Software Asset Management (SAM) and

ITIL Service Management - together driving

efficiency

Ian Preskett MIET C.Eng. MBCS CITP

Software Asset Management Consultant
ian.preskett@ipassociatesltd.co.uk
 Agenda

Registration & refreshments 18:00

Presentation 18:30.
– ISO 19770-1 and ITIL V3 mapping
– The asset management lifecycle
– Data gathering and modelling
– Relevance of all of the service management lifecycle functions to SAM
– Software in the service catalogue and portfolio
– Maturity measurement and benefits
– Discussion

Finishing around 20:00

– Wine, finger food and informal networking.
 Service Management and SAM

What is Service Management?

• Service management is a set of specialised organisational capabilities for providing
value to customers in the form of services.
– Transforming resources into valuable services
– Efficient delivery of services
– Supported by an extensive body of knowledge, experience and skills.

What is SAM?
• SAM is the effective management, control and protection of software assets
within an organisation and the effective management, control and protection of
information about related assets which are needed in order to manage software
assets.

So SAM is:
• A resource to deliver services efficiently
• Knowledge
• A valued service
 Your company

• How often do SAM and Service management talk to each other?

• Why is SAM not considered part of service management?

• Is the SAM department listed as a valued service in the service catalogue?

Processes
 ISO 19770-1 framework and processes
Lifecycle Core SAM processes Organisational processes

Lifecycle process interfaces Operations management Control environment

Relationship and contract Corporate
Governance
Service level
Roles and
Security Financial responsibilities

Inventory management Competence

Asset Identification Processes and
policies
SW asset control
SW asset inventory (libraries)
Planning and
Release Implementation
SW HW HW SW
Deploy Planning
In-use Verification and compliance Implementation
Incident Asset record verification
Monitor and
Problem License compliance Review

Compliance verification Continual

Retire improvement
Conformance verification

Does not require efficiency or compliance

 Asset tracking -software

Relationship and contract

Request
A = Recognition tables
Approve
Procure B = Upgrade /downgrade
Goods in Asset Identification
Pay
SW asset control
SW asset inventory (libraries)

Release
CMDB
SW HW HW SW
Deploy
A B
In-use
Incident Asset record verification
Problem License compliance
Compliance verification
Retire
Conformance verification
 Asset tracking – hardware

Relationship and contract

Request
Approve
Procure
Goods in
Pay
SW asset control
SW asset inventory (libraries)

Release
CMDB
SW HW HW SW
Deploy

In-use
Incident Asset record verification
Problem

Retire
The CMS model (and SACM)
 ISO 19770-1 framework and processes
Lifecycle Core SAM processes Organisational processes

Lifecycle process interfaces Operations management Control environment

Relationship and contract Corporate
Governance
Service level
Roles and
Security Financial responsibilities

Inventory management Competence

Asset Identification Processes and
policies
SW asset control
SW asset inventory (libraries)
Planning and
Release Implementation
SW HW HW SW
Deploy Planning
In-use Verification
A and compliance B Implementation
Incident Asset record verification
Monitor and
Problem License compliance Review

Compliance verification Continual

Retire improvement
Conformance verification

Does not require efficiency or compliance

 SAM and ITIL V3
Lifecycle process interfaces Operations management Control environment
Relationship and contract
Supplier management Corporate
Governance
Service level
Information Roles and
Security financial
Financial responsibilities
security
Inventory management Competence
Asset Identification Processes and
policies
SW asset control
SW asset (libraries)
inventory
Service asset and configuration
Release management (SACM)
Release and Service Strategy
deployment
Deploy Service
SAMDesign
plan
Service Transition
In-use Verification and compliance Implementation
Incident
Incident CMS
Asset record verification
Monitor and
Problem
Problem License compliance Review
Compliance verification Continual service
Continual
improvement
Retire improvement
Conformance verification

Acknowledgement ISO/IEC and ITIL V3


Service Design
•Service Catalogue Management
•Service Level Management
•Supplier Management
•Capacity Management
•Availability Management
•IT Service Continuity Management.
•Information Security Management
Service Strategy
•Service Strategy
•Service Portfolio Management
•Financial Management
•Demand Management
ITIL V3
Service Transition
•Transition Planning and Support
•Change Management
•Service Asset and Configuration Mgt.
•Release and Deployment
•Service Validation
•Evaluation
•Knowledge Management
Service Operation
•Event Management
•Incident Management
•Request Fulfilment
•Problem Management
•Access Management
Continual Service Improvement
•Seven step improvement
 ITIL V3 Lifecycle and SAM
Service Transition
•Change Management
•Service Asset and Configuration Mgt.
Service Design •Release and Deployment
•Service Catalogue Management •Knowledge Management Service Operation
•Information Security Management •Request Fulfilment
Example
Example •Vendor agreements Example
•The Solution •The end of the project •Asset lifecycle
•The initiation of the project •Procurements
•Selection of suppliers
•Procurement costs

Continual Service Improvement

Service Strategy •On going improvement
•Service Strategy

Example
•Cloud
•Sourcing
•Outsourcing
•Virtual Applications.
13
 People, Process, Technology

Strategy and vision

Policies
Policies

Process
Process

Te Te
c hn c hn
ple olo ple olo
Peo gy
Procedures Peo gy

Procedures
 Multi level process diagrams

Level 1 Level 2 Level 3 Technology Level 4

Portal logon ?? Procedures

v p
Request
i o A Select from ?? Procedures
s l c Approval catalogue
q
i i u
c i Stock
o s Request ?? Procedures
n i i
e t Procure
i
s o help desk ?? Procedures
n Goods in

Release Payment
Deploy
Assets
In-use

15
 Typical inefficient SAM processes

Acquisition
No links with service
Request
management
Non- Standard • No stock check
Approval • Approvals go straight to purchasing
Agreement • SAM manager makes all decisions
to purchase • Strategy is not considered
• Media gets lost
Purchasing • Deployment process not integrated
DSL • Wrong package used for deployment
SW Goods in • Imbedded software not authorised
HW • Manual compliance process
Deploymen • All SW uses the same process
payment
Under t • poor software payment authorisation
Licensed • DSL (DML) likely to be uncontrolled

Contract
SW HW HW SW managemen
Deployed Software Procurement t
data
Manual process

License Position (Compliance)

 Efficient SAM processes based on Service
Management
Request Fulfilment Service Strategy
and Design
Automated and
Request Procurement
integrated
catalogue
Approvals

Stock check • Service mgmnt integration

• Process tailored to software
Purchasing Service • Controlled approvals
introductio • Stock check
DSL Non- Standard
n • Responsibilities organised
SW Goods in
HW • Deployment via AD group
Over/
Deploymen • Links to packages
under Payment
t • Imbedded SW licensed
• Compliance based on SKU
Usage • Controlled payments
CMS • Usage management
Contract
SW HW HW SW management
Deployed assets Procurement Contract
data
Knowledge management -automated
Usage
License Position (Compliance)
 Catalogue
Procurement Service introduction /portfolio
attributes Metric attributes Metric

SKU Number Service introduction Aware of application

status
Reseller pt no. Number Being evaluated

Software name Text Rejected

Description Text In–use status Pre approved

Vendor Drop down Buy
Hold
reseller Drop Down
Retired Sell
Price

Contract number

License pool Max

Min

License type Per seat

Per user

Per processor

Enterprise
 Catalogue

Introduction considerations Operational considerations

attributes Metric attributes Metric

Cost Deployment Packaged yes/no

Business value Package number

/impact
Type (SCCM/AD/
Business impact High/Low
etc.)

Last review AD Group

Next review Access controls
Quantity before
package creation
 Catalogue
Workflow rules Storage

attributes Metric attributes Metric

Approval before removing Media storage location

License storage location

Special approval before
purchasing
Special email to user

Approvals required Department

Business
(owner)
IT technical

IT Service

Owner

Deploy before license

 Catalogue Summary

The catalogue will allow:

• Users to select their own applications
• Pre approved products
• Profiling of users
• Workflow to be more efficient (automated or manual)
• Workflow decisions based on catalogue parameters
• Reduce repeated IT approvals.
• Better control by the appropriate owners
• More accurate budgeting
• Better asset tracking using manufactures part number
• Better records for management decisions
• More accurate SKU based compliance reporting and risk reduction
• Better use of resources
• Makes support easier
• Includes base builds and embedded software
Technology
 Technology map
Technology is required for all these processes.
An integrated solution is preferred Software catalogue
Self service
Procurement

Request Contracts HW estate (CMDB)

(self
service)
DSL Contracts
Approve License data
Procure DSL
Asset Identification
Goods in Deployment
Pay SW asset control
SW asset inventory (libraries)

Release
CMS Discovery (HW & SW)

SW HW HW SW Incident / problem
Deploy Change / configuration
Release
In-use
Incident Asset record verification Verification
Problem License compliance Compliance
•Recognition
Retire •Upgrades, downgrades

Workflow
Acknowledgement ISO/IEC
People
 Current conflicting priorities
Service Asset
Configuration

s
atu
manager Services

g st
rkin
Network,

Wo
•Relationships and Cables,
Dependencies Switches SAM manager

Ins twar
Servers

sof
•Business continuity •Legal compliance

tal e
led
(Working applications) and control

Workstations •Risk Management

CMDB

Single controlled storage

Inconsistent records
 Centralised data
Service Asset
Configuration

s
atu
manager Services

g st
rkin
Network,

Wo
•Relationships and Cables,
Dependencies Switches SAM manager

Ins twar
Servers

sof
•Business continuity •Legal compliance

tal e
led
(Working applications) and control

Workstations •Risk Management

Federated CMDB

Decide who manages the workstations?

 Collecting Data

Typical lifecycle with Improved lifecycle using service management (and

inconsistent records and workflow) with consistent record collection
poor workflow

Lifecycle
Service Compliance
Lifecycle Libraries
Management reports
catalogue

Request Request Ticket

approval approval Update with application User CI

Change
manage
procure procure ment Start asset CI Asset CI

Goods in Goods in Add ser. No.

( request
fulfillme
New Stock New Stock nt) Status = stock

Status = deployed
Deploy Act. Dir. Deploy
Compliance

Compliance
Verification
In use In use Incident Status = defective
logs
Reports manage Reports
ment Status = in progress
repair repair

Old stock Old stock Change Status = old stock

manage
ment
retire ? retire Status = retired

discovery discovery
 People and roles
SAM owner SAM team
Activity SACM Configuration Config. admin CMS tools /
analyst /librarian administrator
Management -Configuration -policies and standards -create process Technology
and planning management plan -plan CMS and procedures. -evaluate
-Manage config mgmnt plan -recommend
-Scope/info/stds/plans/proc’s -implement
-customise
Configuration -CI classes -agree assets / CIs
identification -Ci naming
-CI ownership
-CI relationships
Configuration -Control Mech. -manage CMS
control -Status
-Approval
-location
Status - Value of each -SW master copies
accounting and status -asset CIs
-documentation CIs
reporting
Verification -baselines Vs -audits
and audit Audit data -inventory
-CMS to actual

Note : procurement is ‘Request Fulfilment’

The SW catalogue is SAM
SAM maturity
 Measuring SAM maturity - example
What percentage of user PCs and servers are included in a centralized software
inventory/CMDB (configuration management database); which is populated by a
software tracking tool?

Basic Standardised Rationalised Dynamic Integrated

KPI <68% (of HW) 68% to 95% 95% 98% +
No centralised Manually Centralised Dynamic reconcile Part of ITIL
inventories centralised discovery tool for (compare Configuration
inventories dynamic procurement / management
CSF reconciliation discovery)
Exceptions are
continually
reducing
Discovery
technology
Technology
 Example maturity results
Organization HW Outsourced Organization Small company
5 5
Retirement 4 SAM Plan Retirement 4 SAM Plan
3 3
2 2
Deployment Inventory Deployment Inventory
1 1
0 0

Acquisition Inventory % Acquisition Inventory %

Operations Licenses Operations Licenses

Compliance Compliance

Organization Blue chip Organization Small company

5 5
Retirement 4 SAM Plan Retirement 4 SAM Plan
3 3
2 2
Deployment Inventory Deployment Inventory
1 1
0 0

Acquisition Inventory % Acquisition Inventory %

Operations Licenses Operations Licenses

Compliance Compliance
 Maturity Model (SOM) - KPIs

Basic Standardised Rationalised Dynamic ITIL Integrated

1 2 3 4 5
Assets are basically Assets are Assets are actively Asset management Asset management
uncontrolled controlled with controlled but not fully automated and integrated with ITIL
manual processes. fully centralised centralised

No policies limited policies Published polices Enforced policies Integrated, policies

No SAM owners or Senior execs Informal senior exec Senior exec highly Senior exec
accountability responsive involved accountable

No electronic records Some electronic various electronic Single electronic SAM integrated with
available records formats format config. Mgmnt

No technology Low coverage and Partial centrallised Technology has full Technology fully
inaccurate technology technology coverage and is integrated
trusted
 Typical company - SAM journey
2008 2009 2010 2011

Basic = 1 Standardised = 2 Rationalised = 3 Dynamic = 4 Integrated = 5

Uncontrolled Manual Not centralised Automated Shared processes
Centralised with ITIL V3

Potential Under Licensing (RISK)

40% 20% 10% 5% ?%

SAM initiatives SAM plan Measures SAM plan Integration

• Centralised procurement • Centralised data • KPIs, SLAs • People
• Processes improved • Documented processes • User satisfaction • Processes
• Variety of records • Defined roles • Process efficiency • ITSM /SAM
• Compliance mitigation • Discovery technology • SAM technology technology

Expense Department benefit Operational benefit Corporate benefit Valued service

 Operational benefit
New function/process
New ability to cross reference a
leased PC with an asset number
Interactive process cross references •
SAM technology to Active Directory
Ability to track faults to asset types
More granular information on
failure rates and identification of
failed assets
Operational benefit
• Easier location and identification of PC’s for return to
leasing company
• Better data for the refresh team
• Engineers are dispatched to the correct site with
accurate knowledge of PC configuration.
Has stopped refresh errors.
• Improved help desk reporting
• Data for Supplier reviews

Process improvement
Manageable recovery process
Better PC tracking
Corporate benefit
Corporate benefit Corporate value
Reduced uncontrolled costs

Faster incident resolution Reduced controlled costs

More granular reports Improved efficiency IT is a valued service

Less time wasted by Reduced risk

engineers
Improved vendor Better strategic decisions
negotiations
Improved repair management

Licences used more

efficiently
Software used more
efficiently
 Valued Service
IT is a valued service when IT are involved in strategic decisions.

Gartner Survey

In a company where IT is involved at board level in Service

strategic decision and where information is available
then the spend profile for IT will be: Capital
•70 % is available for capital spend investment
•30% is required to keep the service operational.

In a company’s where IT has no say in strategic decisions

the business will be demanding changes faster than IT can Capital
investment
react, and the result on IT spend will be:
•30 % can be used for capital spend Service
•70% is required to keep the service operational.

For IT to be effective requires good control and accurate data.

It requires SAM and Service management to work together