Measuring ITAM Performance and Success – the Key Metrics
“I love a good session on ITAM metrics!” said no one ever.
But here’s the thing – IT asset management (ITAM) is such a wide-ranging and granular corporate IT management and governance, risk, and compliance (GRC) capability that (there’s no choice) your organization must have some appropriate ITAM metrics to stay on track.
A good ITAM capability (for your organization) can mean the difference between significant cost savings versus audit failures and settlement fees. So, it’s in everyone’s interest to ensure ITAM activities, and results, stay on track.
In this blog, I want to take a look at some of the key things to measure, i.e. fit-for-purpose metrics, when looking at the overall health of your ITAM capabilities.
You can thank me later J
Hardware ITAM Metrics
When running ITAM at an enterprise level, it’s important to remember to track hardware assets as well as software licenses. All too often the hardware side of things can be neglected only for costs to increase and then, come year-end time, questions being asked about IT asset costs spiraling.
Here are some appropriate ITAM metrics to consider that will help to keep your hardware estate management on track:
- The average cost of a workstation – plus, what does your standard PC look like? Is it a desktop? A laptop?
- The average cost of server hardware – plus, what does your data center estate look like? Purely WinTel? What about Linux or other OS-based servers?
- The average cost of core network hardware – plus, what does your core network look like? Network services is an area that many organizations struggle with in terms of technical debt, so is your network equipment being maintained in line with industry best practices?
Software ITAM Metrics
When building software-related metrics into your ITAM capabilities, always start as if you were being audited (by a software vendor) tomorrow. Ask yourself: What are the key things the auditors would ask me?
Software-related ITAM measurements to consider could include:
- The total number of software assets, and those “under management,” to give you the scale of your software environment.
- The total number of licenses needed to ensure that you have the correct number of licenses in place for your production environments.
- The total instances of installed software – to enable you to prepare for audits. Auditors will always ask to see proof of software installations of software versus licenses purchased.
- The total number of available licenses – do you have enough licenses in place to meet demand?
- The ratio of used to purchased license – is there a threshold alert so that the appropriate action can be taken when the limit is approached?
- The average number of different versions deployed of each application. Not all licenses cover all software versions, so ensure that you have the right licensing in place to meet your obligations to the software vendor.
Operational ITAM Metrics
In addition to purely hardware- and software-driven metrics, your organization will also need some operational reports to help keep everything under control.
Examples of operational metrics include:
- The percentage of active devices for which current hardware and software inventory is available and in use, i.e. what percentage of your environment is live and under the control of ITAM?
- The percentage of devices found on the network that are not recognized as known assets – it’s an important thing to measure when managing risk. Then, how will you manage these items?
- The percentage of devices found active on the network that have a non-active status, for example assets that have been retired and/or are pending disposal.
- The percentage of assets with no recorded location or owner – you will need to trigger a task or process-step that investigates ownership and/or to redeploy these assets.
The number of assets that are assigned to people who have left the organization – this is so they can be collected (if needed) and redeployed effectively. Also, investigate if there’s an IT service desk process for dealing with employee leavers, so that there’s no duplication of effort – or cracks and holes for assets to disappear down!
Best Practice ITAM Metrics Need to Look Beyond “The Physical”
ITAM isn’t just purely about managing hardware and software assets. It’s also about assets in the cloud and virtualized environments – it’s ultimately about all the building blocks that make up your IT landscape. And of course, there’s the cost-side of what IT assets cost and how this can be optimized.
When looking to manage ITAM efficiencies look at:
- Asset depreciation rates and how they are performing over time.
- The total cost of ownership (TCO).
- The assets maintained by third-party partners – please be sure to have a process for how licensing is managed and how to deal with exceptions. Remember that, even if you outsource an aspect of your IT services, it doesn’t negate your accountability for licensing compliance.
- Keep tabs on unauthorized or non-corporate IT assets – with bring your own device (BYOD) and Shadow IT it’s more challenging than ever to maintain control of your IT estate. By being able to flag up exceptions or non-corporate assets you’ll be able to investigate and either grant access or notify the person why that asset can’t be used safely within your environment.
- The assets linked to incidents and problems so that you can assist other teams in understanding the overall health of your infrastructure.
- Audit history – both findings and any fines paid historically to give you a better idea of risk levels.
- The usage levels for cloud services, including software-as-a-service (SaaS) – to identify whether this usage merits the monthly costs.
- The percentage of virtual machines on your estate as well as ownership details.
- The percentage of virtual machines for which physical host information is not known.
- The percentage of devices covered by your ITAM tool – plus, how will you manage exceptions? Will manual checks be enough?
- The percentage of new software installs going through the service desk via request fulfillment so that you can ensure that requests are going through the appropriate channels.
By applying appropriate measurements (and metrics) to your ITAM capabilities, your organization should be able to see, at a glance, what is going well and what needs to be improved on – driving greater efficiencies and opportunities for continual service improvement (CSI).
How do you measure ITAM health in your organization? Is there anything you would add to this list? Please let me know in the comments!
Posted by Joe the IT Guy