As an IT Asset Manager, your role is probably twofold, on one side, you play an inventory role by keeping track of all IT assets and on the other side, you play a financial role by helping the organization understand the IT asset spend. You do this by contributing the IT asset financial data required to determine the total cost of ownership of IT services, systems and applications. This dual role presents the IT asset management team with the opportunity to also contribute to the IT department’s mission to deliver efficient and Lean IT to the organization.
In any organization, properly implemented IT Asset Management (ITAM) will have a dramatic and positive affect on the IT department’s ability to delivery of IT services to the organization, to track valuable IT assets and to provide the financial IT transparency when it comes to these assets. There is hardly an IT service that uses hardware and software that cannot benefit from a top-down review of all of the processes and procedures that are used by IT to deliver and operate IT to the organization. In this article, I will cover the five steps that an IT Asset Management Team (even if it is a team of one), can do to better enable the IT department’s ability to better deliver and operate IT services, systems and applications.
Gain Stakeholder Support
Identifying the ITAM stakeholders is the first step towards successful implementation of any ITAM practice. Identify those that will benefit by the process improvements and/or the IT asset data that you can deliver. Be careful with stakeholders; remember to manage expectations, gather their requirements, try to address their concerns, never stonewall them and provide them with progress updates of your efforts. Doing this will help you to not only gain credibility, but retain it for those times where process improvements may present challenges to them. Not all of your stakeholders will be in IT, so be sure to include anyone that has a stake in the IT asset management data or the lifecycle of IT assets. Some organizations hire IT asset managers without totally understanding what an experienced and skillful IT asset manager can bring to the table; they hire for an audit finding or for just inventory keeping purposes, and fail to understand how the IT asset manager, with his or her specific skill set can improve and enhance IT’s ability to deliver on their business purpose.
Be sure that IT at large understands your role and purpose as you begin to ask questions, gather data and engage with IT areas. Often IT Asset Managers are a part of the IT service management office/department, which should make this job easier, but if you are assigned to another area, such as finance for example, you will need your immediate management’s assistance with helping IT understand your role and what value you bring. Keeping IT leadership involved will help you as you begin to propose lifecycle management process enhancements or new processes that will correct process deficiencies and reduce or eliminate risk and improve overall efficiency (Lean IT). Leadership buy-in for lifecycle management process improvements is essential; by getting this buy-in you should be able to get the resources and support that you will need, with less resistance and perhaps, if done right, IT will welcome you with open arms. In many cases you will find that by proper engagement, IT leaders and operators will tell you what problems they think need to be fixed; these hints will be helpful to you in the next phase of ITAM implementation. By making sure that IT at large understands what value properly implemented IT asset management can bring to them, you will build value in your role and in the skills you bring to the table that will enhance IT’s ability to deliver and maintain their services, systems and applications.
Classify IT Hardware and Identify Their Individual Lifecycle Management Process
The first thing for IT Asset Management to do is to determine the classes of assets that make up the IT environment. Understanding how each of these asset classes arrive, are stored, move about, operate and finally exit an organization will help you with this step. Because asset classes can often have varying lifecycles and use multiple and varying processes as they move through the IT lifecycle, it is important, again, to engage IT leaders and operators to understand the current states of IT lifecycle processes.
Determine Risk and Prioritize Efforts
After classifying the assets and determining the processes used to manage them (current state), you will need to conduct process gap analysis. In this analysis you will expose risks, test controls and formulate an initial plan to address these gaps and risks. You are looking for improvement opportunities and the obstacles that may impede improvement. Determining the risk that IT assets pose will help you to prioritize which asset classes and their accompanying lifecycle processes you will need to improve first. Each asset class presents its own set of challenges and should be governed and managed to avoid or mitigate them from such exposures as legal, security and environmental. I recommend getting Information Security (IS) to assist with the risk determination, after you have done some preliminary analysis and risk determination on your own.
In my experience I have found that by working with IS, you have everything to gain and nothing to lose. The IS department can give you valuable credibility, which you will need to leverage when you begin your improvement and enhancement efforts. You are also demonstrating that you are working in the financial and security best interests of your organization. ITAM and IS should work closely together to not only analyze risk, but properly prioritize these risks. This joint effort will get the attention of leadership and quite possibly help you and your immediate leadership the help that they need in order to secure needed resources to address the highest risks associated with IT.
After you have completed your analysis and risk assessment by asset class, you, along with IS, should present your results and recommendations for improvement to IT leadership. IT leadership will then be armed with sufficient information needed to provide or request the resources necessary to address any uncovered security, operational and financial risk posed by IT assets, and you will gain the credibility necessary to affect the needed changes to help IT deliver and operate the business services, systems and applications, thus enhancing their role in your organization. Most likely, this step will take a considerable amount of time and effort; however, the investment of time in this step will reap dividends down the road as you work to implement new processes, mature current processes and make enhancements to those that are mature.
Create and Maintain ITAM Process Road Maps
Once you have determined your priorities, you will then place them on a roadmap. I recommend both a short-term and a long-term roadmap. It must be communicated clearly to IT leadership that improvements will take time, often years, depending upon what you have uncovered, so keeping a current roadmap that reflects your short term (12 month) projects will not overwhelm either you or your leadership; however, your long term roadmap should be briefed at least twice a year. In most cases projects will run longer, so keeping your road maps current is critical to preserving credibility and demonstrating progress. Your deliverables should be on the roadmap; these are things like policies, process implementations, documentation, etc. If you are a part of, or can get an ITAM project started, your project manager is an invaluable resource for creating, maintaining and driving delivery of the projects on the roadmap, gathering progress metrics and getting and keeping stakeholders involved in the ITAM project. Your first objectives on either of your road maps should be to get all processes that handle IT assets to a managed state. I recommend using ISACA COBIT 5 as a guide to assessing and maturing IT asset processes. For more information, visit http://www.isaca.org. Gartner, Inc. also has a lot of material that can assist you in maturing your IT asset management practice.
Organizational Change Management and Process Improvement/Implementation
When you are ready to begin your implementation of IT asset lifecycle processes changes, I recommend consulting with someone that is experienced with organizational change management. Experienced change agents will help you and your leadership to implement change in a more effective way. There is no doubt that process changes will create some amount of angst; you may realign procedures, create new ones, and even, dare I say, create more work for somebody(s); but in the end, a properly implemented IT asset lifecycle process will benefit the organization. So a having a skilled change agent on hand will help smooth the bumps and ease the transition from the old way to the new way.
Following these five steps will help you, as an IT asset manager to gain and maintain credibility and demonstrate your value to your organization. While the steps may be simple, the work contained in them is not. IT asset management is a journey, and will require the help of many leaders, stakeholders and the operators that will function within your processes. I cannot stress again the importance of identifying stakeholders and keeping them involved with your efforts; failure to do this will stymie your efforts at change. With your skill set and hard work, IT asset management can truly be an enabler for the IT organization to better deliver IT services, systems and applications.