VA software license assessments called out in GAO recommendations
The Department of Veterans Affairs has work to do in assessing its software licenses, the Government Accountability Office said in a report that included four other new priority recommendations to the VA.
The congressional watchdog noted in its release that the VA has implemented six of its 29 open priority recommendations, including the deployment of an automated data tool used to improve acquisition workforce records and taking steps to modernize the agency’s performance management system across the Veterans Health Administration.
Assessing software licenses, however, is something that the VA needs to address, per the watchdog. In January, the GAO issued a report on software licenses throughout the federal government, noting that the VA had neglected to regularly compare software license inventories that are currently used with purchase records.
In the new priority recommendations, GAO noted that the federal government spends more than $100 billion yearly on cyber and IT-related investments.
“Until VA implements this priority recommendation and consistently tracks and compares its inventories of software licenses to with known purchases, it is likely to miss opportunities to reduce costs on duplicative or unnecessary licenses,” the report states.
Other high-risk governmentwide areas that could impact the VA, according to the GAO, are “improving the management of IT acquisitions and operations” and “ensuring the cybersecurity of the nation.”
Charles Worthington, the VA’s chief AI and technology officer, said in a recent interview with FedScoop that he believes the VA’s technical infrastructure “is actually on pretty good footing,” pointing to the agency’s migration to the cloud and using commercial products in the software-as-a-service model, “where it makes sense.”
Other priority recommendations from the GAO cover the VA’s electronic health records (EHR) modernization program, including one that directs the agency to implement “leading practices for change management.” The other nine involve evaluating whether the system is “operationally suitable and effective” to ensure that the system satisfies customer needs, establishing “user satisfaction targets” to protect patients’ health and safety from unnecessary risks, and validating that future systems are not deployed too early.
“Implementing these … recommendations would also help solve existing problems with the system,” the GAO stated.