It’s often taken for granted that IT can easily and accurately provide definitive answers to questions like “how many laptops do we have at Site 1?” or “do we have the right number of SQL licenses?” or “how much do we need to budget for device replacements next year?” After all, don’t we know what we have?

IT can’t easily provide these answers because to do so you must track hardware and software throughout its lifecycle – which is not easy. And unfortunately, you often need to respond to these questions on very short notice because of an audit or to support a budgeting exercise.

IT Asset Management (ITAM) is the solution. It’s not a new solution – the discipline has been around for decades. But the key to success is to deploy the practice in a way that is sustainable, right-sized, and maximizes value.

Use our practical methodology to develop and document your approach to ITAM that is aligned with the goals of your organization.

Andrew Sharp Research Director Infrastructure & Operations Practice Info-Tech Research Group

Cost optimization, application rationalization and reduction of technical debt are all considered valuable to right-size spending and improve service outcomes. Without access to accurate data, these activities require significant investments of time and effort, starting with creation of point-in-time inventories, which lengthens the timeline to reaching project value and may still not be accurate.

Cost optimization and reduction of technical debt should be part of your culture and technical roadmap rather than one-off projects. Why? Access to accurate information enables the organization to quickly make decisions and pivot plans as needed. Through asset management, ongoing harvest and redeployment of assets improves utilization-to-spend ratios. We would never see any organization saying, “We’ve closed our year end books, let’s fire the accountants,” but often see this valuable service relegated to the back burner. Similar to the philosophy that “the best time to plant a tree is 20 years ago and the next best time is now,” the sooner you can start to collect, validate, and analyze data, the sooner you will find value in it.

Sandi Conrad Principal Research Director Infrastructure & Operations Practice Info-Tech Research Group

You have a mandate to create an accurate and actionable database of the IT assets in your environment, but:

• The data you have is often incomplete or wrong.
• Processes are broken or non-existent.
• Your tools aren’t up to the task of tracking ever more hardware, software, and relevant metadata.
• The role of stakeholders outside the core ITAM team isn’t well defined or understood.

It is challenging to make needed changes because:

• There’s cultural resistance to asset tracking, it’s seen as busywork that doesn’t clearly create value.
• Decentralized IT teams aren’t generating the data required to track hardware and licenses.
• ITAM can’t direct needed tool improvements because the admins don’t report to ITAM.
• It’s hard to find time to improve processes given the day-to-day demands on your time.

• Develop an approach and strategy for ITAM that is sustainable and aligned with your business priorities.
• Clarify the structure for the ITAM program, including scope, responsibility and accountability, centralization vs. decentralization, outsourcing vs. insourcing, and more.
• Create a practical roadmap to guide improvement.
• Summarize your strategy and approach using Info-Tech’s templates for review with stakeholders.

Unlock business value with IT asset management

• IT asset management (ITAM) is the practice of maintaining accurate, accessible, and actionable data on the assets within the organization’s IT estate. Each IT asset will have a record that tracks it across its lifecycle from purchase to disposal.
• ITAM’s value is realized through other processes and practice areas that can leverage ITAM data to manage risk, improve IT services, and control costs.
• Develop an approach to ITAM that maximizes the value delivered to the business and IT. ITAM succeeds when its partners succeed at delivering business value, and it fails when it doesn’t show value to those partners.

This blueprint will help you develop your approach for the management of IT hardware and software, including cloud services. Leverage other Info-Tech methodologies to dive directly into developing hardware asset management procedures, software asset management procedures, or to implement configuration management best practices.

Info-Tech Members report significant savings from implementing our hardware and software asset management frameworks. In order to maximize value from the process-focused methodologies below, develop your ITAM strategy first.

ITAM provides both early and ongoing value

Example: Software Savings from ITAM

This chart shows the money saved between the first quote and the final price for software and maintenance by a five-person ITAM team. Over a year and a half, they saved their organization a total of $7.5 million from a first quote total of $21 million over that period.

This is a perfect example of the direct value that ITAM can provide on an ongoing basis to the organization, when properly supported and integrated with IT and the business.

Examples of up-front value delivered in the first year of the ITAM practice:

• Save money by reviewing and renegotiating critical, high-spend, and undermanaged software and service contracts.
• Redeploy or dispose of clearly unused hardware and software.
• Develop and enforce standards for basic hardware and software.
• Improve ITAM data quality and build trust in the results.

Examples of long-term value from ongoing governance, management, and operational ITAM activities:

• Optimize spend: Reallocate unused hardware and software, end unneeded service agreements, and manage renewals and audits.
• Reduce risk: Provide comprehensive asset data for security controls development and incident management; manage equipment disposal.
• Improve IT service: Support incident, problem, request, and change management with ITAM data. Develop new solutions with an understanding of what you have already.

• ITAM takes a village, but stakeholders aren’t aware of their role. ITAM processes rely on technicians to update asset records, vendors to supply asset data, administrators to manage tools, leadership to provide direction and support, and more.
• Constant change in the IT and business environment undermines the accuracy of ITAM records (e.g. licensing and contract changes, technology changes that break discovery tools, personnel and organizational changes).
• Improvement efforts are overwhelmed by day-to-day activities. One study found that 83% of SAM teams’ time is consumed by audit-related activities. (Flexera State of ITAM Report 2022) A lack of improvement becomes a vicious cycle when stakeholders who don’t see the value of ITAM decline to dedicate resources for improvement.
• Stakeholders expect ITAM tools to be a cure-all, but even at their best, they can’t provide needed answers without some level of configuration, manual input, and supervision.
• There’s often a struggle to connect ITAM to value. For example, respondents to Info-Tech’s Management & Governance Diagnostic consistently rank ITAM as less important than other processes that ITAM directly supports (e.g. budget management and budget optimization). (Info-Tech MGD Diagnostic (n=972 unique organizations))

• Only 28% of SAM teams track IaaS and PaaS spend, and only 35% of SAM teams track SaaS usage.
• Increasing SAM maturity is a challenge for 76% of organizations.
• 10% of organizations surveyed have spent more than $5 million in the last three years in audit penalties and true-ups.
• Half of all of organizations lack a viable SAM tool.
• Seventy percent of SAM teams have a shortfall of qualified resources.
(Flexera State of ITAM Report 2022)

Business-Aligned Spend
Optimization and Transparency

Facilitate IT Services
and Products

Actionable, Accessible,
and Accurate Data

Context-Aware Risk Management
and Security Controls

Plan & Govern

Business Goals, Risks, and Structure

• ITAM Goals & Priorities
• Roles, Accountability, Responsibilities
• Scope

Ongoing Management Commitment

• Resourcing & Funding
• Policies & Enforcement
• Continuous Improvement

Culture

• ITAM Education, Awareness & Training
• Organizational Change Management

Build & Manage

Tools & Data

• ITAM Tool Selection & Deployment
• Configuration Management Synchronization
• IT Service Management Integration

Process

• Process Management
• Data & Process Audits
• Document Management

People, Policies, and Providers

• Stakeholder Management
• Technology Standardization
• Vendor & Contract Management

Our methodology will help you build a business-aligned strategy and approach for your ITAM practice with the following outputs:

• Business-aligned ITAM priorities, opportunities, and goals.
• Current and target state ITAM maturity.
• Metrics and KPIs.
• Roles, responsibilities, and accountability.
• Insourcing, outsourcing, and (de)centralization.
• Tools and technology.
• A documentation framework.
• Initiatives, a roadmap, and a communication plan.

• 1.1 Define ITAM and brainstorm opportunities and challenges.
Executive Alignment Working Session:
• 1.2 Review organizational priorities, strategy, and key initiatives.
• 1.3 Align executive priorities with ITAM opportunities and priorities.
• 1.4 Identify business-aligned ITAM goals and target maturity.
• 1.5 Write mission and vision statements.
• 1.6 Define ITAM metrics and KPIs.

• 2.1 Define ITAM scope.
• 2.2 Acquire ITAM services (outsourcing and contracting).
• 2.3 Centralize or decentralize ITAM capabilities.
• 2.4 Create a RACI for the ITAM practice.
• 2.5 Align ITAM with other service management practices.
• 2.6 Evaluate ITAM tools and integrations.
• 2.7 Create a plan for internal and external audits.
• 2.8 Improve your budget processes.
• 2.9 Establish a documentation framework.
• 2.10 Create a roadmap and communication plan.

• Set a foundation and direction for an ITAM practice that will allow IT to manage risk, optimize spend, and enhance services in line with business requirements.
• Establish accountability and responsibility for essential ITAM activities. Decide where to centralize or decentralize accountability and authority. Identify where outsourcing could add value.
• Create a roadmap with concrete, practical next steps to develop an effective, right-sized ITAM practice.

• Plan and control technology spend with confidence based on trustworthy ITAM data.
• Enhance IT’s ability to rapidly and effectively support new priorities and launch new projects. Effective ITAM can support more streamlined procurement, deployment, and management of assets.
• Implement security controls that reflect your total technology footprint. Reduce the risk that a forgotten device or unmanaged software turns your organization into the next Colonial Pipeline.

DIY Toolkit

Guided Implementation

Workshop

Consulting

Diagnostics and consistent frameworks used throughout all four options

Call #2: Review business priorities.

Call #3: Identify ITAM goals & target maturity.

Call #6: Acquire ITAM services.

Call #8: ITAM and service management.

Tools and integrations.

Call #11: Budgets & documentation

Call #12: Roadmap, comms plan. Wrap-up.

Workshop Overview

Contact your account representative for more information.
workshops@infotech.com1-888-670-8889

Identify ITAM priorities & goals, maturity, metrics and KPIs

Identify your approach to support ITAM priorities and goals

Next Steps and wrap-Up (offsite)

1.1 Define ITAM.

1.2 Brainstorm ITAM opportunities and challenges.

Conduct an executive alignment working session:

1.3 Review organizational priorities, strategy, and key initiatives.

1.4 Align executive priorities with ITAM opportunities.

1.5 Set ITAM priorities.

2.1 Translate opportunities into ITAM goals and tactics.

2.2 Identify target and current state ITAM maturity.

2.3 Create mission and vision statements.

2.4 Identify key ITAM metrics and KPIs.

3.1 Define ITAM scope.

3.2 Acquire ITAM services (outsourcing and contracting)

3.3 Centralize or decentralize ITAM capabilities.

3.4 Create a RACI for the ITAM practice.

3.5 Align ITAM with other service management practices.

3.6 Evaluate ITAM tools and integrations.

4.1 Create a plan for internal and external audits.

4.2 Improve your budget processes.

4.3 Establish a documentation framework and identify documentation gaps.

4.4 Create a roadmap and communication plan.

5.1 Complete in-progress deliverables from previous four days.

5.2 Set up review time for workshop deliverables and to discuss next steps.

1. ITAM opportunities and challenges.
2. Align executive priorities with ITAM opportunities.
3. Set ITAM priorities.

1. ITAM goals and tactics.
2. Current and target ITAM maturity.
3. Mission and vision statements.
4. ITAM metrics and KPIs.

1. Decisions that will shape your ITAM approach, including:
   1. What’s in scope (hardware, software, and cloud services).
   2. Where to centralize, decentralize, or outsource ITAM activities.
   3. Accountability, responsibility, and structure for ITAM activities.
   4. Service management alignment, tooling gaps, audit plans, budget processes, and required documentation.
2. A roadmap and communication plan.

1. Your completed ITAM strategy template.

Phase 1:

Establish business-aligned ITAM goals and priorities

Phase 1

1.1 Define ITAM and brainstorm opportunities and challenges.

Executive Alignment Working Session:

1.2 Review organizational priorities, strategy, and key initiatives.

1.3 Align executive priorities with ITAM opportunities & priorities.

1.4 Identify business-aligned ITAM goals and target maturity.

1.5 Write mission and vision statements.

1.6 Define ITAM metrics and KPIs.

Phase 2

2.1 Define ITAM scope.

2.2 Acquire ITAM services (outsourcing and contracting).

2.3 Centralize or decentralize ITAM capabilities.

2.4 Create a RACI for the ITAM practice.

2.5 Align ITAM with other service management practices.

2.6 Evaluate ITAM tools and integrations.

2.7 Create a plan for internal and external audits.

2.8 Improve your budget processes.

2.9 Establish a documentation framework.

2.10 Create a roadmap and communication plan.

• This methodology and the related slides are intended to be executed via intensive, collaborative working sessions using the rest of this slide deck.
• Ensure the working sessions are a success by working through these steps before you start work on your IT asset management strategy.

1. Identify participants

2. Estimate assets managed today

3. Create a working folder

It is also a baseline snapshot your ability to relay key ITAM metrics quickly and confidently, so you can measure progress (in terms of greater confidence) over time.

1. Download the estimation tracker below. Add any additional line items that are particularly important to the organization.
2. Time-box this exercise to an hour. Use your own knowledge and existing data repositories to identify count/spend for each line item, then add a margin of error to your guess. Larger margins of error on larger counts will typically indicate larger risks.
3. Track any assumptions, data sources used, or SMEs consulted in the comments.

Download the IT Asset Estimation Tracker

“Any time there is doubt about the data and it doesn’t get explained or fixed, then a new spreadsheet is born. Data validation and maintenance is critical to avoid the hidden costs of having bad data”

Allison Kinnaird,
Operations Practice Lead,
Info-Tech Research Group

1. Download a copy of the ITAM Strategy Template.
   1. This will be the repository for all the work you do in the activities listed in this blueprint; take a moment to read it through and familiarize yourself with the contents.
2. House the template in a shared repository that can house other related work in progress. Share this folder with participants so they can check in on your progress.
3. You’ll see this callout box: Add your results to your copy of the ITAM Strategy Template as you work through activities in this blueprint. Copy the output to the appropriate slide in the ITAM Strategy Template.

• The last exercise in this methodology is to gather everything you’ve learned and build a roadmap to improve the ITAM practice.
• The output of the exercises will inform the roadmap, as they will highlight areas with opportunities for improvement.
• Write them down as you work through the exercises, or you risk forgetting valuable ideas.
• Keep an “idea space” – a whiteboard with sticky notes or a shared document – to which any of your participants can post an idea for improvement and that you can review and consolidate later.
• Encourage participants to add their ideas at any time during the exercises.

According to the ISO 19770 standard on ITAM, an IT Asset is “[an] item, thing, or entity that can be used to acquire, process, store and distribute digital information and has potential or actual value to an organization.”
These are all things that IT is expected to support and manage, or that have the potential to directly impact services that IT supports and manages.

IT assets are distinct from capital assets. Some IT assets will also be capital assets, but not all will be. And not all capital assets are IT assets, either.

IT assets are typically tracked by IT, not by finance or accounting.
IT needs more from their IT asset tracking system than the typical finance department can deliver.
This can include end-user devices, software, IT infrastructure, cloud-based resources, third-party managed IT services, Internet-of-Things devices, embedded electronics, SCADA equipment, “smart” devices, and more.

It’s important to track IT assets in a way that enables IT to deliver value to the business – and an important part of this is understanding what not to track. This list should be aligned to the needs of your organization.

What is IT asset management?

• IT asset management is the practice of maintaining accurate, accessible, and actionable data on IT hardware, software, and cloud assets from procurement to disposal.
• Trustworthy data maintained by an IT asset management practice will help your business meet its goals by managing risk, controlling costs, and enabling IT services and products.
• ITAM tends to focus on the asset itself – its technical, financial, contractual, lifecycle, and ownership attributes – rather than its interactions or connections to other IT assets, which tends to be part of configuration management.

What IT Asset Management is NOT:

Configuration Management: Configuration management databases (CMDBs) often draw from the same data pool as ITAM (many configuration items are assets, and vice versa), but they focus on the interaction, interconnection, and interoperation of configuration items within the IT estate.

In practice, many configuration items will be IT assets (or parts of assets) and vice versa. Configuration and asset teams should work closely together as they develop different but complementary views of the IT environment. Use Info-Tech’s methodology to harness configuration management superpowers.

Organizational Data Management: Leverage a different Info-Tech methodology to develop a digital and data asset management program within Info-Tech’s DAM framework.

“Asset management’s job is not to save the organization money, it’s not to push back on software audits.

It’s to keep the asset database as up-to-date and as trustworthy as possible. That’s it.” (Jeremy Boerger, Consultant & Author)

“You can’t make any real decisions on CMDB data that’s only 60% accurate.

You start extrapolating that out, you’re going to get into big problems.” (Mike Austin, Founder & CEO, MetrixData 360)

What is an ITAM strategy?

Our strategy document will outline a coherent, sustainable, business-aligned approach to ITAM.

No single approach to ITAM fits all organizations. Nor will the same approach fit the same organization at different times. A world-leading research university, a state government, and a global manufacturer all have very different goals and priorities that will be best supported by different approaches to ITAM.

This methodology will walk you through these critical decisions that will define your approach to ITAM:

• Business-aligned priorities, opportunities, and goals: What pressing opportunities and challenges do we face as an organization? What opportunities does this create that ITAM can seize?
• Current and future state maturity, challenges: What is the state of the practice today? Where do we need to improve to meet our goals? What challenges stand in the way of improvement?
• Responsibility, accountability, sourcing and (de)centralization: Who does what? Who is accountable? Where is there value to outsourcing? What authority will be centralized or decentralized?
• Tools, policies, and procedures: What technology do we need? What’s our documentation framework?
• Initiatives, KPIs, communication plan, and roadmap: What do we need to do, in what order, to build the ITAM practice to where we need it to be? How long do we expect this to take? How will we measure success?

“A good strategy has coherence, coordinating actions, policies, and resources so as to accomplish an important end. Most organizations, most of the time, don’t have this.

Instead, they have multiple goals and initiatives that symbolize progress, but no coherent approach to accomplish that progress other than ‘spend more and try harder.’” (Good Strategy, Bad Strategy, Richard Rumelt)

ITAM supports the following practices that help manage organizational risk:

• Security Controls Development
• Security Incident Response
• Security Audit Reports
• Regulatory Compliance Reports
• IT Risk Management
• Technical Debt Management
• M&A Due Diligence

ITAM supports these activities that help optimize spend:

• Vendor Management & Negotiations
• IT Budget Management & Variance Analysis
• Asset Utilization Analysis
• FinOps & Cloud Spend Optimization
• Showback & Chargeback
• Software Audit Defense
• Application Rationalization
• Contract Consolidation
• License and Device Reallocation

Use ITAM to facilitate these IT services and initiatives:

• Solution and Enterprise Architecture
• Service Level Management
• Technology Procurement
• Technology Refresh Projects
• Incident & Problem Management
• Request Management
• Change Management
• Green IT

Review the list of common challenges on the next slide as a group.

1. Delete any challenges that don’t apply to your organization.
2. Modify any challenges as required to reflect your organization.
3. Add further challenges that aren’t on the list, as required.
4. Highlight challenges that are particularly painful.

Add your results to your copy of the ITAM Strategy Template

“The problem – the reason why asset management initiatives keep falling on their face – is that people attack asset management as a problem to solve, instead of a practice and epistemological construct.” (Jeremy Boerger, Consultant & Author)

• Leadership and executives don’t understand the value of asset management and don’t fund or resource it.
• Tools aren’t fit for purpose, don’t scale, or are broken.
• There’s a cultural tendency to focus on tools over processes.
• ITAM data is fragmented across multiple repositories.
• ITAM data is widely viewed as untrustworthy.
• Stakeholders respond to vendor audits before consulting ITAM, which leads to confusion and risks penalties.
• No time for improvement; we’re always fighting fires.
• We don’t audit our own ITAM data for accuracy.
• End-user equipment is shared, re-assigned, or disposed without notifying or involving IT.

• No dedicated resources.
• Lack of clarity on roles and responsibilities.
• Technicians don’t track assets consistently; ITAM is seen as administrative busywork.
• Many ITAM tasks are manual and prone to error.
• Inconsistent organizational policies and procedures.
• We try to manage too many hardware types/software titles.
• IT is not involved in the procurement process.
• Request and procurement is seen as slow and excessively bureaucratic.
• Hardware/software standards don’t exist or aren’t enforced.
• Extensive rogue purchases/shadow IT are challenging to manage via ITAM tools and processes.

Enter the executives

Deliver on leadership priorities

• Your business’ major transformative projects and executive priorities might seem far removed from hardware and software tracking. Why would we start with business strategy and executive priorities as we’re setting goals for the ITAM program?
• While business executives have (likely) no interest in how software and hardware is tracked, they are accountable for the outcomes ITAM can enable. They are the most likely to understand why and how ITAM can deliver value to the organization.
• ITAM succeeds by enabling its stakeholders to achieve business outcomes. The next three activities are designed to help you identify how you can enable your stakeholders, and what outcomes are most important from their point of view. Specifically:
  • What are the business’ planned transformational initiatives?
  • What are your highest priority goals?
  • What should the priorities of the ITAM practice be?
• The answers to these questions will shape your approach to ITAM. Direct input from your leadership and executives – or their delegates – will help ensure you’re setting a solid foundation for your ITAM practice.

“What outcomes does the organization want from IT asset management? Often, senior managers have a clear vision for the organization and where IT needs to go, and the struggle is to communicate that down.” (Kylie Fowler, ITAM Intelligence)

• Improve data to increase IT spend transparency.
• Consolidate major software contracts to drive discounts.
• Increase asset utilization.
• Identify opportunities to retire applications with redundant functionality

• Acquire the right tech at the right time to support transformational initiatives.
• Provide IT asset data to technicians supporting end users.

• Identify abandoned or out-of-spec IT assets.
• Provide IT asset data to support controls development.
• Support security incident teams with IT asset data.

• Optimize Spend
• Manage Risk

• We believe there is significant opportunity right now to rationalize spend by consolidating key software contracts.
• Major acquisitions are anticipated in the near future. Effective ITAM processes are expected to mitigate acquisition risk by supporting due diligence and streamlined integration of acquired organizations.
• Ransomware and supply chain security threats have increased demands for a comprehensive accounting of IT assets to support security controls development and security incident response.

• Improve data to increase IT spend transparency.
• Increase asset utilization.
• Consolidate major software contracts to drive discounts.
• Identify opportunities to retire applications with redundant functionality

• Acquire the right tech at the right time to support transformational initiatives.
• Provide IT asset data to technicians supporting end users.

• Identify abandoned or out-of-spec IT assets.
• Provide IT asset data to support controls development.
• Support security incident teams with IT asset data.

• Improve data to increase IT spend transparency.
• Increase asset utilization.
• Consolidate major software contracts to drive discounts.
• Identify opportunities to retire applications with redundant functionality

• Acquire the right tech at the right time to support transformational initiatives.
• Provide IT asset data to technicians supporting end users.

• Identify abandoned or out-of-spec IT assets.
• Provide IT asset data to support controls development.
• Support security incident teams with IT asset data.

• Review and improve hardware budgeting exercises.
• Reallocate unused licenses, hardware.
• Ensure ELP reports are up to date.
• Validate software usage.
• Data to support software renewal negotiations.

• Use info from ITAM for more efficient adds, moves, changes.
• Integrate asset records with the ticket intake system, so that when someone calls the service desk, the list of their assigned equipment is immediately available.

• Find and retire abandoned devices or services with access to the organization’s network.
• Report on lost/stolen devices.
• Develop reliable disposal processes.
• Report on unpatched devices/software.

• All items from Business & Technology Partner, plus:
• Business and IT stakeholders collaborate regularly with the ITAM team to identify new opportunities to leverage or deploy ITAM practices and data to mitigate risks, optimize spend, and improve service. The ITAM program scales with the business.

• All items from Trusted Operator, plus:
• The ITAM data is integral to decisions related to budget, project planning, IT architecture, contract renewal, and vendor management. Software and cloud assets are reviewed as frequently as required to manage costs. ITAM data consumers have self-serve access to ITAM data.
• Continuous improvement practices strengthen ITAM efficiency and effectiveness.
• ITAM processes, standards, and related policies are regularly reviewed and updated. ITAM teams work closely with SMEs for key tools/systems integrated with ITAM (e.g. AD, ITSM, monitoring tools) to maximize the value and reliability of integrations.

• ITAM data for deployed hardware and software is regularly audited for accuracy.
• Sufficient staff and skills to support asset tracking, including a dedicated IT asset management role. Teams responsible for ITAM data collection cooperate effectively. Policies and procedures are documented and enforced. Key licenses and contracts are available to the ITAM team. Discovery, tracking, and analysis tools support most important use cases.

• Data is often untrustworthy, may be fragmented across multiple repositories, and typically requires significant effort to translate or validate before use.
• Insufficient staff, fragmented or incomplete policies or documentation. Data tracking processes are extremely highly manual. Effective cooperation for ITAM data collection is challenging.
• ITAM tools are in place, but additional configuration or tooling is needed.

• No data, or data is typically unusable.
• No allocated staff, no cooperation between parties responsible for ITAM data collection.
• No related policies or documentation.
• Tools are non-existent or not fit-for-purpose.

Innovator – Optimized Asset Management

Business & Technology Partner – Proactive Asset Management

Trusted Operator – Controls Assets

Firefighter – Reactive Asset Tracking

Unreliable - Struggles to Support

• The vision for what we want the ITAM practice to be in the future; and
• The mission – the purpose and intentions – of the ITAM practice today.

Why bother creating mission and vision statements? After all, isn’t it just rehashing or re-writing all the work we’ve just done? Isn’t that (at best) a waste of time?

• Create a compass that can guide work today and your roadmap for the future.
• Focus on the few things you must do, rather than the many things you could do.
• Concisely communicate a compelling vision for the ITAM practice to a larger audience who (let’s face it) probably won’t read the entire ITAM Strategy deck.

“Brevity is the soul of wit.” (Hamlet, Act 2, Scene 2)

“Writing is easy. All you have to do is cross out the wrong words.” (Mark Twain)

Navigate a universe of ITAM metrics

When you have the data, how will you use it?

• There’s a dizzying array of potential metrics you can develop and track across your ITAM environment.
• Different stakeholders will need different data feeds, metrics, reports, and dashboards.
• Different measures will be useful at different times. You will often need to filter or slice the data in different ways (by department, timeframe, equipment type, etc.)
• We’ll use the next few exercises to identify the types of metrics that may be useful to different stakeholders and the KPIs to measure progress towards ITAM goals and priorities.

ITAM Metrics

• Quantity
  e.g. # of devices or licenses
• Cost
  e.g. average laptop cost
• Compliance
  e.g. effective license position reports
• Progress
  e.g. ITAM roadmap items completed
• Quality
  e.g. ITAM data accuracy rate
• Time
  e.g. time to procure/ deploy

Drill down by:

• Vendor
• Date
• Dept.
• Product
• Location
• Cost Center
• …

Targets could include one or more of:

• Target state (e.g. completed)
• Target magnitude (e.g. number, percent, rate, dollar amount)
• Target direction (e.g. trending up or down)

You may track many metrics, but you should have only a few KPIs (typically 2-3 per objective).

A breached KPI should be a trigger to investigate and remediate the root cause of the problem, to ensure progress towards goals and priorities can continue.

Which KPIs you track will change over the life of the practice, as ITAM goals and priorities shift. For example, KPIs may initially track progress towards maturing ITAM practices. Once you’ve reached target maturity, KPIs may shift to track whether the key service targets are being met.

Phase 2:

Identify your approach to support ITAM priorities and goals

Phase 1

1.1 Define ITAM and brainstorm opportunities and challenges.

Executive Alignment Working Session:

1.2 Review organizational priorities, strategy, and key initiatives.

1.3 Align executive priorities with ITAM opportunities & priorities.

1.4 Identify business-aligned ITAM goals and target maturity.

1.5 Write mission and vision statements.

1.6 Define ITAM metrics and KPIs.

Phase 2

2.1 Define ITAM scope.

2.2 Acquire ITAM services (outsourcing and contracting).

2.3 Centralize or decentralize ITAM capabilities.

2.4 Create a RACI for the ITAM practice.

2.5 Align ITAM with other service management practices.

2.6 Evaluate ITAM tools and integrations.

2.7 Create a plan for internal and external audits.

2.8 Improve your budget processes.

2.9 Establish a documentation framework.

2.10 Create a roadmap and communication plan.

In some organizations, portions of the environment won’t be tracked by the asset management team at all. For example, some organizations will choose to delegate tracking multi-function printers (MFPs) or proprietary IoT devices to the department or vendor that manages them.

Due to resourcing or technical limitations, you may decide that certain equipment or software is out of scope for the moment.

What do other organizations typically track in detail?

• Installs and entitlements for major software contracts that represent significant spend and/or are highly critical to business goals.
• Equipment managed directly by IT that needs to be refreshed on a regular cycle:
  • End-user devices such as laptops, desktops, and tablets.
  • Server, network, and telecoms devices.
• High value equipment that is not regularly refreshed may also be tracked, but in less detail – for example, you may not refresh large screen TVs, but you may need to track date of purchase, deployed location, vendor, and model for insurance or warranty purposes.

• End-user devices housing data or with a dollar value of more than $300, which will be replaced through lifecycle refresh.
• Infrastructure devices, including network, telecom, video conferencing, servers and more

• End-user software purchased under contract
• Best efforts on single license purchases
• Infrastructure software, including solutions used by IT to manage the infrastructure
• Enterprise applications
• Cloud (SaaS, IaaS, PaaS)
• Departmental applications

• Open-source applications
• In-house developed applications
• Freeware & shareware
• IoT devices

• When determining which asset capabilities and activities are best kept in-house and which ones are better handled by a supplier, it is imperative to keep the value to the business in mind.
• Activities/capabilities that are challenging to standardize and are critical to enabling business goals are better kept in-house.
• Activities/capabilities that are (or should be) standardized and automated are ideal candidates for outsourcing.
• Outsourcing can be effective and successful with a narrow scope of engagement and an alignment to business outcomes.
• Organizations that heavily weigh cost reduction as a significant driver for outsourcing are far less likely to realize the value they expected to receive.

• Supports business-aligned ITAM opportunities & priorities
• Highly specialized
• Offers competitive advantages

• Talent or access to skills
• Economies of scale
• Access to technology
• Does not require deep knowledge of your business

• How important is this activity or capability to ITAM, IT, and business priorities and goals?
• Is it a non-commodity IT service that can improve customer satisfaction?
• Is it a critical service to the business and the specialized knowledge must remain in-house?
• Does the function require access to talent or skills not currently available in-house, and is cost-prohibitive to obtain?
• Are there economies of scale that can help us meet growing demand?
• Does the vendor provide access to best-of-breed tools and solutions that can handle the integration, management, maintenance and support of the complete system?

You may ultimately choose to engage a single vendor or a combination of multiple vendors who can best meet your ITAM needs.

Establishing effective vendor management processes, where you can maximize the amount of service you receive while relying on the vendor’s expertise and ability to scale, can help you make your asset management practice a net cost-saver.

• Contract review
• Software audit management
• Asset tagging
• Asset disposal and recycling
• Initial ITAM record creation
• End-user device imaging
• End-user device deployment
• End-user software provisioning
• End-user image management
• ITAM database administration
• ELP report creation
• ITAM process management
• ITAM report generation

• Tier 1 support/service desk
• Deskside/field support
• Tier 3 support
• IT Procurement
• Device management/managed IT services
• Budget development
• Applications development, maintenance
• Infrastructure hosting (e.g. cloud or colocation)
• Infrastructure management and support
• Discovery/monitoring tools management and support

• Asset disposal/recycling

• ELP report creation

• ITAM process management

• ITAM accountability, policies, tools, standards, and expertise – in this model, they’re all concentrated in a single, specialized IT asset management practice. Accountability, authority, and oversight are concentrated in the central function as well.
• A central ITAM team will benefit from knowledge sharing and task specialization opportunities. They are a visible single point of contact for ITAM-related questions
• The central ITAM team will coordinate ITAM activities across the organization to optimize spend, manage risk, and enhance service. Any local IT teams are supported by and directly answerable to the central ITAM team for ITAM activities.
• There is a single, centrally managed ITAM database. Wherever possible, this database should be integrated with other tools to support cross-solution automation (e.g. integrate AD to automatically reflect user identity changes in the ITAM database).
• This model drives cross-organization coordination and oversight, but it may not be responsive to specific and nuanced local requirements.

Direct reporting relationship

Dotted line working or reporting relationship

• ITAM accountability and oversight are entirely devolved to local or regional IT and/or ITAM organizations, which are free to set their own priorities, goals, policies, and standards. This model maximizes the authority of local groups to build practices that meet local requirements.
• It may be challenging to resource and mature local practices. ITAM maturity will vary from one local organization to the next.
• It is more likely that ITAM managers are a part-time role, and sometimes even a non-IT role. Local ITAM teams or coordinators may coordinate and share knowledge informally, but specialization can be challenging to build or leverage effectively across the organization.
• There is likely no central ITAM tool. Local tools may be acquired, implemented, and integrated by local IT departments to suit their own needs, which can make it very difficult to report on assets organization-wide – for example, to establish compliance on an enterprise software contract.

Direct reporting relationship

Dotted line working or reporting relationship

Informal working relationships, knowledge sharing

• A middle ground between centralized and decentralized ITAM, this model balances centralized decision making, specialization, and governance with local autonomy.
• A central team will define organization-wide ITAM goals, develop capabilities, policies, and standards, and monitor compliance by local and central teams. All local teams must comply with centrally defined requirements, but they can also develop further capabilities to meet local goals.
• For example, there will typically be a central ITAM database that must be used for at least a subset of assets, but other teams may build their own databases for day-to-day operations and export data to the central database as required.
• There are often overlapping responsibilities in this model. A strong collaborative relationship between central and local ITAM teams is especially important here, particularly after major changes to requirements, processes, tools, or staffing when issues and breakdowns are more likely.

Direct reporting relationship

Oversight/governance

Dotted line working or reporting relationship

• A special case of federated ITAM that balances central control and local autonomy, but with more power given to local IT to opt out of centralized shared services that come with centralized ITAM requirements.
• ITAM requirements set by the shared services team will support management, allocation, and may have showback or chargeback implications. Following the ITAM requirements is a condition of service. If a local organization chooses to stop using shared services, they are (naturally) no longer required to adhere to the shared services ITAM requirements.
• As with the federated model, local teams may develop further capabilities to meet local goals.

Direct reporting relationship

Dotted line working relationship

Informal working relationships, knowledge sharing

• There is a need to build reports that aggregate data on assets organization-wide, rather than just assets within a local environment.
• Decentralized ITAM tracking isn’t producing accurate or usable data, even for local purposes.
• Tracking tools have overlapping functionality. There’s an opportunity to rationalize spend, management and support for ITAM tools.
• Contract centralization can optimize spend and manage risks, but only with the data required to manage those contracts.

• Tracking and reporting on local assets is sufficient to meet ITAM goals; there is limited or no need to track assets organization-wide.
• Local teams have the skills to track and maintain asset data; subsidiaries have appropriate budgets and tools to support ITAM tracking.
• Decentralized ITSM/ITAM tools are in place, populated, and accurate.
• The effort to consolidate tools and processes may outweigh the benefits to data centralization.
• Lots of variability in types of assets and the environment is stable.

• A centralized IT asset management solution is implemented and managed.
• Local teams must understand the why and how of centralized data tracking and be held accountable for assigned responsibilities.
• The asset tool should offer both centralized and localized views of the data.

• Guidelines and expectations for reporting to centralized asset management team will be well defined and supported.
• Local asset managers will have opportunity to collaborate with others in the role for knowledge transfer and asset trading, where appropriate.

• Budgeting, governance, and accountability are already centralized. Centralized ITAM practices can support the existing governance practices.
• Centralizing contract management and negotiation can optimize spend and/or deliver access to better service.
• Centralize management for contracts that cover most of the organization, are highly complex, involve large spend and/or higher risk, and will benefit from specialization of asset staff.

• Budgeting, governance, and accountability rest with local organizations.
• There may be increased need for high levels of customer responsiveness and support.
• Decentralize contract management for contracts used only by local groups (e.g. a few divisions, a few specialized functions), and that are smaller, low risk, and come with standard terms and conditions.

• A centralized IT asset management solution is implemented and managed.
• Contract terms must be harmonized across the organization.
• Centralized fulfillment is as streamlined as possible. For example, software contracts should include the right to install at any time and pay through a true-up process.

• Any expectations for harmonization with the centralized asset management team will be well defined and supported.
• Local asset managers can collaborate with other local ITAM leads to support knowledge transfer, asset swapping, etc.

• Standard technologies are deployed organization-wide.
• There are opportunities to improve service and optimize costs by consolidating knowledge, service contracts, and support functions.
• Centralizing data on product supply allows for easier harvest and redeployment of assets by a central support team.
• A stable, central support function can better support localized needs during seasonal staffing changes, mergers and acquisitions.

• Technology is unique to a local subset of users or customers.
• Minimal opportunity for savings or better support by consolidating knowledge, service contracts, or support functions.
• Refresh standards are set at a local level; new tech adoption may be impeded by a reliance on older technologies, local budget shortfalls, or other constraints.
• Hardware may need to be managed locally if shipping costs and times can’t reasonably be met by a distant central support team.

• Ensure required processes, technologies, skills, and knowledge are in place to enable centralized support.
• Keep a central calendar of contract renewals, including reminders to start work on the renewal no less than 90 days prior. Prioritize contracts with high dollar value or high risk.
• The central asset management solution should be configured to provide data that can enable the central support team.

• Ensure required processes, technologies, skills, and knowledge are in place to enable decentralized support.
• Decentralized support teams must understand and adhere to ITAM activities that are part of support work (e.g. data entry, data audits).
• The central asset management solution should be configured to provide data that can enable the central support team, or decentralized asset solutions must be funded, and teams trained on their use.

• Make better use of central ITAM database.

• Support local IT departments building runbooks for data tracking during lifecycle activities (create templates, examples)

• Centralize Microsoft contracts.
• Create a runbook to onboard new companies to MSFT contracts.

• Create tools and data views to support local department budget exercises.

• Ensure all end-user devices are visible to centrally managed InTune, ConfigMgr.

• Enable direct shipping from vendor to local sites.
• Establish disposal/pickup at local sites.

The asset manager role requires a variety of skills, knowledge, and abilities including:

• Operations, process, and practice management.
• An ability to communicate, influence, negotiate, and facilitate.
• Organizational knowledge and relationship management.
• Contract and license agreement analysis, attention to detail.
• Natural curiosity and a willingness to learn.
• A strong understanding of technologies in use by the organization, and how they fit into the asset management program.

“Where your asset manager sits, and what past experience they have, is going to influence how they do asset management.” (Jeremy Boerger, Consultant & Author)

“It can be annoying at times, but a good IT asset manager will poke their nose into activities that do not obviously concern them, such as programme and project approval boards and technical design committees. Their aim is to identify and mitigate ITAM risks BEFORE the technology is deployed as well as to ensure that projects and solutions ‘bake in’ the necessary processes and tools that ensure IT assets can be managed effectively throughout their lifecycle.” (Kylie Fowler, ITAM by Design, 2017)

• ITAM Operations, Process, and Practice Management
  The asset manager is typically responsible for managing and improving the ITAM practice and related processes and tools. The asset manager may administer the ITAM tool, develop reports and dashboards, evaluate and implement new technologies or services to improve ITAM maturity, and more.
• Organizational Knowledge
  An effective IT asset manager has a good understanding of your organization and its strategy, products, stakeholders, and culture.
• Technology & Product Awareness
  An IT asset manager must learn about new and changing technologies and products adopted by the organization (e.g. IoT, cloud) and develop recommendations on how to track and manage them via the ITAM practice.

• People Management
  Asset managers often manage a team directly and have dotted-line reports across IT and the business.
• Communication
  Important in any role, but particularly critical where learning, listening, negotiation, and persuasion are so critical.
• Finance & Budgeting
  A foundational knowledge of financial planning and budgeting practices is often helpful, where the asset manager is asked to contribute to these activities.
• Contract Review & Analysis
  Analyze new and existing contracts to evaluate changes, identify compliance requirements, and optimize spend.

• A RACI exercise will help you discuss and document accountability and responsibility for critical ITAM activities.
• When responsibility and accountability are not currently well documented, it’s often useful to invite a representative of the roles identified to participate in this alignment exercise. The discussion can uncover contrasting views on responsibility and governance, which can help you build a stronger management and governance model.
• The RACI chart can help you identify who should be involved when making changes to a given activity. Clarify the variety of responsibilities assigned to each key role.
• In the future, you may need to define roles in more detail as you change your hardware and software asset management procedures.

Configuration Management Database (CMDB)

Service Attributes

Supported Service(s)
Service Description, Criticality, SLAs
Service Owners
Data Criticality/Sensitivity

CI Relationships

Physical Connections
Logical Connections
Dependencies

Discovery, Normalization, Dependency Mapping, Business Rules*	Manual Data Entry

Hardware Information

Serial, Model and Specs
Network Address
Physical Location

Software Installations

Hypervisor & OS
Middleware & Software
Software Configurations

Asset Management Database (AMDB)

Procurement/Purchasing

Purchase Request/Purchase Order
Invoice and Cost
Cost Center
Vendor
Contracts and MSAs
Support/Maintenance/Warranties

Asset Attributes

Model, Title, Product Info, License Key
Assigned User
Lifecycle Status
Last ITAM Audit Date
Certificate of Disposal

IT Security Systems

Vulnerability Management
Threat Management
SIEM
Endpoint Protection

IT Service Management (ITSM) System

Change Tickets
Request Tickets
Incident Tickets
Problem Tickets
Project Tickets
Knowledgebase

Financial System/ERP

General Ledger
Accounts Payable
Accounts Receivable
Enterprise Assets
Enterprise Contract Database

What broke?
Was it under warranty?
Is there a service contract?
Was it licensed?
Who was it assigned to?
Is it end-of-life?

ITAM
Practice

What can this user request or purchase?
What are standard hardware and software offerings?
What does the requester already have?
Are there items in inventory to fulfil the request?
Did we save money by reissuing equipment?
Is this a standard request?
What assets are being requested regularly?

What IT assets are related to the known issue?
What models and vendors are related to the issue?
Are the assets covered by a service contract?
Are other tickets related to this asset?
What end-of-life assets have been tied to incidents recently?

What assets are related to the change?
Is the software properly licensed?
Has old equipment been properly retired and disposed?
Have software licenses been returned to the pool?
Is the vendor support on the change part of a service contract?

Without direct line of sight into tools management, the ITAM team must influence rather than direct improvement initiatives that are in some cases critical to the performance of the ITAM function. To more effectively influence improvement efforts, you must explicitly identify what you need, why you need it, from which tools, and from which stakeholders.

I was talking to one organization that has 1,600,000 AD records for 100,000 employees.” (Mike Austin, Founder, MetrixData 360)

• Track HW/SW
• Connect assets to incident, request

• Currently used for end-user devices only
• Not all divisions have access
• SAM capabilities are limited

• Add license for additional read/write access
• Start tracking infra in this tool

• Store user IDs, organizational data

• Work with AD team to identify issues creating data issues

• Automatically calculate licensing entitlements from contract data.
• Automatically calculate licensing requirements from discovery data.
• Support gap analyses.

• Further develop software requirements.
• Identify vendors in the space and create a shortlist.

Audit your data by comparing records in the ITAM system to other discovery sources.

• Ideally, use three separate data sources (e.g. ITAM database, discovery tool, security tool). Use a common field, such as the host name, to compare across fields. (To learn more about discovery tool analysis, see Jeremy Boerger’s book, Rethinking IT Asset Management.)
• Run reports to compare records and identify discrepancies. This could include assets missing from one system or metadata differences such as different users or installed software.
• Over time, discrepancies between tools should be well understood and accepted; otherwise, they should be addressed and remediated.

Conduct a hands-on investigation led by ITAM staff and IT technicians.

• In-person audits require significant effort and resources. Each audit should be scoped and planned ahead of time to focus on known problem areas.
• Provide the audit team with exact instructions on what needs to be verified and recorded. Depending on the experience and attention to detail of the audit team, you may need to conduct spot checks to ensure you’re catching any issues in the audit process itself.
• Automation should be used wherever possible (e.g. through barcodes, scanners, and tables for quick access to ITAM records).

Have users validate the IT assets assigned to them.

• Even more than IT-led audits: don’t use this approach too frequently; keep the scope as narrow as possible and the process as simple as possible.
• Ensure users have all the information and tools they’ll need readily available to complete this task, or the result will be ineffective and will only frustrate your users.
• Consider a process integrated with your ITSM tool: once a year, when a user logs in to the portal, they will be asked to enter the asset code for their laptop (and provided with instructions on where to find that code). Investigate discrepancies between assignments and ITAM records.

• Vendor audits are expensive.
• If you’re out of compliance, you will at minimum be required to pay the missing license fees. At their discretion, vendors may choose to add punitive fees and require you to cover the hourly cost of their audit teams. If you choose not to pay, the vendor could secure an injunction to cut off your service, which in many cases will be far more costly than the fines. And this is aside from the intangible costs of the disruption to your business and damaged relationships between IT, ITAM, your business, and other partners.
• Having a plan to respond to an audit is critical to reducing audit risk. Preparation will help you coordinate your audit response, ensure the audit happens on the most favorable possible terms, and even prevent some audits from happening in the first place.
• The best defense, as they say, is a good offense. Good ITAM and SAM processes will allow you to track acquisition, allocation, and disposal of software licenses; understand your licensing position; and ensure you remain compliant whenever possible. The vendor has no reason to audit you when there’s nothing to find.
• Know when and where your audit risk is greatest, so you can focus your resources where they can deliver the most value.

Info-Tech Insight

Audit defense starts long before you get audited. For an in-depth review of your audit approach, see Info-Tech’s Prepare and Defend Against a Software Audit.

• Your organization is visibly fighting fires. Signs of disorder may signal to vendors that there are opportunities to exploit via an audit. Past audit failures make future audits more likely.
• You are looking for ways to decrease spend. Vendors may counter attempts to true-down licensing by launching an audit to try to find unlicensed software that provides them leverage to negotiate maintained or even increased spending.
• Your license/contract terms with the vendor are particularly complex or highly customized. Very complex terms may make it harder to validate your own compliance, which may present opportunities to the vendor in an audit.
• The vendor has earned a reputation for being particularly aggressive with audits. Some vendors include audits as a standard component of their business model to drive revenue. This may include acquiring smaller vendors or software titles that may not have been audit-driven in the past, and running audits on their new customer base.

“The reality is, software vendors prey on confusion and complication. Where there’s confusion, there’s opportunity.” (Mike Austin, Founder, MetrixData 360)

• Don’t panic: Resist knee-jerk reactions. Follow the plan.
• Form an audit response team and centralize your response: This team should be led by a member of the ITAM group, and it should include IT leadership, software SMEs, representatives from affected business areas, vendor management, contract management, and legal. You may also need to bring on a contractor with deep expertise with the vendor in question to supplement your internal capabilities. Establish clearly who will be the point of contact with the vendor during the audit.
• Clarify the scope of the audit: Clearly establish what the audit will cover – what products, subsidiaries, contracts, time periods, geographic regions, etc. Manage the auditors to prevent scope creep.
• Establish who covers audit costs: Vendors may demand the auditee cover the hourly cost of their audit team if you’re significantly out of compliance. Consider asking the vendor to pay for your team’s time if you’re found to be compliant.
• Know your contract: Vendors’ contracts change over time, and it’s no guarantee that even your vendor’s licensing experts will be aware of the rights you have in your contract. You must know your entitlements to negotiate effectively.

1. Bring the audit request received to the attention of ITAM and IT leadership. Assemble the response team.
2. Acknowledge receipt of audit notice.
3. Negotiate timing and scope of the audit.
4. Direct staff not to remove or acquire licenses for software under audit without directly involving the ITAM team first.
5. Gather installation data and documentation to establish current entitlements, including original contract, current contract, addendums, receipts, invoices.
6. Compare entitlements to installed software.
7. Investigate any anomalies (e.g. unexpected or non-compliant software).
8. Review results with the audit response team.

• Trustworthy data on deployed assets and spending obligations tied to those assets.
• Projections of hardware due for replacement in terms of quantity and spend.
• Knowledge of IT hardware and software contract terms and pricing.
• Lists of unused or underused hardware and software that could be redeployed to avoid spend.
• Comparisons of spend year-over-year.

Being part of the budgeting process positions ITAM for success in other ways:

• Helps demonstrate the strategic value of the ITAM practice.
• Provides insight into business and IT strategic projects and priorities for the year.
• Strengthens relationships with key stakeholders, and positions the ITAM team as trusted partners.

“Knowing what you have [IT assets] is foundational to budgeting, managing, and optimizing IT spend.” (Dave Kish, Info-Tech, Practice Lead, IT Financial Management)

• Creating buckets of spend and allocating assets to those buckets.
• Zero-based review on IaaS instances quarterly.
• Develop dashboards plugged into asset data for department heads to view allocated assets and spend.
• Create value reports to demonstrate hard savings as well as cost avoidance.

• Waiting for business leaders to come to us for help (start reaching out with reports proactively, three months before budget cycle).
• % increases on IT budgets without further review.

• Monthly variance budget analysis.
• What-if analysis for asset spend based on expected headcount increases.

• ITAM policy and/or related policies (procurement policy, security awareness policy, acceptable use policy, etc.)
• ITAM strategy document
• ITAM roadmap or burndown list
• Job descriptions
• Functional requirements documents for ITAM tools

Operational documentation

• ITAM SOPs (hardware, software) and workflows
• Detailed work instructions/knowledgebase articles
• ITAM data/records
• Contracts, purchase orders, invoices, MSAs, SOWs, etc.
• Effective Licensing Position (ELP) reports
• Training and communication materials
• Tool and integration documentation

• Asset management governance, operations, and tools typically generate a lot of documentation.
• Don’t create documentation for the sake of documentation. Prioritize building and maintaining documentation that addresses major risks or presents opportunities to improve the consistency and reliability of key processes.
• Maximize the value of ITAM documentation by ensuring it is as current, accessible, and usable as it needs to be.
• Clearly identify where documentation is stored and who should have access to it.
• Identify who is accountable for the creation and maintenance of key documentation, and establish triggers for reviews, updates, and changes.

• Certain requirements of the ITAM practice may need to be backed up by corporate policies: formal statements of organizational expectations that must be recognized by staff, and which will lead to sanctions/penalties if breached.
• Some organizations will choose to create one or more ITAM-specific policies. Others will include ITAM-related statements in other existing policies, such as acceptable use policies, security training and awareness policies, procurement policies, configuration policies, e-waste policies, and more.
• Ensure that you are prepared to monitor compliance with policies and evenly enforce breaches of policy. Failing to consistently enforce your policies exposes you and your organization to claims of negligence or discriminatory conduct.
• For a template for ITAM-specific policies, see Info-Tech’s policy templates for Hardware Asset Management and Software Asset Management.

• All IT staff

• Annual review
• As-needed for major tooling changes that require a documentation update

• More accurate IT spend predictions
• Better equipment utilization and value for money

• Sponsor integration project between ITAM DB and financial system
• Support procurement procedures review

• Better oversight into IT spend
• Data to help demonstrate IT value

• Resources required to support tool and ITAM process improvements

Kylie is an experienced ITAM/FinOps consultant with a track record of creating superior IT asset management frameworks that enable large companies to optimize IT costs while maintaining governance and control.

She has operated as an independent consultant since 2009, enabling organizations including Sainsbury's and DirectLine Insurance to leverage the benefits of IT asset management and FinOps to achieve critical business objectives. Recent key projects include defining an end-to-end SAM strategy, target operating model, policies and processes which when implemented provided a 300% ROI.

She is passionate about supporting businesses of all sizes to drive continuous improvement, reduce risk, and achieve return on investment through the development of creative asset management and FinOps solutions.

Rory is the founder, owner, and principal consultant of SAM Charter, an internationally recognized consultancy in enterprise-wide Software & IT Asset Management. As an industry leader, SAM Charter is uniquely poised to ensure your IT & SAM systems are aligned to your business requirements.

With a technical background in business and systems analysis, Rory has a wide range of first-hand experience advising numerous companies and organizations on the best practices and principles pertaining to software asset management. This experience has been gained in both military and civil organizations, including the Royal Navy, Compaq, HP, the Federation Against Software Theft (FAST), and several software vendors.

Jeremy started his career in ITAM fighting the Y2K bug at the turn of the 21st century. Since then, he has helped companies in manufacturing, healthcare, banking, and service industries build and rehabilitate hardware and software asset management practices.

These experiences prompted him to create the Pragmatic ITAM method, which directly addresses and permanently resolves the fundamental flaws in current ITAM and SAM implementations.

In 2016, he founded Boerger Consulting, LLC to help business leaders and decision makers fully realize the promises a properly functioning ITAM can deliver. In his off time, you will find him in Cincinnati, Ohio, with his wife and family.

Mike Austin leads the delivery team at MetrixData 360. Mike brings more than 15 years of Microsoft licensing experience to his clients’ projects. He assists companies, from Fortune 500 to organizations with as few as 500 employees, with negotiations of Microsoft Enterprise Agreements (EA), Premier Support Contracts, and Select Agreements. In addition to helping negotiate contracts, he helps clients build and implement software asset management processes.

Previously, Mike was employed by Microsoft for more than 8 years as a member of the global sales team. With Microsoft, Mike successfully negotiated more than a billion dollars in new and renewal EAs. Mike has also negotiated legal terms and conditions for all software agreements, developed Microsoft’s best practices for global account management, and was awarded Microsoft’s Gold Star Award in 2003 and Circle of Excellence in 2008 for his contributions.