The worldwide standards body the International Organisation for Standardisation has launched an interactive self-assessment tool to help organisations gain control of software and IT assets.
The tool was developed in conjunction with Investors in Software and is a ‘how to’ of the ISO/IEC 19770-1 standard for asset management. “Software asset management (SAM) is a supporting layer for the whole of service management”, said one of the tool’s authors and a contributor to the standard, David Bicket.
Biket, who chairs a special interest group of the IT Service Management Forum, said the SAM tool supported a range of other compliance efforts including Information Technology Infrastructure Library. ITIL is about best practice but it’s not certifiable and at the end of the day people are looking for something to measure against.”
A problem with producing a ‘how-to’ tools for organisations working towards ISO standards is that only 20% of these standards can be published as part of a product. Developing the tool in conjunction with ISO has sidestepped this restriction.
The North West Development Agency is an early user and beta tested the engine to achieve its objective of being a model of best practice in the region. IT software and policy analyst, Anthony Fitzgerald, said the traffic light system indicating compliance was very clear and easy-to-use. When the agency first plugged in: “There was amber and a fair bit of red – but we’re all on green now”.
Previously NWDA had used the Federation against Software Theft (FAST) standard but this focussed on licensing rather than a holistic view of software assets. “Now we have all the policies, procedures and documentation in place for full SAM”, said Fitzgerald.
The standard known as ‘ISO/IEC 19770-1’ establishes a baseline for an integrated set of processes for Software Asset Management (SAM). It has been developed to enable an organisation to prove that it is performing SAM to a standard sufficient to satisfy corporate governance requirements and ensure effective support for IT service management overall. Although software licensing is included, this is not a standard for software licensing compliance.
Bicket anticipates the greatest demand from the financial sector, which is ardently embracing all compliance opportunities: “There’s no legal requirement for these companies to be certified against software asset management. But there is a strong desire to demonstrate to regulators and to shareholders that it exercises strong control over IT assets.”
Future developments include bolting on modules to deal with complex and specific issues such as licensing, in order that the tool remains a practical aide. Draft modules from Microsoft and Oracle are already in place for the licensing component add-ons, confirmed Bicket.