Conventional advice - What not to do?
Most advice from the SAM industry (publishers, the authorities, SAM solution providers, ITIL) follows the tool vendors' argument that all SAM should do the following:

Phase 1

  • Put a formal SAM project in place getting the buy in of all parties.
  • Invest in audit tools (if you haven't already got one) or sort out the one you have.
  • Create a licence position for all software.

Phase 2
  • Develop SAM processes in line with the findings from Phase 1

The problem with the conventional advice

If properly funded and supported the above plan can work, but make sure you have 1-2 years of nothing else to do and a massive budget.

Most projects of this kind never get past Phase 1 and are singularly unsuccessful, despite what the tool vendors might say.

The main issue is the over emphasis on the tools - more detail below.

The reason the industry wants you to approach it this way is so that you can identify a licence shortfall and purchase additional licences as soon as possible.

SAMsource advice
Get on with reducing your software costs immediately.  Your purchasing people can implement these steps today or over the next couple of weeks at most - What you should do

The same goes for mitigating risk.  These actions can be implemented without delay, thereby protecting your organisation from counterfeit software and the software authorities from now on - What you should do

Of course if you need to define a licence position for a particular publisher's products (because they are demanding an audit) then do so, but limit it to those specific products and finish the work as rapidly as possible - Reconciliation

If you can avoid implementing a tool then absolutely do so, at least until you have worked on developing some SAM controls.  The cost of putting these controls in place will be minute to the costs of implementing tools when chaos reigns.

The problem is simple.  If you have no controls in place, then effectively your software environment and software asset management will be in a state of chaos.

Managing chaos is very expensive and it causes high levels of inaccuracy when trying to manage it with tools.

The old rule is still valid, rubbish in rubbish out.

Until your organisation has sorted out the Fundamental and Essential controls, then all a tool will ever do is provide confused reporting on a chaotic situation.

The problem is that tool vendors ignore or paste over these cracks.

Time and time again we have been persuaded that it is much easier to solve your SAM issues by approaching the project in the following way....

The problem with tools?
We have seen many projects that focus too heavily on tools ending in disappointment where the customer is deeply frustrated.

Yes, tools should form an important part of a comprehensive SAM solution, but you need to understand where their deficiencies lie before investing in one - SAM tools

Not least, tools will only ever tell you what software is installed.  More and more software licensing is defined by user or device connections rather than what is installed, so for a large part of your software estate tools are totally useless.

So what do you need to do?
We have broken your 'to do' list down into four broad size defined groups - What you should do