I
119THCONGRESS
1
STSESSION H. R. 2417
To improve the visibility, accountability, and oversight of agency software
asset management practices, and for other purposes.
IN THE HOUSE OF REPRESENTATIVES
MARCH27, 2025
Mr. C
ONNOLLY(for himself, Mr. FALLON, Mrs. MCCLAINDELANEY, and Ms.
M
ACE) introduced the following bill; which was referred to the Committee
on Oversight and Government Reform
A BILL
To improve the visibility, accountability, and oversight of
agency software asset management practices, and for
other purposes.
Be it enacted by the Senate and House of Representa-1
tives of the United States of America in Congress assembled, 2
SECTION 1. SHORT TITLE. 3
This Act may be cited as the ‘‘Strengthening Agency 4
Management and Oversight of Software Assets Act’’. 5
SEC. 2. DEFINITIONS. 6
In this Act: 7
VerDate Sep 11 2014 23:17 Apr 02, 2025 Jkt 059200 PO 00000 Frm 00001 Fmt 6652 Sfmt 6201 E:\BILLS\H2417.IH H2417
kjohnson on DSK7ZCZBW3PROD with $$_JOB 2
•HR 2417 IH
(1) ADMINISTRATOR.—The term ‘‘Adminis-1
trator’’ means the Administrator of General Serv-2
ices. 3
(2) A
GENCY.—The term ‘‘agency’’ has the 4
meaning given that term in section 3502 of title 44, 5
United States Code, except that such term does not 6
include an element of the intelligence community. 7
(3) C
LOUD COMPUTING .—The term ‘‘cloud 8
computing’’ has the meaning given the term in Spe-9
cial Publication 800–145 of the National Institute of 10
Standards and Technology, or any successor docu-11
ment. 12
(4) C
LOUD SERVICE PROVIDER .—The term 13
‘‘cloud service provider’’ has the meaning given the 14
term in section 3607(b) of title 44, United States 15
Code. 16
(5) C
OMPREHENSIVE ASSESSMENT .—The term 17
‘‘comprehensive assessment’’ means a comprehensive 18
assessment conducted pursuant to section 3(a). 19
(6) D
IRECTOR.—The term ‘‘Director’’ means 20
the Director of the Office of Management and Budg-21
et. 22
(7) I
NTELLIGENCE COMMUNITY .—The term 23
‘‘intelligence community’’ has the meaning given the 24
VerDate Sep 11 2014 23:17 Apr 02, 2025 Jkt 059200 PO 00000 Frm 00002 Fmt 6652 Sfmt 6201 E:\BILLS\H2417.IH H2417
kjohnson on DSK7ZCZBW3PROD with $$_JOB 3
•HR 2417 IH
term in section 3 of the National Security Act of 1
1947 (50 U.S.C. 3003). 2
(8) P
LAN.—The term ‘‘plan’’ means the plan 3
developed by a Chief Information Officer, or equiva-4
lent official, pursuant to section 4(a). 5
(9) S
OFTWARE ENTITLEMENT .—The term 6
‘‘software entitlement’’ means any software that— 7
(A) has been purchased, leased, or licensed 8
by or billed to an agency under any contract or 9
other business arrangement; and 10
(B) is subject to use limitations. 11
(10) S
OFTWARE INVENTORY .—The term ‘‘soft-12
ware inventory’’ means the software inventory of an 13
agency required pursuant to— 14
(A) section 2(b)(2)(A) of the Making Elec-15
tronic Government Accountable By Yielding 16
Tangible Efficiencies Act of 2016 (40 U.S.C. 17
11302 note; Public Law 114–210); or 18
(B) subsequent guidance issued by the Di-19
rector pursuant to that Act. 20
SEC. 3. SOFTWARE INVENTORY UPDATE AND EXPANSION. 21
(a) I
NGENERAL.—As soon as practicable, and not 22
later than 18 months after the date of enactment of this 23
Act, the Chief Information Officer of each agency, in con-24
sultation with the Chief Financial Officer, the Chief Ac-25
VerDate Sep 11 2014 23:17 Apr 02, 2025 Jkt 059200 PO 00000 Frm 00003 Fmt 6652 Sfmt 6201 E:\BILLS\H2417.IH H2417
kjohnson on DSK7ZCZBW3PROD with $$_JOB 4
•HR 2417 IH
quisition Officer, the Chief Data Officer, and General 1
Counsel of the agency, or the equivalent officials of the 2
agency, shall complete a comprehensive assessment of the 3
software paid for by, in use at, or deployed throughout 4
the agency, which shall include— 5
(1) the current software inventory of the agen-6
cy, including software entitlements, contracts and 7
other agreements or arrangements of the agency, 8
and a list of the largest software entitlements of the 9
agency separated by provider and category of soft-10
ware; 11
(2) a comprehensive, detailed accounting of— 12
(A) any software used by or deployed with-13
in the agency, including software developed or 14
built by the agency, or by another agency for 15
use by the agency, including shared services, as 16
of the date of the comprehensive assessment, 17
including, to the extent identifiable, the con-18
tracts and other agreements or arrangements 19
used by the agency to acquire, build, deploy, or 20
use such software; 21
(B) information and data on software enti-22
tlements, which shall include information on 23
any additional fees or costs, including fees or 24
costs for the use of cloud services, that are not 25
VerDate Sep 11 2014 23:17 Apr 02, 2025 Jkt 059200 PO 00000 Frm 00004 Fmt 6652 Sfmt 6201 E:\BILLS\H2417.IH H2417
kjohnson on DSK7ZCZBW3PROD with $$_JOB 5
•HR 2417 IH
included in the initial costs of the contract, 1
agreement, or arrangement— 2
(i) for which the agency pays; 3
(ii) that are not deployed or in use by 4
the agency; and 5
(iii) that are billed to the agency 6
under any contract or business arrange-7
ment that creates duplication, or are other-8
wise determined to be unnecessary by the 9
Chief Information Officer of the agency, or 10
the equivalent official, in the deployment 11
or use by the agency; and 12
(C) the extent— 13
(i) to which any software paid for, in 14
use, or deployed throughout the agency is 15
interoperable; and 16
(ii) of the efforts of the agency to im-17
prove interoperability of software assets 18
throughout the agency enterprise; 19
(3) a categorization of software entitlements of 20
the agency by cost, volume, and type of software; 21
(4) a list of any provisions in the software enti-22
tlements of the agency that may restrict how the 23
software can be deployed, accessed, or used, includ-24
ing any such restrictions on desktop or server hard-25
VerDate Sep 11 2014 23:17 Apr 02, 2025 Jkt 059200 PO 00000 Frm 00005 Fmt 6652 Sfmt 6201 E:\BILLS\H2417.IH H2417
kjohnson on DSK7ZCZBW3PROD with $$_JOB 6
•HR 2417 IH
ware, through a cloud service provider, or on data 1
ownership or access; and 2
(5) an analysis addressing— 3
(A) the accuracy and completeness of the 4
comprehensive assessment; 5
(B) agency management of and compliance 6
with all contracts or other agreements or ar-7
rangements that include or reference software 8
entitlements or software management within 9
the agency; 10
(C) the extent to which the agency accu-11
rately captures the total cost of software enti-12
tlements and related costs, including the total 13
cost of upgrades over the life of a contract, 14
cloud usage costs, and any other cost associated 15
with the maintenance or servicing of contracts; 16
and 17
(D) compliance with software license man-18
agement policies of the agency. 19
(b) C
ONTRACTSUPPORT.— 20
(1) A
UTHORITY.—The head of an agency may 21
enter into 1 or more contracts to support the re-22
quirements of subsection (a). 23
(2) N
O CONFLICT OF INTEREST .—Contracts 24
under paragraph (1) shall not include contractors 25
VerDate Sep 11 2014 23:17 Apr 02, 2025 Jkt 059200 PO 00000 Frm 00006 Fmt 6652 Sfmt 6201 E:\BILLS\H2417.IH H2417
kjohnson on DSK7ZCZBW3PROD with $$_JOB 7
•HR 2417 IH
with organizational conflicts of interest, within the 1
meaning given that term under subpart 9.5 of the 2
Federal Acquisition Regulation. 3
(3) O
PERATIONAL INDEPENDENCE .—Over the 4
course of a comprehensive assessment, contractors 5
hired pursuant to paragraph (1) shall maintain oper-6
ational independence from the integration, manage-7
ment, and operations of the software inventory and 8
software entitlements of the agency. 9
(c) S
UBMISSION.—On the date on which the Chief In-10
formation Officer, Chief Financial Officer, Chief Acquisi-11
tion Officer, the Chief Data Officer, and General Counsel 12
of an agency, or the equivalent officials of the agency, 13
complete the comprehensive assessment, the Chief Infor-14
mation Officer shall submit the comprehensive assessment 15
to the head of the agency. 16
(d) S
UBSEQUENTSUBMISSION.—Not later than 30 17
days after the date on which the head of an agency re-18
ceives the comprehensive assessment under subsection (c), 19
the head of the agency shall submit the comprehensive as-20
sessment to— 21
(1) the Director; 22
(2) the Administrator; 23
(3) the Comptroller General of the United 24
States; 25
VerDate Sep 11 2014 23:17 Apr 02, 2025 Jkt 059200 PO 00000 Frm 00007 Fmt 6652 Sfmt 6201 E:\BILLS\H2417.IH H2417
kjohnson on DSK7ZCZBW3PROD with $$_JOB 8
•HR 2417 IH
(4) the Committee on Homeland Security and 1
Governmental Affairs of the Senate; and 2
(5) the Committee on Oversight and Account-3
ability of the House of Representatives. 4
(e) C
ONSULTATION.—In order to ensure the utility 5
and standardization of the comprehensive assessment of 6
each agency, including to support the development of each 7
plan and the report required under section 4(e)(2), the 8
Director, in consultation with the Administrator, shall 9
share information, best practices, and recommendations 10
relating to the activities performed in the course of a com-11
prehensive assessment of an agency. 12
(f) I
NTELLIGENCECOMMUNITY.—For each element 13
of the intelligence community, a comprehensive assess-14
ment described under subsection (a) shall be— 15
(1) conducted separately; 16
(2) performed only by an entity designated by 17
the head of the element of the intelligence commu-18
nity, in accordance with appropriate applicable laws; 19
(3) performed in such a manner as to ensure 20
appropriate protection of information which, if dis-21
closed, may adversely affect national security; and 22
(4) submitted in summary form, not later than 23
30 days after the date on which the head of the ele-24
ment of the intelligence community receives the as-25
VerDate Sep 11 2014 23:17 Apr 02, 2025 Jkt 059200 PO 00000 Frm 00008 Fmt 6652 Sfmt 6201 E:\BILLS\H2417.IH H2417
kjohnson on DSK7ZCZBW3PROD with $$_JOB 9
•HR 2417 IH
sessment, by the head of the element of the intel-1
ligence community to— 2
(A) the Director; 3
(B) the Select Committee on Intelligence 4
of the Senate; and 5
(C) the Permanent Select Committee on 6
Intelligence of the House of Representatives. 7
SEC. 4. SOFTWARE MODERNIZATION PLANNING AT AGEN-8
CIES. 9
(a) I
NGENERAL.—The Chief Information Officer of 10
each agency, in consultation with the Chief Financial Offi-11
cer, the Chief Acquisition Officer, the Chief Data Officer, 12
and the General Counsel of the agency, or the equivalent 13
officials of the agency, shall use the information developed 14
pursuant to the comprehensive assessment of the agency 15
to develop a plan for the agency— 16
(1) to consolidate software entitlements of the 17
agency; 18
(2) to ensure that, in order to improve the per-19
formance of, and reduce unnecessary costs to, the 20
agency, the Chief Information Officer, Chief Data 21
Officer, and Chief Acquisition Officer of the agency, 22
or the equivalent officers, develop criteria and proce-23
dures for how the agency will adopt cost-effective ac-24
quisition strategies, including enterprise licensing, 25
VerDate Sep 11 2014 23:17 Apr 02, 2025 Jkt 059200 PO 00000 Frm 00009 Fmt 6652 Sfmt 6201 E:\BILLS\H2417.IH H2417
kjohnson on DSK7ZCZBW3PROD with $$_JOB 10
•HR 2417 IH
across the agency that reduce costs, eliminate excess 1
licenses, and improve performance; and 2
(3) to restrict the ability of a bureau, program, 3
component, or operational entity within the agency 4
to acquire, use, develop, or otherwise leverage any 5
software entitlement (or portion thereof) without the 6
approval of the Chief Information Officer of the 7
agency, in consultation with the Chief Acquisition 8
Officer of the agency, or the equivalent officers of 9
the agency. 10
(b) P
LANREQUIREMENTS.—The plan of an agency 11
shall— 12
(1) include a detailed strategy for— 13
(A) the remediation of any software asset 14
management deficiencies found during the com-15
prehensive assessment of the agency; 16
(B) the ongoing maintenance of software 17
asset management upon the completion of the 18
remediation; 19
(C) automation of software license man-20
agement processes and incorporation of dis-21
covery tools across the agency; 22
(D) ensuring that officers and employees 23
of the agency are adequately trained in the poli-24
cies, procedures, rules, regulations, and guid-25
VerDate Sep 11 2014 23:17 Apr 02, 2025 Jkt 059200 PO 00000 Frm 00010 Fmt 6652 Sfmt 6201 E:\BILLS\H2417.IH H2417
kjohnson on DSK7ZCZBW3PROD with $$_JOB 11
•HR 2417 IH
ance relating to the software acquisition and 1
development of the agency before entering into 2
any agreement relating to any software entitle-3
ment (or portion thereof) for the agency, in-4
cluding training on— 5
(i) negotiating options within con-6
tracts to address and minimize provisions 7
that restrict how the agency may deploy, 8
access, or use the software, including re-9
strictions on deployment, access, or use on 10
desktop or server hardware and restric-11
tions on data ownership or access; 12
(ii) the differences between acquiring 13
commercial software products and services 14
and acquiring or building custom software; 15
and 16
(iii) determining the costs of different 17
types of licenses and options for adjusting 18
licenses to meet increasing or decreasing 19
demand; and 20
(E) maximizing the effectiveness of soft-21
ware deployed by the agency, including, to the 22
extent practicable, leveraging technologies 23
that— 24
VerDate Sep 11 2014 23:17 Apr 02, 2025 Jkt 059200 PO 00000 Frm 00011 Fmt 6652 Sfmt 6201 E:\BILLS\H2417.IH H2417
kjohnson on DSK7ZCZBW3PROD with $$_JOB 12
•HR 2417 IH
(i) measure actual software usage via 1
analytics that can identify inefficiencies to 2
assist in rationalizing software spending; 3
(ii) allow for segmentation of the user 4
base; 5
(iii) support effective governance and 6
compliance in the use of software; and 7
(iv) support interoperable capabilities 8
between software; 9
(2) identify categories of software the agency 10
could prioritize for conversion to more cost-effective 11
software licenses, including enterprise licenses, as 12
the software entitlements, contracts, and other 13
agreements or arrangements come up for renewal or 14
renegotiation; 15
(3) provide an estimate of the costs to move to-16
ward more enterprise, open-source, or other licenses 17
that do not restrict the use of software by the agen-18
cy, and the projected cost savings, efficiency meas-19
ures, and improvements to agency performance 20
throughout the total software lifecycle; 21
(4) identify potential mitigations to minimize 22
software license restrictions on how such software 23
can be deployed, accessed, or used, including any 24
mitigations that would minimize any such restric-25
VerDate Sep 11 2014 23:17 Apr 02, 2025 Jkt 059200 PO 00000 Frm 00012 Fmt 6652 Sfmt 6201 E:\BILLS\H2417.IH H2417
kjohnson on DSK7ZCZBW3PROD with $$_JOB 13
•HR 2417 IH
tions on desktop or server hardware, through a cloud 1
service provider, or on data ownership or access; 2
(5) ensure that the purchase by the agency of 3
any software is based on publicly available criteria 4
that are not unduly structured to favor any specific 5
vendor, unless prohibited by law (including regula-6
tion); 7
(6) include any estimates for additional re-8
sources, services, or support the agency may need to 9
implement the plan; 10
(7) provide information on the prevalence of 11
software products in use across multiple software 12
categories; and 13
(8) include any additional information, data, or 14
analysis determined necessary by the Chief Informa-15
tion Officer, or other equivalent official, of the agen-16
cy. 17
(c) S
UPPORT.—The Chief Information Officer, or 18
other equivalent official, of an agency may request support 19
from the Director and the Administrator for any analysis 20
or developmental needs to create the plan of the agency. 21
(d) A
GENCYSUBMISSION.— 22
(1) I
N GENERAL.—Not later than 1 year after 23
the date on which the head of an agency submits the 24
comprehensive assessment pursuant to section 3(d), 25
VerDate Sep 11 2014 23:17 Apr 02, 2025 Jkt 059200 PO 00000 Frm 00013 Fmt 6652 Sfmt 6201 E:\BILLS\H2417.IH H2417
kjohnson on DSK7ZCZBW3PROD with $$_JOB 14
•HR 2417 IH
the head of the agency shall submit to the Director, 1
the Committee on Homeland Security and Govern-2
mental Affairs of the Senate, and the Committee on 3
Oversight and Accountability of the House of Rep-4
resentatives the plan of the agency. 5
(2) I
NTELLIGENCE COMMUNITY .—Not later 6
than 1 year after the date on which the head of an 7
element of the intelligence community submits the 8
summary assessment pursuant to section 3(f)(4), the 9
head of the element shall separately submit the plan 10
of the element to the Director, the Select Committee 11
on Intelligence of the Senate, and the Permanent 12
Select Committee on Intelligence of the House of 13
Representatives. 14
(e) C
ONSULTATION AND COORDINATION.—The Di-15
rector— 16
(1) in coordination with the Administrator, the 17
Chief Information Officers Council, the Chief Acqui-18
sition Officers Council, the Chief Data Officers 19
Council, the Chief Financial Officers Council, and 20
other government and industry representatives iden-21
tified by the Director, shall establish processes, 22
using existing reporting functions, as appropriate, to 23
identify, define, and harmonize common definitions, 24
terms and conditions, standardized requirements, 25
VerDate Sep 11 2014 23:17 Apr 02, 2025 Jkt 059200 PO 00000 Frm 00014 Fmt 6652 Sfmt 6201 E:\BILLS\H2417.IH H2417
kjohnson on DSK7ZCZBW3PROD with $$_JOB 15
•HR 2417 IH
and other information and criteria to support agency 1
heads in developing and implementing the plans re-2
quired by this section; and 3
(2) in coordination with the Administrator, and 4
not later than 2 years after the date of enactment 5
of this Act, submit to the Committee on Homeland 6
Security and Governmental Affairs of the Senate 7
and the Committee on Oversight and Accountability 8
of the House of Representatives a report detailing 9
recommendations to leverage Government procure-10
ment policies and practices with respect to software 11
acquired by, developed by, deployed within, or in use 12
at 1 or more agencies to— 13
(A) increase the interoperability of soft-14
ware licenses, including software entitlements 15
and software built by Government agencies; 16
(B) consolidate licenses, as appropriate; 17
(C) reduce costs; 18
(D) improve performance; and 19
(E) modernize the management and over-20
sight of software entitlements and software 21
built by Government agencies, as identified 22
through an analysis of agency plans. 23
VerDate Sep 11 2014 23:17 Apr 02, 2025 Jkt 059200 PO 00000 Frm 00015 Fmt 6652 Sfmt 6201 E:\BILLS\H2417.IH H2417
kjohnson on DSK7ZCZBW3PROD with $$_JOB 16
•HR 2417 IH
SEC. 5. GAO REPORT. 1
Not later than 3 years after the date of enactment 2
of this Act, the Comptroller General of the United States 3
shall submit to the Committee on Homeland Security and 4
Governmental Affairs of the Senate and the Committee 5
on Oversight and Accountability of the House of Rep-6
resentatives a report on— 7
(1) Government-wide trends in agency software 8
asset management practices; 9
(2) comparisons of software asset management 10
practices among agencies; 11
(3) the establishment by the Director of proc-12
esses to identify, define, and harmonize common 13
definitions, terms, and conditions under section 4(e); 14
(4) agency compliance with the restrictions on 15
contract support under section 3(b); and 16
(5) other analyses of and findings regarding the 17
plans of agencies, as determined by the Comptroller 18
General of the United States. 19
SEC. 6. NO ADDITIONAL FUNDS. 20
No additional funds are authorized to be appro-21
priated for the purpose of carrying out this Act. 22
Æ
VerDate Sep 11 2014 23:17 Apr 02, 2025 Jkt 059200 PO 00000 Frm 00016 Fmt 6652 Sfmt 6301 E:\BILLS\H2417.IH H2417
kjohnson on DSK7ZCZBW3PROD with $$_JOB