Lately, I’ve been doing a lot of work around the implementation of Software Asset Management (SAM) tools for clients. I think it’s great that people are really focusing on SAM tools and, as well as the People and Process to go along with those tools.
In working on these implementations, the biggest surprise (to me at least) is the disorganization around software entitlements and agreements. To me, having an audit background, having complete and accurate records of software purchases (current and historical) is as important as having processes in place, as well as current and readily available discovery data.
Here are a few of my experiences working with clients which highlight why this is so important:
1. Documentation that is not only complete but not duplicated. For example:
a. Executed (signed) versus not Executed (unsigned) copies
b. Duplicates with folders/file dates different (yet the exact same document), etc. which causes additional confusion
As you know, unsigned copies of an agreement would not count as entitlements. Also, if you were to count both the executed and not executed copies, you would be double counting and may not even know it. The same goes for duplicates in this case.
2. Lack of a Centralized Contract Repository, which if in place, would result in the following:
a. Eliminating the need to hunt down document holders and helping to avoid the above
b. Avoid missing documentation altogether (what would you do in the case of an audit?)
c. Keeping documentation up to date on vendor acquisitions and mergers, which may be missing because (I suspect) most of them are under the previous vendor name. Not to mention the fact that some of these old software entitlements and agreements may have terms and conditions that are favorable to you, that you would like to keep such license metric or quantity changes
d. Readily available documentation – for things such as audits, but also the implementation of a SAM tool. I’ve seen many SAM tool implementations held up by the lack of software entitlements/availability. Most are concerned about discovery data, making sure that all assets are correctly inventoried and reflected in the SAM tool that they forget about how important software purchases are
As I mentioned previously, what would you do in the case where you are under audit from multiple Software Vendors if you did not have a handle on any of your software entitlements purchased from each vendors?
Perhaps you should consider acquiring a document retention tool, building something homegrown, or at the very least implementing standards and processes for the naming and storage of software entitlements.
Does anyone have any experience with any of the above? I’d love to hear some of the dos and don’ts that your journey has taught you…