Defense program managers are being asked to deliver measurable software outcomes, accelerate modernization, and hold contractors accountable for progress that survives beyond the next sprint demo. The problem is that many software-intensive programs are still managed through indirect evidence: contractor status reports, sprint reviews, Jira summaries, IMS updates, risk registers, and PowerPoint briefings.

Those artifacts show activity, reported progress, planned milestones, and visible delivery. They often don’t show the condition of the codebase the government will inherit, sustain, modernize, and depend on for years.

That creates a dangerous blind spot. A program can look green while the codebase is becoming harder to change, harder to test, harder to transfer, and harder to sustain.

Technical debt, fragile modules, weak maintainability, knowledge concentration, rework patterns, and uneven contractor performance often stay invisible until they become schedule slips, expensive sustainment, failed transitions, painful recompetes, or modernization drag. By that point, the PMO is usually reacting to a problem that has been compounding for months or years.

This session makes the case that technical debt should be treated as program risk. Program managers don’t need to read source code, but they do need objective evidence derived from the codebase. Maintainability trends, contributor concentration, module-level risk, code ownership patterns, team comparisons, and rework indicators can help PMOs detect risk earlier and manage contractor performance with evidence instead of instinct.

The session will show how code-derived evidence can strengthen oversight across the program lifecycle: pre-award contractor evaluation, active development monitoring, pre-delivery acceptance, sustainment planning, transition risk management, and recompete decisions. It will also explain why labor categories don’t prove capability, why contractor status reporting doesn’t equal software health, and why maintainability should become a routine part of program reviews.

Attendees will leave with a practical framework for asking stronger software oversight questions. Is the codebase becoming easier or harder to change? Which modules are creating the most future sustainment risk? Where is critical knowledge concentrated? Which contractor teams are improving, and which are creating future O&M exposure? What evidence proves the software is more sustainable than it was 6 months ago?

The goal is responsible oversight of long-lived software. If defense PMOs are expected to manage outcomes, they need evidence that goes deeper than reported status. The codebase already contains many of the signals PMOs need. The next step is translating those signals into program management insight. 

Target audience:
Program Managers, Deputy Program Managers, PEO staff, acquisition leaders, technical directors, contracting officers, systems engineers, software factory leaders, sustainment leaders, and defense industry executives.

Preferred Session Duration: 50 mins including Q&A