Running Your SAM Department – a response.

This post is prompted by a thought provoking article posted in The ITAM Review.  To quickly summarise, the author proposes 6 steps to get started on the SAM road, focussing your SAM efforts at delivering results fast, hence providing quick and good satisfaction.

The six proposed steps are:

1. Key Vendor Compliance – An ongoing view of compliance against your most important vendors
2. Accurate Asset Database – Maintain an accurate database of all company IT assets.
3. Software Reclaim – The proactive practice of removing unused software
4. Vendor Consolidation – Identifying feature or vendor overlap and removing redundancy
5. Software Catalogue – A dynamic portfolio of applications aligned to user requirements
6. Software Request System – The ability to fulfill new software requests in an automated fashion

ISO 19770-1 and Running Your SAM Department

I like the simple step approach, I’d be further inclined to re-dress the steps in line with ISO 19770-1 once that is re-published with the tiered approach to SAM, always assuming the republication follows along the lines of the 2010 consultative document.

Four tiers of Software Asset Management were proposed, with the intention of allowing companies to demonstrate quickly compliance with the standard, which then provides a roadmap to improved process.

ISO 19770 is expanded and commented upon at the very useful and informative, which is where the following tier definitions can be found.

The four tiers in the 2010 consultative document were :
Tier 1: Trustworthy Data – Knowing what you have so you can manage it.
Tier 2: Practical Management – Improving management controls and driving immediate benefits
Tier 3: Operational Integration – Improving effeciency and effectiveness
Tier 4: Full ISO/IEC SAM conformance – Acheiving best-in-class strategic SAM.

My response and comment

My take on the 6 steps from ITAM Review, compared and contrasted in line with the ISO 19970-1 tiers, is thus:
Tier 1 Trustworthy Data – akin to step 2 Accurate Asset Database. Step 1 Key Vendor Management flows from this, I would say, rather than placing Key Vendor Management first.

I would suggest that you can’t manage your vendor, until you know what your vendor is really providing you with, and what you’re using. This information stems from having accurate information in some form of database. Improving the accuracy of this database will be an ever present goal, since things can move very quickly in the software implementation and installation world.

Tier 2 Practical Management – similar to step 3 Software Reclaim – this is correct and good, and means we’re immediately producing results that will further justify fuller provision of a SAM service.

Please note I include the word service here – the whole point of you undertaking SAM for your company is that results will be delivered that will do all three of
– improve your company’s bottom line, by not needing to over purchase extra unneeded software tools
– reduce risk exposure of incorrect asset management (important in today’s litigious age), and
– increase opportunities for work portability (if you know where a tool is used, and where there are spare licenses, work can be moved to other people with the tools, and if necessary spare tools can be provided

Tier 3 Operational Integration – this is pretty much an expansion on Tier 2, as such lines up with Step3 Software Reclaim (expanding to more tools) and Step 4 Vendor Consolidation.

Once you’ve embedded SAM process, you have the basics in place for providing a decent service. By now you’ll be starting to recognise duplication of tool capabilities, and will be wanting to select single tools for certain tasks. This has proved contentious in some areas of my organisation when I’ve attempted this, and can lead to religious wars between vendor-preferring camps. I’ve avoided this in the most part through logic, persuasion and empathy – not always successfully!. I would say a last resort is to use a “company mandate”, this relies on positional authority, and means you’ve lost the war, let alone an individual battle.

Tier 4 Full ISO/IEC SAM conformance is more of the same, yet the way this pans out will be extremely hard to achieve; take a look at the current ISO19770-1 standard (2006) – Tier 4 is essentially being compliant with all of the current standard, which has proved pretty impractical in most cases, even though this is a desire for all of us involved with Software Asset Management. I’d say that Steps 3 and 4 again apply here, only now you’re expanding this across every single tool and vendor you have, aiming for 100% coverage. That’s one of my criticisms of the majority of SAM comments, particularly from vendors, that 100% is required to avoid audit. This is pretty much impossible, though 100% for any one vendor can be practical, for a moment in time.

The ITAM review article Steps 5 Software Catalogue and 6 Software Request System go above and beyond the Tiers provisioned for in the revised ISO 19770-1, yet these are absolutely essential in providing a decent service to your company, namely your internal customers. Again, you’re doing SAM because maybe your company has been audited and doesn’t want the expense and hassle again, or they want to preclude an audit to avoid the expense and hassle. Rather than just “ticking the box” that you can demonstrate you’re in control of your assets, steps 5 & 6 turn that around into truer service provision, thereby increasing your value to yourself, your colleagues, and your company.

Posted in SAM | Tagged , , , , | Leave a comment

CIO Competencies & Use In Real Life

Back in 2005, Gartner proposed 25 Competencies for Information professionals, that I rediscovered through this HBS article and have restated here:

Technical (T) Business (B) Behavioral (H)
T1 Understanding existing systems and technology
T2 Designing and developing applications
T3 Applying procedures, tools, and methods
T4 Integrating systems
T5 Designing technical architecture
T6 Understanding emerging technologies
B1 Understanding business practices and approaches
B2 Understanding business organization, politics, and culture
B3 Behaving commercially
B4 Understanding and analyzing the cornpetitive situation
B5 Managing projects
B6 Managing change In the business from IT applications
B7 Planning, prioritizing, and administering work
B8 Communicating listening and gathering information
B9 Focusing on customers
H1 Leading, inspiring, and building trust
H2 Thinking creatively and innovating
H3 Focusing on results
H4 Thinking strategically
H5 Coaching, delegating and developing
H6 Building relationships and teamwork
H7 Influencing and persuading
H8 Principled negotiating
H9 Resolving conflicts and problems
H10 Being adaptable

These are copyright 2005 Gartner (sorry Gartner, Google doesn’t love you enough for me to find them on your website to link to).

While they might not be “new”, they do provide an interesting take on the multi-faceted character needed to thrive and lead in an Information World.  I like to use things like this as a measure of how I’m doing, keeps me on top of what I should be doing, and also reminds me what I shouldn’t be doing ;-).

Something that does strike me as odd is that some of them could be seen to be slightly incompatible with each other – for example all the latest thinking and writing is focussed on providing a business lead, Information shapes the future of the business, and we need to understand our business and those factors that affect it, in order to derive the best Information needs.

To this extent, for an information professional, one would expect the Technical (T) factors, particularly the middle three (T2, T3, T4) to be delegated away, such that the focus can be on:

  •  T1 to understand where the business is at now (using B1 & B2), and
  • T6 to identify what can help business move forward (using B4, B6, (B5), B8 & B9).

Only then can T5 become an option, which is where the Behavioural factors can step in.  To that extent, rather than being a list, perhaps these could be restated as a dependancy network.  Perhaps I’ll try at some point.

What I find cute, is that I’m often using a lot of these competencies in real life outside the work environment.  How often are we in a situation, in the heat of the moment, when a cause to remember some of these enables us to find a new tack and resolve stuff. 

I’m naturally strong at H6, building relationships & teamwork, which puts me at odds with a lot of my “isolationist” mates – in essence, we all want to belong to something, even if that something is to be seen as isolationist.  This is where I find considering the influence, persuasion and inspirational aspects important.

Its even better when others do this for you – I was recently selected for a panel, where the key characteristic offered about me when I asked “why was I recommended?” was my integrity and fairness.  Job done (at least in that ambassadors eyes!)

Posted in Business, Leadership, Tim Personal | Leave a comment

The Weakest Link

I have a hobbyist interest in computer and electronic security, so I found this article by the BBC intriguing, Hackers crack open mobile network.

Aside from the attention-grabbing headline, what is most apparent to me about this is that a single weak link (in this case a readily available and crackable mobile handset) has led to the previously very hard to read base station signals being intercepted.

While the Chaos Computer Club members have demonstrated this in faith that operators will do something about it, the basic feature that a low cost entry point has been used as a lever to force a breakage in to a high value system shows yet another failure due to a lack of systems thinking. 

That such system failures are available is demonstrative that we still have a long way to come in understanding a systematic way of producing properly protected product.

Some might jump onto the “blame Motorola” wagon for the initial crack that allowed the door to be opened.  I’m just hoping we can learn from this to make all our system security less reliant on that these weak links are and will be present.

Posted in security | Tagged , , | Leave a comment

Software Asset Management (SAM) System Requirements


In this post, I specifically look at one item that’s been in my focus for a few months now, especially the past week, namely Software Asset Management environments and tools, with a particular focus on requirements.


I’m enthused by possibility and opportunity at the moment.  One of my major responsibilities is Software Asset Management (SAM), of which much can be written about. I’m under the impression that what I’ve been doing has been haphazard and mediocre, holding together an enterprise wide view of our software estate through spreadsheets, purchase data from our ERP system, our SAM discovery tool, and a specialist in-house tool that is used to manage IT hardware (which we call ISAD)


To question my haphardness, I’ve recently been brave enough to answer some surveys based on what I do, and have been surprised at myself when quizzed that what I do (which still seems haphazard and time consuming) is really not that bad a practice, compared with some of the options given to survey responses. The problem with answering surveys of course is that you don’t see the full results, and hence one’s own opinion can be skewed if one assumes that others’ will answer less positively.

Detailed Requirements for SAM

The reason for highlighting this to myself is to aid research options for a commercial tool to handle my SAM needs with a little more intelligence and less manual effort.  The reason for my opportunistic optimism is that we are in the formation of a low-level requirement specification, and I met up yesterday with our IT manager (and current ISAD system owner) to obtain a joined up worldview of our combined requirement.

I cast my mind back to this ComputerWeekly opinion piece some time ago, about IT and business merging (and I managed to find again), specifically the 5 simple rules:

  • Don’t give the users what they want
  • Listen to what the users want
  • Try to figure out what they really need
  • Persuade them what they need is really what they want
  • Then, give them something even better.


The conversation with our IT manager was very much about seeking to understand his needs, and seek agreement on where our needs meet. Before I came along to manage our business software tools, he managed most software in ISAD, so that element is specific to their working methodolgy, which does not mirror that of mine.

Next step is to seek out service providers (internal and external) who can help me turn these requirements into some form of reality and, as David Chan suggests above, “give ourselves something even better.”

Posted in SAM | Leave a comment

Losing the “Englishness”

It’s been a weekend of leavings and startings, at work and in the wider Church. In this post I take a look at how we do things in work and church, and can we learn cross-over lessons?

On Friday, our VP Marketing left for new pastures, to be CEO of another company in the Finmeccanica group.  We had the customary collection and card, and the “you’re leaving” presentation, lasting about 10 minutes. Drinks then offered in the local social club (we have ours opposite the site entrance) where we can gather and natter about everything and nothing – very nice.

Contrast this, then, with where I’ve just come from this afternoon – Yeovil Family Church. I was invited over by Andy (and wife Sue), a long standing friend, who was being “introduced” to the church, as the previous leader (Jeff and wife Lori) is moving into a new church planting situation in Taunton.

This is something where we in the business world could really learn a thing or two.  Church life is all about relationships, and while I didn’t know Jeff and Lori, I felt totally welcomed as a stranger amongst friends. (I am ignoring the obvious focus on faith within church life here, and purely looking at the relationship side of life)

To divert a bit to set a scene, we had a talk from one of the regional leaders, followed by a half hour-ish goodbye ceremony consisting of prayer from the leadership team and the congregation; children in the church presented gifts, there was a brief video, then a finger buffet laid on by the church community.

It was obvious that Jeff and Lori are held in high regard by the people they are leaving behind, and there was a “proper” hand over of that emotion and affection.  Now some would say there is no room for that in business, yet it is these types of small differences that can really enthuse people (and hence motivate).

When we work for a living (generalistically), we choose where to work initially based on what the job is and what the pay is.  We generally stay because of the people we end up working with.  A good team, a good boss, and interesting enough work, we’re likely to stay irrespective of the financial compensation (as long as the basics are covered – see RSA Animate’s Drive).

What was obvious from the church this afternoon was that highly regarded people do move on, and how that is handled can motivate the rest by showing how they are regarded.  What can we learn in the business world to enthuse people and motivate them; Clue: it’s not in when people leave, its in the small things during their time with us.

I perceive that American company owners have some good style – books like Bill Fromm’s 10 Commandments Of Business… or the current Autumn 2010 series of Undercover Boss (set in America) – immediate managers can be interested enough in their workers to invite them home for a meal and to meet the family – I’d heard this before of Americans…

Perhaps we just need to lose our “Englishness”, let our normally separated work and home lives merge together to a small extent.  This is a lesson where church can show business a thing or two – taking a fairly active interest in each others’ lives, looking to do good to each other, rather than at best disinterest, and at worst belittlement.

Posted in Business Church crossover, Leadership | Leave a comment

Mashing Up The Enterprise

In this post, I take a look at the Inverted Pyramid Organisational structure, and how I see it being applied within my business context.

I’m often watching Military History programmes, though I’ve not been in the Armed Forces. One of the overriding principles that I have picked up is that chains of command are prevalent. 

In business (or other organisations), we often rely on those same chains of command.  When I was briefly in a startup Neighbourhood Watch scheme about 4 months before I left Leicester as a graduate (in 1994), a complex organisation chart introduced me to this principle.

This was initially a typical “A” pyramid, with the Police head at the top, flowing down to regional and watch leaders, with the final volunteers at the bottom

Then one of the keys that held this together was turned on its head. The organisation chart was turned into a “V” model, with the Volounteers at the top. This was new to me then, although since espoused by many – The Visual World contains one of my favourite explanations.

This demonstrated to the Volunteers that they were the most important people to the Neighbourhood Watch scheme, and the various leaders and coordinators were merely there to enable the Neighbourhood Watch volunteers to do their jobs. 

In business, we suffer the same stagnation.  During my degree, we made a case study of Taylorism (or scientific management), which can be distilled into “Managers Think, Workers Do”.  Perhaps we suffer from this particularly in the UK.

A more postmodern principle (and one that I learnt from that early exposure in the Neighbourhood Watch) is that managers more often need to serve and enable their staff and workers, not think for them.

This is what I mean by mashing up the enterprise, and it’s a very hard pattern to learn. We need to link up and communicate with so many other members of the organisation, to enable collaboration and working together to efficiently happen.

Within SELEX, we recently held what we termed Working Together days, as part of our Culture Change programme.  Every employee (not just managers and leaders) was placed on an away day (we split the company up into 5 away days) and given a mix of short presentations, and “table discussions”.

What was abundantly apparent from the table discussions was how far we’ve come in collaborating and working together, mashing up our own enterprise in ways that had not before been instantiated.

I was really pleased to see this, since we are suffering from a lack of use of our formal collaboration tool as described here. 

We still have a formal structure, shown on the organisation charts as the typical “A” pyramid, however more and more we’re starting to see this getting turned into a “V” within individual teams.  I personally hope to do all I can to enable us to turn the full corner to become truly a collaborative enterprise.

Posted in Organisation | Leave a comment

Hello world!

OK, so I’ve started a blog. At about the same time as some of the bloggers I follow comment that blogging is dying as people sell out to blog behind firewalls and the like.

Well, I already blog behind my corporate firewall, so little chance of that happening…

I want this blog to be a little bit about me, about my passions and enthusiams, particularly in business and life. See more of both of these in my About… page.

In overview, I am a generalist – I have a general interest in things, in people, in ideas.  I’m a professional engineer (MIET), which while it doesn’t define me, does explain a lot about my outlook (well, according to my friends, anyway). For example, I was recently inspired by Richard Feynman’s collection of works: The Pleasure of Finding Things Out, and aspire to that sort of passion…

I’m also what I would term an internal Linchpin, in my work.  Those that work with me probably wouldn’t call me that, they’ve not caught up with Seth Godin.

I’m in a great job, at SELEX Communications UK, that more or less was created for me (although everytime I say that, something comes up to bite me). Therefore I am passionate about my work, and pour a lot of emotional energy into what I do 9-5 (well, we have flexible working hours, but you get the drift).

What do I do? I’m called the Engineering Systems Manager. It’s a bit hard to explain, however in addition to Software Asset Management, I’m an internal link between our engineers, our procurement people, and external suppliers, teasing out our requirements, then identifiying suppliers of software tools to help our people do things better. I keep an internal log of Preferred and Approved tools, deal with tool maintenance & support renewals, approve installations and manage a few virtual teams based on supporting said tools, and dealing internally with our Knowledge Management.

I’m also passionate about things in my non-work life – I volunteer for a few agencies: HopeFM (local live music show), Samaritan’s Purse (local driver, warehouse worker), Family Church Christchurch (I just serve), Swanage Railway (Signals & Telegraph team), others as they come up.

I’ve listed some key hobbies in my About… page, however I seem to have the hobby of collecting hobbies, and yet have failed to find a collective noun for said hobby – etymologists, please get in touch!

So, that’s me in about 400 words.

Posted in Tim Personal | 4 Comments