and other oversight officials specify the requirements and expectations for how your organization maintains compliance control.
Your business should use all these sources — particularly the audit guidance — to determine potential compliance risks and vulnerabilities. Then, find ways to mitigate those risks and to set a baseline for the depth and frequency of evaluations.
The highest degree of oversight comes from individuals who are competent in — and independent of — the process being reviewed. But other, internal elements are significant, including:
- Peer reviews;
- Management evaluations:
- Periodic metrics;
- Exception report analyses; and
- Routine surveillance.
Show government officials evidence of these oversight efforts to demonstrate that your organization is meeting its responsibilities.
Regardless of the methods used, the evaluation processes must include mechanisms for bringing noncompliance findings to the attention of company officials, as well as resolution of the problem issues.
Here Are Four Tips:
- Obtain the guidance used by oversight officials to identify their expectations — and the scope and frequency of internal procedure reviews.
- Review at least once a year the adequacy of the written policies and procedures that your organization uses to determine compliance with contract requirements and expectations.
- Develop metrics, identify exceptions reports and document any departmental or peer reviews that are routinely performed to verify compliance. Consider a complete evaluation of each business system by competent independent evaluators every three years.
- Develop and maintain procedures for reporting, resolving and following up on noncompliance findings.