Agency Strategies – Centralizing and Improving Software Management
FITARA provides new authorities and responsibilities that Chief Information Officers (CIOs) can use to improve their IT management. To improve agencies' software management programs, CIOs, in coordination with Chief Acquisition Officers (CAOs), shall:
1) Appoint a software manager, with a supporting team, reporting to the agency CIO, to manage all agency contracts and licenses for commercial software. At a minimum, the software manager shall:
- Develop and implement a plan for moving to more centralized management of software licenses that addresses life-cycle phases, funding aggregation, and other considerations, such as cloud-based licensing models (e.g., Software-as-a-Service (SaaS) and mobile device application management.
- Increase use of governmentwide software license agreements and strategies and reduce duplication. This policy establishes business rules that apply after a determination has been made that a product meets a validated need, based on technical requirements consistent with the procurement regulations. In cases where there is an endorsed governmentwide or multi-agency agreement available, the software manager is responsible for utilizing the agreement. Agencies may continue the use of mandatory agency-wide software license agreements through the end of the current base or option period, as applicable. When a governmentwide solution is available, the agency shall analyze terms, conditions, pricing, performance, fees, and savings under the agency agreement relative to the approved agreements, document findings, and provide this information to the ESCT for approval no less than 6 months prior to the exercise of each option. Eighteen (18) months prior to any recompetition of these solutions, the agency must submit a transition plan to the ESCT that outlines how the agency will transition to the governmentwide agreement. Specific instructions for the strategy will be posted on MAX at the following URL:
- Develop a vendor management strategy and implement processes to improve relationships with suppliers, better understand the marketplace, and support development of IT sourcing strategies within 120 days. Specific instructions for the strategy will be posted on MAX at the following URL:
- Ensure that the personnel involved in software license management (e.g., legal, acquisition, system administration, technical support, and users as appropriate) are trained in IT relevant software management topics, such as intellectual property and software contracts and license negotiations, laws, regulations, acquisitions, license compliance, software audit, security planning, configuration management, etc. OMB will work with the Federal Acquisition Institute and the Defense Acquisition University to identify and/or develop appropriate training to facilitate this requirement.
- Develop and implement an assessment and approval process to determine the cost and benefit of purchasing software maintenance programs, which also considers operational impacts and cybersecurity risks.
All CFO Act Agencies shall provide to OMB the name and contact number of the agency's software manager within 45 days of the issuance of this memo, and the agency centralized software license management plan is due to OMB on May 31, 2016 via OMB's Integrated Data Collection (IDC),8 which is part of the Office of the Federal CIO's PortfolioStat initiative.
2) Maintain comprehensive annual inventories of software license and subscription spending and enterprise licenses, including license count and usage. Consistent with Section 4 of Executive Order 13589,9 agencies must better understand the true usage of certain types of software.
- No later than September 30, 2016, agencies shall, to the extent practicable, leverage Continuous Diagnostics and Mitigation (CDM) tools and Continuous Monitoring as a Service (CMaaS) to report on software inventory and usage. The agency's centralization plan shall explain how this capability will be implemented.
- Beginning August 31, 2016, and each year thereafter, all departments and agencies shall provide to OMB an annual report of their software license inventory, including maintenance agreements and cloud-based licenses, subscriptions and enrollments. Specific reporting instructions will be available on MAX at this URL: XXX
3) Aggregate Agency Requirements and Funding. Agencies shall develop repeatable processes to aggregate software requirements and associated funding, as appropriate, for commercial enterprise software acquisitions. Agency CIOs must use their authority under FITARA10 to align all components with a centralized acquisition strategy that defines common software requirements across the enterprise. This work should consider a review of the installed software against the agency-approved list of software. When software is discovered that is not on the agency-approved software list, agencies must consider whether to include it on the list or identify an approved software to replace it.
As a reminder, agencies shall not agree to terms and conditions that prohibit the sharing of all prices, terms, and conditions with other Government entities (including posting said information to the Acquisition Gateway11). When terms or conditions are identified that seem to preclude an agency from sharing the prices paid with other federal agencies, the agency shall ensure removal of these terms and conditions during the negotiation process for the contract, or the option period renewal.12
- 8 https://community.max.gov/x/LhtGJw.
- 9 http://www.whitehouse.gov/the-press-office/2011/11/09/executive-order-promoting-efficient-spending
- 10 Section 831 of the National Defense Authorization Act (NDAA) for Fiscal Year 2015
- 11 https://hallways.cap.gsa.gov/
- 12 For additional detail see question 6 in the Myth-Busting 2 memorandum, http://www.gsa.gov/graphics/staffoffices/OFPP_Myth-Busting2.pdf