When the ISO/IEC 19770-1 international standard for Software Asset Management (SAM) was launched in summer 2006, many in the SAM expert community were no doubt expecting great things, perhaps envisioning a time in the not too far distant future where organizations would treat SAM professionalism with the same respect that many apply to standards such as ISO 9000.
However, three years on and (to the best of this SAM market observer’s knowledge) not a single organization anywhere worldwide has been fully accredited as conforming with the ISO 19770-1 standard. A few may be close, but none are quite there yet.
Why is that? Why haven’t we yet seen widespread adoption of the international SAM standard?
We know it’s not due to a lack of interest in SAM. Although SAM adoption still lags behind where we (in the SAM community) would like it to be, the fact is that adoption of SAM technologies and best practices is definitely on the rise.
It’s not difficult to find reasons why. Industry analysts Gartner recently reported that the likelihood of an organization receiving at least one vendor software audit has risen to 56 percent in 2009 (compared with 30-35 percent in 2008). Add to this the fact that research conducted by FrontRange showed that most organizations are currently over-spending on their software assets and its easy to see why more and more organizations are beginning to take software management seriously.
But despite this growing adoption of SAM, we’re not seeing organizations flock to the ISO 19770-1 standard.
The answer then must lie in the standard itself (although, interestingly, according to the ISO, it actually ’sells well’ from their website). Despite it being a very comprehensive and worthy standard, one criticism that is cited over and over again is the complexity of the requirements and the (perceived) daunting nature of the task of achieving full conformance.
Many organizations come to the conclusion that they can achieve their goals without adhering to the minutiae of the standard. But while that might be ‘good enough’ for today, will it be good enough in the future?
However, there may be hope on the horizon.
The proposed ISO 19770-4 standard for ‘Staged adoption of SAM processes’ has the aim of making ISO 19770 adoption faster and easier by breaking down the key requirements of the standard into separate ‘modules’.
It is hoped that this will a) remove some of the fear around the standard and b) prompt organizations to see SAM adoption as a gradual exercise rather than an ‘all-or-nothing’ approach.
‘Dash four’, as it is know within the inner circle, could comprise a staged approach of four tiers, each moving the organization’s approach to SAM forward both in terms of complexity and maturity. Under this kind a program, the four tiers might look something like:
- Tier One – Trustworthy Data – creating an accurate inventory of everything to be managed
- Tier Two – Practical Management – implementing basic management controls
- Tier Three – Operational Integration – making SAM a part of daily IT Operations (such as ITSM)
- Tier Four – Full ISO Conformance – where SAM becomes a strategic enabler to the business
Unfortunately, doing a search for “ISO 19770-4″ on the internet won’t yield many useful results yet. But according to a reliable source the plans are well afoot to bring ‘dash four’ to market as quickly as possible.
For this particular commentator, ISO 19770-4 appears on first hearing to perhaps be what ISO 19770-1 should have been from the start. It will be interesting to see what final form it takes and whether it can increase the appeal of a SAM standard in the wider world.
Matt Fisher is a Director of Marketing with SAM vendor, FrontRange Solutions. Learn more at www.frontrange.com.
This entry was posted on Thursday, October 1st, 2009 at 12:36 pm and is filed under Software Asset Management.