SAM - Best Practices Lisa Lopez and Karen Ravan Spartanburg Community College.
SAM - assets.microsoft.com · Baseline Review Introduction SAM: an industry-led best practice...
Transcript of SAM - assets.microsoft.com · Baseline Review Introduction SAM: an industry-led best practice...
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewEngagement kit
Table of Contents
How to use this document 3
Introduction 4
Inventory tool implementation guidance 8
Data interpretation 11
Step 3 Data analysis 16
Step 4 Final recommendations 26
Appendix 29
Baseline ReviewSAM engagement kit
2
How to use this document
Getting started
The SAM Baseline Review engagement kit walks you through the complete cycle of an engagement
The kit begins with a general introduction describing what a SAM Baseline Review engagement is and
the stages involved to complete one The rest of the kit focuses on how to proceed with each stage
This includes which deliverables represent billable milestones at the end of each stage At the end of
the kit within the Appendix you will find additional information to help you with the engagement
process as well as links to resources that offer useful information and details
Prerequisites
Partners that participate in a SAM engagement must be a registered SAM Gold Partner or must have
earned the SAM Solution Expertise criteria
3
Baseline
Review Introduction
SAM an industry-led best practiceSoftware Asset Management (SAM) is a set of proven IT best practices that unite people processes and technology to control and optimize the use of IT assets across an organization SAM can help organizations
control costs as well as manage risk optimize software licensing investments and grow IT systems while
keeping their future goals in mind
The comprehensive international standard for SAM is ISOIEC 19770-12006 SAM Processes This is a vendor-
independent standard supported by much of the IT industry including Microsoft This standard provides customers with the ability to demonstrate good corporate governance in the highly complex area of IT
SAM also assists customers in making informed decisions about managing technology change Adopting new
technology requires a thoughtful approach and careful planning Itrsquos important to understand not only license costs but other use and infrastructure impacts to avoid unintended consequences and financial implications A
fully implemented SAM program can help customers gain the insights they need to make informed decisions about technology migration and upgrades server consolidation and virtualization Cloud implementation
management of mobile devices and cybersecurity
SAM Baseline Review engagement
A SAM Baseline Review engagement provides the customer with a complete view of their current Microsoft
product deployment and licensing position and their SAM maturity level With this information you can help the customer optimize their software investments
4
SAMSOFTWARE ASSET MANAGEMENT
Each customer should come away with an
end-to-end value-based SAM experience
Customers will receive several key deliverables
including but not limited to
1) SAM Baseline SOM Assessment Report
2) Established Deployment Position (EDP)
3) Effective License Position (ELP)4) License Optimization Report
Customers also will learn how to improve internal processes to lower costs reduce risk and improve
productivity By receiving an expert-level inventory snapshot that is clear and comprehensive theyrsquoll be in a better position to work through IT challenges like SQL workload optimization Cloud implementation and
virtualization
Your role is to facilitate the SAM engagement on behalf of Microsoft When performing an analysis you should record licensing and usage in accordance with the terms of Microsoftrsquos licensing programs Yoursquoll
work with the customerrsquos organization to conduct the engagement and interview SAM stakeholders such as procurement HR accountingfinance IT managers and staff business unit managers and legal personnel to
get a holistic view of the organizationrsquos infrastructure and current policies and procedures
Baseline ReviewIntroduction
5
Foundation for strong IT governanceA SAM Baseline Review is the core activity of any effort around SAM If an organization does not have a
foundational understanding of their IT environment it will be difficult for them to develop a strategic forward-thinking plan The baseline is useful for measuring
bull Software deployments
bull Licensing position and requirements
bull Tool needs based upon any gaps in data collection that may be identified
bull Risks
bull Strengths and weaknesses of an organizationrsquos existing IT infrastructure
bull Maturity of SAM processes
Partner benefitsbull Develop long-term relationships by establishing credibility and demonstrating customer-focused
problem-solving
bull Open the door to new business new customers and the opportunity to develop an on-going
customer relationship
bull Increase services revenue at each organization by finding further opportunities that develop from the
baseline since most customers need to spend their time focusing on their own core business and licensing can be complex
bull Enjoy lowered costs and improved profitability with the repeatable model of the SAM Baseline Review
for multiple customers
bull Establish yourself as a trusted advisor by advising customers about the benefits of a solid SAM strategy with the SAM Optimization Model and highlighting the overall benefits of incorporating
SAM best practices throughout the customerrsquos organization
bull Pave the road to specialized SAM engagements such as Cloud Productivity Cybersecurity Virtualization and Mobile Device Management which require the completion of a full scan of the
customerrsquos environment
Customer benefitsbull Align software licenses and usage with business needsbull Simplify acquisition deployment and management of softwarebull Improve forecasting to help the IT department control expendituresbull Control costs and minimize business and legal risks through more effective management of
software assetsbull Achieve greater negotiating power with vendors and help get the most out of software
investmentsbull Develop an understanding of the organizationrsquos SAM maturity and create a roadmap to visualize
the benefits and savings at each stage of SAM optimizationbull Save time and money by working with a partner with a deep knowledge of SAMbull Identify opportunities to benefit from a specialized SAM engagement such as Cloud Productivity
Cybersecurity Virtualization and Mobile Device Management which require the completion of a full scan of the customerrsquos environment
bull Understand the current environment to help plan for future needs
Baseline ReviewIntroduction
6
In addition to services you can also help a Cloud customer adapt policies and procedures to encompass the
change SAM Cloud programs must take into account the real-time nature of the environment and speed and ease of provisioning services Organizations end up actually relying more on SAM policies and procedures for
Cloud contracting deployment and management than they would in a traditional environment with a longer
product lifecycle
All work completed under this Statement of Work (SOW) will be provided in accordance with the Intelligent
Asset Manager (I-AM) Terms of Use (ldquoTOUrdquo) available here
For Proof of Execution (PoE) you must include the following deliverables (listed below) due to Microsoft
upon the completion of the SAM engagement
bull Letter of Engagementbull Established Deployment Position (EDP)bull Effective License Position (ELP)bull Baseline SOM Assessment Reportbull Letter of Confirmation (only required for certain countries)
PLANNING
Identify your needs amp goals
Gather information on
licensing IT landscape amp business organization
Discuss project and
arrange access amp resources
DATA COLLECTION
Take inventory of hardware software
and licenses using tools questionnaires
and stakeholder interviews
Gather information on process amp procedures
DATA ANALYSIS
Review amp validate allcollected data
Compare deployed assets
with current utilization
Map to an optimized environment based on
your goals
FINAL
RECOMMENDATIONS
Discuss final recommendations and
engage in data-driven discussions to ensure your
business needs amp goals are met
What to expect from a SAM engagementEvery SAM engagement focuses on four phases
Deliverables
Letter of Engagement
Deliverables
Established Deployment
Position (EDP)
Deliverables
Effective License Position
(ELP)
License Optimization Report
Deliverables
Baseline SOM
Assessment Report
A comprehensive software inventory provides the foundation for all SAM recommendations and guidance
about how an organization can optimize their software assets and the procurement process going forward This discovery process can also help organizations identify unwanted or unauthorized programs that could
pose a security risk or are not covered by a current licensing agreement
For a SAM Baseline Review collecting all relevant hardware and software inventory data from all users and devices in the environment is a standard best practice The inventory and resulting data are important in
determining whether software assets are licensed appropriately managed optimally and configured to support ongoing license compliance
The first stage of such an engagement focuses on planning Within this stage you will achieve the following
bull Gather information about the customerrsquos environment
bull Discuss the project and arrange access and resources
Gathering customer information
Your most important source is your customer Customer conversations are key to an effective SAM
engagement and should help provide the insights you need to fully understand the customerrsquos environment At the outset of the engagement you should ask questions to learn more about the organization such as
At the outset of the engagement you should collect the following inputs from the customerrsquos premises
bull A complete background of the customerrsquos existing IT infrastructure and environment including on-premises Cloud and outsourced installations for all locations andor divisions
bull Deployment inventory data coverage of no less than 90 from at least one (1) automated discovery tool for each customer location where Microsoft products are installed (see Data Collection
Requirements)
bull Entitlement data outside Microsoft Volume License Agreements from procurement and any applicable sources or suppliers which may include
o Original Equipment Manufacturer (OEM)o Full Packaged Product (FPP) Retail
o Outsourcer
o Service provider (Hosters etc)o Additional reseller(s)
o Changes to entitlements resulting from mergers acquisitions or divestitureso Independent Software Vendors (ISV)
o Any serversenvironments managed by a Service Provider Licensing Agreement (SPLA)
bull A full and confirmed list of affiliates if they exist and any relevant amendments to their Microsoft Volume License Agreements including any license transfer documents either granting or receiving
licensing rightsbull Customer input on current SAM processes and level of maturity as mapped to Microsoftrsquos SAM
Optimization Model framework and questionnaire (see Microsoft Baseline SOM Assessment Report)
using stakeholder interviews
Baseline
ReviewStep 1 Planning
7
SAMSOFTWARE ASSET MANAGEMENT
o A minimum of three (3) stakeholders must be interviewed representing decision-making roles
in the following departments Information Technology (IT) Procurement and Operationso Input must also include an interview or feedback from one (1) stakeholder for each location
andor division (if the customer has multiple locations andor divisions)
bull Current IT infrastructure and organization diagrams that include locations IT group names SAM tool(s) or supporting processes in place and stakeholder names
bull Location of software entitlement deployment and retirement records as well as level of access allowed
bull Office 365 and other Microsoft Online Services reservations and assignments
bull Any copies of recent SAM reports and SAM Self-Improvement Plans that have been created for internal stakeholders including any evidence of stakeholder and executive review and sign-off (if
available)
The partner will collect the following inputs from Microsoft
Microsoft License Statement (MLS) including Microsoft Product and Services Agreement (MPSA) data where
relevant
Discuss project and arrange access and resourcesBased on the preliminary information yoursquove gathered you can create a full SOW This plan will contain an outline for data collection and analysis a detailed list of deliverables and a timeline with deadlines This
establishes a customerrsquos expectations and your accountability
DeliverablesA Letter of Engagement is due to the customer and Microsoft at the beginning of the engagement This letter
provides the necessary Proof of Execution (PoE) in order for you to collect Channel Incentives payment
The letter must include at a minimum
bull A SOW for the engagement being performed including a list of all customer deliverables
bull Scope of the engagement including any scope limitations
bull Dates and timelinesbull Your project team members and their relevant Microsoft Certified Professional (MCP) credentials
bull A list of key contacts that must include names titles phone numbers and email addresses bull A planned disclosure of engagement deliverables to Microsoft
bull A statement explaining that data collected by you from the customerrsquos information system
environment is transferred to Microsoft and how Microsoft will use that data collected to generate reports necessary for you to effectuate the SAM services
bull Consent from the customer to transfer data to Microsoft any of its affiliates and to the subprocessors Microsoft may employ to generate the reports necessary for the SAM services
including consent to transfer personal Information to the United States and other countries where
Microsoftrsquos subprocessors are located ldquoPersonal Informationrdquo in this instance means any information provided by Microsoft or collected by you in connection with this agreement that (a) identifies or
can be used to identify contact or locate the person to whom such information pertains or (b) from which identification or contact information of an individual person can be derived Personal
Information includes but is not limited to name address phone number fax number and email
address Additionally to the extent any other information (such as but not necessarily limited to a personal profile unique identifier andor IP address) is associated or combined with Personal
Information then such information also will be considered Personal Information
Baseline ReviewStep 1 Planning
8
Baseline ReviewStep 1 Planning
9
bull The Microsoft SAM Engagement data usage and privacy information document (ie Data Usage
Guide) bull Reference to the Data Usage Guide where appropriate
The Letter of Engagement must be in writing and signed by an authorized representative of your organization
and the customer
You also must notify the Microsoft SAM Engagement Manager when the Letter of Engagement is uploaded into the required system as designated by Microsoft (currently CHIP)
Letter of Engagement Provides the customer with an overview of the SAM engagement
View sample report here
The objective of data collection is to develop a profile of the customerrsquos current Microsoft software in
their environment for analysis Within this discovery stage yoursquoll take inventory of the customerrsquos IT assets and licensing
This section contains a minimum list of required steps partners must take to ensure satisfactory levels of
completeness and accuracy to build the basis for the required analysis and customer deliverables Partners will ensure that all data collected will be stored securely and in accordance with the requirements set out in the I-
AM TOUs
There are two main categories of data collection 1) data related to the discovery and inventory of hardware
and software assets and the mapping to licensing entitlements to complete the EDP and ELP proof of
execution and 2) data related to the maturity level of the customerrsquos SAM policies procedures and practices to complete the SAM Optimization Model (SOM) Assessment proof of execution Partners must ensure that the
data collected is whole complete and accurate through validation with secondary data sources The data collection must cover the full scope of the customerrsquos enterprise and all Microsoft products deployed within
the environment Any deviation or change to this scope needs to be approved by Microsoft the partner and
customer
Yoursquoll want to secure a clear documented and shared understanding of the customerrsquos complete server estate
(physical and virtual) license management processes and practices offerings and use of Microsoft products datacenters and domains Within this stage yoursquoll acquire a documented license responsibility per
environment (internal dedicated co-located license mobility) and for the whole scope of the engagement
This will come prior to data analysis and formation of a report
Take inventory of IT assets and licensing
You need to prepare to take a full inventory of hardware and software deployments and licensing This assessment includes how the technology is being used and by whom You can accomplish this through
inventory tools questionnaires and stakeholder interviews Before you can move forward however you must
first work with the customer to establish the following parameters
bull Data collection requirements
bull Choosing the right tool
bull Scope inventory
bull Implementing the inventory tool
bull Gathering data
Data collection requirementsData coverage means the percentage of total devices for which all required installation data has been obtained Data coverage must reach at least 90 of all devices pertaining to this engagement Where devices
arenrsquot joined to the directory or network manual collection of data is acceptable (while maintaining the 90
data coverage requirement) Some specific guidance includes but is not limited to
Baseline
ReviewStep 2 Data collection
10
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewStep 2 Data collection
11
bull Data extract must be cross-referenced against a minimum of one (1) additional data source
including but not limited too Records from existing network performancesecurity monitoring and management tools
o Network management frameworks
o Virtual machine performance monitoringo Customer Human Resources (HR) records
o Security sources (anti-virus)bull All trust accounts must be extracted to ensure no domains are missed
bull Extraction of user accounts by group (if applicable eg for Citrix) Output includes a listing of user
objects and the AD Groups they belong tobull Identification of active users based upon the technique(s) employed by the customer (based on
output from Step 1)bull Complete extraction of data from the customerrsquos current management and inventory tools and the
calculation of current coverage levels of existing tool(s)
bull Inventory of any missing devices including but not limited to devices thato Do not report inventory
o Are non-networkedo Are unmanaged devices
bull Virtual environment mapping output includes
o Clusterso Physical hosts
o Virtual guests and virtual guest movement across physical hosts within the past 90 days to accurately calculate licensing needs for products such as Windows Server SQL Server etc
bull Identification of workstations and servers used by Microsoft Developer Network (MSDNreg)
subscribers Products installed on these devices will be identified and excluded if appropriate Facilitation of the identification of devices covered by MSDNreg subscriptions by employing various
methods such as determining preferred user for devices linking last logged-on user to devices or soliciting feedback from customer personnel that have an MSDNreg subscription (email template can
be provided) This step should be completed as early as possible in the data collection phase
bull For server products that can be licensed in multiple ways (eg serverCAL or per processor) the licensing metric applicable to each implementation must be identified
bull SQL Server output includeso Version and edition
o License type required for each SQL Server instance for customers with mixed licensing metric
(serverCAL per processor or per core)o Confirmation of passive SQL Servers assigned Failover Rights
bull Windows Server output includeso Server name
o Physical or virtual operating system environment
o Operating system version and editiono Processor and core information
bull System Center Server output includeso Server names
o Physical or virtual data
o Component (eg System Center Configuration Manager (SCCM) System Center Virtual Machine Manager (SCVMM) version and edition)
o Processor and core information
Baseline ReviewStep 2 Data collection
12
SOM Assessment
Complete the Microsoft SOM Assessment Report questions with answers provided by the customer through interviews
Choosing the right tool
With the right inventory tool you can collect a wide range of data points including software versions on-
premises software usage and an analysis of applications or services already running in the Cloud When choosing an inventory tool keep in mind that each tool supplier has its own process framework Tools donrsquot all
function the same way Using multiple tools helps discover and analyze the data and provide a more robust view of a customerrsquos environment While in some cases the customer may already have an inventory tracking
system other tools may be able to augment the types of data that the customerrsquos
tool collects
Some considerations to keep in mind when choosing or recommending an inventory tool
bull What inventory tools are already deployed within the organization What scope of the
environment do they cover What data points are they capable of capturing and reporting
bull Will deploying an agent-less or agent-based tool be more effective
bull What are the strengths and weaknesses of the tools being considered Will one or more of the tools
collect all required data pointsmdashhardware software virtualization details across a variety of hypervisors (Hyper-V VMwarereg and XenServerreg for example)
bull Is it optimal to deploy and monitor a tool remotely or on-premises
bull How will the tool gather data from PCs servers and mobile devices that connect to the network
remotely
bull If using an inventory tool that the customer already has in place make sure itrsquos configured correctly and can scan the full IT environment
bull Consider how the tool is licensed The optimal tool will collect the right data and align with the
customerrsquos budget whether the tool requires a license or subscription or is free
Scope of inventory
For any SAM engagement a standard best practice is to collect all relevant inventory and licensing data across all Windows-based computers in the environment For a SAM Baseline Review itrsquos important to consider the
minimum requirements based on customer goals For customers looking to move some or all of their applications to a web-client delivery solution such as Office 365 the inventory toolrsquos scope should cover all
clients and a subset of servers to assess if systems are ready for the various Office 365 offerings
You should also determine the scope of devices that contain data to be collected For customers running Active Directory Domain Services (or Directories in the case of multiple separate domainsforests) include in
scope all machines with Active Directory activity reported in the last 30 days (time frame can be adjusted
according to customer circumstances)
Implementing the inventory tool
The standard approach for deploying an inventory tool for a SAM Cloud Productivity engagement includes preparing the environment for scanning and data collection Use either a combination of available tools or
iterative scans to continually increase coverage rates
Baseline ReviewStep 2 Data collection
13
Agent-less toolsbull Understand domain network and firewall (as examples) considerations that can effect a toolrsquos
ability to access various portions of your customerrsquos environment
bull Open firewalls make firewall exceptions deploy Group Policy Objects and open specific ports to
ensure that the tool can access all the targeted machines
bull Agentless tools typically need to run multiple times especially at different times of the day and days of the week to catch the variety of users shifts and time zones depending on the
organization
Agent-based tools bull Ensure agents are communicating regularly so that data remains current
bull Ensure agents are deployed to the scope of target machines
bull With the right refresh and agent coverage data collection from an agent-based tool should be a single snapshot extractionmdashno additional iterations should be necessary with the right refresh
schedule and agent coverage
Gathering data
When collecting information consider taking the following actions
bull Ask the customer to confirm the full set of Microsoft products offered to end customers Compare
the results to the customerrsquos current product reporting (invoicing)bull Ask relevant questions regarding the customerrsquos environment that enable you to effectively plan
data collection from an infrastructure and stakeholder perspective By the end of this stage you
should have a clear picture of
o Environments
o Datacenterso Number of servers (physical and virtual per environmentcustomer)
o Deployment types
o Type of virtualization software in useo Software inventory tools in use
o Operations management software in useo Identification of other affiliates providing hosting services
o Microsoft products and versions in use and features enabled
o How servers and software are provisioned decommissioned and tracked o Dates when each server was put into production
o How the company manages user access
DeliverablesAt the conclusion of this stage yoursquoll create a set of reports that summarize your findings including the
following
View sample report here
The customer will have time to review and validate the preliminary reports and make final adjustments
EDPProvides details related to the customersrsquo Microsoft software
deployments and usage data
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an
accurate point-in-time reflection of the customerrsquos current deployment and license position This data along with the additional customer inputs will provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based
on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application
of license benefit and optimization rules (eg upgrades downgrades promotions etc)bull Review of the Microsoft SOM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps
for the customer
In addition work with your customer to identify over-licensed and under-licensed software and events that
might have led the customer to any inaccuracies Reconcile any licensing gaps and provide the customer with guidance on the best way to manage their software assets most effectively going forward
This third stage of a SAM engagement focuses on achieving the following
bull Review amp validate all collected data
bull Compare deployed assets to entitlements
bull Map to an optimized environment based on customer goals
bull Interpret inventory data
Review and validate all collected dataA SAM engagement helps identify and document all product deployments usage and license entitlements This includes combining the inventory data with other relevant data and information that may not be
discoverable with most tools such as your browser readiness for an Office 365 migration development needs to migrate workloads to Azure and relationships between on-premises systems and Cloud systems
Compare deployed assets to entitlementsOne key benefit of a SAM engagement is that it gives you a clear picture of a customerrsquos entire IT landscape
which you can then share with them This includes an accurate view of all of a customerrsquos license entitlements
By understanding these entitlements you can help customers identify over-licensed and under-licensed software so they can purchase any necessary additions to bridge licensing gaps The SAM Baseline
engagement will also help to identify any license gaps eligible to be right-licensed while moving to the Cloud This helps ensure that the customer is getting credit for everything they own
In addition the engagement helps highlight ways in which a subscription model can impact budgeting and
procurement taking into account direct indirect and hidden costs Discussions around a customerrsquos current licensing program and future needs will also help to identify the optimal Volume Licensing choices going
forward
Baseline
ReviewStep 3 Data analysis
14
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewStep 3 Data analysis
15
Map to an optimized environment based on customerrsquos goalsTo optimize results you have to take a holistic view of the customerrsquos current state and intended goal objectives level of willingness to move technical readiness and cost considerations These help determine the
optimal Cloud solution recommendation
Recommended areas of analysis for optimization include the following
bull Assess whether the customerrsquos appropriately licensed for their current deployment and usage state We
can then provide recommendations for the best licensing options to align with their future business plans
bull Analyze the customerrsquos SAM process and provide recommendations to develop or improve them in
support of ongoing optimization management and compliance
bull Determine whether systems are ready for Azure in their current configurations by identifying the Windows
operating system and SQL Server software versions currently running to see if they are supported in Azure You can find supported versions at Microsoft Server Software Support for Microsoft Azure Virtual
Machines
bull Size the systems being assessed to understand system utilization and anticipated resource needs in Azure Virtual Machines This requires collecting performance metrics not simply a single scan of how a machine
is running at a single point in time
Recommended metrics include the following
ndash Azure Virtual Machine size
ndash Estimated monthly usage
ndash Network use (GB)
ndash Storage use (GB)
bull Identify applications and services that are already running in the Cloud and consider the most effective way to manage those solutions For more detailed information on working with Microsoft Cloud
management solutions please read about the Enterprise Mobility Suite with Windows Intune Azure Active
Directory Premium and Azure Rights Management
bull Look for areas of potential risk pertaining to running older software that is out of date or past end of support In particular try and track the following information
ndash Devices not running updated software
ndash Devices running Windows XP
ndash Devices running Windows Server 2008
Interpret inventory databull When reviewing the inventory tool output look for anomalies such as client count results differing
greatly from the number of employees Question anything that seems unusual to ensure your analysis
is an accurate representation of the customerrsquos environment
bull Make sure you understand the relationships between on-premises systems (such as an employee database) and Cloud systems (such as payroll)
bull Be aware that inventory data for Cloud computing may be accessed delivered and managed differently
than data for on-premises solutions Data from the inventory tool should be combined with data from other sources (IT service management and finance for example) so informed decisions can be made
that reflect all aspects of moving workloads to the Cloud including the impact on total cost of
ownership and return on investment
ndash CPU utilization ()
ndash Memory utilization (MB)
ndash Disk IO utilization (IO operations per second)
ndash Network utilizationmdashinout (MB)
bull The customer needs to know who is managing what in order to inventory assets properly If the
organization is using a service provider clarify what was purchased and who is managing it
Over-licensing and under-licensingBased on your analysis yoursquoll be prepared to discuss the customerrsquos current state with clear information on
places where they may be over-licensed or under-licensed Ensure that you are fully aware of the installation
or virtualization rights that your customerrsquos products may have via traditional product use rights Software Assurance (SA) Benefits or even via license grants documented in the Product List Use the findings to talk
about the benefits of being right-licensed and discuss the licensing options that are available to help them achieve proper licensing
Address any licensing shortfalls that have been identified and explain the steps the customer should take to
resolve their under-licensed position Typically the customer will follow their standard process and acquire
the shortfall through their reseller using their existing Volume Licensing (VL) agreement Agree on a timeline to resolve the shortfall ndash within thirty days of identification is a reasonable time period Help the customer by
connecting their licensing shortfalls to gaps in their SAM management processes highlighting areas of improvement Often shortfalls do relate to issues with inadequate existing SAM processes if processes had
been in place and carried out properly shortfalls would have been found earlier
The diagram below shows an example of over- and under-licensing and represents the basic information most companies will need to track as a starting point Organizations with additional complexities will need to
add additional fields to be complete
Baseline ReviewStep 3 Data analysis
16
Product
NameVersion Edition
License
TypeInstallations
Licensed
Quantity
License
Excess or
Shortfall
Office 2010 Professional FPP 14 12 -2
Office 2013Professional
PlusVL 25 25 0
Windows 7 Professional VL 20 25 5
Windows 8 Enterprise OEM 19 19 0
FPP = Full packaged product
OEM = Original equipment manufacturer
VL = Volume Licensing
License rights vary depending on the type of license
purchased
You may find that the customer is over-licensed in some areas They may have acquired more licenses than
necessary or be mistaken in their belief that software is being used If it is discovered that they are not using the product and if their license rights allow it recommend that they reassign the product to another
workload or move the product to the Cloud if the customer has License Mobility rights If the product is being used but there is a quantity mismatch or surplus advise them to adjust their purchases to match their
actual requirements If the customer has active Software Assurance there is the potential to step them up in
the situation where they may need additional licenses for a higher edition of a product
Baseline ReviewData analysis ndash SAM Assessment
A SAM Assessment is a review of the customerrsquos existing processes against the SAM Optimization Model
framework identifying improvement opportunities and associated ROI The SAM Optimization Model (SOM) is a framework developed by Microsoft that is aligned with Microsoft Infrastructure Optimization (IO) SOM
enables partners and customers to evaluate SAM effectively and objectively in order to help them manage
the life cycle of software assets with policies procedures tools and a vision for the future SOM provides an established set of criteria to help you make consistent SAM assessments and recommendations
Use this model to conduct an evaluation to determine how effectively your customer is managing software assets The results from the assessment will form the basis for guidance you will provide the customer with
ways to improve their SAM practices and a tailored road map to help them visualize the benefits and savings
at each stage of SAM optimization
SAM Optimization Model amp ISO SAMThe SAM Optimization framework serves as the foundation and guidance for preparing to implement an effective SAM program that supports alignment with ISO standards The model is based on the ISOIEC
19770-1 standard which is the gold standard for SAM processes It identifies ten KPIs that focus on key
processes an organization needs to follow to implement a SAM program The SAM Optimization Model is a stepping stone to accomplish a complete end-to-end SAM program as defined within ISOIEC 19770-1 which
outlines the requirements and certifications recommended for a comprehensive SAM program Adopting both frameworks will help ensure that customers accurately and strategically implement and manage a
successful ongoing SAM practice
ISO SAM Tier 4
ISO SAM Tier 3
ISO SAM Tier 2
ISO SAM Tier 1
3 Long-term focus
2 Subsequent focus
1 Initial focus
MS SOM Dynamic
MS SOM Standardized
MS SOM Basic
MS SOM Rationalized
Largely Equivalent
Largely Equivalent
asymp
asymp
17
The Microsoft SOM infrastructure optimization maturity levels are
Basic
Ad Hoc ndash Little control over what IT assets are being used and where Lacks policies procedures resources
and tools
Standardized
Tracking Assets ndash SAM processes exist as well as tooldata repository Information may not be complete and accurate and is typically not used for decision making
Rationalized
Active Management ndash Vision policies procedures and tools are used to manage the IT software asset lifecycle Reliable information used to manage the assets to business targets
Dynamic
Optimized ndash Near real-time alignment with changing business needs SAM is a strategic asset to overall
business objectives
Baseline ReviewData analysis - SAM Assessment
The first two levels Basic and Standardized are the initial focus points for an organization As organizations
increase their maturity they will progress up to Rationalized with the ultimate long-term goal of arriving at a Dynamic state The Rationalized level is similar to the ISO SAM Tier 1 in the ISO 19770 model and the
Dynamic level corresponds generally to the ISO SAM Tiers 2 3 and 4
For more information on the ISO model see ISOIEC 19770 -12012 ndash Information technology ndash Software
asset management ndash Part 1 Processes and tiered assessment of conformance
Standardized
SAM
Tracking Assets
SAM processes exist
as well as tooldata
repository
Information may not
be complete or
accurate and typically
not used for decision
making
Rationalized
SAM
Active Management
Vision policies
procedures and tools
are used to manage
the software asset
lifecycle
Reliable information
used to manage the
assets to business
targets
Dynamic
SAM
Optimized
Near real-time
alignment with
changing business
needs
Business competitive
advantage through
SAM
Basic
SAM
Ad Hoc
Little control over
which IT assets are
being used and
where
Lacks policies
procedures
resources and tools
18
SOM maturity levels and key competencies
The SOM Assessment is a systematic approach in which you compare Key Performance Indicators (KPIs)
found within the customerrsquos current environment against a defined model to determine a SAM maturity level The objective is to gain an understanding of the organizationrsquos overall SAM maturity highlight SAM strengths
and weaknesses and provide a roadmap for improvement
A SOM Assessment Report provides the customer with an assessment rating and SAM maturity level based
on answers to SAM policy and procedure questions asked throughout the engagement and captured in the
Microsoft SAM Assessment Report The report also provides recommendations at each stage of the model prioritizing the ones with the greatest impact for the customer
For each key competency area you will identify the sources of data that need to be gathered identify how to
evaluate the data and what is to be determined and then breakout the four maturity levels using the tipping
points for each level
Baseline ReviewData analysis - SAM Assessment
19
SAM Optimization Model ndash maturity levels
BASIC STANDARDIZED RATIONALIZED DYNAMIC
SAM ThroughoutOrganization
Project Managerassigned but SAM rolesamp responsibilities not
defined
Direct SAM responsibilityis identified throughoutorganization
Each functional groupactively manages SAM
SAM responsibilitiesdefined in job descriptionsacross organization
SAMImprovement Plan
No SAM development orcommunication plan
SAM plan is defined and approved
SAM Improvement is demonstrated
SAM goals part of executive scorecard Reviewed regularly
Hardware ampSoftware Inventory
No centralized inventoryor lt 68 assets in central inventory
gt 68-95 of assets in inventory
gt 95 - 98 of assets in Inventory
gt 99 of assets in inventory
Accuracy of InventoryManual inventory nodiscovery tools
Inventory sourcesreconciled annually
Inventory sourcesreconciled quarterly
Dynamic discovery tools provide near real-time deployment details
LicenseEntitlement Records
Procurement managescontracts not accessed byIT managers
Complete entitlementrecords exist acrossorganization
Entitlement recordsreconciled with vendorrecords
SAM entitlement system interfaces with vendor entitlement to track usage
Periodic EvaluationIT operations managed onad-hoc basis
Annual sign-off on SAM reports
Quarterly sign-off on SAM reports
System reconciliations and ITAM report available on demand
SAM OperationsMgmt amp Interfaces
SAM not considered partof MampA risk plan andcompany integration
Operations managesseparate asset inventories
Operations managesassociated assetinventory
All business units follow the same strategy processamp technology for SAM
Acquisition Process
Assets purchased on aper project basis withouta review of current
availability
Software purchases use approved vendors
Software purchases based on deployment entitlement
reconciliation
All purchases are made using a predefined assetcatalog based on metered
usage
Deployment Process
Assets deployed byend-users in distributedlocations no centralized IT
Only approved software is deployed
Software deploymentreports are accessible tostakeholders
Software is dynamically available to users on demand
Retirement Process
Software is retired withhardware and is notharvested or reassigned
Unused software isharvested (where the license allows) and
tracked within a centrally controlled inventory
Centrally controlledinventory of harvestedlicenses is maintained
amp available for reuseDeployment amp license
records are updated
Automated process wcentralized control amp tracking of all installed
software harvest optionsinternal reassignment
and disposal
As you assign the maturity level for each of the ten key competency areas note the customer may be at
different stages in the modelmdashmeaning some areas will be Basic while others are Dynamic or Rationalized Most customers will be in the Basic and Standardized maturity levels but you will see some areas (for
example Acquisition Process) that could be Rationalized or even Dynamic
SOM Workbook
The SOM Assessment Report Workbook is used to document the details on your maturity level assessment
ratings for each of the key competency areas The workbook provides a framework for your customer SAM
optimization review It will also enable you to capture the assessment ratings for each of the ten competency areas
Workbook contents
Within the workbook there is a tab for each competency In addition to the objectives and key questions
each tab contains a definition of the competency risk considerations guidance on how to evaluate the SAM optimization level and the final assessment rating for the specific competency You can also enter notes as
needed at the bottom of each tab
The lsquoSAM Assessment Reportrsquo tab provides the consolidated assessment ratings across all ten competencies
once they have been filled in by you From this tab you can save a copy of this summary information to email
to Microsoft by clicking the lsquoCreate Final Reportrsquo button Note You need to enable the Macro Option above in the Security Warning
The lsquoSAM Assessment Graphrsquo tab provides a graph based on the summary assessment data once it is all
collected
The last tab lsquoCompetency Rating Informationrsquo provides definitions for each competency and optimization
level along with additional assessment guidance
To get started Follow the directions on the ldquoGetting Startedrdquo section of the Introduction tab To set up the
workbook for the customer
1Enable the macros in the security options
2Enter the name of the Customer in cell lsquoF2rsquo
3Enter the Partner Name in cell lsquoF3rsquo
4Enter the Partner MSPP ID in cell lsquoF4rsquo
5Enter the OpportunityID or Agreement in cell lsquoF5rsquo
Baseline ReviewData analysis - SAM Assessment
20
Filling out the Workbook
Using the information you collect by questioning the customer and assessing their maturity level in each of
the ten competencies (both explained in more detail below) you will record an ldquoInitial Observationrdquo and an ldquoAssessment Ratingrdquo for each competency in the appropriate competency tab
bullThe lsquoAssessment Ratingrsquo is your analysis of the customerrsquos maturity for a particular key competency
bullThe lsquo(Initial) Observationsrsquo is supporting information on why you selected the lsquoAssessment Ratingrsquo
Baseline ReviewData analysis - SAM Assessment
The ldquoSAM Assessment Reportrdquo tab is organized by the key competencies and corresponding ISO categories
and the results Once all observations and ratings are recorded the information in the lsquoCurrent Optimizationrsquo columns are auto filled based on the lsquoAssessment Ratingrsquo you have selected as well as your Initial
Observation
21
Creating a final report
To create a final report select the ldquoCreate Final Reportrdquo button making sure that macros are enabled
Baseline ReviewData analysis - SAM Assessment
22
Results from the workbook are also provided back in the form of a graph on the SAM Assessment Graph tab
This is an example of what the output graph will look like
0
1
2
3
4
SAM
throughout
organization
SAM
improvement
plan
Hardware
and
software
inventory
Accuracy
of
inventory
License
entitlement
records
Periodic
self
evaluation
Operations
management
interfaces
Acquisition
process
Deployment
process
Retirement
process
Basic
Standardized
Rationalised
Dynamic
Baseline ReviewData analysis - SAM Assessment
23
DeliverablesUpon completion of this stage you can offer key best practices to improve the customerrsquos software asset management program going forward
ELP
Provides details related to license entitlements which are mapped to
deployments and identifies any gaps or underutilization in your organization
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
View sample report here
Final results
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an accurate point-in-time reflection of the customerrsquos current deployment and license position This data along
with the additional customer inputs will also provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application of license benefit and optimization rules (eg upgrades downgrades promotions etc)
bull Review of the Microsoft SAM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps for the customer
Additionally SAM must take into account the speed and ease with which new services can be provisioned configured and released This ease of implementation introduces organizational risks by decentralizing IT
services Because Cloud services appeal directly to business users the risk exists that these services may be
purchased outside the traditional software procurement and SAM processes
Deliverables
The following deliverables are due to the customer at the end of the engagement
bull A comprehensive view of the customer environment A document with details related to all
hardware and software currently deployed within the customerrsquos IT infrastructure
bull The Effective License Position (ELP) A spreadsheet that provides details related to license entitlements and deployments The spreadsheet must be produced using I-AM (Note Defined in
Deliverables to Microsoft) bull License Optimization Report This report must contain the risks liabilities and issues associated
with customerrsquos current licensing practices and prioritized recommendations on how to better
manage their licenses to minimize risks in the future The report could also contain but is not limited to
o Identification of all of the customerrsquos Volume License Agreements (VLAs) with Microsoft and a recommendation on any beneficial consolidation
o Consumption information detailing installed products that are unused or underutilized (eg
no use in last six months)o Recommendations for a repeatable simplified inventory collection process for future True-ups
(for Enterprise Agreement customers only)o Additional customer-specific recommendations based on captured data and insights
24
SAMSOFTWARE ASSET MANAGEMENT
Baseline
ReviewStep 4 Final recommendations
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
Table of Contents
How to use this document 3
Introduction 4
Inventory tool implementation guidance 8
Data interpretation 11
Step 3 Data analysis 16
Step 4 Final recommendations 26
Appendix 29
Baseline ReviewSAM engagement kit
2
How to use this document
Getting started
The SAM Baseline Review engagement kit walks you through the complete cycle of an engagement
The kit begins with a general introduction describing what a SAM Baseline Review engagement is and
the stages involved to complete one The rest of the kit focuses on how to proceed with each stage
This includes which deliverables represent billable milestones at the end of each stage At the end of
the kit within the Appendix you will find additional information to help you with the engagement
process as well as links to resources that offer useful information and details
Prerequisites
Partners that participate in a SAM engagement must be a registered SAM Gold Partner or must have
earned the SAM Solution Expertise criteria
3
Baseline
Review Introduction
SAM an industry-led best practiceSoftware Asset Management (SAM) is a set of proven IT best practices that unite people processes and technology to control and optimize the use of IT assets across an organization SAM can help organizations
control costs as well as manage risk optimize software licensing investments and grow IT systems while
keeping their future goals in mind
The comprehensive international standard for SAM is ISOIEC 19770-12006 SAM Processes This is a vendor-
independent standard supported by much of the IT industry including Microsoft This standard provides customers with the ability to demonstrate good corporate governance in the highly complex area of IT
SAM also assists customers in making informed decisions about managing technology change Adopting new
technology requires a thoughtful approach and careful planning Itrsquos important to understand not only license costs but other use and infrastructure impacts to avoid unintended consequences and financial implications A
fully implemented SAM program can help customers gain the insights they need to make informed decisions about technology migration and upgrades server consolidation and virtualization Cloud implementation
management of mobile devices and cybersecurity
SAM Baseline Review engagement
A SAM Baseline Review engagement provides the customer with a complete view of their current Microsoft
product deployment and licensing position and their SAM maturity level With this information you can help the customer optimize their software investments
4
SAMSOFTWARE ASSET MANAGEMENT
Each customer should come away with an
end-to-end value-based SAM experience
Customers will receive several key deliverables
including but not limited to
1) SAM Baseline SOM Assessment Report
2) Established Deployment Position (EDP)
3) Effective License Position (ELP)4) License Optimization Report
Customers also will learn how to improve internal processes to lower costs reduce risk and improve
productivity By receiving an expert-level inventory snapshot that is clear and comprehensive theyrsquoll be in a better position to work through IT challenges like SQL workload optimization Cloud implementation and
virtualization
Your role is to facilitate the SAM engagement on behalf of Microsoft When performing an analysis you should record licensing and usage in accordance with the terms of Microsoftrsquos licensing programs Yoursquoll
work with the customerrsquos organization to conduct the engagement and interview SAM stakeholders such as procurement HR accountingfinance IT managers and staff business unit managers and legal personnel to
get a holistic view of the organizationrsquos infrastructure and current policies and procedures
Baseline ReviewIntroduction
5
Foundation for strong IT governanceA SAM Baseline Review is the core activity of any effort around SAM If an organization does not have a
foundational understanding of their IT environment it will be difficult for them to develop a strategic forward-thinking plan The baseline is useful for measuring
bull Software deployments
bull Licensing position and requirements
bull Tool needs based upon any gaps in data collection that may be identified
bull Risks
bull Strengths and weaknesses of an organizationrsquos existing IT infrastructure
bull Maturity of SAM processes
Partner benefitsbull Develop long-term relationships by establishing credibility and demonstrating customer-focused
problem-solving
bull Open the door to new business new customers and the opportunity to develop an on-going
customer relationship
bull Increase services revenue at each organization by finding further opportunities that develop from the
baseline since most customers need to spend their time focusing on their own core business and licensing can be complex
bull Enjoy lowered costs and improved profitability with the repeatable model of the SAM Baseline Review
for multiple customers
bull Establish yourself as a trusted advisor by advising customers about the benefits of a solid SAM strategy with the SAM Optimization Model and highlighting the overall benefits of incorporating
SAM best practices throughout the customerrsquos organization
bull Pave the road to specialized SAM engagements such as Cloud Productivity Cybersecurity Virtualization and Mobile Device Management which require the completion of a full scan of the
customerrsquos environment
Customer benefitsbull Align software licenses and usage with business needsbull Simplify acquisition deployment and management of softwarebull Improve forecasting to help the IT department control expendituresbull Control costs and minimize business and legal risks through more effective management of
software assetsbull Achieve greater negotiating power with vendors and help get the most out of software
investmentsbull Develop an understanding of the organizationrsquos SAM maturity and create a roadmap to visualize
the benefits and savings at each stage of SAM optimizationbull Save time and money by working with a partner with a deep knowledge of SAMbull Identify opportunities to benefit from a specialized SAM engagement such as Cloud Productivity
Cybersecurity Virtualization and Mobile Device Management which require the completion of a full scan of the customerrsquos environment
bull Understand the current environment to help plan for future needs
Baseline ReviewIntroduction
6
In addition to services you can also help a Cloud customer adapt policies and procedures to encompass the
change SAM Cloud programs must take into account the real-time nature of the environment and speed and ease of provisioning services Organizations end up actually relying more on SAM policies and procedures for
Cloud contracting deployment and management than they would in a traditional environment with a longer
product lifecycle
All work completed under this Statement of Work (SOW) will be provided in accordance with the Intelligent
Asset Manager (I-AM) Terms of Use (ldquoTOUrdquo) available here
For Proof of Execution (PoE) you must include the following deliverables (listed below) due to Microsoft
upon the completion of the SAM engagement
bull Letter of Engagementbull Established Deployment Position (EDP)bull Effective License Position (ELP)bull Baseline SOM Assessment Reportbull Letter of Confirmation (only required for certain countries)
PLANNING
Identify your needs amp goals
Gather information on
licensing IT landscape amp business organization
Discuss project and
arrange access amp resources
DATA COLLECTION
Take inventory of hardware software
and licenses using tools questionnaires
and stakeholder interviews
Gather information on process amp procedures
DATA ANALYSIS
Review amp validate allcollected data
Compare deployed assets
with current utilization
Map to an optimized environment based on
your goals
FINAL
RECOMMENDATIONS
Discuss final recommendations and
engage in data-driven discussions to ensure your
business needs amp goals are met
What to expect from a SAM engagementEvery SAM engagement focuses on four phases
Deliverables
Letter of Engagement
Deliverables
Established Deployment
Position (EDP)
Deliverables
Effective License Position
(ELP)
License Optimization Report
Deliverables
Baseline SOM
Assessment Report
A comprehensive software inventory provides the foundation for all SAM recommendations and guidance
about how an organization can optimize their software assets and the procurement process going forward This discovery process can also help organizations identify unwanted or unauthorized programs that could
pose a security risk or are not covered by a current licensing agreement
For a SAM Baseline Review collecting all relevant hardware and software inventory data from all users and devices in the environment is a standard best practice The inventory and resulting data are important in
determining whether software assets are licensed appropriately managed optimally and configured to support ongoing license compliance
The first stage of such an engagement focuses on planning Within this stage you will achieve the following
bull Gather information about the customerrsquos environment
bull Discuss the project and arrange access and resources
Gathering customer information
Your most important source is your customer Customer conversations are key to an effective SAM
engagement and should help provide the insights you need to fully understand the customerrsquos environment At the outset of the engagement you should ask questions to learn more about the organization such as
At the outset of the engagement you should collect the following inputs from the customerrsquos premises
bull A complete background of the customerrsquos existing IT infrastructure and environment including on-premises Cloud and outsourced installations for all locations andor divisions
bull Deployment inventory data coverage of no less than 90 from at least one (1) automated discovery tool for each customer location where Microsoft products are installed (see Data Collection
Requirements)
bull Entitlement data outside Microsoft Volume License Agreements from procurement and any applicable sources or suppliers which may include
o Original Equipment Manufacturer (OEM)o Full Packaged Product (FPP) Retail
o Outsourcer
o Service provider (Hosters etc)o Additional reseller(s)
o Changes to entitlements resulting from mergers acquisitions or divestitureso Independent Software Vendors (ISV)
o Any serversenvironments managed by a Service Provider Licensing Agreement (SPLA)
bull A full and confirmed list of affiliates if they exist and any relevant amendments to their Microsoft Volume License Agreements including any license transfer documents either granting or receiving
licensing rightsbull Customer input on current SAM processes and level of maturity as mapped to Microsoftrsquos SAM
Optimization Model framework and questionnaire (see Microsoft Baseline SOM Assessment Report)
using stakeholder interviews
Baseline
ReviewStep 1 Planning
7
SAMSOFTWARE ASSET MANAGEMENT
o A minimum of three (3) stakeholders must be interviewed representing decision-making roles
in the following departments Information Technology (IT) Procurement and Operationso Input must also include an interview or feedback from one (1) stakeholder for each location
andor division (if the customer has multiple locations andor divisions)
bull Current IT infrastructure and organization diagrams that include locations IT group names SAM tool(s) or supporting processes in place and stakeholder names
bull Location of software entitlement deployment and retirement records as well as level of access allowed
bull Office 365 and other Microsoft Online Services reservations and assignments
bull Any copies of recent SAM reports and SAM Self-Improvement Plans that have been created for internal stakeholders including any evidence of stakeholder and executive review and sign-off (if
available)
The partner will collect the following inputs from Microsoft
Microsoft License Statement (MLS) including Microsoft Product and Services Agreement (MPSA) data where
relevant
Discuss project and arrange access and resourcesBased on the preliminary information yoursquove gathered you can create a full SOW This plan will contain an outline for data collection and analysis a detailed list of deliverables and a timeline with deadlines This
establishes a customerrsquos expectations and your accountability
DeliverablesA Letter of Engagement is due to the customer and Microsoft at the beginning of the engagement This letter
provides the necessary Proof of Execution (PoE) in order for you to collect Channel Incentives payment
The letter must include at a minimum
bull A SOW for the engagement being performed including a list of all customer deliverables
bull Scope of the engagement including any scope limitations
bull Dates and timelinesbull Your project team members and their relevant Microsoft Certified Professional (MCP) credentials
bull A list of key contacts that must include names titles phone numbers and email addresses bull A planned disclosure of engagement deliverables to Microsoft
bull A statement explaining that data collected by you from the customerrsquos information system
environment is transferred to Microsoft and how Microsoft will use that data collected to generate reports necessary for you to effectuate the SAM services
bull Consent from the customer to transfer data to Microsoft any of its affiliates and to the subprocessors Microsoft may employ to generate the reports necessary for the SAM services
including consent to transfer personal Information to the United States and other countries where
Microsoftrsquos subprocessors are located ldquoPersonal Informationrdquo in this instance means any information provided by Microsoft or collected by you in connection with this agreement that (a) identifies or
can be used to identify contact or locate the person to whom such information pertains or (b) from which identification or contact information of an individual person can be derived Personal
Information includes but is not limited to name address phone number fax number and email
address Additionally to the extent any other information (such as but not necessarily limited to a personal profile unique identifier andor IP address) is associated or combined with Personal
Information then such information also will be considered Personal Information
Baseline ReviewStep 1 Planning
8
Baseline ReviewStep 1 Planning
9
bull The Microsoft SAM Engagement data usage and privacy information document (ie Data Usage
Guide) bull Reference to the Data Usage Guide where appropriate
The Letter of Engagement must be in writing and signed by an authorized representative of your organization
and the customer
You also must notify the Microsoft SAM Engagement Manager when the Letter of Engagement is uploaded into the required system as designated by Microsoft (currently CHIP)
Letter of Engagement Provides the customer with an overview of the SAM engagement
View sample report here
The objective of data collection is to develop a profile of the customerrsquos current Microsoft software in
their environment for analysis Within this discovery stage yoursquoll take inventory of the customerrsquos IT assets and licensing
This section contains a minimum list of required steps partners must take to ensure satisfactory levels of
completeness and accuracy to build the basis for the required analysis and customer deliverables Partners will ensure that all data collected will be stored securely and in accordance with the requirements set out in the I-
AM TOUs
There are two main categories of data collection 1) data related to the discovery and inventory of hardware
and software assets and the mapping to licensing entitlements to complete the EDP and ELP proof of
execution and 2) data related to the maturity level of the customerrsquos SAM policies procedures and practices to complete the SAM Optimization Model (SOM) Assessment proof of execution Partners must ensure that the
data collected is whole complete and accurate through validation with secondary data sources The data collection must cover the full scope of the customerrsquos enterprise and all Microsoft products deployed within
the environment Any deviation or change to this scope needs to be approved by Microsoft the partner and
customer
Yoursquoll want to secure a clear documented and shared understanding of the customerrsquos complete server estate
(physical and virtual) license management processes and practices offerings and use of Microsoft products datacenters and domains Within this stage yoursquoll acquire a documented license responsibility per
environment (internal dedicated co-located license mobility) and for the whole scope of the engagement
This will come prior to data analysis and formation of a report
Take inventory of IT assets and licensing
You need to prepare to take a full inventory of hardware and software deployments and licensing This assessment includes how the technology is being used and by whom You can accomplish this through
inventory tools questionnaires and stakeholder interviews Before you can move forward however you must
first work with the customer to establish the following parameters
bull Data collection requirements
bull Choosing the right tool
bull Scope inventory
bull Implementing the inventory tool
bull Gathering data
Data collection requirementsData coverage means the percentage of total devices for which all required installation data has been obtained Data coverage must reach at least 90 of all devices pertaining to this engagement Where devices
arenrsquot joined to the directory or network manual collection of data is acceptable (while maintaining the 90
data coverage requirement) Some specific guidance includes but is not limited to
Baseline
ReviewStep 2 Data collection
10
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewStep 2 Data collection
11
bull Data extract must be cross-referenced against a minimum of one (1) additional data source
including but not limited too Records from existing network performancesecurity monitoring and management tools
o Network management frameworks
o Virtual machine performance monitoringo Customer Human Resources (HR) records
o Security sources (anti-virus)bull All trust accounts must be extracted to ensure no domains are missed
bull Extraction of user accounts by group (if applicable eg for Citrix) Output includes a listing of user
objects and the AD Groups they belong tobull Identification of active users based upon the technique(s) employed by the customer (based on
output from Step 1)bull Complete extraction of data from the customerrsquos current management and inventory tools and the
calculation of current coverage levels of existing tool(s)
bull Inventory of any missing devices including but not limited to devices thato Do not report inventory
o Are non-networkedo Are unmanaged devices
bull Virtual environment mapping output includes
o Clusterso Physical hosts
o Virtual guests and virtual guest movement across physical hosts within the past 90 days to accurately calculate licensing needs for products such as Windows Server SQL Server etc
bull Identification of workstations and servers used by Microsoft Developer Network (MSDNreg)
subscribers Products installed on these devices will be identified and excluded if appropriate Facilitation of the identification of devices covered by MSDNreg subscriptions by employing various
methods such as determining preferred user for devices linking last logged-on user to devices or soliciting feedback from customer personnel that have an MSDNreg subscription (email template can
be provided) This step should be completed as early as possible in the data collection phase
bull For server products that can be licensed in multiple ways (eg serverCAL or per processor) the licensing metric applicable to each implementation must be identified
bull SQL Server output includeso Version and edition
o License type required for each SQL Server instance for customers with mixed licensing metric
(serverCAL per processor or per core)o Confirmation of passive SQL Servers assigned Failover Rights
bull Windows Server output includeso Server name
o Physical or virtual operating system environment
o Operating system version and editiono Processor and core information
bull System Center Server output includeso Server names
o Physical or virtual data
o Component (eg System Center Configuration Manager (SCCM) System Center Virtual Machine Manager (SCVMM) version and edition)
o Processor and core information
Baseline ReviewStep 2 Data collection
12
SOM Assessment
Complete the Microsoft SOM Assessment Report questions with answers provided by the customer through interviews
Choosing the right tool
With the right inventory tool you can collect a wide range of data points including software versions on-
premises software usage and an analysis of applications or services already running in the Cloud When choosing an inventory tool keep in mind that each tool supplier has its own process framework Tools donrsquot all
function the same way Using multiple tools helps discover and analyze the data and provide a more robust view of a customerrsquos environment While in some cases the customer may already have an inventory tracking
system other tools may be able to augment the types of data that the customerrsquos
tool collects
Some considerations to keep in mind when choosing or recommending an inventory tool
bull What inventory tools are already deployed within the organization What scope of the
environment do they cover What data points are they capable of capturing and reporting
bull Will deploying an agent-less or agent-based tool be more effective
bull What are the strengths and weaknesses of the tools being considered Will one or more of the tools
collect all required data pointsmdashhardware software virtualization details across a variety of hypervisors (Hyper-V VMwarereg and XenServerreg for example)
bull Is it optimal to deploy and monitor a tool remotely or on-premises
bull How will the tool gather data from PCs servers and mobile devices that connect to the network
remotely
bull If using an inventory tool that the customer already has in place make sure itrsquos configured correctly and can scan the full IT environment
bull Consider how the tool is licensed The optimal tool will collect the right data and align with the
customerrsquos budget whether the tool requires a license or subscription or is free
Scope of inventory
For any SAM engagement a standard best practice is to collect all relevant inventory and licensing data across all Windows-based computers in the environment For a SAM Baseline Review itrsquos important to consider the
minimum requirements based on customer goals For customers looking to move some or all of their applications to a web-client delivery solution such as Office 365 the inventory toolrsquos scope should cover all
clients and a subset of servers to assess if systems are ready for the various Office 365 offerings
You should also determine the scope of devices that contain data to be collected For customers running Active Directory Domain Services (or Directories in the case of multiple separate domainsforests) include in
scope all machines with Active Directory activity reported in the last 30 days (time frame can be adjusted
according to customer circumstances)
Implementing the inventory tool
The standard approach for deploying an inventory tool for a SAM Cloud Productivity engagement includes preparing the environment for scanning and data collection Use either a combination of available tools or
iterative scans to continually increase coverage rates
Baseline ReviewStep 2 Data collection
13
Agent-less toolsbull Understand domain network and firewall (as examples) considerations that can effect a toolrsquos
ability to access various portions of your customerrsquos environment
bull Open firewalls make firewall exceptions deploy Group Policy Objects and open specific ports to
ensure that the tool can access all the targeted machines
bull Agentless tools typically need to run multiple times especially at different times of the day and days of the week to catch the variety of users shifts and time zones depending on the
organization
Agent-based tools bull Ensure agents are communicating regularly so that data remains current
bull Ensure agents are deployed to the scope of target machines
bull With the right refresh and agent coverage data collection from an agent-based tool should be a single snapshot extractionmdashno additional iterations should be necessary with the right refresh
schedule and agent coverage
Gathering data
When collecting information consider taking the following actions
bull Ask the customer to confirm the full set of Microsoft products offered to end customers Compare
the results to the customerrsquos current product reporting (invoicing)bull Ask relevant questions regarding the customerrsquos environment that enable you to effectively plan
data collection from an infrastructure and stakeholder perspective By the end of this stage you
should have a clear picture of
o Environments
o Datacenterso Number of servers (physical and virtual per environmentcustomer)
o Deployment types
o Type of virtualization software in useo Software inventory tools in use
o Operations management software in useo Identification of other affiliates providing hosting services
o Microsoft products and versions in use and features enabled
o How servers and software are provisioned decommissioned and tracked o Dates when each server was put into production
o How the company manages user access
DeliverablesAt the conclusion of this stage yoursquoll create a set of reports that summarize your findings including the
following
View sample report here
The customer will have time to review and validate the preliminary reports and make final adjustments
EDPProvides details related to the customersrsquo Microsoft software
deployments and usage data
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an
accurate point-in-time reflection of the customerrsquos current deployment and license position This data along with the additional customer inputs will provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based
on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application
of license benefit and optimization rules (eg upgrades downgrades promotions etc)bull Review of the Microsoft SOM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps
for the customer
In addition work with your customer to identify over-licensed and under-licensed software and events that
might have led the customer to any inaccuracies Reconcile any licensing gaps and provide the customer with guidance on the best way to manage their software assets most effectively going forward
This third stage of a SAM engagement focuses on achieving the following
bull Review amp validate all collected data
bull Compare deployed assets to entitlements
bull Map to an optimized environment based on customer goals
bull Interpret inventory data
Review and validate all collected dataA SAM engagement helps identify and document all product deployments usage and license entitlements This includes combining the inventory data with other relevant data and information that may not be
discoverable with most tools such as your browser readiness for an Office 365 migration development needs to migrate workloads to Azure and relationships between on-premises systems and Cloud systems
Compare deployed assets to entitlementsOne key benefit of a SAM engagement is that it gives you a clear picture of a customerrsquos entire IT landscape
which you can then share with them This includes an accurate view of all of a customerrsquos license entitlements
By understanding these entitlements you can help customers identify over-licensed and under-licensed software so they can purchase any necessary additions to bridge licensing gaps The SAM Baseline
engagement will also help to identify any license gaps eligible to be right-licensed while moving to the Cloud This helps ensure that the customer is getting credit for everything they own
In addition the engagement helps highlight ways in which a subscription model can impact budgeting and
procurement taking into account direct indirect and hidden costs Discussions around a customerrsquos current licensing program and future needs will also help to identify the optimal Volume Licensing choices going
forward
Baseline
ReviewStep 3 Data analysis
14
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewStep 3 Data analysis
15
Map to an optimized environment based on customerrsquos goalsTo optimize results you have to take a holistic view of the customerrsquos current state and intended goal objectives level of willingness to move technical readiness and cost considerations These help determine the
optimal Cloud solution recommendation
Recommended areas of analysis for optimization include the following
bull Assess whether the customerrsquos appropriately licensed for their current deployment and usage state We
can then provide recommendations for the best licensing options to align with their future business plans
bull Analyze the customerrsquos SAM process and provide recommendations to develop or improve them in
support of ongoing optimization management and compliance
bull Determine whether systems are ready for Azure in their current configurations by identifying the Windows
operating system and SQL Server software versions currently running to see if they are supported in Azure You can find supported versions at Microsoft Server Software Support for Microsoft Azure Virtual
Machines
bull Size the systems being assessed to understand system utilization and anticipated resource needs in Azure Virtual Machines This requires collecting performance metrics not simply a single scan of how a machine
is running at a single point in time
Recommended metrics include the following
ndash Azure Virtual Machine size
ndash Estimated monthly usage
ndash Network use (GB)
ndash Storage use (GB)
bull Identify applications and services that are already running in the Cloud and consider the most effective way to manage those solutions For more detailed information on working with Microsoft Cloud
management solutions please read about the Enterprise Mobility Suite with Windows Intune Azure Active
Directory Premium and Azure Rights Management
bull Look for areas of potential risk pertaining to running older software that is out of date or past end of support In particular try and track the following information
ndash Devices not running updated software
ndash Devices running Windows XP
ndash Devices running Windows Server 2008
Interpret inventory databull When reviewing the inventory tool output look for anomalies such as client count results differing
greatly from the number of employees Question anything that seems unusual to ensure your analysis
is an accurate representation of the customerrsquos environment
bull Make sure you understand the relationships between on-premises systems (such as an employee database) and Cloud systems (such as payroll)
bull Be aware that inventory data for Cloud computing may be accessed delivered and managed differently
than data for on-premises solutions Data from the inventory tool should be combined with data from other sources (IT service management and finance for example) so informed decisions can be made
that reflect all aspects of moving workloads to the Cloud including the impact on total cost of
ownership and return on investment
ndash CPU utilization ()
ndash Memory utilization (MB)
ndash Disk IO utilization (IO operations per second)
ndash Network utilizationmdashinout (MB)
bull The customer needs to know who is managing what in order to inventory assets properly If the
organization is using a service provider clarify what was purchased and who is managing it
Over-licensing and under-licensingBased on your analysis yoursquoll be prepared to discuss the customerrsquos current state with clear information on
places where they may be over-licensed or under-licensed Ensure that you are fully aware of the installation
or virtualization rights that your customerrsquos products may have via traditional product use rights Software Assurance (SA) Benefits or even via license grants documented in the Product List Use the findings to talk
about the benefits of being right-licensed and discuss the licensing options that are available to help them achieve proper licensing
Address any licensing shortfalls that have been identified and explain the steps the customer should take to
resolve their under-licensed position Typically the customer will follow their standard process and acquire
the shortfall through their reseller using their existing Volume Licensing (VL) agreement Agree on a timeline to resolve the shortfall ndash within thirty days of identification is a reasonable time period Help the customer by
connecting their licensing shortfalls to gaps in their SAM management processes highlighting areas of improvement Often shortfalls do relate to issues with inadequate existing SAM processes if processes had
been in place and carried out properly shortfalls would have been found earlier
The diagram below shows an example of over- and under-licensing and represents the basic information most companies will need to track as a starting point Organizations with additional complexities will need to
add additional fields to be complete
Baseline ReviewStep 3 Data analysis
16
Product
NameVersion Edition
License
TypeInstallations
Licensed
Quantity
License
Excess or
Shortfall
Office 2010 Professional FPP 14 12 -2
Office 2013Professional
PlusVL 25 25 0
Windows 7 Professional VL 20 25 5
Windows 8 Enterprise OEM 19 19 0
FPP = Full packaged product
OEM = Original equipment manufacturer
VL = Volume Licensing
License rights vary depending on the type of license
purchased
You may find that the customer is over-licensed in some areas They may have acquired more licenses than
necessary or be mistaken in their belief that software is being used If it is discovered that they are not using the product and if their license rights allow it recommend that they reassign the product to another
workload or move the product to the Cloud if the customer has License Mobility rights If the product is being used but there is a quantity mismatch or surplus advise them to adjust their purchases to match their
actual requirements If the customer has active Software Assurance there is the potential to step them up in
the situation where they may need additional licenses for a higher edition of a product
Baseline ReviewData analysis ndash SAM Assessment
A SAM Assessment is a review of the customerrsquos existing processes against the SAM Optimization Model
framework identifying improvement opportunities and associated ROI The SAM Optimization Model (SOM) is a framework developed by Microsoft that is aligned with Microsoft Infrastructure Optimization (IO) SOM
enables partners and customers to evaluate SAM effectively and objectively in order to help them manage
the life cycle of software assets with policies procedures tools and a vision for the future SOM provides an established set of criteria to help you make consistent SAM assessments and recommendations
Use this model to conduct an evaluation to determine how effectively your customer is managing software assets The results from the assessment will form the basis for guidance you will provide the customer with
ways to improve their SAM practices and a tailored road map to help them visualize the benefits and savings
at each stage of SAM optimization
SAM Optimization Model amp ISO SAMThe SAM Optimization framework serves as the foundation and guidance for preparing to implement an effective SAM program that supports alignment with ISO standards The model is based on the ISOIEC
19770-1 standard which is the gold standard for SAM processes It identifies ten KPIs that focus on key
processes an organization needs to follow to implement a SAM program The SAM Optimization Model is a stepping stone to accomplish a complete end-to-end SAM program as defined within ISOIEC 19770-1 which
outlines the requirements and certifications recommended for a comprehensive SAM program Adopting both frameworks will help ensure that customers accurately and strategically implement and manage a
successful ongoing SAM practice
ISO SAM Tier 4
ISO SAM Tier 3
ISO SAM Tier 2
ISO SAM Tier 1
3 Long-term focus
2 Subsequent focus
1 Initial focus
MS SOM Dynamic
MS SOM Standardized
MS SOM Basic
MS SOM Rationalized
Largely Equivalent
Largely Equivalent
asymp
asymp
17
The Microsoft SOM infrastructure optimization maturity levels are
Basic
Ad Hoc ndash Little control over what IT assets are being used and where Lacks policies procedures resources
and tools
Standardized
Tracking Assets ndash SAM processes exist as well as tooldata repository Information may not be complete and accurate and is typically not used for decision making
Rationalized
Active Management ndash Vision policies procedures and tools are used to manage the IT software asset lifecycle Reliable information used to manage the assets to business targets
Dynamic
Optimized ndash Near real-time alignment with changing business needs SAM is a strategic asset to overall
business objectives
Baseline ReviewData analysis - SAM Assessment
The first two levels Basic and Standardized are the initial focus points for an organization As organizations
increase their maturity they will progress up to Rationalized with the ultimate long-term goal of arriving at a Dynamic state The Rationalized level is similar to the ISO SAM Tier 1 in the ISO 19770 model and the
Dynamic level corresponds generally to the ISO SAM Tiers 2 3 and 4
For more information on the ISO model see ISOIEC 19770 -12012 ndash Information technology ndash Software
asset management ndash Part 1 Processes and tiered assessment of conformance
Standardized
SAM
Tracking Assets
SAM processes exist
as well as tooldata
repository
Information may not
be complete or
accurate and typically
not used for decision
making
Rationalized
SAM
Active Management
Vision policies
procedures and tools
are used to manage
the software asset
lifecycle
Reliable information
used to manage the
assets to business
targets
Dynamic
SAM
Optimized
Near real-time
alignment with
changing business
needs
Business competitive
advantage through
SAM
Basic
SAM
Ad Hoc
Little control over
which IT assets are
being used and
where
Lacks policies
procedures
resources and tools
18
SOM maturity levels and key competencies
The SOM Assessment is a systematic approach in which you compare Key Performance Indicators (KPIs)
found within the customerrsquos current environment against a defined model to determine a SAM maturity level The objective is to gain an understanding of the organizationrsquos overall SAM maturity highlight SAM strengths
and weaknesses and provide a roadmap for improvement
A SOM Assessment Report provides the customer with an assessment rating and SAM maturity level based
on answers to SAM policy and procedure questions asked throughout the engagement and captured in the
Microsoft SAM Assessment Report The report also provides recommendations at each stage of the model prioritizing the ones with the greatest impact for the customer
For each key competency area you will identify the sources of data that need to be gathered identify how to
evaluate the data and what is to be determined and then breakout the four maturity levels using the tipping
points for each level
Baseline ReviewData analysis - SAM Assessment
19
SAM Optimization Model ndash maturity levels
BASIC STANDARDIZED RATIONALIZED DYNAMIC
SAM ThroughoutOrganization
Project Managerassigned but SAM rolesamp responsibilities not
defined
Direct SAM responsibilityis identified throughoutorganization
Each functional groupactively manages SAM
SAM responsibilitiesdefined in job descriptionsacross organization
SAMImprovement Plan
No SAM development orcommunication plan
SAM plan is defined and approved
SAM Improvement is demonstrated
SAM goals part of executive scorecard Reviewed regularly
Hardware ampSoftware Inventory
No centralized inventoryor lt 68 assets in central inventory
gt 68-95 of assets in inventory
gt 95 - 98 of assets in Inventory
gt 99 of assets in inventory
Accuracy of InventoryManual inventory nodiscovery tools
Inventory sourcesreconciled annually
Inventory sourcesreconciled quarterly
Dynamic discovery tools provide near real-time deployment details
LicenseEntitlement Records
Procurement managescontracts not accessed byIT managers
Complete entitlementrecords exist acrossorganization
Entitlement recordsreconciled with vendorrecords
SAM entitlement system interfaces with vendor entitlement to track usage
Periodic EvaluationIT operations managed onad-hoc basis
Annual sign-off on SAM reports
Quarterly sign-off on SAM reports
System reconciliations and ITAM report available on demand
SAM OperationsMgmt amp Interfaces
SAM not considered partof MampA risk plan andcompany integration
Operations managesseparate asset inventories
Operations managesassociated assetinventory
All business units follow the same strategy processamp technology for SAM
Acquisition Process
Assets purchased on aper project basis withouta review of current
availability
Software purchases use approved vendors
Software purchases based on deployment entitlement
reconciliation
All purchases are made using a predefined assetcatalog based on metered
usage
Deployment Process
Assets deployed byend-users in distributedlocations no centralized IT
Only approved software is deployed
Software deploymentreports are accessible tostakeholders
Software is dynamically available to users on demand
Retirement Process
Software is retired withhardware and is notharvested or reassigned
Unused software isharvested (where the license allows) and
tracked within a centrally controlled inventory
Centrally controlledinventory of harvestedlicenses is maintained
amp available for reuseDeployment amp license
records are updated
Automated process wcentralized control amp tracking of all installed
software harvest optionsinternal reassignment
and disposal
As you assign the maturity level for each of the ten key competency areas note the customer may be at
different stages in the modelmdashmeaning some areas will be Basic while others are Dynamic or Rationalized Most customers will be in the Basic and Standardized maturity levels but you will see some areas (for
example Acquisition Process) that could be Rationalized or even Dynamic
SOM Workbook
The SOM Assessment Report Workbook is used to document the details on your maturity level assessment
ratings for each of the key competency areas The workbook provides a framework for your customer SAM
optimization review It will also enable you to capture the assessment ratings for each of the ten competency areas
Workbook contents
Within the workbook there is a tab for each competency In addition to the objectives and key questions
each tab contains a definition of the competency risk considerations guidance on how to evaluate the SAM optimization level and the final assessment rating for the specific competency You can also enter notes as
needed at the bottom of each tab
The lsquoSAM Assessment Reportrsquo tab provides the consolidated assessment ratings across all ten competencies
once they have been filled in by you From this tab you can save a copy of this summary information to email
to Microsoft by clicking the lsquoCreate Final Reportrsquo button Note You need to enable the Macro Option above in the Security Warning
The lsquoSAM Assessment Graphrsquo tab provides a graph based on the summary assessment data once it is all
collected
The last tab lsquoCompetency Rating Informationrsquo provides definitions for each competency and optimization
level along with additional assessment guidance
To get started Follow the directions on the ldquoGetting Startedrdquo section of the Introduction tab To set up the
workbook for the customer
1Enable the macros in the security options
2Enter the name of the Customer in cell lsquoF2rsquo
3Enter the Partner Name in cell lsquoF3rsquo
4Enter the Partner MSPP ID in cell lsquoF4rsquo
5Enter the OpportunityID or Agreement in cell lsquoF5rsquo
Baseline ReviewData analysis - SAM Assessment
20
Filling out the Workbook
Using the information you collect by questioning the customer and assessing their maturity level in each of
the ten competencies (both explained in more detail below) you will record an ldquoInitial Observationrdquo and an ldquoAssessment Ratingrdquo for each competency in the appropriate competency tab
bullThe lsquoAssessment Ratingrsquo is your analysis of the customerrsquos maturity for a particular key competency
bullThe lsquo(Initial) Observationsrsquo is supporting information on why you selected the lsquoAssessment Ratingrsquo
Baseline ReviewData analysis - SAM Assessment
The ldquoSAM Assessment Reportrdquo tab is organized by the key competencies and corresponding ISO categories
and the results Once all observations and ratings are recorded the information in the lsquoCurrent Optimizationrsquo columns are auto filled based on the lsquoAssessment Ratingrsquo you have selected as well as your Initial
Observation
21
Creating a final report
To create a final report select the ldquoCreate Final Reportrdquo button making sure that macros are enabled
Baseline ReviewData analysis - SAM Assessment
22
Results from the workbook are also provided back in the form of a graph on the SAM Assessment Graph tab
This is an example of what the output graph will look like
0
1
2
3
4
SAM
throughout
organization
SAM
improvement
plan
Hardware
and
software
inventory
Accuracy
of
inventory
License
entitlement
records
Periodic
self
evaluation
Operations
management
interfaces
Acquisition
process
Deployment
process
Retirement
process
Basic
Standardized
Rationalised
Dynamic
Baseline ReviewData analysis - SAM Assessment
23
DeliverablesUpon completion of this stage you can offer key best practices to improve the customerrsquos software asset management program going forward
ELP
Provides details related to license entitlements which are mapped to
deployments and identifies any gaps or underutilization in your organization
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
View sample report here
Final results
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an accurate point-in-time reflection of the customerrsquos current deployment and license position This data along
with the additional customer inputs will also provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application of license benefit and optimization rules (eg upgrades downgrades promotions etc)
bull Review of the Microsoft SAM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps for the customer
Additionally SAM must take into account the speed and ease with which new services can be provisioned configured and released This ease of implementation introduces organizational risks by decentralizing IT
services Because Cloud services appeal directly to business users the risk exists that these services may be
purchased outside the traditional software procurement and SAM processes
Deliverables
The following deliverables are due to the customer at the end of the engagement
bull A comprehensive view of the customer environment A document with details related to all
hardware and software currently deployed within the customerrsquos IT infrastructure
bull The Effective License Position (ELP) A spreadsheet that provides details related to license entitlements and deployments The spreadsheet must be produced using I-AM (Note Defined in
Deliverables to Microsoft) bull License Optimization Report This report must contain the risks liabilities and issues associated
with customerrsquos current licensing practices and prioritized recommendations on how to better
manage their licenses to minimize risks in the future The report could also contain but is not limited to
o Identification of all of the customerrsquos Volume License Agreements (VLAs) with Microsoft and a recommendation on any beneficial consolidation
o Consumption information detailing installed products that are unused or underutilized (eg
no use in last six months)o Recommendations for a repeatable simplified inventory collection process for future True-ups
(for Enterprise Agreement customers only)o Additional customer-specific recommendations based on captured data and insights
24
SAMSOFTWARE ASSET MANAGEMENT
Baseline
ReviewStep 4 Final recommendations
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
How to use this document
Getting started
The SAM Baseline Review engagement kit walks you through the complete cycle of an engagement
The kit begins with a general introduction describing what a SAM Baseline Review engagement is and
the stages involved to complete one The rest of the kit focuses on how to proceed with each stage
This includes which deliverables represent billable milestones at the end of each stage At the end of
the kit within the Appendix you will find additional information to help you with the engagement
process as well as links to resources that offer useful information and details
Prerequisites
Partners that participate in a SAM engagement must be a registered SAM Gold Partner or must have
earned the SAM Solution Expertise criteria
3
Baseline
Review Introduction
SAM an industry-led best practiceSoftware Asset Management (SAM) is a set of proven IT best practices that unite people processes and technology to control and optimize the use of IT assets across an organization SAM can help organizations
control costs as well as manage risk optimize software licensing investments and grow IT systems while
keeping their future goals in mind
The comprehensive international standard for SAM is ISOIEC 19770-12006 SAM Processes This is a vendor-
independent standard supported by much of the IT industry including Microsoft This standard provides customers with the ability to demonstrate good corporate governance in the highly complex area of IT
SAM also assists customers in making informed decisions about managing technology change Adopting new
technology requires a thoughtful approach and careful planning Itrsquos important to understand not only license costs but other use and infrastructure impacts to avoid unintended consequences and financial implications A
fully implemented SAM program can help customers gain the insights they need to make informed decisions about technology migration and upgrades server consolidation and virtualization Cloud implementation
management of mobile devices and cybersecurity
SAM Baseline Review engagement
A SAM Baseline Review engagement provides the customer with a complete view of their current Microsoft
product deployment and licensing position and their SAM maturity level With this information you can help the customer optimize their software investments
4
SAMSOFTWARE ASSET MANAGEMENT
Each customer should come away with an
end-to-end value-based SAM experience
Customers will receive several key deliverables
including but not limited to
1) SAM Baseline SOM Assessment Report
2) Established Deployment Position (EDP)
3) Effective License Position (ELP)4) License Optimization Report
Customers also will learn how to improve internal processes to lower costs reduce risk and improve
productivity By receiving an expert-level inventory snapshot that is clear and comprehensive theyrsquoll be in a better position to work through IT challenges like SQL workload optimization Cloud implementation and
virtualization
Your role is to facilitate the SAM engagement on behalf of Microsoft When performing an analysis you should record licensing and usage in accordance with the terms of Microsoftrsquos licensing programs Yoursquoll
work with the customerrsquos organization to conduct the engagement and interview SAM stakeholders such as procurement HR accountingfinance IT managers and staff business unit managers and legal personnel to
get a holistic view of the organizationrsquos infrastructure and current policies and procedures
Baseline ReviewIntroduction
5
Foundation for strong IT governanceA SAM Baseline Review is the core activity of any effort around SAM If an organization does not have a
foundational understanding of their IT environment it will be difficult for them to develop a strategic forward-thinking plan The baseline is useful for measuring
bull Software deployments
bull Licensing position and requirements
bull Tool needs based upon any gaps in data collection that may be identified
bull Risks
bull Strengths and weaknesses of an organizationrsquos existing IT infrastructure
bull Maturity of SAM processes
Partner benefitsbull Develop long-term relationships by establishing credibility and demonstrating customer-focused
problem-solving
bull Open the door to new business new customers and the opportunity to develop an on-going
customer relationship
bull Increase services revenue at each organization by finding further opportunities that develop from the
baseline since most customers need to spend their time focusing on their own core business and licensing can be complex
bull Enjoy lowered costs and improved profitability with the repeatable model of the SAM Baseline Review
for multiple customers
bull Establish yourself as a trusted advisor by advising customers about the benefits of a solid SAM strategy with the SAM Optimization Model and highlighting the overall benefits of incorporating
SAM best practices throughout the customerrsquos organization
bull Pave the road to specialized SAM engagements such as Cloud Productivity Cybersecurity Virtualization and Mobile Device Management which require the completion of a full scan of the
customerrsquos environment
Customer benefitsbull Align software licenses and usage with business needsbull Simplify acquisition deployment and management of softwarebull Improve forecasting to help the IT department control expendituresbull Control costs and minimize business and legal risks through more effective management of
software assetsbull Achieve greater negotiating power with vendors and help get the most out of software
investmentsbull Develop an understanding of the organizationrsquos SAM maturity and create a roadmap to visualize
the benefits and savings at each stage of SAM optimizationbull Save time and money by working with a partner with a deep knowledge of SAMbull Identify opportunities to benefit from a specialized SAM engagement such as Cloud Productivity
Cybersecurity Virtualization and Mobile Device Management which require the completion of a full scan of the customerrsquos environment
bull Understand the current environment to help plan for future needs
Baseline ReviewIntroduction
6
In addition to services you can also help a Cloud customer adapt policies and procedures to encompass the
change SAM Cloud programs must take into account the real-time nature of the environment and speed and ease of provisioning services Organizations end up actually relying more on SAM policies and procedures for
Cloud contracting deployment and management than they would in a traditional environment with a longer
product lifecycle
All work completed under this Statement of Work (SOW) will be provided in accordance with the Intelligent
Asset Manager (I-AM) Terms of Use (ldquoTOUrdquo) available here
For Proof of Execution (PoE) you must include the following deliverables (listed below) due to Microsoft
upon the completion of the SAM engagement
bull Letter of Engagementbull Established Deployment Position (EDP)bull Effective License Position (ELP)bull Baseline SOM Assessment Reportbull Letter of Confirmation (only required for certain countries)
PLANNING
Identify your needs amp goals
Gather information on
licensing IT landscape amp business organization
Discuss project and
arrange access amp resources
DATA COLLECTION
Take inventory of hardware software
and licenses using tools questionnaires
and stakeholder interviews
Gather information on process amp procedures
DATA ANALYSIS
Review amp validate allcollected data
Compare deployed assets
with current utilization
Map to an optimized environment based on
your goals
FINAL
RECOMMENDATIONS
Discuss final recommendations and
engage in data-driven discussions to ensure your
business needs amp goals are met
What to expect from a SAM engagementEvery SAM engagement focuses on four phases
Deliverables
Letter of Engagement
Deliverables
Established Deployment
Position (EDP)
Deliverables
Effective License Position
(ELP)
License Optimization Report
Deliverables
Baseline SOM
Assessment Report
A comprehensive software inventory provides the foundation for all SAM recommendations and guidance
about how an organization can optimize their software assets and the procurement process going forward This discovery process can also help organizations identify unwanted or unauthorized programs that could
pose a security risk or are not covered by a current licensing agreement
For a SAM Baseline Review collecting all relevant hardware and software inventory data from all users and devices in the environment is a standard best practice The inventory and resulting data are important in
determining whether software assets are licensed appropriately managed optimally and configured to support ongoing license compliance
The first stage of such an engagement focuses on planning Within this stage you will achieve the following
bull Gather information about the customerrsquos environment
bull Discuss the project and arrange access and resources
Gathering customer information
Your most important source is your customer Customer conversations are key to an effective SAM
engagement and should help provide the insights you need to fully understand the customerrsquos environment At the outset of the engagement you should ask questions to learn more about the organization such as
At the outset of the engagement you should collect the following inputs from the customerrsquos premises
bull A complete background of the customerrsquos existing IT infrastructure and environment including on-premises Cloud and outsourced installations for all locations andor divisions
bull Deployment inventory data coverage of no less than 90 from at least one (1) automated discovery tool for each customer location where Microsoft products are installed (see Data Collection
Requirements)
bull Entitlement data outside Microsoft Volume License Agreements from procurement and any applicable sources or suppliers which may include
o Original Equipment Manufacturer (OEM)o Full Packaged Product (FPP) Retail
o Outsourcer
o Service provider (Hosters etc)o Additional reseller(s)
o Changes to entitlements resulting from mergers acquisitions or divestitureso Independent Software Vendors (ISV)
o Any serversenvironments managed by a Service Provider Licensing Agreement (SPLA)
bull A full and confirmed list of affiliates if they exist and any relevant amendments to their Microsoft Volume License Agreements including any license transfer documents either granting or receiving
licensing rightsbull Customer input on current SAM processes and level of maturity as mapped to Microsoftrsquos SAM
Optimization Model framework and questionnaire (see Microsoft Baseline SOM Assessment Report)
using stakeholder interviews
Baseline
ReviewStep 1 Planning
7
SAMSOFTWARE ASSET MANAGEMENT
o A minimum of three (3) stakeholders must be interviewed representing decision-making roles
in the following departments Information Technology (IT) Procurement and Operationso Input must also include an interview or feedback from one (1) stakeholder for each location
andor division (if the customer has multiple locations andor divisions)
bull Current IT infrastructure and organization diagrams that include locations IT group names SAM tool(s) or supporting processes in place and stakeholder names
bull Location of software entitlement deployment and retirement records as well as level of access allowed
bull Office 365 and other Microsoft Online Services reservations and assignments
bull Any copies of recent SAM reports and SAM Self-Improvement Plans that have been created for internal stakeholders including any evidence of stakeholder and executive review and sign-off (if
available)
The partner will collect the following inputs from Microsoft
Microsoft License Statement (MLS) including Microsoft Product and Services Agreement (MPSA) data where
relevant
Discuss project and arrange access and resourcesBased on the preliminary information yoursquove gathered you can create a full SOW This plan will contain an outline for data collection and analysis a detailed list of deliverables and a timeline with deadlines This
establishes a customerrsquos expectations and your accountability
DeliverablesA Letter of Engagement is due to the customer and Microsoft at the beginning of the engagement This letter
provides the necessary Proof of Execution (PoE) in order for you to collect Channel Incentives payment
The letter must include at a minimum
bull A SOW for the engagement being performed including a list of all customer deliverables
bull Scope of the engagement including any scope limitations
bull Dates and timelinesbull Your project team members and their relevant Microsoft Certified Professional (MCP) credentials
bull A list of key contacts that must include names titles phone numbers and email addresses bull A planned disclosure of engagement deliverables to Microsoft
bull A statement explaining that data collected by you from the customerrsquos information system
environment is transferred to Microsoft and how Microsoft will use that data collected to generate reports necessary for you to effectuate the SAM services
bull Consent from the customer to transfer data to Microsoft any of its affiliates and to the subprocessors Microsoft may employ to generate the reports necessary for the SAM services
including consent to transfer personal Information to the United States and other countries where
Microsoftrsquos subprocessors are located ldquoPersonal Informationrdquo in this instance means any information provided by Microsoft or collected by you in connection with this agreement that (a) identifies or
can be used to identify contact or locate the person to whom such information pertains or (b) from which identification or contact information of an individual person can be derived Personal
Information includes but is not limited to name address phone number fax number and email
address Additionally to the extent any other information (such as but not necessarily limited to a personal profile unique identifier andor IP address) is associated or combined with Personal
Information then such information also will be considered Personal Information
Baseline ReviewStep 1 Planning
8
Baseline ReviewStep 1 Planning
9
bull The Microsoft SAM Engagement data usage and privacy information document (ie Data Usage
Guide) bull Reference to the Data Usage Guide where appropriate
The Letter of Engagement must be in writing and signed by an authorized representative of your organization
and the customer
You also must notify the Microsoft SAM Engagement Manager when the Letter of Engagement is uploaded into the required system as designated by Microsoft (currently CHIP)
Letter of Engagement Provides the customer with an overview of the SAM engagement
View sample report here
The objective of data collection is to develop a profile of the customerrsquos current Microsoft software in
their environment for analysis Within this discovery stage yoursquoll take inventory of the customerrsquos IT assets and licensing
This section contains a minimum list of required steps partners must take to ensure satisfactory levels of
completeness and accuracy to build the basis for the required analysis and customer deliverables Partners will ensure that all data collected will be stored securely and in accordance with the requirements set out in the I-
AM TOUs
There are two main categories of data collection 1) data related to the discovery and inventory of hardware
and software assets and the mapping to licensing entitlements to complete the EDP and ELP proof of
execution and 2) data related to the maturity level of the customerrsquos SAM policies procedures and practices to complete the SAM Optimization Model (SOM) Assessment proof of execution Partners must ensure that the
data collected is whole complete and accurate through validation with secondary data sources The data collection must cover the full scope of the customerrsquos enterprise and all Microsoft products deployed within
the environment Any deviation or change to this scope needs to be approved by Microsoft the partner and
customer
Yoursquoll want to secure a clear documented and shared understanding of the customerrsquos complete server estate
(physical and virtual) license management processes and practices offerings and use of Microsoft products datacenters and domains Within this stage yoursquoll acquire a documented license responsibility per
environment (internal dedicated co-located license mobility) and for the whole scope of the engagement
This will come prior to data analysis and formation of a report
Take inventory of IT assets and licensing
You need to prepare to take a full inventory of hardware and software deployments and licensing This assessment includes how the technology is being used and by whom You can accomplish this through
inventory tools questionnaires and stakeholder interviews Before you can move forward however you must
first work with the customer to establish the following parameters
bull Data collection requirements
bull Choosing the right tool
bull Scope inventory
bull Implementing the inventory tool
bull Gathering data
Data collection requirementsData coverage means the percentage of total devices for which all required installation data has been obtained Data coverage must reach at least 90 of all devices pertaining to this engagement Where devices
arenrsquot joined to the directory or network manual collection of data is acceptable (while maintaining the 90
data coverage requirement) Some specific guidance includes but is not limited to
Baseline
ReviewStep 2 Data collection
10
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewStep 2 Data collection
11
bull Data extract must be cross-referenced against a minimum of one (1) additional data source
including but not limited too Records from existing network performancesecurity monitoring and management tools
o Network management frameworks
o Virtual machine performance monitoringo Customer Human Resources (HR) records
o Security sources (anti-virus)bull All trust accounts must be extracted to ensure no domains are missed
bull Extraction of user accounts by group (if applicable eg for Citrix) Output includes a listing of user
objects and the AD Groups they belong tobull Identification of active users based upon the technique(s) employed by the customer (based on
output from Step 1)bull Complete extraction of data from the customerrsquos current management and inventory tools and the
calculation of current coverage levels of existing tool(s)
bull Inventory of any missing devices including but not limited to devices thato Do not report inventory
o Are non-networkedo Are unmanaged devices
bull Virtual environment mapping output includes
o Clusterso Physical hosts
o Virtual guests and virtual guest movement across physical hosts within the past 90 days to accurately calculate licensing needs for products such as Windows Server SQL Server etc
bull Identification of workstations and servers used by Microsoft Developer Network (MSDNreg)
subscribers Products installed on these devices will be identified and excluded if appropriate Facilitation of the identification of devices covered by MSDNreg subscriptions by employing various
methods such as determining preferred user for devices linking last logged-on user to devices or soliciting feedback from customer personnel that have an MSDNreg subscription (email template can
be provided) This step should be completed as early as possible in the data collection phase
bull For server products that can be licensed in multiple ways (eg serverCAL or per processor) the licensing metric applicable to each implementation must be identified
bull SQL Server output includeso Version and edition
o License type required for each SQL Server instance for customers with mixed licensing metric
(serverCAL per processor or per core)o Confirmation of passive SQL Servers assigned Failover Rights
bull Windows Server output includeso Server name
o Physical or virtual operating system environment
o Operating system version and editiono Processor and core information
bull System Center Server output includeso Server names
o Physical or virtual data
o Component (eg System Center Configuration Manager (SCCM) System Center Virtual Machine Manager (SCVMM) version and edition)
o Processor and core information
Baseline ReviewStep 2 Data collection
12
SOM Assessment
Complete the Microsoft SOM Assessment Report questions with answers provided by the customer through interviews
Choosing the right tool
With the right inventory tool you can collect a wide range of data points including software versions on-
premises software usage and an analysis of applications or services already running in the Cloud When choosing an inventory tool keep in mind that each tool supplier has its own process framework Tools donrsquot all
function the same way Using multiple tools helps discover and analyze the data and provide a more robust view of a customerrsquos environment While in some cases the customer may already have an inventory tracking
system other tools may be able to augment the types of data that the customerrsquos
tool collects
Some considerations to keep in mind when choosing or recommending an inventory tool
bull What inventory tools are already deployed within the organization What scope of the
environment do they cover What data points are they capable of capturing and reporting
bull Will deploying an agent-less or agent-based tool be more effective
bull What are the strengths and weaknesses of the tools being considered Will one or more of the tools
collect all required data pointsmdashhardware software virtualization details across a variety of hypervisors (Hyper-V VMwarereg and XenServerreg for example)
bull Is it optimal to deploy and monitor a tool remotely or on-premises
bull How will the tool gather data from PCs servers and mobile devices that connect to the network
remotely
bull If using an inventory tool that the customer already has in place make sure itrsquos configured correctly and can scan the full IT environment
bull Consider how the tool is licensed The optimal tool will collect the right data and align with the
customerrsquos budget whether the tool requires a license or subscription or is free
Scope of inventory
For any SAM engagement a standard best practice is to collect all relevant inventory and licensing data across all Windows-based computers in the environment For a SAM Baseline Review itrsquos important to consider the
minimum requirements based on customer goals For customers looking to move some or all of their applications to a web-client delivery solution such as Office 365 the inventory toolrsquos scope should cover all
clients and a subset of servers to assess if systems are ready for the various Office 365 offerings
You should also determine the scope of devices that contain data to be collected For customers running Active Directory Domain Services (or Directories in the case of multiple separate domainsforests) include in
scope all machines with Active Directory activity reported in the last 30 days (time frame can be adjusted
according to customer circumstances)
Implementing the inventory tool
The standard approach for deploying an inventory tool for a SAM Cloud Productivity engagement includes preparing the environment for scanning and data collection Use either a combination of available tools or
iterative scans to continually increase coverage rates
Baseline ReviewStep 2 Data collection
13
Agent-less toolsbull Understand domain network and firewall (as examples) considerations that can effect a toolrsquos
ability to access various portions of your customerrsquos environment
bull Open firewalls make firewall exceptions deploy Group Policy Objects and open specific ports to
ensure that the tool can access all the targeted machines
bull Agentless tools typically need to run multiple times especially at different times of the day and days of the week to catch the variety of users shifts and time zones depending on the
organization
Agent-based tools bull Ensure agents are communicating regularly so that data remains current
bull Ensure agents are deployed to the scope of target machines
bull With the right refresh and agent coverage data collection from an agent-based tool should be a single snapshot extractionmdashno additional iterations should be necessary with the right refresh
schedule and agent coverage
Gathering data
When collecting information consider taking the following actions
bull Ask the customer to confirm the full set of Microsoft products offered to end customers Compare
the results to the customerrsquos current product reporting (invoicing)bull Ask relevant questions regarding the customerrsquos environment that enable you to effectively plan
data collection from an infrastructure and stakeholder perspective By the end of this stage you
should have a clear picture of
o Environments
o Datacenterso Number of servers (physical and virtual per environmentcustomer)
o Deployment types
o Type of virtualization software in useo Software inventory tools in use
o Operations management software in useo Identification of other affiliates providing hosting services
o Microsoft products and versions in use and features enabled
o How servers and software are provisioned decommissioned and tracked o Dates when each server was put into production
o How the company manages user access
DeliverablesAt the conclusion of this stage yoursquoll create a set of reports that summarize your findings including the
following
View sample report here
The customer will have time to review and validate the preliminary reports and make final adjustments
EDPProvides details related to the customersrsquo Microsoft software
deployments and usage data
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an
accurate point-in-time reflection of the customerrsquos current deployment and license position This data along with the additional customer inputs will provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based
on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application
of license benefit and optimization rules (eg upgrades downgrades promotions etc)bull Review of the Microsoft SOM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps
for the customer
In addition work with your customer to identify over-licensed and under-licensed software and events that
might have led the customer to any inaccuracies Reconcile any licensing gaps and provide the customer with guidance on the best way to manage their software assets most effectively going forward
This third stage of a SAM engagement focuses on achieving the following
bull Review amp validate all collected data
bull Compare deployed assets to entitlements
bull Map to an optimized environment based on customer goals
bull Interpret inventory data
Review and validate all collected dataA SAM engagement helps identify and document all product deployments usage and license entitlements This includes combining the inventory data with other relevant data and information that may not be
discoverable with most tools such as your browser readiness for an Office 365 migration development needs to migrate workloads to Azure and relationships between on-premises systems and Cloud systems
Compare deployed assets to entitlementsOne key benefit of a SAM engagement is that it gives you a clear picture of a customerrsquos entire IT landscape
which you can then share with them This includes an accurate view of all of a customerrsquos license entitlements
By understanding these entitlements you can help customers identify over-licensed and under-licensed software so they can purchase any necessary additions to bridge licensing gaps The SAM Baseline
engagement will also help to identify any license gaps eligible to be right-licensed while moving to the Cloud This helps ensure that the customer is getting credit for everything they own
In addition the engagement helps highlight ways in which a subscription model can impact budgeting and
procurement taking into account direct indirect and hidden costs Discussions around a customerrsquos current licensing program and future needs will also help to identify the optimal Volume Licensing choices going
forward
Baseline
ReviewStep 3 Data analysis
14
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewStep 3 Data analysis
15
Map to an optimized environment based on customerrsquos goalsTo optimize results you have to take a holistic view of the customerrsquos current state and intended goal objectives level of willingness to move technical readiness and cost considerations These help determine the
optimal Cloud solution recommendation
Recommended areas of analysis for optimization include the following
bull Assess whether the customerrsquos appropriately licensed for their current deployment and usage state We
can then provide recommendations for the best licensing options to align with their future business plans
bull Analyze the customerrsquos SAM process and provide recommendations to develop or improve them in
support of ongoing optimization management and compliance
bull Determine whether systems are ready for Azure in their current configurations by identifying the Windows
operating system and SQL Server software versions currently running to see if they are supported in Azure You can find supported versions at Microsoft Server Software Support for Microsoft Azure Virtual
Machines
bull Size the systems being assessed to understand system utilization and anticipated resource needs in Azure Virtual Machines This requires collecting performance metrics not simply a single scan of how a machine
is running at a single point in time
Recommended metrics include the following
ndash Azure Virtual Machine size
ndash Estimated monthly usage
ndash Network use (GB)
ndash Storage use (GB)
bull Identify applications and services that are already running in the Cloud and consider the most effective way to manage those solutions For more detailed information on working with Microsoft Cloud
management solutions please read about the Enterprise Mobility Suite with Windows Intune Azure Active
Directory Premium and Azure Rights Management
bull Look for areas of potential risk pertaining to running older software that is out of date or past end of support In particular try and track the following information
ndash Devices not running updated software
ndash Devices running Windows XP
ndash Devices running Windows Server 2008
Interpret inventory databull When reviewing the inventory tool output look for anomalies such as client count results differing
greatly from the number of employees Question anything that seems unusual to ensure your analysis
is an accurate representation of the customerrsquos environment
bull Make sure you understand the relationships between on-premises systems (such as an employee database) and Cloud systems (such as payroll)
bull Be aware that inventory data for Cloud computing may be accessed delivered and managed differently
than data for on-premises solutions Data from the inventory tool should be combined with data from other sources (IT service management and finance for example) so informed decisions can be made
that reflect all aspects of moving workloads to the Cloud including the impact on total cost of
ownership and return on investment
ndash CPU utilization ()
ndash Memory utilization (MB)
ndash Disk IO utilization (IO operations per second)
ndash Network utilizationmdashinout (MB)
bull The customer needs to know who is managing what in order to inventory assets properly If the
organization is using a service provider clarify what was purchased and who is managing it
Over-licensing and under-licensingBased on your analysis yoursquoll be prepared to discuss the customerrsquos current state with clear information on
places where they may be over-licensed or under-licensed Ensure that you are fully aware of the installation
or virtualization rights that your customerrsquos products may have via traditional product use rights Software Assurance (SA) Benefits or even via license grants documented in the Product List Use the findings to talk
about the benefits of being right-licensed and discuss the licensing options that are available to help them achieve proper licensing
Address any licensing shortfalls that have been identified and explain the steps the customer should take to
resolve their under-licensed position Typically the customer will follow their standard process and acquire
the shortfall through their reseller using their existing Volume Licensing (VL) agreement Agree on a timeline to resolve the shortfall ndash within thirty days of identification is a reasonable time period Help the customer by
connecting their licensing shortfalls to gaps in their SAM management processes highlighting areas of improvement Often shortfalls do relate to issues with inadequate existing SAM processes if processes had
been in place and carried out properly shortfalls would have been found earlier
The diagram below shows an example of over- and under-licensing and represents the basic information most companies will need to track as a starting point Organizations with additional complexities will need to
add additional fields to be complete
Baseline ReviewStep 3 Data analysis
16
Product
NameVersion Edition
License
TypeInstallations
Licensed
Quantity
License
Excess or
Shortfall
Office 2010 Professional FPP 14 12 -2
Office 2013Professional
PlusVL 25 25 0
Windows 7 Professional VL 20 25 5
Windows 8 Enterprise OEM 19 19 0
FPP = Full packaged product
OEM = Original equipment manufacturer
VL = Volume Licensing
License rights vary depending on the type of license
purchased
You may find that the customer is over-licensed in some areas They may have acquired more licenses than
necessary or be mistaken in their belief that software is being used If it is discovered that they are not using the product and if their license rights allow it recommend that they reassign the product to another
workload or move the product to the Cloud if the customer has License Mobility rights If the product is being used but there is a quantity mismatch or surplus advise them to adjust their purchases to match their
actual requirements If the customer has active Software Assurance there is the potential to step them up in
the situation where they may need additional licenses for a higher edition of a product
Baseline ReviewData analysis ndash SAM Assessment
A SAM Assessment is a review of the customerrsquos existing processes against the SAM Optimization Model
framework identifying improvement opportunities and associated ROI The SAM Optimization Model (SOM) is a framework developed by Microsoft that is aligned with Microsoft Infrastructure Optimization (IO) SOM
enables partners and customers to evaluate SAM effectively and objectively in order to help them manage
the life cycle of software assets with policies procedures tools and a vision for the future SOM provides an established set of criteria to help you make consistent SAM assessments and recommendations
Use this model to conduct an evaluation to determine how effectively your customer is managing software assets The results from the assessment will form the basis for guidance you will provide the customer with
ways to improve their SAM practices and a tailored road map to help them visualize the benefits and savings
at each stage of SAM optimization
SAM Optimization Model amp ISO SAMThe SAM Optimization framework serves as the foundation and guidance for preparing to implement an effective SAM program that supports alignment with ISO standards The model is based on the ISOIEC
19770-1 standard which is the gold standard for SAM processes It identifies ten KPIs that focus on key
processes an organization needs to follow to implement a SAM program The SAM Optimization Model is a stepping stone to accomplish a complete end-to-end SAM program as defined within ISOIEC 19770-1 which
outlines the requirements and certifications recommended for a comprehensive SAM program Adopting both frameworks will help ensure that customers accurately and strategically implement and manage a
successful ongoing SAM practice
ISO SAM Tier 4
ISO SAM Tier 3
ISO SAM Tier 2
ISO SAM Tier 1
3 Long-term focus
2 Subsequent focus
1 Initial focus
MS SOM Dynamic
MS SOM Standardized
MS SOM Basic
MS SOM Rationalized
Largely Equivalent
Largely Equivalent
asymp
asymp
17
The Microsoft SOM infrastructure optimization maturity levels are
Basic
Ad Hoc ndash Little control over what IT assets are being used and where Lacks policies procedures resources
and tools
Standardized
Tracking Assets ndash SAM processes exist as well as tooldata repository Information may not be complete and accurate and is typically not used for decision making
Rationalized
Active Management ndash Vision policies procedures and tools are used to manage the IT software asset lifecycle Reliable information used to manage the assets to business targets
Dynamic
Optimized ndash Near real-time alignment with changing business needs SAM is a strategic asset to overall
business objectives
Baseline ReviewData analysis - SAM Assessment
The first two levels Basic and Standardized are the initial focus points for an organization As organizations
increase their maturity they will progress up to Rationalized with the ultimate long-term goal of arriving at a Dynamic state The Rationalized level is similar to the ISO SAM Tier 1 in the ISO 19770 model and the
Dynamic level corresponds generally to the ISO SAM Tiers 2 3 and 4
For more information on the ISO model see ISOIEC 19770 -12012 ndash Information technology ndash Software
asset management ndash Part 1 Processes and tiered assessment of conformance
Standardized
SAM
Tracking Assets
SAM processes exist
as well as tooldata
repository
Information may not
be complete or
accurate and typically
not used for decision
making
Rationalized
SAM
Active Management
Vision policies
procedures and tools
are used to manage
the software asset
lifecycle
Reliable information
used to manage the
assets to business
targets
Dynamic
SAM
Optimized
Near real-time
alignment with
changing business
needs
Business competitive
advantage through
SAM
Basic
SAM
Ad Hoc
Little control over
which IT assets are
being used and
where
Lacks policies
procedures
resources and tools
18
SOM maturity levels and key competencies
The SOM Assessment is a systematic approach in which you compare Key Performance Indicators (KPIs)
found within the customerrsquos current environment against a defined model to determine a SAM maturity level The objective is to gain an understanding of the organizationrsquos overall SAM maturity highlight SAM strengths
and weaknesses and provide a roadmap for improvement
A SOM Assessment Report provides the customer with an assessment rating and SAM maturity level based
on answers to SAM policy and procedure questions asked throughout the engagement and captured in the
Microsoft SAM Assessment Report The report also provides recommendations at each stage of the model prioritizing the ones with the greatest impact for the customer
For each key competency area you will identify the sources of data that need to be gathered identify how to
evaluate the data and what is to be determined and then breakout the four maturity levels using the tipping
points for each level
Baseline ReviewData analysis - SAM Assessment
19
SAM Optimization Model ndash maturity levels
BASIC STANDARDIZED RATIONALIZED DYNAMIC
SAM ThroughoutOrganization
Project Managerassigned but SAM rolesamp responsibilities not
defined
Direct SAM responsibilityis identified throughoutorganization
Each functional groupactively manages SAM
SAM responsibilitiesdefined in job descriptionsacross organization
SAMImprovement Plan
No SAM development orcommunication plan
SAM plan is defined and approved
SAM Improvement is demonstrated
SAM goals part of executive scorecard Reviewed regularly
Hardware ampSoftware Inventory
No centralized inventoryor lt 68 assets in central inventory
gt 68-95 of assets in inventory
gt 95 - 98 of assets in Inventory
gt 99 of assets in inventory
Accuracy of InventoryManual inventory nodiscovery tools
Inventory sourcesreconciled annually
Inventory sourcesreconciled quarterly
Dynamic discovery tools provide near real-time deployment details
LicenseEntitlement Records
Procurement managescontracts not accessed byIT managers
Complete entitlementrecords exist acrossorganization
Entitlement recordsreconciled with vendorrecords
SAM entitlement system interfaces with vendor entitlement to track usage
Periodic EvaluationIT operations managed onad-hoc basis
Annual sign-off on SAM reports
Quarterly sign-off on SAM reports
System reconciliations and ITAM report available on demand
SAM OperationsMgmt amp Interfaces
SAM not considered partof MampA risk plan andcompany integration
Operations managesseparate asset inventories
Operations managesassociated assetinventory
All business units follow the same strategy processamp technology for SAM
Acquisition Process
Assets purchased on aper project basis withouta review of current
availability
Software purchases use approved vendors
Software purchases based on deployment entitlement
reconciliation
All purchases are made using a predefined assetcatalog based on metered
usage
Deployment Process
Assets deployed byend-users in distributedlocations no centralized IT
Only approved software is deployed
Software deploymentreports are accessible tostakeholders
Software is dynamically available to users on demand
Retirement Process
Software is retired withhardware and is notharvested or reassigned
Unused software isharvested (where the license allows) and
tracked within a centrally controlled inventory
Centrally controlledinventory of harvestedlicenses is maintained
amp available for reuseDeployment amp license
records are updated
Automated process wcentralized control amp tracking of all installed
software harvest optionsinternal reassignment
and disposal
As you assign the maturity level for each of the ten key competency areas note the customer may be at
different stages in the modelmdashmeaning some areas will be Basic while others are Dynamic or Rationalized Most customers will be in the Basic and Standardized maturity levels but you will see some areas (for
example Acquisition Process) that could be Rationalized or even Dynamic
SOM Workbook
The SOM Assessment Report Workbook is used to document the details on your maturity level assessment
ratings for each of the key competency areas The workbook provides a framework for your customer SAM
optimization review It will also enable you to capture the assessment ratings for each of the ten competency areas
Workbook contents
Within the workbook there is a tab for each competency In addition to the objectives and key questions
each tab contains a definition of the competency risk considerations guidance on how to evaluate the SAM optimization level and the final assessment rating for the specific competency You can also enter notes as
needed at the bottom of each tab
The lsquoSAM Assessment Reportrsquo tab provides the consolidated assessment ratings across all ten competencies
once they have been filled in by you From this tab you can save a copy of this summary information to email
to Microsoft by clicking the lsquoCreate Final Reportrsquo button Note You need to enable the Macro Option above in the Security Warning
The lsquoSAM Assessment Graphrsquo tab provides a graph based on the summary assessment data once it is all
collected
The last tab lsquoCompetency Rating Informationrsquo provides definitions for each competency and optimization
level along with additional assessment guidance
To get started Follow the directions on the ldquoGetting Startedrdquo section of the Introduction tab To set up the
workbook for the customer
1Enable the macros in the security options
2Enter the name of the Customer in cell lsquoF2rsquo
3Enter the Partner Name in cell lsquoF3rsquo
4Enter the Partner MSPP ID in cell lsquoF4rsquo
5Enter the OpportunityID or Agreement in cell lsquoF5rsquo
Baseline ReviewData analysis - SAM Assessment
20
Filling out the Workbook
Using the information you collect by questioning the customer and assessing their maturity level in each of
the ten competencies (both explained in more detail below) you will record an ldquoInitial Observationrdquo and an ldquoAssessment Ratingrdquo for each competency in the appropriate competency tab
bullThe lsquoAssessment Ratingrsquo is your analysis of the customerrsquos maturity for a particular key competency
bullThe lsquo(Initial) Observationsrsquo is supporting information on why you selected the lsquoAssessment Ratingrsquo
Baseline ReviewData analysis - SAM Assessment
The ldquoSAM Assessment Reportrdquo tab is organized by the key competencies and corresponding ISO categories
and the results Once all observations and ratings are recorded the information in the lsquoCurrent Optimizationrsquo columns are auto filled based on the lsquoAssessment Ratingrsquo you have selected as well as your Initial
Observation
21
Creating a final report
To create a final report select the ldquoCreate Final Reportrdquo button making sure that macros are enabled
Baseline ReviewData analysis - SAM Assessment
22
Results from the workbook are also provided back in the form of a graph on the SAM Assessment Graph tab
This is an example of what the output graph will look like
0
1
2
3
4
SAM
throughout
organization
SAM
improvement
plan
Hardware
and
software
inventory
Accuracy
of
inventory
License
entitlement
records
Periodic
self
evaluation
Operations
management
interfaces
Acquisition
process
Deployment
process
Retirement
process
Basic
Standardized
Rationalised
Dynamic
Baseline ReviewData analysis - SAM Assessment
23
DeliverablesUpon completion of this stage you can offer key best practices to improve the customerrsquos software asset management program going forward
ELP
Provides details related to license entitlements which are mapped to
deployments and identifies any gaps or underutilization in your organization
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
View sample report here
Final results
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an accurate point-in-time reflection of the customerrsquos current deployment and license position This data along
with the additional customer inputs will also provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application of license benefit and optimization rules (eg upgrades downgrades promotions etc)
bull Review of the Microsoft SAM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps for the customer
Additionally SAM must take into account the speed and ease with which new services can be provisioned configured and released This ease of implementation introduces organizational risks by decentralizing IT
services Because Cloud services appeal directly to business users the risk exists that these services may be
purchased outside the traditional software procurement and SAM processes
Deliverables
The following deliverables are due to the customer at the end of the engagement
bull A comprehensive view of the customer environment A document with details related to all
hardware and software currently deployed within the customerrsquos IT infrastructure
bull The Effective License Position (ELP) A spreadsheet that provides details related to license entitlements and deployments The spreadsheet must be produced using I-AM (Note Defined in
Deliverables to Microsoft) bull License Optimization Report This report must contain the risks liabilities and issues associated
with customerrsquos current licensing practices and prioritized recommendations on how to better
manage their licenses to minimize risks in the future The report could also contain but is not limited to
o Identification of all of the customerrsquos Volume License Agreements (VLAs) with Microsoft and a recommendation on any beneficial consolidation
o Consumption information detailing installed products that are unused or underutilized (eg
no use in last six months)o Recommendations for a repeatable simplified inventory collection process for future True-ups
(for Enterprise Agreement customers only)o Additional customer-specific recommendations based on captured data and insights
24
SAMSOFTWARE ASSET MANAGEMENT
Baseline
ReviewStep 4 Final recommendations
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
Baseline
Review Introduction
SAM an industry-led best practiceSoftware Asset Management (SAM) is a set of proven IT best practices that unite people processes and technology to control and optimize the use of IT assets across an organization SAM can help organizations
control costs as well as manage risk optimize software licensing investments and grow IT systems while
keeping their future goals in mind
The comprehensive international standard for SAM is ISOIEC 19770-12006 SAM Processes This is a vendor-
independent standard supported by much of the IT industry including Microsoft This standard provides customers with the ability to demonstrate good corporate governance in the highly complex area of IT
SAM also assists customers in making informed decisions about managing technology change Adopting new
technology requires a thoughtful approach and careful planning Itrsquos important to understand not only license costs but other use and infrastructure impacts to avoid unintended consequences and financial implications A
fully implemented SAM program can help customers gain the insights they need to make informed decisions about technology migration and upgrades server consolidation and virtualization Cloud implementation
management of mobile devices and cybersecurity
SAM Baseline Review engagement
A SAM Baseline Review engagement provides the customer with a complete view of their current Microsoft
product deployment and licensing position and their SAM maturity level With this information you can help the customer optimize their software investments
4
SAMSOFTWARE ASSET MANAGEMENT
Each customer should come away with an
end-to-end value-based SAM experience
Customers will receive several key deliverables
including but not limited to
1) SAM Baseline SOM Assessment Report
2) Established Deployment Position (EDP)
3) Effective License Position (ELP)4) License Optimization Report
Customers also will learn how to improve internal processes to lower costs reduce risk and improve
productivity By receiving an expert-level inventory snapshot that is clear and comprehensive theyrsquoll be in a better position to work through IT challenges like SQL workload optimization Cloud implementation and
virtualization
Your role is to facilitate the SAM engagement on behalf of Microsoft When performing an analysis you should record licensing and usage in accordance with the terms of Microsoftrsquos licensing programs Yoursquoll
work with the customerrsquos organization to conduct the engagement and interview SAM stakeholders such as procurement HR accountingfinance IT managers and staff business unit managers and legal personnel to
get a holistic view of the organizationrsquos infrastructure and current policies and procedures
Baseline ReviewIntroduction
5
Foundation for strong IT governanceA SAM Baseline Review is the core activity of any effort around SAM If an organization does not have a
foundational understanding of their IT environment it will be difficult for them to develop a strategic forward-thinking plan The baseline is useful for measuring
bull Software deployments
bull Licensing position and requirements
bull Tool needs based upon any gaps in data collection that may be identified
bull Risks
bull Strengths and weaknesses of an organizationrsquos existing IT infrastructure
bull Maturity of SAM processes
Partner benefitsbull Develop long-term relationships by establishing credibility and demonstrating customer-focused
problem-solving
bull Open the door to new business new customers and the opportunity to develop an on-going
customer relationship
bull Increase services revenue at each organization by finding further opportunities that develop from the
baseline since most customers need to spend their time focusing on their own core business and licensing can be complex
bull Enjoy lowered costs and improved profitability with the repeatable model of the SAM Baseline Review
for multiple customers
bull Establish yourself as a trusted advisor by advising customers about the benefits of a solid SAM strategy with the SAM Optimization Model and highlighting the overall benefits of incorporating
SAM best practices throughout the customerrsquos organization
bull Pave the road to specialized SAM engagements such as Cloud Productivity Cybersecurity Virtualization and Mobile Device Management which require the completion of a full scan of the
customerrsquos environment
Customer benefitsbull Align software licenses and usage with business needsbull Simplify acquisition deployment and management of softwarebull Improve forecasting to help the IT department control expendituresbull Control costs and minimize business and legal risks through more effective management of
software assetsbull Achieve greater negotiating power with vendors and help get the most out of software
investmentsbull Develop an understanding of the organizationrsquos SAM maturity and create a roadmap to visualize
the benefits and savings at each stage of SAM optimizationbull Save time and money by working with a partner with a deep knowledge of SAMbull Identify opportunities to benefit from a specialized SAM engagement such as Cloud Productivity
Cybersecurity Virtualization and Mobile Device Management which require the completion of a full scan of the customerrsquos environment
bull Understand the current environment to help plan for future needs
Baseline ReviewIntroduction
6
In addition to services you can also help a Cloud customer adapt policies and procedures to encompass the
change SAM Cloud programs must take into account the real-time nature of the environment and speed and ease of provisioning services Organizations end up actually relying more on SAM policies and procedures for
Cloud contracting deployment and management than they would in a traditional environment with a longer
product lifecycle
All work completed under this Statement of Work (SOW) will be provided in accordance with the Intelligent
Asset Manager (I-AM) Terms of Use (ldquoTOUrdquo) available here
For Proof of Execution (PoE) you must include the following deliverables (listed below) due to Microsoft
upon the completion of the SAM engagement
bull Letter of Engagementbull Established Deployment Position (EDP)bull Effective License Position (ELP)bull Baseline SOM Assessment Reportbull Letter of Confirmation (only required for certain countries)
PLANNING
Identify your needs amp goals
Gather information on
licensing IT landscape amp business organization
Discuss project and
arrange access amp resources
DATA COLLECTION
Take inventory of hardware software
and licenses using tools questionnaires
and stakeholder interviews
Gather information on process amp procedures
DATA ANALYSIS
Review amp validate allcollected data
Compare deployed assets
with current utilization
Map to an optimized environment based on
your goals
FINAL
RECOMMENDATIONS
Discuss final recommendations and
engage in data-driven discussions to ensure your
business needs amp goals are met
What to expect from a SAM engagementEvery SAM engagement focuses on four phases
Deliverables
Letter of Engagement
Deliverables
Established Deployment
Position (EDP)
Deliverables
Effective License Position
(ELP)
License Optimization Report
Deliverables
Baseline SOM
Assessment Report
A comprehensive software inventory provides the foundation for all SAM recommendations and guidance
about how an organization can optimize their software assets and the procurement process going forward This discovery process can also help organizations identify unwanted or unauthorized programs that could
pose a security risk or are not covered by a current licensing agreement
For a SAM Baseline Review collecting all relevant hardware and software inventory data from all users and devices in the environment is a standard best practice The inventory and resulting data are important in
determining whether software assets are licensed appropriately managed optimally and configured to support ongoing license compliance
The first stage of such an engagement focuses on planning Within this stage you will achieve the following
bull Gather information about the customerrsquos environment
bull Discuss the project and arrange access and resources
Gathering customer information
Your most important source is your customer Customer conversations are key to an effective SAM
engagement and should help provide the insights you need to fully understand the customerrsquos environment At the outset of the engagement you should ask questions to learn more about the organization such as
At the outset of the engagement you should collect the following inputs from the customerrsquos premises
bull A complete background of the customerrsquos existing IT infrastructure and environment including on-premises Cloud and outsourced installations for all locations andor divisions
bull Deployment inventory data coverage of no less than 90 from at least one (1) automated discovery tool for each customer location where Microsoft products are installed (see Data Collection
Requirements)
bull Entitlement data outside Microsoft Volume License Agreements from procurement and any applicable sources or suppliers which may include
o Original Equipment Manufacturer (OEM)o Full Packaged Product (FPP) Retail
o Outsourcer
o Service provider (Hosters etc)o Additional reseller(s)
o Changes to entitlements resulting from mergers acquisitions or divestitureso Independent Software Vendors (ISV)
o Any serversenvironments managed by a Service Provider Licensing Agreement (SPLA)
bull A full and confirmed list of affiliates if they exist and any relevant amendments to their Microsoft Volume License Agreements including any license transfer documents either granting or receiving
licensing rightsbull Customer input on current SAM processes and level of maturity as mapped to Microsoftrsquos SAM
Optimization Model framework and questionnaire (see Microsoft Baseline SOM Assessment Report)
using stakeholder interviews
Baseline
ReviewStep 1 Planning
7
SAMSOFTWARE ASSET MANAGEMENT
o A minimum of three (3) stakeholders must be interviewed representing decision-making roles
in the following departments Information Technology (IT) Procurement and Operationso Input must also include an interview or feedback from one (1) stakeholder for each location
andor division (if the customer has multiple locations andor divisions)
bull Current IT infrastructure and organization diagrams that include locations IT group names SAM tool(s) or supporting processes in place and stakeholder names
bull Location of software entitlement deployment and retirement records as well as level of access allowed
bull Office 365 and other Microsoft Online Services reservations and assignments
bull Any copies of recent SAM reports and SAM Self-Improvement Plans that have been created for internal stakeholders including any evidence of stakeholder and executive review and sign-off (if
available)
The partner will collect the following inputs from Microsoft
Microsoft License Statement (MLS) including Microsoft Product and Services Agreement (MPSA) data where
relevant
Discuss project and arrange access and resourcesBased on the preliminary information yoursquove gathered you can create a full SOW This plan will contain an outline for data collection and analysis a detailed list of deliverables and a timeline with deadlines This
establishes a customerrsquos expectations and your accountability
DeliverablesA Letter of Engagement is due to the customer and Microsoft at the beginning of the engagement This letter
provides the necessary Proof of Execution (PoE) in order for you to collect Channel Incentives payment
The letter must include at a minimum
bull A SOW for the engagement being performed including a list of all customer deliverables
bull Scope of the engagement including any scope limitations
bull Dates and timelinesbull Your project team members and their relevant Microsoft Certified Professional (MCP) credentials
bull A list of key contacts that must include names titles phone numbers and email addresses bull A planned disclosure of engagement deliverables to Microsoft
bull A statement explaining that data collected by you from the customerrsquos information system
environment is transferred to Microsoft and how Microsoft will use that data collected to generate reports necessary for you to effectuate the SAM services
bull Consent from the customer to transfer data to Microsoft any of its affiliates and to the subprocessors Microsoft may employ to generate the reports necessary for the SAM services
including consent to transfer personal Information to the United States and other countries where
Microsoftrsquos subprocessors are located ldquoPersonal Informationrdquo in this instance means any information provided by Microsoft or collected by you in connection with this agreement that (a) identifies or
can be used to identify contact or locate the person to whom such information pertains or (b) from which identification or contact information of an individual person can be derived Personal
Information includes but is not limited to name address phone number fax number and email
address Additionally to the extent any other information (such as but not necessarily limited to a personal profile unique identifier andor IP address) is associated or combined with Personal
Information then such information also will be considered Personal Information
Baseline ReviewStep 1 Planning
8
Baseline ReviewStep 1 Planning
9
bull The Microsoft SAM Engagement data usage and privacy information document (ie Data Usage
Guide) bull Reference to the Data Usage Guide where appropriate
The Letter of Engagement must be in writing and signed by an authorized representative of your organization
and the customer
You also must notify the Microsoft SAM Engagement Manager when the Letter of Engagement is uploaded into the required system as designated by Microsoft (currently CHIP)
Letter of Engagement Provides the customer with an overview of the SAM engagement
View sample report here
The objective of data collection is to develop a profile of the customerrsquos current Microsoft software in
their environment for analysis Within this discovery stage yoursquoll take inventory of the customerrsquos IT assets and licensing
This section contains a minimum list of required steps partners must take to ensure satisfactory levels of
completeness and accuracy to build the basis for the required analysis and customer deliverables Partners will ensure that all data collected will be stored securely and in accordance with the requirements set out in the I-
AM TOUs
There are two main categories of data collection 1) data related to the discovery and inventory of hardware
and software assets and the mapping to licensing entitlements to complete the EDP and ELP proof of
execution and 2) data related to the maturity level of the customerrsquos SAM policies procedures and practices to complete the SAM Optimization Model (SOM) Assessment proof of execution Partners must ensure that the
data collected is whole complete and accurate through validation with secondary data sources The data collection must cover the full scope of the customerrsquos enterprise and all Microsoft products deployed within
the environment Any deviation or change to this scope needs to be approved by Microsoft the partner and
customer
Yoursquoll want to secure a clear documented and shared understanding of the customerrsquos complete server estate
(physical and virtual) license management processes and practices offerings and use of Microsoft products datacenters and domains Within this stage yoursquoll acquire a documented license responsibility per
environment (internal dedicated co-located license mobility) and for the whole scope of the engagement
This will come prior to data analysis and formation of a report
Take inventory of IT assets and licensing
You need to prepare to take a full inventory of hardware and software deployments and licensing This assessment includes how the technology is being used and by whom You can accomplish this through
inventory tools questionnaires and stakeholder interviews Before you can move forward however you must
first work with the customer to establish the following parameters
bull Data collection requirements
bull Choosing the right tool
bull Scope inventory
bull Implementing the inventory tool
bull Gathering data
Data collection requirementsData coverage means the percentage of total devices for which all required installation data has been obtained Data coverage must reach at least 90 of all devices pertaining to this engagement Where devices
arenrsquot joined to the directory or network manual collection of data is acceptable (while maintaining the 90
data coverage requirement) Some specific guidance includes but is not limited to
Baseline
ReviewStep 2 Data collection
10
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewStep 2 Data collection
11
bull Data extract must be cross-referenced against a minimum of one (1) additional data source
including but not limited too Records from existing network performancesecurity monitoring and management tools
o Network management frameworks
o Virtual machine performance monitoringo Customer Human Resources (HR) records
o Security sources (anti-virus)bull All trust accounts must be extracted to ensure no domains are missed
bull Extraction of user accounts by group (if applicable eg for Citrix) Output includes a listing of user
objects and the AD Groups they belong tobull Identification of active users based upon the technique(s) employed by the customer (based on
output from Step 1)bull Complete extraction of data from the customerrsquos current management and inventory tools and the
calculation of current coverage levels of existing tool(s)
bull Inventory of any missing devices including but not limited to devices thato Do not report inventory
o Are non-networkedo Are unmanaged devices
bull Virtual environment mapping output includes
o Clusterso Physical hosts
o Virtual guests and virtual guest movement across physical hosts within the past 90 days to accurately calculate licensing needs for products such as Windows Server SQL Server etc
bull Identification of workstations and servers used by Microsoft Developer Network (MSDNreg)
subscribers Products installed on these devices will be identified and excluded if appropriate Facilitation of the identification of devices covered by MSDNreg subscriptions by employing various
methods such as determining preferred user for devices linking last logged-on user to devices or soliciting feedback from customer personnel that have an MSDNreg subscription (email template can
be provided) This step should be completed as early as possible in the data collection phase
bull For server products that can be licensed in multiple ways (eg serverCAL or per processor) the licensing metric applicable to each implementation must be identified
bull SQL Server output includeso Version and edition
o License type required for each SQL Server instance for customers with mixed licensing metric
(serverCAL per processor or per core)o Confirmation of passive SQL Servers assigned Failover Rights
bull Windows Server output includeso Server name
o Physical or virtual operating system environment
o Operating system version and editiono Processor and core information
bull System Center Server output includeso Server names
o Physical or virtual data
o Component (eg System Center Configuration Manager (SCCM) System Center Virtual Machine Manager (SCVMM) version and edition)
o Processor and core information
Baseline ReviewStep 2 Data collection
12
SOM Assessment
Complete the Microsoft SOM Assessment Report questions with answers provided by the customer through interviews
Choosing the right tool
With the right inventory tool you can collect a wide range of data points including software versions on-
premises software usage and an analysis of applications or services already running in the Cloud When choosing an inventory tool keep in mind that each tool supplier has its own process framework Tools donrsquot all
function the same way Using multiple tools helps discover and analyze the data and provide a more robust view of a customerrsquos environment While in some cases the customer may already have an inventory tracking
system other tools may be able to augment the types of data that the customerrsquos
tool collects
Some considerations to keep in mind when choosing or recommending an inventory tool
bull What inventory tools are already deployed within the organization What scope of the
environment do they cover What data points are they capable of capturing and reporting
bull Will deploying an agent-less or agent-based tool be more effective
bull What are the strengths and weaknesses of the tools being considered Will one or more of the tools
collect all required data pointsmdashhardware software virtualization details across a variety of hypervisors (Hyper-V VMwarereg and XenServerreg for example)
bull Is it optimal to deploy and monitor a tool remotely or on-premises
bull How will the tool gather data from PCs servers and mobile devices that connect to the network
remotely
bull If using an inventory tool that the customer already has in place make sure itrsquos configured correctly and can scan the full IT environment
bull Consider how the tool is licensed The optimal tool will collect the right data and align with the
customerrsquos budget whether the tool requires a license or subscription or is free
Scope of inventory
For any SAM engagement a standard best practice is to collect all relevant inventory and licensing data across all Windows-based computers in the environment For a SAM Baseline Review itrsquos important to consider the
minimum requirements based on customer goals For customers looking to move some or all of their applications to a web-client delivery solution such as Office 365 the inventory toolrsquos scope should cover all
clients and a subset of servers to assess if systems are ready for the various Office 365 offerings
You should also determine the scope of devices that contain data to be collected For customers running Active Directory Domain Services (or Directories in the case of multiple separate domainsforests) include in
scope all machines with Active Directory activity reported in the last 30 days (time frame can be adjusted
according to customer circumstances)
Implementing the inventory tool
The standard approach for deploying an inventory tool for a SAM Cloud Productivity engagement includes preparing the environment for scanning and data collection Use either a combination of available tools or
iterative scans to continually increase coverage rates
Baseline ReviewStep 2 Data collection
13
Agent-less toolsbull Understand domain network and firewall (as examples) considerations that can effect a toolrsquos
ability to access various portions of your customerrsquos environment
bull Open firewalls make firewall exceptions deploy Group Policy Objects and open specific ports to
ensure that the tool can access all the targeted machines
bull Agentless tools typically need to run multiple times especially at different times of the day and days of the week to catch the variety of users shifts and time zones depending on the
organization
Agent-based tools bull Ensure agents are communicating regularly so that data remains current
bull Ensure agents are deployed to the scope of target machines
bull With the right refresh and agent coverage data collection from an agent-based tool should be a single snapshot extractionmdashno additional iterations should be necessary with the right refresh
schedule and agent coverage
Gathering data
When collecting information consider taking the following actions
bull Ask the customer to confirm the full set of Microsoft products offered to end customers Compare
the results to the customerrsquos current product reporting (invoicing)bull Ask relevant questions regarding the customerrsquos environment that enable you to effectively plan
data collection from an infrastructure and stakeholder perspective By the end of this stage you
should have a clear picture of
o Environments
o Datacenterso Number of servers (physical and virtual per environmentcustomer)
o Deployment types
o Type of virtualization software in useo Software inventory tools in use
o Operations management software in useo Identification of other affiliates providing hosting services
o Microsoft products and versions in use and features enabled
o How servers and software are provisioned decommissioned and tracked o Dates when each server was put into production
o How the company manages user access
DeliverablesAt the conclusion of this stage yoursquoll create a set of reports that summarize your findings including the
following
View sample report here
The customer will have time to review and validate the preliminary reports and make final adjustments
EDPProvides details related to the customersrsquo Microsoft software
deployments and usage data
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an
accurate point-in-time reflection of the customerrsquos current deployment and license position This data along with the additional customer inputs will provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based
on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application
of license benefit and optimization rules (eg upgrades downgrades promotions etc)bull Review of the Microsoft SOM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps
for the customer
In addition work with your customer to identify over-licensed and under-licensed software and events that
might have led the customer to any inaccuracies Reconcile any licensing gaps and provide the customer with guidance on the best way to manage their software assets most effectively going forward
This third stage of a SAM engagement focuses on achieving the following
bull Review amp validate all collected data
bull Compare deployed assets to entitlements
bull Map to an optimized environment based on customer goals
bull Interpret inventory data
Review and validate all collected dataA SAM engagement helps identify and document all product deployments usage and license entitlements This includes combining the inventory data with other relevant data and information that may not be
discoverable with most tools such as your browser readiness for an Office 365 migration development needs to migrate workloads to Azure and relationships between on-premises systems and Cloud systems
Compare deployed assets to entitlementsOne key benefit of a SAM engagement is that it gives you a clear picture of a customerrsquos entire IT landscape
which you can then share with them This includes an accurate view of all of a customerrsquos license entitlements
By understanding these entitlements you can help customers identify over-licensed and under-licensed software so they can purchase any necessary additions to bridge licensing gaps The SAM Baseline
engagement will also help to identify any license gaps eligible to be right-licensed while moving to the Cloud This helps ensure that the customer is getting credit for everything they own
In addition the engagement helps highlight ways in which a subscription model can impact budgeting and
procurement taking into account direct indirect and hidden costs Discussions around a customerrsquos current licensing program and future needs will also help to identify the optimal Volume Licensing choices going
forward
Baseline
ReviewStep 3 Data analysis
14
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewStep 3 Data analysis
15
Map to an optimized environment based on customerrsquos goalsTo optimize results you have to take a holistic view of the customerrsquos current state and intended goal objectives level of willingness to move technical readiness and cost considerations These help determine the
optimal Cloud solution recommendation
Recommended areas of analysis for optimization include the following
bull Assess whether the customerrsquos appropriately licensed for their current deployment and usage state We
can then provide recommendations for the best licensing options to align with their future business plans
bull Analyze the customerrsquos SAM process and provide recommendations to develop or improve them in
support of ongoing optimization management and compliance
bull Determine whether systems are ready for Azure in their current configurations by identifying the Windows
operating system and SQL Server software versions currently running to see if they are supported in Azure You can find supported versions at Microsoft Server Software Support for Microsoft Azure Virtual
Machines
bull Size the systems being assessed to understand system utilization and anticipated resource needs in Azure Virtual Machines This requires collecting performance metrics not simply a single scan of how a machine
is running at a single point in time
Recommended metrics include the following
ndash Azure Virtual Machine size
ndash Estimated monthly usage
ndash Network use (GB)
ndash Storage use (GB)
bull Identify applications and services that are already running in the Cloud and consider the most effective way to manage those solutions For more detailed information on working with Microsoft Cloud
management solutions please read about the Enterprise Mobility Suite with Windows Intune Azure Active
Directory Premium and Azure Rights Management
bull Look for areas of potential risk pertaining to running older software that is out of date or past end of support In particular try and track the following information
ndash Devices not running updated software
ndash Devices running Windows XP
ndash Devices running Windows Server 2008
Interpret inventory databull When reviewing the inventory tool output look for anomalies such as client count results differing
greatly from the number of employees Question anything that seems unusual to ensure your analysis
is an accurate representation of the customerrsquos environment
bull Make sure you understand the relationships between on-premises systems (such as an employee database) and Cloud systems (such as payroll)
bull Be aware that inventory data for Cloud computing may be accessed delivered and managed differently
than data for on-premises solutions Data from the inventory tool should be combined with data from other sources (IT service management and finance for example) so informed decisions can be made
that reflect all aspects of moving workloads to the Cloud including the impact on total cost of
ownership and return on investment
ndash CPU utilization ()
ndash Memory utilization (MB)
ndash Disk IO utilization (IO operations per second)
ndash Network utilizationmdashinout (MB)
bull The customer needs to know who is managing what in order to inventory assets properly If the
organization is using a service provider clarify what was purchased and who is managing it
Over-licensing and under-licensingBased on your analysis yoursquoll be prepared to discuss the customerrsquos current state with clear information on
places where they may be over-licensed or under-licensed Ensure that you are fully aware of the installation
or virtualization rights that your customerrsquos products may have via traditional product use rights Software Assurance (SA) Benefits or even via license grants documented in the Product List Use the findings to talk
about the benefits of being right-licensed and discuss the licensing options that are available to help them achieve proper licensing
Address any licensing shortfalls that have been identified and explain the steps the customer should take to
resolve their under-licensed position Typically the customer will follow their standard process and acquire
the shortfall through their reseller using their existing Volume Licensing (VL) agreement Agree on a timeline to resolve the shortfall ndash within thirty days of identification is a reasonable time period Help the customer by
connecting their licensing shortfalls to gaps in their SAM management processes highlighting areas of improvement Often shortfalls do relate to issues with inadequate existing SAM processes if processes had
been in place and carried out properly shortfalls would have been found earlier
The diagram below shows an example of over- and under-licensing and represents the basic information most companies will need to track as a starting point Organizations with additional complexities will need to
add additional fields to be complete
Baseline ReviewStep 3 Data analysis
16
Product
NameVersion Edition
License
TypeInstallations
Licensed
Quantity
License
Excess or
Shortfall
Office 2010 Professional FPP 14 12 -2
Office 2013Professional
PlusVL 25 25 0
Windows 7 Professional VL 20 25 5
Windows 8 Enterprise OEM 19 19 0
FPP = Full packaged product
OEM = Original equipment manufacturer
VL = Volume Licensing
License rights vary depending on the type of license
purchased
You may find that the customer is over-licensed in some areas They may have acquired more licenses than
necessary or be mistaken in their belief that software is being used If it is discovered that they are not using the product and if their license rights allow it recommend that they reassign the product to another
workload or move the product to the Cloud if the customer has License Mobility rights If the product is being used but there is a quantity mismatch or surplus advise them to adjust their purchases to match their
actual requirements If the customer has active Software Assurance there is the potential to step them up in
the situation where they may need additional licenses for a higher edition of a product
Baseline ReviewData analysis ndash SAM Assessment
A SAM Assessment is a review of the customerrsquos existing processes against the SAM Optimization Model
framework identifying improvement opportunities and associated ROI The SAM Optimization Model (SOM) is a framework developed by Microsoft that is aligned with Microsoft Infrastructure Optimization (IO) SOM
enables partners and customers to evaluate SAM effectively and objectively in order to help them manage
the life cycle of software assets with policies procedures tools and a vision for the future SOM provides an established set of criteria to help you make consistent SAM assessments and recommendations
Use this model to conduct an evaluation to determine how effectively your customer is managing software assets The results from the assessment will form the basis for guidance you will provide the customer with
ways to improve their SAM practices and a tailored road map to help them visualize the benefits and savings
at each stage of SAM optimization
SAM Optimization Model amp ISO SAMThe SAM Optimization framework serves as the foundation and guidance for preparing to implement an effective SAM program that supports alignment with ISO standards The model is based on the ISOIEC
19770-1 standard which is the gold standard for SAM processes It identifies ten KPIs that focus on key
processes an organization needs to follow to implement a SAM program The SAM Optimization Model is a stepping stone to accomplish a complete end-to-end SAM program as defined within ISOIEC 19770-1 which
outlines the requirements and certifications recommended for a comprehensive SAM program Adopting both frameworks will help ensure that customers accurately and strategically implement and manage a
successful ongoing SAM practice
ISO SAM Tier 4
ISO SAM Tier 3
ISO SAM Tier 2
ISO SAM Tier 1
3 Long-term focus
2 Subsequent focus
1 Initial focus
MS SOM Dynamic
MS SOM Standardized
MS SOM Basic
MS SOM Rationalized
Largely Equivalent
Largely Equivalent
asymp
asymp
17
The Microsoft SOM infrastructure optimization maturity levels are
Basic
Ad Hoc ndash Little control over what IT assets are being used and where Lacks policies procedures resources
and tools
Standardized
Tracking Assets ndash SAM processes exist as well as tooldata repository Information may not be complete and accurate and is typically not used for decision making
Rationalized
Active Management ndash Vision policies procedures and tools are used to manage the IT software asset lifecycle Reliable information used to manage the assets to business targets
Dynamic
Optimized ndash Near real-time alignment with changing business needs SAM is a strategic asset to overall
business objectives
Baseline ReviewData analysis - SAM Assessment
The first two levels Basic and Standardized are the initial focus points for an organization As organizations
increase their maturity they will progress up to Rationalized with the ultimate long-term goal of arriving at a Dynamic state The Rationalized level is similar to the ISO SAM Tier 1 in the ISO 19770 model and the
Dynamic level corresponds generally to the ISO SAM Tiers 2 3 and 4
For more information on the ISO model see ISOIEC 19770 -12012 ndash Information technology ndash Software
asset management ndash Part 1 Processes and tiered assessment of conformance
Standardized
SAM
Tracking Assets
SAM processes exist
as well as tooldata
repository
Information may not
be complete or
accurate and typically
not used for decision
making
Rationalized
SAM
Active Management
Vision policies
procedures and tools
are used to manage
the software asset
lifecycle
Reliable information
used to manage the
assets to business
targets
Dynamic
SAM
Optimized
Near real-time
alignment with
changing business
needs
Business competitive
advantage through
SAM
Basic
SAM
Ad Hoc
Little control over
which IT assets are
being used and
where
Lacks policies
procedures
resources and tools
18
SOM maturity levels and key competencies
The SOM Assessment is a systematic approach in which you compare Key Performance Indicators (KPIs)
found within the customerrsquos current environment against a defined model to determine a SAM maturity level The objective is to gain an understanding of the organizationrsquos overall SAM maturity highlight SAM strengths
and weaknesses and provide a roadmap for improvement
A SOM Assessment Report provides the customer with an assessment rating and SAM maturity level based
on answers to SAM policy and procedure questions asked throughout the engagement and captured in the
Microsoft SAM Assessment Report The report also provides recommendations at each stage of the model prioritizing the ones with the greatest impact for the customer
For each key competency area you will identify the sources of data that need to be gathered identify how to
evaluate the data and what is to be determined and then breakout the four maturity levels using the tipping
points for each level
Baseline ReviewData analysis - SAM Assessment
19
SAM Optimization Model ndash maturity levels
BASIC STANDARDIZED RATIONALIZED DYNAMIC
SAM ThroughoutOrganization
Project Managerassigned but SAM rolesamp responsibilities not
defined
Direct SAM responsibilityis identified throughoutorganization
Each functional groupactively manages SAM
SAM responsibilitiesdefined in job descriptionsacross organization
SAMImprovement Plan
No SAM development orcommunication plan
SAM plan is defined and approved
SAM Improvement is demonstrated
SAM goals part of executive scorecard Reviewed regularly
Hardware ampSoftware Inventory
No centralized inventoryor lt 68 assets in central inventory
gt 68-95 of assets in inventory
gt 95 - 98 of assets in Inventory
gt 99 of assets in inventory
Accuracy of InventoryManual inventory nodiscovery tools
Inventory sourcesreconciled annually
Inventory sourcesreconciled quarterly
Dynamic discovery tools provide near real-time deployment details
LicenseEntitlement Records
Procurement managescontracts not accessed byIT managers
Complete entitlementrecords exist acrossorganization
Entitlement recordsreconciled with vendorrecords
SAM entitlement system interfaces with vendor entitlement to track usage
Periodic EvaluationIT operations managed onad-hoc basis
Annual sign-off on SAM reports
Quarterly sign-off on SAM reports
System reconciliations and ITAM report available on demand
SAM OperationsMgmt amp Interfaces
SAM not considered partof MampA risk plan andcompany integration
Operations managesseparate asset inventories
Operations managesassociated assetinventory
All business units follow the same strategy processamp technology for SAM
Acquisition Process
Assets purchased on aper project basis withouta review of current
availability
Software purchases use approved vendors
Software purchases based on deployment entitlement
reconciliation
All purchases are made using a predefined assetcatalog based on metered
usage
Deployment Process
Assets deployed byend-users in distributedlocations no centralized IT
Only approved software is deployed
Software deploymentreports are accessible tostakeholders
Software is dynamically available to users on demand
Retirement Process
Software is retired withhardware and is notharvested or reassigned
Unused software isharvested (where the license allows) and
tracked within a centrally controlled inventory
Centrally controlledinventory of harvestedlicenses is maintained
amp available for reuseDeployment amp license
records are updated
Automated process wcentralized control amp tracking of all installed
software harvest optionsinternal reassignment
and disposal
As you assign the maturity level for each of the ten key competency areas note the customer may be at
different stages in the modelmdashmeaning some areas will be Basic while others are Dynamic or Rationalized Most customers will be in the Basic and Standardized maturity levels but you will see some areas (for
example Acquisition Process) that could be Rationalized or even Dynamic
SOM Workbook
The SOM Assessment Report Workbook is used to document the details on your maturity level assessment
ratings for each of the key competency areas The workbook provides a framework for your customer SAM
optimization review It will also enable you to capture the assessment ratings for each of the ten competency areas
Workbook contents
Within the workbook there is a tab for each competency In addition to the objectives and key questions
each tab contains a definition of the competency risk considerations guidance on how to evaluate the SAM optimization level and the final assessment rating for the specific competency You can also enter notes as
needed at the bottom of each tab
The lsquoSAM Assessment Reportrsquo tab provides the consolidated assessment ratings across all ten competencies
once they have been filled in by you From this tab you can save a copy of this summary information to email
to Microsoft by clicking the lsquoCreate Final Reportrsquo button Note You need to enable the Macro Option above in the Security Warning
The lsquoSAM Assessment Graphrsquo tab provides a graph based on the summary assessment data once it is all
collected
The last tab lsquoCompetency Rating Informationrsquo provides definitions for each competency and optimization
level along with additional assessment guidance
To get started Follow the directions on the ldquoGetting Startedrdquo section of the Introduction tab To set up the
workbook for the customer
1Enable the macros in the security options
2Enter the name of the Customer in cell lsquoF2rsquo
3Enter the Partner Name in cell lsquoF3rsquo
4Enter the Partner MSPP ID in cell lsquoF4rsquo
5Enter the OpportunityID or Agreement in cell lsquoF5rsquo
Baseline ReviewData analysis - SAM Assessment
20
Filling out the Workbook
Using the information you collect by questioning the customer and assessing their maturity level in each of
the ten competencies (both explained in more detail below) you will record an ldquoInitial Observationrdquo and an ldquoAssessment Ratingrdquo for each competency in the appropriate competency tab
bullThe lsquoAssessment Ratingrsquo is your analysis of the customerrsquos maturity for a particular key competency
bullThe lsquo(Initial) Observationsrsquo is supporting information on why you selected the lsquoAssessment Ratingrsquo
Baseline ReviewData analysis - SAM Assessment
The ldquoSAM Assessment Reportrdquo tab is organized by the key competencies and corresponding ISO categories
and the results Once all observations and ratings are recorded the information in the lsquoCurrent Optimizationrsquo columns are auto filled based on the lsquoAssessment Ratingrsquo you have selected as well as your Initial
Observation
21
Creating a final report
To create a final report select the ldquoCreate Final Reportrdquo button making sure that macros are enabled
Baseline ReviewData analysis - SAM Assessment
22
Results from the workbook are also provided back in the form of a graph on the SAM Assessment Graph tab
This is an example of what the output graph will look like
0
1
2
3
4
SAM
throughout
organization
SAM
improvement
plan
Hardware
and
software
inventory
Accuracy
of
inventory
License
entitlement
records
Periodic
self
evaluation
Operations
management
interfaces
Acquisition
process
Deployment
process
Retirement
process
Basic
Standardized
Rationalised
Dynamic
Baseline ReviewData analysis - SAM Assessment
23
DeliverablesUpon completion of this stage you can offer key best practices to improve the customerrsquos software asset management program going forward
ELP
Provides details related to license entitlements which are mapped to
deployments and identifies any gaps or underutilization in your organization
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
View sample report here
Final results
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an accurate point-in-time reflection of the customerrsquos current deployment and license position This data along
with the additional customer inputs will also provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application of license benefit and optimization rules (eg upgrades downgrades promotions etc)
bull Review of the Microsoft SAM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps for the customer
Additionally SAM must take into account the speed and ease with which new services can be provisioned configured and released This ease of implementation introduces organizational risks by decentralizing IT
services Because Cloud services appeal directly to business users the risk exists that these services may be
purchased outside the traditional software procurement and SAM processes
Deliverables
The following deliverables are due to the customer at the end of the engagement
bull A comprehensive view of the customer environment A document with details related to all
hardware and software currently deployed within the customerrsquos IT infrastructure
bull The Effective License Position (ELP) A spreadsheet that provides details related to license entitlements and deployments The spreadsheet must be produced using I-AM (Note Defined in
Deliverables to Microsoft) bull License Optimization Report This report must contain the risks liabilities and issues associated
with customerrsquos current licensing practices and prioritized recommendations on how to better
manage their licenses to minimize risks in the future The report could also contain but is not limited to
o Identification of all of the customerrsquos Volume License Agreements (VLAs) with Microsoft and a recommendation on any beneficial consolidation
o Consumption information detailing installed products that are unused or underutilized (eg
no use in last six months)o Recommendations for a repeatable simplified inventory collection process for future True-ups
(for Enterprise Agreement customers only)o Additional customer-specific recommendations based on captured data and insights
24
SAMSOFTWARE ASSET MANAGEMENT
Baseline
ReviewStep 4 Final recommendations
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
Baseline ReviewIntroduction
5
Foundation for strong IT governanceA SAM Baseline Review is the core activity of any effort around SAM If an organization does not have a
foundational understanding of their IT environment it will be difficult for them to develop a strategic forward-thinking plan The baseline is useful for measuring
bull Software deployments
bull Licensing position and requirements
bull Tool needs based upon any gaps in data collection that may be identified
bull Risks
bull Strengths and weaknesses of an organizationrsquos existing IT infrastructure
bull Maturity of SAM processes
Partner benefitsbull Develop long-term relationships by establishing credibility and demonstrating customer-focused
problem-solving
bull Open the door to new business new customers and the opportunity to develop an on-going
customer relationship
bull Increase services revenue at each organization by finding further opportunities that develop from the
baseline since most customers need to spend their time focusing on their own core business and licensing can be complex
bull Enjoy lowered costs and improved profitability with the repeatable model of the SAM Baseline Review
for multiple customers
bull Establish yourself as a trusted advisor by advising customers about the benefits of a solid SAM strategy with the SAM Optimization Model and highlighting the overall benefits of incorporating
SAM best practices throughout the customerrsquos organization
bull Pave the road to specialized SAM engagements such as Cloud Productivity Cybersecurity Virtualization and Mobile Device Management which require the completion of a full scan of the
customerrsquos environment
Customer benefitsbull Align software licenses and usage with business needsbull Simplify acquisition deployment and management of softwarebull Improve forecasting to help the IT department control expendituresbull Control costs and minimize business and legal risks through more effective management of
software assetsbull Achieve greater negotiating power with vendors and help get the most out of software
investmentsbull Develop an understanding of the organizationrsquos SAM maturity and create a roadmap to visualize
the benefits and savings at each stage of SAM optimizationbull Save time and money by working with a partner with a deep knowledge of SAMbull Identify opportunities to benefit from a specialized SAM engagement such as Cloud Productivity
Cybersecurity Virtualization and Mobile Device Management which require the completion of a full scan of the customerrsquos environment
bull Understand the current environment to help plan for future needs
Baseline ReviewIntroduction
6
In addition to services you can also help a Cloud customer adapt policies and procedures to encompass the
change SAM Cloud programs must take into account the real-time nature of the environment and speed and ease of provisioning services Organizations end up actually relying more on SAM policies and procedures for
Cloud contracting deployment and management than they would in a traditional environment with a longer
product lifecycle
All work completed under this Statement of Work (SOW) will be provided in accordance with the Intelligent
Asset Manager (I-AM) Terms of Use (ldquoTOUrdquo) available here
For Proof of Execution (PoE) you must include the following deliverables (listed below) due to Microsoft
upon the completion of the SAM engagement
bull Letter of Engagementbull Established Deployment Position (EDP)bull Effective License Position (ELP)bull Baseline SOM Assessment Reportbull Letter of Confirmation (only required for certain countries)
PLANNING
Identify your needs amp goals
Gather information on
licensing IT landscape amp business organization
Discuss project and
arrange access amp resources
DATA COLLECTION
Take inventory of hardware software
and licenses using tools questionnaires
and stakeholder interviews
Gather information on process amp procedures
DATA ANALYSIS
Review amp validate allcollected data
Compare deployed assets
with current utilization
Map to an optimized environment based on
your goals
FINAL
RECOMMENDATIONS
Discuss final recommendations and
engage in data-driven discussions to ensure your
business needs amp goals are met
What to expect from a SAM engagementEvery SAM engagement focuses on four phases
Deliverables
Letter of Engagement
Deliverables
Established Deployment
Position (EDP)
Deliverables
Effective License Position
(ELP)
License Optimization Report
Deliverables
Baseline SOM
Assessment Report
A comprehensive software inventory provides the foundation for all SAM recommendations and guidance
about how an organization can optimize their software assets and the procurement process going forward This discovery process can also help organizations identify unwanted or unauthorized programs that could
pose a security risk or are not covered by a current licensing agreement
For a SAM Baseline Review collecting all relevant hardware and software inventory data from all users and devices in the environment is a standard best practice The inventory and resulting data are important in
determining whether software assets are licensed appropriately managed optimally and configured to support ongoing license compliance
The first stage of such an engagement focuses on planning Within this stage you will achieve the following
bull Gather information about the customerrsquos environment
bull Discuss the project and arrange access and resources
Gathering customer information
Your most important source is your customer Customer conversations are key to an effective SAM
engagement and should help provide the insights you need to fully understand the customerrsquos environment At the outset of the engagement you should ask questions to learn more about the organization such as
At the outset of the engagement you should collect the following inputs from the customerrsquos premises
bull A complete background of the customerrsquos existing IT infrastructure and environment including on-premises Cloud and outsourced installations for all locations andor divisions
bull Deployment inventory data coverage of no less than 90 from at least one (1) automated discovery tool for each customer location where Microsoft products are installed (see Data Collection
Requirements)
bull Entitlement data outside Microsoft Volume License Agreements from procurement and any applicable sources or suppliers which may include
o Original Equipment Manufacturer (OEM)o Full Packaged Product (FPP) Retail
o Outsourcer
o Service provider (Hosters etc)o Additional reseller(s)
o Changes to entitlements resulting from mergers acquisitions or divestitureso Independent Software Vendors (ISV)
o Any serversenvironments managed by a Service Provider Licensing Agreement (SPLA)
bull A full and confirmed list of affiliates if they exist and any relevant amendments to their Microsoft Volume License Agreements including any license transfer documents either granting or receiving
licensing rightsbull Customer input on current SAM processes and level of maturity as mapped to Microsoftrsquos SAM
Optimization Model framework and questionnaire (see Microsoft Baseline SOM Assessment Report)
using stakeholder interviews
Baseline
ReviewStep 1 Planning
7
SAMSOFTWARE ASSET MANAGEMENT
o A minimum of three (3) stakeholders must be interviewed representing decision-making roles
in the following departments Information Technology (IT) Procurement and Operationso Input must also include an interview or feedback from one (1) stakeholder for each location
andor division (if the customer has multiple locations andor divisions)
bull Current IT infrastructure and organization diagrams that include locations IT group names SAM tool(s) or supporting processes in place and stakeholder names
bull Location of software entitlement deployment and retirement records as well as level of access allowed
bull Office 365 and other Microsoft Online Services reservations and assignments
bull Any copies of recent SAM reports and SAM Self-Improvement Plans that have been created for internal stakeholders including any evidence of stakeholder and executive review and sign-off (if
available)
The partner will collect the following inputs from Microsoft
Microsoft License Statement (MLS) including Microsoft Product and Services Agreement (MPSA) data where
relevant
Discuss project and arrange access and resourcesBased on the preliminary information yoursquove gathered you can create a full SOW This plan will contain an outline for data collection and analysis a detailed list of deliverables and a timeline with deadlines This
establishes a customerrsquos expectations and your accountability
DeliverablesA Letter of Engagement is due to the customer and Microsoft at the beginning of the engagement This letter
provides the necessary Proof of Execution (PoE) in order for you to collect Channel Incentives payment
The letter must include at a minimum
bull A SOW for the engagement being performed including a list of all customer deliverables
bull Scope of the engagement including any scope limitations
bull Dates and timelinesbull Your project team members and their relevant Microsoft Certified Professional (MCP) credentials
bull A list of key contacts that must include names titles phone numbers and email addresses bull A planned disclosure of engagement deliverables to Microsoft
bull A statement explaining that data collected by you from the customerrsquos information system
environment is transferred to Microsoft and how Microsoft will use that data collected to generate reports necessary for you to effectuate the SAM services
bull Consent from the customer to transfer data to Microsoft any of its affiliates and to the subprocessors Microsoft may employ to generate the reports necessary for the SAM services
including consent to transfer personal Information to the United States and other countries where
Microsoftrsquos subprocessors are located ldquoPersonal Informationrdquo in this instance means any information provided by Microsoft or collected by you in connection with this agreement that (a) identifies or
can be used to identify contact or locate the person to whom such information pertains or (b) from which identification or contact information of an individual person can be derived Personal
Information includes but is not limited to name address phone number fax number and email
address Additionally to the extent any other information (such as but not necessarily limited to a personal profile unique identifier andor IP address) is associated or combined with Personal
Information then such information also will be considered Personal Information
Baseline ReviewStep 1 Planning
8
Baseline ReviewStep 1 Planning
9
bull The Microsoft SAM Engagement data usage and privacy information document (ie Data Usage
Guide) bull Reference to the Data Usage Guide where appropriate
The Letter of Engagement must be in writing and signed by an authorized representative of your organization
and the customer
You also must notify the Microsoft SAM Engagement Manager when the Letter of Engagement is uploaded into the required system as designated by Microsoft (currently CHIP)
Letter of Engagement Provides the customer with an overview of the SAM engagement
View sample report here
The objective of data collection is to develop a profile of the customerrsquos current Microsoft software in
their environment for analysis Within this discovery stage yoursquoll take inventory of the customerrsquos IT assets and licensing
This section contains a minimum list of required steps partners must take to ensure satisfactory levels of
completeness and accuracy to build the basis for the required analysis and customer deliverables Partners will ensure that all data collected will be stored securely and in accordance with the requirements set out in the I-
AM TOUs
There are two main categories of data collection 1) data related to the discovery and inventory of hardware
and software assets and the mapping to licensing entitlements to complete the EDP and ELP proof of
execution and 2) data related to the maturity level of the customerrsquos SAM policies procedures and practices to complete the SAM Optimization Model (SOM) Assessment proof of execution Partners must ensure that the
data collected is whole complete and accurate through validation with secondary data sources The data collection must cover the full scope of the customerrsquos enterprise and all Microsoft products deployed within
the environment Any deviation or change to this scope needs to be approved by Microsoft the partner and
customer
Yoursquoll want to secure a clear documented and shared understanding of the customerrsquos complete server estate
(physical and virtual) license management processes and practices offerings and use of Microsoft products datacenters and domains Within this stage yoursquoll acquire a documented license responsibility per
environment (internal dedicated co-located license mobility) and for the whole scope of the engagement
This will come prior to data analysis and formation of a report
Take inventory of IT assets and licensing
You need to prepare to take a full inventory of hardware and software deployments and licensing This assessment includes how the technology is being used and by whom You can accomplish this through
inventory tools questionnaires and stakeholder interviews Before you can move forward however you must
first work with the customer to establish the following parameters
bull Data collection requirements
bull Choosing the right tool
bull Scope inventory
bull Implementing the inventory tool
bull Gathering data
Data collection requirementsData coverage means the percentage of total devices for which all required installation data has been obtained Data coverage must reach at least 90 of all devices pertaining to this engagement Where devices
arenrsquot joined to the directory or network manual collection of data is acceptable (while maintaining the 90
data coverage requirement) Some specific guidance includes but is not limited to
Baseline
ReviewStep 2 Data collection
10
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewStep 2 Data collection
11
bull Data extract must be cross-referenced against a minimum of one (1) additional data source
including but not limited too Records from existing network performancesecurity monitoring and management tools
o Network management frameworks
o Virtual machine performance monitoringo Customer Human Resources (HR) records
o Security sources (anti-virus)bull All trust accounts must be extracted to ensure no domains are missed
bull Extraction of user accounts by group (if applicable eg for Citrix) Output includes a listing of user
objects and the AD Groups they belong tobull Identification of active users based upon the technique(s) employed by the customer (based on
output from Step 1)bull Complete extraction of data from the customerrsquos current management and inventory tools and the
calculation of current coverage levels of existing tool(s)
bull Inventory of any missing devices including but not limited to devices thato Do not report inventory
o Are non-networkedo Are unmanaged devices
bull Virtual environment mapping output includes
o Clusterso Physical hosts
o Virtual guests and virtual guest movement across physical hosts within the past 90 days to accurately calculate licensing needs for products such as Windows Server SQL Server etc
bull Identification of workstations and servers used by Microsoft Developer Network (MSDNreg)
subscribers Products installed on these devices will be identified and excluded if appropriate Facilitation of the identification of devices covered by MSDNreg subscriptions by employing various
methods such as determining preferred user for devices linking last logged-on user to devices or soliciting feedback from customer personnel that have an MSDNreg subscription (email template can
be provided) This step should be completed as early as possible in the data collection phase
bull For server products that can be licensed in multiple ways (eg serverCAL or per processor) the licensing metric applicable to each implementation must be identified
bull SQL Server output includeso Version and edition
o License type required for each SQL Server instance for customers with mixed licensing metric
(serverCAL per processor or per core)o Confirmation of passive SQL Servers assigned Failover Rights
bull Windows Server output includeso Server name
o Physical or virtual operating system environment
o Operating system version and editiono Processor and core information
bull System Center Server output includeso Server names
o Physical or virtual data
o Component (eg System Center Configuration Manager (SCCM) System Center Virtual Machine Manager (SCVMM) version and edition)
o Processor and core information
Baseline ReviewStep 2 Data collection
12
SOM Assessment
Complete the Microsoft SOM Assessment Report questions with answers provided by the customer through interviews
Choosing the right tool
With the right inventory tool you can collect a wide range of data points including software versions on-
premises software usage and an analysis of applications or services already running in the Cloud When choosing an inventory tool keep in mind that each tool supplier has its own process framework Tools donrsquot all
function the same way Using multiple tools helps discover and analyze the data and provide a more robust view of a customerrsquos environment While in some cases the customer may already have an inventory tracking
system other tools may be able to augment the types of data that the customerrsquos
tool collects
Some considerations to keep in mind when choosing or recommending an inventory tool
bull What inventory tools are already deployed within the organization What scope of the
environment do they cover What data points are they capable of capturing and reporting
bull Will deploying an agent-less or agent-based tool be more effective
bull What are the strengths and weaknesses of the tools being considered Will one or more of the tools
collect all required data pointsmdashhardware software virtualization details across a variety of hypervisors (Hyper-V VMwarereg and XenServerreg for example)
bull Is it optimal to deploy and monitor a tool remotely or on-premises
bull How will the tool gather data from PCs servers and mobile devices that connect to the network
remotely
bull If using an inventory tool that the customer already has in place make sure itrsquos configured correctly and can scan the full IT environment
bull Consider how the tool is licensed The optimal tool will collect the right data and align with the
customerrsquos budget whether the tool requires a license or subscription or is free
Scope of inventory
For any SAM engagement a standard best practice is to collect all relevant inventory and licensing data across all Windows-based computers in the environment For a SAM Baseline Review itrsquos important to consider the
minimum requirements based on customer goals For customers looking to move some or all of their applications to a web-client delivery solution such as Office 365 the inventory toolrsquos scope should cover all
clients and a subset of servers to assess if systems are ready for the various Office 365 offerings
You should also determine the scope of devices that contain data to be collected For customers running Active Directory Domain Services (or Directories in the case of multiple separate domainsforests) include in
scope all machines with Active Directory activity reported in the last 30 days (time frame can be adjusted
according to customer circumstances)
Implementing the inventory tool
The standard approach for deploying an inventory tool for a SAM Cloud Productivity engagement includes preparing the environment for scanning and data collection Use either a combination of available tools or
iterative scans to continually increase coverage rates
Baseline ReviewStep 2 Data collection
13
Agent-less toolsbull Understand domain network and firewall (as examples) considerations that can effect a toolrsquos
ability to access various portions of your customerrsquos environment
bull Open firewalls make firewall exceptions deploy Group Policy Objects and open specific ports to
ensure that the tool can access all the targeted machines
bull Agentless tools typically need to run multiple times especially at different times of the day and days of the week to catch the variety of users shifts and time zones depending on the
organization
Agent-based tools bull Ensure agents are communicating regularly so that data remains current
bull Ensure agents are deployed to the scope of target machines
bull With the right refresh and agent coverage data collection from an agent-based tool should be a single snapshot extractionmdashno additional iterations should be necessary with the right refresh
schedule and agent coverage
Gathering data
When collecting information consider taking the following actions
bull Ask the customer to confirm the full set of Microsoft products offered to end customers Compare
the results to the customerrsquos current product reporting (invoicing)bull Ask relevant questions regarding the customerrsquos environment that enable you to effectively plan
data collection from an infrastructure and stakeholder perspective By the end of this stage you
should have a clear picture of
o Environments
o Datacenterso Number of servers (physical and virtual per environmentcustomer)
o Deployment types
o Type of virtualization software in useo Software inventory tools in use
o Operations management software in useo Identification of other affiliates providing hosting services
o Microsoft products and versions in use and features enabled
o How servers and software are provisioned decommissioned and tracked o Dates when each server was put into production
o How the company manages user access
DeliverablesAt the conclusion of this stage yoursquoll create a set of reports that summarize your findings including the
following
View sample report here
The customer will have time to review and validate the preliminary reports and make final adjustments
EDPProvides details related to the customersrsquo Microsoft software
deployments and usage data
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an
accurate point-in-time reflection of the customerrsquos current deployment and license position This data along with the additional customer inputs will provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based
on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application
of license benefit and optimization rules (eg upgrades downgrades promotions etc)bull Review of the Microsoft SOM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps
for the customer
In addition work with your customer to identify over-licensed and under-licensed software and events that
might have led the customer to any inaccuracies Reconcile any licensing gaps and provide the customer with guidance on the best way to manage their software assets most effectively going forward
This third stage of a SAM engagement focuses on achieving the following
bull Review amp validate all collected data
bull Compare deployed assets to entitlements
bull Map to an optimized environment based on customer goals
bull Interpret inventory data
Review and validate all collected dataA SAM engagement helps identify and document all product deployments usage and license entitlements This includes combining the inventory data with other relevant data and information that may not be
discoverable with most tools such as your browser readiness for an Office 365 migration development needs to migrate workloads to Azure and relationships between on-premises systems and Cloud systems
Compare deployed assets to entitlementsOne key benefit of a SAM engagement is that it gives you a clear picture of a customerrsquos entire IT landscape
which you can then share with them This includes an accurate view of all of a customerrsquos license entitlements
By understanding these entitlements you can help customers identify over-licensed and under-licensed software so they can purchase any necessary additions to bridge licensing gaps The SAM Baseline
engagement will also help to identify any license gaps eligible to be right-licensed while moving to the Cloud This helps ensure that the customer is getting credit for everything they own
In addition the engagement helps highlight ways in which a subscription model can impact budgeting and
procurement taking into account direct indirect and hidden costs Discussions around a customerrsquos current licensing program and future needs will also help to identify the optimal Volume Licensing choices going
forward
Baseline
ReviewStep 3 Data analysis
14
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewStep 3 Data analysis
15
Map to an optimized environment based on customerrsquos goalsTo optimize results you have to take a holistic view of the customerrsquos current state and intended goal objectives level of willingness to move technical readiness and cost considerations These help determine the
optimal Cloud solution recommendation
Recommended areas of analysis for optimization include the following
bull Assess whether the customerrsquos appropriately licensed for their current deployment and usage state We
can then provide recommendations for the best licensing options to align with their future business plans
bull Analyze the customerrsquos SAM process and provide recommendations to develop or improve them in
support of ongoing optimization management and compliance
bull Determine whether systems are ready for Azure in their current configurations by identifying the Windows
operating system and SQL Server software versions currently running to see if they are supported in Azure You can find supported versions at Microsoft Server Software Support for Microsoft Azure Virtual
Machines
bull Size the systems being assessed to understand system utilization and anticipated resource needs in Azure Virtual Machines This requires collecting performance metrics not simply a single scan of how a machine
is running at a single point in time
Recommended metrics include the following
ndash Azure Virtual Machine size
ndash Estimated monthly usage
ndash Network use (GB)
ndash Storage use (GB)
bull Identify applications and services that are already running in the Cloud and consider the most effective way to manage those solutions For more detailed information on working with Microsoft Cloud
management solutions please read about the Enterprise Mobility Suite with Windows Intune Azure Active
Directory Premium and Azure Rights Management
bull Look for areas of potential risk pertaining to running older software that is out of date or past end of support In particular try and track the following information
ndash Devices not running updated software
ndash Devices running Windows XP
ndash Devices running Windows Server 2008
Interpret inventory databull When reviewing the inventory tool output look for anomalies such as client count results differing
greatly from the number of employees Question anything that seems unusual to ensure your analysis
is an accurate representation of the customerrsquos environment
bull Make sure you understand the relationships between on-premises systems (such as an employee database) and Cloud systems (such as payroll)
bull Be aware that inventory data for Cloud computing may be accessed delivered and managed differently
than data for on-premises solutions Data from the inventory tool should be combined with data from other sources (IT service management and finance for example) so informed decisions can be made
that reflect all aspects of moving workloads to the Cloud including the impact on total cost of
ownership and return on investment
ndash CPU utilization ()
ndash Memory utilization (MB)
ndash Disk IO utilization (IO operations per second)
ndash Network utilizationmdashinout (MB)
bull The customer needs to know who is managing what in order to inventory assets properly If the
organization is using a service provider clarify what was purchased and who is managing it
Over-licensing and under-licensingBased on your analysis yoursquoll be prepared to discuss the customerrsquos current state with clear information on
places where they may be over-licensed or under-licensed Ensure that you are fully aware of the installation
or virtualization rights that your customerrsquos products may have via traditional product use rights Software Assurance (SA) Benefits or even via license grants documented in the Product List Use the findings to talk
about the benefits of being right-licensed and discuss the licensing options that are available to help them achieve proper licensing
Address any licensing shortfalls that have been identified and explain the steps the customer should take to
resolve their under-licensed position Typically the customer will follow their standard process and acquire
the shortfall through their reseller using their existing Volume Licensing (VL) agreement Agree on a timeline to resolve the shortfall ndash within thirty days of identification is a reasonable time period Help the customer by
connecting their licensing shortfalls to gaps in their SAM management processes highlighting areas of improvement Often shortfalls do relate to issues with inadequate existing SAM processes if processes had
been in place and carried out properly shortfalls would have been found earlier
The diagram below shows an example of over- and under-licensing and represents the basic information most companies will need to track as a starting point Organizations with additional complexities will need to
add additional fields to be complete
Baseline ReviewStep 3 Data analysis
16
Product
NameVersion Edition
License
TypeInstallations
Licensed
Quantity
License
Excess or
Shortfall
Office 2010 Professional FPP 14 12 -2
Office 2013Professional
PlusVL 25 25 0
Windows 7 Professional VL 20 25 5
Windows 8 Enterprise OEM 19 19 0
FPP = Full packaged product
OEM = Original equipment manufacturer
VL = Volume Licensing
License rights vary depending on the type of license
purchased
You may find that the customer is over-licensed in some areas They may have acquired more licenses than
necessary or be mistaken in their belief that software is being used If it is discovered that they are not using the product and if their license rights allow it recommend that they reassign the product to another
workload or move the product to the Cloud if the customer has License Mobility rights If the product is being used but there is a quantity mismatch or surplus advise them to adjust their purchases to match their
actual requirements If the customer has active Software Assurance there is the potential to step them up in
the situation where they may need additional licenses for a higher edition of a product
Baseline ReviewData analysis ndash SAM Assessment
A SAM Assessment is a review of the customerrsquos existing processes against the SAM Optimization Model
framework identifying improvement opportunities and associated ROI The SAM Optimization Model (SOM) is a framework developed by Microsoft that is aligned with Microsoft Infrastructure Optimization (IO) SOM
enables partners and customers to evaluate SAM effectively and objectively in order to help them manage
the life cycle of software assets with policies procedures tools and a vision for the future SOM provides an established set of criteria to help you make consistent SAM assessments and recommendations
Use this model to conduct an evaluation to determine how effectively your customer is managing software assets The results from the assessment will form the basis for guidance you will provide the customer with
ways to improve their SAM practices and a tailored road map to help them visualize the benefits and savings
at each stage of SAM optimization
SAM Optimization Model amp ISO SAMThe SAM Optimization framework serves as the foundation and guidance for preparing to implement an effective SAM program that supports alignment with ISO standards The model is based on the ISOIEC
19770-1 standard which is the gold standard for SAM processes It identifies ten KPIs that focus on key
processes an organization needs to follow to implement a SAM program The SAM Optimization Model is a stepping stone to accomplish a complete end-to-end SAM program as defined within ISOIEC 19770-1 which
outlines the requirements and certifications recommended for a comprehensive SAM program Adopting both frameworks will help ensure that customers accurately and strategically implement and manage a
successful ongoing SAM practice
ISO SAM Tier 4
ISO SAM Tier 3
ISO SAM Tier 2
ISO SAM Tier 1
3 Long-term focus
2 Subsequent focus
1 Initial focus
MS SOM Dynamic
MS SOM Standardized
MS SOM Basic
MS SOM Rationalized
Largely Equivalent
Largely Equivalent
asymp
asymp
17
The Microsoft SOM infrastructure optimization maturity levels are
Basic
Ad Hoc ndash Little control over what IT assets are being used and where Lacks policies procedures resources
and tools
Standardized
Tracking Assets ndash SAM processes exist as well as tooldata repository Information may not be complete and accurate and is typically not used for decision making
Rationalized
Active Management ndash Vision policies procedures and tools are used to manage the IT software asset lifecycle Reliable information used to manage the assets to business targets
Dynamic
Optimized ndash Near real-time alignment with changing business needs SAM is a strategic asset to overall
business objectives
Baseline ReviewData analysis - SAM Assessment
The first two levels Basic and Standardized are the initial focus points for an organization As organizations
increase their maturity they will progress up to Rationalized with the ultimate long-term goal of arriving at a Dynamic state The Rationalized level is similar to the ISO SAM Tier 1 in the ISO 19770 model and the
Dynamic level corresponds generally to the ISO SAM Tiers 2 3 and 4
For more information on the ISO model see ISOIEC 19770 -12012 ndash Information technology ndash Software
asset management ndash Part 1 Processes and tiered assessment of conformance
Standardized
SAM
Tracking Assets
SAM processes exist
as well as tooldata
repository
Information may not
be complete or
accurate and typically
not used for decision
making
Rationalized
SAM
Active Management
Vision policies
procedures and tools
are used to manage
the software asset
lifecycle
Reliable information
used to manage the
assets to business
targets
Dynamic
SAM
Optimized
Near real-time
alignment with
changing business
needs
Business competitive
advantage through
SAM
Basic
SAM
Ad Hoc
Little control over
which IT assets are
being used and
where
Lacks policies
procedures
resources and tools
18
SOM maturity levels and key competencies
The SOM Assessment is a systematic approach in which you compare Key Performance Indicators (KPIs)
found within the customerrsquos current environment against a defined model to determine a SAM maturity level The objective is to gain an understanding of the organizationrsquos overall SAM maturity highlight SAM strengths
and weaknesses and provide a roadmap for improvement
A SOM Assessment Report provides the customer with an assessment rating and SAM maturity level based
on answers to SAM policy and procedure questions asked throughout the engagement and captured in the
Microsoft SAM Assessment Report The report also provides recommendations at each stage of the model prioritizing the ones with the greatest impact for the customer
For each key competency area you will identify the sources of data that need to be gathered identify how to
evaluate the data and what is to be determined and then breakout the four maturity levels using the tipping
points for each level
Baseline ReviewData analysis - SAM Assessment
19
SAM Optimization Model ndash maturity levels
BASIC STANDARDIZED RATIONALIZED DYNAMIC
SAM ThroughoutOrganization
Project Managerassigned but SAM rolesamp responsibilities not
defined
Direct SAM responsibilityis identified throughoutorganization
Each functional groupactively manages SAM
SAM responsibilitiesdefined in job descriptionsacross organization
SAMImprovement Plan
No SAM development orcommunication plan
SAM plan is defined and approved
SAM Improvement is demonstrated
SAM goals part of executive scorecard Reviewed regularly
Hardware ampSoftware Inventory
No centralized inventoryor lt 68 assets in central inventory
gt 68-95 of assets in inventory
gt 95 - 98 of assets in Inventory
gt 99 of assets in inventory
Accuracy of InventoryManual inventory nodiscovery tools
Inventory sourcesreconciled annually
Inventory sourcesreconciled quarterly
Dynamic discovery tools provide near real-time deployment details
LicenseEntitlement Records
Procurement managescontracts not accessed byIT managers
Complete entitlementrecords exist acrossorganization
Entitlement recordsreconciled with vendorrecords
SAM entitlement system interfaces with vendor entitlement to track usage
Periodic EvaluationIT operations managed onad-hoc basis
Annual sign-off on SAM reports
Quarterly sign-off on SAM reports
System reconciliations and ITAM report available on demand
SAM OperationsMgmt amp Interfaces
SAM not considered partof MampA risk plan andcompany integration
Operations managesseparate asset inventories
Operations managesassociated assetinventory
All business units follow the same strategy processamp technology for SAM
Acquisition Process
Assets purchased on aper project basis withouta review of current
availability
Software purchases use approved vendors
Software purchases based on deployment entitlement
reconciliation
All purchases are made using a predefined assetcatalog based on metered
usage
Deployment Process
Assets deployed byend-users in distributedlocations no centralized IT
Only approved software is deployed
Software deploymentreports are accessible tostakeholders
Software is dynamically available to users on demand
Retirement Process
Software is retired withhardware and is notharvested or reassigned
Unused software isharvested (where the license allows) and
tracked within a centrally controlled inventory
Centrally controlledinventory of harvestedlicenses is maintained
amp available for reuseDeployment amp license
records are updated
Automated process wcentralized control amp tracking of all installed
software harvest optionsinternal reassignment
and disposal
As you assign the maturity level for each of the ten key competency areas note the customer may be at
different stages in the modelmdashmeaning some areas will be Basic while others are Dynamic or Rationalized Most customers will be in the Basic and Standardized maturity levels but you will see some areas (for
example Acquisition Process) that could be Rationalized or even Dynamic
SOM Workbook
The SOM Assessment Report Workbook is used to document the details on your maturity level assessment
ratings for each of the key competency areas The workbook provides a framework for your customer SAM
optimization review It will also enable you to capture the assessment ratings for each of the ten competency areas
Workbook contents
Within the workbook there is a tab for each competency In addition to the objectives and key questions
each tab contains a definition of the competency risk considerations guidance on how to evaluate the SAM optimization level and the final assessment rating for the specific competency You can also enter notes as
needed at the bottom of each tab
The lsquoSAM Assessment Reportrsquo tab provides the consolidated assessment ratings across all ten competencies
once they have been filled in by you From this tab you can save a copy of this summary information to email
to Microsoft by clicking the lsquoCreate Final Reportrsquo button Note You need to enable the Macro Option above in the Security Warning
The lsquoSAM Assessment Graphrsquo tab provides a graph based on the summary assessment data once it is all
collected
The last tab lsquoCompetency Rating Informationrsquo provides definitions for each competency and optimization
level along with additional assessment guidance
To get started Follow the directions on the ldquoGetting Startedrdquo section of the Introduction tab To set up the
workbook for the customer
1Enable the macros in the security options
2Enter the name of the Customer in cell lsquoF2rsquo
3Enter the Partner Name in cell lsquoF3rsquo
4Enter the Partner MSPP ID in cell lsquoF4rsquo
5Enter the OpportunityID or Agreement in cell lsquoF5rsquo
Baseline ReviewData analysis - SAM Assessment
20
Filling out the Workbook
Using the information you collect by questioning the customer and assessing their maturity level in each of
the ten competencies (both explained in more detail below) you will record an ldquoInitial Observationrdquo and an ldquoAssessment Ratingrdquo for each competency in the appropriate competency tab
bullThe lsquoAssessment Ratingrsquo is your analysis of the customerrsquos maturity for a particular key competency
bullThe lsquo(Initial) Observationsrsquo is supporting information on why you selected the lsquoAssessment Ratingrsquo
Baseline ReviewData analysis - SAM Assessment
The ldquoSAM Assessment Reportrdquo tab is organized by the key competencies and corresponding ISO categories
and the results Once all observations and ratings are recorded the information in the lsquoCurrent Optimizationrsquo columns are auto filled based on the lsquoAssessment Ratingrsquo you have selected as well as your Initial
Observation
21
Creating a final report
To create a final report select the ldquoCreate Final Reportrdquo button making sure that macros are enabled
Baseline ReviewData analysis - SAM Assessment
22
Results from the workbook are also provided back in the form of a graph on the SAM Assessment Graph tab
This is an example of what the output graph will look like
0
1
2
3
4
SAM
throughout
organization
SAM
improvement
plan
Hardware
and
software
inventory
Accuracy
of
inventory
License
entitlement
records
Periodic
self
evaluation
Operations
management
interfaces
Acquisition
process
Deployment
process
Retirement
process
Basic
Standardized
Rationalised
Dynamic
Baseline ReviewData analysis - SAM Assessment
23
DeliverablesUpon completion of this stage you can offer key best practices to improve the customerrsquos software asset management program going forward
ELP
Provides details related to license entitlements which are mapped to
deployments and identifies any gaps or underutilization in your organization
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
View sample report here
Final results
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an accurate point-in-time reflection of the customerrsquos current deployment and license position This data along
with the additional customer inputs will also provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application of license benefit and optimization rules (eg upgrades downgrades promotions etc)
bull Review of the Microsoft SAM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps for the customer
Additionally SAM must take into account the speed and ease with which new services can be provisioned configured and released This ease of implementation introduces organizational risks by decentralizing IT
services Because Cloud services appeal directly to business users the risk exists that these services may be
purchased outside the traditional software procurement and SAM processes
Deliverables
The following deliverables are due to the customer at the end of the engagement
bull A comprehensive view of the customer environment A document with details related to all
hardware and software currently deployed within the customerrsquos IT infrastructure
bull The Effective License Position (ELP) A spreadsheet that provides details related to license entitlements and deployments The spreadsheet must be produced using I-AM (Note Defined in
Deliverables to Microsoft) bull License Optimization Report This report must contain the risks liabilities and issues associated
with customerrsquos current licensing practices and prioritized recommendations on how to better
manage their licenses to minimize risks in the future The report could also contain but is not limited to
o Identification of all of the customerrsquos Volume License Agreements (VLAs) with Microsoft and a recommendation on any beneficial consolidation
o Consumption information detailing installed products that are unused or underutilized (eg
no use in last six months)o Recommendations for a repeatable simplified inventory collection process for future True-ups
(for Enterprise Agreement customers only)o Additional customer-specific recommendations based on captured data and insights
24
SAMSOFTWARE ASSET MANAGEMENT
Baseline
ReviewStep 4 Final recommendations
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
Baseline ReviewIntroduction
6
In addition to services you can also help a Cloud customer adapt policies and procedures to encompass the
change SAM Cloud programs must take into account the real-time nature of the environment and speed and ease of provisioning services Organizations end up actually relying more on SAM policies and procedures for
Cloud contracting deployment and management than they would in a traditional environment with a longer
product lifecycle
All work completed under this Statement of Work (SOW) will be provided in accordance with the Intelligent
Asset Manager (I-AM) Terms of Use (ldquoTOUrdquo) available here
For Proof of Execution (PoE) you must include the following deliverables (listed below) due to Microsoft
upon the completion of the SAM engagement
bull Letter of Engagementbull Established Deployment Position (EDP)bull Effective License Position (ELP)bull Baseline SOM Assessment Reportbull Letter of Confirmation (only required for certain countries)
PLANNING
Identify your needs amp goals
Gather information on
licensing IT landscape amp business organization
Discuss project and
arrange access amp resources
DATA COLLECTION
Take inventory of hardware software
and licenses using tools questionnaires
and stakeholder interviews
Gather information on process amp procedures
DATA ANALYSIS
Review amp validate allcollected data
Compare deployed assets
with current utilization
Map to an optimized environment based on
your goals
FINAL
RECOMMENDATIONS
Discuss final recommendations and
engage in data-driven discussions to ensure your
business needs amp goals are met
What to expect from a SAM engagementEvery SAM engagement focuses on four phases
Deliverables
Letter of Engagement
Deliverables
Established Deployment
Position (EDP)
Deliverables
Effective License Position
(ELP)
License Optimization Report
Deliverables
Baseline SOM
Assessment Report
A comprehensive software inventory provides the foundation for all SAM recommendations and guidance
about how an organization can optimize their software assets and the procurement process going forward This discovery process can also help organizations identify unwanted or unauthorized programs that could
pose a security risk or are not covered by a current licensing agreement
For a SAM Baseline Review collecting all relevant hardware and software inventory data from all users and devices in the environment is a standard best practice The inventory and resulting data are important in
determining whether software assets are licensed appropriately managed optimally and configured to support ongoing license compliance
The first stage of such an engagement focuses on planning Within this stage you will achieve the following
bull Gather information about the customerrsquos environment
bull Discuss the project and arrange access and resources
Gathering customer information
Your most important source is your customer Customer conversations are key to an effective SAM
engagement and should help provide the insights you need to fully understand the customerrsquos environment At the outset of the engagement you should ask questions to learn more about the organization such as
At the outset of the engagement you should collect the following inputs from the customerrsquos premises
bull A complete background of the customerrsquos existing IT infrastructure and environment including on-premises Cloud and outsourced installations for all locations andor divisions
bull Deployment inventory data coverage of no less than 90 from at least one (1) automated discovery tool for each customer location where Microsoft products are installed (see Data Collection
Requirements)
bull Entitlement data outside Microsoft Volume License Agreements from procurement and any applicable sources or suppliers which may include
o Original Equipment Manufacturer (OEM)o Full Packaged Product (FPP) Retail
o Outsourcer
o Service provider (Hosters etc)o Additional reseller(s)
o Changes to entitlements resulting from mergers acquisitions or divestitureso Independent Software Vendors (ISV)
o Any serversenvironments managed by a Service Provider Licensing Agreement (SPLA)
bull A full and confirmed list of affiliates if they exist and any relevant amendments to their Microsoft Volume License Agreements including any license transfer documents either granting or receiving
licensing rightsbull Customer input on current SAM processes and level of maturity as mapped to Microsoftrsquos SAM
Optimization Model framework and questionnaire (see Microsoft Baseline SOM Assessment Report)
using stakeholder interviews
Baseline
ReviewStep 1 Planning
7
SAMSOFTWARE ASSET MANAGEMENT
o A minimum of three (3) stakeholders must be interviewed representing decision-making roles
in the following departments Information Technology (IT) Procurement and Operationso Input must also include an interview or feedback from one (1) stakeholder for each location
andor division (if the customer has multiple locations andor divisions)
bull Current IT infrastructure and organization diagrams that include locations IT group names SAM tool(s) or supporting processes in place and stakeholder names
bull Location of software entitlement deployment and retirement records as well as level of access allowed
bull Office 365 and other Microsoft Online Services reservations and assignments
bull Any copies of recent SAM reports and SAM Self-Improvement Plans that have been created for internal stakeholders including any evidence of stakeholder and executive review and sign-off (if
available)
The partner will collect the following inputs from Microsoft
Microsoft License Statement (MLS) including Microsoft Product and Services Agreement (MPSA) data where
relevant
Discuss project and arrange access and resourcesBased on the preliminary information yoursquove gathered you can create a full SOW This plan will contain an outline for data collection and analysis a detailed list of deliverables and a timeline with deadlines This
establishes a customerrsquos expectations and your accountability
DeliverablesA Letter of Engagement is due to the customer and Microsoft at the beginning of the engagement This letter
provides the necessary Proof of Execution (PoE) in order for you to collect Channel Incentives payment
The letter must include at a minimum
bull A SOW for the engagement being performed including a list of all customer deliverables
bull Scope of the engagement including any scope limitations
bull Dates and timelinesbull Your project team members and their relevant Microsoft Certified Professional (MCP) credentials
bull A list of key contacts that must include names titles phone numbers and email addresses bull A planned disclosure of engagement deliverables to Microsoft
bull A statement explaining that data collected by you from the customerrsquos information system
environment is transferred to Microsoft and how Microsoft will use that data collected to generate reports necessary for you to effectuate the SAM services
bull Consent from the customer to transfer data to Microsoft any of its affiliates and to the subprocessors Microsoft may employ to generate the reports necessary for the SAM services
including consent to transfer personal Information to the United States and other countries where
Microsoftrsquos subprocessors are located ldquoPersonal Informationrdquo in this instance means any information provided by Microsoft or collected by you in connection with this agreement that (a) identifies or
can be used to identify contact or locate the person to whom such information pertains or (b) from which identification or contact information of an individual person can be derived Personal
Information includes but is not limited to name address phone number fax number and email
address Additionally to the extent any other information (such as but not necessarily limited to a personal profile unique identifier andor IP address) is associated or combined with Personal
Information then such information also will be considered Personal Information
Baseline ReviewStep 1 Planning
8
Baseline ReviewStep 1 Planning
9
bull The Microsoft SAM Engagement data usage and privacy information document (ie Data Usage
Guide) bull Reference to the Data Usage Guide where appropriate
The Letter of Engagement must be in writing and signed by an authorized representative of your organization
and the customer
You also must notify the Microsoft SAM Engagement Manager when the Letter of Engagement is uploaded into the required system as designated by Microsoft (currently CHIP)
Letter of Engagement Provides the customer with an overview of the SAM engagement
View sample report here
The objective of data collection is to develop a profile of the customerrsquos current Microsoft software in
their environment for analysis Within this discovery stage yoursquoll take inventory of the customerrsquos IT assets and licensing
This section contains a minimum list of required steps partners must take to ensure satisfactory levels of
completeness and accuracy to build the basis for the required analysis and customer deliverables Partners will ensure that all data collected will be stored securely and in accordance with the requirements set out in the I-
AM TOUs
There are two main categories of data collection 1) data related to the discovery and inventory of hardware
and software assets and the mapping to licensing entitlements to complete the EDP and ELP proof of
execution and 2) data related to the maturity level of the customerrsquos SAM policies procedures and practices to complete the SAM Optimization Model (SOM) Assessment proof of execution Partners must ensure that the
data collected is whole complete and accurate through validation with secondary data sources The data collection must cover the full scope of the customerrsquos enterprise and all Microsoft products deployed within
the environment Any deviation or change to this scope needs to be approved by Microsoft the partner and
customer
Yoursquoll want to secure a clear documented and shared understanding of the customerrsquos complete server estate
(physical and virtual) license management processes and practices offerings and use of Microsoft products datacenters and domains Within this stage yoursquoll acquire a documented license responsibility per
environment (internal dedicated co-located license mobility) and for the whole scope of the engagement
This will come prior to data analysis and formation of a report
Take inventory of IT assets and licensing
You need to prepare to take a full inventory of hardware and software deployments and licensing This assessment includes how the technology is being used and by whom You can accomplish this through
inventory tools questionnaires and stakeholder interviews Before you can move forward however you must
first work with the customer to establish the following parameters
bull Data collection requirements
bull Choosing the right tool
bull Scope inventory
bull Implementing the inventory tool
bull Gathering data
Data collection requirementsData coverage means the percentage of total devices for which all required installation data has been obtained Data coverage must reach at least 90 of all devices pertaining to this engagement Where devices
arenrsquot joined to the directory or network manual collection of data is acceptable (while maintaining the 90
data coverage requirement) Some specific guidance includes but is not limited to
Baseline
ReviewStep 2 Data collection
10
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewStep 2 Data collection
11
bull Data extract must be cross-referenced against a minimum of one (1) additional data source
including but not limited too Records from existing network performancesecurity monitoring and management tools
o Network management frameworks
o Virtual machine performance monitoringo Customer Human Resources (HR) records
o Security sources (anti-virus)bull All trust accounts must be extracted to ensure no domains are missed
bull Extraction of user accounts by group (if applicable eg for Citrix) Output includes a listing of user
objects and the AD Groups they belong tobull Identification of active users based upon the technique(s) employed by the customer (based on
output from Step 1)bull Complete extraction of data from the customerrsquos current management and inventory tools and the
calculation of current coverage levels of existing tool(s)
bull Inventory of any missing devices including but not limited to devices thato Do not report inventory
o Are non-networkedo Are unmanaged devices
bull Virtual environment mapping output includes
o Clusterso Physical hosts
o Virtual guests and virtual guest movement across physical hosts within the past 90 days to accurately calculate licensing needs for products such as Windows Server SQL Server etc
bull Identification of workstations and servers used by Microsoft Developer Network (MSDNreg)
subscribers Products installed on these devices will be identified and excluded if appropriate Facilitation of the identification of devices covered by MSDNreg subscriptions by employing various
methods such as determining preferred user for devices linking last logged-on user to devices or soliciting feedback from customer personnel that have an MSDNreg subscription (email template can
be provided) This step should be completed as early as possible in the data collection phase
bull For server products that can be licensed in multiple ways (eg serverCAL or per processor) the licensing metric applicable to each implementation must be identified
bull SQL Server output includeso Version and edition
o License type required for each SQL Server instance for customers with mixed licensing metric
(serverCAL per processor or per core)o Confirmation of passive SQL Servers assigned Failover Rights
bull Windows Server output includeso Server name
o Physical or virtual operating system environment
o Operating system version and editiono Processor and core information
bull System Center Server output includeso Server names
o Physical or virtual data
o Component (eg System Center Configuration Manager (SCCM) System Center Virtual Machine Manager (SCVMM) version and edition)
o Processor and core information
Baseline ReviewStep 2 Data collection
12
SOM Assessment
Complete the Microsoft SOM Assessment Report questions with answers provided by the customer through interviews
Choosing the right tool
With the right inventory tool you can collect a wide range of data points including software versions on-
premises software usage and an analysis of applications or services already running in the Cloud When choosing an inventory tool keep in mind that each tool supplier has its own process framework Tools donrsquot all
function the same way Using multiple tools helps discover and analyze the data and provide a more robust view of a customerrsquos environment While in some cases the customer may already have an inventory tracking
system other tools may be able to augment the types of data that the customerrsquos
tool collects
Some considerations to keep in mind when choosing or recommending an inventory tool
bull What inventory tools are already deployed within the organization What scope of the
environment do they cover What data points are they capable of capturing and reporting
bull Will deploying an agent-less or agent-based tool be more effective
bull What are the strengths and weaknesses of the tools being considered Will one or more of the tools
collect all required data pointsmdashhardware software virtualization details across a variety of hypervisors (Hyper-V VMwarereg and XenServerreg for example)
bull Is it optimal to deploy and monitor a tool remotely or on-premises
bull How will the tool gather data from PCs servers and mobile devices that connect to the network
remotely
bull If using an inventory tool that the customer already has in place make sure itrsquos configured correctly and can scan the full IT environment
bull Consider how the tool is licensed The optimal tool will collect the right data and align with the
customerrsquos budget whether the tool requires a license or subscription or is free
Scope of inventory
For any SAM engagement a standard best practice is to collect all relevant inventory and licensing data across all Windows-based computers in the environment For a SAM Baseline Review itrsquos important to consider the
minimum requirements based on customer goals For customers looking to move some or all of their applications to a web-client delivery solution such as Office 365 the inventory toolrsquos scope should cover all
clients and a subset of servers to assess if systems are ready for the various Office 365 offerings
You should also determine the scope of devices that contain data to be collected For customers running Active Directory Domain Services (or Directories in the case of multiple separate domainsforests) include in
scope all machines with Active Directory activity reported in the last 30 days (time frame can be adjusted
according to customer circumstances)
Implementing the inventory tool
The standard approach for deploying an inventory tool for a SAM Cloud Productivity engagement includes preparing the environment for scanning and data collection Use either a combination of available tools or
iterative scans to continually increase coverage rates
Baseline ReviewStep 2 Data collection
13
Agent-less toolsbull Understand domain network and firewall (as examples) considerations that can effect a toolrsquos
ability to access various portions of your customerrsquos environment
bull Open firewalls make firewall exceptions deploy Group Policy Objects and open specific ports to
ensure that the tool can access all the targeted machines
bull Agentless tools typically need to run multiple times especially at different times of the day and days of the week to catch the variety of users shifts and time zones depending on the
organization
Agent-based tools bull Ensure agents are communicating regularly so that data remains current
bull Ensure agents are deployed to the scope of target machines
bull With the right refresh and agent coverage data collection from an agent-based tool should be a single snapshot extractionmdashno additional iterations should be necessary with the right refresh
schedule and agent coverage
Gathering data
When collecting information consider taking the following actions
bull Ask the customer to confirm the full set of Microsoft products offered to end customers Compare
the results to the customerrsquos current product reporting (invoicing)bull Ask relevant questions regarding the customerrsquos environment that enable you to effectively plan
data collection from an infrastructure and stakeholder perspective By the end of this stage you
should have a clear picture of
o Environments
o Datacenterso Number of servers (physical and virtual per environmentcustomer)
o Deployment types
o Type of virtualization software in useo Software inventory tools in use
o Operations management software in useo Identification of other affiliates providing hosting services
o Microsoft products and versions in use and features enabled
o How servers and software are provisioned decommissioned and tracked o Dates when each server was put into production
o How the company manages user access
DeliverablesAt the conclusion of this stage yoursquoll create a set of reports that summarize your findings including the
following
View sample report here
The customer will have time to review and validate the preliminary reports and make final adjustments
EDPProvides details related to the customersrsquo Microsoft software
deployments and usage data
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an
accurate point-in-time reflection of the customerrsquos current deployment and license position This data along with the additional customer inputs will provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based
on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application
of license benefit and optimization rules (eg upgrades downgrades promotions etc)bull Review of the Microsoft SOM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps
for the customer
In addition work with your customer to identify over-licensed and under-licensed software and events that
might have led the customer to any inaccuracies Reconcile any licensing gaps and provide the customer with guidance on the best way to manage their software assets most effectively going forward
This third stage of a SAM engagement focuses on achieving the following
bull Review amp validate all collected data
bull Compare deployed assets to entitlements
bull Map to an optimized environment based on customer goals
bull Interpret inventory data
Review and validate all collected dataA SAM engagement helps identify and document all product deployments usage and license entitlements This includes combining the inventory data with other relevant data and information that may not be
discoverable with most tools such as your browser readiness for an Office 365 migration development needs to migrate workloads to Azure and relationships between on-premises systems and Cloud systems
Compare deployed assets to entitlementsOne key benefit of a SAM engagement is that it gives you a clear picture of a customerrsquos entire IT landscape
which you can then share with them This includes an accurate view of all of a customerrsquos license entitlements
By understanding these entitlements you can help customers identify over-licensed and under-licensed software so they can purchase any necessary additions to bridge licensing gaps The SAM Baseline
engagement will also help to identify any license gaps eligible to be right-licensed while moving to the Cloud This helps ensure that the customer is getting credit for everything they own
In addition the engagement helps highlight ways in which a subscription model can impact budgeting and
procurement taking into account direct indirect and hidden costs Discussions around a customerrsquos current licensing program and future needs will also help to identify the optimal Volume Licensing choices going
forward
Baseline
ReviewStep 3 Data analysis
14
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewStep 3 Data analysis
15
Map to an optimized environment based on customerrsquos goalsTo optimize results you have to take a holistic view of the customerrsquos current state and intended goal objectives level of willingness to move technical readiness and cost considerations These help determine the
optimal Cloud solution recommendation
Recommended areas of analysis for optimization include the following
bull Assess whether the customerrsquos appropriately licensed for their current deployment and usage state We
can then provide recommendations for the best licensing options to align with their future business plans
bull Analyze the customerrsquos SAM process and provide recommendations to develop or improve them in
support of ongoing optimization management and compliance
bull Determine whether systems are ready for Azure in their current configurations by identifying the Windows
operating system and SQL Server software versions currently running to see if they are supported in Azure You can find supported versions at Microsoft Server Software Support for Microsoft Azure Virtual
Machines
bull Size the systems being assessed to understand system utilization and anticipated resource needs in Azure Virtual Machines This requires collecting performance metrics not simply a single scan of how a machine
is running at a single point in time
Recommended metrics include the following
ndash Azure Virtual Machine size
ndash Estimated monthly usage
ndash Network use (GB)
ndash Storage use (GB)
bull Identify applications and services that are already running in the Cloud and consider the most effective way to manage those solutions For more detailed information on working with Microsoft Cloud
management solutions please read about the Enterprise Mobility Suite with Windows Intune Azure Active
Directory Premium and Azure Rights Management
bull Look for areas of potential risk pertaining to running older software that is out of date or past end of support In particular try and track the following information
ndash Devices not running updated software
ndash Devices running Windows XP
ndash Devices running Windows Server 2008
Interpret inventory databull When reviewing the inventory tool output look for anomalies such as client count results differing
greatly from the number of employees Question anything that seems unusual to ensure your analysis
is an accurate representation of the customerrsquos environment
bull Make sure you understand the relationships between on-premises systems (such as an employee database) and Cloud systems (such as payroll)
bull Be aware that inventory data for Cloud computing may be accessed delivered and managed differently
than data for on-premises solutions Data from the inventory tool should be combined with data from other sources (IT service management and finance for example) so informed decisions can be made
that reflect all aspects of moving workloads to the Cloud including the impact on total cost of
ownership and return on investment
ndash CPU utilization ()
ndash Memory utilization (MB)
ndash Disk IO utilization (IO operations per second)
ndash Network utilizationmdashinout (MB)
bull The customer needs to know who is managing what in order to inventory assets properly If the
organization is using a service provider clarify what was purchased and who is managing it
Over-licensing and under-licensingBased on your analysis yoursquoll be prepared to discuss the customerrsquos current state with clear information on
places where they may be over-licensed or under-licensed Ensure that you are fully aware of the installation
or virtualization rights that your customerrsquos products may have via traditional product use rights Software Assurance (SA) Benefits or even via license grants documented in the Product List Use the findings to talk
about the benefits of being right-licensed and discuss the licensing options that are available to help them achieve proper licensing
Address any licensing shortfalls that have been identified and explain the steps the customer should take to
resolve their under-licensed position Typically the customer will follow their standard process and acquire
the shortfall through their reseller using their existing Volume Licensing (VL) agreement Agree on a timeline to resolve the shortfall ndash within thirty days of identification is a reasonable time period Help the customer by
connecting their licensing shortfalls to gaps in their SAM management processes highlighting areas of improvement Often shortfalls do relate to issues with inadequate existing SAM processes if processes had
been in place and carried out properly shortfalls would have been found earlier
The diagram below shows an example of over- and under-licensing and represents the basic information most companies will need to track as a starting point Organizations with additional complexities will need to
add additional fields to be complete
Baseline ReviewStep 3 Data analysis
16
Product
NameVersion Edition
License
TypeInstallations
Licensed
Quantity
License
Excess or
Shortfall
Office 2010 Professional FPP 14 12 -2
Office 2013Professional
PlusVL 25 25 0
Windows 7 Professional VL 20 25 5
Windows 8 Enterprise OEM 19 19 0
FPP = Full packaged product
OEM = Original equipment manufacturer
VL = Volume Licensing
License rights vary depending on the type of license
purchased
You may find that the customer is over-licensed in some areas They may have acquired more licenses than
necessary or be mistaken in their belief that software is being used If it is discovered that they are not using the product and if their license rights allow it recommend that they reassign the product to another
workload or move the product to the Cloud if the customer has License Mobility rights If the product is being used but there is a quantity mismatch or surplus advise them to adjust their purchases to match their
actual requirements If the customer has active Software Assurance there is the potential to step them up in
the situation where they may need additional licenses for a higher edition of a product
Baseline ReviewData analysis ndash SAM Assessment
A SAM Assessment is a review of the customerrsquos existing processes against the SAM Optimization Model
framework identifying improvement opportunities and associated ROI The SAM Optimization Model (SOM) is a framework developed by Microsoft that is aligned with Microsoft Infrastructure Optimization (IO) SOM
enables partners and customers to evaluate SAM effectively and objectively in order to help them manage
the life cycle of software assets with policies procedures tools and a vision for the future SOM provides an established set of criteria to help you make consistent SAM assessments and recommendations
Use this model to conduct an evaluation to determine how effectively your customer is managing software assets The results from the assessment will form the basis for guidance you will provide the customer with
ways to improve their SAM practices and a tailored road map to help them visualize the benefits and savings
at each stage of SAM optimization
SAM Optimization Model amp ISO SAMThe SAM Optimization framework serves as the foundation and guidance for preparing to implement an effective SAM program that supports alignment with ISO standards The model is based on the ISOIEC
19770-1 standard which is the gold standard for SAM processes It identifies ten KPIs that focus on key
processes an organization needs to follow to implement a SAM program The SAM Optimization Model is a stepping stone to accomplish a complete end-to-end SAM program as defined within ISOIEC 19770-1 which
outlines the requirements and certifications recommended for a comprehensive SAM program Adopting both frameworks will help ensure that customers accurately and strategically implement and manage a
successful ongoing SAM practice
ISO SAM Tier 4
ISO SAM Tier 3
ISO SAM Tier 2
ISO SAM Tier 1
3 Long-term focus
2 Subsequent focus
1 Initial focus
MS SOM Dynamic
MS SOM Standardized
MS SOM Basic
MS SOM Rationalized
Largely Equivalent
Largely Equivalent
asymp
asymp
17
The Microsoft SOM infrastructure optimization maturity levels are
Basic
Ad Hoc ndash Little control over what IT assets are being used and where Lacks policies procedures resources
and tools
Standardized
Tracking Assets ndash SAM processes exist as well as tooldata repository Information may not be complete and accurate and is typically not used for decision making
Rationalized
Active Management ndash Vision policies procedures and tools are used to manage the IT software asset lifecycle Reliable information used to manage the assets to business targets
Dynamic
Optimized ndash Near real-time alignment with changing business needs SAM is a strategic asset to overall
business objectives
Baseline ReviewData analysis - SAM Assessment
The first two levels Basic and Standardized are the initial focus points for an organization As organizations
increase their maturity they will progress up to Rationalized with the ultimate long-term goal of arriving at a Dynamic state The Rationalized level is similar to the ISO SAM Tier 1 in the ISO 19770 model and the
Dynamic level corresponds generally to the ISO SAM Tiers 2 3 and 4
For more information on the ISO model see ISOIEC 19770 -12012 ndash Information technology ndash Software
asset management ndash Part 1 Processes and tiered assessment of conformance
Standardized
SAM
Tracking Assets
SAM processes exist
as well as tooldata
repository
Information may not
be complete or
accurate and typically
not used for decision
making
Rationalized
SAM
Active Management
Vision policies
procedures and tools
are used to manage
the software asset
lifecycle
Reliable information
used to manage the
assets to business
targets
Dynamic
SAM
Optimized
Near real-time
alignment with
changing business
needs
Business competitive
advantage through
SAM
Basic
SAM
Ad Hoc
Little control over
which IT assets are
being used and
where
Lacks policies
procedures
resources and tools
18
SOM maturity levels and key competencies
The SOM Assessment is a systematic approach in which you compare Key Performance Indicators (KPIs)
found within the customerrsquos current environment against a defined model to determine a SAM maturity level The objective is to gain an understanding of the organizationrsquos overall SAM maturity highlight SAM strengths
and weaknesses and provide a roadmap for improvement
A SOM Assessment Report provides the customer with an assessment rating and SAM maturity level based
on answers to SAM policy and procedure questions asked throughout the engagement and captured in the
Microsoft SAM Assessment Report The report also provides recommendations at each stage of the model prioritizing the ones with the greatest impact for the customer
For each key competency area you will identify the sources of data that need to be gathered identify how to
evaluate the data and what is to be determined and then breakout the four maturity levels using the tipping
points for each level
Baseline ReviewData analysis - SAM Assessment
19
SAM Optimization Model ndash maturity levels
BASIC STANDARDIZED RATIONALIZED DYNAMIC
SAM ThroughoutOrganization
Project Managerassigned but SAM rolesamp responsibilities not
defined
Direct SAM responsibilityis identified throughoutorganization
Each functional groupactively manages SAM
SAM responsibilitiesdefined in job descriptionsacross organization
SAMImprovement Plan
No SAM development orcommunication plan
SAM plan is defined and approved
SAM Improvement is demonstrated
SAM goals part of executive scorecard Reviewed regularly
Hardware ampSoftware Inventory
No centralized inventoryor lt 68 assets in central inventory
gt 68-95 of assets in inventory
gt 95 - 98 of assets in Inventory
gt 99 of assets in inventory
Accuracy of InventoryManual inventory nodiscovery tools
Inventory sourcesreconciled annually
Inventory sourcesreconciled quarterly
Dynamic discovery tools provide near real-time deployment details
LicenseEntitlement Records
Procurement managescontracts not accessed byIT managers
Complete entitlementrecords exist acrossorganization
Entitlement recordsreconciled with vendorrecords
SAM entitlement system interfaces with vendor entitlement to track usage
Periodic EvaluationIT operations managed onad-hoc basis
Annual sign-off on SAM reports
Quarterly sign-off on SAM reports
System reconciliations and ITAM report available on demand
SAM OperationsMgmt amp Interfaces
SAM not considered partof MampA risk plan andcompany integration
Operations managesseparate asset inventories
Operations managesassociated assetinventory
All business units follow the same strategy processamp technology for SAM
Acquisition Process
Assets purchased on aper project basis withouta review of current
availability
Software purchases use approved vendors
Software purchases based on deployment entitlement
reconciliation
All purchases are made using a predefined assetcatalog based on metered
usage
Deployment Process
Assets deployed byend-users in distributedlocations no centralized IT
Only approved software is deployed
Software deploymentreports are accessible tostakeholders
Software is dynamically available to users on demand
Retirement Process
Software is retired withhardware and is notharvested or reassigned
Unused software isharvested (where the license allows) and
tracked within a centrally controlled inventory
Centrally controlledinventory of harvestedlicenses is maintained
amp available for reuseDeployment amp license
records are updated
Automated process wcentralized control amp tracking of all installed
software harvest optionsinternal reassignment
and disposal
As you assign the maturity level for each of the ten key competency areas note the customer may be at
different stages in the modelmdashmeaning some areas will be Basic while others are Dynamic or Rationalized Most customers will be in the Basic and Standardized maturity levels but you will see some areas (for
example Acquisition Process) that could be Rationalized or even Dynamic
SOM Workbook
The SOM Assessment Report Workbook is used to document the details on your maturity level assessment
ratings for each of the key competency areas The workbook provides a framework for your customer SAM
optimization review It will also enable you to capture the assessment ratings for each of the ten competency areas
Workbook contents
Within the workbook there is a tab for each competency In addition to the objectives and key questions
each tab contains a definition of the competency risk considerations guidance on how to evaluate the SAM optimization level and the final assessment rating for the specific competency You can also enter notes as
needed at the bottom of each tab
The lsquoSAM Assessment Reportrsquo tab provides the consolidated assessment ratings across all ten competencies
once they have been filled in by you From this tab you can save a copy of this summary information to email
to Microsoft by clicking the lsquoCreate Final Reportrsquo button Note You need to enable the Macro Option above in the Security Warning
The lsquoSAM Assessment Graphrsquo tab provides a graph based on the summary assessment data once it is all
collected
The last tab lsquoCompetency Rating Informationrsquo provides definitions for each competency and optimization
level along with additional assessment guidance
To get started Follow the directions on the ldquoGetting Startedrdquo section of the Introduction tab To set up the
workbook for the customer
1Enable the macros in the security options
2Enter the name of the Customer in cell lsquoF2rsquo
3Enter the Partner Name in cell lsquoF3rsquo
4Enter the Partner MSPP ID in cell lsquoF4rsquo
5Enter the OpportunityID or Agreement in cell lsquoF5rsquo
Baseline ReviewData analysis - SAM Assessment
20
Filling out the Workbook
Using the information you collect by questioning the customer and assessing their maturity level in each of
the ten competencies (both explained in more detail below) you will record an ldquoInitial Observationrdquo and an ldquoAssessment Ratingrdquo for each competency in the appropriate competency tab
bullThe lsquoAssessment Ratingrsquo is your analysis of the customerrsquos maturity for a particular key competency
bullThe lsquo(Initial) Observationsrsquo is supporting information on why you selected the lsquoAssessment Ratingrsquo
Baseline ReviewData analysis - SAM Assessment
The ldquoSAM Assessment Reportrdquo tab is organized by the key competencies and corresponding ISO categories
and the results Once all observations and ratings are recorded the information in the lsquoCurrent Optimizationrsquo columns are auto filled based on the lsquoAssessment Ratingrsquo you have selected as well as your Initial
Observation
21
Creating a final report
To create a final report select the ldquoCreate Final Reportrdquo button making sure that macros are enabled
Baseline ReviewData analysis - SAM Assessment
22
Results from the workbook are also provided back in the form of a graph on the SAM Assessment Graph tab
This is an example of what the output graph will look like
0
1
2
3
4
SAM
throughout
organization
SAM
improvement
plan
Hardware
and
software
inventory
Accuracy
of
inventory
License
entitlement
records
Periodic
self
evaluation
Operations
management
interfaces
Acquisition
process
Deployment
process
Retirement
process
Basic
Standardized
Rationalised
Dynamic
Baseline ReviewData analysis - SAM Assessment
23
DeliverablesUpon completion of this stage you can offer key best practices to improve the customerrsquos software asset management program going forward
ELP
Provides details related to license entitlements which are mapped to
deployments and identifies any gaps or underutilization in your organization
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
View sample report here
Final results
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an accurate point-in-time reflection of the customerrsquos current deployment and license position This data along
with the additional customer inputs will also provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application of license benefit and optimization rules (eg upgrades downgrades promotions etc)
bull Review of the Microsoft SAM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps for the customer
Additionally SAM must take into account the speed and ease with which new services can be provisioned configured and released This ease of implementation introduces organizational risks by decentralizing IT
services Because Cloud services appeal directly to business users the risk exists that these services may be
purchased outside the traditional software procurement and SAM processes
Deliverables
The following deliverables are due to the customer at the end of the engagement
bull A comprehensive view of the customer environment A document with details related to all
hardware and software currently deployed within the customerrsquos IT infrastructure
bull The Effective License Position (ELP) A spreadsheet that provides details related to license entitlements and deployments The spreadsheet must be produced using I-AM (Note Defined in
Deliverables to Microsoft) bull License Optimization Report This report must contain the risks liabilities and issues associated
with customerrsquos current licensing practices and prioritized recommendations on how to better
manage their licenses to minimize risks in the future The report could also contain but is not limited to
o Identification of all of the customerrsquos Volume License Agreements (VLAs) with Microsoft and a recommendation on any beneficial consolidation
o Consumption information detailing installed products that are unused or underutilized (eg
no use in last six months)o Recommendations for a repeatable simplified inventory collection process for future True-ups
(for Enterprise Agreement customers only)o Additional customer-specific recommendations based on captured data and insights
24
SAMSOFTWARE ASSET MANAGEMENT
Baseline
ReviewStep 4 Final recommendations
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
A comprehensive software inventory provides the foundation for all SAM recommendations and guidance
about how an organization can optimize their software assets and the procurement process going forward This discovery process can also help organizations identify unwanted or unauthorized programs that could
pose a security risk or are not covered by a current licensing agreement
For a SAM Baseline Review collecting all relevant hardware and software inventory data from all users and devices in the environment is a standard best practice The inventory and resulting data are important in
determining whether software assets are licensed appropriately managed optimally and configured to support ongoing license compliance
The first stage of such an engagement focuses on planning Within this stage you will achieve the following
bull Gather information about the customerrsquos environment
bull Discuss the project and arrange access and resources
Gathering customer information
Your most important source is your customer Customer conversations are key to an effective SAM
engagement and should help provide the insights you need to fully understand the customerrsquos environment At the outset of the engagement you should ask questions to learn more about the organization such as
At the outset of the engagement you should collect the following inputs from the customerrsquos premises
bull A complete background of the customerrsquos existing IT infrastructure and environment including on-premises Cloud and outsourced installations for all locations andor divisions
bull Deployment inventory data coverage of no less than 90 from at least one (1) automated discovery tool for each customer location where Microsoft products are installed (see Data Collection
Requirements)
bull Entitlement data outside Microsoft Volume License Agreements from procurement and any applicable sources or suppliers which may include
o Original Equipment Manufacturer (OEM)o Full Packaged Product (FPP) Retail
o Outsourcer
o Service provider (Hosters etc)o Additional reseller(s)
o Changes to entitlements resulting from mergers acquisitions or divestitureso Independent Software Vendors (ISV)
o Any serversenvironments managed by a Service Provider Licensing Agreement (SPLA)
bull A full and confirmed list of affiliates if they exist and any relevant amendments to their Microsoft Volume License Agreements including any license transfer documents either granting or receiving
licensing rightsbull Customer input on current SAM processes and level of maturity as mapped to Microsoftrsquos SAM
Optimization Model framework and questionnaire (see Microsoft Baseline SOM Assessment Report)
using stakeholder interviews
Baseline
ReviewStep 1 Planning
7
SAMSOFTWARE ASSET MANAGEMENT
o A minimum of three (3) stakeholders must be interviewed representing decision-making roles
in the following departments Information Technology (IT) Procurement and Operationso Input must also include an interview or feedback from one (1) stakeholder for each location
andor division (if the customer has multiple locations andor divisions)
bull Current IT infrastructure and organization diagrams that include locations IT group names SAM tool(s) or supporting processes in place and stakeholder names
bull Location of software entitlement deployment and retirement records as well as level of access allowed
bull Office 365 and other Microsoft Online Services reservations and assignments
bull Any copies of recent SAM reports and SAM Self-Improvement Plans that have been created for internal stakeholders including any evidence of stakeholder and executive review and sign-off (if
available)
The partner will collect the following inputs from Microsoft
Microsoft License Statement (MLS) including Microsoft Product and Services Agreement (MPSA) data where
relevant
Discuss project and arrange access and resourcesBased on the preliminary information yoursquove gathered you can create a full SOW This plan will contain an outline for data collection and analysis a detailed list of deliverables and a timeline with deadlines This
establishes a customerrsquos expectations and your accountability
DeliverablesA Letter of Engagement is due to the customer and Microsoft at the beginning of the engagement This letter
provides the necessary Proof of Execution (PoE) in order for you to collect Channel Incentives payment
The letter must include at a minimum
bull A SOW for the engagement being performed including a list of all customer deliverables
bull Scope of the engagement including any scope limitations
bull Dates and timelinesbull Your project team members and their relevant Microsoft Certified Professional (MCP) credentials
bull A list of key contacts that must include names titles phone numbers and email addresses bull A planned disclosure of engagement deliverables to Microsoft
bull A statement explaining that data collected by you from the customerrsquos information system
environment is transferred to Microsoft and how Microsoft will use that data collected to generate reports necessary for you to effectuate the SAM services
bull Consent from the customer to transfer data to Microsoft any of its affiliates and to the subprocessors Microsoft may employ to generate the reports necessary for the SAM services
including consent to transfer personal Information to the United States and other countries where
Microsoftrsquos subprocessors are located ldquoPersonal Informationrdquo in this instance means any information provided by Microsoft or collected by you in connection with this agreement that (a) identifies or
can be used to identify contact or locate the person to whom such information pertains or (b) from which identification or contact information of an individual person can be derived Personal
Information includes but is not limited to name address phone number fax number and email
address Additionally to the extent any other information (such as but not necessarily limited to a personal profile unique identifier andor IP address) is associated or combined with Personal
Information then such information also will be considered Personal Information
Baseline ReviewStep 1 Planning
8
Baseline ReviewStep 1 Planning
9
bull The Microsoft SAM Engagement data usage and privacy information document (ie Data Usage
Guide) bull Reference to the Data Usage Guide where appropriate
The Letter of Engagement must be in writing and signed by an authorized representative of your organization
and the customer
You also must notify the Microsoft SAM Engagement Manager when the Letter of Engagement is uploaded into the required system as designated by Microsoft (currently CHIP)
Letter of Engagement Provides the customer with an overview of the SAM engagement
View sample report here
The objective of data collection is to develop a profile of the customerrsquos current Microsoft software in
their environment for analysis Within this discovery stage yoursquoll take inventory of the customerrsquos IT assets and licensing
This section contains a minimum list of required steps partners must take to ensure satisfactory levels of
completeness and accuracy to build the basis for the required analysis and customer deliverables Partners will ensure that all data collected will be stored securely and in accordance with the requirements set out in the I-
AM TOUs
There are two main categories of data collection 1) data related to the discovery and inventory of hardware
and software assets and the mapping to licensing entitlements to complete the EDP and ELP proof of
execution and 2) data related to the maturity level of the customerrsquos SAM policies procedures and practices to complete the SAM Optimization Model (SOM) Assessment proof of execution Partners must ensure that the
data collected is whole complete and accurate through validation with secondary data sources The data collection must cover the full scope of the customerrsquos enterprise and all Microsoft products deployed within
the environment Any deviation or change to this scope needs to be approved by Microsoft the partner and
customer
Yoursquoll want to secure a clear documented and shared understanding of the customerrsquos complete server estate
(physical and virtual) license management processes and practices offerings and use of Microsoft products datacenters and domains Within this stage yoursquoll acquire a documented license responsibility per
environment (internal dedicated co-located license mobility) and for the whole scope of the engagement
This will come prior to data analysis and formation of a report
Take inventory of IT assets and licensing
You need to prepare to take a full inventory of hardware and software deployments and licensing This assessment includes how the technology is being used and by whom You can accomplish this through
inventory tools questionnaires and stakeholder interviews Before you can move forward however you must
first work with the customer to establish the following parameters
bull Data collection requirements
bull Choosing the right tool
bull Scope inventory
bull Implementing the inventory tool
bull Gathering data
Data collection requirementsData coverage means the percentage of total devices for which all required installation data has been obtained Data coverage must reach at least 90 of all devices pertaining to this engagement Where devices
arenrsquot joined to the directory or network manual collection of data is acceptable (while maintaining the 90
data coverage requirement) Some specific guidance includes but is not limited to
Baseline
ReviewStep 2 Data collection
10
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewStep 2 Data collection
11
bull Data extract must be cross-referenced against a minimum of one (1) additional data source
including but not limited too Records from existing network performancesecurity monitoring and management tools
o Network management frameworks
o Virtual machine performance monitoringo Customer Human Resources (HR) records
o Security sources (anti-virus)bull All trust accounts must be extracted to ensure no domains are missed
bull Extraction of user accounts by group (if applicable eg for Citrix) Output includes a listing of user
objects and the AD Groups they belong tobull Identification of active users based upon the technique(s) employed by the customer (based on
output from Step 1)bull Complete extraction of data from the customerrsquos current management and inventory tools and the
calculation of current coverage levels of existing tool(s)
bull Inventory of any missing devices including but not limited to devices thato Do not report inventory
o Are non-networkedo Are unmanaged devices
bull Virtual environment mapping output includes
o Clusterso Physical hosts
o Virtual guests and virtual guest movement across physical hosts within the past 90 days to accurately calculate licensing needs for products such as Windows Server SQL Server etc
bull Identification of workstations and servers used by Microsoft Developer Network (MSDNreg)
subscribers Products installed on these devices will be identified and excluded if appropriate Facilitation of the identification of devices covered by MSDNreg subscriptions by employing various
methods such as determining preferred user for devices linking last logged-on user to devices or soliciting feedback from customer personnel that have an MSDNreg subscription (email template can
be provided) This step should be completed as early as possible in the data collection phase
bull For server products that can be licensed in multiple ways (eg serverCAL or per processor) the licensing metric applicable to each implementation must be identified
bull SQL Server output includeso Version and edition
o License type required for each SQL Server instance for customers with mixed licensing metric
(serverCAL per processor or per core)o Confirmation of passive SQL Servers assigned Failover Rights
bull Windows Server output includeso Server name
o Physical or virtual operating system environment
o Operating system version and editiono Processor and core information
bull System Center Server output includeso Server names
o Physical or virtual data
o Component (eg System Center Configuration Manager (SCCM) System Center Virtual Machine Manager (SCVMM) version and edition)
o Processor and core information
Baseline ReviewStep 2 Data collection
12
SOM Assessment
Complete the Microsoft SOM Assessment Report questions with answers provided by the customer through interviews
Choosing the right tool
With the right inventory tool you can collect a wide range of data points including software versions on-
premises software usage and an analysis of applications or services already running in the Cloud When choosing an inventory tool keep in mind that each tool supplier has its own process framework Tools donrsquot all
function the same way Using multiple tools helps discover and analyze the data and provide a more robust view of a customerrsquos environment While in some cases the customer may already have an inventory tracking
system other tools may be able to augment the types of data that the customerrsquos
tool collects
Some considerations to keep in mind when choosing or recommending an inventory tool
bull What inventory tools are already deployed within the organization What scope of the
environment do they cover What data points are they capable of capturing and reporting
bull Will deploying an agent-less or agent-based tool be more effective
bull What are the strengths and weaknesses of the tools being considered Will one or more of the tools
collect all required data pointsmdashhardware software virtualization details across a variety of hypervisors (Hyper-V VMwarereg and XenServerreg for example)
bull Is it optimal to deploy and monitor a tool remotely or on-premises
bull How will the tool gather data from PCs servers and mobile devices that connect to the network
remotely
bull If using an inventory tool that the customer already has in place make sure itrsquos configured correctly and can scan the full IT environment
bull Consider how the tool is licensed The optimal tool will collect the right data and align with the
customerrsquos budget whether the tool requires a license or subscription or is free
Scope of inventory
For any SAM engagement a standard best practice is to collect all relevant inventory and licensing data across all Windows-based computers in the environment For a SAM Baseline Review itrsquos important to consider the
minimum requirements based on customer goals For customers looking to move some or all of their applications to a web-client delivery solution such as Office 365 the inventory toolrsquos scope should cover all
clients and a subset of servers to assess if systems are ready for the various Office 365 offerings
You should also determine the scope of devices that contain data to be collected For customers running Active Directory Domain Services (or Directories in the case of multiple separate domainsforests) include in
scope all machines with Active Directory activity reported in the last 30 days (time frame can be adjusted
according to customer circumstances)
Implementing the inventory tool
The standard approach for deploying an inventory tool for a SAM Cloud Productivity engagement includes preparing the environment for scanning and data collection Use either a combination of available tools or
iterative scans to continually increase coverage rates
Baseline ReviewStep 2 Data collection
13
Agent-less toolsbull Understand domain network and firewall (as examples) considerations that can effect a toolrsquos
ability to access various portions of your customerrsquos environment
bull Open firewalls make firewall exceptions deploy Group Policy Objects and open specific ports to
ensure that the tool can access all the targeted machines
bull Agentless tools typically need to run multiple times especially at different times of the day and days of the week to catch the variety of users shifts and time zones depending on the
organization
Agent-based tools bull Ensure agents are communicating regularly so that data remains current
bull Ensure agents are deployed to the scope of target machines
bull With the right refresh and agent coverage data collection from an agent-based tool should be a single snapshot extractionmdashno additional iterations should be necessary with the right refresh
schedule and agent coverage
Gathering data
When collecting information consider taking the following actions
bull Ask the customer to confirm the full set of Microsoft products offered to end customers Compare
the results to the customerrsquos current product reporting (invoicing)bull Ask relevant questions regarding the customerrsquos environment that enable you to effectively plan
data collection from an infrastructure and stakeholder perspective By the end of this stage you
should have a clear picture of
o Environments
o Datacenterso Number of servers (physical and virtual per environmentcustomer)
o Deployment types
o Type of virtualization software in useo Software inventory tools in use
o Operations management software in useo Identification of other affiliates providing hosting services
o Microsoft products and versions in use and features enabled
o How servers and software are provisioned decommissioned and tracked o Dates when each server was put into production
o How the company manages user access
DeliverablesAt the conclusion of this stage yoursquoll create a set of reports that summarize your findings including the
following
View sample report here
The customer will have time to review and validate the preliminary reports and make final adjustments
EDPProvides details related to the customersrsquo Microsoft software
deployments and usage data
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an
accurate point-in-time reflection of the customerrsquos current deployment and license position This data along with the additional customer inputs will provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based
on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application
of license benefit and optimization rules (eg upgrades downgrades promotions etc)bull Review of the Microsoft SOM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps
for the customer
In addition work with your customer to identify over-licensed and under-licensed software and events that
might have led the customer to any inaccuracies Reconcile any licensing gaps and provide the customer with guidance on the best way to manage their software assets most effectively going forward
This third stage of a SAM engagement focuses on achieving the following
bull Review amp validate all collected data
bull Compare deployed assets to entitlements
bull Map to an optimized environment based on customer goals
bull Interpret inventory data
Review and validate all collected dataA SAM engagement helps identify and document all product deployments usage and license entitlements This includes combining the inventory data with other relevant data and information that may not be
discoverable with most tools such as your browser readiness for an Office 365 migration development needs to migrate workloads to Azure and relationships between on-premises systems and Cloud systems
Compare deployed assets to entitlementsOne key benefit of a SAM engagement is that it gives you a clear picture of a customerrsquos entire IT landscape
which you can then share with them This includes an accurate view of all of a customerrsquos license entitlements
By understanding these entitlements you can help customers identify over-licensed and under-licensed software so they can purchase any necessary additions to bridge licensing gaps The SAM Baseline
engagement will also help to identify any license gaps eligible to be right-licensed while moving to the Cloud This helps ensure that the customer is getting credit for everything they own
In addition the engagement helps highlight ways in which a subscription model can impact budgeting and
procurement taking into account direct indirect and hidden costs Discussions around a customerrsquos current licensing program and future needs will also help to identify the optimal Volume Licensing choices going
forward
Baseline
ReviewStep 3 Data analysis
14
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewStep 3 Data analysis
15
Map to an optimized environment based on customerrsquos goalsTo optimize results you have to take a holistic view of the customerrsquos current state and intended goal objectives level of willingness to move technical readiness and cost considerations These help determine the
optimal Cloud solution recommendation
Recommended areas of analysis for optimization include the following
bull Assess whether the customerrsquos appropriately licensed for their current deployment and usage state We
can then provide recommendations for the best licensing options to align with their future business plans
bull Analyze the customerrsquos SAM process and provide recommendations to develop or improve them in
support of ongoing optimization management and compliance
bull Determine whether systems are ready for Azure in their current configurations by identifying the Windows
operating system and SQL Server software versions currently running to see if they are supported in Azure You can find supported versions at Microsoft Server Software Support for Microsoft Azure Virtual
Machines
bull Size the systems being assessed to understand system utilization and anticipated resource needs in Azure Virtual Machines This requires collecting performance metrics not simply a single scan of how a machine
is running at a single point in time
Recommended metrics include the following
ndash Azure Virtual Machine size
ndash Estimated monthly usage
ndash Network use (GB)
ndash Storage use (GB)
bull Identify applications and services that are already running in the Cloud and consider the most effective way to manage those solutions For more detailed information on working with Microsoft Cloud
management solutions please read about the Enterprise Mobility Suite with Windows Intune Azure Active
Directory Premium and Azure Rights Management
bull Look for areas of potential risk pertaining to running older software that is out of date or past end of support In particular try and track the following information
ndash Devices not running updated software
ndash Devices running Windows XP
ndash Devices running Windows Server 2008
Interpret inventory databull When reviewing the inventory tool output look for anomalies such as client count results differing
greatly from the number of employees Question anything that seems unusual to ensure your analysis
is an accurate representation of the customerrsquos environment
bull Make sure you understand the relationships between on-premises systems (such as an employee database) and Cloud systems (such as payroll)
bull Be aware that inventory data for Cloud computing may be accessed delivered and managed differently
than data for on-premises solutions Data from the inventory tool should be combined with data from other sources (IT service management and finance for example) so informed decisions can be made
that reflect all aspects of moving workloads to the Cloud including the impact on total cost of
ownership and return on investment
ndash CPU utilization ()
ndash Memory utilization (MB)
ndash Disk IO utilization (IO operations per second)
ndash Network utilizationmdashinout (MB)
bull The customer needs to know who is managing what in order to inventory assets properly If the
organization is using a service provider clarify what was purchased and who is managing it
Over-licensing and under-licensingBased on your analysis yoursquoll be prepared to discuss the customerrsquos current state with clear information on
places where they may be over-licensed or under-licensed Ensure that you are fully aware of the installation
or virtualization rights that your customerrsquos products may have via traditional product use rights Software Assurance (SA) Benefits or even via license grants documented in the Product List Use the findings to talk
about the benefits of being right-licensed and discuss the licensing options that are available to help them achieve proper licensing
Address any licensing shortfalls that have been identified and explain the steps the customer should take to
resolve their under-licensed position Typically the customer will follow their standard process and acquire
the shortfall through their reseller using their existing Volume Licensing (VL) agreement Agree on a timeline to resolve the shortfall ndash within thirty days of identification is a reasonable time period Help the customer by
connecting their licensing shortfalls to gaps in their SAM management processes highlighting areas of improvement Often shortfalls do relate to issues with inadequate existing SAM processes if processes had
been in place and carried out properly shortfalls would have been found earlier
The diagram below shows an example of over- and under-licensing and represents the basic information most companies will need to track as a starting point Organizations with additional complexities will need to
add additional fields to be complete
Baseline ReviewStep 3 Data analysis
16
Product
NameVersion Edition
License
TypeInstallations
Licensed
Quantity
License
Excess or
Shortfall
Office 2010 Professional FPP 14 12 -2
Office 2013Professional
PlusVL 25 25 0
Windows 7 Professional VL 20 25 5
Windows 8 Enterprise OEM 19 19 0
FPP = Full packaged product
OEM = Original equipment manufacturer
VL = Volume Licensing
License rights vary depending on the type of license
purchased
You may find that the customer is over-licensed in some areas They may have acquired more licenses than
necessary or be mistaken in their belief that software is being used If it is discovered that they are not using the product and if their license rights allow it recommend that they reassign the product to another
workload or move the product to the Cloud if the customer has License Mobility rights If the product is being used but there is a quantity mismatch or surplus advise them to adjust their purchases to match their
actual requirements If the customer has active Software Assurance there is the potential to step them up in
the situation where they may need additional licenses for a higher edition of a product
Baseline ReviewData analysis ndash SAM Assessment
A SAM Assessment is a review of the customerrsquos existing processes against the SAM Optimization Model
framework identifying improvement opportunities and associated ROI The SAM Optimization Model (SOM) is a framework developed by Microsoft that is aligned with Microsoft Infrastructure Optimization (IO) SOM
enables partners and customers to evaluate SAM effectively and objectively in order to help them manage
the life cycle of software assets with policies procedures tools and a vision for the future SOM provides an established set of criteria to help you make consistent SAM assessments and recommendations
Use this model to conduct an evaluation to determine how effectively your customer is managing software assets The results from the assessment will form the basis for guidance you will provide the customer with
ways to improve their SAM practices and a tailored road map to help them visualize the benefits and savings
at each stage of SAM optimization
SAM Optimization Model amp ISO SAMThe SAM Optimization framework serves as the foundation and guidance for preparing to implement an effective SAM program that supports alignment with ISO standards The model is based on the ISOIEC
19770-1 standard which is the gold standard for SAM processes It identifies ten KPIs that focus on key
processes an organization needs to follow to implement a SAM program The SAM Optimization Model is a stepping stone to accomplish a complete end-to-end SAM program as defined within ISOIEC 19770-1 which
outlines the requirements and certifications recommended for a comprehensive SAM program Adopting both frameworks will help ensure that customers accurately and strategically implement and manage a
successful ongoing SAM practice
ISO SAM Tier 4
ISO SAM Tier 3
ISO SAM Tier 2
ISO SAM Tier 1
3 Long-term focus
2 Subsequent focus
1 Initial focus
MS SOM Dynamic
MS SOM Standardized
MS SOM Basic
MS SOM Rationalized
Largely Equivalent
Largely Equivalent
asymp
asymp
17
The Microsoft SOM infrastructure optimization maturity levels are
Basic
Ad Hoc ndash Little control over what IT assets are being used and where Lacks policies procedures resources
and tools
Standardized
Tracking Assets ndash SAM processes exist as well as tooldata repository Information may not be complete and accurate and is typically not used for decision making
Rationalized
Active Management ndash Vision policies procedures and tools are used to manage the IT software asset lifecycle Reliable information used to manage the assets to business targets
Dynamic
Optimized ndash Near real-time alignment with changing business needs SAM is a strategic asset to overall
business objectives
Baseline ReviewData analysis - SAM Assessment
The first two levels Basic and Standardized are the initial focus points for an organization As organizations
increase their maturity they will progress up to Rationalized with the ultimate long-term goal of arriving at a Dynamic state The Rationalized level is similar to the ISO SAM Tier 1 in the ISO 19770 model and the
Dynamic level corresponds generally to the ISO SAM Tiers 2 3 and 4
For more information on the ISO model see ISOIEC 19770 -12012 ndash Information technology ndash Software
asset management ndash Part 1 Processes and tiered assessment of conformance
Standardized
SAM
Tracking Assets
SAM processes exist
as well as tooldata
repository
Information may not
be complete or
accurate and typically
not used for decision
making
Rationalized
SAM
Active Management
Vision policies
procedures and tools
are used to manage
the software asset
lifecycle
Reliable information
used to manage the
assets to business
targets
Dynamic
SAM
Optimized
Near real-time
alignment with
changing business
needs
Business competitive
advantage through
SAM
Basic
SAM
Ad Hoc
Little control over
which IT assets are
being used and
where
Lacks policies
procedures
resources and tools
18
SOM maturity levels and key competencies
The SOM Assessment is a systematic approach in which you compare Key Performance Indicators (KPIs)
found within the customerrsquos current environment against a defined model to determine a SAM maturity level The objective is to gain an understanding of the organizationrsquos overall SAM maturity highlight SAM strengths
and weaknesses and provide a roadmap for improvement
A SOM Assessment Report provides the customer with an assessment rating and SAM maturity level based
on answers to SAM policy and procedure questions asked throughout the engagement and captured in the
Microsoft SAM Assessment Report The report also provides recommendations at each stage of the model prioritizing the ones with the greatest impact for the customer
For each key competency area you will identify the sources of data that need to be gathered identify how to
evaluate the data and what is to be determined and then breakout the four maturity levels using the tipping
points for each level
Baseline ReviewData analysis - SAM Assessment
19
SAM Optimization Model ndash maturity levels
BASIC STANDARDIZED RATIONALIZED DYNAMIC
SAM ThroughoutOrganization
Project Managerassigned but SAM rolesamp responsibilities not
defined
Direct SAM responsibilityis identified throughoutorganization
Each functional groupactively manages SAM
SAM responsibilitiesdefined in job descriptionsacross organization
SAMImprovement Plan
No SAM development orcommunication plan
SAM plan is defined and approved
SAM Improvement is demonstrated
SAM goals part of executive scorecard Reviewed regularly
Hardware ampSoftware Inventory
No centralized inventoryor lt 68 assets in central inventory
gt 68-95 of assets in inventory
gt 95 - 98 of assets in Inventory
gt 99 of assets in inventory
Accuracy of InventoryManual inventory nodiscovery tools
Inventory sourcesreconciled annually
Inventory sourcesreconciled quarterly
Dynamic discovery tools provide near real-time deployment details
LicenseEntitlement Records
Procurement managescontracts not accessed byIT managers
Complete entitlementrecords exist acrossorganization
Entitlement recordsreconciled with vendorrecords
SAM entitlement system interfaces with vendor entitlement to track usage
Periodic EvaluationIT operations managed onad-hoc basis
Annual sign-off on SAM reports
Quarterly sign-off on SAM reports
System reconciliations and ITAM report available on demand
SAM OperationsMgmt amp Interfaces
SAM not considered partof MampA risk plan andcompany integration
Operations managesseparate asset inventories
Operations managesassociated assetinventory
All business units follow the same strategy processamp technology for SAM
Acquisition Process
Assets purchased on aper project basis withouta review of current
availability
Software purchases use approved vendors
Software purchases based on deployment entitlement
reconciliation
All purchases are made using a predefined assetcatalog based on metered
usage
Deployment Process
Assets deployed byend-users in distributedlocations no centralized IT
Only approved software is deployed
Software deploymentreports are accessible tostakeholders
Software is dynamically available to users on demand
Retirement Process
Software is retired withhardware and is notharvested or reassigned
Unused software isharvested (where the license allows) and
tracked within a centrally controlled inventory
Centrally controlledinventory of harvestedlicenses is maintained
amp available for reuseDeployment amp license
records are updated
Automated process wcentralized control amp tracking of all installed
software harvest optionsinternal reassignment
and disposal
As you assign the maturity level for each of the ten key competency areas note the customer may be at
different stages in the modelmdashmeaning some areas will be Basic while others are Dynamic or Rationalized Most customers will be in the Basic and Standardized maturity levels but you will see some areas (for
example Acquisition Process) that could be Rationalized or even Dynamic
SOM Workbook
The SOM Assessment Report Workbook is used to document the details on your maturity level assessment
ratings for each of the key competency areas The workbook provides a framework for your customer SAM
optimization review It will also enable you to capture the assessment ratings for each of the ten competency areas
Workbook contents
Within the workbook there is a tab for each competency In addition to the objectives and key questions
each tab contains a definition of the competency risk considerations guidance on how to evaluate the SAM optimization level and the final assessment rating for the specific competency You can also enter notes as
needed at the bottom of each tab
The lsquoSAM Assessment Reportrsquo tab provides the consolidated assessment ratings across all ten competencies
once they have been filled in by you From this tab you can save a copy of this summary information to email
to Microsoft by clicking the lsquoCreate Final Reportrsquo button Note You need to enable the Macro Option above in the Security Warning
The lsquoSAM Assessment Graphrsquo tab provides a graph based on the summary assessment data once it is all
collected
The last tab lsquoCompetency Rating Informationrsquo provides definitions for each competency and optimization
level along with additional assessment guidance
To get started Follow the directions on the ldquoGetting Startedrdquo section of the Introduction tab To set up the
workbook for the customer
1Enable the macros in the security options
2Enter the name of the Customer in cell lsquoF2rsquo
3Enter the Partner Name in cell lsquoF3rsquo
4Enter the Partner MSPP ID in cell lsquoF4rsquo
5Enter the OpportunityID or Agreement in cell lsquoF5rsquo
Baseline ReviewData analysis - SAM Assessment
20
Filling out the Workbook
Using the information you collect by questioning the customer and assessing their maturity level in each of
the ten competencies (both explained in more detail below) you will record an ldquoInitial Observationrdquo and an ldquoAssessment Ratingrdquo for each competency in the appropriate competency tab
bullThe lsquoAssessment Ratingrsquo is your analysis of the customerrsquos maturity for a particular key competency
bullThe lsquo(Initial) Observationsrsquo is supporting information on why you selected the lsquoAssessment Ratingrsquo
Baseline ReviewData analysis - SAM Assessment
The ldquoSAM Assessment Reportrdquo tab is organized by the key competencies and corresponding ISO categories
and the results Once all observations and ratings are recorded the information in the lsquoCurrent Optimizationrsquo columns are auto filled based on the lsquoAssessment Ratingrsquo you have selected as well as your Initial
Observation
21
Creating a final report
To create a final report select the ldquoCreate Final Reportrdquo button making sure that macros are enabled
Baseline ReviewData analysis - SAM Assessment
22
Results from the workbook are also provided back in the form of a graph on the SAM Assessment Graph tab
This is an example of what the output graph will look like
0
1
2
3
4
SAM
throughout
organization
SAM
improvement
plan
Hardware
and
software
inventory
Accuracy
of
inventory
License
entitlement
records
Periodic
self
evaluation
Operations
management
interfaces
Acquisition
process
Deployment
process
Retirement
process
Basic
Standardized
Rationalised
Dynamic
Baseline ReviewData analysis - SAM Assessment
23
DeliverablesUpon completion of this stage you can offer key best practices to improve the customerrsquos software asset management program going forward
ELP
Provides details related to license entitlements which are mapped to
deployments and identifies any gaps or underutilization in your organization
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
View sample report here
Final results
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an accurate point-in-time reflection of the customerrsquos current deployment and license position This data along
with the additional customer inputs will also provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application of license benefit and optimization rules (eg upgrades downgrades promotions etc)
bull Review of the Microsoft SAM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps for the customer
Additionally SAM must take into account the speed and ease with which new services can be provisioned configured and released This ease of implementation introduces organizational risks by decentralizing IT
services Because Cloud services appeal directly to business users the risk exists that these services may be
purchased outside the traditional software procurement and SAM processes
Deliverables
The following deliverables are due to the customer at the end of the engagement
bull A comprehensive view of the customer environment A document with details related to all
hardware and software currently deployed within the customerrsquos IT infrastructure
bull The Effective License Position (ELP) A spreadsheet that provides details related to license entitlements and deployments The spreadsheet must be produced using I-AM (Note Defined in
Deliverables to Microsoft) bull License Optimization Report This report must contain the risks liabilities and issues associated
with customerrsquos current licensing practices and prioritized recommendations on how to better
manage their licenses to minimize risks in the future The report could also contain but is not limited to
o Identification of all of the customerrsquos Volume License Agreements (VLAs) with Microsoft and a recommendation on any beneficial consolidation
o Consumption information detailing installed products that are unused or underutilized (eg
no use in last six months)o Recommendations for a repeatable simplified inventory collection process for future True-ups
(for Enterprise Agreement customers only)o Additional customer-specific recommendations based on captured data and insights
24
SAMSOFTWARE ASSET MANAGEMENT
Baseline
ReviewStep 4 Final recommendations
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
o A minimum of three (3) stakeholders must be interviewed representing decision-making roles
in the following departments Information Technology (IT) Procurement and Operationso Input must also include an interview or feedback from one (1) stakeholder for each location
andor division (if the customer has multiple locations andor divisions)
bull Current IT infrastructure and organization diagrams that include locations IT group names SAM tool(s) or supporting processes in place and stakeholder names
bull Location of software entitlement deployment and retirement records as well as level of access allowed
bull Office 365 and other Microsoft Online Services reservations and assignments
bull Any copies of recent SAM reports and SAM Self-Improvement Plans that have been created for internal stakeholders including any evidence of stakeholder and executive review and sign-off (if
available)
The partner will collect the following inputs from Microsoft
Microsoft License Statement (MLS) including Microsoft Product and Services Agreement (MPSA) data where
relevant
Discuss project and arrange access and resourcesBased on the preliminary information yoursquove gathered you can create a full SOW This plan will contain an outline for data collection and analysis a detailed list of deliverables and a timeline with deadlines This
establishes a customerrsquos expectations and your accountability
DeliverablesA Letter of Engagement is due to the customer and Microsoft at the beginning of the engagement This letter
provides the necessary Proof of Execution (PoE) in order for you to collect Channel Incentives payment
The letter must include at a minimum
bull A SOW for the engagement being performed including a list of all customer deliverables
bull Scope of the engagement including any scope limitations
bull Dates and timelinesbull Your project team members and their relevant Microsoft Certified Professional (MCP) credentials
bull A list of key contacts that must include names titles phone numbers and email addresses bull A planned disclosure of engagement deliverables to Microsoft
bull A statement explaining that data collected by you from the customerrsquos information system
environment is transferred to Microsoft and how Microsoft will use that data collected to generate reports necessary for you to effectuate the SAM services
bull Consent from the customer to transfer data to Microsoft any of its affiliates and to the subprocessors Microsoft may employ to generate the reports necessary for the SAM services
including consent to transfer personal Information to the United States and other countries where
Microsoftrsquos subprocessors are located ldquoPersonal Informationrdquo in this instance means any information provided by Microsoft or collected by you in connection with this agreement that (a) identifies or
can be used to identify contact or locate the person to whom such information pertains or (b) from which identification or contact information of an individual person can be derived Personal
Information includes but is not limited to name address phone number fax number and email
address Additionally to the extent any other information (such as but not necessarily limited to a personal profile unique identifier andor IP address) is associated or combined with Personal
Information then such information also will be considered Personal Information
Baseline ReviewStep 1 Planning
8
Baseline ReviewStep 1 Planning
9
bull The Microsoft SAM Engagement data usage and privacy information document (ie Data Usage
Guide) bull Reference to the Data Usage Guide where appropriate
The Letter of Engagement must be in writing and signed by an authorized representative of your organization
and the customer
You also must notify the Microsoft SAM Engagement Manager when the Letter of Engagement is uploaded into the required system as designated by Microsoft (currently CHIP)
Letter of Engagement Provides the customer with an overview of the SAM engagement
View sample report here
The objective of data collection is to develop a profile of the customerrsquos current Microsoft software in
their environment for analysis Within this discovery stage yoursquoll take inventory of the customerrsquos IT assets and licensing
This section contains a minimum list of required steps partners must take to ensure satisfactory levels of
completeness and accuracy to build the basis for the required analysis and customer deliverables Partners will ensure that all data collected will be stored securely and in accordance with the requirements set out in the I-
AM TOUs
There are two main categories of data collection 1) data related to the discovery and inventory of hardware
and software assets and the mapping to licensing entitlements to complete the EDP and ELP proof of
execution and 2) data related to the maturity level of the customerrsquos SAM policies procedures and practices to complete the SAM Optimization Model (SOM) Assessment proof of execution Partners must ensure that the
data collected is whole complete and accurate through validation with secondary data sources The data collection must cover the full scope of the customerrsquos enterprise and all Microsoft products deployed within
the environment Any deviation or change to this scope needs to be approved by Microsoft the partner and
customer
Yoursquoll want to secure a clear documented and shared understanding of the customerrsquos complete server estate
(physical and virtual) license management processes and practices offerings and use of Microsoft products datacenters and domains Within this stage yoursquoll acquire a documented license responsibility per
environment (internal dedicated co-located license mobility) and for the whole scope of the engagement
This will come prior to data analysis and formation of a report
Take inventory of IT assets and licensing
You need to prepare to take a full inventory of hardware and software deployments and licensing This assessment includes how the technology is being used and by whom You can accomplish this through
inventory tools questionnaires and stakeholder interviews Before you can move forward however you must
first work with the customer to establish the following parameters
bull Data collection requirements
bull Choosing the right tool
bull Scope inventory
bull Implementing the inventory tool
bull Gathering data
Data collection requirementsData coverage means the percentage of total devices for which all required installation data has been obtained Data coverage must reach at least 90 of all devices pertaining to this engagement Where devices
arenrsquot joined to the directory or network manual collection of data is acceptable (while maintaining the 90
data coverage requirement) Some specific guidance includes but is not limited to
Baseline
ReviewStep 2 Data collection
10
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewStep 2 Data collection
11
bull Data extract must be cross-referenced against a minimum of one (1) additional data source
including but not limited too Records from existing network performancesecurity monitoring and management tools
o Network management frameworks
o Virtual machine performance monitoringo Customer Human Resources (HR) records
o Security sources (anti-virus)bull All trust accounts must be extracted to ensure no domains are missed
bull Extraction of user accounts by group (if applicable eg for Citrix) Output includes a listing of user
objects and the AD Groups they belong tobull Identification of active users based upon the technique(s) employed by the customer (based on
output from Step 1)bull Complete extraction of data from the customerrsquos current management and inventory tools and the
calculation of current coverage levels of existing tool(s)
bull Inventory of any missing devices including but not limited to devices thato Do not report inventory
o Are non-networkedo Are unmanaged devices
bull Virtual environment mapping output includes
o Clusterso Physical hosts
o Virtual guests and virtual guest movement across physical hosts within the past 90 days to accurately calculate licensing needs for products such as Windows Server SQL Server etc
bull Identification of workstations and servers used by Microsoft Developer Network (MSDNreg)
subscribers Products installed on these devices will be identified and excluded if appropriate Facilitation of the identification of devices covered by MSDNreg subscriptions by employing various
methods such as determining preferred user for devices linking last logged-on user to devices or soliciting feedback from customer personnel that have an MSDNreg subscription (email template can
be provided) This step should be completed as early as possible in the data collection phase
bull For server products that can be licensed in multiple ways (eg serverCAL or per processor) the licensing metric applicable to each implementation must be identified
bull SQL Server output includeso Version and edition
o License type required for each SQL Server instance for customers with mixed licensing metric
(serverCAL per processor or per core)o Confirmation of passive SQL Servers assigned Failover Rights
bull Windows Server output includeso Server name
o Physical or virtual operating system environment
o Operating system version and editiono Processor and core information
bull System Center Server output includeso Server names
o Physical or virtual data
o Component (eg System Center Configuration Manager (SCCM) System Center Virtual Machine Manager (SCVMM) version and edition)
o Processor and core information
Baseline ReviewStep 2 Data collection
12
SOM Assessment
Complete the Microsoft SOM Assessment Report questions with answers provided by the customer through interviews
Choosing the right tool
With the right inventory tool you can collect a wide range of data points including software versions on-
premises software usage and an analysis of applications or services already running in the Cloud When choosing an inventory tool keep in mind that each tool supplier has its own process framework Tools donrsquot all
function the same way Using multiple tools helps discover and analyze the data and provide a more robust view of a customerrsquos environment While in some cases the customer may already have an inventory tracking
system other tools may be able to augment the types of data that the customerrsquos
tool collects
Some considerations to keep in mind when choosing or recommending an inventory tool
bull What inventory tools are already deployed within the organization What scope of the
environment do they cover What data points are they capable of capturing and reporting
bull Will deploying an agent-less or agent-based tool be more effective
bull What are the strengths and weaknesses of the tools being considered Will one or more of the tools
collect all required data pointsmdashhardware software virtualization details across a variety of hypervisors (Hyper-V VMwarereg and XenServerreg for example)
bull Is it optimal to deploy and monitor a tool remotely or on-premises
bull How will the tool gather data from PCs servers and mobile devices that connect to the network
remotely
bull If using an inventory tool that the customer already has in place make sure itrsquos configured correctly and can scan the full IT environment
bull Consider how the tool is licensed The optimal tool will collect the right data and align with the
customerrsquos budget whether the tool requires a license or subscription or is free
Scope of inventory
For any SAM engagement a standard best practice is to collect all relevant inventory and licensing data across all Windows-based computers in the environment For a SAM Baseline Review itrsquos important to consider the
minimum requirements based on customer goals For customers looking to move some or all of their applications to a web-client delivery solution such as Office 365 the inventory toolrsquos scope should cover all
clients and a subset of servers to assess if systems are ready for the various Office 365 offerings
You should also determine the scope of devices that contain data to be collected For customers running Active Directory Domain Services (or Directories in the case of multiple separate domainsforests) include in
scope all machines with Active Directory activity reported in the last 30 days (time frame can be adjusted
according to customer circumstances)
Implementing the inventory tool
The standard approach for deploying an inventory tool for a SAM Cloud Productivity engagement includes preparing the environment for scanning and data collection Use either a combination of available tools or
iterative scans to continually increase coverage rates
Baseline ReviewStep 2 Data collection
13
Agent-less toolsbull Understand domain network and firewall (as examples) considerations that can effect a toolrsquos
ability to access various portions of your customerrsquos environment
bull Open firewalls make firewall exceptions deploy Group Policy Objects and open specific ports to
ensure that the tool can access all the targeted machines
bull Agentless tools typically need to run multiple times especially at different times of the day and days of the week to catch the variety of users shifts and time zones depending on the
organization
Agent-based tools bull Ensure agents are communicating regularly so that data remains current
bull Ensure agents are deployed to the scope of target machines
bull With the right refresh and agent coverage data collection from an agent-based tool should be a single snapshot extractionmdashno additional iterations should be necessary with the right refresh
schedule and agent coverage
Gathering data
When collecting information consider taking the following actions
bull Ask the customer to confirm the full set of Microsoft products offered to end customers Compare
the results to the customerrsquos current product reporting (invoicing)bull Ask relevant questions regarding the customerrsquos environment that enable you to effectively plan
data collection from an infrastructure and stakeholder perspective By the end of this stage you
should have a clear picture of
o Environments
o Datacenterso Number of servers (physical and virtual per environmentcustomer)
o Deployment types
o Type of virtualization software in useo Software inventory tools in use
o Operations management software in useo Identification of other affiliates providing hosting services
o Microsoft products and versions in use and features enabled
o How servers and software are provisioned decommissioned and tracked o Dates when each server was put into production
o How the company manages user access
DeliverablesAt the conclusion of this stage yoursquoll create a set of reports that summarize your findings including the
following
View sample report here
The customer will have time to review and validate the preliminary reports and make final adjustments
EDPProvides details related to the customersrsquo Microsoft software
deployments and usage data
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an
accurate point-in-time reflection of the customerrsquos current deployment and license position This data along with the additional customer inputs will provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based
on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application
of license benefit and optimization rules (eg upgrades downgrades promotions etc)bull Review of the Microsoft SOM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps
for the customer
In addition work with your customer to identify over-licensed and under-licensed software and events that
might have led the customer to any inaccuracies Reconcile any licensing gaps and provide the customer with guidance on the best way to manage their software assets most effectively going forward
This third stage of a SAM engagement focuses on achieving the following
bull Review amp validate all collected data
bull Compare deployed assets to entitlements
bull Map to an optimized environment based on customer goals
bull Interpret inventory data
Review and validate all collected dataA SAM engagement helps identify and document all product deployments usage and license entitlements This includes combining the inventory data with other relevant data and information that may not be
discoverable with most tools such as your browser readiness for an Office 365 migration development needs to migrate workloads to Azure and relationships between on-premises systems and Cloud systems
Compare deployed assets to entitlementsOne key benefit of a SAM engagement is that it gives you a clear picture of a customerrsquos entire IT landscape
which you can then share with them This includes an accurate view of all of a customerrsquos license entitlements
By understanding these entitlements you can help customers identify over-licensed and under-licensed software so they can purchase any necessary additions to bridge licensing gaps The SAM Baseline
engagement will also help to identify any license gaps eligible to be right-licensed while moving to the Cloud This helps ensure that the customer is getting credit for everything they own
In addition the engagement helps highlight ways in which a subscription model can impact budgeting and
procurement taking into account direct indirect and hidden costs Discussions around a customerrsquos current licensing program and future needs will also help to identify the optimal Volume Licensing choices going
forward
Baseline
ReviewStep 3 Data analysis
14
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewStep 3 Data analysis
15
Map to an optimized environment based on customerrsquos goalsTo optimize results you have to take a holistic view of the customerrsquos current state and intended goal objectives level of willingness to move technical readiness and cost considerations These help determine the
optimal Cloud solution recommendation
Recommended areas of analysis for optimization include the following
bull Assess whether the customerrsquos appropriately licensed for their current deployment and usage state We
can then provide recommendations for the best licensing options to align with their future business plans
bull Analyze the customerrsquos SAM process and provide recommendations to develop or improve them in
support of ongoing optimization management and compliance
bull Determine whether systems are ready for Azure in their current configurations by identifying the Windows
operating system and SQL Server software versions currently running to see if they are supported in Azure You can find supported versions at Microsoft Server Software Support for Microsoft Azure Virtual
Machines
bull Size the systems being assessed to understand system utilization and anticipated resource needs in Azure Virtual Machines This requires collecting performance metrics not simply a single scan of how a machine
is running at a single point in time
Recommended metrics include the following
ndash Azure Virtual Machine size
ndash Estimated monthly usage
ndash Network use (GB)
ndash Storage use (GB)
bull Identify applications and services that are already running in the Cloud and consider the most effective way to manage those solutions For more detailed information on working with Microsoft Cloud
management solutions please read about the Enterprise Mobility Suite with Windows Intune Azure Active
Directory Premium and Azure Rights Management
bull Look for areas of potential risk pertaining to running older software that is out of date or past end of support In particular try and track the following information
ndash Devices not running updated software
ndash Devices running Windows XP
ndash Devices running Windows Server 2008
Interpret inventory databull When reviewing the inventory tool output look for anomalies such as client count results differing
greatly from the number of employees Question anything that seems unusual to ensure your analysis
is an accurate representation of the customerrsquos environment
bull Make sure you understand the relationships between on-premises systems (such as an employee database) and Cloud systems (such as payroll)
bull Be aware that inventory data for Cloud computing may be accessed delivered and managed differently
than data for on-premises solutions Data from the inventory tool should be combined with data from other sources (IT service management and finance for example) so informed decisions can be made
that reflect all aspects of moving workloads to the Cloud including the impact on total cost of
ownership and return on investment
ndash CPU utilization ()
ndash Memory utilization (MB)
ndash Disk IO utilization (IO operations per second)
ndash Network utilizationmdashinout (MB)
bull The customer needs to know who is managing what in order to inventory assets properly If the
organization is using a service provider clarify what was purchased and who is managing it
Over-licensing and under-licensingBased on your analysis yoursquoll be prepared to discuss the customerrsquos current state with clear information on
places where they may be over-licensed or under-licensed Ensure that you are fully aware of the installation
or virtualization rights that your customerrsquos products may have via traditional product use rights Software Assurance (SA) Benefits or even via license grants documented in the Product List Use the findings to talk
about the benefits of being right-licensed and discuss the licensing options that are available to help them achieve proper licensing
Address any licensing shortfalls that have been identified and explain the steps the customer should take to
resolve their under-licensed position Typically the customer will follow their standard process and acquire
the shortfall through their reseller using their existing Volume Licensing (VL) agreement Agree on a timeline to resolve the shortfall ndash within thirty days of identification is a reasonable time period Help the customer by
connecting their licensing shortfalls to gaps in their SAM management processes highlighting areas of improvement Often shortfalls do relate to issues with inadequate existing SAM processes if processes had
been in place and carried out properly shortfalls would have been found earlier
The diagram below shows an example of over- and under-licensing and represents the basic information most companies will need to track as a starting point Organizations with additional complexities will need to
add additional fields to be complete
Baseline ReviewStep 3 Data analysis
16
Product
NameVersion Edition
License
TypeInstallations
Licensed
Quantity
License
Excess or
Shortfall
Office 2010 Professional FPP 14 12 -2
Office 2013Professional
PlusVL 25 25 0
Windows 7 Professional VL 20 25 5
Windows 8 Enterprise OEM 19 19 0
FPP = Full packaged product
OEM = Original equipment manufacturer
VL = Volume Licensing
License rights vary depending on the type of license
purchased
You may find that the customer is over-licensed in some areas They may have acquired more licenses than
necessary or be mistaken in their belief that software is being used If it is discovered that they are not using the product and if their license rights allow it recommend that they reassign the product to another
workload or move the product to the Cloud if the customer has License Mobility rights If the product is being used but there is a quantity mismatch or surplus advise them to adjust their purchases to match their
actual requirements If the customer has active Software Assurance there is the potential to step them up in
the situation where they may need additional licenses for a higher edition of a product
Baseline ReviewData analysis ndash SAM Assessment
A SAM Assessment is a review of the customerrsquos existing processes against the SAM Optimization Model
framework identifying improvement opportunities and associated ROI The SAM Optimization Model (SOM) is a framework developed by Microsoft that is aligned with Microsoft Infrastructure Optimization (IO) SOM
enables partners and customers to evaluate SAM effectively and objectively in order to help them manage
the life cycle of software assets with policies procedures tools and a vision for the future SOM provides an established set of criteria to help you make consistent SAM assessments and recommendations
Use this model to conduct an evaluation to determine how effectively your customer is managing software assets The results from the assessment will form the basis for guidance you will provide the customer with
ways to improve their SAM practices and a tailored road map to help them visualize the benefits and savings
at each stage of SAM optimization
SAM Optimization Model amp ISO SAMThe SAM Optimization framework serves as the foundation and guidance for preparing to implement an effective SAM program that supports alignment with ISO standards The model is based on the ISOIEC
19770-1 standard which is the gold standard for SAM processes It identifies ten KPIs that focus on key
processes an organization needs to follow to implement a SAM program The SAM Optimization Model is a stepping stone to accomplish a complete end-to-end SAM program as defined within ISOIEC 19770-1 which
outlines the requirements and certifications recommended for a comprehensive SAM program Adopting both frameworks will help ensure that customers accurately and strategically implement and manage a
successful ongoing SAM practice
ISO SAM Tier 4
ISO SAM Tier 3
ISO SAM Tier 2
ISO SAM Tier 1
3 Long-term focus
2 Subsequent focus
1 Initial focus
MS SOM Dynamic
MS SOM Standardized
MS SOM Basic
MS SOM Rationalized
Largely Equivalent
Largely Equivalent
asymp
asymp
17
The Microsoft SOM infrastructure optimization maturity levels are
Basic
Ad Hoc ndash Little control over what IT assets are being used and where Lacks policies procedures resources
and tools
Standardized
Tracking Assets ndash SAM processes exist as well as tooldata repository Information may not be complete and accurate and is typically not used for decision making
Rationalized
Active Management ndash Vision policies procedures and tools are used to manage the IT software asset lifecycle Reliable information used to manage the assets to business targets
Dynamic
Optimized ndash Near real-time alignment with changing business needs SAM is a strategic asset to overall
business objectives
Baseline ReviewData analysis - SAM Assessment
The first two levels Basic and Standardized are the initial focus points for an organization As organizations
increase their maturity they will progress up to Rationalized with the ultimate long-term goal of arriving at a Dynamic state The Rationalized level is similar to the ISO SAM Tier 1 in the ISO 19770 model and the
Dynamic level corresponds generally to the ISO SAM Tiers 2 3 and 4
For more information on the ISO model see ISOIEC 19770 -12012 ndash Information technology ndash Software
asset management ndash Part 1 Processes and tiered assessment of conformance
Standardized
SAM
Tracking Assets
SAM processes exist
as well as tooldata
repository
Information may not
be complete or
accurate and typically
not used for decision
making
Rationalized
SAM
Active Management
Vision policies
procedures and tools
are used to manage
the software asset
lifecycle
Reliable information
used to manage the
assets to business
targets
Dynamic
SAM
Optimized
Near real-time
alignment with
changing business
needs
Business competitive
advantage through
SAM
Basic
SAM
Ad Hoc
Little control over
which IT assets are
being used and
where
Lacks policies
procedures
resources and tools
18
SOM maturity levels and key competencies
The SOM Assessment is a systematic approach in which you compare Key Performance Indicators (KPIs)
found within the customerrsquos current environment against a defined model to determine a SAM maturity level The objective is to gain an understanding of the organizationrsquos overall SAM maturity highlight SAM strengths
and weaknesses and provide a roadmap for improvement
A SOM Assessment Report provides the customer with an assessment rating and SAM maturity level based
on answers to SAM policy and procedure questions asked throughout the engagement and captured in the
Microsoft SAM Assessment Report The report also provides recommendations at each stage of the model prioritizing the ones with the greatest impact for the customer
For each key competency area you will identify the sources of data that need to be gathered identify how to
evaluate the data and what is to be determined and then breakout the four maturity levels using the tipping
points for each level
Baseline ReviewData analysis - SAM Assessment
19
SAM Optimization Model ndash maturity levels
BASIC STANDARDIZED RATIONALIZED DYNAMIC
SAM ThroughoutOrganization
Project Managerassigned but SAM rolesamp responsibilities not
defined
Direct SAM responsibilityis identified throughoutorganization
Each functional groupactively manages SAM
SAM responsibilitiesdefined in job descriptionsacross organization
SAMImprovement Plan
No SAM development orcommunication plan
SAM plan is defined and approved
SAM Improvement is demonstrated
SAM goals part of executive scorecard Reviewed regularly
Hardware ampSoftware Inventory
No centralized inventoryor lt 68 assets in central inventory
gt 68-95 of assets in inventory
gt 95 - 98 of assets in Inventory
gt 99 of assets in inventory
Accuracy of InventoryManual inventory nodiscovery tools
Inventory sourcesreconciled annually
Inventory sourcesreconciled quarterly
Dynamic discovery tools provide near real-time deployment details
LicenseEntitlement Records
Procurement managescontracts not accessed byIT managers
Complete entitlementrecords exist acrossorganization
Entitlement recordsreconciled with vendorrecords
SAM entitlement system interfaces with vendor entitlement to track usage
Periodic EvaluationIT operations managed onad-hoc basis
Annual sign-off on SAM reports
Quarterly sign-off on SAM reports
System reconciliations and ITAM report available on demand
SAM OperationsMgmt amp Interfaces
SAM not considered partof MampA risk plan andcompany integration
Operations managesseparate asset inventories
Operations managesassociated assetinventory
All business units follow the same strategy processamp technology for SAM
Acquisition Process
Assets purchased on aper project basis withouta review of current
availability
Software purchases use approved vendors
Software purchases based on deployment entitlement
reconciliation
All purchases are made using a predefined assetcatalog based on metered
usage
Deployment Process
Assets deployed byend-users in distributedlocations no centralized IT
Only approved software is deployed
Software deploymentreports are accessible tostakeholders
Software is dynamically available to users on demand
Retirement Process
Software is retired withhardware and is notharvested or reassigned
Unused software isharvested (where the license allows) and
tracked within a centrally controlled inventory
Centrally controlledinventory of harvestedlicenses is maintained
amp available for reuseDeployment amp license
records are updated
Automated process wcentralized control amp tracking of all installed
software harvest optionsinternal reassignment
and disposal
As you assign the maturity level for each of the ten key competency areas note the customer may be at
different stages in the modelmdashmeaning some areas will be Basic while others are Dynamic or Rationalized Most customers will be in the Basic and Standardized maturity levels but you will see some areas (for
example Acquisition Process) that could be Rationalized or even Dynamic
SOM Workbook
The SOM Assessment Report Workbook is used to document the details on your maturity level assessment
ratings for each of the key competency areas The workbook provides a framework for your customer SAM
optimization review It will also enable you to capture the assessment ratings for each of the ten competency areas
Workbook contents
Within the workbook there is a tab for each competency In addition to the objectives and key questions
each tab contains a definition of the competency risk considerations guidance on how to evaluate the SAM optimization level and the final assessment rating for the specific competency You can also enter notes as
needed at the bottom of each tab
The lsquoSAM Assessment Reportrsquo tab provides the consolidated assessment ratings across all ten competencies
once they have been filled in by you From this tab you can save a copy of this summary information to email
to Microsoft by clicking the lsquoCreate Final Reportrsquo button Note You need to enable the Macro Option above in the Security Warning
The lsquoSAM Assessment Graphrsquo tab provides a graph based on the summary assessment data once it is all
collected
The last tab lsquoCompetency Rating Informationrsquo provides definitions for each competency and optimization
level along with additional assessment guidance
To get started Follow the directions on the ldquoGetting Startedrdquo section of the Introduction tab To set up the
workbook for the customer
1Enable the macros in the security options
2Enter the name of the Customer in cell lsquoF2rsquo
3Enter the Partner Name in cell lsquoF3rsquo
4Enter the Partner MSPP ID in cell lsquoF4rsquo
5Enter the OpportunityID or Agreement in cell lsquoF5rsquo
Baseline ReviewData analysis - SAM Assessment
20
Filling out the Workbook
Using the information you collect by questioning the customer and assessing their maturity level in each of
the ten competencies (both explained in more detail below) you will record an ldquoInitial Observationrdquo and an ldquoAssessment Ratingrdquo for each competency in the appropriate competency tab
bullThe lsquoAssessment Ratingrsquo is your analysis of the customerrsquos maturity for a particular key competency
bullThe lsquo(Initial) Observationsrsquo is supporting information on why you selected the lsquoAssessment Ratingrsquo
Baseline ReviewData analysis - SAM Assessment
The ldquoSAM Assessment Reportrdquo tab is organized by the key competencies and corresponding ISO categories
and the results Once all observations and ratings are recorded the information in the lsquoCurrent Optimizationrsquo columns are auto filled based on the lsquoAssessment Ratingrsquo you have selected as well as your Initial
Observation
21
Creating a final report
To create a final report select the ldquoCreate Final Reportrdquo button making sure that macros are enabled
Baseline ReviewData analysis - SAM Assessment
22
Results from the workbook are also provided back in the form of a graph on the SAM Assessment Graph tab
This is an example of what the output graph will look like
0
1
2
3
4
SAM
throughout
organization
SAM
improvement
plan
Hardware
and
software
inventory
Accuracy
of
inventory
License
entitlement
records
Periodic
self
evaluation
Operations
management
interfaces
Acquisition
process
Deployment
process
Retirement
process
Basic
Standardized
Rationalised
Dynamic
Baseline ReviewData analysis - SAM Assessment
23
DeliverablesUpon completion of this stage you can offer key best practices to improve the customerrsquos software asset management program going forward
ELP
Provides details related to license entitlements which are mapped to
deployments and identifies any gaps or underutilization in your organization
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
View sample report here
Final results
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an accurate point-in-time reflection of the customerrsquos current deployment and license position This data along
with the additional customer inputs will also provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application of license benefit and optimization rules (eg upgrades downgrades promotions etc)
bull Review of the Microsoft SAM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps for the customer
Additionally SAM must take into account the speed and ease with which new services can be provisioned configured and released This ease of implementation introduces organizational risks by decentralizing IT
services Because Cloud services appeal directly to business users the risk exists that these services may be
purchased outside the traditional software procurement and SAM processes
Deliverables
The following deliverables are due to the customer at the end of the engagement
bull A comprehensive view of the customer environment A document with details related to all
hardware and software currently deployed within the customerrsquos IT infrastructure
bull The Effective License Position (ELP) A spreadsheet that provides details related to license entitlements and deployments The spreadsheet must be produced using I-AM (Note Defined in
Deliverables to Microsoft) bull License Optimization Report This report must contain the risks liabilities and issues associated
with customerrsquos current licensing practices and prioritized recommendations on how to better
manage their licenses to minimize risks in the future The report could also contain but is not limited to
o Identification of all of the customerrsquos Volume License Agreements (VLAs) with Microsoft and a recommendation on any beneficial consolidation
o Consumption information detailing installed products that are unused or underutilized (eg
no use in last six months)o Recommendations for a repeatable simplified inventory collection process for future True-ups
(for Enterprise Agreement customers only)o Additional customer-specific recommendations based on captured data and insights
24
SAMSOFTWARE ASSET MANAGEMENT
Baseline
ReviewStep 4 Final recommendations
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
Baseline ReviewStep 1 Planning
9
bull The Microsoft SAM Engagement data usage and privacy information document (ie Data Usage
Guide) bull Reference to the Data Usage Guide where appropriate
The Letter of Engagement must be in writing and signed by an authorized representative of your organization
and the customer
You also must notify the Microsoft SAM Engagement Manager when the Letter of Engagement is uploaded into the required system as designated by Microsoft (currently CHIP)
Letter of Engagement Provides the customer with an overview of the SAM engagement
View sample report here
The objective of data collection is to develop a profile of the customerrsquos current Microsoft software in
their environment for analysis Within this discovery stage yoursquoll take inventory of the customerrsquos IT assets and licensing
This section contains a minimum list of required steps partners must take to ensure satisfactory levels of
completeness and accuracy to build the basis for the required analysis and customer deliverables Partners will ensure that all data collected will be stored securely and in accordance with the requirements set out in the I-
AM TOUs
There are two main categories of data collection 1) data related to the discovery and inventory of hardware
and software assets and the mapping to licensing entitlements to complete the EDP and ELP proof of
execution and 2) data related to the maturity level of the customerrsquos SAM policies procedures and practices to complete the SAM Optimization Model (SOM) Assessment proof of execution Partners must ensure that the
data collected is whole complete and accurate through validation with secondary data sources The data collection must cover the full scope of the customerrsquos enterprise and all Microsoft products deployed within
the environment Any deviation or change to this scope needs to be approved by Microsoft the partner and
customer
Yoursquoll want to secure a clear documented and shared understanding of the customerrsquos complete server estate
(physical and virtual) license management processes and practices offerings and use of Microsoft products datacenters and domains Within this stage yoursquoll acquire a documented license responsibility per
environment (internal dedicated co-located license mobility) and for the whole scope of the engagement
This will come prior to data analysis and formation of a report
Take inventory of IT assets and licensing
You need to prepare to take a full inventory of hardware and software deployments and licensing This assessment includes how the technology is being used and by whom You can accomplish this through
inventory tools questionnaires and stakeholder interviews Before you can move forward however you must
first work with the customer to establish the following parameters
bull Data collection requirements
bull Choosing the right tool
bull Scope inventory
bull Implementing the inventory tool
bull Gathering data
Data collection requirementsData coverage means the percentage of total devices for which all required installation data has been obtained Data coverage must reach at least 90 of all devices pertaining to this engagement Where devices
arenrsquot joined to the directory or network manual collection of data is acceptable (while maintaining the 90
data coverage requirement) Some specific guidance includes but is not limited to
Baseline
ReviewStep 2 Data collection
10
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewStep 2 Data collection
11
bull Data extract must be cross-referenced against a minimum of one (1) additional data source
including but not limited too Records from existing network performancesecurity monitoring and management tools
o Network management frameworks
o Virtual machine performance monitoringo Customer Human Resources (HR) records
o Security sources (anti-virus)bull All trust accounts must be extracted to ensure no domains are missed
bull Extraction of user accounts by group (if applicable eg for Citrix) Output includes a listing of user
objects and the AD Groups they belong tobull Identification of active users based upon the technique(s) employed by the customer (based on
output from Step 1)bull Complete extraction of data from the customerrsquos current management and inventory tools and the
calculation of current coverage levels of existing tool(s)
bull Inventory of any missing devices including but not limited to devices thato Do not report inventory
o Are non-networkedo Are unmanaged devices
bull Virtual environment mapping output includes
o Clusterso Physical hosts
o Virtual guests and virtual guest movement across physical hosts within the past 90 days to accurately calculate licensing needs for products such as Windows Server SQL Server etc
bull Identification of workstations and servers used by Microsoft Developer Network (MSDNreg)
subscribers Products installed on these devices will be identified and excluded if appropriate Facilitation of the identification of devices covered by MSDNreg subscriptions by employing various
methods such as determining preferred user for devices linking last logged-on user to devices or soliciting feedback from customer personnel that have an MSDNreg subscription (email template can
be provided) This step should be completed as early as possible in the data collection phase
bull For server products that can be licensed in multiple ways (eg serverCAL or per processor) the licensing metric applicable to each implementation must be identified
bull SQL Server output includeso Version and edition
o License type required for each SQL Server instance for customers with mixed licensing metric
(serverCAL per processor or per core)o Confirmation of passive SQL Servers assigned Failover Rights
bull Windows Server output includeso Server name
o Physical or virtual operating system environment
o Operating system version and editiono Processor and core information
bull System Center Server output includeso Server names
o Physical or virtual data
o Component (eg System Center Configuration Manager (SCCM) System Center Virtual Machine Manager (SCVMM) version and edition)
o Processor and core information
Baseline ReviewStep 2 Data collection
12
SOM Assessment
Complete the Microsoft SOM Assessment Report questions with answers provided by the customer through interviews
Choosing the right tool
With the right inventory tool you can collect a wide range of data points including software versions on-
premises software usage and an analysis of applications or services already running in the Cloud When choosing an inventory tool keep in mind that each tool supplier has its own process framework Tools donrsquot all
function the same way Using multiple tools helps discover and analyze the data and provide a more robust view of a customerrsquos environment While in some cases the customer may already have an inventory tracking
system other tools may be able to augment the types of data that the customerrsquos
tool collects
Some considerations to keep in mind when choosing or recommending an inventory tool
bull What inventory tools are already deployed within the organization What scope of the
environment do they cover What data points are they capable of capturing and reporting
bull Will deploying an agent-less or agent-based tool be more effective
bull What are the strengths and weaknesses of the tools being considered Will one or more of the tools
collect all required data pointsmdashhardware software virtualization details across a variety of hypervisors (Hyper-V VMwarereg and XenServerreg for example)
bull Is it optimal to deploy and monitor a tool remotely or on-premises
bull How will the tool gather data from PCs servers and mobile devices that connect to the network
remotely
bull If using an inventory tool that the customer already has in place make sure itrsquos configured correctly and can scan the full IT environment
bull Consider how the tool is licensed The optimal tool will collect the right data and align with the
customerrsquos budget whether the tool requires a license or subscription or is free
Scope of inventory
For any SAM engagement a standard best practice is to collect all relevant inventory and licensing data across all Windows-based computers in the environment For a SAM Baseline Review itrsquos important to consider the
minimum requirements based on customer goals For customers looking to move some or all of their applications to a web-client delivery solution such as Office 365 the inventory toolrsquos scope should cover all
clients and a subset of servers to assess if systems are ready for the various Office 365 offerings
You should also determine the scope of devices that contain data to be collected For customers running Active Directory Domain Services (or Directories in the case of multiple separate domainsforests) include in
scope all machines with Active Directory activity reported in the last 30 days (time frame can be adjusted
according to customer circumstances)
Implementing the inventory tool
The standard approach for deploying an inventory tool for a SAM Cloud Productivity engagement includes preparing the environment for scanning and data collection Use either a combination of available tools or
iterative scans to continually increase coverage rates
Baseline ReviewStep 2 Data collection
13
Agent-less toolsbull Understand domain network and firewall (as examples) considerations that can effect a toolrsquos
ability to access various portions of your customerrsquos environment
bull Open firewalls make firewall exceptions deploy Group Policy Objects and open specific ports to
ensure that the tool can access all the targeted machines
bull Agentless tools typically need to run multiple times especially at different times of the day and days of the week to catch the variety of users shifts and time zones depending on the
organization
Agent-based tools bull Ensure agents are communicating regularly so that data remains current
bull Ensure agents are deployed to the scope of target machines
bull With the right refresh and agent coverage data collection from an agent-based tool should be a single snapshot extractionmdashno additional iterations should be necessary with the right refresh
schedule and agent coverage
Gathering data
When collecting information consider taking the following actions
bull Ask the customer to confirm the full set of Microsoft products offered to end customers Compare
the results to the customerrsquos current product reporting (invoicing)bull Ask relevant questions regarding the customerrsquos environment that enable you to effectively plan
data collection from an infrastructure and stakeholder perspective By the end of this stage you
should have a clear picture of
o Environments
o Datacenterso Number of servers (physical and virtual per environmentcustomer)
o Deployment types
o Type of virtualization software in useo Software inventory tools in use
o Operations management software in useo Identification of other affiliates providing hosting services
o Microsoft products and versions in use and features enabled
o How servers and software are provisioned decommissioned and tracked o Dates when each server was put into production
o How the company manages user access
DeliverablesAt the conclusion of this stage yoursquoll create a set of reports that summarize your findings including the
following
View sample report here
The customer will have time to review and validate the preliminary reports and make final adjustments
EDPProvides details related to the customersrsquo Microsoft software
deployments and usage data
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an
accurate point-in-time reflection of the customerrsquos current deployment and license position This data along with the additional customer inputs will provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based
on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application
of license benefit and optimization rules (eg upgrades downgrades promotions etc)bull Review of the Microsoft SOM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps
for the customer
In addition work with your customer to identify over-licensed and under-licensed software and events that
might have led the customer to any inaccuracies Reconcile any licensing gaps and provide the customer with guidance on the best way to manage their software assets most effectively going forward
This third stage of a SAM engagement focuses on achieving the following
bull Review amp validate all collected data
bull Compare deployed assets to entitlements
bull Map to an optimized environment based on customer goals
bull Interpret inventory data
Review and validate all collected dataA SAM engagement helps identify and document all product deployments usage and license entitlements This includes combining the inventory data with other relevant data and information that may not be
discoverable with most tools such as your browser readiness for an Office 365 migration development needs to migrate workloads to Azure and relationships between on-premises systems and Cloud systems
Compare deployed assets to entitlementsOne key benefit of a SAM engagement is that it gives you a clear picture of a customerrsquos entire IT landscape
which you can then share with them This includes an accurate view of all of a customerrsquos license entitlements
By understanding these entitlements you can help customers identify over-licensed and under-licensed software so they can purchase any necessary additions to bridge licensing gaps The SAM Baseline
engagement will also help to identify any license gaps eligible to be right-licensed while moving to the Cloud This helps ensure that the customer is getting credit for everything they own
In addition the engagement helps highlight ways in which a subscription model can impact budgeting and
procurement taking into account direct indirect and hidden costs Discussions around a customerrsquos current licensing program and future needs will also help to identify the optimal Volume Licensing choices going
forward
Baseline
ReviewStep 3 Data analysis
14
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewStep 3 Data analysis
15
Map to an optimized environment based on customerrsquos goalsTo optimize results you have to take a holistic view of the customerrsquos current state and intended goal objectives level of willingness to move technical readiness and cost considerations These help determine the
optimal Cloud solution recommendation
Recommended areas of analysis for optimization include the following
bull Assess whether the customerrsquos appropriately licensed for their current deployment and usage state We
can then provide recommendations for the best licensing options to align with their future business plans
bull Analyze the customerrsquos SAM process and provide recommendations to develop or improve them in
support of ongoing optimization management and compliance
bull Determine whether systems are ready for Azure in their current configurations by identifying the Windows
operating system and SQL Server software versions currently running to see if they are supported in Azure You can find supported versions at Microsoft Server Software Support for Microsoft Azure Virtual
Machines
bull Size the systems being assessed to understand system utilization and anticipated resource needs in Azure Virtual Machines This requires collecting performance metrics not simply a single scan of how a machine
is running at a single point in time
Recommended metrics include the following
ndash Azure Virtual Machine size
ndash Estimated monthly usage
ndash Network use (GB)
ndash Storage use (GB)
bull Identify applications and services that are already running in the Cloud and consider the most effective way to manage those solutions For more detailed information on working with Microsoft Cloud
management solutions please read about the Enterprise Mobility Suite with Windows Intune Azure Active
Directory Premium and Azure Rights Management
bull Look for areas of potential risk pertaining to running older software that is out of date or past end of support In particular try and track the following information
ndash Devices not running updated software
ndash Devices running Windows XP
ndash Devices running Windows Server 2008
Interpret inventory databull When reviewing the inventory tool output look for anomalies such as client count results differing
greatly from the number of employees Question anything that seems unusual to ensure your analysis
is an accurate representation of the customerrsquos environment
bull Make sure you understand the relationships between on-premises systems (such as an employee database) and Cloud systems (such as payroll)
bull Be aware that inventory data for Cloud computing may be accessed delivered and managed differently
than data for on-premises solutions Data from the inventory tool should be combined with data from other sources (IT service management and finance for example) so informed decisions can be made
that reflect all aspects of moving workloads to the Cloud including the impact on total cost of
ownership and return on investment
ndash CPU utilization ()
ndash Memory utilization (MB)
ndash Disk IO utilization (IO operations per second)
ndash Network utilizationmdashinout (MB)
bull The customer needs to know who is managing what in order to inventory assets properly If the
organization is using a service provider clarify what was purchased and who is managing it
Over-licensing and under-licensingBased on your analysis yoursquoll be prepared to discuss the customerrsquos current state with clear information on
places where they may be over-licensed or under-licensed Ensure that you are fully aware of the installation
or virtualization rights that your customerrsquos products may have via traditional product use rights Software Assurance (SA) Benefits or even via license grants documented in the Product List Use the findings to talk
about the benefits of being right-licensed and discuss the licensing options that are available to help them achieve proper licensing
Address any licensing shortfalls that have been identified and explain the steps the customer should take to
resolve their under-licensed position Typically the customer will follow their standard process and acquire
the shortfall through their reseller using their existing Volume Licensing (VL) agreement Agree on a timeline to resolve the shortfall ndash within thirty days of identification is a reasonable time period Help the customer by
connecting their licensing shortfalls to gaps in their SAM management processes highlighting areas of improvement Often shortfalls do relate to issues with inadequate existing SAM processes if processes had
been in place and carried out properly shortfalls would have been found earlier
The diagram below shows an example of over- and under-licensing and represents the basic information most companies will need to track as a starting point Organizations with additional complexities will need to
add additional fields to be complete
Baseline ReviewStep 3 Data analysis
16
Product
NameVersion Edition
License
TypeInstallations
Licensed
Quantity
License
Excess or
Shortfall
Office 2010 Professional FPP 14 12 -2
Office 2013Professional
PlusVL 25 25 0
Windows 7 Professional VL 20 25 5
Windows 8 Enterprise OEM 19 19 0
FPP = Full packaged product
OEM = Original equipment manufacturer
VL = Volume Licensing
License rights vary depending on the type of license
purchased
You may find that the customer is over-licensed in some areas They may have acquired more licenses than
necessary or be mistaken in their belief that software is being used If it is discovered that they are not using the product and if their license rights allow it recommend that they reassign the product to another
workload or move the product to the Cloud if the customer has License Mobility rights If the product is being used but there is a quantity mismatch or surplus advise them to adjust their purchases to match their
actual requirements If the customer has active Software Assurance there is the potential to step them up in
the situation where they may need additional licenses for a higher edition of a product
Baseline ReviewData analysis ndash SAM Assessment
A SAM Assessment is a review of the customerrsquos existing processes against the SAM Optimization Model
framework identifying improvement opportunities and associated ROI The SAM Optimization Model (SOM) is a framework developed by Microsoft that is aligned with Microsoft Infrastructure Optimization (IO) SOM
enables partners and customers to evaluate SAM effectively and objectively in order to help them manage
the life cycle of software assets with policies procedures tools and a vision for the future SOM provides an established set of criteria to help you make consistent SAM assessments and recommendations
Use this model to conduct an evaluation to determine how effectively your customer is managing software assets The results from the assessment will form the basis for guidance you will provide the customer with
ways to improve their SAM practices and a tailored road map to help them visualize the benefits and savings
at each stage of SAM optimization
SAM Optimization Model amp ISO SAMThe SAM Optimization framework serves as the foundation and guidance for preparing to implement an effective SAM program that supports alignment with ISO standards The model is based on the ISOIEC
19770-1 standard which is the gold standard for SAM processes It identifies ten KPIs that focus on key
processes an organization needs to follow to implement a SAM program The SAM Optimization Model is a stepping stone to accomplish a complete end-to-end SAM program as defined within ISOIEC 19770-1 which
outlines the requirements and certifications recommended for a comprehensive SAM program Adopting both frameworks will help ensure that customers accurately and strategically implement and manage a
successful ongoing SAM practice
ISO SAM Tier 4
ISO SAM Tier 3
ISO SAM Tier 2
ISO SAM Tier 1
3 Long-term focus
2 Subsequent focus
1 Initial focus
MS SOM Dynamic
MS SOM Standardized
MS SOM Basic
MS SOM Rationalized
Largely Equivalent
Largely Equivalent
asymp
asymp
17
The Microsoft SOM infrastructure optimization maturity levels are
Basic
Ad Hoc ndash Little control over what IT assets are being used and where Lacks policies procedures resources
and tools
Standardized
Tracking Assets ndash SAM processes exist as well as tooldata repository Information may not be complete and accurate and is typically not used for decision making
Rationalized
Active Management ndash Vision policies procedures and tools are used to manage the IT software asset lifecycle Reliable information used to manage the assets to business targets
Dynamic
Optimized ndash Near real-time alignment with changing business needs SAM is a strategic asset to overall
business objectives
Baseline ReviewData analysis - SAM Assessment
The first two levels Basic and Standardized are the initial focus points for an organization As organizations
increase their maturity they will progress up to Rationalized with the ultimate long-term goal of arriving at a Dynamic state The Rationalized level is similar to the ISO SAM Tier 1 in the ISO 19770 model and the
Dynamic level corresponds generally to the ISO SAM Tiers 2 3 and 4
For more information on the ISO model see ISOIEC 19770 -12012 ndash Information technology ndash Software
asset management ndash Part 1 Processes and tiered assessment of conformance
Standardized
SAM
Tracking Assets
SAM processes exist
as well as tooldata
repository
Information may not
be complete or
accurate and typically
not used for decision
making
Rationalized
SAM
Active Management
Vision policies
procedures and tools
are used to manage
the software asset
lifecycle
Reliable information
used to manage the
assets to business
targets
Dynamic
SAM
Optimized
Near real-time
alignment with
changing business
needs
Business competitive
advantage through
SAM
Basic
SAM
Ad Hoc
Little control over
which IT assets are
being used and
where
Lacks policies
procedures
resources and tools
18
SOM maturity levels and key competencies
The SOM Assessment is a systematic approach in which you compare Key Performance Indicators (KPIs)
found within the customerrsquos current environment against a defined model to determine a SAM maturity level The objective is to gain an understanding of the organizationrsquos overall SAM maturity highlight SAM strengths
and weaknesses and provide a roadmap for improvement
A SOM Assessment Report provides the customer with an assessment rating and SAM maturity level based
on answers to SAM policy and procedure questions asked throughout the engagement and captured in the
Microsoft SAM Assessment Report The report also provides recommendations at each stage of the model prioritizing the ones with the greatest impact for the customer
For each key competency area you will identify the sources of data that need to be gathered identify how to
evaluate the data and what is to be determined and then breakout the four maturity levels using the tipping
points for each level
Baseline ReviewData analysis - SAM Assessment
19
SAM Optimization Model ndash maturity levels
BASIC STANDARDIZED RATIONALIZED DYNAMIC
SAM ThroughoutOrganization
Project Managerassigned but SAM rolesamp responsibilities not
defined
Direct SAM responsibilityis identified throughoutorganization
Each functional groupactively manages SAM
SAM responsibilitiesdefined in job descriptionsacross organization
SAMImprovement Plan
No SAM development orcommunication plan
SAM plan is defined and approved
SAM Improvement is demonstrated
SAM goals part of executive scorecard Reviewed regularly
Hardware ampSoftware Inventory
No centralized inventoryor lt 68 assets in central inventory
gt 68-95 of assets in inventory
gt 95 - 98 of assets in Inventory
gt 99 of assets in inventory
Accuracy of InventoryManual inventory nodiscovery tools
Inventory sourcesreconciled annually
Inventory sourcesreconciled quarterly
Dynamic discovery tools provide near real-time deployment details
LicenseEntitlement Records
Procurement managescontracts not accessed byIT managers
Complete entitlementrecords exist acrossorganization
Entitlement recordsreconciled with vendorrecords
SAM entitlement system interfaces with vendor entitlement to track usage
Periodic EvaluationIT operations managed onad-hoc basis
Annual sign-off on SAM reports
Quarterly sign-off on SAM reports
System reconciliations and ITAM report available on demand
SAM OperationsMgmt amp Interfaces
SAM not considered partof MampA risk plan andcompany integration
Operations managesseparate asset inventories
Operations managesassociated assetinventory
All business units follow the same strategy processamp technology for SAM
Acquisition Process
Assets purchased on aper project basis withouta review of current
availability
Software purchases use approved vendors
Software purchases based on deployment entitlement
reconciliation
All purchases are made using a predefined assetcatalog based on metered
usage
Deployment Process
Assets deployed byend-users in distributedlocations no centralized IT
Only approved software is deployed
Software deploymentreports are accessible tostakeholders
Software is dynamically available to users on demand
Retirement Process
Software is retired withhardware and is notharvested or reassigned
Unused software isharvested (where the license allows) and
tracked within a centrally controlled inventory
Centrally controlledinventory of harvestedlicenses is maintained
amp available for reuseDeployment amp license
records are updated
Automated process wcentralized control amp tracking of all installed
software harvest optionsinternal reassignment
and disposal
As you assign the maturity level for each of the ten key competency areas note the customer may be at
different stages in the modelmdashmeaning some areas will be Basic while others are Dynamic or Rationalized Most customers will be in the Basic and Standardized maturity levels but you will see some areas (for
example Acquisition Process) that could be Rationalized or even Dynamic
SOM Workbook
The SOM Assessment Report Workbook is used to document the details on your maturity level assessment
ratings for each of the key competency areas The workbook provides a framework for your customer SAM
optimization review It will also enable you to capture the assessment ratings for each of the ten competency areas
Workbook contents
Within the workbook there is a tab for each competency In addition to the objectives and key questions
each tab contains a definition of the competency risk considerations guidance on how to evaluate the SAM optimization level and the final assessment rating for the specific competency You can also enter notes as
needed at the bottom of each tab
The lsquoSAM Assessment Reportrsquo tab provides the consolidated assessment ratings across all ten competencies
once they have been filled in by you From this tab you can save a copy of this summary information to email
to Microsoft by clicking the lsquoCreate Final Reportrsquo button Note You need to enable the Macro Option above in the Security Warning
The lsquoSAM Assessment Graphrsquo tab provides a graph based on the summary assessment data once it is all
collected
The last tab lsquoCompetency Rating Informationrsquo provides definitions for each competency and optimization
level along with additional assessment guidance
To get started Follow the directions on the ldquoGetting Startedrdquo section of the Introduction tab To set up the
workbook for the customer
1Enable the macros in the security options
2Enter the name of the Customer in cell lsquoF2rsquo
3Enter the Partner Name in cell lsquoF3rsquo
4Enter the Partner MSPP ID in cell lsquoF4rsquo
5Enter the OpportunityID or Agreement in cell lsquoF5rsquo
Baseline ReviewData analysis - SAM Assessment
20
Filling out the Workbook
Using the information you collect by questioning the customer and assessing their maturity level in each of
the ten competencies (both explained in more detail below) you will record an ldquoInitial Observationrdquo and an ldquoAssessment Ratingrdquo for each competency in the appropriate competency tab
bullThe lsquoAssessment Ratingrsquo is your analysis of the customerrsquos maturity for a particular key competency
bullThe lsquo(Initial) Observationsrsquo is supporting information on why you selected the lsquoAssessment Ratingrsquo
Baseline ReviewData analysis - SAM Assessment
The ldquoSAM Assessment Reportrdquo tab is organized by the key competencies and corresponding ISO categories
and the results Once all observations and ratings are recorded the information in the lsquoCurrent Optimizationrsquo columns are auto filled based on the lsquoAssessment Ratingrsquo you have selected as well as your Initial
Observation
21
Creating a final report
To create a final report select the ldquoCreate Final Reportrdquo button making sure that macros are enabled
Baseline ReviewData analysis - SAM Assessment
22
Results from the workbook are also provided back in the form of a graph on the SAM Assessment Graph tab
This is an example of what the output graph will look like
0
1
2
3
4
SAM
throughout
organization
SAM
improvement
plan
Hardware
and
software
inventory
Accuracy
of
inventory
License
entitlement
records
Periodic
self
evaluation
Operations
management
interfaces
Acquisition
process
Deployment
process
Retirement
process
Basic
Standardized
Rationalised
Dynamic
Baseline ReviewData analysis - SAM Assessment
23
DeliverablesUpon completion of this stage you can offer key best practices to improve the customerrsquos software asset management program going forward
ELP
Provides details related to license entitlements which are mapped to
deployments and identifies any gaps or underutilization in your organization
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
View sample report here
Final results
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an accurate point-in-time reflection of the customerrsquos current deployment and license position This data along
with the additional customer inputs will also provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application of license benefit and optimization rules (eg upgrades downgrades promotions etc)
bull Review of the Microsoft SAM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps for the customer
Additionally SAM must take into account the speed and ease with which new services can be provisioned configured and released This ease of implementation introduces organizational risks by decentralizing IT
services Because Cloud services appeal directly to business users the risk exists that these services may be
purchased outside the traditional software procurement and SAM processes
Deliverables
The following deliverables are due to the customer at the end of the engagement
bull A comprehensive view of the customer environment A document with details related to all
hardware and software currently deployed within the customerrsquos IT infrastructure
bull The Effective License Position (ELP) A spreadsheet that provides details related to license entitlements and deployments The spreadsheet must be produced using I-AM (Note Defined in
Deliverables to Microsoft) bull License Optimization Report This report must contain the risks liabilities and issues associated
with customerrsquos current licensing practices and prioritized recommendations on how to better
manage their licenses to minimize risks in the future The report could also contain but is not limited to
o Identification of all of the customerrsquos Volume License Agreements (VLAs) with Microsoft and a recommendation on any beneficial consolidation
o Consumption information detailing installed products that are unused or underutilized (eg
no use in last six months)o Recommendations for a repeatable simplified inventory collection process for future True-ups
(for Enterprise Agreement customers only)o Additional customer-specific recommendations based on captured data and insights
24
SAMSOFTWARE ASSET MANAGEMENT
Baseline
ReviewStep 4 Final recommendations
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
The objective of data collection is to develop a profile of the customerrsquos current Microsoft software in
their environment for analysis Within this discovery stage yoursquoll take inventory of the customerrsquos IT assets and licensing
This section contains a minimum list of required steps partners must take to ensure satisfactory levels of
completeness and accuracy to build the basis for the required analysis and customer deliverables Partners will ensure that all data collected will be stored securely and in accordance with the requirements set out in the I-
AM TOUs
There are two main categories of data collection 1) data related to the discovery and inventory of hardware
and software assets and the mapping to licensing entitlements to complete the EDP and ELP proof of
execution and 2) data related to the maturity level of the customerrsquos SAM policies procedures and practices to complete the SAM Optimization Model (SOM) Assessment proof of execution Partners must ensure that the
data collected is whole complete and accurate through validation with secondary data sources The data collection must cover the full scope of the customerrsquos enterprise and all Microsoft products deployed within
the environment Any deviation or change to this scope needs to be approved by Microsoft the partner and
customer
Yoursquoll want to secure a clear documented and shared understanding of the customerrsquos complete server estate
(physical and virtual) license management processes and practices offerings and use of Microsoft products datacenters and domains Within this stage yoursquoll acquire a documented license responsibility per
environment (internal dedicated co-located license mobility) and for the whole scope of the engagement
This will come prior to data analysis and formation of a report
Take inventory of IT assets and licensing
You need to prepare to take a full inventory of hardware and software deployments and licensing This assessment includes how the technology is being used and by whom You can accomplish this through
inventory tools questionnaires and stakeholder interviews Before you can move forward however you must
first work with the customer to establish the following parameters
bull Data collection requirements
bull Choosing the right tool
bull Scope inventory
bull Implementing the inventory tool
bull Gathering data
Data collection requirementsData coverage means the percentage of total devices for which all required installation data has been obtained Data coverage must reach at least 90 of all devices pertaining to this engagement Where devices
arenrsquot joined to the directory or network manual collection of data is acceptable (while maintaining the 90
data coverage requirement) Some specific guidance includes but is not limited to
Baseline
ReviewStep 2 Data collection
10
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewStep 2 Data collection
11
bull Data extract must be cross-referenced against a minimum of one (1) additional data source
including but not limited too Records from existing network performancesecurity monitoring and management tools
o Network management frameworks
o Virtual machine performance monitoringo Customer Human Resources (HR) records
o Security sources (anti-virus)bull All trust accounts must be extracted to ensure no domains are missed
bull Extraction of user accounts by group (if applicable eg for Citrix) Output includes a listing of user
objects and the AD Groups they belong tobull Identification of active users based upon the technique(s) employed by the customer (based on
output from Step 1)bull Complete extraction of data from the customerrsquos current management and inventory tools and the
calculation of current coverage levels of existing tool(s)
bull Inventory of any missing devices including but not limited to devices thato Do not report inventory
o Are non-networkedo Are unmanaged devices
bull Virtual environment mapping output includes
o Clusterso Physical hosts
o Virtual guests and virtual guest movement across physical hosts within the past 90 days to accurately calculate licensing needs for products such as Windows Server SQL Server etc
bull Identification of workstations and servers used by Microsoft Developer Network (MSDNreg)
subscribers Products installed on these devices will be identified and excluded if appropriate Facilitation of the identification of devices covered by MSDNreg subscriptions by employing various
methods such as determining preferred user for devices linking last logged-on user to devices or soliciting feedback from customer personnel that have an MSDNreg subscription (email template can
be provided) This step should be completed as early as possible in the data collection phase
bull For server products that can be licensed in multiple ways (eg serverCAL or per processor) the licensing metric applicable to each implementation must be identified
bull SQL Server output includeso Version and edition
o License type required for each SQL Server instance for customers with mixed licensing metric
(serverCAL per processor or per core)o Confirmation of passive SQL Servers assigned Failover Rights
bull Windows Server output includeso Server name
o Physical or virtual operating system environment
o Operating system version and editiono Processor and core information
bull System Center Server output includeso Server names
o Physical or virtual data
o Component (eg System Center Configuration Manager (SCCM) System Center Virtual Machine Manager (SCVMM) version and edition)
o Processor and core information
Baseline ReviewStep 2 Data collection
12
SOM Assessment
Complete the Microsoft SOM Assessment Report questions with answers provided by the customer through interviews
Choosing the right tool
With the right inventory tool you can collect a wide range of data points including software versions on-
premises software usage and an analysis of applications or services already running in the Cloud When choosing an inventory tool keep in mind that each tool supplier has its own process framework Tools donrsquot all
function the same way Using multiple tools helps discover and analyze the data and provide a more robust view of a customerrsquos environment While in some cases the customer may already have an inventory tracking
system other tools may be able to augment the types of data that the customerrsquos
tool collects
Some considerations to keep in mind when choosing or recommending an inventory tool
bull What inventory tools are already deployed within the organization What scope of the
environment do they cover What data points are they capable of capturing and reporting
bull Will deploying an agent-less or agent-based tool be more effective
bull What are the strengths and weaknesses of the tools being considered Will one or more of the tools
collect all required data pointsmdashhardware software virtualization details across a variety of hypervisors (Hyper-V VMwarereg and XenServerreg for example)
bull Is it optimal to deploy and monitor a tool remotely or on-premises
bull How will the tool gather data from PCs servers and mobile devices that connect to the network
remotely
bull If using an inventory tool that the customer already has in place make sure itrsquos configured correctly and can scan the full IT environment
bull Consider how the tool is licensed The optimal tool will collect the right data and align with the
customerrsquos budget whether the tool requires a license or subscription or is free
Scope of inventory
For any SAM engagement a standard best practice is to collect all relevant inventory and licensing data across all Windows-based computers in the environment For a SAM Baseline Review itrsquos important to consider the
minimum requirements based on customer goals For customers looking to move some or all of their applications to a web-client delivery solution such as Office 365 the inventory toolrsquos scope should cover all
clients and a subset of servers to assess if systems are ready for the various Office 365 offerings
You should also determine the scope of devices that contain data to be collected For customers running Active Directory Domain Services (or Directories in the case of multiple separate domainsforests) include in
scope all machines with Active Directory activity reported in the last 30 days (time frame can be adjusted
according to customer circumstances)
Implementing the inventory tool
The standard approach for deploying an inventory tool for a SAM Cloud Productivity engagement includes preparing the environment for scanning and data collection Use either a combination of available tools or
iterative scans to continually increase coverage rates
Baseline ReviewStep 2 Data collection
13
Agent-less toolsbull Understand domain network and firewall (as examples) considerations that can effect a toolrsquos
ability to access various portions of your customerrsquos environment
bull Open firewalls make firewall exceptions deploy Group Policy Objects and open specific ports to
ensure that the tool can access all the targeted machines
bull Agentless tools typically need to run multiple times especially at different times of the day and days of the week to catch the variety of users shifts and time zones depending on the
organization
Agent-based tools bull Ensure agents are communicating regularly so that data remains current
bull Ensure agents are deployed to the scope of target machines
bull With the right refresh and agent coverage data collection from an agent-based tool should be a single snapshot extractionmdashno additional iterations should be necessary with the right refresh
schedule and agent coverage
Gathering data
When collecting information consider taking the following actions
bull Ask the customer to confirm the full set of Microsoft products offered to end customers Compare
the results to the customerrsquos current product reporting (invoicing)bull Ask relevant questions regarding the customerrsquos environment that enable you to effectively plan
data collection from an infrastructure and stakeholder perspective By the end of this stage you
should have a clear picture of
o Environments
o Datacenterso Number of servers (physical and virtual per environmentcustomer)
o Deployment types
o Type of virtualization software in useo Software inventory tools in use
o Operations management software in useo Identification of other affiliates providing hosting services
o Microsoft products and versions in use and features enabled
o How servers and software are provisioned decommissioned and tracked o Dates when each server was put into production
o How the company manages user access
DeliverablesAt the conclusion of this stage yoursquoll create a set of reports that summarize your findings including the
following
View sample report here
The customer will have time to review and validate the preliminary reports and make final adjustments
EDPProvides details related to the customersrsquo Microsoft software
deployments and usage data
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an
accurate point-in-time reflection of the customerrsquos current deployment and license position This data along with the additional customer inputs will provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based
on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application
of license benefit and optimization rules (eg upgrades downgrades promotions etc)bull Review of the Microsoft SOM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps
for the customer
In addition work with your customer to identify over-licensed and under-licensed software and events that
might have led the customer to any inaccuracies Reconcile any licensing gaps and provide the customer with guidance on the best way to manage their software assets most effectively going forward
This third stage of a SAM engagement focuses on achieving the following
bull Review amp validate all collected data
bull Compare deployed assets to entitlements
bull Map to an optimized environment based on customer goals
bull Interpret inventory data
Review and validate all collected dataA SAM engagement helps identify and document all product deployments usage and license entitlements This includes combining the inventory data with other relevant data and information that may not be
discoverable with most tools such as your browser readiness for an Office 365 migration development needs to migrate workloads to Azure and relationships between on-premises systems and Cloud systems
Compare deployed assets to entitlementsOne key benefit of a SAM engagement is that it gives you a clear picture of a customerrsquos entire IT landscape
which you can then share with them This includes an accurate view of all of a customerrsquos license entitlements
By understanding these entitlements you can help customers identify over-licensed and under-licensed software so they can purchase any necessary additions to bridge licensing gaps The SAM Baseline
engagement will also help to identify any license gaps eligible to be right-licensed while moving to the Cloud This helps ensure that the customer is getting credit for everything they own
In addition the engagement helps highlight ways in which a subscription model can impact budgeting and
procurement taking into account direct indirect and hidden costs Discussions around a customerrsquos current licensing program and future needs will also help to identify the optimal Volume Licensing choices going
forward
Baseline
ReviewStep 3 Data analysis
14
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewStep 3 Data analysis
15
Map to an optimized environment based on customerrsquos goalsTo optimize results you have to take a holistic view of the customerrsquos current state and intended goal objectives level of willingness to move technical readiness and cost considerations These help determine the
optimal Cloud solution recommendation
Recommended areas of analysis for optimization include the following
bull Assess whether the customerrsquos appropriately licensed for their current deployment and usage state We
can then provide recommendations for the best licensing options to align with their future business plans
bull Analyze the customerrsquos SAM process and provide recommendations to develop or improve them in
support of ongoing optimization management and compliance
bull Determine whether systems are ready for Azure in their current configurations by identifying the Windows
operating system and SQL Server software versions currently running to see if they are supported in Azure You can find supported versions at Microsoft Server Software Support for Microsoft Azure Virtual
Machines
bull Size the systems being assessed to understand system utilization and anticipated resource needs in Azure Virtual Machines This requires collecting performance metrics not simply a single scan of how a machine
is running at a single point in time
Recommended metrics include the following
ndash Azure Virtual Machine size
ndash Estimated monthly usage
ndash Network use (GB)
ndash Storage use (GB)
bull Identify applications and services that are already running in the Cloud and consider the most effective way to manage those solutions For more detailed information on working with Microsoft Cloud
management solutions please read about the Enterprise Mobility Suite with Windows Intune Azure Active
Directory Premium and Azure Rights Management
bull Look for areas of potential risk pertaining to running older software that is out of date or past end of support In particular try and track the following information
ndash Devices not running updated software
ndash Devices running Windows XP
ndash Devices running Windows Server 2008
Interpret inventory databull When reviewing the inventory tool output look for anomalies such as client count results differing
greatly from the number of employees Question anything that seems unusual to ensure your analysis
is an accurate representation of the customerrsquos environment
bull Make sure you understand the relationships between on-premises systems (such as an employee database) and Cloud systems (such as payroll)
bull Be aware that inventory data for Cloud computing may be accessed delivered and managed differently
than data for on-premises solutions Data from the inventory tool should be combined with data from other sources (IT service management and finance for example) so informed decisions can be made
that reflect all aspects of moving workloads to the Cloud including the impact on total cost of
ownership and return on investment
ndash CPU utilization ()
ndash Memory utilization (MB)
ndash Disk IO utilization (IO operations per second)
ndash Network utilizationmdashinout (MB)
bull The customer needs to know who is managing what in order to inventory assets properly If the
organization is using a service provider clarify what was purchased and who is managing it
Over-licensing and under-licensingBased on your analysis yoursquoll be prepared to discuss the customerrsquos current state with clear information on
places where they may be over-licensed or under-licensed Ensure that you are fully aware of the installation
or virtualization rights that your customerrsquos products may have via traditional product use rights Software Assurance (SA) Benefits or even via license grants documented in the Product List Use the findings to talk
about the benefits of being right-licensed and discuss the licensing options that are available to help them achieve proper licensing
Address any licensing shortfalls that have been identified and explain the steps the customer should take to
resolve their under-licensed position Typically the customer will follow their standard process and acquire
the shortfall through their reseller using their existing Volume Licensing (VL) agreement Agree on a timeline to resolve the shortfall ndash within thirty days of identification is a reasonable time period Help the customer by
connecting their licensing shortfalls to gaps in their SAM management processes highlighting areas of improvement Often shortfalls do relate to issues with inadequate existing SAM processes if processes had
been in place and carried out properly shortfalls would have been found earlier
The diagram below shows an example of over- and under-licensing and represents the basic information most companies will need to track as a starting point Organizations with additional complexities will need to
add additional fields to be complete
Baseline ReviewStep 3 Data analysis
16
Product
NameVersion Edition
License
TypeInstallations
Licensed
Quantity
License
Excess or
Shortfall
Office 2010 Professional FPP 14 12 -2
Office 2013Professional
PlusVL 25 25 0
Windows 7 Professional VL 20 25 5
Windows 8 Enterprise OEM 19 19 0
FPP = Full packaged product
OEM = Original equipment manufacturer
VL = Volume Licensing
License rights vary depending on the type of license
purchased
You may find that the customer is over-licensed in some areas They may have acquired more licenses than
necessary or be mistaken in their belief that software is being used If it is discovered that they are not using the product and if their license rights allow it recommend that they reassign the product to another
workload or move the product to the Cloud if the customer has License Mobility rights If the product is being used but there is a quantity mismatch or surplus advise them to adjust their purchases to match their
actual requirements If the customer has active Software Assurance there is the potential to step them up in
the situation where they may need additional licenses for a higher edition of a product
Baseline ReviewData analysis ndash SAM Assessment
A SAM Assessment is a review of the customerrsquos existing processes against the SAM Optimization Model
framework identifying improvement opportunities and associated ROI The SAM Optimization Model (SOM) is a framework developed by Microsoft that is aligned with Microsoft Infrastructure Optimization (IO) SOM
enables partners and customers to evaluate SAM effectively and objectively in order to help them manage
the life cycle of software assets with policies procedures tools and a vision for the future SOM provides an established set of criteria to help you make consistent SAM assessments and recommendations
Use this model to conduct an evaluation to determine how effectively your customer is managing software assets The results from the assessment will form the basis for guidance you will provide the customer with
ways to improve their SAM practices and a tailored road map to help them visualize the benefits and savings
at each stage of SAM optimization
SAM Optimization Model amp ISO SAMThe SAM Optimization framework serves as the foundation and guidance for preparing to implement an effective SAM program that supports alignment with ISO standards The model is based on the ISOIEC
19770-1 standard which is the gold standard for SAM processes It identifies ten KPIs that focus on key
processes an organization needs to follow to implement a SAM program The SAM Optimization Model is a stepping stone to accomplish a complete end-to-end SAM program as defined within ISOIEC 19770-1 which
outlines the requirements and certifications recommended for a comprehensive SAM program Adopting both frameworks will help ensure that customers accurately and strategically implement and manage a
successful ongoing SAM practice
ISO SAM Tier 4
ISO SAM Tier 3
ISO SAM Tier 2
ISO SAM Tier 1
3 Long-term focus
2 Subsequent focus
1 Initial focus
MS SOM Dynamic
MS SOM Standardized
MS SOM Basic
MS SOM Rationalized
Largely Equivalent
Largely Equivalent
asymp
asymp
17
The Microsoft SOM infrastructure optimization maturity levels are
Basic
Ad Hoc ndash Little control over what IT assets are being used and where Lacks policies procedures resources
and tools
Standardized
Tracking Assets ndash SAM processes exist as well as tooldata repository Information may not be complete and accurate and is typically not used for decision making
Rationalized
Active Management ndash Vision policies procedures and tools are used to manage the IT software asset lifecycle Reliable information used to manage the assets to business targets
Dynamic
Optimized ndash Near real-time alignment with changing business needs SAM is a strategic asset to overall
business objectives
Baseline ReviewData analysis - SAM Assessment
The first two levels Basic and Standardized are the initial focus points for an organization As organizations
increase their maturity they will progress up to Rationalized with the ultimate long-term goal of arriving at a Dynamic state The Rationalized level is similar to the ISO SAM Tier 1 in the ISO 19770 model and the
Dynamic level corresponds generally to the ISO SAM Tiers 2 3 and 4
For more information on the ISO model see ISOIEC 19770 -12012 ndash Information technology ndash Software
asset management ndash Part 1 Processes and tiered assessment of conformance
Standardized
SAM
Tracking Assets
SAM processes exist
as well as tooldata
repository
Information may not
be complete or
accurate and typically
not used for decision
making
Rationalized
SAM
Active Management
Vision policies
procedures and tools
are used to manage
the software asset
lifecycle
Reliable information
used to manage the
assets to business
targets
Dynamic
SAM
Optimized
Near real-time
alignment with
changing business
needs
Business competitive
advantage through
SAM
Basic
SAM
Ad Hoc
Little control over
which IT assets are
being used and
where
Lacks policies
procedures
resources and tools
18
SOM maturity levels and key competencies
The SOM Assessment is a systematic approach in which you compare Key Performance Indicators (KPIs)
found within the customerrsquos current environment against a defined model to determine a SAM maturity level The objective is to gain an understanding of the organizationrsquos overall SAM maturity highlight SAM strengths
and weaknesses and provide a roadmap for improvement
A SOM Assessment Report provides the customer with an assessment rating and SAM maturity level based
on answers to SAM policy and procedure questions asked throughout the engagement and captured in the
Microsoft SAM Assessment Report The report also provides recommendations at each stage of the model prioritizing the ones with the greatest impact for the customer
For each key competency area you will identify the sources of data that need to be gathered identify how to
evaluate the data and what is to be determined and then breakout the four maturity levels using the tipping
points for each level
Baseline ReviewData analysis - SAM Assessment
19
SAM Optimization Model ndash maturity levels
BASIC STANDARDIZED RATIONALIZED DYNAMIC
SAM ThroughoutOrganization
Project Managerassigned but SAM rolesamp responsibilities not
defined
Direct SAM responsibilityis identified throughoutorganization
Each functional groupactively manages SAM
SAM responsibilitiesdefined in job descriptionsacross organization
SAMImprovement Plan
No SAM development orcommunication plan
SAM plan is defined and approved
SAM Improvement is demonstrated
SAM goals part of executive scorecard Reviewed regularly
Hardware ampSoftware Inventory
No centralized inventoryor lt 68 assets in central inventory
gt 68-95 of assets in inventory
gt 95 - 98 of assets in Inventory
gt 99 of assets in inventory
Accuracy of InventoryManual inventory nodiscovery tools
Inventory sourcesreconciled annually
Inventory sourcesreconciled quarterly
Dynamic discovery tools provide near real-time deployment details
LicenseEntitlement Records
Procurement managescontracts not accessed byIT managers
Complete entitlementrecords exist acrossorganization
Entitlement recordsreconciled with vendorrecords
SAM entitlement system interfaces with vendor entitlement to track usage
Periodic EvaluationIT operations managed onad-hoc basis
Annual sign-off on SAM reports
Quarterly sign-off on SAM reports
System reconciliations and ITAM report available on demand
SAM OperationsMgmt amp Interfaces
SAM not considered partof MampA risk plan andcompany integration
Operations managesseparate asset inventories
Operations managesassociated assetinventory
All business units follow the same strategy processamp technology for SAM
Acquisition Process
Assets purchased on aper project basis withouta review of current
availability
Software purchases use approved vendors
Software purchases based on deployment entitlement
reconciliation
All purchases are made using a predefined assetcatalog based on metered
usage
Deployment Process
Assets deployed byend-users in distributedlocations no centralized IT
Only approved software is deployed
Software deploymentreports are accessible tostakeholders
Software is dynamically available to users on demand
Retirement Process
Software is retired withhardware and is notharvested or reassigned
Unused software isharvested (where the license allows) and
tracked within a centrally controlled inventory
Centrally controlledinventory of harvestedlicenses is maintained
amp available for reuseDeployment amp license
records are updated
Automated process wcentralized control amp tracking of all installed
software harvest optionsinternal reassignment
and disposal
As you assign the maturity level for each of the ten key competency areas note the customer may be at
different stages in the modelmdashmeaning some areas will be Basic while others are Dynamic or Rationalized Most customers will be in the Basic and Standardized maturity levels but you will see some areas (for
example Acquisition Process) that could be Rationalized or even Dynamic
SOM Workbook
The SOM Assessment Report Workbook is used to document the details on your maturity level assessment
ratings for each of the key competency areas The workbook provides a framework for your customer SAM
optimization review It will also enable you to capture the assessment ratings for each of the ten competency areas
Workbook contents
Within the workbook there is a tab for each competency In addition to the objectives and key questions
each tab contains a definition of the competency risk considerations guidance on how to evaluate the SAM optimization level and the final assessment rating for the specific competency You can also enter notes as
needed at the bottom of each tab
The lsquoSAM Assessment Reportrsquo tab provides the consolidated assessment ratings across all ten competencies
once they have been filled in by you From this tab you can save a copy of this summary information to email
to Microsoft by clicking the lsquoCreate Final Reportrsquo button Note You need to enable the Macro Option above in the Security Warning
The lsquoSAM Assessment Graphrsquo tab provides a graph based on the summary assessment data once it is all
collected
The last tab lsquoCompetency Rating Informationrsquo provides definitions for each competency and optimization
level along with additional assessment guidance
To get started Follow the directions on the ldquoGetting Startedrdquo section of the Introduction tab To set up the
workbook for the customer
1Enable the macros in the security options
2Enter the name of the Customer in cell lsquoF2rsquo
3Enter the Partner Name in cell lsquoF3rsquo
4Enter the Partner MSPP ID in cell lsquoF4rsquo
5Enter the OpportunityID or Agreement in cell lsquoF5rsquo
Baseline ReviewData analysis - SAM Assessment
20
Filling out the Workbook
Using the information you collect by questioning the customer and assessing their maturity level in each of
the ten competencies (both explained in more detail below) you will record an ldquoInitial Observationrdquo and an ldquoAssessment Ratingrdquo for each competency in the appropriate competency tab
bullThe lsquoAssessment Ratingrsquo is your analysis of the customerrsquos maturity for a particular key competency
bullThe lsquo(Initial) Observationsrsquo is supporting information on why you selected the lsquoAssessment Ratingrsquo
Baseline ReviewData analysis - SAM Assessment
The ldquoSAM Assessment Reportrdquo tab is organized by the key competencies and corresponding ISO categories
and the results Once all observations and ratings are recorded the information in the lsquoCurrent Optimizationrsquo columns are auto filled based on the lsquoAssessment Ratingrsquo you have selected as well as your Initial
Observation
21
Creating a final report
To create a final report select the ldquoCreate Final Reportrdquo button making sure that macros are enabled
Baseline ReviewData analysis - SAM Assessment
22
Results from the workbook are also provided back in the form of a graph on the SAM Assessment Graph tab
This is an example of what the output graph will look like
0
1
2
3
4
SAM
throughout
organization
SAM
improvement
plan
Hardware
and
software
inventory
Accuracy
of
inventory
License
entitlement
records
Periodic
self
evaluation
Operations
management
interfaces
Acquisition
process
Deployment
process
Retirement
process
Basic
Standardized
Rationalised
Dynamic
Baseline ReviewData analysis - SAM Assessment
23
DeliverablesUpon completion of this stage you can offer key best practices to improve the customerrsquos software asset management program going forward
ELP
Provides details related to license entitlements which are mapped to
deployments and identifies any gaps or underutilization in your organization
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
View sample report here
Final results
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an accurate point-in-time reflection of the customerrsquos current deployment and license position This data along
with the additional customer inputs will also provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application of license benefit and optimization rules (eg upgrades downgrades promotions etc)
bull Review of the Microsoft SAM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps for the customer
Additionally SAM must take into account the speed and ease with which new services can be provisioned configured and released This ease of implementation introduces organizational risks by decentralizing IT
services Because Cloud services appeal directly to business users the risk exists that these services may be
purchased outside the traditional software procurement and SAM processes
Deliverables
The following deliverables are due to the customer at the end of the engagement
bull A comprehensive view of the customer environment A document with details related to all
hardware and software currently deployed within the customerrsquos IT infrastructure
bull The Effective License Position (ELP) A spreadsheet that provides details related to license entitlements and deployments The spreadsheet must be produced using I-AM (Note Defined in
Deliverables to Microsoft) bull License Optimization Report This report must contain the risks liabilities and issues associated
with customerrsquos current licensing practices and prioritized recommendations on how to better
manage their licenses to minimize risks in the future The report could also contain but is not limited to
o Identification of all of the customerrsquos Volume License Agreements (VLAs) with Microsoft and a recommendation on any beneficial consolidation
o Consumption information detailing installed products that are unused or underutilized (eg
no use in last six months)o Recommendations for a repeatable simplified inventory collection process for future True-ups
(for Enterprise Agreement customers only)o Additional customer-specific recommendations based on captured data and insights
24
SAMSOFTWARE ASSET MANAGEMENT
Baseline
ReviewStep 4 Final recommendations
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
Baseline ReviewStep 2 Data collection
11
bull Data extract must be cross-referenced against a minimum of one (1) additional data source
including but not limited too Records from existing network performancesecurity monitoring and management tools
o Network management frameworks
o Virtual machine performance monitoringo Customer Human Resources (HR) records
o Security sources (anti-virus)bull All trust accounts must be extracted to ensure no domains are missed
bull Extraction of user accounts by group (if applicable eg for Citrix) Output includes a listing of user
objects and the AD Groups they belong tobull Identification of active users based upon the technique(s) employed by the customer (based on
output from Step 1)bull Complete extraction of data from the customerrsquos current management and inventory tools and the
calculation of current coverage levels of existing tool(s)
bull Inventory of any missing devices including but not limited to devices thato Do not report inventory
o Are non-networkedo Are unmanaged devices
bull Virtual environment mapping output includes
o Clusterso Physical hosts
o Virtual guests and virtual guest movement across physical hosts within the past 90 days to accurately calculate licensing needs for products such as Windows Server SQL Server etc
bull Identification of workstations and servers used by Microsoft Developer Network (MSDNreg)
subscribers Products installed on these devices will be identified and excluded if appropriate Facilitation of the identification of devices covered by MSDNreg subscriptions by employing various
methods such as determining preferred user for devices linking last logged-on user to devices or soliciting feedback from customer personnel that have an MSDNreg subscription (email template can
be provided) This step should be completed as early as possible in the data collection phase
bull For server products that can be licensed in multiple ways (eg serverCAL or per processor) the licensing metric applicable to each implementation must be identified
bull SQL Server output includeso Version and edition
o License type required for each SQL Server instance for customers with mixed licensing metric
(serverCAL per processor or per core)o Confirmation of passive SQL Servers assigned Failover Rights
bull Windows Server output includeso Server name
o Physical or virtual operating system environment
o Operating system version and editiono Processor and core information
bull System Center Server output includeso Server names
o Physical or virtual data
o Component (eg System Center Configuration Manager (SCCM) System Center Virtual Machine Manager (SCVMM) version and edition)
o Processor and core information
Baseline ReviewStep 2 Data collection
12
SOM Assessment
Complete the Microsoft SOM Assessment Report questions with answers provided by the customer through interviews
Choosing the right tool
With the right inventory tool you can collect a wide range of data points including software versions on-
premises software usage and an analysis of applications or services already running in the Cloud When choosing an inventory tool keep in mind that each tool supplier has its own process framework Tools donrsquot all
function the same way Using multiple tools helps discover and analyze the data and provide a more robust view of a customerrsquos environment While in some cases the customer may already have an inventory tracking
system other tools may be able to augment the types of data that the customerrsquos
tool collects
Some considerations to keep in mind when choosing or recommending an inventory tool
bull What inventory tools are already deployed within the organization What scope of the
environment do they cover What data points are they capable of capturing and reporting
bull Will deploying an agent-less or agent-based tool be more effective
bull What are the strengths and weaknesses of the tools being considered Will one or more of the tools
collect all required data pointsmdashhardware software virtualization details across a variety of hypervisors (Hyper-V VMwarereg and XenServerreg for example)
bull Is it optimal to deploy and monitor a tool remotely or on-premises
bull How will the tool gather data from PCs servers and mobile devices that connect to the network
remotely
bull If using an inventory tool that the customer already has in place make sure itrsquos configured correctly and can scan the full IT environment
bull Consider how the tool is licensed The optimal tool will collect the right data and align with the
customerrsquos budget whether the tool requires a license or subscription or is free
Scope of inventory
For any SAM engagement a standard best practice is to collect all relevant inventory and licensing data across all Windows-based computers in the environment For a SAM Baseline Review itrsquos important to consider the
minimum requirements based on customer goals For customers looking to move some or all of their applications to a web-client delivery solution such as Office 365 the inventory toolrsquos scope should cover all
clients and a subset of servers to assess if systems are ready for the various Office 365 offerings
You should also determine the scope of devices that contain data to be collected For customers running Active Directory Domain Services (or Directories in the case of multiple separate domainsforests) include in
scope all machines with Active Directory activity reported in the last 30 days (time frame can be adjusted
according to customer circumstances)
Implementing the inventory tool
The standard approach for deploying an inventory tool for a SAM Cloud Productivity engagement includes preparing the environment for scanning and data collection Use either a combination of available tools or
iterative scans to continually increase coverage rates
Baseline ReviewStep 2 Data collection
13
Agent-less toolsbull Understand domain network and firewall (as examples) considerations that can effect a toolrsquos
ability to access various portions of your customerrsquos environment
bull Open firewalls make firewall exceptions deploy Group Policy Objects and open specific ports to
ensure that the tool can access all the targeted machines
bull Agentless tools typically need to run multiple times especially at different times of the day and days of the week to catch the variety of users shifts and time zones depending on the
organization
Agent-based tools bull Ensure agents are communicating regularly so that data remains current
bull Ensure agents are deployed to the scope of target machines
bull With the right refresh and agent coverage data collection from an agent-based tool should be a single snapshot extractionmdashno additional iterations should be necessary with the right refresh
schedule and agent coverage
Gathering data
When collecting information consider taking the following actions
bull Ask the customer to confirm the full set of Microsoft products offered to end customers Compare
the results to the customerrsquos current product reporting (invoicing)bull Ask relevant questions regarding the customerrsquos environment that enable you to effectively plan
data collection from an infrastructure and stakeholder perspective By the end of this stage you
should have a clear picture of
o Environments
o Datacenterso Number of servers (physical and virtual per environmentcustomer)
o Deployment types
o Type of virtualization software in useo Software inventory tools in use
o Operations management software in useo Identification of other affiliates providing hosting services
o Microsoft products and versions in use and features enabled
o How servers and software are provisioned decommissioned and tracked o Dates when each server was put into production
o How the company manages user access
DeliverablesAt the conclusion of this stage yoursquoll create a set of reports that summarize your findings including the
following
View sample report here
The customer will have time to review and validate the preliminary reports and make final adjustments
EDPProvides details related to the customersrsquo Microsoft software
deployments and usage data
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an
accurate point-in-time reflection of the customerrsquos current deployment and license position This data along with the additional customer inputs will provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based
on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application
of license benefit and optimization rules (eg upgrades downgrades promotions etc)bull Review of the Microsoft SOM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps
for the customer
In addition work with your customer to identify over-licensed and under-licensed software and events that
might have led the customer to any inaccuracies Reconcile any licensing gaps and provide the customer with guidance on the best way to manage their software assets most effectively going forward
This third stage of a SAM engagement focuses on achieving the following
bull Review amp validate all collected data
bull Compare deployed assets to entitlements
bull Map to an optimized environment based on customer goals
bull Interpret inventory data
Review and validate all collected dataA SAM engagement helps identify and document all product deployments usage and license entitlements This includes combining the inventory data with other relevant data and information that may not be
discoverable with most tools such as your browser readiness for an Office 365 migration development needs to migrate workloads to Azure and relationships between on-premises systems and Cloud systems
Compare deployed assets to entitlementsOne key benefit of a SAM engagement is that it gives you a clear picture of a customerrsquos entire IT landscape
which you can then share with them This includes an accurate view of all of a customerrsquos license entitlements
By understanding these entitlements you can help customers identify over-licensed and under-licensed software so they can purchase any necessary additions to bridge licensing gaps The SAM Baseline
engagement will also help to identify any license gaps eligible to be right-licensed while moving to the Cloud This helps ensure that the customer is getting credit for everything they own
In addition the engagement helps highlight ways in which a subscription model can impact budgeting and
procurement taking into account direct indirect and hidden costs Discussions around a customerrsquos current licensing program and future needs will also help to identify the optimal Volume Licensing choices going
forward
Baseline
ReviewStep 3 Data analysis
14
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewStep 3 Data analysis
15
Map to an optimized environment based on customerrsquos goalsTo optimize results you have to take a holistic view of the customerrsquos current state and intended goal objectives level of willingness to move technical readiness and cost considerations These help determine the
optimal Cloud solution recommendation
Recommended areas of analysis for optimization include the following
bull Assess whether the customerrsquos appropriately licensed for their current deployment and usage state We
can then provide recommendations for the best licensing options to align with their future business plans
bull Analyze the customerrsquos SAM process and provide recommendations to develop or improve them in
support of ongoing optimization management and compliance
bull Determine whether systems are ready for Azure in their current configurations by identifying the Windows
operating system and SQL Server software versions currently running to see if they are supported in Azure You can find supported versions at Microsoft Server Software Support for Microsoft Azure Virtual
Machines
bull Size the systems being assessed to understand system utilization and anticipated resource needs in Azure Virtual Machines This requires collecting performance metrics not simply a single scan of how a machine
is running at a single point in time
Recommended metrics include the following
ndash Azure Virtual Machine size
ndash Estimated monthly usage
ndash Network use (GB)
ndash Storage use (GB)
bull Identify applications and services that are already running in the Cloud and consider the most effective way to manage those solutions For more detailed information on working with Microsoft Cloud
management solutions please read about the Enterprise Mobility Suite with Windows Intune Azure Active
Directory Premium and Azure Rights Management
bull Look for areas of potential risk pertaining to running older software that is out of date or past end of support In particular try and track the following information
ndash Devices not running updated software
ndash Devices running Windows XP
ndash Devices running Windows Server 2008
Interpret inventory databull When reviewing the inventory tool output look for anomalies such as client count results differing
greatly from the number of employees Question anything that seems unusual to ensure your analysis
is an accurate representation of the customerrsquos environment
bull Make sure you understand the relationships between on-premises systems (such as an employee database) and Cloud systems (such as payroll)
bull Be aware that inventory data for Cloud computing may be accessed delivered and managed differently
than data for on-premises solutions Data from the inventory tool should be combined with data from other sources (IT service management and finance for example) so informed decisions can be made
that reflect all aspects of moving workloads to the Cloud including the impact on total cost of
ownership and return on investment
ndash CPU utilization ()
ndash Memory utilization (MB)
ndash Disk IO utilization (IO operations per second)
ndash Network utilizationmdashinout (MB)
bull The customer needs to know who is managing what in order to inventory assets properly If the
organization is using a service provider clarify what was purchased and who is managing it
Over-licensing and under-licensingBased on your analysis yoursquoll be prepared to discuss the customerrsquos current state with clear information on
places where they may be over-licensed or under-licensed Ensure that you are fully aware of the installation
or virtualization rights that your customerrsquos products may have via traditional product use rights Software Assurance (SA) Benefits or even via license grants documented in the Product List Use the findings to talk
about the benefits of being right-licensed and discuss the licensing options that are available to help them achieve proper licensing
Address any licensing shortfalls that have been identified and explain the steps the customer should take to
resolve their under-licensed position Typically the customer will follow their standard process and acquire
the shortfall through their reseller using their existing Volume Licensing (VL) agreement Agree on a timeline to resolve the shortfall ndash within thirty days of identification is a reasonable time period Help the customer by
connecting their licensing shortfalls to gaps in their SAM management processes highlighting areas of improvement Often shortfalls do relate to issues with inadequate existing SAM processes if processes had
been in place and carried out properly shortfalls would have been found earlier
The diagram below shows an example of over- and under-licensing and represents the basic information most companies will need to track as a starting point Organizations with additional complexities will need to
add additional fields to be complete
Baseline ReviewStep 3 Data analysis
16
Product
NameVersion Edition
License
TypeInstallations
Licensed
Quantity
License
Excess or
Shortfall
Office 2010 Professional FPP 14 12 -2
Office 2013Professional
PlusVL 25 25 0
Windows 7 Professional VL 20 25 5
Windows 8 Enterprise OEM 19 19 0
FPP = Full packaged product
OEM = Original equipment manufacturer
VL = Volume Licensing
License rights vary depending on the type of license
purchased
You may find that the customer is over-licensed in some areas They may have acquired more licenses than
necessary or be mistaken in their belief that software is being used If it is discovered that they are not using the product and if their license rights allow it recommend that they reassign the product to another
workload or move the product to the Cloud if the customer has License Mobility rights If the product is being used but there is a quantity mismatch or surplus advise them to adjust their purchases to match their
actual requirements If the customer has active Software Assurance there is the potential to step them up in
the situation where they may need additional licenses for a higher edition of a product
Baseline ReviewData analysis ndash SAM Assessment
A SAM Assessment is a review of the customerrsquos existing processes against the SAM Optimization Model
framework identifying improvement opportunities and associated ROI The SAM Optimization Model (SOM) is a framework developed by Microsoft that is aligned with Microsoft Infrastructure Optimization (IO) SOM
enables partners and customers to evaluate SAM effectively and objectively in order to help them manage
the life cycle of software assets with policies procedures tools and a vision for the future SOM provides an established set of criteria to help you make consistent SAM assessments and recommendations
Use this model to conduct an evaluation to determine how effectively your customer is managing software assets The results from the assessment will form the basis for guidance you will provide the customer with
ways to improve their SAM practices and a tailored road map to help them visualize the benefits and savings
at each stage of SAM optimization
SAM Optimization Model amp ISO SAMThe SAM Optimization framework serves as the foundation and guidance for preparing to implement an effective SAM program that supports alignment with ISO standards The model is based on the ISOIEC
19770-1 standard which is the gold standard for SAM processes It identifies ten KPIs that focus on key
processes an organization needs to follow to implement a SAM program The SAM Optimization Model is a stepping stone to accomplish a complete end-to-end SAM program as defined within ISOIEC 19770-1 which
outlines the requirements and certifications recommended for a comprehensive SAM program Adopting both frameworks will help ensure that customers accurately and strategically implement and manage a
successful ongoing SAM practice
ISO SAM Tier 4
ISO SAM Tier 3
ISO SAM Tier 2
ISO SAM Tier 1
3 Long-term focus
2 Subsequent focus
1 Initial focus
MS SOM Dynamic
MS SOM Standardized
MS SOM Basic
MS SOM Rationalized
Largely Equivalent
Largely Equivalent
asymp
asymp
17
The Microsoft SOM infrastructure optimization maturity levels are
Basic
Ad Hoc ndash Little control over what IT assets are being used and where Lacks policies procedures resources
and tools
Standardized
Tracking Assets ndash SAM processes exist as well as tooldata repository Information may not be complete and accurate and is typically not used for decision making
Rationalized
Active Management ndash Vision policies procedures and tools are used to manage the IT software asset lifecycle Reliable information used to manage the assets to business targets
Dynamic
Optimized ndash Near real-time alignment with changing business needs SAM is a strategic asset to overall
business objectives
Baseline ReviewData analysis - SAM Assessment
The first two levels Basic and Standardized are the initial focus points for an organization As organizations
increase their maturity they will progress up to Rationalized with the ultimate long-term goal of arriving at a Dynamic state The Rationalized level is similar to the ISO SAM Tier 1 in the ISO 19770 model and the
Dynamic level corresponds generally to the ISO SAM Tiers 2 3 and 4
For more information on the ISO model see ISOIEC 19770 -12012 ndash Information technology ndash Software
asset management ndash Part 1 Processes and tiered assessment of conformance
Standardized
SAM
Tracking Assets
SAM processes exist
as well as tooldata
repository
Information may not
be complete or
accurate and typically
not used for decision
making
Rationalized
SAM
Active Management
Vision policies
procedures and tools
are used to manage
the software asset
lifecycle
Reliable information
used to manage the
assets to business
targets
Dynamic
SAM
Optimized
Near real-time
alignment with
changing business
needs
Business competitive
advantage through
SAM
Basic
SAM
Ad Hoc
Little control over
which IT assets are
being used and
where
Lacks policies
procedures
resources and tools
18
SOM maturity levels and key competencies
The SOM Assessment is a systematic approach in which you compare Key Performance Indicators (KPIs)
found within the customerrsquos current environment against a defined model to determine a SAM maturity level The objective is to gain an understanding of the organizationrsquos overall SAM maturity highlight SAM strengths
and weaknesses and provide a roadmap for improvement
A SOM Assessment Report provides the customer with an assessment rating and SAM maturity level based
on answers to SAM policy and procedure questions asked throughout the engagement and captured in the
Microsoft SAM Assessment Report The report also provides recommendations at each stage of the model prioritizing the ones with the greatest impact for the customer
For each key competency area you will identify the sources of data that need to be gathered identify how to
evaluate the data and what is to be determined and then breakout the four maturity levels using the tipping
points for each level
Baseline ReviewData analysis - SAM Assessment
19
SAM Optimization Model ndash maturity levels
BASIC STANDARDIZED RATIONALIZED DYNAMIC
SAM ThroughoutOrganization
Project Managerassigned but SAM rolesamp responsibilities not
defined
Direct SAM responsibilityis identified throughoutorganization
Each functional groupactively manages SAM
SAM responsibilitiesdefined in job descriptionsacross organization
SAMImprovement Plan
No SAM development orcommunication plan
SAM plan is defined and approved
SAM Improvement is demonstrated
SAM goals part of executive scorecard Reviewed regularly
Hardware ampSoftware Inventory
No centralized inventoryor lt 68 assets in central inventory
gt 68-95 of assets in inventory
gt 95 - 98 of assets in Inventory
gt 99 of assets in inventory
Accuracy of InventoryManual inventory nodiscovery tools
Inventory sourcesreconciled annually
Inventory sourcesreconciled quarterly
Dynamic discovery tools provide near real-time deployment details
LicenseEntitlement Records
Procurement managescontracts not accessed byIT managers
Complete entitlementrecords exist acrossorganization
Entitlement recordsreconciled with vendorrecords
SAM entitlement system interfaces with vendor entitlement to track usage
Periodic EvaluationIT operations managed onad-hoc basis
Annual sign-off on SAM reports
Quarterly sign-off on SAM reports
System reconciliations and ITAM report available on demand
SAM OperationsMgmt amp Interfaces
SAM not considered partof MampA risk plan andcompany integration
Operations managesseparate asset inventories
Operations managesassociated assetinventory
All business units follow the same strategy processamp technology for SAM
Acquisition Process
Assets purchased on aper project basis withouta review of current
availability
Software purchases use approved vendors
Software purchases based on deployment entitlement
reconciliation
All purchases are made using a predefined assetcatalog based on metered
usage
Deployment Process
Assets deployed byend-users in distributedlocations no centralized IT
Only approved software is deployed
Software deploymentreports are accessible tostakeholders
Software is dynamically available to users on demand
Retirement Process
Software is retired withhardware and is notharvested or reassigned
Unused software isharvested (where the license allows) and
tracked within a centrally controlled inventory
Centrally controlledinventory of harvestedlicenses is maintained
amp available for reuseDeployment amp license
records are updated
Automated process wcentralized control amp tracking of all installed
software harvest optionsinternal reassignment
and disposal
As you assign the maturity level for each of the ten key competency areas note the customer may be at
different stages in the modelmdashmeaning some areas will be Basic while others are Dynamic or Rationalized Most customers will be in the Basic and Standardized maturity levels but you will see some areas (for
example Acquisition Process) that could be Rationalized or even Dynamic
SOM Workbook
The SOM Assessment Report Workbook is used to document the details on your maturity level assessment
ratings for each of the key competency areas The workbook provides a framework for your customer SAM
optimization review It will also enable you to capture the assessment ratings for each of the ten competency areas
Workbook contents
Within the workbook there is a tab for each competency In addition to the objectives and key questions
each tab contains a definition of the competency risk considerations guidance on how to evaluate the SAM optimization level and the final assessment rating for the specific competency You can also enter notes as
needed at the bottom of each tab
The lsquoSAM Assessment Reportrsquo tab provides the consolidated assessment ratings across all ten competencies
once they have been filled in by you From this tab you can save a copy of this summary information to email
to Microsoft by clicking the lsquoCreate Final Reportrsquo button Note You need to enable the Macro Option above in the Security Warning
The lsquoSAM Assessment Graphrsquo tab provides a graph based on the summary assessment data once it is all
collected
The last tab lsquoCompetency Rating Informationrsquo provides definitions for each competency and optimization
level along with additional assessment guidance
To get started Follow the directions on the ldquoGetting Startedrdquo section of the Introduction tab To set up the
workbook for the customer
1Enable the macros in the security options
2Enter the name of the Customer in cell lsquoF2rsquo
3Enter the Partner Name in cell lsquoF3rsquo
4Enter the Partner MSPP ID in cell lsquoF4rsquo
5Enter the OpportunityID or Agreement in cell lsquoF5rsquo
Baseline ReviewData analysis - SAM Assessment
20
Filling out the Workbook
Using the information you collect by questioning the customer and assessing their maturity level in each of
the ten competencies (both explained in more detail below) you will record an ldquoInitial Observationrdquo and an ldquoAssessment Ratingrdquo for each competency in the appropriate competency tab
bullThe lsquoAssessment Ratingrsquo is your analysis of the customerrsquos maturity for a particular key competency
bullThe lsquo(Initial) Observationsrsquo is supporting information on why you selected the lsquoAssessment Ratingrsquo
Baseline ReviewData analysis - SAM Assessment
The ldquoSAM Assessment Reportrdquo tab is organized by the key competencies and corresponding ISO categories
and the results Once all observations and ratings are recorded the information in the lsquoCurrent Optimizationrsquo columns are auto filled based on the lsquoAssessment Ratingrsquo you have selected as well as your Initial
Observation
21
Creating a final report
To create a final report select the ldquoCreate Final Reportrdquo button making sure that macros are enabled
Baseline ReviewData analysis - SAM Assessment
22
Results from the workbook are also provided back in the form of a graph on the SAM Assessment Graph tab
This is an example of what the output graph will look like
0
1
2
3
4
SAM
throughout
organization
SAM
improvement
plan
Hardware
and
software
inventory
Accuracy
of
inventory
License
entitlement
records
Periodic
self
evaluation
Operations
management
interfaces
Acquisition
process
Deployment
process
Retirement
process
Basic
Standardized
Rationalised
Dynamic
Baseline ReviewData analysis - SAM Assessment
23
DeliverablesUpon completion of this stage you can offer key best practices to improve the customerrsquos software asset management program going forward
ELP
Provides details related to license entitlements which are mapped to
deployments and identifies any gaps or underutilization in your organization
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
View sample report here
Final results
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an accurate point-in-time reflection of the customerrsquos current deployment and license position This data along
with the additional customer inputs will also provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application of license benefit and optimization rules (eg upgrades downgrades promotions etc)
bull Review of the Microsoft SAM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps for the customer
Additionally SAM must take into account the speed and ease with which new services can be provisioned configured and released This ease of implementation introduces organizational risks by decentralizing IT
services Because Cloud services appeal directly to business users the risk exists that these services may be
purchased outside the traditional software procurement and SAM processes
Deliverables
The following deliverables are due to the customer at the end of the engagement
bull A comprehensive view of the customer environment A document with details related to all
hardware and software currently deployed within the customerrsquos IT infrastructure
bull The Effective License Position (ELP) A spreadsheet that provides details related to license entitlements and deployments The spreadsheet must be produced using I-AM (Note Defined in
Deliverables to Microsoft) bull License Optimization Report This report must contain the risks liabilities and issues associated
with customerrsquos current licensing practices and prioritized recommendations on how to better
manage their licenses to minimize risks in the future The report could also contain but is not limited to
o Identification of all of the customerrsquos Volume License Agreements (VLAs) with Microsoft and a recommendation on any beneficial consolidation
o Consumption information detailing installed products that are unused or underutilized (eg
no use in last six months)o Recommendations for a repeatable simplified inventory collection process for future True-ups
(for Enterprise Agreement customers only)o Additional customer-specific recommendations based on captured data and insights
24
SAMSOFTWARE ASSET MANAGEMENT
Baseline
ReviewStep 4 Final recommendations
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
Baseline ReviewStep 2 Data collection
12
SOM Assessment
Complete the Microsoft SOM Assessment Report questions with answers provided by the customer through interviews
Choosing the right tool
With the right inventory tool you can collect a wide range of data points including software versions on-
premises software usage and an analysis of applications or services already running in the Cloud When choosing an inventory tool keep in mind that each tool supplier has its own process framework Tools donrsquot all
function the same way Using multiple tools helps discover and analyze the data and provide a more robust view of a customerrsquos environment While in some cases the customer may already have an inventory tracking
system other tools may be able to augment the types of data that the customerrsquos
tool collects
Some considerations to keep in mind when choosing or recommending an inventory tool
bull What inventory tools are already deployed within the organization What scope of the
environment do they cover What data points are they capable of capturing and reporting
bull Will deploying an agent-less or agent-based tool be more effective
bull What are the strengths and weaknesses of the tools being considered Will one or more of the tools
collect all required data pointsmdashhardware software virtualization details across a variety of hypervisors (Hyper-V VMwarereg and XenServerreg for example)
bull Is it optimal to deploy and monitor a tool remotely or on-premises
bull How will the tool gather data from PCs servers and mobile devices that connect to the network
remotely
bull If using an inventory tool that the customer already has in place make sure itrsquos configured correctly and can scan the full IT environment
bull Consider how the tool is licensed The optimal tool will collect the right data and align with the
customerrsquos budget whether the tool requires a license or subscription or is free
Scope of inventory
For any SAM engagement a standard best practice is to collect all relevant inventory and licensing data across all Windows-based computers in the environment For a SAM Baseline Review itrsquos important to consider the
minimum requirements based on customer goals For customers looking to move some or all of their applications to a web-client delivery solution such as Office 365 the inventory toolrsquos scope should cover all
clients and a subset of servers to assess if systems are ready for the various Office 365 offerings
You should also determine the scope of devices that contain data to be collected For customers running Active Directory Domain Services (or Directories in the case of multiple separate domainsforests) include in
scope all machines with Active Directory activity reported in the last 30 days (time frame can be adjusted
according to customer circumstances)
Implementing the inventory tool
The standard approach for deploying an inventory tool for a SAM Cloud Productivity engagement includes preparing the environment for scanning and data collection Use either a combination of available tools or
iterative scans to continually increase coverage rates
Baseline ReviewStep 2 Data collection
13
Agent-less toolsbull Understand domain network and firewall (as examples) considerations that can effect a toolrsquos
ability to access various portions of your customerrsquos environment
bull Open firewalls make firewall exceptions deploy Group Policy Objects and open specific ports to
ensure that the tool can access all the targeted machines
bull Agentless tools typically need to run multiple times especially at different times of the day and days of the week to catch the variety of users shifts and time zones depending on the
organization
Agent-based tools bull Ensure agents are communicating regularly so that data remains current
bull Ensure agents are deployed to the scope of target machines
bull With the right refresh and agent coverage data collection from an agent-based tool should be a single snapshot extractionmdashno additional iterations should be necessary with the right refresh
schedule and agent coverage
Gathering data
When collecting information consider taking the following actions
bull Ask the customer to confirm the full set of Microsoft products offered to end customers Compare
the results to the customerrsquos current product reporting (invoicing)bull Ask relevant questions regarding the customerrsquos environment that enable you to effectively plan
data collection from an infrastructure and stakeholder perspective By the end of this stage you
should have a clear picture of
o Environments
o Datacenterso Number of servers (physical and virtual per environmentcustomer)
o Deployment types
o Type of virtualization software in useo Software inventory tools in use
o Operations management software in useo Identification of other affiliates providing hosting services
o Microsoft products and versions in use and features enabled
o How servers and software are provisioned decommissioned and tracked o Dates when each server was put into production
o How the company manages user access
DeliverablesAt the conclusion of this stage yoursquoll create a set of reports that summarize your findings including the
following
View sample report here
The customer will have time to review and validate the preliminary reports and make final adjustments
EDPProvides details related to the customersrsquo Microsoft software
deployments and usage data
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an
accurate point-in-time reflection of the customerrsquos current deployment and license position This data along with the additional customer inputs will provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based
on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application
of license benefit and optimization rules (eg upgrades downgrades promotions etc)bull Review of the Microsoft SOM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps
for the customer
In addition work with your customer to identify over-licensed and under-licensed software and events that
might have led the customer to any inaccuracies Reconcile any licensing gaps and provide the customer with guidance on the best way to manage their software assets most effectively going forward
This third stage of a SAM engagement focuses on achieving the following
bull Review amp validate all collected data
bull Compare deployed assets to entitlements
bull Map to an optimized environment based on customer goals
bull Interpret inventory data
Review and validate all collected dataA SAM engagement helps identify and document all product deployments usage and license entitlements This includes combining the inventory data with other relevant data and information that may not be
discoverable with most tools such as your browser readiness for an Office 365 migration development needs to migrate workloads to Azure and relationships between on-premises systems and Cloud systems
Compare deployed assets to entitlementsOne key benefit of a SAM engagement is that it gives you a clear picture of a customerrsquos entire IT landscape
which you can then share with them This includes an accurate view of all of a customerrsquos license entitlements
By understanding these entitlements you can help customers identify over-licensed and under-licensed software so they can purchase any necessary additions to bridge licensing gaps The SAM Baseline
engagement will also help to identify any license gaps eligible to be right-licensed while moving to the Cloud This helps ensure that the customer is getting credit for everything they own
In addition the engagement helps highlight ways in which a subscription model can impact budgeting and
procurement taking into account direct indirect and hidden costs Discussions around a customerrsquos current licensing program and future needs will also help to identify the optimal Volume Licensing choices going
forward
Baseline
ReviewStep 3 Data analysis
14
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewStep 3 Data analysis
15
Map to an optimized environment based on customerrsquos goalsTo optimize results you have to take a holistic view of the customerrsquos current state and intended goal objectives level of willingness to move technical readiness and cost considerations These help determine the
optimal Cloud solution recommendation
Recommended areas of analysis for optimization include the following
bull Assess whether the customerrsquos appropriately licensed for their current deployment and usage state We
can then provide recommendations for the best licensing options to align with their future business plans
bull Analyze the customerrsquos SAM process and provide recommendations to develop or improve them in
support of ongoing optimization management and compliance
bull Determine whether systems are ready for Azure in their current configurations by identifying the Windows
operating system and SQL Server software versions currently running to see if they are supported in Azure You can find supported versions at Microsoft Server Software Support for Microsoft Azure Virtual
Machines
bull Size the systems being assessed to understand system utilization and anticipated resource needs in Azure Virtual Machines This requires collecting performance metrics not simply a single scan of how a machine
is running at a single point in time
Recommended metrics include the following
ndash Azure Virtual Machine size
ndash Estimated monthly usage
ndash Network use (GB)
ndash Storage use (GB)
bull Identify applications and services that are already running in the Cloud and consider the most effective way to manage those solutions For more detailed information on working with Microsoft Cloud
management solutions please read about the Enterprise Mobility Suite with Windows Intune Azure Active
Directory Premium and Azure Rights Management
bull Look for areas of potential risk pertaining to running older software that is out of date or past end of support In particular try and track the following information
ndash Devices not running updated software
ndash Devices running Windows XP
ndash Devices running Windows Server 2008
Interpret inventory databull When reviewing the inventory tool output look for anomalies such as client count results differing
greatly from the number of employees Question anything that seems unusual to ensure your analysis
is an accurate representation of the customerrsquos environment
bull Make sure you understand the relationships between on-premises systems (such as an employee database) and Cloud systems (such as payroll)
bull Be aware that inventory data for Cloud computing may be accessed delivered and managed differently
than data for on-premises solutions Data from the inventory tool should be combined with data from other sources (IT service management and finance for example) so informed decisions can be made
that reflect all aspects of moving workloads to the Cloud including the impact on total cost of
ownership and return on investment
ndash CPU utilization ()
ndash Memory utilization (MB)
ndash Disk IO utilization (IO operations per second)
ndash Network utilizationmdashinout (MB)
bull The customer needs to know who is managing what in order to inventory assets properly If the
organization is using a service provider clarify what was purchased and who is managing it
Over-licensing and under-licensingBased on your analysis yoursquoll be prepared to discuss the customerrsquos current state with clear information on
places where they may be over-licensed or under-licensed Ensure that you are fully aware of the installation
or virtualization rights that your customerrsquos products may have via traditional product use rights Software Assurance (SA) Benefits or even via license grants documented in the Product List Use the findings to talk
about the benefits of being right-licensed and discuss the licensing options that are available to help them achieve proper licensing
Address any licensing shortfalls that have been identified and explain the steps the customer should take to
resolve their under-licensed position Typically the customer will follow their standard process and acquire
the shortfall through their reseller using their existing Volume Licensing (VL) agreement Agree on a timeline to resolve the shortfall ndash within thirty days of identification is a reasonable time period Help the customer by
connecting their licensing shortfalls to gaps in their SAM management processes highlighting areas of improvement Often shortfalls do relate to issues with inadequate existing SAM processes if processes had
been in place and carried out properly shortfalls would have been found earlier
The diagram below shows an example of over- and under-licensing and represents the basic information most companies will need to track as a starting point Organizations with additional complexities will need to
add additional fields to be complete
Baseline ReviewStep 3 Data analysis
16
Product
NameVersion Edition
License
TypeInstallations
Licensed
Quantity
License
Excess or
Shortfall
Office 2010 Professional FPP 14 12 -2
Office 2013Professional
PlusVL 25 25 0
Windows 7 Professional VL 20 25 5
Windows 8 Enterprise OEM 19 19 0
FPP = Full packaged product
OEM = Original equipment manufacturer
VL = Volume Licensing
License rights vary depending on the type of license
purchased
You may find that the customer is over-licensed in some areas They may have acquired more licenses than
necessary or be mistaken in their belief that software is being used If it is discovered that they are not using the product and if their license rights allow it recommend that they reassign the product to another
workload or move the product to the Cloud if the customer has License Mobility rights If the product is being used but there is a quantity mismatch or surplus advise them to adjust their purchases to match their
actual requirements If the customer has active Software Assurance there is the potential to step them up in
the situation where they may need additional licenses for a higher edition of a product
Baseline ReviewData analysis ndash SAM Assessment
A SAM Assessment is a review of the customerrsquos existing processes against the SAM Optimization Model
framework identifying improvement opportunities and associated ROI The SAM Optimization Model (SOM) is a framework developed by Microsoft that is aligned with Microsoft Infrastructure Optimization (IO) SOM
enables partners and customers to evaluate SAM effectively and objectively in order to help them manage
the life cycle of software assets with policies procedures tools and a vision for the future SOM provides an established set of criteria to help you make consistent SAM assessments and recommendations
Use this model to conduct an evaluation to determine how effectively your customer is managing software assets The results from the assessment will form the basis for guidance you will provide the customer with
ways to improve their SAM practices and a tailored road map to help them visualize the benefits and savings
at each stage of SAM optimization
SAM Optimization Model amp ISO SAMThe SAM Optimization framework serves as the foundation and guidance for preparing to implement an effective SAM program that supports alignment with ISO standards The model is based on the ISOIEC
19770-1 standard which is the gold standard for SAM processes It identifies ten KPIs that focus on key
processes an organization needs to follow to implement a SAM program The SAM Optimization Model is a stepping stone to accomplish a complete end-to-end SAM program as defined within ISOIEC 19770-1 which
outlines the requirements and certifications recommended for a comprehensive SAM program Adopting both frameworks will help ensure that customers accurately and strategically implement and manage a
successful ongoing SAM practice
ISO SAM Tier 4
ISO SAM Tier 3
ISO SAM Tier 2
ISO SAM Tier 1
3 Long-term focus
2 Subsequent focus
1 Initial focus
MS SOM Dynamic
MS SOM Standardized
MS SOM Basic
MS SOM Rationalized
Largely Equivalent
Largely Equivalent
asymp
asymp
17
The Microsoft SOM infrastructure optimization maturity levels are
Basic
Ad Hoc ndash Little control over what IT assets are being used and where Lacks policies procedures resources
and tools
Standardized
Tracking Assets ndash SAM processes exist as well as tooldata repository Information may not be complete and accurate and is typically not used for decision making
Rationalized
Active Management ndash Vision policies procedures and tools are used to manage the IT software asset lifecycle Reliable information used to manage the assets to business targets
Dynamic
Optimized ndash Near real-time alignment with changing business needs SAM is a strategic asset to overall
business objectives
Baseline ReviewData analysis - SAM Assessment
The first two levels Basic and Standardized are the initial focus points for an organization As organizations
increase their maturity they will progress up to Rationalized with the ultimate long-term goal of arriving at a Dynamic state The Rationalized level is similar to the ISO SAM Tier 1 in the ISO 19770 model and the
Dynamic level corresponds generally to the ISO SAM Tiers 2 3 and 4
For more information on the ISO model see ISOIEC 19770 -12012 ndash Information technology ndash Software
asset management ndash Part 1 Processes and tiered assessment of conformance
Standardized
SAM
Tracking Assets
SAM processes exist
as well as tooldata
repository
Information may not
be complete or
accurate and typically
not used for decision
making
Rationalized
SAM
Active Management
Vision policies
procedures and tools
are used to manage
the software asset
lifecycle
Reliable information
used to manage the
assets to business
targets
Dynamic
SAM
Optimized
Near real-time
alignment with
changing business
needs
Business competitive
advantage through
SAM
Basic
SAM
Ad Hoc
Little control over
which IT assets are
being used and
where
Lacks policies
procedures
resources and tools
18
SOM maturity levels and key competencies
The SOM Assessment is a systematic approach in which you compare Key Performance Indicators (KPIs)
found within the customerrsquos current environment against a defined model to determine a SAM maturity level The objective is to gain an understanding of the organizationrsquos overall SAM maturity highlight SAM strengths
and weaknesses and provide a roadmap for improvement
A SOM Assessment Report provides the customer with an assessment rating and SAM maturity level based
on answers to SAM policy and procedure questions asked throughout the engagement and captured in the
Microsoft SAM Assessment Report The report also provides recommendations at each stage of the model prioritizing the ones with the greatest impact for the customer
For each key competency area you will identify the sources of data that need to be gathered identify how to
evaluate the data and what is to be determined and then breakout the four maturity levels using the tipping
points for each level
Baseline ReviewData analysis - SAM Assessment
19
SAM Optimization Model ndash maturity levels
BASIC STANDARDIZED RATIONALIZED DYNAMIC
SAM ThroughoutOrganization
Project Managerassigned but SAM rolesamp responsibilities not
defined
Direct SAM responsibilityis identified throughoutorganization
Each functional groupactively manages SAM
SAM responsibilitiesdefined in job descriptionsacross organization
SAMImprovement Plan
No SAM development orcommunication plan
SAM plan is defined and approved
SAM Improvement is demonstrated
SAM goals part of executive scorecard Reviewed regularly
Hardware ampSoftware Inventory
No centralized inventoryor lt 68 assets in central inventory
gt 68-95 of assets in inventory
gt 95 - 98 of assets in Inventory
gt 99 of assets in inventory
Accuracy of InventoryManual inventory nodiscovery tools
Inventory sourcesreconciled annually
Inventory sourcesreconciled quarterly
Dynamic discovery tools provide near real-time deployment details
LicenseEntitlement Records
Procurement managescontracts not accessed byIT managers
Complete entitlementrecords exist acrossorganization
Entitlement recordsreconciled with vendorrecords
SAM entitlement system interfaces with vendor entitlement to track usage
Periodic EvaluationIT operations managed onad-hoc basis
Annual sign-off on SAM reports
Quarterly sign-off on SAM reports
System reconciliations and ITAM report available on demand
SAM OperationsMgmt amp Interfaces
SAM not considered partof MampA risk plan andcompany integration
Operations managesseparate asset inventories
Operations managesassociated assetinventory
All business units follow the same strategy processamp technology for SAM
Acquisition Process
Assets purchased on aper project basis withouta review of current
availability
Software purchases use approved vendors
Software purchases based on deployment entitlement
reconciliation
All purchases are made using a predefined assetcatalog based on metered
usage
Deployment Process
Assets deployed byend-users in distributedlocations no centralized IT
Only approved software is deployed
Software deploymentreports are accessible tostakeholders
Software is dynamically available to users on demand
Retirement Process
Software is retired withhardware and is notharvested or reassigned
Unused software isharvested (where the license allows) and
tracked within a centrally controlled inventory
Centrally controlledinventory of harvestedlicenses is maintained
amp available for reuseDeployment amp license
records are updated
Automated process wcentralized control amp tracking of all installed
software harvest optionsinternal reassignment
and disposal
As you assign the maturity level for each of the ten key competency areas note the customer may be at
different stages in the modelmdashmeaning some areas will be Basic while others are Dynamic or Rationalized Most customers will be in the Basic and Standardized maturity levels but you will see some areas (for
example Acquisition Process) that could be Rationalized or even Dynamic
SOM Workbook
The SOM Assessment Report Workbook is used to document the details on your maturity level assessment
ratings for each of the key competency areas The workbook provides a framework for your customer SAM
optimization review It will also enable you to capture the assessment ratings for each of the ten competency areas
Workbook contents
Within the workbook there is a tab for each competency In addition to the objectives and key questions
each tab contains a definition of the competency risk considerations guidance on how to evaluate the SAM optimization level and the final assessment rating for the specific competency You can also enter notes as
needed at the bottom of each tab
The lsquoSAM Assessment Reportrsquo tab provides the consolidated assessment ratings across all ten competencies
once they have been filled in by you From this tab you can save a copy of this summary information to email
to Microsoft by clicking the lsquoCreate Final Reportrsquo button Note You need to enable the Macro Option above in the Security Warning
The lsquoSAM Assessment Graphrsquo tab provides a graph based on the summary assessment data once it is all
collected
The last tab lsquoCompetency Rating Informationrsquo provides definitions for each competency and optimization
level along with additional assessment guidance
To get started Follow the directions on the ldquoGetting Startedrdquo section of the Introduction tab To set up the
workbook for the customer
1Enable the macros in the security options
2Enter the name of the Customer in cell lsquoF2rsquo
3Enter the Partner Name in cell lsquoF3rsquo
4Enter the Partner MSPP ID in cell lsquoF4rsquo
5Enter the OpportunityID or Agreement in cell lsquoF5rsquo
Baseline ReviewData analysis - SAM Assessment
20
Filling out the Workbook
Using the information you collect by questioning the customer and assessing their maturity level in each of
the ten competencies (both explained in more detail below) you will record an ldquoInitial Observationrdquo and an ldquoAssessment Ratingrdquo for each competency in the appropriate competency tab
bullThe lsquoAssessment Ratingrsquo is your analysis of the customerrsquos maturity for a particular key competency
bullThe lsquo(Initial) Observationsrsquo is supporting information on why you selected the lsquoAssessment Ratingrsquo
Baseline ReviewData analysis - SAM Assessment
The ldquoSAM Assessment Reportrdquo tab is organized by the key competencies and corresponding ISO categories
and the results Once all observations and ratings are recorded the information in the lsquoCurrent Optimizationrsquo columns are auto filled based on the lsquoAssessment Ratingrsquo you have selected as well as your Initial
Observation
21
Creating a final report
To create a final report select the ldquoCreate Final Reportrdquo button making sure that macros are enabled
Baseline ReviewData analysis - SAM Assessment
22
Results from the workbook are also provided back in the form of a graph on the SAM Assessment Graph tab
This is an example of what the output graph will look like
0
1
2
3
4
SAM
throughout
organization
SAM
improvement
plan
Hardware
and
software
inventory
Accuracy
of
inventory
License
entitlement
records
Periodic
self
evaluation
Operations
management
interfaces
Acquisition
process
Deployment
process
Retirement
process
Basic
Standardized
Rationalised
Dynamic
Baseline ReviewData analysis - SAM Assessment
23
DeliverablesUpon completion of this stage you can offer key best practices to improve the customerrsquos software asset management program going forward
ELP
Provides details related to license entitlements which are mapped to
deployments and identifies any gaps or underutilization in your organization
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
View sample report here
Final results
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an accurate point-in-time reflection of the customerrsquos current deployment and license position This data along
with the additional customer inputs will also provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application of license benefit and optimization rules (eg upgrades downgrades promotions etc)
bull Review of the Microsoft SAM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps for the customer
Additionally SAM must take into account the speed and ease with which new services can be provisioned configured and released This ease of implementation introduces organizational risks by decentralizing IT
services Because Cloud services appeal directly to business users the risk exists that these services may be
purchased outside the traditional software procurement and SAM processes
Deliverables
The following deliverables are due to the customer at the end of the engagement
bull A comprehensive view of the customer environment A document with details related to all
hardware and software currently deployed within the customerrsquos IT infrastructure
bull The Effective License Position (ELP) A spreadsheet that provides details related to license entitlements and deployments The spreadsheet must be produced using I-AM (Note Defined in
Deliverables to Microsoft) bull License Optimization Report This report must contain the risks liabilities and issues associated
with customerrsquos current licensing practices and prioritized recommendations on how to better
manage their licenses to minimize risks in the future The report could also contain but is not limited to
o Identification of all of the customerrsquos Volume License Agreements (VLAs) with Microsoft and a recommendation on any beneficial consolidation
o Consumption information detailing installed products that are unused or underutilized (eg
no use in last six months)o Recommendations for a repeatable simplified inventory collection process for future True-ups
(for Enterprise Agreement customers only)o Additional customer-specific recommendations based on captured data and insights
24
SAMSOFTWARE ASSET MANAGEMENT
Baseline
ReviewStep 4 Final recommendations
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
Baseline ReviewStep 2 Data collection
13
Agent-less toolsbull Understand domain network and firewall (as examples) considerations that can effect a toolrsquos
ability to access various portions of your customerrsquos environment
bull Open firewalls make firewall exceptions deploy Group Policy Objects and open specific ports to
ensure that the tool can access all the targeted machines
bull Agentless tools typically need to run multiple times especially at different times of the day and days of the week to catch the variety of users shifts and time zones depending on the
organization
Agent-based tools bull Ensure agents are communicating regularly so that data remains current
bull Ensure agents are deployed to the scope of target machines
bull With the right refresh and agent coverage data collection from an agent-based tool should be a single snapshot extractionmdashno additional iterations should be necessary with the right refresh
schedule and agent coverage
Gathering data
When collecting information consider taking the following actions
bull Ask the customer to confirm the full set of Microsoft products offered to end customers Compare
the results to the customerrsquos current product reporting (invoicing)bull Ask relevant questions regarding the customerrsquos environment that enable you to effectively plan
data collection from an infrastructure and stakeholder perspective By the end of this stage you
should have a clear picture of
o Environments
o Datacenterso Number of servers (physical and virtual per environmentcustomer)
o Deployment types
o Type of virtualization software in useo Software inventory tools in use
o Operations management software in useo Identification of other affiliates providing hosting services
o Microsoft products and versions in use and features enabled
o How servers and software are provisioned decommissioned and tracked o Dates when each server was put into production
o How the company manages user access
DeliverablesAt the conclusion of this stage yoursquoll create a set of reports that summarize your findings including the
following
View sample report here
The customer will have time to review and validate the preliminary reports and make final adjustments
EDPProvides details related to the customersrsquo Microsoft software
deployments and usage data
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an
accurate point-in-time reflection of the customerrsquos current deployment and license position This data along with the additional customer inputs will provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based
on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application
of license benefit and optimization rules (eg upgrades downgrades promotions etc)bull Review of the Microsoft SOM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps
for the customer
In addition work with your customer to identify over-licensed and under-licensed software and events that
might have led the customer to any inaccuracies Reconcile any licensing gaps and provide the customer with guidance on the best way to manage their software assets most effectively going forward
This third stage of a SAM engagement focuses on achieving the following
bull Review amp validate all collected data
bull Compare deployed assets to entitlements
bull Map to an optimized environment based on customer goals
bull Interpret inventory data
Review and validate all collected dataA SAM engagement helps identify and document all product deployments usage and license entitlements This includes combining the inventory data with other relevant data and information that may not be
discoverable with most tools such as your browser readiness for an Office 365 migration development needs to migrate workloads to Azure and relationships between on-premises systems and Cloud systems
Compare deployed assets to entitlementsOne key benefit of a SAM engagement is that it gives you a clear picture of a customerrsquos entire IT landscape
which you can then share with them This includes an accurate view of all of a customerrsquos license entitlements
By understanding these entitlements you can help customers identify over-licensed and under-licensed software so they can purchase any necessary additions to bridge licensing gaps The SAM Baseline
engagement will also help to identify any license gaps eligible to be right-licensed while moving to the Cloud This helps ensure that the customer is getting credit for everything they own
In addition the engagement helps highlight ways in which a subscription model can impact budgeting and
procurement taking into account direct indirect and hidden costs Discussions around a customerrsquos current licensing program and future needs will also help to identify the optimal Volume Licensing choices going
forward
Baseline
ReviewStep 3 Data analysis
14
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewStep 3 Data analysis
15
Map to an optimized environment based on customerrsquos goalsTo optimize results you have to take a holistic view of the customerrsquos current state and intended goal objectives level of willingness to move technical readiness and cost considerations These help determine the
optimal Cloud solution recommendation
Recommended areas of analysis for optimization include the following
bull Assess whether the customerrsquos appropriately licensed for their current deployment and usage state We
can then provide recommendations for the best licensing options to align with their future business plans
bull Analyze the customerrsquos SAM process and provide recommendations to develop or improve them in
support of ongoing optimization management and compliance
bull Determine whether systems are ready for Azure in their current configurations by identifying the Windows
operating system and SQL Server software versions currently running to see if they are supported in Azure You can find supported versions at Microsoft Server Software Support for Microsoft Azure Virtual
Machines
bull Size the systems being assessed to understand system utilization and anticipated resource needs in Azure Virtual Machines This requires collecting performance metrics not simply a single scan of how a machine
is running at a single point in time
Recommended metrics include the following
ndash Azure Virtual Machine size
ndash Estimated monthly usage
ndash Network use (GB)
ndash Storage use (GB)
bull Identify applications and services that are already running in the Cloud and consider the most effective way to manage those solutions For more detailed information on working with Microsoft Cloud
management solutions please read about the Enterprise Mobility Suite with Windows Intune Azure Active
Directory Premium and Azure Rights Management
bull Look for areas of potential risk pertaining to running older software that is out of date or past end of support In particular try and track the following information
ndash Devices not running updated software
ndash Devices running Windows XP
ndash Devices running Windows Server 2008
Interpret inventory databull When reviewing the inventory tool output look for anomalies such as client count results differing
greatly from the number of employees Question anything that seems unusual to ensure your analysis
is an accurate representation of the customerrsquos environment
bull Make sure you understand the relationships between on-premises systems (such as an employee database) and Cloud systems (such as payroll)
bull Be aware that inventory data for Cloud computing may be accessed delivered and managed differently
than data for on-premises solutions Data from the inventory tool should be combined with data from other sources (IT service management and finance for example) so informed decisions can be made
that reflect all aspects of moving workloads to the Cloud including the impact on total cost of
ownership and return on investment
ndash CPU utilization ()
ndash Memory utilization (MB)
ndash Disk IO utilization (IO operations per second)
ndash Network utilizationmdashinout (MB)
bull The customer needs to know who is managing what in order to inventory assets properly If the
organization is using a service provider clarify what was purchased and who is managing it
Over-licensing and under-licensingBased on your analysis yoursquoll be prepared to discuss the customerrsquos current state with clear information on
places where they may be over-licensed or under-licensed Ensure that you are fully aware of the installation
or virtualization rights that your customerrsquos products may have via traditional product use rights Software Assurance (SA) Benefits or even via license grants documented in the Product List Use the findings to talk
about the benefits of being right-licensed and discuss the licensing options that are available to help them achieve proper licensing
Address any licensing shortfalls that have been identified and explain the steps the customer should take to
resolve their under-licensed position Typically the customer will follow their standard process and acquire
the shortfall through their reseller using their existing Volume Licensing (VL) agreement Agree on a timeline to resolve the shortfall ndash within thirty days of identification is a reasonable time period Help the customer by
connecting their licensing shortfalls to gaps in their SAM management processes highlighting areas of improvement Often shortfalls do relate to issues with inadequate existing SAM processes if processes had
been in place and carried out properly shortfalls would have been found earlier
The diagram below shows an example of over- and under-licensing and represents the basic information most companies will need to track as a starting point Organizations with additional complexities will need to
add additional fields to be complete
Baseline ReviewStep 3 Data analysis
16
Product
NameVersion Edition
License
TypeInstallations
Licensed
Quantity
License
Excess or
Shortfall
Office 2010 Professional FPP 14 12 -2
Office 2013Professional
PlusVL 25 25 0
Windows 7 Professional VL 20 25 5
Windows 8 Enterprise OEM 19 19 0
FPP = Full packaged product
OEM = Original equipment manufacturer
VL = Volume Licensing
License rights vary depending on the type of license
purchased
You may find that the customer is over-licensed in some areas They may have acquired more licenses than
necessary or be mistaken in their belief that software is being used If it is discovered that they are not using the product and if their license rights allow it recommend that they reassign the product to another
workload or move the product to the Cloud if the customer has License Mobility rights If the product is being used but there is a quantity mismatch or surplus advise them to adjust their purchases to match their
actual requirements If the customer has active Software Assurance there is the potential to step them up in
the situation where they may need additional licenses for a higher edition of a product
Baseline ReviewData analysis ndash SAM Assessment
A SAM Assessment is a review of the customerrsquos existing processes against the SAM Optimization Model
framework identifying improvement opportunities and associated ROI The SAM Optimization Model (SOM) is a framework developed by Microsoft that is aligned with Microsoft Infrastructure Optimization (IO) SOM
enables partners and customers to evaluate SAM effectively and objectively in order to help them manage
the life cycle of software assets with policies procedures tools and a vision for the future SOM provides an established set of criteria to help you make consistent SAM assessments and recommendations
Use this model to conduct an evaluation to determine how effectively your customer is managing software assets The results from the assessment will form the basis for guidance you will provide the customer with
ways to improve their SAM practices and a tailored road map to help them visualize the benefits and savings
at each stage of SAM optimization
SAM Optimization Model amp ISO SAMThe SAM Optimization framework serves as the foundation and guidance for preparing to implement an effective SAM program that supports alignment with ISO standards The model is based on the ISOIEC
19770-1 standard which is the gold standard for SAM processes It identifies ten KPIs that focus on key
processes an organization needs to follow to implement a SAM program The SAM Optimization Model is a stepping stone to accomplish a complete end-to-end SAM program as defined within ISOIEC 19770-1 which
outlines the requirements and certifications recommended for a comprehensive SAM program Adopting both frameworks will help ensure that customers accurately and strategically implement and manage a
successful ongoing SAM practice
ISO SAM Tier 4
ISO SAM Tier 3
ISO SAM Tier 2
ISO SAM Tier 1
3 Long-term focus
2 Subsequent focus
1 Initial focus
MS SOM Dynamic
MS SOM Standardized
MS SOM Basic
MS SOM Rationalized
Largely Equivalent
Largely Equivalent
asymp
asymp
17
The Microsoft SOM infrastructure optimization maturity levels are
Basic
Ad Hoc ndash Little control over what IT assets are being used and where Lacks policies procedures resources
and tools
Standardized
Tracking Assets ndash SAM processes exist as well as tooldata repository Information may not be complete and accurate and is typically not used for decision making
Rationalized
Active Management ndash Vision policies procedures and tools are used to manage the IT software asset lifecycle Reliable information used to manage the assets to business targets
Dynamic
Optimized ndash Near real-time alignment with changing business needs SAM is a strategic asset to overall
business objectives
Baseline ReviewData analysis - SAM Assessment
The first two levels Basic and Standardized are the initial focus points for an organization As organizations
increase their maturity they will progress up to Rationalized with the ultimate long-term goal of arriving at a Dynamic state The Rationalized level is similar to the ISO SAM Tier 1 in the ISO 19770 model and the
Dynamic level corresponds generally to the ISO SAM Tiers 2 3 and 4
For more information on the ISO model see ISOIEC 19770 -12012 ndash Information technology ndash Software
asset management ndash Part 1 Processes and tiered assessment of conformance
Standardized
SAM
Tracking Assets
SAM processes exist
as well as tooldata
repository
Information may not
be complete or
accurate and typically
not used for decision
making
Rationalized
SAM
Active Management
Vision policies
procedures and tools
are used to manage
the software asset
lifecycle
Reliable information
used to manage the
assets to business
targets
Dynamic
SAM
Optimized
Near real-time
alignment with
changing business
needs
Business competitive
advantage through
SAM
Basic
SAM
Ad Hoc
Little control over
which IT assets are
being used and
where
Lacks policies
procedures
resources and tools
18
SOM maturity levels and key competencies
The SOM Assessment is a systematic approach in which you compare Key Performance Indicators (KPIs)
found within the customerrsquos current environment against a defined model to determine a SAM maturity level The objective is to gain an understanding of the organizationrsquos overall SAM maturity highlight SAM strengths
and weaknesses and provide a roadmap for improvement
A SOM Assessment Report provides the customer with an assessment rating and SAM maturity level based
on answers to SAM policy and procedure questions asked throughout the engagement and captured in the
Microsoft SAM Assessment Report The report also provides recommendations at each stage of the model prioritizing the ones with the greatest impact for the customer
For each key competency area you will identify the sources of data that need to be gathered identify how to
evaluate the data and what is to be determined and then breakout the four maturity levels using the tipping
points for each level
Baseline ReviewData analysis - SAM Assessment
19
SAM Optimization Model ndash maturity levels
BASIC STANDARDIZED RATIONALIZED DYNAMIC
SAM ThroughoutOrganization
Project Managerassigned but SAM rolesamp responsibilities not
defined
Direct SAM responsibilityis identified throughoutorganization
Each functional groupactively manages SAM
SAM responsibilitiesdefined in job descriptionsacross organization
SAMImprovement Plan
No SAM development orcommunication plan
SAM plan is defined and approved
SAM Improvement is demonstrated
SAM goals part of executive scorecard Reviewed regularly
Hardware ampSoftware Inventory
No centralized inventoryor lt 68 assets in central inventory
gt 68-95 of assets in inventory
gt 95 - 98 of assets in Inventory
gt 99 of assets in inventory
Accuracy of InventoryManual inventory nodiscovery tools
Inventory sourcesreconciled annually
Inventory sourcesreconciled quarterly
Dynamic discovery tools provide near real-time deployment details
LicenseEntitlement Records
Procurement managescontracts not accessed byIT managers
Complete entitlementrecords exist acrossorganization
Entitlement recordsreconciled with vendorrecords
SAM entitlement system interfaces with vendor entitlement to track usage
Periodic EvaluationIT operations managed onad-hoc basis
Annual sign-off on SAM reports
Quarterly sign-off on SAM reports
System reconciliations and ITAM report available on demand
SAM OperationsMgmt amp Interfaces
SAM not considered partof MampA risk plan andcompany integration
Operations managesseparate asset inventories
Operations managesassociated assetinventory
All business units follow the same strategy processamp technology for SAM
Acquisition Process
Assets purchased on aper project basis withouta review of current
availability
Software purchases use approved vendors
Software purchases based on deployment entitlement
reconciliation
All purchases are made using a predefined assetcatalog based on metered
usage
Deployment Process
Assets deployed byend-users in distributedlocations no centralized IT
Only approved software is deployed
Software deploymentreports are accessible tostakeholders
Software is dynamically available to users on demand
Retirement Process
Software is retired withhardware and is notharvested or reassigned
Unused software isharvested (where the license allows) and
tracked within a centrally controlled inventory
Centrally controlledinventory of harvestedlicenses is maintained
amp available for reuseDeployment amp license
records are updated
Automated process wcentralized control amp tracking of all installed
software harvest optionsinternal reassignment
and disposal
As you assign the maturity level for each of the ten key competency areas note the customer may be at
different stages in the modelmdashmeaning some areas will be Basic while others are Dynamic or Rationalized Most customers will be in the Basic and Standardized maturity levels but you will see some areas (for
example Acquisition Process) that could be Rationalized or even Dynamic
SOM Workbook
The SOM Assessment Report Workbook is used to document the details on your maturity level assessment
ratings for each of the key competency areas The workbook provides a framework for your customer SAM
optimization review It will also enable you to capture the assessment ratings for each of the ten competency areas
Workbook contents
Within the workbook there is a tab for each competency In addition to the objectives and key questions
each tab contains a definition of the competency risk considerations guidance on how to evaluate the SAM optimization level and the final assessment rating for the specific competency You can also enter notes as
needed at the bottom of each tab
The lsquoSAM Assessment Reportrsquo tab provides the consolidated assessment ratings across all ten competencies
once they have been filled in by you From this tab you can save a copy of this summary information to email
to Microsoft by clicking the lsquoCreate Final Reportrsquo button Note You need to enable the Macro Option above in the Security Warning
The lsquoSAM Assessment Graphrsquo tab provides a graph based on the summary assessment data once it is all
collected
The last tab lsquoCompetency Rating Informationrsquo provides definitions for each competency and optimization
level along with additional assessment guidance
To get started Follow the directions on the ldquoGetting Startedrdquo section of the Introduction tab To set up the
workbook for the customer
1Enable the macros in the security options
2Enter the name of the Customer in cell lsquoF2rsquo
3Enter the Partner Name in cell lsquoF3rsquo
4Enter the Partner MSPP ID in cell lsquoF4rsquo
5Enter the OpportunityID or Agreement in cell lsquoF5rsquo
Baseline ReviewData analysis - SAM Assessment
20
Filling out the Workbook
Using the information you collect by questioning the customer and assessing their maturity level in each of
the ten competencies (both explained in more detail below) you will record an ldquoInitial Observationrdquo and an ldquoAssessment Ratingrdquo for each competency in the appropriate competency tab
bullThe lsquoAssessment Ratingrsquo is your analysis of the customerrsquos maturity for a particular key competency
bullThe lsquo(Initial) Observationsrsquo is supporting information on why you selected the lsquoAssessment Ratingrsquo
Baseline ReviewData analysis - SAM Assessment
The ldquoSAM Assessment Reportrdquo tab is organized by the key competencies and corresponding ISO categories
and the results Once all observations and ratings are recorded the information in the lsquoCurrent Optimizationrsquo columns are auto filled based on the lsquoAssessment Ratingrsquo you have selected as well as your Initial
Observation
21
Creating a final report
To create a final report select the ldquoCreate Final Reportrdquo button making sure that macros are enabled
Baseline ReviewData analysis - SAM Assessment
22
Results from the workbook are also provided back in the form of a graph on the SAM Assessment Graph tab
This is an example of what the output graph will look like
0
1
2
3
4
SAM
throughout
organization
SAM
improvement
plan
Hardware
and
software
inventory
Accuracy
of
inventory
License
entitlement
records
Periodic
self
evaluation
Operations
management
interfaces
Acquisition
process
Deployment
process
Retirement
process
Basic
Standardized
Rationalised
Dynamic
Baseline ReviewData analysis - SAM Assessment
23
DeliverablesUpon completion of this stage you can offer key best practices to improve the customerrsquos software asset management program going forward
ELP
Provides details related to license entitlements which are mapped to
deployments and identifies any gaps or underutilization in your organization
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
View sample report here
Final results
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an accurate point-in-time reflection of the customerrsquos current deployment and license position This data along
with the additional customer inputs will also provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application of license benefit and optimization rules (eg upgrades downgrades promotions etc)
bull Review of the Microsoft SAM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps for the customer
Additionally SAM must take into account the speed and ease with which new services can be provisioned configured and released This ease of implementation introduces organizational risks by decentralizing IT
services Because Cloud services appeal directly to business users the risk exists that these services may be
purchased outside the traditional software procurement and SAM processes
Deliverables
The following deliverables are due to the customer at the end of the engagement
bull A comprehensive view of the customer environment A document with details related to all
hardware and software currently deployed within the customerrsquos IT infrastructure
bull The Effective License Position (ELP) A spreadsheet that provides details related to license entitlements and deployments The spreadsheet must be produced using I-AM (Note Defined in
Deliverables to Microsoft) bull License Optimization Report This report must contain the risks liabilities and issues associated
with customerrsquos current licensing practices and prioritized recommendations on how to better
manage their licenses to minimize risks in the future The report could also contain but is not limited to
o Identification of all of the customerrsquos Volume License Agreements (VLAs) with Microsoft and a recommendation on any beneficial consolidation
o Consumption information detailing installed products that are unused or underutilized (eg
no use in last six months)o Recommendations for a repeatable simplified inventory collection process for future True-ups
(for Enterprise Agreement customers only)o Additional customer-specific recommendations based on captured data and insights
24
SAMSOFTWARE ASSET MANAGEMENT
Baseline
ReviewStep 4 Final recommendations
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an
accurate point-in-time reflection of the customerrsquos current deployment and license position This data along with the additional customer inputs will provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based
on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application
of license benefit and optimization rules (eg upgrades downgrades promotions etc)bull Review of the Microsoft SOM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps
for the customer
In addition work with your customer to identify over-licensed and under-licensed software and events that
might have led the customer to any inaccuracies Reconcile any licensing gaps and provide the customer with guidance on the best way to manage their software assets most effectively going forward
This third stage of a SAM engagement focuses on achieving the following
bull Review amp validate all collected data
bull Compare deployed assets to entitlements
bull Map to an optimized environment based on customer goals
bull Interpret inventory data
Review and validate all collected dataA SAM engagement helps identify and document all product deployments usage and license entitlements This includes combining the inventory data with other relevant data and information that may not be
discoverable with most tools such as your browser readiness for an Office 365 migration development needs to migrate workloads to Azure and relationships between on-premises systems and Cloud systems
Compare deployed assets to entitlementsOne key benefit of a SAM engagement is that it gives you a clear picture of a customerrsquos entire IT landscape
which you can then share with them This includes an accurate view of all of a customerrsquos license entitlements
By understanding these entitlements you can help customers identify over-licensed and under-licensed software so they can purchase any necessary additions to bridge licensing gaps The SAM Baseline
engagement will also help to identify any license gaps eligible to be right-licensed while moving to the Cloud This helps ensure that the customer is getting credit for everything they own
In addition the engagement helps highlight ways in which a subscription model can impact budgeting and
procurement taking into account direct indirect and hidden costs Discussions around a customerrsquos current licensing program and future needs will also help to identify the optimal Volume Licensing choices going
forward
Baseline
ReviewStep 3 Data analysis
14
SAMSOFTWARE ASSET MANAGEMENT
Baseline ReviewStep 3 Data analysis
15
Map to an optimized environment based on customerrsquos goalsTo optimize results you have to take a holistic view of the customerrsquos current state and intended goal objectives level of willingness to move technical readiness and cost considerations These help determine the
optimal Cloud solution recommendation
Recommended areas of analysis for optimization include the following
bull Assess whether the customerrsquos appropriately licensed for their current deployment and usage state We
can then provide recommendations for the best licensing options to align with their future business plans
bull Analyze the customerrsquos SAM process and provide recommendations to develop or improve them in
support of ongoing optimization management and compliance
bull Determine whether systems are ready for Azure in their current configurations by identifying the Windows
operating system and SQL Server software versions currently running to see if they are supported in Azure You can find supported versions at Microsoft Server Software Support for Microsoft Azure Virtual
Machines
bull Size the systems being assessed to understand system utilization and anticipated resource needs in Azure Virtual Machines This requires collecting performance metrics not simply a single scan of how a machine
is running at a single point in time
Recommended metrics include the following
ndash Azure Virtual Machine size
ndash Estimated monthly usage
ndash Network use (GB)
ndash Storage use (GB)
bull Identify applications and services that are already running in the Cloud and consider the most effective way to manage those solutions For more detailed information on working with Microsoft Cloud
management solutions please read about the Enterprise Mobility Suite with Windows Intune Azure Active
Directory Premium and Azure Rights Management
bull Look for areas of potential risk pertaining to running older software that is out of date or past end of support In particular try and track the following information
ndash Devices not running updated software
ndash Devices running Windows XP
ndash Devices running Windows Server 2008
Interpret inventory databull When reviewing the inventory tool output look for anomalies such as client count results differing
greatly from the number of employees Question anything that seems unusual to ensure your analysis
is an accurate representation of the customerrsquos environment
bull Make sure you understand the relationships between on-premises systems (such as an employee database) and Cloud systems (such as payroll)
bull Be aware that inventory data for Cloud computing may be accessed delivered and managed differently
than data for on-premises solutions Data from the inventory tool should be combined with data from other sources (IT service management and finance for example) so informed decisions can be made
that reflect all aspects of moving workloads to the Cloud including the impact on total cost of
ownership and return on investment
ndash CPU utilization ()
ndash Memory utilization (MB)
ndash Disk IO utilization (IO operations per second)
ndash Network utilizationmdashinout (MB)
bull The customer needs to know who is managing what in order to inventory assets properly If the
organization is using a service provider clarify what was purchased and who is managing it
Over-licensing and under-licensingBased on your analysis yoursquoll be prepared to discuss the customerrsquos current state with clear information on
places where they may be over-licensed or under-licensed Ensure that you are fully aware of the installation
or virtualization rights that your customerrsquos products may have via traditional product use rights Software Assurance (SA) Benefits or even via license grants documented in the Product List Use the findings to talk
about the benefits of being right-licensed and discuss the licensing options that are available to help them achieve proper licensing
Address any licensing shortfalls that have been identified and explain the steps the customer should take to
resolve their under-licensed position Typically the customer will follow their standard process and acquire
the shortfall through their reseller using their existing Volume Licensing (VL) agreement Agree on a timeline to resolve the shortfall ndash within thirty days of identification is a reasonable time period Help the customer by
connecting their licensing shortfalls to gaps in their SAM management processes highlighting areas of improvement Often shortfalls do relate to issues with inadequate existing SAM processes if processes had
been in place and carried out properly shortfalls would have been found earlier
The diagram below shows an example of over- and under-licensing and represents the basic information most companies will need to track as a starting point Organizations with additional complexities will need to
add additional fields to be complete
Baseline ReviewStep 3 Data analysis
16
Product
NameVersion Edition
License
TypeInstallations
Licensed
Quantity
License
Excess or
Shortfall
Office 2010 Professional FPP 14 12 -2
Office 2013Professional
PlusVL 25 25 0
Windows 7 Professional VL 20 25 5
Windows 8 Enterprise OEM 19 19 0
FPP = Full packaged product
OEM = Original equipment manufacturer
VL = Volume Licensing
License rights vary depending on the type of license
purchased
You may find that the customer is over-licensed in some areas They may have acquired more licenses than
necessary or be mistaken in their belief that software is being used If it is discovered that they are not using the product and if their license rights allow it recommend that they reassign the product to another
workload or move the product to the Cloud if the customer has License Mobility rights If the product is being used but there is a quantity mismatch or surplus advise them to adjust their purchases to match their
actual requirements If the customer has active Software Assurance there is the potential to step them up in
the situation where they may need additional licenses for a higher edition of a product
Baseline ReviewData analysis ndash SAM Assessment
A SAM Assessment is a review of the customerrsquos existing processes against the SAM Optimization Model
framework identifying improvement opportunities and associated ROI The SAM Optimization Model (SOM) is a framework developed by Microsoft that is aligned with Microsoft Infrastructure Optimization (IO) SOM
enables partners and customers to evaluate SAM effectively and objectively in order to help them manage
the life cycle of software assets with policies procedures tools and a vision for the future SOM provides an established set of criteria to help you make consistent SAM assessments and recommendations
Use this model to conduct an evaluation to determine how effectively your customer is managing software assets The results from the assessment will form the basis for guidance you will provide the customer with
ways to improve their SAM practices and a tailored road map to help them visualize the benefits and savings
at each stage of SAM optimization
SAM Optimization Model amp ISO SAMThe SAM Optimization framework serves as the foundation and guidance for preparing to implement an effective SAM program that supports alignment with ISO standards The model is based on the ISOIEC
19770-1 standard which is the gold standard for SAM processes It identifies ten KPIs that focus on key
processes an organization needs to follow to implement a SAM program The SAM Optimization Model is a stepping stone to accomplish a complete end-to-end SAM program as defined within ISOIEC 19770-1 which
outlines the requirements and certifications recommended for a comprehensive SAM program Adopting both frameworks will help ensure that customers accurately and strategically implement and manage a
successful ongoing SAM practice
ISO SAM Tier 4
ISO SAM Tier 3
ISO SAM Tier 2
ISO SAM Tier 1
3 Long-term focus
2 Subsequent focus
1 Initial focus
MS SOM Dynamic
MS SOM Standardized
MS SOM Basic
MS SOM Rationalized
Largely Equivalent
Largely Equivalent
asymp
asymp
17
The Microsoft SOM infrastructure optimization maturity levels are
Basic
Ad Hoc ndash Little control over what IT assets are being used and where Lacks policies procedures resources
and tools
Standardized
Tracking Assets ndash SAM processes exist as well as tooldata repository Information may not be complete and accurate and is typically not used for decision making
Rationalized
Active Management ndash Vision policies procedures and tools are used to manage the IT software asset lifecycle Reliable information used to manage the assets to business targets
Dynamic
Optimized ndash Near real-time alignment with changing business needs SAM is a strategic asset to overall
business objectives
Baseline ReviewData analysis - SAM Assessment
The first two levels Basic and Standardized are the initial focus points for an organization As organizations
increase their maturity they will progress up to Rationalized with the ultimate long-term goal of arriving at a Dynamic state The Rationalized level is similar to the ISO SAM Tier 1 in the ISO 19770 model and the
Dynamic level corresponds generally to the ISO SAM Tiers 2 3 and 4
For more information on the ISO model see ISOIEC 19770 -12012 ndash Information technology ndash Software
asset management ndash Part 1 Processes and tiered assessment of conformance
Standardized
SAM
Tracking Assets
SAM processes exist
as well as tooldata
repository
Information may not
be complete or
accurate and typically
not used for decision
making
Rationalized
SAM
Active Management
Vision policies
procedures and tools
are used to manage
the software asset
lifecycle
Reliable information
used to manage the
assets to business
targets
Dynamic
SAM
Optimized
Near real-time
alignment with
changing business
needs
Business competitive
advantage through
SAM
Basic
SAM
Ad Hoc
Little control over
which IT assets are
being used and
where
Lacks policies
procedures
resources and tools
18
SOM maturity levels and key competencies
The SOM Assessment is a systematic approach in which you compare Key Performance Indicators (KPIs)
found within the customerrsquos current environment against a defined model to determine a SAM maturity level The objective is to gain an understanding of the organizationrsquos overall SAM maturity highlight SAM strengths
and weaknesses and provide a roadmap for improvement
A SOM Assessment Report provides the customer with an assessment rating and SAM maturity level based
on answers to SAM policy and procedure questions asked throughout the engagement and captured in the
Microsoft SAM Assessment Report The report also provides recommendations at each stage of the model prioritizing the ones with the greatest impact for the customer
For each key competency area you will identify the sources of data that need to be gathered identify how to
evaluate the data and what is to be determined and then breakout the four maturity levels using the tipping
points for each level
Baseline ReviewData analysis - SAM Assessment
19
SAM Optimization Model ndash maturity levels
BASIC STANDARDIZED RATIONALIZED DYNAMIC
SAM ThroughoutOrganization
Project Managerassigned but SAM rolesamp responsibilities not
defined
Direct SAM responsibilityis identified throughoutorganization
Each functional groupactively manages SAM
SAM responsibilitiesdefined in job descriptionsacross organization
SAMImprovement Plan
No SAM development orcommunication plan
SAM plan is defined and approved
SAM Improvement is demonstrated
SAM goals part of executive scorecard Reviewed regularly
Hardware ampSoftware Inventory
No centralized inventoryor lt 68 assets in central inventory
gt 68-95 of assets in inventory
gt 95 - 98 of assets in Inventory
gt 99 of assets in inventory
Accuracy of InventoryManual inventory nodiscovery tools
Inventory sourcesreconciled annually
Inventory sourcesreconciled quarterly
Dynamic discovery tools provide near real-time deployment details
LicenseEntitlement Records
Procurement managescontracts not accessed byIT managers
Complete entitlementrecords exist acrossorganization
Entitlement recordsreconciled with vendorrecords
SAM entitlement system interfaces with vendor entitlement to track usage
Periodic EvaluationIT operations managed onad-hoc basis
Annual sign-off on SAM reports
Quarterly sign-off on SAM reports
System reconciliations and ITAM report available on demand
SAM OperationsMgmt amp Interfaces
SAM not considered partof MampA risk plan andcompany integration
Operations managesseparate asset inventories
Operations managesassociated assetinventory
All business units follow the same strategy processamp technology for SAM
Acquisition Process
Assets purchased on aper project basis withouta review of current
availability
Software purchases use approved vendors
Software purchases based on deployment entitlement
reconciliation
All purchases are made using a predefined assetcatalog based on metered
usage
Deployment Process
Assets deployed byend-users in distributedlocations no centralized IT
Only approved software is deployed
Software deploymentreports are accessible tostakeholders
Software is dynamically available to users on demand
Retirement Process
Software is retired withhardware and is notharvested or reassigned
Unused software isharvested (where the license allows) and
tracked within a centrally controlled inventory
Centrally controlledinventory of harvestedlicenses is maintained
amp available for reuseDeployment amp license
records are updated
Automated process wcentralized control amp tracking of all installed
software harvest optionsinternal reassignment
and disposal
As you assign the maturity level for each of the ten key competency areas note the customer may be at
different stages in the modelmdashmeaning some areas will be Basic while others are Dynamic or Rationalized Most customers will be in the Basic and Standardized maturity levels but you will see some areas (for
example Acquisition Process) that could be Rationalized or even Dynamic
SOM Workbook
The SOM Assessment Report Workbook is used to document the details on your maturity level assessment
ratings for each of the key competency areas The workbook provides a framework for your customer SAM
optimization review It will also enable you to capture the assessment ratings for each of the ten competency areas
Workbook contents
Within the workbook there is a tab for each competency In addition to the objectives and key questions
each tab contains a definition of the competency risk considerations guidance on how to evaluate the SAM optimization level and the final assessment rating for the specific competency You can also enter notes as
needed at the bottom of each tab
The lsquoSAM Assessment Reportrsquo tab provides the consolidated assessment ratings across all ten competencies
once they have been filled in by you From this tab you can save a copy of this summary information to email
to Microsoft by clicking the lsquoCreate Final Reportrsquo button Note You need to enable the Macro Option above in the Security Warning
The lsquoSAM Assessment Graphrsquo tab provides a graph based on the summary assessment data once it is all
collected
The last tab lsquoCompetency Rating Informationrsquo provides definitions for each competency and optimization
level along with additional assessment guidance
To get started Follow the directions on the ldquoGetting Startedrdquo section of the Introduction tab To set up the
workbook for the customer
1Enable the macros in the security options
2Enter the name of the Customer in cell lsquoF2rsquo
3Enter the Partner Name in cell lsquoF3rsquo
4Enter the Partner MSPP ID in cell lsquoF4rsquo
5Enter the OpportunityID or Agreement in cell lsquoF5rsquo
Baseline ReviewData analysis - SAM Assessment
20
Filling out the Workbook
Using the information you collect by questioning the customer and assessing their maturity level in each of
the ten competencies (both explained in more detail below) you will record an ldquoInitial Observationrdquo and an ldquoAssessment Ratingrdquo for each competency in the appropriate competency tab
bullThe lsquoAssessment Ratingrsquo is your analysis of the customerrsquos maturity for a particular key competency
bullThe lsquo(Initial) Observationsrsquo is supporting information on why you selected the lsquoAssessment Ratingrsquo
Baseline ReviewData analysis - SAM Assessment
The ldquoSAM Assessment Reportrdquo tab is organized by the key competencies and corresponding ISO categories
and the results Once all observations and ratings are recorded the information in the lsquoCurrent Optimizationrsquo columns are auto filled based on the lsquoAssessment Ratingrsquo you have selected as well as your Initial
Observation
21
Creating a final report
To create a final report select the ldquoCreate Final Reportrdquo button making sure that macros are enabled
Baseline ReviewData analysis - SAM Assessment
22
Results from the workbook are also provided back in the form of a graph on the SAM Assessment Graph tab
This is an example of what the output graph will look like
0
1
2
3
4
SAM
throughout
organization
SAM
improvement
plan
Hardware
and
software
inventory
Accuracy
of
inventory
License
entitlement
records
Periodic
self
evaluation
Operations
management
interfaces
Acquisition
process
Deployment
process
Retirement
process
Basic
Standardized
Rationalised
Dynamic
Baseline ReviewData analysis - SAM Assessment
23
DeliverablesUpon completion of this stage you can offer key best practices to improve the customerrsquos software asset management program going forward
ELP
Provides details related to license entitlements which are mapped to
deployments and identifies any gaps or underutilization in your organization
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
View sample report here
Final results
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an accurate point-in-time reflection of the customerrsquos current deployment and license position This data along
with the additional customer inputs will also provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application of license benefit and optimization rules (eg upgrades downgrades promotions etc)
bull Review of the Microsoft SAM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps for the customer
Additionally SAM must take into account the speed and ease with which new services can be provisioned configured and released This ease of implementation introduces organizational risks by decentralizing IT
services Because Cloud services appeal directly to business users the risk exists that these services may be
purchased outside the traditional software procurement and SAM processes
Deliverables
The following deliverables are due to the customer at the end of the engagement
bull A comprehensive view of the customer environment A document with details related to all
hardware and software currently deployed within the customerrsquos IT infrastructure
bull The Effective License Position (ELP) A spreadsheet that provides details related to license entitlements and deployments The spreadsheet must be produced using I-AM (Note Defined in
Deliverables to Microsoft) bull License Optimization Report This report must contain the risks liabilities and issues associated
with customerrsquos current licensing practices and prioritized recommendations on how to better
manage their licenses to minimize risks in the future The report could also contain but is not limited to
o Identification of all of the customerrsquos Volume License Agreements (VLAs) with Microsoft and a recommendation on any beneficial consolidation
o Consumption information detailing installed products that are unused or underutilized (eg
no use in last six months)o Recommendations for a repeatable simplified inventory collection process for future True-ups
(for Enterprise Agreement customers only)o Additional customer-specific recommendations based on captured data and insights
24
SAMSOFTWARE ASSET MANAGEMENT
Baseline
ReviewStep 4 Final recommendations
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
Baseline ReviewStep 3 Data analysis
15
Map to an optimized environment based on customerrsquos goalsTo optimize results you have to take a holistic view of the customerrsquos current state and intended goal objectives level of willingness to move technical readiness and cost considerations These help determine the
optimal Cloud solution recommendation
Recommended areas of analysis for optimization include the following
bull Assess whether the customerrsquos appropriately licensed for their current deployment and usage state We
can then provide recommendations for the best licensing options to align with their future business plans
bull Analyze the customerrsquos SAM process and provide recommendations to develop or improve them in
support of ongoing optimization management and compliance
bull Determine whether systems are ready for Azure in their current configurations by identifying the Windows
operating system and SQL Server software versions currently running to see if they are supported in Azure You can find supported versions at Microsoft Server Software Support for Microsoft Azure Virtual
Machines
bull Size the systems being assessed to understand system utilization and anticipated resource needs in Azure Virtual Machines This requires collecting performance metrics not simply a single scan of how a machine
is running at a single point in time
Recommended metrics include the following
ndash Azure Virtual Machine size
ndash Estimated monthly usage
ndash Network use (GB)
ndash Storage use (GB)
bull Identify applications and services that are already running in the Cloud and consider the most effective way to manage those solutions For more detailed information on working with Microsoft Cloud
management solutions please read about the Enterprise Mobility Suite with Windows Intune Azure Active
Directory Premium and Azure Rights Management
bull Look for areas of potential risk pertaining to running older software that is out of date or past end of support In particular try and track the following information
ndash Devices not running updated software
ndash Devices running Windows XP
ndash Devices running Windows Server 2008
Interpret inventory databull When reviewing the inventory tool output look for anomalies such as client count results differing
greatly from the number of employees Question anything that seems unusual to ensure your analysis
is an accurate representation of the customerrsquos environment
bull Make sure you understand the relationships between on-premises systems (such as an employee database) and Cloud systems (such as payroll)
bull Be aware that inventory data for Cloud computing may be accessed delivered and managed differently
than data for on-premises solutions Data from the inventory tool should be combined with data from other sources (IT service management and finance for example) so informed decisions can be made
that reflect all aspects of moving workloads to the Cloud including the impact on total cost of
ownership and return on investment
ndash CPU utilization ()
ndash Memory utilization (MB)
ndash Disk IO utilization (IO operations per second)
ndash Network utilizationmdashinout (MB)
bull The customer needs to know who is managing what in order to inventory assets properly If the
organization is using a service provider clarify what was purchased and who is managing it
Over-licensing and under-licensingBased on your analysis yoursquoll be prepared to discuss the customerrsquos current state with clear information on
places where they may be over-licensed or under-licensed Ensure that you are fully aware of the installation
or virtualization rights that your customerrsquos products may have via traditional product use rights Software Assurance (SA) Benefits or even via license grants documented in the Product List Use the findings to talk
about the benefits of being right-licensed and discuss the licensing options that are available to help them achieve proper licensing
Address any licensing shortfalls that have been identified and explain the steps the customer should take to
resolve their under-licensed position Typically the customer will follow their standard process and acquire
the shortfall through their reseller using their existing Volume Licensing (VL) agreement Agree on a timeline to resolve the shortfall ndash within thirty days of identification is a reasonable time period Help the customer by
connecting their licensing shortfalls to gaps in their SAM management processes highlighting areas of improvement Often shortfalls do relate to issues with inadequate existing SAM processes if processes had
been in place and carried out properly shortfalls would have been found earlier
The diagram below shows an example of over- and under-licensing and represents the basic information most companies will need to track as a starting point Organizations with additional complexities will need to
add additional fields to be complete
Baseline ReviewStep 3 Data analysis
16
Product
NameVersion Edition
License
TypeInstallations
Licensed
Quantity
License
Excess or
Shortfall
Office 2010 Professional FPP 14 12 -2
Office 2013Professional
PlusVL 25 25 0
Windows 7 Professional VL 20 25 5
Windows 8 Enterprise OEM 19 19 0
FPP = Full packaged product
OEM = Original equipment manufacturer
VL = Volume Licensing
License rights vary depending on the type of license
purchased
You may find that the customer is over-licensed in some areas They may have acquired more licenses than
necessary or be mistaken in their belief that software is being used If it is discovered that they are not using the product and if their license rights allow it recommend that they reassign the product to another
workload or move the product to the Cloud if the customer has License Mobility rights If the product is being used but there is a quantity mismatch or surplus advise them to adjust their purchases to match their
actual requirements If the customer has active Software Assurance there is the potential to step them up in
the situation where they may need additional licenses for a higher edition of a product
Baseline ReviewData analysis ndash SAM Assessment
A SAM Assessment is a review of the customerrsquos existing processes against the SAM Optimization Model
framework identifying improvement opportunities and associated ROI The SAM Optimization Model (SOM) is a framework developed by Microsoft that is aligned with Microsoft Infrastructure Optimization (IO) SOM
enables partners and customers to evaluate SAM effectively and objectively in order to help them manage
the life cycle of software assets with policies procedures tools and a vision for the future SOM provides an established set of criteria to help you make consistent SAM assessments and recommendations
Use this model to conduct an evaluation to determine how effectively your customer is managing software assets The results from the assessment will form the basis for guidance you will provide the customer with
ways to improve their SAM practices and a tailored road map to help them visualize the benefits and savings
at each stage of SAM optimization
SAM Optimization Model amp ISO SAMThe SAM Optimization framework serves as the foundation and guidance for preparing to implement an effective SAM program that supports alignment with ISO standards The model is based on the ISOIEC
19770-1 standard which is the gold standard for SAM processes It identifies ten KPIs that focus on key
processes an organization needs to follow to implement a SAM program The SAM Optimization Model is a stepping stone to accomplish a complete end-to-end SAM program as defined within ISOIEC 19770-1 which
outlines the requirements and certifications recommended for a comprehensive SAM program Adopting both frameworks will help ensure that customers accurately and strategically implement and manage a
successful ongoing SAM practice
ISO SAM Tier 4
ISO SAM Tier 3
ISO SAM Tier 2
ISO SAM Tier 1
3 Long-term focus
2 Subsequent focus
1 Initial focus
MS SOM Dynamic
MS SOM Standardized
MS SOM Basic
MS SOM Rationalized
Largely Equivalent
Largely Equivalent
asymp
asymp
17
The Microsoft SOM infrastructure optimization maturity levels are
Basic
Ad Hoc ndash Little control over what IT assets are being used and where Lacks policies procedures resources
and tools
Standardized
Tracking Assets ndash SAM processes exist as well as tooldata repository Information may not be complete and accurate and is typically not used for decision making
Rationalized
Active Management ndash Vision policies procedures and tools are used to manage the IT software asset lifecycle Reliable information used to manage the assets to business targets
Dynamic
Optimized ndash Near real-time alignment with changing business needs SAM is a strategic asset to overall
business objectives
Baseline ReviewData analysis - SAM Assessment
The first two levels Basic and Standardized are the initial focus points for an organization As organizations
increase their maturity they will progress up to Rationalized with the ultimate long-term goal of arriving at a Dynamic state The Rationalized level is similar to the ISO SAM Tier 1 in the ISO 19770 model and the
Dynamic level corresponds generally to the ISO SAM Tiers 2 3 and 4
For more information on the ISO model see ISOIEC 19770 -12012 ndash Information technology ndash Software
asset management ndash Part 1 Processes and tiered assessment of conformance
Standardized
SAM
Tracking Assets
SAM processes exist
as well as tooldata
repository
Information may not
be complete or
accurate and typically
not used for decision
making
Rationalized
SAM
Active Management
Vision policies
procedures and tools
are used to manage
the software asset
lifecycle
Reliable information
used to manage the
assets to business
targets
Dynamic
SAM
Optimized
Near real-time
alignment with
changing business
needs
Business competitive
advantage through
SAM
Basic
SAM
Ad Hoc
Little control over
which IT assets are
being used and
where
Lacks policies
procedures
resources and tools
18
SOM maturity levels and key competencies
The SOM Assessment is a systematic approach in which you compare Key Performance Indicators (KPIs)
found within the customerrsquos current environment against a defined model to determine a SAM maturity level The objective is to gain an understanding of the organizationrsquos overall SAM maturity highlight SAM strengths
and weaknesses and provide a roadmap for improvement
A SOM Assessment Report provides the customer with an assessment rating and SAM maturity level based
on answers to SAM policy and procedure questions asked throughout the engagement and captured in the
Microsoft SAM Assessment Report The report also provides recommendations at each stage of the model prioritizing the ones with the greatest impact for the customer
For each key competency area you will identify the sources of data that need to be gathered identify how to
evaluate the data and what is to be determined and then breakout the four maturity levels using the tipping
points for each level
Baseline ReviewData analysis - SAM Assessment
19
SAM Optimization Model ndash maturity levels
BASIC STANDARDIZED RATIONALIZED DYNAMIC
SAM ThroughoutOrganization
Project Managerassigned but SAM rolesamp responsibilities not
defined
Direct SAM responsibilityis identified throughoutorganization
Each functional groupactively manages SAM
SAM responsibilitiesdefined in job descriptionsacross organization
SAMImprovement Plan
No SAM development orcommunication plan
SAM plan is defined and approved
SAM Improvement is demonstrated
SAM goals part of executive scorecard Reviewed regularly
Hardware ampSoftware Inventory
No centralized inventoryor lt 68 assets in central inventory
gt 68-95 of assets in inventory
gt 95 - 98 of assets in Inventory
gt 99 of assets in inventory
Accuracy of InventoryManual inventory nodiscovery tools
Inventory sourcesreconciled annually
Inventory sourcesreconciled quarterly
Dynamic discovery tools provide near real-time deployment details
LicenseEntitlement Records
Procurement managescontracts not accessed byIT managers
Complete entitlementrecords exist acrossorganization
Entitlement recordsreconciled with vendorrecords
SAM entitlement system interfaces with vendor entitlement to track usage
Periodic EvaluationIT operations managed onad-hoc basis
Annual sign-off on SAM reports
Quarterly sign-off on SAM reports
System reconciliations and ITAM report available on demand
SAM OperationsMgmt amp Interfaces
SAM not considered partof MampA risk plan andcompany integration
Operations managesseparate asset inventories
Operations managesassociated assetinventory
All business units follow the same strategy processamp technology for SAM
Acquisition Process
Assets purchased on aper project basis withouta review of current
availability
Software purchases use approved vendors
Software purchases based on deployment entitlement
reconciliation
All purchases are made using a predefined assetcatalog based on metered
usage
Deployment Process
Assets deployed byend-users in distributedlocations no centralized IT
Only approved software is deployed
Software deploymentreports are accessible tostakeholders
Software is dynamically available to users on demand
Retirement Process
Software is retired withhardware and is notharvested or reassigned
Unused software isharvested (where the license allows) and
tracked within a centrally controlled inventory
Centrally controlledinventory of harvestedlicenses is maintained
amp available for reuseDeployment amp license
records are updated
Automated process wcentralized control amp tracking of all installed
software harvest optionsinternal reassignment
and disposal
As you assign the maturity level for each of the ten key competency areas note the customer may be at
different stages in the modelmdashmeaning some areas will be Basic while others are Dynamic or Rationalized Most customers will be in the Basic and Standardized maturity levels but you will see some areas (for
example Acquisition Process) that could be Rationalized or even Dynamic
SOM Workbook
The SOM Assessment Report Workbook is used to document the details on your maturity level assessment
ratings for each of the key competency areas The workbook provides a framework for your customer SAM
optimization review It will also enable you to capture the assessment ratings for each of the ten competency areas
Workbook contents
Within the workbook there is a tab for each competency In addition to the objectives and key questions
each tab contains a definition of the competency risk considerations guidance on how to evaluate the SAM optimization level and the final assessment rating for the specific competency You can also enter notes as
needed at the bottom of each tab
The lsquoSAM Assessment Reportrsquo tab provides the consolidated assessment ratings across all ten competencies
once they have been filled in by you From this tab you can save a copy of this summary information to email
to Microsoft by clicking the lsquoCreate Final Reportrsquo button Note You need to enable the Macro Option above in the Security Warning
The lsquoSAM Assessment Graphrsquo tab provides a graph based on the summary assessment data once it is all
collected
The last tab lsquoCompetency Rating Informationrsquo provides definitions for each competency and optimization
level along with additional assessment guidance
To get started Follow the directions on the ldquoGetting Startedrdquo section of the Introduction tab To set up the
workbook for the customer
1Enable the macros in the security options
2Enter the name of the Customer in cell lsquoF2rsquo
3Enter the Partner Name in cell lsquoF3rsquo
4Enter the Partner MSPP ID in cell lsquoF4rsquo
5Enter the OpportunityID or Agreement in cell lsquoF5rsquo
Baseline ReviewData analysis - SAM Assessment
20
Filling out the Workbook
Using the information you collect by questioning the customer and assessing their maturity level in each of
the ten competencies (both explained in more detail below) you will record an ldquoInitial Observationrdquo and an ldquoAssessment Ratingrdquo for each competency in the appropriate competency tab
bullThe lsquoAssessment Ratingrsquo is your analysis of the customerrsquos maturity for a particular key competency
bullThe lsquo(Initial) Observationsrsquo is supporting information on why you selected the lsquoAssessment Ratingrsquo
Baseline ReviewData analysis - SAM Assessment
The ldquoSAM Assessment Reportrdquo tab is organized by the key competencies and corresponding ISO categories
and the results Once all observations and ratings are recorded the information in the lsquoCurrent Optimizationrsquo columns are auto filled based on the lsquoAssessment Ratingrsquo you have selected as well as your Initial
Observation
21
Creating a final report
To create a final report select the ldquoCreate Final Reportrdquo button making sure that macros are enabled
Baseline ReviewData analysis - SAM Assessment
22
Results from the workbook are also provided back in the form of a graph on the SAM Assessment Graph tab
This is an example of what the output graph will look like
0
1
2
3
4
SAM
throughout
organization
SAM
improvement
plan
Hardware
and
software
inventory
Accuracy
of
inventory
License
entitlement
records
Periodic
self
evaluation
Operations
management
interfaces
Acquisition
process
Deployment
process
Retirement
process
Basic
Standardized
Rationalised
Dynamic
Baseline ReviewData analysis - SAM Assessment
23
DeliverablesUpon completion of this stage you can offer key best practices to improve the customerrsquos software asset management program going forward
ELP
Provides details related to license entitlements which are mapped to
deployments and identifies any gaps or underutilization in your organization
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
View sample report here
Final results
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an accurate point-in-time reflection of the customerrsquos current deployment and license position This data along
with the additional customer inputs will also provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application of license benefit and optimization rules (eg upgrades downgrades promotions etc)
bull Review of the Microsoft SAM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps for the customer
Additionally SAM must take into account the speed and ease with which new services can be provisioned configured and released This ease of implementation introduces organizational risks by decentralizing IT
services Because Cloud services appeal directly to business users the risk exists that these services may be
purchased outside the traditional software procurement and SAM processes
Deliverables
The following deliverables are due to the customer at the end of the engagement
bull A comprehensive view of the customer environment A document with details related to all
hardware and software currently deployed within the customerrsquos IT infrastructure
bull The Effective License Position (ELP) A spreadsheet that provides details related to license entitlements and deployments The spreadsheet must be produced using I-AM (Note Defined in
Deliverables to Microsoft) bull License Optimization Report This report must contain the risks liabilities and issues associated
with customerrsquos current licensing practices and prioritized recommendations on how to better
manage their licenses to minimize risks in the future The report could also contain but is not limited to
o Identification of all of the customerrsquos Volume License Agreements (VLAs) with Microsoft and a recommendation on any beneficial consolidation
o Consumption information detailing installed products that are unused or underutilized (eg
no use in last six months)o Recommendations for a repeatable simplified inventory collection process for future True-ups
(for Enterprise Agreement customers only)o Additional customer-specific recommendations based on captured data and insights
24
SAMSOFTWARE ASSET MANAGEMENT
Baseline
ReviewStep 4 Final recommendations
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
bull The customer needs to know who is managing what in order to inventory assets properly If the
organization is using a service provider clarify what was purchased and who is managing it
Over-licensing and under-licensingBased on your analysis yoursquoll be prepared to discuss the customerrsquos current state with clear information on
places where they may be over-licensed or under-licensed Ensure that you are fully aware of the installation
or virtualization rights that your customerrsquos products may have via traditional product use rights Software Assurance (SA) Benefits or even via license grants documented in the Product List Use the findings to talk
about the benefits of being right-licensed and discuss the licensing options that are available to help them achieve proper licensing
Address any licensing shortfalls that have been identified and explain the steps the customer should take to
resolve their under-licensed position Typically the customer will follow their standard process and acquire
the shortfall through their reseller using their existing Volume Licensing (VL) agreement Agree on a timeline to resolve the shortfall ndash within thirty days of identification is a reasonable time period Help the customer by
connecting their licensing shortfalls to gaps in their SAM management processes highlighting areas of improvement Often shortfalls do relate to issues with inadequate existing SAM processes if processes had
been in place and carried out properly shortfalls would have been found earlier
The diagram below shows an example of over- and under-licensing and represents the basic information most companies will need to track as a starting point Organizations with additional complexities will need to
add additional fields to be complete
Baseline ReviewStep 3 Data analysis
16
Product
NameVersion Edition
License
TypeInstallations
Licensed
Quantity
License
Excess or
Shortfall
Office 2010 Professional FPP 14 12 -2
Office 2013Professional
PlusVL 25 25 0
Windows 7 Professional VL 20 25 5
Windows 8 Enterprise OEM 19 19 0
FPP = Full packaged product
OEM = Original equipment manufacturer
VL = Volume Licensing
License rights vary depending on the type of license
purchased
You may find that the customer is over-licensed in some areas They may have acquired more licenses than
necessary or be mistaken in their belief that software is being used If it is discovered that they are not using the product and if their license rights allow it recommend that they reassign the product to another
workload or move the product to the Cloud if the customer has License Mobility rights If the product is being used but there is a quantity mismatch or surplus advise them to adjust their purchases to match their
actual requirements If the customer has active Software Assurance there is the potential to step them up in
the situation where they may need additional licenses for a higher edition of a product
Baseline ReviewData analysis ndash SAM Assessment
A SAM Assessment is a review of the customerrsquos existing processes against the SAM Optimization Model
framework identifying improvement opportunities and associated ROI The SAM Optimization Model (SOM) is a framework developed by Microsoft that is aligned with Microsoft Infrastructure Optimization (IO) SOM
enables partners and customers to evaluate SAM effectively and objectively in order to help them manage
the life cycle of software assets with policies procedures tools and a vision for the future SOM provides an established set of criteria to help you make consistent SAM assessments and recommendations
Use this model to conduct an evaluation to determine how effectively your customer is managing software assets The results from the assessment will form the basis for guidance you will provide the customer with
ways to improve their SAM practices and a tailored road map to help them visualize the benefits and savings
at each stage of SAM optimization
SAM Optimization Model amp ISO SAMThe SAM Optimization framework serves as the foundation and guidance for preparing to implement an effective SAM program that supports alignment with ISO standards The model is based on the ISOIEC
19770-1 standard which is the gold standard for SAM processes It identifies ten KPIs that focus on key
processes an organization needs to follow to implement a SAM program The SAM Optimization Model is a stepping stone to accomplish a complete end-to-end SAM program as defined within ISOIEC 19770-1 which
outlines the requirements and certifications recommended for a comprehensive SAM program Adopting both frameworks will help ensure that customers accurately and strategically implement and manage a
successful ongoing SAM practice
ISO SAM Tier 4
ISO SAM Tier 3
ISO SAM Tier 2
ISO SAM Tier 1
3 Long-term focus
2 Subsequent focus
1 Initial focus
MS SOM Dynamic
MS SOM Standardized
MS SOM Basic
MS SOM Rationalized
Largely Equivalent
Largely Equivalent
asymp
asymp
17
The Microsoft SOM infrastructure optimization maturity levels are
Basic
Ad Hoc ndash Little control over what IT assets are being used and where Lacks policies procedures resources
and tools
Standardized
Tracking Assets ndash SAM processes exist as well as tooldata repository Information may not be complete and accurate and is typically not used for decision making
Rationalized
Active Management ndash Vision policies procedures and tools are used to manage the IT software asset lifecycle Reliable information used to manage the assets to business targets
Dynamic
Optimized ndash Near real-time alignment with changing business needs SAM is a strategic asset to overall
business objectives
Baseline ReviewData analysis - SAM Assessment
The first two levels Basic and Standardized are the initial focus points for an organization As organizations
increase their maturity they will progress up to Rationalized with the ultimate long-term goal of arriving at a Dynamic state The Rationalized level is similar to the ISO SAM Tier 1 in the ISO 19770 model and the
Dynamic level corresponds generally to the ISO SAM Tiers 2 3 and 4
For more information on the ISO model see ISOIEC 19770 -12012 ndash Information technology ndash Software
asset management ndash Part 1 Processes and tiered assessment of conformance
Standardized
SAM
Tracking Assets
SAM processes exist
as well as tooldata
repository
Information may not
be complete or
accurate and typically
not used for decision
making
Rationalized
SAM
Active Management
Vision policies
procedures and tools
are used to manage
the software asset
lifecycle
Reliable information
used to manage the
assets to business
targets
Dynamic
SAM
Optimized
Near real-time
alignment with
changing business
needs
Business competitive
advantage through
SAM
Basic
SAM
Ad Hoc
Little control over
which IT assets are
being used and
where
Lacks policies
procedures
resources and tools
18
SOM maturity levels and key competencies
The SOM Assessment is a systematic approach in which you compare Key Performance Indicators (KPIs)
found within the customerrsquos current environment against a defined model to determine a SAM maturity level The objective is to gain an understanding of the organizationrsquos overall SAM maturity highlight SAM strengths
and weaknesses and provide a roadmap for improvement
A SOM Assessment Report provides the customer with an assessment rating and SAM maturity level based
on answers to SAM policy and procedure questions asked throughout the engagement and captured in the
Microsoft SAM Assessment Report The report also provides recommendations at each stage of the model prioritizing the ones with the greatest impact for the customer
For each key competency area you will identify the sources of data that need to be gathered identify how to
evaluate the data and what is to be determined and then breakout the four maturity levels using the tipping
points for each level
Baseline ReviewData analysis - SAM Assessment
19
SAM Optimization Model ndash maturity levels
BASIC STANDARDIZED RATIONALIZED DYNAMIC
SAM ThroughoutOrganization
Project Managerassigned but SAM rolesamp responsibilities not
defined
Direct SAM responsibilityis identified throughoutorganization
Each functional groupactively manages SAM
SAM responsibilitiesdefined in job descriptionsacross organization
SAMImprovement Plan
No SAM development orcommunication plan
SAM plan is defined and approved
SAM Improvement is demonstrated
SAM goals part of executive scorecard Reviewed regularly
Hardware ampSoftware Inventory
No centralized inventoryor lt 68 assets in central inventory
gt 68-95 of assets in inventory
gt 95 - 98 of assets in Inventory
gt 99 of assets in inventory
Accuracy of InventoryManual inventory nodiscovery tools
Inventory sourcesreconciled annually
Inventory sourcesreconciled quarterly
Dynamic discovery tools provide near real-time deployment details
LicenseEntitlement Records
Procurement managescontracts not accessed byIT managers
Complete entitlementrecords exist acrossorganization
Entitlement recordsreconciled with vendorrecords
SAM entitlement system interfaces with vendor entitlement to track usage
Periodic EvaluationIT operations managed onad-hoc basis
Annual sign-off on SAM reports
Quarterly sign-off on SAM reports
System reconciliations and ITAM report available on demand
SAM OperationsMgmt amp Interfaces
SAM not considered partof MampA risk plan andcompany integration
Operations managesseparate asset inventories
Operations managesassociated assetinventory
All business units follow the same strategy processamp technology for SAM
Acquisition Process
Assets purchased on aper project basis withouta review of current
availability
Software purchases use approved vendors
Software purchases based on deployment entitlement
reconciliation
All purchases are made using a predefined assetcatalog based on metered
usage
Deployment Process
Assets deployed byend-users in distributedlocations no centralized IT
Only approved software is deployed
Software deploymentreports are accessible tostakeholders
Software is dynamically available to users on demand
Retirement Process
Software is retired withhardware and is notharvested or reassigned
Unused software isharvested (where the license allows) and
tracked within a centrally controlled inventory
Centrally controlledinventory of harvestedlicenses is maintained
amp available for reuseDeployment amp license
records are updated
Automated process wcentralized control amp tracking of all installed
software harvest optionsinternal reassignment
and disposal
As you assign the maturity level for each of the ten key competency areas note the customer may be at
different stages in the modelmdashmeaning some areas will be Basic while others are Dynamic or Rationalized Most customers will be in the Basic and Standardized maturity levels but you will see some areas (for
example Acquisition Process) that could be Rationalized or even Dynamic
SOM Workbook
The SOM Assessment Report Workbook is used to document the details on your maturity level assessment
ratings for each of the key competency areas The workbook provides a framework for your customer SAM
optimization review It will also enable you to capture the assessment ratings for each of the ten competency areas
Workbook contents
Within the workbook there is a tab for each competency In addition to the objectives and key questions
each tab contains a definition of the competency risk considerations guidance on how to evaluate the SAM optimization level and the final assessment rating for the specific competency You can also enter notes as
needed at the bottom of each tab
The lsquoSAM Assessment Reportrsquo tab provides the consolidated assessment ratings across all ten competencies
once they have been filled in by you From this tab you can save a copy of this summary information to email
to Microsoft by clicking the lsquoCreate Final Reportrsquo button Note You need to enable the Macro Option above in the Security Warning
The lsquoSAM Assessment Graphrsquo tab provides a graph based on the summary assessment data once it is all
collected
The last tab lsquoCompetency Rating Informationrsquo provides definitions for each competency and optimization
level along with additional assessment guidance
To get started Follow the directions on the ldquoGetting Startedrdquo section of the Introduction tab To set up the
workbook for the customer
1Enable the macros in the security options
2Enter the name of the Customer in cell lsquoF2rsquo
3Enter the Partner Name in cell lsquoF3rsquo
4Enter the Partner MSPP ID in cell lsquoF4rsquo
5Enter the OpportunityID or Agreement in cell lsquoF5rsquo
Baseline ReviewData analysis - SAM Assessment
20
Filling out the Workbook
Using the information you collect by questioning the customer and assessing their maturity level in each of
the ten competencies (both explained in more detail below) you will record an ldquoInitial Observationrdquo and an ldquoAssessment Ratingrdquo for each competency in the appropriate competency tab
bullThe lsquoAssessment Ratingrsquo is your analysis of the customerrsquos maturity for a particular key competency
bullThe lsquo(Initial) Observationsrsquo is supporting information on why you selected the lsquoAssessment Ratingrsquo
Baseline ReviewData analysis - SAM Assessment
The ldquoSAM Assessment Reportrdquo tab is organized by the key competencies and corresponding ISO categories
and the results Once all observations and ratings are recorded the information in the lsquoCurrent Optimizationrsquo columns are auto filled based on the lsquoAssessment Ratingrsquo you have selected as well as your Initial
Observation
21
Creating a final report
To create a final report select the ldquoCreate Final Reportrdquo button making sure that macros are enabled
Baseline ReviewData analysis - SAM Assessment
22
Results from the workbook are also provided back in the form of a graph on the SAM Assessment Graph tab
This is an example of what the output graph will look like
0
1
2
3
4
SAM
throughout
organization
SAM
improvement
plan
Hardware
and
software
inventory
Accuracy
of
inventory
License
entitlement
records
Periodic
self
evaluation
Operations
management
interfaces
Acquisition
process
Deployment
process
Retirement
process
Basic
Standardized
Rationalised
Dynamic
Baseline ReviewData analysis - SAM Assessment
23
DeliverablesUpon completion of this stage you can offer key best practices to improve the customerrsquos software asset management program going forward
ELP
Provides details related to license entitlements which are mapped to
deployments and identifies any gaps or underutilization in your organization
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
View sample report here
Final results
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an accurate point-in-time reflection of the customerrsquos current deployment and license position This data along
with the additional customer inputs will also provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application of license benefit and optimization rules (eg upgrades downgrades promotions etc)
bull Review of the Microsoft SAM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps for the customer
Additionally SAM must take into account the speed and ease with which new services can be provisioned configured and released This ease of implementation introduces organizational risks by decentralizing IT
services Because Cloud services appeal directly to business users the risk exists that these services may be
purchased outside the traditional software procurement and SAM processes
Deliverables
The following deliverables are due to the customer at the end of the engagement
bull A comprehensive view of the customer environment A document with details related to all
hardware and software currently deployed within the customerrsquos IT infrastructure
bull The Effective License Position (ELP) A spreadsheet that provides details related to license entitlements and deployments The spreadsheet must be produced using I-AM (Note Defined in
Deliverables to Microsoft) bull License Optimization Report This report must contain the risks liabilities and issues associated
with customerrsquos current licensing practices and prioritized recommendations on how to better
manage their licenses to minimize risks in the future The report could also contain but is not limited to
o Identification of all of the customerrsquos Volume License Agreements (VLAs) with Microsoft and a recommendation on any beneficial consolidation
o Consumption information detailing installed products that are unused or underutilized (eg
no use in last six months)o Recommendations for a repeatable simplified inventory collection process for future True-ups
(for Enterprise Agreement customers only)o Additional customer-specific recommendations based on captured data and insights
24
SAMSOFTWARE ASSET MANAGEMENT
Baseline
ReviewStep 4 Final recommendations
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
Baseline ReviewData analysis ndash SAM Assessment
A SAM Assessment is a review of the customerrsquos existing processes against the SAM Optimization Model
framework identifying improvement opportunities and associated ROI The SAM Optimization Model (SOM) is a framework developed by Microsoft that is aligned with Microsoft Infrastructure Optimization (IO) SOM
enables partners and customers to evaluate SAM effectively and objectively in order to help them manage
the life cycle of software assets with policies procedures tools and a vision for the future SOM provides an established set of criteria to help you make consistent SAM assessments and recommendations
Use this model to conduct an evaluation to determine how effectively your customer is managing software assets The results from the assessment will form the basis for guidance you will provide the customer with
ways to improve their SAM practices and a tailored road map to help them visualize the benefits and savings
at each stage of SAM optimization
SAM Optimization Model amp ISO SAMThe SAM Optimization framework serves as the foundation and guidance for preparing to implement an effective SAM program that supports alignment with ISO standards The model is based on the ISOIEC
19770-1 standard which is the gold standard for SAM processes It identifies ten KPIs that focus on key
processes an organization needs to follow to implement a SAM program The SAM Optimization Model is a stepping stone to accomplish a complete end-to-end SAM program as defined within ISOIEC 19770-1 which
outlines the requirements and certifications recommended for a comprehensive SAM program Adopting both frameworks will help ensure that customers accurately and strategically implement and manage a
successful ongoing SAM practice
ISO SAM Tier 4
ISO SAM Tier 3
ISO SAM Tier 2
ISO SAM Tier 1
3 Long-term focus
2 Subsequent focus
1 Initial focus
MS SOM Dynamic
MS SOM Standardized
MS SOM Basic
MS SOM Rationalized
Largely Equivalent
Largely Equivalent
asymp
asymp
17
The Microsoft SOM infrastructure optimization maturity levels are
Basic
Ad Hoc ndash Little control over what IT assets are being used and where Lacks policies procedures resources
and tools
Standardized
Tracking Assets ndash SAM processes exist as well as tooldata repository Information may not be complete and accurate and is typically not used for decision making
Rationalized
Active Management ndash Vision policies procedures and tools are used to manage the IT software asset lifecycle Reliable information used to manage the assets to business targets
Dynamic
Optimized ndash Near real-time alignment with changing business needs SAM is a strategic asset to overall
business objectives
Baseline ReviewData analysis - SAM Assessment
The first two levels Basic and Standardized are the initial focus points for an organization As organizations
increase their maturity they will progress up to Rationalized with the ultimate long-term goal of arriving at a Dynamic state The Rationalized level is similar to the ISO SAM Tier 1 in the ISO 19770 model and the
Dynamic level corresponds generally to the ISO SAM Tiers 2 3 and 4
For more information on the ISO model see ISOIEC 19770 -12012 ndash Information technology ndash Software
asset management ndash Part 1 Processes and tiered assessment of conformance
Standardized
SAM
Tracking Assets
SAM processes exist
as well as tooldata
repository
Information may not
be complete or
accurate and typically
not used for decision
making
Rationalized
SAM
Active Management
Vision policies
procedures and tools
are used to manage
the software asset
lifecycle
Reliable information
used to manage the
assets to business
targets
Dynamic
SAM
Optimized
Near real-time
alignment with
changing business
needs
Business competitive
advantage through
SAM
Basic
SAM
Ad Hoc
Little control over
which IT assets are
being used and
where
Lacks policies
procedures
resources and tools
18
SOM maturity levels and key competencies
The SOM Assessment is a systematic approach in which you compare Key Performance Indicators (KPIs)
found within the customerrsquos current environment against a defined model to determine a SAM maturity level The objective is to gain an understanding of the organizationrsquos overall SAM maturity highlight SAM strengths
and weaknesses and provide a roadmap for improvement
A SOM Assessment Report provides the customer with an assessment rating and SAM maturity level based
on answers to SAM policy and procedure questions asked throughout the engagement and captured in the
Microsoft SAM Assessment Report The report also provides recommendations at each stage of the model prioritizing the ones with the greatest impact for the customer
For each key competency area you will identify the sources of data that need to be gathered identify how to
evaluate the data and what is to be determined and then breakout the four maturity levels using the tipping
points for each level
Baseline ReviewData analysis - SAM Assessment
19
SAM Optimization Model ndash maturity levels
BASIC STANDARDIZED RATIONALIZED DYNAMIC
SAM ThroughoutOrganization
Project Managerassigned but SAM rolesamp responsibilities not
defined
Direct SAM responsibilityis identified throughoutorganization
Each functional groupactively manages SAM
SAM responsibilitiesdefined in job descriptionsacross organization
SAMImprovement Plan
No SAM development orcommunication plan
SAM plan is defined and approved
SAM Improvement is demonstrated
SAM goals part of executive scorecard Reviewed regularly
Hardware ampSoftware Inventory
No centralized inventoryor lt 68 assets in central inventory
gt 68-95 of assets in inventory
gt 95 - 98 of assets in Inventory
gt 99 of assets in inventory
Accuracy of InventoryManual inventory nodiscovery tools
Inventory sourcesreconciled annually
Inventory sourcesreconciled quarterly
Dynamic discovery tools provide near real-time deployment details
LicenseEntitlement Records
Procurement managescontracts not accessed byIT managers
Complete entitlementrecords exist acrossorganization
Entitlement recordsreconciled with vendorrecords
SAM entitlement system interfaces with vendor entitlement to track usage
Periodic EvaluationIT operations managed onad-hoc basis
Annual sign-off on SAM reports
Quarterly sign-off on SAM reports
System reconciliations and ITAM report available on demand
SAM OperationsMgmt amp Interfaces
SAM not considered partof MampA risk plan andcompany integration
Operations managesseparate asset inventories
Operations managesassociated assetinventory
All business units follow the same strategy processamp technology for SAM
Acquisition Process
Assets purchased on aper project basis withouta review of current
availability
Software purchases use approved vendors
Software purchases based on deployment entitlement
reconciliation
All purchases are made using a predefined assetcatalog based on metered
usage
Deployment Process
Assets deployed byend-users in distributedlocations no centralized IT
Only approved software is deployed
Software deploymentreports are accessible tostakeholders
Software is dynamically available to users on demand
Retirement Process
Software is retired withhardware and is notharvested or reassigned
Unused software isharvested (where the license allows) and
tracked within a centrally controlled inventory
Centrally controlledinventory of harvestedlicenses is maintained
amp available for reuseDeployment amp license
records are updated
Automated process wcentralized control amp tracking of all installed
software harvest optionsinternal reassignment
and disposal
As you assign the maturity level for each of the ten key competency areas note the customer may be at
different stages in the modelmdashmeaning some areas will be Basic while others are Dynamic or Rationalized Most customers will be in the Basic and Standardized maturity levels but you will see some areas (for
example Acquisition Process) that could be Rationalized or even Dynamic
SOM Workbook
The SOM Assessment Report Workbook is used to document the details on your maturity level assessment
ratings for each of the key competency areas The workbook provides a framework for your customer SAM
optimization review It will also enable you to capture the assessment ratings for each of the ten competency areas
Workbook contents
Within the workbook there is a tab for each competency In addition to the objectives and key questions
each tab contains a definition of the competency risk considerations guidance on how to evaluate the SAM optimization level and the final assessment rating for the specific competency You can also enter notes as
needed at the bottom of each tab
The lsquoSAM Assessment Reportrsquo tab provides the consolidated assessment ratings across all ten competencies
once they have been filled in by you From this tab you can save a copy of this summary information to email
to Microsoft by clicking the lsquoCreate Final Reportrsquo button Note You need to enable the Macro Option above in the Security Warning
The lsquoSAM Assessment Graphrsquo tab provides a graph based on the summary assessment data once it is all
collected
The last tab lsquoCompetency Rating Informationrsquo provides definitions for each competency and optimization
level along with additional assessment guidance
To get started Follow the directions on the ldquoGetting Startedrdquo section of the Introduction tab To set up the
workbook for the customer
1Enable the macros in the security options
2Enter the name of the Customer in cell lsquoF2rsquo
3Enter the Partner Name in cell lsquoF3rsquo
4Enter the Partner MSPP ID in cell lsquoF4rsquo
5Enter the OpportunityID or Agreement in cell lsquoF5rsquo
Baseline ReviewData analysis - SAM Assessment
20
Filling out the Workbook
Using the information you collect by questioning the customer and assessing their maturity level in each of
the ten competencies (both explained in more detail below) you will record an ldquoInitial Observationrdquo and an ldquoAssessment Ratingrdquo for each competency in the appropriate competency tab
bullThe lsquoAssessment Ratingrsquo is your analysis of the customerrsquos maturity for a particular key competency
bullThe lsquo(Initial) Observationsrsquo is supporting information on why you selected the lsquoAssessment Ratingrsquo
Baseline ReviewData analysis - SAM Assessment
The ldquoSAM Assessment Reportrdquo tab is organized by the key competencies and corresponding ISO categories
and the results Once all observations and ratings are recorded the information in the lsquoCurrent Optimizationrsquo columns are auto filled based on the lsquoAssessment Ratingrsquo you have selected as well as your Initial
Observation
21
Creating a final report
To create a final report select the ldquoCreate Final Reportrdquo button making sure that macros are enabled
Baseline ReviewData analysis - SAM Assessment
22
Results from the workbook are also provided back in the form of a graph on the SAM Assessment Graph tab
This is an example of what the output graph will look like
0
1
2
3
4
SAM
throughout
organization
SAM
improvement
plan
Hardware
and
software
inventory
Accuracy
of
inventory
License
entitlement
records
Periodic
self
evaluation
Operations
management
interfaces
Acquisition
process
Deployment
process
Retirement
process
Basic
Standardized
Rationalised
Dynamic
Baseline ReviewData analysis - SAM Assessment
23
DeliverablesUpon completion of this stage you can offer key best practices to improve the customerrsquos software asset management program going forward
ELP
Provides details related to license entitlements which are mapped to
deployments and identifies any gaps or underutilization in your organization
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
View sample report here
Final results
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an accurate point-in-time reflection of the customerrsquos current deployment and license position This data along
with the additional customer inputs will also provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application of license benefit and optimization rules (eg upgrades downgrades promotions etc)
bull Review of the Microsoft SAM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps for the customer
Additionally SAM must take into account the speed and ease with which new services can be provisioned configured and released This ease of implementation introduces organizational risks by decentralizing IT
services Because Cloud services appeal directly to business users the risk exists that these services may be
purchased outside the traditional software procurement and SAM processes
Deliverables
The following deliverables are due to the customer at the end of the engagement
bull A comprehensive view of the customer environment A document with details related to all
hardware and software currently deployed within the customerrsquos IT infrastructure
bull The Effective License Position (ELP) A spreadsheet that provides details related to license entitlements and deployments The spreadsheet must be produced using I-AM (Note Defined in
Deliverables to Microsoft) bull License Optimization Report This report must contain the risks liabilities and issues associated
with customerrsquos current licensing practices and prioritized recommendations on how to better
manage their licenses to minimize risks in the future The report could also contain but is not limited to
o Identification of all of the customerrsquos Volume License Agreements (VLAs) with Microsoft and a recommendation on any beneficial consolidation
o Consumption information detailing installed products that are unused or underutilized (eg
no use in last six months)o Recommendations for a repeatable simplified inventory collection process for future True-ups
(for Enterprise Agreement customers only)o Additional customer-specific recommendations based on captured data and insights
24
SAMSOFTWARE ASSET MANAGEMENT
Baseline
ReviewStep 4 Final recommendations
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
The Microsoft SOM infrastructure optimization maturity levels are
Basic
Ad Hoc ndash Little control over what IT assets are being used and where Lacks policies procedures resources
and tools
Standardized
Tracking Assets ndash SAM processes exist as well as tooldata repository Information may not be complete and accurate and is typically not used for decision making
Rationalized
Active Management ndash Vision policies procedures and tools are used to manage the IT software asset lifecycle Reliable information used to manage the assets to business targets
Dynamic
Optimized ndash Near real-time alignment with changing business needs SAM is a strategic asset to overall
business objectives
Baseline ReviewData analysis - SAM Assessment
The first two levels Basic and Standardized are the initial focus points for an organization As organizations
increase their maturity they will progress up to Rationalized with the ultimate long-term goal of arriving at a Dynamic state The Rationalized level is similar to the ISO SAM Tier 1 in the ISO 19770 model and the
Dynamic level corresponds generally to the ISO SAM Tiers 2 3 and 4
For more information on the ISO model see ISOIEC 19770 -12012 ndash Information technology ndash Software
asset management ndash Part 1 Processes and tiered assessment of conformance
Standardized
SAM
Tracking Assets
SAM processes exist
as well as tooldata
repository
Information may not
be complete or
accurate and typically
not used for decision
making
Rationalized
SAM
Active Management
Vision policies
procedures and tools
are used to manage
the software asset
lifecycle
Reliable information
used to manage the
assets to business
targets
Dynamic
SAM
Optimized
Near real-time
alignment with
changing business
needs
Business competitive
advantage through
SAM
Basic
SAM
Ad Hoc
Little control over
which IT assets are
being used and
where
Lacks policies
procedures
resources and tools
18
SOM maturity levels and key competencies
The SOM Assessment is a systematic approach in which you compare Key Performance Indicators (KPIs)
found within the customerrsquos current environment against a defined model to determine a SAM maturity level The objective is to gain an understanding of the organizationrsquos overall SAM maturity highlight SAM strengths
and weaknesses and provide a roadmap for improvement
A SOM Assessment Report provides the customer with an assessment rating and SAM maturity level based
on answers to SAM policy and procedure questions asked throughout the engagement and captured in the
Microsoft SAM Assessment Report The report also provides recommendations at each stage of the model prioritizing the ones with the greatest impact for the customer
For each key competency area you will identify the sources of data that need to be gathered identify how to
evaluate the data and what is to be determined and then breakout the four maturity levels using the tipping
points for each level
Baseline ReviewData analysis - SAM Assessment
19
SAM Optimization Model ndash maturity levels
BASIC STANDARDIZED RATIONALIZED DYNAMIC
SAM ThroughoutOrganization
Project Managerassigned but SAM rolesamp responsibilities not
defined
Direct SAM responsibilityis identified throughoutorganization
Each functional groupactively manages SAM
SAM responsibilitiesdefined in job descriptionsacross organization
SAMImprovement Plan
No SAM development orcommunication plan
SAM plan is defined and approved
SAM Improvement is demonstrated
SAM goals part of executive scorecard Reviewed regularly
Hardware ampSoftware Inventory
No centralized inventoryor lt 68 assets in central inventory
gt 68-95 of assets in inventory
gt 95 - 98 of assets in Inventory
gt 99 of assets in inventory
Accuracy of InventoryManual inventory nodiscovery tools
Inventory sourcesreconciled annually
Inventory sourcesreconciled quarterly
Dynamic discovery tools provide near real-time deployment details
LicenseEntitlement Records
Procurement managescontracts not accessed byIT managers
Complete entitlementrecords exist acrossorganization
Entitlement recordsreconciled with vendorrecords
SAM entitlement system interfaces with vendor entitlement to track usage
Periodic EvaluationIT operations managed onad-hoc basis
Annual sign-off on SAM reports
Quarterly sign-off on SAM reports
System reconciliations and ITAM report available on demand
SAM OperationsMgmt amp Interfaces
SAM not considered partof MampA risk plan andcompany integration
Operations managesseparate asset inventories
Operations managesassociated assetinventory
All business units follow the same strategy processamp technology for SAM
Acquisition Process
Assets purchased on aper project basis withouta review of current
availability
Software purchases use approved vendors
Software purchases based on deployment entitlement
reconciliation
All purchases are made using a predefined assetcatalog based on metered
usage
Deployment Process
Assets deployed byend-users in distributedlocations no centralized IT
Only approved software is deployed
Software deploymentreports are accessible tostakeholders
Software is dynamically available to users on demand
Retirement Process
Software is retired withhardware and is notharvested or reassigned
Unused software isharvested (where the license allows) and
tracked within a centrally controlled inventory
Centrally controlledinventory of harvestedlicenses is maintained
amp available for reuseDeployment amp license
records are updated
Automated process wcentralized control amp tracking of all installed
software harvest optionsinternal reassignment
and disposal
As you assign the maturity level for each of the ten key competency areas note the customer may be at
different stages in the modelmdashmeaning some areas will be Basic while others are Dynamic or Rationalized Most customers will be in the Basic and Standardized maturity levels but you will see some areas (for
example Acquisition Process) that could be Rationalized or even Dynamic
SOM Workbook
The SOM Assessment Report Workbook is used to document the details on your maturity level assessment
ratings for each of the key competency areas The workbook provides a framework for your customer SAM
optimization review It will also enable you to capture the assessment ratings for each of the ten competency areas
Workbook contents
Within the workbook there is a tab for each competency In addition to the objectives and key questions
each tab contains a definition of the competency risk considerations guidance on how to evaluate the SAM optimization level and the final assessment rating for the specific competency You can also enter notes as
needed at the bottom of each tab
The lsquoSAM Assessment Reportrsquo tab provides the consolidated assessment ratings across all ten competencies
once they have been filled in by you From this tab you can save a copy of this summary information to email
to Microsoft by clicking the lsquoCreate Final Reportrsquo button Note You need to enable the Macro Option above in the Security Warning
The lsquoSAM Assessment Graphrsquo tab provides a graph based on the summary assessment data once it is all
collected
The last tab lsquoCompetency Rating Informationrsquo provides definitions for each competency and optimization
level along with additional assessment guidance
To get started Follow the directions on the ldquoGetting Startedrdquo section of the Introduction tab To set up the
workbook for the customer
1Enable the macros in the security options
2Enter the name of the Customer in cell lsquoF2rsquo
3Enter the Partner Name in cell lsquoF3rsquo
4Enter the Partner MSPP ID in cell lsquoF4rsquo
5Enter the OpportunityID or Agreement in cell lsquoF5rsquo
Baseline ReviewData analysis - SAM Assessment
20
Filling out the Workbook
Using the information you collect by questioning the customer and assessing their maturity level in each of
the ten competencies (both explained in more detail below) you will record an ldquoInitial Observationrdquo and an ldquoAssessment Ratingrdquo for each competency in the appropriate competency tab
bullThe lsquoAssessment Ratingrsquo is your analysis of the customerrsquos maturity for a particular key competency
bullThe lsquo(Initial) Observationsrsquo is supporting information on why you selected the lsquoAssessment Ratingrsquo
Baseline ReviewData analysis - SAM Assessment
The ldquoSAM Assessment Reportrdquo tab is organized by the key competencies and corresponding ISO categories
and the results Once all observations and ratings are recorded the information in the lsquoCurrent Optimizationrsquo columns are auto filled based on the lsquoAssessment Ratingrsquo you have selected as well as your Initial
Observation
21
Creating a final report
To create a final report select the ldquoCreate Final Reportrdquo button making sure that macros are enabled
Baseline ReviewData analysis - SAM Assessment
22
Results from the workbook are also provided back in the form of a graph on the SAM Assessment Graph tab
This is an example of what the output graph will look like
0
1
2
3
4
SAM
throughout
organization
SAM
improvement
plan
Hardware
and
software
inventory
Accuracy
of
inventory
License
entitlement
records
Periodic
self
evaluation
Operations
management
interfaces
Acquisition
process
Deployment
process
Retirement
process
Basic
Standardized
Rationalised
Dynamic
Baseline ReviewData analysis - SAM Assessment
23
DeliverablesUpon completion of this stage you can offer key best practices to improve the customerrsquos software asset management program going forward
ELP
Provides details related to license entitlements which are mapped to
deployments and identifies any gaps or underutilization in your organization
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
View sample report here
Final results
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an accurate point-in-time reflection of the customerrsquos current deployment and license position This data along
with the additional customer inputs will also provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application of license benefit and optimization rules (eg upgrades downgrades promotions etc)
bull Review of the Microsoft SAM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps for the customer
Additionally SAM must take into account the speed and ease with which new services can be provisioned configured and released This ease of implementation introduces organizational risks by decentralizing IT
services Because Cloud services appeal directly to business users the risk exists that these services may be
purchased outside the traditional software procurement and SAM processes
Deliverables
The following deliverables are due to the customer at the end of the engagement
bull A comprehensive view of the customer environment A document with details related to all
hardware and software currently deployed within the customerrsquos IT infrastructure
bull The Effective License Position (ELP) A spreadsheet that provides details related to license entitlements and deployments The spreadsheet must be produced using I-AM (Note Defined in
Deliverables to Microsoft) bull License Optimization Report This report must contain the risks liabilities and issues associated
with customerrsquos current licensing practices and prioritized recommendations on how to better
manage their licenses to minimize risks in the future The report could also contain but is not limited to
o Identification of all of the customerrsquos Volume License Agreements (VLAs) with Microsoft and a recommendation on any beneficial consolidation
o Consumption information detailing installed products that are unused or underutilized (eg
no use in last six months)o Recommendations for a repeatable simplified inventory collection process for future True-ups
(for Enterprise Agreement customers only)o Additional customer-specific recommendations based on captured data and insights
24
SAMSOFTWARE ASSET MANAGEMENT
Baseline
ReviewStep 4 Final recommendations
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
SOM maturity levels and key competencies
The SOM Assessment is a systematic approach in which you compare Key Performance Indicators (KPIs)
found within the customerrsquos current environment against a defined model to determine a SAM maturity level The objective is to gain an understanding of the organizationrsquos overall SAM maturity highlight SAM strengths
and weaknesses and provide a roadmap for improvement
A SOM Assessment Report provides the customer with an assessment rating and SAM maturity level based
on answers to SAM policy and procedure questions asked throughout the engagement and captured in the
Microsoft SAM Assessment Report The report also provides recommendations at each stage of the model prioritizing the ones with the greatest impact for the customer
For each key competency area you will identify the sources of data that need to be gathered identify how to
evaluate the data and what is to be determined and then breakout the four maturity levels using the tipping
points for each level
Baseline ReviewData analysis - SAM Assessment
19
SAM Optimization Model ndash maturity levels
BASIC STANDARDIZED RATIONALIZED DYNAMIC
SAM ThroughoutOrganization
Project Managerassigned but SAM rolesamp responsibilities not
defined
Direct SAM responsibilityis identified throughoutorganization
Each functional groupactively manages SAM
SAM responsibilitiesdefined in job descriptionsacross organization
SAMImprovement Plan
No SAM development orcommunication plan
SAM plan is defined and approved
SAM Improvement is demonstrated
SAM goals part of executive scorecard Reviewed regularly
Hardware ampSoftware Inventory
No centralized inventoryor lt 68 assets in central inventory
gt 68-95 of assets in inventory
gt 95 - 98 of assets in Inventory
gt 99 of assets in inventory
Accuracy of InventoryManual inventory nodiscovery tools
Inventory sourcesreconciled annually
Inventory sourcesreconciled quarterly
Dynamic discovery tools provide near real-time deployment details
LicenseEntitlement Records
Procurement managescontracts not accessed byIT managers
Complete entitlementrecords exist acrossorganization
Entitlement recordsreconciled with vendorrecords
SAM entitlement system interfaces with vendor entitlement to track usage
Periodic EvaluationIT operations managed onad-hoc basis
Annual sign-off on SAM reports
Quarterly sign-off on SAM reports
System reconciliations and ITAM report available on demand
SAM OperationsMgmt amp Interfaces
SAM not considered partof MampA risk plan andcompany integration
Operations managesseparate asset inventories
Operations managesassociated assetinventory
All business units follow the same strategy processamp technology for SAM
Acquisition Process
Assets purchased on aper project basis withouta review of current
availability
Software purchases use approved vendors
Software purchases based on deployment entitlement
reconciliation
All purchases are made using a predefined assetcatalog based on metered
usage
Deployment Process
Assets deployed byend-users in distributedlocations no centralized IT
Only approved software is deployed
Software deploymentreports are accessible tostakeholders
Software is dynamically available to users on demand
Retirement Process
Software is retired withhardware and is notharvested or reassigned
Unused software isharvested (where the license allows) and
tracked within a centrally controlled inventory
Centrally controlledinventory of harvestedlicenses is maintained
amp available for reuseDeployment amp license
records are updated
Automated process wcentralized control amp tracking of all installed
software harvest optionsinternal reassignment
and disposal
As you assign the maturity level for each of the ten key competency areas note the customer may be at
different stages in the modelmdashmeaning some areas will be Basic while others are Dynamic or Rationalized Most customers will be in the Basic and Standardized maturity levels but you will see some areas (for
example Acquisition Process) that could be Rationalized or even Dynamic
SOM Workbook
The SOM Assessment Report Workbook is used to document the details on your maturity level assessment
ratings for each of the key competency areas The workbook provides a framework for your customer SAM
optimization review It will also enable you to capture the assessment ratings for each of the ten competency areas
Workbook contents
Within the workbook there is a tab for each competency In addition to the objectives and key questions
each tab contains a definition of the competency risk considerations guidance on how to evaluate the SAM optimization level and the final assessment rating for the specific competency You can also enter notes as
needed at the bottom of each tab
The lsquoSAM Assessment Reportrsquo tab provides the consolidated assessment ratings across all ten competencies
once they have been filled in by you From this tab you can save a copy of this summary information to email
to Microsoft by clicking the lsquoCreate Final Reportrsquo button Note You need to enable the Macro Option above in the Security Warning
The lsquoSAM Assessment Graphrsquo tab provides a graph based on the summary assessment data once it is all
collected
The last tab lsquoCompetency Rating Informationrsquo provides definitions for each competency and optimization
level along with additional assessment guidance
To get started Follow the directions on the ldquoGetting Startedrdquo section of the Introduction tab To set up the
workbook for the customer
1Enable the macros in the security options
2Enter the name of the Customer in cell lsquoF2rsquo
3Enter the Partner Name in cell lsquoF3rsquo
4Enter the Partner MSPP ID in cell lsquoF4rsquo
5Enter the OpportunityID or Agreement in cell lsquoF5rsquo
Baseline ReviewData analysis - SAM Assessment
20
Filling out the Workbook
Using the information you collect by questioning the customer and assessing their maturity level in each of
the ten competencies (both explained in more detail below) you will record an ldquoInitial Observationrdquo and an ldquoAssessment Ratingrdquo for each competency in the appropriate competency tab
bullThe lsquoAssessment Ratingrsquo is your analysis of the customerrsquos maturity for a particular key competency
bullThe lsquo(Initial) Observationsrsquo is supporting information on why you selected the lsquoAssessment Ratingrsquo
Baseline ReviewData analysis - SAM Assessment
The ldquoSAM Assessment Reportrdquo tab is organized by the key competencies and corresponding ISO categories
and the results Once all observations and ratings are recorded the information in the lsquoCurrent Optimizationrsquo columns are auto filled based on the lsquoAssessment Ratingrsquo you have selected as well as your Initial
Observation
21
Creating a final report
To create a final report select the ldquoCreate Final Reportrdquo button making sure that macros are enabled
Baseline ReviewData analysis - SAM Assessment
22
Results from the workbook are also provided back in the form of a graph on the SAM Assessment Graph tab
This is an example of what the output graph will look like
0
1
2
3
4
SAM
throughout
organization
SAM
improvement
plan
Hardware
and
software
inventory
Accuracy
of
inventory
License
entitlement
records
Periodic
self
evaluation
Operations
management
interfaces
Acquisition
process
Deployment
process
Retirement
process
Basic
Standardized
Rationalised
Dynamic
Baseline ReviewData analysis - SAM Assessment
23
DeliverablesUpon completion of this stage you can offer key best practices to improve the customerrsquos software asset management program going forward
ELP
Provides details related to license entitlements which are mapped to
deployments and identifies any gaps or underutilization in your organization
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
View sample report here
Final results
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an accurate point-in-time reflection of the customerrsquos current deployment and license position This data along
with the additional customer inputs will also provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application of license benefit and optimization rules (eg upgrades downgrades promotions etc)
bull Review of the Microsoft SAM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps for the customer
Additionally SAM must take into account the speed and ease with which new services can be provisioned configured and released This ease of implementation introduces organizational risks by decentralizing IT
services Because Cloud services appeal directly to business users the risk exists that these services may be
purchased outside the traditional software procurement and SAM processes
Deliverables
The following deliverables are due to the customer at the end of the engagement
bull A comprehensive view of the customer environment A document with details related to all
hardware and software currently deployed within the customerrsquos IT infrastructure
bull The Effective License Position (ELP) A spreadsheet that provides details related to license entitlements and deployments The spreadsheet must be produced using I-AM (Note Defined in
Deliverables to Microsoft) bull License Optimization Report This report must contain the risks liabilities and issues associated
with customerrsquos current licensing practices and prioritized recommendations on how to better
manage their licenses to minimize risks in the future The report could also contain but is not limited to
o Identification of all of the customerrsquos Volume License Agreements (VLAs) with Microsoft and a recommendation on any beneficial consolidation
o Consumption information detailing installed products that are unused or underutilized (eg
no use in last six months)o Recommendations for a repeatable simplified inventory collection process for future True-ups
(for Enterprise Agreement customers only)o Additional customer-specific recommendations based on captured data and insights
24
SAMSOFTWARE ASSET MANAGEMENT
Baseline
ReviewStep 4 Final recommendations
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
As you assign the maturity level for each of the ten key competency areas note the customer may be at
different stages in the modelmdashmeaning some areas will be Basic while others are Dynamic or Rationalized Most customers will be in the Basic and Standardized maturity levels but you will see some areas (for
example Acquisition Process) that could be Rationalized or even Dynamic
SOM Workbook
The SOM Assessment Report Workbook is used to document the details on your maturity level assessment
ratings for each of the key competency areas The workbook provides a framework for your customer SAM
optimization review It will also enable you to capture the assessment ratings for each of the ten competency areas
Workbook contents
Within the workbook there is a tab for each competency In addition to the objectives and key questions
each tab contains a definition of the competency risk considerations guidance on how to evaluate the SAM optimization level and the final assessment rating for the specific competency You can also enter notes as
needed at the bottom of each tab
The lsquoSAM Assessment Reportrsquo tab provides the consolidated assessment ratings across all ten competencies
once they have been filled in by you From this tab you can save a copy of this summary information to email
to Microsoft by clicking the lsquoCreate Final Reportrsquo button Note You need to enable the Macro Option above in the Security Warning
The lsquoSAM Assessment Graphrsquo tab provides a graph based on the summary assessment data once it is all
collected
The last tab lsquoCompetency Rating Informationrsquo provides definitions for each competency and optimization
level along with additional assessment guidance
To get started Follow the directions on the ldquoGetting Startedrdquo section of the Introduction tab To set up the
workbook for the customer
1Enable the macros in the security options
2Enter the name of the Customer in cell lsquoF2rsquo
3Enter the Partner Name in cell lsquoF3rsquo
4Enter the Partner MSPP ID in cell lsquoF4rsquo
5Enter the OpportunityID or Agreement in cell lsquoF5rsquo
Baseline ReviewData analysis - SAM Assessment
20
Filling out the Workbook
Using the information you collect by questioning the customer and assessing their maturity level in each of
the ten competencies (both explained in more detail below) you will record an ldquoInitial Observationrdquo and an ldquoAssessment Ratingrdquo for each competency in the appropriate competency tab
bullThe lsquoAssessment Ratingrsquo is your analysis of the customerrsquos maturity for a particular key competency
bullThe lsquo(Initial) Observationsrsquo is supporting information on why you selected the lsquoAssessment Ratingrsquo
Baseline ReviewData analysis - SAM Assessment
The ldquoSAM Assessment Reportrdquo tab is organized by the key competencies and corresponding ISO categories
and the results Once all observations and ratings are recorded the information in the lsquoCurrent Optimizationrsquo columns are auto filled based on the lsquoAssessment Ratingrsquo you have selected as well as your Initial
Observation
21
Creating a final report
To create a final report select the ldquoCreate Final Reportrdquo button making sure that macros are enabled
Baseline ReviewData analysis - SAM Assessment
22
Results from the workbook are also provided back in the form of a graph on the SAM Assessment Graph tab
This is an example of what the output graph will look like
0
1
2
3
4
SAM
throughout
organization
SAM
improvement
plan
Hardware
and
software
inventory
Accuracy
of
inventory
License
entitlement
records
Periodic
self
evaluation
Operations
management
interfaces
Acquisition
process
Deployment
process
Retirement
process
Basic
Standardized
Rationalised
Dynamic
Baseline ReviewData analysis - SAM Assessment
23
DeliverablesUpon completion of this stage you can offer key best practices to improve the customerrsquos software asset management program going forward
ELP
Provides details related to license entitlements which are mapped to
deployments and identifies any gaps or underutilization in your organization
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
View sample report here
Final results
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an accurate point-in-time reflection of the customerrsquos current deployment and license position This data along
with the additional customer inputs will also provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application of license benefit and optimization rules (eg upgrades downgrades promotions etc)
bull Review of the Microsoft SAM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps for the customer
Additionally SAM must take into account the speed and ease with which new services can be provisioned configured and released This ease of implementation introduces organizational risks by decentralizing IT
services Because Cloud services appeal directly to business users the risk exists that these services may be
purchased outside the traditional software procurement and SAM processes
Deliverables
The following deliverables are due to the customer at the end of the engagement
bull A comprehensive view of the customer environment A document with details related to all
hardware and software currently deployed within the customerrsquos IT infrastructure
bull The Effective License Position (ELP) A spreadsheet that provides details related to license entitlements and deployments The spreadsheet must be produced using I-AM (Note Defined in
Deliverables to Microsoft) bull License Optimization Report This report must contain the risks liabilities and issues associated
with customerrsquos current licensing practices and prioritized recommendations on how to better
manage their licenses to minimize risks in the future The report could also contain but is not limited to
o Identification of all of the customerrsquos Volume License Agreements (VLAs) with Microsoft and a recommendation on any beneficial consolidation
o Consumption information detailing installed products that are unused or underutilized (eg
no use in last six months)o Recommendations for a repeatable simplified inventory collection process for future True-ups
(for Enterprise Agreement customers only)o Additional customer-specific recommendations based on captured data and insights
24
SAMSOFTWARE ASSET MANAGEMENT
Baseline
ReviewStep 4 Final recommendations
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
Filling out the Workbook
Using the information you collect by questioning the customer and assessing their maturity level in each of
the ten competencies (both explained in more detail below) you will record an ldquoInitial Observationrdquo and an ldquoAssessment Ratingrdquo for each competency in the appropriate competency tab
bullThe lsquoAssessment Ratingrsquo is your analysis of the customerrsquos maturity for a particular key competency
bullThe lsquo(Initial) Observationsrsquo is supporting information on why you selected the lsquoAssessment Ratingrsquo
Baseline ReviewData analysis - SAM Assessment
The ldquoSAM Assessment Reportrdquo tab is organized by the key competencies and corresponding ISO categories
and the results Once all observations and ratings are recorded the information in the lsquoCurrent Optimizationrsquo columns are auto filled based on the lsquoAssessment Ratingrsquo you have selected as well as your Initial
Observation
21
Creating a final report
To create a final report select the ldquoCreate Final Reportrdquo button making sure that macros are enabled
Baseline ReviewData analysis - SAM Assessment
22
Results from the workbook are also provided back in the form of a graph on the SAM Assessment Graph tab
This is an example of what the output graph will look like
0
1
2
3
4
SAM
throughout
organization
SAM
improvement
plan
Hardware
and
software
inventory
Accuracy
of
inventory
License
entitlement
records
Periodic
self
evaluation
Operations
management
interfaces
Acquisition
process
Deployment
process
Retirement
process
Basic
Standardized
Rationalised
Dynamic
Baseline ReviewData analysis - SAM Assessment
23
DeliverablesUpon completion of this stage you can offer key best practices to improve the customerrsquos software asset management program going forward
ELP
Provides details related to license entitlements which are mapped to
deployments and identifies any gaps or underutilization in your organization
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
View sample report here
Final results
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an accurate point-in-time reflection of the customerrsquos current deployment and license position This data along
with the additional customer inputs will also provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application of license benefit and optimization rules (eg upgrades downgrades promotions etc)
bull Review of the Microsoft SAM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps for the customer
Additionally SAM must take into account the speed and ease with which new services can be provisioned configured and released This ease of implementation introduces organizational risks by decentralizing IT
services Because Cloud services appeal directly to business users the risk exists that these services may be
purchased outside the traditional software procurement and SAM processes
Deliverables
The following deliverables are due to the customer at the end of the engagement
bull A comprehensive view of the customer environment A document with details related to all
hardware and software currently deployed within the customerrsquos IT infrastructure
bull The Effective License Position (ELP) A spreadsheet that provides details related to license entitlements and deployments The spreadsheet must be produced using I-AM (Note Defined in
Deliverables to Microsoft) bull License Optimization Report This report must contain the risks liabilities and issues associated
with customerrsquos current licensing practices and prioritized recommendations on how to better
manage their licenses to minimize risks in the future The report could also contain but is not limited to
o Identification of all of the customerrsquos Volume License Agreements (VLAs) with Microsoft and a recommendation on any beneficial consolidation
o Consumption information detailing installed products that are unused or underutilized (eg
no use in last six months)o Recommendations for a repeatable simplified inventory collection process for future True-ups
(for Enterprise Agreement customers only)o Additional customer-specific recommendations based on captured data and insights
24
SAMSOFTWARE ASSET MANAGEMENT
Baseline
ReviewStep 4 Final recommendations
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
Creating a final report
To create a final report select the ldquoCreate Final Reportrdquo button making sure that macros are enabled
Baseline ReviewData analysis - SAM Assessment
22
Results from the workbook are also provided back in the form of a graph on the SAM Assessment Graph tab
This is an example of what the output graph will look like
0
1
2
3
4
SAM
throughout
organization
SAM
improvement
plan
Hardware
and
software
inventory
Accuracy
of
inventory
License
entitlement
records
Periodic
self
evaluation
Operations
management
interfaces
Acquisition
process
Deployment
process
Retirement
process
Basic
Standardized
Rationalised
Dynamic
Baseline ReviewData analysis - SAM Assessment
23
DeliverablesUpon completion of this stage you can offer key best practices to improve the customerrsquos software asset management program going forward
ELP
Provides details related to license entitlements which are mapped to
deployments and identifies any gaps or underutilization in your organization
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
View sample report here
Final results
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an accurate point-in-time reflection of the customerrsquos current deployment and license position This data along
with the additional customer inputs will also provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application of license benefit and optimization rules (eg upgrades downgrades promotions etc)
bull Review of the Microsoft SAM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps for the customer
Additionally SAM must take into account the speed and ease with which new services can be provisioned configured and released This ease of implementation introduces organizational risks by decentralizing IT
services Because Cloud services appeal directly to business users the risk exists that these services may be
purchased outside the traditional software procurement and SAM processes
Deliverables
The following deliverables are due to the customer at the end of the engagement
bull A comprehensive view of the customer environment A document with details related to all
hardware and software currently deployed within the customerrsquos IT infrastructure
bull The Effective License Position (ELP) A spreadsheet that provides details related to license entitlements and deployments The spreadsheet must be produced using I-AM (Note Defined in
Deliverables to Microsoft) bull License Optimization Report This report must contain the risks liabilities and issues associated
with customerrsquos current licensing practices and prioritized recommendations on how to better
manage their licenses to minimize risks in the future The report could also contain but is not limited to
o Identification of all of the customerrsquos Volume License Agreements (VLAs) with Microsoft and a recommendation on any beneficial consolidation
o Consumption information detailing installed products that are unused or underutilized (eg
no use in last six months)o Recommendations for a repeatable simplified inventory collection process for future True-ups
(for Enterprise Agreement customers only)o Additional customer-specific recommendations based on captured data and insights
24
SAMSOFTWARE ASSET MANAGEMENT
Baseline
ReviewStep 4 Final recommendations
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
Baseline ReviewData analysis - SAM Assessment
23
DeliverablesUpon completion of this stage you can offer key best practices to improve the customerrsquos software asset management program going forward
ELP
Provides details related to license entitlements which are mapped to
deployments and identifies any gaps or underutilization in your organization
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
View sample report here
Final results
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an accurate point-in-time reflection of the customerrsquos current deployment and license position This data along
with the additional customer inputs will also provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application of license benefit and optimization rules (eg upgrades downgrades promotions etc)
bull Review of the Microsoft SAM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps for the customer
Additionally SAM must take into account the speed and ease with which new services can be provisioned configured and released This ease of implementation introduces organizational risks by decentralizing IT
services Because Cloud services appeal directly to business users the risk exists that these services may be
purchased outside the traditional software procurement and SAM processes
Deliverables
The following deliverables are due to the customer at the end of the engagement
bull A comprehensive view of the customer environment A document with details related to all
hardware and software currently deployed within the customerrsquos IT infrastructure
bull The Effective License Position (ELP) A spreadsheet that provides details related to license entitlements and deployments The spreadsheet must be produced using I-AM (Note Defined in
Deliverables to Microsoft) bull License Optimization Report This report must contain the risks liabilities and issues associated
with customerrsquos current licensing practices and prioritized recommendations on how to better
manage their licenses to minimize risks in the future The report could also contain but is not limited to
o Identification of all of the customerrsquos Volume License Agreements (VLAs) with Microsoft and a recommendation on any beneficial consolidation
o Consumption information detailing installed products that are unused or underutilized (eg
no use in last six months)o Recommendations for a repeatable simplified inventory collection process for future True-ups
(for Enterprise Agreement customers only)o Additional customer-specific recommendations based on captured data and insights
24
SAMSOFTWARE ASSET MANAGEMENT
Baseline
ReviewStep 4 Final recommendations
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
Final results
The SAM Baseline engagement data must be analyzed reviewed and agreed upon with the customer as an accurate point-in-time reflection of the customerrsquos current deployment and license position This data along
with the additional customer inputs will also provide a basis for the development of solid license optimization
recommendations and a robust SAM Optimization Model maturity assessment unique to the customer Based on the inputs and data collection the partner will complete the following required analysis
bull Reconciliation analysis between license entitlements and deployment data including the application of license benefit and optimization rules (eg upgrades downgrades promotions etc)
bull Review of the Microsoft SAM Assessment Report answers and results in each of the ten key
competency areas identified in the SOM tool in order to prepare recommendations and next steps for the customer
Additionally SAM must take into account the speed and ease with which new services can be provisioned configured and released This ease of implementation introduces organizational risks by decentralizing IT
services Because Cloud services appeal directly to business users the risk exists that these services may be
purchased outside the traditional software procurement and SAM processes
Deliverables
The following deliverables are due to the customer at the end of the engagement
bull A comprehensive view of the customer environment A document with details related to all
hardware and software currently deployed within the customerrsquos IT infrastructure
bull The Effective License Position (ELP) A spreadsheet that provides details related to license entitlements and deployments The spreadsheet must be produced using I-AM (Note Defined in
Deliverables to Microsoft) bull License Optimization Report This report must contain the risks liabilities and issues associated
with customerrsquos current licensing practices and prioritized recommendations on how to better
manage their licenses to minimize risks in the future The report could also contain but is not limited to
o Identification of all of the customerrsquos Volume License Agreements (VLAs) with Microsoft and a recommendation on any beneficial consolidation
o Consumption information detailing installed products that are unused or underutilized (eg
no use in last six months)o Recommendations for a repeatable simplified inventory collection process for future True-ups
(for Enterprise Agreement customers only)o Additional customer-specific recommendations based on captured data and insights
24
SAMSOFTWARE ASSET MANAGEMENT
Baseline
ReviewStep 4 Final recommendations
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
bull Microsoft Baseline SOM Assessment Report The Microsoft Baseline SOM Assessment Report
provides the customer with an Assessment Rating and SAM maturity level based on answers to SAM policy and procedure questions asked throughout the engagement The report must also provide
recommendations at each stage of the model prioritizing the ones with the greatest impact on the
customer According to the scope of the engagement this report will containo An Executive Summary A high-level summary of project background and scope engagement
result recommendations and next stepso SOM Assessment and Recommendations A summary of findings and results of the SOM
maturity assessment
The SAM Partner must notify the Microsoft SAM Engagement Manager when the POE is uploaded into the
required system as designated by Microsoft (currently CHIP) POE includes the following deliverables due to Microsoft upon the completion of the SAM Engagement and must be provided as necessary POE in order for
the partner to collect Channel Incentives payment
bull Established Deployment Position (EDP) The EDP an I-AM generated Excel report provides details related to the customersrsquo Microsoft software deployments and usage data The software
deployments are identified using discovery tools and manual inputs as outlined in the Data collection section The partner must first input all relevant data into the customer Inventory Data
Contract (CIDC) template which will be uploaded into I-AM The EDP will then be created by the
partner using I-AM which is to be given to the customer and Microsoft EDPs produced outside of I-AM will not be accepted as proof of execution The EDP data must meet or exceed the minimum
quality standards published in the current SAM Minimum EDP Quality Standardsbull Effective License Position (ELP) The ELP provides details related to license entitlements and
deployments and is generated using I-AM The ELP must be finalized in the I-AM ELPs produced
outside of I-AM will not be accepted An encrypted ELP must be uploaded into the designated tool (currently CHIP) as proof of execution
bull Microsoft Baseline SOM Assessment Report This must be the same Baseline SOM Assessment Report provided to the customer as outlined above
bull Letter of Confirmation (only applicable for customer countries listed below)
o Required Chinao Advised India Malaysia Indonesia Philippines and Vietnam
The Letter of Confirmation should be drafted after completion of the SAM engagement and requires customerrsquos chop (stamp) or email from customer corporate domain confirming provision of SAM
engagement
The Letter of Confirmation must include the following statement
ldquoThis is to confirm Microsoft SAM Partner ltinsert partner Namegt has implemented SAM service
ltinsert SAM Engagement Typegt to customer ltinsert customer namegtrdquo
Baseline ReviewStep 4 final recommendations
25
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
Baseline ReviewStep 4 final recommendations
Due to customer
SAM resources
SAM Partner eligibility program overview and partner incentive guides are located at httpakamsSAMIncentiveGuide
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
License Optimization ReportPresents recommendations on how to optimize your infrastructure
and improve licensing efficiencies
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement
Due to Microsoft
Letter of Engagement Provides the customer with an overview of the SAM engagement
EDPProvides details related to all hardware and software currently
deployed within the customerrsquos IT infrastructure
ELPOffers details related to license entitlements and deployments
SAM Baseline SOM
Assessment Report
Provides the customer with an Assessment Rating and SOM maturity
level based on answers to SAM policy and procedure questions asked throughout the engagement (same report as given to customer)
Letter of Confirmation
(required for certain countries)
Requires customerrsquos chop (stamp) or email from the customerrsquos
corporate domain confirming provision of the SAM engagement (see previous page for list of countries required this letter)
26
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
Appendix
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
AppendixPlanning
28
SAMSOFTWARE ASSET MANAGEMENT
ResourcesMicrosoft SAM Tools
httpswwwmicrosoftcomen-ussamtoolsaspx
SAM Partner Playbook
httpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
Microsoft Assessment and Planning (MAP) Toolkit
httpsmsdnmicrosoftcomen-uslibrarybb977556aspxf=255ampMSPPError=-2147217396
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
Tips and tricksbull Develop and use your own technology questionnaire and report template that specifically cover
Cloud requirements that you can send to the customer in advance Compare this feedback with
your own findings
bull At the outset of the engagement ensure that the customer has completed any necessary
background checks and granted physical building access and that you have scheduled all stakeholder interviews ahead of time to reduce the possibility of obstacles as the engagement
moves forward
bull Because of the variety of Office 365 offerings it can be useful to create a graphical representation
of user profiles mapped to Office 365 offerings as a way to help visualize Office 365 needs in conversations with customers
bull Document any Cloud services that also connect to internal services noting any dependencies and types of data moving back and forth This information will help improve your understanding of
the customerrsquos system architecture and provide insights about implications forany changes or future plans
bull Multiple passes with the inventory tool or with multiple tools may be required to ensure all data is captured correctly
bull Naming conventions are important Ask your customer what naming conventions are in place
Look to server names to help identify their function Recommend that as a best practice your
customer should use specific naming conventions going forward if necessary
bull Ensure that all administrator rights are lined up ahead of time and obtain all necessary data that can affect the engagement at the outset Be sure to include and consider implications beyond the
usual inventory data including storage requirements server application usage internal and external access needs seasonal changes to access bring-your-own-device scenarios mobile access
current and future plans and warranty and end-of-life dates
bull Data protection laws differ by localecountry For example if you are inventorying client PCs and
access to a particular machine is open to someone in another country know what data laws come
into play Be aware of any legal limitations around data to help protect yourself and your customer
AppendixData collection
29
SAMSOFTWARE ASSET MANAGEMENT
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
For customers looking at a Cloud delivery model like Microsoft Azure the toolrsquos scope will need to
take certain dependencies into consideration
AppendixData collection
30
Data Gathering
Use the questions in the workbook to survey key customer stakeholders about a variety of elements that
may impact their SAM program
bullThe customer may need help to determine what key personnel should receive the SAM Assessment
Questionnaire Itrsquos important to interview different people from different departments to triangulate the information Each business role carries with it a unique perspective and there may not be universal
knowledge For example a procurement person may think all purchasing is decentralized but by talking
with IT you may learn that IT makes purchases for their departments outside of the procurement process Or those responsible for retirement may not know to inform procurement that extra licenses are available
bullReview the questionnaire with them to ensure they understand the questions and to explain what the
intention of each is Help them to understand the questionnaire in the context of their overall SAM
program
This questionnaire information provides a look at what each employee completing the questionnaire believes the current or as-is state of organization is for each key competency For the key stakeholder they
will also identify what their desired future or to-be state is This will provide you with insight that you can
use when developing recommendations
For Office 2013 check for
bull Operating system version
bull Browser type and version on all machines
bull Office suite version
bull Microsoft NET Framework
bull CPU memory and free disk space
For Office 365 Web Apps check for
bull Operating system version
bull Browser type and version on all machine
For Microsoft Exchange and SharePoint Online
check for
bull Operating system version
bull Office products installed
Identify on-premises deployments of Exchange
Server SharePoint Server Lync Server and
similar software to understand what functionality will be needed in Office 365
Covering clients and a subset of servers to assess if systems are ready
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
Current Organization diagrams
Gather details about the customerrsquos organization including
bullCustomer size
bullLocations
bullNames of the various IT groups
bullSAM tools they own and use
bullSupporting SAM processes in use and stakeholder names
SAM reports created for stakeholder or executive sponsors
Current and historical reports will tell you what information is available to the stakeholders and executive
sponsor
bullA key item is the evidence of review and sign-off and by whom
bullIdentify how the reports are created how often they are created and who has access to them
SAM Improvement Plan
This provides you information on what the customer believed was important to improve in their SAM program how it was to be improved
Key items you want to see are
bullEvidence of stakeholder and executive sponsor review and budget approval to support the plan
bullHow often the improvement plan is updated and who has access to it
Hardware and Software inventories
This provides you information on the software deployments Key details include
bullEntitlements deployments and retirement
bullHow they were created and verified ndash specifically the processes and tools used for the inventory
AppendixData collection - SAM Assessment
31
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
Location of software inventories and who has access to them
bullHow is the inventory data made available Are they dynamically created or created by a certain process then
stored off so they can be review and used
bullWho has access to these inventories ndash is there an access control listApproved software vendors
bullIs there a defined list of vendors you can purchase or acquire software from
bullThis list if available may be part of the procurement system
Approved software titles
is there a list of lsquoapprovedrsquo software that can be purchased or acquired
bullIs there a list of lsquoapprovedrsquo software that can be deployed
bullIs there a list of lsquounknownrsquo for software that has not been classified as approved or disapproved
bullSome companies may have a DSL (definitive software library) which may be part of the customerrsquos software
approval process
Customer Interviews
Use customer interviews to fill in information gaps During these conversations you have the chance to learn
more about the atmosphere surrounding the SAM program For example
bullStakeholder objectives and goals
bullEmployees or other key resources like outsources or contract employees
bullCustomerrsquos view of the processes
Look for any road blocks the SAM program faces what is missing what the customer would like to see integrations with other systems etc
Tip Plan logistics out to ensure you are able to schedule all interviews One suggestion is to integrate the questionnaire questions into other SAM Baseline discussions and meetings that yoursquove already scheduled
Analysis
Once the data has been collected you will develop a final report that provides the customer with the results of the assessment and your recommendations As you perform the SAM Assessment you should have
documented your results in the SOM Workbook (as described in the SOM Workbook section) using the
appropriate tab for each of the key competency areas as each key competency area is rated separately
bullIndicate your initial observations and your maturity rating based on the results of your analysis
bullDocument the desired future for each competency area based on the customerrsquos objectives goals
restrictions and limitations
This will help you develop recommendations which are designed to increase the maturity level of the key
competency areas Note some customers may only choose to focus on improving a limited number of key competency areas verses all of them
AppendixData collection - SAM Assessment
32
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
AppendixData collection - SAM Assessment
Microsoft Server Software Support for Microsoft Azure Virtual
Machineshttpsupportmicrosoftcomkb2721672en-us20
Enterprise MobilitySuite
httpswwwmicrosoftcomen-usserver-cloudenterprise-mobility
Resources
33
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
Data interpretation and technical requirements
Cloud solution requirements
The following are examples of requirements for Microsoft Office 365 and Microsoft Azure Office 365 requirements can vary by offering For a comprehensive list of requirements please review
Office 365 Plan Options
Office 365 Requirements
Before customers decide to move to Office 365 we recommend that you verify that their systems meet or
exceed the minimum system requirements
bull For the best experience Office 365 is designed
to work with the following software
ndash Current or immediately previous version of Microsoft Internet Explorer or Firefox or the
latest version of Chrome or Safari
ndash All versions of Microsoft Office covered by Microsoft mainstream support
bull Office 365 does not have an operating system
requirement except that the operating system
used must be supported by its manufacturer However there might be advanced Office 365
configuration options features scenarios or tools that have explicit dependencies on an
operating system or behave differently on
different operating systems
bull The Microsoft Service Pack Support Life-cycle
Policy requires customers to install Office service packs within 12 months of release
Office 365 requires compliance with this policy
bull Office 365 strongly recommends that customers accept automatic updates from
Microsoft to help secure their environments and to have the best experience with
Office 365
bull The minimum hardware requirements for Office 365 can be found here
AppendixData analysis
34
SAMSOFTWARE ASSET MANAGEMENT
bull Variable infrastructure resource requirements
Instances of roles and resources can be allocated as they are needed as well as by architecting
applications to take advantage of the elastic scale
of Azure
bull Virtual machine hosting In addition to offering
traditional platform as a service advantages Azure can host virtual machines These virtual machines
can run any Azure-supported operating system
and can run applications in the same way that they would run on - premises For a list of
supported operating systems see Overview of Azure Virtual Machines
bull Variable workload needs A company may need to
accommodate high levels of use only at peak times and then return to a lower sustained level
of use Migrating these workloads to Azure can
enable a customer to scale when necessary but avoid paying for higher levels of use on a
consistent basis
bull Testing environments A customer may require
higher levels of use during the testing phase for
a new application By using Azure the customer can increase capabilities for the testing period
while avoiding substantial investment in hardware and resources that will be necessary
only for a limited time
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
AppendixData analysis
35
Additional Information Gathering
Gathering inventory data is one step in defining a customerrsquos licensing requirements However data from the
inventory needs to be combined with additional sources in order to make informed licensing decisions This
additional information helps provide the context that is required for accurate license allocations but is not discoverable via most discovery tools Your most important source is your customer Customer conversations
are key to an effective Software Asset Management (SAM) engagement and should help provide the additional insight needed to fully assess and understand the customerrsquos environment
Here are some suggestions about additional items to discuss with the customer
bullReview the customerrsquos intended licensing model so you can correlate details such as the use scenario of each instance and user access in order to confirm the appropriate licensing model is used
bullProfile servers carefully being sure to identify active and passive servers if servers are internal or external facing and the extent of any virtual server environments Insights around server scenarios will better prepare
you for licensing discussions and also lay the groundwork for additional engagements such as SQL
Workloads Cybersecurity or Virtualization
bullIdentify all test and development servers watching out for servers labeled as development that are actually
running as production You can also use this information as the foundation for a Non-production SAM engagement
bullWhen reviewing the tool output look for anomalies such as client count results differing greatly from the
number of employees Ensure your analysis is an accurate representation of the customerrsquos environment
bullData from the inventory tool should be combined with data from other sources (ITSM finance etc) so
informed decisions can be made
The customer needs to know who is responsible for managing each environment in order to inventory assets
properly If they are using a service provider clarify with them
What have they actually bought
Did they buy a system or are they paying a third party to manage it
Tips and Tricks
bull Naming conventions are important particularly when it comes to servers Ask your customer what naming conventions are in place Look to server names to help identify function If necessary recommend
the best practice of using specific naming conventions going forward
bull Be aware of different Product Use Rights and licensing rules for different product versions and editions
Maintain a file with information on each for quick reference
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
AppendixData analysis
36
Resources
Office 365 System Requirements
httpofficemicrosoftcomen-usoffice365-suite-helpoffice-365-system-requirements-HA102817357aspx
Office 365 Plan Options
httptechnetmicrosoftcomen-uslibraryoffice-365-plan-optionsaspx
Office 365 Deployment Guide
httptechnetmicrosoftcomen-uslibraryhh852466aspx
Overview of Azure Virtual Machines
httpsazuremicrosoftcomen-usdocumentationservicesvirtual-machines
SharePoint 2013 on Azure Infrastructure Services
httpstechnetmicrosoftcomen-uslibrarydn635309aspx
Office 365 System Requirements - Client Side
httpsproductsofficecomen-USoffice-system-requirementsOffice365forBEG
Standardized SAM Assessment Workbook (English)
httpspartnermicrosoftcomdownload40072815
Standardized SAM Assessment Workbook (Available in 25 localized languages)
httpspartnermicrosoftcomdownload40181963
SAM Assessment - ISO Updates Only (zip file)
httpspartnermicrosoftcomdownload40190414
International Organization for Standardization (ISO) SAM Standards
ISOIEC 19770-52015 - Information technology -- Software asset management -- Part 5
Overview and vocabulary ISOIEC 19770-22015 - Information technology -- Software asset
management -- Part 2 Software identification tag ISOIEC 19770-12012 - Information technology -- Software asset management -- Part 1 Processes and tiered assessment of conformance
SAM Optimization Model
httpswwwmicrosoftcomen-ussambaselineaspxCollectionId=9d33c0b2-7c54-4274-8b1c-
d1dec3b8548d
SAM Resources
httpswwwmicrosoftcomen-ussamresourcesaspx
BSA SAM Advantage Training Course Aligned to the ISOIEC 19770-1 Standard
httpwwwbsaorganti-piracybsa-sam-solutions
SAM Partner Playbookhttpsassetsmicrosoftcomen-usSAM-Services-Partner-Playbookzip
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
As you work to finalize the SAM Baseline Review and help the customer to understand what software they
have deployed how itrsquos being used and by whom and how itrsquos licensed the next step is to help the customer review or write policies and procedures to ensure ongoing proper software asset management Establishing
standard practices can help them become more efficient avoid unnecessary costs and business risks and
streamline the entire organization At a minimum policies should cover software acquisition use and disaster recovery
As a starting point basic templates and other useful resources are available for download
Best Practices for the IT Department
It is important that those involved in the procurement or provisioning process and those individuals
responsible for purchasing licenses are in communication and work together toensure that additional deployments of software and hardware
are licensed appropriately Gaps can exist when one function of IT is responsible for fulfilling a request but another resource in the workflow manages accountability for the actual licensing
SAM policies should address the need to properly educate the IT department in the complexities and
ramifications of various IT solutions
Regulatory compliance
bullSAM policies should address the organizationrsquos regulatory anddata security compliance requirements and take into account the monitoring of hardware software networking and firewalls that is required for
regulatory and data security certifications Business compliance requirements may include the Payment Card
Industry Data Security Standard (DSS) SOX HIPAA Electronic Records and Electronic Submissions
bullData sovereignty should also be considered Be familiar with any requirements for your country or area so
you can share them with your customer The customerrsquos home country may have strict restrictions on whether data can be stored or accessed from virtual servers or applications outside the country or area
bullData privacy laws should also be considered Some industries such as health and financial services may
require that personal data remain within a designated region or country Make sure that you are familiar with rules and regulations for any country or area where virtual servers may be hosted or accessed
License Compliance
bullSAM policies should be in place to anticipate and control procurement and accessibility servers desktops
and applications Software and server licensing programs are typically counted on a per user basis but in
certain circumstances such as desktop and application virtualization licenses are counted per device It is important to address these potential risks
bullUser groups should be created and managed by the IT team to ensure that applications and servers are only provided to those that require them Mismanaged accessibility of applications can lead to instances of non-
compliance if not planned in advance and managed appropriately
AppendixSAM policies
37
SAMSOFTWARE ASSET MANAGEMENT
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
Roles and Responsibilities
bullItrsquos important to understand how those in different roles are involved and to be sure all roles are
communicating as necessary to ensure smooth software asset management
bullThe customerrsquos SAM policies should cover how compliance is documented how data becomes accessible for
the license manager and how additional provisioning is authorized by the SAM manager
bullFor larger customers with decentralized purchasing sometimes no one person sees the big picture across
the locations Help them to understand the benefits they would realize in terms of license optimization and compliance cost and even security by transitioning to centralized purchasing and management of licenses
SAM Across the Organization
When working with your customers to review or write policies and procedures to ensure ongoing proper software asset management going forward be sure to discuss the impact of big trends impacting the IT
environment like cloud computing mobile device use etc
When customers define their internal SAM processes procedures and policies itrsquos important that they
establish clear expectations of roles and responsibilities Policies should include the desired attitude and behavior from an overall organizational perspective to help ensure all controls are in place and
communicated to all those who are involved in the process Management should become stakeholders in the
implementation and follow-through of SAM processes to ensure that policies become part of the natural cycle of business for the organization
bullRealize that SAM ideally spans people processes and tools in order to sustainably manage licenses
bullDefine and develop processes procedures and policies based on a clear understanding of roles and responsibilities Document responsibilities explicitly avoid making assumptions
bullLook at the Microsoft Operations Framework and follow it consistently as a standard best practice
bullUnderstand and implement a process framework within the organization
bullIncorporate SAM results as a part of governance reports
bullUnderstand what software tags are and how they are becoming increasingly important ISOIEC 19770-2
outlines the parameters for tagging software to optimize its identification and management Governments
are starting to add a requirement for software tags in procurement requisitions and new Microsoft products include software tags
AppendixSAM policies
38
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
Internal Training and Guidelines
When it comes to educating employees about SAM best practices communicating policies should occur on
an ongoing basis SAM crosses organizational functions and all parties should be very clear about the policies up front so there is no confusion about organizational expectations
Before employees can follow rules about software they must know what they are and understand them This is where training comes in Training should clearly communicate the right ways to properly manage software
assets The message can be delivered in different ways to increase awareness and it is best that this is done
iteratively over time When the message is delivered in multiple ways on a regular basis there is a much better chance that employees will take it seriously
bullBe proactive about managing policies and adapt them as necessary to help ensure they are both effective
and likely to be executed
bullCounter any complacency with training and reinforcement from the executive level on down
Take steps to ensure all outside teams such as vendors and contractors understand the organizationrsquos SAM policies and procedures
SAM Standards and Frameworks
International Organization for Standardization (ISO)The comprehensive international standard for Software Asset Management aligned to IT service management is ISOIEC 19770-12012 SAM Processes This vendor-
independent standard can benefit your customers in many ways and is supported by much of the IT industry including Microsoft
AppendixSAM Policies
39
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
Appendix Data analysis - Licensing considerations
Once you have established a comprehensive detailed inventory of the customerrsquos existing IT environments
the next step is to work with the customer as a trusted advisor to optimize their licensing program Software licenses are often a significant part of an organizationrsquos IT budget If your customersrsquo software is not licensed
correctlymdashwhether over-licensed or under-licensedmdashthey can face potential compliance or budgeting issues
Your role is to help customers optimize and manage their software assets so itrsquos important that you understand and communicate the different types of licensing that are available to an organization the
documentation that is required and how to best organize documentation and other ways that you can help When looking at various licensing options consider the following questions
Organizational
bullWhat is the type of industry primary function and size (number of computers) of the customer organization
bullWhat is the projected growth rate and outlook for the customer and for IT over the next three to five years
bullWhat is the customerrsquos history in terms of growth and its business model and corporate culture with respect
to change
bullIf this is a global organization what impact is there on license requirements
bullAre there any mergers acquisitions or divestitures that need to be taken into consideration
bullDoes the customer have any specific regulatory governmental legal or other compliance requirements that need to be addressed by server or desktop virtualization such as SOX HIPAA ISO or PCIDSS
bullHow are IT expenses allocated across the organization and how does this affect the licensing requirements
bullHas the organization embraced virtualization And if they have begun virtualizing do they have the proper licenses to match pace with the speed and ease of deploying virtual machines (VMs)
bullIs the organization considering moving to the cloud And if they have begun migrating to the cloud how are they governing cloud usage
Licensing Agreements and Entitlements
bullWhat is the customerrsquos existing licensing program
bullWhat is the customerrsquos current budgeting cycle for licensing Is it time for a renewal or at the beginning of a
new agreement
bullAre the benefits of the various licensing options and usage rights clearly understood by the customer
bullAre the customerrsquos current Volume Licensing programs licensing models usage rights and purchase
options addressing their IT environment requirements and goals
bullHas the customer defined which Microsoft products and online services they want to license and assessed
the way in which they plan to use those products
bullHas the customerrsquos Volume Licensing program been assessed including the current expiration date and
coverage and options such as Product Use Rights (PUR) and Software Assurance Have you reviewed SA expiration cycles SA can be purchased at different times under different scenarios Allowing SA benefits to
expire can have significant financial implications and can be challenging to renew at a later time
bullDoes the customerrsquos product allow for secondary or multiple installs or for unlimited virtualization And is Software Assurance required for those additional rights
40
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
bullDoes the customerrsquos Volume Licensing program enable the customer to deploy updates and new versions
of software especially on desktop PCs or mobile devices
bullIs there a better Volume Licensing program that would help the customer to increase efficiencies achieve
their business goals and lower costs
bullTo what extent does the customerrsquos Volume Licensing program provide Software Assurance - are there
advantages to deploying the entire installed base with full SA coverage
bullFor a large organization is the customer using an Enterprise Agreement to standardize IT enterprise-wide while being able to purchase software and services for different types of users
bullAre license transfers reassignments or License Mobility to the cloud allowed or prohibited Are there any restrictions pre-approvals or additional costs involved
bullHave the licensing implications for decommissioned hardware been fully considered
bullIf the customer has begun acquiring Azure monetary commitment services is the commitment spend being used
Additional Areas of Discussion
bullWhat is the customerrsquos software acquisitiondeploymentmigration road map Are they planning any
software title changes or migrations Are there any they should be considering
bullHave they optimized licensing for their SQL workloads Their non-production virtualization or mobile
environment
bullAre there opportunities for increased virtualization they could take advantage of
bullWhat are their cloud adoption plans Are they familiar with available licensing options including a hybrid
approach
bullAre mobile devices properly licensed including user-owned devices that may be accessing organizational
resources
Appendix Data analysis - Licensing considerations
41
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42
ResourcesMicrosoft Volume Licensing
httpwwwmicrosoftcomlicensingdefaultaspx
Partner Network Volume Licensing Overview httpsmspartnermicrosoftcomenusPagesLicensingoverviewaspx
Volume Licensing for Microsoft Products and Online Services httpwwwmicrosoftcomlicensingproductsproductsaspx
Volume Licensing Reference Guide
httpwwwmicrosoftcomen-usdownloadconfirmationaspxid=11091
Volume Licensing Enterprise Agreement
httpwwwmicrosoftcomlicensinglicensing-optionsenterpriseaspx
Server and Cloud Enrollment FAQ
httpdownloadmicrosoftcomdownload89A89A3F8B9-94DE-4956-A56E-F6D2B215D0E6SCE_Customer_FAQpdf
Volume Licensing About Licensing Microsoft Product Use Rights and Product List httpwwwmicrosoftcomlicensingabout-licensingproduct-licensingaspxtab=1
Product Use Rights Brief httpwwwmicrosoftvolumelicensingcomuserightsDownloaderaspxDocumentId=7658
Volume Licensing Software Assurance for Volume Licensing
httpwwwmicrosoftcomlicensingsoftware-assurancedefaultaspx
Volume Licensing Licensing Brief - Introduction to Per Core Licensing and Basic Definitions
httpwwwmicrosoftcomlicensingabout-licensingbriefslicensing-by-coresaspx
Appendix Data analysis - Licensing considerations
42