Andrew Sweeney
There’s little debate on the advantages of a business being ISO certified, both from an internal and customer perspective. As operations are digitalized, there’s also little doubt about the growing importance of having a robust software asset management (SAM) process in place.
With capabilities such as virtual desktop (VDI), unified endpoint management (UEM) and public and private clouds enabling end users to connect to their workplace and be productive from anywhere over any device, it’s never been so important to ensure that the software they are using is updated, secure, and relevant to meet their digital needs and achieve the goals of the business.
ISO 19770-1:2017 specifies best-in-class standards for the establishment, implementation, maintenance, and improvement of an IT asset management (ITAM) system, providing a framework for managing software assets within the context of the business.
Introduced because of the complex nature of software and reflecting the way SAM is implemented, not in isolation, but used to achieve a business goal or goals, the intention is to:
ISO published a video overview of changes in the latest iteration of the standard, 19770-1: 2017. Processes are grouped as follows:
ISO introduced tiers into these groupings to allow companies to implement the processes relevant to them – with most wanting to implement the most critical processes (Tier 1). ISO suggests the following but indicates companies should add processes in line with their needs, such as to deal with sustainability goals:
Trustworthy data. Do you know what assets you have so you can manage them? This is the base standard that must be implemented, and includes:
Lifecycle integration. How do you ensure efficiency and cost effectiveness across the asset lifecycle? This is divided into:
Optimization. How can you achieve greater efficiency and cost effectiveness through functional focus? The areas of focus here are:
What do you want to achieve using SAM? Do you want to strengthen your processes around tracking and inventorying software to align license usage with ownership? Do you want to optimize cloud costs? Are you interested in tracking usage and costs per department?
Once you’ve defined your goals, then, as with any ISO certification program, you should start by auditing existing processes and identify gaps or areas of improvement.
Going back to basics is key. Ask yourself:
Given the ever-more diverse nature of your IT environment, as you move workloads to the public and private clouds, connect IoT devices at the edge cloud and evolve IT maturity to manage evolving needs, such as cybersecurity asset management (CSAM) or digital experience monitoring (DEX), it’s getting harder to locate and gain access to data. The reason is that each new capability or domain comes with its own distinct management tool creating silos of data across your estate.
To manage any SAM-related program to achieve business goals, you’ll need your tools to gain access to data held in other areas of your estate. That means, for example, analyzing CSAM monitoring data using all data dependencies to understand the real impact of any potential risk. You’ll need to understand information about users, including their level and location before you can begin to roll out software patches.
Even when you know where the data is held – and that could be outside of IT’s control in HR or another business area - to manage any program you’ll need to aggregate and normalize that data for a clear view. Given the lack of interaction between tools, that traditional means doing that manually. This takes time, and any errors in recording add risk to your program, potentially derailing it.
That carries through to planning, execution, and program reporting, adding further delays and errors, that could disrupt the business and scupper your efforts. And, when it comes to managing an external audit, can you be sure that records are complete? For many it’s a last-minute scramble with time spent on calls and emails to fill in data gaps and resolve inconsistencies.
How do you move away from manual processes if HDIM tools don’t interact? The answer is by using a digital platform conductor (DPC), a tool highlighted in four Gartner Hype Cycles in 2022. A DPC allows you to implement digital workplace orchestration across your disparate estate by:
Using a DPC you can benefit from best-in-practices processes to achieve any SAM-related business goal and aid the efforts of ISO 19770-1:2017 certification.
For example, you can:
Book a demo to see how a digital platform conductor can help you manage SAM-related programs using best-in-practice processes to achieve your business goals.