Building the business case for ITAM

28 January 2016
12 minute read
Best practice

Building the business case for ITAM

28 January 2016
12 minute read

This article is to support module 1: “How to secure and maintain senior management support for IT Asset Management

An ITAM Review reader asked: “What data do I need to collect to show the value of my ITAM practice”?

This article attempts to answer that question, from starting from scratch with a business case, through implementation and building out an ITAM practice, to business as usual or normal operations and maintaining interest.

If you have any questions about building the business case for ITAM or securing senior management support please leave a comment on this article or see the specific thread on our discussion forum here.

ITAM Business Benefits

ITAM Business Benefits

ITAM Business Benefit Categories

I have grouped the key benefits and potential financial returns of ITAM into three broad buckets:

  • Compliance – meeting legal, contractual and regulatory obligations
  • Efficiency – Making best possible use of assets whilst maintaining service
  • Agility – Using asset data for business intelligence to support the business

Our predominant focus at The ITAM Review tends to sway towards SAM, but I’m using ITAM collectively here for both SAM and HAM.  Also the next version of the SAM standard will be renamed an ITAM standard. You can’t do modern SAM without good HAM practices and the business benefits extend to both.

We will use the groups above to generate interest in ITAM, build the business case and maintain momentum and interest in our ITAM practice in the longer term.

Building Interest in ITAM

There is not a cookie-cutter solution for ITAM ROI since personal and company motivations are unique. This article and metrics mentioned are intended as an a la carte menu in which to build a compelling business case. Pick and choose the parts that are relevant to you, your stakeholders and your organization.

For example many organisations are driven by the risk of audit, but for others audits are not a concern and saving money or having access to accurate ITAM data to underpin projects is a higher priority.

Build your business case and ITAM arguments accordingly, for example there is no point banging on about audit threats and making the volume of audits in the industry the main thrust of your ROI calculations when your company has never experienced an audit. Your forecasts may very well be accurate but it is better to build a plan that is compelling, relevant and realistic to those reading and acting upon it.

ITAM as a journey not a destination

Let’s assume you either want to build the business case for ITAM or want to increase the resources in your existing team. I view ITAM as a journey not a specific destination. When speaking with senior management, stakeholders or whoever else it is that will say, “Yes! Let’s do it” and support your ITAM initiative there are three points of view to consider; what is happening right now, what do we forecast, and how will we measure success.

  1. RIGHT NOW: Our current situation right now. Accurate data we have right now at our fingertips to measure our current situation (Usually nothing / not a lot / A problem statement).
  2. FORECASTED IMPACT: The business benefits we will try to articulate and forecast based on implementing ITAM
  3. Business as Usual (BAU): And finally the future metrics we wish to track to demonstrate our progress, accuracy and performance.

It’s important to emphasise No.3 in the business case. This shows we mean business; this is a long-term practice rather than short-term project and will hopefully show a preview of future improvement and awesomeness delivered by your success!

Let’s cover each one of these three elements in turn.

1. Right Now – Making estimates when you have no tools or data

A common scenario:

“I’ve been assigned to sort our ITAM/Compliance/SAM. We have no tooling, no data, no entitlement records and no resource, I’ve been asked to build a business case for ITAM”.

The normal temptation here is to start Googling analyst firm statements about anticipated returns. In the ITAM industry Gartner is a good source for these:

  • “By 2017, 20% of organizations will have implemented an SLOE tool up from >5% in 2014.”
  • “Expect to invest 3-5% of software spend on SAM programme”
  • “A properly run SAM programme can reduce an organisation’s IT asset costs by 30% within the first three to six months”

These are good supporting arguments but even when you have no data whatsoever you can usually find some interesting information to support your case.

When faced with the challenge of no tools or ITAM data, I recommend searching for the following data:

Main Driver How do I calculate ROI? Example
Compliance What is the volume of audits we have faced in the past three years, how much time was spent in audit response? How much money was spent in true-ups / addressing issues. For example, Let’s say you faced two audits last year, with $250,000 settlement each, and it took a team of four 6 months in total respond to the audit requests assuming 20% of their time was allocated to audit response and average salary was $75,000.00. So you could argue audits cost $530,00.00. Any increase in ITAM maturity is going to put a big dent in that figure.

 

Efficiency Visit your friends in IT Procurement / Finance and identify the total spend, or top 10 suppliers for software. Your luck will vary here, but ideally you want total annual spend on software, hardware and maintenance by supplier. You can’t do anything about spent money, but you can have an impact on future spend and a critical deliverable of ITAM is avoiding cost. Let’s say you spent $1M on hardware and $1M on software last year, what if we were to reduce that annual spend by just 10% through more efficient practices? (How will you do this? By removing assets that are not in use and stockpiling surpluses to fulfil future requests, reducing maintenance renewals by only buying support for assets that are needed, re-architect systems to optimize spend, renegotiate contracts based on strong asset data to support deals, standardise on software titles to simplify support, reduce redundancy and reduce spend etc.)

 

2. FORECASTED IMPACT – What business benefits can we expect?

As mentioned previously, use the benefits below as an a la carte menu; pick and choose which elements are relevant to your business and what will appeal to those signing off your project:

  • Reduced audit spend
  • Reduced number of audits
  • Reduced amount of team time responding to audit demands
  • Reduced spend through reclaiming unused assets
  • Reduced maintenance spend through smarter decision making and reclaiming unused assets
  • Reduced spend through re-architecting solutions for optimal license costs whilst delivering the same service
  • Reduced IT spend through stronger negotiation position
  • Reduced support overhead via standardisation of software
  • Increased productivity / strategic use of existing ITAM team
  • Empowered enterprise architects, project managers, business analysts or other stakeholders making strategic decisions about technology and vendors
  • Smarter decision-making and project delivery through accurate asset data
  • Quicker and more accurate migrations / upgrades / planning through accurate asset data
  • More accurate budgeting
  • Less security fire-fighting / proactive security resolution / identify unauthorized or insecure assets
  • Less asset loss through higher visibility
  • Faster service desk ticket resolution and enable proactive problem management with better asset data
  • Enhanced user experience by streamlining and simplifying the asset request process – Allowing users to be productive and have access to the assets they need whilst being compliant.

What data do you need to measure these benefits? Do other IT departments already track metrics that could help you measure the success of the initiatives above?

Balancing the books

IcebergA well balanced and realistic ROI forecast and ITAM business plan will also cover forecasted costs too such as people, tools, training, services and so on. Also factor in some budget for occasional expertise. You can’t expect a handful of ITAM staff to have encyclopaedic knowledge about every single hardware asset and license program.

It is also wise to also allocate a budget / part of your forecasted savings towards unknown skeletons that might fall out of your ITAM closet when you start providing real visibility and trustworthy data.

Every ITAM project I’ve ever been involved with has had a ‘Pandora’s box’ moment; a horrendous security issue, a surprising breach of the acceptable use policy, some seriously dodgy behaviour etc.

The more exposure and sunlight your ITAM practice casts on proceedings, the less budget you’ll need to for nasty surprises. The primary role of an asset manager is to quantify and communicate the iceberg.

Money and Common Sense

A couple of tips on positioning business plan:

  • Unless told otherwise by your decision makers – make all arguments in financial terms (See “Talking ITAM to the CIO“). The receptionist at the front desk of your company to the CEO know the language of money.
  • Add a sprinkling of common sense as to why you are doing this: You wouldn’t spend millions on company cars without keeping good inventory, you wouldn’t spend millions on stock and then just throw it in a warehouse a not manage it – why do the same with the millions spent on software and hardware?

3. Business as Usual ITAM Metrics

Finally, lets look at some of the Business as Usual (BAU) or Normal Operations metrics we want to measure to quantify the value of our ITAM department.

It is useful to start with a vision or goal for the ITAM department, then collect metrics that show delivery, or more importantly progress, towards that vision.

For example a good vision for a company that is consistently clobbered by software audits and wants to remove risk might be:

“The ITAM department will provides inventory of all IT assets with 95% accuracy. An audit ready status is maintained for the top 10 strategic software publishers with 97% accuracy”

Any company delivering on this will have good hardware and software visibility and whilst not having exhaustive knowledge of their estate, will be addressing 90% of the risk. Having a finite goal (top 10 vendors) also allows scope for asking for more resource (Either because you are not meeting your goal or want to increase it to 20/30/40 vendors etc.)

So key metrics to show us demonstrating progress would be:

  • IT inventory accuracy
  • IT entitlement accuracy
  • Time spent to respond to a software audit / internal audit / practice run

Hard numbers underlying these metrics might be:

  • Number of hardware assets with verified accuracy (See this article on how to verify accuracy: https://itassetmanagement.net/2014/11/24/verifying-asset-accuracy/)
  • Number of AWOL / Missing / not responding devices
  • Software compliance shortfall by vendor / % change on last period
  • Total compliance risk
  • New installs / root cause of compliance risk since last period

Depending on your goals, you may wish to add:

  • $ Value of reassigned assets / asset recovery / cost avoidance
  • $ Value of retired devices / software resold
  • SLA’s met / volume of software requests / customer satisfaction

And so on.

As mentioned earlier, this is a journey not a destination. Your metrics, communicated monthly or whatever frequency is agreed – show a direction of travel and gradual progress. If you think about these metrics from the very outset of your journey the planning, business case, tools strategy, process and team building process is much easier. Also see this article from Sherry Irwin in 2009: ITAM metrics.

If you would like to learn how to use these metrics to win senior management approval for your ITAM practice – see Module 1 of our 12 Box Training Course: “Authority: “How to secure and maintain senior management support for ITAM”.

To answer the original question: “What data do I need to collect to show the value of my ITAM practice”? My answer would be: The data required to show you are moving towards your vision – using a combination of data you have right now, forecasted returns and key metrics. Right now data adds credibility and real life hard data to the arguments, forecasted returns show the impact and BAU metrics demonstrate you will continue to keep your eye on the ball in the longer term.

If you have any questions about building the business case for ITAM or securing senior management support please leave a comment on this article or see the specific thread on our discussion forum here.

Can’t find what you’re looking for?