"I would say that the vast majority of large organizations face identical issues," he added. "I have yet to see a large organization that has a single, integrated, overarching software license management tracking and control system."
Software licensing in federal agencies has been a long-standing problem, said Keith Kupferschmid, general counsel and senior vice president for intellectual property and enforcement for the Software & Information Industry Association (SIIA). "For many years now, we have been pushing the federal government to make sure it has adequate, effective software compliance procedures in place," he said in an interview.
Although efforts to end software piracy within federal agencies go back to the Clinton years, government action has been slow. "It's just in the beginning of setting up a formal process to make sure it's software and content compliant," Kupferschmid said.
Nevertheless, the TIGTA audit and IRS response show that there's a system in place that's yielding results, argued Matt Reid, senior vice president for external affairs at the Business Software Alliance (BSA).
"The Treasury Inspector General's report is an example of good government in action," he wrote in an email. "There are executive orders and other federal policies in place that require U.S. government agencies to use properly licensed software, so they conduct audits like this to make sure it's happening.
"When they identify a shortfall," he continued, "they ensure corrective action is taken. The Treasury IG's report and the IRS CTO's response make clear that's what is happening here."
One software trend among federal agencies is to use cloud-based services, which could reduce the number and complexity of administering software licenses. Cloud software, though, has its own set of piracy problems.
"Now, we talk about having a license for five copies and using 10," Kupferschmid explained. "In the future, with cloud computing, you don't have that problem. You have a different problem. You have people sharing access, sharing passwords."
Sign up for Computerworld eNewsletters.