BS ISO/IEC 19770-2:2009 - Information technology. Software asset management. Software identification tag – BSI British Standards

BS ISO/IEC 19770-2:2009

Information technology. Software asset management. Software identification tag

Status : Revised, Superseded, Withdrawn   Published : February 2010 Replaced By : BS ISO/IEC 19770-2:2015

*To ask about withdrawn titles contact the
Customer Relations, +44 345 086 9001

BS ISO/IEC 19770-2:2009 Information technology. Software asset management. Software identification tag

BS ISO/IEC 19770 consists of the following parts, under the general title Information technology. Software asset management:

Part 1: Processes
Part 2: Software identification tag
Part 3: Software entitlement tag

Part 2 of BS ISO/IEC 19770 establishes the specifications for tagging software to optimize its identification and management.

The software identification tag is an XML file containing authoritative identification and management information about a software product. The software identification tag is installed and managed on a computing device together with the software product. The tag may be created as part of the installation process, or added later for software already installed without tags. However, it is expected more commonly that the tag will be created when the software product is originally developed, and then be distributed and installed together with the software product. Having the tag available from the beginning allows for the more effective management of distribution and repackaging external to the software consumer, and then of release management within the software consumers organization.

BS ISO/IEC 19770-2 supports software asset management processes as defined in BS ISO/IEC 19770-1. It is also designed to work together with the future BS ISO/IEC 19770-3 that will provide a standard for software entitlement tags.

Software identification tags will benefit all stakeholders involved in the creation, licensing, distribution, releasing, installation, and on-going management of software. Key benefits associated with software identification tags include:

  • The ability to consistently and authoritatively identify software products that need to be managed for any purpose, such as for licensing, upgrading, packaging or for the specification of dependencies. Software identification tags provide the meta-data necessary to support more accurate identification which differentiates this approach from traditional file-oriented identification techniques.
  • The ability to identify groups or suites of software products in the same way as for individual software products, enabling entire groups or suites of software products to be managed with the same flexibility as for individual products.
  • Facilitation of de facto standardization between different software creators, and within software creator organizations, of how different versions of software are identified, allowing for better identification and management by software consumers of those different versions; for example, being able to distinguish between free-standing versions and versions which are components of suites, upgrade paths, etc.
  • Facilitation of automated approaches to license compliance, using information both from the software identification tag and from the software entitlement tag as will be specified in ISO/IEC 19770-3.
  • The ability to provide comprehensive information about the structural footprint of packages, i.e. the list of components such as files and system settings associated with that package, in order to link package-level management with file-level management.
  • The ability to provide information about how to identify if a particular software package is being actively used or not.
  • The ability to deal with the complexities of software installed on removable or shared storage, or in virtual environments (subject to the evolving ability of platforms and installers to identify devices and environments).
  • The ability to reflect within the software identification tag the identities and requirements of different entities, including software creators, software licensors, packagers, distributors external to the software consumer, release managers within the software consumer, and those responsible for installing and managing software on an on-going basis.
  • The ability to allow for the validation of any of this information through the optional use of digital signatures by anyone creating or modifying information in the software identification tag.
  • The ability for entities besides the software creators (e.g. independent providers, or in-house personnel) to create software identification tags for legacy software, and also for software from software creators who do not provide software identification tags themselves.
  • The ability of this International Standard to evolve in informal and formal ways, as common approaches become accepted throughout industry for dealing with additional types of information not currently covered by this part of ISO/IEC 19770, such as for product activation.

Contents of BS ISO/IEC 19770-2 include

  • Scope
  • Purpose
  • Field of application
  • Limitations
  • Conformance
  • Product conformance
  • Organizational conformance
  • Agreement compliance
  • Normative references
  • Terms, definitions and abbreviated terms
  • Alignment and rationalization with prior standards
  • Statement of alignment for this part of ISO/IEC 19770
  • Alignment with ISO/IEC 19770-1:2006 Information technology — Software asset management — Part 1: Processes
  • Alignment with ISO/IEC 20000-1:2005 Information technology – Service management – Part 1: Specification
  • Alignment with ISO/IEC 20000-2:2005 Information technology — Service management — Part 2: Code of practice
  • Implementation of software identification tagging processes
  • General requirements and guidance
  • Software identification tagging life cycle: operational breakdown
  • Platform requirements and guidance
  • Types of platforms
  • Basic platform services
  • Virtual environments
  • Virtual machines
  • Support for software installed on removable media
  • Hardware and platform identification
  • Element names
  • Mandatory elements
  • Optional elements
  • Extended elements
  • Data type definitions
  • Software identification tagging principles
  • Software provider use cases and guidance
  • Tool provider use cases and guidance
  • Software consumer use cases and guidance
  • Software identification tags for items other than software
  • Copyright and software identification tags
  • XML schema definition (XSD)
  • Extended examples
  • Software identification tag lifecycle
  • Life cycle of a software identification tag
  • Examples of regid values
  • Examples of tag locations on different platforms
  • Microsoft Vista® APIs for software identification tag management

Standard NumberBS ISO/IEC 19770-2:2009
TitleInformation technology. Software asset management. Software identification tag
StatusRevised, Superseded, Withdrawn
Publication Date28 February 2010
Withdrawn Date31 October 2015
Normative References(Required to achieve compliance to this standard)No other standards are normatively referenced
Informative References(Provided for Information)No other standards are informatively referenced
Replaced ByBS ISO/IEC 19770-2:2015
International RelationshipsISO/IEC 19770-2:2009
Draft Superseded By08/30128080 DC
DescriptorsSecurity, Data media, Consumer-supplier relations, Data, Copyright, Labels, Risk assessment, Management, Computer programs, Computer software, Enterprises, Data processing, Conformity, Identification methods
Title in FrenchTechnologies de l'information. Gestion de biens de logiciel. Étiquette d'identification du logiciel
Title in GermanInformationstechnologie. Management von Software-Assets. Software Identifikations Kennzeichen
ISBN978 0 580 54959 5
File Size1.496 MB

*To ask about withdrawn titles contact the
Customer Relations, +44 345 086 9001
 Your basket
Your basket is empty

Multi-user access to over 3,500 medical device standards, regulations, expert commentaries and other documents

Worldwide Standards
We can source any standard from anywhere in the world

Tracked Changes

Understand the changes made to a standard with our new Tracked Changes version

Develop a PAS

Develop a fast-track standardization document in 9-12 months