Upload
sai-global-apac
View
214
Download
0
Embed Size (px)
Citation preview
7/31/2019 As NZS ISO IEC 19770.1-2007 Information Technology - Software Asset Management Processes
1/8
AS/NZS ISO/IEC 19770.1:2007ISO/IEC 19770-1:2006
Australian/New Zealand Standard
Information technologySoftware assetmanagement
Part 1: Processes
AS/NZS
ISO/IEC19770.1:2007
7/31/2019 As NZS ISO IEC 19770.1-2007 Information Technology - Software Asset Management Processes
2/8
AS/NZS ISO/IEC 19770.1:2007
This Joint Australian/New Zealand Standard was prepared by Joint TechnicalCommittee IT-015, Software and Systems Engineering. It was approved on behalfof the Council of Standards Australia on 3 November 2006 and on behalf of theCouncil of Standards New Zealand on 17 November 2006.This Standard was published on 17 January 2007.
The following are represented on Commit tee IT-015:
Australian Computer Society
Australian Electrical and Electronic Manufacturers Association
Australian Information Industry Association
Australian Society for Technical Communication, NSW
Australian Software Metrics Association
Engineers Australia/ACS Joint Board in Software Engineering
Griffith University
National Association of Testing Authorities AustraliaNational ICT Austral ia
New Zealand Organisation for Quality
Software Quality Association (ACT)
Software Quality Association, NSW
Systems Engineering Society of Australia
Telstra Corporation
The University of Queensland
University of Auckland, NZ
University of South Australia
University of Technology, Sydney
Vendor Interests New Zealand
Keeping Standards up-to-date
Standards are living documents which reflect progress in science, technology andsystems. To maintain their currency, all Standards are periodically reviewed, andnew editions are published. Between editions, amendments may be issued.Standards may also be withdrawn. It is important that readers assure themselvesthey are using a current Standard, which should include any amendments whichmay have been published since the Standard was purchased.
Detailed information about joint Australian/New Zealand Standards can be found byvisiting the Standards Web Shop at www.standards.com.au or Standards New
Zealand web site at www.standards.co.nz and looking up the relevant Standard inthe on-line catalogue.
Alternatively, both organizations publish an annual printed Catalogue with fulldetails of all current Standards. For more frequent listings or notification ofrevisions, amendments and withdrawals, Standards Australia and Standards NewZealand offer a number of update options. For information about these services,users should contact their respective national Standards organization.
We also welcome suggestions for improvement in our Standards, and especiallyencourage readers to notify us immediately of any apparent inaccuracies orambiguities. Please address your comments to the Chief Executive of eitherStandards Australia or Standards New Zealand at the address shown on the backcover.
This Standard was issued in draft form for comment as DR 06489.
7/31/2019 As NZS ISO IEC 19770.1-2007 Information Technology - Software Asset Management Processes
3/8
AS/NZS ISO/IEC 19770.1:2007
Australian/New Zealand StandardInformation technologySoftware assetmanagement
Part 1: Processes
COPYRIGHT
Standards Australia/Standards New Zealand
All rights are reserved. No part of this work may be reproduced or copied in any form or byany means, electronic or mechanical, including photocopying, without the written
permission of the publisher.
Jointly published by Standards Australia, GPO Box 476, Sydney, NSW 2001 and Standards
New Zealand, Private Bag 2439, Wellington 6020
ISBN 0 7337 7971 9
First published as AS/NZS ISO/IEC 19770.1:2007.
7/31/2019 As NZS ISO IEC 19770.1-2007 Information Technology - Software Asset Management Processes
4/8
ii
PREFACE
This Standard was prepared by the Joint Standards Australia/Standards New Zealand CommitteeIT-015, Software and Systems Engineering.
The objective of this Standard is to establish a baseline for an integrated set of processes for
Software Asset Management (SAM).
This Standard is identical with, and has been reproduced from ISO/IEC 19770-1:2006,
Information technologySoftware asset managementPart 1: Processes.
As this Standard is reproduced from an international standard, the following applies:
(a) Its number appears on the cover and title page while the international standard number
appears only on the cover
(b) In the source text this part of ISO/IEC 19770 should read this Australian/New ZealandStandard.
(c) A full point substitutes for a comma when referring to a decimal marker.
References to International Standards should be replaced by references to Australian or
Australian/New Zealand Standards, as follows:
Reference to International Standard Australian/New Zealand Standard
ISO/IEC AS
8018 ICT service management20000 Information technologyService
management 8018.1 Part 1: Specification for service
management
7/31/2019 As NZS ISO IEC 19770.1-2007 Information Technology - Software Asset Management Processes
5/8
ii i
CONTENTS
Page
1 Scope ..................................................................................................................................................... 11.1 Purpose.................................................................................................................................................. 11.2 Field of application ............................................................................................................................... 11.3 Limitations............................................................................................................................................. 22 Conformance......................................................................................................................................... 32.1 Intended usage...................................................................................................................................... 32.2 Full conformance .................................................................................................................................. 32.3 Agreement compliance ........................................................................................................................ 33 Terms and definitions........................................................................................................................... 34 SAM processes ..................................................................................................................................... 54.1 General................................................................................................................................................... 54.2 Control environment for SAM.............................................................................................................. 64.3 Planning and implementation processes for SAM.......................................................................... 104.4 Inventory processes for SAM ............................................................................................................ 124.5 Verification and compliance processes for SAM ............................................................................ 154.6 Operations management processes and interfaces for SAM ........................................................ 174.7 Life cycle process interfaces for SAM.............................................................................................. 20
7/31/2019 As NZS ISO IEC 19770.1-2007 Information Technology - Software Asset Management Processes
6/8
iv
INTRODUCTION
This part of ISO/IEC 19770 has been developed to enable an organization to prove that it is performingSoftware Asset Management (SAM) to a standard sufficient to satisfy corporate governance requirements andensure effective support for IT service management overall. This part of ISO/IEC 19770 is intended to alignclosely to, and to support, ISO/IEC 20000. Good practice in SAM should result in the following types ofbenefits, and certifiable good practice should allow management and other organizations to place reliance onthe adequacy of these processes, and the expected benefits should be achieved with a high degree ofconfidence:
a) Risk management: SAM should facilitate the management of business risks including:
1) risk of interruption to IT services;
2) risk of deterioration in the quality of IT services;
3) legal and regulatory exposure;
4) risk of damage to public image arising from any of the above.
b) Cost control: SAM should facilitate cost control including in the following areas:
1) reduced direct costs of software and related assets, such as by negotiating better pricing throughimproved use of volume contracting arrangements, and by avoiding purchasing new licenses whenold ones can be redeployed;
2) reduced time and cost for negotiating with suppliers because of better information availability;
3) reduced costs through improved financial control, such as through better invoice reconciliation andmore accurate forecasting and budgeting;
4) reduced infrastructure costs for managing software and related assets, by ensuring that requiredprocesses are efficient and effective;
5) reduced support costs which are significantly affected by the quality of SAM processes, both directlywithin IT and indirectly within end-user areas.
c) Competitive advantage: SAM should help the organization gain competitive advantage through thefollowing:
1) better quality decision making because of more complete and more transparent informationavailability (for example, IT procurement and system development decisions may be made morequickly and more reliably with better quality data);
2) being able to deploy new systems and functionality more quickly and reliably in response to marketopportunities or demands;
3) providing IT which is more closely aligned to business needs, thus ensuring that all users haveaccess to appropriate software and applications;
4) being able to handle the IT aspects of business acquisitions, mergers or demergers more quickly;
5) better personnel motivation and client satisfaction through having less IT problems.
7/31/2019 As NZS ISO IEC 19770.1-2007 Information Technology - Software Asset Management Processes
7/8
AUSTRALIAN/NEW ZEALAND STANDARD
Information technology Software asset management
Part 1:Processes
1 Scope
1.1 Purpose
This part of ISO/IEC 19770 establishes a baseline for an integrated set of processes for Software AssetManagement (SAM).
1.2 Field of application
This part of ISO/IEC 19770 applies to SAM processes and can be implemented by organizations to achieveimmediate benefits. ISO/IEC 19770-2 provides a specification for SAM data, which requires implementation bysoftware manufacturers (external and internal) and by tool developers for its full benefits to be achieved.
It is intended that this part of ISO/IEC 19770 be an implementation standard for organizations. Future editionsmay provide an assessment framework that is aligned to the requirements in ISO/IEC15504-2.
This part of ISO/IEC 19770 applies to all organizations of any size or sector. This part of ISO/IEC 19770 canonly be applied to a legal entity, or to parts of a single legal entity.
NOTE The definition of organizational scope is documented as part of the Corporate governance process for SAM.
This part of ISO/IEC 19770 may be applied to an organization which has outsourced SAM processes, with theresponsibility for demonstrating conformance always remaining with the outsourcing organization.
This part of ISO/IEC 19770 can be applied to all software and related assets, regardless of the nature of thesoftware. For example, it can be applied to executable software (such as application programs, operatingsystems and utility programs) and to non-executable software (such as fonts, graphics, audio and videorecordings, templates, dictionaries, documents and data).
NOTE The definition of software asset scope (software types to be included within the scope) is documented as partof the SAM Plan developed in the Planning for SAMprocess. It may be defined in any way considered appropriate by theorganization, such as for all software, for all program software, for all software on specific platforms, or for the software ofspecified manufacturers, as long as it is unambiguous.
The following forms of software assets are within the scope of this part of ISO/IEC 19770:
a) software use rights, reflected by full ownership (as for in-house developed software) and licenses (as formost externally sourced software, whether commercial or open-source);
b) software for use, which contains the intellectual property value of software (including original softwareprovided by software manufacturers and developers, software builds, and software as installed andexecuted); and
c) media holding copies of software for use.
COPYRIGHT
7/31/2019 As NZS ISO IEC 19770.1-2007 Information Technology - Software Asset Management Processes
8/8
This is a free preview. Purchase the entire publication at the link below:
Looking for additional Standards? Visit SAI Global Infostore
Subscribe to ourFree Newsletters about Australian Standards in Legislation; ISO, IEC, BSI and more
Do you need to Manage Standards Collections Online?
Learn about LexConnect, All Jurisdictions, Standards referenced in Australian legislation
Do you want to know when a Standard has changed?
Want to become an SAI Global Standards Sales Affiliate?
Learn about other SAI Global Services:
LOGICOM Military Parts and Supplier DatabaseMetals Infobase Database of Metal Grades, Standards and Manufacturers
Materials Infobase Database of Materials, Standards and Suppliers
Database of European Law, CELEX and Court Decisions
Need to speak with a Customer Service Representative - Contact Us
AS/NZS ISO/IEC 19770.1:2007, Informationtechnology - Software asset managementProcesses
http://infostore.saiglobal.com/store?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Newsletters/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Collections/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Law/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/StandardsWatch/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Affiliate/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/LOGICOM/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/LOGICOM/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/Metals/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/Materials/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/European-Law/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://infostore.saiglobal.com/store/getpage.aspx?path=/InformationServices/shop/pages/ContactingUs.htm&utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://infostore.saiglobal.com/store/Details.aspx?ProductId=394788&utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://infostore.saiglobal.com/store/getpage.aspx?path=/InformationServices/shop/pages/ContactingUs.htm&utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/European-Law/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/Materials/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/Metals/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/LOGICOM/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Affiliate/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/StandardsWatch/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Law/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Collections/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Newsletters/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://infostore.saiglobal.com/store?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSites