CPSR Audit
The Contractor's system used to purchase, and subcontract is referred to as the "Purchase System." It covers aspects such as the evaluation of quotes, making or buying decisions, vendor selection, price negotiation, placement, and administration of orders, and expediting the delivery of materials. The Contractor Purchasing System administration is subject to the criteria outlined in DFARS 242.244-7001.
A Contractor Purchasing System Review (CPSR) is conducted when the value of awarded government prime contracts and subcontracts are expected to be more than $25 million over the next 12 months. The administrative contracting officer (ACO) will consider a wide range of factors when deciding on the need for a CPSR, including but not limited to the Contractor's past performance and the volume, complexity, and dollar value of subcontracts. The review determines the ACO's decision to approve, reject or revoke authorization for the Contractor's purchasing system.
How to Prepare for CPSR and FAR Part 44
Learn the rules of engagement when it comes to the federal subcontracting environment beginning with the Federal Acquisition Regulation (FAR) Part 44 and CPSR.
CPSR Review
The U.S. Government carries out a Contractor Purchasing System Review in accordance with Federal Acquisition Regulation Part 44. As stated in FAR 44.101, the CPSR is an evaluation of a contractor's purchasing and subcontract management that begins with the identification of the requirement and ends upon completion of subcontract performance.
A CPSR audit is a review that determines the effectiveness of a contractor's purchasing system, incorporating its policies, procedures, and practices. Consisting of a series of steps designed to evaluate the effectiveness of a contractor's purchasing system, a CPSR begins with a review of the requirement and progresses by auditing all relevant policies, procedures, and practices.
The assessment process examines risk management, cost management, supplier selection, and performance evaluation. During the audit, the auditor will review both internal and external documents, interview personnel, and observe activities that are related to purchasing.
Once the CPSR audit is complete, the auditor will prepare a report of its findings. The information will include an analysis of compliance with the DFARS 242.244-7001 criteria, and any issues identified during the audit. The Contractor can use this report to assess areas of improvement in their system and make changes as needed.
For more information about CPSR, refer to the following reference article, which provides insight into what CPSR is, when it should be used, why it is essential, and how to manage it.
What is DFARS 242.244-7001?
DFARS 242.244-7001 is a Department of Defense (DoD) regulation that provides guidance and criteria for evaluating contractors' purchasing systems. It sets forth standard requirements such as risk management, cost management, supplier selection, performance evaluation and more. The regulation applies to any purchase or subcontracts exceeding the simplified acquisition threshold in FAR Part 2. Additionally, DFARS 242 .244-7001 applies to any contracts involving subcontracting and acquiring supplies or services.
The DFARS adequacy criteria goes into depth across these areas, including:
- Procurement planning & market research (2 Criteria)
- Conflict of interest & misconduct (1 Criterion)
- Competition (2 Criteria)
- Negotiated procurement (1 Criterion)
- Cost or pricing data & price reasonableness (5 Criteria)
- Source selection (3 Criteria)
- Contract formation and content (3 Criteria)
- Foreign purchasing and performance (3 Criteria)
- Procurement administration (4 Criteria)
CPSR Audit Preparation
Before an audit, the Contractor needs to prepare. Preparation includes gathering all relevant documents and personnel that may be needed during the review. The Contractor should also ensure that their purchasing system is aligned with the requirements of DFARS 242.244-7001.
This effort should involve a self-review of your policies, procedures, and practices to ensure they comply with the regulation. An organization must confirm the following key indicators before completing a CPSR review.
- Ensure competition is maximized for the contract.
- Documented records and standardized business processes
- Prove the effectiveness of negotiation
- Maximize subcontractor performance, and ensure compliance is monitored
- Satisfactory small business support program
- Successful Self-assessment of system requirements
CPSR AUDIT CHECKLIST
A CPSR checklist is a helpful tool for contractors to ensure they have fulfilled all requirements before beginning their CPSR audit. This checklist outlines the fundamental elements when assessing a contractor's purchasing system.
- Don't wait. Adequate time and resources are necessary to complete a CPSR. Even if you have yet to reach the $25M threshold, it is prudent to begin preparing for it. Identify the stakeholders and project manager, assess current procedures, and devise a time/resource budget.
- Evaluate business processes & systems. Data call inaccuracies are a point of weakness. For the CPSR, confirm that your organization's existing business systems can extract the required data. If this is not the situation, an evaluation of systems and a solution must be established before conducting the review.
- Self-review. Arrange a preliminary assessment to pinpoint weaknesses and areas for improvement rather than performing an official audit. Ensuring consistent lead times for purchases is a priority for organizations.
- Procurement training. Employees should be familiarized with the Procurement Manual, and the training should be recorded. The Procurement Manual should incorporate policies and procedures but must not detail instructions on how tasks should be carried out. Training on the CPSR process should be provided for staff and senior management, with expectations clearly outlined.
WHAT HAPPENS IF I FAIL A CPSR AUDIT?
Less than 1% of first-time CPSR audits are passed. So, if you fail a CPSR audit, don't panic; you are not alone. But it is important to understand and address the deficiencies that led to the failed review.
First and foremost, contact your assigned Contracting Officer (CO) to inform them of your failed audit. Your CO will then guide the following steps and assist in addressing any issues noted during the review.
To address the problems in a CPSR review, contractors must evaluate processes and procedures, update policies and procedures in the procurement manual, establish controls where needed, and document the changes. Ensuring that any personnel trained on the new processes know their duties and responsibilities is vital. Lastly, you must begin preparing for a subsequent audit before being selected for one by your CO.
CPSR REVIEW--POST EVALUATION
After a CPSR review, evaluating the audit's success is essential. It is necessary to document any failures and successes that could be replicated in future audits and any areas of improvement that may still need addressing. This will help to ensure an organization remains compliant and is prepared for the following review.
Risk Mitigation & Continuous Improvement
A CPSR audit is only a snapshot; organizations should continuously strive to improve their procurement processes. To mitigate your company's risk and improve performance, it is important to create a formalized review and evaluation process. This can be done by implementing internal procedures that analyze key metrics such as cost of goods sold, on-time delivery, and supplier performance. Additionally, an organization should regularly review its procurement manual to ensure policies are current and compliant with regulations. By taking these steps, organizations can effectively mitigate risk and reduce the likelihood of a failed audit.
Your Guide to Government Compliance
Navigating compliance regulations can be difficult for even the most seasoned of government contractors. Get an overview of top priorities and how Costpoint provides a clear path to compliance.
Related Resources
Guide to Government Contracting
Get the information you need to successfully find win and manage government contracts.Learn More »
How to Find Government Contracts
Get started by finding government contracts that best fit your business.Learn More »
What is DCAA Compliance?
Learn more about DCAA compliance, and how contractors can reduce risk by avoiding and preparing for DCAA audits.Learn More »
Federal Government Contracting
Learn more about federal government contracts and where you can find them.Learn More »
Small Business Contracting
Discover how to find, win and deliver on small business government contracts.Learn More »
Types of Government Contracts
Learn about the four main types of government contracts that contractors encounter.Learn More »
How to Win Government Contracts
Discover how to beat the competition and win more government contracts.Learn More »
Guide to Govcon Compliance
Learn why compliance should be top of mind for all government contractors.Learn More »
What is CMMC?
Learn more about the basics of Cybersecurity Maturity Model Certification (CMMC).Learn More »
What is ITAR Compliance?
Learn more about the International Traffic in Arms Regulations (ITAR) and who it applies to.Learn More »
State & Local Contracting
Learn the basics of state and local government contracts and where you can find them.Learn More »
Basics of FAR & CAS
Learn about the Federal Acquisition Regulation (FAR) and Cost Accounting Standards (CAS).Learn More »