This issue of the Cost Corner concludes our coverage of TINA by addressing DCAA Truth in Negotiations (TIN) compliance audits (defective pricing audits) and identifying best practices for contractors to mitigate defective pricing risk.


TINA is a procurement statute that requires contractors: (1) to disclose information – known as cost or pricing data – when negotiating certain types of contract actions; (2) to certify that those data were accurate, complete, and current as of the date of agreement on price or other date agreed to by the parties (relevant date); and (3) to agree to a price reduction if the contractor furnishes cost or pricing data that are defective, i.e., inaccurate, incomplete, or not current.[2] TINA applies to pricing actions exceeding $2 million except when prices agreed upon are based on adequate price competition, when prices agreed upon are based on prices set by law or regulation, when commercial products or commercial services are being acquired, when a waiver has been granted, or when modifying a contract or subcontract for commercial products or commercial services.[3] TINA defines cost or pricing data to mean all facts that, as of the relevant date, a prudent buyer or seller would reasonably expect to affect price negotiations significantly.[4] TINA is intended to “level the playing field” by providing Government negotiators the same cost or pricing data available to contractors.

The Department of Defense (DoD) has designated DCAA to establish and conduct a program for performing regularly scheduled defective pricing audits.[5] Based on inter-agency agreements, this program includes contracts awarded by certain non-DoD agencies as well as DoD contracts.[6] DCAA is authorized to examine contractor records related to proposals, discussions, pricing, and performance to evaluate the accuracy, completeness, and currency of cost or pricing data.[7] Each DCAA Field Audit Office (FAO) performs defective pricing audits based on: (1) the annual requirements and selection plans issued by DCAA Headquarters and (2) specific requests received from contracting officers and other authorized Government personnel.[8] DCAA has published guidance for conducting defective pricing audits in the DCAM,[9] as well as its Audit Program for TIN Compliance Audits (TIN Audit Program).[10]

The objective of a defective pricing audit is “to determine if the negotiated contract price was increased by a significant amount because the contractor did not submit or disclose accurate, complete, and current certified cost or pricing data.”[11] Generally, auditors establish defective pricing by examining and analyzing the records and data available to the contractor as of the date of agreement on price and comparing them with the contractor’s submitted or disclosed certified cost or pricing data.[12] The DCAM identifies the following elements that must exist to support a finding of defective pricing: (1) the information in question fits the definition of cost or pricing data; (2) accurate, complete, and current data existed that were reasonably available to the contractor before the date of agreement on price; (3) accurate, complete, and current data were not submitted or disclosed to the contracting officer or an authorized representative and these individuals did not have actual knowledge of such data or its significance to the proposal; (4) the Government relied on the defective data in negotiating with the contractor; and (5) the Government’s reliance on the defective data caused an increase in the contract price.[13] DCAA’s general audit procedures for conferences and audit reports, described in the previous edition of the Cost Corner, apply to defective pricing audits as well.

Defective Pricing Audit Procedures

When a pricing action is selected for consideration for a defective pricing audit, DCAA conducts a risk assessment to ensure that the pricing action warrants detailed audit procedures.[14] DCAA’s risk assessment is based on discussions with the contracting officer, the price negotiation memorandum (PNM), the contractor’s audit history (permanent file), publicly available information, and information obtained from the contractor.[15]

DCAA notifies the contractor that it will be performing risk assessment procedures and requests the contractor to provide information such as copies of the contractor’s proposal, identification of significant inter-organizational transfers (IOT) and subcontracts, the Certificate of Current Cost or Pricing Data, identification of all certified cost or pricing data submitted before or during negotiations, a list of additional data submitted between the date of agreement on price and the certification date, and costs incurred to date and estimates at completion (EAC) by cost element.[16] DCAA also schedules a walkthrough of the contractor’s final certified position and the major events associated with the pricing action.[17] The walkthrough generally includes a discussion of the certified cost or pricing data provided by the contractor, the contractor’s documentation of negotiations, the contractor’s processes and internal controls in place at the time of the negotiation to ensure compliance with TINA, and how the contractor accumulated costs in its accounting system.[18]

DCAA’s risk assessment includes both qualitative and quantitative components. From a qualitative perspective, the risk factors identified in the TIN Audit Program include, among others:

  • Concerns identified by the contracting officer;
  • Lack of a pre-award forward pricing audit;
  • Few or no proposal updates during the proposal audit;
  • Incomplete cost or price analysis of significant subcontracts;
  • Significant lapse of time between the audited proposal and agreement on price;
  • Submission of additional cost or pricing data after the pre-award audit;
  • Firm-fixed-price (FFP) contract type;
  • High dollar-value pricing action;
  • Defective pricing concerns identified during the pre-award audit;
  • Contractor’s history of defective pricing;
  • Previous audit findings and recommendations;
  • Adequacy of contractor’s corrective actions;
  • Actual, suspected, or alleged fraud or other noncompliances; and
  • Investigations or legal proceedings relevant to the subject of the audit.[19]

DCAA also conducts a quantitative risk assessment in the form of an overrun/underrun analysis. This process involves: (1) establishing an audit baseline (typically the PNM); (2) identifying material cost elements; (3) calculating the difference between the baseline cost and the contractor’s incurred cost or EAC for those cost elements; (4) evaluating the cause of any significant variances; and (5) assessing the risk that the contractor was aware of, but failed to disclose, facts or events relating to that cause before the certification date.[20]

DCAA uses the qualitative risk factors and the overrun/underrun analysis to determine the overall risk that the contract price was materially increased due to defective certified cost or pricing data.[21] If DCAA determines that the overall risk is minimal, it will terminate the audit.[22] If DCAA proceeds with the audit, it will send a formal notification to the contractor, schedule an entrance conference, and conduct detailed audit steps that are responsive to the risk assessed with respect to the cost elements determined to be significant.[23] The audit steps after the risk assessment focus on refining the audit baseline, confirming whether defective pricing exists, and quantifying the price adjustment.[24]

Defective pricing audits generally follow the procedures we addressed in the last issue of the Cost Corner with respect to entrance, interim, and exist conferences, as well as draft and final audit reports. The DCAM encourages the audit team to discuss pertinent factual matters with the contractor throughout and at the conclusion of the audit; to provide the contractor draft copies of the report exhibits and explanatory notes along with copies of disputed documents and other significant audit evidence; and to provide the contractor an opportunity to respond to the draft audit findings.[25] The DCAM requires a written report for all defective pricing audits.[26] Each audit with a recommended price adjustment is required to explain how the audit established each of the five elements of defective pricing.[27]

Procedures for Specific Cost Elements

The TIN Audit Program identifies detailed audit steps for cost elements selected for audit based on the risk assessment. It also encourages auditors to tailor those steps to ensure the audit plan is responsive to the assessed areas of risk.[28]

The TIN Audit Program identifies some audit steps that are common across cost elements. These include refining the overrun/underrun analysis at a more detailed level, determining the cause of any significant variances, assessing whether the contractor was aware of but failed to disclose any facts or events relating to that cause, conducting tests of details to provide reasonable assurances that any historical data relied upon were not defective, confirming lack of disclosure and reliance with the contracting officer for potential areas of defective pricing, and calculating the recommended price adjustment in accordance with the DCAM.[29]

The TIN Audit Program also identifies steps specific to particular cost elements, which are summarized in the cart below:

Best Practices for Contractors

The best practices below, derived from all three of our TINA articles, are intended to help contractors to mitigate the risk of defective pricing audits and liability.

  1. Disclose all facts that have the potential to impact price negotiations. Do not consider whether the facts are material, whether a prudent buyer or seller would rely on them, or whether the impact on price negotiations would be significant. Do not withhold information that is judgmental unless it is devoid of factual content. Disclose relevant analyses and reports even if there is an element of judgment. Consider the breadth of the examples of cost or pricing data listed in FAR 2.101 when evaluating disclosure obligations (e.g., vendor quotes, non-recurring costs, changes in production methods or production or purchasing volume, data supporting projections, unit-cost trends, make-or-buy decisions, resource estimates, and management decisions).
  2. Deliver cost or pricing data to the contracting officer. Deliver cost or pricing data physically or electronically rather than merely making it available. Explain the significance of cost or pricing data if it is not obvious. Deliver cost or pricing data to the contracting officer even if it was previously delivered to other Government representatives (e.g., auditors, negotiators, price analysts, technical representatives).
  3. Implement policies, procedures, and internal controls. Educate personnel regarding the contractor’s obligations under TINA including the broad definition of certified cost or pricing data. Solicit and obtain cost or pricing data from all functional components of the organization (including human resources and senior management). Assign clear roles and responsibilities for the collection and submission of cost or pricing data. Require written acknowledgment that responsible personnel have provided all relevant cost or pricing data in their possession.
  4. Create a checklist for cost or pricing data. Even if the contracting officer does not prescribe the format for submission, use FAR 15.408, Table 15-2 (Table) and DFARS 252.215-7009, Proposal Adequacy Checklist, as guidance for the disclosure of cost or pricing data. Also consider the guidance provided to DCAA auditors in the TIN Audit Program for specific cost elements, including but not limited to the following:
    • Direct Labor Rates: Disclose the most current actual direct labor rates, rate agreements, management approved labor rates, and union agreements. Identify and disclose any facts or events that would be likely to result in a change in direct labor rates after the date of agreement on price (e.g., negotiations, benefits, management decisions, etc.).
    • Labor Hours: Disclose the most current historical information. Confirm that labor standards are current and do not duplicate other rates and factors. If improvement curves were used, confirm that the hours plotted are current, that they include all applicable units and hours, and that all completed production lots were disclosed. Confirm that any CERs or factors are current and that relevant historical hours were also disclosed. Document the rationale for any changes between proposed and actual labor mix.
    • Material: Disclose all documents relevant to sources and pricing for materials, including but not limited to quotations, correspondence, purchase orders, and counteroffers. Document the rationale for any changes in type or quantity of material used in performance. Consider using a consolidated bill of materials to reduce the risk of duplication. Confirm that all rates and factors are current, that any material included in a factor is not also proposed discretely, and that relevant historical information related to the rate or factor has been disclosed.
    • Indirect Rates: Disclose indirect forward pricing rate proposals and agreements. Disclose all facts and management decisions that have the potential to impact indirect rates (e.g., planned or projected changes in business activities, processes, capital assets, management objectives, business volume, or contract mix/type, management initiatives to reduce costs, budgets and forecasts, etc.).
  5. Obtain subcontractor cost or pricing data when required. Obtain and analyze cost or pricing data for subcontracts unless a TINA exemption applies. Submit cost or pricing data for non-exempt subcontract actions valued at the lower of $12.5 million or 10% of the contract price. Negotiate audit rights and broad indemnification for defective subcontractor cost or pricing data.
  6. Conduct TINA sweeps after agreement on price. After agreement on price but before award, conduct a review to confirm if any cost or pricing data reasonably available at the time of agreement or price were not submitted or disclosed. Provide any additional cost or pricing data identified during sweeps to the contracting officer with the executed Certificate of Current Cost or Pricing Data. Do not sign the agreement until the contracting officer has evaluated the sweeps data.
  7. Maintain detailed records of negotiations. Maintain records of all information requested by the Government, all information delivered to the Government, and any the cost or pricing data relied upon by the Government during negotiations and any facts or statements suggesting that the Government did not review or is not relying upon certain types of information in the negotiation.
  8. Reduce risk factors for audit. Mitigate the factors DCAA considers in its risk assessment to reduce the likelihood of a full audit. Establish adequate policies, procedures, and internal controls. Promptly implement corrective action in response to audit findings or recommendations. Proactively address any concerns regarding cost or pricing data with the contracting officer during negotiations. Carefully price each cost element rather than focusing exclusively on the bottom line. Disclose cost or pricing data as soon as it becomes available during negotiations. Continue to provide updated cost or pricing data during the pre-award audit. Minimize unnecessary proposal changes after the pre-award audit. Complete cost or price analysis of significant subcontracts before the date of agreement on price if possible.
  9. Prepare for the audit. Begin preparing for the audit immediately upon notification of the risk assessment. Evaluate the risk factors identified in the TIN Audit Program. Be prepared to articulate which risk factors are not present and why any risk factors that might be present do not actually present significant risk of defective pricing. Conduct an overrun/underrun analysis. Identify material cost elements, significant variances between negotiated and incurred costs, the causes for those variances, and when the contractor first learned of the facts or events relevant to those causes. Be prepared to identify any disclosed cost or pricing data related to those events or to explain how those facts or events arose after the date of agreement on price. Gather documented policies, procedures, and internal controls for presentation to DCAA. Be prepared to address the corrective action taken in response to any prior audits that might be relevant. Provide adequate information during the risk assessment to demonstrate that the likelihood of defective pricing is very low. Provide requested documents efficiently and quickly.
  10. Follow the best practices for dealing with DCAA audits identified in the previous edition of the Cost Corner. All of those best practices apply to defective pricing audits.


This concludes our initial coverage of TINA. We may revisit TINA if there are any significant developments. Our next article will transition to the FAR Cost Principles, which we will address in detail over the coming months.