As anyone who’s ever managed, purchased for or even just called the IT department knows, they, as an industry, do a pretty poor job of defining precisely what the IT asset management (ITAM) lifecycle looks like. Therefore, it’s incredibly difficult, if not impossible, to automate both the reporting and the processing of the asset lifecycle. Organizations have to rely on manual feedback from work orders and visual inventories to know what kind of hardware and software is actually being used. Worse, the ITAM team then gets a reputation of being untrustworthy, because they can never seem to answer the questions from business leaders accurately or timely.
It’s a big problem.
Instead, the ITAM team should be defining IT asset management lifecycle stages in such a way that it’s clear where an asset sits on the lifecycle, and so that the asset can “self-report” and tell us where it is in the lifecycle.
Here is your basic IT Asset Management Lifecycle in five easy steps:
Step One – Procured
Also known as: Purchased, Acquired, Requested
Definition: Money, or the promise of money, has been paid for the possession of or right to use the asset, either hardware or software.
Step Two – Inventoried
AKA: Delivered, Received, Processed, Making ready
Definition: The asset has been physically received and is being made ready for use in the computing environment — in the case of software, documentation from the publisher acknowledging your organization has more use-rights to their software.
Step Three – Installed
AKA: In Use, Deployed, Implemented, Active
Definition: The asset is active in the computing environment. Again, this works for both hardware and software assets.
Step Four – Recovered
AKA: Returned, Fit for use, Recycled, Claw back, Harvested
Definition: The asset has been removed from the computing environment temporarily, with the intent it will be used again.
For software, little evidence is needed to show the use-right has moved back into inventory. Best business practice is to ensure the software is uninstalled from the original computer. Otherwise, you could be penalized for it in a software license audit!
For hardware, more manual effort will be required. A technician should really inspect the hardware for defects; ensure it still has some useful life in it; then clean, clear, wipe and reinstall the base image before declaring it ready for redeployment.
Step Five – Disposed
AKA: Retired, Lost/Stolen, Sold, Destroyed, Trashed, Removed from service
Definition: The asset has been removed from the computing environment permanently and is no longer the property or concern of the organization. For both hardware and software assets, some sort of evidence should be generated documenting the handoff between the old owner and the new one.
You’ll notice something very particular about these definitions — they are mutually exclusive. That means something that is in use can’t be in any other stage. For example, something that is disposed can’t be on the shelf in inventory. It’s gone. Something that’s in use can’t be sitting on the truck on its way to be delivered.
The IT Asset Management Lifecycle — Look for the Data Details
With these new definitions in mind, we can identify data attributes that will signal an asset has moved from one asset lifecycle stage to another. (But let’s change the order a little bit, to make it a little easier to describe.)
- Installed: If an asset is installed, you should see it active on your network. For hardware, end-users should be detected logging into it, it has an IP address and network name, it is consuming power, it appears on network scans, etc. Software installations should be detected and reported on by a “command and control” tool like Microsoft’s MEM, JAMF, VMWare vCenter, etc.
- Disposed: You should have a certification, receipt or something else that shows your organization no longer has the hardware or software asset in hand (and who now does!). If you have such a document, but the asset is behaving as if it’s installed, you have a problem and had better look into it! And, for those of you asking: Yes, software licenses can be returned to the publisher (usually under very specific conditions and with very specific paperwork).
- Procured: It shouldn’t show up anywhere other than on a P.O. or tracking number. But if it acts like it is installed, then it is a good bet someone skipped a step. And a skipped step could mean skipped protections, unauthorized installations. Both could signal a serious cybersecurity breach!
- Inventoried & Recovered: This is the trickiest part. We know they’ve been purchased because we have documentation saying so. We know they haven’t been thrown away because we don’t have a document staying so. We know they aren’t deployed because they’re not showing active in the network. Therefore, the only place these devices should be is in your warehouse or staging area. And that should be an easy walk to look and find it.
The Asset Management Lifecycle – The Big Reporting Payoff
By reorganizing your hardware around this kind of an IT asset management lifecycle, you will know with a much higher degree of certainty what hardware is being used and what isn’t. Consequently, you’ll know what software needs to be licensed because it’s (almost always) running on the deployed hardware.
The real impact will be felt in the cost savings initiatives this kind of trustworthy data can provide. For example, a common question asked of ITAM managers is, “How much is our ITAM program saving the company?” The answer is simple: How many assets (either hardware or software) were moved from the “Recovered” state to the “Inventoried” state. Even better, the reasoning is very simple: Every interrupted purchase is money saved!
Jeremy L. Boerger, the ITAM Coach, founded Boerger Consulting with the idea of helping organizations “cut their software budget without buying less software.” He also speaks professionally to pass along his 20-plus years’ experience to the next generation of ITAM and SAM professionals. His book, Rethinking Information Technology Asset Management, is in paperback and ebooks. He makes his home in Cincinnati, Ohio, with his wife and three children.
Speak Your Mind
You must be logged in to post a comment.