SAM & ISO 19770-1docshare04.docshare.tips/files/22536/225363146.pdf · •Certified ITIL v3 Expert...

Slide #: 1

SAM & ISO 19770-1Practical Methods You Can Employ in Your

Organization Today

© Copyright 2010 Third Sky, Inc.

Facilitated by:

Reg Lo Bernhard Boehler

Vice President Managing Partner

Third Sky Aspera

[email protected] [email protected]

mailto:[email protected]


Slide #: 2

Agenda

• Introductions

• What is SAM? What are its benefits?

• What is ISO 19770-1?

• Implementing SAM

• Aspera Software License Management Tools

and Managed Services

• Questions & Answers


Slide #: 3© Copyright 2010 Third Sky, Inc.

Reg Lo & Third Sky

Reg Lo

• Certified ITIL v3 Expert

• Vice President for Third Sky

• Contributor to “The Forum” the official

newsletter of itSMF USA

• Speaker at itSMF and HDI events

• Reviewer for ITIL v3 Update

Third Sky

• ITIL Education

• ITIL Assessments & Roadmaps,

Workshops and Process Consulting

• Technology Solutions

Slide #: 4

Bernhard Boehler & Aspera


Bernhard Boehler

• Over 15 years of SAM experience

• Co-founded Aspera

• In charge of sales and organization

Aspera

• Founded in 2000

• Employees: 43

• Partners in the Netherlands, UK, Denmark, and USA

• Customers: 40% of the companies in the German stock index (DAX), large, and

medium sized organizations, government and civil services bodies

Slide #: 5

Agenda

• Introductions








Slide #: 6

Software Asset Management


Software Asset Management

puts the People, Process and

Technology in place for the

effective management and

control of software assets

within an organization through

out all stages of their lifecycle.

Objective:

To manage, control and protect

an organization’s software

assets, including management

of the risks arising from the use

of those software assets.

What SAM isn’t

• Not just about audits

• Not just about tools

• Not just about compliance

Adapted from Microsoft: An Introduction to SAM: Optimize. Secure. Build.

Slide #: 7

Benefits of SAM


• Companies that systematically manage the lifecycles of IT assets will reduce cost per asset by as much as 30% year 1, 5%-10% over 5 years.

Save Money

• SAM can help assess which software assets have proven beneficial plus highlight where upgrades or new programs may be needed.

Manage Technological

Change

• Serious problems can affect and damage your computers and entire networks when unauthorized software is being used.

Be More Secure and

Reliable

• Abuse of software licenses can result in financial penalties, legal costs and even potential criminal judgments.

Avoid Costs and Fines

Slide #: 8

Source: Controller Magazine, Jan 2009

Potential Savings from SAM

Where? / What? How? How much?

Purchasing • Framework agreements and

volume licensing

• Optimization of leasing and SaaS

costs

Saving potential of

5 – 10%

Software installation /

configuration

• Standardize software

• Negotiating “early installation”

terms with suppliers

Average saving of 2 hours per

software

Time needed for

updates and upgrades

• Saving through proactive

management, significant increase

of productivity

30% reduction in time required

per update/upgrade

Software

Management

• Targeted use of “free” licenses 15% reduction in purchase

costs for new software and

updates

Slide #: 9

Agenda

• Introductions








Slide #: 10

ISO/IEC 19770-1

• Ratified in May 2006

• Contributing organizations

• Led by Swedish Standards Institute (SIS)

• Representation from: Australia, France, Japan, China, Sweden,

Belgium, Germany, Canada, USA, Spain, Finland and United

Kingdom

• US participation includes: Microsoft, Oracle, Symantec, IBM, Adobe,

KPMG, macrovision, Express metrics, CA

• ITIL & ISO 20000 compatible


Slide #: 11© Copyright 2010 Third Sky, Inc.

Organizational Management

Control Environment

Corp Governance Policies & Procedures

Process Definition Roles & Responsibilities

Planning & Implementing

Planning Monitoring &

Implementation Review

Core Processes

Inventory

Asset Identification

Inventory Management

Asset Control

Verification/Compliance

Recording Verification

Licensing Compliance

Security Compliance

Conformance Verification

Operations

Relationship & Contract

Financial Mgmnt

Service Level Mgmnt

Security Management

Process Interfaces

Change Management SW Development Deployment Problem

Acquisition Release Mgmnt Incident Retirement

Slide #: 12

SAM Lifecycle


Requirements

definition

Design Evaluation

ProcurementBuild

Deployment

Operation

Optimization

Retirement

Vendor AppIn house

Slide #: 13

Acquisition


1. Initiate internal

order (requisition)

2. Process

internal order

3. Initiate external

order

4. Place external

order

5. Process

incoming media

6. Install software

7. Process

invoices

8. Process proof

of license

Slide #: 14

Compliance


Records of

installed

software

Security

policies

SAM policies

and

procedures

Records of

licenses

owned

Verification

& audit

Licensing

compliance

Verification

& audit

Security

compliance

Other

compliance

Installed instances

of software

Physical proof of

license

Real-world security

practice

Real-world SAM

practice

Real-World InstancesVerification & Compliance ProcessesSAM Databases

Slide #: 15

Agenda

• Introductions








Slide #: 16

High Level SAM Approach


Assessment• Review of where you

are today

Policies & Procedures

• Identify governance, roles and responsibilities, and policies

Tool Evaluation

• Detailed vendor evaluation and selection

Implement

Operate

Continual

Improvement

Slide #: 17

SAM Maturity Model


Basic

(Ad Hoc)

Little control over what IT assets are

being used and where.

Lacks policies, procedures,

resources, and tools.

Standardized

(Tracking Assets)

SAM processes exist as well as

tool/data repository. Information may not be complete or accurate –

typically not used for decision making.

Rationalized

(Active Mgmnt)

Vision, policies, procedures and tools are used to manage IT

SW asset lifecycle. Reliable

information used to

manage the assets to business targets.

Dynamic

(Optimized)

Near real-time alignment with

changing business needs.

SAM is a strategic asset

to overall business

objectives.

Slide #: 18

Defining Policies for SAM

• Ensure alignment with control

objectives

• Validate with audit

requirements

• Ensure business justification

• Ensure measurement and

control ability

• Provide good communication

and training

SAM Policies

• Governance responsibilities

• Personal use restrictions

• Legal / Regulatory compliance

• Procurement requirements

• Approval requirements for installation

• Disciplinary implications for violation


Slide #: 19

Defining SAM Processes

• Assess existing processes

• Use workshop approach to

define “to be” processes

• Ensure processes support

controls and policies

• Ensure good communication and

training


Inventory

Asset Identification

Inventory Management

Asset Control

Verification / Compliance

• Recording Verification

• Licensing Compliance

• Security Compliance

• Conformance Verification

Operations

• Relationship & Contract

• Financial Mgmnt

• Service Level Mgmnt

• Security Management

Slide #: 20

Compliance Considerations

Perform regular reconciliation (licenses owned vs. licenses required for used software)

Perform regular security audit

Record, analyze, determine root cause of discrepancies

Plan for and execute follow-up actions


Slide #: 21

SAM Roles and

Responsibilities

• Centralize control:

• Compliance

• Process Ownership

• Interface with other

processes:

• Service Asset and

Configuration Management

(SACM)

• Supplier Management

• Allow for procurement

optimization and volume

negotiation

IT Support Managers are responsible for

ensuring all software is in compliance with

license agreements

BU Owners, with support from IT Support

Managers, are responsible for ensuring all

software is in compliance with license

agreements

IT Support Managers and BU Owners

share responsibility for ensuring all software

is in compliance with license agreements

Procurement Manager is responsible for

ensuring all software is in compliance with

license agreements

The SACM Process Owner is responsible

for ensuring all software is in compliance with

purchased software license agreements


Slide #: 22

Agenda

• Introductions








Slide #: 23

Aspera Software License

Management Tools & Services


1. Products – SmartTrack• Module design web-based tool for license and contract management, reconciliation, financial

reporting, and workflow management

2. Managed Services• Master Catalog

• Extended Catalog

• License Clearing

• Software Recognition

3. Technology Services• Application Service Providing (ASP)

• Maintenance & Support

• Software Development

• Interface Monitoring and Troubleshooting

4. Consulting Services• Process & Integration Consulting

• Solution Development

• Project Management

• Training

• Workshops

Products

Technology Services

Managed

Services

Consulting

Services

To

ol

Da

ta S

erv

ice

s

Slide #: 24

Aspera A-Model for SAM


http://www.aspera.com/a-model/flash_en.html

Slide #: 25

Aspera SmartTrack (ICM)


Slide #: 26

Aspera SmartTrack (ST)


Slide #: 27

Aspera Software License

Management


Slide #: 28

Agenda

• Introductions





and Management Services



Slide #: 29

Questions & Answers


Facilitated by:

Reg Lo Bernhard Boehler

Vice President Managing Partner

Third Sky Aspera

[email protected] [email protected]



SAM & ISO 19770-1docshare04.docshare.tips/files/22536/225363146.pdf · •Certified ITIL v3 Expert...

Documents

Transcript of SAM & ISO 19770-1docshare04.docshare.tips/files/22536/225363146.pdf · •Certified ITIL v3 Expert...