Is the lack of ITSM and ITAM alignment causing application sprawl?

Urban sprawl

I’ve written before about the negative consequences of the lack of industry alignment between ITIL-focused ITSM functions, and the IT Asset Management groups which typically evolved somewhat separately.

A recent CapGemini study of CIOs and IT decision makers concisely illustrated one impact this is having:

  • 48% believe their business has more applications than it needs (up from 34% over the previous three years).
  • Only 37% percent believe the majority of their applications are mission critical.
  • 70% believe at least a fifth of their company’s applications share similar functionality and could be consolidated.

The majority believe a fifth of those applications should be retired or replaced.

This shows a very strong consensus amongst IT leaders: IT is spending too much money and time on too many applications, with too much overlap. And in the rapidly evolving application landscape, this impact is by no means limited to traditional on-premise software: Skyhigh’s 2013 study on cloud service adoption found that enterprise respondents used, on average, well over 500 cloud services (the largest number of services found in one organisation was an eye-watering 1769).[Update for Q1 2015: SkyHigh now put the average at over 900]

If we want to remain serious about understanding the business services our IT organizations are managing, overseeing and underpinning, surely we can’t lose track of key assets like this?

How can IT possibly aim to control this sprawl, understand its impact, pinpoint its risks and and remove its vulnerabilities, if there is no unified overseeing function? Who is tracking which users are entitled to which services? Who ensures that users are equipped with the right services, and who removes their access once they leave, to ensure both data security and cost control? Who can identify the impact on key services if an application is removed or consolidated?

Concerningly, this does not appear to be high on the agenda in ITSM discussions. We still see two separate threads in the conference ecosystem: ITSM conferences rarely address asset management. Asset management conferences talk about suppliers and infrastructure without putting them in the context of the services they underpin. My own role involves product management of an ITAM system which is part of an ITSM suite, so I attend both sets of conferences, see both parallel tracks, and experience nagging concerns in each case that the other side of the picture is overlooked.

Recent initiatives such as the Pink Think Tank 14 are, welcomely, addressing in increased detail the multi-sourced, multi-vendor evolution of IT service delivery, but there still does not appear to be a detailed focus on the actual assets and software being supplied by those vendors.  That’s a gap. Those vendors fill the IT environment with assets, from physical kit through software services to less tangible “assets” like critical people with vital knowledge.  All those things cost money. They may have contractual associations. We may need to know, very quickly, who owns and supports them. And if a supplier is replaced, we need to know what they might take with them.

The harsh reality, as clearly shown by CapGemini’s study, is that CIOs and leaders are asking questions about consolidation that will require a detailed, holistic understanding of what we are actually spending money on, and why it is there.

Tomorrow’s Future Today 2014: The End of IT’s Monopoly on Trust

Tomorrow's Future Today logo

On 17th February 2014 I presented at the Tomorrow’s Future Today 24-hour online conference. The presentation explored the impact of Uber, TripAdvisor, Yelp and other consumer-oriented services on established (and legacy) “providers of trust such as guidebooks, regulators and establishments. In this context, it discussed the lessons corporate IT can learn from these huge trends.

You can view a recorded presentation, and my slides, here:

It was a real joy to be involved with this conference: it is a tremendous and free resource for the IT and technology field, with some great contributors.

Yale Shuts Down Student Course Selection Tool on Grounds of “Malice”

Yaleblock

Hot on the heels of my recent “Alf’s Zoo” on Trust, here’s a fine example of the phenomenon.

Yale College has blocked a website which two of its students had created.  The students, brothers Peter and Harry Yu, had created an alternative version of the prestigious institution’s own course planning tool.  “We found that it was really hard to find and compare courses when we first arrived at Yale”, one of the brothers told the media. Yale students are given tremendous flexibility to choose classes, and hence the brothers identified a key frustration with the official solution: a lack of adequate comparison data.  Their tool added students’ course evaluation ratings to the class listings – a feature which proved immensely popular.

The university’s response was heavy handed to say the least. After quibbling with the students about their product’s original name (a derivation of the official platform’s own title), they went a step further and blocked the site on campus. Students attempting to access the site were confronted instead with a Yale-branded screen, purportedly “to help guard against malicious activity on Yale networks”.

But the brothers’ product, far from being a tool of malice, is a great example of a new generation of tools and technologies aimed at making consumers of services more informed… at least to its target audience.  The university sees it differently, using one of its monopolistic powers (its complete control over its own network) to assert its sole control of the course selection process. Yale initially justified its actions on the basis that it had not permitted its course evaluation data to be used in this way. That would be a plausible (if mean-spirited) explanation, if the news had not subsequently emerged that another student-derived tool, a light-hearted random course selector, had also been blocked on the grounds of malice.

Of course Yale are far from alone in behaving like this.

Alf’s Zoo – The Erosion of IT Trust

“Alf’s Zoo – This week, Jon Hall explains how Uber has changed our view of IT and the world. We no longer trust authorities as much as we trust our peers when it comes to selecting tools and services for work and life. Instead of prescriptive measures issued by so-called experts, we now rely heavily on peer-assisted selections, where we rate the vendor – and the vendor rates us. Imagine what customer reviews have done to online shopping, and ask yourself what IT can do to earn back some of the trust from its stakeholders. Jon provides one of the few concrete examples of how the consumerization of IT impact the business”

Are enterprise Software License Audits costing businesses over $4bn per year?

KMPG survey responses about revenue derived from software audits

I blogged yesterday about the recently released KPMG survey of the software compliance industry.

One very interesting graph breaks down the percentage revenue derived by software vendors from their compliance programs:

KMPG survey responses about revenue derived from software audits

The overall survey is framed as follows:

(KPMG) surveyed 31 software companies representing more than 50 percent of the revenue in the software industry, where enterprise software revenue is expected to total $301 billion in 2013 (Gartner). 

If we take just 50% of that total US $301 billion enterprise software market (to represent – conservatively – the market share of the 31 companies that responded), and extrapolate from the mid-points of the buckets in the diagram (e.g. take “2% to less than 4%” as 3%), then we get an estimated figure for the total revenue derived from compliance programs of $3.99 billion.

That, of course, assumes an even distribution of software company sizes across each of the response levels.  That’s not a sound assumption, but it could push the figure higher as well as lower.   This also discounts the remainder of the enterprise market that did not respond to the survey, or were not surveyed, which could add an unknown amount to the figure.  Additionally, the figure above uses a value of 10% for the “10% or more” bucket – in reality this is likely to sit somewhere over 10%, but we have no data to indicate by how much.

What seems safe to say is that response to compliance enforcement is costing enterprise software consumers billions of dollars, and there is a good chance that the overall figure will be in excess of US $4 billion.

It has been difficult, to date, to estimate a reliable market size for the Software Asset Management market (not least because it is difficult to define: how much of the market is already accounted for in estimates for technologies such as discovery and the IT Asset respository?).  However, if the damage caused by a lack of control is already counted in the billions, this suggests a significant addressable market.

Even a modest 5% estimate for the market value of saved compliance penalties would suggest an overall market of $200 million for preventative SAM alone, and this is before we consider the value of optimization rather than threat reduction.

This fascinating KPMG survey reveals the software license auditor’s viewpoint

KPMG survey front cover - "Is unlicensed software hurting your bottom line"

Software licensing audits are a big challenge for IT departments.  65% of respondents to a 2012 Gartner survey reported that they had been audited by at least one software vendor in the past 12 months, a figure which has been on a steady upward trajectory for a number of years.

Often, companies being audited for software compliance will actually deal, at the front-line, with a 3rd party audit provider. One of the big names in this niche is KPMG, whose freely-downloadable November 2013 report, “Is unlicensed software hurting your bottom line?”, provides a very interesting window into the software compliance business.

The report details the results of a survey conducted between February and April 2013, with respondents made up “31 software companies representing more than 50 percent of the revenue in the software industry”.

Revenue is driving software audits

The survey results show, rather conclusively, a belief in the business value of tackling non-compliance:

  • 52% of companies felt that their losses through unlicensed use of software amounted to more than 10% of their revenue.
  • Almost 90% reported that their compliance program is a source of revenue. For about a tenth, it makes up more than 10% of their overall software revenue.  For roughly half, it is at least 4%.

Compliance audits are increasingly seen as a sales process

  • In more than half of responding organisations, the software compliance function is part of Sales. This is reported as being up from 1 in 3, in an equivalent 2007 survey.
  • In 2007, 47% of compliance teams were part of the Finance department. This figure has plummeted to just 13%.

This shift is not universal, and some companies seem committed to a non-Sales model for their compliance team.  A compliance team member from one major software vendor talked to me about the benefit of this to his role: He can tell the customer he is completely independent of the sales function, and is paid no commission or bonus based on audit findings.  Many other vendors, however, structure audits as a fully-commissioned role.  As the survey points out:

  • Only 20% of companies pay no commission to any individuals involved in the compliance process.
  • In 59% of cases, the commission structure used is the same as the normal sales commission program.

There is further indication of the role of sales in the audit process, in the answers to the question on “settlement philosophy”.  More than half of the respondents reported a preference for using audit findings as leverage in a “forward-looking sales approach”, rather than wanting to seek an immediate financial settlement.

Almost half of vendors select audit targets based on profiling

The biggest single selection reason for a compliance review was nomination by the sales account team (53%), with previous account history in close second place (50%).

Interestingly, however, 47% reported selecting customers for review based on “Data analytics suggesting higher risk of non-compliance”, with 7% stating that random selection is used.  It seems that audits are still a strong likelihood regardless of an organisation’s actual compliance management.

Auditors prefer their own proprietary tools to customers’ SAM tools

There seems to be a distinct lack of regard for Software Asset Management tools. 42% of respondents seek to use their own discovery scripts in the audit process. Only 26% of the vendors stated that they use customers’ SAM tools, and remarkably this is down from 29% in 2007, when one might expect few SAM tools would have been found on customer sites anyway.

This echoes the experience of a number of customers with whom I have previously spoken, and it can be a real source of annoyance. How, some argue, is it fair that license models are so complex that it takes a secretive proprietary script, only available to the auditor, to perform a definitive deployment count?

Other observations

  • Software tagging has not been widely adopted: Less than half of respondents do it, or have plans to do so.
  • SaaS reduces the role of the software auditor. Only 15% reported any compliance issues, and more than half don’t even look for them.
  • Few companies seek to build protection against overdeployment into their software. From conversations I have had, most seem to want to encourage wide distribution. Some desktop software was deliberately released in a manner that has encouraged wide, almost viral distribution. In at least one case, an acquisition by a larger company has been the trigger for a significant and aggressive audit program, targeting almost every large company on the assumption that the software is likely to be found there.

Conclusions?

It is very clear from the survey results that many large software vendors have established their compliance program as a significant revenue generator, and with a significant shift of these functions into the sales department, we can probably assume that there is a broad intent to maintain or even grow this role.

Whether this is even compatible with a more collaborate model of software compliance management is highly questionable: the business case for the status quo seems very sound, from the vendor’s point of view.  With so many vendors only trusting the discovery scripts used by their auditors, the situation for customers is nearly impossible: how can they verify compliance if the only counting tool is in the hand of the vendor?

The light at the end of the tunnel for many customer may be SaaS:  SaaS software tends to be more self-policing, and consumption models are often simpler. However, it brings its own challenges: zombie accounts, decentralised purchasing, and a new set of inconsistent consumption models. Meanwhile, hosted software does not go away.

The Zombie Apocalypse: an IT Asset Manager’s Survival Guide

Zombie Response Van

Zombie Response Van

IT Asset Management is not a profession commonly associated with the undead peril.  Little do their colleagues know, that the beleaguered ITAM specialist faces an ever-increasing horde of mysterious, shambling, moaning zombies.

Here, we detail some of the most common zombie types, and tell you how to spot them…

 

1) The Iron Zombie

Physical zombie server. Trip hazard, vermin house, dust collector...

This increasingly rare zombie species is nevertheless still found in forgotten corners of IT offices, blinking its faded LEDs in sinister fashion, and blowing dust out of its 3.5″ disk drive.

In its laptop variant, this is where your Visio licenses go to die.

Typical Habitats:

  • The footwell under sysadmins’ desks.
  • Corners of network switch rooms.
  • Third drawer down in the filing cabinet (laptop subspecies)

Hazards:

  • Ancient support contracts.
  • Last resting place for expensive developer tool licenses.
  • Heat output overwhelming air conditioning.
  • Incoming malware easily able to overcome unpatched 8 year old Operating System
  • Support or lease payments for an expensive paperweight
  • Broken toes.
  • Mice.

Ways to find them:

  • Trip over them.
  • Follow the sound of dust-clogged fan bearings.
  • Invite a software license auditor into the building.
  • Physical audit of technical office locations.

2) Virtual Zombies

Zombie virtual machiene. You can't photograph these, so here's a diagram.

This modern zombie species is increasingly prevalent, both on-site and off.  As well as simply being untidy, they can have all manner of impacts on the business: one forgotten major-vendor database instance, for example, can suddenly make every processor core on the entire physical backend entirely licenseable (including backdated support. At full list price. Scared yet?).

Gartner analyst Philip Dawson, at the Gartner Datacenter Summit in London, in November 2013, stated that 40% of VMs are over 3 years old, with 20% at least 5 years old.

Typical Habitats:

  • The company virtual farm.
  • Amazon Web Services.

Hazards:

  • Invisibility (or frustratingly visible opacity).
  • Tendency to be service critical without anyone realising. If you turn it off, who is going to scream?
  • You know all that careful capacity optimization you did on the server farm?
  • You can’t patch what you can’t see.

Ways to find them:

  • Invite a software license auditor onto the company network with their own discovery scripts.  This may be expensive.
  • Trawl credit card records for Amazon spend.
  • Agentless discovery, preferably with good quality application and dependency mapping.

3) Bring-Your-Own-Zombie

Bring your own zombie will eat your MDM licenses.

A recently discovered zombie species, the Bring Your Own Zombie is typically created when a user acquires a shiny new device, and either forgets or declines to deregister the old one.  It’s early days for BYOD, of course, so stats are hard to come by, but Amtel estimate a 10% rate of zombification for mobile devices. Okay, they’re an MDM vendor, but even at half that rate, a company with 10,000 BYOD refreshing hardware on a two year cycle will build up up a zombie army of a thousand devices over the next four years. That’s a lot of risky data, and a five- or six- figure excess MDM spend.

With many Mobile Device Management applications being paid for on a per-device subscription basis, the gradual buildup of BYODZ’s can steadily increase your bills, to no actual benefit.  And what of the device itself?  With no clean deregistration, and cleansing of corporate data, your data can become very viral, very quickly.

Typical Habitats:

  • Odd drawers in employees’ houses.
  • Ebay.

Hazards:

  • Will eat your MDM licenses.
  • Software Auditor: “So you’re licensing this software by device? Excellent, can I just take a look at your list of registered tablets and smartphones?”.
  • Never underestimate the corporate-data bandwidth of a padded envelope.

Ways to find them:

  • Amnesty.
  • Ask Joe in Accounting if he’s really still using a Nokia N85.

4) Zombie.bat

Zombie script file

This broad category of zombie includes all scripts, undocumented file imports, complex spreadsheets, mysterious VBA code, and the like, that get created in a productive afternoon by a sysadmin, intern or helpful hobbyist, and which embed themselves into nondescript but rather important tasks like starting up the directory server, or producing billable timesheet reports.
Gartner, at their 2013 Datacenter Summit, expressed a concern in one keynote that undocumented code is on the rise even as IT departments look increasingly to industrialise infrastructure.

Typical Habitats:

  • The finance department. In fact, any department.
  • Microsoft Access.
  • Arcane startup scripts on important servers.

Hazards:

  • Easy to create, difficult to support.
  • Undocumented, unattributed, unseen.

Ways to find them:

  • Have a major outage, trace it back to a six year old Perl script.
  • Wait for a call to the Helpdesk about the important and complicated Excel sales spreadsheet that was written by an intern several years ago, and which has broken.
  • Work with sysadmins to catalog critical code, and preferably built it into a solid CMDB with critical service dependencies

The serious points

Zombie assets are a genuine and growing issue. At best, the problem means that the return on investment in IT infrastructure is not what it should be. With IT budgets squeezed and the increasing demand on CIOs to run their functions as an effective business unit, this is an unnecessary impact on the bottom line, arising directly from IT Assets.  IT Asset Managers should never ignore that.

Additionally, there are plenty of additional circumstances where a lack of control over assets at the end of their lifecycle can lead to unforseen and even dramatic negative consequences:

  • Zombie hardware may still be under support contract.  Leased hardware, if not returned, can incur significant penalties and additional costs.
  • Uncontrolled end-of-life can mean uncontrolled disposal, with the associated risks of data loss, environmental damage and penalty, and negative publicity events arising from either.
  • The relative ease of deploying VMs in the datacenter inevitably risks sprawl.  Datacenters end up “fragmented” in the same way that a PC’s hard drive can, with pockets of unused capacity walled off around badly optimised server images.  “Lost” VMs in particular are a big threat: even if you can’t find them, a hacker or a software auditor might be able to.

What can be done?

At the 2013 Garter IT Financial, Procurement and Asset Management summit, research VP Patricia Adams recommended an “Action Plan for IT Asset Managers”.

  • From “next Monday”, Adams advised, IT Asset Managers should ensure their team is part of the process for staging a VM, focusing on collection of data prior to deployment (as this is easier than doing it reactively.
  • In the “next 90 days”, define an end of life process for virtual applications, and ensure that data on assets and software is accurate.

A recent CIO Asia guest article recommends adopting the ecological principle of “Reduce, Re-use, Recycle” in managing VMs.  Reduction, in this case, by controlling the VM request process and ensuring that each request receives appropriate review and authorisation. Re-use, through control of unused VMs, e.g. by archiving permanently or temporarily, to allow their underpinning architecture to be repurposed. Recycling, by identifying and releasing stranded capacity, where other bottlenecks in the system mean that resources sit unused.

Emerging challenges like BYOD sprawl need new initiatives to reduce risk. Last week I attended a seminar held by members of the software compliance industry (in other words, auditors), and BYOD was a headline presentation topic. Compliance teams are establishing ways to audit these devices, so software consumers need to develop processes to keep them in check.

If Asset Management is accountable for the optimised use of IT assets, then the IT Asset Manager needs to consider their own accountability, even where these functions are directly controlled by other teams.  Get involved, work cross functionally, and ensure that the risks are communicated clearly and vigorously.

Photo credits:
Zombie Response Van: Author’s own photo. The van belongs to Zed Events who hold “Zombie Apocalypse” events in a disused shopping centre in my home town of Reading, UK. I’ve not been, but it looks awesome, and I imagine it’s actually very good practice for the IT Asset Manager faced with a particularly gnarly, uncontrolled Amazon account.
Iron Zombie: From Flickr, used/modified under Creative Commons license, thanks to Vinny Malek.
Virtual Zombie: Author’s own diagram.
Bring-Your-Own-Zombie: From Flickr, used/modified under Creative Commons license, thanks to magic_quote
Zombie.bat: From Flickr, used/modified under Creative Commons license, thanks to *n3wjack’s world in pixels.

Some initial thoughts on the Service Management Congress

Having gone away on paternity leave for a few weeks (I’m writing this with a sleeping four-week-old stretched along my lap), I initially missed the fuss that came out of the Service Management Fusion13 conference. On returning, an acquaintance in the UK ITSM sector emailed me and suggested I take a look at the Service Management Congress website, and its bold rallying call:

SMCallAction

That’s quite a lot to take in between sleep-deprived nappy changes, so I’m grateful that he also pointed me to some useful and interesting context from prominent ITSM consultant, podcaster and blogger Barclay Rae:

What I didn’t expect was to be involved in a ‘revolution’, but that happened too…
Over the week – and with the support of the organisers – a number of meetings were held with a cross-section of ITSM people who wanted to see change happen and to do something about it – now. A few people were initially invited and others like me simply joined as part of the conversation . The sessions were originally set up with the intention of discussing how to improve or develop the role of the itSMF (especially in the US) – which (with the exception of some great chapters in northern Europe and elsewhere) is perceived to be flagging. The discussion moved on from that to a bigger and more fundamental view of how to fix the industry – perhaps idealistic but certainly with positive intent.

A post on the SM Congress website itself, entitled  “Background on the Group Formerly Known as RevNet“, detailed the terms of referene that had been given to the core, invited group who had drawn up this fledgeling manifesto:

* To challenge our community of service management professionals to look at things differently and to embrace the future
* To challenge us (itSMF USA, and to a lesser degree, the entire itSMF international community) to improve and stay relevant
* To challenge themselves and explore what should come out of this group – what should come next

This is interesting – a brief to look at things with “a fresh set of eyes”, equivalent in part to the spin-out group described in Clayton M. Chrisiansen’s “The Innovator’s Dilemma”, assembled as an independent, fresh entity to avoid the challenge of responding to disruptive influences from an established, mature and successful market position.

Companies that have tried to develop new capabilities within established organizational units also have a spotty track record, unfortunately. Assembling a beefed-up set of resources as a means of challenging what an organization can do is relatively straightforward… Too often, however, resources such as these are then plugged into fundamentally unchanged processes, and little change results…

A separate organization is required when the mainstream organization’s values would render it incapable of focusing resources on the innovation project.

I’ve signed the pledge. I think the intentions seem very honourable, and the problems identified by the group are real, if somewhat loosely stated. Many of the principles seem spot-on: it’s certainly my view that too much of the information that should help us to drive our industry is hidden behind paywalls and accreditation schemes when it should really be a public resource.  My views aren’t fully formed, but nor by its own acknowledgement are those of the Service Management Congress itself.   It doesn’t seem self-evident to me that this structure will work, but it seems a good thing to explore and develop.  At this stage, I have a few key hopes:

I hope that a broad set of ITSM people are able to feel “ownership”: The initial signers and many of the follow-up pledgers are pretty familiar names within the industry: high-profile bloggers, tweeters, and presenters. It’s an impressive set of names, but we do need to bear in mind Rob England’s astute observation that “there are over two million people with an ITIL certificate. I guess quite a few of them are ITSM practitioners in one form or another – even if they wouldn’t call themselves that – let’s say a million. So a few thousand have read the SMcongress stuff and a few hundred have put their names on it“.  If this is perceived, even if very unfairly, as a talking shop for some “usual suspects”, it won’t get near any critical mass.

I hope we remember that ITSM doesn’t suck!:  There is plenty of room for improvement, but we have great people in this sector, and we’ve build something effective and successful. It needs to grow, and adapt, but that doesn’t mean everything thus far is a mistake.

I hope the approach is outside-in: This is not an “iPad” moment, where (to paraphrase Steve Jobs) we are creating something our customers didn’t even know they wanted. Great practice will come from real life, and there’s plenty of it out there. We can’t design it from scratch in a meeting room. Anyway, I’m a Product Manager, so I have to say this.

I hope that its ideas are genuinely transformative, but I don’t think it needs to create a revolution: ITSM is a mature framework in a rapidly shifting environment. Is ITIL adapting quickly enough to remain a dependent and definitive standard? There’s obviously doubts and concerns about that.

My own view is that our customers have become comfortable and familiar with a set of tools and practices and interactions provided by their consumer technology that has set the bar much higher in terms of their expectations for the workplace. Upstart providers like Uber, who I have written about previously, have taken century-old customer interactions and transformed them to the extent that traditional providers face disruption out of their markets.  Internet-enabled cloud services have taken aspects of technology that were completely within IT’s domain, and offered them to anyone with a credit card.  This presents both a danger of irrelevance, and a gulf in governance, and ITSM needs to address those issues urgently.

If our established frameworks can’t do that quickly enough, we need a rapid innovation.  But is it realistic to change everything? It feels more pragmatic, initially, to find some great ideas that can fold back into the broader ITSM discipline, bringing genuine improvements without trying to eat the whole elephant in one go.  Our stakeholders, to whom this transformation ultimately has to be sold, won’t accept a message that says “everything changes right now”

I hope that we don’t just do this:
XKCD cartoon -
(see also: camel/horse/committee)

I’m looking forward to engaging, and I’m looking forward to watching things develop. It’ll be interesting to revist this subject in a month or so.

itSMF UK and the mysterious case of the missing Asset Managers

logo of the ITSM13 conference

Something is bothering me.

When I first looked at the agenda for the 2013 itSMF UK conference in November, what stood out for me was a glaring omission: where is the IT Asset Management content?

First, let me state: It’s a really good agenda, full of really interesting speakers, and I will certainly aim to be there. I’ve been privileged to work in the the UK ITSM sector for the thick end of two decades, and many of the names on the agenda are people i feel lucky to have worked and interacted with.

If you can, you should definitely go.

However, the lack of any ITAM focus, across more than 40 presentation sessions, is strange. If we want to understand our business services, we have to have a grasp on the assets underpinning them. The nearest this agenda appears to get to that is an interesting looking session on Supplier Management – important, but only part of the picture, and again, something that doesn’t really work without a good knowledge of what we are actually buying.

It took ITIL a while to come to the realisation that an asset is relevant in more ways than being just a depreciating item on a balance sheet, but version 3 finally got there, and then some:

“Service Asset”, according to ITIL v3: Any Capability or Resource of a Service Provider. Resource (ITILv3): [Service Strategy] A generic term that includes IT Infrastructure, people, money or anything else that might help to deliver an IT Service. Resources are considered to be Assets of an Organization Capability (ITIL v3): [Service Strategy] The ability of an Organization, person, Process, Application, Configuration Item or IT Service to carry out an Activity. Capabilities are intangible Assets of an Organization.”

So… we consider our service-underpinning capabilities and resources to be our assets, but we don’t discuss managing those assets at the premier conference about managing the services? More importantly, we offer nothing to its increasingly important practitioners?

As long as ITAM is only discussed at ITAM conferences, and ITSM keeps up the habit of excluding it (this isn’t universal, mind: this presentation by Scott Shaw at Fusion 13 seems to hit the perfect message), then we risk looking disjointed and ineffective to CIOs who depend on the complete picture. To me, that’s pretty worrying.

(Footnote: I did submit a speaker proposal, but this isn’t about my proposal specifically – I’m sure lots of proposals couldn’t make the list)