Federal Agencies Lag in Software License Management per GAO

Published: May 27, 2014

Acquisition ReformOMBStrategic SourcingWaste, Fraud, and Abuse

Federal agencies spend more than $80 billion on IT each fiscal year, much of it on software licenses. Given budget pressures, the effective management of the thousands of software licenses could result in significant economies and budget savings. But a new Government Accountability Office (GAO) report shows that agencies have a long way to go in effectively managing software.

In a recently published report, GAO found that the majority of agencies have some software license management policies, but they are not comprehensive. Further, OMB has not established directive policy guidance on licensing management policy. Therefore, GAO assessed agencies based on seven elements that they identified that a comprehensive software licensing policy should specify (emphasis added):

  • Identify clear roles, responsibilities, and central oversight authority within the department for managing enterprise software license agreements and commercial software licenses;
  • Establish a comprehensive inventory (80 percent of software license spending and/or enterprise licenses in the department) by identifying and collecting information about software license agreements using automated discovery and inventory tools;
  • Regularly track and maintain software licenses to assist the agency in implementing decisions throughout the software license management life cycle;
  • Analyze software usage and other data to make cost-effective decisions;
  • Provide training relevant to software license management;
  • Establish goals and objectives of the software license management program; and
  • Consider the software license management life-cycle phases (i.e., requisition, reception, deployment and maintenance, retirement, and disposal phases) to implement effective decision making and incorporate existing standards, processes, and metrics.

GAO reviewed 24 agencies’ policies on software license management against these seven elements and gave each a composite assessment. (See table below.)

Composite GAO Assessment of 24 Agencies’ Policies on Managing Software Licenses


? Fully—the agency provided evidence that it fully addressed the seven elements of a comprehensive software license policy.

? Partially—the agency provided evidence that it addressed some, but not all, of the seven elements of a comprehensive license policy.

? Not—the agency did not provide any evidence that it addressed any of the seven elements of a comprehensive license policy.

Only two agencies – DHS and Labor – have developed comprehensive policies for managing software licenses. At the other end, four agencies – Commerce, HHS, Interior, and NSF – had not developed any department-wide policies for managing software licenses. The rest fell in between.

GAO recommended that OMB issue a directive to the agencies on developing comprehensive software licensing policies comprised of the seven elements identified by GAO. OMB’s existing PortfolioStat and Strategic Sourcing initiatives give leeway to agencies to determine what priority software licenses receive in the reviews, which means much more could be done on software efficiencies.


GAO noted that the wide variance in the form and completeness of data provided by agencies regarding their most widely used applications made it impossible to accurately determine the most widely used software applications across the government, including the extent to which these were over and under purchased.

Further, the limited or outright lack of agency oversight of software license spending means they are likely missing significant opportunities to save money. GAO noted some positive examples, including where DHS’s negotiated enterprise licensing agreements led to cost avoidance of $181 million in FY 2012. Further, DHS estimated future savings of around $376 million from FY 2013 to FY 2015. Extrapolated across all departments, that could free up billions of dollars in savings each year to be reinvested in other areas of IT or repurposed to other missions.