Insight | August 11, 2016

Reality Bytes: Making Sense of the MEGABYTE Act for Better Software License Management

By Curt Cote , Kevin Cheung and Kelly Hahn

Read more about Censeo’s IT Enterprise Agreement offerings. 

What is the MEGABYTE Act?

On July 29, 2016, President Obama passed the Making Electronic Government Accountable by Yielding Tangible Efficiencies (MEGABYTE) Act, originally introduced by Sens. Bill Cassidy (R-LA) and Gary Peters (D-Mich.)

The MEGABYTE Act effectively requires the CIO of each executive agency to develop a comprehensive software licensing policy, including requirements to:

  • Identify clear roles and responsibilities and central oversight authority for managing software licenses;
  • Establish an inventory for 80 percent of software license spend using automated discovery and inventory tools;
  • Regularly track and maintain licenses throughout the software life cycle;
  • Analyze software usage to make cost-effective decisions;
  • Provide training relevant to software license management; and
  • Submit a report to OMB on cost savings or cost avoidance from improved software license management each of the following five fiscal years.

Software Licensing Context

Following the 2014 Government Accountability Office (GAO) report, which highlighted challenges faced by agencies in managing software licenses, federal regulators and legislators have released a stream of recommendations, guidelines, and policies to improve software license management. The government spends $9 billion annually on software, and agencies have achieved savings of as much as 60 percent when comprehensive software license management programs are implemented. This new focus on regulation, oversight, and institutionalization of software programs is a welcome shift for both taxpayers as well as for CIOs, who are trying to make the best use of their budgets.

In June, OMB released a memorandum instructing agencies to appoint a “software manager” responsible for managing agency software agreements and licenses, developing an inventory of software licenses, and implementing a “software management centralization plan” to reduce costs.

MEGABYTE Act and the OMB Memorandum

The MEGABYTE Act builds on the OMB memorandum. However, there are a number of key differences between the Act and the memorandum that federal CIOs must incorporate into their 2017 plans:

  • The Act applies to all executive agencies (e.g., USPS, Smithsonian Institute, SEC, FCC), not just the 24 CFO Act agencies which are covered by the OMB memo.
  • The Act requires CIOs (through a forthcoming OMB directive) to develop a governance structure for managing software licenses. The OMB memo does not require agencies to develop a governance structure.
  • The Act elevates the accountability of developing a software policy from the software manager to the CIO. Of course, CIOs can still delegate the role, but it is the CIO who is ultimately accountable to comply with the law.
  • The Act specifies that CIOs inventory 80 percent of their software license spending using “automated discovery” tools. This stipulation sets an unusual level of specificity in how agencies should fulfill federal IT monitoring and evaluation requirements.
  • The Act requires agencies to provide software license management training, although it does not define who should receive the training.

The Road Ahead of Agency Leaders

While CIOs have years of experience navigating new and complex technology landscapes, the specificity and intensity of the Act can mean uncharted territory for even the most seasoned executives. CIOs, and those responsible for implementing the guidelines set out by the MEGABYTE Act, should consider the following questions when drafting a road map for software management success:

  • How will we set our goals, and measure progress towards those goals?
  • What tools will we use for automated discovery?
  • What level of software license management training is sufficient and valuable, and who should receive this training?
  • What strategies will we use to reduce redundancies and lower costs?

 

Realistically, CIOs will not have the bandwidth to answer these questions themselves. Delegating this responsibility is a crucial task in and of itself, and the first step of successful implementation of the Act is choosing the best point-person to oversee key objectives. The person appointed as the executor of the Act would ideally be a GS 14/15, and have:

  • A track record of analyzing complex data and developing strategic plans;
  • A deep understanding of the intricacies of software licensing models and Terms & Conditions; and
  • An ability to work with stakeholders across the organization, including IT, acquisition, and finance.

 

These skills are necessary both to fulfill administrative responsibilities of the Act, as well as to ensure the agency’s software license management program aligns with its broader IT architecture and financial management model. By finding the right leader for implementing the MEGABYTE Act, CIOs can ensure not only compliance with the Act, but also support for forward-thinking policies that bring federal technology practices and management into the 21st century.