An audit report showed the space agency spent an additional $20 million over the same period in fines and overpayments to vendors such as IBM, SUSE, and SAP among others. Credit: NASA / Roscosmos All Posts The US National Aeronautics and Space Administration (NASA) has overspent about $15 million on Oracle software over the past five years because it lacked a centralized software asset management practice, according to an audit report published by the space agency’s office of the inspector general (OIG). The report attributes the huge over-expenditure to vendor lock-in and NASA’s unwillingness to risk a license audit by Oracle because of its lack of visibility into software management. Vendor lock-in, according to the report, is a situation when an enterprise customer using a product or service cannot easily transition to a rival product or service. “NASA purchased large amounts of Oracle products to support Space Shuttle processing and other mission operations during that timeframe containing licensing terms that made transitioning to a competitor difficult due to proprietary technologies,” the OIG wrote in the report. NASA was unwilling to commit to an Oracle audit as it was scared that the resultant penalties from the audit would cost more than the $15 million, the report showed. “OCIO (office of the chief information officer) officials explained that they ‘knew better than to try our luck with an audit.’ Simply put, merely the potential threat of being audited by the vendor encouraged overbuying when the accuracy of agency software asset management was suspect,” the report said. An email sent to Oracle about easing “lock-in” practices didn’t immediately receive a response. Non-existence of a software asset management (EAM) program The space agency’s problem, according to the report, is the absence of a centralized software asset management practice and its current “ad-hoc” practices, which could expose NASA to operational, financial, and cybersecurity risks. Software asset management is the practice of controlling and optimizing the purchase, deployment, maintenance, and utilization of software applications or suites in an organization or institution. “Efforts to implement an enterprise-wide software asset management program have been hindered by both budget and staffing issues and the complexity and volume of the agency’s software licensing agreements,” the OIG wrote in the report, giving the agency’s software management practices a “basic” rating—the lowest rating as per the International Organization for Standardization. The agency uses over 49,000 desktops, laptops and engineering computers. Further, the report showed that NASA was years away from moving to an enterprise computing model and was in violation of the federal policy to implement a centralized software asset management program that tracks inventory and license data. “We also found internally developed mission and institutional software applications suffer from a lack of centralization and inventory visibility, limiting the agency’s ability to identify duplicative or obsolete software,” the OIG wrote. In addition, NASA’s current organizational setup, which is against federal policy, hinders the effective implementation of a centralized software management policy. “The agency’s software asset management office and software manager positions are misaligned and do not report to the chief information officer as required by federal policy,” the OIG wrote as part of the report. Other challenges plaguing the space agency includes inconsistent processes for legal representation during software contract negotiations or vendor audits, unsupervised training software and unsupervised software buying. These challenges expose the agency to increased costs because of penalties for violations of software licensing agreements, the report showed. “NASA has failed to implement processes necessary to manage financial risks as software purchases are not sufficiently tracked and authorized by the Office of the Chief Information Officer (OCIO)—allowing some users to bypass OCIO authorization (and software asset management team scrutiny) to purchase software through alternative means such as purchase cards,” the OIG wrote. NASA overspent more than $35 million The OIG also pointed out an additional $20 million expense in fines and overpayments, which could have been avoided. “We estimate the agency could have saved approximately $35 million ($20 million in fines and overpayments and $15 million in unused licenses) and moving forward could save $4 million over the next 3 years by implementing an enterprise-wide software asset management program,” the OIG report said. According to the OIG’s analysis, almost 11,000 users, between 2020 and 2022, were granted privileged access (the ability to control one’s computer system akin to administrative rights) to download software at will due to operational constraints and delay in funding. In 2017, NASA had to pay $18.9 million to IBM post an audit to bring its software usage in compliance with license agreements. In 2021, multiple vendors such as SAP, Dassault and Ansys, collectively were paid about $4.4 million by the agency to settle software usage penalties. NASA ENDS Related content brandpost Sponsored by Cisco Transform the modern data center: From today to the future Embrace agility, elasticity, and cognitive intelligence capabilities for a data center strategy that’s performance-ready and sustainable for the future. By Murali Gandluru May 02, 2024 4 mins Networking brandpost Sponsored by TCS and Microsoft 5 keys to optimizing ROI on your Cloud Center of Excellence 5 keys to optimizing ROI on your Cloud Center of Excellence CoE adoption is on the rise – but success means evaluating relevance, staying connected, building a strong team, continuous innovation, and transforming culture. By Tata Consultancy Services May 02, 2024 2 mins Manufacturing Industry Cloud Computing brandpost Sponsored by TCS and Microsoft Best practice advice for improving productivity while maintaining security The modern “borderless workplace” requires a new strategy. Microsoft and TCS are answering the challenge with innovation solutions. By Tata Consultancy Services May 02, 2024 1 min Manufacturing Industry Microsoft Cloud Computing brandpost Sponsored by TCS and Microsoft Powering sustainability success with Microsoft Cloud Learn how investing in the right technology can create a greener future. By Tata Consultancy Services May 02, 2024 1 min Manufacturing Industry Green IT PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe