Software asset management becomes an ISO standard

Good practice benchmark set

For Sale sign detail

A new international standard has been produced to enable organisations to prove they are performing Software Asset Management (SAM) to a standard sufficient to satisfy corporate governance and to aid industry and vendors with software compliance.

Published by ISO (International Organisation for Standardisation) and IEC (International Electrotechnical Commission), ISO/IEC 19770-1:2006, Information technology – Software asset management - Part 1: Processes will enable organisations to benchmark their capability in delivering managed services, measuring service levels and assessing performance.

The standard is in two parts. Part one describes the processes involved in SAM:

  • Control Environment: covers the processes and procedures, policies, roles and responsibilities, statements of all requirements and communications as well as ongoing assessment for the SAM process.
  • Planning and Implementation: maps out the activities needed, resources required, reporting structure, measurement and verification, plus a continual improvement process.
  • Inventory: defines the scope selection and confirmation of assets included in Software Asset Management and the auditable monitoring of the existence, access to, usage, and storage of them.
  • Verification and compliance: covers the process to identify and record assets and match inventory to licences and associated processes like authorisation and calculating effective licence from underlying licences (upgrades)
  • Operations Management: Covers security policy and documentary evidence of implementation, the management of relationship with suppliers, and the contracts that relate to them including customer (user) relationships and maintenance of SLAs for both the management and maintenance of contractual documents/budgets.
  • Life Cycle: Covers the life cycle of software assets from change management and selection of assets, acquisition and development (including new releases), incident management, problem management through to retirement, transfer, and disposals.

Part two, which has not yet been published, will define a product identification that aims to simplify the software inventory process.

Investors in Software, a group that exists to advance professionalism in SAM, said the standard will help organisations that follow it.

"Good practice in SAM brings significant benefits in the areas of risk management, cost control, and competitive advantage," chairman Shaun Fröhlich said. "We welcome the ISO Standard as a very significant development for the software industry that brings huge benefits for software users, vendors and resellers. It enables organisations, for the first time, to benchmark their SAM processes against internationally approved guidelines."

Copyright © 2006, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Related stories

ISO/IEC 19770-1 Software Asset Management Process (available for sale by electronic download from ISO website)
All you need to know about effective software management

Sponsored: Today’s most dangerous security threats