United States General Accounting Office GAO Testimony Before the Subcommittee on Benefits Committee on Veterans' Affairs House of Representatives Not to be Released Before 10:00 a.m. EDT CERTIFICATION Thursday September 9, 1999 REQUIREMENTS Guidance Governing Agency Actions Is Limited Statement for the Record of L. Nye Stevens Director, Federal Management and Workforce Issues General Government Division -GAO Accountability * Integrity * Reliability GAOrT-GGD-99-166 2,2-'1lp7~~ Statement Certification Requirements: Guidance Governing Agency Actions Is Limited Mr. Chairman and Members of the Committee: I am pleased to provide some preliminary results from our ongoing review for the House Committee on Small Business of federal agencies' certification requirements. The term "certification" generally refers to a process of providing written assurance that a product, process, service, organization, or individual conforms to specified requirements or standards, and includes activities such as accreditation, registration, and conformity assessment. The Committee on Small Business asked us to describe (1) the extent and variety of certification activities in the federal government; (2) the extent to which any policies, procedures, or guidance exist governing those activities, either governmentwide or within selected agencies; and (3) an agency certification practice that could serve as an example or "best practice" for other agencies. At the Committee's request, the Department of Veterans Affairs (VA) was one of the agencies that we contacted during our review.' In brief, our preliminary results indicate that federal agencies engage in a large number and wide variety of certification-related activities. These activities vary across multiple dimensions, such as the targets of the certifications, the types of organizations that actually do the certifications, and whether the certifications are mandatory or voluntary. Although there are some limits in federal procurement law and within certain programs on the use of certification requirements, there is currently no governmentwide or, within the agencies we contacted, agencywide guidance to direct or assist agencies in the development, selection, or implementation of all types of certification requirements. However, the Department of Commerce's National Institute of Standards and Technology (NIST) has prepared draft guidance for agencies on conformity assessment activities, including certification. 2 NIST plans to publish that guidance for public comment later this year. Finally, we believe that transparency, or describing the basis of agencies' decisionmaking, is a certification best practice. We concluded that some agencies' certification decisions were very transparent, clearly documenting the criteria used to select a particular requirement or certification body. However, in other cases-including one at VA-the 'The other agencies that we contacted were the Department of Transportation (DOT); and, within the Department of Health and Human Services, the Centers for Disease Control and Prevention (CDC), the Food and Drug Administration (FDA), and the National Institutes of Health (NIH). 2 Congress established NIST (formerly the National Bureau of Standards) in 1901 to support industry, commerce, scientific institutions, and all branches of the government. It is an agency of the Department of Commerce, and its primary mission is to promote United States economic growth by working with industry to develop and apply technology, measurements, and standards. Page 1 GAOir-GGD-99-166 Certification Requirements: Guidance Governing Agency Actions Is Limited reasons agencies selected specific certifying bodies were not as transparent, and organizations that were not selected to provide certifications raised questions about the criteria the agencies used. There is no official definition of "certification" that is applicable to the Background activities of all federal agencies. A NIST official told us that there are almost as many definitions of a federal certification program as there are agencies. Different organizations may use other terms to refer to the concept, such as accreditation, registration, approval, or listing, and may use the terms interchangeably. 3 Federal certification requirements can be imposed with regard to a variety of topics and in many different forms. An agency might require a physician to be board certified in his or her medical specialty. Before purchasing certain types of equipment, an agency might require that prospective sellers obtain a certification from a testing laboratory indicating that their product is safe. Federal agencies may establish certification requirements as prerequisite for federal contracting opportunities, as part of a regulatory provision, or for other purposes. Certifications can also have some troubling effects on affected parties. Businesses or individuals that wish to provide a particular product or service to the government might need to obtain multiple certifications to meet the requirements of different agencies. Also, an agency might select a particular certifying organization while not accepting certifications in the same subject area from other organizations with similar qualifications. We did not attempt to develop a compendium of every federal certification Agencies Engage in a or certification-related activity and requirement. However, it is clear from Wide Variety of the information we obtained that federal agencies engage in a large Certification-Related number and wide variety of certification-related activities. For example, Activities NIST publishes directories listing more than 200 federal government procurement and regulatory programs in which agencies are actively involved in providing or requiring certification, accreditation, listing, or registration. The NIST directories provide only a partial inventory of agencies' certification activities, though, because they are primarily limited to certifications of products, processes, and services. Also, the directories do not cover individual procurement opportunities in which agencies require a vendor or contractor to have particular certifications or accreditations in order to participate. 3 Adding to the confusion over terminology, certification is also used in a completely different sense to refer to many routine contract clauses and solicitation provisions, such as the Certification of Final Indirect Costs;, that are not related to conformance with technical or professional standards. Those clauses and provisions were outside the scope of our review. See 41 U.S.C. 425(c) for limitations on the use of requirements for certification by offerers or contractors in the Federal Acquisition Regulation. Page 2 GAO/T-GGD-99-166 Certification Requirements: Guidance Governing Agency Actions Is Limited Like the standards on which they are based, agencies' certification activities vary across multiple dimensions, including (1) the origin of the requirements (e.g., statutory versus agency-initiated); (2) which entity or entities do the certifying (e.g., governmental versus private sector agents); (3) whether certifications are mandatory or voluntary; and (4) the extent to which there is reciprocity with or recognition of other certifications or other organizations' requirements. Some of the requirements differ on multiple dimensions. For example, the Department of Commerce's National Marine Fisheries Service has a voluntary Seafood Inspection Program for inspection and certification of both seafood products and processing operations. The program is carried out pursuant to the Agricultural Marketing Act of 1946, as amended; involves inspection by licensed federal and state agents; and provides certification recognized by other federal, state, and foreign government agencies, as well as some private and international organizations. Some other certification programs are mandatory in nature, originate with the agencies themselves, are performed by nongovernmental personnel, and/or may not be universally recognized by other agencies, countries, or the private sector. The Competition in Contracting Act of 1984 provides that a solicitation for Little Governmentwide a government contract may include a restrictive provision only to the Guidance Covering extent the provision is authorized by law or is necessary to satisfy the Certification Activities agency's needs. Some agency-specific acquisition regulations mirror the act's general limitation against restrictive provisions. 4 In our bid protest decisions, we have generally not objected to a requirement that an item conform to a set of standards adopted by a nationally recognized organization in the field or a requirement for independent laboratory certification that such standards are met. However, we have found requirements unduly restrictive if they require approval by specific organizations without recognition of equivalent approvals. 5 The absence of an endorsement by a particular private organization should not automatically exclude offers that might otherwise meet a procuring agency's needs. Neither the agency officials that we interviewed nor agency documents that we reviewed identified any governmentwide guidance or, for the selected agencies we reviewed, agencywide guidance focused specifically on certification activities. Agency officials we contacted said that their certification activities are driven more by the particular profession, 'See, for example, VA's acquisition regulations at 48 CFR 852.211-75. SSee, for example, Aegis Analytical Laboratories. Inc., B-252511, July 2, 1993. Page 3 GAO/T-GGD-99-166 Certification Requirements: Guidance Governing Agency Actions Is Limited industry, or market sector involved than by federal government considerations. For example, officials from VA and NIH said that their agencies often use "nationally recognized" or "industry standard" certifications for a given sector. NIST officials said that a common finding from their meetings and workshops is that people tend to use the certification or accreditation program with which they are most familiar. NIST has taken a first step toward governmentwide guidance in this area, preparing draft guidance for federal agencies on certification and other conformity assessment activities. This guidance is currently under review at the Office of Management and Budget (OMB), and NIST expects to publish it in the Federal Register for public comment later this year. NIST officials explained that the guidance would apply to all agencies that set policy for, manage, operate, or use conformity assessment activities and results, both domestic and international, except for activities carried out pursuant to treaties. NIST expects the guidance to define agency responsibilities in a number of areas, such as * identifying appropriate private sector conformity assessment practices and programs and considering use of the results of such practices or programs as appropriate in new or existing regulatory and procurement actions; * using relevant guides or recommendations for conformity assessment practices published by domestic and international standardizing bodies as appropriate; and * working with other agencies to avoid unnecessary duplication and complexity in federal conformity assessment activities. However, NIST officials pointed out that the guidance will not preempt the agencies' authority and responsibility to make regulatory or procurement decisions authorized by statute or required to meet programmatic objectives and requirements. They also said that the guidance would not suggest that agencies explain why they selected one certification requirement or organization over other possible candidates. Agency officials also identified some related policies, procedures, and guidance that affect their certification activities. For example, OMB Circular A-119 provides guidance on agencies' participation in the development and use of voluntary consensus standards and in conformity assessment activities. The circular directs agencies to use voluntary consensus standards in lieu of government-unique standards except where inconsistent with law or otherwise impractical. Agency officials also noted that their general procedures and regulations governing rulemaking and procurement play an important role in certification activities. In particular, Page 4 GAO/T-GGD-99-166 Certification Requirements: Guidance Governing Agency Actions Is Limited they noted that such procedures provide valuable opportunities for an agency to inform the public and solicit feedback on proposed certification requirements. As noted previously, agency certification actions are numerous and vary Transparency of substantially. Therefore, specification of a certification "best practice" Agency Certification would likely depend on the context of the certifications. Rather than Requirements Varies attempting to develop criteria for selecting the best among these procedures, we want to highlight one that we have supported in the regulatory arena-transparency, or clearly describing the basis for agency decisionmaking. Transparency in certification decisionmaking is important because those decisions can have significant implications for affected parties. Our review of agency certification activities indicates that the transparency of these actions can vary dramatically. The criteria that agencies used or planned to use to select particular requirements or certifying organizations appeared to be very clear in some instances and not well documented in others. FDA's mammography program provides a good example of transparency in certification decisionmaking. Making extensive use of the public rulemaking process, FDA established detailed procedures and criteria for certification of personnel and facilities providing mammography services, as well as the approval of accreditation bodies under the act. In other certification requirements, though, the agencies did not provide clearly documented explanations for their actions. In these cases, certification organizations that were not selected or designated raised questions about the criteria the agencies used. However, agency officials were able to explain to us the reasons for their actions. One such example was VA's implementation of new procedures, effective July 1, 1997, requiring newly-hired physicians to be board certified in the clinical specialty in which they will practice, unless they have the written approval of the Chief Patient Care Services Officer prior to appointment. In a subsequent information letter, the VA Undersecretary for Health specified that certifying bodies recognized for purposes of this issue are the American Board of Medical Specialties (ABMS) for allopathic physicians and the Bureau of Osteopathic Specialists (BOS) for osteopathic specialists. In a series of letters, the American Association of Physician Specialists, Inc. and this Committee questioned why only ABMS and BOS certification were recognized, and requested that VA provide the criteria used to evaluate and select those two organizations. In its response to this Committee, VA stated that certifying groups vary widely in their Page 5 GAO/r-GGD-99-166 Certification Requirements: Guidance Governing Agency Actions Is Limited requirements and that ABMS and BOS are "the standard certifying organizations recognized throughout American medicine." However, VA did not further describe how it selected these two certifying organizations. VA officials told us that the Department does not have specific written criteria or guidance on certification decisionmaking, and said they rely on consensus practices and standards of the health care profession. They said VA's use of ABMS and BOS certifications can be traced back to a 1980 decision by the Chief Medical Director to accept ABMS and BOS physician board certifications for Incentive Special Pay purposes. In 1997, VA extended those same certifications that were required for special pay purposes to employment, "grandfathering" currently employed physicians. VA officials also noted that they had canvassed other federal agencies involved in health care-including the Department of Defense, the Public Health Service, NIH, CDC, and the Bureau of Prisons-and found that essentially all recognized ABMS and BOS as the two accepted organizations for accreditation purposes. Finally, they pointed out that, by law, the Secretary for Veterans Affairs has special authority to make personnel decisions. Federal agencies' certification requirements are an invaluable tool in Concluding helping to ensure product quality, process reliability, and professional Observations competence in a variety of venues. Without those requirements, federal agencies would have to independently evaluate the safety of products, whether certain procedures will yield the desired results, and whether individual workers possess the skills required to perform a given task. Agencies have broad latitude in the selection of certification requirements and certifying organizations, which can result in what appear to be inconsistencies of application. These apparent inconsistencies are exacerbated when the reasons behind the agencies' certification decisions are unclear. Transparency of these decisions can improve their perceived legitimacy, and that transparency can be achieved in a variety of ways. For example:, if an agency's certification requirement is related to a procurement action, the agency can make clear the basis of that requirement in the request for proposals. If prospective contractors believe the justification provided is insufficient, mechanisms are available in the contracting process to appeal the agency's determination. Some agencies have also used the rulemaking process to delineate the rationale behind their certification requirement decisions. Again, those who believe the justifications are insufficient can file comments with the agency as part of the notice and comment process. Although these contracting and rulemaking processes are convenient mechanisms for certification Page 6 GAOrT-GGD-99-166 Certification Requirements: Guidance Governing Agency Actions Is Limited transparency, they are not universally applicable because some certification requirements do not arise in either environment. The diversity of these requirements suggests that a governmentwide mandate for certification transparency would be difficult to implement. However, regardless of the venue in which the requirements arise, multiple channels are available for agencies that want to clearly explain their certification decisions. Contacts and Acknowledgement For further contacts regarding this testimony please contact L. Nye Stevens or Tim Bober at (202) 512-8676. Individuals making key contributions to this testimony included Curtis Copeland, Alan Belkin, Victor B. Goddard, and John Brosnan. Page 7 GAO/T-GGD-99-166
Certification Requirements: Guidance Governing Agency Actions Is Limited
Published by the Government Accountability Office on 1999-09-09.
Below is a raw (and likely hideous) rendition of the original report. (PDF)