Embed Size (px)
DESCRIPTION
IT Service Delivery And Support Week Five. IT Auditing and Cyber Security Spring 2014 Instructor: Liang Yao (MBA MS CIA CISA CISSP). Software License Management. Potential Benefits Challenges Steps to SLM Elements of SLM Solution Effective Software Asset Repository Emerging issues - PowerPoint PPT Presentation
Citation preview
IT Service Delivery And Support
Week Five
IT Auditing and Cyber SecuritySpring 2014
Instructor: Liang Yao (MBA MS CIA CISA CISSP)
1
Potential Benefits Challenges Steps to SLM Elements of SLM Solution Effective Software Asset Repository Emerging issues Software license audit program
Software License Management
Prevent illegal use of software Reduce software purchase costs Leverage exiting software license investments more
effectively Reduce software maintenance costs Identify potential security risks Reduce risk associate planned changes Reduce incidents associated with unapproved software
conflicts Increase supportability of the environment Improved internal cost allocation based on actual usage
Potential Benefits
Array of licensing models and definitions Identification of installed software Use of browsers and generic clients Comply with the agreement Leverage of the software asset repository Audit and coverage Lock down User resistance Entitlement chains
Challenges
Define policy Develop and public policies and procedure Purchasing policy Vendor management IT service management tools to support SLM Model standard Software Asset Repository and Data collection Review process Review contract agreement Reconciliation Correction/remediation plan User education
Steps to SLM
Archive initial license compliance status Proactive monitoring Identify license errors Reporting Periodical review Communication Channel Projection Disposal procedure
Steps to SLM (Cont.)
Discovery tool Usage monitoring tool Software Asset Repository tool Software Deployment tool
Elements of SLM Solution
License lifecycle support Contract management Discovered vs. authorized reconciliation Proactive management of license Inventory management Cost tracking Request management and self service Purchasing Reporting solution Integration with other systems
Effective Software Asset Repository
Effective IT Asset Management License Maintenance Compliance/Reputational/Legal Risk Do-it-early Than Later (expiration and renew)
SLM Audit Concerns
Policies and Procedures Inventory Maintenance
Verify Assets Records Regularly Inventory After M&A Tools for Software Licensing Tracking
Procurement/sourcing Centralized Procurement
Software license agreement
Recommendations
ISACA Sample Software License Audit Program
Audit Program
Microsoft Word 97 - 2003 Document
