What Changes When DCMA Walks In

What DCMA surveillance actually looks like from inside a program, and what intensified oversight reveals about the compliance framework.

Defense Contract Management Agency surveillance is the most direct form of external oversight that federal contractors operating under earned value reporting requirements will encounter. For programs subject to DCMA oversight — typically cost-reimbursement or fixed-price incentive contracts with a value above the DoD EVMS threshold — a surveillance visit is not a single event. It is an ongoing relationship between the agency and the contractor's program controls infrastructure.

Understanding what DCMA actually does when it reviews a program, and what changes for a contractor when that oversight intensifies, reveals a great deal about both the strengths and limits of the federal EVMS compliance framework.

What DCMA Surveillance Is

DCMA does not audit programs in the traditional sense of examining financial records after the fact. It reviews the system — the processes, procedures, and tools that generate the performance data — and the data those systems produce. A DCMA surveillance review assesses whether the contractor's EVMS is operating in compliance with the EIA-748 guidelines that were validated during the Integrated Baseline Review.

This is a critical distinction. DCMA is not primarily asking "is this program performing well?" It is asking "is this program measuring performance correctly?" A program can be behind schedule, over cost, and headed for a significant overrun — and still be in EVMS compliance, provided the measurement system is accurately reflecting that reality. Conversely, a program that appears to be performing well but whose measurement system is producing unreliable data is a compliance problem regardless of the headline metrics.

DCMA's oversight tool is the Surveillance Plan, which defines the frequency and scope of reviews for each covered program. Programs with higher risk or prior compliance issues receive more intensive oversight. Programs with established clean histories may be reviewed less frequently. The 14-Point Assessment is the standardized instrument used in most surveillance engagements.

The IBR and What It Establishes

Before DCMA surveillance begins in earnest, covered programs go through an Integrated Baseline Review. The IBR is a joint government-contractor examination of the Performance Measurement Baseline — the agreement about what will be accomplished, when, and at what cost. The IBR establishes the benchmark against which all future DCMA surveillance will be conducted.

The IBR matters forensically because it creates a documented record of the baseline as it was agreed to at program inception. A DCMA surveillance review that identifies variance between the current baseline and the IBR baseline — without a corresponding approved baseline change — has found a discrepancy that requires explanation. That discrepancy is the entry point for most retroactive baseline change findings.

What Actually Changes Under Surveillance Pressure

Contractors who have been through multiple DCMA surveillance cycles develop a specific set of behaviors. Some of these behaviors represent genuine compliance improvement. Others represent compliance theater — the appearance of compliance without the substance.

On the genuine improvement side, surveillance pressure creates discipline around schedule statusing cadences, variance analysis documentation, and EAC update procedures. When a contractor knows its schedule will be reviewed on a defined cycle, the practical incentive to maintain schedule health improves. Backlogs of unresolved out-of-sequence conditions, unactioned constraint violations, and stale actual dates get addressed before the review rather than after.

On the theater side, surveillance pressure can drive schedule manipulation rather than preventing it. A contractor who knows that a surveillance review is scheduled and who also knows that the program's true float position is below compliance thresholds has a direct incentive to make adjustments before the review. The 14-Point Assessment metrics are the targets. The manipulation that brings those metrics into compliance before the surveillance date is exactly the retroactive change and float inflation pattern that forensic analysis is designed to detect.

The period immediately preceding a scheduled DCMA review is, forensically, one of the highest-risk periods in the program calendar. It is when the incentive to adjust the schedule is greatest and when the changes made to historical data are most likely to leave detectable traces in the version comparison.

The Corrective Action Request Process

When DCMA identifies a compliance deficiency, it issues a Corrective Action Request. The CAR documents the finding, specifies the guideline that has been violated, and requires the contractor to respond with a root cause analysis and a corrective action plan. The contractor's response is reviewed by DCMA. If the response is accepted, the finding is closed. If it is not, the CAR can escalate through the oversight hierarchy.

CARs create a documented compliance history for the program. A program with multiple unresolved CARs, particularly for the same guideline, signals a systemic compliance problem rather than isolated issues. This history is relevant in contract disputes because it documents what the government knew about EVMS integrity problems and when they were identified.

What DCMA Cannot Do

DCMA's oversight framework is comprehensive, but it has structural limits that create gaps.

DCMA reviews the measurement system, not the physical work. Surveyors examine schedule logic, variance analysis quality, and EAC methodology — they do not independently verify that the concrete was actually poured or that the equipment was actually installed. A measurement system that appears compliant can still be producing data that does not reflect physical reality if the underlying progress reporting is fabricated.

DCMA reviews at a defined cadence. Between surveillance visits, the schedule evolves, baselines shift, and performance data is generated without external oversight. Manipulation that occurs between surveillance dates and is resolved before the next review may never be detected in the surveillance cycle.

DCMA's 14-Point Assessment is a threshold check. As discussed elsewhere, it evaluates structural properties of the current schedule against defined limits. It does not compare the current schedule against its prior versions, does not analyze float trajectory, and does not detect distribution of buffer that stays below individual thresholds.

The oversight framework is real and consequential. Its limits are equally real. A sophisticated contractor who understands both the surveillance framework and its limits has more room to maneuver within that framework than the framework's architecture suggests.

The Forensic Intelligence Engine provides independent schedule analysis between DCMA surveillance cycles, detecting manipulation that threshold-based checks miss and providing findings that are traceable, version-controlled, and defensible in contract proceedings.