New Statutory Restrictions on Defense Auditor Access-to-Records and the AICPA Auditing Standards
Millspaugh, Peter E., The Government Accountants Journal
When U.S. Defense Department contractor auditing was consolidated under the Defense Contract Audit Agency (DCAA) in 1965, the agency was assigned the task of "performing all necessary contract audits for DOD and providing accounting financial advisory services regarding contracts to all DOD components responsible for procurement and contract administration."(1) DCAA now has more than 7,000 employees, many of whom are certified public accountants. Agency professionals presently audit roughly 13,000 defense contractors performing some 60,000 audits and reviews on an annual basis. Their function is to represent and advise DOD contracting officers through some 400 field offices throughout the United States and overseas.
In 1985, Congress granted DCAA subpoena authority to reach a contractor's "books, documents, papers, or records."(2) The agency's use of its new authority to obtain access to sensitive data has recently caused a number of defense contractors to balk. In response to their efforts to resist DCAA subpoena on certain types of information, defense contractors have begun to find a measure of protection in the federal courts. Some recent rulings have sharply curtailed the agency's access by applying a rather narrow interpretation to DCAA's access-to-records and subpoena authority. As a result, the agency has become concerned that its ability to conduct audits of appropriate scope has been compromised. This sudden judicial restriction of audit access parameters has also called into question the role of professional accounting standards in DCAA audits.
To explore these questions, this article will first examine the sources of DCAA access-to-records audit standards. Next the accounting profession's own auditing standards which bear on access-to-records will be reviewed and analyzed. Against this background, the professional predicament which the recent judicial access restrictions pose for DCAA will be examined.
THE DUALITY OF DCAA AUDIT STANDARDS
A duality is built into DCAA audit standards because they are derived primarily from two sources: (1) audit policy set by the Office of Management and Budget (OMB) and the United States General Accounting Office (GAO), and (2) generally accepted auditing standards of the American Institute of Certified Public Accountants. It is important to understand these standards and how they relate to the question of audit access.
To implement the audit policies set by OMB and GAO, government wide audit standards are developed and published by the U.S. comptroller general. These standards have been made applicable to the executive branch thru OMB Circular A-73, dated June 20, 1983; and specifically applicable to DCAA thru DOD Directive 7600.2, dated Jan. 20, 1985. Through specific incorporation by reference, the Generally Accepted Auditing Standards (GAAS) of the American Institute of Certified Public Accountants (AICPA) have also been made part of the federal government's audit standards.(3) It is these standards most directly threatened by the newly recognized statutory restrictions on DCAA access to records.
As the umbrella organization of the professional accounting community, the AICPA has promulgated 10 generally accepted auditing standards. Through an AICPA Auditing Standards Board, interpretations of these standards or Statements on Auditing Standards (SAS) are periodically issued. Access requirements to certain auditee records such as internal audit reports (SAS 9) and minutes of meetings (SAS 31) have appeared in scattered GAAS interpretations over the years. Guidance concerning specific records to which access is required overall however, is scarce. This is intended because the AICPA views records access as presenting requirements for a case-by-case determination based on the auditor's professional judgement. In the plain words of the applicable standard, ..."the amount and kinds of evidential matter required to support informed opinions are matters for the auditor to determine in the exercise of his professional judgement after a careful study of the circumstances in the particular case. …