We’ve completed a number of SAM maturity assessments for end user organisations over the last few years.
Companies typically want an external and independent perspective on their current status and some pointers on what to do next.
For organisations looking at their SAM maturity, there are two key frameworks for assessing SAM maturity: The Microsoft SAM Optimization Model and the ISO/IEC 19770-1 standard. Both are good models.
For the majority of companies we speak to the ISO standard is a sledgehammer to crack a nut (Many barely make the first rung of the ISO ladder!). So we often start with the Microsoft SAM model and it’s 10 competencies. However, we feel it has a number of limitations.
Microsoft SAM Optimization Model Limitations
It’s Microsoft centric
It’s built in a perpetual licensing world (we now face many more license types)
It’s built in a desktop world (In our opinion it overlooks Datacentre SAM)
Finally – there is not enough emphasis on people and lasting change.
Introducing the ITAM Review 12 Box Assessment Model
To correctly assess organisations and prepare them for the demands of the modern SAM department – we have built our own SAM Assessment model:
It’s vendor neutral
It’s based on twelve key competencies of a modern SAM practice
It’s lasting objective is SAM as business as usual and a state of audit readiness for major software suppliers
It recognises that SAM doesn’t happen overnight and must happen gradually as a process of continual service improvement
It has a good balance of people, process and technology
The video below provides an overview of the 12 box model. I very much welcome your feedback.
The ongoing legal battle between VMware (under Broadcom ownership) and Siemens is yet another example of why ITAM goes far beyond license compliance and SAM. What might, at first glance, appear to be a licensing dispute, ...
During one of the keynotes at the FinOps X conference in San Diego, JR Storment, Executive Director of the FinOps Foundation, interviewed a senior executive from Salesforce. They discussed the idea of combining the roles of ...
I recently reported on the FinOps Foundation’s inclusion of SaaS and Datacenter in its expanded Cloud+ scope. At that time, I highlighted concerns about getting the myriad SaaS companies to supply FOCUS-compliant billing data. A couple ...
Podcast
No time to read? Want to stay up to date on the move? Subscribe to the ITAM Review podcast.
Marks & Spencer (M&S), the iconic UK retailer, recently became the latest high-profile victim of a devastating cyberattack. Fellow retailers The Co-Op and Harrods were also attacked. Recent reports suggest the rapid action at the Co-Op ...
During our Wisdom Unplugged USA event in New York in March 2025, we engaged ITAM professionals with three targeted polling questions to uncover their current thinking on Artificial Intelligence—what concerns them, where they see opportunity, and ...
In the world of ITAM, the regulatory spotlight continues to intensify, especially for financial institutions facing increasing scrutiny from regulatory bodies due to the growing importance of IT in operational resilience, service delivery, and risk management. ...
Executive Summary For ITAM teams, sustainability is a core responsibility and opportunity. Managing hardware, software, and cloud resources now comes with the ability to track, reduce, and report carbon emissions. Understanding emission scopes—from direct operational emissions ...