English | Deutsch | Svensk

How Centennial Discovery helps organizations meet ISO 19770-1 requirements

What is ISO 19770?

ISO / IEC 19770 is an international standard, launched in 2006, that was developed to help organizations put in place processes and procedures for effective Software Asset Management (SAM).

The standard is designed to help manage risk, meet corporate IT governance requirements and generally improve the cost-effectiveness and availability of business software across the enterprise.

There are two parts to the standard:

• ISO/IEC 19770-1 focuses on the importance of the effective management of software assets (Part 1 was published on 9 May 2006)
  
• ISO / IEC 19770-2 defines the data requirements to support ISO 19770-1 (Part 2 has not been released).

The common misconception is that ISO / IEC 19770-1 is just about audit and software compliance. Although these are important components, the standard for SAM now embraces every aspect of a business and the way in which software and IT management processes and procedures are effectively managed by senior management.

Why do we need a standard?

First and foremost, many organizations have not taken the time to step back and review their increase in software spend over recent years.  If they did, many would be surprised to learn that they now spend more each year on software than they do on hardware or even high-ticket items such as company cars.

Yet while no responsible company would allow its cars on the road without ensuring they were taxed, insured and serviced, it’s difficult to say the same for an organization’s software inventory.

According to industry analysts such as Gartner, the average company is over-licensed on around 30 percent of their inventory and typically at least 30 percent under-licensed in other areas.  And while this may sound nicely balanced, rest assured the software vendors and licensing watchdogs won’t agree!  That’s why 2006 has seen record fines for non-compliance and the use of unlicensed software.

But it’s not all about compliance.  Every year, organizations waste millions in purchasing additional licenses that they didn’t need – whether because they fail to re-deploy existing applications, don’t take advantage of bulk / enterprise licenses or fail to go through the proper procurement channels.  

As such, the ISO 19770-1 standard for Software Asset Management is concerned with the entire lifecycle of the applications in use on your network, from purchasing to disposal.  The standard sets out six key areas of best practices designed to help all types of organizations save money, reduce compliance risks and increase operational efficiencies in software management. 

Another benefit of the standard is that it provides a clear set of guidelines for all parties with an interest in software management – whether it is the end user, the vendor, the supplying VAR or an industry watchdog such as the BSA, SIIA or FAST.  With the 19770-1 standard now formally endorsed and published by the International Standards Organization (ISO), all parties in the chain have a common set of rules to work from, which should make it easier for everyone to set and meet software management expectations.

How can Discovery help me meet the requirements of ISO 19770-1?

In total, there are 27 distinct processes which make up the ISO 19770-1 framework for the ongoing effective management of software assets.   While some of these elements are solely concerned with procedures that can only be managed manually, there are a number of requirements which can be met with significantly less effort if a suitable asset discovery tool is used.

The ability to accurately identify the software installed and in use (and it is important to understand the distinction between the two) on PCs and servers across the organization is critical to meeting the standard’s requirements for ongoing software management.

In the following section, we have mapped out examples of how Discovery helps with a number of key areas from the ISO 19770-1 SAM standard and how this award-winning audit solution is critical to gathering the right ‘IT intelligence’ required to ensure your organization makes the right decisions when managing software assets.

ISO 19970-1 requirements	Centennial Discovery capabilities
1. Control Environment Corporate governance Roles and responsibilities Policies, processes and procedures Competence for SAM	Create a dynamic baseline of audit information with executive reports designed for SAM projects Assign assets by OU, location etc and ensure multiple stakeholders have visibility of their respective areas Use dynamic information to check that polices (regarding purchasing, computer use, software deployment etc.) are complied with
2. Planning and Implementation Planning and implementation Monitoring and review Continual improvement and SAM	Use built-in wizards to plan timeframes, resources and budget for upgrades, migrations, change management and software asset management projects Monitor project progress and track changes to the network (hardware and software) in near real-time Discovery.Dashboard‘s unique web-reporting interface enables critical asset information sharing across multiple IT and business professionals within an organization Promote best practice procedures across all areas of the organization
3. Inventory: Software asset identification Software asset inventory management Software asset control	Build an accurate inventory of all software and hardware across servers, desktops, laptops Ongoing visibility of IT assets and their usage Identify the location of IT assets and visualise your estate using Discovery.Visual, which presents all discovered assets in a visual format Provide a focal point to monitor and control IT procurement practices
4. Verification and compliance: Software asset record verification Software license compliance Software asset security compliance Conformance verification for SAM	Identify unknown applications, their market name, publisher and licensable status with Discovery.Portal Perform gap analysis for over and under-licensed products Be alerted to software vulnerabilities with Security Advisor
5. Operations Management: Relationship and contract management Financial management Service level management Security level management	Understand software licensing position to help renegotiate SLAs with software and hardware vendors Automatically reconcile licenses bought to software assets discovered on the network Central repository of asset information, implementation and service delivery Facilitate IT budget allocation, cross billing amongst different departments and manage procurement processes Set a common security policy for the management of IT assets
6. Life Cycle: Change management and acquisition processes Software Development and release management Software deployment and incident management Problem management Retirement process	Track assets from purchase to disposal Establish visibility of different software versions deployed into the network Re-harvest unused/unwanted assets to other areas of the business Plan and monitor application, OS and patch deployments Provide comprehensive data that can be used to populate third party help desk solutions for problem/incident  management Integrate live asset information into Problem Management and Helpdesk tools

Centennial Software and its commitment to ISO 19770-1

Even prior to the introduction of ISO 19770-1 standard, Centennial Software has been a firm supporter of the need for improved software asset management.

Today, Centennial maintains close relations with a number of other vendors, watchdogs and independent parties who have an interest in helping organizations achieve SAM best practices.

Beyond ISO 19770-1

While many organizations will be tempted to view SAM as a distinct or even one-off project, it is important to understand the long-term benefits of the business practices and technologies involved in effective software management.

In terms of the chosen Discovery tool, it is important that firms maximize the ROI of the initial project by continuing to have a full and up-to-date view of the network, even after the initial SAM engagement is complete.   By maintaining a dynamic audit, it is far easier for managers to prevent the organization falling out of compliance, over-purchasing unnecessary licenses and losing control over what’s on the network.

And while a SAM project is concerned primarily with the software on the network, Centennial Discovery also gives multiple stakeholders across the enterprise invaluable information about the state of the hardware estate – from a simple device-by-device view of configuration through to more complex queries about build compliance, platform deployment and detailed upgrade wizards.   For more information about the full capabilities of Centennial Discovery, please visit:  http://www.centennial-software.com/products/discovery

 

Part of the FrontRange Solutions Infrastructure Management Group, Centennial Software develops IT Audit & Network inventory, Software Asset Management (SAM) and Endpoint Security Tools Centennial Discovery, License Manager and DeviceWall enable more than 6,000 organizations worldwide to manage their IT assets, license compliance and network security. Learn how full network audit, complete control of software licenses and effective USB security solutions can help drive cost, risk and complexity out of IT operations.

• Contact Us
• Privacy Policy

• Sitemap
• Terms of Use

Sign-up for our newsletters!