Print this page

Information technology > 23. Federal Software Licenses

In order to achieve hundreds of millions of dollars in government-wide savings, federal agencies should apply better management of software licenses and the Office of Management and Budget should issue a directive to assist agencies in doing so.

Why This Area Is Important

The federal government plans to spend almost $80 billion on information technology (IT) products and services in fiscal year 2015, such as purchases of software licenses. According to the Information Technology Infrastructure Library’s Guide to Software Asset Management, software licenses are legal rights to use software in accordance with terms and conditions specified by the software copyright owner.[1] Federal agencies engage in thousands of licensing agreements annually. The Office of Management and Budget (OMB) and the 24 federal agencies covered by the Chief Financial Officers Act of 1990 have key roles and responsibilities for overseeing IT investment management.[2] OMB is responsible for working with agencies to ensure investments are appropriately planned and justified pursuant to the Clinger-Cohen Act of 1996.[3] The law also places responsibility for managing investments with the heads of agencies and establishes chief information officers to advise and assist agency heads in carrying out this responsibility.[4]

Two executive orders contain information for federal agencies relative to the management of software licenses. In particular, Executive Order 13103 specifies that each agency shall adopt policies and procedures to ensure that the agency uses only computer software not in violation of copyright laws.[5] These procedures may include information on preparing agency software inventories. Additionally, as part of Executive Order 13589, on promoting efficient spending, agencies are required to assess current device inventories and usage, and establish controls to ensure that they are not paying for unused or underutilized IT equipment, installed software, or services.[6]

The objective of software license management is to manage, control, and protect an organization’s software assets, including management of the risks arising from the use of those software assets.[7] Proper management of software licenses helps to minimize risks by ensuring that licenses are used in compliance with licensing agreements and cost-effectively deployed, and that software purchasing and maintenance expenses are properly controlled. In addition, effective management can help avoid purchasing too few licenses, which results in noncompliance with license terms and may cause the imposition of additional fees.



[1] Colin Rudd, ITIL v.3 Guide to Software Asset Management © (2009), ISBN 9780113311064. Reprinted with permission from ITIL. The guide is available at: http://www.axelos.com/Publications-Library/IT-Service-Management-ITIL/.

[2] The 24 major federal agencies covered by the Chief Financial Officers Act of 1990 are the Departments of Agriculture, Commerce, Defense, Education, Energy, Health and Human Services, Homeland Security, Housing and Urban Development, the Interior, Justice, Labor, State, Transportation, the Treasury, and Veterans Affairs; Environmental Protection Agency; General Services Administration; National Aeronautics and Space Administration; National Science Foundation; Nuclear Regulatory Commission; Office of Personnel Management; Small Business Administration; Social Security Administration; and U.S. Agency for International Development.

[3] 40 U.S.C §§ 11302-11303.

[4] 40 U.S.C §§ 11312, 11313, and 11315.

[5] Executive Order 13103, Computer Software Piracy, 63 Fed. Reg. 53273 (Sept. 30, 1998).

[6] Executive Order 13589, Promoting Efficient Spending, 76 Fed. Reg. 70863(Nov. 9, 2011).

[7] Colin Rudd, ITIL v.3 Guide to Software Asset Management © (2009), ISBN 9780113311064. Reprinted with permission from ITIL. The guide is available at: http://www.axelos.com/Publications-Library/IT-Service-Management-ITIL/.

What GAO Found

In May 2014, GAO reported on federal agencies’ management of software licenses and the potential for achieving significant savings government-wide.[1] Specifically, GAO found OMB and the vast majority of agencies reviewed did not have adequate policies for managing software licenses. While OMB had a policy on a broader IT management initiative that is intended to assist agencies in gathering information on their IT investments, including software licenses, it did not guide agencies in developing comprehensive license management policies comprised of the seven elements identified in GAO’s May 2014 report.[2] Of the 24 major federal agencies, 2 had comprehensive policies that included the establishment of clear roles and central oversight authority for managing enterprise software license agreements, among other things; 18 had policies but they were not comprehensive; and 4 had not developed any policy. The weaknesses in agencies’ policies were due, in part, to the lack of a priority for establishing software license management practices and a lack of direction from OMB. GAO concluded that without an OMB directive and comprehensive agency policies, it will be difficult for the agencies to consistently and effectively manage software licenses.

Additionally, GAO reported that federal agencies were generally not following the leading practices GAO identified for managing software licenses.[3] In May 2014, GAO identified five leading practices: centralizing management; establishing a comprehensive inventory of licenses; regularly tracking and maintaining comprehensive inventories using automated discovery and inventory tools and metrics; analyzing the software license data to inform investment decisions and identify opportunities to reduce costs; and providing appropriate personnel with sufficient training on software license management. The table below lists the leading practices and the number of agencies that had fully, partially, or not implemented them.

Summary of Results for 24 Major Agencies’ Implementation of Software Licenses Management Leading Practices

Leading practice

Fully implemented

Partially implemented

Not implemented

Centralized management

4

15

5

Established software license inventory

2

20

2

Tracking and maintaining inventory

0

20

4

Analyzing software license data

0

15

9

Providing sufficient training

0

5

19

Source: GAO analysis of agency data as reported in GAO‑14‑413. | GAO‑15‑404SP

The inadequate implementation of leading practices in software license management was partially due to weaknesses in agencies’ policies. As a result, agencies are limited in their ability to analyze software license data to more cost-effectively buy and maintain software licenses and to ascertain the software applications most widely used across the federal government. Consequently, while some agencies were able to identify millions in savings for software through ad hoc processes, the potential exists for even greater savings and additional opportunities to reduce software license spending and duplication than what agencies had reported, including the following examples:

  • In fiscal year 2012, one major federal agency reported saving approximately $181 million by consolidating its enterprise license agreements even though its oversight process was ad hoc.
     
  • In fiscal year 2013, another major agency reported cost savings of approximately $33 million by consolidating major IT contracts, including Cisco and Microsoft licenses, to achieve efficiencies.
     
  • Finally, in fiscal year 2012, a major agency reported that it negotiated an enterprise license agreement to reduce costs associated with software products used, providing the agency approximately $13 million in cost savings in fiscal year 2012 and $37 million in net cost avoidance for fiscal year 2013.

Until OMB and the agencies focus on improving policies and processes, they will not have the data to manage software licenses and will likely continue to miss opportunities to reduce costs.



[1] GAO, Federal Software Licenses: Better Management Needed to Achieve Significant Savings Government-Wide, GAO‑14‑413 (Washington, D.C.: May 22, 2014).

[2] The seven elements that a comprehensive software license policy should specify are (1) identify clear roles, responsibilities, and central oversight authority within the department for managing enterprise software license agreements and commercial software licenses; (2) establish a comprehensive inventory (80 percent of software license spending and/or enterprise licenses in the department) by identifying and collecting information about software license agreements using automated discovery and inventory tools; (3) regularly track and maintain software licenses to assist the agency in implementing decisions throughout the software license management life cycle; (4) analyze software usage and other data to make cost-effective decisions; (5) provide training relevant to software license management; (6) establish goals and objectives of the software license management program; and (7) consider the software license management life-cycle phases (i.e., requisition, reception, deployment and maintenance, retirement, and disposal phases) to implement effective decision making. GAO identified these elements by interviewing six recognized software license management experts from the private and federal sectors and then comparing and synthesizing the information.

[3] In its May 2014 report, GAO identified five leading practices for software license management by interviewing six recognized software license management experts from the private and federal sectors and then comparing and synthesizing the practices that were identified.

Actions Needed

GAO recommended in May 2014 that the Director of OMB

  • issue a directive to the agencies on developing comprehensive software licensing policies comprised of the seven elements of a comprehensive policy.

GAO also made recommendations to the 24 reviewed agencies to improve their policies and practices for managing software licenses by including all elements of comprehensive policies for the management of software licenses or adopting leading practices. Specifically, GAO recommended the following:

  • Twenty-two of the 24 agencies should develop an agency-wide comprehensive policy for the management of software licenses that addresses the weaknesses we identified.[1]
     
  • Twenty of the 24 agencies should employ a centralized software license management approach that is coordinated and integrated with key personnel for the majority of agency software license spending and/or enterprise-wide licenses.[2]
     
  • Twenty-two of the 24 agencies should establish a comprehensive inventory of software licenses using automated tools for the majority of agency software license spending and/or enterprise-wide licenses.[3]
     
  • Each of the 24 agencies should regularly track and maintain a comprehensive inventory of software licenses using automated tools and metrics.
     
  • Each of the 24 agencies should analyze agency-wide software license data, such as costs, benefits, usage, and trending data, to identify opportunities to reduce costs and better inform investment decision making.
     
  • Each of the 24 agencies should provide software license management training to appropriate agency personnel addressing contract terms and conditions, negotiations, laws and regulations, acquisition, security planning, and configuration management.

Taking these actions—a total of 136 actions across OMB and the 24 agencies—should provide greater assurance that OMB and the agencies will identify opportunities to reduce software license spending and duplication, and therefore realize the full potential of cost savings for the federal government. Due to the lack of agency-wide data on software licenses, such as inventories and costs, it is not possible to estimate the full extent of potential cost savings associated with the implementation of these management practices and policies. The federal government has so far achieved at least $250 million in savings, but GAO’s analysis suggests that implementing these recommendations could result in additional savings.



[1] GAO did not make recommendations to the Departments of Homeland Security and Labor.

[2] GAO did not make recommendations to the Department of Housing and Urban Development, General Services Administration, National Science Foundation, and U.S. Agency for International Development.

[3] GAO did not make recommendations to the Department of Housing and Urban Development and National Science Foundation.

How GAO Conducted Its Work

The information contained in this analysis is based primarily on findings from the May 2014 report listed in the related GAO products section. GAO assessed policies from the 24 Chief Financial Officers Act agencies and OMB against software licensing policy measures. Specifically, GAO obtained and analyzed policy documents, such as agency and departmental guidance, policies, procedures, and standard operating procedures, and compared them to the seven elements. GAO also obtained information through interviews with officials responsible for software license management activities. Further, to assess the extent to which OMB has appropriate guidance on software license management, GAO collected and analyzed OMB guidance on the PortfolioStat and Strategic Sourcing initiatives to determine its efforts to oversee federal agencies’ management of software licenses. GAO then compared these efforts to relevant statutes and executive orders and also interviewed OMB officials to identify their views on whether the relevant guidance for software license management to federal agencies is appropriately established. GAO also analyzed and compared agencies’ software inventories and management controls to leading practices, and interviewed responsible officials. To identify sound licensing policy measures and leading practices, GAO interviewed recognized private sector and government software license management experts and then compared and synthesized the practices that were identified. To describe agencies’ current or planned actions for the September 2014 correspondence listed in the related GAO products section, GAO obtained and reviewed OMB and the 24 major agencies’ reported statement of actions about their efforts to address the recommendations and also gathered relevant information from agencies’ comments on GAO’s May 2014 report.[1]



[1] Federal agencies are required to submit to specified congressional committees a written statement of actions taken on GAO’s recommendations. 31 U.S.C. § 720.

Agency Comments & GAO Contact

In commenting on GAO’s May 2014 report, OMB disagreed with GAO’s recommendation to issue a directive. In particular, OMB cited two additional management initiatives that it asserted have significant bearing in the area of software licensing that were not included in GAO’s report.[1] While GAO agrees that OMB’s initiatives collectively represent important management tools for agencies, they are not enough to guide agencies in developing comprehensive license management policies. Additionally, of the 24 agencies that GAO made specific recommendations to, 11 agreed, 5 partially agreed, 2 neither agreed nor disagreed, and 6 had no comments. In a subsequent GAO report in September 2014, GAO described OMB and agencies’ current and planned actions to address these recommendations. GAO found that 21 agencies planned to fully address all recommendations. Three agencies reported that they planned to address most recommendations but not all, primarily because they partially disagreed with the prior report’s findings or did not provide information on their efforts to address the recommendations made. Finally, OMB continued to disagree with GAO’s recommendation to issue a directive to help guide agencies’ management of software licenses and as a result, does not have plans to address this recommendation. GAO maintains that OMB should develop a directive because as GAO’s May 2014 report shows, only 2 of the 24 major agencies have comprehensive policies in place, and only 2 have comprehensive license inventories. Until this gap in guidance is addressed, agencies will likely continue to lack visibility into what needs to be managed. In summary, of the 136 recommendations made in the May 2014 report, agencies have planned actions for 129 recommendations, no actions are planned for 6, and the status is unknown for 1.

Recently, GAO provided a draft of this report section to OMB and the 24 major agencies for review and comment. OMB and 22 of the major agencies stated that they have no comment. One agency (the Department of Housing and Urban Development), in written comments, stated that it would be in full compliance with software license management policies and industry best practices once corrective actions have been fully implemented. 

The remaining agency (the Department of Energy), in written comments, maintained the position that it has an agency-wide comprehensive policy for the management of software licenses. The department further stated that GAO failed to recognize the federal government’s improvement actions to leverage current federal initiatives, and agreed with OMB’s response to GAO in the May 2014 report. However, GAO continues to believe that actions are needed at the Department of Energy to address weaknesses. As noted in the May 2014 report, the department has visibility into only 45 percent of its licenses due in part to its decentralized management approach. Until the department adopts a more centralized approach, it will likely not be adequately positioned to take advantage of OMB’s current initiatives.

For additional information about this area, contact Carol R. Cha at (202) 512-4456 or chac@gao.gov.



[1] These two initiatives are known as “Maximizing Use of SmartBuy and Avoiding Duplication” and “Cross Agency Priority Goal: Cybersecurity.”

Explore Other Areas

There are no further Duplication areas under this mission.