OSD's Quality Assurance (QA) Review assists departments in achieving and maintaining compliance under procurement regulation 801 CMR 21.00. The QA Review is an essential tool used to monitor procurement and remedy problems.

The QA Review provides comprehensive monitoring through:

  • Efficient oversight methods that acknowledge good practices
  • Coordinated, streamlined communication with departments
  • A technical assistance network for departments
  • Identification and resolution of common areas of concern
  • Assistance to departments in applying procurement policies, rules and regulations

The OSD QA Review shall include, but is not limited to, the following:

  • Deficiencies from previous OSD QA Review
  • Internal control practices related to procurement
  • Number and type of audit findings and Corrective Action Plans (CAP), if necessary
  • Results of the QA categories reviewed
  • The QA categories include the following:
    • Supplier Diversity Program (SDP)
    • Small Business Purchasing Program (SBPP)
    • Incidental Purchases
    • Comm-PASS including compliance to Policy and 60-Day Rule
    • Procurement Files Management
    • Statewide Contract Utilization
    • Request for Response (RFR) Components
    • American Recovery and Reinvestment Act (ARRA) Funds including compliance to Comm-PASS posting requirements and Procurement Files Management
    • Contract Reduction Directive
    • Contract Employees

The QA Review records reside at OSD's Office of Audit and Quality Assurance and are shared with the department's Chief Fiscal Officer. The QA Review may identify areas of procurement practice that require the department to address. If the need is substantial, the QA team will require department's draft a Corrective Action Plan to submit to OSD for approval. Also, the QA team may recommend changes to delegation authority depending on the severity of the matter.

Delegation provides departments with greater purchasing efficiency and flexibility. Departments with high performance and consistent compliance with standards, which indicates low-risk to the Commonwealth, are granted increased delegation. Conversely, departments that do not comply may have their delegation rescinded. This may require extensive oversight by OSD.


OSD's Office of Audit and Quality Assurance conducts reviews throughout the year based upon risk assessment Departments are notified of the review and whether an on-site review will be conducted. The on-site meeting shall include, but is not limited to the following:

  • Meet with the department CFO and their staff
  • Present results of the Risk Assessment review and discuss issues or areas of concern that may require immediate action
  • Facilitate a "Give-and-Take" discussion
  • Review files located only at the department

Departments are given 5-7 business days to respond to a draft report. Once a QA review is considered closed, a finalized report package is gathered for the department's records.