Many will know this as the running of IT Service Desks through well-established frameworks such as ITIL®. However, a growing number of sub-disciplines are emerging that support the business in maximising the efficiency of their IT operation, actively tying it to the strategic aims of the organisation and stripping out any IT expenditure that doesn’t deliver a return.  

IT Asset Management is a specialist area within IT Service Management that seeks to maximise the return on investment of IT Assets and manage the associated risks – whether financial, contractual, regulatory, operational -or risks which may impact the security of information assets.

A relatively new IT discipline, ITAM is developing as a body of good practice with initiatives such as IAITAM’s best practice library, and the ISO 19770 Software Asset Management Standard; gradually building a theoretical framework that can be related to other IT frameworks and standards such as ITIL, ISO20000, COBIT, and ISO27000.

At its core, IT Asset Management seeks to understand some basic questions about an organisation’s IT Assets: what assets do we own, where are they, and how are they being used? The answers support decision making across the entire IT Organisation, even for relatively simple questions such as “when do we upgrade our laptops?", and “what could we standardise?”

The organisational benefits seen in businesses practising ITAM are manifold. Knowing the answers to these basic questions allows organisations to closely monitor the use of virtual and physical assets, ensuring the confidentiality, integrity and availability of the information stored or accessed through those assets. This insight facilitates contractual compliance; particularly critical in today’s economic environment where vendor penalties can run into six and even seven figures. Avoidance of such penalties is not the only financial upside to ITAM; tight asset lifecycle management maximises return on investment and optimises purchase and usage costs. It plays a central role in supporting efforts to standardise and rationalise IT estates, improving both economies of scope through reduced support costs, and economies of scale.

The foundation of all IT Asset Management is accurate data and therefore the core of any ITAM function consists of skilled analysts with a deep understanding of how to manage and maintain data sets. As organisations grow and ITAM matures, the emphasis shifts to utilising the data available to maximise the return on investment of IT Assets, and also, particularly with regards to software, managing the significant risks associated with IT Assets.

Managing these issues requires significant business skills including an understanding of the nature of risk and how it should be managed and escalated, stakeholder management skills, the ability to define and identify a technology strategy to support the function, vendor management and financial management capabilities.

The development of IT Asset Management as a profession is following a similar trajectory as Information Security, same trajectory as Information Security, with the gradual codification of good practice, and recognition of the need for practitioners to constantly revisit their professional development to meet the demands of an ever changing risk environment that, like Information Security, deals with the most challenging of risks to manage – those with a low priority but high impact.