Best practice
Revised ISO SAM/ITAM Standard Published
This update on ISO has been provided by David Bicket.
David writes:
“Edition 3 of ISO/IEC 19770-1 for Software and IT Asset Management has recently been published by ISO. It is a major advance for SAM and ITAM practitioners to increase value and reduce cost and risk for the organizations they support. This edition of the Standard continues ISO’s and its 22 nation working group pursuit started in 2006 to make IT Asset Management easier and more understandable.
- It explicitly addresses current challenges, e.g.
- Both outsourcing and services (e.g., cloud)
- Mixed responsibilities between the organization and its personnel (e.g., BYOD, smartphones)
- It has been re-written to be compatible with 27001 (Information Security), 9001 (Quality), and all other ISO Management System Standards. (20000-1 on Service Management is in the process of likewise being rewritten.)
- It has been especially aligned with 27001, e.g., using the 27001 approach to risk management.
- It can facilitate independent certification, especially by certification bodies used to performing 27001 certifications.
- It allows the use of tiers, facilitating its incremental use. Tier 1, called ‘trustworthy data,’ includes having trustworthy data for license compliance. Tier 2 is for life-cycle processes, and tier 3 is for optimization, addressing functional areas such as contract and financial management.
A preview of the standard is available on ISO. The full standard may be purchased from ISO and most national standards bodies (e.g., ANSI, BSI, DIN).
A presentation is available. See also Wikipedia.”
Can’t find what you’re looking for?
More from ITAM News & Analysis
-
Broadcom vs Siemens AG - A Brewing Storm
The ongoing legal battle between VMware (under Broadcom ownership) and Siemens is yet another example of why ITAM goes far beyond license compliance and SAM. What might, at first glance, appear to be a licensing dispute, ... -
Shifting Left Together: Embedding ITAM into FinOps Culture
During one of the keynotes at the FinOps X conference in San Diego, JR Storment, Executive Director of the FinOps Foundation, interviewed a senior executive from Salesforce. They discussed the idea of combining the roles of ... -
Addressing the SaaS Data Gap in FinOps FOCUS 2.1
I recently reported on the FinOps Foundation’s inclusion of SaaS and Datacenter in its expanded Cloud+ scope. At that time, I highlighted concerns about getting the myriad SaaS companies to supply FOCUS-compliant billing data. A couple ...
Podcast
No time to read? Want to stay up to date on the move? Subscribe to the ITAM Review podcast.
ITAM training
On-demand and live training for ITAM, SAM and Software Licensing professionals.
Similar Posts
-
The M&S Cyberattack: How IT Asset Management Can Make or Break Your Recovery
Marks & Spencer (M&S), the iconic UK retailer, recently became the latest high-profile victim of a devastating cyberattack. Fellow retailers The Co-Op and Harrods were also attacked. Recent reports suggest the rapid action at the Co-Op ... -
AI in ITAM: Insightful Signals from the Front Line
During our Wisdom Unplugged USA event in New York in March 2025, we engaged ITAM professionals with three targeted polling questions to uncover their current thinking on Artificial Intelligence—what concerns them, where they see opportunity, and ... -
How ISO/IEC 19770-1 Can Help Meet FFIEC Requirements
In the world of ITAM, the regulatory spotlight continues to intensify, especially for financial institutions facing increasing scrutiny from regulatory bodies due to the growing importance of IT in operational resilience, service delivery, and risk management. ... -
An Introduction to Scope 4 Emissions
Executive Summary For ITAM teams, sustainability is a core responsibility and opportunity. Managing hardware, software, and cloud resources now comes with the ability to track, reduce, and report carbon emissions. Understanding emission scopes—from direct operational emissions ...
