2. Scope and Applicability
The requirements outlined in this policy apply to all covered agency agreements that (1) relate to Federally-procured software solutions; and (2) include requirements for, or may result in, custom-developed source code. Source code developed for National Security Systems, as defined in 44 U.S.C. ยง3542, is exempt from the requirements of this policy. For National Security Systems, agencies shall follow applicable statutes, Executive Orders, directives, and internal agency policies.
This policy does not require that existing custom-developed source code created by third party developers or vendors for the Federal Government be retroactively made available for Government-wide reuse or as OSS; however, making such code available for Government-wide reuse or as OSS, to the extent permissible under existing contracts or other agreements, is strongly encouraged. This policy also does not apply to software code whose development was not paid for by the Federal Government, even if later procured by the Federal Government (e.g., Microsoft Word).
Furthermore, this policy applies to all custom code created by covered agency employees in the course of their official duties, subject to certain exceptions noted below. For such code, it is encouraged that covered agencies apply the requirements of this policy retroactively to the extent practicable.
The covered agencies’ Chief Information Officers (CIO), Chief Acquisition Officers (CAO) and other key stakeholders shall immediately begin working together to implement this guidance.