Mstricker

Avoid the IT Asset Management Trap

Blog Post created by Mstricker Employee on Dec 6, 2016

In the IT world, the terms "IT Asset Management" is inherently confusing.   This is because when you say "IT Asset Management" you might mean:

I want to manage my IT assets from an accounting perspective -- what assets do I own?  When was the last inventory, and what was the gap between my records of assets I own and the assets found by the inventory?  Do I know the location and status of the assets?

OR I might mean:

I want to manage my IT assets from a governance perspective -- I want to make sure the IT assets (desktops, servers, etc.) have a common configuration, meet my basic security policies, and have a standard set of software for each type of asset.  A better name for this than "asset management" is "systems management"

OR I might mean:

I want to manage my IT assets from a service perspective - I want to make sure my business critical applications are up and running, I want to make sure we have recorded their current configuration and relationships, and I want to make sure to detect any changes to their configuration that might affect their function or availability.  A better name for this is "configuration management"

So there are three different domains:  IT Asset Management (ownership of IT assets), Systems Management (governance of IT assets) and Service Management (governance of Services/Applications, part of which is Configuration Management/CMDB).

All of these separate domains are called IT Asset Management in some circles and in some contexts, which leads not only to confusion, but often to the deployment of inappropriate software solutions.

For example, many shops confuse a Configuration Management Database (CMDB) with an asset repository.  A hardware asset repository should have only physical items that have been purchased in it; but a CMDB might have a Configuration Item (CIs)representing a virtual server, or a service, or a process; and the CMDB should only contain CIs that support a service or application.  Yet over and over again, as a participant in this field, I see requests that the CMDB include everything that we can discover on the network.

To add to the confusion, the three systems have overlapping data.  For instance, a particular server might be an it asset under financial control, a system with a need to comply with software, security, and configuration policies, and a component of an application or service.  So from a data perspective, it makes sense for these systems to share data, but that unfortunately leads to a blurring of the lines between the domains.

Here's a typical breakdown of the data divisions between these domains.

asset-system-configuration-management

 

The terminology of "IT Asset Management", the partially shared data, and the structure of some of the available solutions make confusion between these 3 domains pretty predictable; organizations can fight against this kind of confusion by clearly distinguishing between the 3 different goals being met and the groups who are responsible for those goals.  But this is easier said than done in most organizations.

To avoid this trap:

Assign a person or a team to handle Financial IT Asset Management.  They will need to coordinate with your purchasing department and their records of IT purchases.  They will to coordinate with your systems operations department and their records of discovered and managed computer systems.  They will need access to a software solution which can compare those two records, and record lifecycle information about each computer system such as make, model, location, and status.  This person or team is responsible for accounting for each IT asset that is purchased by the organization.

AND...

Assign a person or a team to handle Systems IT Asset Management.  In order to govern systems from a policy standpoint they will need to coordinate with the security team for security policies, the operations team for standard configuration policies, and the software distribution team for required/allowed software, patching, and reporting.  They will need access to a software solution to support these activities, as well as discovering computer systems on the network. This person or team is responsible for ensuring that systems on the network conform to a host of policies.

AND...

Assign a person or a team to handle Configuration and Service Asset Management.  They will need to coordinate with the application team, the release management team, and the change management team to model the authorized configurations of new applications and services as they come online and through their lifecycle.  They will need access to a software solution that captures the authorized configurations and relationships between the components that support the application or service.  The software solution should also be able to discover the configurations and relationships of the components (such as web servers, database servers, and application servers) and compare the discovered configuration with the authorized configuration and identify gaps. This person or team is responsible for governing the configuration of important applications or services in order to minimize downtime, outages, and operational errors.

This can be done, but it requires discipline.  Does your organization have it?

 

#Service Management #Configuration Management #ITAM #IT Asset Management #Systems Management #CA Client Automation

Outcomes