Navigate Software Asset Management for your organization’s benefits

In my last post I wrote about license management, the second of four processes critical to Software Asset Management (SAM). In today’s post, I will talk about internal policies and guidelines related to SAM.


It’s well known that SAM is needed to apply good corporate governance to a company’s software assets. It may be common sense when related to assets critical to business operation but it is also increasingly being reinforced by vendor audits and regulatory compliance requirements. There are also internal policies and guidelines that protect the company’s interests. These policies ensure that the organization is neither over-compliant not under-compliant, because both situations cost money and the latter can damage the organization’s reputation.


It may look overwhelming to have the objective of possessing and only use the software the organization needs. This is especially true if we take into the consideration that the company can be very large, it can have decentralized purchase practices and management of licenses and it is very difficult to control who downloads and installs various types of software (personal software, shareware, freeware, evaluation copies). Internal policies should be in place to define rules and guidelines that every employee or contractor has to follow and be accountable for when it comes to ordering, purchasing, installing, using and managing software and its licenses.


Navigate SAM

Some of the common policies related to software licenses include:


  • No software is to be installed or used without being properly licensed. It is a violation against copyright and intellectual property laws to use un-licensed software. This policy requires certain competencies in managing software in virtualized environments. The policy also means that when downloading “free” software,  a  full understanding of the small print attached to the license that defines the free-period and the automatic liabilities afterwards is required.


  • Company will pay for the software it uses. This puts a lot of pressure on departments to understand what they purchase, purchase conditions and the consequences of using software in quantities beyond the number licensed.


  • Company must not pay more than it owes for software licenses. This really assumes very accurate tracking and management of purchased licenses in a central repository. It also implies the responsible and wise usage software licenses by every employee or contractor.


  • Only certain software and from certain vendors may be ordered, purchased and used. Typically most organizations have software and technical standards in place—as well as preferred vendors. However, as the organizations mature, they expand or change the list of “allowed” software and evaluate new vendors.  New initiatives, which these days almost always involve IT, will likely include the roll-out of new or changed software applications. The key with this policy type, is to ensure that only software which is in best interest of company is purchased and actually used.


  • There is defined ownership, roles and responsibilities for enforcement, administration and non-compliance. SAM teams must document software, install base, track and manage license purchase and maintenance contracts and regularly assess  the delta between used and purchased licenses and take the appropriate actions.


  • There is clear software guidance. There is guidance on what can be used by people with specific rolls or functions and what activities these individuals can perform (for example can a user install or upgrade the software). One of our customers has a policy that says if software is not in use for 90 days then the licenses will be harvested for re-use or retirement. Automated SAM solutions are able to detect and report when users access software they are not entitled to use per internal policy, perform the non-allowed actions (install, upgrade, copy software) or allow software to remain inactive for a specific time period.


Internal policies and guidelines define many more processes such as how to request and procure software. This includes: what business justification is needed, where to track the requests for new or enhanced software and what the software procurement approval process is. Technical policies related to SAM will give the guidance on how to back-up the software, install it in high-availability systems, development and test environment.


It is a common mistake to assume that the software can be installed on multiple machines because of backup/HA/test needs. In my previous blog post, I wrote that software license is a contract between vendor and a customer. Because of this, terms and conditions need to define when additional licenses are required and when they are not. SAM policies also need to address the machine retirement and license re-harvesting.


While license agreements take care of the vendor’s intellectual property and revenue, SAM internal policies and guidelines need to ensure the needs of your organization are met as well. You need to use properly licensed software that satisfies your business needs while keeping the costs and risk as low as possible.


In my next post I will discuss the compliance management process.


Vesna Soraic

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Showing results for 
Search instead for 
Do you mean 
About the Author
Vesna is the senior product marketing manager at HP Software. She has been with HP for 13 years in R&D, product management and product marke...

Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.