What is ITAM?
IT Asset Management or ITAM is a set of business practices that takes financial, inventory, contractual, and risk considerations in managing the life cycles of various IT assets. Its main purpose is to maximise the value of these assets while also minimising risk.
To elaborate, ITAM is designed to bring down costs typically incurred throughout the lifecycle of an asset. This may include licensing, support, and maintenance costs. At the same time, ITAM is also aimed at minimising financial, operational, and legal risks.
The assets covered by ITAM traditionally consist of locally installed software (e.g. operating systems, office suites, server applications, databases) and stationary hardware (e.g. desktops and servers) but now can also include mobile devices (e.g. laptops, tablets, smartphones) as well as virtualisation environment and cloud assets.
Note that only those items that have significant value to the organisation are usually managed. So, for example, a regular USB stick may not be included in ITAM initiatives. There are no hard and fast rules that dictate which items should be included in or excluded from ITAM. This decision depends on the organisation.
The people charged to lead ITAM activities in a company are usually the IT Asset Manager, IT Asset Management Program Manager, or IT Asset Analyst. However, in practice, IT asset management is really a collaborative effort between several members of the organisation.
For instance, in asset acquisition, which is just one of the activities normally governed by ITAM, the people mentioned earlier will have to work closely with the acquisition manager, the end users, technical staff, the financial manager, and other stakeholders.
Processes and areas under ITAM
A complete ITAM program incorporates a number of processes. The International Association of Information Technology Asset Managers, Inc (IAITAM) identifies the following as the key process areas that fall under ITAM:
● Acquisition Management
● Asset Identification
● Communication and Education
● Compliance Management
● Disposal Management
● Documentation Management
● Financial Management
● Legislation Management
● Policy Management
● Program Management
● Project Management
● Vendor Management
ITAM can be further subdivided into two asset management disciplines – Software Asset Management or SAM and Hardware Asset Management or HAM. Although the emergence of virtualisation environments and cloud computing environments will likely require a third discipline, we’ll just take up SAM and HAM for now.
Software Asset Management
As with ITAM, which is the overarching discipline, Software Asset Management or SAM is subsequently aimed at maximising the value and ROI of software assets. One of the main processes undertaken to achieve this is software license compliance. Software license compliance mitigates legal and reputational risk by ensuring that the company has the appropriate licenses for each software in its possession.
In addition, SAM also involves other processes like inventory, auditing, and redeployment of software assets. Software inventory management can inform decision makers when purchasing additional software. Internal software audits, on the other hand, are meant to discover policy violations, risks to data security, and potential problems in workflows. Lastly, redeployment enables the company to make use of aging software in business units that may still find them valuable.
Hardware Asset Management
HAM is similar to SAM, except that it’s aimed at hardware assets. In other words, it also deals with things like inventory, auditing, and redeployment. Unlike software, however, which for inventory purposes, can often be tracked through automated scanning solutions, hardware assets are not as easily accounted for. To eliminate human errors and expedite tasks in hardware inventory management, some companies employ bar code and RFID tags.
One thing that’s unique to HAM though, is disposal. You don’t see this in SAM. Hardware disposal planning helps companies mitigate risks in data security and minimises recycling issues when the time comes to dispose a particular hardware asset.
Mobile devices, in particular, present unique challenges in disposal management. Most mobile devices in a BYOD environment contain both personal and enterprise data. And so, companies have to take that into consideration when architecting their mobile asset disposition programs. Companies must make sure the data stored on a mobile device must be completely wiped clean before turning it over for disposition.
Now that we have an overview of what ITAM is, let’s now talk about ITSM.
What is ITSM?
While ITAM’s main concern is maximising the value of IT assets, ITSM or IT Service Management is more concerned with maximising value and delivery of IT services. It consists of policies, processes, technologies, and procedures for planning, designing, delivering, supporting, and managing IT services.
There are several different processes under the ITSM umbrella but the most common ones are the following:
● Incident Management – This process deals with IT issues and is often associated with a help desk or service desk
● Change Management – Sees to it that changes in the IT environment are done in a well-coordinated fashion and with the least amount disruption to the business.
● Service asset and configuration management – An ITIL process that’s focused on IT assets and the relationships between those assets. The ‘asset’ part of this process is, for all intents and purposes, ITAM. So, yes, ITAM can be considered a component of ITSM.
We just mentioned ITIL in that last item. Because ITSM is often confused with ITIL or Information Technology Infrastructure Library and because these two are indeed closely intertwined, we figure it would be best to explain what ITIL is and how it fits into the ITSM discipline.
How ITIL is related to ITSM
Contrary to what some people think, ITIL is not an alternative to ITSM. Rather, it’s actually a best practice framework for executing ITSM. Think of the class/object and cookie cutter/cookie analogy commonly used in OOP. That’s how ITSM is related to ITIL. ITIL’s not the only framework out there though. Other ITSM frameworks include:
● COBIT (Control Objectives for Information and Related Technologies)
● Microsoft Operations Framework
● Six Sigma
● ISO 20000
● TOGAF (The Open Group Architecture Framework)
We can’t discuss all of these frameworks in a single article. So, to give you an idea what ITSM is, let’s focus on what is arguably the most widely used ITSM framework in the world; namely, ITIL.
ITIL is mainly composed of five (5) IT service lifecycle stages: service strategy, service design, service transition, service operation, and continual service improvement.
Service strategy is basically concerned with that stage where the IT service organisation starts laying down the plan for achieving business objectives. Here, the organisation determines things like:
● what services are available and how much they will cost;
● what each service does;
● what physical and intangible assets are needed to support the said services; and
● what capacities, availabilities, and demands are associated with each service
This tackles the design of everything needed to deliver a particular service. It includes not just the technologies, but also the process as well as management aspects. Some of the processes /management involved here include:
● Service level management
● Availability management
● Capacity management
This deals with things associated with changes to a service, including what needs to be done when a service is retired. A few of the services under service transition include:
● Change management
● Knowledge management
● Service asset and configuration management
If you recall, that third item subsumes ITAM. Now you know where ITAM specifically sits in the ITIL framework.
This is the part that deals with the actual delivery of the services, and involves service levels, incident handling, and request fulfillment, among others. In other words, this is where activities pertaining to service desks, call centers, and help desks are found. So, this area includes:
● Event management
● Incident management
● Request fulfillment
Continual service improvement
To meet changing business needs, IT services need to be realigned from time to time. That’s where continual service improvement or CSI comes into play.