Software License Management

Number: 2108.2 CIO
Status: Active
Signature Date: 12/21/2018
Expiration Date: 12/21/2025

1.  Purpose. This Order consolidates software license management and implements a software license management program. It establishes software license management roles, responsibilities, and procedures.

2.  Background.  

     a.  The creation of the Office of GSA IT (GSA IT) and the consolidation of Information Technology (IT) in GSA set the framework to consolidate and centralize various IT functions. The objective of software license management is to manage, control, and protect software assets including management of the risks arising from the use of those software assets.

     b.  OMB Memorandum M-16-12, Category Management Policy 16-1:  Improving the Acquisition and Management of Common Information Technology:  Software Licensing dated June 2, 2016, requires agencies to have a software management program and a designated central oversight authority to manage software agreements. A centralized software management approach will optimize utilization of commercial and Commercial Off The Shelf (COTS) software licenses and maximize the use of best-in-class software purchasing and management solutions.

3.  Cancellation.  This Order supersedes CIO 2108.1, Software License Management, dated September 22, 2015.

4.  Explanation of Change.

     a.  This policy is being updated to reflect changes to the IT Standards Process, which has been transferred to the Chief Technology Officer’s area of responsibility. This update also describes the integration of Software License Management as part of the overall review, approval, and management of GSA software licenses.

5.  Scope and applicability.

     a.  This Order is applicable to all Heads of Service and Staff Offices (HSSOs) and Regional Offices acquiring or using IT in the conduct of GSA business.  As specified in their respective contracts or operating agreements, the requirements of this order also apply to contractors or other third parties who access GSA IT resources to conduct business on behalf of, or with, GSA or GSA-supported Government organizations, and to all GSA IT resources which process or store GSA data, whether leased or owned.  

     b.  IT within the scope of this policy includes: applicable software and applicable cloud services as referenced in CIO 2160.1F CHGE 2, GSA Information Technology (IT) Standards Profile paragraph 2.c and 2.d.

     c.  This policy applies to the Office of Inspector General (OIG) only to the extent that the OIG determines it is consistent with the OIG’s independent authority under the IG Act and it does not conflict with other OIG policies or the OIG mission.

     d.  This policy applies to the Civilian Board of Contract Appeals (CBCA) only to the extent that the CBCA determines it is consistent with the CBCA's independent authority under the Contract Disputes Act and other authorities and it does not conflict with the CBCA's policies or the CBCA mission.

6.  Responsibilities.

     a.  GSA IT is responsible for:

          (1)  Appointing a software manager that is responsible for managing, through policy and procedure, all agency-wide commercial and COTS software agreements and licenses.  The software manager shall report to the agency Chief Information Officer (CIO) and will work in collaboration with the offices of the CIO, the Chief Financial Officer, and other organizations as appropriate. The software manager shall lead the agency-wide effort to centralize license management, implement strategies to reduce duplication, ensure the adoption of software management best practices, and participate in the Enterprise Software Category Team (ESCT) as defined in M-16-12.

          (2)  Acquiring enterprise software and maintaining a continual agency-wide inventory of software licenses, including all licenses purchased (by GSA or for GSA by contractors), or in use, as well as spending on subscription IT services (to include provisional (i.e., cloud) software as a service (SaaS) agreements).

          (3)  Analyzing inventory data to ensure compliance with software license agreements, consolidate redundant applications, and identify other cost-saving opportunities.

     b.  HSSOs are responsible for:

          (1)  Reporting licensing information to GSA IT Asset Management Branch. See the Software License page on InSite for details. 

          (2)  Following the IT Standards Profile process outlined in  2160.1F CHGE 2, GSA Information Technology (IT) Standards Profile before acquiring IT.

          (3)  Providing support to the ESCT as defined in M-16-12.

7.  Policy.

     a.  Per CIO 2160.1F CHGE 2, GSA IT Standards Profile, only software that has been approved for use in the IT Standards Profile may be acquired and installed for use in the GSA IT environment.

     b.  Per CIO 2100.1N, GSA Information Technology (IT) Security Policy, only GSA IT designated personnel have the administrative rights to install software on GSA IT hardware including laptops, desktops and servers.

     c.  Per General Services Acquisition Manual (GSAM) GSAR 511.171 Part 511 the Contracting Officer or purchase card holder responsible for acquiring the IT software or cloud services must ensure that the language identified in GSAR 511.171 is incorporated into any applicable contracts.

8.  Contacts.

     a.  GSA IT Service Desk: 866-450-5250 or

     b.  Chief Technology Officer: