Lawmakers propose mandatory legacy IT audit in NDAA
- By Lauren C. Williams
- Jul 28, 2021
The military services could be required to audit its legacy IT systems and software as part of a proposal to be considered in the 2022 defense authorization bill.
The Subcommittee on Cyber, Innovative Technologies, and Information Systems for the House Armed Services Committee is proposing a mandate that would require "each military service initiate an effort to account for the legacy information technology (IT) systems, applications, and software."
The goal is to sniff out "redundant and unnecessary investments" that can be retired or managed differently so freed up funds can be reinvested into the Defense Department's other priorities, mimicking what the Navy set out to do with its Operation Cattle Drive effort announced in December.
House Armed Services Committee aides told reporters July 27 that this is the primary cybersecurity effort in the subcommittee mark, but other cybersecurity measures could come as part of the chairman's mark. The House is expected to mark up its version of the 2022 National Defense Authorization Act in September.
The draft legislation, which is scheduled to be marked up in subcommittee July 28, also includes several other provisions aimed at easing the acquisition when it comes to buying new technologies, getting them from the lab to the battlefield, and increasing the talent pool for researchers.
The mark includes a provision giving the defense secretary the power to expand the Defense Innovation Unit's footprint across the country "to engage and collaborate with private sector industry, and communities in regions that do not otherwise have a DIU presence," but the measure is subject to appropriations. The subcommittee also directed a report on the agency's authority, size, resources, and personnel composition to make sure it can accomplish its mission.
Additionally, the draft calls for a five-year pilot program to help improve the transition of prototypes from science and technology programs to full-scale implementation, a problem often referred to as the "valley of death". That pilot would include a "partnership intermediary" to help potential partners, such as startups and other small businesses, connect with those with buying authority in DOD.
This article first appeared on FCW, a partner site to Defense Systems.
Lauren C. Williams is senior editor for FCW and Defense Systems, covering defense and cybersecurity.
Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.
Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at [email protected], or follow her on Twitter @lalaurenista.
Click here for previous articles by Wiliams.