[Congressional Bills 118th Congress]
[From the U.S. Government Publishing Office]
[S. 931 Reported in Senate (RS)]

<DOC>





                                                       Calendar No. 156
118th CONGRESS
  1st Session
                                 S. 931

                          [Report No. 118-73]

  To improve the visibility, accountability, and oversight of agency 
      software asset management practices, and for other purposes.


_______________________________________________________________________


                   IN THE SENATE OF THE UNITED STATES

                             March 22, 2023

  Mr. Peters (for himself, Mr. Cassidy, Mr. Hagerty, Mr. Tillis, Ms. 
Ernst, Mr. Wyden, and Mr. Hickenlooper) introduced the following bill; 
which was read twice and referred to the Committee on Homeland Security 
                        and Governmental Affairs

                             July 25, 2023

               Reported by Mr. Peters, with an amendment
 [Strike out all after the enacting clause and insert the part printed 
                               in italic]

_______________________________________________________________________

                                 A BILL


 
  To improve the visibility, accountability, and oversight of agency 
      software asset management practices, and for other purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

<DELETED>SECTION 1. SHORT TITLE.</DELETED>

<DELETED>    This Act may be cited as the ``Strengthening Agency 
Management and Oversight of Software Assets Act''.</DELETED>

<DELETED>SEC. 2. DEFINITIONS.</DELETED>

<DELETED>    In this Act:</DELETED>
        <DELETED>    (1) Administrator.--The term ``Administrator'' 
        means the Administrator of General Services.</DELETED>
        <DELETED>    (2) Agency.--The term ``agency'' has the meaning 
        given that term in section 3502 of title 44, United States 
        Code.</DELETED>
        <DELETED>    (3) Cloud computing.--The term ``cloud computing'' 
        has the meaning given the term in Special Publication 800-145 
        of the National Institute of Standards and Technology, or any 
        successor document.</DELETED>
        <DELETED>    (4) Cloud service provider.--The term ``cloud 
        service provider'' means an entity offering cloud computing 
        products or services to agencies.</DELETED>
        <DELETED>    (5) Comprehensive assessment.--The term 
        ``comprehensive assessment'' means a comprehensive assessment 
        conducted pursuant to section 3(a).</DELETED>
        <DELETED>    (6) Director.--The term ``Director'' means the 
        Director of the Office of Management and Budget.</DELETED>
        <DELETED>    (7) Plan.--The term ``plan'' means the plan 
        developed by a Chief Information Officer, or equivalent 
        official, pursuant to section 4(a).</DELETED>
        <DELETED>    (8) Software entitlement.--The term ``software 
        entitlement'' means any software that--</DELETED>
                <DELETED>    (A) has been purchased, leased, or 
                licensed by or billed to an agency under any contract 
                or other business arrangement; and</DELETED>
                <DELETED>    (B) is subject to use 
                limitations.</DELETED>
        <DELETED>    (9) Software inventory.--The term ``software 
        inventory'' means the software inventory of an agency required 
        pursuant to--</DELETED>
                <DELETED>    (A) section 2(b)(2)(A) of the Making 
                Electronic Government Accountable By Yielding Tangible 
                Efficiencies Act of 2016 (40 U.S.C. 11302 note; Public 
                Law 114-210); or</DELETED>
                <DELETED>    (B) subsequent guidance issued by the 
                Director pursuant to that Act.</DELETED>

<DELETED>SEC. 3. SOFTWARE ENTITLEMENT AND INVENTORY 
              INTEGRITY.</DELETED>

<DELETED>    (a) In General.--As soon as practicable, and not later 
than 1 year after the date of enactment of this Act, the Chief 
Information Officer of each agency, in consultation with the Chief 
Financial Officer, the Chief Procurement Officer, and General Counsel 
of the agency, or the equivalent officials of the agency, shall 
complete a comprehensive assessment of the software entitlements and 
software inventories of the agency, which shall include--</DELETED>
        <DELETED>    (1) the current software inventory of the agency, 
        including software entitlements, contracts and other agreements 
        or arrangements of the agency, and a list of the largest 
        software entitlements of the agency separated by vendor and 
        category of software;</DELETED>
        <DELETED>    (2) a comprehensive, detailed accounting of--
        </DELETED>
                <DELETED>    (A) any software deployed for the agency 
                as of the date of the comprehensive assessment, 
                including, to the extent identifiable, the contracts 
                and other agreements or arrangements that the agency 
                uses to acquire, deploy, or use such 
                software;</DELETED>
                <DELETED>    (B) information and data on software 
                entitlements, which shall include information on any 
                additional fees or costs for the use of cloud services 
                that is not included in the initial costs of the 
                contract, agreement, or arrangement--</DELETED>
                        <DELETED>    (i) for which the agency 
                        pays;</DELETED>
                        <DELETED>    (ii) that are not deployed or in 
                        use by the agency; and</DELETED>
                        <DELETED>    (iii) that are billed to the 
                        agency under any contract or business 
                        arrangement that creates redundancy in the 
                        deployment or use by the agency; and</DELETED>
                <DELETED>    (C) the extent--</DELETED>
                        <DELETED>    (i) to which any software paid 
                        for, in use, or deployed throughout the agency 
                        is interoperable; and</DELETED>
                        <DELETED>    (ii) of the efforts of the agency 
                        to improve interoperability of software assets 
                        throughout the agency enterprise;</DELETED>
        <DELETED>    (3) a categorization of software licenses of the 
        agency by cost, volume, and type of software;</DELETED>
        <DELETED>    (4) a list of any provisions in the software 
        licenses of the agency that may restrict how the software can 
        be deployed, accessed, or used, including any such restrictions 
        on desktop or server hardware or through a cloud service 
        provider; and</DELETED>
        <DELETED>    (5) an analysis addressing--</DELETED>
                <DELETED>    (A) the accuracy and completeness of the 
                software inventory and software entitlements of the 
                agency before and after the comprehensive 
                assessment;</DELETED>
                <DELETED>    (B) management by the agency of and 
                compliance by the agency with all contracts or other 
                agreements or arrangements that include or implicate 
                software licensing or software management within the 
                agency;</DELETED>
                <DELETED>    (C) the extent to which the agency 
                accurately captures the total cost of enterprise 
                licenses agreements and related costs, including the 
                total cost of upgrades over the life of a contract, 
                cloud usage cost per user, and any other cost 
                associated with the maintenance or servicing of 
                contracts; and</DELETED>
                <DELETED>    (D) compliance with software license 
                management policies of the agency.</DELETED>
<DELETED>    (b) Contract Support.--</DELETED>
        <DELETED>    (1) Authority.--The head of an agency may enter 
        into 1 or more contracts to support the requirements of 
        subsection (a).</DELETED>
        <DELETED>    (2) No conflict of interest.--Contracts under 
        paragraph (1) shall not include contractors with organization 
        conflicts of interest.</DELETED>
        <DELETED>    (3) Operational independence.--Over the course of 
        a comprehensive assessment, contractors hired pursuant to 
        paragraph (1) shall maintain operational independence from the 
        integration, management, and operations of the software 
        inventory and software entitlements of the agency.</DELETED>
<DELETED>    (c) Submission.--On the date on which the Chief 
Information Officer, Chief Financial Officer, Chief Procurement 
Officer, and General Counsel of an agency, or the equivalent officials 
of the agency, complete the comprehensive assessment, and not later 
than 1 year after the date of enactment of this Act, the Chief 
Information Officer shall submit the comprehensive assessment to--
</DELETED>
        <DELETED>    (1) the head of the agency;</DELETED>
        <DELETED>    (2) the Director;</DELETED>
        <DELETED>    (3) the Administrator;</DELETED>
        <DELETED>    (4) the Comptroller General of the United 
        States;</DELETED>
        <DELETED>    (5) the Committee on Homeland Security and 
        Governmental Affairs of the Senate; and</DELETED>
        <DELETED>    (6) the Committee on Oversight and Accountability 
        of the House of Representatives.</DELETED>
<DELETED>    (d) Consultation.--In order to ensure the utility and 
standardization of the comprehensive assessment of each agency, 
including to support the development of each plan and the Government-
wide strategy described in section 5, the Director, in consultation 
with the Administrator, may share information, best practices, and 
recommendations relating to the activities performed in the course of a 
comprehensive assessment of an agency.</DELETED>

<DELETED>SEC. 4. ENTERPRISE LICENSING POSITIONING AT 
              AGENCIES.</DELETED>

<DELETED>    (a) In General.--The Chief Information Officer of each 
agency, in consultation with the Chief Financial Officer and the Chief 
Procurement Officer of the agency, or the equivalent officials of the 
agency, shall use the information developed pursuant to the 
comprehensive assessment of the agency to develop a plan for the 
agency--</DELETED>
        <DELETED>    (1) to consolidate software licenses of the 
        agency; and</DELETED>
        <DELETED>    (2) to the greatest extent practicable, in order 
        to improve the performance of, and reduce unnecessary costs to, 
        the agency, to adopt enterprise license agreements across the 
        agency, by type or category of software.</DELETED>
<DELETED>    (b) Plan Requirements.--The plan of an agency shall--
</DELETED>
        <DELETED>    (1) include a detailed strategy for--</DELETED>
                <DELETED>    (A) the remediation of any software asset 
                management deficiencies found during the comprehensive 
                assessment of the agency;</DELETED>
                <DELETED>    (B) the ongoing maintenance of software 
                asset management upon the completion of the 
                remediation; and</DELETED>
                <DELETED>    (C) maximizing the effectiveness of 
                software deployed by the agency, including, to the 
                extent practicable, leveraging technologies that--
                </DELETED>
                        <DELETED>    (i) provide in-depth analysis of 
                        user behaviors and collect user 
                        feedback;</DELETED>
                        <DELETED>    (ii) measure actual software usage 
                        via analytics that can identify inefficiencies 
                        to assist in rationalizing software 
                        spending;</DELETED>
                        <DELETED>    (iii) allow for segmentation of 
                        the user base;</DELETED>
                        <DELETED>    (iv) support effective governance 
                        and compliance in the use of software; 
                        and</DELETED>
                        <DELETED>    (v) support interoperable 
                        capabilities between software;</DELETED>
        <DELETED>    (2) identify not fewer than 5 categories of 
        software the agency will prioritize for conversion to 
        enterprise licenses as the software entitlements, contracts, 
        and other agreements or arrangements for those categories come 
        up for renewal or renegotiation;</DELETED>
        <DELETED>    (3) provide an estimate of the costs to move to 
        enterprise, open-source, or other licenses that do not restrict 
        the use of software by the agency, and the projected cost 
        savings, efficiency measures, and improvements to agency 
        performance throughout the total software lifecycle;</DELETED>
        <DELETED>    (4) identify potential mitigations to minimize 
        software license restrictions on how such software can be 
        deployed, accessed, or used, including any mitigations that 
        would minimize any such restrictions on desktop or server 
        hardware or through a cloud service provider;</DELETED>
        <DELETED>    (5) ensure that the purchase by the agency of any 
        enterprise license or other software is based on publicly 
        available criteria that are not unduly structured to favor any 
        specific vendor;</DELETED>
        <DELETED>    (6) include any estimates for additional 
        resources, services, or support the agency may need to execute 
        the enterprise licensing position plan;</DELETED>
        <DELETED>    (7) provide information on the prevalence of 
        software products in use across multiple software categories; 
        and</DELETED>
        <DELETED>    (8) include any additional information, data, or 
        analysis determined necessary by the Chief Information Officer, 
        or other equivalent official, of the agency.</DELETED>
<DELETED>    (c) Consultation and Coordination.--The Director, in 
coordination with the Chief Information Officers Council, the Chief 
Acquisition Officers Council, the Administrator, and other government 
and industry representatives identified by the Director, may establish 
processes to identify, define, and harmonize common definitions, terms 
and conditions, and other information and criteria to support agency 
heads in developing and implementing the plans required by this 
section.</DELETED>
<DELETED>    (d) Support.--The Chief Information Officer, or other 
equivalent official, of an agency may request support from the Director 
and the Administrator for any analysis or developmental needs to create 
the plan of the agency.</DELETED>
<DELETED>    (e) Submission.--Not later than 120 days after the date on 
which the Chief Information Officer, or other equivalent official, of 
an agency submits the comprehensive assessment pursuant to section 
3(c), the head of the agency shall submit to the Director, the 
Committee on Homeland Security and Governmental Affairs of the Senate, 
and the Committee on Oversight and Accountability of the House of 
Representatives the plan of the agency.</DELETED>

<DELETED>SEC. 5. GOVERNMENT-WIDE STRATEGY.</DELETED>

<DELETED>    (a) In General.--Not later than 2 years after the date of 
enactment of this Act, the Director, in consultation with the 
Administrator and the Federal Chief Information Officers Council, shall 
submit to the Committee on Homeland Security and Governmental Affairs 
of the Senate and the Committee on Oversight and Accountability of the 
House of Representatives a strategy that includes--</DELETED>
        <DELETED>    (1) proposals to support the adoption of 
        Government-wide enterprise licenses for software entitlements 
        identified through the comprehensive assessments and plans, 
        including, where appropriate, a cost-benefit 
        analysis;</DELETED>
        <DELETED>    (2) opportunities to leverage Government 
        procurement policies and practices to increase interoperability 
        of software entitlements acquired and deployed to reduce costs 
        and improve performance;</DELETED>
        <DELETED>    (3) the incorporation of data on spending by 
        agencies on, the performance of, and management by agencies of 
        software entitlements as part of the information required under 
        section 11302(c)(3)(B) of title 40, United States 
        Code;</DELETED>
        <DELETED>    (4) where applicable, directions to agencies to 
        examine options and relevant criteria for transitioning to 
        open-source software; and</DELETED>
        <DELETED>    (5) any other information or data collected or 
        analyzed by the Director.</DELETED>
<DELETED>    (b) Budget Submission.--</DELETED>
        <DELETED>    (1) First budget.--With respect to the first 
        budget of the President submitted under section 1105(a) of 
        title 31, United States Code, on or after the date that is 2 
        years after the date of enactment of this Act, the Director 
        shall ensure that the strategy required under subsection (a) of 
        this section and the plan of each agency are included in the 
        budget justification materials of each agency submitted in 
        conjunction with that budget.</DELETED>
        <DELETED>    (2) Subsequent 5 budgets.--With respect to the 
        first 5 budgets of the President submitted under section 
        1105(a) of title 31, United States Code, after the budget 
        described in paragraph (1), the Director shall--</DELETED>
                <DELETED>    (A) designate performance metrics for 
                agencies for common software licensing, management, and 
                cost criteria; and</DELETED>
                <DELETED>    (B) ensure that the progress of each 
                agency toward the performance metrics is included in 
                the budget justification materials of the agency 
                submitted in conjunction with that budget.</DELETED>

<DELETED>SEC. 6. GAO REPORT.</DELETED>

<DELETED>    Not later than 3 years after the date of enactment of this 
Act, the Comptroller General of the United States shall submit to the 
Committee on Homeland Security and Governmental Affairs of the Senate 
and the Committee on Oversight and Accountability of the House of 
Representatives a report on Government-wide trends, comparisons among 
agencies, and other analyses of plans and the strategy required under 
section 5(a) by the Comptroller General of the United States.</DELETED>

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Strengthening Agency Management and 
Oversight of Software Assets Act''.

SEC. 2. DEFINITIONS.

    In this Act:
            (1) Administrator.--The term ``Administrator'' means the 
        Administrator of General Services.
            (2) Agency.--The term ``agency'' has the meaning given that 
        term in section 3502 of title 44, United States Code.
            (3) Cloud computing.--The term ``cloud computing'' has the 
        meaning given the term in Special Publication 800-145 of the 
        National Institute of Standards and Technology, or any 
        successor document.
            (4) Cloud service provider.--The term ``cloud service 
        provider'' has the meaning given the term in section 3607(b) of 
        title 44, United States Code.
            (5) Comprehensive assessment.--The term ``comprehensive 
        assessment'' means a comprehensive assessment conducted 
        pursuant to section 3(a).
            (6) Director.--The term ``Director'' means the Director of 
        the Office of Management and Budget.
            (7) Plan.--The term ``plan'' means the plan developed by a 
        Chief Information Officer, or equivalent official, pursuant to 
        section 4(a).
            (8) Software entitlement.--The term ``software 
        entitlement'' means any software that--
                    (A) has been purchased, leased, or licensed by or 
                billed to an agency under any contract or other 
                business arrangement; and
                    (B) is subject to use limitations.
            (9) Software inventory.--The term ``software inventory'' 
        means the software inventory of an agency required pursuant 
        to--
                    (A) section 2(b)(2)(A) of the Making Electronic 
                Government Accountable By Yielding Tangible 
                Efficiencies Act of 2016 (40 U.S.C. 11302 note; Public 
                Law 114-210); or
                    (B) subsequent guidance issued by the Director 
                pursuant to that Act.

SEC. 3. SOFTWARE INVENTORY UPDATE AND EXPANSION.

    (a) In General.--As soon as practicable, and not later than 18 
months after the date of enactment of this Act, the Chief Information 
Officer of each agency, in consultation with the Chief Financial 
Officer, the Chief Acquisition Officer, the Chief Data Officer, and 
General Counsel of the agency, or the equivalent officials of the 
agency, shall complete a comprehensive assessment of the software paid 
for by, in use at, or deployed throughout the agency, which shall 
include--
            (1) the current software inventory of the agency, including 
        software entitlements, contracts and other agreements or 
        arrangements of the agency, and a list of the largest software 
        entitlements of the agency separated by provider and category 
        of software;
            (2) a comprehensive, detailed accounting of--
                    (A) any software used by or deployed within the 
                agency, including software developed or built by the 
                agency, or by another agency for use by the agency, 
                including shared services, as of the date of the 
                comprehensive assessment, including, to the extent 
                identifiable, the contracts and other agreements or 
                arrangements used by the agency to acquire, build, 
                deploy, or use such software;
                    (B) information and data on software entitlements, 
                which shall include information on any additional fees 
                or costs, including fees or costs for the use of cloud 
                services, that are not included in the initial costs of 
                the contract, agreement, or arrangement--
                            (i) for which the agency pays;
                            (ii) that are not deployed or in use by the 
                        agency; and
                            (iii) that are billed to the agency under 
                        any contract or business arrangement that 
                        creates duplication, or are otherwise 
                        determined to be unnecessary by the Chief 
                        Information Officer of the agency, or the 
                        equivalent official, in the deployment or use 
                        by the agency; and
                    (C) the extent--
                            (i) to which any software paid for, in use, 
                        or deployed throughout the agency is 
                        interoperable; and
                            (ii) of the efforts of the agency to 
                        improve interoperability of software assets 
                        throughout the agency enterprise;
            (3) a categorization of software entitlements of the agency 
        by cost, volume, and type of software;
            (4) a list of any provisions in the software entitlements 
        of the agency that may restrict how the software can be 
        deployed, accessed, or used, including any such restrictions on 
        desktop or server hardware, through a cloud service provider, 
        or on data ownership or access; and
            (5) an analysis addressing--
                    (A) the accuracy and completeness of the 
                comprehensive assessment;
                    (B) agency management of and compliance with all 
                contracts or other agreements or arrangements that 
                include or reference software entitlements or software 
                management within the agency;
                    (C) the extent to which the agency accurately 
                captures the total cost of software entitlements and 
                related costs, including the total cost of upgrades 
                over the life of a contract, cloud usage costs, and any 
                other cost associated with the maintenance or servicing 
                of contracts; and
                    (D) compliance with software license management 
                policies of the agency.
    (b) Contract Support.--
            (1) Authority.--The head of an agency may enter into 1 or 
        more contracts to support the requirements of subsection (a).
            (2) No conflict of interest.--Contracts under paragraph (1) 
        shall not include contractors with organizational conflicts of 
        interest, within the meaning given that term under subpart 9.5 
        of the Federal Acquisition Regulation.
            (3) Operational independence.--Over the course of a 
        comprehensive assessment, contractors hired pursuant to 
        paragraph (1) shall maintain operational independence from the 
        integration, management, and operations of the software 
        inventory and software entitlements of the agency.
    (c) Submission.--On the date on which the Chief Information 
Officer, Chief Financial Officer, Chief Acquisition Officer, the Chief 
Data Officer, and General Counsel of an agency, or the equivalent 
officials of the agency, complete the comprehensive assessment, the 
Chief Information Officer shall submit the comprehensive assessment to 
the head of the agency.
    (d) Subsequent Submission.--Not later than 30 days after the date 
on which the head of an agency receives the comprehensive assessment 
under subsection (c), the head of the agency shall submit the 
comprehensive assessment to--
            (1) the Director;
            (2) the Administrator;
            (3) the Comptroller General of the United States;
            (4) the Committee on Homeland Security and Governmental 
        Affairs of the Senate; and
            (5) the Committee on Oversight and Accountability of the 
        House of Representatives.
    (e) Consultation.--In order to ensure the utility and 
standardization of the comprehensive assessment of each agency, 
including to support the development of each plan and the report 
required under section 4(e)(2), the Director, in consultation with the 
Administrator, shall share information, best practices, and 
recommendations relating to the activities performed in the course of a 
comprehensive assessment of an agency.

SEC. 4. SOFTWARE MODERNIZATION PLANNING AT AGENCIES.

    (a) In General.--The Chief Information Officer of each agency, in 
consultation with the Chief Financial Officer, the Chief Acquisition 
Officer, the Chief Data Officer, and the General Counsel of the agency, 
or the equivalent officials of the agency, shall use the information 
developed pursuant to the comprehensive assessment of the agency to 
develop a plan for the agency--
            (1) to consolidate software entitlements of the agency;
            (2) to ensure that, in order to improve the performance of, 
        and reduce unnecessary costs to, the agency, the Chief 
        Information Officer, Chief Data Officer, and Chief Acquisition 
        Officer of the agency, or the equivalent officers, develop 
        criteria and procedures for how the agency will adopt cost-
        effective acquisition strategies, including enterprise 
        licensing, across the agency that reduce costs, eliminate 
        excess licenses, and improve performance; and
            (3) to restrict the ability of a bureau, program, 
        component, or operational entity within the agency to acquire, 
        use, develop, or otherwise leverage any software entitlement 
        (or portion thereof) without the approval of the Chief 
        Information Officer of the agency, in consultation with the 
        Chief Acquisition Officer of the agency, or the equivalent 
        officers of the agency.
    (b) Plan Requirements.--The plan of an agency shall--
            (1) include a detailed strategy for--
                    (A) the remediation of any software asset 
                management deficiencies found during the comprehensive 
                assessment of the agency;
                    (B) the ongoing maintenance of software asset 
                management upon the completion of the remediation;
                    (C) automation of software license management 
                processes and incorporation of discovery tools across 
                the agency;
                    (D) ensuring that officers and employees of the 
                agency are adequately trained in the policies, 
                procedures, rules, regulations, and guidance relating 
                to the software acquisition and development of the 
                agency before entering into any agreement relating to 
                any software entitlement (or portion thereof) for the 
                agency, including training on--
                            (i) negotiating options within contracts to 
                        address and minimize provisions that restrict 
                        how the agency may deploy, access, or use the 
                        software, including restrictions on deployment, 
                        access, or use on desktop or server hardware 
                        and restrictions on data ownership or access;
                            (ii) the differences between acquiring 
                        commercial software products and services and 
                        acquiring or building custom software; and
                            (iii) determining the costs of different 
                        types of licenses and options for adjusting 
                        licenses to meet increasing or decreasing 
                        demand; and
                    (E) maximizing the effectiveness of software 
                deployed by the agency, including, to the extent 
                practicable, leveraging technologies that--
                            (i) measure actual software usage via 
                        analytics that can identify inefficiencies to 
                        assist in rationalizing software spending;
                            (ii) allow for segmentation of the user 
                        base;
                            (iii) support effective governance and 
                        compliance in the use of software; and
                            (iv) support interoperable capabilities 
                        between software;
            (2) identify categories of software the agency could 
        prioritize for conversion to more cost-effective software 
        licenses, including enterprise licenses, as the software 
        entitlements, contracts, and other agreements or arrangements 
        come up for renewal or renegotiation;
            (3) provide an estimate of the costs to move toward more 
        enterprise, open-source, or other licenses that do not restrict 
        the use of software by the agency, and the projected cost 
        savings, efficiency measures, and improvements to agency 
        performance throughout the total software lifecycle;
            (4) identify potential mitigations to minimize software 
        license restrictions on how such software can be deployed, 
        accessed, or used, including any mitigations that would 
        minimize any such restrictions on desktop or server hardware, 
        through a cloud service provider, or on data ownership or 
        access;
            (5) ensure that the purchase by the agency of any software 
        is based on publicly available criteria that are not unduly 
        structured to favor any specific vendor, unless prohibited by 
        law (including regulation);
            (6) include any estimates for additional resources, 
        services, or support the agency may need to implement the plan;
            (7) provide information on the prevalence of software 
        products in use across multiple software categories; and
            (8) include any additional information, data, or analysis 
        determined necessary by the Chief Information Officer, or other 
        equivalent official, of the agency.
    (c) Support.--The Chief Information Officer, or other equivalent 
official, of an agency may request support from the Director and the 
Administrator for any analysis or developmental needs to create the 
plan of the agency.
    (d) Agency Submission.--Not later than 1 year after the date on 
which the head of an agency submits the comprehensive assessment 
pursuant to section 3(d), the head of the agency shall submit to the 
Director, the Committee on Homeland Security and Governmental Affairs 
of the Senate, and the Committee on Oversight and Accountability of the 
House of Representatives the plan of the agency.
    (e) Consultation and Coordination.--The Director--
            (1) in coordination with the Administrator, the Chief 
        Information Officers Council, the Chief Acquisition Officers 
        Council, the Chief Data Officers Council, the Chief Financial 
        Officers Council, and other government and industry 
        representatives identified by the Director, shall establish 
        processes, using existing reporting functions, as appropriate, 
        to identify, define, and harmonize common definitions, terms 
        and conditions, standardized requirements, and other 
        information and criteria to support agency heads in developing 
        and implementing the plans required by this section; and
            (2) in coordination with the Administrator, and not later 
        than 2 years after the date of enactment of this Act, submit to 
        the Committee on Homeland Security and Governmental Affairs of 
        the Senate and the Committee on Oversight and Accountability of 
        the House of Representatives a report detailing recommendations 
        to leverage Government procurement policies and practices with 
        respect to software acquired by, developed by, deployed within, 
        or in use at 1 or more agencies to--
                    (A) increase the interoperability of software 
                licenses, including software entitlements and software 
                built by Government agencies;
                    (B) consolidate licenses, as appropriate;
                    (C) reduce costs;
                    (D) improve performance; and
                    (E) modernize the management and oversight of 
                software entitlements and software built by Government 
                agencies, as identified through an analysis of agency 
                plans.

SEC. 5. GAO REPORT.

    Not later than 3 years after the date of enactment of this Act, the 
Comptroller General of the United States shall submit to the Committee 
on Homeland Security and Governmental Affairs of the Senate and the 
Committee on Oversight and Accountability of the House of 
Representatives a report on--
            (1) Government-wide trends in agency software asset 
        management practices;
            (2) comparisons of software asset management practices 
        among agencies;
            (3) the establishment by the Director of processes to 
        identify, define, and harmonize common definitions, terms, and 
        conditions under section 4(e);
            (4) agency compliance with the restrictions on contract 
        support under section 3(b); and
            (5) other analyses of and findings regarding the plans of 
        agencies, as determined by the Comptroller General of the 
        United States.

SEC. 6. NO ADDITIONAL FUNDS.

    No additional funds are authorized to be appropriated for the 
purpose of carrying out this Act.
                                                       Calendar No. 156

118th CONGRESS

  1st Session

                                 S. 931

                          [Report No. 118-73]

_______________________________________________________________________

                                 A BILL

  To improve the visibility, accountability, and oversight of agency 
      software asset management practices, and for other purposes.

_______________________________________________________________________

                             July 25, 2023

                       Reported with an amendment