Guide to Government Contracting Compliance
Compliance policies show a government contractor’s corporate commitment to following federal and state and local government rules. They demonstrate consistency in how a government business and its staff behave and can lower risk of exposure. Solid policies can reduce non-compliance in government procurement programs and define standards for timekeeping, travel, delegation of authority, accounting, estimating, billing and labor. They can even dictate how future policies can be drafted to address new mandates from the government.
Federal Acquisition Regulations and Cost Accounting Standards
Every government agency has a set of standards that informs their policies on compliance. A majority of contractors look specifically to two federal sets of government rules as the basis for their compliance: Federal Acquisition Regulation (FAR) and Cost Accounting Standards (CAS).
- Federal Acquisition Regulation defines government procurement, the primary set of rules agencies use when purchasing goods and services.
- Cost Accounting Standards was created to drive consistency within and between contractors’ cost accounting practices. These include measurement of cost, assignment of cost to the cost accounting period, and allocation of cost to the cost objective.
DFARS Compliance
The Defense Federal Acquisition Regulation Supplement (DFARS) is a supplement to the FAR and applies to the Defense Industrial Base (DIB). Government contractors working with the DoD supply chain must adhere to DFARS requirements which are in addition to FAR requirements. DFARS clause 252.242.7005 defines “acceptable contractor business systems” with six clauses, including the accounting system clause 252.242.7006 that government contractors must comply with if specified in the contract.
Federal Government Auditing Agencies
The Defense Contract Audit Agency (DCAA) is responsible for auditing Department of Defense (DoD) contracts, and other federal entities responsible for acquisition and contract administration . Audits assure the government that your organization is following the rules. The DCAA and other federal auditors use FAR and CAS standards as the basis to assure the government that a business is operating within approved parameters, specifically as they apply to finance and accounting systems. To that end, Deltek has purpose-built ERP software for government contractors to address these standards within its functionality and capabilities to keep government contractors in compliance.
The DCAA is not the only entity responsible for auditing Department of Defense (DoD) contracts, however. The Defense Contract Management Agency (DCMA) also defines and monitors the practices of government contractors. They ensure businesses are complying with all contract terms from award to contract closeout.
Other Forms of Government Contracting Compliance
Beyond the DoD, contractors may encounter a review from the Inspector general (IG), who examines the actions of a government agency as a general auditor to ensure compliance with generally established government policies, security policies and misconduct rules. Audit agencies also exist within the U.S. Department of Housing and Urban Development (HUD), the U.S. Environmental Protection Agency (EPA), the U.S. Department of Labor, and the National Aeronautics and Space Administration (NASA).
Common Types of Government Audits
- Incurred Cost: Review of the accounting practices and systems, ensuring that costs charged are allowable, allocable and reasonable
- Pre-Award Survey: Standard Form 1408 - A look at the contractor’s accounting system and procedures, cost management, timekeeping, labor and billing
- Defective Pricing: Ensures that cost and pricing data are current, accurate and complete
- Forward Pricing: A check of contract pricing rates to determine a fair and reasonable basis for negotiating a cost proposal
- Compensation and Benefits: Review of a contractor’s compensation system and related internal controls
- Contractor Purchasing System Review (CPSR): To gain an understanding the contractor’s purchasing system and related internal controls
- Timekeeping and Labor: Time must be charged by day and by project and/or indirect accounts. Employees must record all time worked on projects to the proper job numbers and codes
Defending Sensitive Data Across The Federal Government Supply Chain
The Department of Defense is currently in the process of defining and assessing the strength of government contractors’ cybersecurity with the introduction of the Cybersecurity Maturity Model Certification (CMMC) and the statutes involved with International Traffic in Arms Regulations (ITAR). Each has specific compliance standards that are currently being implemented within the industry.
- CMMC: Compliance with CMMC involves a combination of various cybersecurity standards and best practices. The model’s creation was supported by the Department of Defense (DoD). Learn more about CMMC Compliance »
- NIST SP 800-171: Government Contractors storing non-classified sensitive data should meet a baseline security requirements to support FAR clause 52.204-21. Learn more here »
- FedRAMP Moderate Baseline: DFARS 252.204-7012 requires firms storing covered defense information (CDI) in a cloud service provider (CSP) that meets FedRAMP Moderate Baseline or equivalent controls. Learn more about cybersecurity compliance »
- ITAR: This regulation restricts and control the export of defense and space-related articles, technologies and services to safeguard U.S. national security and foreign policy objectives. Learn more about ITAR Compliance »
How Deltek Helps Government Contractors to Stay Compliant
Centralizing the management of projects, people and finances improves operational efficiency and provides real-time insights to support compliance and security needs. Deltek understands what oversight agencies like the DCAA are seeking with an audit and has an easily accessible repository of resources to address each audit need. Support for FAR, CAS, and DCMA compliance requirements is woven into the fabric of Deltek government contracting solutions, and our integrated cloud offering enables the secure storage of your data through the implementation of NIST and ITAR controls and monitoring of proposed CMMC rules. Additionally, Costpoint GovCon Cloud Moderate (GCCM) has achieved FedRAMP Moderate Ready status and is listed on the FedRAMP Marketplace.
Your Guide to Government Compliance
Navigating compliance regulations can be difficult for even the most seasoned of government contractors. Get an overview of top priorities and how Costpoint provides a clear path to compliance.
Related Resources
Guide to Government Contracting
Get the information you need to successfully find win and manage government contracts.Learn More »
How to Find Government Contracts
Get started by finding government contracts that best fit your business.Learn More »
What is DCAA Compliance?
Learn more about DCAA compliance, and how contractors can reduce risk by avoiding and preparing for DCAA audits.Learn More »
Federal Government Contracting
Learn more about federal government contracts and where you can find them.Learn More »
Small Business Contracting
Discover how to find, win and deliver on small business government contracts.Learn More »
Types of Government Contracts
Learn about the four main types of government contracts that contractors encounter.Learn More »
How to Win Government Contracts
Discover how to beat the competition and win more government contracts.Learn More »
What is CMMC?
Learn more about the basics of Cybersecurity Maturity Model Certification (CMMC).Learn More »
What is ITAR Compliance?
Learn more about the International Traffic in Arms Regulations (ITAR) and who it applies to.Learn More »
State & Local Contracting
Learn the basics of state and local government contracts and where you can find them.Learn More »
Basics of FAR & CAS
Learn about the Federal Acquisition Regulation (FAR) and Cost Accounting Standards (CAS).Learn More »
What is a Teaming Agreement?
Discover how teaming agreements can help you reach your government contracting goals.Learn More »