You are on page 1of 164

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”).

All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
PUBLISHED BY
IAITAM Publishing, LLC
4848 Munson Street NW
Canton, OH 44718
Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved.
The Certified Hardware Asset Management Professional (“CHAMP”) Certification Class, Certified Software Asset
Manager (“CSAM”) Certification Class, Certified Information Technology Asset Manager (“CITAM”) Certification
Class, Certified Mobile Asset Manager (“CMAM”) Certification Class and Certification in IT Asset Disposition
(“CITAD”) Certification Class, ITAM Foundations Course with optional CAMP Certification, and the respective
course materials used therein, including but not limited to, the instruction manual, presentation and exams
(collectively, the “Course Materials”), are protected by the Copyright law system. The Course Materials are
proprietary information owned by IAITAM and provided solely to paid attendees of the IAITAM Certification
courses for informational and educational purposes only. Distribution or any other use of the Course Materials is
strictly prohibited. Reproduction of the Course Materials in any form or by any electronic or mechanical means,
including information storage and retrieval systems, is strictly prohibited.
The Course Materials are designed to provide general information that is representative of the IT industry and has
been prepared by professionals in regard to the subject matter covered. IAITAM Certification courses are taught,
and the Course Materials are provided, to paid attendees of the IAITAM Certification courses only with the
understanding that IAITAM has not been engaged to render legal, accounting or professional consulting services.
Although prepared by ITAM professionals, any recommendations made during the IAITAM Certification courses
and/or contained in the Course Materials may differ from the needs of your organization and therefore should not
be used as a substitute for professional advice and services in all situations. If legal advice or other expert
assistance is required, the services of a professional should be sought.
IAITAM MAKES NO WARRANTY, EITHER EXPRESS OR IMPLIED WITH RESPECT TO THE IAITAM
CERTIFICATION COURSES, COURSE MATERIALS OR ANY OTHER PRODUCT OR SERVICE PROVIDED OR
TO BE PROVIDED BY IAITAM, AND SPECIFICALLY DISCLAIMS ALL OTHER WARRANTIES, INCLUDING,
WITHOUT LIMITATION, WARRANTIES FOR MERCHANTABILITY, NON-INFRINGEMENT AND FITNESS
FOR ANY PARTICULAR PURPOSE. IAITAM’S SOLE OBLIGATION AND LIABILITY FOR ANY PRODUCT OR
SERVICE DEFECTS SHALL BE, AT IAITAM’S OPTION, TO REFUND TO BUYER THE AMOUNT PAID BY
BUYER THEREFOR. IN NO EVENT SHALL IAITAM’S LIABILITY EXCEED THE BUYER'S PURCHASE PRICE. IN
NO EVENT SHALL IAITAM BE LIABLE TO THE BUYER OR TO ANY THIRD PARTY FOR ANY INDIRECT,
INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES (INCLUDING WITHOUT
LIMITATION LOST PROFITS, LOST SAVINGS, OR LOSS OF BUSINESS OPPORTUNITY) ARISING OUT OF
OR RELATING TO ANY PRODUCT OR SERVICE PROVIDED OR TO BE PROVIDED BY IAITAM, OR THE USE
OR INABILITY TO USE THE SAME, EVEN IF IAITAM HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
DAMAGES.

ISBN-13: 978-1-935019-18-3
ISBN-10: 1-935019-18-X
1.1.2.4

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
About IAITAM and the Mission

The International Association of Information Technology Asset Managers, Inc. (IAITAM) is the
professional association for individuals, organizations, and providers involved in any aspect of the
lifecycle processes for IT assets in organizations of every size, industry and across the globe. IAITAM’s
mission is to be the principle resource for comprehensive IT Asset Management best practices
worldwide, enabling practitioners and industry professionals to achieve continuous success through
ongoing education, certifications and networking as well as providing information pathways for
knowledge enrichment and professional growth.
IAITAM provides a central site for the development and confirmation of skills as well as the promotion
of IT Asset Management best practices and their value to the organization. Through specialized training,
IAITAM provides a common base of understanding, terminology and a broader perspective on the
opportunities of IT Asset Management through the contributions of its members. Members include
specialists in Software Asset Management, Hardware Asset Management, Negotiators, Procurement
Professionals, Property Managers, etc, to name a few of the job titles that participate in the association.
IAITAM is unique in that providers of services and tools are included as members of the association,
offering an equal opportunity to add their knowledge and experiences into the centralized information
source that is the association.

Professionals receiving IAITAM training usually opt to take one of the certification exams in order to
receive the recognition as a:
 Certified Software Asset Manager (CSAM)
 Certified Hardware Asset Management Professional (CHAMP)
 Certified IT Asset Manager (CITAM)
 Certified IT Asset Disposition (CITAD)
 Certified Mobile Asset Manager (CMAM)
 Certified Asset Management Professional (CAMP)
These certifications allow employers to select candidates that have a solid base of knowledge to
accompany the personal experiences of the individual. Since professionals distinguish themselves by
their ongoing contributions to their employers and to their profession, recertification requires that the
individual continue to acquire knowledge and experiences. Recertification activities include additional
training and knowledge-gathering, asset management activities on the job, and sharing experiences
through articles, speeches and participation in conferences. Join IAITAM and participate in advanced
training opportunities, knowledge sharing, and peer support along with access to the latest trends in the
industry. This professional commitment empowers you to function effectively and gain the highest
service levels, recognition and career satisfaction possible.

For more information, please visit the website at www.iaitam.org.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
The ITAM Foundations Course with optional Certified Asset Management Professional (CAMP)
The ITAM Foundations Course with optional Certified Asset Management Professional (CAMP)
Certification is designed to impart an extensive overview of IT Asset Management (ITAM) best practices
and processes as well as ways to embrace multiple organizational frameworks such as ITAM & IT Service
Management (ITSM).
The use of technology in business has grown extensively over the past three decades and continues to
grow exponentially on a daily basis. With that growth comes the need for ITAM as well as the
understanding of what ITAM is, the benefits it brings to an organization and how it crosses all function
business areas.
This course was built to provide information on each of the IAITAM Best Practice Library’s 12 Key
Process Areas (KPAs), the roles and responsibilities that effect an ITAM Program, core functional areas,
KPA indicators, strategic positioning, and how ITAM can be brought into other frameworks such as
ITSM so that they work together in the most efficient way for an organization thus producing a greater
ROI for its IT portfolio.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
IT Asset Managers Code of Ethics

ABOUT BEING A PROFESSIONAL: THE IT ASSET MANAGER


CODE OF ETHICS

PREAMBLE
Members of the IT Asset Management profession believe that management of the financial, contractual,
and inventory aspects of IT assets within an organization are essential to business operations. The duty
of the IT Asset Manager is to maximize benefits while minimizing risk concerning all IT assets in their
organization. IT Asset Managers communicate and educate often on IT Asset Management policies,
processes, procedures and roles in order to gain cooperation across the organization. As a profession
that assists in the control and security of IT assets and communicates about those assets to partners and
business associates, a dedication to high standards, principals and ethical behavior are essential.

EXERCISE COMPETENCE AND TRUTHFULNESS IN ALL INTERACTIONS


Asset Managers are honest, fair and courageous in collecting, interpreting and sharing information.
Asset Managers:
 Ensure the accuracy of information from all sources and implement the utmost in care to
avoid inadvertent error. Research all new concepts and share the knowledge with
administration to help make the best decisions possible in regards to adapting new policies,
processes, procedures, and technologies
 Practice and encourage others to practice in a professional and ethical manner that reflect
credit on their profession
 Ensure that IT assets are tracked and accounted for within an organization at all times
 Support and participate in the acquisition process for an organization, ensuring that the best
value for the organization is obtained
 Comply fully with all relevant statutory and regulatory requirements. Remain up to date on
legislative and regulatory issues, communicating requirements as appropriate across the
organization
 Support documentation standards by ensuring that all IT Asset Management documentation
is readily available during normal operations as well as during any emergency situation
 Endeavor to establish and maintain the highest standards on the financial return of IT assets
 Provide to co-workers and superiors all information related to the IT Asset Management
decision-making process as well as any other information necessary to support making
informed decisions with realistic expectations. All inquiries shall be answered promptly,
completely, and truthfully
 Endeavor to establish and maintain excellence, personally and among colleagues in all aspects
of IT Asset Management

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
IT Asset Managers Code of Ethics

 Maintain excellent communications with outside support in a fair and structured manner,
enabling accurate decisions that are based on non-personal biases
 Ensure that the final dispositions of IT assets meet the highest standards, protecting
information and the accuracy of dispositions records
 Support and participate in all aspects of IT Asset Management, raising your level of
knowledge and enhancing your ability to participate in knowledge sharing for the benefit of
the profession
 Always maintain the highest standard of personal and professional conduct

EXHIBIT DEDICATION TO THE HIGH STANDARDS OF THE PROFESSION


IT Asset Managers maintain a high level of participation in the profession, taking pride in how they help
their organization and in helping others to obtain a higher level of functionality and profitability. Asset
Managers:
 Avoid stereotyping others by race, gender, age, religion, ethnicity, geography, sexual
orientation, disability, physical appearance or social status
 Act with integrity, competence, dignity, and in an ethical manner when dealing with
employers, employees, and all others that have interactions with the ITAM program
 Establish clear guidelines about confidentiality issues within the organization and adhere to
them
 Implement the decisions of those to whom he or she is responsible which are lawful and in
accordance with the organization’s policies and procedures
 Avoid all abuse of power for personal gain, advantage or prestige, and in particular refuse
bribes or other inducements of any sort intended to encourage dishonesty or to break the
law
 Do not use any information obtained in the business for personal gain or for the benefit of
relatives or outside associates
 Are concerned with the issues and problems of subordinates, treating them fairly and
leading them effectively, with reasonable access and be an advocate to management. Share
knowledge with them in order to help them become more successful within the
organization
 Bring to the attention of executives the impact of organizational plans on the employees so
that impacts are included in the planning including education, support, and change
management

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

ITAM Foundations
SECTION 1 – INTRODUCTION, BEST PRACTICES, AND THE ITAM PROGRAM

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

WHAT IS A CERTIFIED ASSET MANAGEMENT


PROFESSIONAL
A Certified Asset Management Professional (CAMP) is an entry level business role supporting the IT
asset management program. Their level of understanding gives them a firm grasp of the business
application of an ITAM program, and they provide advocacy and understanding of the program out to
the organization. This person holds a CAMP certification and understands the basic principles of proper
asset management policies, processes and applications and the importance of those organizational goals
organizational business drivers leading to an increased return on investment (ROI), lower total cost of
ownership (TCO), compliance risk mitigation, proper asset disposition, IT responsiveness and maximize
end user productivity. The CAMP reports directly to the management of the supporting department or
to the Program Manager for the IT Asset Management program.
 Aids and advocates controls for a centralized ITAM inventory, ultimately linking licensing,
usage, hardware, locations and documentation for all assets
 Assists in creating visibility into asset processes and builds controls for assets throughout
the lifecycle to uncover more savings and value, reduce support and rollout costs and
maintain compliance
 Aids in the development of and promotes policies, processes and procedures for IT asset
acquisitions, installations, usage and disposition
 Ensures that all parties understand and adhere to legal requirements for using the
organization’s IT assets
 Utilizes available resources to solve problems, aware that ITAM issues interrelate and
impact important business objectives
 Assists program managers by supporting strategic initiatives to the creation and
maintenance of an effective Vendor Management program
 Nurtures productive relationships with all other business units, both those that have
interaction with the IT business functions and those that are customers
 Encourages and maintains executive management support for all IT related endeavors
 Provides employee awareness of the ITAM program and aids in creating awareness of
impacted frameworks and relationships such as in service management (ITSM)
 Conducts responsibilities and tasks in support of the CITAM™ and other ITAM roles

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

INTRODUCTION TO IAITAM’S BEST PRACTICES AND


PROGRAM MANAGEMENT
The IAITAM IT Asset Management best practices is a plan of action developed utilizing the experiences
of hundreds of IAITAM members and covering every aspect of IT Asset Management.
IAITAM members defined a need for more focused and well defined management program that covered
the full gamut of roles held by the members of their profession. The need and the solution sought were
not isolated problems from a handful of organizations, but were universal to all industries, globally.
Understanding those needs, IAITAM identified program categories called Key Process Areas (KPAs).
Processes were codified for each category based on goals and outcomes. Once the KPAs, processes
and related tasks were defined, IAITAM began identifying the interconnections that unify these
categories into an overall program.
Since the release of the IAITAM Best Practice Blueprint, the IAITAM Best Practice Library (IBPL) has
been released in book format and as an online subscription called ITAM 360™. IAITAM certification
courses utilize the IBPL framework for all courses because of the increased value that it offers to
students both from an initial learning perspective and as a framework for advanced learning. The
framework has long-term value to professionals as a methodology for developing practices that function,
deliver value, and are repeatable and sustainable over time.

KEY PROCESS AREAS


The IBPL program categories are known as Key Process Areas or KPAs. IAITAM has defined 12 KPAs
required for successful IT Asset Management. These areas, presented in alphabetical order, are:
1. Acquisition Management
2. Asset Identification Management
3. Compliance Management
4. Communication and Education Management
5. Disposal Management
6. Documentation Management
7. Financial Management
8. Legislation Management
9. Policy Management
10. Program Management
11. Project Management
12. Vendor Management

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

The framework of the KPAs is explained and referenced throughout the course to improve retention of
ideas and to provide a framework of knowledge and analysis that continues to deliver throughout the
ITAM professional’s career.
The KPAs are the entire scope of processes within IT Asset Management and must be supported by and
the responsibility of the Certified IT Asset Manager. Not every organization has all of the processes
identified in the 12 KPAs under the ITAM umbrella and in fact organizations have any number of
organizational structures for ITAM. By developing the processes described in the KPAs, an ITAM
program that gains control over all of the organizational assets while adding value, mitigating risk, and
improving performance is created.
Diagramming Processes
Each Key Process Area is defined separately, with processes, goals, outcomes, roles and deliverables.
However, the KPAs are also dependent upon each other to make up the full ITAM program. The
diagram shown below is known as a Data Flow Diagram (DFD). The purpose of this diagram is to show,
at a high level, the flow of information between the KPA processes. There is no start or end and is
depicted as a static view of the flow of information within the IT Asset Management program. This
diagram is a great example of how graphics can display information in another way, offering different
insights.
The diagram does not include Project Management, Documentation Management, Communication and
Education Management and Program Management. These KPAs are equally important, but a DFD with
all KPAs would be too cluttered to provide understanding and value.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

Hardware and software technology constantly changes and the ITAM program must balance change with
proven processes. Technological advancements are anticipated by a solid ITAM program. Using the 12
KPAs, the IT Asset Manager or program manager identifies the impact of change by stepping through an
analysis of the processes identified within each KPA.

THE INTERWOVEN KPAS


While each Key Process Area depends on the other KPAs to operate effectively, the interrelationships
of three KPAs are the foundation of every functional ITAM program. They are:
 Program Management
 Policy Management
 Communication & Education Management
These three areas support the success in any KPA, providing the mechanisms for constructing
processes that include people, automation and growth over time.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

IAITAM KPAs concentrate equally on developing structure and on analysis techniques. While IT Asset
Management is essential regardless of organization size, industry or type; differences in culture, business
drivers, history or a specific need requires the flexibility to analyze choices as well as to build structure.

PROGRAM MANAGEMENT
The business practices of ITAM are rarely contained within a single area or department of an
organization. With the pervasiveness of IT technology into almost every job function, the “customers”
for IT Asset Managers include almost every person in the organization. IT assets are costly, which
makes them precious and contested resources. Rather than allowing these issues to hamper IT Asset
Management success, the IBPL embraces these issues by defining IT Asset Management as a core
competency for the organization.
Instead of being limited by the aspects in a job description or a department, consider instead developing
a “program,” or a business infrastructure including processes, policies, roles, procedures and
documentation. Program Management is the set of processes that are required to build, maintain and
monitor the ITAM core competency. Using the Program Management processes, ITAM is resilient to
change and reorganization, providing an organization-wide view into IT assets. Developing a program is
the first step in successfully building IT Asset Management processes that deliver over time.
Program Management is a Key Process Area in the IAITAM Best Practice Library, serving as the
centralized point from which to define, implement, control, and monitor as well as market the value and
successes from IT Asset Management.

PROGRAM AS CORE COMPETENCY, INFRASTRUCTURE AND DIRECTION


Building an ITAM program includes defining a mission, overall strategies and objectives, developing
measurements and prioritizing IT Asset Management efforts within an organization. The ITAM program
is the centralized process by which all activities are defined, implemented, controlled and monitored. A
mission statement communicates what the program does, the importance of the ITAM team, and what
value is delivered to the organization. It is absolutely critical that the mission statement accurately
conveys the program’s purpose to the executive team to gain their confidence and buy-in.
The overall strategy and objectives define the roadmap which supports the mission of the ITAM
program. The strategy and objectives state the path to a successful ITAM program while reflecting the
business needs of the organization.
Measurements provide feedback to determine the effectiveness of the ITAM program. This feedback
assists the IT Asset Manager in determining the strengths and weaknesses of the ITAM program,
enabling adjustments specific to the needs of the organization.
The IT Asset Manager also prioritizes IT Asset Management projects and tasks based on business drivers
(such as cost savings, risk mitigation, innovation) of the organization. The IT Asset Manager ultimately
prioritizes the projects and tasks related to the ITAM program based on a balance of business drivers, IT
goals and IT Asset Management goals. Communication is essential for gathering the information to
prioritize as well as relating how ITAM helps achieve goals. The IT Asset Management program can
make a positive difference in all business drivers of the organization.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

PROGRAM AS SOURCE OF MARKET AWARENESS


In addition to the business infrastructure and direction benefits of the Program Management KPA, the
goals for building awareness are supported by the program. Throughout this course, communication
and education are highlighted as excellent methods to gain cooperation and develop buy-in at all levels.
There are goals and a mission statement to discuss as well as valuable insight into practical asset
decisions as they relate to organizational goals and measurements to demonstrate status. Used as
sources of information for presentations, articles or brown bag lunches, the program processes help the
IT Asset Manager bridge the gap between ITAM and the rest of the organization.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

COMMUNICATION & EDUCATION MANAGEMENT

WHY ARE COMMUNICATION AND EDUCATION INTEGRAL PARTS OF AN ITAM PROGRAM?

THE DEFINITION OF COMMUNICATION AND EDUCATION IN IT ASSET MANAGEMENT


Communication is the process for sharing information and ideas using a commonly understand language
that can be written, oral or nonverbal.
Education, a specialized communication activity, teaches specific skills, tasks, processes, etc. Education is
the imparting, and acceptance of knowledge.
“Effective communication skills and a continuing education program are imperative to create a professional
working relationship with others and are key components to corporate growth.”
“Effective and true communication builds trust and trust is a core issue that must exist in order for business
relationships to be successful.” Barbara Rembiesa, President of IAITAM

WHY COMMUNICATION IS IMPORTANT


The goal of effective communication is that the recipient of the information comprehends what was stated and is
able to apply this new information in support of their needs and the organization’s goals.
The necessity for effective communication is a constant in an ever changing business world. Books have
been dedicated to this subject. To understand and apply effective communication processes as part of
the ITAM program, communication is examined at a basic level. The scope of the communication for
business includes interdepartmental communication, employee-customer communication, and
communication between peers and managers. Communication is complicated by distractions, regional
differences and different delivery mechanisms which are discussed in this chapter.
Communication is more than the sharing of information, it is a primal human need to understand and be
understood. People communicate in order to define themselves and find meaning in their interactions
with the world around them. ITAM professionals must communicate effectively to perform their roles
as educators, cost savers, service providers, risk reducers, evaluators and all of the other roles
necessary to be active members of their business community. Communication occurs on multiple levels,
takes varied forms, and is vulnerable to multiple barriers and interpretations.
Communication includes information that is spoken, written, electronic, or non-verbally sent and
received through gestures such as seen with usage of sign language. In simplest terms, communication is
a piece of information sent from one person to another. That simple definition is sufficient for many
daily interactions, but a more complex view into communicating is required to build the excellent
communication skills necessary to effectively work in a business setting. Effective communication skills
are an essential component of leadership.
Communication is essential, orienting, teaching, transmitting information and generally feeding the
senses with awareness. A wrong word or gesture can break a deal or end a business relationship.
Good communication skills are often a requirement for employees. These skills are initially assessed

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

during the interview process and may be the deciding factor as to whether one gets the job or not,
regardless of other criteria such as education and experience. Knowledge and experience gain value
when communicated to others through knowledge sharing, an important component of effective
leadership and management.
The strength of communication is the responsibility of the communicator and in the work setting,
communication plans are developed to ensure that communication:
 Provides the individual understanding of what needs to be accomplished
 Helps an individual understand the needs of others
Effective communication delivers many benefits, some of which are measurable, and others where the
organization derives benefit, yet are observed in less measurable ways, such as employee buy-in. Below
is a list of benefits to the organization that are gained through effective communication:
 Individuals have a shared understanding and agreement about next steps, goals or concepts
 Information flows in a specific direction because of communication, potentially reducing lost
time due to misunderstandings
 Creates an acceptance for open discussion, generating new ideas and improved methods for
achieving a task. Communicating can motivate by creating a cooperative environment
 Encourages others to achieve their goals through knowledge sharing communications, which
are a natural resource within an organization
 Provides information to inspire independent thinking, aiding in effective action.

COMMUNICATING EFFECTIVELY
As stated earlier, the effectiveness of communication is the responsibility of the communicator. In order
to communicate effectively, thought preparation is necessary, along with developing the delivery of
information. The communicator is also aware of the recipient and manages their response to the
communication. The following model for communication captures the basic steps for effective
communication. The acronym SPUR is used to describe this model which means:
SEEK: Prepare to communicate by fully understanding and organizing the information to be conveyed
PRESENT: Present information through communication; involves body language, tone of voice, and
chosen method (spoken, written, etc.) so that the listener(s) can identify what is important
UNDERSTAND: Ensure that listener has received the information and understands it
RECAPTURE/REINFORCE: Conclude the communication with a technique to confirm
understanding and to gauge the listener’s perception of what was presented. This technique may be
recap or summary, listening to the listener’s subsequent remark or question. Reinforcement does not
have to be part of the same incident of communication
The SPUR model is an interactive communication process that works well to ensure that the listener
comprehends the information delivered to him/her. The attention to closing the loop with feedback
allows the speaker to verify the effectiveness of the communication.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

COMMUNICATION OBSTACLES
There are perception factors that influence the perception of an individual during communication.
These include, but are not limited to:
 Mood
 Situations or problems faced at home or in other relationships
 Feelings or attitudes towards a certain person or group of people
 Biases
 Trust vs. mistrust
Perception factors may be long term (such as bias) and impact all communications with that individual.
Factors like mood influence perception during a specific timeframe.
Obstacles that interfere with a specific communication are called noise and in today’s business
environment, noise is a problem. This noise can be internal; coming from distractive thoughts from the
listener’s own mind (research suggests this noise occurs every seven seconds in the mind of an adult), or
the external noise distraction of cell phones or sirens or other environmental noises. During normal
conversation in a typical day, these noise distractions are viewed as commonplace and are accepted
despite the annoyance factor. Consider a conference or class where everyone is disrupted by these
rude distractions. Even though it may be impossible for 100% compliance, the ideal action is to be
aware of these issues and prior to a meeting, kindly remind everyone to turn off their phones to keep
the distractions to a minimum and help everyone to concentrate and participate fully. In any
environment where comprehension is important, distracting noises should be kept to a minimum.

NON-VERBAL COMMUNICATION
In the world today, non-verbal communication is much more than just the written word. Thanks to
technology, we can communicate non-verbally and get instantaneous feedback. It is now more
imperative than ever before that we ensure that business appropriateness is applied to all of our
communications. It is equally important that what we type is as appropriate as what we would say during
a verbal communication with the same person. Research suggests that social networking has a tendency
to create an atmosphere in which a more relaxed method of communication is used. Businesses need to
keep this in mind and remind their employees that verbal and non-verbal communication should be
treated the same and always be delivered in a professional manner.

COMMUNICATION ABILITIES OF EFFECTIVE LEADERSHIP


An effective leader has the ability to communicate effectively with employees, business partners, and
customers. By incorporating communication skills such as SPUR, attention to distractions and how
messages are delivered lead to a shared understanding that makes a leader successful. While leadership
is expected in management positions, the CSAM is a leader in managing the software portfolio for the
organization. The following list of communication skills for effective leaders applies to all roles within
Software Asset Management. Leaders:
 Listen effectively: Listening gives the leader an understanding of issues and offers ideas
about the best approach to take when responding. Listening is the active process of

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

receiving information and looking for the reaction to the messages received. It is not simply
hearing. It is the best way to develop an understanding with an employee. Active listening
is also respectful of the speaker and a powerful way to communicate to the speaker that
they are understood and appreciated
 Speak honestly and clearly directly to the issue: While complete disclosure is not
always possible, speaking directly and honestly helps build and maintain trust
 Be positive: Be positive about life, others, about themselves and about one's work as a
simple and powerful method for creating a positive work environment
 Understand and articulate that understanding: Before a leader can ensure that the
listener received the message, a leader asks questions and thinks through the information
before speaking
 Keep knowledge current: A leader is an asset to others, sharing knowledge of current
research and industry advancements
 Engender work satisfaction: Leaders have a responsibility to provide good feedback as
well as negative to reinforce job satisfaction
 Motivate: Use communication to motivate themselves and to inspire colleagues
 Vary communication methods: Leaders use all avenues of communication available
including social networking
 Articulate purpose: Leaders translate the vision of the organization into actions
 Instill confidence: Encourage others to act based on knowledge from effective
communication

SUMMARIZING THE GOAL OF COMMUNICATION


The goal with any type of communication delivery method you choose remains the same. The listener
needs to comprehend what was stated and be able to apply this new information to fit their needs. This
reaches the communication goal of shared understanding which places employees in good standing with
the person, (whether it be a superior, co-worker, client, customer, etc.) and also creates a feeling of
trust, which is ultimately important in any relationship.
Communication can be effective regardless of the system used to deliver it as long as the basic principles
of effective communication are implemented. The simple discipline of asking the four basic questions of
who, what, where and why before starting a memo, a meeting or a speech is an effective communication
preparation technique in any situation.

WHY EDUCATION IS IMPORTANT


Education is specialized communication with a planned agenda, materials and validation method such as
an examination. Managers of IT Asset Management personnel develop training and education plans for
their staff using internal and external resources.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

Software Asset Managers in any role have the responsibility for educating fellow employees about
software policies, processes and procedures. In order to develop and deliver education knowledge, it is
necessary that:
 Leadership is ethical and professional
 Technology allows choices for delivering professional education development and career
paths
 Organizational management is involved in the process
 Interpersonal relationship skills are practiced and utilized
 Effective communication skills are developed and used consistently
 Trends in technology and information systems are recognized

WORKPLACE EDUCATION
Education in the workplace is essential to employees, both in management and non-management
positions. General justifications for continuing education programs include the following benefits for the
employees:
 More confidence on the job and maintains a positive outlook
 Improves capacity to cope with change
 Acquires new and improved skills
 Increases awareness of important issues such as safety
 Willing to take additional training
 Improved customer service and quality control
 Improved internal peer and management relations

KNOWLEDGE SHARING AS PART OF AN EDUCATION PROGRAM


Organizations use employee knowledge to educate others as well as execute their own duties. A good
example is at a staff meeting where an employee is assigned a topic in advance to present at the meeting.
Knowledge sharing is an effective communication method for building respect and trust by creating a
culture that sincerely encourages mutual support.
Creating an environment where knowledge sharing is expected and rewarded expands the use of this
natural resource within an organization and provides incentive for the most knowledgeable employees
to share their information. Education in the workplace is an important aspect of any project or goal. Of
course, educating someone else means that the educator must communicate well. When hiring an
individual at a senior level of knowledge and experience, evaluate that person’s ability to write, present
ideas verbally and capability of earning an audience’s respect as well.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

PURPOSE OF THE COMMUNICATION AND EDUCATION PROGRAMS


IT Asset Managers communicate the importance of ITAM to the organization, helping others understand
what needs to be accomplished for effective management of an organization’s IT assets as well as the
why. Since every employee in the organization has to be aware of policies, cooperate and use the
services provided, the IT Asset Manager has to have include communication plans in every project and
task and continually improve communication skills.
When employees receive information about IT Asset Management policies from the start of their
employment, the opportunity for a positive outcome is increased. Most employees incorporate that
information into how they execute their work rather than to reject or ignore the processes, especially if
the value to that individual has been communicated. By following procedure, the employee maintains
realistic expectations, understands how to receive the necessary software and has a positive experience
with that aspect of their position. Such experiences have a positive influence on the organization as a
whole.
Communication and Education are on-going activities that require review, updating and change on a
regular basis. Changes should be made when the need arises. One suggestion is to have a cross-
departmental team available to plan and execute communication and education events. This team helps
the IT Asset Manager understand the needs and cultural environment of each functional department.
The practice also allows for evaluation and feedback in order to measure the effectiveness of
communication and educational events throughout the organization.
Understanding the reasoning and justification for the Communication and Education KPA is the first step
to creating a communication plan and program. Goal setting is the next step, where mapping issues and
implementing projects are prioritized into specific communication goals. Without a communication
plan, communication is generally ad hoc, which does not deliver as effectively and ultimately increases
failure rates. Implementing best practices in communication and education helps achieve organizational
goals and increases Return on Investment (ROI).

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

POLICY MANAGEMENT

DEFINING POLICY
Policies specify what needs to be accomplished, who the audience is for the requirements of the policy,
and explains why a policy is important.
The Merriam-Webster dictionary defines a policy as “a definite course or method of action selected
from among alternatives, and in light of given conditions to guide and determine present and future
decisions; a high-level overall plan embracing the general goals and acceptable procedures especially of a
governmental body.” Within some organizations, policies are also referred to as directives.
Policies are written instructions that specify what behaviors and actions are permissible and expected
within the organization and designate those to whom the policy applies. Policies guide, govern and
prohibit specific activities. Policies are not optional.
Effective policies provide:
 Controls to behavior
 Influence during changes
 Ability to cope through education and enforcement

Information from the Policy Management KPA presented in this chapter includes the following:
 Definition of a policy
 The importance of Policy Management
 How policies relate to IT Asset Management
 Implementation goals for ITAM policies
 The processes required for policy management
 Who should be involved in developing and maintaining policies
 Policy Management best practices
 Recommended policy topics
 Policy development example

INTRODUCTION TO POLICY MANAGEMENT


Appropriate and correct policies are a critical success factor for any IT Asset Management program.
Policies need to be clearly defined, understandable and enforced. As a best practice, IAITAM
has identified more than thirty policy topics for IT Asset Management. Once defined, the policies must

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

be accessible and presented so that employees understand them, follow them and understand why the
policies are important to the organization.
Policies must be enforced to have any value to change or govern behavior. Therefore, as
policies are developed, they must be enforceable and uniformly enforced, with non-compliance resulting
in specific consequences. Policy enforcement reduces the risk of non-compliance and provides
improved protection to the individual and the organization.
Lastly, policies must be managed. Periodic review and updates to policies are necessary to reflect
new industry practices, technological advances, compliance requirements and security risks. Policies
must reflect the current state and structure of the organization.

DEFINING PROCEDURE
While policies dictate the what, who, and why, procedures specify how a given task should be
performed through direction or guidelines. Procedures are often checklists or step-by-step instructions.
Procedures are the exact instructions on how to accomplish a task. With fluctuations in people,
organizations, duties, opportunities and improvements, procedures often are quite dynamic.
Have you ever seen the phrase “according to the policies and procedures documents that…”? This
is so commonplace that we feel it important to distinguish between the two. A procedure is a specific
sequence of activities that are performed to accomplish an outcome or goal. A procedure dictates
exactly what steps are to be taken to complete the given task.
The level of detail including the review and approval process for policies requires different decision-
makers and levels of authority than procedures. When developing a policy, it is a best practice to
separate procedures from the policy including the document itself. Policies are more general statements
of intent. Policies do change and must be a revised from time to time, but the rate of change is typically
much less than for a procedure document.
Procedures are very much an important part of a process, yet procedures are very specific to the goals
of each organization. As such, we will focus almost exclusively on the specifics of policy building, with
very little information covering specific procedures.

POLICIES AND POLICY MANAGEMENT ARE IMPORTANT


Imagine an organization that does not have policies. There would be no governing rules or regulations
for the employees to follow, or by which to be directed. Employees could be terminated without
understanding why, the organization could be involved in law suits for lack of compliance to government
requirements of all types. From an IT Asset Management perspective, the organization would have no
governing language that allows assets to be controlled and managed.
Without organizational policies, an employee is influenced by their specific executive management, but
has no clear understanding of what it means to be an employee of the organization, or the rules that
apply to all employees. For IT Asset Management, the IT Asset Manager is in the unfortunate
circumstance of attempting to influence the behavior of employees over which that individual does not
have hierarchical authority.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

Policies provide the authority for expectations to be set across the organization. Instead of becoming
the “software police,” the Software Asset Manager becomes the person that helps each individual and
department comply with the rules required by the organization, avoiding enforced penalties.

WHY AND HOW THIS AREA RELATES TO IT ASSET MANAGEMENT


Just as all business behavior in general is based on policies; IT Asset Management specifically has the
need for policies to drive the handling of IT assets and data in general. It is the duty and responsibility of
the IT Asset Manager to drive the development, approval and maintenance of policies with the language
needed for IT Asset Management. Examples of important policy topics for ITAM include:
 No expectation of privacy
 Acquisition of IT assets
 Use of employee-purchased or owned software

BASIC GOALS FOR POLICY MANAGEMENT


IT Asset Managers take responsibility for the development of organizational policies that have the
language required to support all aspects of IT Asset Management. Unlike other professionals, the IT
Asset Manager cannot rely on the human resources and the legal departments to understand the
technology and asset issues, despite their important role as enforcers of organizational policy. Policy
Management is therefore a Key Process Area for IT Asset Management.
IAITAM has defined three goals that are best practices for policy management and for policies to be
successful:
 Effective implementation, including awareness
 Uniform enforcement across policies and within a policy
 Periodic review and update of policies to maintain relevance

BLUE PRINT FOR IT ASSET MANAGEMENT IMPLEMENTATION GOALS


The following chart expands on the basic goals to provide more details on how policies are developed.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

GOAL 1: REQUIRED IT ASSET MANAGEMENT POLICIES ARE EFFECTIVELY IMPLEMENTED


With existing guidelines, and all future policies that may be implemented, it is imperative that:
 Employees understand their responsibilities
 Employees understand why it is beneficial for the organization
 Policies are visible
By knowing the full range of what is expected, the:
 Employees can limit their violations
 Employees can recognize when others are in violation of policies
 Employees understand how to report and respond to recognized violations of established
policies

GOAL 2: POLICIES MUST BE ENFORCED


Policies must be enforced throughout the organization in a way that is:
 Uniform across the organization
 Clearly evidenced through consistent, demonstrable consequences for non-compliance
By enforcing all set policies, the organization ensures that:
 The risk of non-compliance is reduced
 Negotiation potential is increased in non-compliance issues, as well as other legal situations
 The organization and individual employees are protected

GOAL 3: POLICIES ARE REVIEWED AND PERIODICALLY UPDATED


Just as policies are written for a cause, the inevitability of policy change is ever present. Though few
well planned policies are just eliminated, there are times when policies must be amended to suit the
needs of the organization. Each policy change is founded by specific reason. A few examples for the
need for policy update might include:
 Industry trends and changes need to be accommodated
 Technological advancement and legislative changes are addressed
 Changes in the organizational environment are addressed
It is understood that policy changes are for the overall betterment of the organization. Each change will
have a specific impact on some function of a related process. For the IT Management team, a policy
change would most likely equate to:
 New compliance factors being better understood and thereby mitigated (made less severe)

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

PROCESSES REQUIRED FOR EFFECTIVE POLICY DEVELOPMENT AND MAINTENANCE

POLICIES TAKE TIME TO DEVELOP


Setting policies is not an overnight activity. Development has to take into account the environment,
including organizational and cultural expectations, management communication techniques, physical
infrastructure, the processes and topic to be covered, and organizational follow-up. An effective policy
management discipline, like an effective project plan, begins with a scope statement covering the
expectations for the policy.

TEAM APPROACH
Policies begin with a team where understanding and consensus are built about the role of policies and
the need for new policies. The team supports the policy as champions and own the policy effort,
perhaps through development or at least through the preparation of a policy request document for the
policy person within HR (human resources, or personnel department), depending on the organization.
To select the team or to have the team begin to work on ITAM policies consider the following basic
questions:
1. Who should be involved in developing and maintaining policies?
2. What are best practice recommendations for policy concepts that are important to IT Asset
Management?
3. Are there practical approaches and techniques for managing policies, either within the
organization or in best practices?
A team representing the various organizational and perhaps cultural groups follows up on all policy
suggestions and determines if a formal policy or change to a policy is necessary. The same team or
segments of the team may then draft the initial documents. Realistically, there are only a few people in
the organization who draft such documents, but the team members can provide the explanation and
outlined text if that individual is not on the team. The team may gather feedback about the proposed
policy by selectively distributing the document. As the next steps in the development process take
place, this document is modified as many times as necessary.

NEEDS ANALYSIS CRUCIAL STEP TO POLICY DEVELOPMENT


As in all projects, an effective manager conducts a needs analysis to ensure that employee goals and
aspirations are validated or contrasted against organizational requirements. With this clarification, the
policy is outlined. The team evaluates whether a control process can effectively be put in place.
At this step, it is critical to research if the policy already exists, or has existed in the past, within the
organization. Research includes determining how the proposed policy integrates with existing
documents both within and outside the organization. Is the policy aligned with organizational culture?
Will the policy be enforceable? Research may include external sources of policy language.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

POLICY CREATION AND VALIDATION


When the policy language is acquired or an industry standard document is used, it is important to make
sure that the language fits the needs and the organization. When developing policies, being aware of
the organization’s culture and the audience for the policy are critical and overlooked criteria because if
the audience does not understand the meaning and follow the policy, the policy fails. The team has an
important role in validating the policy and the language for the organization, both directly and as
representatives gathering feedback within the organization.

GAINING SUPPORT
Executive management support is critical for the success of policies. If management does not support
and sponsor these documents all the way up to the enforcement of possible penalties, the policies are
an exercise with zero return. Gain visible buy-in up front, before you invest valuable time and expertise
in developing the policy. Without support, drop the policy development project until support exists.
Human resources and the legal departments must also validate the policy, as these departments are the
actual enforcers of organizational policies.
The essential commitments to the policy are:
Executive Management Approval
Executive, management approves the policy topic, language and approves enforcement. Executive
management routinely designates the human resources and legal departments as responsible for
enforcement.
Organizational Role and Authority
An organizational role and team are designated and given authority to implement the ITAM related
policies.
Policy Enforcement
HR and legal have defined and agreed upon enforcement procedures and consequences.

REVIEW AND UPDATE POLICY


Members of the policy development team often include front-line managers as well as the strategic
direction team for IT. Policies teams typically include the people who understand the policy and
execute the processes and procedures associated with that policy. These individuals have the important
task of communicating the original vision of the policy (what), sharing understanding about the
importance of it and defining the organizational need (why). They are also excellent at gathering
feedback and uncovering errors or missing elements.
Policy Management is an ongoing and dynamic process as factors may change the relevance of the policy
language. Once a policy has been accepted, reviewing the process after being in operation for two
months is recommended. If the policy requires adjustment, do so, then re-evaluate again in two months
after the adjustment. If the policy does not require adjustment, the review period becomes
approximately six months. This process could be as simple as a quick review of tech support records to
determine if the policy is being followed. It is important to not over complicate the review or process.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

EVOLUTION OF THE ROLE FOR POLICIES


A common mistake made by the organization is to draft and accept a policy as a finished product. In
fact, policies need to be dynamic documents, less dynamic than procedures, but still impacted by change.
The role of policies has changed within the organization and the organization may not have adapted
policy development and management sufficiently. Considering the following history:

WELCOME TO THE POST-INDUSTRIAL AGE


In the industrial age, workers were categorized by their talents and training. Diverse multi-tasking was
rare and not standard. Workers did not move as readily from one job to another. There were few
rogue employees who ignored rules and regulations, due to societal enforcement as well as fear of job
loss. The result was that employees were relatively well behaved and rule-abiding. Supervisors and
managers worked with smaller units and had the management of the group as their principle job.
In the recent technological past and present, the technical employee emerged as a highly educated,
independent person who does not necessarily value conformity. With rapid changes in technology,
accompanied by rapid societal changes brought on by that technology, organizations have struggled to
get ahead of the changes to create a productive and cooperative environment. The confusion brought
by change and the lack of clear rules has created confusion in what employees are allowed and not
allowed to do. Additionally, workers are now highly mobile, with statistics showing that it is common
for workers to change jobs about every three years. Supervisors and managers are responsible for
larger teams and frequently have a large list of responsibilities in addition to their people management
duties.
The role of policies within in the organization to govern behavior has become much more important.
POLICIES THAT ADDRESS TECHNOLOGY WORKERS
The changing work environment has created the need for a broader scope of policies, including those
for the use of hardware and software. Policies are an important tool for controlling the actions of
people and covering powerful technology options is important. However, it is harder to create good
policies because we cannot presume that every individual within the organization has the same level of
knowledge about the technology that is driving the software policies. Consider a simple example for a
computer software policy:
Employees are not permitted to place any electronic materials, files or software on any organizational
computing device without prior written approval.
Is this policy explicit enough? Does it cover internet downloads, software brought from home, mobile
synchronization software or non-work related graphics? Is it better to list technologies or not?
The policy as shown does seem to include these technologies. The point to be made is being careful to
avoid unnecessary complexity. In its simplicity, the policy above allows little room for any employee
who might want to challenge it with specific details. The fact that the policy does not specifically
mention “MP3” does not lessen the application of the policy to that technology.
Although simplicity in policy language is encouraged, the size, culture and type of industry may dictate
the preferred policy language for your organizational environment.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

In this chapter, the sample policies, suggested structure and techniques for policy development usually
create policies that are more detailed than the example above. The point is that even if the text is
detailed; make sure the information is clear, direct and understandable.
Policies are enforceable statements and not armor coated control mechanisms. Personnel must “buy
in” to policies to follow them, promote knowledge of them and report those that do not follow them.
Along with the technology worker came the increase in legal scrutiny of policies. Policies are
considered legal language and can be used in court cases. Organizations protect from liability with
policies. Legal language should not dominate policies or the battle against complexity is lost. The best
methodology for creating policies that are understandable is to put together a cross functional team for
development and ongoing review.
WHAT ABOUT PROCEDURES
Procedures are the steps to enact the correct behavior as described in policies. Procedures change
more frequently than policies and may also be too complex. Employees have even been known to point
to a procedural handbook and calmly explain that in the time it took them to locate and review a given
procedure, irreparable damage was incurred by a runaway operation. The use of technology (intranet,
automated forms and workflow) are some of the best ways to keep procedures simple and current.
THE POWER OF SIMPLIFICATION
Policies and procedures are necessary and powerful tools within the modern organization. The “simplify
this process” stance is the result of seeing so many policies and procedures fail due to their over-
exuberance.
IT Asset Managers need to be advocates of a controlled environment with documented policies and
procedures to provide guidance. Involvement in policy development is encouraged regardless of the IT
Asset Manager’s level within the hierarchy of the organization.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

OTHER POLICY MANAGEMENT BEST PRACTICES

ENFORCE ALL POLICIES


Policies are of no value if they are not followed and enforced. Effectively implementing policies requires
a process of enforcement and verification. It should be clear to decision-makers in the organization that
the mere existence of policies does not solve ITAM or SAM problems. All policies must be visible,
followed, supported, enforced, and regularly reviewed and updated.

FEEDBACK
A mechanism must exist for employees to register questions and suggestions regarding policies and
receive clarifications and explanations in a timely manner. A practical implementation technique is to
establish a service desk option for policy questions and feedback where any and all policy related issues
and questions are forwarded to the policy owner for explanation and review, and within a defined time-
frame (service level). This technique allows for measurements and the ability to capture issues as well as
requirements that may dictate a revision to an existing policy or perhaps a new policy.

AWARENESS AND VISIBILITY


Requiring a signature is an excellent technique for raising the awareness and visibility of policies.
Employees acknowledge and accept policies through the signature. An annual employee sign-off is the
recommended minimum. New employee and contractor orientation includes training on policies
followed by a sign off on policies.
SAMPLE EMPLOYEE ACKNOWLEDGEMENT
Any person violating any of the foregoing will be subject to appropriate disciplinary action, up to and
including termination. Moreover, the organization reserves the right to forbid the personal use of
corporate IT assets altogether, by some employees or by all employees, at any time, at the sole
discretion of the organization.
I have been trained and received the organizational IT Asset Management policies. I am fully aware of
the organization’s IT Asset Management policies and agree to abide by the policies. I understand that
violation of any of the above policies may result in disciplinary action, up to and including termination.
_______________________ __________________
Signature Date
Human resources: place completed form in employee's file

COMMUNICATING AND EDUCATING ON POLICIES


Policies have to be accessible and understandable. People are also most supportive when the benefits of
compliance are understood and accepted. The organization is committed to developing policies that
include rationale and benefits to both the organization and the employee, in a way that states not only
the “what” but also the “why.” Since employees need to understand the rationale and benefits of each

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

policy, the Hardware or Software Asset Manager is responsible for communicating policy information
and how it relates to their work. The communication plan for the education includes at a minimum why
each policy exists, the benefits that result from the policy and also the risks and costs associated with
not having or complying with the policy.

POLICY INTEGRATION DURING MERGERS AND ACQUISITIONS


Organizational policies are most likely part of the due diligence (required research) prior to a merger or
acquisition. The policy team and the process may change because of the change in the organization.
With direction from executive management, the Hardware and Software Asset Managers may review
and integrate asset management policy language when the organizational change is legally complete. If
the other set of policies has strengths, consider using the organizational change as an opportunity to
strengthen the SAM program.
If the other organization has weak policies, schedule random audits as soon as possible to assess the
risks in the newly acquired hardware and software portfolio. Software publishers and compliance
agencies read the business news and a merger or acquisition may trigger an audit. Hardware Asset
Managers may uncover security and disposal issues that require prompt action.

SELF-ASSESSMENT AND ACTION PLANNING


What is the most effective way to get started with Policy Management? IAITAM has assembled the
following policy assessment questions and statements to help determine the strengths and weaknesses
in an organization. Our suggestion is to conduct an interview with a number of individuals in IT,
procurement, finance, legal, and in the various end-user communities. Make sure to include contract
employees or visitors in the scope of the audit. The results of the assessment help define a focus for
ongoing improvements. The following list is a guide to self-assessment and action planning.
1. Review a complete list of all IT-related policies.
2. Review sample policies related to ITAM.
3. Determine who in the IT organization is authorized to develop and review policies.
4. Does executive management approve proposed policies?
5. Have the human resources and legal departments defined and agreed upon enforcement of
policies and proposed consequences?
6. Do employees understand, acknowledge and accept policies?
7. Is there an ongoing process to ensure that employees understand and comply with policies?
How is this determined? Are spot-checks or surveys conducted? Is this a planned IT audit
responsibility?
8. What is the process for new hires to ensure understanding and acknowledgement of
corporate policy? Does this extend to contract employees, visitors and partners who may
have access to corporate IT assets?
9. Do corporate policies address the what, why, and when applicable, who? Review specific
examples to assure.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

10. Do employees understand the rationale and benefits of each policy?


11. How are policy changes handled during mergers and acquisitions?
12. Are policies visible and located in one convenient intranet or binder location?
13. What do employees do if they have a question or concern regarding a policy? If there is a
question, how is it addressed? Is this performed in a timely and satisfactory manner, from
the employee’s perspective? It is very important for the Asset Manager to satisfy the
employee’s needs in this respect.
14. How often are policies reviewed and revised?
15. How is policy enforcement verified?
16. Is enforcement uniform? What consequences are applied?
17. What percentage of employees review and sign-off on policies annually?

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

DEFINING THE REQUIRED CONTENT AND STRUCTURE FOR A POLICY


Use the following structure to develop complete documentation for a policy. Incorporate information
from this structure into the policy language that, once reviewed and accepted, will become the official
policy. Preserving this level of detail is helpful during reviews, revisions and for the development of
future policies.

Organization Name, Issue Date, Revision Date


Policy Statement
A clear and concise statement of what this policy governs or specifies. Be as specific as appropriate.
Purpose of the Policy
These statements are the rationale for the policy. In this section, explain the reasons for having the
policy and describe the benefits that result, and the risks that are mitigated. This purpose identifies the
why.
Overall Accountability
Who is the ultimate authority for this policy? This person is the Policy Owner. Example: “The Vice
President and Chief Information Officer (VP & CIO) is responsible for issuing, updating and monitoring
compliance with this policy.”
Scope of the Policy
How far reaching is the policy, and who does this policy concern?
Definitions
If necessary, specific terms or concepts are defined to ensure that everyone is able to have a common
interpretation.
Standards
Define what standards are developed or referenced in support of the policy. Provide enough detail to
describe the standards.
Implementation
Describe how the policy is to be implemented and enforced. Implementation includes initial plans as
well as awareness and enforcement plans over time.
References
This area contains a description of other organizational policies, standards, processes, procedures or
documents that are related to this policy and are required for compliance.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

RECOMMENDED POLICIES FOR IT ASSET MANAGEMENT


In this section, a list of policy topics is provided, including hardware and software topics since each is
strongly influenced by the other. The policy topics are listed separately for clarity, although many
organizations write policies that cover more than one of these areas such as “Software Usage” or “Lost
of Stolen Property.”

Scope and Authority for Management of IT Assets


This policy communicates the authority of the IT Asset Manager, and demonstrates the importance of
the IT asset program and/or business unit.
End-User Usage Policies for Computing Devices, Including Desktops, Laptops and PDAs
This policy demonstrates what the individuals using computing devices may and may not be permitted to
do. This policy is designed to protect the organization which is ultimately responsible for actions that
may be taken by the end user. This policy will also outline disciplinary actions in the event that an end
user breaches the policy.
Contracting and Compliance Authorization
The contracting and compliance authorization policy defines a clear and consistent statement of
requirements and hierarchical authorization for acceptance of agreements and also for acceptance of
compliance-related documents. This policy must be concise in addressing the types of documents within
the scope addressed. Best practice is to maintain a centralized process for recording of all documented
authorizations and acceptances.
Computing Hardware Acquisition
This policy standardizes the acquisition process throughout the organization which provides additional
control over the portfolio of hardware assets.
Software Acquisition and Installation
This policy standardizes the acquisition process throughout the organization which provides additional
control over the portfolio of software and the installation process for software.
Software Code of Ethics
Software code of ethics states what is expected from the software users of the organization’s software
purchases.
Anti-Piracy and Copyrights
Anti-piracy and copyright policy educates the users on the legislated regulations covering copyright
protected pieces. This policy outlines the penalties for violations.
Supported Hardware and Software Standards, Approved Alternatives and Exception
Management
This policy dictates the use of standards and informs about the existence of an exception process.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

Maintenance Standards
This policy outlines the maintenance standards of the organization, including what should be covered by
maintenance and any exceptions to these standards.
Vendor Communication Policy
The vendor communication policy describes the rules for communicating with third parties, including
the roles permitted to communicate with vendors within the organization and what they are authorized
to discuss.
Use of Internet and Other Electronic Communication Facilities
This policy dictates internet usage including access to certain types of sites such as social media, chat
rooms and shopping carts as well as personal usage in general. Rules concerning emails such as explicit
messages, bullying and sexual harassment are also covered under this policy.
Response to External Audit Requests
This policy outlines the response to external audits, specifically the roles involved in these audits, the
existence of audit response teams, and the special communication rules that applied during an audit.
Removal of Illegal Software
This policy educates users on the authority of the organization to remove any software product or
other digital file from their environment that does not meet the standards or cannot be proven as legally
purchased.
Internal Audit
The internal audit policy educates employees on the purpose, process and authorities of individuals who
perform internal audits.
Loss Prevention
This policy authorizes the process for any type of loss within the organization. This policy also dictates
how, where, when, and by whom the hardware and software may be used and transported outside of
the organization.
Asset Disposal
This policy authorizes the disposal program, specifying legal compliance. This policy dictates the security
of information during the disposal process. It outlines required documentation.
Telecommuting (Work at Home) Policy
This policy covers any work-at-home provision that allows or requires employees to conduct work at
home using the organization’s software and hardware IT assets. This policy states that special permission
for software to be loaded and for hardware changes is required.
Data Management, Backup and Recovery
This policy describes the data management, back-up and recovery required and how often.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

Use of Removable Storage Devices


This policy describes the rules for use of removable storage devices on the organization’s equipment on
organization property and outside the organization. The policy describes the security and loss
prevention rules and ramifications of inappropriate use.
Policy Notification and Acceptance
This describes policy development rules and the requirement for formal acceptance.
Vendor Management – Negotiation Policy
This policy defines acceptable and unacceptable negotiations.
Use of Trial-use, Promotional and Donated Software
This policy defines permission (or lack of permission) to install, use or remove “free” software. This
policy describes who is permitted to patch and fix software.
Loaned Equipment Policy
This policy explains if loaned equipment may be used.
Document Management Retention Policy
This policy covers the retention of IT asset documentation and relates it to other organizational
retention policies as appropriate.
Wireless Device Policy
This policy presents the rules for wireless devices, either provided by the organization or personal
equipment. Security of the devices and the data on them is discussed in this policy.
Privacy of Information
This policy states that there is no expectation of privacy on the organization’s equipment and network
including internet usage.

THE BOTTOM LINE FOR IT ASSET MANAGEMENT


The more complex the organization, the more complex the policies tend to become. If policies are
complex, the acceptance is lower and the opportunity to guide behavior is equally lowered.
Executive management support and personal adherence to policies makes a huge difference in policy
compliance.
Do not assume awareness and understanding of SAM policies. Frequent educational efforts are
required, even in a high-tech organization.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

ITAM Foundations
SECTION 2 – ITAM UNIFYING FRAMEWORK

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

CORE FUNCTIONAL AREAS

FUNCTIONAL AREAS DIAGRAM

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

PROGRAM ADMINISTRATION
The ITAM program consists of 12 Key Process Areas (KPA), each KPA having multiple relationships and
dependencies with one another. By using the 12 KPAs to build a program, the IT Asset Manager
captures the basics of all the activities necessary in the management of assets. However, in order to
build a program that is the most beneficial for the organization, understanding and mapping these
relationships and dependencies decreases the barriers to success.
The mapping provided in this course describes how the relationships and dependencies are relevant to
one another, and why. Each area is mapped with controls, enables, or supports. Control is utilized
when a KPA has direct impact on another KPA’s success. Enables is used to describe when a KPA assists
in another KPA’s success and the use of support is seen when functions or tasks of one KPA assist in
the success of another KPA.
To begin the analysis by Key Process Area, the three KPAs of Program Management, Project
Management and Policy Management are defined. In the following sections, KPAs are presented in
alphabetic order, with the relationships with other KPAs presented beneath as examples. Compliance
Management and Legislation Management are presented together at times in this section to remove
some complexity.
Program Management processes maintain the vision for the entire ITAM initiative ensuring that changes
to one KPA can be supported by all other KPAs. Feedback, in the form of information collected by
various tools and measurement, is provided to the program so that improvements, adjustments and
corrections can be made in a controlled fashion. It is for these reasons that the Program Management
process is the foundation for all KPAs and therefore controls, enables and supports the successful
deployment of all others.
Program Management processes are the centralized area for managing the information throughout all
phases of the IT Asset Management program. ITAM must be developed and maintained as an on-going,
centralized program without an end, thus ensuring that all relevant activities are integrated, processes
are established, strategies, mission statements, objectives, measurements and prioritizations occur in a
coordinated fashion. The Program Management processes also include conception to grave (and
beyond) information management of the individual assets. Successful programs focus on the
development of efficient processes that are centralized, standardized and repeatable.

SOFTWARE ASSET MANAGEMENT


Software Asset Management is the set of business practices that support the use of software for an
organization in a responsible and productive way. These business practices are used to achieve many
goals for the use of the software, including customer satisfaction, cost effectiveness, risk reduction,
strategic planning, and decision support. These practices frequently involve assessing how and why
software traverses the organization. Software Asset Management is not simply a compliance program
and to begin SAM practices with that expectation is a mistake. The threat of audit seems to pass and
the commitment to the policies, processes and procedures slips away as executive management focuses
on the next crisis. If the single purpose of the program is to find savings, a similar saga of lost
commitment can happen. Short term savings are often quite large at first, particularly if the project
starts with a previous untapped invoice reconciliation process. Maintaining a specific level of savings is

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

also an untenable expectation unless cost avoidance is the criteria. The better the Software Asset
Management practices function, the fewer the opportunities to make costly mistakes.
Software Asset Management is now considered a requirement by many organizations, with Software
Asset Managers viewed as important contributors to organizational goals such as reducing risk,
increasing accountability, uncovering savings and gaining control of the organization. To be a success,
the Software Asset Manager must do more than implement the business practices of software asset
management and include the business goals in the evaluations of decisions, processes, and vendors.
Whether the SAM practices are fully developed, partially in place, or the practices are just beginning, the
Software Asset Manager has to become an analyzer as well as an action-taker. The Key Process Areas
(KPAs) are a useful framework for the Software Asset Manager. Analysis begins within a KPA and then
expands outward as the relationships between KPAs are examined. By focusing on one KPA as the
center of the project and then analyzing the others regarding their impact on that central KPA, a
complete and robust picture of Software Asset Management is developed. This approach is a powerful
method for initiating SAM or expanding the capabilities and deliverables expected from software
management.
This analysis approach does not change how goals are developed or implemented. Goal development
includes IT goals, IT asset management goals, organizational goals, as well as addressing business drivers
and opportunities that arise. The importance of each provides the prioritization for the issues
uncovered by the analysis.
Additionally, it is an accepted practice to implement changes and new processes found during the
analysis that are not directly related to the long term goals. Quick successes are sometimes discovered
by following the lifecycle of software to identify and eliminate compliance risks and unnecessary
expenditures. This course is designed to impart best practices for managing the lifecycle of assets,
focusing on the issues surrounding software compliance, developing tactical and strategic decision
support and identifying savings to fund ongoing programs.

HARDWARE ASSET MANAGEMENT


Hardware Asset Managers and others involved in the IT Asset Management program often discuss the
challenges to implementing any type of IT Asset Management program such as politics and influencing
the behavior of individuals in any department and at any level in the organization. Without executive
buy-in, policies, funding, and tools implementing an IT Asset Management program is slow and at risk for
poor results.
 Strategies for eliminating road blocks and creating champions include:
 Communicating how Hardware Asset Management helps achieve organizational, departmental
and budgetary goals
 Defining Hardware Asset Management processes so that the services create satisfied customers
and solid financial benefits
 Relating Hardware Asset Management to the organization’s policies so that cooperating is in
everyone’s best interests

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

 Automating processes so that data is collected in a repeatable and sustainable manner. Data is
the source for analysis, verification and results reporting that creates value beyond Hardware
Asset Management
These strategies are powerful tools even in difficult situations because they develop common
understanding and direct value to the employees. With the unique mix of positive and negative
influences, the choice of strategy may differ depending on the situations created by those influences.
For instance, in policy-driven organizations, defining policies regarding the use of hardware assets
creates the commitment and cooperation to implement and continually improve the management of
hardware assets. In other organizations, policies are a road block because policies are poorly
understood by the employees. In this case, the plan to influence behavior may take additional steps such
as educating employees that polices are a legal way to hold employees accountable for their actions, and
that change is sometimes slow in this area, is the first step to getting past this hurdle.
In another organization, the Hardware Asset Manager may have little control or influence on
organizational policies. In this case, the Hardware Asset Manager has to seek out other methodologies
for building a program that can be communicated. One methodology is the development of standards.
Standards are not policies and policies are not standards. Standards set the expectation for how a
process is done or the set of choices that are permissible. Where policies must be approved and
accepted, standards develop from the projects that define processes and the procedural steps necessary
to achieve the specific goal. Standards are important to the ITAM Program because they create
boundaries, improve performance, allow for performance to be measured, and can be backed by policies
when the opportunities arises within the organization.

MOBILE ASSET MANAGEMENT


Mobility management entails the process by which an organization can adapt the traditional physical
work setting to the changing paradigm of how Information technology is being leveraged. Mobility
management allows organizations not only to benefit by increased productivity and flexibility of its
workforce but must also mitigate the security risk of a mobile computing environment. When left
unmanaged, mobility can pose severe risk to the organization, the protection and integrity of the
information, increase financial cost of managing assets, and splinter the focus of the entire IT department
as it pertains to trouble-shooting the assets.
Mobility refers to any device that is designed with a smaller footprint to leverage increased accessibility
and portability, requires an increased and unprecedented amount of integration and reliance upon the
ISP. Mobility also causes reassigning helpdesk services away from a centralized IT department and places
more of that responsibility on the end user.
Mobility Asset Management is the discipline of controlling all devices that are easily transported and have
access to alternative application. Mobility Asset Management allows for strict controls to secured data,
applications and people. Furthermore, it is the responsibility of mobile asset management to ensure the
organization mitigates risks for a breach of information and asset security.
The mobility management process needs to ensure that any devices that can be easily transported and
has access to alternative applications and cannot be locked down and are in line with the goals and
policies of the organization. Mobility management should communication with all other key process

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

areas within the ITAM Program to ensure that all process work in conjunction with each other and the
goals of the organization while minimizing risk, increasing productivity, and solid financial outcomes.
IAITAM has defined six core goals as part of the best practice for the Mobility Process:
1. Develop and Maintain a Mobility Security Process
2. Develop and Maintain Accurate Asset Tracking
3. Develop, Maintain and Communicate Mobility/BYOD Policies
4. Develop and Maintain Documentation Tracking
5. Develop and Maintain Mobility Standards
6. Create a Focused Help Desk Ensuring Inclusion of Mobile Asset Management

ASSET DISPOSAL MANAGEMENT


IT Asset Management (ITAM) includes the processes to manage IT assets from initial requests, through
the periods of use and the assets’ final disposition within the organization. Final disposition is basically
the end state for the device such as resold, destroyed and recycled. The significant cost of IT, the risks
to the organization associated with IT assets and their important role in the success of the organization
offer strong justifications for an ITAM program. No aspect of the IT asset’s life in the organization is
exempt from this management, including the final disposition.
The final disposition of an IT asset is a significant contributor to goal achievement if disposition includes
the rigorous process management required. For instance, the ITAM goals are met if the data and
software on an asset is securely removed and the hardware disposed of properly. Proper disposal does
not include treating an IT asset as trash for a landfill. In the recent past, IT assets, along with other
electronics, were simply placed in the dumpster. Changing this undesirable result began with the
recognition that vast numbers of IT and electronic items were being disposed each year and that the
volume was growing substantially year over year. The toxic materials in electronic equipment raised
awareness of the impact to the environment, which in turn has led to legislation and restrictions in
countries across the globe. The demand for proper disposition vendors as well as the potential revenue
from reclaiming valuable elements and components created a surge in organizations offering disposition
choices.
Data security is a significant driver for diligence at the end of the life cycle of electronic devices. In
addition to environmental protection and recycling regulations, compliance with patient confidentiality,
organizational financial responsibility and privacy all influence the attention final disposition receives.
However, destruction of data and software is only one half of the responsibility.
The infrastructure, technology and knowledge necessary for proper disposition is still growing and
changing. There are a significant percentage of electronic devices that still end up in landfills.
Untrustworthy disposition vendors still skirt commitments and laws in order to dump assets in a landfill,
ship devices elsewhere for dumping or to extract components without adequate health and safety
protection. Globally, legislation and the enforcement of it are inconsistent and incomplete in coverage.
Issues with funding, responsibilities and practical enforcement remain to be worked out. The
international trade in used electronics is a lightning rod for the disposition industry and government

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

agencies since it is extremely difficult to separate the appropriate resale shipments from electronics
being dumped.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

KEY PROCESS AREAS


Core ITAM processes focus on the value and establishment of the overall ITAM program including the
creating and communications of the necessary ITAM policies. Core processes also include organizational
education, and a forward looking roadmap that aligns the program activities.
 Program Management
 Policy Management
 Communication & Education
Operating ITAM processes center on the physical and contractual work that must be done, including
framing up the asset acquisition process, tracking assets through their life cycle within the organization,
and the end of life cycle disposition of assets as they are removed from the environment.
 Acquisition Management
 Asset Identification & Tracking
 Disposal Management
 Documentation Management
Controlling ITAM processes bring together the constraining elements of ITAM, including project
management, financial management, vendor management, and the all-important compliance elements of
an ITAM program.
 Project Management
 Financial Management
 Vendor Management
 Compliance & Legislative Management

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

CORE PROCESS - PROGRAM MANAGEMENT


The business practices of ITAM are rarely contained within a single area or department of an
organization. With the pervasiveness of IT technology into almost every job function, the “customers”
for IT Asset Managers include almost every person in the organization. IT assets are costly, which
makes them precious and contested resources. Rather than allowing these issues to hamper IT Asset
Management success, the IBPL embraces these issues by defining IT Asset Management as a core
competency for the organization.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

Instead of being limited by the aspects in a job description or a department, consider instead developing
a “program,” or a business infrastructure including processes, policies, roles, procedures and
documentation. Program Management is the set of processes that are required to build, maintain and
monitor the ITAM core competency. Using the Program Management processes, ITAM is resilient to
change and reorganization, providing an organization-wide view into IT assets. Developing a program is
the first step in successfully building IT Asset Management processes that deliver over time.
Program Management is a Key Process Area in the IAITAM Best Practice Library, serving as the
centralized point from which to define, implement, control, and monitor as well as market the value and
successes from IT Asset Management.
Building an ITAM program includes defining a mission, overall strategies and objectives, developing
measurements and prioritizing IT Asset Management efforts within an organization. The ITAM program
is the centralized process by which all activities are defined, implemented, controlled and monitored. A
mission statement communicates what the program does, the importance of the ITAM team, and what
value is delivered to the organization. It is absolutely critical that the mission statement accurately
conveys the program’s purpose to the executive team to gain their confidence and buy-in.
The overall strategy and objectives define the roadmap which supports the mission of the ITAM
program. The strategy and objectives state the path to a successful ITAM program while reflecting the
business needs of the organization.
Measurements provide feedback to determine the effectiveness of the ITAM program. This feedback
assists the IT Asset Manager in determining the strengths and weaknesses of the ITAM program,
enabling adjustments specific to the needs of the organization.
The IT Asset Manager also prioritizes IT Asset Management projects and tasks based on business drivers
(such as cost savings, risk mitigation, innovation) of the organization. The IT Asset Manager ultimately
prioritizes the projects and tasks related to the ITAM program based on a balance of business drivers, IT
goals and IT Asset Management goals. Communication is essential for gathering the information to
prioritize as well as relating how ITAM helps achieve goals. The IT Asset Management program can
make a positive difference in all business drivers of the organization.

CORE PROCESS - POLICY MANAGEMENT


Just as all effective business is conducted on a base foundation of policies: IT Asset Management must
also utilize policies to achieve set goals. All the same rules apply, due to the fact that the IT department
is in fact a business entity that is regulated and directed by policy. It is the duty and responsibility of the
IT Asset Manager to act as one of the entities that together with other organizational leaders will
collectively initiate, enact, and enforce the policies for the betterment of the organization.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

The Policy Management Process is the defining set of documents which governs all Key Process Areas
and the behavior of employees within each of those processes. The Policy Management Process is the
creation, maintenance, and dissemination of the policies that define the scope of the IT Asset
Management processes executed by the organization.
The Policy Management Process Controls, Enables and Supports all other Key Process Areas by defining
the scope and objectives of the IT Asset Management Program. The scope and objectives are defined by
the rules and regulations of the governing bodies such as countries, states and local municipalities as well
as the organization’s own policies.
The dependencies between key process areas within the ITAM program rely on tasks being performed
and completed by each KPA. These individual tasks will enable the other KPAs to function in a valuable
manner bringing value to the organization. In the following section, we will look at how Policy
Management dependencies, relationships, and task affect the other key process areas within the ITAM
Program.
The Policy Management Key Process Area maintains a direct interface with the Acquisition Management
Key Process Area that will define the scope and objectives necessary for the most effective acquisition
of all IT assets. The scope and objectives are defined by the rules and regulations of the governing
bodies such as country, state and local municipalities as well as the organization’s own policies. Policy
Management will receive policy requirements from Acquisition Management which are designed to
restrict acquisitions of IT assets to only the IT Asset Management group, preferably, Acquisition
Management. Policy Management has other key responsibilities such as providing strict process for
creating and managing policies for all Key Process Areas and providing oversight of all IT Asset
Management related policies. Some notable aspects of the oversight include identifying overlap with
other policies, combining policies from multiple Key Process Areas to ensure consistency, identification
of duplicated policies, and defined separation of policy from procedure.
The Policy Management Key Process Area helps to identify the necessary guidelines for the Asset
Identification Management Key Process Area by defining the scope and objectives of the Asset
Identification process. The scope and objectives are in part shaped by the rules and regulations of the
governing bodies such as country, state and local municipalities as well as the organization’s own
policies. Policy Management will receive policy requirements from Asset Identification Management

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

which will be instrumental to providing strict process for creating and managing policies for the Asset
Identification Management Key Process Area and for providing oversight of all IT Asset Management
related policies. Some notable aspects of the oversight include identifying overlap with other policies,
combining policies from multiple Key Process Areas to ensure consistency, identification of duplicated
policies, and defined separation of policy from procedure. Policy Management will also receive
environmental requirements from the Asset Identification Management Key Process Area which will
include the unique asset identifiers that will serve to identify assets throughout their lifecycle and can
provide physical location and the type of asset that is driving the policy requirements.
The Policy Management Key Process Area will maintain a strong and necessary relationship with both
the Compliance Management and Legislation Management Key Process Areas. The relationship between
these Key Process Areas is mandatory for compliance purposes. Policy Management will receive policy
requirements from Compliance Management which will be instrumental in providing strict policy
guidelines for maintaining compliance and for providing oversight of all IT Asset Management related
policies. Some notable aspects of the oversight include identifying overlap with other policies, combining
policies from multiple Key Process Areas to ensure consistency, identification of duplicated policies, and
defined separation of policy from procedure. Legislation Management will supply current and proposed
legislation that must be understood and followed when creating policies to achieve compliance. The
scope and objectives of the organization are defined by the rules and regulations of the governing bodies
such as country, state and local municipalities as well as the organization’s own policies.
The Policy Management Key Process Area must maintain a strong relationship with the Disposal
Management Key Process Area to ensure that proper disposal practices are maintained by means of
policy guidelines. Furthermore, Policy Management defines the scope and objectives of the entire IT
Asset Management Program. The scope and objectives are to some degree controlled by the rules and
regulations of the governing bodies such as country, state and local municipalities as well as the
organization’s own policies. Policy Management will receive policy requirements from Disposal
Management which is instrumental in providing strict process for creating and managing policies for the
Disposal Management Key Process Area and for providing oversight of all IT Asset Management related
policies. Some notable aspects of the oversight include identifying overlap with other policies, combining
policies from multiple Key Process Areas to ensure consistency, identification of duplicated policies, and
defined separation of policy from procedure. Additionally, Policy Management will receive policy
requirements from Disposal Management pertaining to the environmental requirements for disposal
such as the proper tracking methods used to follow the path and final disposition of disposed assets.
The Policy Management Key Process Area maintains a strong need for the existence of the
Documentation Management Key Process Area because of Documentation Management’s guidelines and
personnel access controls. Policy Management also maintains a direct relationship with all other Key
Process Areas in that it defines the scope and objectives for the entire IT Asset Management Program.
The scope and objectives are to some degree defined by the rules and regulations of the governing
bodies such as country, state and local municipalities as well as the organization’s own policies. Policy
Management will provide written policies to Documentation Management that will specify guidelines
such as which documents must be in paper format and which documents can be in electronic format, as
well as protocol for access determination; permissions for who can access information, when and
where.
Policy Management will also receive policy requirements from all other Key Process Areas which is
instrumental in providing strict process for creating and managing policies for the organization and for

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

providing oversight of all IT Asset Management related policies. Some notable aspects of the oversight
include identifying overlap with other policies, combining policies from multiple Key Process Areas to
ensure consistency, identification of duplicated policies, and defined separation of policy from procedure.
The Policy Management Key Process Area has a direct relationship with the Financial Management Key
Process Area mainly because of the need of policies concerning mandated financial directives. Some of
the specific information supplied by Financial Management includes legislation requirements that in part
include Sarbanes-Oxley requirements and best practices in accounting. Policy Management also
maintains an active relationship with all other Key Process Areas to further define the scope and
objectives of the entire IT Asset Management Program. The scope and objectives are to some degree
defined by the rules and regulations of the governing bodies such as country, state and local
municipalities as well as the organization’s own policies. Policy Management will receive policy
requirements from all other Key Process Areas which is instrumental in providing strict process for
creating and managing policies for all Key Process Areas and for providing oversight of all IT Asset
Management related policies. Some notable aspects of the oversight include identifying overlap with
other policies, combining policies from multiple Key Process Areas to ensure consistency, identification
of duplicated policies, and defined separation of policy from procedure.
The Policy Management Key Process Area supplies written policy to the Vendor Management Key
Process Area concerning appropriate protocol and communications for vendor relations while
maintaining a direct relationship with all other Key Process Areas within the organization. Policy
Management helps to define the scope and objectives of the entire IT Asset Management Program using
a summation of the rules and regulations of the governing bodies such as country, state and local
municipalities as well as the organization’s own policies. Policy Management will also receive policy
requirements from all other organizational Key Process Areas which will help in providing strict process
for creating and managing organizational policies and for providing oversight of all IT Asset Management
related policies. Some notable aspects of the oversight include identifying overlap with other policies,
combining policies from multiple Key Process Areas to ensure consistency, identification of duplicated
policies, and defined separation of policy from procedure.
The Policy Management Key Process Area has a direct and vital relationship with both the
Communication Management and Education Management Key Process Areas. Policy Management will
receive policy requirements from Communication and Education Management including the types of
training that is deemed most acceptable, and the communication paths that are designed to be most
efficient and reliable. Working policies will be generated to best meet those needs. Policy Management
interfaces with all other Key Process Areas to define the scope and objectives of the entire IT Asset
Management Program. The scope and objectives of the organization are defined in part by the rules and
regulations of the governing bodies such as country, state and local municipalities as well as the
organization’s own policies. With input from all organizational Key Process Areas, Policy Management
will be able to create a strict process for creating and managing policies for the organization and provide
oversight of all IT Asset Management related policies. Some notable aspects of the oversight include
identifying overlap with other policies, combining policies from multiple Key Process Areas to ensure
consistency, identification of duplicated policies, and defined separation of policy from procedure.
The Policy Management Key Process Area has a direct and close-working relationship with the Project
Management Key Process Area due to the need of many policies in written format specifying how
information within the projects will be handled, designation of who has access, what is allowed to be
shared outside the project team, and how projects are going to be most effectively communicated.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

Project Management and Policy Management interface with all other Key Process Areas and work in
conjunction to define the scope and objectives of the entire IT Asset Management Program. The scope
and objectives of the organization are defined in part by the rules and regulations of the governing
bodies such as country, state and local municipalities as well as the organization’s own policies. Policy
Management will receive specific policy requirements from all other Key Process Areas which is
instrumental in providing strict process for creating and managing policies for the organization and for
providing oversight of all IT Asset Management related policies. Some notable aspects of the oversight
include identifying overlap with other policies, combining policies from multiple Key Process Areas to
ensure consistency, identification of duplicated policies, and defined separation of policy from procedure.
The Policy Management Key Process Area produces the defining set of documents which governs all
Key Process Areas and the behavior of all employees within each of those process areas. With
necessary input and guidance from the Program Management Key Process Area, the Policy Management
Process also constitutes the creation, maintenance, and dissemination of the policies that define the
scope of the IT Asset Management processes executed by the organization. The Policy Management Key
Process Area has a direct relationship with all other Key Process Areas in that it defines the scope and
objectives of the organization’s IT Asset Management Program. The scope and objectives are defined by
the rules and regulations of the governing bodies such as country, state and local municipalities as well as
the organization’s own policies.

CORE PROCESS - COMMUNICATION & EDUCATION MANAGEMENT


Communication and education are in fact two separate Key Process Areas, yet their functions are so
closely related to one another, they are often combined for the purposes of brevity and simplicity. We
will though differentiate the specific functions of each of these Key Process Areas whenever necessary.
Communication is the process that by means of a commonly understood language, information and ideas
can be effectively imparted between entities. Education encompasses the process of teaching and
learning specific skills, tasks, processes, etc. Education is also the imparting, and acceptance of
knowledge; all made possible by means of the communication process.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

Communication will facilitate the knowledge necessary to help others within the organization to
understand what needs to be accomplished for effective management of an organization’s IT assets.
Communication also helps in the understanding of overall needs concerning others within an
organization.
When others are educated from the beginning in the need for ITAM, the procedures set forth, and how
it will afford positive outcomes, most people will be much more positive about working for change,
rather than to reject it. This, along with communication, will make the employee’s job much more
enjoyable and will have a positive influence on the organization as a whole.
Deployment of Best Practices for IT Asset Management will involve many people. ITAM processes
generally encompass more than a single department and thus communication becomes critical to
ensuring that processes and plans are executed correctly. The Communication and Education Key
Process Area is key to a successful enterprise-wide ITAM program
The dependencies between key process areas within the ITAM program rely on tasks being performed
and completed by each KPA. These individual tasks will enable the other KPAs to function in a cohesive
manner bringing value to the organization. In the following section we will look at how Communication
& Education dependencies, relationships, and tasks affect the other key process areas within the ITAM
Program.
The Communication and Education Management Key Process Areas have an indirect yet necessary
relationship with the Acquisition Key Process Area, used primarily on an “as needed” basis. Clearly,
Communication Management is used whenever Acquisition Management provides or receives
information related to the acquisition of IT assets.
Acquisition Management will also use Education Management when training is involved and related to
the processes within Acquisition Management.
The Communication and Education Management Key Process Areas have very much the same indirect
yet necessary relationship with the Asset Identification Management Key Process Area as they have with
Acquisition Management. Asset Identification Management will use Communication Management
whenever specific Asset Identification information needs to be communicated to other Key Process
Areas, and vice-versa. Education Management will be used when training is needed and is related to the
processes within Asset Identification Management.
The Communication and Education Management Key Process Areas have an indirect relationship with
the Disposal Management Key Process Area. Disposal Management provides and receives
communications relating to Disposal Management, to and from other Key Process Areas via the
Communication Management Process. Education Management will serve to educate other Key Process
Areas with the specific processes and necessities of Disposal Management.
The Communication and Education Management Key Process Areas have an indirect relationship with
the Documentation Management Key Process Area. Documentation Management will communicate
access requirements and restrictions to the appropriate entities via Communication Management, and
will use Education Management to impart the appropriate guidelines of use to all Key Process Areas.
The Communication and Education Management Key Process Areas share an imperative relationship
with the Financial Management Key Process Area. The communication of financially related asset
information must flow freely between Financial Management and most other Key Process Areas, and is

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

reliant upon the Communication Management Process to achieve this function. Education Management
would be used on occasions when related financial training for personnel would be necessary.
The Communication and Education Management Key Process Areas have a strong and direct
relationship with the Project Management Key Process Area through effective project communications
and change management directives during the life of the project. Constant multi-directional
communication is necessary via Communication Management at all times, with the Education
Management Key Process Area utilized whenever training opportunities surface.
The Communication and Education Management Key Process Areas have an indirect but necessary
relationship with the Vendor Management Key Process Area. Vendor Management provides and
receives communications to and from other Key Process Areas that are relevant to the Vendor
Management Process. Education Management will be utilized as necessary for Vendor Management
training purposes for involved personnel.
The Communication and Education Management Key Process Areas have a strong and necessary
relationship with both the Compliance Management and the Legislation Management Key Process Areas.
This is seen in the compliance directives conveyed by Communication Management, and the current and
proposed legislation mandates afforded by Legislation Management through Education Management.
The Communication and Education Management Key Process Areas have a strong and necessary
relationship that is quite beneficial to the Policy Management Key Process Area. Communication
Management will act as the conduit for information exchange between Policy Management and all other
Key Process Areas, while Education Management will act as the instruction entity concerning the proper
dissemination of organizational policies.
The Communication and Education Management Key Process Areas have a relationship with the
Program Management Key Process Area that must exist at all times to provide effective communication
and education of the entire IT Asset Management Program throughout the organization. The
information that needs to be imparted will include program goals, accomplishments, procedures and
objectives. The Communication Management Key Process Area will interface with all other Key Process
Areas to receive specific communication requirements from each individual Key Process Area such as
the frequency of communication; should the communication be scheduled annually, quarterly, or one
time such as upon hire? Methods of communication must be established such as the use of email,
website, webinar, classroom training or one-on-one training. Communication Management must provide
the communication channels throughout the organization for all Key Process Areas to leverage existing
channels such as Human Resources and Marketing, and to create new channels of communication that
might be in the form of an IT Asset Management newsletter, posters, or presentations at employee
meetings.

ACQUISITION MANAGEMENT
The IT Acquisition Process Area is the gatekeeper for the application of all IT Asset Management
strategies determined by your organization, including policies, standards and life-cycle processes. An
effective IT acquisition process empowers the rest of your IT asset program by applying process,
determining pathways for exceptions and generating the initial records for the IT assets before

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

acquisition is even complete. The goal of IT acquisition is to acquire the IT assets that are required by
the organization, in the most cost-effective and productive manner for the organization.

IT Asset Acquisition Process empowers the IT Asset Manager to function in an effective manner, while
obtaining the best value of all IT assets needed within the organization. IT acquisition includes
requirements verification and selection criteria, formal product reviews and selection, approval process
and sign-off, vendor negotiations and contract development processes.
The IT Acquisition Key Process Area is the gatekeeper for the application of all of the IT Asset
Management strategies determined by your organization, including policies, standards and lifecycle
processes. An effective IT Acquisition Process empowers the rest of your IT Asset Management
program by applying processes, determining pathways for exceptions and generating the initial records
for the IT assets before acquisition is even complete. The goal of the IT Acquisition Process is to acquire
the IT assets that are required by the organization in the most cost-effective and productive manner for
the organization.
The dependencies between key process areas within the ITAM program rely on tasks being performed
and completed by each KPA. These individual tasks will enable the other KPAs to function in a valuable
manner bringing value to the organization. In the following section we will look at how Acquisition
dependencies, relationships, and task affect the other key process areas within the ITAM Program.
The relationship between the Acquisition Process area and the Asset Identification Key Process Area
provides the gateway for all incoming assets to be properly tagged and entered into the asset repository.
Acquisition provides purchase information, Purchase agreements, and order information to the Asset ID
KPA. Asset ID provides to the acquisition key process area the asset performance information. This
relationship Impacts decision to purchase standard asset, upgrade to the next version or evaluate a
replacement asset.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

The Acquisition Management Key Process Area relies heavily on the Compliance and Legislation
Management Key Process Areas through the centralization and securing of all IT acquisitions, thus
guaranteeing the legitimacy of all asset acquisitions and will help to ensure the archiving of all
corresponding artifacts (i.e. Proof of Purchase) via the Documentation Management Key Process Area.
Acquisition Management will also optimize the Compliance Management Key Process Area by
negotiating terms and conditions into contracts that are considered favorable to Compliance
Management’s audit process and requirements. Though the Compliance and Legislation Management
Key Process Areas are very much inter-related, they do both have specific functions.
The Compliance Management Key Process Area will provide a system of checks and balances for the
Acquisition Process and also ensures that those IT asset acquisitions will be based on organizational
procurement policies.
The Legislation Management Key Process Area will provide a clear understanding of current and
proposed local, state, federal, or country’s procurement laws, disposal requirements and enforcement
actions.
The Acquisition Management Key Process Area maintains direct communication with the Disposal
Management Key Process Area to clearly detail to Disposal Management the specific disposal
requirements for each asset at the time of acquisition, such as which assets are leased versus owned,
which assets contain sensitive data, harvestable software and recommendations for minimum
performance standards for purposes of redeployment. The Acquisition Management Key Process Area
will also provide artifacts generated by the Acquisition Process to the Documentation Management Key
Process Area. Artifacts would include evaluation and decision making notes, negotiation session notes,
contracts, price lists, etc. The Disposal Management Key Process Area will provide to the Acquisition
Management Key Process Area their recommendations for asset reuse or redeployment.
The Acquisition Management Key Process Area provides the Document Management Key Process Area
all pertinent documentation and identifiable materials associated with each asset acquisition before the
asset is distributed within the organization. For example: all contracts, negotiation notes and other
pertinent documents to Documentation Management.
The Acquisition Management Key Process Area provides a defined asset focus to the Financial
Management Key Process Area by creating a gateway through which all assets are acquired. The asset
information provided will allow Financial Management to use the raw data to develop Return on
Investment (ROI) analysis resulting in the ability to demonstrate Total Cost of Ownership (TCO) for
each asset to the organization. Acquisition Management will also supply inputs into the forecasting
model including all necessary financial asset information. The Financial Management Key Process Area
will enhance Acquisition Management’s performance by providing historical asset cost information, and
by archiving financial performance expectations for future calculation of ROI and TCO.
The Acquisition Management Key Process Area provides a multitude of information to the Vendor
Management Key Process Area such as identification of the products to be purchased, source of the
purchases, and a summation of eventual asset value to the organization. This is another example of the
way in which a viable Acquisition Management Process will ensure executive buy-in by presenting
supporting data for the acquisition. The Acquisition Management Key Process Area will use information
received from Vendor Management such as asset performance data that will be used in negotiations.
Other data received would include purchase and contract information as well as the agreements that
will be used to measure vendor compliance and performance.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

The Acquisition Management Key Process Area is made notably more effective by the existence of the
Communication & Education Management Key Process Area. This is accomplished by Communication
and Education Management providing the mechanisms and communication channels needed to
disseminate Acquisition Management’s policies, processes, and procedures to the entire organization.
The Acquisition Management Key Process Area strengthens the Policy Management Key Process Area
by providing input that will be used for policy creation, policy review and the generation of policy
enforcement guidelines based on the supporting data gathered during the initial state of the asset's
Acquisition. In turn, the Acquisition Management Key Process Area will be enhanced by receiving the
acquisition policies generated by Policy Management that will provide specific procedures and guidelines
for credit card purchases and expensed assets, as well as defining the who, what, why and how of the
policies generated.
The Acquisition Management Key Process Area enhances the Program Management Key Process Area
by creating a gateway through which all asset acquisitions are justified with the corresponding ROI and
TCO data provided. With this single point of control, Program Management can effectively measure
asset ROI and TCO, but only for those assets whose acquisitions are known to the program. This is a
valuable step in support of any acquisition and enables the requisitioning group to provide viable cost
justification data and ensure executive buy-in for the purchase. The Program Management Key Process
Area will receive overall Acquisition Management Process performance data which allows changes to be
enacted, and those changes will then be sent to the Acquisition Management Key Process Area for
implementation. The Program Management Key Process Area will also receive notification of process
changes in other Key Process Areas for evaluation of overall impact, and will provide policy
performance feedback that will help to generate a roadmap for process improvement and change
requirements for other Key Process Areas.

ASSET IDENTIFICATION MANAGEMENT


The Asset Identification Management Process Area encompasses the activities that uniquely identify and
validate the physical presence of IT assets. Asset Identification is a key enabler of many related activities
in the Software Life-cycle, Hardware Life-cycle and IT Acquisition and Documentation Management
Process Areas. The label that was generated and affixed during the receiving process is a unique physical
identification tag, normally placed on the outside of the IT asset. It is an identifier and represents
specific information pertaining to that piece of equipment. Generally, labels that are used for asset
identification will have no meaning outside of the organization.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

The Asset Identification Management Key Process Area supplies critical information that will be used by
the Compliance and Legislation Management Key Process Areas. This is accomplished by means of a
unique physical identifier that is affixed to the asset. Documents and procedures can then be associated
with this asset through the unique physical identifier. Compliance Management can then reconcile
information between the physical audit and the electronic audit to achieve a highly accurate inventory of
the organization’s assets.
Legislation Management will supply current and proposed legislation to help in the compliance efforts.
Assets can also be tracked to the end user and their location pinpointed within the organization or as
they exit the facility based on the sophistication of the Asset Identification Management tracking
mechanisms.
The Asset Identification Key Process Area supplies valuable asset information to the Disposal
Management Key Process Area through the use of the unique asset identifiers assigned to the assets that
need to be tracked. The disposal requirements are tied to each asset through the unique identifier tags.
If assets are not tagged, then the disposal requirements for each asset would need to be individually
identified, thereby eliminating the opportunity for volume disposal agreements or vendor-provided
disposal services negotiated into the contract. The use of unique identifier tags will allow the Disposal
Management Key Process Area to associate the specified disposal requirements to each asset, enables
the ability to designate an asset as being disposed, and allows for certificates of destruction to be tied
back to the disposed assets.
The Asset Identification Management Key Process Area will supplement the Documentation
Management Key Process Area by gathering and coordinating the information and documentation, and
will then channel all data into the physical asset database. Asset Identification Management will provide
all unique asset identifier information to the Documentation Management Key Process Area. The asset
identifier information allows for the associations between the asset and the asset’s artifacts which
include service contracts, warranties, contracts, purchase information, and policies.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

The Asset Identification Management Key Process Area channels definitive asset information to the
Financial Management Key Process Area which allows IT costs to be tracked down to the individual
asset level. This permits the organization to compute the true value of each asset and provides those
values to the organization in terms of ROI and TCO calculations. These calculations will ultimately
supply the organization with pertinent data for future budgeting calculations.
The Asset Identification Management Key Process Area supplies specific asset performance data to the
Vendor Management Key Process Area through the use of each asset's unique identifier allowing for the
performance measurement of each asset thus reflecting on the vendor's product performance as it
pertains to providing a suitable product, support of that product, and verification that the correct
product has been supplied that best meets the organization's defined goals.
The Asset Identification Management Key Process Area is made notably more effective by the existence
of the Communication & Education Management Key Process Area. This is accomplished by
Communication and Education Management providing the mechanisms and communication channels
needed to disseminate Asset Identification Management’s policies, processes and procedures to the
entire organization.
The Asset Identification Management Key Process Area enhances the Policy Management Key Process
Area by installing unique identifiers to each asset that is determined to be worth tracking for the
purpose of Policy Management to be able to associate each asset to the related policy. The unique
identifier will also be of benefit to help ensure the achievement of all environmental requirements.
The Asset Identification Management Key Process Area supports the Program Management Key Process
Area by providing a unique physical identifier for each asset deemed worthy of tracking. By identifying
the operation history for each asset with a unique identifier, a clear view of each asset’s performance
can be ascertained and measured during its operational lifetime. This information, if available on a
regular basis, will enable Program Management to monitor the overall effectiveness of each asset and
will effectively allow for feedback on the overall performance of the ITAM Program. Asset Identification
Management also provides a check point between physical and electronic discovery for audit
reconciliation.

COMPLIANCE & LEGISLATION MANAGEMENT


The Compliance and Legislation Management Key Process Areas are very much inter-related, yet they
do both have very specific functions. The Compliance Management Key Process Area is tasked with the
strict adherence to legislative and regulatory guidelines, with those guidelines covering a wide range of
issues such as software management, contracts, organizational or enterprise standards, the security of
maintained information, and federal legislation. Successful Compliance efforts must be planned and
executed according to a series of established guidelines. The responsibility of adherence to the
guidelines and other specific regulatory laws based on geographic location are assigned to Compliance
Management from the Legislation Management Key Process Area. Where Compliance Management is
focused on maintaining standards, Legislation Management is focused on the understanding and
dissemination of the existing, or projected standards mandated by local, state, federal agencies or
country of origin. Legislative issues can include federal and local laws, regulatory guidelines, and
ordinances that must be adhered to in order to avoid risk and/or potential penalties for an organization.
Legislation is deemed ultimately responsible for the communication of legislation requirements, such as
Title 17 or Digital Millennium Copyright Act (DMCA) for compliance purposes.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

The Compliance Management Key Process Area is the focal point for risk mitigation and audit response.
As a part of the Compliance Management Key Process Area, the IT organization prepares to respond to
compliance events, performs periodic internal asset discovery and ultimately settles non-compliance
matters.
The purpose of the Legislation Key Process Area is to maintain an awareness of legislation that may
affect the processes and legitimate uses of IT assets within an organization. Activities in the Legislation
Process Area include identification of pending legislation, evaluation of legislative impact and proactively
preparing for mandated changes to existing internal processes and policies.
The Compliance Management Key Process Area conveys the necessary regulations used to maintain
proper purchasing procedures to the Acquisition Management Key Process Area. Also communicated is
the detailed information that Acquisition Management needs such as what currently exists in the
environment, what should exist in the environment, what items need to be acquired for the
organization, and necessary regulations pertaining to compliance. Audit regulations are another area of
support from the Compliance Management Key Process Area.
The Legislation Management Key Process Area influences many decisions made by the Acquisition
Management Key Process Area by providing information on regulations determining proper purchasing,
sales and use taxes, receiving, global regulations, treaties and intellectual properties. The influence can
also be seen as Legislation Management provides compliance requirements to the Acquisition
Management Key Process Area in the form of terms and conditions for contracts, as well as receiving
validation of assurance that contracts are reviewed for adherence to compliance requirements.
The Compliance Management Key Process Area is a critical necessity to the Documentation
Management Key Process Area because it provides the requirements for the documentation that must

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

be retained by the organization that will set the retention periods for IT documentation. Compliance
Management also provides the Documentation Management Key Process Area with an electronic
inventory of assets that will provide the organization with a checkpoint for documentation
reconciliation. This process is normally conducted through the Program Management Key Process
Area. The Legislation Management Key Process Area exercises strong control over the Documentation
Management Key Process Area by providing information on regulations related to documentation
handling and retention. The information includes audit reports regarding the current state of
compliance, current compliance and legislative requirements, legislation language from the source, and
interpretation of legislation.
The Compliance Management Key Process Area provides strong benefit to the Financial Management
Key Process Area by providing the criteria for proof of purchases and the proof of payments workflow.
The Legislative Management Key Process Area has control over the Financial Management Key Process
Area by dictating the financial practices that must be utilized to remain compliant. The compliance
requirements are seen in the form of financial records retention requirements including proofs of
purchase, invoice records, methods for tracking financial records against each associated asset, and
specific local and federal legislation such as Sarbanes-Oxley.
The Compliance Management Key Process Area enhances the Program Management Key Process Area
by means of providing electronic discovery data and by providing the compliance requirements for the
organization.
The Legislation Management Key Process Area contributes to the future direction of the Program
Management Key Process Area through the monitoring and reporting of forthcoming legislation
initiatives. Legislation also allows for the customization of the Program for each governing entity,
provides the state of compliance through reporting internal, external, and spot audits, and drives the
Program’s policy making decisions.

DISPOSAL MANAGEMENT
The Disposal Process Area defines process and procedures for properly removing assets from your
environment. A mature disposal process will allow your enterprise to avoid costly storage of unused
assets, mitigate risk associated with disposal, reallocation of software, security of information maintained
before the disposal process, while increasing return on investment.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

Disposal is the means in which an asset is properly destroyed. Destroying an asset is much more than
just throwing it away in the trash. Destroying an asset impacts several groups within the organization
including but not limited to IT, finance, human resources, procurement and legal. The method used to
destroy the asset may be constrained by government regulations, vendor licensing agreements and the
organization’s policies.
The Disposal Management Key Process Area provides disposal data to the Acquisition Management Key
Process Area which defines asset redeployment criteria for those assets that can effectively be
redeployed. Disposal Management can also provide Acquisition Management with up-to-date
information concerning the availability of software and hardware that is available for redeployment.
There are many reasons that assets are disposed of; for this reason, the redeployment/reuse criteria
given to Acquisition Management is an imperative guideline as to if an asset’s disposal is due to
inadequate performance and should be disposed, or if the asset had great performance and should be
redeployed elsewhere. Disposal Management also depends on Acquisition Management for information
concerning disposal requirements for leased assets. Both Key Processes Areas work toward the
common goal of creating the most effective Disposal Process.
The Disposal Management Key Process Area provides necessary disposal information to the Asset
Identification Management Key Process Area on the retirement and destruction of assets, regardless of
whether they are hardware or software assets. Using the unique identifier assigned to the asset by the
Asset Identification Key Process Area will allow accurate recording of the disposition of the asset into
the repository, ties the certificate of destruction to the asset, and will allow closure of the financial
books on the asset.
The Disposal Management Key Process Area works in conjunction with the Compliance and Legislation
Management Key Process Areas to conduct the proper disposal or harvesting of assets, including the
documentation that will support the final disposition of the assets. Legislation Management will provide

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

legislation requirements based on locale; while Compliance Management will ensure that the Disposal
Management Key Process Area will supply the Documentation Management Key Process Area with
asset disposition documentation to be archived as required by organizational policy. Documents will
include the certificate of destruction, and the disposal method information including lot numbers,
disposal vendor information, etc.
The Disposal Management Key Process Area does not directly enhance, strengthen, or make more
effective, the Financial Management Key Process Area.
The Disposal Management Key Process Area enhances the capabilities and control of the Vendor
Management Key Process Area by providing information on disposed assets that had problems caused
by product failure or defects, which can then be reported back to the appropriate vendor.
The Disposal Management Key Process Area does not directly enhance, strengthen, or make more
effective, the Project Management Key Process Area.
The Disposal Management Key Process Area utilizes the Communication and Education Management
Key Process Areas as a conduit for the proper dissemination of Disposal processes to organizational
personnel.
The Disposal Management Key Process Area provides support to the Policy Management Key Process
Area by providing input into policy creation, policy review and policy enforcement for the organization.
The Disposal Management Key Process Area enhances the capabilities of the Program Management Key
Process Area by signalling the end of life for an asset which will allow for the final calculation of asset
ROI and TCO. The Program Management Key Process Area requires this disposal notification.

DOCUMENTATION MANAGEMENT
The Documentation Management Process Area encompasses management capability for all IT asset
related documents throughout most of their life-cycle, from request, through acquisition and onward.
This discipline includes management of contracts, proof of purchases, and all software licenses including
certificates of authenticity (COAs).

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

Documentation Management consists of managing organizational documents throughout the life-cycle of


the document and supporting product. Documentation management can include legal contracts, HR
documents, licenses, Certificates of Authenticities, insurance documents, support and maintenance
agreements. Fixed-asset information is also provided as an update to the accounting organization.
Necessary data encoded on these documents should be readily available through a centralized
repository and also kept offsite for disaster recovery purposes.
The Document Management Key Process Area encompasses the management of all IT asset documents
that are produced throughout the lifecycle of the IT asset. These documents include, but are not limited
to purchase contracts, proof of purchase documents, software licenses including certificates of
authenticity and disposal documentation.
The dependencies between Key Process Areas within the ITAM Program rely on tasks being performed
and completed by each KPA. These individual tasks will enable the other KPAs to function in a cohesive
manner bringing value to the organization. In the following section will show how Documentation
dependencies, relationships, and tasks affect the other Key Process Areas within the ITAM Program.
The Documentation Management Key Process Area enhances the capabilities of the Acquisition
Management Key Process Area by providing a critical access portal to the documentation management
system which provides centralized data storage and supports the archiving and retrieval of all documents
related to the acquisition of any IT asset.
The Documentation Management Key Process Area does not directly enhance, strengthen, or make
more effective, the Asset Identification Management Key Process Area. Documentation Management
does however provide centralized storage of all documentation relating to the Asset Identification
Management database.
The Documentation Management Key Process Area is critical to the Compliance and Legislation
Management Key Process Areas by making documentation accessible. Documentation Management
provides centralized storage of all documents that are relevant to both Compliance Management and
Legislation Management. For example, the Compliance Management team might need to associate and
cross reference a software asset against the asset's Proof of Purchase; and Legislation Management might
need to access documentation as ammunition in lobbying either for or against proposed legislation.
The Documentation Management Key Process Area is imperative to the function of the Disposal
Management Key Process Area by providing centralized storage and maintenance of all documents
associated with the disposal of IT assets including tracking, data scrubbing, due diligence documentation
associated with the disposal vendor, the type and amount of training provided to recipients of donated
assets, and all associated costs pertaining to the disposal of any given asset.
The Documentation Management Key Process Area allows ready document access to the Financial
Management Key Process Area by providing a centralized repository of all financial records and
associating those records with any asset in question. Some of the important documentation that will be
available to Financial Management includes Total Cost of Ownership (TCO), Return on Investment
(ROI), and forecasting.
The Documentation Management Key Process Area enhances the capabilities of the Vendor
Management Key Process Area by providing centralized storage; archiving and maintenance of all
documents related to the management of vendors including any documentation associated with
purchased or leased assets and their associated invoices and contracts. Additional information for access

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

would include the vendor scorecard, vendor contact information, and contracts pertaining to the
vendor.
The Documentation Management Key Process Area does not directly enhance, strengthen, or make
more effective, the Project Management Key Process Area.
Documentation Management does though maintain a central repository of information that holds what
can be considered as project artifacts. Some of these artifacts include requirements, statement of work,
implementation plan, resource allocation, cost, status reports, and results.
The Documentation Management Key Process Area is critical to the function of the Communication and
Education Management Key Process Area because it provides centralized storage of all documents
relating to Communication and Education Management and enables the retrieval of the documentation
associated with the IT assets and the IT Asset Management process. The information stored in the
documentation repository must be easily accessible to the appropriate IT Asset Management roles as
well as other authorized personnel within the organization. Some of the necessary documentation
would cover educational needs, communication paths, communication contacts, and educational values.
The Documentation Management Key Process Area enhances the capabilities of the Policy Management
Key Process Area by providing centralized storage of all documents relating to organizational policies
within the IT Asset Management Program. Documentation Management also helps to supply input into
policy creation, policy review and policy enforcement for the organization.
The Documentation Management Key Process Area provides extensive support to the Program
Management Key Process Area by providing a centralized repository for all documents relating to the IT
Asset Management Program collected during the lifetime of the asset. The data collected includes
performance metrics, usage statistics and maintenance costs. In addition, asset artifacts can be accessed
which include Proofs of Purchase, Certificates of Authenticity, invoices, warranties, certificates of
destruction, process documentation, and reports on assets such as discovery, physical inventory, and
Installs, Moves, Adds, Changes (IMAC). The centralization of documents is a strong attribute to the
organization’s documentation management system which includes the contract management system, the
financial system, the help desk system, etc. Centralization of documents also provides secure access to
only the designated personnel who have been granted access such as Help Desk, Technicians, Legal,
Human Resources, Financial, and the IT Asset Management team. Furthermore, centralization will help
to enable workflow automation and integration into the organization’s Disaster Recovery Program, and
it provides an easy method of archiving and retrieving documents for each Key Process Area.

FINANCIAL MANAGEMENT
The process of managing IT Asset Financial information and data within an organization. IT Asset
Financial Management maintains cost controls, financial data, and budgeting information for the IT Asset
Management Program, as well as reconciliation processes and financial audit information.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

The Financial IT Asset Management Key Process Area includes many operationally reoccurring functions,
including budgeting, asset reconciliation, charge-backs, invoice reconciliation, financial forecasting, audit
preparation and billing. In addition, the Financial IT Asset Management Process must support a strategic
view of IT spending by building a portfolio management perspective.
The dependencies between key process areas within the ITAM program rely on tasks being performed
and completed by each KPA. These individual tasks will enable the other KPAs to function in a valuable
manner bringing value to the organization. In the following section we will look at how financial
dependencies, relationships, and task affect the other key process areas within the ITAM Program.
The Financial Management Key Process Area helps drive the Acquisition Management Key Process Area
by providing historical financial data for use during asset acquisitions.
Greater asset value will be derived when Financial Management receives financial information
projections and costs from the Acquisition Management Key Process Area. This financial information is
necessary for Financial Management to calculate Total Cost of Ownership and Return on Investment
forecasts, service costing model updates, and departmental charge-backs.
The Financial Management Key Process Area does not directly enhance, strengthen, or make more
effective, the Asset Identification Management Key Process Area.
The Financial Management Key Process Area enhances the Compliance and Legislation Management Key
Process Areas through the application of proper financial practices resulting in the creation and archival
of documents such as Proofs of Purchase which will be used by the Compliance Management Key
Process Area during compliance audits. Financial management will benefit from the guidelines and
information received from Compliance Management such as specific record retention data, and what are
acceptable proofs of purchase. The Legislation Management Key Process Area will also provide key
financial legislation requirements to Financial Management based on legal mandates of the country.
The Financial Management Key Process Area strengthens the Documentation Management Key Process
Area by providing all financial reports, records, proofs of purchase and data that can be incorporated
with other supporting historical documentation regarding the asset.
The Financial Management Key Process Area is critical to the Vendor Management Key Process Area
because of the detailed monitoring and measurements conducted by Financial Management on the
financial performance of all vendors. Much of the performance data that is collected will include specific

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

data such as the accuracy of the vendor's invoices, service costs, and cost increases, etc., all of which are
metrics that appear on the vendor score card.
The Financial Management Key Process Area utilizes the Communication and Education Management
Key Process Areas as a conduit for the proper dissemination of financial processes to organizational
personnel.
The Financial Management Key Process Area enhances the capabilities of the Policy Management Key
Process Area for the organization by providing financial best practice requirements into policy creation,
policy review and policy enforcement. Information that will be provided will include accounting best
practices that are in accordance with Accounting and Auditing Policy Committee (AAPC) and Generally
Accepted Accounting Principles (GAAP), Sarbanes-Oxley requirements, and other requirements
specifically based on local, federal or country requirements.
The Financial Management Key Process Area enhances the efficiency of the Program Management Key
Process Area by providing financial analysis of assets such as Total Cost of Ownership (TCO) and
Return on Investment (ROI) calculations which provide a determination of true asset values within the
environment. This information can be utilized for timing the appropriate end of life strategy for assets,
IMAC, standardization and decision making processes, and will provide financial feedback on the overall
performance of the IT Asset Management Program.

PROJECT MANAGEMENT
A project can be described as an organized and managed set of activities that when properly executed,
results in the achievement of a unique and well defined product. Such a work product is often referred
to as a deliverable. Resources are mobilized and deployed to perform the activities in a controlled
fashion. A project is classified as having a definitive start, and a calculated end.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

Project management is a method for managing a group of tasks, resources and people for the purpose of
a successful outcome of the project, where success is defined in the beginning of the project.
The Project Management Process is defined as an organized and managed set of activities that results in
the achievement of a unique and well-defined end-result or work product. Such a work product is often
referred to as a deliverable. Resources are mobilized and deployed to perform the activities in a
controlled fashion.
The Project Management Process supports all other Key Process Areas by implementing a disciplined
approached to managing projects that implement the improvements to the ITAM Program. The specific
project management discipline used is defined by the organization. However, there are specific actions
required including the planning phase and the initiation phase in order to ensure a smooth transition to
the change in the Key Process Area. It is therefore required that the two sub processes, planning and
project initiation, address all of the needs and risks to all Key Process Areas. For these reasons the
Project Key Process Area controls, enables and supports all Key Process Areas.
The dependencies between key process areas within the ITAM program rely on tasks being performed
and completed by each KPA. These individual tasks will enable the other KPAs to function in a valuable
manner bringing value to the organization. In the following section we will look at how Project
Management dependencies, relationships, and task affect the other key process areas within the ITAM
Program.
The Project Management Key Process Area has an indirect relationship with the Acquisition
Management Key Process Area. Acquisition Management relies heavily on Project Management to
ensure that all projects that deal with the Acquisition Process are completed swiftly and with satisfaction
that adds to the value of the overall process and the organization.
The Project Management Key Process Area has a direct relationship with the Asset Identification Key
Process Area. All projects within an organization will require the tracking and monitoring of various IT
assets. These two Key Process Areas work in conjunction to bring the highest value per project to the
organization.
The Project Management Key Process Area has a direct relationship with the Compliance and
Legislation Management Key Process Areas. Project Management relies on Compliance and Legislation
Management for information dealing with the compliance regulations and laws surrounding a project.
These two Key Process Areas work in conjunction to bring the highest value per project to the
organization.
The Project Management Key Process Area has a direct relationship with the Disposal Management Key
Process Area. Project Management needs information from Disposal Management on what can be
disposed of, how items need to be discarded, and what disposal laws need to be adhered to. These two
Key Process Areas work in conjunction to bring the highest value per project to the organization.
The Project Management Key Process Area has a direct relationship with the Documentation
Management Key Process Area. Project Management is one of the most important contributors to
Documentation Management. The Project Management Process will create various documentation
management tools for the Documentation Management Process. These two Key Process Areas work in
conjunction to bring the highest value per project to the organization.
The Project Management Key Process Area has an indirect relationship with the Financial Management
Key Process Area. Financial Management relies on Project Management to ensure that all projects that

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

deal with the Financial Process are completed swiftly and with satisfaction that adds to the value of the
overall process and the organization.
The Project Management Key Process Area has an indirect relationship with the Vendor Management
Key Process Area. Vendor Management does not enhance, strengthen, or make more effective, the
Project Management Key Process Area. Vendor Management does however supply information on
potential suppliers for the goods and services needed for the completion of projects. These two Key
Process Areas work in conjunction to bring the highest value per project to the organization.
The Project Management Key Process Area has a direct relationship with the Communication and
Education Management Key Process Areas. The Communication and Education Process relies upon
Project Management for establishing channels for communication through business projects. These two
Key Process Areas work in conjunction to bring the highest value per project to the organization.
The Project Management Key Process Area has a direct relationship with the Policy Management Key
Process Area. Policy Management relies on Project Management to provide input into the generation,
implementation, and enforcement of policies. These two Key Process Areas work in conjunction to
bring the highest value per project to the organization.
The Project Management Key Process Area supports all other Key Process Areas by implementing a
disciplined approached to managing projects that disseminate the improvements to the IT Asset
Management Program. The specific project management discipline used is defined by the organization.
However, there are specific actions required including the planning phase and the initiation phase in
order to ensure a smooth transition to the change in the Project Management Key Process Area. It is
therefore required that the two sub processes, project planning and project initiation, address the needs
and risks to all other Key Process Areas.

VENDOR MANAGEMENT
The Vendor Management Process Area defines attributes of maturity in how well you are
communicating with, leveraging and negotiating with your vendors. Structural strategies for success
include assigning vendor managers internally, who follow a documented communication protocol and
build a library of interactions. Business strategies for lease versus buy options, outsource versus retain
options, and global consolidation are encompassed in these processes.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

Vendor management impacts several aspects of IT assets. One is the identification and negotiating
process to assure efficient and cost-effective acquisition of IT assets. It is also important to rate the
vendors based on service and quality of the asset. Furthermore, sourcing assets from multiple vendors
increases costs and jeopardizes the organization’s quality standards of the assets and services provided
by the vendors. Strong vendor management also reduces the risk of obtaining invalid or illegal assets.
Vendor management is essential to the successful management of IT assets by ensuring the
organization’s sourcing is performed in a predictable and well-defined process.
The Vendor Management Key Process Area addresses the discipline of communicating, leveraging,
negotiating, performance evaluation and management of suppliers. Issues addressed include vendor
management organization, strategies, evaluation criteria and communication protocol.
The dependencies between Key Process Areas within the ITAM Program rely on tasks being performed
and completed by each KPA. These individual tasks will enable the other KPAs to function in a more
cohesive manner bringing greater value to the organization. In the following section will show how
Vendor dependencies, relationships, and tasks will affect the other Key Process Areas within the ITAM
Program.
The Vendor Management Key Process Area is very important to the Acquisition Management Key
Process Area in the way that vendor management is practiced. These practices will determine the best
vendors for sourcing an asset, thereby assuring the best quality of product and service according to the
guidelines established by the organization. One of the best indicators of vendor performance is the
information found on the vendor scorecard which is given to Acquisition Management for more
informed purchases. Vendor Management will also utilize purchase data information supplied from
Acquisition Management such as contract agreements and new metrics to use for measuring vendor
performance.
The Vendor Management Key Process Area does not directly enhance, strengthen, or make more
effective, the Asset Identification Management Key Process Area, yet Vendor Management is benefitted

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

by receiving performance data from Asset Identification Management such as the data concerning the
vendor’s deployed assets.
The Vendor Management Key Process Area will supply the Documentation Management Key Process
Area with vendor profile information such as the vendor score card data that will be archived for later
use.
The Vendor Management Key Process Area does not directly enhance, strengthen, or make more
effective, the Financial Management Key Process Area, yet Vendor Management is benefitted by
receiving performance data from Financial Management such as the data concerning the accuracy of the
vendor’s invoices.
The Vendor Management Key Process Area provides strong support to the Policy Management Key
Process Area by providing input into policy creation, policy review and policy enforcement for the
organization.
The Vendor Management Key Process Area enhances the capabilities of the Program Management Key
Process Area by utilizing the organization’s vendor selection processes, and by means of the relationship
between the vendors and the organization. Proper vendor relationships enhance the value of those
vendors to the organization, as well as to Program Management. A mutually beneficial relationship exists
when Vendor Management provides Vendor relationship management to Program Management, and
Program Management will in turn help to supply new vendors to the Vendor Management Key Process
Area.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

ITAM Foundations
SECTION 3 – KPA INDICATORS

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

KPA INDICATORS
Measurements and metrics aid in assessing the success or failure of the ITAM program. Each KPA has
several possibilities where through process improvement, risk reduction or uncovering financial savings,
program success can be demonstrated and measured. The following denotes a short list of possible
metrics that can be collected during improvements of an ITAM program. (not a process) The
subsequent list represents some of those metrics to consider to gage program success:
Acquisition Number of requests by department, by asset type, standard vs. non-
Management KPA standard
(ACQ) Number of approvals and rejections by department, by asset type,
standard vs. non-standard
Date and time of request for order fulfillment timeframe calculation
Length of time for negotiation of contract – start to close
Quality of responses to RFQ, RFB, RFP
Projected ROI and TCO (for later comparison against running totals
and final calculations)
Length of time to gain approval / rejection for a non-standard IT asset
request
Length of time to gain approval / rejection for a standard IT asset
request

Asset Identification Number of RMAs by vendor and asset type


Management KPA Date and time the asset was received
(AID) Date and time received asset was placed into inventory ready to be
deployed
Length of time from receiving to inventory (staging time)
How, who and when an inventory was increased by asset
How, who and when an inventory was decreased by asset
Number of reconciliation errors between inventory and e-discovery
Number of reconciliation errors between inventory and physical
inventory results
Accuracy of vendor provided services pre-delivery. For example, did
the vendor apply the asset tag appropriately?
Number of software downloads where the licensing information was
delivered to ITAM

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

Communication and Percentage of casual users (those who should not be making
Education configuration changes to the asset) who have received training on ITAM
Management policies and procedures
KPA(C&E) Percentage of power users who have received training on ITAM policies
and procedures
Percentage of software administrators that have received training on
software asset management
Percentage of on-site vendors who have received training on ITAM
policies and procedures
Percentage of new hires who receive training on ITAM policies and
procedures

Compliance Percentage of installed software titles that are compliant with the terms
Management KPA and conditions of the licensing agreement
(CMP) Percentage of installed software titles in the managed software library
that are compliant with the terms and conditions of the licensing
agreement
Percentage of hardware assets, by asset type, that are disposed of
according to local regulations
Percentage of ITAM processes that are audited for compliance to the
ITAM Program requirements

Disposal Management Percentage of hardware assets that go through a formal disposal


KPA process
(DIS) Percentage of hardware assets whose data is secured prior to transfer
of ownership
Percentage of hardware assets whose software is harvested if applicable

Documentation Percentage of licensing agreements being managed by ITAM


Management KPA Percentage of licensing agreements, that are being managed by the
(DOC) ITAM team, that have been annotated with role based content
Percentage of documents that are reviewed prior to committing the
document to the document management system
Percentage of documents that can be linked to their asset

Financial Management Percentage of invoices reconciled for accuracy of charge


KPA Percentage of software invoices reconciled for accuracy of purchase
(FIN) description
For each managed asset type, percentage of assets that are being for
monitored for TCO and ROI where appropriate
Percentage of contracts reviewed for financial terms before being signed

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

Legislation Frequency of meetings with legal department to discuss new or


Management KPA upcoming legislative requirements that may affect the ITAM Program
(LEG) Percentage of the organization’s current legislative requirements that
are reviewed from an ITAM perspective

Policy Management Percentage of ITAM policies reviewed every 6 months


KPA Percentage of ITAM policies that are managed based on metrics
(POL)

Program Management Percentage of ITAM processes that are owned by other departments
KPA that are monitored
(PRG) Percentage of deployed IT assets that are part of the IT standard
Percentage of configuration changes that are tied to a help desk or
service desk ticket

Project Management Percentage of ITAM projects that are completed on-time and within
KPA budget
(PRJ) Percentage of the organization’s projects that are reviewed for IT asset
requirements
Percentage of ITAM projects whose deliverables are reviewed a few
months after deployment

Vendor Management Results of an IT vendor score card review are captured with a date and
KPA timestamp
(VEN) Frequency by which a vendor meeting is required to resolve an issue
Frequency by which the vendor contacts database is updated
IT vendor’s ability to meet contractual obligations
Number of infractions incurred by a vendor employee

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

ITAM Foundations
SECTION 4 – INDUSTRY BEST PRACTICES

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

ITAM AND ITSM: EMBRACING TWO ORGANIZATIONAL


FRAMEWORKS

IAITAM BEST PRACTICES AND IT SERVICE MANAGEMENT


IT Asset Management (ITAM) and IT Service Management (ITSM) are both process-based best practices
that provide direction to IT departments across the globe. They are interconnected, working together
to achieve goals. Each also has functionality that the other does not and this complexity can be
confusing. To an extent, each shares the same processes with common objectives but label them
differently (e.g. Vendor Management and Supplier Management, Finance Management, IT Finance
Management, and so on). The IAITAM Best Practice Library™ (IBPL) describes Program and Project
Management however; the Information Technology Infrastructure Library® (ITIL Copyright© AXELOS
Limited 2011. Material is reproducted under license from AXELOS.) for Service Management only
introduces Program and Project Management best practices such as PMBOK or Prince II. In any case,
they share the common objectives so the processes should be considered the same terminology wise.
Beyond the simple example above, the similarities and differences between the best practices require
further explanation. Best practices are used as a reference model and do not exist as a silo management
system. They should co-exist and be unified to achieve holistically-designed, common IT strategic goals.
It is best to understand the big picture and know how each model and best practice fits together and
interacts so that they can work in harmony towards common goals.
They should not be implemented separately or without understanding the big picture, otherwise
implementation could results in a silo that leads to partial optimization. Creating a roadmap that
articulates the relationship of the different reference models and best practices is a critical success
factor for holistic optimization, especially for global organizations. The best practices described in the
IAITAM Best Practice Library (IBPL) for ITAM and ITIL, known formerly as the Information Technology
Infrastructure Library (ITIL) for Service Management are used as the basis for this comparison.

GOALS AND OBJECTIVES


Basic IT Asset Management has goals related to financial aspects as well as the mitigation of risks
associated with IT assets. They are often presented as:
 Return value to the organization
 Provide visibility into the portfolio of IT assets
 Mitigate risks associated with the assets used (whether owned, free or leased)
 IT Service Management goals are similar to ITAM but are focused on the service to be offered
to the customer:
o Return value to the organization

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

o Provide the expected service outcome for the customer (internal or external)
o Transfer the customer’s risk from owning/using the assets to the service provider
The ITIL model for ITSM groups processes around the IT service lifecycle in five major categories:
ITIL Service Strategy
 Strategy Management for IT Services
 Financial Management for IT Services
 Service Portfolio Management
 Demand Management
 Business Relationship Menegement
ITIL Service Design
 Design Coordination
 Service Catalogue Management
 Service Level Management
 Availability Management
 Capacity Management
 IT Service Continuity Management
 Information Security Management
 Supplier Management
ITIL Service Transition
 Transition Planning & Support
 Change Management
 Service Asset & Configuration Management
 Release & Deployment Management
 Service Validation & Testing
 Change Evaluation
 Knowledge Management
ITIL Service Operation
 Incident Management
 Event Management
 Request Fulfillment
 Problem Management
 Access Management

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

ITIL Continual Service Improvement


 7-Step Improvement Process
 Service Measurement
 Service Reporting
The art in management is being able to make good decisions despite uncertainty. Management
knowledge such as models, frameworks and best practices all help reduce that uncertainty and improve
the likelihood of a good decision. In IT management, the IAITAM Best Practice Library (IBPL) and ITIL®
are two frameworks making a substantial difference in the success of IT initiatives within organizations.
Like any other framework, these two have similarities from solutions to comparable problems. They
also have differences from their disparate areas of specialization since the IBPL captures the
management domain of IT Asset Management (ITAM) while ITIL describes the management domain of IT
Service Management (ITSM). For the IT Manager to understand how these frameworks can be used to
best advantage, the first step is delving into how the frameworks are similar. With that common
groundwork in place, the IT Manager has the opportunity to use both frameworks to support decisions
and the implementation of change.
In this article, the similarities of the main principles are presented in Part I and is followed by an
examination of how the two frameworks work together to achieve maximum benefit. The ITIL
framework for IT Service Management is owned by AXELOS. The IBPL is published by the International
Association of Information Technology Asset Managers, Inc. (IAITAM).

APPLES AND ORANGES? HOW ARE ITAM AND ITSM SIMILAR?


Topics that are important elements of any type of initiative provide a common vocabulary to discuss
similarities.

STRATEGIC PLANNING
Before starting an initiative, the factors that will influence the project need to be analyzed. Examples of
factors include market situations, the customers of the managed IT organization, availability of resources
and legislated requirements. ITIL has a dedicated book on this subject called Service Strategy which
includes many principles related to strategic planning, processes and other related topics. In the IBPL
for ITAM, most of the strategic planning documentation is included in Program Management, one of
twelve Key Process Areas (KPA) defined by IAITAM. Also, one of the key elements of strategic
planning is Legislation Management, which is one of the twelve KPAs. However, since ITAM is a
strategic program for the organization, elements of strategic management are also distributed in other
KPAs.

RESOURCES
Although having sufficient resources for a project does occasionally happen, the usual scenario is to be
limited by the available resources. That means that the distribution of available resources is a concern
for every manager. In ITAM, resources are a core concern throughout the library as well as featured in
the Program Management and Project Management KPAs within the IBPL. In ITIL, discussion about

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

resources is mainly relegated to the Service Asset and Configuration Management (SACM) sections, but
information does appear throughout the service lifecycle, especially during the service design phase.
It is important to remember that resources are also used by the management tasks themselves.
Management consumes tools and manpower in processes. Both libraries draw attention to this topic for
each process that is described.

POLICIES, PROCESSES, PROCEDURES


A process-based approach is a trend in modern management and frameworks like ITIL and the IBPL base
their guidance on a process focus. This style of management relies on policies to direct employee
behavior to the processes. Procedures are then developed to allow employees to comply with those
policies. Since ITAM is a strategic program; policies are a focus, offering controls to process
development, documentation and implementation. The IBPL has Policy Management as one of the
twelve KPAs and dedicates a volume to policy management.

ORGANIZATION – ROLES AND RESPONSIBILITIES


Organizing work into processes and assigning responsibilities requires the definition of roles and the
relationships between them. ITIL uses the well-known RACI (Responsible, Accountable, Consulted and
Informed) charts for that. The IBPL has a different approach, better suited to diverse types of
organizations including those not service-oriented. It avoids specifying the lists of actions within roles.
Instead, it provides many practical details about the grouping of activities and processes as well as
concerning internal and external communication.

KNOWLEDGE
The most obvious way to reduce uncertainty is by gathering knowledge. However, this effort has
become more difficult because so much useless information obscures important points. Each
management framework approaches this issue in its own way. ITIL establishes a process called
Knowledge Management that treats pieces of knowledge as assets and manages them similarly to
configuration items.
ITAM’s IBPL focuses on managing the documentation, which is not only a source of knowledge, but also
the basis for compliance. Also, the IBPL offers one more, very modern and dynamic approach to
knowledge management. It dedicates an entire volume to communication and education, making this
subject one of the twelve KPAs. Using the constant education and attention to proper communication
approach, an organization ensures that knowledge is available just in time and not gathered just in case.

CONTINUAL IMPROVEMENT
As an organization matures, management continues to direct the execution of implementations, but
these implementations are more likely to be related to continual improvement rather than the
introduction of new ideas. The IBPL supports continual improvement by including improvement as part
of the details of each process. In contrast, ITIL offers a general approach to continual improvement
intended to fit all elements of IT Service Management and dedicates a separate book for it.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

While the IBPL explains the actual management processes for tangible assets and how to set up an ITAM
program that includes the entire lifecycle of the asset, from request through disposal. ITIL focuses on
the user perspective and how IT can operationally satisfy the customer’s request. ITIL does involve the
assets, explaining a SACM (Service Asset and Configuration Management) process. While it describes
the architecture of a CMS (Configuration Management System) and a CMDB (Configuration
Management Database), it does not get into actual management processes of tangible assets.
However, it is obvious that many of the CIs (Configuration Items) that ITIL targets and collects should
have their information, such as attributes and relationships, provided by ITAM since ITAM is responsible
for asset acquisition, financial information and contractual information.
The ITSM point of view is the user perspective, describing each service product as consisting of the CIs
it takes to deliver the service. The mapping is provided by the CMS/CMDB in detail, and it is depicted
for the user as the Service Catalogue. Without the CMS/CMDB mapping of what CIs constitute a
specific service, it is impossible to document and deliver the service. It is equally impossible to calculate
the accumulated cost for appropriate chargeback to the user.
Change Management also relies on understanding the CIs that constitute a specific service. Otherwise,
how can you manage a change to that service? Who is providing all of the information about CIs? Many
of the details of tangible assets are managed by ITAM and, if not, should be. As a result of successful
ITAM implementation, you should have reliable, consistent asset information that can be fed or used by
the CMS.
Therefore, it can be said that ITAM is the foundation of the realization of ITSM. Without an effective
ITAM implementation, the CMS would not be able to maintain CIs of tangible assets. In that case, the
Service Catalogue becomes irrelevant and Request Fulfillment does not work, nor Change Management.
It is easily shown that ITAM is a critical success factor to ITSM.

CAPTURING THE DIFFERENCE


The difference in viewpoint from asset-centric to user and service-centric leads to different definitions
for what constitutes an asset. In IT Asset Management, an asset is the hardware, software and mobile
technology used throughout the organization. For IT Service Management, the asset includes:
 Resources such as infrastructure, applications, capital and information
 Capabilities such as management, organization, processes and knowledge
 People

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

The scope of the IT asset and service asset overlap but are not same:
FIGURE 1: SERVICE ASSET AND IT ASSET SCOPE COMPARISON

In order to successfully implement ITAM with ITSM, create a holistic strategy and roadmap that
identifies the common processes with the additions introduced by ITAM and also highlights the
interfaces between the two different sets of processes. These processes can be united and work
together seamlessly to achieve common goals. Note that ITSM may not articulate the necessity of BPR
(Business Process Re-engineering) across different departments, but ITAM requires BPR across different
departments as well as different organizations when necessary. One example is Software Asset
Optimization. If your organization is part of a large group of organizations, with multiple entities
domestically and globally, then chances are good that Vendor Management (Supplier Management),
Contract Management and Finance Management will need cross-organizational unification of the
software asset management processes and agreements in the roadmap before the holistic optimization
can bring the costs to the most optimized level.
IT technology paved the way towards holistic optimization by acting on “consolidation,” “virtualization,”
“resource pooling” and “hybrid cloud” goals. However, in order to optimize the technological
advancements, IT needs to become a maker of services products and a 1st tier service provider. It
takes more than technological advancement, requiring streamlining of the technology and making

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

monetary sense for appropriate chargeback instead of depending on a hunch. It can be done if the big
picture and roadmap are shared, and if the roadmap is consistent despite referencing more than one set
of best practices. Rome was not built in a day and the effort can feel more like evolution. It is worth
the investment supporting IT as it matures into a group committed to end user results.

THE COMPLEMENTARY RELATIONSHIP


Many large organizations are striving to achieve the service model as the service model makes IT
independent and at the same time agile and adaptive. It also changes the IT department from a cost
center to a profit center. Technology-oriented IT is now expected to become the “maker” of IT service
products, not just be a technical staff who understands Information Technology. IT Service Management
means that IT cares about the quality and success of the end product, which matches the perspective of
the end users.
In that sense, ITAM is the “BOM” as used in manufacturing. BOM (Bill of Materials) is a critical success
factor in determining product quality. That connection is common sense to any maker of products. If
you do not have a strong grip on the components and parts that make up your product, you cannot
have quality control over your products. It is the exact same situation with the IT Service model where
ITSM relies on a successful ITAM implementation. ITAM is BOM. Without BOM, there is no control of
IT service products’ quality and no exact understanding of the cost and risk.
The complementary functioning of these best practices is illustrated best with an example. In ITIL, the
Release/Deploy Management processes require a test scenario and criteria for what can be released and
deployed in the environment. In the IBPL, the KPAs of Compliance Management and Legislation
Management provide the details necessary to determine the release/deploy criteria for the environment
including specifics about software license compliance.

CATS AND DOGS – CAN ITAM AND ITSM WORK TOGETHER?


ITAM and ITSM management domains have more in common than the core management elements
discussed in the previous section. Both frameworks include some of the same processes and activities,
recognizing the need. Is it then sufficient to pick one of the frameworks and implement it without the
other? The answer is no because different IT management domains provide unique competencies and
points of view. It is better to research asset acquisition and contract management guidance in the IBPL
even if it is also mentioned in ITIL. Conversely, it is better to research how to implement a service desk
and incident management in ITIL even if some guidance may be found in the IBPL. A strong ITAM
program alongside a properly implemented service lifecycle offers competency in both areas and since
the libraries do not conflict with each other, each can be fully realized. The advantage to the
organization is the complementary improvement in business goal achievement.

SERVICE ASSET AND CONFIGURATION MANAGEMENT


ITIL recognizes the importance of asset management as seen in the following statement from the
introduction to the “Service Asset and Configuration Management” process description. “No
organization can be fully efficient or effective unless it manages its assets well, particularly those assets
that are vital to the running of the customer’s or organization’s business.”

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

It is a common misconception that the ITIL’s Service Asset and Configuration Management (SACM)
process covers all of ITAM. In fact, ITIL’s service transition book begins the SACM description by
explaining that the process only covers the assets that “…are required to deliver services,” which are
the service assets only. It means that the management of IT service assets is a subset of the assets
managed within ITAM.
ITIL’s SACM focuses on configuration items (CIs), defined as “…service assets that need to be managed
in order to deliver services,” meaning that all of the assets that are not part of any defined service are
out of scope. It also means that the information gathered and managed is also limited to the service
configurations. A detailed explanation of the differences and relationships between CIs and assets, as
well as the CMDB and the asset repository, is a good subject for another whitepaper.
The bottom line is that the ITAM program supports SACM. When the information about configuration
items needs to be collected, most of what is needed is already available in the asset repository. What is
more, if the ITAM program described in the IBPL is properly implemented, the information is reliable; it
may be used not only as the source of data to be pulled into a CMDB, but also as a verification tool
when the state of the infrastructure changes.
Additionally, when the SACM process is designed, it relies on the insights from the business
requirements gathered through the IBPL framework into the ITAM program. The IBPL provides the
basis of SACM with policies, contractual requirements, standards, roles and responsibilities, allowing
SACM to align with the organization’s governance.

SERVICE STRATEGY
Service Strategy falls in the middle of the ITIL lifecycle and defines the approach to create new services
such as how to make the decision to remove or modify current services. Modifications arise from
internal and external situations.
The factors influencing strategic IT decisions can be described as limitations, opportunities and
capabilities. Limitations include legislation, vendors and competition. Conveniently, understanding legal
and contractual requirements are core elements of the IBPL. Similarly, the IBPL’s Vendor Management
KPA includes the analysis and comparison of the available vendors, along with the details on building
vendor relationships. Again, the ITAM program as described in the IBPL supports the ITIL component
for service strategy.
Not using the resources available in ITAM or not having an ITAM program makes it necessary to build
the information collection and analysis from scratch, reducing the quality of outcomes. The quality
reduction comes from a lack of competency in specific areas, the absence of ongoing knowledge
verification and no maintenance of relationships.
Service portfolio management is an ITIL process that relies on the IBPL extensively in two areas. One is
the information coming from the utilization of assets. The services may be treated as assets from the
organization perspective. As such, they must fulfill the requirements that are already documented and
analyzed within the ITAM program. The second area is the information about the available assets. With
this information, the service portfolio management has access to the potential cost of running a new
service as well as logistical information.
IT Service Management includes IT financial management as part of the service strategy. The activities
necessary are well understood in ITAM as well as how to relate it to the financial management of the

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

organization. It is a natural fit for ITAM’s IBPL to include recording and managing costs. In contrast, it is
extra domain knowledge for IT Service Management. It has to be based on ITIL’s SACM anyway, which
ITAM already supports.
One aspect of ITIL’s demand management is influencing the usage of assets, which is often based on how
the costs of the IT assets or services are distributed. The detailed asset usage information is a powerful
negotiating tool when the price of services is discussed, which happens when chargeback is implemented
or an external service provider is being used. Even when a fund transfer is not involved; there is still a
strong need to show the IBPL’s ITAM statistics to illustrate why user behavior needs to change.
However, the most important parts of ITIL demand management are the analysis of the business
patterns to plan the capacity needed, the changes in the infrastructure and future asset acquisition or
disposal. The analysis is based on asset usage and changes in the business, which in turn relies on
information such as changes in the requirements for services and assets and utilization of the available
capacity. The analysis cannot be performed without proper information about the lifecycle of assets as
specified in the IBPL. When the analysis is properly performed, it provides solid input for the
management of business relationships, as it requires understanding how the business operates.

SERVICE DESIGN
In ITIL, the detailed description of what a service should look like is created in the service lifecycle stage
called Service Design. The core artifact produced is a service design package that includes the
documentation to properly initiate, implement and maintain a service.
The first step in the service design is establishing the coordination process, a process similar to project
management. The goals for this process are to assure that the resources are properly allocated and the
outcomes of the service design meet the requirements. Optimal allocation of resources requires
knowledge about resource availability as well as the details about their end of life, potential need for
movement, maintenance contracts and other aspects maintained in the IBPL’s ITAM program.
The service catalogue is a very important tool used in negotiations with the service customer (the
business), and also as a basis for service maintenance planning. The service catalogue presents
information about the services including the agreed upon service levels and other details that affirm that
a specific service is available from the service provider organization. It also facilitates understanding the
choices available to the service customer. The nature of these services is not clear without the service’s
asset information maintained by ITAM.
To prepare a service, there are two elements that must be planned in advance and then constantly
monitored. They are capacity and availability of the service. The capacity planning uses the information
about the distribution of the assets in the infrastructure together with the information about the used
and available capacity of:
 Storage
 Power of processors
 Bandwidth of network connections
 Other asset capacities
When service capacity is planned, the available assets’ lifecycle states must be known, as some of the
assets may be reused or partially reused, and some assets may not be available as soon as needed.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

ITIL’s availability management has an even greater need for detailed information about the state of the
assets as part of the tasks to manage and plan for the potential outage of infrastructure elements.
Besides the operational information about the relationships between infrastructure elements stored in
the Configuration Management System (CMS), the asset repository provides valuable data that helps set
expectations regarding specific assets. The IBPL’s asset information can include backup plan, age of
device and details from the maintenance contract regarding replacement and reaction times. The
availability of a service depends on the service assets and that information is provided by ITAM.
Information security is planned when the service is being designed. Information security is based on the
analysis of risks associated with “information assets,” which are the assets that store or process
information. Note that information security is not limited to IT assets and includes things like paper
notes with potentially important information. However, identifying all of the information assets is the
first step to securing the service as well as the information assets. In fact, the lack of asset identification
is the number one threat to information security. The IBPL addresses this need with a Key Process
Area called Asset Identification.
Once all the service assets are properly identified, the next step is to decide how they impact business
operations and, of those with some level of impact, which are critical in case of a disaster. This decision
is primarily decided by the organization as part of business continuity planning, but those decisions must
be associated with specific assets as documented in the IBPL.
The last piece of the service puzzle is the list of suppliers. Vendor management processes are strong in
an ITAM program guided by the IBPL, providing not only information about the vendors but also on how
to deal with all kind of suppliers, including the internal suppliers of the service being designed.

SERVICE TRANSITION
With the service designed, it is ready to be moved into production. Regardless of whether it is a new
service or a modified existing service, it has to go through the controls that verify whether
requirements have been met.
The most important process at this stage is ITIL’s change management. Change management in ITIL
differs from the process of the same name in project management as it has a higher level scope. ITIL
change management controls and initiates projects and each change in the infrastructure has to be
initiated, documented, analyzed, and then monitored. Though the ITIL change management process
includes all of the changes in the services, the majority of requests are registered in the IBPL’s request
and approval process. After change management has controlled and initiated the projects, service
transition continues with implementation, which is ITIL’s Release and Deployment Management. It is at
this point that knowledge from project management and the lifecycle of assets is very useful. Changes
are packaged into releases and then deployed into existing services or as new services. Correct
introduction of changed or new services into the infrastructure includes validation that requirements
have been met through testing. The IBPL’s ITAM program contributes the registration and collection of
requirements. These requirements have to be understood and some negotiated, which is, conveniently,
a standard part of the job description for an IT Asset Manager.
Throughout the transition of a service, the information about the elements of the infrastructure, both in
the form of assets and configuration items, must be properly used and maintained. This topic was
described previously in this whitepaper, but it is important to highlight that the knowledge is itself an
important asset of the IT organization. Documentation Management, an IBPL KPA, is required to store

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

and link records such as asset records and service details. When an ITAM program is present, ITSM can
take advantage of the documentation management process already available.

SERVICE OPERATION
The service operation section of the IT service lifecycle is where classic IT service activities are
performed. These activities include direct contact with the users to resolve their issues and operation
of the service elements to run the service appropriately. Since ITAM provides more strategic and
business related information, the service operators typically use the processed information that is
collected in a CMS or in other tools directly related to their work. They may also use the raw data
coming from their tools. In some cases, ITAM and ITSM tools overlap such as the discovery tools that
provide data about the current environment. However, there are other strong relationships with ITAM
worth mentioning.
The first one is related to the request fulfillment. Many requests relate to the asset lifecycle, acquisition
or relocation requests. Such requests should be handled through the process established by the IBPL.
Another important relationship is that between IT asset management and the service desk. ITAM can
benefit from working with the service desk team and from the incident records in the service desk tool.
Information about asset performance such as the number of incidents is valuable for the IBPL KPAs of
Vendor Management and Acquisition Management.
Also, some operations related to the users and the changing state of their devices should follow IBPL
procedures and policies.
In organizations that follow ITIL guidance, the need for the ITAM program and the structure of the IBPL
grows as their service management processes mature. At some point in the maturation, an ITAM
program simply becomes a necessity. There is a strong consistency between ITIL and the IBPL that
includes principle and process aspects. Adopting both frameworks delivers benefits to both programs
and the organization as a whole. Organizations naturally adapt guidance to meet their own needs as it is
implemented, but when an organization uses both of these frameworks; their processes achieve
maximum control of the environment.

SIX MAJOR WAYS TO OPTIMIZE ITAM


Changes in overall IT management inevitably affect asset management in organizations. In fact, upgrading
your ITAM is one of the fastest, and in many cases simplest, way to optimize general IT operations.
Through strategic optimization (that doesn’t require fundamental changes), you can reduce the cost of
asset management and by default overall IT management. You provide greater value to the business by
freeing yourself to focus on service.

MANAGING IT RISKS
Fixing IT risks these days must extend beyond the standard “tell employees to create good passwords
and change them often” - though this is still critical as the recent OutBrain security fiasco proved. The
freedom of choice that many companies give their employees nowadays - whether it is by bringing their
own device (BYOD) to work, or choosing which apps they want to use - complicates overseeing risks.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

As they have done before, IT departments clearly have to watch out for threats such as viruses and
worms that affect company devices. What’s different is that they now have to protect against them in a
much more vulnerable environment and one that will only become more open to breaches throughout
the coming years. The increasing diversity of services, programs, and devices in the workplace, a
diversity that is constantly expanded by the BYOD mindset, can both create an influx of malware as well
as an increase in the risk of enterprise data leakage.
To stay on top of all of these increasingly complicated risks you need to know exactly what assets you
manage within the company. When it comes to ITAM, IT security and risks can be mitigated and
minimized by having an effective solution in place. It also helps to know where assets are and who is
using them so that if breaches do occur, you can quickly pinpoint the cause and location.
Advanced management solutions are effective at securing “the risks of the future” because they send out
agents to all laptops and devices. These agents report back to the IT department with information as
basic as the asset’s model type, or as advanced as which outdated programs are installed. Solutions like
this build a vitally transparent hardware and software inventory. They are important because they make
it easy for any IT admin to instantly see if an employee hasn’t downloaded proper anti-virus, or is using
suspicious software.

ASSET MANAGEMENT FOR MOBILE DEVICES


One of the biggest security threats that will continue to grow, as mentioned above as a result of BYOD,
is through mobile assets. In 2012, Microsoft’s Trust in Computing Research project found that 67
percent of people use personal devices at work, regardless of the office’s official BYOD policies. This is
frightening only when taken in conjunction with how little employees know about mobile security
threats. The 2013 Data Protection Trends Research, conducted by the Ponemon Institute, tested 4,300
respondents worldwide. The researchers found that 77 percent of employees haven’t yet received any
company education about the risks related to BYOD.
It isn’t surprising then that there will soon be a huge spike in compromised enterprise devices.
According to Gartner's “Top Predictions for IT organizations and Users, 2013 and Beyond” through
2014, employee-owned devices will be compromised by malware at more than double the rate of
corporate-owned devices. This puts device and app management high on the priority list for business
and IT leaders alike.
Security and support will go hand-in-hand as diversification of devices grows. Enterprises with BYOD
initiatives should establish clear policies that outline which devices can be used, for what work purposes,
as well as what can be downloaded on to them.
The bottom line is that mobile device management (MDM) will be an essential part of IT asset
management in 2014 and beyond. IT departments will have to decide which devices employees are
allowed to use, know what is installed on these devices, and where they are located.
Optimizing a company’s mobile asset management comes down to thoroughly reviewing, and if
necessary, updating and extending the enterprise policy on mobiles. This also means that security
professionals will need to monitor vulnerability and security incidents that involve mobile devices, and
respond immediately with policy updates. Make sure your policies are dynamic enough and clear
enough to all employees.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

Again, what will become the essential aspect of updating an MDM policy is employing an asset
management system that has MDM capabilities. This will allow IT critical insight into all mobile devices
used within the company, while enabling them to potentially prevent mobile risks.

CONTRACT AND SOFTWARE USE AND COMPLIANCE


The bring-your-own mindset has already spilled over into the realm of software and services at
enterprises. Besides the security risks that were highlighted above, this bring-your-own software trend
also affects contract and license compliance at organizations. So, while you may have your hardware
management down, software is a bit trickier and makes having a robust asset management solution all
the more important.
In a nutshell, being software compliant means being able to demonstrate that you have the correct
number of licenses paid for and accounted for on your systems. “Matched” compliance means you have
reconciled original invoices that include upgrades from prior version software, so you also need to
demonstrate that you have retained all the relevant media. This is complicated in the increasingly
“clouded” world of software and enterprise services where subscription-based models are more and
more common. Where before much of the software a company used could be purchased once, now
you have to constantly watch out for renewal dates.
Unnecessary software licensing is also a big drag on budgets and one that can be easily avoided. IT
departments can show quick increases in budget efficiency if they stay on top of these issues, but to do
that they have to know exactly what is installed across the company’s network.
Optimizing this process has to involve opening clear communication lines with other departments so
that it’s possible to know how many employees are using which programs. You can also optimize
managing software usage by performing regular checks (through ITAM software agents) and sending
simple surveys to departments to compare what software exists in the network with what is actually
being used. This type of surveying is also important when it comes to staying compliant. When
different departments download programs and then eventually stop using them, it is easy to forget to
cancel subscriptions.
With regards to IT audits, a clear methodology for checking software usage, in addition to using ITAM
software that automatically logs contract and subscription terms, is increasingly important. It is
unnecessary to discuss the serious repercussions of finding yourself unprepared in the midst of an IT
audit. Step out of line and you face the prospect of an expensive “true-up” process. You may also be
saddled with fines and settlements if your organization is caught with an incorrect amount of under-
licensed software on your systems.
At the end of the day, software asset management is an area that is quite easy to improve by taking
simple steps that save a lot of money and headaches, so it’s a good place to start improving.

TAGGING: QR CODES ARE THE NEW BAR CODES


As you’ve probably realized, the optimization tricks center around effective organization. The same
goes for clear tagging which is a real-world equivalent of creating a software inventory. Tagging using
QR codes can make a world of difference for your ITAM. Everyone these days works with mobiles, and
the overwhelming majority are smartphones that can read QR codes using simple apps. Good ITAM

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

software also has tagging capabilities that allow you to print and save codes which can then be
associated with assets.
With this kind of tagging, you get a twofold advantage: it becomes super easy to associate hardware
with the information you have stored about its digital content; and you make it possible to give much
more effective help desk service. Imagine that a service desk worker goes to take care of a faulty
laptop. He can immediately scan the laptop’s code, without having to go back to his office or search the
database, and know exactly how old the laptop is and what is installed on it. Tagging can help with
productivity and promotes effective work by making it easier to stay organized.

NON-MANAGED ASSETS
We’ve discussed asset management when it comes to traditionally considered hardware and software,
so it’s also worth mentioning a different, relatively simple way to optimize your inventory management.
This can be done by considering the mostly overlooked non managed assets that exist in every
organization: keyboards, screens, routers, and switches - down to the coffee machine (a critical IT asset
itself). These kinds of assets are simple enough products that they don’t require too much time and
energy to manage them.
The best way to do this is through the same tagging process mentioned above. This strategy is not to
be overlooked. It is common to see too many hardware assets, like computer mice, in a large company
that over-orders stock. Now and into the future, anything that optimizes costs and establishes IT’s
credibility within the enterprise must be given adequate attention. Keeping close track of these assets is
relatively easy, and it’s also easy to know how much money you are saving or wasting on them.
EXAMPLE: CLOUD BUDGET FOR THE NEW YEAR
 It is obvious to everyone in IT that the enterprise’s cloud budget is only going to increase in the
next few years. Even now, it’s already a large portion, if not the largest, of the IT budget in
many organizations. A big warning for making the new cloud budget is not to get caught up in
the frenzy. Over-provisioning of cloud space, i.e. buying more than you need, has become too
common a symptom of this frenzy. A lot of organizations that deploy applications on public
clouds are then surprised with extremely high bills that can be avoided.
 One of the ways to optimize costs on cloud assets is to analyze your spending to identify
unnecessary spending, unused resources, and over-provisioned services. These actions can
significantly reduce costs because they give you an ongoing and proactive control of a growing,
and increasingly complex, budget area. Visibility into how your budget is spent is the first step
to optimizing cloud spending.
 It is key to treat and present enterprise asset management as a business investment. Every
authority on IT management has deemed aligning IT with business goals as one of the top issues
that IT departments face and must find ways to solve. As employees, and in turn the enterprise
as a whole, begin to doubt the usefulness of the IT department, it has to be made clear that tech
developments and changes are actually making ITAM more critical today than ever before.

TOTAL COST OF OWNERSHIP


Total Cost of Ownership (TCO) is a widely accepted financial calculation used as input to acquisition
decisions for information technology (IT). Including all types of IT assets such as hardware and software,

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

and a wide catalogue of sources such as maintenance agreements and purchase records, the
development and use of TCO requires careful consideration. Since achieving maximum value from the
investment of assets is essential to IT Asset Management (ITAM), a further examination of TCO and
how it is used by organizations is an important aspect of IT business practices.
Although TCO is widely used in IT, it is not unique to IT acquisitions. All TCO models achieve the
same mission of providing measurement support for financial decisions, but the calculations may differ
between industries and add confusion. An IT definition of TCO from the World English Dictionary
states that TCO is “…the real cost of owning and using a piece of equipment such as a computer, taking
into account the price of the hardware, software, maintenance, training, and technical support that may
be needed.”
The primary use for TCO is as an information source during the acquisition selection process. Financial
analysis beyond the initial price tag increases the understanding of what the “real” or true costs will be
from beginning to end of the asset’s lifecycle. However, TCO does not include every possible cost and
the word “real” in the definition above may be misinterpreted as “every cost.” To be part of a TCO
calculation, the cost must be predictable, measurable in a repeatable manner and cost effective to
obtain. These criteria are especially important if TCO is more than an ad hoc calculation during a
specific acquisition and is instead a routine calculation that is part of managing the asset portfolio over
time.
With relationship-building as a best practice and a portfolio management style for assets, an IT Asset
Management program utilizes TCO to evaluate acquisition choices throughout the period of use and
disposal. Tactical and strategic decision making are strengthened by assessments that include
measurements such as TCO as part of the ITAM data evaluation.
With TCO as part of the management of assets, taking an active role in defining the data points and the
calculation itself is a valuable method of gaining insight into the often conflicting criteria surrounding
acquisition choices. The experience also helps to put vendor recommendations, including models for
TCO or ROI (Return on Investment) into perspective.
To further define TCO, consider details beyond the general categories for data points in the TCO
definition above. Examples of details to consider are:
 Choosing the appropriate level of detail and number of data points is a challenging element of
that the TCO does not include ongoing or people costs.
 TCO calculators that include additional criteria increase the calculation’s credibility and
hopefully reduce the discrepancy between the estimated and the actual costs for the
organization.
 TCO calculations are a significant influence in any purchase decision. The responsibility includes
making decisions about the variables, estimating impacts and documenting the reasoning.
Improving development process for TCO requires examination of each of these aspects. TCO
analysis becomes another measurement for the success or failure of the processes within IT
Asset Management. Key Process Areas (KPAs) such as Vendor Management, Acquisition
Management and Compliance Management have processes that are improved by the use of TCO
and by auditing TCO for accuracy and effectiveness. Consider the following short lists of
questions as a starting point for assessing the use of TCO for purchases and for strategic
feedback:

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

 Data points: Were the correct costs chosen? Were any costs uncovered that should be
considered in other similar purchases? Did the TCO identify the chosen product and if not,
why not? Have these data points been updated into the asset repository for future analyses?
Have additional lifecycle data points been identified for year three/five TCO recalculation? Are
the estimated data points documented for further use or review? Are sources of information
noted?
 Length of asset lifecycle: Was the longevity projected for the asset accurate? What percentage
of assets had periods of use significantly different from expected and why? What were the
failure rates for the asset? Assess the impact of these time frame changes and document how
the actual time frame would have affected the TCO.
 Vendor negotiations and contracts: What areas were negotiable and non-negotiable for a
vendor? What were the discount opportunities such as volume purchase discounts or bundling
discounts? What is the current status of compliance? What is the satisfaction rating of the
vendor and what are the perceived strengths and weaknesses in the relationship? Are there any
options or choices on data that improve the TCO calculation to better reflect the actual
experiences with the vendor?
 Estimations and conclusions: What was originally projected as the TCO for the purchase? How
close were the actual numbers to the projections? Was one cost incorrect or was it a more
widespread issue? Is there an identifiable pattern? How does the TCO methodology compare
to vendor models? What other calculations (such as ROI) should be considered? What updates
to industry standards have occurred?

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

ITAM BEST PRACTICE MODEL

SELF-ASSESSMENT
The starting point for building a best practice process does not involve creating anything new. Self-
assessment is step one in this development and focuses on identifying the existing elements of the
program. The information collected in an assessment is similar to creating an inventory, but instead of
focusing solely on asset data, the information includes all of the elements of the ITAM program.
Of course, any ITAM self-assessment starts with identifying the assets included in the ITAM program and
the data available on those assets. For each KPA, additional information is inventoried such as the
action steps taken, the information surrounding and describing the assets relevant to the KPA, and the
roles as they are currently defined.
For instance, if you were building a Disposal Management KPA, you would need to gather information
about the assets that you currently have in your environment (part of the Asset Identification
Management KPA) including mobile assets, lifecycle information such as purchase dates, contract terms
and conditions (part of Acquisition Management KPA), if the assets are leased or owned, current
disposal regulations, proposed disposal legislation (Legislation Management KPA), information about
purchase and disposal vendors (Vendor Management KPA), etc. It is important to note that an
assessment does highlight the interrelationships between KPAs.
The list of gathered information noted in the prior paragraph is a brief example of the detail that is
necessary in a self-assessment. The idea is to gather as much current information as possible that
concerns any aspect of the KPA that you intend to rebuild or formalize. Other necessary data that will
be related to this and other KPAs such as budgets, personnel allotment, schedules, organizational goals,
existing policies, etc. will also need to be part of your assessment. Gathering all pertinent information
delivers facts and data, but it also helps expose the purpose and requirements for that KPA.
As you begin this process, these steps take time to execute and since IT Asset Management is a
constantly moving set of processes, some changes will occur during this process. With reasonable limits
on scope, the farther you progress in this venture, the more you will be able to accommodate change as
each step clarifies how to organize an ITAM program for long term success.

CREATE A SWOT FROM THE SELF-ASSESSMENT


For those familiar with business analysis or product selection projects, the SWOT analysis
recommended here is the same SWOT analysis of Strengths, Weaknesses, Opportunities, and Threats.
SWOT analysis is a methodology used whenever a planning activity requires careful assessment of
competing choices.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

In this step, all of the information gathered during the self-assessment is analyzed for strengths to utilize
and build upon, weaknesses that need to be addressed, opportunities to be harvested as well as
anticipated threats that could hinder or derail the whole process.
In addition to being a necessary step in preparing to create, document and implement a new process,
identifying the strengths, weaknesses, opportunities and threats for one KPA contributes to the
understanding and self-assessment necessary for developing the other KPAs.

ALIGN KPAS FROM “IS MAP” TO “SHOULD MAP”


Step three has multiple tasks, each essential to building a program that delivers long term success. The
first task is the examination of this KPA against the 11 other KPAs. For instance, while developing the
Disposal Management KPA, the relationship with Program Management, Policy Management, Financial
Management and other KPAs is conducted in this step.
The goal of this alignment is simple; in an efficiently run business environment, no process executes
alone. All business units, processes, data and automation connected to the process are identified at this
point. The alignment includes communication and education tasks as well as data/system input and
output reviews. A Data Flow Diagram is an excellent graphic to use for this task.
The knowledge gained so far is summarized in the “Is Map”, which is the assessment of the current
environment. To document direction, the “Should Map” is the ultimate KPA implementation that fulfills
the goals for ITAM to the best achievable level. The “Should Map” is not necessarily achievable in a
single project or year. From this map, ideas for analysis, projects and opportunities are generated as
progress is made. ITAM is a quest for the ultimate goal achievement rather than a destination. Without
a plan or in this case an effective map, it is hard to reach the desired goals.
Imagine a representation of this mapping as a lateral timeline, with points of achievement clearly marked
along the path of time from the inception of the organization through current and projected dates of
accomplishments. Along the way, there are markings for milestones which are the stopping points to
measure for goal progress. In this view, the milestones can also be interim goals. Although the
projected path becomes less sure as the timeline extends into the future, it can still provide guidance to
current actions.
However you choose to represent the path to organizational success, that path has to be shared for all
business units to understand and invest in. Communication is essential to the delivery of the optimal
cooperation and value.
These maps represent the processes in their entirety, crossing departments and individual roles. ITAM
processes must interface with many areas within the organization and this step is the beginning of the
alignment of KPAs, the business units and the same organizational goals.

IDENTIFY ROLES AND RESPONSIBILITIES


When you need to purchase an asset, does one person normally research the need, contact the vendor,
purchase the asset, install and test the asset after configuration modifications, ensure compatibility with
the existing environment, maintain all documentation, plan and execute all disposal requirements, and
maintain all necessary documents for the life of the organization? No, not unless the organization is
VERY small. Even if there were such a super process person, what happens if or when that person no
longer works for the organization?

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

All of the tasks in the processes are the responsibility of a role, not a person. For instance, when
purchasing an asset, the process should include interfacing with procurement and receiving departments,
(as assets are tagged and entered into the system as part of the acquisition team), an end user
department (where the asset will be assigned), and on through the lifecycle steps of payment and vendor
management. Identification of the matching roles to these tasks is the next step in developing an ITAM
program.
Identification of roles and responsibilities eliminates haphazard business practices. because it creates
transparency for the process and is the first step to processes that can be audited. Unlike a human
resources job description, responsibilities are more clearly defined if assigned to a role, rather than to a
person. Roles do not map one-toone to the number of people involved in the processes. Roles may be
filled by multiple individuals or a single individual may have more than one role, depending on the role.
With that in mind, it is necessary to identify the roles that take part in a KPA and the responsibilities
that come with that role. For best results, identify the roles that interact with the ITAM-specific roles
as your organization’s definition of ITAM most likely does not include all aspects of asset management.
Additionally, there are job functions such as finance and end user that are naturally in other areas of the
organization.
In the table below, some of the Disposal Management KPA’s roles are listed as an example. Depending
on the organization, these roles may be filled by one or more persons. Roles may also be intertwined
with a variety of departments within the organization.

SAMPLE DISPOSAL MANAGEMENT PROCESS ROLES

Task Description Role(s)


Request asset removal Program Owner
Disposal reason data base entry Disposal Management Personnel
Data removal, software harvest before Technical Personnel, Program Owner, Security Team,
disposal Disposal Management
Personnel
Disposal method selection Finance Manager, Disposal Manager, Legal,
Executive Sponsor, Security, Program Owner
Internal communications and education Disposal Management Personnel

IDENTIFY THE NEED


At this point in the development process, a good deal of information has been gathered about the
existing ITAM program elements. The mapping tasks in Step three have outlined the overall direction
that you want to achieve for the ITAM program. This step is an analysis of the needs that drive each
KPA as well as the overall program. By focusing on the needs that are driving the creation of a KPA,
you have the opportunity to step back and examine business drivers for the organization and how each
may relate to the KPA. Business drivers are broadly defined business needs such as risk mitigation,
innovation or cost savings. Relating these business drivers to the KPA specifically helps prioritize short

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

term and long term development goals, linking the ITAM program growth to the needs of the
organization.
A similar review of the major divisions or departments within the organization may also be valuable in
aligning the KPA development and achievements to those that offer the most perceived value to the
internal customers. This needs analysis is an important step in building cooperation and commitment
across the organization.
Since KPAs and the program in general may span many departments, the needs analysis should also
review the associated areas such as determining the expectations for IT, the goals for IT Procurement
or the needs of the lifecycle support team. Any changes that are made in one process area are
inevitably going to affect other portions of the organization. As illustrated in the roles and
responsibilities example, the specified area is the disposal process, yet many other portions of the
organization are necessary to make that process effective.
Stay focused on the current business drivers, and how fulfilling those needs will positively affect other
parts of the organization. Business drivers are not static and will change, but unless there is a significant
organization status change such as a merger, investing in the current business drivers is a good way to
build an action plan that is relevant and understandable.

CREATE A COST BENEFIT ANALYSIS


At the end of step five of this 14 step process, the plan to build the KPA consists of specific activities
and milestones mapped out as attainable and that are anticipated to meet the needs determined. This
step begins the process of building the justification for executing the project, beginning with an
examination of the costs through a cost benefit analysis.
The cost benefit analysis is a way of estimating the validity of the proposed actions and defines the
anticipated success after project completion and for some period of time after. Benefits in all areas
should be described by value, even if estimation is required.
A spreadsheet can be used to determine if the budget supports the changes necessary to establish a
KPA. In addition to the development costs, the spreadsheet contains the calculated savings over
established periods of time. Risks that will be mitigated or eliminated are listed as examples of what it
may cost, using current data, if the project is not done. Anticipated increases in productivity are
provided either as time saved or as percentages to define the expected benefit from the proposal.
Probably the most important aspect of the cost benefit analysis is that the combined information will
also show if the overall results will be negative. A decision has to be made about whether to reassess,
cancel or push forward. If the decision is made to reassess or cancel, the advantage is that it was
uncovered during the planning stages, and not after funding is allocated or spent.

PREPARE A BUSINESS CASE


The development of business cases is well-documented and not repeated here. However, the
importance of the business case cannot be emphasized too strongly as a means of conveying your
intentions to the appropriate executives in an effective manner.
A business case is written to justify the resources and capital necessary to fund the project and the
program over all. While the business case covers the financial aspects in full detail, it also summarizes

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

the facts as they are understood, showing the progression to a solution. The purpose of the business
case is to tell the story in a manner that brings the executives into the research and conclusions without
requiring them to wade through all of the research themselves. The connection between needs and
actions as well as the costs and benefits must be part of the business case.
The information in a business case should be presented in a way that is understandable and even
interesting to the intended audience. After all, the business case must convince the executive powers
that your plan is a “must have” for the betterment of the organization.
The business case summarizes the following elements with enough detail to provide an understanding of:
 Why this plan is necessary
 How this plan is going to solve current issues, or provide opportunity to the organization
 What the outcomes will be if the plan is or is not initiated
 Where and when the benefits will be realized
 How much funding and resources will be necessary to realize maximum benefit to the
organization

OBTAIN EXECUTIVE BUY-IN


Research confirms the need for an improved/new KPA and you have just prepared a very convincing
business case. Your cost benefit analysis indicates significant benefits derived from executing on the
project. So, how do you gain that elusive executive buy-in?
With the business plan and cost benefit analysis in hand; it is time to use your negotiating skills to
present your plans effectively. Begin your efforts just as a negotiator would begin to work with a new
contract and develop a plan for your presentation.
Learn about the executives that you need to influence so that you understand your audience. Who is
the executive that you need to convince to buy into the KPA creation plan? Does this executive
understand the importance of an ITAM program? How do you intend to approach this executive to
ensure a positive reaction, followed by continued support? One successful strategy is to find out this
person’s scope of responsibilities, stated goals, and preferences for presentations as well as current and
long term issues from this individual’s perspective.
The next area to work on is summarizing the needs and numbers so that you can use them effectively.
Executives normally have only a short amount of time to give to a topic and very much appreciate a
well-tuned and informative proposal. Although you cannot present all of the underlying details, be
prepared to answer questions on any summarized results or values on the spot.
Consider how the planned change and results will impact the executives and be prepared to answer that
question or to use your synopsis as a closing argument.
Relating your plans to their goals and responsibilities increases your visible relevance. Your odds for
approval increase even more if you show direct benefits.
Confidence in your project is essential as you will be judged based on your presentation, the answers
you give and on the summary documents given to the executives. If the executives see a solution to

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

existing problems and an overall gain by accepting your proposal, then it makes good business sense for
the organization to support your proposal.

DEVELOP A PROJECT PLAN


Every project that goes beyond the conception phase must have a well-defined plan. As stated by Alan
Lakein “failing to plan is planning to fail.” The plan embodies the direction for the project and lists the
specific tasks, resources, timeframes and measurements. If there is no plan, how can success be
accurately measured? How can you evaluate progress, or determine the ongoing status during the
project?
Since the project plan is the framework for the project as execution continues, the plan has to
summarize the following:
 Stakeholder expectations
 Rewards and risks to the organization
 Project charter
 Project scope
 Background information such as approach
 Constraints and critical dependencies with related projects
The project plan should also use these standard project management techniques:
 Forming a project team
 Procedures to track and control project progress
 Defining the Work Breakdown Structure
 Implementing a Standard Task Unit for repetitious tasks
 Creating a network diagram for task relationships
 Developing a project change management plan
 Building a project communication plan
Project plan development is essential and requires planning itself. By following these steps, you have the
opportunity to build a plan based on the solid information gathered throughout the preceding steps.

DEVELOPING AND PRIORITIZING PROJECT COMPONENTS


The previous project planning step describes the adoption of standard project management techniques
to build the structure for the project. In this step, the focus is on prioritizing the actions, or project
components, so that the objectives for the KPA creation process are met and consideration is given to
the long term goals of the ITAM program.
What are the components necessary to realize the objectives of the KPA creation process? In which
order should those steps occur? Prioritizing can best be viewed as the development of timelines or as a

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

critical path where one step must happen before the next. Prioritization may also identify actions that
need to occur concurrently, which requires special planning of shared resources.
An analogy to this development and prioritization is the building of a house. The foundation must be
laid before the walls of the home are erected. After the structural walls are completed, the roof can
then be added. However, once the roof is on, numerous internal tasks can happen at the same time
such as those handled by the plumber and the electrician. Proper development of the KPA requires the
same type of prioritization, using a systematic and logical plan of events.

DEVELOP PROCESSES
A process is defined as a specific course of action intended to achieve a result, and in a work setting, the
result is a specific business outcome.
Success is not the completion of the process itself, but the achievement of the desired end result by
using the process. In this step, the execution of project processes will be discussed as well as the
business outcome of the project which includes ongoing processes.
Project processes are documented in the project plan. For clarification, let’s look at the correlation
between project components and related processes. If the KPA that you are creating is Vendor
Management, the project would be the creation of that KPA. Part of the creation process will include
specific and necessary actions such as the gathering of vendor information. This information includes
demographics, company background, products and services, prices, history, references, etc. The next
project tasks are to develop the evaluation methodology for vendors and the process for maintaining
the accuracy of vendor information over time.
The end result of the KPA creation project is a set of processes that are ongoing, such as executing on
the collection of vendor information, conducting the evaluation defined during the project, and
continuing on to the additional process steps that support communication with vendors to build a win-
win relationship. These processes are part of the Vendor Management KPA and success for the project
is dependent upon the development of these processes. Long term success comes from sustaining these
processes, offering the anticipated value described in the original business case.
Another example of project process versus an end result is the determination of whether a new type of
asset needs to be managed in the ITAM program. A project built to weigh the value of managing versus
the risks of not managing is undertaken, and when the project ends, the actual KPA processes are left in
place. In this example the process for determining whether to manage an asset type requires
systematical evaluation of criteria such as cost, risk, value of the assets, longevity, mobility and other
factors each time a new asset type is introduced. The recurring process kicks in when asset valuation
changes, when needs change or when technology changes.

DEVELOP ORGANIZATIONAL CHANGE PLAN


Change is constant and a part of every business activity. Business drivers change due to internal and
external forces that may cause redirection of efforts to new or altered goals. Changes within the scope
of a project are called scope creep, and when unmanaged, change can cause a project to fail. Managing
change should be anticipated so that it is managed effectively in order to minimize damage to ongoing
activities while remaining as relevant to business needs as possible. Controlling change requires a
process that is described in a change management plan. The change management plan defines the steps

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

that evaluate a change and determine how or if the change impacts current projects or processes and
net worth to the organization.
A change management process is normally enacted and maintained by more than one person, so that
decisions are a team effort to produce the best results. The plan has to be a clear and effective process
for evaluating and tracking change requests, analyzing the impacts of change, and deciding whether to
incorporate change to benefit the organization.
It is important to remember the impact of change on individuals. Change is not always perceived as
positive because it may create fear and doubt regarding the future. Some changes are perceived as
negative such as the ramifications from someone leaving the business unit or organization. Change can
also have unexpected consequences to people as well as process. For these reasons, changes and the
impacts should be monitored and managed as part of the organizational change management plan that
encompasses projects and personnel throughout the organization. Since IT Asset Management processes
support everyone in the organization and involve people from many departments, managing change
when building KPAs, and over time, are critical to the ITAM program’s long term success.

DEVELOP POLICIES
Policies are guidelines for the behavior of employees and are supported by consequences. Well written
policies identify the audience for whom the policy is intended, the reason for the policy, the specific
behavior that is allowable or not, and the consequences for going against the policy.
Because of their role and significance, policies must be clearly defined and completely understood by all
personnel. It is common to require personnel to attest to their understanding of a policy by signing a
document that states that they understand and will adhere to the policy mandates.
Accuracy and relevance of policies is maintained by periodic reviews, and updated as necessary.
Personnel are normally reintroduced to policies as they are updated, or during annual performance
review periods. Communication of policies is essential for compliance.
One of the most important aspects of policy management is that policies must be equally enforced.
Without equitable and consistent enforcement, policies lose value and endanger the organization.
As part of developing an ITAM program, policies should be reviewed as part of each project effort and
language updated as necessary. Since ITAM provides services to all employees and has the responsibility
for managing the risks and investment represented by assets, making corrections to incomplete or
missing policies is essential to project success as well as long term success.

DEVELOP COMMUNICATION AND EDUCATIONAL PLAN


Communication has been mentioned at many steps in this plan to develop KPAs because of the
important role communication has in building cooperation, commitment, understanding and ultimately,
processes that work. Since no business unit stands alone, communication and education are imperative
for KPAs to be fully functional and effective.
Much like the Policy Management KPA, a communication and education (C&E) plan is a process to be
established, then monitored and reviewed on a regular basis to ensure effectiveness. A C&E plan has
many goals such as disseminating information about policies and training personnel on how to comply
with those policies.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

Communication between business units and ITAM is essential. For instance, if an Acquisition
Management KPA is being developed, communications between acquisitions finance and legal
departments are required on an ongoing basis.
Training also has to be part of the regular schedule of events in order to keep up with industry changes,
new legislation and new personnel. Refreshes over time are also important in the busy and stressful
work environment.
These steps define a development methodology that, when followed, leads to the development of
effective ITAM processes. The steps also illustrate how to develop an ITAM program that is appropriate
and relevant for the organization’s unique combination of business drivers, goals and issues. By
executing these steps, the ultimate goal of building a mature IT Asset Management program that delivers
maximum value is attainable over time.
For more detailed information on KPAs, IAITAM publishes the IAITAM Best Practice Library in book
form. Access to a networked version of the Best Practice Library is available by subscription to ITAM
360©, also available for purchase from IAITAM.
For further instruction on planning and process development, IAITAM’s CITAM course and certification
is available in both private and public workshops. Aligned with the IAITAM Best Practice Library,
CITAM is designed so that each attendee creates a foundation plan for starting or improving their
organization’s ITAM Program.

LINKING IT ASSET MANAGEMENT (ITAM) TO STRATEGIC INITIATIVES


ITAM lives in many worlds, and can sometimes struggle in finding a solid home within an organization.
This includes often not being included as part of an organizations strategy. Stronger strategic alignment,
and a more formal definition of ITAM measurements, helps organizations leverage many of the benefits a
good ITAM program brings. A few items are important to define and review. First a discussion of the
now established concept of a balanced scorecard along with the slightly less established information
technology version of a scorecard, followed by a quick overview of ITAM strategic drivers and how the
ITAM key processes areas are organized. Finally, included is analysis around modern financial
measurements and how to link everything together.
Organizations undertake strategic initiatives to advance their overarching vision and strategy. Generally
speaking there are four types of strategic initiatives organizations undertake. They work to improve the
financial performance or viability of the organization, improve the relationship between the organization
and its customers or clients, improve internal processes, or work to position the capabilities of the
organization for improved learning and/or grow (sometimes a more modern term is used here,
organization capacity). In the modern-day this has been summarized in something called a Balanced
Scorecard (BSC), intended to be a simple view of the organizations strategy that can provide data for
choosing/measuring strategic activities. As a note, there has been some meaningful criticisms of the
balanced score card, however generally speaking, as a high level tool for simplifying a rather complex
subject, and as a means of simple classification and visualization, a scorecard is a reasonable instrument,
as long as it is used as intended and not brought to far down into daily decision making and tactical
operations. The Balanced Scorecard Institute seems to be one of the primary drivers and stewards of
this concept (http://www.balancedscorecard.org).

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

Information Technology (IT) departments have, over time, adopted the classic organization scorecard to
be usable from a department strategy perspective. This does not replace ITs contribution and alignment
on an organizational BSC, but it does provide a separate yet similar tool that can be used as an internal
measuring device. There are some changes on an IT specific BSC (ITBSC); the financial measurement is
generally replaced with a corporate contribution measurement, the customer concept is replaced with
an internal focus on user orientation, internal process are refocused to operating excellence, and the
learning and growth component instead focuses on a futures orientation (meaning how well the IT
department is prepared for emerging opportunities). These concepts have generally evolved from
ISACAs creation of its COBIT framework (www.isaca.org).

Since ITAM lives somewhere between pure IT and specific business ownership, sometimes even only in
the financial realm, a reasonable question is how to align ITAM initiatives, ITAM value, and ITAM

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

measurements from a strategic standpoint given current BSC and ITBSC views of strategy. ITAM is
comprised of Key Process Areas (KPA). The KPAs blend financial management, risk management, and
productivity management in a unique way aligned to the defined ITAM program mission.

Pure ITAM best practices focus on Return on Investment and Total Cost of Ownership as their financial
contributions. These KPAs are derived from the best practices library and industry stewardship
provided by the International Association of Information Technology Asset Managers (www.iaitam.org).
The twelve KPAs in ITAM are: Program Management, Policy Management, Communications & Education
Management, Acquisition Management, Asset Identification & Tracking, Disposal Management, Financial
Management, Vendor Management, Compliance & Legislation Management, and Project Management.
In today’s financial climate, organizations tend to use a wide array of financial measurements which might
be unfamiliar to a practicing ITAM Program Manager. Modern financial measurements include the below
list. How your individual ITAM metrics fall into supporting the calculation of these metrics will vary
based upon how strategic your organizations view of asset management is:
 Return on Investment (ROI) – this is a performance measure used to evaluate the efficiency of
an investment or to compare the efficiency of a number of different investments. It is one way of
considering profits in relation to capital invested.
 Return on Capital (ROC) - this is a ratio used in finance, valuation, and accounting. The ratio is
estimated by dividing the after-tax operating income (NOPAT) by the book value of invested
capital.
 Return on Invested Capital (ROIC) - this is a financial measure that quantifies how well a
company generates cash flow relative to the capital it has invested. It is defined as net operating
profit less adjusted taxes divided by invested capital and is usually expressed as a percentage.
 Net Present Value (NPV) - is a time series of discounted cash flows, both incoming and
outgoing, and is defined as the sum of the present values of the individual cash flows of the same
entity. This shows the relative weighted value of an investment in today’s dollars.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

 Internal Rate of Return (IRR) - on a project is the rate of return that makes the net present
value (NPV as NET*1/(1+IRR)^year) of all cash flows (both positive and negative) from a
particular investment equal to zero. In more specific terms, the IRR of an investment is the
discount rate at which the net present value of costs (negative cash flows) of the investment
equals the net present value of the benefits (positive cash flows) of the investment.
 Payback Period (PP) - refers to the period of time required for the return on an investment to
"repay" the sum of the original investment.
 Real Options Valuation (ROV) – this is the identification and valuation of IT projects timing
respective to management and market uncertainty. This measurement provides measured
flexibility to management decision making relating to project size, timing and operations once
the project is established (or deferred).
From a standard BSC perspective it is best to align the Core ITAM Processes to the Organizational
Capabilities area; the Operating ITAM Processes to the Internal Processes area; and the Controlling
ITAM Processes to the Financial area.
For the ITBSC the alignment is a little different; here it is best to align the Core ITAM Processes to the
Operating Excellence area, The Operating ITAM Process to the User Orientation (as users are the
primary stakeholders here), and the Controlling ITAM Processes align best to the Corporate
Contribution area.
You will notice that there are substantial alignment differences. This can cause great confusion, as a
reasonable assumption may be that the ITBSC simply uses different names, and that ITAM should align
the same way to both score cards. This is, surprisingly, not the case. The good news, however, is that
generally the actual metrics that are being tracked do not change, although their magnitude or focus
might.
There is no silver bullet to aligning ITAM measure into either the standard BSC of an IT specific ITBSC.
The Balance Scorecard Institutes “Nine Steps to Success” still dominates the thinking here, and it is
something an ITAM Program Manager should be aware of, and use, when contemplating how to align
their programs measurements to a larger organizational strategy. The nine steps, in order, are
Assessment, Strategy, Objectives, Strategy Map, Performance Measures, Initiatives, Performance
Analysis, Alignment, and Evaluation.
So there you have it, some quick and simple insights into the potentially complicated worlds that ITAM
lives in. Hopefully a little bit of alignment insights can go a long way for you in starting the analysis
processes necessary to better align an ITAM program in a way that helps position it as part of the
organizations overall strategy. Doing so will help your organization leverage many of the benefits a good
ITAM program can bring. It isn’t all about scorecards, it is just that the scorecard is a fairly well
established way of thinking about strategy, and as good a model as anything to frame up a strategy
conversation. The analysis started here, especially the insights into ITAM alignment and the difference
between a pure IT view and a broader organizational view, are an important first step along the strategy
formulation and alignment path.

ITAM AND THE SUPPLY CHAIN.


There are of course some differences, but the primary one is on scope, typical supply chain management
does in fact have broader scope when compared to classical ITAM. With that one difference aside,

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

otherwise it would be fair to say that ITAM is just the specific set of processes that have been developed
to manage the unique supply chain products that are unique to information technology.
So let’s back up and start at the beginning. Arguable, the father of modern business ‘value speak’ and
‘strategy directionalism’ is Michael Porter (Porter), a well know author and University Professor at
Harvard Business School. He has written over a dozen well respected books on topic including business
strategy and operations. In the supply chain arena, Porter’s major contribution was his definition of the
‘Value Chain’ in the book “Competitive Advantage: Creating and Sustaining Superior Performance.”
Which was first published in 1985. Since 1985, many, many permutations and derivatives of the concepts
he introduces have occurred, however the core framework and viewpoints were seminal and have
shaped business management ever since.
One of the emerging views of the Value Chain (and admittedly a divergent from Porter’s initial 1985
thoughts) is that at a macro level it contains two elements: the Demand Chain; and the Supply Chain.
The idea here is that value is created by identifying and fulfilling demand.
Value, then, according to this model, starts with the creation of a product (or service) that will be
delivered and consumed to fulfil a need or desire (in IT we use the often abused and mis-understood
term ‘requirement’ here). So adopting our language, value is the fulfillment of requirements. That should
translate well into IT speak.
Generally ITAM deals with demand though its Acquisition Key Process Area (KPA).
When focusing on the supply chain, as within the ITAM KPA’s there are divergent concepts. You have
the physical (actual) supply chain, and then you have the controlling and core processes that comprise
‘Supply Chain Management’. The concepts here are very much aligned to the concepts of ITAM’s core
processes, operating processes, and controlling processes.
The Council of Supply Chain Management Professionals defines supply chain management as follows:
"Supply Chain Management encompasses the planning and management of all activities involved in
sourcing and procurement, conversion, and all logistics management activities. Importantly, it also
includes coordination and collaboration with channel partners, which can be suppliers, intermediaries,
third-party service providers, and customers. In essence, supply chain management integrates supply and
demand management within and across companies. Supply Chain Management is an integrating function
with primary responsibility for linking major business functions and business processes within and across
companies into a cohesive and high-performing business model. It includes all of the logistics
management activities noted above, as well as manufacturing operations, and it drives coordination of
processes and activities with and across marketing, sales, product design, finance, and information
technology."
A pretty similar definition to IAITAM’s definition: “The ITAM program is the centralized process by
which all activities are defined, implemented, controlled and monitored. A mission statement is very
important to the program to communicate exactly what the program does, the importance of the ITAM
team, and what value will be gained by the organization. The program acts as the marketing arm for IT
Asset Management providing an avenue throughout the organization to celebrate the successes of a
properly orchestrated ITAM Program.”
While there is only one preeminent organization guiding the ITAM space, in the supply chain arena there
are many more, at least 8 high profile organizations. This makes it a little more difficult to rationalize a
set of core (key) processes, at a very high level in supply chain management there are 8 core areas:

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

Customer service management process, Procurement process, Product development and


commercialization, Manufacturing flow management process, Physical distribution,
Outsourcing/partnerships, Performance measurement, and Warehousing management.
Another important aspect from a career standpoint is that managers in supply chain functions tend to
make about 20% more that their comparable ITAM counterparts. Think about that, there must be some
reason, and you can onlysuspect it is because the supply chain industry is better established and brings
more to the table in the way of efficiencies, cost savings, and best practices. Start looking to that
industry for ways to improve ITAM, and the benefits will follow.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

ITAM Foundations
SECTION 5 – ITAM ROLES & RESPONSIBILITIES

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

ITAM ROLES & RESPONSIBILITIES


Role: An individual’s role determines their responsibilities which are defined as the set of tasks included
in a specific process or set of linked processes. Roles are grouped by KPA
Job title: A job title is typically specified by the human resources department and is based on a position
in the organization’s hierarchy. A role is not necessarily the same thing as a job title.

ACQUISITION MANAGER
The Acquisition Manager is responsible for acquiring IT goods and services for an organization. This
individual acts as the gatekeeper for all IT acquisitions. The Acquisition Manager ensures that the asset
meets the needs, requirements, and standards of the organization as well as those of the stakeholder.
The Acquisition Manager is responsible for obtaining proper justification for products prior to purchase.
Sourcing and redeployment opportunities available for the requested asset are also the responsibility of
the Acquisition Manager.
For non-standardized items, assets, and exceptions, a formal selection process (ranging from the simple
Request for Quote (RFQ) to the rigorous Request for Proposal (RFP) is sent out to potential vendors
by the Acquisition Manager prior to initiating the purchase of an asset. The Acquisition Manager is
responsible for ensuring that, when appropriate, contracts are negotiated to include specific terms and
conditions as specified by the legal department.
The Acquisition Manager ensures that there are adequate receiving processes including one for Return
of Merchandise Authorization (RMA). The Acquisition Manager reports to the Program Manager. They
also work to support, interact and contribute to the success of the ITAM program.

ASSET ID MANAGER
The Asset Identification Manager is the individual responsible for overseeing and directing the IT asset
identification process. This process involves tagging and tracking assets that have been determined by
the Program Manager as asset types that must be tracked.
The Asset Identification Manager reports directly to the Program Manager to support, interact, and
contribute to the success of the ITAM program.

ASSET ID PERSONNEL
The Asset Identification Personnel support all asset identification functions, including a support role for
the Asset Identification Manager and the Asset Identification Process as a whole.
This team is responsible for accepting assets and assigning their unique identifier, ensuring that asset are
inventoried properly and recorded accurately in finance’s fixed asset information (as appropriate) and
within the ITAM repository to facilitate tracking over time.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

Physical tagging of IT assets, uploading the new asset tagging information into the ITAM repository or
database, and ensuring that proper parties have been notified of the status of assets are also part of the
Asset Identification Personnel role.
They report to the Asset Identification Manager in support of the Asset Identification process.

COMPLIANCE & LEGISLATION MANAGER


The Compliance & Legislation Manager is responsible for researching information on legislation that
affects the use, tracking and reporting of assets, staying current and researching the impact of pending
regulations and legislations. The Compliance & Legislation manager is responsible for communicating
this information within the organization and ensuring compliance within the ITAM program including but
not limited to software compliance to contracts, intellectual property laws, accounting laws (such as
Sarbanes-Oxley requirements), privacy and confidentiality laws (such as HIPAA requirements),
government access laws, environmental laws.
The Compliance & Legislation Manager mitigates risk exposure for the organization.
They report to the Program Manager to support, interact, and contribute to the success of the ITAM
program.

COMPLIANCE & LEGISLATION MANAGEMENT PERSONNEL


Compliance & Legislation Management Personnel are responsible for supporting the Compliance and
Legislation Manager. They work together to ensure that the organization is compliant in all facets of the
ITAM program including but not limited to software compliance to contracts, intellectual property laws,
accounting laws (such as Sarbanes-Oxley requirements), privacy and confidentiality laws (such as HIPAA
requirements), government access laws, environmental laws.
This role includes conducting research about current and pending regulations and legislation and utilizing
that information, working directly with the audit response team as well as with the negotiations team.
Compliance and Legislation Management Personnel report to the Compliance and Legislation Manager.

DISASTER RECOVERY PERSONNEL


The Disaster Recovery Personnel’s role within the ITAM program is multifunctional throughout all Key
Process Areas to provide support to disaster recovery and business continuity programs.
Disaster Recovery Personnel do not report to the Program Manager. Instead, they are a supporting
department which interacts and contributes to the success of the ITAM program.

DISPOSAL MANAGER
The Disposal Manager is responsible for the disposal of IT assets. The Disposal Manager will ensure
disposal regulations are adhered to and all documentation is accurate and accounted for. The Disposal
Manager will also work closely with the security team to ensure that information and data is secure
throughout the disposal cycle. They will also monitor market values, software harvesting, and disposal
methods.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

The Disposal Manager reports directly to the Program Manager. They work to support, interact and
contribute to the success of the ITAM Program.

DISPOSAL MANAGEMENT PERSONNEL


Disposal Management Personnel support the Disposal Manager in all functions of the disposal process,
including but not limited to: transportation, documentation, security, and monitoring fair market value
(FMV).
Disposal Management Personnel report directly to the Disposal Manager.

DOCUMENTATION MANAGER
The Documentation Manager has the important responsibility for all documentation within the ITAM
program. The Documentation Manager is responsible for updates to the documentation repository
including; archival of historical data and maintaining current data, financial data, and disaster recovery
data. The Documentation Manager is also involved in the requirements of offsite storage and policy
requirements.
Reporting directly to the Program Manager, the Documentation Manager will work to support, interact,
and contribute to the success of the ITAM program.

DOCUMENTATION MANAGEMENT PERSONNEL


Documentation Management Personnel support the Documentation Manager in all facets of the
documentation process. They assist in the daily operations of Documentation Management including;
repository information, documentation retention, change control, back-up recovery, and library
management.
Documentation Management Personnel report directly to the Documentation Manager.

FINANCE MANAGER
The Finance Manager initiates the financial transactions for the purchase of IT assets. This role includes
issuance of the purchase order and payments. This individual is responsible for accurate invoice
information verified through a reconciliation process. The Finance Manager proper notification of
financial information/data where necessary, including receiving, acquisition, contracts, legal, technical, the
ITAM Program Manager and Stakeholders.
The Finance Manager is instrumental in the archiving of documentation and supporting the retention
process. This individual reports to the Program Manager.

FINANCIAL MANAGEMENT PERSONNEL


Financial Management Personnel are responsible for supporting the Finance Manager and the Finance
Key Process Area. This role includes invoice reconciliation, budget support, financial documentation
retention, and purchase order/payment processes.
The Financial Management Personnel report to the Finance Manager.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

COMMUNICATIONS MANAGER
The function of the Communication Manager is to ensure that communications that are part of the
ITAM program are executed properly and to all required parties. He/She is responsible for developing,
monitoring, and tracking new and existing communication programs.
The Communication Manager reports to the Program Manager and also works closely with the
corporate communications department. They work together to support, interact, and contribute to the
success of the ITAM program.

EDUCATIONAL MANAGER
The function of the Educational Manager is to ensure that the ITAM program resources receive
appropriate and timely training. They are responsible for developing, monitoring, and tracking new and
existing educational programs.
They report to the Program Manager and also works closely with the corporate training department.
Together, they work to support, interact, and contribute to the success of the ITAM program.

POLICY MANAGER
The Policy Manager sets the foundation for the ITAM program by creating the policies necessary for the
ITAM program and to mitigate risks to the organization. The Policy Manager maintains all policies
related to the ITAM program. The Policy Manager works with the Human Resources and Legal
departments to define enforcement of organizational policies.
They report directly to the Program Manager to support, interact, and contribute to the success of the
ITAM program.

POLICY MANAGEMENT PERSONNEL


Policy Management Personnel support the Policy Manager, ensuring that risks are reduced via
organizational policies. The Policy Management Personnel assist with development, communications,
and enforcement of organizational policies.
They report directly to the Policy Manager. Together, they work to support, interact, and contribute to
the success of the ITAM program.

PROJECT MANAGER
The Project Manager is the individual responsible for the success of the assigned project. This role
includes assembling the project team, project charter and plan development, obtaining executive buy-in,
and management throughout the life of the project.
The Project Manager reports to the Program Manager to support, interact, and contribute to the
success of the ITAM program.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM Foundations - CAMP

PROJECT MANAGEMENT PERSONNEL


The Project Management Personnel, or the Project Team, are the individuals chosen by the Project
Manager to execute the project. The daily operations are dependent on the situation, but always follow
the guidelines of project management including plans, budget management, change management,
milestones and resource management.
Project Management Personnel report directly to the Project Manager. They work together to support,
interact, and contribute to the success of the ITAM program.

RECEIVER
The Receiver is responsible for receiving shipments of IT assets. The Receiver inspects the package for
physical damage and executes appropriate actions, either rejecting the package for damage or initiating
the acceptance process.
This individual also ensures that proper parties have been notified of the receipt of the asset.
The Receiver reports to the Asset Identification Manager. Together, they work to support, interact,
and contribute to the success of the ITAM program.

TECHNICAL PERSONNEL
Technical Personnel are responsible for the initial asset evaluation, including functional and non-
functional requirements, the configuration and installation of the assets within the environment
according to organizational standards, and monitoring of the assets via an automated discovery tool.
The Technical Personnel ensure that proper parties have been notified of the status of the assets.
Reporting to the Program Manager, they work together to support, interact, and contribute to the
success of the ITAM program.

VENDOR MANAGER
The Vendor Manager is responsible for monitoring assigned vendors which have been determined by the
Program Manager as strategic. The Vendor Manager is responsible for communications, analyzing
vendor performance, score card maintenance, vendor crisis management, and communicating with the
Program Manager.
The Vendor Manager reports directly to the Program Manager and together, they work to support,
interact, and contribute to the success of the ITAM program.

VENDOR MANAGEMENT PERSONNEL


Vendor Management Personnel support the Vendor Manager by performing vendor management actions
such as; performance analysis, corrective action management, communications, score card maintenance,
and communicating with the Vendor Manager.
Vendor Management Personnel report to the Vendor Manager in an effort to support, interact, and
contribute to the success of the ITAM program.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM BASICS

ITAM BASICS
IAITAM SERVICES, GLOSSARY OF TERMS & CODE OF ETHICS

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM BASICS

IAITAM’S PRODUCTS AND SERVICES

MEMBERSHIP
Being an IAITAM Member demonstrates a commitment to growing the IT Asset Management
profession. IAITAM encourages knowledge sharing and experiences among their members. IAITAM
Members have access to real-world experiences from peers around the globe in organizations of every
size and type through their Member benefits. Members learn how to establish and incorporate an ITAM
program as part of their professional development. Members also learn to make a difference by getting
involved in current events that are shaping the ITAM industry.
IAITAM is the only globally recognized membership and training organization dedicated to offering the
highest quality benefits, expertise, best practices, and professionalism to their members in this industry.
IAITAM and IAITAM Members are truly dedicated to the advancement of the ITAM Professional.
IAITAM provides a common base of understanding, terminology and a broader perspective on the
opportunities for IT Asset Management through the contributions of its Members. Members include
specialists in Software Asset Management, Hardware Asset Management, Negotiations, Financial,
Procurement and Property Management, just to name a few. IAITAM is also unique in that providers of
services and tools are included as Members of the Association, offering an equal opportunity to add
their knowledge and experiences into the centralized knowledge warehouse that is IAITAM.

CORPORATE MEMBERSHIP
IAITAM’s Corporate Membership was designed to meet the ongoing needs of the enterprise at every
stage of ITAM program development. This membership is the premier package for members, offering
team access to all IAITAM offerings at the greatest discount levels offered as well as ongoing services
designed for the enterprise.

INDIVIDUAL MEMBERSHIP
IAITAM's Individual Membership program was developed for those that not only want to grow in their
chosen profession, IT Asset Management, but want to contribute to its direction. IAITAM not only
provides the individual with the means to increase and expand upon their current knowledge as it
pertains to ITAM best practices, but also gives that individual a contributing voice in how our
organization moves forward thereby enhancing our products and services which effects the direction of
the IT Asset Management Profession as a whole and adds to the expanding knowledge base.

PROVIDER MEMBERSHIP
Provider Members of IAITAM are IT, software, hardware and services suppliers that offer strategic
advice, products and leadership to the ITAM community. IAITAM provides a common, vendor neutral
vehicle for these leaders to interact with the IAITAM members and the ITAM worldwide community in
a unique way that enables the ITAM professional to meet the challenges they face within their

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM BASICS

organizations and learn what that Provider Member offers in support of those efforts. IAITAM offers
exposure to a focused market of well-qualified professionals as well as gives its Provider Members the
opportunity to share their expertise through a broad range of marketing opportunities and educational
offers for the Provider’s customer base. Provider Member staff can also benefit from the training
programs offered by IAITAM in order to broaden the industry perspective of their employees, which
helps them to understand the complete ITAM lifecycle and where their products and services fit within
that program thereby increasing their value to their customers and shortening their sales cycles.

CONFERENCES
IAITAM hosts multiple conferences for C-level executives, ITAM practitioners and providers.
ITAM ACE is the only conference in the world dedicated solely to IT Asset Management. It is three days
of educational sessions presented by ITAM vendors and ITAM practitioners. Vendor presentations are
pre-screened to ensure the presentation is educational and not a sales pitch.
The CXO conference is an invitation-only event that brings C-level executives together in discussions
that promote the ITAM profession and explores how ITAM benefits the organization.

PUBLICATIONS
 IAITAM ITAM Best Practices Library (IBPL) - IAITAM's Best Practice Library (IBPL), the ITAM
practitioner's guide to an IT Asset Management program, represents the collective knowledge
and experiences of the IT Asset Management industry. This twelve-volume set (of thirteen
books) contains “how-tos,” workflows and templates for each of the twelve Key Process Areas
(KPAs).
 ITAK (IT Asset Knowledge) Magazine (current magazine free, the library of articles available to
all members)
 Newsletters
 Email
 Social networking sites
 Gray papers, an IAITAM member exclusive educational white paper
 Recorded educational webinars

COURSES AND CERTIFICATIONS

CSAM
The IAITAM Certified Software Asset Manager (“CSAM”) course provides a foundation for managing
software assets, as well as knowledge of the ever-changing variables that occur within the field. From
software piracy and compliance issues, to legislation and organizational challenges, it is necessary to
evaluate both the external and internal forces that are bringing changes to how organizations manage
their IT Assets. A successful Software Asset Manager must look at the overall goals of the organization
and determine where Software Asset Management can play a strategic role in achieving those goals. In

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM BASICS

this course, students will learn best practices in Software Asset Management, as well as the when and
why to question why something should or should not be done, how to clearly identify goals, and how to
quantify success.
Software Asset Management (“SAM”) is the set of business practices that support the use of software
within an organization and frequently involves a new look at how and why software traverses the
organization. SAM is now considered a mandate by many organizations looking at their Software Asset
Managers as key contributors to the overall organizational goals such as reducing risk, increasing
accountability, uncovering savings and gaining control of the IT environment. To be successful, Software
Asset Managers must learn not only what constitutes the business best practices of Software Asset
Management, but also learn how to implement those business practices in a way that is appropriate for
their organization.

CHAMP
Designed to address the numerous issues plaguing professionals in managing hardware assets, the
IAITAM Certified Hardware Asset Management Professional (“CHAMP”) course follows the lifecycle of
IT hardware assets beyond the scope of the cradle to grave analogy and discusses the business practices
that can best be used to manage those assets efficiently and cost-effectively. Emphasis is placed on
identifying the policies that enhance lifecycle management. In general, policies are only effective if
developed by a cross-section of the impacted departments, are reviewed frequently to remain current
and are consistently communicated and enforced.

CITAM
The Certified IT Asset Manager (“CITAM”) course is aligned with the IAITAM Best Practices Library
(“IBPL”). Attendees will learn about the entire ITAM Program and take with them the foundation plan
for starting or improving their organization’s ITAM Program. The intense five day course with
certification is packed full of information and real-world experiences designed to make your ITAM
Program more effective, efficient and the CITAM Certification will lend notable credibility to both you
and your ITAM Program.
This course addresses each of the Key Process Areas (“KPAs”) identified within the IBPL and that when
combined; empowers an organization and maximizes the value of their IT assets. The core processes
that encompass the ITAM Program will be reviewed and the pertinent projects that will assist the
organization in building a productive and profitable business unit will be addressed.

CMAM
The IAITAM Certified Mobile Asset Management (“CMAM”) course prepares the individual and their
organizations responsible for the management of mobile devices. Mobile devices can have a major
impact on an organization, proliferation of such devices within the enterprise, whether organization-
owned or BYOD-based, it has created a complexity to ITAM never before seen in IT environments. The
course will prepare individuals with the knowledge to manage personnel, policies, and processes, the key
elements in organizational IT management. This course encompasses both organizational owned assets
as well as BYOD (employee owned). As all IAITAM courseware, this has the IAITAM Best Practice
Library as its foundation and encompasses financial viability, risk mitigation, policy enforcement, and
lifecycle management of mobile assets.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM BASICS

CITAD
The IAITAM Certified IT Asset Disposal (“CITAD”) course prepares individuals to manage the IT asset
disposal process within an organization. Best practices in IT Asset Disposition (“ITAD”) are broken
down from policy management, data security to chain of custody transitioning. Attendees, whose job
responsibilities include ITAD, will take away the knowledge of how to avoid risk of data loss and public
exposure that surround a breakdown in ITAD process management. ITAD best practices, financial
return, data security global implications and the importance of vendor management are just a few of the
topics incorporated in the CITAD course. ITAD processes will no longer be viewed as corporate
overhead, but instead with IAITAM’s best practice approach, can be a profit center and area of risk
mitigation for those organizations that embrace the CITAD.

ITAM FOUNDATIONS
The ITAM Foundations Course with optional Certified Asset Management Professional (CAMP)
Certification is designed to impart an extensive overview of IT Asset Management (ITAM) best practices
and processes as well as ways to embrace multiple organizational frameworks such as ITAM & IT Service
Management (ITSM).
The use of technology in business has grown extensively over the past three decades and continues to
grow exponentially on a daily basis. With that growth comes the need for ITAM as well as the
understanding of what ITAM is, the benefits it brings to an organization and how it crosses all function
business areas.
This course was built to provide information on each of the IAITAM Best Practice Library’s 12 Key
Process Areas (KPAs), the roles and responsibilities that effect an ITAM Program, core functional areas,
KPA indicators, strategic positioning, and how ITAM can be brought into other frameworks such as
ITSM so that they work together in the most efficient way for an organization thus producing a greater
ROI for its IT portfolio.

ADVANCED TRAINING
Advanced training is online training focused on the following volumes of the IBPL:
 Acquisition Management
 Asset Identification Management
 Communication & Education Management
 Compliance & Legislation Management
 Disposal Management
 Documentation Management
 Financial Management
 Policy Management
 Project Management
 Vendor Management

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM BASICS

Each course contain a series of video lectures, access to full time instructors as needed, review of ITAM
concepts, and complete with a self-evaluation exercise that both brings the materials together, and
provides immediate business value for you and your organization.

ORGANIZATIONAL CERTIFICATION
Companies, investors, and consumers need to have more confidence in companies when it comes to
their IT Asset Management and the IAITAM Organizational Certification is an important step in that
direction. The Organizational Certification reflects the policies and processes regarding the area of IT
which includes hardware, software, mobile and disposition. With frequent security breaches, non-
compliance, overspending and mishandling of data being reported having a ranking and benchmark can
give credence to your organization to your customers that you have an internationally recognized
program when it comes to one of your most important aspects to your business, your IT. Additionally
IAITAM will also provide a report and roadmap to assist the organization increase the effectiveness of
their program to keep moving forward in a climate where IT Asset Management is becoming more
essential to the success of all business. With this certification now entire organizations and IT
departments will achieve recognition for their practices. This is critical in establishing IT credibility on
the macro level. In today’s world businesses cannot exist without technology, if you are not
managing your technology then you are not managing your business. This certification will allow
organizations to show the world they are managing their business!”

ITAM360 KNOWLEDGE BASE


The ITAM360 Knowledge Base is the online version of the IBPL. ITAM360 enhances the book version of
the IBPL through an easy to use interface and describing dependencies between processes that reside in
separate Key Process Areas. The ITAM360 enables collaboration between team members and this is
especially valuable for teams that are separated geographically.

ITAM360 ASSESSMENT
The ITAM360 Assessment product is designed to assess the performance of an organization’s ITAM
Program. There are over 450 questions designed to assess the results of the organization’s ITAM
Program processes. The assessment can be scoped to specific asset types, business units and
geographical locations.
The result of the assessment is a multi-vector rating system that provides an accurate picture of the
ITAM Program’s performance. The following diagram is a sample of the result of an ITAM360
assessment.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM BASICS

Each axis is a Key Process Area with a rating for 1 to 5. Unlike a single vector score on a scale of 1 to 5,
this multi-vector rating system provides greater accuracy and a clearer picture of how the ITAM
Program is performing.

MSITAM – WILLIAM HOWARD TAFT UNIVERSITY


The Masters Degree in Information Technology with a concentration in ITAM is the first advanced
degree in the world for IT Asset Managers. Individuals who have certified in IAITAM’s CITAM, CSAM
and CHAMP courses have already completed nine of the thirty-six units required to obtain this degree.
The MSITAM degree is awarded by William Howard Taft University to students who successfully
complete the rigorous distance study program. IAITAM curriculum has been included in the program to
provide the best possible combination of real world best practices alongside best of breed academic
curriculum.
The online MSITAM program is designed for the information technology (IT) management professional
seeking the latest concepts, principles, skills and strategies needed for informed decision making and
effective leadership in the IT arena. The program’s Asset Management concentration defines the duties
and responsibilities necessary to be an IT Asset Manager and the resources and commitment necessary
to implement a fully functional IT Asset Management program.
Taft University's MSITAM program prepares students to be important contributors to the strategies for
aligning information technology with the organizational business drivers that promote ROI, reduce risk,
and increase productivity. The information learned exposes students to the skills needed to advance
their careers to management positions both within and outside of IT.
The primary goal of the MSITAM program is to develop IT professionals into technology leaders.
Successful graduates of the program will demonstrate the knowledge and skills of the concepts involved
in identification of business related problems and how to make appropriate technology
recommendations based on sound reasoning and analysis, all the while being sensitive to the needs of
the stakeholders and business goals.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
ITAM BASICS

SOCIAL MEDIA
IAITAM uses social media channels to disseminate knowledge to increase accessibility. The following
social media channels are managed by or monitored by IAITAM.
 LinkedIn: The group “IT Asset Management – Global has over 11,000 participants across the
globe (available at www.linkedin.com under Interests – Groups)
 Facebook (available at www.facebook.com, search for IAITAM)
 Twitter (available at www.twitter.com, search for IAITAM)
 Scoop.iT (available at www.scoop.it/t/iaitamnews)
 IAITAM APP (available in iTunes and Google Play

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

GLOSSARY OF TERMS
The following glossary of terms has been developed for the ITAM professional and describes terms that
are used widely within the profession. Emphasis is placed on terminology that has multiple definitions
depending on the group using the term and critical terms to ITAM. Terminology is dynamic and the
glossary is updated over time.

Term Definition

Academic License Licensed product acquired through an institution of


learning. Licensee must be using product in
accordance with academic requirements.

Accounts Payable (AP) Accounting department that processes outbound


payments.

Accounts Receivable (AR) Accounting department that processes incoming


payments.

Acquisition The process of obtaining an asset.

Acquisition Manager The Acquisition Manager acts as the gatekeeper for all IT
acquisitions. This role entails a wide range of
responsibilities which include acquiring IT goods and
services for the organization, ensuring that all requested
assets meet organizational needs, requirements, and
standards, as well as meeting the needs of the
stakeholder. The Acquisition Manager is also responsible
for determining that requested assets are not in
inventory before initiating acquisition.

Activation The process of requiring notification to the vendor that


the product has been installed to receive a code in order
to use the software product. Frequently used with
subscription pricing, it allows the publisher to shut down
the software at the end of the paid subscription.

Active Metering A tool that sets a specific limit to the number of users
who may access a given concurrent application. When
that limit is reached, access is denied until someone logs
off, and frees up a license.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Addendum Addition to a contract. Generally added to the contract


as an additional referenced page or pages.

Agent An agent is a kernel of code that is installed on each


device so that an application has access to information
about that device. Discovery tools often use agents to
collect data on configuration that is later collected on a
server for reporting purposes. Discovery tools may be
installed agent-less as well, with some discrepancies in
what data can be collected.

Alternative Dispute Resolution (ADR) Involves dispute resolution processes and techniques
that fall outside of the government judicial process. ADR
has gained widespread acceptance as a means of
resolving issues more quickly and perhaps at less
expense than a law suit.

Americans for Fair Electronic A broad-based national coalition of consumers, retail and
Commerce Transactions (AFFECT) manufacturing businesses, insurers, technology
professionals and librarians opposed to the Uniform
Computer Information Transaction Act (UCITA).

Annual License Legal document which is a binding contractual agreement


between a software publisher and software user which
expires annually and must be renewed.

Application A software program.

Application Rationalization Application Rationalization is the process of analyzing the


software portfolio for duplication of functionality
between products, evaluating the advantages and
disadvantages of eliminating one of the products and
taking action to eliminate one if appropriate.

Application Service Provider (ASP) An ASP is a business that provides digital services such
as hosting an application and the customer's data. This
“on demand software”, or “software as a service” (SaaS)
is considered part of "cloud" technology and the vendor
may use the term "Cloud Provider."

Arbitration The process of settling a disagreement between two or


more parties (i.e. between a customer and a software
publisher) by using a third party negotiator rather, than
going through the court system. The arbitrator's
decision is considered binding to both parties.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Assessment The act of assessing; appraisal.

Asset An IT asset is an item that has sufficient significance,


value or risk associated with it that management is
chosen, with management including some level of
process, policy, procedure and measurement visibility
over time.

Asset Identification Manager The Asset ID Manager is responsible for overseeing and
directing the IT Asset Identification Process. The Asset
ID Manager is responsible for ensuring the proper
tagging and tracking of assets that have been deemed by
the Program Manager as being trackable assets.

Asset Identification Personnel The Asset ID Personnel will directly support the Asset
ID Manager and the Asset ID Process by performing
such duties as accepting assets into the environment,
assigning the unique identifier, physically tagging all assets,
and ensuring that all assets are properly inventoried
within the ITAM repository and all necessary information
placed on the fixed asset list.

Asset Management The set of processes that an organization uses to manage


the financial, inventory and contractual elements of IT
objects and that have sufficient value to the organization
to require and benefit from management. Examples of IT
objects that are managed include software, hardware and
mobile/wireless devices.

Asset Manager See IT Asset Manager.

Asset Recovery Value (ARV) The total residual value that can be derived from used
assets.

Asset Standards Asset standards are a preapproved selection of


equipment and software, often including specifics on
configuration, versions and approved vendors. Software
may be grouped into a standard image. In other
processes, the term standard is also applied to processes
and procedures, as the word rule would be used.

Audit An examination and verification of records. See


Software Audit.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Audit Response Report A report prepared by the audit response team that is
sent to the auditing agent detailing the requested audit
information.

Audit Response Team A group of internal personnel that is trained prior to an


actual audit to gather information concerning an audit.

Audit Tool See Discovery Tool

Author Consumer and Computer To encourage the development and distribution of


Owner Protection and Security (Bill) creative works by enhancing domestic and international
enforcement of the copyright laws, and for other
purposes.

Balanced Scorecard A performance metric used in strategic management to


identify, and improve various internal functions and their
resulting external outcomes. The balanced scorecard
attempts to measure and provide feedback to
organizations in order to assist in implementing
strategies and objectives.

Bar Code A barcode is an optical machine-readable representation


of data which represents information (usually identity
information) pertaining to the asset to which the bar
code tag is attached. There are 2D and 3D standards for
barcodes.

Baseline A measurement, calculation, or location used as a basis


for comparison.

Basic Vendor A vendor classification that denotes the usual and


customary relationship with a vendor. Approximately
75% of vendors typically fall into this category.

BATNA See: Best Alternative to a Negotiated Agreement

Benchmarking Benchmarking is measuring a product, service or process


to establish a foundational evaluation. This measurement
is used evaluate results of successive improvements or
changes over time.

Best Alternative To a Negotiated A negotiations methodology where the negotiator


Agreement (BATNA) analyzes the progress/success of negotiations against
walking away or taking another option. This point is
referred to as a stopping point and it changes dynamically
as information is revealed.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Best Practices Industry process or practices considered to be most


effective.

Budgeting An estimate, often itemized, of expected income and


expense for a given period in the future.

Bug An unexpected action in a software product that is not


acceptable behavior; or behavior as described in the
documentation.

Business Case A business case is a structured proposal for business


change that is justified in terms of costs and benefits.

Business Continuity Planning (BCP) Business Continuity Planning is an interdisciplinary peer


mentoring methodology used to create and validate a
practiced logistical plan for how an organization recovers
and restore partially or completely interrupted critical
function's) within a predetermined time, after a disaster
or extended disruption. BCP may include Disaster
Recovery or be a secondary plan for post-disaster.

Business Impact Analysis (BIA) An information-gathering exercise that is often


performed as a step in the development of business
continuity plans (BCP). The BIA, along with risk analysis
(RA), provides the foundation for developing and
selecting a business continuation strategy that will allow
the organization to continue to perform critical
processes in the event of a disruption, regardless of
cause.

Business Process A business process is a collection of interrelated tasks,


which solve a particular issue.

Business Software Alliance (BSA) A compliance agency or software member organization


that represents a number of the world's largest software
vendors uncovering and reporting on copyright
infringement for the members, including collecting
evidence and conducting software audits. The BSA is
considered the most active member organization and is
global in scope.

Buy-in Buy-in describes a willingness to participate and support


a particular initiative or concept.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Capacity Based License Licensing schema in which the license is based on the
total capacity of the CPU, hard-drive size/speed, or
other quantifiable asset configuration variables.

Captive Leasing A department or subsidiary of the hardware


manufacturer that leases directly to end customers.B230

Careware License option utilizing charitable donations.

Central Processing Unit (CPU) Sometimes simply a processor, it is the component in a


digital computer capable of executing a program.

Centralized An organizational process that is united through


automation, process or in a physical location.

Centralized Receiving Centralized receiving is the receipt of assets, with the


centralization referring to system and process
centralization rather than a physical location.
Applications like the ERP, bar-coding and scanner
technology, asset management are all part of the
receiving process, with this automation supporting
physical delivery to a regional office.

CCO/CEO/CIO/CFO/CSO/CTO Executive management positions: Chief Compliance


Officer, Chief Executive Officer, Chief Information
Officer, Chief Financial Officer, Chief Security Officer,
Chief Technical Officer.

Certificate of Authenticity (COA) A printed document, hologram seal, small sticker or tag
provided by the copyright holder that is affixed to
proprietary hardware or software's physical media. The
Certificate of Authenticity demonstrates that the item is
authentic, genuine and not counterfeit.

Certification Professional training & experience documentation /


credential. Certification may apply to an individual or an
organization.

Certified Hardware Asset A CHAMP is an individual that has earned IAITAM


Management Professional (CHAMP) certification as a Certified Hardware Asset Management
Professional. This certification is trademarked by the
International Association of IT Asset Managers.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Certified Information Technology A CITAM is an individual that has earned IAITAM


Asset Manager (CITAM) certification as an IT Asset Manager. CITAM certification
is trademarked by the International Association of IT
Asset Managers, Inc.

Certified Software Asset Manager A CSAM is an individual that has earned IAITAM
(CSAM) certification in Software Asset Management which is
trademarked by the International Association of IT Asset
Managers.

Chargeback An amount of compensation required for a service or


piece of equipment provided by another department
within the same organization.

Churn This is an accounting term as seen on an Acquisition /


ROI Template, normally listed in the Revenue Summary.
The measure is viewed as a percentage and is best
described as the total amount of assets entering the
organization versus the total amount of assets leaving the
organization.

Click Through License This license schema is popular because when purchasing
online, a "choice box" is presented to the consumer
before making the product available. The consumer can
proceed with the download by "checking" the box
indicating agreement with the license (usually scrollable
in the small box). License language is available but
difficult to read. It is also printable. (See 'EULA')

Client Access License (CAL) A Client Access License (CAL) is a software license used
in conjunction with server software that legally permits
access for a specific client computer or individual.

Client Server A computing model relevant to software licensing


where the resources providing a service and the service
requestor are separated.

Cloud Computing Cloud computing is a general term for anything that


involves delivering hosted services over the Internet. The
name “cloud computing” is thought to be inspired by the
cloud symbol that's often used to represent the Internet
in flow charts and diagrams.

Code of Ethics A code of ethics is a set of rules for conduct. The


International Association of IT Asset Managers, Inc. code
governs the professional behavior of certified members.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Commercial-off-the-Shelf (COTS) Generic name applied to software solutions available for


sale, used as a contrast to internal developed software.

Compensatory Damages Settlement provisions allocated to compensate for


damages such as non-compliance or other contractual
misstep.

Competitive Upgrade License Software licensing type where a switch in comparable


software products occurs without purchase fee.
Compliance requires original purchase documentation as
the basis for the upgrade.

Compliance Adherence to the requirements. See Software


Compliance.

Compliance Agency Member organization representing software publishers


to educate on copyright and to collect information about
organizations who are non-compliant. Some member
organizations are authorized to audit consumer
organizations on behalf of their members.

Compliance and Legislation Manager The Compliance and Legislation Manager is responsible
for compliance and legislation information within the
organization including; research on legislation that effects
the organization, maintaining current information on all
regulations and legislation; researching the impact to the
organization on pending regulations and legislations, and
communication of all regulatory and legislative matters.

Compliance and Legislation Personnel The Compliance and Legislation Management Personnel
are responsible for supporting the Compliance and
Legislation Management role. They work together to
ensure that the organization is compliant in all facets of
the ITAM program including but not limited to software
compliance, accounting laws, privacy laws, government
access laws, etc.

Compliance Enforcement Action taken by copyright holder, or its representatives,


to manage inappropriately licensed products.

Compliance Management Monitoring the acquisition process, licensing, and


configuration of software products to ensure legal use.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Computer Maintenance Competition Creates an exemption allowing computer repair services


Assurance Act (CMCAA) to make a copy of a computer program for maintenance
or repair purposes.

Concurrent License License schema under which a defined number of


multiple users may access a given software product
simultaneously. Concurrent usage generally refers to
network distributed applications.

Conditionally Exempt Small Quantity An organization that generates 100 kilograms or less per
Generators (CESQG) month of hazardous waste, or 1 kilogram or less per
month of acutely hazardous waste. Requirements for
CESQGs include: (see RCRA; 40 CFR 261.5) CESQGs
must identify all the hazardous waste generated.
CESQGs may not accumulate more than 1,000 kilograms
of hazardous waste at any time. CESQGs must ensure
that hazardous waste is delivered to a person or facility
that is authorized to manage it.

Configuration The internal system elements of an asset that may


receive individual attention, and/or maintenance.
Examples include: Hard drive and memory.

Configuration Item (CI) Configuration Item is a term used in IT Service


Management and ITIL to describe a collection of objects
that are part of a specific functionality. The software
installed on a desktop computer is a simple example of a
CI.

Consumer Price Index (CPI) A statistical estimate of the level of prices of goods and
services bought for consumption purposes by
households. The change in the CPI is a measure of
inflation, and can be used for indexation (or evaluation)
of wages, salaries, pensions, regulated or contracted
prices. It is sometimes used in maintenance calculations.

Contract Management (CM) The management of legal agreements including proper


and accurate documentation, storage and relationships to
other legal documents.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Control Objectives for Information COBIT is an IT governance framework that was created
and related Technology (COBIT) by the Information Systems Audit and Control
Association (ISACA) and the IT Governance Institute
(ITGI) in 1996 to better enable clear policy development
and bridge the gap between control requirements,
technical issues and business risks within the realm of
organizational information technology. COBIT
emphasizes regulatory compliance, and helps
organizations to increase the value attained from IT.

Copyright Laws A type of intellectual property protection, these laws


protects the rights of the copyright holder allowing them
control over use of the intellectual property. Copyright
laws are present in most if not all countries and are
influenced by trade agreements between nations.

Cost Benefit Analysis (CBA) A process by which business reviews the potential cost
of a product, or service, and compares that cost to the
potential benefits derived from that product or service.
A formal discipline used to help appraise, or assess the
case for a project or proposal.

Co-terminus Co-terminus is the term used to describe the


termination of a set of contracts or assets at the same
time regardless of the individual contract start dates.

Council of Supply Chain Management A worldwide professional association for supply chain
Professionals (CSCMP) professionals.

Counterfeit Software Software is counterfeit when it is duplicated and sold as


if it were legitimate and authorized by the copyright
holder. (See 'Piracy')

Crisis Management Crisis management involves identifying a crisis, planning a


response to the crisis and confronting and resolving the
crisis.

Critical Success Factor (CSF) Critical Success Factor (CSF) is a business term for an
element which is necessary for an organization, or
project to achieve its mission.

Customer Resource Management An integrated information system that is used to plan,


(CRM) can also be Customer schedule and control the presales and post sales
Relationship Management activities in an organization. The primary goal of CRM is
to improve long-term growth and profitability through a
better understanding of customer behavior.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Cyber Crime The use of electronic means to commit crimes (i.e.


computer internet “hacking”, identity theft, etc.)

Data Scrubbing (also referred to as The process of detecting and removing and/or correcting
Data Cleansing) a database that contains data that is incorrect, out-of-
date, redundant, incomplete, or formatted incorrectly.
Another goal of data scrubbing is to bring consistency to
sets of data that have been merged from separate
databases.

Decentralization Organizational trend of allocating and managing assets by


dispersing them to individual business units, rather than
maintaining control from a single managerial prospective.

Decision Support System (DSS) A computer-based system that aids the process of
decision making. It is designed to utilize data to provide
an easy-to-use interface and allows for the decision
maker's own insights in the decision making process.

Definitive Software Library (DSL) this An established secure location devoted to the storage of
acronym also used for: Digital physical media or a software repository located on a
Subscriber Line network file server. This is the location where all
authorized versions of all software configuration items,
master copies of controlled software, licensing
information and copies of purchased software are
maintained.

Department of Homeland Security A Cabinet department of the Federal Government of the


(DHS) United States with the responsibility of protecting the
territory of the United States from terrorist attacks and
responding to natural disasters.

Design for the Environment Program EPA's premier partnership programs, working with
(DfE) individual industry sectors to compare and improve the
performance and human health and environmental risks
and costs of existing and alternative products, processes,
and practices.

Desktop Individual computing device. Also termed "client".

Digital Media Electronic products such as software and digital


audiovisual.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Digital Millennium Copyright Act Legislation that was designed to control digital media
(DMCA) security and duplication codes. The intent behind
DMCA was to create an updated version of copyright
laws to deal with the special challenges of regulating
digital material. Broadly, the aim of DMCA is to protect
the rights of both copyright owners and consumers.

Digital Subscriber Line (DSL) A generic name for digital lines that are provided by
telephone companies to their local subscribers and that
carry data at high speeds.

Disaster Recovery A process an organization utilizes to take action during


and immediately following a disaster that disrupts the
organization's normal functioning. Business Continuity
may be considered part of DR or as a secondary process
for returning the organization to normal functioning
post-disaster.

Disaster Recovery Personnel Disaster Recovery Personnel provide a support role that
contributes to the overall success within the ITAM
Program. Their role within the ITAM Program is
multifunctional throughout all the Key Process Areas,
and provides support services in all facets of Disaster
Recovery.

Disaster Recovery Plan (DRP) A process by which an organization develops a plan to


mitigate the risk of loss in the event of a disaster caused
by any means. Disaster recovery planning is the first
step in the larger process known as Business Continuity
Planning (BCP).

Discovery Process The process of utilizing one or more software


applications (discovery tools) that inventory computer
systems to determine both software and hardware items
contained within.

Discovery Tool Software application that scans computer systems


accessed through the network and inventories the
hardware elements and software installed on that
hardware. These snapshots of the environment provide
reports and are essential part of a Software Audit (see
'Software Audit' and 'Inventory')

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Disposal Management The process an organization develops to effectively


disburse or eliminate assets no longer in use, in
accordance with legislation and recycling guidelines.

Disposal Management Personnel The Disposal Management Personnel report directly to


the Disposal Manager and provide support in all
functions of the disposal process including but not
limited to: transportation, documentation, security, and
monitoring fair market value.

Disposal Manager The Disposal Manager is responsible for the proper


disposal of all IT Assets. The person in this role will
work closely with the security team to ensure that
information and data remains secure throughout the
entire disposal process, and will also monitor market
values, software harvesting, and disposal methods.

Disposition, Asset Eliminating asset(s) by means of a disposal process, while


adhering to all mandated standards during that process.
A successful disposition of assets requires diligence in
disposal planning.

Document Management System Organized system of storage, control, and recovery of


strategic documentation relating to software assets.

Documentation Documentation is hard copy and electronic data and


reports. Documentation from a vendor includes proofs
of purchase, licenses, Certificates of Authenticity,
specified original packaging, manuals and master media.
Program documentation includes templates for reports,
process development and definitions.

Documentation Management The Documentation Management Personnel provide


Personnel direct support to the Documentation Manager in all
facets of the Documentation Process. They assist in the
daily operations of Documentation Management
including: repository information, documentation
retention, change control, backup and recovery, and
library management.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Documentation Manager The Documentation Manager is a key member of the


ITAM Program. This role is responsible for all
documentation within the ITAM Program which includes
but not limited to: archiving of historical data, maintaining
current data, financial data, and disaster recovery data.
The Documentation Manager also will be involved in the
requirements of offsite storage and policy requirements.

Earnings Before Interest, Taxes, An indicator of an organization's profitability that is


Depreciation and Amortization normally monitored by investors.
(EBITDA)

Electrical and Electronic Equipment Most commonly seen in association with the European
(EEE) Union (EU) Waste Electrical and Electronic Equipment
(WEEE) Directive. IE: Any organization which produces
electrical and electronic equipment (EEE) within the EU
community should be especially careful in understanding
the law’s stringent guidelines.

Electronic Communications Privacy Enacted by the United States Congress to extend


Act of 1986 (ECPA) government restrictions on wire taps from telephone
calls to include transmissions of electronic data by
computer.

Electronic Data Interchange (EDI) EDI is a digital method of transmitting information


between two entities such as electronic purchase orders
to automate the purchasing process. EDI is still widely
used for electronic exchanges between and within
businesses, organizations, government entities and other
groups.

Electronic Frontier Foundation (EFF) Founded in July of 1990 in response to a basic threat to
speech. From the beginning, EFF has championed the
public interest in every critical battle affecting digital
rights.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Electronic Product Environmental EPEAT was developed under the EPA umbrella and is
Assessment Tool (EPEAT) managed by the Green Electronics Council (GEC) as an
easy-to-use, on-line tool designed to help institutional
purchasers select and compare computer desktops,
laptops and monitors based on their environmental
attributes. EPEAT is dedicated to informing purchasers of
the environmental criteria of electronic products.

End User License Agreement (EULA) License type sometimes called click-through since it is
often read online, binds consumers to a specific set of
terms that may be strict and broader than other license
language.

Enterprise Agreement Enterprise Agreements are a type of legal contract


typically between and software vendor and the consumer
organization that grants license rights across the
enterprise. Terms and conditions specify how the
licenses may be used, reported and how payment is
handled.

Enterprise Resource Planning System A process to integrate (or attempt to integrate) all data
(ERPs) and processes of an organization into a unified system. A
typical ERP system will use multiple components of
computer software and hardware to achieve the
integration. A key ingredient of most ERP systems is the
use of a unified database to store data for the various
system modules.

Entitlement A specific right granted by a software publisher in the


license agreement to the user of the software, defining
specifically how the software product may be used.

European Union (EU) A multinational union, made up of twenty-seven


European countries. EU law has direct effect within the
legal systems of its Member States, and overrides
national law in many areas, especially in terms of
economic and social policy.

Executable Defined as a computer file that initiates a software


application or process.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Executive Information System (EIS) This type of support system was originally designed to
fulfill the needs of senior executives by providing easy
access to both internal and external information which
aids in the decision process necessary to meet the
strategic goals of the organization. EIS is commonly
considered as a specialized form of a Decision Support
System (DSS) for executives.

Executive Management Upper management of any corporate entity.

Executive Sponsor The Executive Sponsor supports all functions of the


ITAM Program. This role is normally the champion of
the program and has the authority of overall
enforcement for the program.

Fair and Accurate Credit Transactions The Fair and Accurate Credit Transactions Act is a
Act (FACTA) consumer rights bill that became effective June 1st, 2005.
FACTA was designed to lower the risk of identity theft
and consumer fraud. It enforces the proper destruction
of consumer information, such as name, address, SSN,
credit information. Also included in this bill is the
necessity to destroy data compiled from this same
information.

Fair Market Value (FMV) A term in both law and accounting practices to describe
an appraisal based on an estimate of what a buyer would
pay a seller for any piece of property. It is a common
way of evaluating the value of property when assessing
damages to be awarded for the loss of or damage to the
property, generally in a claim under tort or a contract of
insurance.

Federation against Software Theft A UK-based non-profit organization set up in 1984 by


(FAST) the British Computer Society's Copyright Committee to
support the rights of copyright holders, specifically
software publishers.

Financial Lease A finance lease, or capital lease transfers ownership of


the leased asset to the leasing organization. The leasing
organization has a negotiated payment stream with the
leasing vendor.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Financial Management Personnel The Financial Management Personnel are responsible for
supporting the Financial Manager and satisfying the needs
of that role which include invoice reconciliation, budget
support, financial documentation retention and purchase
order/payment processes.

Financial Manager The Financial Manager initiates the financial transaction


for the purchase of IT Assets. This includes issuance of
the purchase orders and payments. The person in this
role is also responsible for accurate invoice information
through a reconciliation process. The Financial Manager
ensures all proper entities have been notified of the
financial processes. (Receiving, Acquisition, Contracts,
Legal, Technical, ITAM Program Manager, and
Stakeholders)

Financial Year A fiscal year (financial year or accounting reference date)


is a 12-month period used for calculating annual
("yearly") financial statements in businesses and other
organizations.

Fix A minor update or repair to a software product.

Font License License schema which is type-set specific.

Fixed Asset A UK-based non-profit organization set up in 1984 by


the British Computer Society's Copyright Committee to
support the rights of copyright holders, specifically
software publishers.

Forced Audit Compliance audit with consent.

Free and Open Source Software Software that is liberally licensed to grant the right of
(FOSS) users to use, study, change, and improve its design
through the availability of its source code.

Freeware Software for which payment is not required. Freeware


still carries a license that must be kept on file and
adhered to.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Freeware License License type when a purchase is not required, but where
the product is copyrighted and the copyright holder
retains the rights to control its distribution, modify the
software, and reserves the right to sell the software at
any time in the future.

Full Time Employee (FTE) For calculation purposes, an employee that is


compensated as a full time employee.

GANTT Chart This is a type of bar chart commonly used to represent


the schedule of a project. The Gantt chart illustrates the
planned as well as progress of tasks from the work
breakdown structure (WBS). Some variations of the
Gantt Chart also show dependencies between tasks.

General Public License (GPL) A widely used free software license, originally written by
Richard Stallman for the GNU project. It is the license
used by the GNU/Linux operating system. The GPL is
the most popular and well known example of the type of
license that requires derived works to be available under
the same license.

General Services Administration GSA helps U.S. Federal agencies better serve the public
(GSA) by offering at best value, superior workplaces, expert
solutions, acquisition services, and management policies.

Governing The replacement of legal language in one legal document


by another legal document is called governing. For
instance, “the enterprise agreement governs the
software licenses for that vendor’s products.”

Government Information Security Legislation that requires U.S. Federal agencies to perform
Reform Act (GISRA) an internal risk assessment of their electronic
information systems and security processes. A report on
each agency’s findings is then submitted to the Office of
Management and Budget (OMB).

Grace Event A consumer awareness event sponsored by the Business


Software Alliance in which a select group of businesses
are typically given 30 days to become compliant on their
software licenses.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Gray Papers A superior class of informational documents created by


IAITAM. The term "Gray Paper" was chosen due to the
fact that the color gray is widely considered to imply
knowledge, intellect, and wisdom; as such, there is no
better color to describe the importance of the message
that IAITAM's Gray Papers impart.

Hand Audit Better known as a manual audit, a discovery that has


been collected and scrubbed manually rather than with
the help of automation.

Handheld Portable computing device generally small enough to be


held in one's hand.

Hard Disk Loading A practice by which computer hardware retailers


provide computers that contain illegally licensed
operating systems, and/or software. The consumer is
usually not made aware of the illegal status of their
possession.

Hazardous and Solid Waste Amendments made to RCRA in 1984 that required
Amendments (HWSA) phasing out land disposal of untreated hazardous waste
by more stringent hazardous waste management
standards. Mandates of this law include increased
enforcement authority for EPA and a program requiring
corrective action.

Health Insurance Portability and Title I of HIPAA protects health insurance coverage for
Accountability Act (HIPAA) workers and their families when they change or lose
their jobs. Title II of HIPAA, the Administrative
Simplification (AS) provisions, requires the establishment
of national standards for electronic health care
transactions and national identifiers for providers, health
insurance plans, and employers. The AS provisions also
address the security and privacy of health data. The
standards are meant to improve the efficiency and
effectiveness of the nation's health care system by
encouraging the widespread use of electronic data
interchange in the US health care system.

Help Desk Operational entity or application, through which an


organization provides technical support and assistance to
users/clients.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Human Resources (HR) An organizational department that is responsible for the


personnel functions. The Human Resources’ role within
the ITAM Program includes participation in:
communication, education, personnel information, and
policy management and enforcement.

IAITAM International Association of Information Technology


Asset Managers, Inc.

IAITAM Best Practice Library (IBPL) IAITAM's thirteen book, twelve volume set represents
the collective knowledge and experiences of the entire
ITAM industry. The IBPL focuses on description and
execution for each of the 12 Key Process Areas (KPA)
that when used together support processes, and fully
defines the roles and responsibilities for all involved
individuals within the organization.

IAITAM Best Practice Model (IBPM) A best practice model for knowledge that is focused on
assessing, implementing, and optimizing IT Asset
Management through real-world practical approaches
and techniques. The IBPM consists of practice areas that
specify capabilities, commitments, and processes.

Implementation Process by which an organization brings a product,


process, or project, through the stages of concept, to its
full operation.

Information Systems Audit and The ISACA is an international professional association


Control Association (ISACA) that deals with IT Governance Standards, as well as
guidelines and procedures for information system
auditing. Founded in 1967 and incorporated in 1969 as
EDP Auditors Association, it wasn't until 1976 that the
association formed an education foundation to undertake
large-scale research efforts to expand the knowledge and
value of the IT governance and control field. As of early
2010 the Association is serving more than 86,000
constituents (members and professionals holding ISACA
certifications) in more than 160 countries.

Information Technology (IT) The study, design, development, implementation, support


or management of computer-based information systems,
particularly software applications and computer
hardware.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Information Technology Asset The set of business practices that join financial,
Management (ITAM) contractual and inventory functions to support life cycle
management and strategic decision making for the IT
environment.

Information Technology Asset The IT Asset Manager is the primary point of


Manager (ITAM) accountability for the life cycle management of
information technology assets throughout any
organization. Included in this responsibility are
development and maintenance of policies, standards,
processes, and systems.

Information Technology Governance This is a learning based facility that offers instruction and
Institute (ITGI) certification designed to help IT industry leaders better
align information Technology with organizational goals,
and to achieve maximum value from IT systems by
focusing on performance and risk management.

Information Technology Infrastructure Initially developed as standards for IT operations for the
Library (ITIL) British government, this infrastructure has been widely
adopted as a guide to IT service management. ITIL
outlines processes intended to support organizational
achievement of high quality and value from IT operations.
ITIL includes guidance for service strategy, service
design, service transition, service operation and continual
service improvement.

Infrastructure The underlying process, or operation, wherein a given


project or product is based.

Infrastructure as a Service (IaaS) Infrastructure as a Service is a provision model in which


an organization outsources the equipment used to
support operations, including storage, hardware, servers
and networking components. This is one of the three
broad categories of hosted services made available by
internet service providers (IaaS, PaaS and SaaS).

Installation A service or process that configures and delivers


hardware and/or software as requested. Installation is
part of the helpdesk acronym IMAC, Installs, Moves,
Adds and Changes.

Installs, Moves, Adds, Changes (IMAC) Describes the actions of the technical staff managing a
distributed organizational asset environment.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Instructor-Led Training (ILT) A form of instruction by which the given instruction is


given and/or guided by a qualified instructor.

Intangible An asset or benefit whose value cannot be estimated


based upon generally accepted standards of accounting.

Internal Rate of Return (IRR) A capital budgeting method used by firms to decide
whether they should or should not make long-term
investments.

International Data Corporation (IDC) A subsidiary of the International Data Group, the IDC is
a market research and analysis firm that specializes in
Information Technology, Telecommunications, and
Consumer Technology.

International Data Group (IDG) Founded in 1964, IDG is reportedly the world's leading
technology media, events and research organization,
reaching technology audiences in more than 90
countries.

International Standards Organization An international standard-setting body composed of


(ISO) representatives from various national standards bodies. It
has the ability to set standards that often become law,
either through treaties or national standards.

Internet Service Provider (ISP) An ISP is an entity that supplies Internet connectivity to
home and business customers. Wireless Internet service
providers or WISPs have emerged that offer Internet
access through wireless LAN or wireless broadband
networks. In addition to basic connectivity, many ISPs
also offer related Internet services like email, Web
hosting and access to software tools.

Inventory (noun) List of hardware, and/or software products 'discovered'


either manually or electronically in an organizational
environment.

Inventory (verb) Act of 'discovering' hardware, and/or software products


either manually, or electronically, in an organizational
environment.

Invoice Reconciliation Process to confirm that invoices accurately represent


what has been delivered and that the payment figure is
appropriate and accurate.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

IT Asset Management Repository An IT Asset Management repository collects data about


the financial, inventory and contractual aspects of IT
assets for analysis and reporting over time. Functionality
provided with a repository usually includes automated
support for ITAM processes.

IT Portfolio Management IT Portfolio Management is the application of systematic


management to large classes of items managed by
organizational Information Technology (IT) capabilities.
Examples of IT portfolios would be planned initiatives,
projects, IT assets, and ongoing IT services.

IT Spend, IT Expenditure The total amount budgeted or actual expenditures, for


an organization's Information Technology. This term
implies an organization-wide view of expenditures, not
just those which occur in the IT department. That is to
say, all IT related expenditures made within the
environment.

ITAM Communications Manager The ITAM Communication Manager’s function is to


ensure that all communication involving the ITAM
Program is properly communicated to all parties
involved. They are tasked with the responsibility of
developing, monitoring, and the tracking of new and
existing communication programs.

ITAM Educational Manager The ITAM Educational Manager’s function is to ensure


that all parties involved in the ITAM Program are
properly trained. They are tasked with responsibility of
developing, monitoring, and the tracking of new and
existing educational programs.

Key Performance Indicator (KPI) Key Performance Indicators (KPIs) are metrics to
quantify performance. KPIs are used to assess the
present state and to prescribe a course of action. KPIs
are frequently used to "value" difficult to measure
activities such as the service quality and satisfaction.

Key Process Areas (KPA) A Key Process Area identifies a cluster of related
activities that when performed collectively, achieve a set
of goals and enhance the overall program's success.

Large Account Reseller (LAR) Large Account Resellers are resellers for products and
programs such as Microsoft's Select License program.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Lease A lease is defined as a contractual agreement between a


lessor, and lessee, that gives the lessee the right to use
specific property, either owned, or in the possession of,
the lessor. This contract covers a specific time period, in
consideration of rent or other compensation.

Lease Rate Factor A negotiated calculation for leased assets that reduces
the monthly payments depending on the volume leased
and other financial terms.

Leasing The long term rental of hardware or software rather


than purchasing. Generally, it is considered leasing if the
“rental” term is more than one year.

Legacy Application For ITAM purposes, Legacy Applications are products


which are written in-house, or, not initially present
within the asset management database. Contains custom
applications for in-house purposes.

Legal Legal’s role within the ITAM Program is multifunctional


throughout all the Key Process Areas. They provide
support services such as policy review, legislation
interpretation, contract support, compliance matters,
and act as an advisor on negotiations. Legal provides
ongoing support by interacting and contributing to the
overall success of the ITAM Program.

License Legal document which is a binding contractual agreement


between a software publisher, and software user,
defining conditions of use.

License Management A process which is established by an organization to


control and manage license agreements.

License Metric A quantitative measure of usage defined in accordance


with the terms and conditions of a software license
agreement. The license metric is used to establish
entitlement rights, usually, in accordance with
documented payments to a software publisher.

Lifecycle Management The process of managing assets from the moment they
are considered, until their disposal.

Litigation A process in which legal action has been taken to settle a


dispute (i.e. alleged illegal act)

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Local Area Network (LAN) A computer network covering a small geographic area,
like a home, office, or group of buildings.

Low Hanging Fruit IAITAM refers to "low hanging fruit" as the cost saving
opportunities that are easily identified and correctable in
a short time frame. Also known as a Quick Success
Project or QSP

Loyalty Pricing Special pricing received from a vendor on all


products/services that the vendor offers whether under
a volume agreement or not. Loyalty pricing would come
into effect when an organization agrees to use a certain
vendor's products/services throughout their
organization.

Machine License License schema in which a particular machine (asset)


must be identified to validate the agreement.

Maintenance Agreement A contractual agreement which defines the terms and


conditions for service of a particular item.

Maintenance Upgrade Installation of a more current version of a software


product under the terms of a specified maintenance
agreement.

Manual Audit A discovery that has been collected and scrubbed


manually rather than with the help of automation. This
type of audit is not accepted by compliance agencies.
Sometimes called a hand audit.

Manuals Print media books provided by the copyright holder that


provide details on installation, operation, management,
or use of the product. Many software publishers are
discontinuing print manuals in favor of digital media.

Master Agreement A legal document between parties where the terms and
conditions govern all subsequent agreements relating to
the same topic.

Master Media The physical device on to which a software program is


written, and can be executed on a piece of computer
equipment.

Media Control A process which an organization establishes to manage


the distribution of a physical device which contains a
software program.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Mediation The process of settling a disagreement between two or


more parties (i.e. between a customer and a software
publisher) by using a third party negotiator rather, than
going through the court system. The mediator's decision
is not binding to either party+B21.

Mergers and Acquisitions (M&A) A merger is the culmination of the assets and liabilities of
two (or more) organizations to form a single business
entity. The term Acquisition is generally used when a
larger organization absorbs a smaller organization; and
the term merger is used when the unions of the involved
organizations are roughly of equal size or worth.

Millions of Instructions per Second The term commonly used in association with a numeric
(MIPS) value of measuring computer speed. Also used are:
thousand instructions per second (kIPS), and Million
Operations per Second (MOPS).

Moore’s Law A widely accepted observation made in 1965 by Intel co-


founder Gordon Moore, that the number of transistors
per square inch on integrated circuits had doubled every
year since the IC was invented. Through the years, this
has translated to currently accepted standards that
technology doubles approximately once every 18
months. This assumption is used as part of the
acquisition equation for the purpose of acquiring cutting
edge technology equipment.

MP3 A term commonly used to describe Digital Music files.

Named User License License schema in which a particular user must be


identified to validate the agreement.

National Environmental Policy Act To declare a national policy which will encourage
(NEPA) productive and enjoyable harmony between man and his
environment; to promote efforts which will prevent or
eliminate damage to the environment and biosphere, and
to stimulate the health and welfare of man; to enrich the
understanding of the ecological systems and natural
resources important to the Nation; and to establish a
Council on Environmental Quality.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

National Institute of Standards and Non-regulatory agency of the United States Department
Technology (NIST) of Commerce’s Technology Administration. The
institute's mission is to promote U.S. innovation and
industrial competitiveness by advancing measurement
science, standards, and technology in ways that enhance
economic security and improve overall quality of life.

Needs Analysis Needs analysis validates employee goals and aspirations


against the organizational requirements.

Negotiation The cooperative effort to determine the terms and


condition of a particular agreement. The activity of
negotiating an agreement; coming to terms to achieve a
win-win situation.

NET Act No Electronic Theft Law is a U.S. Federal law passed in


1997 that protects the holders of electronic copy-
written data from illegal use. This law provides for the
criminal prosecution of individuals who engage in
copyright infringement, even when there is no monetary
profit or commercial benefit from the infringement.

Net Present Value (NPV) A standard method for the financial appraisal of long-
term projects. Used for capital budgeting, and widely
throughout economics, it measures the excess or
shortfall of cash flows, in present value (PV) terms, once
financing charges are met.

Network Group of interconnected computing devices or systems.

Network Interface Cards (NIC) Refers to a piece of computer hardware that is designed
to allow computers to communicate over a computer
network. Also referred to as a network card, network
adapter or LAN adapter, this piece of hardware gives
users the capability to connect to each other by wired or
wireless methods depending on the configuration.

Network License License schema which covers application distributed over


a network type environment.

Non-Compliance Failure to utilize software products according to the


licensing agreement. Intentional or not, non-compliance
is the act of not following the provided model or
specified regulations and laws.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Non-Disclosure Agreement (NDA) When signed by all parties involved, the Non-Disclosure
Agreement is a contract through which the involved
parties agree not to disclose information covered by the
agreement. The agreement is designed to allow
businesses to share proprietary information with the sole
purpose of evaluating potential business relationships;
and it is common for new employees to sign NDAs as a
condition of their employment. NDAs are also seen in
the IT field, commonly signed by students prior to taking
a certification examination.

Open Source License Any document that attempts to specify open source
usage, and distribution of software. These licenses are
usually drafted by experts and are likely to be more
legally sound than one a programmer could write.
However, loopholes do exist.

Operating Lease (also known as a An operating lease allows one organization to use the
traditional lease) equipment of another for a specified payment stream
without transfer of ownership.

Original Equipment Manufacturer A term that refers to a situation in which one


(OEM) organization purchases a manufactured product from
another organization and resells the product as its own,
usually as a part of a larger product it sells. OEM is the
organization that originally manufactured the product.

Outsourcing The use of a provider’s service to perform some type of


function. In ITAM, Seat Management is one model for
outsourcing.

Ownership License A compilation of license purchases made through time


for a given product to determine what version
entitlements are currently owned.

Part Time Employee (PTE) For calculation purposes, an employee that is


compensated as a part time employee.

Passive Metering Works in much the same way as active except that
additional users are not denied access. Instead, the
amount of additional users are recorded so the
organization can assess how many more licenses need to
be purchased to fill their needs.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Patent Corporation Treaty (PCT) The PCT Treaty makes it possible to seek patent
protection for an invention simultaneously in each of a
large number of countries by filing an "international"
patent application. Such an application may be filed by
anyone who is a national or resident of a Contracting
State.

Payment Card Industry Data Security A widely accepted set of policies and procedures
Standard (PCI DSS ) intended to optimize the security of credit, debit and
cash card transactions; designed to protect cardholders
against misuse of their personal information. Security
measures also apply to all employees, merchants,
vendors, service providers, contractors and business
partners who store, process or transmit credit
cardholder data, as well as to all system components
included in or connected to or the cardholder data
environment.

Permissive Refers to the nature of software licensing documents


that specify how software may be used.

Perpetual License License schema which is a one-time payment for on-


going use.

Personal Computer (PC) Personal Computer, also known as a 'Workstation'. In


Contrast with 'Server', this device is typically used by the
end-users in a business setting.

Personal Data Assistant (PDA) An electronic device which can include some of the
functionality of a computer, a cell phone, a music player
and a camera.

Piracy Piracy is the unauthorized reproduction and distribution


of electronic and audio-visual media. Purchasing pirated
software is against copyright law. Failure to utilize
software products according the specified licensing
agreement or without sufficient proof for the number of
copies installed is also a form of piracy.

Platform as a Service (PaaS) Platform as a service sometimes referred to as "Cloud


Platform Services" facilitates deployment of applications
without the cost and complexity of buying and managing
the underlying hardware and software layers. This is one
of the three broad categories of hosted services made
available by internet service providers (IaaS, PaaS and
SaaS).

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Policy Policies are rule statements that govern acceptable


behavior and actions. Policies should designate those to
whom the policy applies and provide a rationale to gain
cooperation and compliance.

Policy Management Personnel The Policy Management Personnel directly support the
Policy Manager, ensuring that risks are reduced via
organizational policies. The Policy Management
personnel will assist with development, communications,
and enforcement of organizational policies.

Policy Manager The Policy Manager plays a key role within the ITAM
Program. The Policy Manager will set the foundation for
the ITAM Program by creating policies that mitigate risks
associated with daily operations and maintaining all
policies related to the ITAM Program. The Policy
Manager will define enforcement of organizational
policies.

Preferred Vendor A preferred vendor is a category for vendors who


provide extra value to the organization such as post-sale
support or systems integration but not organization-wide
business initiatives (which is a strategic vendor). The
preferred level vendor may provide niche products and
services. Preferred level vendors are approximately 20%
of the vendors.

Procedure Procedures specify how a given task should be


performed through direction or guidelines.

Processor Based License Also called CPU based, this license originally applied to
the power of a mainframe CPU, yet has been making its
way into the distributed environment for several years.
The license is licensing either capacity of the computing
device, or the actual number of processors within that
device.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Program Manager The Program Manager as a role is responsible for the


direction of the entire ITAM program. This individual
would most likely hold the CITAM certification and
would manage the ITAM department personnel as well
as to work with the business units and technical services
groups to develop processes and policies affecting the
organization as a whole related to the ITAM program.
They would be the liaison to senior management for
reporting the progress of the program.

Project Charter A foundational document for a project, a project charter


describes the broad scope, objectives and authorizes the
project.

Project Management Personnel The Project Management Personnel are the individuals
chosen by the Project Manager to execute all functions
as a project team. These individuals are responsible for
the daily operations of the project following the
guidelines of project management including project plans,
budget management, change management, milestones
and resource management.

Project Manager A Project Manager will fulfill the role of the person
responsible for the success of the assigned project. This
includes assembling the project team, project charter and
plans, obtaining executive buy-in, and management
throughout the life of the project.

Proof of Purchase (POP) Documentation confirming legal acquisition and payment


for a copyrighted product. POPs can include, but are
not limited to, cancelled checks, paid invoices, credit
card receipts, register receipts, and vendor records
proving that the candidate purchased and paid for the
product.

Public Domain License Sometimes called a "public-domain equivalent license,"


which is somewhat of a misnomer. A more accurate
term is "permissive free software". Software available in
the public domain is technically not licensed at all, they
are not even copyrighted. This means that you are free
to use what is available in the public domain as you see
fit, without restriction. Information can fall into the
public domain after a certain period of time, depending
on the country—or it can be deliberately placed there by
an author who does not wish to restrict reuse.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Purchase Order (P.O.) A commercial document generated by the purchaser of


products or services from the provider that specifies a
request indicating types, quantities, and agreed upon
prices for the products or services requested. A
purchase order is a written obligation to buy.

Quantify A way to measure a particular process. To express as a


number or measure of quantity; "Can you quantify your
results?"

A project that is simple to implement with a high return


on investment.
Quick Success Project (QSP)

RACI Chart This chart is used as a planning and reorganization tool


that facilitates the examination of processes against roles.
RACI stands for Responsibility, Accountability,
Consulted, and Informed, which denote the descriptors
used to present the way an individual's role intersects
with a particular task.

Radio Frequency Identification (RFID) An asset identification method relying on storing and
remotely retrieving data using devices called RFID tags
or transponders. An RFID tag is an object that can be
affixed to or incorporated within an IT device for the
purpose of identification utilizing radio wave technology.
Some tags can be read from several meters away and
some beyond the line of sight of the reader.

Radio Frequency Tag (active tag) Active RFID tags are electronic tags with a chip, antenna
and battery in the reporting device so that the device
constantly transmits a signal for inventory and
monitoring purposes.

Radio Frequency Tag (passive tag) Passive RFID tags are electronic tags with a chip and
antenna that rely on the reader for power so that when
the reader is within a short distance, the device
transmits a signal for inventory and monitoring purposes.

Radio Frequency Tag (semi-active tag) Semi-active RFID tags are electronic tags with a chip and
antenna that rely on the reader for power so that when
the reader is within a short distance, the device
transmits a high frequency signal for inventory and
monitoring purposes at greater distances than a passive
tag.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Receiver The role of the Receiver is to inspect incoming packages


for physical damage. The physical condition of the
package will determine continuance through the
acceptance process. The Receiver then ensures proper
parties have been notified of the receipt of the asset.

Reconciliation Comparison between software licenses owned by an


organization, and the software actually installed in its
computing environment.

Recording Industry of America Recording Industry of America Association is the


Association (RIAA) watchdog group for the Recording Industry of America
(“RIA”) and was formed to assist in prosecuting those
who are caught illegally copying and distributing music.

Redeployment The process of identifying assets that are no longer


needed, assessing the continued use of the asset and
then re-tasking the asset to a new purpose, location or
user within an organization. (i.e. when one department
or group replaces their PCs, the old PCs can be
relocated to another department that can utilize the
older equipment and save the cost of purchasing new
assets).

Refresh The process for replacing sets of assets on a schedule


typically due to the age of the devices.

Reimaging Reimaging is the copying of software onto multiple


devices from one standard image. An example would
include this capability being granted to Volume Licensing
customers.

Renewal Date The date when a contract is considered extended for


another period as described in the agreement that
obliges the customer to pay for, or otherwise be
obligated to the vendor for the use of the product.

Repository Software database product that contains the historical


ITAM data.

Request For Bid (RFB) A selection strategy where the terms, conditions, and
specifications are described and limited. Price is a
significant criterion. Responses are not subject to
negotiation.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Request For Information (RFI) A formal request by a customer to vendors for


information regarding a service or product that the
customer is considering for acquisition.

Request For Proposal (RFP) A formal request by a customer to select vendors for
information regarding a service or product and how that
product or service addresses the customer's specific
requirements. Expected conclusion of the RFP process
is a product or service will be chosen.

Request For Quote (RFQ) Same as RFB. See: Request For Bid.

Resource Conservation and Recovery RCRA, established in 1976, gave the EPA authority to
Act (RCRA) regulate hazardous waste from generation to disposal.
RCRA's goals are to Protect human health and the
environment from the potential hazards of waste
disposal by: conserving energy and natural resources,
reducing the amount of waste generated, and ensuring
that wastes are managed in an environmentally-sound
manner.

Restriction of Hazardous Substances The restriction of the use of certain hazardous


(ROHS) substances in electrical and electronic equipment. This
Directive bans the placing on the EU market of new
electrical and electronic equipment containing more than
agreed levels of lead, cadmium, mercury, hexavalent
chromium, polybrominated biphenyl, (PBB) and
polybrominated diphenyl ether (PBDE) flame retardants.

Return Material Authorization (RMA) Usually, an assigned number given by a vendor that
authorizes the return of a product for repair,
replacement, or refund.

Return on Investment (ROI) The ratio of money gained or lost on an investment


relative to the amount of money invested.

Reverse Auction A tool used in industrial business-to-business


procurement. It is a type of auction in which the role of
the buyer and seller are reversed, where the primary
objective is to drive purchase prices downward. In an
ordinary auction (also known as a forward auction),
buyers compete to obtain goods or services. In a reverse
auction, sellers compete to obtain business.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Roadmap A document or chart that represents a longer term view


of goals, projects and timelines that helps the focus
remain understood and true to the plan. Roadmaps are
modified over time as more is learned and new issues
impact the plans.

Role A role is a set of responsibilities that are executed by an


individual to accomplish a set of tasks in process and for
which they are held accountable. A role is not
necessarily equivalent to the person's title or full job
description as one individual may have more than one
role.

Sarbanes - Oxley (SOX) Act Sarbanes-Oxley Act of 2002 is a United States Federal
Law signed into law on July 30, 2002 in response to a
number of major corporate and accounting scandals
including those affecting ENRON, Tyco International,
Peregrine Systems, and WorldCom. These scandals
resulted in a decline of public trust in accounting and
reporting practices. The legislation is wide-ranging and
establishes new or enhanced standards for all U.S.
publically traded corporate boards, management, and
public accounting firms.

Scope Creep In project management it refers to uncontrolled changes


in a project’s scope. This phenomenon can occur when
the scope of a project is not properly defined,
documented, or controlled. Scope creep can be a result
of poor change control, lack of initial identification of
what is required to bring about the project objectives,
and possibly weak project management or executive
sponsorship. Scope creep often results in cost overrun.

Seat Management A term used in Information Technology that concerns


configuring and managing computer resources, especially
network resources. A significant and growing trend for
large organizations, “seat management,” often includes
outsourcing functions such as: ordering, receiving,
payment to the hardware vendor, configuration
(imaging), deployment to the end user, planning for
future demand, etc. Outsourcing of seat management
continues to require active involvement by the
organization in order to be a success.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Security Security’s role within the ITAM Program is


multifunctional throughout all the Key Process Areas.
They provide support services such as audit process
support, data and documentation security, disposal and
destruction security, as well as enforcement of security
policies. Security is a supporting department which
interacts and contributes to the overall success of the
ITAM Program.

Service Delivery Platform (SDP) The term Service Delivery Platform does not have a
standard definition that maintains the same components
and specifications for all applications, but can loosely be
defined as being a culmination of services that are
optimized for the delivery of a service in a given
technological or network domain (such as web, IMS,
IPTV, Mobile TV, etc.)

Service Level Agreement (SLA) That part of a service contract where the level of service
is formally defined. A SLA is a formal negotiated
agreement between two entities. It is a contract that
exists between customers and their service provider, or
between service providers. It records the common
understanding about services, priorities, responsibilities,
guarantees, etc. with the main purpose to agree on the
level of service.

Service-Oriented Architecture (SOA) In computing, a service-oriented architecture is a flexible


set of design principles used during the phases of systems
development and integration. SOA defines how to
integrate widely disparate applications for a Web based
world and uses multiple implementation platforms.

Shareware License License schema in which a particular software product


may be tried, while adhering to specified restrictions,
before actual purchase.

Sharp Practices Practice of over-enforcing specific, and possibly obscure,


terms within an agreement. (see "Stiffing")

Shrink Wrap License License schema acknowledging license acceptance by


means of opening of the shrink-wrap packaging. (Also
refers to off the shelf store purchased software)

Single User License A license schema in which only one specified person may
use the software, according to the agreement.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Site License License schema which defines a specific site. Sites can be
defined as specifically as a particular floor within an
organization.

Six Sigma Process Six Sigma is a set of practices originally developed by


Motorola to systematically improve processes by
eliminating defects. A defect is defined as nonconformity
of a product or service to its specifications. Six Sigma is a
process of finding, and then correcting errors.

SKU An abbreviation for stock-keeping unit, the number the


manufacturer uses to represent a specific model.

Small Computer System Interface Often pronounced “scuzzy”, is a set of standards for
(SCSI) connecting and transferring data between computers and
peripheral devices. Interfacing up to 8 or 16 devices on
a parallel bus, the SCSI is commonly used for hard disks,
tape drives and a wide range of other devices.

Small Quantity Generators (SQG) Small Quantity Generators (SQG) generates more than
100 kilograms, but less than 1,000 kilograms, of
hazardous waste per month. Requirements for SQGs
include: SQGs may accumulate hazardous waste on site
for 180 days without a permit (or 270 days if shipping a
distance greater than 200 miles). The quantity of
hazardous on site waste must never exceed 6,000
kilograms. There must always be at least one employee
available to respond to an emergency. This employee is
the emergency coordinator responsible for coordinating
all emergency response measures. SQGs are not
required to have detailed, written contingency plans.

Smart Phone Cellular devices which may access the internet, run
particular software applications, and also function as a
phone.

Software and Information Industry A software member organization that represents a


Association (SIIA) number of software and content vendors, uncovering
and reporting on copyright infringement for the
members, including collecting evidence and conducting
software audits.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Software as a Service (SaaS) A service-based computing model that is an alternative


to the traditional purchased software license model. .
This is one of the three broad categories of hosted
services made available by internet service providers
(IaaS, PaaS and SaaS).

Software Asset Management (SAM) The practice of integrating people, processes, and
technology, to allow software licenses and usage to be
systematically tracked, evaluated and managed. The goal
of Software Asset Management is to reduce IT
expenditures, human resource overhead, and compliance
risks that are inherent in owning and managing software
assets.

Software Asset Manager (SAM) The Software Asset Manager works in conjunction with
other IT Asset Management personnel, executives, and
stakeholders to help ensure overall optimal IT Asset
Management performance.

Software Audit A review of assets conducted either internally or by an


external compliance agency or software publisher in
order to confirm compliance to copyright. The process
is to automatically discover, detail, and document all
copyrighted products present on computer systems, and
other electronic media. (Such as stored hard drives, etc.)

Software Compliance Installation and use of software in according with the


legal document governing the use and any applicable
copyright laws.

Software License A software license is a legal agreement that provides a


grant of use for a specific copyrighted work. The license
agreement typically comprises express permissions,
rights, and restrictions imposed on the licensee for use
of the software; also defines usage.

Software License Audit Program A program that is executed by a software licensor or its
(SLAP) designated agency, as may be seen in a notification letter
of audit, without cause. This is a licensor exercising their
(licensee accepted) right to perform a license review to
ensure an organization is compliant with the licensor’s
terms and conditions.

Software Pool A virtual inventory of unallocated software licenses that


is maintained and available for re-deployment.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Stakeholder The stakeholder is the responsible party, often in


management with the power to authorize budget. The
term comes from the individual’s “stake” or involvement,
investing their authority and/or as the recipient of the
item being developed or requested. The stakeholder
term is used in Acquisition Management and Project
Management

Statement of Understanding (SOU) For the purposes of IT business applications, SOU offers
the sharing of resources (such as transport apparatus,
drivers and space) with different parties of the
agreement.

Statement of Work (SOW) A software vendor or services organization develops the


statement of work to describe the services to be
provided to the customer including tasks, deliverables
and price for a proposed project. A SOW is a legal
agreement requiring signatures.

Stiffing The practice of over-enforcing specific and possibly


obscure terms in an agreement. (see "Sharp Practices")

Stored Communications Act (SCA) Title II of the Electronic Communications Privacy Act of
1986 (ECPA), the Stored Communications Act, serves to
protect communications held in electronic storage, most
notably messages stored on computers.

Strategic data Tactical information which is highly critical to the overall


project.

Strategic Vendor A vendor classification to describe those relationships


where there is shared risk. The strategic vendor is
provided additional information about the organization
and is involved in organization-wide strategic business
initiatives with measured goals and a broader interest
than an immediate sales opportunity. Typically no more
than 5% of vendors are considered strategic.

Strength, Weakness, Opportunity, Strengths: attributes of the organization that are helpful
Threat (SWOT) to achieving the objective. Weaknesses: attributes of
the organization that are harmful to achieving the
objective. Opportunities: external conditions that are
helpful to achieving the objective. Threats: external
conditions that are harmful to achieving the objective. If
a clear objective has been identified, SWOT analysis can
be used to help in the pursuit of that objective.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Subscription Based License License schema in which the users renew the right to
use the software on a determined time basis during a
specified subscription period.

Super Digital Millennium Copyright Super Digital Millennium Copyright Act. A stronger
Act (DMCA) version of the legislation designed to control digital
media security and duplication codes. (see "DMCA")

Supply Chain Management (SCM) The total planning, implementation and control of the
supply chain operations as efficiently as possible. This
will include all movement and storage of raw materials,
work-in-process inventory, and finished goods from
point-of-origin to point-of-consumption.

Support Agreement A contractual agreement which defines the terms and


condition for support of a particular item. (I.e.; product
installation or problem help)

System Center Server Management A comprehensive software license schema for end-to-
Suite Datacenter (SMSD) end management of high-density virtual server
environments that includes the Enterprise Server
management licenses offered by Microsoft.

System Center Server Management A comprehensive software license schema for end-to-
Suite Enterprise (SMSE) end management of physical and low-density virtual
server environments that includes the Enterprise Server
management licenses offered by Microsoft.

Take back programs A legislated requirement for manufacturers to share the


responsibility of proper recycling. With these programs,
the manufacturer is required to accept return of the
hardware at the end of usefulness. The manufacturer
must then properly dispose of the asset.

Target A term used by the compliance industry that identifies an


organization that may be non-compliant.

Targeted Organizations Organizations determined by the compliance industry as


non-compliant.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Technical Personnel The Technical Personnel are responsible for the initial
asset evaluation including functional and nonfunctional
requirements, the configuration and installation of the
assets within the environment according to
organizational standards, and monitoring of the assets via
an automated discovery tool. The Technical Personnel
will also ensure that proper notification is maintained
concerning the status of the assets.

Technician time Organization's time which the technician uses to perform


their duties.

Terms and Conditions The conditions which define the rules, regulations, and
allocation of risk between two or more entities; also
referred to as clauses.

Thick / Thin Client Environment In a client / server architecture, Thick Client refers to a
network computer or server that performs the bulk of
the data processing operations. A Thin Client is a
network computer without a hard disk drive that is a
receiver of information from the server. One of the
main considerations for thin client use is cost
effectiveness.

Title 17 of the US Code Defines the copyright laws of the United States.

Total Cost of Ownership (TCO) A financial estimate designed to help consumers and
organizational managers assess direct and indirect costs,
commonly related to software or hardware. TCO is a
type of full cost accounting.

Tracking A process used to follow any activity during its lifecycle.

Trade Related Aspects of Intellectual International agreement administered by the World


Property Rights (TRIPS) Trade Organization (WTO) that sets down minimum
standards for many forms of intellectual property (IP)
regulation.

Trademark Law Treaty (TLT) 1994 The creation of the Trademark Law Treaty (TLT) was
meant to approximate and streamline national and
regional trademark registration procedures. This is
achieved through the simplification and harmonization of
certain features of those procedures, thus making
trademark applications and the administration of
trademark registrations in multiple jurisdictions less
complex and more predictable.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Treatment, Storage, and/or Disposal Those facilities that are designated under RCRA
Facilities (TSDF) guidelines that are associated with the generators and
transporters of electronic waste in the chain of waste
management activities.

Uniform Commercial Code (UCC) A uniform act that has been promulgated in conjunction
with efforts to harmonize the law of sales and other
commercial transactions in all 50 states within the United
States of America.

Uniform Computer Information A proposed law to create a clear and uniform set of
Transaction Act (UCITA) rules to govern such areas as software licensing, online
access, and other transactions in computer information.

Uniform Electronic Transactions Act One of the several United States Uniform Acts proposed
(UETA) by the National Conference of Commissioners on
Uniform State Laws. It brings into line the differing State
laws over such areas as retention of paper records
(checks in particular), and the validity of electronic
signatures, thereby supporting the validity of electronic
contracts as a viable medium of agreement.

Uninstall Removal of a product, or application, from an electronic


device.

Upgrade See: "Version Upgrade".

Value Added Reseller (VAR) Reseller of computer products that provides special
value beyond mere sales.

Vendor Management (VM) The reciprocal of Customer Relationship Management.


With Vendor Management, the customer controls his or
her relationship with vendors, rather than vice versa.

Vendor Management Personnel The Vendor Management Personnel directly support the
Vendor Manager. Some of the provided support will
include performance analysis, corrective action
management, vendor communications, score card
maintenance, and ongoing communication with the
Vendor Manager.

Vendor Manager The Vendor Manager is responsible for monitoring


assigned vendors as selected by the Program Manager.
Responsibilities encompass vendor communications,
score card maintenance, vendor crises management, etc.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Version Descriptive number or name related to an update or


change in a specific product.

Version Control A process that allows organizations to establish control


of the features & functionalities within the software
product.

Version Upgrade License Much like the competitive upgrade, the version upgrade
encouraged users to move from one version of an
application to another within the same software
publisher’s line of products. Again, incentives were
included to encourage the user to make the move. If
software is acquired under an upgrade program your
license to the upgrade version is dependent upon the
validity of the license of the original product on which
the upgrade was based.

Vicarious Liability A legal term used to describes liability of an employer


through the actions of an employee.

Virtual Machine (VM) A virtual machine (VM) is a software implementation of a


machine, such as a computer, that executes programs
like a physical machine thereby negating the need for
additional physical machines.

Virtual Private Server (VPS) The overall purpose of a virtual server is to have the
capability of partitioning a single server so that one
server appears and functions as multiple servers. A
virtual private server (VPS, also referred to as Virtual
Dedicated Server or VDS) is a method of splitting a
server. Each virtual server can run its own full-fledged
operating system, and each server can be independently
rebooted.

Volume License License schema in which multiple licenses are procured


during a single purchase.

Warranty The period of time during which the vendor will provide
free services to repair or replace the product, if defects
are uncovered during the specified period of time.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Waste Electrical and Electronic The European Community directive 2002/96/EC on


Equipment Directive (WEEE) waste electrical and electronic equipment which,
together with the RoHS Directive 2002/95/EC, became
European Law in February 2003, setting collection,
recycling and recovery targets for all types of electrical
goods.

Watch Dog Group A slang term used to describe the compliance agencies.

Whitepaper An authoritative report. Whitepapers are used to


educate customers, collect leads for an organization or
help people make decisions. A whitepaper can also be a
government report outlining policy.

Wide Area Network (WAN) A computer network that covers a broad area. (i.e., any
network whose communications links cross
metropolitan, regional, or national boundaries) Or, less
formally, a network that uses routers and public
communications links.

WIPO Copyright Treaty (WCT) Provides additional protections for copyright deemed
necessary by knowledge monopoly dependent industries
due to advances in information technology since the
formation of previous copyright treaties before it.

WIPO Performances and Phonograms An international treaty signed by the member states of
Treaty the World Intellectual Property Organization was
adopted in 1996. This treaty is a part of the Digital
Millennium Copyright Act (DMCA) and has two major
portions: Section 102, which implements the
requirements of the WIPO Copyright Treaty, and
Section 103, which arguably provides additional
protection against the circumvention of copyright
protection systems (with some exceptions) and prohibits
the removal of copyright management information.

Work Breakdown Structure (WBS) A fundamental project management technique for


defining and organizing the total scope of a project using
a hierarchical tree structure. A Work break down
structure is a method for defining and grouping a
project's tasks that encompasses the schedule, the
sequence and the resource assignment for the total work
scope of the project and also describes planned
outcomes instead of planned actions.

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.
GLOSSARY OF TERMS

Workstation An end-user based computing device, often referred to


as a PC or Desktop Computer. (see 'PC')

World Intellectual and Property One of the specialized agencies of the United Nations.
Organization (WIPO) WIPO was created in 1967 with the stated purpose "to
encourage creative activity, [and] to promote the
protection of intellectual property throughout the
world".

World Trade Organization (WTO) The only global international organization dealing with
the rules of trade between nations. At its heart are the
WTO agreements, negotiated and signed by the bulk of
the world’s trading nations and ratified in their
parliaments. The goal is to help producers of goods and
services, exporters, and importers conduct their
business.

1.1.4.2

Copyright © 2014 International Association of Information Technology Asset Managers, Inc. (“IAITAM”). All rights
reserved. Distributed by Pink Elephant.