Warning: Invalid argument supplied for foreach() in /home/customer/www/acqnotes.com/public_html/wp-content/plugins/acqnotes-carryover/acqnotes-carryover.php on line 224
Acq Notes Archive - Page 114 of 128 - AcqNotes
Back to Top

Educating the Aerospace Industry

Blog Archives


Performing Auditing Services


In performing audit services, DoD auditors should: [1]

  1. Exercise their professional judgment and conduct audit services with reasonable care and professional skepticism in accordance with Generally Accepted Government Auditing Standards (GAGAS).
  2. Document key decisions to reflect the progression of the work performed.
  3. Obtain access to records expeditiously and without delay to accomplish announced audit objectives.

Audit services involve planning, fieldwork, and reporting. The amount of time spent on each stage will vary based on the size, complexity, and nature of the audit. However, formal decisions should be made as progress is made throughout the audit. DoD auditors should be knowledgeable of the specific requirements applicable to planning, fieldwork, and reporting in accordance with GAGAS.

(1) Planning. During the planning stage, auditors gather the needed information on the most significant and material areas for identifying risks and their significance to the audit objective(s).  The emphasis should be on identifying the primary audit objective(s) and designing the audit approach and plan. During planning, auditors should obtain an understanding of internal controls and risks of fraud, as appropriate, that are likely to occur as they relate to the audit objective(s) in order to effectively plan the audit and to determine the nature, timing, and extent of tests to be performed.

(2) Fieldwork. Auditors perform fieldwork to collect, analyze, interpret, and document the information necessary to accomplish the audit objectives, complete the audit plan, and support the audit results. Auditors should complete an assessment of the sufficiency and appropriateness of audit evidence in its entirety during fieldwork according to GAGAS.

  • Auditors should identify findings and recommendations as early as possible in the audit and discuss them with officials in the organization being audited before being presented formally in writing. Management should be given an opportunity to respond to conditions identified by auditors and credit should be given for actions taken that will significantly improve operations, including any alternative actions initiated independent of the audit recommendations.
  • Auditors should hold an exit conference with management unless management declines. This is generally the last informal opportunity to ensure the accuracy of reported information and resolve any factual matters still in dispute prior to release of the draft report.

(3) Reporting. Auditors should prepare a written audit report for each audit in accordance with GAGAS. DoD audit organizations should develop reporting procedures and policies covering the form, content, distribution, and timeliness of reports.

  •  A draft report should normally be prepared and staffed with management for every audit. Management should be asked to comment specifically on any potential monetary benefits or other benefits shown in the draft report.
  •  Based on management comments, changes should be made to the report to reflect agreement on facts and clarify points that may be misinterpreted.
  • Management views on the report contents including opposing views and the auditors’ position on management views should be incorporated into the final report in accordance with GAGAS.

AcqLinks and References:


Government Accountability Office (GAO)


GAO LogoThe U.S. Government Accountability Office (GAO) is an independent, nonpartisan agency that works for Congress. Often called the “congressional watchdog,” GAO investigates how the federal government spends taxpayer dollars. They support congressional oversight by:

  • Auditing agency operations to determine whether federal funds are being spent efficiently and effectively
  • Investigating allegations of illegal and improper activities
  • Reporting on how well government programs and policies are meeting their objectives
  • Performing policy analyses and outlining options for congressional consideration
  • Issuing legal decisions and opinions, such as bid protest rulings and reports on agency rules

Website: Government Accountability Office (GAO)

Mission Statement
The mission of the GAO is to support Congress in meeting its constitutional responsibilities and to help improve the performance and ensure the accountability of the federal government for the benefit of the American people. We provide Congress with timely information that is objective, fact-based, nonpartisan, nonideological, fair, and balanced.

AcqLinks and References:


Detecting and Reporting Fraud and Illegal Acts


In the detection and reporting of potential fraud and illegal acts, DoD auditors should: [1]

A. Maintain sufficient knowledge of the characteristics and indicators of fraud, techniques used to commit fraud, and the types of fraud associated with the activities being audited. Such knowledge is necessary for the auditor to be reasonably effective in determining the adequacy of controls to deter opportunities to commit fraud or illegal acts, and in evaluating evidence that these acts might have been committed. The DoD audit organizations should work closely with investigative organizations to develop additional information on the characteristics or indicators of fraud and share it with other DoD audit organizations.

B. Plan audits (except for review-level and agreed upon procedures-level attestations) to provide reasonable assurance of detecting fraud in accordance with generally accepted Government auditing standards (GAGAS). Fraud risks should be taken into consideration throughout the audit, including during audit planning and evidence evaluation.

C. Consult with investigative organizations when auditors identify fraud risk or when indications of fraud come to the auditor’s attention. Auditors should document the situation and promptly notify the appropriate DoD investigative organization according to DoD Instruction 5505.2 “Criminal Investigation of Fraud Offenses” (Reference (v)). Following notification of investigators, the auditors should notify the top official of the entity under audit of the situation unless advised otherwise by investigators or it is obviously inappropriate (e.g., the top official is involved).

D. Recognize fraud indicators and refer and consult as early as possible with investigators to determine the approach and additional audit work needed if fraud or illegal acts have occurred or are likely to have occurred. When consultation with the investigative organization determines that additional procedures are needed, auditors should design procedures to provide reasonable assurance of detecting such fraud. When necessary, and in consultation with the investigative organization, auditors should perform additional audit work to determine whether fraud likely occurred and the effect on the audit findings.

E. Provide reasonable assurance to detect fraud (except for review-level and agreed-upon procedures-level attestations) in accordance with GAGAS. Auditors are not expected to provide absolute assurance of detecting fraud, illegal acts, or abuse. Absolute assurance is not attainable and thus even a properly planned and performed audit may not detect a material misstatement resulting from fraud.

F. Determine the best way to report the results. The method of reporting the audit results will vary depending upon individual circumstances. Audit matters dealing with fraud or illegal acts shall be covered in a separate written audit report if this would facilitate the timely issuance of an overall report on other aspects of the audit. The opinion of legal counsel should be obtained on the reporting method chosen. Auditors should limit their public reporting to matters that would not compromise investigative or legal proceedings.

AcqLinks and References:


Coordinating Audit Activities


To conduct a successful audit, it’s important that all participating organizations are coordinated with. There are four activities that should be addressed for coordination. These activities are:

  1. Coordinating Requirements with all organizations
  2. Coordinating audit services with the Contractor
  3. Coordinating audit services with the Government Accountability Office (GAO)
  4. Coordinating with other audit type organizations

1. Coordination Requirements
Coordination with any organization should begin as early in the audit planning process as is practical. Coordination requirements of the DoD audit organizations extend beyond merely exchanging audit schedules with other organizations and providing audit reports upon request. Coordination should also involve sharing strategic and audit plans, and establishing close liaison and good working relationships with other DoD internal audit and review organizations, external review organizations, and DoD managers.

2. Coordination of Audit Services with Contractors
DoD Instruction 7600.02 provides the process that DoD audit organizations should use to coordinate audit services involving contractor records to avoid duplication of work.

3. Coordination of Audit Service Information with the GAO
DoD Instruction 7650.02 provides the process that DoD audit organizations should use to coordinate GAO reviews and reports to reduce the potential for duplication of effort.

4. Liaison with Other Organizations
DoD audit organizations should establish procedures for identifying efforts that are completed, in process, or planned by other audit, investigative, and inspection organizations and management review groups and consider those efforts in the planning process.

AcqLinks and References:


Contracting Audit Services


DoD Components, Officials and Program Offices can contract with private auditing services when non-Federal auditors are not available. They should follow requirements described in  

Manual: DoD Manual 7600.07 “DoD Audit Manual” – 2 Aug 2015

Non-Federal auditors who perform work for the DoD are subject to Generally Accepted Government Auditing Standards (GAGAS) and must be licensed or work for a firm that is licensed in the State or other jurisdiction where they operate their professional practices. Below is a list of the seven (7) main steps for contracting private auditing services.

  1. Planning for Procurement of Auditing Services
  2. Communicating Requirements
  3. Review Solicitations
  4. Selecting a Contractor and Technical Evaluation
  5. Provide Technical Assistance
  6. Monitor Performance
  7. Debarment, Suspensions, and Referrals

1. Planning for Procurement of Auditing Services
Planning identifies what audit services are needed, when and how they should be provided, and what provisions should be in the audit services contract. Planning also helps ensure proper information is collected to effectively structure a solicitation package.

2. Communicating Requirements
The solicitation package should be clearly written and set forth all terms, conditions, and evaluation criteria as well as the scope of the work required. The solicitation package should also be well-distributed and -publicized to ensure full and open competition.

3. Review Solicitations
The DoD Component or cognizant DoD audit organization will provide the solicitation package to the Office of the Assistant Inspector General for Audit Policy and Oversight, IG (OAIG APO) for review prior to its release to prospective bidders.

4. Selecting a Contractor and Technical Evaluation
The evaluation process should ensure contractor proposals are responsive to the agency’s needs, consistently and objectively evaluated, and that contracts are awarded fairly. Competent and experienced personnel should be assigned to the technical evaluation panel. When evaluating a solicitation, items to consider include the soundness of the technical approach of the contractor’s proposal, the qualifications of the organization performing the audit service, the qualifications of the team proposed to perform the audit service, the quality control process of the organization performing the audit service, and references provided by the organization performing the audit service.

5. Provide Technical Assistance
The cognizant DoD audit organization should furnish technical advice to the contractor as requested.

6. Monitor Performance
The DoD audit organization should develop appropriate guidelines for their staff to monitor contract performance and provide input to the contracting officer for contractor interim and final performance reporting, deliverables, and payment. Any adverse conditions found during contract performance should be reported to the contracting officer and the users of the services. In addition, the cognizant DoD audit organization should perform an acceptance review of completed audit work before final contract payment is made.

7. Debarment, Suspensions, and Referrals
Substandard work by a non-Federal auditor may warrant referral for sanctions by the appropriate State licensing authorities or suspension and debarment by the contracting authority. The Assistant Inspector General for Audit Policy and Oversight is the only official authorized to make referrals for sanctions by appropriate licensing authorities.

AcqLinks and References:

DoDAF Architecting

Physical Architecture(arch)


The physical architecture is the physical layout of a system and its components in a schema.  It refers to some  representation of the structure or organization of the physical elements of the system.  The physical architecture should be part of the Allocated and Product Baselines.


SMC Systems Engineering Handbook Example – Page 25

The development of the physical architecture consists of one or more logical models or views of the physical solution. The logical models or views may consist of conceptual design drawings, schematics, and block diagrams that define the systems form and the arrangement of the system components and associated interfaces. The development of a physical architecture is an iterative and recursive process and will evolve together with the requirements and functional architecture. Development of the physical architecture is complete when the system has been decomposed down to lowest system element or configuration item level, and it is critical that this process identify the design drivers as early as possible. Therefore, it is imperative that the driving requirements be identified and the combined processes—Stakeholder Requirements Definition, Requirements Analysis, and Architecture Design—will provide key insights to risk early in the development life cycle, allowing for mitigating strategies. [1]

Key activities performed when developing a physical architecture and design include:

  • Analysis and synthesis of the physical architecture and the appropriate allocation,
  • Analysis of the constraint requirements,
  • Identify and define physical interfaces and components, and
  • Identify and define critical attributes of the physical components, including design budgets (e.g., weight, reliability) and open system principles.

AcqLinks and References:

DoDAF Architecting

DoDAF Meta Model (DM2)

The DoDAF Meta Model (DM2) defines architectural data elements and enables the integration and federation of Architectural Descriptions. It establishes a basis for semantic (i.e., understanding) consistency within and across Architectural Descriptions.

Website: DoDAF Meta Model (DM2)

The purposes of the DM2 are:

  • Establish and define the constrained vocabulary for description and discourse about DoDAF models (formerly “products”) and their usage in the 6 core processes
  • Specify the semantics and format for federated Enterprise Architecture (EA) data exchange between: architecture development and analysis tools and architecture databases across the DoD Enterprise Architecture (EA) Community of Interest (COI) and with other authoritative data sources
  • Support discovery and understandability of EA data:
    • Discovery of EA data using DM2 categories of information
    • Understandability of EA data using DM2’s precise semantics augmented with linguistic traceability (aliases)
  • Provide a basis for semantic precision  in architectural descriptions to support heterogeneous architectural description integration and analysis in support of core process decision making.

The DM2 supports the exchange and reuse of architectural information among Components, and Federal and Coalition partners, thus facilitating the understanding and implementation of interoperability of processes and systems. As the DM2 matures to meet the ongoing data requirements of process owners, decision makers, architects, and new technologies, it will to a resource that more completely supports the requirements for architectural data, published in a consistently understandable way, and will enable greater ease for discovering, sharing, and reusing architectural data across organizational boundaries.

To facilitate the use of information at the data layer, the DoDAF describes a set of models for visualizing data through graphic, tabular, or textual means. These views relate to stakeholder requirements for producing an Architectural Description.
DoDAF Meta Model (DM2)

What and Where is the DM2
In accordance with standard data modeling conventions, the DM2 has several levels, as shown in the figure below.


  • The DoDAF descriptions in this website are very generic and are mostly taken from the DoDAF Architecture Framework website. Make sure you visit the actual website for the most update information and a more thorough explanation of each viewpoint.
  • DoDAF Version 1.0, although outdated, has some good examples on how to construct AV’s, OV’s, and SV’s.

AcqLinks and References: