[Congressional Bills 118th Congress]
[From the U.S. Government Publishing Office]
[S. 931 Introduced in Senate (IS)]

<DOC>






118th CONGRESS
  1st Session
                                 S. 931

  To improve the visibility, accountability, and oversight of agency 
      software asset management practices, and for other purposes.


_______________________________________________________________________


                   IN THE SENATE OF THE UNITED STATES

                             March 22, 2023

  Mr. Peters (for himself, Mr. Cassidy, Mr. Hagerty, Mr. Tillis, Ms. 
Ernst, Mr. Wyden, and Mr. Hickenlooper) introduced the following bill; 
which was read twice and referred to the Committee on Homeland Security 
                        and Governmental Affairs

_______________________________________________________________________

                                 A BILL


 
  To improve the visibility, accountability, and oversight of agency 
      software asset management practices, and for other purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Strengthening Agency Management and 
Oversight of Software Assets Act''.

SEC. 2. DEFINITIONS.

    In this Act:
            (1) Administrator.--The term ``Administrator'' means the 
        Administrator of General Services.
            (2) Agency.--The term ``agency'' has the meaning given that 
        term in section 3502 of title 44, United States Code.
            (3) Cloud computing.--The term ``cloud computing'' has the 
        meaning given the term in Special Publication 800-145 of the 
        National Institute of Standards and Technology, or any 
        successor document.
            (4) Cloud service provider.--The term ``cloud service 
        provider'' means an entity offering cloud computing products or 
        services to agencies.
            (5) Comprehensive assessment.--The term ``comprehensive 
        assessment'' means a comprehensive assessment conducted 
        pursuant to section 3(a).
            (6) Director.--The term ``Director'' means the Director of 
        the Office of Management and Budget.
            (7) Plan.--The term ``plan'' means the plan developed by a 
        Chief Information Officer, or equivalent official, pursuant to 
        section 4(a).
            (8) Software entitlement.--The term ``software 
        entitlement'' means any software that--
                    (A) has been purchased, leased, or licensed by or 
                billed to an agency under any contract or other 
                business arrangement; and
                    (B) is subject to use limitations.
            (9) Software inventory.--The term ``software inventory'' 
        means the software inventory of an agency required pursuant 
        to--
                    (A) section 2(b)(2)(A) of the Making Electronic 
                Government Accountable By Yielding Tangible 
                Efficiencies Act of 2016 (40 U.S.C. 11302 note; Public 
                Law 114-210); or
                    (B) subsequent guidance issued by the Director 
                pursuant to that Act.

SEC. 3. SOFTWARE ENTITLEMENT AND INVENTORY INTEGRITY.

    (a) In General.--As soon as practicable, and not later than 1 year 
after the date of enactment of this Act, the Chief Information Officer 
of each agency, in consultation with the Chief Financial Officer, the 
Chief Procurement Officer, and General Counsel of the agency, or the 
equivalent officials of the agency, shall complete a comprehensive 
assessment of the software entitlements and software inventories of the 
agency, which shall include--
            (1) the current software inventory of the agency, including 
        software entitlements, contracts and other agreements or 
        arrangements of the agency, and a list of the largest software 
        entitlements of the agency separated by vendor and category of 
        software;
            (2) a comprehensive, detailed accounting of--
                    (A) any software deployed for the agency as of the 
                date of the comprehensive assessment, including, to the 
                extent identifiable, the contracts and other agreements 
                or arrangements that the agency uses to acquire, 
                deploy, or use such software;
                    (B) information and data on software entitlements, 
                which shall include information on any additional fees 
                or costs for the use of cloud services that is not 
                included in the initial costs of the contract, 
                agreement, or arrangement--
                            (i) for which the agency pays;
                            (ii) that are not deployed or in use by the 
                        agency; and
                            (iii) that are billed to the agency under 
                        any contract or business arrangement that 
                        creates redundancy in the deployment or use by 
                        the agency; and
                    (C) the extent--
                            (i) to which any software paid for, in use, 
                        or deployed throughout the agency is 
                        interoperable; and
                            (ii) of the efforts of the agency to 
                        improve interoperability of software assets 
                        throughout the agency enterprise;
            (3) a categorization of software licenses of the agency by 
        cost, volume, and type of software;
            (4) a list of any provisions in the software licenses of 
        the agency that may restrict how the software can be deployed, 
        accessed, or used, including any such restrictions on desktop 
        or server hardware or through a cloud service provider; and
            (5) an analysis addressing--
                    (A) the accuracy and completeness of the software 
                inventory and software entitlements of the agency 
                before and after the comprehensive assessment;
                    (B) management by the agency of and compliance by 
                the agency with all contracts or other agreements or 
                arrangements that include or implicate software 
                licensing or software management within the agency;
                    (C) the extent to which the agency accurately 
                captures the total cost of enterprise licenses 
                agreements and related costs, including the total cost 
                of upgrades over the life of a contract, cloud usage 
                cost per user, and any other cost associated with the 
                maintenance or servicing of contracts; and
                    (D) compliance with software license management 
                policies of the agency.
    (b) Contract Support.--
            (1) Authority.--The head of an agency may enter into 1 or 
        more contracts to support the requirements of subsection (a).
            (2) No conflict of interest.--Contracts under paragraph (1) 
        shall not include contractors with organization conflicts of 
        interest.
            (3) Operational independence.--Over the course of a 
        comprehensive assessment, contractors hired pursuant to 
        paragraph (1) shall maintain operational independence from the 
        integration, management, and operations of the software 
        inventory and software entitlements of the agency.
    (c) Submission.--On the date on which the Chief Information 
Officer, Chief Financial Officer, Chief Procurement Officer, and 
General Counsel of an agency, or the equivalent officials of the 
agency, complete the comprehensive assessment, and not later than 1 
year after the date of enactment of this Act, the Chief Information 
Officer shall submit the comprehensive assessment to--
            (1) the head of the agency;
            (2) the Director;
            (3) the Administrator;
            (4) the Comptroller General of the United States;
            (5) the Committee on Homeland Security and Governmental 
        Affairs of the Senate; and
            (6) the Committee on Oversight and Accountability of the 
        House of Representatives.
    (d) Consultation.--In order to ensure the utility and 
standardization of the comprehensive assessment of each agency, 
including to support the development of each plan and the Government-
wide strategy described in section 5, the Director, in consultation 
with the Administrator, may share information, best practices, and 
recommendations relating to the activities performed in the course of a 
comprehensive assessment of an agency.

SEC. 4. ENTERPRISE LICENSING POSITIONING AT AGENCIES.

    (a) In General.--The Chief Information Officer of each agency, in 
consultation with the Chief Financial Officer and the Chief Procurement 
Officer of the agency, or the equivalent officials of the agency, shall 
use the information developed pursuant to the comprehensive assessment 
of the agency to develop a plan for the agency--
            (1) to consolidate software licenses of the agency; and
            (2) to the greatest extent practicable, in order to improve 
        the performance of, and reduce unnecessary costs to, the 
        agency, to adopt enterprise license agreements across the 
        agency, by type or category of software.
    (b) Plan Requirements.--The plan of an agency shall--
            (1) include a detailed strategy for--
                    (A) the remediation of any software asset 
                management deficiencies found during the comprehensive 
                assessment of the agency;
                    (B) the ongoing maintenance of software asset 
                management upon the completion of the remediation; and
                    (C) maximizing the effectiveness of software 
                deployed by the agency, including, to the extent 
                practicable, leveraging technologies that--
                            (i) provide in-depth analysis of user 
                        behaviors and collect user feedback;
                            (ii) measure actual software usage via 
                        analytics that can identify inefficiencies to 
                        assist in rationalizing software spending;
                            (iii) allow for segmentation of the user 
                        base;
                            (iv) support effective governance and 
                        compliance in the use of software; and
                            (v) support interoperable capabilities 
                        between software;
            (2) identify not fewer than 5 categories of software the 
        agency will prioritize for conversion to enterprise licenses as 
        the software entitlements, contracts, and other agreements or 
        arrangements for those categories come up for renewal or 
        renegotiation;
            (3) provide an estimate of the costs to move to enterprise, 
        open-source, or other licenses that do not restrict the use of 
        software by the agency, and the projected cost savings, 
        efficiency measures, and improvements to agency performance 
        throughout the total software lifecycle;
            (4) identify potential mitigations to minimize software 
        license restrictions on how such software can be deployed, 
        accessed, or used, including any mitigations that would 
        minimize any such restrictions on desktop or server hardware or 
        through a cloud service provider;
            (5) ensure that the purchase by the agency of any 
        enterprise license or other software is based on publicly 
        available criteria that are not unduly structured to favor any 
        specific vendor;
            (6) include any estimates for additional resources, 
        services, or support the agency may need to execute the 
        enterprise licensing position plan;
            (7) provide information on the prevalence of software 
        products in use across multiple software categories; and
            (8) include any additional information, data, or analysis 
        determined necessary by the Chief Information Officer, or other 
        equivalent official, of the agency.
    (c) Consultation and Coordination.--The Director, in coordination 
with the Chief Information Officers Council, the Chief Acquisition 
Officers Council, the Administrator, and other government and industry 
representatives identified by the Director, may establish processes to 
identify, define, and harmonize common definitions, terms and 
conditions, and other information and criteria to support agency heads 
in developing and implementing the plans required by this section.
    (d) Support.--The Chief Information Officer, or other equivalent 
official, of an agency may request support from the Director and the 
Administrator for any analysis or developmental needs to create the 
plan of the agency.
    (e) Submission.--Not later than 120 days after the date on which 
the Chief Information Officer, or other equivalent official, of an 
agency submits the comprehensive assessment pursuant to section 3(c), 
the head of the agency shall submit to the Director, the Committee on 
Homeland Security and Governmental Affairs of the Senate, and the 
Committee on Oversight and Accountability of the House of 
Representatives the plan of the agency.

SEC. 5. GOVERNMENT-WIDE STRATEGY.

    (a) In General.--Not later than 2 years after the date of enactment 
of this Act, the Director, in consultation with the Administrator and 
the Federal Chief Information Officers Council, shall submit to the 
Committee on Homeland Security and Governmental Affairs of the Senate 
and the Committee on Oversight and Accountability of the House of 
Representatives a strategy that includes--
            (1) proposals to support the adoption of Government-wide 
        enterprise licenses for software entitlements identified 
        through the comprehensive assessments and plans, including, 
        where appropriate, a cost-benefit analysis;
            (2) opportunities to leverage Government procurement 
        policies and practices to increase interoperability of software 
        entitlements acquired and deployed to reduce costs and improve 
        performance;
            (3) the incorporation of data on spending by agencies on, 
        the performance of, and management by agencies of software 
        entitlements as part of the information required under section 
        11302(c)(3)(B) of title 40, United States Code;
            (4) where applicable, directions to agencies to examine 
        options and relevant criteria for transitioning to open-source 
        software; and
            (5) any other information or data collected or analyzed by 
        the Director.
    (b) Budget Submission.--
            (1) First budget.--With respect to the first budget of the 
        President submitted under section 1105(a) of title 31, United 
        States Code, on or after the date that is 2 years after the 
        date of enactment of this Act, the Director shall ensure that 
        the strategy required under subsection (a) of this section and 
        the plan of each agency are included in the budget 
        justification materials of each agency submitted in conjunction 
        with that budget.
            (2) Subsequent 5 budgets.--With respect to the first 5 
        budgets of the President submitted under section 1105(a) of 
        title 31, United States Code, after the budget described in 
        paragraph (1), the Director shall--
                    (A) designate performance metrics for agencies for 
                common software licensing, management, and cost 
                criteria; and
                    (B) ensure that the progress of each agency toward 
                the performance metrics is included in the budget 
                justification materials of the agency submitted in 
                conjunction with that budget.

SEC. 6. GAO REPORT.

    Not later than 3 years after the date of enactment of this Act, the 
Comptroller General of the United States shall submit to the Committee 
on Homeland Security and Governmental Affairs of the Senate and the 
Committee on Oversight and Accountability of the House of 
Representatives a report on Government-wide trends, comparisons among 
agencies, and other analyses of plans and the strategy required under 
section 5(a) by the Comptroller General of the United States.
                                 <all>