Views do not reflect those of the US Government or the Defense Contract Management Agency GPA Role in Contractor Self-Assessment and DCMA Southern California’s PMSA Strategies (for Southern CA, Contractors) Len Salazar DCMA

2 Simple Agenda Background Government perspective Building a CSA program (Len’s Advice) Q&A (This is the target) PMSA Strategies

Basic Assumptions You have: o awareness of basic and intermediate contract property concepts  Definitions, title provisions, liability, contract types, clauses, process management, basic statistics, etc… o an understanding of the role of a property management system o established procedures detailing how specific property control activities will be performed o management support to establish, continue, or modify a current internal audit process Within this discussion o Use what you find applicable to your specific situation 3

The FAR “The Contractor shall establish and maintain procedures necessary to assess its property management system effectiveness, and shall perform periodic internal reviews and audits. Significant findings and/or results of such reviews and audits pertaining to Government property shall be made available to the Property Administrator.” o CSA is a contractual requirement o No specific process guide is provided 4

DCMA DCMA SOP: “FAR (f)(3) requires contractors to perform self assessments to evaluate their property management system effectiveness. The clause requires the contractor to disclose significant findings to the Property Administrator (PA). If the self assessment provides a confidence level of the effective management and/or control of Government property comparable to that afforded by a property management system analysis performed in accordance with DCMA requirements, the PA should integrate the contractor’s self-assessment results within the overall audit.” o Role of the GPA is to assess the CSA process o In order for DCMA PAs to use the results of CSA, a condition exists…If o The if statement has caused much gnashing of teeth… 5

Building a CSA program (Len’s working level advice; does not replace contractual obligations) 6

Conceptual CSA Each contractor has the contractual flexibility to establish a CSA program consistent with their corporate environment A decision needs to be made: o Do you want DCMA to leverage the results of your CSA evaluation? Leverage o Incorporating the CSA evaluation in full or part into the DCMA property control system evaluation. o Len’s add-on…resulting in a reduction of Government oversight. 7

Types of CSA Programs Second decision: What type of CSA program Formal Procedures o Follows Government established processes and procedures  DCMA PMSA model, DAU model  Former CSO model (modified), ISO Standards (modified) o Commonality  Based on specific agreed to procedures guiding each step of the process using statistical based evaluation methodologies Informal Procedures o Observations o Walk-throughs and interviews o Questionnaires 8

Clues to type of CSA Formal o Currently have an internal audit organization or staff o Have a predominance of Government contracts vice commercial o Large investment in Government property (dollars and lines) o Management support o Types of contracts that require oversight  R&D, Production, etc… Informal o Mad hatter o Limited government contracts o Low investment of Government property (dollars and lines) o Low value overhaul, repair, modification contracts 9

Example discussion of type Large business (Formal CSA) o 1 mil lines of GP (mixed) valued at $1 bil o 100’s of contracts o Both a major prime contractor to the Government and subcontractor to other major prime contractors o Multi-national presence o Large independent internal audit organization Medium business (Formal or Informal CSA) o 19k lines of mixed GP valued at $56 mil o Subcontractor to large businesses o Mixed prime contracts with multiple Government agencies o One full time auditor; not independent Small business (Informal CSA) o 5 lines of GFP (machinery) valued at $465k o 3 active contracts; making piece parts o All-in-one facility 10

First step of a working level CSA CSA procedure that details the: who, what, when, where, and how. Considerations: 1.Specific property management and control system 2.Contract types, kinds, and special provisions 3.Types and amount of GP 4.Customers (Government & Prime) 5.Evaluation techniques and methodologies 6.Frequency 7.Reporting to the customer/Government 8.Corrective action process 9.Risk assessments 10.Government and Contractor owned property 11

Informal CSA Process Suggestions Understand your contract requirements in terms of controlling the property in your possession o Tip: read the specific property related clauses Ensure your control procedures address, in proper detail, these requirements Establish a series of audit objectives for each control process: o e.g. Ensure physical inventories are completed Establish a series of audit questions based on the audit objectives o e.g. Were items of GP inventoried within a 1 year period 12

Informal CSA Process Suggestions Develop an cyclical schedule to walk the floor to: o Interview employees to determine if they are following established procedures o Observe how employees handle GP o Provide questionnaires to determine knowledge of control processes Collect sample documentation Determination of compliance Issue corrective action memorandum Validate corrective actions Report findings and document closure of CSA 13

Formal CSA Process Suggestions Suggestions for an audit based CSA program Understand your contract requirements in terms of controlling the property in your possession o Tip: read the specific property related clauses Ensure your control procedures address, in proper, detail these requirements Establish a series of audit objectives for each control process: o e.g. Ensure physical inventories are completed Establish a series of audit questions based on the audit objectives o e.g. Were items of GP inventoried within a 1 year period 14

Formal CSA Process Suggestions Pre-identify what confidence levels and sampling plan will be used: e.g. DoD Double Sampling Plan, AQL 6.x Identify within a specific process the point of evaluation o e.g. processing form AB1: Receiving Discrepancy Population pull o All AB1 forms processed within x time period Sample pull o Randomly select a representation of the AB1 forms Document results of your evaluation Determine if the samples pulled meet the requirements of the applicable control procedure 15

Formal CSA Process Suggestions Determine acceptability of the assessment o In compliance with control procedures o Not in compliance with control procedures Issue a request to correct identified concerns o Recommend a root cause analysis be performed in additional to correcting noted issues At the proper time, verify that corrections have been made Finalize assessment and report to Government/customer 16

Implementation Suggestion Plan for a three year phase-in period if starting from scratch o Year 1: Develop the CSA process in coordination with your assigned DCMA PA.  Use new process to assess low risk processes  Provide results to DCMA o Year 2: Update CSA process based on lessons learned in year 1.  Use to assess moderate risk processes  Provide results to DCMA o Year 3: Update CSA process based on lessons learned in year 2.  Use to assess high risk processes  Provide results to DCMA 17

Suggested Goal Once you have demonstrate a competent CSA program, your goal should be to reduce Government oversight by sharing in the audit process o CSA only audits with DCMA sampling documentation o Joint Audits; sharing the audit responsibilities with DCMA Create an environment where DCMA-only audits are kept to a minimum 18

DCMA Southern California DCMA Southern California is responsible to provide oversight of contractor’s property control systems within our area of responsibility. Area of responsibility; greater areas of: o Los Angeles o Parts of Ventura o San Bernardino o Riverside o Orange o San Diego and all of Hawaii o Imperial If you are not within this AOR…… 19

DCMA Southern California Approximately 200 contractors $16 Billion of contract Government property Mixed: manufacturing, research/development, sustainment contracts Aircraft (manned and unmanned), missiles, satellites, communications, software, components, piece parts… Large, medium, small business; FFRDC’s 20

Before, During, & After a PMSA On-going risk assessments o Formal and informal (situational) Identify CAGEs requiring oversight o Annual, biennial, triennial Creating an audit schedule Contract analysis Planning the audit Communication and notifications 21

Before, During, & After a PMSA Collecting data and information Procedure reviews Population pulls Sample pulls Categorizing data points for analysis Analyzing data Identifying non-compliances to procedures and contracts Communicating with assigned C.O. Requesting & evaluating corrective action plans 22

Before, During, & After a PMSA Monitoring & validating corrections Revised Risk determinations Closure of the PMSA 23

D CMA Southern California Strategies DCMA Southern California conducts two basic types of PMSAs; adjusting techniques basic on specific contractor conditions o Standard approach (on-site)  Moderate and High risk systems o Limited approach (distance or on-site)  Moderate and Low risk systems Considerations o Facility and property outcome risks (2) o Past performance (audit results) o Contract base o CSA maturity 24

Q & A Goal of a CSA program Decisions to leverage CSA Informal vice Formal CSA CSA Procedure Evaluation techniques and methodologies Root Cause Analysis Phase in period Joint audits General Q&A (CSA or anything else) 25