-
ITAM
The Definitive Guide
IT asset management (ITAM), including software asset management (SAM), has long been neglected within IT service management (ITSM). However, ITAM adoption has grown in popularity in recent years, with IT organizations finally waking up to the fact that they have asset-based waste. Whether this is:
But this is just the financial waste view, with software compliance still important, especially because software vendors might increase software audits with new sales revenues suffering due to the adverse financial impact of the global pandemic.
If you’re new to the world of ITAM, then this page will provide you with at least 80% of what you need to know in less than 20% of the time needed to piece it together yourself. Very much in line with the Pareto Principle where, for many outcomes, 80% of consequences come from 20% of the causes.
ITIL – the most popular body of service management best practices – defines the purpose of ITAM as: “…to plan and manage the full lifecycle of all IT assets, to help the organization:
There are two key points here. First, that ITAM needs to be focused, and well-scoped, given that most organizations will find it financially prohibitive to try to manage every corporate IT asset. Second, the view that ITAM is a one-and-done project.
When people think of ITAM, they might only think of a particular “flavor.” For example, their organization might need to respond to a forthcoming software-vendor audit visit, or the findings of an audit, and are thus looking at ITAM through a Software Asset Management (SAM) lens. But there are many flavors of ITAM that need to be considered when setting or extending the scope of an ITAM practice.
The common asset “flavors” are:
ITAM and ITSM have traditionally been treated as separate IT management disciplines but there has always been some overlap between them. For example, IT assets are employed in the delivery of IT services and cloud (IT) services can be managed as IT assets. And in 2019, ITAM was added to the ITIL 4 ITSM/service management best practice guidance as one of its 34 management practices. Importantly, both IT management disciplines have similar, if not common, goals – better business operations and outcomes.
In terms of the key differences (between ITAM and ITSM):
Despite these differences, ITAM and ITSM should be viewed as complementing each other rather than competing. Especially because IT services are commonly built from IT assets.
As highlighted in the ITIL 4 definition, ITAM will help your organization to:
For many organizations, the primary motivation for ITAM, and SAM in particular, is financial – reducing asset costs and/or optimizing asset use – with the latter increasingly being linked with value creation. Accurate asset data not only drives better financial decision-making, but also facilities other ITSM capabilities such as incident, problem, change, and capacity management. For example, ITAM can help IT service providers to deliver better IT services and support to employees and external customers while helping businesses to better use technology assets as both an enabler and competitive differentiator.
Software assets bring with them the need for license compliance – ensuring all software installs are appropriately licensed where needed and license agreements are complied with. Plus, ITAM capabilities allow organizations to be better prepared for software vendor audits (and to fare better in them too).
It can also help individuals to discharge their responsibilities more efficiently and effectively – by providing defined responsibilities and better ways of working (that employ industry best practices) that are enabled by what have been termed “ITAM tools” – software solutions that digitally enable the key ITAM processes as well as holding key asset data.
ITAM and ITSM complement each other rather than compete and, in many scenarios, they enhance each other. Hence, it’s better for organizations to plan for, and to encourage, them to work in tandem.
For example, organizations that have yet to, or have no ambition to, introduce a configuration management database (CMDB), ITAM capabilities and data can fulfill several ITSM needs that service configuration management capabilities would otherwise support.
One example of this is asset data quality improvement. Where data from IT service desk transactions can provide data for IT assets that haven’t recently been picked up by network scanning tools, including the user/ownership and the use cases. Process integration also helps to ensure ITAM data accuracy. Because incident management, service request management, and change management/enablement all either add to, reduce, or change IT assets.
A reverse example is using ITAM data to improve incident resolution times. Where a service desk analyst can understand the root cause and potential remedies for an issue more quickly when they have insight into the asset’s details.
There are higher-level opportunities too. For example, employees can self-audit their IT assets using the IT self-service portal. Or, ITAM data can be leveraged to help technology refresh projects go more smoothly, particularly if there's not an effective CMDB in place.
As with ITSM, there are various sources of ITAM best practice. Some of these have been written with an ITSM audience in mind. For example, the inclusion of ITAM in ITIL 4 via the IT asset management practice described earlier.
Some have been created from a governance perspective. For example, COBIT – “A framework for the governance and management of enterprise information and technology (I&T), aimed at the whole organization” – has a management practice for Managed Assets that helps organizations to: “Manage I&T assets through their lifecycle to make sure that their use delivers value at optimal cost, they remain operational (fit for purpose), and they are accounted for and physically protected. Ensure that those assets that are critical to support service capability are reliable and available. Manage software licenses to ensure that the optimal number are acquired, retained and deployed in relation to required business usage, and the software installed is in compliance with license agreements.”
Finally, some ITAM best practices are aimed at ITAM professionals. There are multiple international standards, the main one of which is ISO/IEC 19770-1 which “specifies the requirements for the establishment, implementation, maintenance and improvement of a management system for IT asset management (ITAM), referred to as an “IT asset management system” (ITAMS).”
Additional ISO documents related to ITAM include:
There are also various bodies that offer ITAM best practice guidance. Examples are:
Finally, organizations might be using elements of ITAM best practice without knowing that it comes from these or other approaches. It’s simply the way that things have been done, perhaps for many years, including best practices that are embedded with ITAM tools.
A common piece of advice, no matter the context, is to start at the beginning. In many ways, this is highly applicable to ITAM – with much of the foundational early work (and investment) critical to the success of the later operational ITAM activities. Importantly, this foundational work applies to organizations even before they decide on investing in an ITAM tool. It will help decide not only the need for an ITAM tool but also the capabilities that are required of it.
In addition to the above ITAM capabilities, an ITAM tool also needs to play nicely with other IT and business tools and systems. So, don’t overlook the required integrations with other applications. An obvious integration is with the corporate ITSM tool or the corporate finance or ERP system.
Some organizations have long known that certain IT management capabilities are also beneficial to other parts of the organization such as human resources (HR), customer service/support, facilities, finance, legal, procurement, and security teams. The IT industry has termed “enterprise service management” – where ITSM capabilities are extended to other business functions to improve their services, operations, experiences, and outcomes – with this including ITAM capabilities too.
2021 research highlighted that asset management is the third most commonly shared ITSM capability outside of IT as other business functions look to achieve one or more of:
As well as greater control over their assets and what they cost.