Software asset management becomes an ISO standard

Out-Law News | 11 May 2006 | 6:30 pm | 1 min. read

A new international standard has been produced to enable organisations to prove that they are performing Software Asset Management (SAM) to a standard sufficient to satisfy corporate governance and to aid industry and vendors with software compliance.

Published by ISO (International Organization for Standardization) and IEC (International Electrotechnical Commission), ISO/IEC 19770-1:2006, Information technology – Software asset management - Part 1: Processes will enable organisations to benchmark their capability in delivering managed services, measuring service levels and assessing performance.

The standard is in two parts. Part one describes the processes involved in SAM:

  1. Control Environment: covers the processes and procedures, policies, roles and responsibilities, statements of all requirements and communications as well as ongoing assessment for the Sam process.
  2. Planning and Implementation: maps out the activities needed, resources required, reporting structure, measurement and verification plus a continual improvement process.
  3. Inventory: defines the scope selection and confirmation of assets included in Software Asset Management and the auditable monitoring of the existence, access to, usage and storage of them.
  4. Verification and compliance: covers the process to identify and record assets and match inventory to licences and associated processes like authorisation and calculating effective licence from underlying licences (upgrades)
  5. Operations Management: Covers security policy and documentary evidence of implementation, the management of relationship with suppliers and the contracts that relate to them including customer (user) relationships and maintenance of SLA’s for both the management and maintenance of contractual documents / budgets.
  6. Life Cycle: Covers the life cycle of software assets from change management and selection of assets, acquisition and development (including new releases) incident management, problem management through to retirement, transfer and disposals.

Part two, which has not been published yet, will define a product identification that aims to simplify the software inventory process.

Investors in Software, a group that exists to advance professionalism in SAM, said the Standard will help organisations that follow it.

"Good practice in SAM brings significant benefits in the areas of risk management, cost control, and competitive advantage," said Chairman Shaun Fröhlich. "We welcome the ISO Standard as a very significant development for the software industry that brings huge benefits for software users, vendors and resellers. It enables organisations, for the first time, to benchmark their SAM processes against internationally approved guidelines."