June 2017 Department of General Services and California Department of Technology Neither Entity Has Provided the Oversight Necessary to Ensure That State Agencies Consistently Use the Competitive Bidding Process Report 2016-124 COMMITMENT INTEGRITY LEADERSHIP CALIFORNIA STATE AUDITOR 621 Capitol Mall, Suite 1200 Sacramento CA 95814 916.445.0255 TTY 916.445.0033 For complaints of state employee misconduct, contact us through the Whistleblower Hotline: 1.800.952.5665 Don’t want to miss any of our reports? Subscribe to our email list at auditor.ca.gov For questions regarding the contents of this report, please contact Margarita Fernández, Chief of Public Affairs, at 916.445.0255 This report is also available online at www.auditor.ca.gov Alternate format reports available upon request Permission is granted to reproduce reports Elaine M. Howle State Auditor Doug Cordiner Chief Deputy June 20, 2017 2016-124 The Governor of California President pro Tempore of the Senate Speaker of the Assembly State Capitol Sacramento, California 95814 Dear Governor and Legislative Leaders: As requested by the Joint Legislative Audit Committee, the California State Auditor presents this audit report concerning the oversight the Department of General Services (General Services) and the California Department of Technology (Technology) have provided over state agencies’ awarding of contracts without the use of a competitive bidding process. State law generally requires agencies to use the competitive bidding process whenever possible to ensure fair competition and eliminate favoritism, fraud, and corruption. Nonetheless, this report concludes that General Services and Technology did not provide adequate oversight of the billions of dollars that agencies awarded through noncompetitive contracts from fiscal years 2011–12 through 2015–16. The Legislature has charged General Services and Technology with overseeing the State’s procurement of goods and services on a statewide level. Because General Services oversees most of the State’s procurements, its responsibilities include ensuring that key decision makers have complete and accurate contracting data that allows them to make informed decisions. However, General Services did not ensure the integrity of the data in the database it created to track the State’s contracts. As a result of its lack of oversight, the database contained numerous errors, essentially rendering it ineffective for its intended purposes. In January 2016, General Services transitioned to the new Financial Information System for California (FI$Cal) as its statewide contract database. However, whether FI$Cal’s contracting data will eventually be accurate or complete remains uncertain. According to General Services, only 57 agencies currently use FI$Cal for their procurements, or about 31 percent of the agencies scheduled to use it. The remaining agencies must manually enter information into FI$Cal, creating significant opportunity for error. Moreover, neither General Services nor Technology has established formal plans to regularly analyze the new FI$Cal data to monitor the State’s noncompetitive contracts. Our review of 27 noncompetitively bid contract justifications (noncompetitive requests) demonstrates the necessity for such analyses. Agencies must use noncompetitive requests in specific circumstances to enter into or amend contracts noncompetitively. However, our review found General Services and Technology approved nine noncompetitive requests—with a total value of nearly $1 billion—that agencies likely could have avoided had  they engaged in sufficient planning by, for example, issuing requests for proposals in a timely manner. Although both General Services and Technology have mechanisms they can use to encourage agencies to comply  with noncompetitive procurement policies, they rarely employed them during our five-year audit period. Until General Services and Technology create consequences for agencies that habitually overuse noncompetitive requests, these agencies will have little incentive to change. Respectfully submitted, ELAINE M. HOWLE, CPA State Auditor 621 Capitol Mall, Suite 1200 S a c r a m e n t o, C A 9 5 8 1 4 916.445.0255 916.327.0019 fax w w w. a u d i t o r. c a . g o v iv California State Auditor Report 2016-124 June 2017 Selected Abbreviations Used in This Report Audit Services Department of General Services’ Office of Audit Services Consumer Affairs Department of Consumer Affairs CPUC California Public Utilities Commission IT information technology Legal Services Department of General Services’ Office of Legal Services Technology’s Procurement Division California Department of Technology’s Statewide Technology Procurement Division SCPRS State Contract and Procurement Registration System Technology California Department of Technology California State Auditor Report 2016-124 June 2017 Contents Summary 1 Introduction 9 Chapter 1 As a Result of Their Weak Oversight, General Services and Technology Lack Complete and Accurate Information About the State’s Contracts 19 Recommendations 31 Chapter 2 General Services and Technology Have Not Always Ensured That Agencies Competitively Award Contracts When Appropriate 33 Recommendations 48 Responses to the Audit General Services 51 59 Technology 61 67 v Vi California State Auditor Report 2016-124 June 2017 California State Auditor Report 2016-124 June 2017 Summary Results in Brief Audit Highlights . . . The Legislature has charged the Department of General Services (General Services) and the California Department of Technology (Technology) with overseeing the State’s procurement of goods and services on a statewide level. Specifically, General Services is responsible for overseeing the majority of the State’s procurements, while Technology is responsible for overseeing acquisitions of certain information technology (IT) and telecommunications goods and services. Nonetheless, neither entity provided adequate oversight of the billions of dollars the state agencies awarded through noncompetitive contracts during our audit period from fiscal years 2011–12 through 2015–16. Although noncompetitive contracts are appropriate in some situations, state law generally requires agencies to use the competitive bidding process when possible in order to ensure fair competition and to eliminate favoritism, fraud, and corruption. Further, economic experts agree that competition in public procurement benefits taxpayers and consumers by providing lower prices, greater innovation, and improved products and services. However, General Services and Technology failed to ensure that agencies under their oversight used competitive bidding as state law requires, potentially putting the State at risk of not receiving the best value. Our audit concerning the Department of General Services’ (General Services) and the California Department of Technology’s (Technology) processes for overseeing noncompetitive contracts revealed the following: Because General Services oversees most of the State’s procurements, its responsibilities include ensuring that key decision makers have complete and accurate contracting information that allows them to identify concerning trends and make informed decisions. However, although General Services created a statewide contract database so that it would have such information, it did not ensure that this database served the purposes for which it was created. Specifically, in 2002 the Governor directed a task force to review the State’s procurement procedures and make recommendations to ensure that agencies are using competitive bidding to the greatest extent possible, and that their procurements receive adequate oversight. As a result of its review, the task force recommended that General Services implement a statewide database to track agencies’ procurement transactions. In response, General Services created the State Contract and Procurement Registration System (SCPRS) in 2003. SCPRS was intended to increase the visibility and accountability of state contracting activities and to assist General Services in performing contracting oversight functions, such as identifying problematic trends in agencies’ contracting practices. However, our review of SCPRS data from July 2011 through December 2015—when the State transitioned from SCPRS to a new system—found that the data misrepresented or did not include many of the State’s contracts and their associated amendments, essentially rendering SCPRS ineffective for its intended purposes. »» General Services and Technology did not provide adequate oversight of the billions of dollars state agencies awarded through noncompetitive contracts from fiscal years 2011–12 through 2015–16. »» General Services did not ensure that a statewide contract database contained complete and accurate information about the State’s contracts for use by key decision makers. »» Although General Services transitioned to the new Financial Information System for California (FI$Cal) as its statewide contract database, it is unclear if FI$Cal will fully solve the State’s lack of comprehensive contracting data. »» Neither General Services nor Technology has established formal plans to regularly analyze the new FI$Cal data to identify instances of abuse or misuse of statewide noncompetitive procurements. »» General Services and Technology approved noncompetitive requests that lacked adequate justification for bypassing the competitive bid process, such as demonstrating that it conducted market research to substantiate that no competition existed. »» Nine of the 27 noncompetitive requests we reviewed could have been avoided if the agencies had engaged in sufficient planning. »» Although both General Services and Technology have enforcement mechanisms, they rarely employed them, allowing agencies to continue inappropriately using noncompetitive requests. 1 2 California State Auditor Report 2016-124 June 2017 Many of the errors we noted in our review were the result of agencies incorrectly entering information into SCPRS, likely because of General Services’ failure to provide them with adequate guidance. For example, the database included what it identified as a competitive contract with a value of $34 million. However, this contract’s original, competitively bid value was only $3 million. The remaining $31 million was the result of nine noncompetitive contract amendments. Further, 12 of 31 contracts and amendments we reviewed were missing from SCPRS because the agencies had failed to enter them. In fact, one of these missing contracts included eight amendments and was worth $163 million. When the data do not accurately and completely represent agencies’ procurements, General Services has no way to ensure that those agencies are not avoiding or minimizing noncompetitive contracting. A section manager in General Services’ Procurement Division indicated that General Services did not issue instructions to improve the data’s integrity because a 2008 Department of Finance budget letter announced a moratorium on developing or upgrading any systems that would duplicate the planned FI$Cal project. General Services intended to retire SCPRS once a new system was implemented. The section manager stated that General Services could always obtain the data directly from the agencies if the need arose. However, this approach defeats the purpose of having a single repository for contracting data. General Services transitioned from SCPRS to the new Financial Information System for California (FI$Cal)—a legislatively mandated system for procurement, accounting, budgeting, and cash management—as its statewide contract database in January 2016. However, whether FI$Cal’s contracting data will eventually be accurate or complete remains uncertain. On one hand, when agencies adopt FI$Cal as a means of procuring goods and services, it automatically reports their contract data, reducing the likelihood of input error. However, agencies that do not use FI$Cal to procure their goods and services generally must manually enter information into it, similar to the way that they entered data into SCPRS. This manual entry process creates the same risk that users will not enter all required information or will enter inaccurate information. According to General Services, only 57 agencies currently use FI$Cal for their procurements which automatically reports their contract data, or about 31 percent of the total number of entities currently scheduled to use it. At this stage, it is not clear how long it will be before the remaining agencies begin using it. Further, some large agencies, such as the California Department of Corrections and Rehabilitation, do not plan to transition to FI$Cal until their own business management systems become obsolete. In the meantime, if General Services does not ensure the integrity of the data that the remaining agencies must manually enter into FI$Cal, the State may continue to lack California State Auditor Report 2016-124 June 2017 critical information about those agencies’ contracting. This lack of information will hinder both General Services’ and Technology’s ability to oversee and manage the State’s contracting and to ensure the appropriate use of noncompetitive spending. Furthermore, FI$Cal’s structure may currently prevent both General Services and Technology from accurately identifying the State’s spending on amendments. Although FI$Cal allows agencies to identify whether goods and services were noncompetitively procured, it does not currently allow agencies—regardless of whether they use FI$Cal to procure their goods or services—to clearly indicate that procurements were made using amendments. This lack of consistency in FI$Cal’s data will impede General Services’ and Technology’s ability to accurately analyze the State’s noncompetitive spending on amendments at an aggregate level. Moreover, neither General Services nor Technology has established formal plans to regularly analyze the new FI$Cal data to monitor the State’s noncompetitive procurements. Such analyses are critical for identifying potentially abusive contracting activity, such as agencies directing state contracts to favored vendors. When we asked why General Services and Technology did not have plans to perform these types of analyses, the entities indicated they had prioritized other tasks such as becoming familiar with the complexities of FI$Cal. However, both General Services and Technology agreed these analyses are important and indicated they will start developing plans to perform them in the future. Our review of 27 noncompetitively bid contract justifications (noncompetitive requests) that General Services or Technology approved demonstrates the necessity for such statewide analyses. Agencies sometimes use noncompetitive requests to enter into original contracts with specific vendors or to amend contracts with existing vendors, often extending a contract’s terms or increasing its value. According to General Services’ State Contracting Manual, state agencies can generally only use noncompetitive requests when a proposed acquisition of goods are the only goods that meet the State’s needs. For non-IT services acquisitions, state agencies fill out noncompetitive requests to explain why they are affording a single business enterprise the opportunity to provide the specified services. General Services uses this information to determine whether the noncompetitive request is in the State’s best interest. However, our review of 27 noncompetitive requests found that General Services and Technology approved nine requests—with a total value of nearly $1 billion—even though these nine instances were largely the result of insufficient planning by the agencies. 3 4 California State Auditor Report 2016-124 June 2017 For example, General Services approved a $3 million noncompetitive request from the California High-Speed Rail Authority (High-Speed Rail) for a second contract amendment for financial consulting services, which High-Speed Rail submitted a mere 17 days before the existing contract was set to expire. When justifying its noncompetitive request, High-Speed Rail stated that the financial consulting services were critical to its mission and that the vendor’s skills were “specialized and not widely available.” However, it did not provide a valid reason why this vendor alone could meet the State’s needs, as financial consulting services are not unique. Further, this was the second time High-Speed Rail submitted a noncompetitive request to amend this particular contract, citing similar reasons. General Services asserted that it approved the noncompetitive request because the vendor’s services were crucial to ensuring that High-Speed Rail received timely delivery of funding. By approving a noncompetitive request that could have been competitively bid, General Services prevented other vendors from competing for this contract, potentially resulting in the State not receiving the best value. Similarly, Technology approved a noncompetitive request that the agency could have competitively bid with sufficient planning. In this instance, the Employment Development Department (EDD) amended a contract three times with a vendor working on an IT project that processed unemployment insurance payments. These three amendments—two of which Technology approved and were noncompetitive—increased the total value of the contract from $600,000 to $8 million in less than a year. EDD then submitted a noncompetitive request for a fourth amendment for an additional $2 million. It justified that request in part by stating that the current vendor had experience with the project and that its own staff did not have the necessary technical skills. However, Technology noted that the vendor had not met the contract’s knowledge-transfer provision—the requirement that the vendor give EDD staff the knowledge necessary to perform its responsibilities without the vendor’s assistance. Moreover, EDD had identified this issue in the prior noncompetitive requests for the same contract. Nonetheless, Technology did not follow up to ensure that the agency took the steps necessary to avoid subsequent noncompetitive requests. Instead, Technology approved the fourth amendment for $2 million, limiting the ability of other vendors to compete for this contract. Although knowledge transfer is one of multiple reasons EDD cited for submitting the noncompetitive request, it repeatedly used this reason to justify the noncompetitive requests throughout the history of this contract. Technology staff agreed that it could strengthen its oversight by monitoring and following up with agencies that repeatedly submit inappropriate noncompetitive requests. California State Auditor Report 2016-124 June 2017 Although both General Services and Technology have mechanisms they can use to encourage agencies to comply with noncompetitive procurement policies, they rarely employed them during our five‑year audit period. General Services in particular has a number of mechanisms for enforcing compliance. For example, it can revoke or reduce an agency’s delegated purchasing authority, forcing the agency to submit contracts to General Services for approval, regardless of dollar amount. However, during our audit period, General Services only twice reduced or revoked an agency’s delegated purchasing authority—and neither instance related to an inappropriate noncompetitive procurement. A section manager for General Services’ Purchasing Authority unit asserted that reducing or revoking an agency’s purchasing authority does not solve poor management of a contract that was procured above an agency’s purchasing authority and therefore, already required General Services’ approval. However, increased use of this tool in appropriate situations of poor contract management could offer General Services significant leverage to hold agencies accountable. Technology told us it had never formally denied an agency’s noncompetitive request since it became responsible for procurements related to reportable IT projects and telecommunications services in July 2013. Further, neither General Services nor Technology monitored the corrective action plans agencies submitted with their noncompetitive requests. The noncompetitive request form requires agencies to submit corrective action plans when the acquisition could have been competitively bid but was not because there was insufficient time to complete the competitive acquisition process. For example, in 2013 the Department of Health Care Services (Health Care Services) requested approval of a noncompetitive request for an $835 million amendment to its contract for administrative services for its Medi‑Cal dental program—the seventh such amendment in the contract’s history. Because Health Care Services cited insufficient time to complete the competitive acquisition process as a reason for the noncompetitive request, it included with its noncompetitive request a corrective action plan with a proposed timeline for its future competitive solicitation. However, staff at General Services did not monitor Health Care Services to determine if it followed through with this timeline. We found that although Health Care Services eventually began the process of soliciting competitive bids, it did so 18 months later than stated in the corrective action plan. We find it particularly troubling that General Services did not follow up on Health Care Services’ corrective action plan regarding an amendment worth hundreds of millions of dollars. Because General Services and Technology did not consistently use their enforcement authority, they allowed agencies to inappropriately continue using noncompetitive requests. 5 6 California State Auditor Report 2016-124 June 2017 By applying their enforcement mechanisms more consistently, General Services and Technology could better ensure that agencies engage in competitive bidding when appropriate. Summary of Recommendations Legislature To promote accountability for and transparency of the State’s noncompetitive request process, the Legislature should require General Services and Technology to submit an annual public report of all noncompetitive requests they approve with values over $1 million. Such a report should include, when applicable, the contracting agency; values for original contracts, noncompetitive requests, and amendments; and mechanisms applied to enforce compliance. The Legislature could also require agencies to publicly justify their noncompetitive requests in legislative hearings when it sees fit. General Services To improve its oversight of the State’s noncompetitive contracts, General Services should immediately ensure that agencies enter accurate and complete contract information into FI$Cal. General Services should modify FI$Cal to include a standard amendment indicator to identify an item as an amendment. General Services should also create plans for regularly performing statewide analyses of FI$Cal data to identify potential abuse or overuse of noncompetitive contracts. To ensure that it holds agencies accountable for implementing the corrective action plans that they submit with noncompetitive requests, General Services should immediately begin tracking all such outstanding plans and following up to ensure that agencies complete them. To ensure that it consistently and appropriately responds when agencies fail to competitively bid when they could have, General Services should create an escalation process outlining the order and severity of enforcement mechanisms it will use. California State Auditor Report 2016-124 June 2017 Technology To improve its oversight of the State’s noncompetitive contracting related to reportable IT projects and telecommunications procurements, Technology should create plans for regularly performing statewide analyses of FI$Cal data to identify potential abuse or overuse of noncompetitive contracts. To ensure that it holds agencies accountable for implementing the corrective action plans that they submit with noncompetitive requests, Technology should immediately begin tracking all such outstanding plans and following up to ensure that agencies complete them. Agency Comments General Services and Technology agreed with our findings and indicated they will implement our recommendations. 7 8 California State Auditor Report 2016-124 June 2017 California State Auditor Report 2016-124 June 2017 Introduction Background Each year, state agencies award billions of dollars in contracts for goods and services. Because these contracts involve the expenditure of state funds, it is critical that agencies award them fairly and that the contracts represent the best value for the State. To eliminate favoritism, fraud, and corruption and to ensure fair competition in the State’s contracting, the Legislature enacted the Public Contract Code, which requires that agencies use a competitive bidding process when possible. The competitive process brings a number of advantages for public procurements, including lower costs and higher‑quality products. At the same time, state law Examples of the Types of Procurements That General Services and Technology Oversee acknowledges that under limited circumstances, certain procurements may not warrant competition. In these General Services: instances, state agencies may use the noncompetitive 1. Non-IT goods: Contracts involving all types of non-IT bidding process, as we discuss in more detail later. The Legislature has generally tasked two state departments—the Department of General Services (General Services) and the California Department of Technology (Technology)—with statewide contracting oversight.1 General Services has historically been the entity responsible for overseeing the vast majority of the State’s procurements. For example, as the text box shows, it oversees contracts for goods and services that do not involve information technology (IT). Further, it oversees contracts for IT goods and services that are not part of what State law identifies as reportable projects. Effective July 1, 2013, state law made Technology responsible for the oversight of procurement for reportable IT projects, or those projects whose costs exceed specified thresholds or meet other specified criteria. Technology’s website indicates that the thresholds for reportable projects vary by purchasing agency and generally range from $200,000 to $2 million. In addition, Technology is responsible for overseeing telecommunications procurements, which mostly involve voice and data communications but may include communication by other means as well. The focus of this audit is on General Services’ and Technology’s oversight and approval of noncompetitive procurements over $1 million. 1 tangible personal property, including materials, supplies, and equipment. 2. Non-IT services: Contracts in which the contractor performs a duty or labor that does not relate to IT. Examples include medical services, call center operations, mental health services, and exam administration. 3. IT goods and services: Contracts for the acquisition of IT goods and services that are not part of a reportable IT project. Examples include laptops, monitors, statewide database maintenance, and credit card transaction processing. Technology: 1. Reportable IT projects: Contracts for the acquisition of IT projects that exceed specified cost thresholds, among other factors. Examples include maintenance for self‑service terminals, payroll software, department websites, unemployment and disability claims processing systems, and 9-1-1 emergency texting services. 2. Telecommunications: Contracts for the acquisition of telecommunications involve voice and data communications but may include communication by other means as well. Examples include purchasing radio frequencies, telephone services, and voicemail. Sources:  General Services Acquisitions Glossary, State Administrative Manual, state law, and procurement files. These entities oversee purchases that are above agencies’ delegated purchasing authority. Agencies can make their own purchases if the costs are below their assigned delegated purchasing authority. 9 10 California State Auditor Report 2016-124 June 2017 Competitive and Noncompetitive Procurements In an open competitive process, an agency permits all vendors to compete for a contract, and it evaluates bidders on the same fixed criteria. When conducting a competitive procurement, an agency must use a competitive solicitation process to notify prospective bidders that the State wishes to receive bids for furnishing goods and services. The type of competitive solicitation process the agency must use depends on whether the acquisition is a good or service and its estimated value. If the type and value of the procurement require formal competition, the agency must follow standardized procedures and use specific types of solicitations, such as an invitation for bids or a request for proposal. In contrast, the State Contracting Manual allows informal competition when the cost of a contract falls below a certain dollar threshold. In these circumstances, the agency can use different procedures and solicitation methods, such as a request for quotations. The agency then evaluates suppliers’ responses using various factors, including reviewing cost proposals. It chooses a vendor based on the lowest bid or quality of the proposal or it can decide not to award a contract. State law requires competitive bidding for contracts unless a legally authorized basis exists for exempting them from the competitive process. A number of laws identify situations in which contracts are exempt from competition. Further, state law allows General Services to establish policies to exempt certain types of contracts. General Services lists these exemptions in its State Contracting Manual. Table 1 identifies some of the laws and policies that exempt certain procurements from competition. One type of policy exemption, and the focus of this report, involves the noncompetitively bid contract justification (noncompetitive request). An agency must submit a noncompetitive request to the appropriate oversight entity—either General Services or Technology—when that agency wishes to justify entering into a noncompetitive contract for non-IT goods or IT goods and services because it believes only one vendor can serve its needs. For non-IT services acquisitions, state agencies fill out noncompetitive requests to explain why they are affording only a single business enterprise the opportunity to provide the specified services. General Services uses this information to determine whether the noncompetitive requests are in the State’s best interests. Once the appropriate oversight entity approves the noncompetitive request, the agency can proceed with its noncompetitive procurement. Agencies sometimes use noncompetitive requests both to enter into original contracts and to amend existing contracts. Generally, an agency can amend a contract without approval from its oversight entity if the option to amend the contract was included in both the contract and the contract’s original competitive solicitation. However, if the original competitive solicitation California State Auditor Report 2016-124 June 2017 and the contract did not establish the possibility of amendments, the State Contracting Manual requires the agency to submit a noncompetitive request before entering into the amendment. Additionally, other policy and statutory exemptions may allow an agency to noncompetitively enter into an amendment with a vendor without first submitting a noncompetitive request. Table 1 State Law or Policy May Exempt Certain Procurements From the State’s Competitive Bidding Requirement EXEMPT BY STATUTE OR POLICY LIMITED COMPETITION CONTRACT TYPE DESCRIPTION Statute Emergency contracts* Contracts for goods or services that are necessary for the immediate preservation of public health, welfare, or safety, or for the protection of state property. Statute Interagency agreements Contracts between state agencies, including the California State University and University of California campuses. Statute Contracts with other public entities Includes contracts with federal agencies, California local government agencies, state agencies, state colleges, state universities, or local government entities from states other than California. Statute Expert witness for litigation Contracts solely for the purpose of obtaining the services of expert witnesses for litigation. Statute Legal defense, legal advice, or legal services Contracts for legal services. Statute Various program contracts Contracts for various programs exempt by law. Examples include contracts with business entities operating community rehabilitation programs that are justified under Government Code 19130(b) and that meet the criteria of the Welfare and Institutions Code 19404, as well as contracts for the Golden Bear State Pharmacy Assistance Program. Statute Testing examinations Contracts for development, maintenance, administration, or use of licensing or proficiency testing examinations. Policy Noncompetitive request or special category request Contracts for which the acquisition of a good or service is restricted to one vendor. Special category requests are similar to noncompetitive requests but involve a group of related contracts rather than a single contract. Policy Various categorical exemptions Service contracts using General Services’ leveraged procurement agreements, public entertainment contracts for state-sponsored fairs and expositions, proprietary subscriptions, as well as other contract types. Policy Subvention and local assistance contracts Contracts providing assistance to local government and aid to the public directly or through an intermediary, such as a nonprofit corporation organized for that purpose. Sources:  State law and the State Contracting Manual. Note:  This is not an exhaustive list of all statutory exemptions. * The emergency contracts statutory exemption defines an emergency as “a sudden, unexpected occurrence that poses a clear and imminent danger, requiring immediate action to prevent or mitigate the loss or impairment of life, health, property, or essential public services.” Oversight of Noncompetitive Procurements As Figure 1 on the following page shows, multiple units within General Services’ Procurement Division, as well as its Office of Legal Services (Legal Services), play a role in overseeing noncompetitive procurements. As the State Contracting Manual outlines, if an agency 11 12 California State Auditor Report 2016-124 June 2017 wishes to acquire a good or service within General Services’ purview either competitively or noncompetitively, the agency must first determine whether the purchase falls within its delegated purchasing authority. If it does, the agency can conduct the procurement itself. However, if the cost of the acquisition exceeds the agency’s purchasing authority and the procurement is within General Services’ purview, the agency must either obtain General Services’ approval or General Services will execute the acquisition on the agency’s behalf. If the procurement is exempt from competitive bidding by statute or policy but does not involve a noncompetitive request, it moves directly to the appropriate General Services unit for final review, as Figure 2 shows. Figure 1 Multiple Units Within General Services Approve Contracts That Are Exempt From Competition Department DIVISION/office General Services Office of Legal Services Procurement Division Reviews and approves all non-IT service contracts over $50,000 or $150,000, depending on the contracting agency. Branch* Unit † Strategic Sourcing and Acquisitions Branch Policy, Training, and Customer Services Branch One-Time Acquisitions Unit Dispute Resolution Unit Purchasing Authority Unit Conducts procurements of non-IT goods and IT goods and services on behalf of agencies if those procurements exceed the agency's purchasing authority and are not related to reportable IT projects. Facilitates resolution of contract disputes and approves or denies noncompetitive requests for all types of contracts. Establishes dollar thresholds under which agencies have the authority to procure non-IT goods and IT goods and services without seeking General Services’ approval. Sources:  State Contracting Manual and General Services’ policies. * Although the Procurement Division includes other branches, we only identified those branches involved in processing contracts exempt from competition. † Although the units have other roles, we only include detail as it pertains to contracts exempt from competition. California State Auditor Report 2016-124 June 2017 Figure 2 General Services Generally Reviews Acquisitions for Goods and Services That Are Exempt From Competition and Valued Over $1 Million Agency executes acquisition without General Services approval NO If engaging in the noncompetitive process, does the cost of the acquisition exceed the agency’s delegated purchasing authority? YES Does acquisition use the noncompetitive request or another statutory or policy exemption? What type of good or service is being acquired? Other statutory or policy exemption for non-IT services acquisition Other statutory or policy exemption for non-IT goods or IT goods and services Noncompetitive request (all types of goods or services) APPROVED Non-IT services Agency asserts that unique circumstances exist and submits a noncompetitive request justification to the Procurement Division’s Dispute Resolution unit for review. APPROVED Non-IT goods or IT goods and services acquisition DENIED Acquisition is either cancelled, bid competitively, or processed again using another exemption. Process moves to Legal Services Purchasing Authority unit reviews contract if agency will execute its own acquisition. Legal Services reviews the contract. DENIED APPROVED Acquisition is either cancelled, bid competitively, or processed again using another exemption. Agency executes the acquisition. Process continues in the Procurement Division APPROVED The Purchasing Authority unit authorizes agency to execute its own one-time acquisition. Sources:  State Contracting Manual and General Services’ policies. DENIED Acquisition is either cancelled, bid competitively, or processed again using another exemption. One-Time Acquisitions Unit reviews contract if executing acquisition on agency’s behalf. APPROVED The One-Time Acquisitions Unit executes the acquisition on agency’s behalf. 13 14 California State Auditor Report 2016-124 June 2017 This process changes slightly when an agency wishes to use a noncompetitive request for a procurement. Specifically, General Services’ Procurement Division’s Dispute Resolution unit is responsible for reviewing and approving all noncompetitive requests from agencies. Once the Dispute Resolution unit has approved the noncompetitive request, the agency must submit the contract to either Legal Services or one of the other units in General Services’ Procurement Division for review if the acquisition is for an amount above its purchasing threshold. Legal Services must approve all such procurements of non-IT services, while the Purchasing Authority unit is responsible for one-time authorizations for agencies to execute their own contracts for non‑IT goods or IT goods and services. Finally, if called for, General Services’ One-Time Acquisitions Unit executes one-time acquisitions on behalf of the agencies. Similar to General Services, Technology follows the policies set forth in the State Contracting Manual for reviewing and approving the contracts under its oversight. Technology’s Statewide Technology Procurement Division (Technology’s Procurement Division) oversees all procurement activities classified as reportable IT projects or telecommunications services exceeding the agency’s delegated purchasing authority. Technology’s IT Project Oversight Division assists agencies in planning and implementing successful IT projects. However, Technology’s Procurement Division is responsible for overseeing procurements related to those projects. Specifically, it approves noncompetitive requests and also reviews and approves final contracts. Scope and Methodology The Joint Legislative Audit Committee (audit committee) directed the California State Auditor to conduct an audit of General Services’ and Technology’s processes for awarding noncompetitive contracts. Table 2 lists the audit committee’s objectives and the methods we used to address them. California State Auditor Report 2016-124 June 2017 Table 2 Audit Objectives and the Methods Used to Address Them AUDIT OBJECTIVE 1 2 Review and evaluate the laws, rules, and regulations significant to the audit objectives. For the past five years, determine the total number of contracts awarded for $1 million or more that were approved by General Services or Technology. METHOD •  We reviewed relevant laws, rules, and other background materials related to the State’s noncompetitive contracting. •  We interviewed key staff at General Services and Technology who oversee and approve noncompetitive contracts. General Services •  We interviewed staff and reviewed relevant documentation regarding SCPRS. We obtained an extract of SCPRS for the period from fiscal years 2011–12 through 2015–16. •  We interviewed staff at each of the different units involved in approving contracts or noncompetitive requests. Because of the insufficiencies that we identified with SCPRS, we attempted to use these units’ internal databases to answer this objective instead. •  We determined that of the four internal databases that we obtained, two databases could not clearly distinguish between competitive and noncompetitive contracts and contained inconsistent dollar amounts. Therefore, we used the remaining two internal databases to determine the total number and value of the contracts over $1 million that General Services approved from fiscal years 2011–12 through 2015–16. •  We did not review the Financial Information System for California (Fi$cal) system for completeness and accuracy because of its relatively new adoption by General Services. Therefore, we instead looked at General Services’ method of ensuring that departments are entering accurate data into FI$Cal. Because the consistency of the FI$Cal data should improve as more departments transact in FI$Cal, we examined the number of agencies currently using the system and those expected to do so in the near future. Technology We interviewed staff involved in approving contracts or noncompetitive requests, and reviewed Technology’s internal workload database. Because of the insufficiencies of its internal database, we asked Technology to prepare a list of all contracts over $1 million that Technology approved from fiscal years 2011–12 through 2015–16. a.  For those contracts, determine the number and value of contracts awarded without competitive bidding at General Services and Technology. General Services •  Using the same two internal databases we analyzed above in objective 2, we determined which of the contracts had been awarded competitively and noncompetitively. We also determined the total number and value of noncompetitive contracts over $1 million that General Services approved. •  We considered all procurements except competitive procurements and master agreements to be noncompetitive. •  General Services establishes master agreements in order to leverage the State’s buying power. Because General Services generally competitively procures these agreements, we did not evaluate them. Technology We determined which of the contracts from the list obtained in objective 2 had been awarded competitively and noncompetitively. We also determined the total number and value of noncompetitive contracts over $1 million that Technology approved. b.  For those contracts, identify the various specific state laws, regulations, and policies the agencies relied on to award contracts without competitive bidding. •  We reviewed the relevant laws and the State Contracting Manual’s policies that exempt state contracts from competitive bidding. Because of limitations with the data, we could not determine the specific exemptions that applied to the incomplete contracts we identified that were over $1 million and approved by General Services or Technology. •  Because General Services’ data could not identify instances when agencies purchased goods and services noncompetitively because of emergencies that posed an imminent danger to life, health, property, or essential public services, and General Services’ staff do not separately track these instances, we were unable to evaluate whether General Services appropriately approved the State’s emergency for purchases over $1 million from fiscal years 2011–12 through 2015–16. Starting with the implementation of FI$Cal in January of 2016, General Services should be able track such emergencies using an indicator in the system. continued on next page . . . 15 16 California State Auditor Report 2016-124 June 2017 AUDIT OBJECTIVE 3 For a selection of contracts awarded without competitive bidding, determine the following for each contract awarded: METHOD General Services We selected 30 noncompetitive procurements for our review by using the internal databases that could distinguish between competitive and noncompetitive contracts. We considered the frequency of the type of noncompetitive acquisition method, dollar amount, requesting agencies, and any records listed as “expedited” when judgmentally selecting procurements for our review. Technology We selected 15 noncompetitive procurements for our review using the list of such procurements that we obtained. We selected fewer procurements to review for Technology because the contracts it approved appeared to represent a smaller portion of the value of contracts that General Services approved according to their respective internal databases. We considered the type of noncompetitive acquisition method, dollar amount, requesting agencies, and vendors when judgmentally selecting procurements for review. a.  Whether the justification for noncompetitive bidding was clear and complied with law, regulation, and policy. General Services •  Fifteen of the 30 procurements we selected were exempt from competition by a specific statute or policy. For these 15 procurements, we determined whether the statute or policy that the agency cited was appropriate. •  The remaining 15 procurements involved noncompetitive requests. Because more robust analysis is necessary to determine if noncompetitive requests are appropriate, we decided that half of our selection for General Services should be this type of noncompetitive procurement. For these procurements, we primarily assessed two factors to determine whether a noncompetitive request could have been competitively bid: whether the agency provided sufficient justification supporting that the acquisition was restricted to the good, service, or supplier, and whether the agency sufficiently planned for procurement. Furthermore, we determined whether the agency demonstrated that the vendor’s price was fair and reasonable or that the State would realize savings by engaging in the noncompetitive procurement. In addition, we reviewed the timing of the submission of the noncompetitive request compared to the critical deadline the agency was facing and the number of previous noncompetitive requests related to the same contract. Lastly, we determined whether General Services applied any enforcement mechanisms against agencies submitting the noncompetitive requests. Technology •  Because agencies cited far fewer specific statutes or policies that exempted their contracts from competition when seeking Technology’s approval rather than General Services’, we selected only three of these types of contracts for Technology. For these three contracts, we determined whether the specific statute or policy that the agency cited was appropriate. •  The remaining 12 procurements involved noncompetitive requests. For these procurements, we primarily assessed two factors to determine whether a noncompetitive request could have been competitively bid: whether the agency provided sufficient justification supporting that the acquisition was restricted to the good, service, or supplier, and whether the agency sufficiently planned for procurement. Furthermore, we determined whether the agency demonstrated that the vendor’s price was fair and reasonable or that the State would realize savings by engaging in the noncompetitive procurement. In addition, we reviewed the timing of the submission of the noncompetitive request compared to the critical deadline the agency was facing and the number of previous noncompetitive requests related to the same contract. Lastly, we determined whether Technology applied any enforcement mechanisms against agencies submitting the noncompetitive requests. California State Auditor Report 2016-124 June 2017 AUDIT OBJECTIVE METHOD b.  Whether the state law, regulation, or policy used for the justification was consistently applied among the test items reviewed. General Services • We determined whether General Services consistently evaluated the justifications agencies cited for each noncompetitive request by evaluating the answers to the noncompetitive request justification form and correspondence between General Services and the agency submitting the noncompetitive request. • We examined whether General Services approved contracts for procurements exempt from competition by statute or policy in a uniform manner. We did not note inconsistencies. Technology • We determined whether Technology consistently evaluated the justifications agencies cited for each noncompetitive request by evaluating the answers to the noncompetitive request justification form and correspondence between Technology and the agency submitting the noncompetitive request. • We examined whether Technology approved procurements exempt from competition by statute or policy in a uniform manner. We did not note any inconsistencies. 4 Review and assess any other issues that are significant to the audit. We did not identify any other significant issues. Sources:  California State Auditor’s analysis of state law, State Contracting Manual, and information and documentation identified in the column titled Method. Assessment of Data Reliability In performing this audit, we obtained electronic data files extracted from the information systems listed in Table 3. The U.S. Government Accountability Office, whose standards we are statutorily required to follow, requires us to assess the sufficiency and appropriateness of computer‑processed information that we use to support findings, conclusions, or recommendations. Table 3 describes the analyses we conducted using data from these information systems, our methods for testing, and the results of our assessments. Although these determinations may affect the precision of the numbers we present, there is sufficient evidence in total to support our audit findings, conclusions, and recommendations. Table 3 Methods Used to Assess Data Reliability INFORMATION SYSTEM Legal Services Contracts Database as of August 2016 PURPOSE METHOD AND RESULT CONCLUSION For contracts and amendments of at least $1 million approved by Legal Services from fiscal years 2011–12 through 2015–16, calculate the number and dollar amount by procurement method, and generate a selection of contracts. We performed data-set verification procedures and found no errors. Further, we performed electronic testing of key data elements and found that the dollar amount of contracts and amendments could be positive, negative, or zero. The Contracts Database has no set rules as to how the contract or amendment amount is entered. Thus, we used the absolute value of the contract and amendment amounts to determine the dollar value of contracts and amendments. We performed accuracy testing on a random sample of 29 contracts and amendments by tracing key data elements to supporting documentation. We found four errors in the data field that identifies contract selection method. We verified completeness by tracing a haphazard selection of 31 contracts and amendments to the database and found no errors. Not sufficiently reliable for these audit purposes. Although this determination may affect the precision of the numbers we present, sufficient evidence exists in total to support our audit findings, conclusions, and recommendations. continued on next page . . . 17 18 California State Auditor Report 2016-124 June 2017 INFORMATION SYSTEM General Services Limited Competition Database as of September 2016 General Services SCPRS as of August 2016 Technology List of Contracts and Noncompetitive Requests General Services One-Time Acquisitions Log General Services Purchasing Authority Log PURPOSE METHOD AND RESULT CONCLUSION For noncompetitive requests of at least $1 million approved by General Services from fiscal years 2011–12 through 2015–16, calculate the number and dollar amount by procurement method; generate a selection of noncompetitive requests; and generate a list of the noncompetitive requests General Services denied from fiscal years 2011–12 through 2015–16. We performed data-set verification procedures and electronic testing of key data elements and found no errors. We performed accuracy testing on a random sample of 29 noncompetitive requests by tracing key data elements to supporting documentation. We found two errors in the dollar amount. We verified completeness by tracing a haphazard selection of 29 hardcopy noncompetitive requests to the data and found no errors. Not sufficiently reliable for these audit purposes. Although this determination may affect the precision of the numbers we present, sufficient evidence exists in total to support our audit findings, conclusions, and recommendations. To calculate the number and value of noncompetitive contracts and amendments General Services or Technology approved from fiscal years 2011–12 through December 2015. We performed data-set verification procedures and found no errors. We reviewed existing information to determine what was already known about the data and found that SCPRS data are self-reported by individual departments throughout the State. Further, when we interviewed General Services staff who were knowledgeable about the data, we found that state agencies inconsistently enter contract amounts and contract numbers and that SCPRS does not contain a field that indicates when the contract or amendment was approved or by which oversight entity. Further, as we discuss in Chapter 1, to gain some assurance of the accuracy and completeness of SCPRS, we tested a selection of non-IT goods and services and IT services contracts and their associated amendments of at least $1 million that General Services approved from July 2011 through December 2015. We found that 9 of the contracts and associated amendments were misrepresented as competitively bid, when in fact, they were not. In addition, we found 12 contracts and amendments were missing. Not sufficiently reliable for this audit purpose. Due to the intended use of the data and the significant limitations identified, we chose not to use these data to support findings or conclusions. For contracts and amendments of at least $1 million approved by Technology from fiscal years 2011–12 through 2015–16, calculate the number and dollar amount by procurement method. Because Technology’s internal database did not indicate which contracts Technology had approved, we requested that Technology provide a complete list of contracts it approved. We attempted to verify completeness by tracing a haphazard selection of 29 competitive and noncompetitive procurements to the data. We found two procurements were missing within the first 19 selected procurements. We did not perform further completeness or accuracy testing because we found the data were not complete. Not sufficiently reliable for these audit purposes. Although this determination may affect the precision of the numbers we present, sufficient evidence exists in total to support our audit findings, conclusions, and recommendations. For contracts and amendments of at least $1 million approved by General Services from fiscal years 2011–12 through 2015–16, calculate the number and dollar amount by procurement method. We reviewed key fields for logical inconsistencies and found that the log did not clearly distinguish between competitive and noncompetitive contracts. We also found that the dollar amounts were inconsistent. Not sufficiently reliable for these audit purposes and therefore, we did not present the information. For contracts and amendments of at least $1 million approved by General Services from fiscal years 2011–12 through 2015–16, calculate the number and dollar amount by procurement method. We reviewed key fields for logical inconsistencies and found that the log did not clearly distinguish between competitive and noncompetitive contracts. We also found that the dollar amounts were inconsistent. Not sufficiently reliable for these audit purposes and therefore, we did not present the information. Sources:  California State Auditor’s analysis of various documents, interviews, and data from the entities listed in the Table. California State Auditor Report 2016-124 June 2017 CHAPTER 1 AS A RESULT OF THEIR WEAK OVERSIGHT, GENERAL SERVICES AND TECHNOLOGY LACK COMPLETE AND ACCURATE INFORMATION ABOUT THE STATE’S CONTRACTS Chapter Summary Without complete and accurate information regarding its contracts, the State cannot ensure that agencies are engaging in competitive bidding when necessary and that the billions of dollars in annual procurements represent the best possible value. During the period from July 2011 through December 2015, General Services did not take the steps necessary to ensure that key stakeholders such as the Legislature had access to such comprehensive contracting data. Specifically, General Services implemented the State Contract and Procurement Registration System (SCPRS) in 2003 with the primary objective of providing a single repository for key information about state contracts that it could use to provide oversight and to demonstrate the visibility and accountability of state contracting activities. However, in part because of General Services’ failure to provide adequate guidance to the agencies that entered data into SCPRS, the database did not sufficiently serve the purposes for which General Services created it. Although General Services transitioned from SCPRS to the new Financial Information System for California (FI$Cal) as its statewide contract database in January 2016, it is unclear when—and if—FI$Cal will fully solve the State’s lack of comprehensive contracting data. On one hand, after agencies begin to use FI$Cal for their procurements, the system automatically reports their contract data, reducing the likelihood of input error. However, less than a third of state agencies currently use FI$Cal, and those agencies that have not transitioned to the system generally must continue to manually enter contracting data within it, creating risk of errors. Finally, neither General Services nor Technology currently has formal plans to use FI$Cal to conduct analyses of statewide noncompetitive procurements to identify instances of abuse or misuse. General Services Failed to Ensure That SCPRS Contained Complete and Accurate Information About the State’s Contracts Partially in response to executive branch concerns, General Services created SCPRS in 2003 to serve as a repository for all the State’s contracting data. For more than 12 years, General Services required that the state agencies under its oversight enter their 19 20 California State Auditor Report 2016-124 June 2017 contracting information into SCPRS. Nonetheless, General Services did not ensure that SCPRS was accurate and met the State’s needs. As a result, SCPRS failed to serve many of the purposes for which General Services created it, leaving the State without a single repository of statewide contracts that it could monitor and analyze. When General Services transitioned to FI$Cal as its statewide contract database in January 2016, it essentially rendered SCPRS obsolete. However, as we discuss later in this chapter, the problems we identified with SCPRS may continue with FI$Cal unless General Services takes steps to resolve them. In 2002 the Governor directed a three-member task force to review the State’s contracting and procurement procedures and make recommendations to ensure that state agencies used open and competitive bidding to the greatest extent possible and that their procurements received adequate oversight. The task force found that the State lacked a single system to track and capture contracting and procurement transactions. In fact, the task force pointed out that General Services could not even determine with certainty how much state agencies spent on contracts each year. The task force also found that General Services sometimes took weeks to compile questionable data when responding to legislative or public records requests because the State’s contracting and procurement information was located in numerous databases. As a result, the task force recommended that General Services implement an integrated system to track contract and procurement transactions that state agencies execute and to capture important data related to those transactions. General Services’ Intended Purposes for SCPRS • Collect information about contracting and procurement activities that will allow the State to more effectively manage the contracting and procurement processes for which General Services is responsible. • Collect the appropriate type of contract and procurement information to assist General Services to perform its oversight functions. • Provide a single repository for key information about state contracts that can be sorted to provide timely and accurate information for state decision-makers, Public Records Act requests, and reports regarding contract‑related activities. • Collect information that will allow the State to demonstrate visibility and accountability over contract activities. Source:  General Services’ overview of SCPRS. In response to the task force’s recommendation, General Services implemented SCPRS in 2003. General Services intended SCPRS to serve a number of purposes, as the text box shows. In concept, General Services—and starting in 2013, Technology—could have used SCPRS to determine the number and dollar value of the State’s noncompetitive contracts and to examine trends in agencies’ uses of such contracts. These analyses would have enabled the two oversight entities to better understand the scale of the State’s noncompetitive contracts and to identify situations in which agencies might be abusing noncompetitive contracts by favoring certain vendors. For example, General Services and Technology could have reviewed the value of noncompetitive contracts the State awarded to vendors over a time period and further investigated those cases where there appeared to be unusual trends. California State Auditor Report 2016-124 June 2017 However, we found the SCPRS data to be insufficient for these purposes. To gain some assurance of the accuracy and completeness of SCPRS, we tested a selection of 26 non-IT services contracts and their associated amendments of at least $1 million each that General Services approved from July 2011 through December 2015. We also examined the SCPRS data for an additional five contracts and associated amendments, including contracts for non-IT goods and services and IT services, from this same period. Our review found that SCPRS contained inaccurate information and did not include a number of contracts and associated amendments. As a result of SCPRS’ incomplete and inaccurate data, stakeholders such as the Legislature cannot rely on the database to better inform their decision-making about the State’s noncompetitive contracts. Further, its inaccurate data undermined the purposes for which General Services created it and rendered it essentially useless in addressing the task force’s original concerns. Many of the errors we found resulted from agencies entering data into the database incorrectly. SCPRS relied upon the state agencies to manually enter information about their contracts. However, our findings suggest that some agencies did not understand how to correctly enter this information. For example, the SCPRS data misrepresented nine of the 31 contracts and associated amendments we reviewed as competitively bid when, in fact, they were not competitively bid. In five of these cases, the agencies recorded a single SCPRS entry that combined the total dollar amount of a competitively bid contract and its noncompetitive amendments. Despite the noncompetitive amendments, SCPRS lists the entire entry as being competitively bid. Figure 3 on the following page shows an example of this type of error. In this instance, the original, competitively bid contract for DMV to acquire terminals was for about $3 million. DMV subsequently amended its original contract nine times, without competition, which added an additional $31 million to the cost of the contract. Nonetheless, SCPRS listed a single, competitively bid contract for $34 million. This error effectively obscured the true acquisition method that General Services is charged with limiting. We also found that 12 of the 31 contracts and amendments we reviewed were missing from SCPRS because agencies had failed to enter them. Although General Services required agencies to report all contracts over $5,000 into SCPRS, we identified a number of high‑value contracts that the database did not include. As we show in the second example in Figure 3, one of the contracts identified as missing from SCPRS included eight amendments and was worth $163 million. This contract between the Department of Developmental Services and San Gabriel/ Pomona Valleys Developmental Services was for services to people with developmental disabilities. These missing contracts illustrate the profound limitations of SCPRS as a source of data to demonstrate transparency and accountability in contracting activities. Our review found that SCPRS contained inaccurate information and did not include a number of contracts and associated amendments. 21 22 California State Auditor Report 2016-124 June 2017 Figure 3 Two Examples Demonstrate How the SCPRS Data Misrepresent Noncompetitive Procurements CONTRACT MISREPRESENTED AS COMPETITIVE Contract A Incorrect Entry Into SCPRS Total Original Contract Competitive: $3 Million Amendments 1-9 Noncompetitive: $31 Million Competitive: $34 Million Total Competitive: $3 Million Noncompetitive Amendments: $31 Million CONTRACT MISSING FROM DATABASE Contract B SCPRS Original Contract Noncompetitive: $129 Million Amendments 1-8 Noncompetitive: $34 Million Total Noncompetitive: $163 Million Source:  California State Auditor’s analysis of SCPRS. Note:  The contracts were either amended using the noncompetitive request process or were exempt from competition through another policy or statute. The errors we noted were likely due to General Services’ failure to implement sufficient controls to ensure the data’s accuracy and completeness. For example, although General Services employed various methods to guide and monitor agencies’ entry of data into SCPRS, it did not ensure that agencies had sufficient technical California State Auditor Report 2016-124 June 2017 instructions for how to enter information about amendments. Specifically, the technical user instructions created by the vendor that maintained SCPRS did not clarify that agencies should enter amendments as separate line items in the database. Although it was aware of this problem, General Services did not issue sufficient technical instructions to resolve it. According to a section manager in General Services’ Procurement Division, because the Department of Finance issued a 2008 budget letter that announced a moratorium on developing or upgrading any systems that would duplicate the functionality of the FI$Cal project, General Services intended to retire SCPRS soon after the budget letter and so did not prioritize issuing guidance on this issue. She further stated that General Services could obtain accurate contract information from individual agencies. However, notifying agencies on how to properly enter amendments into SCPRS would not have been a development or upgrade to the database. In addition, because General Services did not issue sufficient guidance on this topic during the nearly eight years between the budget letter and its transition to FI$Cal in January 2016, it ultimately rendered SCPRS useless for the purpose of serving as a single repository for accurate information about the State’s contracts. Similarly, General Services did not adequately instruct agencies to report all required contracts in SCPRS. When we asked General Services about the missing contracts we identified, a section manager stated that agencies were sometimes unclear about which contracts they needed to report into SCPRS. Specifically, agencies sometimes assumed that they did not need to report contracts that were exempt from competitive bidding. Although the Governor issued an executive order in 2011 requiring agencies under his direct authority to provide General Services with as much contracting information as possible, General Services did not issue sufficient guidance between 2011 and 2015 reiterating the need for agencies to report all contracts into SCPRS, including contracts exempt from competitive bidding. Consequently, General Services did not adequately ensure that the SCPRS data were as complete as possible. In addition, General Services did not formally examine the accuracy of agencies’ entries when it performed audits of agencies under its oversight. During our audit period, General Services’ Office of Audit Services (Audit Services) reviewed agency compliance with the State’s contracting policies, including verifying that the agencies entered required contracts in SCPRS. However, Audit Services had no written procedures for its staff to regularly verify the accuracy of the data the agencies entered. Because some of the contracts we tested in SCPRS had incorrectly recorded dollar amounts, numbers of amendments, and acquisition methods, we believe Audit Services should have done more to monitor those entries into General Services did not formally examine the accuracy of agencies’ entries when it performed audits of agencies under its oversight. 23 24 California State Auditor Report 2016-124 June 2017 SCPRS, such as establishing procedures to review these important data fields. Instead, Audit Services missed an opportunity to ensure the integrity of the SCPRS data and educate agencies on the appropriate method of entering contracting information. The acting chief of Audit Services stated that his staff would create procedures to review the accuracy of FI$Cal entries in the future. Because of the severe limitations in SCPRS’ accuracy and completeness, we could not use it to accurately determine the number and value of noncompetitive contracts General Services or Technology approved. Because of these severe limitations in SCPRS’ accuracy and completeness, we could not use it to accurately determine the number and value of noncompetitive contracts General Services or Technology approved during our audit period as the Legislature requested. Therefore, we attempted to use General Services’ and Technology’s internal databases or other data sources to capture the relevant data. General Services’ and Technology’s various units use these internal data sources when approving different types of contracts for workload tracking purposes, such as assigning tasks to staff. However, as Figure 4 shows, these data sources do not capture the complete picture of the State’s contracts either. For example, we could not use two of the five data sources because they do not clearly distinguish between competitive and noncompetitive contracts and contain inconsistent dollar amounts. Further, the other three data sources contain incorrect dollar amounts, list incorrect procurement methods, or are incomplete. Notwithstanding our concerns with these data sources, we used them to attempt to determine the number and dollar value of competitive and noncompetitive contracts and amendments that General Services and Technology approved because their data were the best available. Using these data, we estimate that the State awarded at least $44 billion in noncompetitive contracts over $1 million from fiscal year 2011–12 through fiscal year 2015–16. General Services asserts that noncompetitive requests accounted for only $3.2 billion of this total. Although we have concerns with the integrity of the data, we used some of this information in an attempt to verify General Services’ assertion, but we arrived at a figure of about $5 billion. This discrepancy underscores the importance of having a single repository of sufficiently reliable data. The noncompetitive category also contains non‑IT services contracts using other exemptions from competition, such as interagency and local assistance contracts between public entities. Regardless of the various components included in noncompetitive spending, the sheer magnitude of the value of the State’s noncompetitive contracts during this period emphasizes the importance of ensuring that the State provides adequate oversight of agencies’ contracting practices. California State Auditor Report 2016-124 June 2017 Figure 4 General Services’ and Technology’s Databases Are Inadequate for Accurately Identifying Contracts Over $1 Million  Fiscal Years 2011–12 Through 2015–16 General Services’ Internal Logs or Databases Purchasing Authority Log One-Time Acquisitions Log Limited Competition Database Contracts Contracts Non-IT goods IT goods and services Non-IT goods IT goods and services Noncompetitive Requests Non-IT goods IT goods and services Office of Legal Services Contracts Database Technology List Contracts IT goods and services related to reportable IT projects and telecommunications Contracts and Noncompetitive Requests Non-IT services Data Concerns Data Concern Data Concern Data Concern The logs do not clearly distinguish between competitive and noncompetitive contracts and contain inconsistent dollar amounts. The database contains inaccuracies related to dollar amount. The database contains inaccuracies related to procurement method (competitive or noncompetitive). We found contracts/justification requests were missing. OTHER† ? Number of items and dollar amounts are unknown $6.8 Billion 529 Items Noncompetitive* $44.7 Billion 2,682 Items Due to our Data Concerns, Precise totals are unknown Competitive $16.6 Billion 1,415 Items Sources:  California State Auditor’s analysis of General Services’ internal tracking procurement databases and logs and Technology’s internal tracking procurement database. Note:  According to General Services and Technology, these respective databases are intended for workflow planning and not for external reporting. * General Services asserts that noncompetitive requests account for only $3.2 billion of this total. Although we have concerns with the integrity of the data, we used some of this information in an attempt to verify General Services’ assertion but arrived at a figure of roughly $5 billion for these noncompetitive requests. This discrepancy underscores the importance of having a single repository of sufficiently reliable data. The noncompetitive category also contains non-IT services contracts using other exemptions from competition, such as interagency contracts between public entities and contracts providing assistance to local governments to aid the public directly. † The other category contains contracts with an unknown procurement method. According to General Services, staff may choose this other category for either a competitive or noncompetitive procurement. General Services stated that because its internal databases are only intended for workflow tracking, it did not go back to determine if staff could have recorded a more specific procurement method. 25 26 California State Auditor Report 2016-124 June 2017 Although General Services Recently Transitioned to FI$Cal as Its Statewide Contract Database, It Is Unclear When and to What Degree the Data on State Contracts Will Improve After agencies transition to FI$Cal for procurement, the system automatically reports their contract data, reducing the likelihood of input errors. In January 2016, General Services transitioned from SCPRS to FI$Cal as its statewide contract database. As a legislatively mandated project, the Legislature’s objectives for FI$Cal’s procurement functions are similar to General Services’ previous objectives for SCPRS: they include maintaining a central source of procurement data, supporting better decision making through the use of standardized data and procurement management reports, and improving access to and the transparency of the State’s procurements. FI$Cal has the potential to significantly improve the State’s contracting data because it serves not just as a database but can also be used by agencies to make procurements. As a result, after agencies transition to FI$Cal, the system automatically reports their contract data, reducing the likelihood of input errors. Nonetheless, it is unclear when and even if all state agencies will begin using FI$Cal for their procurements. Those that do not use FI$Cal for their procurements generally must continue to manually enter their contracting information into the system. Consequently, the problems we identified with SCPRS may persist with FI$Cal unless General Services takes steps to resolve them. FI$Cal data should be more consistent than SCPRS data but only for agencies using FI$Cal’s automatic procurement reporting function. As Figure 5 illustrates, under SCPRS, state agencies engaged in two steps: procuring goods and services and then manually reporting that procurement in SCPRS. As we previously discussed, some agencies’ manual entry led to significant errors in the data. In contrast, according to FI$Cal and General Services documents, agencies that have transitioned to FI$Cal use it to procure goods and services, and the system automatically collects and reports that information, thus eliminating the need for the users to separately report their procurements. Therefore, FI$Cal’s data should be more consistent than SCPRS’ data for those agencies that transition to the new system. However, any agencies that are not yet using FI$Cal for their procurements—because they are scheduled to use the system in the future, they have deferred transitioning to the new system, or they are not required to use it—generally must continue to manually report contract information into the system. At this time, less than a third of state agencies are using FI$Cal, and a significant number of the remaining agencies are not scheduled to begin using it in the near future. According to General Services, 57 agencies currently use FI$Cal for their procurements, or about 31 percent of the total number of entities currently scheduled to use it. FI$Cal’s implementation plan states the remaining state agencies should begin using the system by July 2018. However, based on our office’s January 2017 letter report on the implementation of FI$Cal, we believe that FI$Cal may find it necessary to extend the July 2018 California State Auditor Report 2016-124 June 2017 deadline because of its scheduling challenges. Additionally, according to FI$Cal documents, 19 entities are currently deferred or exempt from using FI$Cal, including some large agencies such as the California Department of Transportation and the California Department of Corrections and Rehabilitation. According to FI$Cal’s implementation plan, agencies that have deferred their transition to FI$Cal should begin to use it when their own business management systems become obsolete. On the other hand, agencies that state law exempts from using FI$Cal may never transition to it. However, the Legislature intends for these agencies to either eventually use FI$Cal or create an interface between their own systems and FI$Cal. Figure 5 Unlike SCPRS, FI$Cal Automatically Reports Contract Information When Agencies Use It to Make Procurements January 2016 2003-2015 2016-?? SCPRS State Agency July 2018 ?? Fi$Cal In process of transitioning, deferred, or exempt * Completed transition Agency Not Using FI$Cal for Procurements Agency Using FI$Cal for Procurements Procures goods and services Procures goods and services using FI$Cal Procures goods and services Manually records contract information into database Fi$Cal Manually records contract information into database Automatically records contract information into database SCPRS Fi$Cal Fi$Cal Sources:  General Services management memos, State Contracting Manual, FI$Cal training documents, FI$Cal’s sixth special project report, and the California State Auditor’s FI$Cal status letter published in January 2017. * Deferred state agencies are intended to use FI$Cal when their own business management systems become obsolete. Exempt state agencies have a statutory provision allowing them to not use FI$Cal. 27 28 California State Auditor Report 2016-124 June 2017 The low number of agencies using the automated reporting feature of FI$Cal calls into question when and to what degree the State’s contracting information will become more reliable and complete. Because a large number of agencies do not currently use FI$Cal to procure goods and services, General Services needs to ensure that those entities under its oversight accurately enter all required contract information into the system. General Services employs some methods of ensuring that the agencies that have not yet transitioned to FI$Cal still report accurate and complete information into the database; for instance, it created a spreadsheet to assist agencies not using FI$Cal to submit large numbers of contract entries into the system. However, we noted concerns with how General Services monitored these agencies entering contracts into the system, which may not adequately ensure FI$Cal’s current integrity. Specifically, General Services’ Audit Services has not verified the accuracy and completeness of the procurement data in FI$Cal since the transition from SCPRS more than a year ago, in January 2016. The acting chief of Audit Services stated that because of FI$Cal’s complexity and General Services’ resource constraints, his office has only performed a cursory review of whether agencies reported contracts into the system, rather than formally reviewing whether manual reporting agencies entered contracts and did so accurately. Although we acknowledge that becoming familiar with FI$Cal may take time, Audit Services could have compared contracts it obtained during its review to the information entered in FI$Cal. Instead, General Services missed an opportunity to evaluate how agencies are reporting contracts into the new system. Starting in April 2017, General Services’ Purchasing Authority unit began selecting a sample of procurements from agencies with delegated purchasing authority and ensuring that the agencies reported the procurements accurately into FI$Cal. The section manager in the Purchasing Authority unit stated this process should be more robust than Audit Services’ previous process for ensuring the reliability of the SCPRS data. Thus far, General Services’ Purchasing Authority unit has verified a selection for six agencies’ contracts in FI$Cal and noted several errors. The section manager asserted that once General Services completes its reviews, it will document the findings and seek corrective action for areas of noncompliance. Although FI$Cal allows agencies to identify whether goods and services were noncompetitively procured, it does not currently allow agencies to clearly indicate that procurements were made using amendments. Furthermore, FI$Cal’s structure may currently prevent General Services and Technology from accurately identifying the State’s spending on amendments. Although FI$Cal allows agencies to identify whether goods and services were noncompetitively procured, it does not currently allow agencies—whether or not they use FI$Cal to procure their goods or services—to clearly indicate that procurements were made using amendments. Agencies using FI$Cal for procurements can identify amendments by entering either text or numeric descriptions. However, because both options are permissible, California State Auditor Report 2016-124 June 2017 General Services and Technology may find inconsistent information in FI$Cal. For example, one agency may indicate an amendment by writing “Adding $5 million for additional services,” while another agency may describe the amendment as “A07.” On the other hand, agencies that do not use FI$Cal to procure goods and services must identify their entries as an amendment by selecting the other category, which can capture items besides amendments. According to the section manager in the Procurement Division, these agencies will also identify their FI$Cal entries as amendments by writing text or a numeric description. This lack of consistency in FI$Cal’s data will impede General Services’ and Technologys’ ability to accurately analyze the State’s noncompetitive spending on amendments at an aggregate level. General Services has the ability to request that FI$Cal modify certain aspects of the system’s procurement component, including adding a clear, standardized indicator for amendments. When we asked why General Services had not made such a modification, the section manager in the Procurement Division stated that General Services wished to assess how FI$Cal was currently working for agencies before modifying it. However, we believe that a standardized amendment indicator is necessary in order for General Services to properly oversee the State’s amended contracts. Such an indicator would allow it to identify the number and value of the amendments that agencies have awarded noncompetitively and to examine patterns of agencies that are overusing or inappropriately using the noncompetitive process through their amendments. Further, General Services should not have waited for agencies to use FI$Cal for more than a year without making this modification, as the delay further jeopardizes the data’s integrity. General Services agreed that an amendment indicator would likely improve the accuracy of its analyses and reporting, and in May 2017 it requested that FI$Cal modify the system to include an amendment indicator. General Services and Technology Have Not Established Plans to Conduct Statewide Analyses of the State’s Noncompetitive Contracting Practices Based on SCPRS’ intended purposes, on the Legislature’s intent in enacting the Public Contract Code, and on the fact that state law requires General Services to oversee and improve the State’s contracting practices, we expected General Services to have ensured the accuracy of the SCPRS data and then used those data to perform statewide analyses in order to improve its oversight. In addition, because state law generally requires Technology to oversee the State’s contracts for reportable IT projects and telecommunications goods and services, we expected Technology to also have performed statewide analyses of procurements it oversees. Examples of such analyses include examining the proportion of the State’s competitive and noncompetitive spending and identifying trends in the State’s noncompetitive procurements over time. However, as we previously discussed, General Services did not ensure that SCPRS’ We believe that a standardized amendment indicator is necessary in order for General Services to properly oversee the State’s amended contracts. 29 30 California State Auditor Report 2016-124 June 2017 data were sufficient for the purposes of performing these analyses. As a result, General Services and, subsequent to 2013, Technology were limited in their ability to oversee the State’s noncompetitive contracts by, for example, detecting and preventing abuse or favoritism. Although the State transitioned to FI$Cal as its statewide contract database over a year ago, we are concerned that General Services and Technology still do not have formal plans to conduct regular statewide analyses using the FI$Cal data. Because there are no plans to monitor noncompetitive contracts using statewide data, General Services and Technology are not upholding their responsibility to protect the State’s interests. Table 4 identifies examples of statewide analyses of noncompetitive procurement that we believe General Services and Technology should perform. When we asked why General Services and Technology did not have plans to perform these types of analyses, the entities indicated they had prioritized becoming familiar with the complexities of FI$Cal. Although we understand this is important, we believe General Services and Technology could have created preliminary plans for performing statewide noncompetitive analyses and updated those plans as more agencies began using the system. General Services and Technology agreed that statewide analyses are important and indicated they would start developing plans to conduct such analyses in the near future. Table 4 General Services and Technology Could Use FI$Cal Data to Analyze the State’s Noncompetitive Procurements TYPE OF STATEWIDE ANALYSIS PURPOSE THAT THE ANALYSIS MAY SERVE NECESSARY INFORMATION TO PERFORM ANALYSIS Calculate the total dollar value and number of all state contracts and amendments. Informational: demonstrate the significance of state spending on contracts and amendments. Number and dollar value of contracts and amendments. Calculate the proportion of the number and value of contracts and amendments awarded noncompetitively. Track the extent to which state agencies use competitive contracting practices. Procurement method, number, and dollar value of contracts and amendments. Identify trends in agencies’ uses of noncompetitive contracts and amendments, such as increases or decreases over time. Identify areas where the State may be overusing or abusing noncompetitive contracting practices. Agency name, procurement method, number and dollar value of noncompetitive contracts and amendments. Calculate the total number and dollar value of noncompetitive contracts and amendments awarded to particular vendors. Determine if certain vendors are more likely to be awarded noncompetitive contracts and amendments or are receiving higher prices for similar work over time. Vendor name, procurement method, number and dollar value of noncompetitive contracts and amendments. Identify trends in agencies’ use of amendments resulting from a noncompetitive request that were added to originally competitively bid contracts. Ensure that agencies are not using amendments to abuse noncompetitive requests. Amendment indicator, procurement method, contract identifier, number and dollar value of amendments. Compare noncompetitive contract and amendment amounts to agencies’ purchasing thresholds. Identify instances in which agencies may be splitting noncompetitive contracts and amendments to avoid complying with approval authority or delegated purchasing thresholds. Agency name, purchasing thresholds, procurement method, number and dollar value of contracts and amendments. Sources:  California State Auditor’s analysis of National Association of State Procurement Officials publications, Public Contracting Code, and Association of Government Accountants publications. Note:  FI$Cal currently does not allow agencies to clearly indicate that procurements were made using an amendment. California State Auditor Report 2016-124 June 2017 Recommendations General Services To improve its oversight of the State’s noncompetitive contracts, General Services should take the following actions: • Immediately ensure that agencies enter accurate and complete contract information into FI$Cal. For example, General Services should regularly select contracts from agencies and verify the accuracy and completeness of the related entries in FI$Cal. • Within 90 days, modify FI$Cal to include a standard amendment indicator to identify an item as an amendment, including the amendment number with respect to the contract, that agencies can use regardless of whether they make their procurements using FI$Cal. This indicator should ensure that General Services can reliably analyze and report on the number, values, and types of exemptions from competitive bidding of the State’s contract amendments. General Services should notify all agencies of this change and ensure that the notification provides appropriate guidance for the use of the amendment indicator. • Within 90 days, create plans for regularly performing statewide analyses to identify potential abuse or overuse of noncompetitive contracts. These analyses should include, but not be limited to, calculating the proportional value and number of the State’s competitive and noncompetitive contracts and amendments, examining trends in agencies’ use of noncompetitive contracts and amendments, and identifying unusual patterns among vendors receiving state contracts through noncompetitive means. Technology To improve its oversight of the State’s noncompetitive contracting related to reportable IT projects and telecommunication procurements, Technology should create plans within 90 days for regularly performing statewide analyses of FI$Cal data to identify potential abuse or overuse of noncompetitive contracts. These analyses should include, but not be limited to, calculating the proportional value and number of the State’s competitive and noncompetitive contracts and amendments, examining trends in agencies’ use of noncompetitive contracts and amendments, and identifying unusual patterns among vendors receiving state contracts through noncompetitive means. 31 32 California State Auditor Report 2016-124 June 2017 California State Auditor Report 2016-124 June 2017 Chapter 2 GENERAL SERVICES AND TECHNOLOGY HAVE NOT ALWAYS ENSURED THAT AGENCIES COMPETITIVELY AWARD CONTRACTS WHEN APPROPRIATE Chapter Summary General Services and Technology have not ensured that state agencies avoid or minimize their use of noncompetitive requests. As the Introduction describes, noncompetitive requests for non-IT goods and IT goods and services acquisitions allow state agencies to apply to bypass the competitive process for procurements when only one vendor can provide a needed good and service. For non-IT services acquisitions, state agencies fill out noncompetitive requests to explain why they are affording a single business enterprise the opportunity to provide the specified services. General Services uses this information to determine whether the noncompetitive requests are properly justified and in the State’s best interest. However, when we reviewed 27 noncompetitive requests that General Services and Technology had approved, we found that nine—with a combined value of nearly $1 billion—lacked adequate justification for bypassing the competitive bid process. In each of these nine instances, the state agency generally could have avoided using a noncompetitive request if it had engaged in sufficient planning. Further, General Services and Technology approved 14 of the 27 noncompetitive requests, even though the agencies had not adequately substantiated that the vendors’ prices were fair and reasonable, as the noncompetitive request form requires. Finally, although state law gives both General Services and Technology the authority to use a number of enforcement mechanisms, both entities rarely employed these mechanisms to ensure that agencies only used the noncompetitive request process when appropriate. As a result, the State may have limited competition and failed to receive the best value in its procurements. By Allowing Agencies to Inappropriately Bypass the Competitive Process, General Services and Technology Have Limited Competition Our review found that both General Services and Technology approved noncompetitive requests for contracts that agencies could have awarded competitively, calling into question whether the State has limited competition and thus may have needlessly paid more or received lower-quality goods and services. Both oversight entities have the ability to deny agencies’ noncompetitive requests if those requests fail to meet applicable criteria. Nonetheless, when we tested 27 noncompetitive requests that General Services and Technology 33 34 California State Auditor Report 2016-124 June 2017 approved, we found that the agencies could have competitively awarded nine of these procurements, which had a total value of nearly $1 billion. As shown in Table 5, General Services approved five of these noncompetitive requests, and Technology approved the other four. Moreover, General Services and Technology approved 14 of the 27 noncompetitive requests that we reviewed even though the agencies did not adequately justify the prices of the contracts. In fact, our review demonstrates that in one instance, the prices in the contract were higher than the prices that the same vendor charged the State for similar services in other agreements. The fact that General Services and Technology approved these noncompetitive requests despite the lack of adequate price justification leads us to question whether these entities are providing the level of oversight necessary to protect the State’s best interests. Both General Services and Technology Approved Noncompetitive Requests That Did Not Meet Applicable Criteria According to the State Contracting Manual, state agencies can only use noncompetitive requests for non-IT goods or IT goods and services when a proposed acquisition is the only good and service that meets the State’s needs. For non-IT services acquisitions, state agencies General Services’ Key Criteria for Assessing the fill out noncompetitive requests to explain why Appropriateness of Noncompetitive Requests they afforded only a single business enterprise 1. The agency submitted the noncompetitive request to the opportunity to provide the specified services. General Services for review more than 45 days before it General Services uses this information to needed approval for the contract or amendment. determine whether noncompetitive requests are in the State’s best interests by verifying they meet 2. The agency adequately demonstrated that the procurement the key criteria in the text box. Agencies may was restricted to the good, service, or supplier. use noncompetitive requests for both original 3. The agency adequately demonstrated that it contracts and amendments. The State Contracting conducted market research to substantiate that no Manual generally requires an agency to submit competition existed. a noncompetitive request to change the terms of 4. The agency adequately demonstrated the consequences the contract and its competitive solicitation. For of not purchasing the good or service or contracting with example, an agency must submit a noncompetitive the proposed supplier. request if it wishes to add unanticipated funds or 5. The agency adequately demonstrated that the price was services to the contract. fair and reasonable. 6. The agency adequately demonstrated that the procurement would result in cost savings or averted costs for the State. Sources:  General Services’ policies and questions contained in the noncompetitive request application form. General Services created a two‑page justification form agencies fill out for their noncompetitive requests. Both General Services and Technology use this form, which requires agencies to substantiate why their noncompetitive procurements are unique and to show that they conducted the appropriate level of market California State Auditor Report 2016-124 June 2017 research to substantiate the lack of available vendors. Further, the form requires the agencies to describe the consequences of not purchasing the proposed goods or services so that General Services and Technology can determine, in part, whether the noncompetitive request is in the State’s best interest. Finally, the form requires agencies to justify that the vendors’ prices are fair and reasonable and describe any cost savings realized or costs avoided by acquiring goods or services through the specific vendors. Table 5 General Services and Technology Approved Noncompetitive Requests for Contracts That Could Have Been Competitively Bid (in Millions) TECHNOLOGY’S OVERSIGHT GENERAL SERVICES’ OVERSIGHT CONTRACTING AGENCY NAME ORIGINAL CONTRACT’S DOLLAR VALUE TOTAL DOLLAR VALUE BEFORE AMENDMENT DOLLAR VALUE OF CONTRACT OR AMENDMENT WE EVALUATED PERCENTAGE INCREASE RELATED TO AMENDMENT REASON FOR NONCOMPETITIVE REQUEST CONTRACT OR AMENDMENT Health Care Services Extension and increase of cost for Medi-Cal dental program contract. Seventh Amendment $7,779 $7,777* $835 11% DMV Extension and increase of cost for updating the driver’s license card production system currently experiencing technical issues. Fifth Amendment 62.8 68.4 75.5 110 High-Speed Rail Extension and increase of cost for financial consulting services. Second Amendment 2.5 5.8 3 52 Department of Forestry and Fire Protection Extension and increase of cost for Cal Fire aviation services. Fourth Amendment 137.8 153.2 27.8 18 CPUC Extension and increase of cost for California Lifeline program. Sixth Amendment 36.1 63.4 6.9 11 Department of Fish and Wildlife Continued maintenance and operations for automated licensing system.† Original Contract $28.9 NA $28.9 NA EDD Extension and increase of cost for additional vendor staff to support the unemployment benefits system. Needed vendor staff because EDD staff was not trained to carry out vendor’s responsibilities. Fourth Amendment 0.6 8 2 25% DMV Extension and increase of cost for more self‑service terminals. Ninth Amendment 2.7 15.2 18.6 122 Secretary of State Extension of project management services for the statewide voter database.† Original Contract 2.3 NA 2.3 NA Sources:  California State Auditor’s analysis of General Services’ and Technology’s procurement files. Note:  The results are based on the criteria that General Services uses and Technology follows to assess the appropriateness of noncompetitive requests. Noncompetitive requests appear in the table if the requesting agency did not substantiate that it met certain criteria.  NA = Not applicable. * The value of the contract before our test item was less than the original contract amount because Health Care Services had a prior amendment that adjusted the contract value. † Similar to an amendment, these contracts continue services with the same vendor but under a new contract. 35 36 California State Auditor Report 2016-124 June 2017 General Services and Technology approved nine noncompetitive requests that did not meet key criteria that General Services itself established and that Technology follows. We used the criteria shown in the text box on page 34 to determine whether the 27 noncompetitive requests that we analyzed included adequate justification on the form. We found that in some instances, noncompetitive requests enabled the State to appropriately procure goods and services. For example, Technology approved a noncompetitive request from the Office of Emergency Services for a $2.7 million contract for a vendor to provide a software service that transferred emergency 9-1-1 text messages between public safety call centers and collected statistics on those texts. In its noncompetitive request, the agency cited that this vendor was currently the only one that held contracts with the two companies that provide text services across the country, allowing for the transfer of emergency texts between public safety call centers. Further, the agency stated that this vendor alone could provide its proprietary technology for collecting statistics on those texts. It justified its request by providing a proprietary technology letter and summarizing the results of its market research. In this example, we believe that the agency adequately justified that only one vendor could meet the State’s needs. However, General Services and Technology approved nine other noncompetitive requests that did not meet key criteria in the form that General Services itself established and that Technology follows, as Table 6 demonstrates. We discuss a number of these noncompetitive requests in greater detail in the following sections. General Services and Technology Approved Noncompetitive Requests That Were Largely the Result of Agencies’ Failure to Sufficiently Plan Our review determined that General Services and Technology approved nine noncompetitive requests that agencies could have avoided if they had engaged in sufficient planning. These agencies generally did not ensure that they had time to solicit information or bids to identify if other potential vendors could meet their needs before their contracts for critical services expired. General Services and Technology generally approved these noncompetitive requests because they determined that immediate acquisitions were necessary to avoid disrupting essential State services. However, the agencies did not demonstrate that they sufficiently planned to avoid these situations, which might have prevented the urgent need for these procurements. Although the State Contracting Manual states, for other than non-IT services, that poor planning is not an emergency, it fails to define what constitutes poor planning. Further, the section of the State Contracting Manual that covers non‑IT services acquisitions fails to mention that poor planning is not an emergency. This is particularly important to highlight given that this section of the manual does not provide specific language for what constitutes an allowable noncompetitive request for non-IT services. By not providing enough guidance regarding this issue in the State Contracting Manual, General Services may have contributed to agencies’ use of inappropriate noncompetitive requests. California State Auditor Report 2016-124 June 2017 Table 6 General Services and Technology Approved Noncompetitive Requests That Did Not Meet Key Criteria (in Millions) TECHNOLOGY’S OVERSIGHT GENERAL SERVICES’ OVERSIGHT CONTRACTING AGENCY NAME REASON FOR NONCOMPETITIVE REQUEST CONTRACT OR AMENDMENT DOLLAR VALUE OF CONTRACT OR AMENDMENT WE EVALUATED DID AGENCY PROVIDE SUFFICIENT JUSTIFICATION THAT THE ACQUISITION WAS RESTRICTED TO THE GOOD, SERVICE, OR SUPPLIER?* DID AGENCY SUFFICIENTLY PLAN FOR PROCUREMENT?* DID OVERSIGHT ENTITY ASSERT THAT THIS ACQUISITION AFFECTED ESSENTIAL STATE SERVICES? Health Care Services Extension and increase of cost for Medi-Cal dental program contract. Seventh Amendment $835 5 5  DMV Extension and increase of cost for updating the driver’s license card production system currently experiencing technical issues. Fifth Amendment 75.5 5 5  High-Speed Rail Extension and increase of cost for financial consulting services. Second Amendment 3 5 5  Department of Forestry and Fire Protection Extension and increase of cost for Cal Fire aviation services. Fourth Amendment 27.8 5 5  CPUC Extension and increase of cost for California Lifeline program. Sixth Amendment 6.9 5 5  Department of Fish and Wildlife Extension and increase of cost for continued maintenance and operations for automated licensing software system.† Original Contract $28.9 5 5  EDD Extension and increase of cost for additional needs/staff to support the unemployment benefits system. Needed vendor staff because EDD staff was not trained to carry out vendor’s responsibilities. Fourth Amendment 2 5 5  DMV Extension and increase of cost for more self‑service terminals. Ninth Amendment 18.6 5 5 5 Secretary of State Extension of project management services for the statewide voter database.† Original Contract 2.3 5 5  Sources:  California State Auditor’s analysis of General Services’ and Technology’s procurement files.  = Met the requirement. 5 = Did not meet the requirement. * We primarily used these two factors when determining whether a noncompetitive request could have been avoided. We determined that an agency did not sufficiently plan by evaluating factors such as whether the agency submitted the noncompetitive request close to the existing contract’s expiration date or the agency cited insufficient time to do a competitive solicitation. Further, we determined whether the agency demonstrated that it performed market research to substantiate there was no existing competition. † Similar to an amendment, these contracts continue services with the same vendor but under a new contract. In one example that illustrates insufficient planning, the California Public Utilities Commission (CPUC) requested a sixth amendment in 2016 to its contract with its current vendor for providing administration services related to reimbursing telephone service providers for the State’s discounted communication program 37 38 California State Auditor Report 2016-124 June 2017 for low-income households. The CPUC initially entered into this contract in 2011 for $36 million. The first four amendments added a total of $2.2 million to the contract’s price. The CPUC then submitted a noncompetitive request for a fifth amendment adding $25 million and one year to this contract in 2015, 37 days before the contract’s expiration, despite General Service’s 45‑day requirement for reviewing noncompetitive requests. In its noncompetitive request, which General Services approved, the CPUC stated that it would prepare a request for proposal as soon as possible to begin the competitive bidding process, which could take 18‑24 months. However, instead of doing so, the CPUC submitted a noncompetitive request in 2016 for a sixth amendment that would extend the contract by a year and add an additional $6.9 million to the existing $63 million contract. In this noncompetitive request, the CPUC stated that an immediate acquisition was justified because otherwise more than two million low-income Californians would be at risk of losing discounted communication services, the State would not meet statutory requirements, and the CPUC would be subject to significant litigation and potential financial penalties. The CPUC submitted this noncompetitive request to General Services just 34 days before the existing contract was set to expire. In other words, twice the CPUC created the urgent situation by submitting its noncompetitive request so close to the contract’s expiration date. Nonetheless, rather than using any of the formal enforcement mechanisms at its disposal—which we discuss later in this chapter—General Services approved the request, citing the complexity and importance of this public assistance program and stating that the extension allowed time for the CPUC to prepare a request for proposal before the contract expired. Given the CPUC’s failure to follow through with a competitive process following its fifth amendment, we question General Services’ decision not to monitor the agency or take enforcement action to ensure that it was demonstrating progress in initiating a competitive bidding process. Moreover, near the end of our audit we learned that General Services approved a seventh amendment to the contract which added nearly $14 million and extended the contract term by 11 months. In its noncompetitive request, CPUC once again cited the need for additional time to competitively award the contract. High-Speed Rail submitted this noncompetitive request just 17 days before the expiration date of the existing contract, stating that the financial consulting services were critical to its mission and that the financial consultant’s skills were “specialized and not widely available.” Similarly, General Services approved High-Speed Rail’s noncompetitive request for an amendment that extended the term of a contract by one year and increased its costs from $5.8 million to $8.8 million. Specifically, in 2013, General Services approved High-Speed Rail’s $3 million noncompetitive request for a second contract amendment for financial consulting services. High-Speed Rail submitted this noncompetitive request just 17 days before the expiration date of the existing contract, stating that the financial consulting services were critical to its mission and that the financial consultant’s skills were California State Auditor Report 2016-124 June 2017 “specialized and not widely available.” However, this assertion does not justify why this vendor alone could meet the State’s needs because High-Speed Rail indicated that three other firms had responded to the original solicitation—two of which had submitted bids that had scores close to the chosen vendor’s scores—demonstrating that these financial consulting services are not unique. To its credit, General Services did request that High‑Speed Rail provide a timeline of its plans to competitively bid this acquisition in the future. General Services asserted that it approved the request because the vendor’s financial advisory services were crucial to ensuring that High-Speed Rail received timely delivery of funding. Although we do not question the importance of the services, General Services might have avoided this situation had it held the High-Speed Rail accountable in the past: this was the second time High-Speed Rail submitted a noncompetitive request for this contract, citing similar reasons. By approving this noncompetitive request that could have been competitively bid, General Services prevented other vendors from competing for this contract, potentially resulting in the State not receiving the best value. Technology also approved a noncompetitive request for a fourth amendment that could have been competitively bid had it sufficiently planned and ensured that the vendor transferred its knowledge to the agency’s staff. In this instance, the Employment Development Department (EDD) entered into a $600,000 contract for work on its IT project to process unemployment insurance payments. In less than a year, EDD amended this contract three times for a total contract value of $8 million. Two of these three amendments involved noncompetitive requests that Technology approved. In its noncompetitive request for a fourth amendment—the item we tested—EDD stated that it wanted to extend the contract an additional year and add almost $2 million. EDD further stated that the vendor had expertise with the project and that EDD did not have staff with the technical skills necessary to perform the needed tasks. Finally, EDD stated that denying the request would negatively affect an IT project that allowed unemployed claimants to efficiently claim benefits. However, in its approval of the request, Technology noted that the vendor had not met the contract’s knowledge transfer provision— the requirement that the vendor transfer to EDD staff the knowledge necessary to carry on the responsibilities that it performed without the vendor’s assistance. Moreover, in its previous requests to extend this contract, EDD acknowledged the importance of knowledge transfer, but Technology did not follow up to ensure that the agency took the steps necessary to avoid future noncompetitive requests. Instead, Technology approved the amendments, which increased the contract’s amount by more than 700 percent that Technology approved a noncompetitive request for a fourth amendment that EDD could have competitively bid had it sufficiently planned and ensured that the vendor transferred its knowledge to EDD staff. 39 40 California State Auditor Report 2016-124 June 2017 may have been limited if EDD had been proactive in receiving timely knowledge transfer from its vendor. Although knowledge transfer is one of multiple reasons EDD cited for submitting the noncompetitive request, it repeatedly used this reason to justify the noncompetitive requests throughout the history of this contract. Technology staff agreed that it could strengthen its oversight by monitoring and following up with agencies that repeatedly submit inappropriate noncompetitive requests. Both General Services and Technology Approved Noncompetitive Requests Without Ensuring That Agencies Adequately Justified the Contracts’ Prices or Identified Cost Savings General Services and Technology approved 14 of the 27 noncompetitive requests we reviewed despite the agencies’ failure to adequately justify that the prices of the contracts and amendments were fair and reasonable, as the noncompetitive request form requires. General Services and Technology approved 14 of the 27 noncompetitive requests we reviewed despite the agencies’ failure to adequately justify the prices of the contracts and amendments were fair and reasonable, as the noncompetitive request form requires. For several of these requests, agencies compared the vendors’ proposed rates to their rates in the original contracts, sometimes adjusting for inflation. However, in some cases, a number of years had elapsed since the agencies entered the original contracts and it is reasonable to expect that agencies would include comparisons to similar vendors in the current market. Furthermore, we found that General Services and Technology approved noncompetitive requests in which agencies did not demonstrate any cost savings or costs avoided. For example, in 2014 Technology’s Acquisitions and IT Program Management unit, which is responsible for acquiring goods and services for Technology, submitted a noncompetitive request for website services.2 In its price justification, this Technology unit compared the vendor’s proposed hourly rates to the rates in the vendor’s prior competitive bid related to these services from 2007, adjusted with a 3 percent annual increase for inflation. However, we question the validity of this methodology given that seven years had elapsed and significant changes had occurred in the economy. Had this Technology unit provided a valid price analysis that, for example, compared the vendor’s rates to rates for similar services included in the State’s master agreements, that analysis would have revealed that the vendor’s rates in this particular contract were significantly higher than its rates in other state contracts.3 For instance, this Technology unit’s price comparison established 2 For acquisitions Technology conducts itself, its Acquisitions and IT Program Management unit is responsible for procuring goods and services. If it needs approval for acquisitions related to reportable IT projects, Technology’s Procurement Division approves the acquisition. 3 Master agreements are contracts that General Services awards competitively and makes available to any public entity. These types of agreements establish prequalified lists of vendors and simplify the purchasing process for the agencies. California State Auditor Report 2016-124 June 2017 the vendor’s rate for a project manager position as $195 an hour. However, the same vendor’s listed rate for the project manager position in the comparable statewide master agreement was $160 an hour. In fact, the master agreement’s rate for a higher-level senior project manager position was only $180 an hour. We also noted that other vendors offered much lower rates for similar positions in the State’s master agreements. An assistant deputy director for Technology acknowledged that this should not have occurred. However, the assistant deputy director stated that a fair price is one factor, among many, that Technology considers when reviewing noncompetitive requests. While this may be true, by not requiring agencies to substantiate fair prices before approving a request, General Services and Technology cannot ensure that the State is receiving the best value for goods and services. Moreover, in 12 of the 27 noncompetitive requests General Services and Technology approved, agencies did not adequately demonstrate cost savings or costs avoided as required on the noncompetitive request justification form. For instance, in its noncompetitive request for an amendment, the Department of Consumer Affairs (Consumer Affairs) simply asserted to Technology in its justification for cost savings that using a noncompetitive contract would enable the State to avoid interruptions and the costs of procuring a new vendor to work on the BreEZe system, Consumer Affairs’ computerized licensing and enforcement system. Although this may have been true, the agency’s brief statement that entering a noncompetitive request amendment would allow the State to avoid the normal costs of procurement is not sufficient to quantify or justify the costs avoided. Further, this same inadequate justification could be used by any state agency wishing to justify this aspect of the noncompetitive request. Consumer Affairs’ failure to adequately justify the cost savings of this amendment is particularly concerning given that it increased the existing contract’s cost by about 60 percent, or $5.6 million over a one-year period. To conform with best practices, we expected Consumer Affairs to quantify dollar amounts of the avoided costs and to provide the underlying support. Technology agreed that it should require agencies to quantify possible cost savings or costs avoided before approving noncompetitive requests. Without such information, General Services and Technology cannot ensure that the benefits of the State’s noncompetitive procurements outweigh the costs. Similarly, we also noted that agencies provided scarce documentation of fair and reasonable price justifications for their non-IT service contracts that did not involve noncompetitive requests but that state laws or policies exempted from competition for other reasons. These contracts were generally exempt because they involved the procurement of legal services, services related to government aid or local assistance, or services covered under other statutory exemptions. We found that the agencies that submitted these contracts for approval often stated By not requiring agencies to substantiate fair prices before approving a request, General Services and Technology cannot ensure that the State is receiving the best value for goods and services. 41 42 California State Auditor Report 2016-124 June 2017 that prices were fair and reasonable but did not provide any evidence to support such claims. For example, the California Department of Corrections and Rehabilitation (Corrections) developed a contract with a law firm for $1.5 million for legal services. In its price justification, Corrections asserted that the hourly rates the law firm charged for its services were consistent with other current legal service contracts with similar experience and expertise; however, it did not provide any documentation of the rate comparison. When we questioned General Services’ Legal Services about the lack of documentation we noted in some contracts exempt from competition, staff stated they did not have enough specific expertise to identify reasonable rates for every field, and thus they rely on the judgment of the agencies submitting the contracts. However, the lack of documentation demonstrating cost analyses for fair and reasonable pricing reduces transparency and raises questions about whether the rates the agencies obtained were the best value for the State. General Services and Technology Have Rarely Used Their Enforcement Authority to Ensure That State Agencies Engage in Appropriate Noncompetitive Contracting Practices Although General Services and Technology have enforcement mechanisms they can use for agencies that do not comply with the State’s noncompetitive procurement policies, we found that they rarely employed those mechanisms during our five-year audit period covering fiscal years 2011–12 through 2015–16. General Services in particular has a number of different enforcement mechanisms, both formal and cautionary, available to its various units, as the text box on page 44 shows. Although Technology cannot reduce agencies’ delegated purchasing authority, it does have the ability to take steps such as issuing warning letters and requiring agencies to submit corrective action plans. Table 7 identifies the enforcement mechanisms General Services and Technology used or did not use in response to the nine noncompetitive requests we believe agencies could have avoided. Had General Services and Technology used their enforcement authority in these instances, they might have prevented or minimized the agencies’ use of noncompetitive requests. Despite their respective enforcement authority, General Services and Technology did not consistently use the mechanisms available to them. Despite their respective enforcement authority, General Services and Technology did not consistently use the mechanisms available to them. For example, although both General Services and Technology can deny an agency’s noncompetitive request, General Services indicated it did so only five times for noncompetitive requests over $1 million during our audit period and Technology told us it had never formally denied any agency’s noncompetitive request since it became responsible for procurements related to reportable IT projects and telecommunications services in July 2013. Both General Services and Technology indicated that generally they did not deny noncompetitive requests because doing so could impact essential state services. Table 7 General Services and Technology Did Not Use Enforcement Mechanisms for Noncompetitive Requests That Could Have Been Competitively Bid (in Millions) REASON FOR NONCOMPETITIVE REQUEST CONTRACT OR AMENDMENT OVERSIGHT ENTITY REDUCED OR REVOKED PURCHASING AUTHORITY OR REMOVED PURCHASING AUTHORITY EXEMPTION RELATED TO THIS REQUEST AGENCY SUBMITTED CORRECTIVE ACTION PLAN OVERSIGHT ENTITY MONITORED CORRECTIVE ACTION PLAN OVERSIGHT ENTITY TOLD AGENCY IT WOULD NOT APPROVE ADDITIONAL NONCOMPETITIVE REQUESTS IN ITS APPROVAL LETTER OVERSIGHT ENTITY DENIED A REPEAT NONCOMPETITIVE REQUEST Health Care Services Extension and increase of cost for Medi-Cal dental program contract. Seventh Amendment $835 5  5 5 NA* DMV Extension and increase of cost for updating the driver’s license card production system currently experiencing technical issues. Fifth Amendment 75.5 5 5† NA† 5 5 High-Speed Rail Extension and increase of cost for financial consulting services. Second Amendment 3 5‡  5  5§ Department of Forestry and Fire Protection Extension and increase of cost for Cal Fire aviation services. Fourth Amendment 27.8 5  5 5 NA* CPUC Extension and increase of cost for California Lifeline program. Sixth Amendment 6.9 5  5 5 5 Department of Fish and Wildlife Continued maintenance and operations for automated licensing system.II Original Contract $28.9 NA**  5 5 NAII EDD Extension and increase of cost for additional needs/staff to support the unemployment benefits system. Needed vendor staff because EDD staff was not trained to carry out vendor’s responsibilities. Fourth Amendment 2 NA**  5  5 DMV Extension and increase of cost for more self‑service terminals. Ninth Amendment 18.6 NA**  5  5 Secretary of State Extension of project management services for the statewide voter database.II Original Contract 2.3 NA**  5 5 NAII Sources:  California State Auditor’s analysis of General Services’ and Technology’s procurement files. Note:  The results are based on the criteria that General Services uses and Technology follows to assess the appropriateness of noncompetitive bids. Contracts appear in the table if the requesting agency did not substantiate that it met certain criteria to justify a noncompetitive request. NA = Not applicable.  = Met the requirement. 43 The agency did not submit a noncompetitive request for the amendment preceding the item we evaluated. Although DMV did not fill out a corrective action plan and General Services did not require it to submit one, we determined that the corrective action plan should have been required. General Services reduced High Speed Rail’s purchasing authority levels unrelated to this request and acquisition type. Subsequent to the test item, General Services approved a third amendment for a three-month extension at no additional cost before High-Speed Rail released a request for proposal in May 2014. Similar to an amendment, these contracts continue services with the same vendor but under a new contract. ** Technology does not have the authority to reduce or revoke an agency’s delegated purchasing authority. June 2017 5 = Did not meet the requirement. * † ‡ § II California State Auditor Report 2016-124 TECHNOLOGY’S OVERSIGHT GENERAL SERVICES’ OVERSIGHT CONTRACTING AGENCY NAME DOLLAR VALUE OF CONTRACT OR AMENDMENT WE EVALUATED 44 California State Auditor Report 2016-124 June 2017 General Services also rarely reduced or revoked agencies’ purchasing thresholds, although this is one of its key means of enforcement. We use the term purchasing threshold to encompass the purchasing authority levels granted by the Purchasing Authority unit for all non-IT goods or IT goods and services and the special exemption to purchase up to General Services’ and Technology’s $150,000 for non-IT services contracts without Legal Available Enforcement Mechanisms for Services’ approval. General Services indicates in its Responding to Agencies’ Noncompliance noncompetitive request form that reducing or With Contracting Practices revoking purchasing authority can be a penalty for noncompliance. When General Services revokes an Formal Mechanisms: agency’s purchasing authority, that agency must • Reject contracts subject to General Services’ and generally submit all its goods acquisitions to General Technology’s approval. Services for processing, regardless of dollar amount. • Refuse or revoke agencies’ requests for exemptions to Nonetheless, according to a section manager for purchase up to $150,000 for non-IT services acquisitions General Services’ Purchasing Authority unit, it did without General Services’ oversight. (General Services only) not use this enforcement mechanism to combat any • Deny noncompetitive requests. (General Services of the inappropriate noncompetitive requests we and Technology) identified although it did so twice for other reasons • Reduce or revoke agencies’ delegated purchasing during our audit period, unrelated to the items we authorities. (General Services only) However, Technology reviewed. For example, although General Services has the authority to establish restrictions or controls to reduced High-Speed Rail’s purchasing authority in reduce or revoke agencies’ authority to acquire information 2012, it asserted that it took this action not because technology or telecommunications goods or services. of High-Speed Rail’s noncompetitive requests but • Deny agencies’ requests for one-time increases to make rather because the agency lacked sufficiently trained procurements over their purchasing thresholds that they procurement staff, faced challenges in conducting plan to purchase themselves. (General Services only) high-quality acquisitions, and did not comply with General Services’ policies. The section manager for Cautionary Mechanisms: General Services’ Purchasing Authority unit said • Issue a warning in the approval letter to agencies that that reducing purchasing authority is only no additional noncompetitive requests will be approved. appropriate when an agency displays poor contract (General Services and Technology) management while purchasing within its authority. • Require agencies to submit corrective action plans Further, she asserted that reducing an agency’s when they submit noncompetitive requests caused purchasing authority does not solve poor contract by insufficient time to solicit bids. (General Services management related to a contract that was procured and Technology) above an agency’s purchasing authority and therefore Sources:  State law, the State Contracting Manual, General already required General Services’ approval. Services’ policies and procurement documents, and However, we question why General Services would Technology’s practices. limit its use of this mechanism to procurements under an agency’s purchasing authority, which is generally $1 million or less. Increased use of this mechanism in appropriate situations of poor contract management would provide General Services significant leverage to hold agencies accountable. Further, neither General Services nor Technology has monitored agencies’ corrective action plans to ensure that the agencies’ future use of noncompetitive requests is appropriate. The noncompetitive request form requires agencies to submit corrective California State Auditor Report 2016-124 June 2017 action plans when the noncompetitive requests could have been competitively bid but were not because of insufficient time to complete the competitive acquisition process. This corrective action plan requires agencies to explain how they will avoid using noncompetitive requests that should have been competitively bid in the future. Although agencies are to include corrective action plans with their noncompetitive requests when they meet this requirement, General Services and Technology should also follow up with agencies when these plans are required but have not been submitted. The corrective action plan form states: “Failure to follow the corrective action plan may result in the loss of your department’s delegated procurement authority. This plan must be kept on file for future auditing purposes.” However, we discovered that none of the units within General Services or Technology monitor or follow up with agencies when corrective action plans are required or “audit” those agencies’ implementation of corrective action plans. As a result, agencies did not always adhere to their corrective action plans. A noncompetitive request submitted by the Department of Health Care Services (Health Care Services) illustrates why monitoring corrective action plans is critical. Specifically, in 2013 Health Care Services requested approval of a noncompetitive request for an $835 million amendment to its contract for administrative services for its Medi-Cal dental program—the seventh such amendment in the contract’s history. Because Health Care Services cited insufficient time to complete the competitive acquisition process as a reason for the noncompetitive request, it included with its noncompetitive request a corrective action plan with a proposed timeline for soliciting competition in the future. However, General Services, which approved the request, did not monitor Health Care Services to determine if it followed this timeline. In fact, when we asked General Services whether Health Care Services had followed its corrective action plan, General Services had to contact the agency to determine the plan’s status. Although Health Care Services did release a request for proposal for these services, it only did so 18 months after the date stated in the timeline in its corrective action plan, which further delayed the opportunity for competition. We are concerned that General Services did not follow up regarding an amendment worth $835 million. Further, we question the usefulness of corrective action plans if General Services and Technology do not provide oversight of their implementation, leaving agencies with little incentive to follow them. Both oversight entities provided reasons for why they do not track or follow up on corrective action plans. An analyst with General Services stated that it had not formally monitored corrective action plans since 2011 because, due to limited resources, analysts only monitor agencies’ corrective action plans when they notice None of the units within General Services or Technology monitor or follow up with agencies when corrective action plans are required or “audit” those agencies’ implementation of corrective action plans. 45 46 California State Auditor Report 2016-124 June 2017 an abusive pattern of noncompetitive requests. According to the analyst, General Services has not noticed any specific agencies abusing the noncompetitive request process since that time. However, as the example involving Health Care Services demonstrates, we found that agencies did not always adhere to their corrective action plans, which suggests that increased monitoring is necessary. General Services agreed that increased monitoring of corrective action plans would be beneficial. A former branch chief with Technology stated that it does not have a formal process for monitoring corrective action plans and that contract management is the responsibility of individual agencies. Furthermore, he stated that Technology relies on General Services to ensure agencies’ compliance with the state’s procurement policies. Although General Services does verify agencies’ compliance with state contracting policies, this does not absolve Technology of its responsibility to monitor the corrective action plans it receives. Technology agreed that monitoring corrective action plans could improve its oversight of agencies’ use of noncompetitive requests. Although General Services and Technology can both use warning letters—a warning provided in the approval letter that no additional noncompetitive requests will be approved—as another mechanism to oversee agencies’ use of noncompetitive requests, they did not always use them or, when they did, did not consistently follow through on the contents of the letters. Specifically, we found cases when General Services could have issued such warning letters to agencies but did not. For example, General Services did not issue a warning letter even after the CPUC repeatedly failed to sufficiently plan to avoid using noncompetitive requests, as we discussed earlier in this chapter. General Services asserted that it will draft a process for determining when to issue warning letters to high‑level executive staff in the agencies making the procurements. We found instances in which General Services and Technology issued warning letters yet approved subsequent noncompetitive requests from the same agencies. Moreover, we found instances in which General Services and Technology issued such letters yet approved subsequent noncompetitive requests from the same agencies. A contract involving the Department of Motor Vehicles (DMV) demonstrates that the use of the warning letters may be unsuccessful if the oversight entities do not enforce the warnings. In this instance, DMV had already amended its contract with a vendor for self‑service terminals seven times using either noncompetitive requests or another exemption type. When Technology approved the eighth such amendment—adding $7.1 million and 18 months to the existing $8.1 million contract—it warned DMV that it would not approve any further noncompetitive requests related to this contract. However, Technology then approved DMV’s noncompetitive request for a ninth amendment, adding an additional three years and $18.6 million to the contract. Technology staff indicated that it approved this ninth amendment because California State Auditor Report 2016-124 June 2017 DMV had identified additional technologies that it wished to explore for its future procurement. However, Technology had already granted DMV the eighth amendment for 18 months to allow for time to conduct a competitive procurement. Because General Services and Technology did not consistently use their enforcement authority, they allowed agencies to continue to inappropriately use noncompetitive requests. By applying their enforcement mechanisms more consistently, General Services and Technology could promote accountability and prevent agencies from taking advantage of the noncompetitive request process. To ensure that this occurs, we believe the Legislature should require General Services and Technology to report all noncompetitive requests they approve over $1 million along with any enforcement actions they take against the agencies making the noncompetitive requests. In addition to increasing the agencies’ accountability, this report to the Legislature could provide another means of offering transparency to the public regarding agencies that do not engage in competitive bidding. We believe this increased transparency is particularly important given that neither General Services nor Technology has yet to use either SCPRS or FI$Cal for this purpose, as we describe in Chapter 1. In addition, General Services should implement a formal escalation process for agencies that repeatedly take advantage of the noncompetitive request process. General Services could begin by issuing a warning letter, followed by potentially reducing or revoking the agency’s purchasing threshold for specific types of acquisitions—for example, for IT services only. Finally, it could reduce or revoke the agency’s purchasing authority for other acquisition types in egregious examples of noncompliance. General Services does not agree with all aspects of this approach. Specifically, the section manager of the Procurement Division asserted that it seeks to apply consequences—such as reducing or revoking an agency’s purchasing threshold—that it believes relate to the specific problem it has identified. She stated that, for instance, it would not make sense to reduce the purchasing threshold for IT procurements if the noncompetitive request involved the non-IT services contracting area; in such a case, the consequence would not relate to the offense. However, as we have shown, General Services’ current approach to enforcement has not consistently deterred agencies from taking advantage of noncompetitive requests. Therefore, it should use an escalating approach that takes advantage of its other mechanisms—including issuing warning letters to agency executives and reducing purchasing thresholds in scenarios of continuous noncompliance to ensure that the consequences align with the degree to which agencies poorly manage their contracts management. Because General Services and Technology did not consistently use their enforcement authority, they allowed agencies to continue to inappropriately use noncompetitive requests. 47 48 California State Auditor Report 2016-124 June 2017 Recommendations Legislature To promote accountability for and transparency of the State’s noncompetitive request process, the Legislature should require General Services and Technology to submit an annual report of all noncompetitive requests they approve with values over $1 million. This report should include performance metrics such as the percentage of procurement dollars approved as noncompetitive requests. This could be a published annual report or the two agencies could provide this information publicly on their websites. In addition, the Legislature could require agencies to publicly justify their noncompetitive requests in Legislative hearings when it sees fit. For each noncompetitive request listed in the annual report, General Services and Technology should include—at a minimum—the following information: • Contracting agency. • Original contract value (if applicable). • Noncompetitive request value. • Numbers and values of noncompetitive amendments (if applicable). • Mechanisms applied to enforce compliance. General Services To clarify the allowable reasons for using noncompetitive requests and to ensure that agencies understand these reasons, General Services should, within 180 days, enhance the criteria in the State Contracting Manual to include examples of appropriate and inappropriate circumstances related to justifying a noncompetitive request. In particular, it should clearly reiterate that poor contract planning is not a sufficient justification for a noncompetitive request for all acquisition types. Further, General Services should develop specific criteria for what constitutes an appropriate noncompetitive request for non-IT services acquisitions. General Services should notify all agencies of the clarifications in the State Contracting Manual and should reiterate that all noncompetitive requests must meet the enhanced criteria. To ensure that the State receives the best value for its contracts, General Services should immediately begin performing the following: • For contracts that are exempt from competition by policy or statute, including noncompetitive requests for contracts, General Services should require agencies to justify that the price is fair California State Auditor Report 2016-124 June 2017 and reasonable. This should include a current price analysis pointing to competitive pricing from another contract, such as a statewide agreement, or a comparison of rates to other available vendors, or another valid price analysis with objective evidence. • For noncompetitive requests, General Services should require agencies to quantify and substantiate their cost savings or averted costs. To ensure that it holds agencies accountable for implementing the corrective action plans that they submit with noncompetitive requests, General Services should immediately begin tracking all outstanding plans and following up to ensure that agencies complete them. For example, General Services should require an agency to include key dates in its corrective action plan that the agency plans to meet to conduct a competitive procurement and report its progress to General Services. Further, General Services should inquire about the steps that agencies have taken before the contract expiration dates in their most recent noncompetitive requests. To ensure that it consistently and appropriately responds when agencies fail to justify their noncompetitive requests, plan sufficiently to avoid the noncompetitive process, or follow their corrective action plans, General Services should create an escalation process within 90 days that outlines the order and severity of enforcement mechanisms it will use. The mechanisms it applies should escalate according to the number or severity of offenses it identifies. For example, General Services could begin by sending a warning letter to high-level agency executives, followed by reducing or revoking an agency’s purchasing threshold for specific types of acquisitions—for example, IT services—and finally by reducing or revoking an agency’s purchasing threshold for all acquisition types in scenarios of repetitive noncompliance. Technology To ensure that the State receives the best value for its noncompetitive requests, Technology should immediately begin to require that agencies justify that the price is fair and reasonable. This should include a current price analysis pointing to competitive pricing from another contract, such as a statewide agreement, or a comparison of rates to other available vendors, or another valid price analysis with objective evidence. Further, Technology should require agencies to quantify and substantiate their cost savings or averted costs. 49 50 California State Auditor Report 2016-124 June 2017 To ensure that it holds agencies accountable for implementing the corrective action plans that they submit with noncompetitive requests, Technology should immediately begin tracking all outstanding corrective action plans and following up to ensure that agencies complete them. For example, Technology should require that an agency include key dates in its corrective action plan that the agency plans to meet to conduct a competitive procurement and report its progress to Technology. Further, Technology should inquire about the steps that agencies have taken before the contract expiration dates in their most recent noncompetitive requests. To ensure that agencies do not repeatedly submit inappropriate noncompetitive requests after receiving a warning, Technology should track and follow up on instances in which it has issued a warning letter. Further, when appropriate, Technology should follow through with the consequences it includes in its warning letters. We conducted this audit under the authority vested in the California State Auditor by Section 8543 et seq. of the California Government Code and according to generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives specified in the Scope and Methodology section of the report. We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives. Respectfully submitted, ELAINE M. HOWLE, CPA State Auditor Date: June 20, 2017 Staff: Nicholas Kolitsos, CPA, Audit Principal Michelle J. Sanders Brigid Drury, MPAc Forrest Flanagan Hunter Wang, CFE IT Audits: Michelle J. Baur, CISA, Audit Principal Lindsay M. Harris, MBA, CISA Richard W. Fry, MPA, ACDA Jesse R. Walden Legal Counsel: Joseph L. Porche, Staff Counsel For questions regarding the contents of this report, please contact Margarita Fernández, Chief of Public Affairs, at 916.445.0255. California State Auditor Report 2016-124 June 2017 * *  California State Auditor’s comments appear on page 59. 51 52 California State Auditor Report 2016-124 June 2017 California State Auditor Report 2016-124 53 June 2017 DES MEMORANDUM Date: May 26, 2017 To: Marybel Batjer, Secretary Government Operations Agency 915 Capitol Mall, Suite 200 Sacramento, CA 95814 From: Daniel C. Kim, Director Department of General Services Subject: RESPONSE TO CALIFORNIA STATE REPORT NO. 2016-124 Thank you for the opportunity to respond to the California State Auditor?s (state auditor) Report No. 2016?124, Department of General Services has not provided the oversight necessary to ensure that state agencies consistently use the competitive bidding process, which addresses recommendations to the Department of General Services (DGS) resulting from its audit. The following response addresses each of the recommendations. OVERVIEW OF THE REPORT DGS has reviewed the findings, conclusions and recommendations presented in Report No. 2016-124, and agrees with the state auditor's recommendations. In summary, the state auditor identified a number of opportunities for improvement in non- competitively bid contracts process and oversight role. DGS plans to implement the state auditor's recommendations, which are as follows: (1) improving data accuracy across the various state procurement systems, (2) implementing a central tracking system of corrective action plans, (3) performing improved data analysis to identify non-competitively bid contract trends, (4) enhancing non-competitively bid contracts processing guidance for agencies, and (5) implementing an escalation process for agencies with recurring non?competitively bid contracts. (96) As of January 2016, Procurement Division (PD) implemented several changes that enhance oversight of the non-competitive bid contracting process, and require state agencies to follow strict policies when seeking approval of a non-competitive bid justification. In moving forward, DGS will focus its efforts on monitoring data reporting accuracy and reporting compliance, tracking corrective action plans (CAP), conducting better trend analyses, and providing greater transparency into the acquisition methods used throughout the state. The state auditor?s findings and recommendations will assist DGS in meeting its goal to continually improve the process for non?competitive contract awards under authority. 54 California State Auditor Report 2016-124 June2017 Marybel Batjer -2- May 26, 2017 Currently, DGS is in the process of enhancing the non- competitive bid justification analysis by incorporating additional criteria to justify the non- competitive nature and cost reasonableness of each request. Further, DGS is working on a website that will provide greater transparency to the Legislature, agencies, and the public by providing information regarding non?competitive requests and the enforcement mechanism that is applied when departments are out of compliance with SCM policy. Some enforcement examples include, but are not iimited to, escalating the N08 to a department director or Agency Secretary for'discussionresult of poor contract management require a Corrective Action Plan (CAP). DGS will continue to seek every opportunity to improve its oversight of the state' procurement processes and provide enhanced guidance to agencies. CHAPTER 1: RECOMMENDATIONS As a result of its weak oversight, General Services lacks complete and accurate information about the state?s contracts: RECOMMENDATION 1: Immediately ensure that agencies enter accurate and complete contract information into Fl$Cal. For example, General Services should select a sample of contracts from such agencies and verify the accuracy and completeness of the related entries in Fl$Cal. DGS RESPONSE DGS agrees with the recommendation. The Financial information System for California (Fl$Cal) is a new State of California department that is responsible for operating, maintaining, and implementing changes to the F $Cal system. Fl$Cal enables the state to combine accounting, budgeting, cash management and procurement operations into a single financial management system. DGS continually strives to assist agencies with providing accurate and complete contract information for State Contract and Procurement Registration System As of January 2016, DGS began aiding agencies with transitioning to Fl$Cal DGS is providing training to agencies, and is monitoring entries for reporting accuracy, backlog reporting, and adoption compliance. DGS is currently developing guidelines for reporting accurate information and is posting adoption data on the DGS website. Further, DGS has developed a new Purchasing Authority (PA) Accreditation process, which it currently is piloting with several agencies. As a part of the PA Accreditation process, Purchasing Authority Unit and the Office of Audit Services plan to review a sample of agencies' contract files and data to verify their accuracy and completeness. RECOMMENDATION 2: Within 90 days, modify Fl$Cal to include a standard amendment indicator to identify an item as an amendment, including the amendment number with respect to the contract, that agencies can use regardless of whether they make their procurements using This indicator should ensure that General Services can reliably analyze and report on the number, value, and types of exemptions from competitive bidding of the State?s contract amendments. General Services should notify all agencies of this change and ensure the notification provides appropriate guidance for the use of the amendment California State Auditor Report 2016-124 55 June 2017 Marybel Batjer -3- May 26, 2017 indicator. DGS RESPONSE 2: DGS agrees with the recommendation. As of May 2017, DGS submitted a request to change the amendment indicator in Fl$Cal DGS is currently working with to finalize the application design updates and implementation schedule. DGS will work with Fl$Cal to prioritize this change request as expedientiy as possible. DGS will notify all agencies and provide guidance on the use of the indicator once this change request is successfully implemented. RECOMMENDATION 3: Within 90 days, create plans for regularly performing . statewide analyses to identify potential abuse or overuse of noncompetitive contracts. These analyses should include, but not be limited to, calculating the proportional value of the state?s competitive and noncompetitive contracts and amendments, examining trends in agencies? use of noncompetitive contracts and amendments, and identifying unusual patterns among vendors receiving state contracts through noncompetitive means. DGS RESPONSE 3: DGS agrees-with the recommendation. DGS?will, within 90 days, establish procedures to perform analyses of statewide non-competitive contracting under oversight on a regular basis. This will-assist DGS to perform its oversight function, including determining whether process changes should be undertaken andlor additional training and guidance should be provided to agencies. CHAPTER 2: RECOMMENDATIONS General Services has not always ensured that agencies competitively bid contracts when appropriate: . - RECOMMENDATION 4: To clarify the allowable reasons for using noncompetitive . requests and to ensure that agencies understand these reasons, General Services should enhance the criteria in the State Contracting Manual within 180 days to include examples of appropriate and inappropriate circumstances that could justify a noncompetitive request. in particular, it should clearly reiterate that poor contract planning is not a sufficient justi?cation for a noncompetitive request for all acquisition types. Further, General Services should develop specific criteria for what constitutes an appropriate noncompetitive request for non-lT services acquisitions. General Services should notify all agencies of the clarifications in the State Contracting Manual and should reiterate that all noncompetitive requests must meet the enhanced criteria. 56 California State Auditor Report 2016-124 June2017 Marybel Batjer -4- May 26, 2017 DGS RESPONSE 4: DGS agrees with the recommendation. Within 180 days, DGS will develop updates for the State Contracting Manual (SCM) Volumes 1, 2, 3 and SCM Fl$Cal to provide enhanced guidance regarding requests submitted through the Non-Competitive Bid Contract Justification request form. in addition, DGS will notify all agencies of these enhanced guidelines to better guide them through the process. RECOMMENDATION 5: To ensure that the State receives the best value for its contracts, General Services should immediately begin performing the following: . For contracts that are exempt from competition by policy or statute, including noncompetitive requests for contracts, General Services should require agencies to ju?tify that price is fair and reasonable. This should include a current price analysis pointing to competitive pricing from another contract, such as a statewide agreement, or comparing other available vendors; or another valid price analysis with objective evidence. . For noncompetitive requests, General Services should require agencies to quantify and substantiate their cost saving or averted costs. DGS RESPONSE 5: DGS agrees with the recommendation. DGS will commit to evaluating this policy recommendation by first assessing those contracting methods where additional justification of a fair and reasonable price would be most effective. In addition, DGS will continue to require agencies to submit current cost justifications from available vendors when feasible. DGS will take this opportunity to remind agencies of this requirement. Further, DGS will update the N08 Contract Justification request form to reflect that agencies must, in addition to providing a description of the cost savings/cost avoided, quantify and substantiate their cost savings or averted costs when feasible. RECOMMENDATION 6: To ensure that it holds agencies accountable for the implementation of the corrective action plans that they submit with noncompetitive requests, General Services should immediately begin tracking all outstanding plans and following up to ensure that agencies complete them. For example, General Services should require an agency to include key dates in its corrective action plan that the agency plans to meet to conduct a competitive procurement and report its progress to General Services. Further, General Services should inquire about the steps that agencies have taken before the contra-ct expiration dates in their most recent noncompetitive requests. California State Auditor Report 2016-124 57 June 2017 Marybel Batjer May 26, 2017 DGS RESPONSE 6: DGS agrees with the recommendation. DGS is now tracking all corrective action pians, which Q) includes, among other things, obtaining key action dates to assist agencies in their own procurement planning. RECOMMENDA TION 7: To ensure that it consistently and appropriately responds when agencies fail to justify their noncompetitive requests, plan sufficiently to avoid the noncompetitive process, or follow their corrective action plans, General Services should create an escalation process within 90 days that outlines the order and severity of enforcement mechanisms it will use. The mechanisms it applies should escalate according to the number or severity of offenses it identifies. For example, General Services could begin by sending a warning letter to high-level agency executives, followed by reducing or revoking an agency?s purchasing threshold for specific types of acquisitions?for example, I services?and ?nally by reducing or revoking an agency?s purchasing threshold for all acquisition types in scenarios of repetitive noncompliance. DGS RESPONSE 7: DGS agrees with the recommendation. Within 90 days, DGS will develop an escalation process outlining the order and severity of enforcement tools to be used. This escalation process will include, among other things, notifications to the director of the state agency, and if necessary, the agency secretary of that state agency. After exhausting the escalation process, DGS may consider reducing or revoking an agency?s purchasing authority. CONCLUSION DGS is firmly committed to ensuring competitive procurements and contracting that promotes and provides for open and fair competition, while providing flexible procurement solutions for the needs of state agencies. As part of its continuing efforts to improve those processes, DGS will take appropriate actions to address the issues presented in the report. If you need further information or assistance on this issue, please contact me at (916) 376-5012. Fag/9F? . Wk?gffi?r Daniel C. Kim Director 58 California State Auditor Report 2016-124 June 2017 California State Auditor Report 2016-124 June 2017 Comments CALIFORNIA STATE AUDITOR’S COMMENTS ON THE RESPONSE FROM GENERAL SERVICES To provide clarity and perspective, we are commenting on General Services’ response to our audit. The numbers below corresponds to the numbers we have placed in the margin of General Services’ response. To clarify, our finding relates to ensuring the accuracy and completeness of FI$Cal, the current source of statewide contract data, rather than the various state procurement systems. 1 To clarify, in addition to tracking all outstanding corrective action plans, we recommend on page 49 that General Services begin following up to ensure that agencies complete them. 2 59 60 California State Auditor Report 2016-124 June 2017 California State Auditor Report 2016-124 June 2017 * *  California State Auditor’s comment appears on page 67. 61 62 California State Auditor Report 2016-124 June 2017 California State Auditor Report 2016-124 63 June 2017 CALIFORNIA DEPARTMENT OF TECHNOLOGY Amy Tong, Director State of California Edmund G. Brown Jr., Governor Memorandum To: Marybel Batjer, Secretary Government Operations Agency From: Amy Tong, Director California Department of Technology Date: May 23, 2017 Subject: RESPONSE TO CALIFORNIA STATE AUDITOR’S DRAFT REPORT NO. 2016-124 We are providing for your review the California Department of Technology’s (CDT) written response to the redacted copy of the California State Auditor’s draft Report No. 2016-124 concerning non-competitive contract awards. The following responses address the California State Auditor’s recommendations pertaining to CDT’s operations. OVERVIEW OF AUDIT REPORT As identified in Table 1 of the audit report, there are several categories of contracts entered into by the State that by statute or policy are exempt from the State’s competitive bidding requirement. One of the categories exempted by state law is “the acquisition of goods or services restricted to one vendor or where immediate acquisition is necessary for the protection of public health, welfare or safety.” (Pub. Contract Code, § 10348, State Contracting Manual Volumes 2 and 3, section 5.10.) The CDT agrees with all four audit recommendations, the last three of which focus specifically on agencies’ use of the non-competitive request process (the first recommendation focuses more broadly on future trend analysis by CDT of agencies’ use of all types of non-competitive IT contracts, not just those approved through noncompetitive requests). The CDT believes that the recommendations will strengthen CDT’s oversight of information technology and telecommunication procurements, especially those acquired through the non-competitive request process. The CDT also concurs with the finding that state agencies need to plan better when their existing contracts are nearing their expiration dates, and to seek timely CDT assistance so that subsequent services can be acquired through the competitive bid process. Since 2013, almost all original contracts for IT reportable projects were competitively bid or acquired through the Department of General Services’ leveraged procurement agreements, such as the California Multiple Award Schedule (CMAS), including the original contracts for the four state departments’ projects specifically mentioned in 1 64 California State Auditor Report 2016-124 June 2017 Marybel Batjer, Secretary May 23, 2017 Page 2 Tables 5 and 6 in the audit report. The CDT would like to note that the vast majority of its approval of non-competitive requests were for contract amendments. RECOMMENDATIONS RECOMMENDATION #1: To improve its oversight over the State’s non-competitive contracting related to reportable IT projects, Technology should create plans within 90 days for regularly performing analyses of Fi$Cal data to identify potential abuse or overuse of non-competitive contracts. These analyses should include, but not limited to, calculating the proportion value of the State’s competitive and non-competitive contracts and amendments, examining trends in agencies’ use of non-competitive contracts and amendments, and identifying unusual patterns among vendors receiving state contracts through non-competitive means. California Department of Technology’s Response #1: The CDT agrees with this recommendation. To align with industry best practice, within ninety (90) days, the CDT will create plans to track agency overall usage of non-competitive contracts, with an emphasis on establishing agency accountability for submitting valid non-competitive requests in adequate time for CDT’s review, and subsequent approval or denial. Such plans will also be utilized to perform statewide trend analysis to identify potential abuse or misuse of the non-competitive process. This includes determining if an agency appears to be favoring the non-competitive process with means to achieve an agency contract objective, as opposed to a competitive procurement. The CDT will determine the appropriate approach to data collection to support the analyses, including validating the availability and accessibility of FI$Cal data. If the data necessary to create such analytics does not reside completely within Fi$Cal, the CDT may need to research other options to collect the required data in question. RECOMMENDATION #2: To ensure that the State receives the best value for its noncompetitive request, Technology should immediately begin to require that agencies justify that price is fair and reasonable. This should include a current price analysis pointing to competitive pricing from another contract, such as a statewide agreement, or comparing other available vendors; or another valid price analysis with objective evidence. Further Technology should require agencies to quantify and substantiate their cost savings or averted costs. California State Auditor Report 2016-124 June 2017 Marybel Batjer, Secretary May 23, 2017 Page 3 California Department of Technology’s Response #2: The CDT agrees with this recommendation. The CDT will ensure that it requires agencies to document cost justifications from other available vendors, as well as, if the circumstances warrant, point to competitive pricing from other contracts, i.e. Master Services Agreements or CMAS, and/or validation against a reputable price index, such as the Producer Price Index. Furthermore, the CDT will also ensure that it performs and documents an independent validation of submitted cost justifications to confirm the State is receiving the best value, as well as a fair and reasonable cost. RECOMMENDATION #3: To ensure that it holds agencies accountable for the implementation of the corrective action plans that they submit with non-competitive requests, Technology should immediately begin tracking all outstanding plans and follow-up to ensure agencies complete them. For example, Technology should require that an agency include key dates in its corrective action pan that the agency plans to meet to conduct a competitive procurement and report its progress to Technology. Further, Technology should inquire about the steps that agencies have taken before the contract expiration in their most non-competitive requests. California Department of Technology’s Response #3: The CDT agrees with this recommendation. CDT staff will track and monitor each agency’s corrective action plan (CAP) to ensure agencies are adhering to their corrective steps within the CAP timelines. The CDT will also develop written procedures that require the non-competitive request approval letter to summarize an agency’s CAP; including items such as the key action dates to reduce the risk for a subsequent non-competitive request. Additionally, the non-competitive request approval letter will require agencies to report the status of such actions to the CDT, which includes the agencies’ steps being taken before the contract expires. RECOMMENDATION #4: To ensure agencies do not repeatedly submit inappropriate non-competitive requests after receiving a warning, Technology should track and follow up on instances in which it has issued a warning letter. Further, when appropriate, Technology should follow through with the consequences it includes in its warning letters. 65 66 California State Auditor Report 2016-124 June 2017 Marybel Batjer, Secretary May 23, 2017 Page 4 California Department of Technology’s Response #4: The CDT agrees with this recommendation. The CDT will track such warning letters and escalate such risks within the agencies to hold the agencies accountable for their CAPs. If appropriate, CDT will also follow through with the consequences contained in its warning letters. The CDT is committed to implementing the California State Auditor’s recommendations and improving the successful delivery of information technology projects at a fair and competitive price for the State of California. If you have any questions about this report, please contact Randy Fong, Internal Audit Manager, at (916) 403-9636. California State Auditor Report 2016-124 June 2017 Comment CALIFORNIA STATE AUDITOR’S COMMENT ON THE RESPONSE FROM TECHNOLOGY To provide clarity and perspective, we are commenting on Technology’s response to our audit. The number below corresponds to the number we have placed in the margin of Technology’s response. Although we agree that state agencies need to better plan, we found instances when Technology did not follow up to ensure that agencies took the steps necessary to avoid future noncompetitive requests, as stated on page 39 and in Table 7 on page 43. Therefore, we recommend on page 50 that Technology hold agencies accountable for implementing corrective action plans by tracking outstanding plans and following up to ensure agencies complete them. 1 67