DEMO MODE: You are viewing a live preview of DiligenceDesk.
DD

DILIGENCEDESK

Federal Procurement Audit Engine

User Guide

Operational guidance for conducting unified diligence audits on federal contractors, grant recipients, and entity partners.

Operational Philosophy

Diligence Desk operates on a strict verification model. We aggregate public federal data to provide a unified risk picture. Unlike traditional tools that rely on opaque scores, we prioritize raw data transparency, surfacing explicitly why an entity is flagged.

Local-First Architecture

Your searches and audit history are processed locally in your browser and cached temporarily. We do not retain long-term records of your investigative targets on our servers.

Audit Verification Protocol

1

Identity Resolution

Enter an Entity Name, UEI, or CAGE Code. The system first resolves the entity against SAM.gov to establish a "Golden Record" of identity.

2

Cross-Domain Data Gathering

Once identified, we query 5 federal databases concurrently:

  • SAM.gov: Exclusions and Registration Status.
  • DOL (Enforcement): Wage & Hour / OSHA violations.
  • USA Spending: Contract history and performance.
  • SEC EDGAR: Financial health and filings.
  • NIST NVD: Cybersecurity vulnerabilities (CPE matching).
3

Verdict Synthesis

All data points are weighed to produce a simplified unified verdict.

Interpreting Verdicts

FAIL

Critical Risk. Verified Exclusion (debarment), active sanctions, or severe labor violations (Child Labor/Human Trafficking). Immediate disqualification recommended.

WARNING

Moderate Risk. Expired registration, multiple labor violations, or high financial stress. Requires manual review of specific flags.

PASS

Low Risk. Entity is active, no exclusions, and clean enforcement history. Safe to proceed with standard diligence.

Integrity Pillar

Sourced directly from the Department of Labor (DOL) Enforcement Database. We specifically monitor the Wage and Hour Division (WHD) and Occupational Safety and Health Administration (OSHA) datasets.

Key Indicators:
  • Willful Violator: Employer knowingly violated the law.
  • Repeat Violator: Employer has a history of similar violations.
  • Back Wages: Unpaid wages recovered for employees.

Performance Pillar

Sourced from USASpending.gov. This pillar analyzes an entity's track record with large federal contracts.

  • Is this a new vendor (First-time contractor)?
  • Have they managed large obligations ($1M+)?
  • Which agencies have awarded them contracts?

Financial Pillar

Sourced from SEC EDGAR. We parse 10-K and 10-Q filings for public companies.

SIC Code AssessmentRevenue & Net Income Trends

Cyber Risk Pillar

Sourced from the NIST National Vulnerability Database (NVD). We assess the digital footprint of an entity to identify known security vulnerabilities.

Risk Assessment:
  • CPE Matching: We cross-reference hardware and software products against Common Platform Enumeration (CPE) identifiers.
  • CVE Lookup: Flaws are mapped to Common Vulnerabilities and Exposures (CVE) records to determine severity (CVSS Score).
  • Critical Alerts: Flags specifically for known exploited vulnerabilities (KEV).

Visual Ecosystem Intelligence

The Visual Risk Graph maps the verified relationships between the entity and its operational ecosystem. This "Manifest of Trust" reveals hidden connections.

Node Legend

  • Funding Agency: Source of federal dollars (e.g. DoD).
  • Beneficial Owner: Corporate parent or holding company.
  • Point of Contact: Verified human officer.
  • Risk Event: Active violation or sanction.

"Follow the money, follow the people. A risk graph shows you who is really behind the curtain."

Interactive ZoomHigh-Res Export

Hardware Compliance Auditor

The Section 889 Compliance Tool allows you to check hardware MAC addresses against the prohibited manufacturer list (e.g., Huawei, ZTE, Hikvision, Dahua).

Instructions:

  1. Navigate to the "Hardware Compliance" tab.
  2. Enter a valid MAC address (e.g., 00:18:82:XX:XX:XX).
  3. The system will identify the OUI (Organizationally Unique Identifier) and return a Risk Level.

Batch Screening

For high-volume diligence, use the Batch Screening module to audit up to 100 entities simultaneously via CSV.

CSV Requirements:

Your CSV file must have a single header row with the following exact column name:

Entity Name

*Additional columns will be ignored. Maximum file size: 2MB.

Related Resources

Use these pages when you need a more structured workflow than the dashboard alone.

Methodology and Data Sources

Learn how DiligenceDesk uses SAM.gov, DOL, USAspending, SEC, and Section 889 screening.

Due Diligence Checklist

A repeatable first-pass workflow for screening contractors and subcontractors.

SAM.gov Check Guide

What to confirm in SAM.gov before you trust the rest of the diligence workflow.

Section 889 Check

How to add hardware screening to the broader procurement review process.