This article is the third of a four part series by Martin Thompson of The ITAM Review and Hugh Skingley of Livingstone. The series explores Building the Business Case for SAM Managed Services.
Before we delve into team building and the role that SAM Managed Services providers might play, let’s recap the first two parts of this series:
In the first article we covered cost considerations for SAM tool implementation. We highlighted that implementation costs can extend way beyond the SAM tool license price and summarized some of the potential hidden costs to factor into budgeting in order to avoid the embarrassment of asking for further funds down the line.
In the second article we explored the business case for SAM Managed Service providers and why organizations utilize them: namely access to expertise, cost savings, faster ROI and potentially less risk.
Service providers and specialists also play a role in the team, and it’s common for teams to include elements from external parties.
ITAM managed service providers have become more popular in recent years; especially SAM managed service providers who provide compliance visibility for a fixed monthly fee. Some organizations choose managed service providers as a short-term fix whilst they build out the capabilities of their team; some choose to work with managed service providers as a long-term solution to allow their team to focus on more strategic ITAM initiatives.
In this article we will explore a three-step, risk-based approach to team building and how SAM Managed Service providers can help with this process. In particular, how they can help address gaps in your expertise.
The ideal time to build a team is once you have your SAM business plan written and approved by your senior management sponsor. Or in Practical ITAM parlance, your build TEAM, once AUTHORITY and PLAN are completed. As the diagram suggests below, building your team is part of the preparation phase of building an ITAM function. With senior management approval, a focused business plan, engaged stakeholders and a well-resourced team – you are ready for take off.
“In the three-phased approach to ITAM take off, “team” sits squarely within the taxi (preparation) phase. We’ve developed the authority and we’ve built the implementation plan. Now, we get the team together to help us execute.” Practical ITAM.
How should you build a team? Who should be in it and what skills should it include? The short answer is: your team should be resourced to address the goals in your business plan. (You have a business plan, right?).
We recommend a three-step risk-based approach to resourcing your team.
Firstly, take a risk-based approach and determine which are your highest risk software publishers. Identify the top 5, 10 or 20 software publishers that, if managed correctly, will have the biggest impact on your business plan (which typically involves removing audit risk, removing software waste, or gathering information to make smarter decisions).
Secondly, with your top priority publishers in hand, what are the major product categories, data requirements and license metrics involved to manage those publishers?
Thirdly, create a matrix to build a team based on these requirements. At this point you’ll have a bird’s eye view of your requirements and where Managed Services providers and specialist skills might be able to help.
To show the three-step risk approach to building a team, let’s look at a very simple example:
Building a virtual team to manage risk
|How do we measure consumption?||Who do we know with license expertise for this area?||Who do we know with sufficient expertise to help us save money for this area?|
|Microsoft Users||We could use our existing in-house inventory tools, Microsoft data and take a look at Active Directory?||Fred, the existing Software Asset Manager has good knowledge of Microsoft Licensing.||Our existing Software Asset Manager, with help from our reseller partner, can address this.|
|Oojamaflip||An inventory tool with usage tracking||Unknown||Unknown|
|Microsoft SQL||Unknown||Unknown||One of our engineers might be able to help.|
By using this matrix and asking a few simple questions, we can quickly establish if we have the in-house skills to be able to address our business plan. Using the example above, it looks like the organization might be able to address ‘Microsoft Users’ thanks to the Software Asset Manager’s expertise, but may need to either hire or work with a partner to address other gaps. You could also extend the matrix to include an estimate of time, effort and cost to manage these vendors and products (to support your business case to either extend your SAM team or use a third party).
Incidentally, the same matrix approach can be used to select appropriate SAM data sources, tools and solutions. In the example above, the organization would need a solution capable of working with the hybrid cloud user-centric models from Microsoft and Adobe, the ability to identify and manage the niche engineering application Oojamaflip and the ability to identify SQL Server. That’s not to say that all the other applications in their estate are not important, but to complete the business plan and meet their objectives, they need to focus on the high-profile vendors above.
In relation to using a managed service partner, the strategy needs to be decided: it might be the case that the partner is used for the short-term to help get you up to speed, or some organizations stay with a partner for the longer term so that it frees them up to pursue more strategic activities. This can all be part of the SAM plan and helps make you think more strategically about SAM.
In our simple example above we asked three questions: How will we measure consumption? Who do we know with license expertise? And whom do we know with sufficient expertise to help us save money for this area?
This is a good starting point to help you start identifying gaps in your team, but it’s worth digging a little deeper to identify the key roles and responsibilities of a SAM team.
The list below includes some key SAM activities: which of these can you cover in-house and which elements might need some external expertise?
What SAM Managed Service Providers CAN’T do
Finally, it’s worth noting that whilst SAM Managed Service Providers can be very useful in de-risking your SAM implementation and addressing gaps in your team – You cannot outsource your risk. So, whilst you might have a virtual team or multiple stakeholders delivering your compliance position – the buck stops with you and your CEO for your compliance responsibility.
Livingstone has built a SAM calculator for simulating these costs over a three-year period. Download a copy here (Registration Required).