Enter the contractor or entity
Provide a legal name, UEI, or CAGE code. DiligenceDesk resolves the entity against SAM.gov to anchor identity, then fans out to all eight upstream sources in parallel.
Federal contractor due diligence in one search.
DiligenceDesk reconciles eight public U.S. federal data sources into a single deterministic verdict you can defend in writing. SAM.gov registration, DOL and OSHA enforcement, sanctions screening, federal award history, SEC filings, corporate ownership chains, cyber vulnerability exposure, and Section 889 prohibited-hardware checks all run in one pass and synthesize into a PASS, WARNING, FAIL, or NEUTRAL verdict exportable as PDF or CSV.
How it works
Enter an entity, run eight checks in parallel, get a defensible verdict.
DiligenceDesk queries eight federal data sources in parallel, normalizes fields across different schemas, overlays sector risk, and synthesizes everything into a deterministic verdict.
Eight sources queried in parallel
SAM.gov registration and exclusions, DOL Wage & Hour enforcement, OSHA inspections, ITA Consolidated Screening List, USAspending awards, SEC EDGAR filings, GLEIF ownership chains, and NIST NVD cyber exposure all run simultaneously.
Get a deterministic verdict
Evidence is synthesized into a four-rung verdict (PASS / WARNING / FAIL / NEUTRAL) with a sector-risk overlay. Same inputs always produce the same verdict. Export the full report as PDF or CSV for your procurement file.
What it covers
The checks that federal contracting teams run before every engagement.
SAM.gov verification
Identity anchor for every audit. Confirms registration status, checks for active exclusions, validates CAGE code and UEI, and reads NAICS/PSC codes for sector-risk classification.
DOL and OSHA enforcement
Surfaces Department of Labor Wage & Hour violation records and OSHA safety inspection history. Flags willful and repeat violators that trigger an automatic FAIL verdict.
Sanctions and denied persons
Checks the ITA Consolidated Screening List for sanctions hits, denied persons, entity list matches, and unverified list entries. HIGH-severity matches trigger FAIL; moderate matches trigger WARNING.
Federal award history
Pulls contract and grant award data from USAspending to show the entity's track record with federal agencies, including award amounts, contract types, and agency relationships.
SEC EDGAR and GLEIF ownership
Queries SEC EDGAR for public-company financial filings (10-K, 10-Q, 8-K) and GLEIF for Legal Entity Identifier records including Level-2 parent and subsidiary ownership chains.
Cyber vulnerability exposure
Maps the entity against NIST NVD via CPE matching to surface known CVEs and CVSS scores. Identifies cyber exposure relevant to defense and critical infrastructure contractors.
Section 889 prohibited hardware
Checks against a local registry of prohibited-manufacturer MAC and OUI ranges per Section 889 of the NDAA, which bans federal contracts involving certain telecommunications equipment.
Deterministic verdict engine
All evidence feeds into a four-rung verdict ladder (PASS / WARNING / FAIL / NEUTRAL) with a sector-risk overlay for sensitive industries. Same inputs, same verdict, every time. Exportable as PDF or CSV.
Batch CSV auditing
Upload a CSV of entity names, UEIs, or CAGE codes and run the full eight-source screening against each one in sequence. Results export as a combined PDF or CSV report for procurement files that cover multiple vendors.
Interactive risk graph
A directed graph built with @xyflow/react and dagre layout visualizes how each evidence pillar connects to the final verdict. Nodes represent data sources and findings, edges show causal links between red flags and the synthesized outcome.
Sector-risk breakdown panel
Reads NAICS and PSC codes from the SAM.gov record and maps them against 32 NAICS and 44 PSC sensitivity classifications. A portfolio composition bar shows how the entity's work splits across defense, nuclear, aerospace, and civilian sectors with per-code severity badges.
Audit history and knowledge base
All past screenings persist locally in IndexedDB with no account or signup required. An 18-page reference library covers FAR 9.104 responsibility standards, SPRS scores, SBA certifications, Davis-Bacon wage determinations, and more. The published methodology page explains exactly how the verdict engine works.
Built with
Eight federal APIs, strict TypeScript, production infrastructure.
DiligenceDesk is built on Next.js 16 with strict TypeScript, Tailwind 4, Cloudflare Turnstile bot protection, Upstash Redis caching with tiered TTLs, and Cloudflare edge security headers. The risk graph uses @xyflow/react with dagre layout. All upstream API keys are server-side only. Audit history stays local to the browser in IndexedDB.
FAQ
Common questions about DiligenceDesk.
Yes. DiligenceDesk is free to use for running contractor screenings. No signup or account required.
Contracting officers, procurement teams, compliance analysts, and anyone involved in vetting government contractors or subcontractors before awarding work.
DiligenceDesk reconciles eight federal data sources: SAM.gov for registration and exclusions, DOL Wage and Hour for labor enforcement, OSHA for safety inspections, the ITA Consolidated Screening List for sanctions and denied persons, USAspending for federal award history, SEC EDGAR for public-company filings, GLEIF for legal entity ownership chains, and NIST NVD for cyber vulnerability exposure. It also checks a local Section 889 prohibited-hardware registry.
DiligenceDesk synthesizes evidence from all sources into a deterministic four-rung verdict: PASS (no automated red flags), WARNING (human review required), FAIL (stop and consult counsel), or NEUTRAL (no federal records found). Same inputs always produce the same verdict. Results are exportable as PDF or CSV.
Section 889 of the National Defense Authorization Act prohibits federal agencies from contracting with entities that use telecommunications equipment from certain covered manufacturers. DiligenceDesk checks against a prohibited-manufacturer MAC/OUI registry to flag compliance risks.
Yes. The Batch Auditor accepts a CSV upload of entity names, UEIs, or CAGE codes and runs the full eight-source screening against each one. Results export as a combined PDF or CSV report.
After each screening, an interactive directed graph shows how evidence from each data source connects to the final verdict. You can explore which findings triggered which verdict rung and trace the causal path from raw data to outcome.
The current tool provides the standard eight-source screening workflow. If you need a custom version with additional data sources, internal integrations, or organization-specific screening criteria, Orygn can build that as a custom engagement.
Built by Orygn
DiligenceDesk is one of several tools Orygn has built to make compliance and due diligence workflows more efficient.
Orygn builds custom software, internal tools, and compliance-focused systems for small businesses and growing teams. DiligenceDesk is a production example of that approach: eight federal data sources reconciled into a single defensible verdict, with the methodology published openly.
Open DiligenceDesk