SAM Standards round up from Dave Bicket
‘WG21’, the working group that drives development of the SAM standard, met in Jeju Island, Korea in May. This article is an abridged summary provided by Dave Bicket.
Enter Dave Bicket…
“The Working Group responsible for international SAM standards (ISO/IEC JTC1 SC7 WG21) met in May. It was a productive meeting, with ten individuals attending in person, and another five attending remotely, with representatives from seven national standards bodies (Denmark, India, Ireland (new!), Japan, Poland, UK, and US) and from three liaison organizations (BSA, IAITAM, and itSMFI).
Discussions were held related to the next face-to-face meeting of WG21 which will be in Palm Springs, California, USA 10-12 October, hosted by IAITAM in conjunction with the IAITAM annual US conference 17-19 October. There are also plans for a meeting on 16 October open to all to solicit views about “Emerging Software Asset Management (SAM) standard requirements”. Likewise, there is expected to be the first Annual General Meeting of the International SAM Standards User Group (ISSUG) after the open meeting, for those interested.
Click to Enlarge
- Front Row Left to Right: Jintaro Shinoda (Japan), Peter Beruk (US), Roger Cummings (US), Yoshinori Takahashi (Japan), Jan Øberg (Denmark)
- Back Row Left to Right: David Phillips (UK), Krzysztof (Chris) Bączkiewicz (Poland), David Bicket (UK), Dave Welsh (US), Jason Keogh (Ireland)
- Remote Attendees: John Tomeny (US), Pat Cicala (US), Scott Lemm (US), Steve Klos (US), Swarup Mandal (India)
SAM Process Standards (19770-1)
The first edition of the SAM process standard (ISO/IEC 19770-1) published in 2006 has been revised to provide four separate tiers, and has successfully passed all of its votes. ISO/IEC 19770-1 2012 available here.
SAM Tagging Standards (19770-2)
Market uptake of the ISO/IEC 19770-2 Software Identification Tag (‘SWID’ tag) is increasing, with the US government being particularly involved because of its security uses. Microsoft is the most recent publisher to announce support, most major installers now support SWID tags, and increasing numbers of software tools are also supporting SWID tags. There is further to go, and end-users are encouraged to ask all publishers to support the tags. See, for example, the open letter.
Approval was obtained in Korea from SC7 for a New Work Item submission to create an Amendment to ISO/IEC 19770-2 to formalize some of the desired enhancements identified over the last several years, e.g. to facilitate its use for improved security automation.
Software Entitlement Tags (19770-3)
Work on the Software Entitlement Tag (ISO/IEC 19770-3) is well advanced. It is expected that the 2nd Committee Draft of this standard will go out for vote and comments within the next two months.
Overview and Terminology (19770-5)
19770-5 should go out as a Draft International Standard for vote and comments within the next two months.
Embedded Software Tag (19770-6)
Preparatory work is proceeding on the Embedded Software Tag (conceptually the equivalent of ISO/IEC 19770-2 for embedded software). It is expected that the formal submission for vote on the New Work Item Proposal will happen within the next several months.
Tag Management Guidance (19770-7)
Work on Tag Management guidance is progressing, and it is expected that the second Working draft of this standard will go out for comments within the next four months.
Mapping ISO/IEC 19770 to other Frameworks (19770-8 tentative)
A call to national bodies had previously been made “to identify existing proprietary and industry-based schemes to be mapped to ISO/IEC 19770-1.
Candidates at present is the following:
- Best Practice Library (from the International Association of IT Asset Managers)
- CobiT v5 (from ISACA/ITGI)
- IT Infrastructure Library (ITIL)
- SAM Optimization Model (from Microsoft)
- SAM Standard and Evaluation Criteria, (from The Association of SAM Assessment and Certification, Japan)
Work on these mappings will progress over the next several years. (Note that there is some limited mapping guidance in Annex C of ISO/IEC 19770-1:2012, but this is expected eventually to be superseded by the more detailed work indicated here.)
SAM for small organizations (19770-11)
Approval was obtained in Korea from SC7 for a New Work Item submission for “Guidelines for the application of ISO/IEC 19770-1 for small organizations”, to become ISO/IEC 19770-11.”
Full write up from Dave Bicket here.
Can’t find what you’re looking for?
More from ITAM News & Analysis
-
How IT Can Contribute Towards UK Government Efficiency Drive Without Impacting Services
UK Chancellor Rachel Reeves recently announcement a 5% efficiency savings target across all government departments. With UK public services under pressure, departments must ensure these savings do not come at the expense of essential services. Reeves ... -
'Big' ITAM News For 2024
As we come to the end of 2024, we wanted to recap some of the ‘biggest’ 2024 ITAM, SAM and HAM new stories along with commentary for our team of industry analysts. February. Flexera Acquires Snow ... -
Wisdom Unplugged UK 2024: Insights and Findings
The Wisdom Unplugged UK event, held in London on 26 November 2024, brought together a diverse group of ITAM professionals, partners, service providers, and independent consultants. The event focused on practical insights, collaboration, and tackle pressing ...