Blog Layout

ITAM Primer - The Program Manager's Guide to IT Asset Management

Part 1: Setting the Stage

“To know what you know and what you do not know, that is true knowledge.” — Confucius

EXECUTIVE SUMMARY

I had the privilege to work with over a thousand IT Asset Managers from around the world and learn from them effective practices when implementing an ITAM Program. What is presented here is the collection of practices from hundreds of programs. It’s not theory, it is practical, and it is proven.


The need for ITAM has grown over the decades from advances in technology and decreasing costs. These advances have made technology easier to use and no longer require an IT expert to administer. This evolution, however, has created a significant problem – the decentralization of the business administration of IT.


In the early days of IT, executives had to approve the purchase of the mainframe computer and software. With executives being involved, this ensured a direct connection between cost and ROI. As the adoption of desktops, laptops, and servers grew, executives began losing insight into what was being purchased and for what business purpose. The IT budget now includes tens of thousands of assets. At the same time, risks from using IT also began to grow. Legislation was passed to protect privacy and the environment, while hackers realized corporate data and the destruction of business operations was lucrative. Whether it was the growing complexity of IT or the lack of insight into how IT impacts the business, the CEO left the responsibility of IT in the hands of the CIO or CTO. What followed were questions such as “how do we align IT with the business?” and then the obligatory articles and consulting services. Still, the gap between IT and business continues to this day.


Fact: Every dollar, pound, euro, or yen is touched by IT, which means cutting a small percentage point off that income before you plan on spending it.


Fact: Every organization needs IT to run its business, and its competitors can beat them with better technology.


ITAM is designed to maximize the value of your IT investment while minimizing its risk. ITAM achieves this by representing the interests of all parties who have a stake in IT’s performance – including the executive team. To represent your interests, you must enable ITAM to define the program’s requirements. These are the requirements of all departments that feed the ITAM program with data. This data is used to create accurate, complete, and timely information needed to run the business successfully.


The ITAM Program is not meant to hinder or slow progress. It is intended to ensure your organization uses IT to its benefit. Without executive management buy-in and support, the ITAM Program is constrained, left to the heroics of a few to implement, limiting its value.


 

GOOD NEWS AND BAD NEWS

Adopting ITAM should not be the discussion. If an organization buys, receives, deploys, and stops using IT, by default it already has IT Asset Management, however inefficient.


The good news? You don’t have to debate whether to adopt ITAM since you already have it.


And the bad news? ITAM must be sold to executive management, IT, IT security, legal, HR, finance, business unit leaders, and users. Funding and resource allocation is also a challenge. The longer ITAM has been ignored, the longer it will take to implement a proper ITAM program. ITAM is as much a people issue as a process and tools issue, if not more.


So, what makes ITAM such an excellent investment? Investing in ITAM for the benefit of one department most likely benefits other departments. It would be difficult to identify another investment in a business’s core competency that yields such significant return. ITAM accomplishes this by realizing value from an organization’s IT investment.


 

THE ITAM VALUE PROPOSITION

ITAM Value is based on four principles: financial, risk, compliance and efficiency

ITAM maximizes the value of an organization’s investment in technology while minimizing the risks of using technology. Value is measured in both soft and hard dollars.


ITAM bases value on four principles: financial, risk, compliance, and efficiency.

FINANCIAL

Two IT budget metrics, ROI and TCO, are estimated before acquiring an asset. The ROI and TCO exercise vary based on the asset type. For example, acquiring an ERP is a complex process for estimating the ROI and the TCO compared to a technology refresh of laptops.


By managing and tracking IT assets, ITAM provides transparency if and how IT assets are used. No one wants to spend money on something that is never used. How the IT budget is spent is of great interest to finance and executive management. It also forms the basis for chargebacks.


Finally, taxation takes many forms, including sales tax, use tax, import tax, and depreciation. ITAM ensures the organization follows the tax laws and takes full advantage of tax credits.


RISK

Using IT assets brings risk to the organization. Cyber security depends on ITAM’s asset lifecycle management and is required by several frameworks. Security not only protects organizations from being shut down, but cyber security also protects the organization’s intellectual property. Finally, there are the liabilities an organization inherits from employees using the organization’s assets, such as vicarious liability. These risks are lessened when there is visibility into what is owned by the organization, how IT is used, and who uses the technology.


COMPLIANCE

Organizations have compliance requirements originating in the countries where they operate or international laws. Examples of statutes include GDPR, HIPAA, EPA, WEEE, and copyright laws. ITAM supports the organization's compliance efforts by adequately managing IT assets. Whether disposing of hardware according to EPA requirements, tracking systems with PII data, or enforcing software compliance, ITAM’s discipline for managing IT assets is instrumental in the organization’s compliance efforts.


EFFICIENCY

ITAM advocates defining roles for the use of IT, and these roles are assigned to end-users. From the roles, IT standards are developed. IT standards reduce the complexity of the technology portfolio and create an opportunity for volume purchases, streamlining processes, and vendor agreements. The efficiencies gained through a managed IT portfolio benefit IT, the IT Service Desk, IT Security, Finance, receiving, disposal, and end-users.


Because ITAM is a horizontal function that should be a core competency, its practices can benefit several functional areas within the organization. An investment in developing a feature for one department most likely can benefit other departments. It is quite clear ITAM brings value, but how did we get to need ITAM in the first place? If so much value exists, why isn’t everyone adopting ITAM?

Part 1: Setting the Stage Assessment Questions

What value is ITAM bringing to the organization?

What departments and executives are aware of this value?

Does the organization see ITAM as bringing value?

Review for Part 1: Setting the Stage

In review ….

  • An organization that has IT assets has ITAM.
  • The ITAM value proposition consists of four principles: financial, risk, efficiency, and compliance.
  • The financial principal includes ROI, TCO, budget, chargebacks, and taxation.
  • The risk principle includes security challenges.
  • The compliance principle addresses the laws that apply to the organization.
  • The efficiency principle includes the operating efficiencies created by the ITAM Program.

HOW DID ITAM BECOME A CORE COMPETENCY?

Mainframe Timeline

In the beginning, there was the mainframe. Only the largest organizations could afford the mainframe and the software, staff, and facilities that came with it. The team was highly specialized, applied a disciplined approach to change management, and was most likely viewed as wizards administering a necessary evil that few outsiders understood. Users of the mainframe accessed its services through a dumb terminal – a type of computer with no storage, just a display and keyboard. No one ever purchased a mainframe on their corporate credit card. No user ever downloaded and installed software. The mainframe was centralized IT at its best. But all of that was about to change.

Technology doesn’t stand still, and the personal computer (PC) was born. Dismissed as a toy by some, the PC put the personal in computing. And with the PC came a whole host of problems. These micro mainframes had storage and the ability to run software and later become networked. But the technology innovators were not done. The PC had one issue – it wasn’t portable.


The laptop took personal computing to the next level – mobility. Now you can carry a nine-pound computer with you everywhere you go. It could be connected to the network or not. You could use the laptop on a plane; you could use it on a train. You could use it in a car; you could use it near and far! It was a game changer with even more risks because the computer could operate outside the corporate network. But the laptop still wasn’t quite mobile enough for us.


While the Blackberry smartphone was popular with businesspeople and IT loved the centralized management, the iPhone took the world by storm. When the iPhone was first launched, articles were written with a title like “IT Will Not Allow the iPhone on the Corporate Network!” Within six weeks, these articles changed to “IT Struggles with iPhone Adoption.” The reason for this about-face was simple – an executive purchased an iPhone, came into the office, handed it to an IT person, and said, “here, make this work.” Nothing like an executive to shatter your IT standards or your career if you refuse! But a more significant event was occurring that would change the entire IT management landscape.


The iPhone moved us from IT-driven technology to consumer-driven technology. The end-user was now dictating the types of devices they wanted to use, and as hard as IT pushed back, the boat had left the dock. This brings me to these two rules of technology:


  1. Technology changes
  2. IT and ITAM can’t change rule number one.


The iPhone and the Android devices gave the user much more control and, indeed, mobility. These smartphone users became their own administrators. Some organizations even allowed employees to bring their own devices (BYOD) to work, which some CFOs loved because they thought the company wouldn’t have to pay for IT assets! This, of course, indicated the lack of understanding of TCO. While these devices were cool, a bigger screen was still missing!


Enter the iPad. A device that had some people confused because they wanted to use it as a laptop. But it wasn’t a laptop; it was a tablet. Indeed, not the first tablet but with the success of the iPhone, the iPad experienced great success. This device had the same risks as smartphones, mainly the user’s ability to administer it, store sensitive data, and lose it. These mobile devices were great and networked well with the internet, making work or play from anywhere possible.


As access to the internet became more ubiquitous and faster due to greater bandwidth and changes to hardware, technology companies took advantage by making their products and services accessible over the internet. The result was the formation of the cloud, which took the world by storm due to the global outbreak of COVID. The “cloud” was nothing new, but this version was aided by a perfect storm of faster hardware, greater internet bandwidth, mobile devices, and remote work due to COVID. The decentralization of IT is now in full swing.


During this time, the Internet of Things (IoT) is quietly evolving into what has been coined the “fog layer.” It’s a layer of sensor-type devices communicating with controllers that then, in turn, communicate with the cloud. The sensors and controllers make up the fog layer. The impact of IoT continues to be assessed as of this writing. However, it continues with fracturing IT’s control over the landscape.


What may not be clear is the impact advances in hardware play in the overall evolution of these systems. For example, the iPhone could not have succeeded without the advances in cellular technology. Moore’s law saw an increase in computing power while a decrease in cost. But at the same time, advances in power consumption, batteries, and heat dissipation permitted smaller devices. I call these technology enablers because they enable other technologies that people see and touch. Why should you care? By monitoring technological advances, you may see the next iPhone coming and then prepare your ITAM Program for its arrival.


SO WHY ITAM?

The need for ITAM was born out of the loss of control by IT. The decentralization of IT started with the PC and has continued and accelerated ever since. The mainframe IT staff were the guardians of IT’s spend, which was significant and new to executive management. Because of the cost, investments in IT had to be tied to business objectives with a realistic ROI or competitive advantage. The risk was consolidated as well. The number of IT assets in the mainframe era was significantly less than today, and yet the lowest-cost asset was still expensive. Today’s IT assets are affordable to the end user, and many software assets are free. Risk is spread across the end-user population. The following table compares the cost, risk, controls, and management efficiencies between present-day assets and the mainframe era (SUM is read as the “sum of all”).

Present Day Mainframe Era
SUM (IT asset costs) > SUM (Mainframe assets)
SUM (IT asset risks) > SUM (Mainframe risks)
SUM (IT controls) > SUM (Mainframe controls)
SUM (IT efficiencies) < SUM (Mainframe efficiencies)

The business administration of IT assets includes managing the asset from a financial, risk, compliance, and efficiency perspective. Often these four principles are divided across multiple groups such as finance, IT security, legal, and IT, plus the vested interests of the end user and business units. Because of the decentralization of IT into the hands of non-IT people, the business administration of IT assets needs to span the entire organization. Yet these non-IT individuals have little interest in business administration – they just want to use IT for their perceived purposes. Thus, the reason for ITAM.


An IT Asset Manager possesses the unique skill to span the divide between IT and everyone else in the organization to administer IT assets from a business perspective. From the business perspective, value and risk reduction are realized from the organization’s investment in IT.

Part 1: Setting the Stage Assessment Questions

Just for fun, what technology enablers do you see occurring right now?

Review for Part 1: Setting the Stage

In review ….

  • Technology has become more personal, with computing power now in the hands of the user instead of relying on a centralized computer.
  • The cost of present-day technology is very affordable for the end user.
  • Power and affordability led to the decentralization of the management of technology.
  • The decentralization aligned with silos within the organization requires the need to coordinate each vertical’s interests and activities through ITAM.

ITAM IQ Is Your Gateway to Modern ITAM


Our expertise enables individuals to advance their ITAM program for the future by providing next level IT Asset Management best practices knowledge. These practices create a symbiotic relationship between ITAM and departments such as IT Security, IT, Finance, and HR by working in tandem to provide heightened information quality which significantly reduces risks, creates greater financial benefits, further enhances compliance, and increases efficiencies.

Where to next?

  • ITAM and IT Security team collaborating on the best way to keep their organization's data safe.

    ITAM and Cyber Security

    We will show you how ITAM can be IT Security's proactive arm.

    Learn more →
  • Share by: