Sometimes within Software Asset Management we become so focused on producing an audit and reconciliation report, that we miss the bigger picture in taking state data and converting it into a tangible business decision. One such area often overlooked is that of IT asset status and ownership. This Joiners, Movers and Leavers Process is just such a policy, but its implementation demonstrates control of IT assets and consequently aids with information security, and financial due-diligence.
Something that is unique to this process, is that it could (in theory) take years to complete – whereas most processes demonstrate effectiveness of operation by the speed with which they work, this one could take years to complete – but this is no fault of the process (or the draftee!) If your staff are happy, and happy with the equipment provided, then they could occupy positions for years at a time.
There is an argument to be made for storing this information in a CMDB – and if HR have access to such a golden source, then by all means this could be a valid alternative; however the assumption has been made in this instance that a CMDB is not in place, and so HR have to accommodate the storing of this information. It could be that you wish to modify this template so that the CMDB does store state employment data, and then have that data replicated to a HR database.
Joiners, Movers and Leavers Process
- To update ownership status of IT assets at the key points of a staff member’s employee lifecycle
- To interface with a Loss/Theft Process if IT Assets are either lost or stolen
- To make staff members accountable for the IT assets issued to them
- To recover IT assets at the end of an employee’s time at a company
- That the HR System is capable of storing basic IT asset information
- That the HR system is preferred to be used over a CMDB for this particular activity
- Line Managers take responsibility for updating the HR database of the required
Function Step Overview
|1.10||As a new employee joins a company, the line manager will assess their requirements for IT assets to aid the new employee in carrying out their job. The Line manager will update the employees HR record to show that they have received the new equipment. Any new equipment required can be referred to the “Hardware Procurement Process” at this point.|
|1.20||The period of time between 1.10 and 1.20 occurring could be years; equally, prior to this an IT asset could have been lost or stolen, or equally ceased to work. A break-out is offered above the 1.20 function step to accommodate either eventuality.At 1.20 An employee is either changing jobs or cost center or department, and so there is a requirement to validate the IT equipment that is recorded against their name – not least because if/when that employee leaves, this will be the state data that a Line Manager will fall back on when it comes to retrieving IT equipment. Typically, such a move will highlight those devices that have been left under stair cupboards, or stored in the boot of a car for months at a time; a physical check of such IT assets may reveal that an IT asset is actually lost. It could also be that your business does not operate via cost center or departmental boundaries when it comes to managing IT; however such a periodic check might be factored in to a Line Manager’s diary to annually review issued assets from a security point of view.|
|At 1.30 the new Line Manager will authenticate the information gleaned from function step 1.20 and update the HR system accordingly. Equally, if new equipment has had to be purchased for the employee, then this too can act as an instigator to update their HR record.|
|1.40||At 1.40, we see an employee is leaving the company, and so has to return the equipment originally issued to them. The line manager will consult with the HR system to compare what should be returned versus what the employee brings back. If any discrepancies are found, then these can be reported to HR via the Lost/Theft of Equipment Process. Recovery or write off action should be governed by the company policy pertaining to Loss/Theft of Equipment, but should always be treated on a case by case basis.|
|1.50||One the equipment has been returned to the Line Manager, it may be advantageous for the Line Manager to retain that IT equipment for an impending new joiner; and so the Line Manager needs to relay this fact to HR at 1.70|
|1.60||A more likely scenario is that the equipment will be returned to IT for data recovery/reimaging in time for the next user to draw down the equipment.|
|1.70||At 1.70, the HR department is required to update the departing employees HR record to annotate equipment that is no longer held by them. As mentioned previously, if any equipment has been reported as lost/stolen, then HR has a decision to make around any deductions that might be made from a final salary, or whether the cost of lost equipment is written off. In a worst case scenario, criminal proceedings might even be considered.|
Increasingly, technology has a role to play in managing IT assets and much has been made of auto-wiping devices to make them unusable when reported lost or stolen, or installing asset tracking tags in the bios. Knowing where IT assets are is undoubtedly valuable information, but knowing who is accountable for them (in an ever-increasing mobile world) is just as important.
Other Process of the Month Articles:
- Software Re-harvesting Process
- Software Change Mangement Process
- Corporate Governance Process
- Maintain a Supported Software Catalogue
- Software Rationalisation Process
Upcoming Process of the Month Articles:
- Scope Verification Process
- Named User Verification Process
- Platform Identity Process
- Software Request Process
- Software Removal Process
- Process Review Process
The process kit by Rory Canavan is available from SAMcharter.com
About Rory Canavan
With a technical background in business and systems analysis, Rory has a wide range of first-hand experience advising numerous companies and organisations on the best practices and principles pertaining to software asset management.
This experience has been gained in both military and civil organisations, including the Royal Navy, Compaq, HP, the Federation Against Software Theft (FAST) and several software vendors