IT Asset Management, (ITAM) should never be viewed as a “nice to have.” For every organization, it is truly “need to have” for various reasons, including compliance and cost containment. A fundamental part of ITAM is Software Asset Management (SAM). SAM applies to everyone – from your regional bank to a Fortune 500 global company.
Every organization is using some type of software, and they are also facing the headaches of managing those assets, guaranteed! According to Forrester, U.S. business and government spending on IT in the U.S. will total $741 billion in 2010. Of that sum, software accounts for the biggest chunk, with $194 billion in spending. Broken down further, applications account for $88 billion; custom-built app spending will be $43 billion; middleware checks in at $52 billion; and operating systems at $11 billion. With such significant numbers, it is in the best interest in any organization – whether public or private, national or multi-national – to have a robust SAM program in place.
According to industry analysts such as Gartner, the average company is over-licensed on around 30 percent of their inventory and typically at least 30 percent under-licensed in other areas. You might think that over-licensed is a good thing or that under-licensed might be saving money – but software vendors will disagree. In the current economy, software vendors, more than ever, are on the lookout for extra revenues, meaning that audits are on the rise. You must be licensed for your usage, all the time, in order to meet the vendor’s terms and conditions. If you aren’t, the consequences are costly. With compliance and cost savings in mind, it makes you wonder why every organization doesn’t have a SAM program in place to manage their software assets.
Let’s address all the benefits of a successful SAM program:
- Reduced audit exposure & potential financial risk to the enterprise – no vendor watchdogs looking over your shoulder, and should you face an audit, you are 99% prepared to answer their questions and sure that you won’t come up short.
- Reduced security risk from unauthorized software within the environment – when you are well-aware of who is using what and when, your organization is more prepared to track and identify unauthorized use, and prevent the resulting damage that can occur.
- Improved budgeting process and financial controls – a successful inventory of your software assets as well as usage across your organization will help you budget for future growth, M&A activity, and give you better control of software purchases.
- Increased operational efficiency – when your software is running at its optimal level, employees have what they need in terms of licenses, and usage is being properly managed to alleviate unauthorized use. The organization as a whole will benefit from increase operation efficiency. The C-Suite will recognize this, along with the cost savings the program produces year after year.
Now that I have sold you on the whys of SAM, let’s get into the essential part – how. Here are some simple steps to begin a successful SAM program for your organization:
First and foremost, for any SAM program is performing an internal audit to discover what you have. In addition to searching and capturing your assets, you must also collect all copies of proofs of purchase. Sometimes this even means the shrink wrap, as these will have codes on them to validate your purchase. Additionally, you must find and track all receipts, purchase orders, invoices, etcetera, associated with software purchases. Once you are more aware of what you have, you must match it up with your contract terms and conditions to determine your level of compliance.
For ongoing discovery, many organizations choose to implement one of many available automated tools. Most will not be an out-of-the-box solution, and will need to be customized to fit your needs, but there certainly are some great options for ongoing discovery, and automation will ease the overall process. Others choose to manually discover and track, which is less desirable, but depending on the scope of your software assets, may work for many types of organizations.
Once you have gone through the arduous process of an internal audit, then what? You need to create a repository. This could be an advanced inventory system, or even an excel sheet, whichever works best. The importance of this repository is for ongoing maintenance. Whenever a new piece of software or user changes or enters the organization, it must be recorded in the repository. The repository should also include your inventory of proofs of purchase, certificates of authenticity and any other paperwork you have associated with your software. The repository must be reconciled once every six months at the very least. As changes occur with the organization, they must be reflected within your repository. Otherwise, you may end up with improperly assigned or used assets. Very often, the organization will end up paying for assets that aren’t being used.
Lifecycle management is an essential part of a successful SAM program, yet is often the most overlooked. From procurement to retirement, every asset should be inventoried and evaluated to be sure the asset is living up to its potential, so to speak. If you know the current lifecycle state of an asset at any moment in time you can intelligently plan IT update/replacement, budget, IMAC (install, move, add, change), and procurement activities. For example, if you know that an asset is available but not assigned, you can manage internal stores and plan inventory levels—or identify key assets that are not providing direct value. If you know an asset is ordered but not received, you may need to track a shipment status. If you know that an asset is retired, you can begin physical recovery and disposal activities. Lifecycle management includes everything from procurement to retirement, and the management in-between. In order to get the most out of your assets, they must be managed at every stage of the process.
Contract management isn’t as simple as having your lawyer look it over to make sure you aren’t being taken for a ride. Sure, this is one piece of the puzzle, but you have to be sure that your contracts make sense for the alignment of your IT and business needs, and also that your ongoing financial commitments aren’t outrageous. For example, you may get a great deal on your initial purchase, but support and maintenance are twice what they should be. The key to any good SAM program is understanding your contracts, specifically the Terms and Conditions. The first and foremost fact that any enterprise should understand is that purchasing software from a software vendor does not mean you own the software. It means you are purchasing the rights to use the software within a certain set of conditions. Keeping this in mind will help keep compliance in mind as well.
Key elements of a Software or Software Maintenance contract include:
- License or Maintenance
- Enterprise License Agreement (ELA), End User License Agreement/EULA, Master License Agreement, Software License Agreement, and Volume Procurement Agreement (VPA)
- Perpetual, Term, or Subscription
- Contractual Counting Rules for Software as defined by the Contract
When dealing with software licensing agreements (SLAs), it is best to:
- Understand compliance and audit terms and conditions
- Identify the legal entity signing the contract
- Support divestitures and transfers of contract rights
- Identify products governed under a contract
- Determine the lines of business and geographic areas covered under a contract
- Understand the transferability of products within a contract
- Differentiate between perpetual and term/subscription software
- Determine maintenance coverage for products at a contract level (versus at the product level)
- Identify if upgrade rights (conversion of purchased version to latest version of product) are provided
- Manage contract expiration, renewal, and notification requirements
- Provide reporting and reconciliation against contracts
- Support financial forecasting
Do I have you convinced yet? SAM shouldn’t be an overwhelming task, and when executed correctly, it means cost savings, increased efficiencies and decreased risk – both from a financial and security standpoint. With all of these benefits, convincing the C-Suite that a successful SAM program is a necessity shouldn’t be a challenge. At the end of the day everyone is looking to save and decrease risk. SAM is certainly the way to go from an IT perspective.
About Martin Thompson
Martin is also author of the book "Practical ITAM - The essential guide for IT Asset Managers", a book that describes how to get started and make a difference in the field of IT Asset Management.
On a voluntary basis Martin a contributor to ISO WG21 which develops the ITAM International Standard ISO/IEC 19770.
Learn more about him here and connect with him on Twitter or LinkedIn.