In our previous ITAM 101 blog, we gave you an introduction to IT Asset Management (ITAM), along with a list of ITAM benefits and some potential quick wins for a quick start. The next step is to look at creating your business case for ITAM, i.e. your decision-making tool that aligns the case for ITAM to business outcomes and requirements. It’s the best way to succeed with an ITAM initiative, not only in terms of justifying any investments, but also in agreeing the ITAM scope and the metrics used to establish success.
The ITAM business case is no different to any other business case, and will have the best of success – and then for initiative success – if it includes the following sections:
- Business objectives
- Benefits (both tangible and intangible)
- Recommended approach
- Outline proposal for a project plan
Sponsorship (and Support)
You can’t do ITAM on your own. Good ITAM is everyone’s responsibility, plus it might need funds to start with before it saves more than it costs, so you’ll need it to be “championed” from the outset.
To have the best possible chance of success, you’ll need to have support from across the organization. Firstly, you’ll need to have support from senior management, ideally someone who can make your case at board level. Having senior management support means, rightly or wrongly, that your case will be taken more seriously because of the level of seniority involved. If you have a recent “own goal,” such as an adverse finding in a licensing audit or an embarrassing major incident caused by lack of asset management, then so much the better. As nothing adds a sense of gravitas to a business case than being at the sharp end of a recent (and possibly public) failure.
While senior management support is important, so is the support of your colleagues in the service desk, procurement, and technical support teams. As they’ll be the ones involved with your ITAM policies and practices on a day-to-day basis. Try and involve them early on in the process and continue to bring them along with you. It’s so much better than presenting them with a “done deal.” Plus, if they feel like they’ve been included in the decision-making process, then they’re more likely to buy into your solution and champion it going forward.
The final set of people that you’ll need support from is your end user community. Like we’ve already said – ITAM is everyone’s responsibility, so you’ll need to make the process for requesting software as easy and painless as possible. The key message here is empowering your users rather than making them feel limited, so if it’s currently like pulling teeth, improving access to software could be your first quick win.
You must align your case for ITAM to current and future business objectives. If you present a business case that’s tech-driven and doesn’t communicate positive business outcomes, then you’ll fail because no one will be able to understand it let alone buy into it.
Some example business objectives include:
- Improved audit performance, with a reduction in, or the elimination, of adverse findings
- Ensuring that the correct level of software licensing in place – saving money and/or ensuring compliance
- Optimizing the use of IT assets with the associated financial savings
- Having a better negotiation position at contract renewal time (financial savings again)
- Being better placed for business and/or transformation – asset procurement models that map to current and future business needs will support upgrade and migration planning
- A more secure environment – as only appropriate, virus-free software can be installed in the production environment
Scope (and Priority)
For most organizations, ITAM is too big an initiative to take a big bang approach. So instead you’ll need to prioritize your efforts and the areas to be targeted.
At the business case stage of any ITAM project, look for quick wins to demonstrate the fastest, most effective return on investment. Also, focus on your biggest areas of exposure, this might be your software “big hitters” such as Microsoft, Oracle, and Adobe; then prioritize attention by risk to the overall organization. Another approach is to look at the areas that cause you the most pain. If you have an open asset-related item on your risk register, attack that first and get the environment mapped out.
The key thing is to make sure your scope is clearly defined from the outset as ITAM is something that can be very prone to scope creep.
*Sounds klaxon* – it’s not just about the tool and what that costs. It’s also about the underpinning processes as well as the people needed to run them – these will cost too.
Your ITAM project is absolutely dependant on people – even with a solid ITAM tool, unless you have the right people your ITAM project is likely to be a failure versus the business objectives. So ensure that you budget for and recruit/train enough people to run the processes involved. And don’t forget to factor in the cost of training.
Process creation will also incur costs. Whether it’s done in house or via third parties who can offer a quicker, and potentially better, solution..
We touched on the high-level benefits of ITAM in the first part of this series but, at the business case stage, this is where you need to tailor the benefits to your organization, building up by different line of business benefit scenarios. Some examples could include:
Risk and Compliance
Making it easier to comply to regulatory directives be it SOX, IL3, and/or the ISO standards. Having solid ITAM processes also means that your risk and compliance people are better prepared for vendor audits as the right documentation and checks are already in place.
Tying ITAM into the acceptable IT usage policy such that everyone knows the dos and don'ts for using work equipment. ITAM also helps to improve employee compliance to corporate regulations and policies that minimize security and legal risks.
Asset information helping with incident management – the service desk agent knows more about an affected asset and might thus be able to diagnose and fix it more quickly. One central source of approved and supported software can be used to initiate a consistent request fulfillment process.
Tech Support Teams
One central list of approved software – that is deployed centrally by a definitive media library (DML) – making it easier, faster, and safer to install software.
Only authorized, safe, licensed hardware, and software being deployed to the production environment, which reduces the risk of cyber threats.
One standard, central process for purchasing hardware and software providing a better understanding of the hardware and licensing position which in turn enables more effective contract negotiation. With the ability to track assets, and costs, throughout their entire lifecycle.
Having data on business-critical assets as a key input into IT service continuity plans.
Better budget planning of projected spends – making IT spending more transparent and assured.
This is where you outline your preferred approach in terms of tool, consultancy/advisory, and additional staff. Make sure you’re the options considered and preferred outcome are laid out clearly, are easy to understand, and are closely aligned with business goals and directives.
So your business case is effectively where you set out your shop window for ITAM. By aligning ITAM with business objectives such as cost savings, increased compliance to regulatory requirements, risk mitigation, and a more streamlined operating model, you’ll not only communicate the benefits of ITAM but also give your ITAM initiative the best possible chance of a successful outcome in terms of funding approval and implementation.