Skip to main content

When do we know if our inventory is complete?

By Patrik Burvall | July 14, 2014

A question I’m often asked by customers is

“How do I know if I’ve inventoried all the relevant assets on our network?”. 

The answer, somewhat frustratingly, is “it depends!”.

It’s not the nicest answer to have to give, but it’s a fair once, since determining whether you’ve inventoried all the IT assets on a network actually requires both a number of steps and a conscious decision on what’s an acceptable ‘hit rate’.

That’s not to say it’s a question best not asked.  Far from it.  Relying on an incomplete picture of hardware and software assets can lead to some bad decision making and potential risks (in terms of financial, compliance and security).

So, although a tricky question, it’s also an essential one. My advice to organizations is that in order to find the answer, they need to address the three key requirements highlighted below:

  • Create a definitive list of all relevant systems and platforms to be included in the inventory
  • Verify that all the assets identified above are being inventoried in some way (not necessarily all the same way)
  • Check that the number of assets being reported on each platform matches the expectation of what should be there

To look at each of these points in a little more detail:

  1. Definitive asset list In large organizations, different systems will be the responsibility of multiple stakeholders.  It is important the SAM manager both identifies and ‘befriends’ these stakeholders so that he or she can consolidate many different systems into a single asset repository. Some systems might be considered ‘out of scope’ for a given project, and where this is the case it should be recorded as part of the SAM project management plan.  
  2. Verify assets are being inventoried Multi-platform networks introduce greater challenges when it comes to inventory, as different clients and scanning technologies will be required according to what types of platform are in use.  For example, the client agent sat on a Windows PC isn’t going to work on a Linux server – and many inventory solutions are incapable of accurately auditing virtualized assets. As such, it is important to map all the platforms identified in step 1 against an appropriate inventory or audit technology.  Some audit solutions like Snow Inventory offer a range of clients designed to capture information from a wide variety of platforms and operating systems.  Others are not so flexible and so it is not uncommon for organizations to require multiple audit solutions. Where multiple inventory solutions are used, thought must be given to how to consolidate the data from these disparate systems into a single asset repository (something solutions like Snow License Manager do very well – normalizing all software audit data along the way).   
  3. Check everything is being audited This is potentially the most difficult stage.  As the old saying goes “you don’t know what you don’t know!”.  If your inventory solution tells you it has audited 856 devices in a given location, how do you know if that’s ALL the machines in that location or whether any have been missed? There are, of course, a number of ways to ascertain whether the audit is complete.  Historically, organizations may have had to go as far as to conduct a ‘walk round’ audit, physically counting the number of machines in each location and then cross-checking this against the reported inventory information.   It’s a slow and expensive solution. A more cost effective way would be to cross-check the inventory against a second source of data.  To address this, Snow recently introduced ‘Active Directory Discovery’ into its Snow License Manager solution. 

Given that Active Directory should (in a well-maintain network, at least!) contain a list of all the devices on a given domain, it should provide a highly accurate reference point for the inventory information.

Where a device identified in Active Directory is not present in an inventory, it suggests that perhaps not every device on the domain has had a client deployed to it, or perhaps that client is not able to successfully report back to the inventory server, or even the machine may have been retired without Active Directory being updated. 

Whatever the cause, it needs investigation. Where a machine is discovered by the inventory solution but not included in the Active Directory system, well that suggests the Active Discovery information isn’t being well maintained and that’s a discussion for another day and another blog post!

Ultimately, the point at which an organization says ‘we’ve got everything’ is actually something of a judgment call and should ideally be included in the parameters of the SAM project plan (we often see plans with a target coverage rate of 95-98% of total devices, for example).

That said, by following the three steps highlighted above, there is no reason that even organizations with complex IT infrastructures should not have confidence that their inventory repository is as accurate as could be realistically expected.

You May Also Like

3 Key Considerations for Planning Your Cloud Transformation
3 Key Considerations for Planning Your Cloud Transformation
Discover some of the highlights from our recent virtual session at the National Cloud Transformation Summit with Apex Assembly.
Read More
New Forrester Research Reveals the High ROI of Software Asset Management
New Forrester Research Reveals the High ROI of Software Asset Management
The Forrester Consulting’s Total Economic Impact™ study interviewed four Snow customers in the U.S. and Europe with experience using Snow’s SAM solution. Take a look at some of the key findings.
Read More
SAM in 2021: Data Elements You Should Be Tracking for Software Agreements
SAM in 2021: Data Elements You Should Be Tracking for Software Agreements
Discover some of the key software agreement data fields you should collect and import to improve visibility over what applications are being used and at what cost.
Read More