HASC cyber subcommittee pushes mandatory legacy IT audit in defense bill

US Army flickr NCO Academy Teaches Leadership in Virtual Environment 

Optional caption goes here. Optional caption goes here. Optional caption goes here. Optional caption goes here.

The military services could be required to audit its legacy IT systems and software as part of a proposal to be considered in the 2022 defense authorization bill.

The Subcommittee on Cyber, Innovative Technologies, and Information Systems for the House Armed Services Committee is proposing a mandate that would require "each military service initiate an effort to account for the legacy information technology (IT) systems, applications, and software."

The goal is to sniff out "redundant and unnecessary investments" that can be retired or managed differently so freed up funds can be reinvested into the Defense Department's other priorities, mimicking what the Navy set out to do with its Operation Cattle Drive effort announced in December.

House Armed Services Committee aides told reporters July 27 that this is the primary cybersecurity effort in the subcommittee mark, but other cybersecurity measures could come as part of the chairman's mark. The House is expected to mark up its version of the 2022 National Defense Authorization Act in September.

The draft legislation, which is scheduled to be marked up in subcommittee July 28, also includes several other provisions aimed at easing the acquisition when it comes to buying new technologies, getting them from the lab to the battlefield, and increasing the talent pool for researchers.

The mark includes a provision giving the defense secretary the power to expand the Defense Innovation Unit's footprint across the country "to engage and collaborate with private sector industry, and communities in regions that do not otherwise have a DIU presence," but the measure is subject to appropriations. The subcommittee also directed a report on the agency's authority, size, resources, and personnel composition to make sure it can accomplish its mission.

Additionally, the draft calls for a five-year pilot program to help improve the transition of prototypes from science and technology programs to full-scale implementation, a problem often referred to as the "valley of death". That pilot would include a "partnership intermediary" to help potential partners, such as startups and other small businesses, connect with those with buying authority in DOD.

About the Author

Lauren C. Williams is senior editor for FCW and Defense Systems, covering defense and cybersecurity.

Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.

Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at [email protected], or follow her on Twitter @lalaurenista.

Click here for previous articles by Wiliams.


  • Acquisition
    Shutterstock ID 169474442 By Maxx-Studio

    The growing importance of GWACs

    One of the government's most popular methods for buying emerging technologies and critical IT services faces significant challenges in an ever-changing marketplace

  • Workforce
    Shutterstock image 1658927440 By Deliris masks in office coronavirus covid19

    White House orders federal contractors vaccinated by Dec. 8

    New COVID-19 guidance directs federal contractors and subcontractors to make sure their employees are vaccinated — the latest in a series of new vaccine requirements the White House has been rolling out in recent weeks.

Stay Connected