The century Date change (cDc) Project Office has secured System Research and Applications (SRA) and Science Applications International corporation (SAIc) contractors to provide services and products to support the objectives of its Year 2000 conversion efforts. The cDc Project Office has assigned work to each contractor, which is in line with the tasks authorized in the respective contracts. However, we were unable to determine whether the cDc Project Office had effectively utilized contractor support in furthering its Year 2000 conversion efforts.

Due to the lack of adequate documentation maintained by the cDc Project Office, we were unable to fully determine the extent of work assigned, services and products provided, and support for hours invoiced by the contractors. Because contractors were secured by term task orders, there have been varying interpretations about required transaction documentation and accountability of contractor activities. Improved controls over contractor activity will provide more accountability and consistency in the daily administration of contractor work; help in objectively evaluating contractor performance; provide evidence of the effective and efficient utilization of resources; and, demonstrate contributions toward project decision making and goal accomplishment.

The overall objective for this audit was to determine whether the cDc Project Office is effectively utilizing contractor resources to obtain services and products, which support the objectives of the Year 2000 conversion efforts.

We determined that the task orders issued to SRA and SAIc establish, in general terms, the work required by the cDc Project Office which should help them to achieve their project goals. We found that work contracted with SRA and SAIc agrees with the written task orders intended to help facilitate the Infrastructure Strategy and the Enterprise Inventory/Analysis and Validation efforts.

Adequate documentation exists over tasking work to and receiving products from SRA. Further, the contracting Officer’s Technical Representative (cOTR) provided proper administrative oversight and maintained copies and/or access to products produced. In contrast, however, the same level of administrative oversight was not maintained over the tasking and monitoring of work assigned to SAIc. For instance:

• Work requests did not: capture the extent of work being tasked; clearly describe the services or products to be provided; specify product acceptance requirements; or, specify product due dates.

• contractor activities were not always well documented by the cDc Project Office to substantiate hours invoiced to the Service.

In addition, there is not an adequate separation of duties between individuals authorized to request, approve, and accept resulting SAIc services and products. An adequate separation of duties between the Program Manager (PM), cOTR and Technical Points of contact (TPOc) is essential to ensure activities under this level-of-effort contract are properly administered.

The cDc Project Office should follow Federal and Service guidelines to strengthen administrative controls over contracts. Specifically, we recommend that the cDc Project Office:

• Utilize completion task orders wherever possible to cover definitive and repetitive tasks.
• Ensure work requests are properly approved and clearly define the specific products or services contractors are tasked to provide.

• Use receipt and disposition documentation to account for products or services.

• Periodically obtain time reports for vendor personnel and verify a sample of hours-billed on vendor invoices and reconcile with actual hours worked.

• Establish an adequate separation of duties whereby distinct individuals control authorizing, processing and reviewing activities.

Management’s Response: Management agreed with most findings and recommendations in the report and will take the following action. The cDc Project Office and Procurement will review existing tasks to identify any additional work that can be performed using completion task orders. The cDc Project Office and Procurement will also review the processes for defining desired results from contractors and the approval process; identifying any changes to be made and due dates for each change. Further, the cDc Project Office will prepare a monthly report detailing contractor accomplishments.

Although management did not agree that a verification of vendor time reports should be done unless fraud or abuse is suspected, they did state that improved documentation will serve as a tool in certifying that the number of hours recorded should be paid. In addition, the final audit done at the end of each task order will thoroughly examine time cards of vendor personnel.

In addition, management did not agree with Internal Audit’s recommendation of the separation of duties among individuals authorizing, processing and reviewing contractor activities. Management indicated that all of these functions are reserved exclusively for the contracting Officer (cO) who in turn delegates the duties. The cO often delegates these duties to the cOTR and, as such, separating these duties would cause inefficiencies, duplication of efforts, and confusion about responsibilities.

Internal Audit continues to believe that an adequate separation of duties among individuals within the cDc Project Office must be established. Failure to do so adversely affects the ability of the cOTR to effectively represent Procurement in overseeing contractor activity.