SAM & ISO 19770-1docshare04.docshare.tips/files/22536/225363146.pdf · •Certified ITIL v3 Expert...
Transcript of SAM & ISO 19770-1docshare04.docshare.tips/files/22536/225363146.pdf · •Certified ITIL v3 Expert...
Slide #: 1
SAM & ISO 19770-1Practical Methods You Can Employ in Your
Organization Today
© Copyright 2010 Third Sky, Inc.
Facilitated by:
Reg Lo Bernhard Boehler
Vice President Managing Partner
Third Sky Aspera
Slide #: 2
Agenda
• Introductions
• What is SAM? What are its benefits?
• What is ISO 19770-1?
• Implementing SAM
• Aspera Software License Management Tools
and Managed Services
• Questions & Answers
© Copyright 2010 Third Sky, Inc.
Slide #: 3© Copyright 2010 Third Sky, Inc.
Reg Lo & Third Sky
Reg Lo
• Certified ITIL v3 Expert
• Vice President for Third Sky
• Contributor to “The Forum” the official
newsletter of itSMF USA
• Speaker at itSMF and HDI events
• Reviewer for ITIL v3 Update
Third Sky
• ITIL Education
• ITIL Assessments & Roadmaps,
Workshops and Process Consulting
• Technology Solutions
Slide #: 4
Bernhard Boehler & Aspera
© Copyright 2010 Third Sky, Inc.
Bernhard Boehler
• Over 15 years of SAM experience
• Co-founded Aspera
• In charge of sales and organization
Aspera
• Founded in 2000
• Employees: 43
• Partners in the Netherlands, UK, Denmark, and USA
• Customers: 40% of the companies in the German stock index (DAX), large, and
medium sized organizations, government and civil services bodies
Slide #: 5
Agenda
• Introductions
• What is SAM? What are its benefits?
• What is ISO 19770-1?
• Implementing SAM
• Aspera Software License Management Tools
and Managed Services
• Questions & Answers
© Copyright 2010 Third Sky, Inc.
Slide #: 6
Software Asset Management
© Copyright 2010 Third Sky, Inc.
Software Asset Management
puts the People, Process and
Technology in place for the
effective management and
control of software assets
within an organization through
out all stages of their lifecycle.
Objective:
To manage, control and protect
an organization’s software
assets, including management
of the risks arising from the use
of those software assets.
What SAM isn’t
• Not just about audits
• Not just about tools
• Not just about compliance
Adapted from Microsoft: An Introduction to SAM: Optimize. Secure. Build.
Slide #: 7
Benefits of SAM
© Copyright 2010 Third Sky, Inc.
• Companies that systematically manage the lifecycles of IT assets will reduce cost per asset by as much as 30% year 1, 5%-10% over 5 years.
Save Money
• SAM can help assess which software assets have proven beneficial plus highlight where upgrades or new programs may be needed.
Manage Technological
Change
• Serious problems can affect and damage your computers and entire networks when unauthorized software is being used.
Be More Secure and
Reliable
• Abuse of software licenses can result in financial penalties, legal costs and even potential criminal judgments.
Avoid Costs and Fines
Slide #: 8
Source: Controller Magazine, Jan 2009
Potential Savings from SAM
Where? / What? How? How much?
Purchasing • Framework agreements and
volume licensing
• Optimization of leasing and SaaS
costs
Saving potential of
5 – 10%
Software installation /
configuration
• Standardize software
• Negotiating “early installation”
terms with suppliers
Average saving of 2 hours per
software
Time needed for
updates and upgrades
• Saving through proactive
management, significant increase
of productivity
30% reduction in time required
per update/upgrade
Software
Management
• Targeted use of “free” licenses 15% reduction in purchase
costs for new software and
updates
Slide #: 9
Agenda
• Introductions
• What is SAM? What are its benefits?
• What is ISO 19770-1?
• Implementing SAM
• Aspera Software License Management Tools
and Managed Services
• Questions & Answers
© Copyright 2010 Third Sky, Inc.
Slide #: 10
ISO/IEC 19770-1
• Ratified in May 2006
• Contributing organizations
• Led by Swedish Standards Institute (SIS)
• Representation from: Australia, France, Japan, China, Sweden,
Belgium, Germany, Canada, USA, Spain, Finland and United
Kingdom
• US participation includes: Microsoft, Oracle, Symantec, IBM, Adobe,
KPMG, macrovision, Express metrics, CA
• ITIL & ISO 20000 compatible
© Copyright 2010 Third Sky, Inc.
Slide #: 11© Copyright 2010 Third Sky, Inc.
Organizational Management
Control Environment
Corp Governance Policies & Procedures
Process Definition Roles & Responsibilities
Planning & Implementing
Planning Monitoring &
Implementation Review
Core Processes
Inventory
Asset Identification
Inventory Management
Asset Control
Verification/Compliance
Recording Verification
Licensing Compliance
Security Compliance
Conformance Verification
Operations
Relationship & Contract
Financial Mgmnt
Service Level Mgmnt
Security Management
Process Interfaces
Change Management SW Development Deployment Problem
Acquisition Release Mgmnt Incident Retirement
Slide #: 12
SAM Lifecycle
© Copyright 2010 Third Sky, Inc.
Requirements
definition
Design Evaluation
ProcurementBuild
Deployment
Operation
Optimization
Retirement
Vendor AppIn house
Slide #: 13
Acquisition
© Copyright 2010 Third Sky, Inc.
1. Initiate internal
order (requisition)
2. Process
internal order
3. Initiate external
order
4. Place external
order
5. Process
incoming media
6. Install software
7. Process
invoices
8. Process proof
of license
Slide #: 14
Compliance
© Copyright 2010 Third Sky, Inc.
Records of
installed
software
Security
policies
SAM policies
and
procedures
Records of
licenses
owned
Verification
& audit
Licensing
compliance
Verification
& audit
Security
compliance
Other
compliance
Installed instances
of software
Physical proof of
license
Real-world security
practice
Real-world SAM
practice
Real-World InstancesVerification & Compliance ProcessesSAM Databases
Slide #: 15
Agenda
• Introductions
• What is SAM? What are its benefits?
• What is ISO 19770-1?
• Implementing SAM
• Aspera Software License Management Tools
and Managed Services
• Questions & Answers
© Copyright 2010 Third Sky, Inc.
Slide #: 16
High Level SAM Approach
© Copyright 2010 Third Sky, Inc.
Assessment• Review of where you
are today
Policies & Procedures
• Identify governance, roles and responsibilities, and policies
Tool Evaluation
• Detailed vendor evaluation and selection
Implement
Operate
Continual
Improvement
Slide #: 17
SAM Maturity Model
© Copyright 2010 Third Sky, Inc.
Basic
(Ad Hoc)
Little control over what IT assets are
being used and where.
Lacks policies, procedures,
resources, and tools.
Standardized
(Tracking Assets)
SAM processes exist as well as
tool/data repository. Information may not be complete or accurate –
typically not used for decision making.
Rationalized
(Active Mgmnt)
Vision, policies, procedures and tools are used to manage IT
SW asset lifecycle. Reliable
information used to
manage the assets to business targets.
Dynamic
(Optimized)
Near real-time alignment with
changing business needs.
SAM is a strategic asset
to overall business
objectives.
Slide #: 18
Defining Policies for SAM
• Ensure alignment with control
objectives
• Validate with audit
requirements
• Ensure business justification
• Ensure measurement and
control ability
• Provide good communication
and training
SAM Policies
• Governance responsibilities
• Personal use restrictions
• Legal / Regulatory compliance
• Procurement requirements
• Approval requirements for installation
• Disciplinary implications for violation
© Copyright 2010 Third Sky, Inc.
Slide #: 19
Defining SAM Processes
• Assess existing processes
• Use workshop approach to
define “to be” processes
• Ensure processes support
controls and policies
• Ensure good communication and
training
© Copyright 2010 Third Sky, Inc.
Inventory
Asset Identification
Inventory Management
Asset Control
Verification / Compliance
• Recording Verification
• Licensing Compliance
• Security Compliance
• Conformance Verification
Operations
• Relationship & Contract
• Financial Mgmnt
• Service Level Mgmnt
• Security Management
Slide #: 20
Compliance Considerations
Perform regular reconciliation (licenses owned vs. licenses required for used software)
Perform regular security audit
Record, analyze, determine root cause of discrepancies
Plan for and execute follow-up actions
© Copyright 2010 Third Sky, Inc.
Slide #: 21
SAM Roles and
Responsibilities
• Centralize control:
• Compliance
• Process Ownership
• Interface with other
processes:
• Service Asset and
Configuration Management
(SACM)
• Supplier Management
• Allow for procurement
optimization and volume
negotiation
IT Support Managers are responsible for
ensuring all software is in compliance with
license agreements
BU Owners, with support from IT Support
Managers, are responsible for ensuring all
software is in compliance with license
agreements
IT Support Managers and BU Owners
share responsibility for ensuring all software
is in compliance with license agreements
Procurement Manager is responsible for
ensuring all software is in compliance with
license agreements
The SACM Process Owner is responsible
for ensuring all software is in compliance with
purchased software license agreements
© Copyright 2010 Third Sky, Inc.
Slide #: 22
Agenda
• Introductions
• What is SAM? What are its benefits?
• What is ISO 19770-1?
• Implementing SAM
• Aspera Software License Management Tools
and Managed Services
• Questions & Answers
© Copyright 2010 Third Sky, Inc.
Slide #: 23
Aspera Software License
Management Tools & Services
© Copyright 2010 Third Sky, Inc.
1. Products – SmartTrack• Module design web-based tool for license and contract management, reconciliation, financial
reporting, and workflow management
2. Managed Services• Master Catalog
• Extended Catalog
• License Clearing
• Software Recognition
3. Technology Services• Application Service Providing (ASP)
• Maintenance & Support
• Software Development
• Interface Monitoring and Troubleshooting
4. Consulting Services• Process & Integration Consulting
• Solution Development
• Project Management
• Training
• Workshops
Products
Technology Services
Managed
Services
Consulting
Services
To
ol
Da
ta S
erv
ice
s
Slide #: 24
Aspera A-Model for SAM
© Copyright 2010 Third Sky, Inc.
Slide #: 25
Aspera SmartTrack (ICM)
© Copyright 2010 Third Sky, Inc.
Slide #: 26
Aspera SmartTrack (ST)
© Copyright 2010 Third Sky, Inc.
Slide #: 27
Aspera Software License
Management
© Copyright 2010 Third Sky, Inc.
Slide #: 28
Agenda
• Introductions
• What is SAM? What are its benefits?
• What is ISO 19770-1?
• Implementing SAM
• Aspera Software License Management Tools
and Management Services
• Questions & Answers
© Copyright 2010 Third Sky, Inc.
Slide #: 29
Questions & Answers
© Copyright 2010 Third Sky, Inc.
Facilitated by:
Reg Lo Bernhard Boehler
Vice President Managing Partner
Third Sky Aspera