This update on ISO has been provided by David Bicket.
David writes:
“Edition 3 of ISO/IEC 19770-1 for Software and IT Asset Management has recently been published by ISO. It is a major advance for SAM and ITAM practitioners to increase value and reduce cost and risk for the organizations they support. This edition of the Standard continues ISO’s and its 22 nation working group pursuit started in 2006 to make IT Asset Management easier and more understandable.
It explicitly addresses current challenges, e.g.
Both outsourcing and services (e.g., cloud)
Mixed responsibilities between the organization and its personnel (e.g., BYOD, smartphones)
It has been re-written to be compatible with 27001 (Information Security), 9001 (Quality), and all other ISO Management System Standards. (20000-1 on Service Management is in the process of likewise being rewritten.)
It has been especially aligned with 27001, e.g., using the 27001 approach to risk management.
It can facilitate independent certification, especially by certification bodies used to performing 27001 certifications.
It allows the use of tiers, facilitating its incremental use. Tier 1, called ‘trustworthy data,’ includes having trustworthy data for license compliance. Tier 2 is for life-cycle processes, and tier 3 is for optimization, addressing functional areas such as contract and financial management.
A preview of the standard is available on ISO. The full standard may be purchased from ISO and most national standards bodies (e.g., ANSI, BSI, DIN).
The ongoing legal battle between VMware (under Broadcom ownership) and Siemens is yet another example of why ITAM goes far beyond license compliance and SAM. What might, at first glance, appear to be a licensing dispute, ...
During one of the keynotes at the FinOps X conference in San Diego, JR Storment, Executive Director of the FinOps Foundation, interviewed a senior executive from Salesforce. They discussed the idea of combining the roles of ...
I recently reported on the FinOps Foundation’s inclusion of SaaS and Datacenter in its expanded Cloud+ scope. At that time, I highlighted concerns about getting the myriad SaaS companies to supply FOCUS-compliant billing data. A couple ...
Podcast
No time to read? Want to stay up to date on the move? Subscribe to the ITAM Review podcast.
Marks & Spencer (M&S), the iconic UK retailer, recently became the latest high-profile victim of a devastating cyberattack. Fellow retailers The Co-Op and Harrods were also attacked. Recent reports suggest the rapid action at the Co-Op ...
During our Wisdom Unplugged USA event in New York in March 2025, we engaged ITAM professionals with three targeted polling questions to uncover their current thinking on Artificial Intelligence—what concerns them, where they see opportunity, and ...
In the world of ITAM, the regulatory spotlight continues to intensify, especially for financial institutions facing increasing scrutiny from regulatory bodies due to the growing importance of IT in operational resilience, service delivery, and risk management. ...
Executive Summary For ITAM teams, sustainability is a core responsibility and opportunity. Managing hardware, software, and cloud resources now comes with the ability to track, reduce, and report carbon emissions. Understanding emission scopes—from direct operational emissions ...