Certification Requirements: Guidance Governing Agency Actions Is Limited
(Statement/Record, 09/09/1999, GAO/T-GGD-99-166).
Pursuant to a congressional request, GAO discussed the certification
requirements of federal agencies, focusing on: (1) the extent and
variety of certification activities in the federal government; (2) the
extent to which any policies, procedures, or guidance exist governing
these activities, either governmentwide or within selected agencies; and
(3) an agency certification practice that could serve as an example or
best practice for other agencies.
GAO noted that: (1) GAO's preliminary results indicate that federal
agencies engage in a large number and wide variety of
certification-related activities; (2) these activities vary across
multiple dimensions, such as the targets of the certifications, the
types of organizations that actually do the certifications, and whether
the certifications are mandatory or voluntary; (3) although there are
some limits in federal procurement law and within certain programs on
the use of certification requirements, there is no governmentwide or,
within the agencies GAO contacted, agencywide guidance to direct or
assist agencies in the development, selection, or implementation of all
types of certification requirements; (4) however, the National Institute
of Standards and Technology (NIST) has prepared draft guidance for
agencies on conformity assessment activities, including certification;
(5) NIST plans to publish that guidance for public comment later this
year; (6) GAO believes that transparency, or describing the basis of
agencies' decisionmaking, is a certification best practice; (7) GAO
concluded that some agencies' certification decisions were very
transparent, clearly documenting the criteria used to select a
particular requirement or certification body; and (8) however, in other
cases--including one at the Department of Veterans Affairs--the reasons
agencies selected specific certifying bodies were not as transparent,
and organizations that were not selected to provide certifications
raised questions about the criteria the agencies used.
--------------------------- Indexing Terms -----------------------------
REPORTNUM: T-GGD-99-166
TITLE: Certification Requirements: Guidance Governing Agency
Actions Is Limited
DATE: 09/09/1999
SUBJECT: Standards and standardization
Private sector practices
Interagency relations
Quality control
Quality assurance
Internal controls
******************************************************************
** This file contains an ASCII representation of the text of a **
** GAO report. This text was extracted from a PDF file. **
** Delineations within the text indicating chapter titles, **
** headings, and bullets have not been preserved, and in some **
** cases heading text has been incorrectly merged into **
** body text in the adjacent column. Graphic images have **
** not been reproduced, but figure captions are included. **
** Tables are included, but column deliniations have not been **
** preserved. **
** **
** Please see the PDF (Portable Document Format) file, when **
** available, for a complete electronic file of the printed **
** document's contents. **
** **
** A printed copy of this report may be obtained from the GAO **
** Document Distribution Center. For further details, please **
** send an e-mail message to: **
** **
** **
** **
** with the message 'info' in the body. **
******************************************************************
United States General Accounting Office GAO
Testimony Before the Subcommittee on Benefits Committee on
Veterans' Affairs House of Representatives Not to be Released
Before 10:00 a.m. EDT Thursday CERTIFICATION
September 9, 1999 REQUIREMENTS Guidance Governing Agency
Actions Is Limited Statement for the Record of L. Nye Stevens
Director, Federal Management and Workforce Issues General
Government Division GAO/T-GGD-99-166 Statement Certification
Requirements: Guidance Governing Agency Actions Is Limited Mr.
Chairman and Members of the Committee: I am pleased to provide
some preliminary results from our ongoing review for the House
Committee on Small Business of federal agencies' certification
requirements. The term "certification" generally refers to a
process of providing written assurance that a product, process,
service, organization, or individual conforms to specified
requirements or standards, and includes activities such as
accreditation, registration, and conformity assessment. The
Committee on Small Business asked us to describe (1) the extent
and variety of certification activities in the federal government;
(2) the extent to which any policies, procedures, or guidance
exist governing those activities, either governmentwide or within
selected agencies; and (3) an agency certification practice that
could serve as an example or "best practice" for other agencies.
At the Committee's request, the Department of Veterans Affairs
(VA) was one of the agencies that we contacted during our review.1
In brief, our preliminary results indicate that federal agencies
engage in a large number and wide variety of certification-related
activities. These activities vary across multiple dimensions, such
as the targets of the certifications, the types of organizations
that actually do the certifications, and whether the
certifications are mandatory or voluntary. Although there are some
limits in federal procurement law and within certain programs on
the use of certification requirements, there is currently no
governmentwide or, within the agencies we contacted, agencywide
guidance to direct or assist agencies in the development,
selection, or implementation of all types of certification
requirements. However, the Department of Commerce's National
Institute of Standards and Technology (NIST) has prepared draft
guidance for agencies on conformity assessment activities,
including certification. 2 NIST plans to publish that guidance
for public comment later this year. Finally, we believe that
transparency, or describing the basis of agencies' decisionmaking,
is a certification best practice. We concluded that some
agencies' certification decisions were very transparent, clearly
documenting the criteria used to select a particular requirement
or certification body. However, in other cases-including one at
VA-the 1The other agencies that we contacted were the Department
of Transportation (DOT); and, within the Department of Health and
Human Services, the Centers for Disease Control and Prevention
(CDC), the Food and Drug Administration (FDA), and the National
Institutes of Health (NIH). 2Congress established NIST (formerly
the National Bureau of Standards) in 1901 to support industry,
commerce, scientific institutions, and all branches of the
government. It is an agency of the Department of Commerce, and its
primary mission is to promote United States economic growth by
working with industry to develop and apply technology,
measurements, and standards. Page 1
GAO/T-GGD-99-166 Certification Requirements: Guidance Governing
Agency Actions Is Limited reasons agencies selected specific
certifying bodies were not as transparent, and organizations that
were not selected to provide certifications raised questions about
the criteria the agencies used. There is no official definition of
"certification" that is applicable to the Background
activities of all federal agencies. A NIST official told us that
there are almost as many definitions of a federal certification
program as there are agencies. Different organizations may use
other terms to refer to the concept, such as accreditation,
registration, approval, or listing, and may use the terms
interchangeably.3 Federal certification requirements can be
imposed with regard to a variety of topics and in many different
forms. An agency might require a physician to be board certified
in his or her medical specialty. Before purchasing certain types
of equipment, an agency might require that prospective sellers
obtain a certification from a testing laboratory indicating that
their product is safe. Federal agencies may establish
certification requirements as prerequisite for federal contracting
opportunities, as part of a regulatory provision, or for other
purposes. Certifications can also have some troubling effects on
affected parties. Businesses or individuals that wish to provide a
particular product or service to the government might need to
obtain multiple certifications to meet the requirements of
different agencies. Also, an agency might select a particular
certifying organization while not accepting certifications in the
same subject area from other organizations with similar
qualifications. We did not attempt to develop a compendium of
every federal certification Agencies Engage in a or
certification-related activity and requirement. However, it is
clear from Wide Variety of the information we obtained
that federal agencies engage in a large number and wide variety of
certification-related activities. For example, Certification-
Related NIST publishes directories listing more than 200
federal government Activities procurement and
regulatory programs in which agencies are actively involved in
providing or requiring certification, accreditation, listing, or
registration. The NIST directories provide only a partial
inventory of agencies' certification activities, though, because
they are primarily limited to certifications of products,
processes, and services. Also, the directories do not cover
individual procurement opportunities in which agencies require a
vendor or contractor to have particular certifications or
accreditations in order to participate. 3Adding to the confusion
over terminology, certification is also used in a completely
different sense to refer to many routine contract clauses and
solicitation provisions, such as the Certification of Final
Indirect Costs, that are not related to conformance with technical
or professional standards. Those clauses and provisions were
outside the scope of our review. See 41 U.S.C. 425(c) for
limitations on the use of requirements for certification by
offerers or contractors in the Federal Acquisition Regulation.
Page 2
GAO/T-GGD-99-166 Certification Requirements: Guidance Governing
Agency Actions Is Limited Like the standards on which they are
based, agencies' certification activities vary across multiple
dimensions, including (1) the origin of the requirements (e.g.,
statutory versus agency-initiated); (2) which entity or entities
do the certifying (e.g., governmental versus private sector
agents); (3) whether certifications are mandatory or voluntary;
and (4) the extent to which there is reciprocity with or
recognition of other certifications or other organizations'
requirements. Some of the requirements differ on multiple
dimensions. For example, the Department of Commerce's National
Marine Fisheries Service has a voluntary Seafood Inspection
Program for inspection and certification of both seafood products
and processing operations. The program is carried out pursuant to
the Agricultural Marketing Act of 1946, as amended; involves
inspection by licensed federal and state agents; and provides
certification recognized by other federal, state, and foreign
government agencies, as well as some private and international
organizations. Some other certification programs are mandatory in
nature, originate with the agencies themselves, are performed by
nongovernmental personnel, and/or may not be universally
recognized by other agencies, countries, or the private sector.
The Competition in Contracting Act of 1984 provides that a
solicitation for Little Governmentwide a government contract may
include a restrictive provision only to the Guidance Covering
extent the provision is authorized by law or is necessary to
satisfy the agency's needs. Some agency-specific acquisition
regulations mirror the Certification Activities act's general
limitation against restrictive provisions.4 In our bid protest
decisions, we have generally not objected to a requirement that an
item conform to a set of standards adopted by a nationally
recognized organization in the field or a requirement for
independent laboratory certification that such standards are met.
However, we have found requirements unduly restrictive if they
require approval by specific organizations without recognition of
equivalent approvals.5 The absence of an endorsement by a
particular private organization should not automatically exclude
offers that might otherwise meet a procuring agency's needs.
Neither the agency officials that we interviewed nor agency
documents that we reviewed identified any governmentwide guidance
or, for the selected agencies we reviewed, agencywide guidance
focused specifically on certification activities. Agency officials
we contacted said that their certification activities are driven
more by the particular profession, 4See, for example, VA's
acquisition regulations at 48 CFR 852.211-75. 5See, for example,
Aegis Analytical Laboratories, Inc., B-252511, July 2, 1993. Page
3
GAO/T-GGD-99-166 Certification Requirements: Guidance Governing
Agency Actions Is Limited industry, or market sector involved than
by federal government considerations. For example, officials from
VA and NIH said that their agencies often use "nationally
recognized" or "industry standard" certifications for a given
sector. NIST officials said that a common finding from their
meetings and workshops is that people tend to use the
certification or accreditation program with which they are most
familiar. NIST has taken a first step toward governmentwide
guidance in this area, preparing draft guidance for federal
agencies on certification and other conformity assessment
activities. This guidance is currently under review at the Office
of Management and Budget (OMB), and NIST expects to publish it in
the Federal Register for public comment later this year. NIST
officials explained that the guidance would apply to all agencies
that set policy for, manage, operate, or use conformity assessment
activities and results, both domestic and international, except
for activities carried out pursuant to treaties. NIST expects the
guidance to define agency responsibilities in a number of areas,
such as * identifying appropriate private sector conformity
assessment practices and programs and considering use of the
results of such practices or programs as appropriate in new or
existing regulatory and procurement actions; * using relevant
guides or recommendations for conformity assessment practices
published by domestic and international standardizing bodies as
appropriate; and * working with other agencies to avoid
unnecessary duplication and complexity in federal conformity
assessment activities. However, NIST officials pointed out that
the guidance will not preempt the agencies' authority and
responsibility to make regulatory or procurement decisions
authorized by statute or required to meet programmatic objectives
and requirements. They also said that the guidance would not
suggest that agencies explain why they selected one certification
requirement or organization over other possible candidates. Agency
officials also identified some related policies, procedures, and
guidance that affect their certification activities. For example,
OMB Circular A-119 provides guidance on agencies' participation in
the development and use of voluntary consensus standards and in
conformity assessment activities. The circular directs agencies to
use voluntary consensus standards in lieu of government-unique
standards except where inconsistent with law or otherwise
impractical. Agency officials also noted that their general
procedures and regulations governing rulemaking and procurement
play an important role in certification activities. In particular,
Page 4
GAO/T-GGD-99-166 Certification Requirements: Guidance Governing
Agency Actions Is Limited they noted that such procedures provide
valuable opportunities for an agency to inform the public and
solicit feedback on proposed certification requirements. As noted
previously, agency certification actions are numerous and vary
Transparency of substantially. Therefore, specification of
a certification "best practice" Agency Certification would
likely depend on the context of the certifications. Rather than
attempting to develop criteria for selecting the best among these
Requirements Varies procedures, we want to highlight one that
we have supported in the regulatory arena-transparency, or clearly
describing the basis for agency decisionmaking. Transparency in
certification decisionmaking is important because those decisions
can have significant implications for affected parties. Our review
of agency certification activities indicates that the transparency
of these actions can vary dramatically. The criteria that agencies
used or planned to use to select particular requirements or
certifying organizations appeared to be very clear in some
instances and not well documented in others. FDA's mammography
program provides a good example of transparency in certification
decisionmaking. Making extensive use of the public rulemaking
process, FDA established detailed procedures and criteria for
certification of personnel and facilities providing mammography
services, as well as the approval of accreditation bodies under
the act. In other certification requirements, though, the agencies
did not provide clearly documented explanations for their actions.
In these cases, certification organizations that were not selected
or designated raised questions about the criteria the agencies
used. However, agency officials were able to explain to us the
reasons for their actions. One such example was VA's
implementation of new procedures, effective July 1, 1997,
requiring newly-hired physicians to be board certified in the
clinical specialty in which they will practice, unless they have
the written approval of the Chief Patient Care Services Officer
prior to appointment. In a subsequent information letter, the VA
Undersecretary for Health specified that certifying bodies
recognized for purposes of this issue are the American Board of
Medical Specialties (ABMS) for allopathic physicians and the
Bureau of Osteopathic Specialists (BOS) for osteopathic
specialists. In a series of letters, the American Association of
Physician Specialists, Inc. and this Committee questioned why only
ABMS and BOS certification were recognized, and requested that VA
provide the criteria used to evaluate and select those two
organizations. In its response to this Committee, VA stated that
certifying groups vary widely in their Page 5
GAO/T-GGD-99-166 Certification Requirements: Guidance Governing
Agency Actions Is Limited requirements and that ABMS and BOS are
"the standard certifying organizations recognized throughout
American medicine." However, VA did not further describe how it
selected these two certifying organizations. VA officials told us
that the Department does not have specific written criteria or
guidance on certification decisionmaking, and said they rely on
consensus practices and standards of the health care profession.
They said VA's use of ABMS and BOS certifications can be traced
back to a 1980 decision by the Chief Medical Director to accept
ABMS and BOS physician board certifications for Incentive Special
Pay purposes. In 1997, VA extended those same certifications that
were required for special pay purposes to employment,
"grandfathering" currently employed physicians. VA officials also
noted that they had canvassed other federal agencies involved in
health care-including the Department of Defense, the Public Health
Service, NIH, CDC, and the Bureau of Prisons-and found that
essentially all recognized ABMS and BOS as the two accepted
organizations for accreditation purposes. Finally, they pointed
out that, by law, the Secretary for Veterans Affairs has special
authority to make personnel decisions. Federal agencies'
certification requirements are an invaluable tool in Concluding
helping to ensure product quality, process reliability, and
professional Observations competence in a variety of venues.
Without those requirements, federal agencies would have to
independently evaluate the safety of products, whether certain
procedures will yield the desired results, and whether individual
workers possess the skills required to perform a given task.
Agencies have broad latitude in the selection of certification
requirements and certifying organizations, which can result in
what appear to be inconsistencies of application. These apparent
inconsistencies are exacerbated when the reasons behind the
agencies' certification decisions are unclear. Transparency of
these decisions can improve their perceived legitimacy, and that
transparency can be achieved in a variety of ways. For example,
if an agency's certification requirement is related to a
procurement action, the agency can make clear the basis of that
requirement in the request for proposals. If prospective
contractors believe the justification provided is insufficient,
mechanisms are available in the contracting process to appeal the
agency's determination. Some agencies have also used the
rulemaking process to delineate the rationale behind their
certification requirement decisions. Again, those who believe
the justifications are insufficient can file comments with the
agency as part of the notice and comment process. Although these
contracting and rulemaking processes are convenient mechanisms for
certification Page 6
GAO/T-GGD-99-166 Certification Requirements: Guidance Governing
Agency Actions Is Limited transparency, they are not universally
applicable because some certification requirements do not arise in
either environment. The diversity of these requirements suggests
that a governmentwide mandate for certification transparency would
be difficult to implement. However, regardless of the venue in
which the requirements arise, multiple channels are available for
agencies that want to clearly explain their certification
decisions. Contacts and Acknowledgement For further contacts
regarding this testimony please contact L. Nye Stevens or Tim
Bober at (202) 512-8676. Individuals making key contributions to
this testimony included Curtis Copeland, Alan Belkin, Victor B.
Goddard, and John Brosnan. Page 7
GAO/T-GGD-99-166 Page 8 GAO/T-GGD-99-166 Ordering Information
The first copy of each GAO report and testimony is free.
Additional copies are $2 each. Orders should be sent to the
following address, accompanied by a check or money order made out
to the Superintendent of Documents, when necessary. VISA and
MasterCard credit cards are accepted, also. Orders for 100 or more
copies to be mailed to a single address are discounted 25 percent.
Order by mail: U.S. General Accounting Office P.O. Box 37050
Washington, DC 20013 or visit: Room 1100 700 4th St. NW (corner of
4th and G Sts. NW) U.S. General Accounting Office Washington, DC
Orders may also be placed by calling (202) 512-6000 or by using
fax number (202) 512-6061, or TDD (202) 512-2537. Each day, GAO
issues a list of newly available reports and testimony. To receive
facsimile copies of the daily list or any list from the past 30
days, please call (202) 512-6000 using a touch-tone phone. A
recorded menu will provide information on how to obtain these
lists. For information on how to access GAO reports on the
INTERNET, send e-mail message with "info" in the body to:
[email protected] or visit GAO's World Wide Web Home Page at:
http://www.gao.gov United States General Accounting Office
Bulk Rate Washington, D.C. 20548-0001 Postage & Fees Paid GAO
Permit No. G100 Official Business Penalty for Private Use $300
Address Correction Requested (410490)
*** End of document. ***