Insight | February 6, 2017

Software License Management: Move Beyond Compliance for Transformational Benefits

By Kevin Cheung

Properly managing $6 billion in software purchases is no easy task, and requires agencies to take the extra step to move past standard compliance activities. Effective software management compliance requires assembling inventories, analyzing usage data, and leveraging government-wide agreements, but all these activities are just the foundation and good hygiene for software license management. If agencies just do these activities, they will lose out on the larger opportunity. True benefit, both from a cost and IT partnership transformation standpoint, comes from Holistic Software Category Management.

Regulations and Compliance

There is much to improve in how the federal government manages its annual $6 billion+ in software purchases. According to a GAO report, most agencies do not fully manage their software licenses centrally, have an updated software license inventory, or properly use the license data they do have. To address these challenges, OMB published memo M-16-12 in June 2016, and Congress recently passed the Making Electronic Government Accountable by Yielding Tangible Efficiencies (MEGABYTE) Act in July.

OMB M-16-12 and the MEGABYTE Act

The OMB memo directs the 24 CFO Act agencies to:

  • Appoint an agency-wide software manager and supporting team for accountability;
  • Compile a baseline inventory of all commercial software licenses, leveraging automated tools;
  • Analyze the inventory data to ensure compliance with license agreements, consolidate redundant applications, and identify savings opportunities;
  • Use government-wide software agreements rather than developing agency-specific contracts; and
  • Provide a quarterly report to OMB on cost savings and cost avoidance as a result of improved software license management.

The memo also directs the Enterprise Software Category Team (ESCT), a cross-agency team run by GSA, DoD and OMB, to develop new government-wide software agreements, promote existing ones, reduce redundancy in software purchasing vehicles, and share best practices.

The MEGABYTE Act requires OMB to issue a directive to the CIO of each executive agency to develop a comprehensive software licensing policy, including requirements to:

  • Identify clear roles and responsibilities and central oversight authority for managing software licenses;
  • Establish an inventory for 80 percent of software license spend using automated discovery and inventory tools;
  • Regularly track and maintain licenses throughout the software life cycle;
  • Analyze software usage to make cost-effective decisions;
  • Provide software license management training; and
  • Submit a report to OMB on cost savings or cost avoidance from improved software license management each of the following five fiscal years.

It’s Not Easy Being Compliant

There is no quick fix for the complex issue of software management, which entails skilled navigation of decentralized funding approaches, dealing with incomplete or inaccurate software inventory data, and implementation of data analysis tools.

Software is often managed and funded in a decentralized manner, with each bureau or office having significant control over what they buy and how they buy it.  Managers must overcome significant organizational and cultural challenges to centralize management and acquisition of software, despite the IT purchasing authority FITARA legislation grants to agency CIOs.

Additionally, the sheer number of software titles across an agency – as many as hundreds – can pose a challenge, further complicated by an increased use of Software-as-a-Service models. Few large organizations have a central list of all commercial software that is accurate and up-to-date, and the software supplier/publisher often has better data than the agency itself.

Lastly, while agencies have tools to evaluate software inventory, acquiring and properly using these tools can be difficult for software managers. Commercial software, such as Software Assessment Management (SAM) and Continuous Diagnostic and Mitigation (CDM) tools, can often help keep tabs on software and licenses. Like any software tool, however, implementing these new applications will take time and effort, will require disciplined processes for analyzing data and drawing insights, and will need good governance to ensure compliance to new centralized policies and procedures.

No Guts, No Glory: Moving Beyond Compliance for Maximum Payoff

Complying to software management regulations is a key step for healthy software license management.  Tracking and optimizing licenses, preempting audits, and consolidating enterprise license agreements are crucial first steps for good “basic hygiene” in software management.

Removing or reusing unused licenses can unlock savings – savings that can often be significant if licenses have not been managed deliberately.  Conversely, some organizations may find they are actually using more licenses than they are paying for, and discovering license noncompliance proactively is much better than having a software vendor discover this during a software audit.  Consolidating enterprise license agreements, particularly through government-wide purchasing vehicles have been proven to save money for agencies. ESCT and its leaders (GSA, DoD and OMB) are already leading the charge in putting together several government-wide purchasing vehicles, with more to come. A GAO report noted that one agency saved $181 million by consolidating its enterprise license agreements even though its oversight process was ad hoc.

But all these activities are just the foundation and good hygiene for software license management. If agencies just do these activities, they will lose out on the larger opportunity. True benefit, both from a cost and IT partnership standpoint, comes from Holistic Software Category Management.

Holistic Software Category Management

Censeo’s framework for Holistic Software Category Management (Figure 1) covers strategy, tactics and enabler elements. Most organizations tend to focus on the tactics and enabler elements, but often ignore or underplay the strategy. The tactics and enablers are important, and form the foundation of good Software Category Management, but the strategy component is what can drive step-changes in the business requirements and IT partnership.

 

Figure 1: Censeo Framework for Holistic Software Category Management

Software Category Management Tactical Activities

Coordinated Acquisitions ensures individual bureaus and offices use government-wide and agency-wide purchasing vehicles where available instead of setting up their own duplicate software contracts. Leveraging the scale of the enterprise drives better pricing and increased standardization of software terms and conditions. Individual bureaus and offices can often accelerate their acquisition processes by using established purchasing vehicles rather than developing their own from scratch.

License Management tracks the commercial software licenses used across the organization. This includes both Software-as-a-Service licenses and perpetual licenses. Good license management provides visibility into the number of licenses procured, who is assigned to each license, and whether licenses are being used.  It ensures compliance between licenses used and licenses paid, and identifies when unused licenses should be removed in order to avoid unnecessary costs.  When requests come for additional licenses, agencies practicing good license management should know the policies for license reassignment, and look to reuse idle licenses before purchasing additional ones.

Demand Management ensures the volume of licenses required is optimized to the roles and needs of the mission. For example, which users need the Microsoft suite of productivity software? Truck drivers likely do not need PowerPoint, but will need an email address as last minute instructions may be sent to their mobile device. The finance team definitely needs Excel, but do all members of the team (or only managers) need Microsoft Project?  This need can vary by the software lifecycle.  As new software is rolled out, many users may want to use it.  But roles and their subsequent software needs can change over time. As the software matures, actual usage should be reviewed periodically to revise the role to requirements mapping. As software reaches the end of its life, certain roles may move off the software first to both drive earlier savings and simplify downstream migration efforts.

Software Category Management Enabling Activities

The tactical activities are implemented in a scalable and accelerated manner by enablers:

Software License and Usage Data is the foundation for all Software Category Management activities. Elements including software title names (which often change through re-branding or acquisitions), software supplier/publisher names (direct purchase or through resellers), license types, modules purchased, contract/renewal terms, actual usage frequency, and description of use are all important. Data needs to be recent, well organized, and consumable for effective decision-making.

Automation Tools can help gather software license and usage data. Software Asset Management (SAM), Software License Optimization (SLO) or Continuous Diagnostics and Mitigation (CDM) tools may help to gather software inventory information in a more automated fashion. Although it is unlikely that any single tool will be able to automate and gather all the required info, output from these tools should be more accurate and save significant time and effort that would otherwise be spent gathering the information manually and re-working inaccurate data.

Software Management Governance ensures the organization abides by the policies and processes to enable mature software license management. Good governance treats building the Software Category Management capability as a program, and maintains / enforces an approved software list.  Centralizing purchase decisions ensures that requests for new software are compared against the existing list of software, and that new software undergoes the appropriate security and architectural reviews.

Software Category Management Strategy: Portfolio Management

Holistic Software Category Management should not only focus on the tactical and enabling activities, it should also influence the underlying business requirements and transform the organization’s software landscape through Portfolio Management.  Portfolio Management optimizes the software landscape primarily through two strategies: Application Rationalization and Mission-Software alignment.

Application Rationalization ensures that the agency-wide application portfolio is periodically analyzed for software with similar or duplicate functionality, evaluating opportunities to consolidate and minimize complexity.  Many offices and bureaus have a long history of independent IT management (a.k.a. “shadow IT”).  It would not be surprising to discover different software used to accomplish the same function. Back office functions including time and expense tracking, email, and procurement are amongst those that are often duplicated, either with different software providers that effectively perform the same function or the same software deployed in parallel instances.  Consolidating this duplicate software could reduce licensing costs and overall IT complexity.

Mission-Software Alignment manages the tradeoffs to ensure that software is optimally deployed to meet the needs of the mission.  As leadership changes, mission needs evolve, and new vendors emerge, software project requests roll in.  Adding new applications does not simply increase the direct cost associated with the licenses, it increases overall IT complexity.   IT complexity is often an overlooked cost, as it increases cost indirectly through additional IT management overhead, technical integration complexity, and security risk.  A disciplined approach to aligning mission needs and software involves carefully and objectively evaluating the trade-offs of the new software. If an existing piece of software accomplishes 80 percent of the functionality of the new software, how much benefit does the remaining 20 percent drive, and how does this compare to the direct and indirect costs of adding new software?   Of course this alignment process must be managed carefully as to not introduce unnecessary overhead and delay (which is often the perception from the business users, rightly or wrongly).  Considering these tradeoffs is not something that should be done only during the original request for the software.  For example, when modernizing legacy applications, commercial off-the-shelf software (COTS) can often fulfill some of the functions that previously required building a custom piece of software.  If the COTS software can meet 80 percent of the functionality of the legacy app at less cost, is the payoff sufficient for COTS to replace the legacy app?  Is the actual business process that drives the 20 percent still relevant? Can it be changed to remove the underlying requirement or might a manual workaround be acceptable?  What are the risks of customizing to reach the 20 percent? These are all questions and trade-offs that should be analyzed.

Portfolio Management is a cross functional discipline – it lives at the intersection of enterprise architecture, IT-business relationship management, strategic sourcing, and the mission owners. Balancing conflicting stakeholder opinions and priorities can be challenging, but proper execution of portfolio management can help agencies optimize downstream IT requirements, reduce cost and complexity, and improves IT’s ability to (affordably) support the mission.

Conclusion

To optimize software management, federal IT leaders should look beyond compliance and work towards Holistic Software Category Management.   If agencies respond to software management regulations by simply counting licenses, using government-wide purchasing agreements, and performing common-sense license management, savings will be low relative to the overall optimization opportunity.  They will lose out on the opportunities to save money and truly transform the software landscape aligning to their mission.