This is a guest article contributed by Probuddho Halder, a SAM and Software Licensing expert based in India. Probuddho is a young and enthusiastic SAM professional. He likes to read and write about SAM and software procurement. Designing SAM strategy and implementation excites him. His experience spans from SAM operations, auditing, consulting to strategy. He can be contacted at probuddhohalder@yahoo.com.
Indian organizations are becoming more aware of software asset management due to its significance in modern day business. This is partially driven by the intensified license audit by various publishers and also by the increasing SAM related services by independent firms.
In my years as a member of operational SAM teams, SAM consulting, publisher auditing and strategizing SAM operations, I have interacted with many middle and senior level managers and business leaders who are aware of SAM, know the importance of SAM, want SAM but are either shy of investing in it, confused about how to go about implementing it or are not able to see a practical value in it. I appreciate their thought process, as it is extremely difficult to get executive level buy in for a project or a process like SAM, and there are some very important and practical reasons for it:
All of the above factors and many operational factors like manpower involvement, sponsorship, cost of skill, ROI etc can put organizations ‘off’ from implementing SAM.
It has been observed that most of the organizations that have adopted SAM as a process are also facing real operational and tactical challenges, especially when they try to compare their operations and internal audit findings with the license audit conducted by publishers. All these dynamics have and will keep haunting organizations well into the future.
The licensing world is still a dark and gloomy place where almost everybody contradicts each other. The re-seller differs with the account manager who differs with the compliance manager, the auditor differs with the re-seller and account manager, but supports the compliance manager, and lastly the implementation guys proves all of them wrong, but they mostly come together when it comes to closing a big noncompliance deal ensuring they all get their share of the spoils.
Interestingly the publishers, at least in this part of the geography have shifted their focus from crucifying organizations for license noncompliance to ensuring regular revenues through stringent true ups and maintenance programs. A slightest deviance or irregularity would mean an audit party landing on the doorstep of an organization.
While the business leaders are concerned and are talking about the future of SAM and where is it headed and if it is just going to die and so on and so forth, for many organizations around the world the journey has not even started. So with all these ground realities where does an organization start their SAM journey? Unfortunately the answer to that question is not simple and involves many hard and often unpopular decisions.
I have been involved in quite a few consulting programs where I had prepared a tiered structure for SAM implementation in midsized to large enterprises. Below mentioned steps are basic and rudimentary and can be scalable based on the size of the organization.
The first step of implementing a SAM program within India is the most difficult one. It involves executive buy in for SAM (senior management). The business leader must be convinced, assured and recognize the value of a robust SAM program, and have a firm hand in making sure the SAM project is followed correctly. They should also be made aware that such a program will be disruptive, it will cause people to change their way of thinking and working and in all probability make them uncomfortable. But once properly implemented it will benefit all employees and the organization at large.
The second most important and vital step in SAM program implementation is freezing the SAM policy and organization structure for SAM. The SAM policy document should be about building the KPIs (key performance indicators) of the program. For example, setting the SAM scope, definition, organizational objective etc. One of the most important factors that a lot of organization omits at the strategy stage is to understand and focus on publishers unique to their industry line of work. For example a large manufacturing organization will most often have a large SAP base or some other ERP. A software development organization will have a variety of development software like MS visual studio, oracle etc. So it is immensely important to focus and attack specific publisher based on historic software install base, software spend or audit frequency.
The organization should also define the scope of the SAM operations. The feasibility and latitude of existing tools should also be reviewed, and if new SAM tools are required, POCs should be conducted and a standard and a support tool should be identified. At this stage it should be noted that no tool can be 100% accurate and it is always a good practice to validate data through different sources.
Now that we have SAM Strategy, budget and team in place it is time to set the ball rolling. So where does one start?
One part of the SAM team should start collecting procurement records, while the other concentrates on collection of deployment footprint. Both activities are easily said than done and involves hours of hard work, coordination and consolidation. Procurement records if maintained through ERPs will be easy to fetch, however if they are processed manually it will be extremely difficult to consolidate. One suggestion at this stage would be to segregate PO records, Invoices and licenses into publishers that will help in the entitlement preparation stage. We can further segregate them based on dollar value like; all software with more than $5000 bundled together. Once the software procurement data is collected and categorized, preparation of the entitlement can be initiated. Special considerations should be given to support end dates, versions and keys at this stage as that will help organizations in creating correct licensing positions in future.
Deployment foot print collection starts with baseline the hardware in circulation. It is vital that the total desktops, laptops, workstations and servers are accounted for and the numbers are benchmarked against independent sources. Based on these numbers the deployment team can strategize the collection methodology. Collection should be comprehensive and all vital information should be collected.
Armed with the entitlement and deployment data the SAM team can produce the prototype ELP for management review.
Now that the initial effort of SAM has borne its fruit, a SAM team can have a forked approach. Team One will work with procurement to continuously update the procurement database and also dig up any older procurements, segregate them and categorize them, it will also be their duty to ensure they proactively inform management about upcoming renewals, support expirations and anniversaries. Team two can take up the task of controlled deployment where by all software being introduced in the organization are controlled and accounted for and licensing positions are continually updated. Team three can continue to monitor compliance and report any non-compliance position well in time for remediation.
The management is expected to continuously work towards educating the end users and communicating the importance of SAM and the impacts of not having one in place. This is of utmost importance as the working style of employees will undergo a change and they are expected to resist this change.
SAM operational integration takes place when the request management process in an organization is integrated to accommodate software request workflow. The user is expected to raise software requests, and the same with proper approvals will land with the SAM team, who will validate the license availability and accordingly approve or reject the request. One interesting aspect to mention at this stage is the recommendation for freeware or cheaper alternatives of the requested software. This, if properly implemented, can result in considerable savings for the organization. Post approvals the software can be deployed in a controlled automated or manual process and validated. Licensing database should be updated post validation.
Integrating SAM into the IT operations and running the same seamlessly is a daunting task. There are numerous challenges and internal resistance. However, creating a plan of implementation can help in covering a considerable amount of ground. The practical challenges and roadmap described above can help small to medium organizations to think of the implementation of SAM as an operational process and mitigate risks and achieve ROI.
We would like to thank Probuddho for his guest contribution. We welcome guest content from anyone with an opinion or something to say. To do so, please contact David Foxen at; david.foxen@itassetmanagement.net.