IT asset management (ITAM) is not a project. You do not do it once and expect it to be finished. ITAM is a practice that needs to be nurtured and continually improved if it is to provide your organization with the value that it can—should—deliver.
Here’s what I often see: organizations beginning ITAM reactively, in response to an incident they have experienced. But, when that issue is resolved, the organizational focus on ITAM is deprioritized until the next incident. Then the project starts all over again. This constant rebooting of ITAM is never going to deliver its true potential value.
In this article, I want to share how ITAM goes wrong for many organizations. And then I’ll share my 10 best practices for making asset management a valuable, ongoing practice.
How ITAM goes wrong
My first exposure to this way of working was some 15 years ago. A lease refresh meant we had to find 1,000 Windows terminals. These were scattered in locations around the country—we had absolutely no idea where. It took over six months to account for around 80% of these assets. The company was penalized for late returns and missing devices. As part of the recovery exercise, we catalogued all the devices we found, thinking that the next lease refresh would be much simple. And it was.
But fast forward two years when 2,000 devices needed to be returned. The asset register was found to be woefully inaccurate. Devices had been moved, swapped out, or were just plain missing. The whole process of cataloguing devices had to start over from square one.
Imagine how much better things could have been had an efficient ITAM practice been developed and maintained in the preceding two years.
I know that this organization is not alone in this. Ask anyone working in ITAM why their company is investing, and they will most likely tell you about an event that finally brought the need for IT asset management to the attention of their management:
- Perhaps it was a failed audit resulting in a big bill from Microsoft or Adobe.
- Maybe there was a sudden need to apply patches on systems that were spread far and wide to ensure continued credit card processing capabilities (a common Payment Card Industry requirement).
There will be many reasons for the initiation of ITAM in an organization, but I have found few that established the practice proactively, rather than in reaction to a negatively impacting event. This needs to change. Let’s try shutting the stable door before the horse bolts!
10 steps to asset management success
Do a quick calculation on the value of the software and hardware that your IT organization is responsible for managing and protecting. That calculation will only give you the basic, physical costs of these items. It pays no attention to the value of business that these assets facilitate. This should tell you that ITAM is a fundamental practice that you need to initiate, maintain, and improve.
ITAM deserves your full attention. Don’t wait for a costly incident to kickstart the practice. Meet the challenge head-on and avoid the reputational and financial consequences that poor, or non-existent, ITAM can bring.
Where do you start? Establishing ITAM is a major undertaking, and I wholeheartedly recommend a one-step-at-a-time approach. Here are my 10 ITAM best practices, broken down into steps:
1. Enroll an active, visible executive champion
Find and enlist an executive sponsor who will actively and visibly champion ITAM. As with any organizational change, it’s unlikely you’ll succeed without a critical executive sponsor supporting your efforts. Better still, have more than one.
Without this, most ITAM initiatives fail or fade away as priorities and budget shift. A champion can also help evangelize the value ITAM delivers. Communications with management/understanding the value will keep the project funded.
Your ITAM project has to drive value…and be able to prove it.
2. Include your ITAM team from Day 1
Organize your ITAM implementation team thoughtfully. Bring them in at the beginning and allow them to build the practice from the ground up. If people are handed a process, they may follow blindly.
When people are involved in the process—not simply told how to execute it—then they are invested in it and more likely to help evolve and improve it over time
3. Start with a pilot
Don’t try to do everything at once! A big-bang approach is almost certain to fail. Pick a manageable pilot, work on that, test the process, and improve before extending it to other areas.
The Plan Do Check Act (PDCA) Cycle
4. Define critical assets
Define the criteria for what constitutes a critical asset. It may be a specific type of hardware. It may be certain software titles. Discovery tools are going to give you a huge asset list. Some assets will require more oversight or management than others.
Making an early decision on what assets deserve full attention will be critical to your success. Why? Because it will stop you from being overwhelmed by the data that you are delivered.
5. Use a lifecycle-based approach
Follow a lifecycle-based approach to ITAM—don’t try to reinvent the wheel. IT asset management starts from the time the request for purchase is made and ends after a device is deprecated (reclaiming software licenses and maintaining the historical asset information, of course.)
6. Decide whether to use a CMDB
Do you have a CMDB? It’s not necessary for all organizations, but it can be a useful way to:
- Manage configuration items (Cis), including IT assets
- Understand how CIs and assets are interconnected and what services they support.
- Normalize data from multiple sources.
Be thoughtful about what data you choose to feed the CMDB. While it can be an important single source of truth, it doesn’t need to contain every piece of data you have. Only include what adds value.
Automation will improve your ITAM practice. Wherever you can introduce automation, do it. Constantly look for new opportunities for automation as technology in this area is developing almost daily.
Whatever you are manually or repeatedly doing today, ask yourself, “Can this process be automated?” Odds are the answer is “yes.” From patching, to application deployment, to reporting—there are many opportunities to set it up once and forget it.
8. Exploit your data
Are you making the most of the data you have collected? Consider who in your organization may benefit from ITAM data, or from the access to manage device changes in an automated or remote fashion.
One of the most common integrations is with the service desk. Integrating ITAM data with the service desk can:
- Result in fewer escalations
- Automate self-service fulfillment for certain requests
- Increase the overall satisfaction rate for both the business user and for IT.
Change management can also benefit from the asset data, ensuring that changes do not result in unplanned outages or other issues that could impact critical services or business users.
9. Know your software licenses
When it comes to software license management, knowing what you are entitled to have deployed is critically important. More often than not, organizations fail software audits for over-deployment because they can’t prove exactly what they have the right to have deployed.
Don’t guess here. Make sure you have the license documentation. Make sure your ITAM processes compare deployed instances with this information. This will ensure there are no nasty surprises in store when the software auditor comes calling.
10. Gather feedback for continual improvement
Allow for a feedback mechanism to facilitate continual improvement. Plan for process change and evolution. The longer you run and the more you integrate ITAM across your environment, the more you will learn.
And the one thing that ITAM will teach you is that everything is always changing—IT is one of the least static environments out there. If you are managing something that is constantly changing, odds are you will need to change how you manage right along with it.
Nurture your ITAM practice
These ten practices are just a starting point, remember that ITAM needs to be constantly fed and nurtured. Neglecting your ITAM processes, even for a short period of time will reduce the value of the entire practice. An incomplete or inaccurate dataset can cost you more than having no data at all.
For related reading, explore these resources: