ITAMOrg® Software Asset Management Specialist Courseware

Welcome

Safety

Introduction to SAM Course

Involvement

Present yourself

Course objectives

Challenges

Outline

Certification

Get more Information

ISO19770 (Standard for IT Asset Management)

Www.iso19770.org

ITIL4 – ITAM practices

https://www.axelos.com/welcome-to-itil-4

ITAM News and fees

www.itamchannel.com

ITAMOrg memberships and activities

www.itamorg.com

Unit 1 - Key concept of SAM

Learning objectives

ITAMOrg has developed this Software Asset Management Best Practice approach to clarify what Software Asset Management is. Best practice SAM has been created to reach its goals as efficiently as possible. Software Asset Management best practice can be tailored to fit any organisation, regardless of its size.

Software Asset Management is an important part of IT Service Management and must be understood in this context. The Software Asset Management database is a logical part of the Configuration Management System, which supports all the IT Service Management strategy.

Why SAM

•Investment in software to support Business processes

•Software is the most important and critical element in IT from a Risk and Cost perspective

•Software need to be managed and controlled

•Software shall be protected and either with the purpose of protection of the value and for protection of Suppliers IP

SAM Governance

Good Corporate Governance

Good governance ensures that policies and plans are implemented and supported by processes which are being followed and includes defined roles and responsibilities that are allocated and accepted within the organization. The focus is on continuous improvement based on monitoring and reporting of progress.

Good governance is when IT can show how it supports business operations and innovation. Governance defines a common direction, policies, and regulations that business and IT jointly implement. Governance evaluates, monitors, and manages the strategy, policies and plans of the organization.

IT Governance

Software's role and importance has changed dramatically in recent years. Software today is a critical business asset and must be managed as such. Software Asset Management has now become an imperative and not an option.

Software licenses are company assets - without them, business management expose their business to unnecessary legal and financial risk. IT governance is about supporting the business in its cost allocation, optimization, and minimization of risk.

The success of a software asset management strategy is dependent on its alignment to the overall governance structure which provides guidance to build up structures and processes according to how they want the organization to work

Governance of Software Asset Management is applicable to a constantly managed approach at all organizational levels. It begins with setting a clear Software Management strategy, followed of policies to deliver the strategy to an agreed scope.

ITAM dimensions

Every dimension is affected by multiple factors

•Organizations should have a holistically view of all aspects of their behavior to create value

•Processes should be implemented cross the organization and support the SAM team to create value

•Information and technology should handle SAM data through SAM- or relevant tools to create value

•Partners and supplier should be controlled and managed through reliable contracts to create value

E.g. Software process improvement may be planned without proper consideration for the people, partners and technology involved or technology solutions can be implemented without attention to the processes or people they are supposed to support

Organization and People

To support a holistic approach to service management, ITIL defines four dimensions of service management that collectively are critical to the effective and efficient facilitation of value for customers and other stakeholders in the form of products and services. These are:

•Organizations and people include design and implementation of:

•Culture

•Transparency

•Trust

•Skills

•Experience

•Education

•Training

•Common goals

•Information and technology design and implementation of:

•Strategy

•Compliance

•Compatibility

•Information in services

•Information security

•Technical interfaces

•Skills

•Risks and limitations

•Partners and suppliers design and implementation of:

•Suppliers of goods

•Suppliers of services

•Partners

•Contracts

•Managing resources

•Costs

•Skills

•Demand

•Value streams and processes design and implementation of

•Value streams

•Processes

•Managing demand

•Input and output

•Process integration

•Roles

•Responsibilities

•Value

Structure and systems of authority are not, by themselves, enough to improve organizational effectiveness. The organization also needs a culture that supports its objectives

Systems of authority

•Structure, management, governance

Roles and responsibilities

•RACI and mandate

Culture

•Trust

•Transparency

•Values

•Attitudes

NB: Culture changes over time

Workforce capacity and competence consisting of skills, education, competencies, experience:

•Technical skills

•Communication and collaboration skills

•Broad general knowledge of the other areas of the organization

•Deep specialization in certain fields

The complexity of organizations is growing, and more and more IT Assets and functionality is implemented to support the organization therefore it is important to ensure that the way an organization is structured and managed, as well as its roles, responsibilities, and systems of authority and communication, is well defined and supports its overall strategy and operating model.

The effectiveness of an ITAM organization cannot be assured by a formally established structure or system of authority alone. The organization also needs a SAM culture that supports its objectives, and the right level of capacity and competency among its workforces. It is vital that the SAM leaders of the organization champion and advocate values which motivate people to work in desirable ways. Ultimately, however, it is the way in which an organization carries out its SAM activities that creates shared values and attitudes, which over time are considered the organizations ITAM culture.

It is important to promote an ITAM culture of trust and transparency in an organization that encourages its members to raise and escalate issues and facilitates corrective actions before any issues have an impact on customers. Adopting the ITAM guiding principles can be a good starting point for establishing a healthy organizational culture.

People (whether customers, employees of suppliers, employees of the service provider, or any other stakeholder in the service relationship) are a key element.

ITAM skills and competencies of teams or individual members should be in place but not only, there should also be awareness on management and leadership styles, and on communication and collaboration skills.

The organization and people dimension of ITAM covers roles and responsibilities, formal organizational structures, culture, and required staffing and competencies, all of which are related to the creation, delivery, and improvement of a service.

Information and technology

There are many types of technologies that support software asset management and IT Service Management. And many of these technologies can be used in both areas – especially when IT and the business merge when digitalizing the business’ processes.

In relation to the ITAM information component of this dimension, organizations should consider the following questions:

•What information should be managed by the ITAM?

•What supporting information and knowledge are needed to deliver and manage ITAM?

•How will the information and knowledge assets be protected, managed, archived, and disposed of?

The challenges of information management, such as those presented by security and regulatory compliance requirements, are also a focus of this dimension. For example, an organization may be subject to the European Union’s General Data Protection Regulation (GDPR), which influences its information management policies and practices. Other industries or countries may have regulations that impose constraints on the collection and management of data of multinational corporations. For example, in the US the Health Insurance Portability and Accountability Act of 1996 provides data privacy and security provisions for safeguarding medical information collected in the US.

When considering a technology for use or support in the planning, design, transition, or operation of an ITAM product or service, questions an organization may ask include:

•Is this technology compatible with the current architecture of the organization and its customers?

•Do the different technology products used by the organization and its stakeholders work together?

•How are emerging technologies (such as machine learning, artificial intelligence, and Internet of Things) likely to influence the service or the organization?

•Does this technology raise any regulatory or other compliance issues with the organization’s policies and information security controls, or those of its customers?

•Is this a technology that will continue to be viable in the foreseeable future?

•Is the organization willing to accept the risk of using aging technology, or of embracing emerging or unproven technology?

•Does this technology align with the strategy of the service provider, or its service consumers?

•Does the organization have the right skills across its staff and suppliers to support and maintain the technology?

•Does this technology have sufficient automation capabilities to ensure it can be efficiently developed, deployed, and operated?

•Does this technology offer additional capabilities that might be leveraged for other products or services?

•Does this technology introduce new risks or constraints to the organization (for example, locking it into a specific vendor)?

Information technology considerations

•Compatible with the current architecture?

•Does the organization have the skills in the organization to support and maintain it?

•Does it raise any regulatory, compliance or information security control issues?

•Does it have enough automation capabilities to be developed, deployed, and operated?

•Is it viable in the foreseeable future?

•Does it have additional capabilities that can be used for other products or services?

•Does it align with service provider or service consumer strategy?

•Does it introduce new risks or constraints to the organization?

Partners and suppliers

Every organization and every service depend to some extent on services, products or goods provided by other organizations.

Types of supplier relations:

Service partnerships

•Share common goals and risks

•Collaborate to achieve desired outcomes

Goods and service supply suppliers

•Formal contracts

•Clear separation of responsibilities

An organization’s supplier strategy should be based on its goals, culture, and business environment

Factors that may influence an organization’s strategy when using suppliers include:

•Strategic focus - Some organizations may prefer to focus on their core competency and to outsource non-core supporting functions to third parties; others may prefer to stay as self-sufficient as possible, retaining full control over all important functions.

•Corporate culture - Some organizations have a historical preference for one approach over another. Long-standing cultural bias is difficult to change without compelling reasons.

•Resource scarcity - If a required resource or skillset is in short supply, it may be difficult for the service provider to acquire what is needed without engaging a supplier

•Cost concerns - A decision may be influenced by whether the service provider believes that it is more economical to source a requirement from a supplier.

•Subject matter expertise - The service provider may believe that it is less risky to use a supplier that already has expertise in a required area, rather than trying to develop and maintain the subject matter expertise in house.

•External constraints - Government regulation or policy, industry codes of conduct, and social, political, or legal constraints may impact an organization’s supplier strategy.

•Demand patterns - Customer activity or demand for services may be seasonal or demonstrate high degrees of variability. These patterns may impact the extent to which organizations use external service providers to cope with variable demand.

Processes and value

Processes define the activities, workflows, controls, and procedures needed to achieve agreed objectives, including:

•Organizing activities driven by user and customer value streams as well as value streams with other stakeholders

•Connecting value creating activities to output and outcome for stakeholders

A well-defined process can improve productivity within and across organizations.

A process is a set of activities that transform inputs to outputs. Processes describe what is done to accomplish an objective, and well-defined processes can improve productivity within and across organizations. They are usually detailed in procedures, which outline who is involved in the process, and work instructions, which explain how they are carried out.

The