The 3 Reasons Why IT Asset Management Is Important for Any Organization

ISO/IEC 19770-1 is a framework of ITAMS processes that enables an organization to demonstrate that it is performing software asset management to a sufficient standard to satisfy corporate governance requirements while also ensuring effective overall support for IT asset management. ISO/IEC 19770-1 standard is related to Service Management and includes 27 process areas, each with objectives and detailed outcomes. The standard also advocates a tier-based approach to allow organizations to adopt ITAMS processes that are appropriate for their needs and size.

Effective IT Asset Management enables every organization to reduce the risk associated with the over- or under-purchase of software assets (both executable and non-executable), while also working to ensure the security of those assets through effective asset tracking and support throughout the entire software and IT lifecycle. The standard is also broad enough to be used in a variety of technological environments, including cloud computing.

ISO 19770 IT Asset Management standard also refers to the system, processes, and technology that are used to detect, track, manage, and optimize IT assets at all stages of their lifecycle. IT assets are any IT-related hardware, software, subscriptions, or services that the organization owns, pays for, or uses directly or indirectly. This definition of an IT Asset is broad and includes, among other objects, IoT, network and storage devices, and cloud services such as Software as a Service, Infrastructure as a Service, and Platform as a Service (SaaS/IaaS/PaaS). So, implementing an effective ITAM is critical for organizations of all sizes for three reasons:

• ITAMS is an enabling competency for IT. Many essential IT functions depended on complete and accurate ITAM data. Here are the examples (but are not limited to):

• • Information Security: Understand you can't protect what you don't know. So, it is important to know what devices are connecting to the network, how they are configured (down to the patch level), whether the hardware and software are legitimate and allowed, etc., is the first task in information security. All of this is mostly ITAM knowledge, and ISO/IEC 19770-1:2017 Lead Auditor Training is necessary for this knowledge.
  • Configuration Management and Change Management: The organization cannot determine whether that configuration is correct and that no unauthorized changes are being made to it unless it knows what IT assets exist and how they are organized.
  • Disaster Recovery: It would be difficult to reconstruct these assets (and thus company operations) following a disaster without knowing what IT assets exist, where they are, how they are configured, and what business functions they support (all ITAM information).
  • IT Financial Management: It is difficult to budget and forecast for IT with any accuracy without knowing how much money the organization is spending on IT assets and the capability to achieve future requests for IT assets (all ITAM information).

• ITAM is key for IT risk mitigation. Software license compliance is one type of risk that is unique to ITAM. Software license compliance audits are well-known in the software industry. Without effective ITAM, even the most well-intentioned organization can easily over-deploy software beyond the organization's license entitlements, exposing the organization to legal, financial, and repetitive risks. This is due to a combination of factors, including the following:

• • Complexity of ever-changing licensing rules
  • New technologies impacting licensing
  • The number of unlike software vendors under management
  • Mergers & acquisitions on both the organization’s side and the software publisher’s side
  • Essential limitations of tools available to assist in the process
  • Incapability to control rogue end-user activities, to name just a few challenges

• ITAM is key for IT cost savings: A lack of complete and accurate ITAM information may cause organizations to spend far more on IT Assets than necessary, particularly on software, which consumes a growing portion of IT budgets. Examples include the following:

• • Shelf-ware: This occurs when an organization pays for software (or maintenance renewal) that is not in use and is no longer required. SaaS is more highly susceptible to shelf ware than traditional on-premise software. Effective ITAM prevents the occurrence of shelf-ware.
  • Re-harvesting: When hardware is retired, the software licenses used by that hardware should become available for re-deployment within the organization; however, this is only possible if effective ITAM is in place.
  • Architecture optimization: Without effective ITAM, organizations may configure their environments in an unproductive licensing manner, resulting in the need for more licenses with no functional or operational benefits to the organization.
  • Negotiation from a position of knowledge: Without effective ITAM, companies struggle with information about their needs and are at the mercy of software publishers when going to negotiate software contracts.