[Congressional Bills 118th Congress]
[From the U.S. Government Publishing Office]
[S. 931 Introduced in Senate (IS)]
<DOC>
118th CONGRESS
1st Session
S. 931
To improve the visibility, accountability, and oversight of agency
software asset management practices, and for other purposes.
_______________________________________________________________________
IN THE SENATE OF THE UNITED STATES
March 22, 2023
Mr. Peters (for himself, Mr. Cassidy, Mr. Hagerty, Mr. Tillis, Ms.
Ernst, Mr. Wyden, and Mr. Hickenlooper) introduced the following bill;
which was read twice and referred to the Committee on Homeland Security
and Governmental Affairs
_______________________________________________________________________
A BILL
To improve the visibility, accountability, and oversight of agency
software asset management practices, and for other purposes.
Be it enacted by the Senate and House of Representatives of the
United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Strengthening Agency Management and
Oversight of Software Assets Act''.
SEC. 2. DEFINITIONS.
In this Act:
(1) Administrator.--The term ``Administrator'' means the
Administrator of General Services.
(2) Agency.--The term ``agency'' has the meaning given that
term in section 3502 of title 44, United States Code.
(3) Cloud computing.--The term ``cloud computing'' has the
meaning given the term in Special Publication 800-145 of the
National Institute of Standards and Technology, or any
successor document.
(4) Cloud service provider.--The term ``cloud service
provider'' means an entity offering cloud computing products or
services to agencies.
(5) Comprehensive assessment.--The term ``comprehensive
assessment'' means a comprehensive assessment conducted
pursuant to section 3(a).
(6) Director.--The term ``Director'' means the Director of
the Office of Management and Budget.
(7) Plan.--The term ``plan'' means the plan developed by a
Chief Information Officer, or equivalent official, pursuant to
section 4(a).
(8) Software entitlement.--The term ``software
entitlement'' means any software that--
(A) has been purchased, leased, or licensed by or
billed to an agency under any contract or other
business arrangement; and
(B) is subject to use limitations.
(9) Software inventory.--The term ``software inventory''
means the software inventory of an agency required pursuant
to--
(A) section 2(b)(2)(A) of the Making Electronic
Government Accountable By Yielding Tangible
Efficiencies Act of 2016 (40 U.S.C. 11302 note; Public
Law 114-210); or
(B) subsequent guidance issued by the Director
pursuant to that Act.
SEC. 3. SOFTWARE ENTITLEMENT AND INVENTORY INTEGRITY.
(a) In General.--As soon as practicable, and not later than 1 year
after the date of enactment of this Act, the Chief Information Officer
of each agency, in consultation with the Chief Financial Officer, the
Chief Procurement Officer, and General Counsel of the agency, or the
equivalent officials of the agency, shall complete a comprehensive
assessment of the software entitlements and software inventories of the
agency, which shall include--
(1) the current software inventory of the agency, including
software entitlements, contracts and other agreements or
arrangements of the agency, and a list of the largest software
entitlements of the agency separated by vendor and category of
software;
(2) a comprehensive, detailed accounting of--
(A) any software deployed for the agency as of the
date of the comprehensive assessment, including, to the
extent identifiable, the contracts and other agreements
or arrangements that the agency uses to acquire,
deploy, or use such software;
(B) information and data on software entitlements,
which shall include information on any additional fees
or costs for the use of cloud services that is not
included in the initial costs of the contract,
agreement, or arrangement--
(i) for which the agency pays;
(ii) that are not deployed or in use by the
agency; and
(iii) that are billed to the agency under
any contract or business arrangement that
creates redundancy in the deployment or use by
the agency; and
(C) the extent--
(i) to which any software paid for, in use,
or deployed throughout the agency is
interoperable; and
(ii) of the efforts of the agency to
improve interoperability of software assets
throughout the agency enterprise;
(3) a categorization of software licenses of the agency by
cost, volume, and type of software;
(4) a list of any provisions in the software licenses of
the agency that may restrict how the software can be deployed,
accessed, or used, including any such restrictions on desktop
or server hardware or through a cloud service provider; and
(5) an analysis addressing--
(A) the accuracy and completeness of the software
inventory and software entitlements of the agency
before and after the comprehensive assessment;
(B) management by the agency of and compliance by
the agency with all contracts or other agreements or
arrangements that include or implicate software
licensing or software management within the agency;
(C) the extent to which the agency accurately
captures the total cost of enterprise licenses
agreements and related costs, including the total cost
of upgrades over the life of a contract, cloud usage
cost per user, and any other cost associated with the
maintenance or servicing of contracts; and
(D) compliance with software license management
policies of the agency.
(b) Contract Support.--
(1) Authority.--The head of an agency may enter into 1 or
more contracts to support the requirements of subsection (a).
(2) No conflict of interest.--Contracts under paragraph (1)
shall not include contractors with organization conflicts of
interest.
(3) Operational independence.--Over the course of a
comprehensive assessment, contractors hired pursuant to
paragraph (1) shall maintain operational independence from the
integration, management, and operations of the software
inventory and software entitlements of the agency.
(c) Submission.--On the date on which the Chief Information
Officer, Chief Financial Officer, Chief Procurement Officer, and
General Counsel of an agency, or the equivalent officials of the
agency, complete the comprehensive assessment, and not later than 1
year after the date of enactment of this Act, the Chief Information
Officer shall submit the comprehensive assessment to--
(1) the head of the agency;
(2) the Director;
(3) the Administrator;
(4) the Comptroller General of the United States;
(5) the Committee on Homeland Security and Governmental
Affairs of the Senate; and
(6) the Committee on Oversight and Accountability of the
House of Representatives.
(d) Consultation.--In order to ensure the utility and
standardization of the comprehensive assessment of each agency,
including to support the development of each plan and the Government-
wide strategy described in section 5, the Director, in consultation
with the Administrator, may share information, best practices, and
recommendations relating to the activities performed in the course of a
comprehensive assessment of an agency.
SEC. 4. ENTERPRISE LICENSING POSITIONING AT AGENCIES.
(a) In General.--The Chief Information Officer of each agency, in
consultation with the Chief Financial Officer and the Chief Procurement
Officer of the agency, or the equivalent officials of the agency, shall
use the information developed pursuant to the comprehensive assessment
of the agency to develop a plan for the agency--
(1) to consolidate software licenses of the agency; and
(2) to the greatest extent practicable, in order to improve
the performance of, and reduce unnecessary costs to, the
agency, to adopt enterprise license agreements across the
agency, by type or category of software.
(b) Plan Requirements.--The plan of an agency shall--
(1) include a detailed strategy for--
(A) the remediation of any software asset
management deficiencies found during the comprehensive
assessment of the agency;
(B) the ongoing maintenance of software asset
management upon the completion of the remediation; and
(C) maximizing the effectiveness of software
deployed by the agency, including, to the extent
practicable, leveraging technologies that--
(i) provide in-depth analysis of user
behaviors and collect user feedback;
(ii) measure actual software usage via
analytics that can identify inefficiencies to
assist in rationalizing software spending;
(iii) allow for segmentation of the user
base;
(iv) support effective governance and
compliance in the use of software; and
(v) support interoperable capabilities
between software;
(2) identify not fewer than 5 categories of software the
agency will prioritize for conversion to enterprise licenses as
the software entitlements, contracts, and other agreements or
arrangements for those categories come up for renewal or
renegotiation;
(3) provide an estimate of the costs to move to enterprise,
open-source, or other licenses that do not restrict the use of
software by the agency, and the projected cost savings,
efficiency measures, and improvements to agency performance
throughout the total software lifecycle;
(4) identify potential mitigations to minimize software
license restrictions on how such software can be deployed,
accessed, or used, including any mitigations that would
minimize any such restrictions on desktop or server hardware or
through a cloud service provider;
(5) ensure that the purchase by the agency of any
enterprise license or other software is based on publicly
available criteria that are not unduly structured to favor any
specific vendor;
(6) include any estimates for additional resources,
services, or support the agency may need to execute the
enterprise licensing position plan;
(7) provide information on the prevalence of software
products in use across multiple software categories; and
(8) include any additional information, data, or analysis
determined necessary by the Chief Information Officer, or other
equivalent official, of the agency.
(c) Consultation and Coordination.--The Director, in coordination
with the Chief Information Officers Council, the Chief Acquisition
Officers Council, the Administrator, and other government and industry
representatives identified by the Director, may establish processes to
identify, define, and harmonize common definitions, terms and
conditions, and other information and criteria to support agency heads
in developing and implementing the plans required by this section.
(d) Support.--The Chief Information Officer, or other equivalent
official, of an agency may request support from the Director and the
Administrator for any analysis or developmental needs to create the
plan of the agency.
(e) Submission.--Not later than 120 days after the date on which
the Chief Information Officer, or other equivalent official, of an
agency submits the comprehensive assessment pursuant to section 3(c),
the head of the agency shall submit to the Director, the Committee on
Homeland Security and Governmental Affairs of the Senate, and the
Committee on Oversight and Accountability of the House of
Representatives the plan of the agency.
SEC. 5. GOVERNMENT-WIDE STRATEGY.
(a) In General.--Not later than 2 years after the date of enactment
of this Act, the Director, in consultation with the Administrator and
the Federal Chief Information Officers Council, shall submit to the
Committee on Homeland Security and Governmental Affairs of the Senate
and the Committee on Oversight and Accountability of the House of
Representatives a strategy that includes--
(1) proposals to support the adoption of Government-wide
enterprise licenses for software entitlements identified
through the comprehensive assessments and plans, including,
where appropriate, a cost-benefit analysis;
(2) opportunities to leverage Government procurement
policies and practices to increase interoperability of software
entitlements acquired and deployed to reduce costs and improve
performance;
(3) the incorporation of data on spending by agencies on,
the performance of, and management by agencies of software
entitlements as part of the information required under section
11302(c)(3)(B) of title 40, United States Code;
(4) where applicable, directions to agencies to examine
options and relevant criteria for transitioning to open-source
software; and
(5) any other information or data collected or analyzed by
the Director.
(b) Budget Submission.--
(1) First budget.--With respect to the first budget of the
President submitted under section 1105(a) of title 31, United
States Code, on or after the date that is 2 years after the
date of enactment of this Act, the Director shall ensure that
the strategy required under subsection (a) of this section and
the plan of each agency are included in the budget
justification materials of each agency submitted in conjunction
with that budget.
(2) Subsequent 5 budgets.--With respect to the first 5
budgets of the President submitted under section 1105(a) of
title 31, United States Code, after the budget described in
paragraph (1), the Director shall--
(A) designate performance metrics for agencies for
common software licensing, management, and cost
criteria; and
(B) ensure that the progress of each agency toward
the performance metrics is included in the budget
justification materials of the agency submitted in
conjunction with that budget.
SEC. 6. GAO REPORT.
Not later than 3 years after the date of enactment of this Act, the
Comptroller General of the United States shall submit to the Committee
on Homeland Security and Governmental Affairs of the Senate and the
Committee on Oversight and Accountability of the House of
Representatives a report on Government-wide trends, comparisons among
agencies, and other analyses of plans and the strategy required under
section 5(a) by the Comptroller General of the United States.
<all>