[Congressional Bills 117th Congress]
[From the U.S. Government Publishing Office]
[S. 4908 Introduced in Senate (IS)]

<DOC>






117th CONGRESS
  2d Session
                                S. 4908

  To improve the visibility, accountability, and oversight of agency 
      software asset management practices, and for other purposes.


_______________________________________________________________________


                   IN THE SENATE OF THE UNITED STATES

                           September 21, 2022

Mr. Peters (for himself and Mr. Cassidy) introduced the following bill; 
which was read twice and referred to the Committee on Homeland Security 
                        and Governmental Affairs

_______________________________________________________________________

                                 A BILL


 
  To improve the visibility, accountability, and oversight of agency 
      software asset management practices, and for other purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Strengthening Agency Management and 
Oversight of Software Assets Act''.

SEC. 2. DEFINITIONS.

    In this Act:
            (1) Administrator.--The term ``Administrator'' means the 
        Administrator of General Services.
            (2) Agency.--The term ``agency'' has the meaning given the 
        term ``establishment'' in section 12 of the Inspector General 
        Act of 1978 (5 U.S.C. App.).
            (3) Cloud computing.--The term ``cloud computing'' has the 
        meaning given the term in Special Publication 800-145 of the 
        National Institute of Standards and Technology, or any 
        successor document.
            (4) Cloud service provider.--The term ``cloud service 
        provider'' means an entity offering cloud computing products or 
        services to agencies.
            (5) Comprehensive assessment.--The term ``comprehensive 
        assessment'' means a comprehensive assessment conducted 
        pursuant to section 3(a).
            (6) Director.--The term ``Director'' means the Director of 
        the Office of Management and Budget.
            (7) Plan.--The term ``plan'' means the plan developed by a 
        Chief Information Officer, or equivalent official, pursuant to 
        section 4(a).
            (8) Software entitlement.--The term ``software 
        entitlement'' means any software that--
                    (A) has been purchased, leased, or licensed by or 
                billed to an agency under any contract or other 
                business arrangement; and
                    (B) is subject to use limitations.
            (9) Software inventory.--The term ``software inventory'' 
        means the software inventory of an agency required pursuant 
        to--
                    (A) section 2(b)(2)(A) of the Making Electronic 
                Government Accountable By Yielding Tangible 
                Efficiencies Act of 2016 (40 U.S.C. 11302 note; Public 
                Law 114-210); or
                    (B) subsequent guidance issued by the Director of 
                the Office of Management and Budget pursuant to that 
                Act.

SEC. 3. SOFTWARE ENTITLEMENT AND INVENTORY INTEGRITY.

    (a) In General.--As soon as practicable, and not later than 1 year 
after the date of enactment of this Act, the Chief Information Officer 
of each agency, in consultation with the Chief Financial Officer, the 
Chief Procurement Officer, and General Counsel of the agency, or the 
equivalent officials of the agency, shall complete a comprehensive 
assessment of the software entitlements and software inventories of the 
agency, which shall include--
            (1) the current software inventory of the agency, including 
        software entitlements, contracts and other agreements or 
        arrangements of the agency, and a list of the largest software 
        entitlements of the agency separated by vendor;
            (2) a comprehensive, detailed accounting of--
                    (A) any software deployed for the agency as of the 
                date of the comprehensive assessment, including, to the 
                extent identifiable, the contracts and other agreements 
                or arrangements that the agency uses to acquire, 
                deploy, or use such software;
                    (B) information and data on software entitlements--
                            (i) for which the agency pays;
                            (ii) that are not deployed or in use by the 
                        agency; and
                            (iii) that are billed to the agency under 
                        any contract or business arrangement that 
                        creates redundancy in the deployment or use by 
                        the agency; and
                    (C) the extent--
                            (i) to which any software paid for, in use, 
                        or deployed throughout the agency is 
                        interoperable; and
                            (ii) of the efforts of the agency to 
                        improve interoperability of software assets 
                        throughout the agency enterprise;
            (3) a categorization of software licenses of the agency by 
        costs and volume;
            (4) a list of any provisions in the software licenses of 
        the agency that may restrict how the software can be deployed 
        or accessed, either on desktop or server hardware or through a 
        cloud service provider; and
            (5) an analysis addressing--
                    (A) the accuracy and completeness of the software 
                inventory and software entitlements of the agency 
                before and after the comprehensive assessment;
                    (B) management by the agency of and compliance by 
                the agency with all contracts or other agreements or 
                arrangements that include or implicate software 
                licensing or software management within the agency;
                    (C) the extent to which the agency accurately 
                captures the total costs of enterprise licenses 
                agreements and related costs; and
                    (D) compliance with software license management 
                policies of the agency.
    (b) Contract Support.--
            (1) Authority.--The head of an agency may enter into 1 or 
        more contracts to support the requirements of subsection (a).
            (2) No conflict of interest.--Contracts under paragraph (1) 
        shall not include contractors with organization conflicts of 
        interest.
            (3) Operational independence.--Over the course of a 
        comprehensive assessment, contractors hired pursuant to 
        paragraph (1) shall maintain operational independence from the 
        integration, management, and operations of the software 
        inventory and software entitlements of the agency.
    (c) Submission.--On the date on which the Chief Information 
Officer, Chief Financial Officer, Chief Procurement Officer, and 
General Counsel of an agency, or the equivalent officials of the 
agency, complete the comprehensive assessment, and not later than 1 
year after the date of enactment of this Act, the Chief Information 
Officer shall submit the comprehensive assessment to--
            (1) the head of the agency;
            (2) the Director;
            (3) the Administrator;
            (4) the Comptroller General of the United States;
            (5) the Committee on Homeland Security and Governmental 
        Affairs of the Senate; and
            (6) the Committee on Oversight and Reform of the House of 
        Representatives.
    (d) Consultation.--In order to ensure the utility and 
standardization of the comprehensive assessment of each agency, 
including to support the development of each plan and the 
governmentwide strategy described in section 5, the Director, in 
consultation with the Administrator, may share information, best 
practices, and recommendations relating to the activities performed in 
the course of a comprehensive assessment of an agency.

SEC. 4. ENTERPRISE LICENSING POSITIONING AT AGENCIES.

    (a) In General.--The Chief Information Officer of each agency, in 
consultation with the Chief Financial Officer and the Chief Procurement 
Officer of the agency, or the equivalent officials of the agency, shall 
use the information developed pursuant to the comprehensive assessment 
of the agency under section 3(a) to develop a plan for the agency to--
            (1) consolidate software licenses of the agency; and
            (2) to the greatest extent practicable, in order to improve 
        the performance of, or reduce unnecessary costs to, the agency, 
        adopt enterprise license agreements across the agency.
    (b) Plan Requirements.--The plan of an agency shall--
            (1) include a detailed strategy for--
                    (A) the remediation of any software asset 
                management deficiencies found during the comprehensive 
                assessment of the agency;
                    (B) the ongoing maintenance of software asset 
                management upon the completion of the remediation; and
                    (C) maximizing the effectiveness of software 
                deployed by the agency, including, to the extent 
                practicable, leveraging technologies that--
                            (i) provide in-depth analysis of user 
                        behaviors and collect user feedback;
                            (ii) measure actual software usage via 
                        analytics that can identify inefficiencies to 
                        assist in rationalizing software spending;
                            (iii) allow for segmentation of the user 
                        base; and
                            (iv) support effective governance and 
                        compliance in the use of software;
            (2) identify not fewer than 5 categories of software the 
        agency will prioritize for conversion to enterprise licenses as 
        the software entitlements, contracts, and other agreements or 
        arrangements for those categories come up for renewal or 
        renegotiation;
            (3) provide an estimate of the costs to move to enterprise, 
        open-source, or other licenses that do not restrict the use of 
        software by the agency, and any projected cost savings or 
        efficiency measures;
            (4) identify potential mitigations to minimize software 
        license restrictions on how such software can be deployed or 
        accessed, either on desktop or server hardware or through a 
        cloud service provider;
            (5) include any estimates for additional resources, 
        services, or support the agency may need to execute the 
        enterprise licensing position plan; and
            (6) include any additional information, data, or analysis 
        determined necessary by the Chief Information Officer, or other 
        equivalent official, of the agency.
    (c) Support.--The Chief Information Officer, or other equivalent 
official, of an agency may request support from the Director and the 
Administrator for any analysis or developmental needs to create the 
plan of the agency.
    (d) Submission.--Not later than 120 days after the date on which 
the Chief Information Officer, or other equivalent official, of an 
agency submits the comprehensive assessment pursuant to section 3(c), 
the head of the agency shall submit to the Director, the Committee on 
Homeland Security and Governmental Affairs of the Senate, and the 
Committee on Oversight and Reform of the House of Representatives the 
plan of the agency.

SEC. 5. GOVERNMENTWIDE STRATEGY.

    (a) In General.--Not later than 2 years after the date of enactment 
of this Act, the Director, in consultation with the Administrator and 
the Federal Chief Information Officers Council, shall submit to the 
Committee on Homeland Security and Governmental Affairs of the Senate 
and the Committee on Oversight and Reform of the House of 
Representatives a strategy that includes--
            (1) proposals to support the adoption of governmentwide 
        enterprise licenses on the most widely used and most costly 
        software entitlements identified through the comprehensive 
        assessment and plans, including, where appropriate, a cost-
        benefit analysis;
            (2) opportunities to leverage Government procurement 
        policies and practices to increase interoperability of software 
        entitlements acquired and deployed to reduce costs and improve 
        performance;
            (3) the incorporation of data on spending by agencies on, 
        the performance of, and management by agencies of software 
        entitlements as part of the information required under section 
        11302(c)(3)(B) of title 40, United States Code;
            (4) where applicable, directions to agencies to transition 
        to open-source software to obtain cost savings and performance 
        improvement; and
            (5) any other information or data collected or analyzed by 
        the Director.
    (b) Budget Submission.--
            (1) First budget.--With respect to the first budget of the 
        President submitted under section 1105(a) of title 31, United 
        States Code, on or after the date that is 2 years after the 
        date of enactment of this Act, the Director shall ensure that 
        the strategy required under subsection (a) of this section and 
        the plan of each agency are included in the budget 
        justification materials of each agency submitted in conjunction 
        with that budget.
            (2) Subsequent 5 budgets.--With respect to the first 5 
        budgets of the President submitted under section 1105(a) of 
        title 31, United States Code, after the budget described in 
        paragraph (1), the Director shall--
                    (A) designate performance metrics for agencies for 
                common software licensing, management, and cost 
                criteria; and
                    (B) ensure that the progress of each agency toward 
                the performance metrics is included in the budget 
                justification materials of the agency submitted in 
                conjunction with that budget.

SEC. 6. GAO REPORT.

    Not later than 3 years after the date of enactment of this Act, the 
Comptroller General of the United States shall submit to the Committee 
on Homeland Security and Governmental Affairs of the Senate and the 
Committee on Oversight and Reform of the House of Representatives a 
report on governmentwide trends, comparisons among agencies, and other 
analyses of plans and the strategy required under section 5(a) by the 
Comptroller General of the United States.
                                 <all>