IT Asset Management Foundation (ITAMF) – Workbook - Second edition E-Book

IT Asset Management Foundation (ITAMF) Workbook - Second edition

Other publications by Van Haren Publishing

Van Haren Publishing (VHP) specializes in titles on Best Practices, methods and standards

within four domains:

- IT and IT Management

- Architecture (Enterprise and IT)

- Business Management and

- Project Management

Van Haren Publishing is also publishing on behalf of leading organizations and companies: ASLBiSL Foundation, BRMI, CA, Centre Henri Tudor, CATS CM, Gaming Works, IACCM, IAOP, IFDC, Innovation Value Institute, IPMA-NL, ITSqc, NAF, KNVI, PMI-NL, PON, The Open Group, The SOX Institute.

Topics are (per domain):

IT and IT Management

ABC of ICT

ASL®

CMMI®

COBIT®

e-CF

ISO/IEC 20000

ISO/IEC 27001/27002

ISPL

IT4IT®

IT-CMFTM

IT Service CMM

ITIL®

MOF

MSF

SABSA

SAF

SIAMTM

TRIM

VeriSMTM

Enterprise Architecture

ArchiMate®

GEA®

Novius Architectuur

Methode

TOGAF®

Business Management

BABOK ® Guide

BiSL® and BiSL® Next

BRMBOKTM

BTF

CATS CM®

EFQM

eSCM

IACCM

ISA-95

ISO 9000/9001

OPBOK

SixSigma

SOX

SqEME®

Project Management

A4-Projectmanagement

DSDM/Atern

ICB / NCB

ISO 21500

MINCE®

M_o_R®

MSP®

P3O®

PMBOK ® Guide

Praxis®

PRINCE2®

For the latest information on VHP publications, visit our website: www.vanharen.net.

Colophon

Title:

IT Asset Management Foundation (ITAMF) – Workbook Second edition

Author:

Jan Øberg

Publisher:

Van Haren Publishing, ’s-Hertogenbosch-NL, www.vanharen.net.

ISBN Hard copy:

978 94 018 0716 6

ISBN eBook (pdf):

978 94 018 0717 3

ISBN ePUB:

978 94 018 0718 0

Edition:

Second edition, first impression, November 2020

Layout and Design:

Coco Bookmedia, Amersfoort-NL

Copyright:

© ITAMOrg and Van Haren Publishing, 2014, 2020

For more information about Van Haren Publishing, email us at: [email protected].

Copyright Notices

ITIL® is a registered trademark of AXELOS Limited.

ISO® is a registered trademark of the International Organization for Standardization.

COBIT® is a registered trademark of ISACA (previously known as the Information Systems Audit and Control Association).

No part of this publication may be reproduced in any form including printing, photocopying, microfilm or any other means without written permission by the publisher.

Although this publication has been compiled with great care, neither the author(s) nor the publisher accepts any liability for damages caused by any errors and/or imperfections in this publication.

List of figures and diagrams

Introduction

1.1 Definition and goal of ITAM

1.2 Standards and best practicEs

1.3 ITAM models

Exam preparation: Chapter 1

2.1 Introduction to HAM

2.2 Identification and management of hardware assets

2.3 Best practices, tools and mobile devices

Exam preparation: Chapter 2

3.1 Definition and objectives of SAM

3.2 The concept of compliance

3.3 The risks and costs related to software audits

Exam preparation: Chapter 3

4.1 Definition and objectives of SEAM

4.2 The concept of Services and cloud computing

4.3 The practice of SEAM

4.4 Contracts and contract negotiation in SEAM

Exam preparation: Chapter 4

5.1 Definition and objectives of PINAM

5.2 The guiding principles of PINAM

5.3 The practice of PINAM

5.4 Services and cloud: BYOD (Bring Your Own Device)

Exam preparation: Chapter 5

6.1 The interfaces of IT Asset Management

6.2 IT Asset Management roles

Exam preparation: Chapter 6

Appendix A List of basic concepts

Appendix B About ITAMOrg

Appendix C Answer Key

Figure 1. The ITAM lifecycle

Figure 2. Positioning of ITAM

Figure 3. ITAM ECO system stakeholder map

Figure 4. The ITAM ‘Bermuda Triangle’

Figure 5. ITAM best practices

Figure 6. ITAM requirements for the management of assets

Figure 7. ITAM basic management system

Figure 8. ITAM process framework

Figure 9. The HAM lifecycle

Figure 10. Hardware Asset Management stakeholders

Figure 11. The hardware lifecycle process

Figure 12. SAM stakeholder map

Figure 13. SAM implementation roadmap

Figure 14. SAM tiered approach

Figure 15. SEAM ‘Triple Play’

Figure 16. SEAM lifecycle

Figure 17. SEAM and the worlds of the internal and external IT provider

Figure 18. PINAM and the other ITAM areas

Figure 19. PINAM areas for attention

Figure 20. ITAM ECO system and alignment

Figure 21. ITAM interface approach

Figure 22. IT Asset Manager’s central role

Figure 23. Daily operations involving assets

Figure 24. IT Asset Manager challenges

Figure 25. Challenges of related roles

IT Asset Management Foundation (ITAMF) is a certification that validates a professional’s knowledge on managing the IT assets as part of an organization’s strategy, compliance and risk management. The content covered by the certification is based upon the philosophy of ITAMOrg, a membership organization and thought leader in IT Asset Management.

The certificate IT Asset Management Foundation is part of the ITAMOrg qualification program and has been developed in cooperation with international experts in the field.

This workbook will help you prepare for the IT Asset Management Foundation (ITAMF) exam and provides you with an overview of the four key areas of IT Asset Management: Hardware Asset Management, including ‘mobile devices’; Software Asset Management; Services & Cloud Asset Management and People & Information Asset Management, including ‘Bring Your Own Device’ (BYOD).

The exam consists of 40 multiple choice questions with a pass mark of 65%. In this workbook, you will find several sample multiple choice questions, and to help increase your knowledge about IT Asset Management we have also included so-called ‘get it’ questions. You will find these questions at the end of each chapter. The exam requirements are specified at the beginning of each chapter, and the weight of the different exam topics is expressed as a percentage of the total.

ITAMOrg exam context

Source: ITAMOrg IT Asset Management Foundation preparation guide

Target group

IT Asset Management Foundation is intended for all key personnel in the organization involved in the IT lifecycle. Whilst this certification has an IT focus, it has been specifically designed for non-IT personnel in mind.

Specific roles/responsibilities could include (but are not limited to):

◾ General/business management

◾ IT manager

◾ Procurement manager

◾ Financial manager

◾ IT operations manager

◾ Project manager

◾ Process manager

◾ Contract manager

◾ Risk manager

◾ Business continuity manager

◾ Security manager

Competencese-Competence Framework (e-CF)

Introduction to IT Asset Management (ITAM): Exam requirements

1. Introduction to IT Asset Management (ITAM)

10%

1.1 Definition and goal of ITAM

1.2 Standards and best practices

1.3 ITAM models

◾ 1.1 DEFINITION AND GOAL OF ITAM

1.1.1 Defining ITAM

Information Technology Asset Management (ITAM) is the strategic management of IT-related assets throughout their lifecycles and is compiled of several best practice and business practices.

Figure 1. The ITAM lifecycle

ITAM is a set of business practices aligning financial, contractual and inventory areas to support the strategic decisions for the IT environment.

Figure 2. Positioning of ITAM

In the IT Asset Management ECO system, the best practice process framework closest to IT Asset Management (ITAM) is IT Service Management (ITSM: i.e. ITIL® & ISO/IEC 20000).

1.1.2 The purpose and objectives of ITAM

The four key objectives of IT Asset Management are value creation, alignment, leadership and assurance.

Benefits

The benefits of Information Technology Asset Management are:

◾ Improving the efficiency of existing resources;

◾ Financial management of IT assets;

◾ Information security;

◾ Compliance with legislation, regulations and standards;

◾ Creating awareness of IT business and strategy;

◾ Enable knowledge and decision making based on up-to-date information;

◾ Goals, motivations and drivers of in- and external stakeholders.

ITAM stakeholders: who needs to be involved?

For ITAM to become successful it is key to involve stakeholders across the organization, and on all levels. Examples of ITAM stakeholders are: business and IT management, legal and commercial, procurement, the financial department, IT operations and ‘last but not least’ end-users. Creating awareness and sharing knowledge with all stakeholders is indispensable. There also needs to be a good balance between the IT asset strategy and the needs of the organization. ITAM helps to overcome typical issues, such as having no long-time planning causing unnecessary expenses.

Figure 3. ITAM ECO system stakeholder map

Apart from all internal stakeholders mentioned above there are also various external stakeholders. Modern organizations are not isolated from the world. Apart from the obvious ones such as vendors and customers we also need to consider (local) government (general legislation) and governmental authorities governing all kinds of regulations. Furthermore, society has expectations with regard of the environment and social entrepreneurship. Figure 3 provides a concise map of stakeholders.

The ‘Bermuda Triangle’ of ITAM

In the section above we have seen that cooperation between stakeholders is a crucial aspect of ITAM. Another one is maintaining a balance between Requests, Purchasing and Deployment of assets. In ITAM this is called the ‘Bermuda Triangle’. The three areas mentioned here are governed by different departments or stakeholders, each with their own objectives and needs. When ITAM does not control the interaction between the three, a nasty storm may start brewing within the organization and ‘sink’ the ITAM ship

Table 1. Stakeholder roles and responsibilities (summary)

Stakeholder

Focus areas

Society

Legislation, regulations, directives, environment

Board of directors / corporate governance

Owners/shareholders, strategy/mission/vision, long term business planning, business value, financial, corporate governance

Management

Budgets/specific financial goals, implementation of strategy, process governance

Finance/purchase

Planning and controls of costs, budgets, financial forecasts, day-to-day financial processes, contacts negotiations and agreements

Legal

Legal management of contracts, ensuring adherence to regulations and directives, management of IPR

End-users

Users of IT and other business resources who wish to realize business goals and value. These stakeholders demand more from IT than in the past; e.g. Unified Communications And Collaboration (UCAC) and Bring Your Own Device (BYOD)

IT

IT strategy and planning, IT process management, IT service portfolio

Customers

Requirements: Privacy and data protection, user friendly solutions, value-for-money, service support

Partners

Data sharing, information security

Vendors/distributors

Sales of (supporting) solutions

Publishers

Copyright, licensing, IPR

Figure 4. The ITAM ‘Bermuda Triangle’

Different instruments can help ITAM to maintain control such as: a predefined IT catalogue, service portfolios, a well-maintained CMDB to ensure new introductions do not negatively affect the existing infrastructure, purchasing policies and procedures, management of licenses, etc.

◾ 1.2 STANDARDS AND BEST PRACTICES

Figure 5. ITAM best practices

1.2.1 ITAM best practices and related international standards

ISO/IEC 19770 family

Information technology - Software asset management & IT asset management.

Parts of the 19770 family:

◾ 19770-1: Processes and Tiered Assessment of Conformance; establishes a baseline for an integrated set of processes for Software Asset Management (SAM), divided into tiers to allow for implementing them and achieving recognition.

◾ 19770-2: Software Identification Tag; establishes specifications for tagging software to optimize its identification and management.

◾ 19770-3: Software Entitlement Tag; establishes a set of terms and definitions which may be used when discussing software entitlements (an important part of software licenses). It also provides specifications for a transport format which enables the digital encapsulation of software entitlements, including associated metrics and their management.

◾ 19770-5: Introduction and Vocabulary; provides an overview of the ISO/IEC 19770 family of standards, an introduction to IT asset management (ITAM) and software asset management (SAM), a brief description of the foundation principles and approaches on which SAM is based, and consistent terms and definitions for use throughout the ISO/IEC 19770 family of standards.

Other parts are presently under construction, and ISO.org has also launched a self-assessment tool for software asset management. (Source: ISO.org)

ISO 55000

Asset management - Overview, principles and terminology.

◾ ISO 55000 is the first set of International Standards for Asset Management.

◾ Enables an organization to achieve its objectives through an efficient, consistent and sustainable management of its assets.

◾ Provides an overview of asset management, its principles and terminology, and the expected benefits from adopting asset management.

IT Service Management (ITSM) best practice ITIL

◾ The most widely accepted approach to IT service management in the world.

◾ Provides a cohesive set of best practices, drawn from the public and private sectors internationally.

◾ Aligns IT services with the needs of business through a set of practices each covering an area of the service management lifecycle.

◾ Allows the organization to establish a baseline from which it can plan, implement and measure.

ISO/IEC 20000

ITIL is mapped in ISO/IEC 20000. This ISO standard recognizes the way that ITIL can be used to meet the requirements set out for the ISO/IEC 20000 certification and the interdependent nature with ITIL.