Software asset management

Software asset management (SAM) is a business practice that involves managing and optimizing the purchase, deployment, maintenance, utilization, and disposal of software applications within an organization. According to the Information Technology Infrastructure Library (ITIL), SAM is defined as “…all of the infrastructure and processes necessary for the effective management, control and protection of the software assets…throughout all stages of their lifecycle.”[1] Fundamentally intended to be part of an organization’s information technology business strategy, the goals of SAM are to reduce information technology (IT) costs and limit business and legal risk related to the ownership and use of software, while maximizing IT responsiveness and end-user productivity.[2] SAM is particularly important for large corporations in regard to redistribution of licenses and managing legal risks associated with software ownership and expiration. SAM technologies track license expiration, thus allowing the company to function ethically and within software compliance regulations. This can be important for both eliminating legal costs associated with license agreement violations and as part of a company's reputation management strategy. Both are important forms of risk management and are critical for large corporations' long-term business strategies.

SAM is one facet of a broader business discipline known as IT asset management, which includes overseeing both software and hardware that comprise an organization’s computers and network.

Role within organizations

SAM can serve many different functions within organizations, depending on their software portfolios, IT infrastructures, resource availability, and business goals.

For many organizations, the goal of implementing a SAM program is very tactical in nature, focused specifically on balancing the number of software licenses purchased with the number of actual licenses consumed or used. In addition to balancing the number of licenses purchased with the amount of consumption, an effective SAM program must also ensure that the usage of all installed software is in keeping with the terms and conditions of the specific vendor license agreement. In doing so, organizations can minimize liabilities associated with software piracy in the event of an audit by a software vendor or a third party such as the Business Software Alliance (BSA). SAM, according to this interpretation, involves conducting detailed software inventories on a periodic basis to determine the exact number of software consumption, comparing this information with the number of licenses purchased, reviewing how the software is being used in respect to the terms and conditions and establishing controls to ensure that proper licensing practices are maintained on an ongoing basis. This can be accomplished through a combination of IT processes, purchasing policies and procedures, and technology solutions such as software inventory tools.[3]

Counting installations is the most common means of measuring license consumption but some software is licensed by number of users, capital, processors or CPU Cores.

More broadly defined, the strategic goals of SAM often include (but are not limited to) the following:

Role in other financial aspects

Fund management plays very vital role in maintaining big aspects in financial management too. It formulates the organized cash flow projections. It maintains expenses, taxes, leverage costs and interest income transactions, analyse them care fully.[6]

Use in financial Aspects

SAM Technology

A number of technologies are available to support key SAM processes:

International Organization for Standardization (ISO)

Main article: ISO 19770

The latest version of the SAM standard from ISO is 19770-1:2012. This revised standard is designed to allow the implementation of SAM processes to be "accomplished in multiple staged increments or tiers."[8] Part 1 of the standard details SAM processes including control environment, planning and implementation, inventory, verification and compliance, operations management and life cycle. In 2003, the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) began working with the SAM industry to develop a standard of best practices for software asset management programs. Standard ISO/IEC 19770-1:2006, Information technology – software asset management – Part 1, was published by the ISO and IEC in May 2006.[9]

ISO/IEC 19770-2:2015: Software identification tag;[10] establishes specifications for tagging software to optimize its identification and management. The current version was published in 2015 and is a revision to the 2009 original Software ID Tag standard.[11] Using software identification tags or SWID tags makes discovery a simpler and more accurate process that can be verified by software vendors if they audit an organisations entire estate. SWID tags are implemented and supported by many vendors including IBM, Microsoft and Adobe.

ISO/IEC 19770-3: Entitlement Management Schema [12] outlines a technical schema which can be used to encapsulate license details including contract information, entitlements, rights, limitations and details about invoice, PO numbers, etc. This is currently at FDIS (Final Draft International Standard) stage and is due to be published in 2016.

ISO 55000:2014 [13] is the new international standard for asset management and was ratified in January 2014. It provides an overview of asset management, its principles and terminology, and the expected benefits from adopting a comprehensive asset management strategy. This standardisation is driving increased interest in the whole asset management market, including asset management software, and is particularly interesting to asset-intensive organisations including Utilities, Chemical and Transport companies. 19770-1 is aligned with this standard.

ISO 55000:2014 can be applied to all types of assets and by all types and sizes of organization. It is intended to be used for managing physical assets in particular, but it can also be applied to other asset types. By itself it does not cover many of the requirements for IT and Software Asset Management, such as licensing, and the additional controls which are needed in general for software (e.g. for access and integrity), and for complex control situations such as SaaS and BYOD. These additional requirements are being incorporated in edition 3 of ISO/IEC 19770-1 which is based on ISO 55000:2014. Publication is not likely until 2017.

Issues with scalability

An example of issues faced when scaling up discovery tools is with Microsoft's System Centre Configuration Manager (SCCM). Using SCCM Metering Rules to monitor software usage across a small estate or a small number of applications is relatively easy and reliable given the total number of unique executables (.exe files) and the number of instances of each executable. Turning on Metering Rules for every packaged application and every executable in a large estate quickly makes the volume of data generated unmanageable and expensive to maintain. Most SAM tools which consume SCCM data rely on these Metering Rules to understand usage.

See also

References

  1. ITIL’s Guide to Software Asset Management
  2. 1 2 3 "International Standard". International Organization for Standardization and International Electrotechnical Commission. 2006-05-01: 5. |contribution= ignored (help)
  3. "What is SAM?". Microsoft. Retrieved 2008-03-19.
  4. "International Standard". International Organization for Standardization and International Electrotechnical Commission. 2006-05-01: 19. |contribution= ignored (help)
  5. "Microsoft Software Asset Management: Step-by-Step Training - Step 4". Microsoft. Retrieved 2008-03-19.
  6. Asset Management | Asset Management Software
  7. Ogren, Eric (2006-11-03). "Application control coming your way". ComputerWorld. Retrieved 2008-04-03.
  8. International Standard ISO/IEC 19770-1:2012 (2012-06-13). "Information technology — Software asset management-- Part 1: Processes and tiered assessment of conformance". International Organization for Standardization and International Electrotechnical Commission: vi.
  9. "International Standard". International Organization for Standardization and International Electrotechnical Commission. 2006-05-01. |contribution= ignored (help)
  10. http://www.iso.org/iso/catalogue_detail.htm?csnumber=65666
  11. http://www.iso.org/iso/catalogue_detail.htm?csnumber=53670
  12. http://www.iso.org/iso/catalogue_detail.htm?csnumber=52293
  13. http://www.iso.org/iso/catalogue_detail?csnumber=55088

External links

This article is issued from Wikipedia - version of the 8/4/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.