Senate bill would push replacement of legacy IT systems
Sen. Maggie Hassan (D-N.H.) hears testimony at a Senate hearing about the Colonial Pipeline cyberattack in June 2021. Graeme Jennings/Getty Images
By
Chris Riotta
A new bipartisan bill would effectively force agencies to identify and replace their critically outdated legacy information technology systems while drafting new modernization plans with the help of the Office of Management and Budget.
A new bill introduced on Wednesday seeks to force agencies into modernizing their outdated information technology systems, while requiring officials to write up plans and additional guidance to update and dispose of those legacy systems.
The Legacy IT Reduction Act of 2022 effectively aims to make the modernization of federal legacy IT systems mandatory. Introduced by Sens. Maggie Hassan (D-NH) and John Cornyn (R-Texas), the bill would require agencies to identify and create an inventory of all legacy IT systems.
The Office of Management and Budget is tasked under the bill with creating guidance to instruct agencies on the best methods for identifying and replacing their legacy IT systems.
Agencies would also be required to include comprehensive information in their inventories about any legacy IT systems currently in use, including contractor and ownership information, operation and maintenance costs, and how the systems support mission objectives.
Hassan said in a statement announcing the bill that modernizing government legacy IT systems will "save taxpayer dollars, strengthen cybersecurity, and improve Americans’ interactions with federal agencies."
"This commonsense, bipartisan bill...will help ensure that the federal government isn’t wasting taxpayer dollars or risking a cyberattack simply because it hasn’t updated the necessary technology systems," she said. "This bipartisan bill will help ensure that agencies act to update critical technology and better serve the American people.”
Within 180 days of its passage, OMB would be required to issue new guidance featuring a definition for a "legacy information technology system" and instructions on how to update outdated technology.
Agencies will then be required to submit modernization plans within two years, and every five years later, detailing efforts to modernize and replace their existing legacy IT systems.
Sen. Hassan has pushed for increased transparency and oversight of agency modernization plans. The senator requested responses from 10 agencies in 2020 detailing plans to address their critically aging and most outdated IT systems and convened a series of hearings to address the issue and challenges around modernizing legacy IT systems.
Ross Nodurft, executive director of the Alliance for Digital Innovation, told FCW in an email that his group "strongly supports continued efforts to drive IT Modernization across the federal government." Nodurft added: "In general, we support additional resourcing for agencies to update their legacy technology. Any legislation that Congress passes should reduce the barriers – whether resourcing barriers or process barriers – to replacing legacy technology with more modern, secure commercial solutions."