Feeds

Software asset management becomes an ISO standard

Good practice benchmark set

  • alert
  • submit to reddit

Internet Security Threat Report 2014

A new international standard has been produced to enable organisations to prove they are performing Software Asset Management (SAM) to a standard sufficient to satisfy corporate governance and to aid industry and vendors with software compliance.

Published by ISO (International Organisation for Standardisation) and IEC (International Electrotechnical Commission), ISO/IEC 19770-1:2006, Information technology – Software asset management - Part 1: Processes will enable organisations to benchmark their capability in delivering managed services, measuring service levels and assessing performance.

The standard is in two parts. Part one describes the processes involved in SAM:

  • Control Environment: covers the processes and procedures, policies, roles and responsibilities, statements of all requirements and communications as well as ongoing assessment for the SAM process.
  • Planning and Implementation: maps out the activities needed, resources required, reporting structure, measurement and verification, plus a continual improvement process.
  • Inventory: defines the scope selection and confirmation of assets included in Software Asset Management and the auditable monitoring of the existence, access to, usage, and storage of them.
  • Verification and compliance: covers the process to identify and record assets and match inventory to licences and associated processes like authorisation and calculating effective licence from underlying licences (upgrades)
  • Operations Management: Covers security policy and documentary evidence of implementation, the management of relationship with suppliers, and the contracts that relate to them including customer (user) relationships and maintenance of SLAs for both the management and maintenance of contractual documents/budgets.
  • Life Cycle: Covers the life cycle of software assets from change management and selection of assets, acquisition and development (including new releases), incident management, problem management through to retirement, transfer, and disposals.

Part two, which has not yet been published, will define a product identification that aims to simplify the software inventory process.

Investors in Software, a group that exists to advance professionalism in SAM, said the standard will help organisations that follow it.

"Good practice in SAM brings significant benefits in the areas of risk management, cost control, and competitive advantage," chairman Shaun Fröhlich said. "We welcome the ISO Standard as a very significant development for the software industry that brings huge benefits for software users, vendors and resellers. It enables organisations, for the first time, to benchmark their SAM processes against internationally approved guidelines."

Copyright © 2006, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Related stories

ISO/IEC 19770-1 Software Asset Management Process (available for sale by electronic download from ISO website)
All you need to know about effective software management

Intelligent flash storage arrays

More from The Register

next story
Facebook pays INFINITELY MORE UK corp tax than in 2012
Thanks for the £3k, Zuck. Doh! you're IN CREDIT. Guess not
Big Content outs piracy hotbeds: São Paulo, Beijing ... TORONTO?
MPAA calls Canadians a bunch of bootlegging movie thieves
Google Glassholes are UNDATEABLE – HP exec
You need an emotional connection, says touchy-feely MD... We can do that
Lawyers mobilise angry mob against Apple over alleged 2011 Macbook Pro crapness
We suffered 'random bouts of graphical distortion' - fanbois
Just don't blame Bono! Apple iTunes music sales PLUMMET
Cupertino revenue hit by cheapo downloads, says report
US court SHUTS DOWN 'scammers posing as Microsoft, Facebook support staff'
Netizens allegedly duped into paying for bogus tech advice
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.
Website security in corporate America
Find out how you rank among other IT managers testing your website's vulnerabilities.