BS ISO/IEC 19770-1 is for organizations that want to achieve best practice in Software Asset Management (SAM). The standard grew out of ISO/IEC 19770-1:2006 Software Asset Management processes which was a comprehensive standard designed to align all of service management as specified in ISO/IEC 20000.
However, market feedback suggested that organizations wanted something that could be accomplished in multiple increments and to that increment most suited to the needs of the organization. This part of ISO/IEC 19770 was therefore designed to make the implementation of SAM and conformance to a published standard possible at any one of these increments, called “tiers”, which are cumulative.
This allows for free-standing independent certification which corresponds to natural levels of development and management priority. Recognition is given to those organizations through the ability to publicly display that certification has been achieved to a stated tier.
Division into tiers is designed so that standardized SAM is within reach of most organizations. Those implementing SAM for the first time can often implement SAM more rapidly by also applying careful scoping of the software assets covered and by scoping the parts of the organization covered by SAM.
This latest standard lets you achieve:
• Effective risk management
• Cost control
• Target priority areas
• Competitive advantage
SAM has wide ranging benefits across other interrelated practices of managing IT assets and implementers of good SAM practices can expect to attain benefits beyond management of the software itself.
This part of ISO/IEC 19770 can be applied to all software and related assets, regardless of the nature of the software, where related assets are all other assets with characteristics which are necessary to use or manage software.
Contents
1 Scope
1.1 Purpose
1.2 Field of application
1.3 Limitations
2 Conformance
2.1 Intended usage
2.2 Methods of demonstrating full conformance 3 Terms and definitions
4 SAM processes
4.1 General
4.2 Control environment for SAM
4.3 Planning and implementation processes for SAM
4.4 Inventory processes for SAM
4.5 Verification and compliance processes for SAM
4.6 Operations management processes and interfaces for SAM
4.7 Life cycle process interfaces for SAM
5 Tiers
5.1 Overview
5.2 Tier 1 – trustworthy data
5.3 Tier 2 – practical management
5.4 Tier 3 – operational integration
5.5 Tier 4 – full ISO/IEC SAM conformance
Annex A (informative) Reference chart of outcomes by tier
Annex B (informative) Guidance on selected topics
Annex C (informative) Cross reference to industry best practice guidance
Annex D (informative) Roadmap
Annex E (informative) Industry capability/maturity approaches
Bibliography
