To implement an optimized software asset management program, it is necessary to understand the maturity and effectiveness of your existing asset management processes. By reviewing the policies and processes already in place, an organization will be able to identify areas for improvement and/or resource gaps. This in turn will facilitate corrective action to reduce the costs and risks associated with the management of IT assets and promote adoption of methodologies for improvement.
Here is a 4 step process for software asset management assessment and improvement:
- Identify where strengths and weaknesses exist within current processes
- Perform a ‘gap analysis’ between current processes and best practice
- Decide a strategy for improvement that will offer the best possible ROI
- Continue to make regular assessments and analyses of processes
Identifying where strengths and weaknesses lie within the organization requires maturity assessment modeling. An organization should devise a set of key questions around various aspects of its IT processes and best practices to measure their maturity. Key stakeholders should then be asked to answer these questions independently of each other.
Typical questions include:
- Is there a written software asset management policy?
- Do we have a senior executive sponsor within the organization?
- Is there a policy for authorized software?
- Is there a central license repository?
- Are unused licenses re-harvested?
- Are staff members able to install their own software onto PCs?
- Do we have a tool for managing and optimizing software licenses?
- Do we understand and apply license entitlements?
- Do we have an authorized vendor/supplier list?
- Do we purchase software centrally?
- When a computer is retired, are the associated licenses recycled?
The collated results can then provide an overall perspective of where areas of weakness or risk may lie within the organization.
Once the key areas of weakness have been identified, a gap analysis methodology should be adopted. A gap analysis will highlight where the organization is and where it needs to be. The ISO 19770-1 standard offers an approach to measuring such process gaps.
Background on ISO 197700-1
ISO 19770-1 provides companies with a measurement to establish performance against an agreed standard of corporate governance, lifecycle management and effective IT service delivery. [Note: ISO 19770-1 is currently in its third revision. ISO 19770-1:2017 was published December, 2017. Previous versions were 19770-1:2012 and 19770-1:2006.]
The ISO standard defines software asset management as:
“Processes and resources to help firms oversee and control their various assets and inventory throughout their life cycle.”
The ISO 19770-1 standard incorporates 27 key components of software asset management that define processes and data technologies that are key to an organization’s software asset management program.
These components are grouped into three key areas:
1. Organizational Management Processes for Software Asset Management
This encompasses broad management processes such as defining policies and procedures or defining a corporate governance initiative and the software asset management project lifecycle.
IT Asset Management
It all starts with knowing what’s in your IT ecosystem. Flexera One discovers even the most elusive assets whether on-prem, SaaS, cloud, containers and more.
2. Core Software Asset Management Processes
These are key processes for software asset management such as software asset inventory and identification or interfaces to other systems like financial systems for key data needed to assess software entitlements and compliance
3. Primary Process Interfaces for Software Asset Management
This defines key interfaces to other systems that are not as critical to key software asset management. Using the ISO standard to measure against process gaps offers a framework for an organization to easily identify where they are and where they need to be. It also helps to identify the challenges faced when adopting a best practice approach.
This is an excerpt from my recently published National Computing Center (NCC) Guideline for IT Management: Software Asset and License Management Best Practice. You can find the full document here. Stay tuned for more excerpts and related commentary in this blog.