Previous Lesson
Next Lesson

IT Asset Management

Purpose

The purpose of the IT asset management practice is to plan and manage the full lifecycle of all IT assets, to help the organization:

  • maximise value
  • control costs
  • manage risks
  • support decision-making about purchase, re-use, and retirement of assets
  • meet regulatory and contractual requirements. 

The scope of IT asset management typically includes all software, hardware, networking, cloud services, and client devices. In some cases, it may also include non-IT assets such as buildings or information where these have a financial value and are required to deliver an IT service. IT asset management can include operational technology (OT), including devices that are part of the Internet of Things. These are typically devices that were not traditionally thought of as IT assets, but that now include embedded computing capability and network connectivity. 

Understanding the cost and value of assets is essential to also comprehending the cost and value of products and services, and is therefore an important underpinning factor in everything the service provider does. IT asset management contributes to the visibility of assets and their value, which is a key element to successful service management as well as being useful to other practices. 

Types of asset management 

Asset management is a well-established practice that includes the acquisition, operation, care, and disposal of organizational assets, particularly critical infrastructure. 

  • IT asset management (ITAM) is a sub-practice of asset management that is specifically aimed at managing the lifecycles and total costs of IT equipment and infrastructure. 
  • Software asset management (SAM) is an aspect of IT asset management that is specifically aimed at managing the acquisition, development, release, deployment, maintenance, and eventual retirement of software assets. SAM procedures provide effective management, control, and protection of software assets. 

Types of IT Asset

The activities and requirements of IT asset management will vary for different types of asset:

  • Hardware assets must be labelled for clear identification. It is important to know where they are and to help protect them from theft, damage, and data leakage. They may need special handling when they are re-used or decommissioned; for example, erasure or shredding of disk drives depends on information security requirements. Hardware assets may also be subject to regulatory requirements, such as the EU Waste Electrical and Electronic Equipment Directive. 
  • Software assets must be protected from unlawful copying, which could result in unlicensed use. The organization must ensure that licence terms are adhered to and that licences are only re-used in ways that are allowed under the contract. It is important to retain verified proof of purchase and entitlement to run the software. It is very easy to lose software licences when equipment is decommissioned, so it is important that the IT asset management process recovers these licences and makes them available for re-use where appropriate. 
  • Cloud-based assets must be assigned to specific products or groups so that costs can be managed. Funding must be managed so that the organization has the flexibility to invoke new instances of cloud use when needed, and to remove instances that are not needed, without the risk of uncontrolled costs. Contractual arrangements must be understood and adhered to, in the same way as for software licences. 
  • Client assets must be assigned to individuals who take responsibility for their care. Processes are needed to manage lost or stolen devices, and tools may be needed to erase sensitive data from them or otherwise ensure that this data is not lost or stolen with the device. 

Activities

IT asset management typically includes the following activities: 

  • Define, populate, and maintain the asset register in terms of structure and content, and the storage facilities for assets and related media
  • Control the asset lifecycle in collaboration with other practices (for example, upgrading obsolete software or onboarding new staff members with a laptop and mobile phone) and record all changes to assets (status, location, characteristics, assignment, etc.)
  • Provide current and historical data, reports, and support to other practices about IT assets
  • Audit assets, related media, and conformity (particularly with regulations, and licence terms and conditions) and drive corrective and preventive improvements to deal with detected issues. 

Contribution to the Service Value Chain

  • Plan – Most policies and guidance for IT asset management comes from the service financial management practice. Some asset management policies are driven by governance and some are driven by other practices, such as information security management. IT asset management can be considered a strategic practice that helps the organization to understand and manage cost and value. 
  • Improve – This value chain activity must consider the impact on IT assets, and some improvements will directly involve IT asset management in helping to understand and manage costs. 
  • Engage – There may be some demand for IT asset management from stakeholders. For example, a user may report a lost or stolen mobile phone, or a customer may require reports on the value of IT assets. 
  • Design & Transition – This value chain activity changes the status of IT assets, and so drives most IT asset management activity. 
  • Obtain/build – IT asset management supports asset procurement to ensure that assets are traceable from the beginning of their lifecycle. 
  • Deliver & Support – IT asset management helps to locate IT assets, trace their movements, and control their status in the organization.