• Search

• Categories

  • Change Management
  • Company News
  • Industry Observations
  • Information Security
  • ITAM (Asset Management)
  • ITIL and Service Management
  • RFID
  • Software License Compliance

• Recently Written

  • Managing mobile assets – making it part of your ITAM program
  • Keep an Eye on the Hardware Lifecycle
  • Managing mobile assets – bills
  • Managing mobile devices – email addresses
  • Managing mobile assets - contracts
  • Managing mobile devices - applications
  • Managing mobile assets - SIM cards
  • Managing mobile assets – risks
  • Retiring software assets
  • Quick tips on keeping software licenses organized & updated

• Blogroll

  • Miro Consulting

• Subscription

  •  Blog Articles
  •  Subscribe by Email
  • 

• Archives

  • July 2010
  • June 2010
  • May 2009
  • April 2009
  • March 2009
  • February 2009
  • January 2009
  • December 2008
  • November 2008
  • October 2008
  • September 2008
  • August 2008
  • July 2008
  • June 2008
  • May 2008
  • April 2008
  • February 2008
  • January 2008
  • December 2007

• Members

  • Log in

Software discovery and software asset management are two activities that are too often pushed aside or put on hold when you are facing more important issues. They are only recognized when a problem arises, such as an audit by a vendor. Most organizations are still using excel spreadsheets to track software.  This is certainly better than nothing, but has its flaws. Automated SAM software is a step in the right direction, but is often used improperly. A comprehensive audit needs to take place using the software versus a quick scan done every now and again.

Reconciliation is a key function that often gets overlooked and defeats the effectiveness of the SAM software. Reconciling between installed software and your software licensing agreements, terms and conditions needs to take place at the very least every 6 months to avoid falling out of compliance. In addition to reconciliation, a firm set of standards and procedures need to be put into place to avoid unauthorized downloads of unlicensed software. The increase in mobile employees, laptops and mobile devices makes this process more difficult and even more important. Software license agreements are complex and rules are ever-changing. You need to have a firm grip on your software assets to avoid that “Dear John” letter and the fines the come with it!

Most Governance Risk and Compliance (GRC) cases are driven by external regulations or compliance requirements, such as Sarbanes Oxley (SOX). Creating a business case for GRC with this in mind is simple - do so or risk jail time. Internal controls over financial reporting are an essential function in your IT framework and should define the assessment tools and reporting functions across the organization.

In addition to compliance with the major regulators, there are many other benefits from implementing a comprehensive GRC plan. The process, like any major IT implementation, requires a clearly defined plan or blueprint to define the scope, taxonomy, methodology and desired outcome. When undertaking such a project you must remember to establish a common language for risks and controls and implement a consistent methodology. The objective is to develop transparency in your reporting and monitoring, so nothing falls through the cracks. Consistency in your model will be the key driver for a successful implementation. There are several independent vendors and professionals that specialize in GRC. With your business on the line, it often pays to take a professional’s advice when embarking on this type of implementation.

The idea of governing data is certainly not a new one. Most businesses have some form of data governance, but most are not doing it well. With advancements in technology comes added complexity to managing data, forcing companies to separate data governance out by division, business function and/or geographic location, causing the process to break down. All levels must be engaged in the process - from corporate to IT - across the enterprise.

There are many advantages to a successful data governance system, including:

Operational Savings and Efficiencies - data governance allows you to proactively monitor data and make changes for future business operations, avoiding one-off projects that typically cost much more.

Compliance - policies and procedures that are strictly monitored and enforced improve compliance.

Customer Service - improved understanding of customer data provides better customer service and also greater visibility for cross- and up-selling.

Mergers and Acquisitions (M&A) Preparation - should your company be faced with a merger or acquisition, you are better equipped to combine data assets, lessening the time to get back to core business functions.

Next Page →