For Software Asset Management (SAM) to prove successful within an organisation, it is important that roles and responsibilities are clearly defined and agreed and that the scope ownership of each of the processes is also defined and agreed.
These roles and responsibilities should, therefore, be adapted to fit the individual requirements of each organisation in accordance with its size nature, structure, culture and geographical distribution. In small organisations, one or two people will perform most of these roles.
Management Sponsor: It is important if SAM is to succeed within an organisation that sponsorship and commitment are obtained from senior managers both within the business and ICT. This will ensure that the visibility of SAM is maintained and that the organisational culture is developed to enable the SAM processes to succeed. It will enable sufficient budget and resources to be obtained. Management sponsorship and commitment must be maintained and not allowed to deteriorate.
Director with legal responsibility: SAM implementations progress to a successful conclusion more rapidly when the support and commitment of the director with the legal responsibility for software assets are clearly identified. Once identified, he/she can usually be convinced of the benefits and need for SAM throughout the organisations.
Configuration Manager: This is the person with overall responsibility for the configuration management process, as defined in ITIL terminology. This includes much of the scope of SAM. In an ITIL-compliant organisation, the individuals responsible for IT Asset Management and SAM might report to the Configuration Manager.
IT Asset Manager: This individual should be responsible for the management of all IT assets within an organisation. He/she would have overall responsibility for establishing and maintaining the IT Asset Manager. It is essential if the responsibilities are separated that common processes and a common database are shared between the two roles. In some organisations, this role is often merged with that of the SAM Process Owner.
Software Asset Management: This is the person with responsibility for the management of all software assets within an organisation. This is a subset of the overall responsibility of the IT Asset Manager. It is essential if the responsibilities are separated that common process and a common database are shared between the two roles. In some organisations, this role often merged with that of the SAM Process Owner.
SAM Process Owner: In some organisations, responsibility for the overall effectiveness and efficiency of SAM processes rests with the SAM Process Owner. This role is basically responsible for ensuring a continual process of improvement is applied to all SAM processes.
Asset Analysts of Configuration Librarians: These are responsible for maintaining up-to-date (and historical) records of IT assets including software version control.
Auditors (Internal and External): Responsible for reviewing and auditing the SAM processes for efficiency effectiveness and compliance.
Procurement Management: Responsible for all aspects of the procurement process within ICT infrastructure, including all changes.
Legal Advice/Council: Responsible for the provision of legal advice and guidance, contractual issues and legal matters.
Change Manager: Ensures that an effective Change Management process is in place to control all changes within the ICT infrastructure, including all changes to the software.
SAM Consultants: Provides advice and guidance on all aspects of SAM best practice.
Automation Analyst: Responsible for the implementation, configuring and tailoring of tools to automate processes wherever it is cost-effective.
Service Desk Manager: Although this role is not strictly part of the SAM process, it is a vital one. The Service Desk Manager has a responsibility to ensure that all contacts with the Service Desks that uncover instances of unauthorised or unapproved software should be reported to the SAM exception processes as soon as possible for review and resolution.
Security Manager: This role is not strictly a part of the SAM processes but it has a crucial part to play. For example, the security Manager should help ensure that all software is maintained at the recommended security ‘patch level’ so that security exposures from the use of software are minimised.