ISO / IEC 19770 is an international standard, launched in 2006, that was developed to help organizations put in place processes and procedures for effective Software Asset Management (SAM).

The standard is designed to help manage risk, meet corporate IT governance requirements and generally improve the cost-effectiveness and availability of business software across the enterprise.

There are two parts to the standard:

• ISO/IEC 19770-1 focuses on the importance of the effective management of software assets (Part 1 was published on 9 May 2006)
  
• ISO / IEC 19770-2 defines the data requirements to support ISO 19770-1 (Part 2 has not been released).

The common misconception is that ISO / IEC 19770-1 is just about audit and software compliance. Although these are important components, the standard for SAM now embraces every aspect of a business and the way in which software and IT management processes and procedures are effectively managed by senior management.

First and foremost, many organizations have not taken the time to step back and review their increase in software spend over recent years.  If they did, many would be surprised to learn that they now spend more each year on software than they do on hardware or even high-ticket items such as company cars.

Yet while no responsible company would allow its cars on the road without ensuring they were taxed, insured and serviced, it's difficult to say the same for an organization's software inventory.

According to industry analysts such as Gartner, the average company is over-licensed on around 30 percent of their inventory and typically at least 30 percent under-licensed in other areas.  And while this may sound nicely balanced, rest assured the software vendors and licensing watchdogs won't agree!  That's why 2006 has seen record fines for non-compliance and the use of unlicensed software.

But it's not all about compliance.  Every year, organizations waste millions in purchasing additional licenses that they didn't need ' whether because they fail to re-deploy existing applications, don't take advantage of bulk / enterprise licenses or fail to go through the proper procurement channels.  

As such, the ISO 19770-1 standard for Software Asset Management is concerned with the entire lifecycle of the applications in use on your network, from purchasing to disposal.  The standard sets out six key areas of best practices designed to help all types of organizations save money, reduce compliance risks and increase operational efficiencies in software management. 

Another benefit of the standard is that it provides a clear set of guidelines for all parties with an interest in software management - whether it is the end user, the vendor, the supplying VAR or an industry watchdog such as the BSA, SIIA or FAST.  With the 19770-1 standard now formally endorsed and published by the International Standards Organization (ISO), all parties in the chain have a common set of rules to work from, which should make it easier for everyone to set and meet software management expectations.

In total, there are 27 distinct processes which make up the ISO 19770-1 framework for the ongoing effective management of software assets. While some of these elements are solely concerned with procedures that can only be managed manually, there are a number of requirements which can be met with significantly less effort if a suitable asset discovery tool is used.

The ability to accurately identify the software installed and in use (and it is important to understand the distinction between the two) on PCs and servers across the organization is critical to meeting the standard's requirements for ongoing software management.

Even prior to the introduction of ISO 19770-1 standard, EasySAM has been a firm supporter of the need for improved software asset management.

Today, EasySAM maintains close relations with a number of other vendors, watchdogs and independent parties who have an interest in helping organizations achieve SAM best practices.

While many organizations will be tempted to view SAM as a distinct or even one-off project, it is important to understand the long-term benefits of the business practices and technologies involved in effective software management.

In terms of the chosen partner, it is important that firms maximize the ROI of the initial project by continuing to have a full and up-to-date view of the network, even after the initial SAM engagement is complete.   By maintaining a dynamic audit, it is far easier for managers to prevent the organization falling out of compliance, over-purchasing unnecessary licenses and losing control over what's on the network.