Frankly, Scarlet, “It’s about time!”

On May 8th, 2006 the International Organization for Standards (ISO) announced that it has established standards for Software Asset Management. Naturally, these new standards can be costly to learn and even more costly to implement. As usual, a wide selection of training consultants will be on the band wagon to "help you" implement.

But, here's the rub: The majority of small- to middle-sized businesses simply will not gain enough value out of the standards to justify the expense.

However, you'll still want to read this article! It is definitely an important milestone to any corporation or technology asset manager--provided you understand that the concept and process are of substantially more value than the comprehensive detailing.

For years, I have been training asset managers in processes & methods for regaining & maintaining control of not only software but the entire range of technology assets—from the time the need is envisioned, until the time of closure or disposal (and in many cases, beyond disposal). Until now, I felt like mine was one of a very tiny minority of vendor-neutral voices in a massive forest of hidden technology asset management agendas. It seemed as if every “best practice”, every “recommended process” was based—frequently hidden way deep down inside—on somebody’s paid product or service. This may no longer be true--I hope.

Interestingly enough, though, I’m still wondering when someone like the ISO is going to get around to setting standards for controlling the tactics & processes used by the copyright & enforcement industry players. After all, the dozens of contractual and audit process curve balls they continue to throw our way will strike out even the most well prepared business technology consumer.

Is this a case of “ISO to the rescue” or is it just another way for some pricey consulting or training service to slip their sticky fingers right back into our collective pockets? My hope is for the former. My fears will always reside in the later. You see, I implemented The Business Technology Consumer Network (& other entities) for the specific purpose of educating personnel in vendor-neutral methodologies for taking control of their own technology environments, not to create yet another profit center hitting you up for cash.

While I’m admittedly not entirely altruistic, I firmly believe that there is more benefit in empowering & enabling than there ever will be in outsourcing. So? Standards for SAM are good, but they still represent an essentially reactive approach to an IP industry that will continue to control our operations until someone puts a muzzle on their actions. In my book, the only way we will all learn to play nice together is if both consumers and producers have mutually agreeable standards of ethical behavior and both are monitored by neutral third parties to ensure that they adhere to those standards.

Real World: When the product we purchase perform the function for which we paid, THEN we are gaining value. As long as the products do not comply with our specific acquisition criteria--for the entire life cycle--the business technology consumer will be defenseless.

I’m rooting for the ISO SAM standards to take up some long overdue slack. Consider the following from one of the drafts that I have reviewed. It outlines the core strategic hierarchies of Software Asset Management Processes:

Control of the SAM Environment
SAM Planning & Implementation
SAM Inventory Processes
SAM Verification & Compliance
Operations Management & Interfaces
SAM Life Cycle Process Interfaces

Also, take a look at the following article, published on TechRepublic 5/10/06 by Colin Barker (from ZDNet UK):
            “An End to the Software Police?”

There are some excellent details contained in the text.

Another release of this same article, with another of my commentaries, appeared in CNET News. Look Here. 

And, finally, here are some highlights from the ISO web site discussing ISO/IEC 19770-1:2006:

“ISO/IEC 19770-1:2006 has been developed to enable an organization to prove that it is performing software asset management (SAM) to a standard sufficient to satisfy corporate governance requirements and ensure effective support for IT service management overall. ISO/IEC 19770-1:2006 is intended to align closely to, and to support, ISO/IEC 20000. Good practice in SAM should result in several benefits, and certifiable good practice should allow management and other organizations to place reliance on the adequacy of these processes. The expected benefits should be achieved with a high degree of confidence:

SAM should facilitate the management of business risks, cost control and give competitive advantages.”

You can get your own copy of the ISO standard and review the highlights for yourself at:

"International Organization for Standards"

(By the way, that price you see is in Swiss Francs--around $90USD.)

Remember: If you don’t monitor and manage what is being done, you will someday find that what is being done is being done to you.