Skip to main content

Image

Information Technology

Jump To:

Image

Open Recommendations

Federal Software Licenses: Agencies Need to Take Action to Achieve Additional Savings

GAO-24-105717
Jan 29, 2024
Show
18 Open Recommendations
Agency Affected Recommendation Status
Department of Agriculture The Secretary of Agriculture should ensure that the agency tracks software licenses that are currently in use for its widely used licenses by, at a minimum, consistently implementing its procedures for tracking license usage. (Recommendation 1)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
Department of Agriculture The Secretary of Agriculture should ensure that the agency compares the inventories of software licenses that are currently in use with information on purchased licenses to identify opportunities to reduce costs and better inform investment decision making for its widely used licenses on a regular basis. At a minimum, it should consistently implement its procedures for comparing the inventories of licenses in use to purchase records. (Recommendation 2)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
Department of Energy The Secretary of Energy should ensure that the agency consistently tracks software licenses that are currently in use for its widely used licenses by, at a minimum, consistently implementing its procedures for tracking license usage. (Recommendation 3)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
Department of Energy The Secretary of Energy should ensure that the agency consistently compares the inventories of software licenses that are currently in use with information on purchased licenses to identify opportunities to reduce costs and better inform investment decision making for its widely used licenses on a regular basis. At a minimum, it should consistently implement its procedures for comparing the inventories of licenses in use to purchase records. (Recommendation 4)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
Department of Housing and Urban Development The Secretary of HUD should ensure that the agency tracks software licenses that are currently in use for its widely used licenses by, at a minimum, developing and implementing procedures for tracking license usage. (Recommendation 5)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
Department of Housing and Urban Development The Secretary of HUD should ensure that the agency compares the inventories of software licenses that are currently in use with information on purchased licenses to identify opportunities to reduce costs and better inform investment decision making for its widely used licenses on a regular basis. At a minimum, it should develop and implement procedures for comparing the inventories of licenses in use to purchase records. (Recommendation 6)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

Cloud Computing: DOD Needs to Improve Tracking of Data User Fees

GAO-23-106247
Sep 12, 2023
Show
1 Open Recommendations
Agency Affected Recommendation Status
Department of Defense The Secretary of Defense should direct the DOD Chief Information Officer to develop a plan and time frame for adopting a tool to track and report cloud data egress fees across the department. (Recommendation 1)
Open
The Department of Defense concurred with our recommendation. In its response, DOD stated that by the third quarter of fiscal year 2025, it will develop a plan to expand the department's cloud financial operations efforts to include the management of data egress fees. We will continue to monitor the department's efforts in this area.

DOD Software Licenses: Better Guidance and Plans Needed to Ensure Restrictive Practices Are Mitigated

GAO-23-106290
Sep 12, 2023
Show
1 Open Recommendations
Agency Affected Recommendation Status
Department of Defense The Secretary of Defense should direct the DOD CIO, in coordination with ESI, to update and implement guidance and plans to fully address identifying, analyzing, and mitigating the impacts of restrictive software licensing practices on cloud computing efforts. (Recommendation 1)
Open
The Department of Defense (DOD) concurred with this recommendation. As of November 2023, DOD has not yet implemented guidance and plans to fully address identifying, analyzing, and mitigating the impacts of restrictive software licensing practices on cloud computing efforts. DOD officials stated that the Office of the Chief Information Officer plans to issue guidance, including a clear restrictive software licenses definition and addressing remaining gaps identified in this report, by the end of fiscal year 2024. We will continue to monitor the department's efforts to fully implement this recommendation.

Information and Communications Technology: DOD Needs to Fully Implement Foundational Practices to Manage Supply Chain Risks

GAO-23-105612
May 18, 2023
Show
3 Open Recommendations
Agency Affected Recommendation Status
Department of Defense The Secretary of Defense should direct the DOD CIO to commit to a time frame to fully implement an agency-wide ICT SCRM strategy, including how the department will assess, respond to, or monitor ICT supply chain risks across the life cycle of ICT products and services. (Recommendation 1)
Open
The Department of Defense (DOD) concurred with this recommendation and, in comments on the draft report, described plans to address this recommendation. Specifically, the DOD identified actions it is taking to finalize a document (the DOD Chief Information Officer's internal information and communications technology (ICT) supply chain risk management (SCRM) strategy) in April 2023. That document is intended to be the basis for a DOD enterprise-wide ICT SCRM strategy. DOD expects to finalize the draft of its enterprise-wide strategy in September 2023. We will continue to monitor the department's actions to address this recommendation.
Department of Defense The Secretary of Defense should direct the Undersecretary of Defense for Acquisition and Sustainment and the DOD CIO to commit to a time frame to fully implement a process to conduct SCRM reviews of potential suppliers. (Recommendation 2)
Open
The Department of Defense (DOD) concurred and, in its response, identified several key policies it is in the process of updating to incorporate relevant policies and procedures, as appropriate. Specifically, DOD indicated it was updating DOD Instruction (DODI) 5200.44, "Protection of Mission Critical Functions to Achieve Trusted Systems and Networks (TSN)" and intended to update DODI 5000.82, "Acquisition of Information Technology (IT)". The department stated that it would also update other DOD policy documents as needed to address all departmental information and communications technology acquisition. We will continue to monitor the department's actions to address this recommendation.
Department of Defense The Secretary of Defense should direct the Undersecretary of Defense for Acquisition and Sustainment and the DOD CIO to commit to a time frame to fully implement organizational counterfeit detection procedures for products prior to deployment. In doing so, the department should take into consideration the results of its pilot efforts of applicable tools. (Recommendation 3)
Open
The Department of Defense (DOD) concurred with the recommendation and, in comments on the draft report, described actions DOD planned to take to address the recommendation. For example, the department noted that it expects the completion of its pilot efforts to evaluate various ICT counterfeit detection tools and development of related policies and procedures in fiscal year 2023. DOD expects to incorporate those policies and procedures into department-wide policy by the end of March 2024. We will continue to monitor the department's actions to address this recommendation.