Too often, we hear of stories where an organization embarked on implementing an ITAM program – only to hear later that the project was cancelled or postponed. The reasons for these cancellations and postponements almost always come down to one of three reasons, explained below.
I cite the three most common reasons and ways to rescue the effort so that the ITAM implementing organization gets the benefits it was initially seeking (and ideally more). The benefits include reduced risk of non-compliance and audit, and improved financial and business impacts to the organization.
And the list…
- “I’m tired of all of these audits – let’s make sure this never happens”
- “I am not confident we know what IT assets we have (and what is used)”
- Organizational barrier to change and scope creep
Reason 1: “I’m tired of all of these audits – let’s make sure this never happens again.”
The first question may be why the quotes? With regularity, ITAM implementations often occur as a result of something going bad. Did the organization get the dreaded audit letter –was the organization found with millions in unlicensed software? Once these events happen, with regularity, the CFO/CEO says to their IT manager, don’t let this happen again to us – fix the problem.
When this happens, the CEO say’s we need to implement ITAM. While obvious, knowing the underlying causes of the non-compliance is the only way to solve the problem. Too often, when speaking to organizations, they never investigate the root causes that lead to the issue in the first place. They focus on responding to the vendor audit and when completed, go back to yesterday’s processes. They don’t take stock in asking whether the issue was a result of lack of process, a lack of understanding how lawfully to use the software or a failure in monitoring installations of the software.
Learning the root causes and defining the scope of the ITAM implementation to address those faults, is the way to address the CIO/CEO’s need.
Reason 2: I am not confident we know what IT assets we have (and what is being used)?
Audit tool providers have done a terrific job saying you can implement ITAM with their tool. If true, then why do most organizations have more than one tool? A tool is just that – a way to complete a certain aspect of any given job. A good tool needs to do more than just count. Not only do ITAM tools need to count what is installed, they should report what is being used. AppClarity provides both pieces of information. It also can change the conversation from one of non-compliance to yes it was installed, but hasn’t been used in a defined period.
Reason 3: Organizational Barrier to Change
Let’s be clear – change is hard. Some people embrace it; others loathe it. I had the opportunity to speak to a large organization who wanted to implement ITAM. They seemed genuinely interested in pursuing an ITAM implementation to save what they believed was millions of dollars on their desktop software. The organization was able to save significant dollars in the desktop space, and, as a result, expanded the original scope to the server side. Almost immediately, the project stopped dead in its tracks. It turned out the executive sponsor was not senior enough to tell division owners that they must be ‘all-in’ with this ITAM implementation for the benefit of the entire organization. The reason for the fail was simple. Each business owner, who paid for the hardware being consolidated, did not want to lose control of that budget (or hardware).
The executive sponsor did not feel empowered to go to the CIO given that is how they handled “ownership” of servers for as long as anybody could remember.
The moral of the story. Not only is senior level executive sponsorship and communication necessary, one must stick with the chosen scope or the desired outcome will not be a reality. This gives any future hope to subsequent ITAM implementations and undeserved bad name – and leads to continued risk. Over time, we’ll cover more on the importance of scope and executive management engagement.