The Inspector General (IG) at the Department of Defense (DoD) found that the DoD has significant oversight problems in its $17.5 billion IT-services contract known as ENCORE III.
A recent audit reviewed five big task orders under the Defense Information Systems Agency’s ENCORE III IT-services contract and found that the DoD component contracting officer’s representatives (COR), who oversee contractors’ performance, were not properly trained. Additionally, they often lacked the experience needed to make sure vendors were upholding their side of the bargain.
“The CORs did not consistently maintain documentation of inspections of contractor performance, submit timely surveillance reports to contracting officers, or review contractor interim vouchers to prevent improper payments,” the report says.
The IG explained that these oversight failures occurred because contracting officers were not required to review COR files to determine efficient performance until CORs had been in place for a year.
“Our results indicate that waiting a year to review COR files is insufficient to detect and correct COR performance problems in a timely manner,” the IG said, adding that COR training should also include instruction on how to review interim vouchers to prevent improper payments.
In addition, the IG found that six of the eight CORs for the ENCORE III task orders failed to meet technical experience requirements to oversee the contractor cybersecurity services required by the task orders.
This is because three of the five requiring activities did not nominate qualified officials to be CORs, and the contracting officers did not verify that the COR nominees possessed the technical experience needed to oversee cybersecurity before designating them as CORs, according to the IG.
Therefore, “the CORs relied on other officials to inspect contractor performance, which violated DoD guidance and increased the risk of the DoD paying for services not received,” it states.
The IG said $24 million may have been improperly spent on those five task orders alone.
The IG made several recommendations to the department, including that the principal director of defense pricing and contracting revise DoD guidance to require contracting officers to conduct initial reviews of COR files within a set timeframe from designation CORs.
It also recommended that the principal director develop and implement plans to ensure contracting officers are aware of the technical experience requirements for CORs who monitor cybersecurity services.
The IG also recommended that the Defense Acquisition University president revise training of the DoD COR training to include detailed instructions for CORs to review interim vouchers to prevent improper payments.