There are several different definitions available for IT Asset Management (ITAM), from ISO 19770-1, ITIL, Gartner, IAITAM and Wikipedia amongst others. While these definitions may differ in length and wording, they are all consistent in their position that ITAM is about business practices and processes. ITAM involves gathering the information you need to make effective use of and run your digital technology. However, when it comes to how to achieve good ITAM, there is considerably less consistency.
The first step towards building effective ITAM within your organization is understanding what you want to achieve. To identify that, it’s useful to look at some of the reasons why companies have ITAM capabilities in the first place. For the most part, these fall into three main categories: risk management, cost management, and growth and innovation.
Risk management for ITAM is traditionally focused on license compliance risk and software audits, while cost management is targeted at reducing shelfware and rightsizing software contracts. Support for growth and innovation is a more complex area to address, particularly when ITAM is seen as a tactical IT operational activity rather than a strategic business activity, but as IT teams are tasked with supporting digital transformation, ITAM’s role in supporting decisions around technology migrations such as the move to the cloud is starting to become clearer and more critical.
ITAM that supports your business
The drivers behind ITAM are diverse – designed to address a variety of different needs. But amid the panic around risk mitigation and cost management, one of the most important drivers is often left forgotten: what the organization is in business to do.
For ITAM to be effective, it must have a clear mission and mandate. Alignment to your organizational goals will help not only with the development of ITAM governance, but also with stakeholder buy in, business case development and demonstrating business value.
Building a governance framework
If ITAM’s role is to allow the organization to maximize the value from their technology assets while minimizing risk, then it is important to provide a framework within which this should happen. There is little value on reporting on opportunities to save, or compliance issues, if the business implications are not understood and the mechanisms for resolving issues or taking advantage of opportunities are not in place and accessible.
Many organizations have standardized governance frameworks, and as such, IT Asset Managers should use the framework and document formats that their colleagues are familiar with. While it is preferable to start by putting in place a mission statement and charter, and building the framework based on those, from a pragmatic perspective we find that most IT asset managers start with policy.
However, the governance framework is put together, it is important to ensure that at every stage it is concise and accessible. And each element has value.
Mission statement – sets out the goal of ITAM and should show a clear link between ITAM and organizational goals.
Charter – sets out roles, responsibilities, accountabilities and reporting mechanisms. It also provides the ITAM function with a mandate.
Policy – makes clear to everyone in the organization what the basic rules are around the way in which technology assets are managed throughout their lifecycle and why. This document should be accessible to everyone in the organization, not just ITAM or IT teams, so needs to be clear, concise, easy to translate (if in a multilingual organization) and free from jargon. The policy does not dictate the detail of how people work, but what they need to take into account when dealing with technology assets.
Standards – these are the mandatory standards that need to be complied with, so will include any relevant regulation (whether financial, industry-specific, environmental etc.) as well as standards the organization is aligned or compliant with (e.g. ISO 27001, ISO 14001 etc.).
Guidelines – these are optional, and are often more technical, as they apply primarily to the people who deal with technology assets on a day-to-day basis.
Processes – this is where many people get ITAM wrong and try to include all the processes that touch on the IT Asset Lifecycle within ITAM’s scope. Most of these processes are owned elsewhere. ITAM is concerned with the oversight of the asset lifecycle, and as such, ITAM processes are those that gather the relevant data about the assets and investigate and analyze it to identify where exceptions to policy are occurring and why. As such, processes should be documented at a high level, and need to be generic as they should apply to the full range of technology assets across the organization, and all the various data sources required to support the data analysis.
Procedures and work instructions – these are the more detailed activities that ITAM practitioners will undertake on a day-to-day basis to support the processes, and may be asset, vendor or system specific. They tend to be more technical in nature and are not designed for general distribution.
People and technology
In order to achieve successful outcomes, ITAM functions need both people and technology to support the governance framework and carry out the supporting activities. While there is no easy answer to ‘how many people do I need’, as this will vary based on the size and complexity of the organization and the technology that is in use within it, it is important that there is someone accountable for the success of ITAM, and that the activities associated with ITAM are assigned to appropriate individuals either as their primary role or as a key part of their wider responsibilities.
Given the volumes of assets, and therefore data, involved in ITAM (and for software asset management, the complexity of licensing), people alone are not the answer. While many asset managers continue to struggle with excel spreadsheets, effective ITAM tools to manage the data and automate the activities necessary for effective management of the data are key to ITAM success.
There is no magic formula for successful ITAM, but by starting with clear goals and objectives, and putting in place the supporting governance, processes, people and technology, it is possible to build an effective ITAM capability that has real relevance to your business stakeholders.
To learn more about how to put in place the governance, processes and people necessary to build an effective ITAM function, watch the first in our ITAM best practice webinar series hosted by Victoria Barber.