The Strengthening Agency Management and Oversight of Software Assets Act requires every executive-branch agency to perform a comprehensive, government-wide inventory of software paid for, in use, or deployed across the agency and to convert that inventory into a multi-part modernization plan. The law sets concrete deadlines for completion, requires agency heads to submit assessments to OMB, GSA, GAO, and congressional oversight committees, and directs OMB and GSA to harmonize definitions and issue government-wide recommendations.
This bill matters because it centralizes visibility and decision-making about software entitlements under agency CIOs and OMB coordination, formalizes cost accounting for cloud and license-related fees, and aims to drive enterprise licensing, interoperability, and cost reductions. At the same time, it creates an unfunded compliance burden and shifts procurement control away from program offices — a change that will affect acquisition strategy, vendor relationships, and agency IT operations.
At a Glance
What It Does
The bill requires agencies to complete a comprehensive software assessment within 18 months and to produce a detailed modernization plan within one year after submitting that assessment. It prescribes what must be inventoried (entitlements, contracts, hidden fees, interoperability limits), limits who may perform assessments (no organizational conflicts), and mandates submission of results to OMB, GSA, GAO, and relevant congressional committees.
Who It Affects
Chief Information Officers, Chief Acquisition Officers, Chief Data Officers, and Chief Financial Officers at federal agencies will carry the main obligations, while bureau and program managers face new constraints on unilateral software purchases. Software vendors and cloud providers will be subject to renegotiation pressure as agencies pursue enterprise licensing and cost transparency. OMB, GSA, and GAO gain centralized oversight roles.
Why It Matters
By standardizing inventories and forcing agencies to quantify total license and cloud costs, the bill seeks to uncover duplication and reduce avoidable spending across the federal government. It also changes procurement leverage: agencies that implement enterprise licensing and interoperable approaches could reduce costs long-term, but the shift also concentrates negotiating power and alters how program offices access software.
More articles like this one.
A weekly email with all the latest developments on this topic.
What This Bill Actually Does
The Act creates two linked duties for agencies: first, produce a detailed inventory of all software paid for by or used in the agency; second, convert that inventory into a time‑bound modernization plan. The inventory requirement is specific — agencies must list software entitlements, contracts and agreements, the largest entitlements by provider and category, hidden or incremental fees (including cloud usage charges and upgrade costs), interoperability limitations, and an analysis of license management and compliance.
Agencies may hire contractors to perform these assessments, but those contractors cannot have organizational conflicts of interest and must remain operationally independent from the agency’s software operations.
After completing the assessment, the agency CIO must submit it up the chain: to the agency head and, within 30 days, to OMB’s Director, the GSA Administrator, the Comptroller General, and the congressional oversight committees identified in the bill. The intelligence community follows a parallel but segregated path — each element conducts its own assessment under statutory security protections and submits a summary to OMB and the intelligence committees.Using the assessment, agency CIOs — working with CFOs, CAOs, and Chief Data Officers — must develop a plan that targets consolidation (including enterprise licensing), automates license discovery and management, trains acquisition and program staff on software negotiation and license types, and quantifies both the upfront and lifecycle costs of software, including cloud-related fees.
The plan must also include strategies to reduce license restrictions that limit deployment, access, or data ownership and must estimate the resources required to carry out remediation.OMB (the Director), in coordination with GSA and the relevant interagency councils, must standardize terms and reporting, share best practices, and produce a government-wide report within two years with recommendations to increase interoperability, consolidate licenses, lower costs, and modernize software oversight. The Comptroller General will follow up with a government-wide evaluation of trends, agency compliance with contract support limitations, and plan effectiveness within three years.
Notably, the Act contains a ‘‘no additional funds’’ clause, leaving agencies to implement these new duties within existing budgets.
The Five Things You Need to Know
Agencies must complete a comprehensive software assessment within 18 months of enactment, covering entitlements, contracts, hidden fees (including cloud usage), and interoperability limits.
Within 30 days of receiving an agency’s assessment, the agency head must submit it to OMB’s Director, the GSA Administrator, the Comptroller General, and specified congressional oversight committees.
Agencies must produce and submit a detailed software modernization plan within 1 year after submitting their comprehensive assessment; plans must address consolidation, automation, training, and lifecycle cost estimates.
The bill requires that contractors performing assessments have no organizational conflicts of interest and maintain operational independence from the agency’s software operations.
The Act authorizes no additional appropriations for implementation — agencies must absorb compliance work within existing budgets.
Section-by-Section Breakdown
Every bill we cover gets an analysis of its key sections.
Definitions and scope
Section 2 defines key terms—Administrator (GSA), Director (OMB), agency (excluding intelligence community elements), cloud computing, cloud service provider, software entitlement, and software inventory. The statutory definitions set the perimeter for which assets, vendors, and offices fall under the law and clarify that the intelligence community follows an adapted process that preserves classified protections.
Comprehensive software assessments and reporting
This section requires agency CIOs, in consultation with CFOs, CAOs, Chief Data Officers, and General Counsel, to complete a multi-part inventory within 18 months documenting current software, entitlements, contracts, hidden or incremental costs (e.g., cloud usage and upgrade fees), largest entitlements by provider and category, interoperability, and license-management compliance. Agencies may contract for support, but contracts must avoid organizational conflicts; contractors must remain operationally independent from day-to-day software operations. Once the internal review team signs the assessment, the CIO submits it to the agency head, who has 30 days to forward it to OMB, GSA, GAO, and specified congressional committees.
Agency software modernization plans and centralized approval
Using assessment outputs, agency CIOs must develop plans to consolidate entitlements, adopt cost-effective acquisition strategies (including enterprise licensing), automate license discovery and management, and train staff on negotiation, license types, and cost forecasting. The plan must estimate conversion costs, projected savings, and identify mitigations for contract provisions that limit deployment or data access. Critically, the bill restricts bureaus and components from acquiring or leveraging software entitlements without CIO approval, shifting procurement gatekeeping to the enterprise CIO in consultation with the CAO.
OMB/GSA coordination and government-wide harmonization
OMB, working with GSA and interagency CIO/CAO/CFO/Data Officer councils, must harmonize definitions, reporting formats, and standards to ensure assessments and plans are comparable across agencies. Within two years, OMB and GSA must report recommendations to Congress on leveraging procurement policies to increase interoperability, consolidate licenses, reduce costs, and modernize management—turning agency-level inventory work into government‑wide procurement strategy.
GAO review and funding constraint
GAO must issue a government-wide report within three years analyzing trends, agency comparisons, compliance with the contractor-conflict and operational independence rules, and plan outcomes. Section 6 explicitly states no additional funds are authorized for implementation, which means agencies must implement assessments and plans with existing resources and staff unless they reallocate or reprogram funding under other authorities.
This bill is one of many.
Codify tracks hundreds of bills on Technology across all five countries.
Explore Technology in Codify Search →Who Benefits and Who Bears the Cost
Every bill creates winners and losers. Here's who stands to gain and who bears the cost.
Who Benefits
- Office of Management and Budget (Director): Gains standardized, comparable inventories and plans across agencies, improving OMB’s ability to coordinate software procurement policy and negotiate government-wide approaches.
- Agency Chief Information Officers and Chief Acquisition Officers: Receive enterprise-level authority and a data-driven basis to consolidate licenses, reduce duplication, and pursue enterprise licensing arrangements that can lower per-seat costs.
- Taxpayers and budget planners: Potential long-term savings through reduced duplication, clarified cloud usage billing, and negotiated enterprise contracts; better visibility into lifecycle software costs supports more accurate budgeting.
- Cybersecurity and IT operations teams: Improved asset visibility and automated discovery tools facilitate patching, vulnerability management, and interoperability planning across agency systems.
Who Bears the Cost
- Agency program and bureau offices: Face limits on their ability to independently acquire or deploy software; must obtain CIO approval, which can slow procurement and constrain program agility.
- Federal agencies broadly: Must shoulder the workload of inventories, contracting for independent assessments, remediation, automation, and staff training within existing budgets because the Act authorizes no additional appropriations.
- Software vendors and cloud providers: May face renegotiation pressure, consolidation of licenses, requests for greater transparency on usage-based fees, and demands to remove deployment or data‑access restrictions.
- Acquisition offices and contracting officers: Must adopt new procurement criteria, pursue enterprise licensing options, and ensure contract language avoids hidden fees and restrictive clauses, increasing short-term transaction and negotiation costs.
Key Issues
The Core Tension
The central dilemma is whether stronger central oversight — standardized inventories, CIO-controlled acquisition, and OMB/GSA harmonization — will produce meaningful cost reductions and improved security, or whether it will instead impose unfunded administrative burdens, slow mission delivery, and concentrate procurement power in ways that reduce program flexibility and vendor competition.
The Act centralizes authority and information about software entitlements but provides no designated funding stream to do so. Agencies must perform time-consuming inventories, procure independent assessment contractors (subject to conflict restrictions), implement discovery and automation tools, and retrain acquisition staff without additional appropriations—creating a material implementation risk.
Agencies with brittle staffing or legacy financial systems may produce incomplete inventories, undermining the OMB/GSA harmonization effort.
The bill also trades program-level flexibility for enterprise control. Requiring CIO approval for bureau-level acquisitions can reduce duplication and increase negotiating leverage, but it may slow mission-critical procurements and create friction between program managers and enterprise IT.
Separately, the intelligence community exemption for direct oversight preserves security, but it also means OMB and congressional oversight will see only summaries, which could limit government-wide comparisons. Finally, mandating contractor independence reduces conflict risk but may exclude firms with the deepest operational experience, making some assessments less informed.
The Act contains no enforcement mechanism, civil penalties, or dedicated funding, leaving follow-through to OMB, GSA, and congressional pressure.
Try it yourself.
Ask a question in plain English, or pick a topic below. Results in seconds.