Are you ready for your next audit?

Written By:
Content Copyright © 2007 Bloor. All Rights Reserved.

Good IT asset management is needed as a core reference for a number of internal business management functions. However, the 80–20 rule tells us most of its value comes from a small part of the functionality.

Most large companies have a good handle on tracking and depreciating their physical assets. Yet the situation with IT—and especially licensed software—is invariably less rosy. Herein is both a potential threat for prosecution and fines and a major opportunity of savings to be had.

A big problem is knowing what the situation is at any given time. Whereas a piece of kit is tangible and visible, a piece of software is invisible except in terms of entries in file directories and a single licence may cover many copies of the software. So the task is to match up actual usage to the licence. This is one reason why IT asset management software worth its salt can be very different to its more general counterparts.

The penalties for using unlicensed copies of software can be high of course. This can also spill over into regulatory compliance and anyway reflects badly from a corporate governance point of view. Conversely, holding spare licenses for software currently unused could be wasting thousands. Audits are carried out increasingly often—often annually—so this is something that can no longer be buried. Nor should it.

Paul Rochester, CEO of IT asset management software provider PS’Soft identified what he considered was needed but was lacking in some major competitors’ offerings. His first point will undoubtedly be argued against by the major vendors: that its products have been built internally to be both modular and integrated from the ground up; a typical major vendor offering includes several third party products which have then been “shaped and adapted” to achieve the same effect. (In fact, this all depends how well this adapting is achieved.)

Of more value to an end user could be his next observation. “We’re prone to say [to a prospective buyer] ‘You’ll have other products in the data centre’,” said Rochester. “Others are trying to sell everything, to boil the ocean.”

The truth is, any good-sized enterprise will already have software addressing aspects of business management affecting IT assets—and good interfaces to them are needed. It does not need a complete replacement.

This brings me back to software licences and the 80–20 rule. As Rochester says: “80% of ROI may be delivered off a few critical areas.” If you can identify one—like the situation with software licensing—it means a smaller, lower-cost, project leading to rapid ROI.

However, while it would great if the software could sort out the software licensing picture in a totally automated fashion, setting up a new system for this in the first place is not straightforward. It involves a mix of automation through software and manual work…

So, typically, there will be software titles located on the purchase records and these will tell you what the system says you should have. A first pass ‘discovery’ exercise, which needs to be applied to every system in the organisation, will throw up what you actually have installed. There will then be some manual matching, and there could well be difficulties associated with filenames that need reconciling, the appropriate computer IDs, the removal of duplicates and identifying software version numbers. A further wrinkle is new hardware replacing old and PCs not always switched on or logged on while discovery is in progress, so this must be a multi-phase operation—and there could be a multiplicity of minor discrepancies to resolve.

Despite this, the initial pain from this exercise should be very rewarding, leaving the company in good shape before the next audit.

First, the enterprise can identify where it has any unlicensed titles, so quickly move back to full compliance where needed before getting caught out. Second, decisions to drop superfluous licences now identified will save money—perhaps running to thousands of pounds. A follow-on benefit is that a large user of software from one supplier will be in a far stronger position to negotiate a better deal on renewal when he knows the exact usage and cost position. Once done, the job of maintaining a clear picture is much easier, and the savings are then ongoing.

A further incentive to go down this route is the rising importance of regulatory compliance. For instance, as Rochester pointed out, Sarbanes-Oxley even stretches into this area since it requires supporting evidence for asset depreciation, which covers expiry, upgrading and renewal of software licences just as is needed for hardware. Failure to plan ahead for appropriate action when a licence is up for renewal is not good corporate governance.

Then, as we project ahead, greater use of software as a service and on-demand services means even greater focus on what assets you have and are using day to day. It should not take long to justify the software on the basis of a rapid ROI.