SAM for Stakeholders Outside of IT
Before becoming a SAM Consultant with Licence Dashboard and other service providers, I got my first taste of SAM working as an in-house licensing specialist at retail and engineering firms. Working in both the user and consultant roles has given me an insight into the different problems organisations face with their asset management. Although everyone has different issues with their Software Asset Management, the cause ultimately comes down to awareness.
Despite common perception, compliance is only a small part of SAM, however it is also the most talked about. Vendor audits and compliance reviews do happen, and it is not a question of if, but when. If the compliance risk is not known, then it’s a risk. Very few organizations are compliant, but many don’t know what that risk looks like and even fewer report the risk any further than the IT department. The ultimate responsibility for software compliance falls to the CEO. Regardless of the size of the organization, SAM needs to be a consideration for the highest levels of the business.
When talking to key stakeholders in an organization I often focus on the cost saving benefits of a SAM program rather than the financial risk.
An Acceptable Use Policy for installation of software
Most organizations now have an Acceptable Use Policy in place, but it usually focuses on use of the internet and security. A simple way in which organizations can start to improve their SAM processes and spread awareness is to include a section on SAM in this policy. Having users agree not to install unauthorized software will stop some users from doing so and can be used by IT if a user persistently breaks the policy.
The Acceptable Use Policy should be something which is sent to all users and built into the new starter process. It needs to be something which users agree to either by a voting button or signature. Having a policy does not mean that users read it.
A Software Catalogue of approved software installs
Another recommendation I often give is to create a Software Catalogue. A Software Catalogue is a list of approved software which users can choose from if they want certain functions. The catalogue is intended to give users the freedom to choose their applications while still keeping control over the installed applications.
The Catalogue can be created by reviewing the currently installed software then speaking to key managers throughout the business to establish the required programs. This takes the responsibility of approving software away from IT and organizations can standardize the estate.
Get the Purchasing team on board with SAM
The purchasing team needs to be aware of SAM as they will ultimately be the ones buying new software. Standard practice would be to have all software purchases approved by IT. Any requests which come from outside IT should either be rejected or sent to IT for approval.
A problem that I see regularly is costs spiralling because software was purchased without understanding the infrastructure requirements and licensing implications. Sign off is often based on costs found online and does not take into account any additional equipment that may be required to run the system. I was party to a recent example of this when a new HR system was purchased – it required installing on a server running a higher Operating System than the user had CALs for. It also required a new SQL server. Suddenly the few thousand that was spent on the new HR system had cost the business half a million. Would the original software have been approved if the full cost was known? Most likely not.
These situations can be avoided if software asset management processes are put in place across the organisation.