Feeds

Software asset management becomes an ISO standard

Good practice benchmark set

  • alert
  • submit to reddit

High performance access to file storage

A new international standard has been produced to enable organisations to prove they are performing Software Asset Management (SAM) to a standard sufficient to satisfy corporate governance and to aid industry and vendors with software compliance.

Published by ISO (International Organisation for Standardisation) and IEC (International Electrotechnical Commission), ISO/IEC 19770-1:2006, Information technology – Software asset management - Part 1: Processes will enable organisations to benchmark their capability in delivering managed services, measuring service levels and assessing performance.

The standard is in two parts. Part one describes the processes involved in SAM:

  • Control Environment: covers the processes and procedures, policies, roles and responsibilities, statements of all requirements and communications as well as ongoing assessment for the SAM process.
  • Planning and Implementation: maps out the activities needed, resources required, reporting structure, measurement and verification, plus a continual improvement process.
  • Inventory: defines the scope selection and confirmation of assets included in Software Asset Management and the auditable monitoring of the existence, access to, usage, and storage of them.
  • Verification and compliance: covers the process to identify and record assets and match inventory to licences and associated processes like authorisation and calculating effective licence from underlying licences (upgrades)
  • Operations Management: Covers security policy and documentary evidence of implementation, the management of relationship with suppliers, and the contracts that relate to them including customer (user) relationships and maintenance of SLAs for both the management and maintenance of contractual documents/budgets.
  • Life Cycle: Covers the life cycle of software assets from change management and selection of assets, acquisition and development (including new releases), incident management, problem management through to retirement, transfer, and disposals.

Part two, which has not yet been published, will define a product identification that aims to simplify the software inventory process.

Investors in Software, a group that exists to advance professionalism in SAM, said the standard will help organisations that follow it.

"Good practice in SAM brings significant benefits in the areas of risk management, cost control, and competitive advantage," chairman Shaun Fröhlich said. "We welcome the ISO Standard as a very significant development for the software industry that brings huge benefits for software users, vendors and resellers. It enables organisations, for the first time, to benchmark their SAM processes against internationally approved guidelines."

Copyright © 2006, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Related stories

ISO/IEC 19770-1 Software Asset Management Process (available for sale by electronic download from ISO website)
All you need to know about effective software management

Top three mobile application threats

More from The Register

next story
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Record labels sue Pandora over vintage song royalties
Companies want payout on recordings made before 1972
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
Number crunching suggests Yahoo! US is worth less than nothing
China and Japan holdings worth more than entire company
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.