As a software asset manager or ITAM leader, the worst thing that can happen (aside from a cyberattack) is when your department is blamed for an un-budgeted audit penalty that you were hired to prevent. I’m here to tell you (you probably already know this) – it’s not your fault.
When I first became an asset manager, the majority of my time was spent creating reports (on-demand) for management – then being grilled when my reports didn’t match the auditor’s reports, which was most of the time.
It was obvious that all my certifications and training had not prepared me to solve the real world problems I encountered in my day to day work. I had theoretical knowledge but I needed practical knowledge. Aside from more time-consuming and costly certifications, my quest to find answers came up dry.
Suddenly it hit me. What if I shifted my perception to view ITAM through a data and analytics lens? Could I spot changes in our computing environment that I would otherwise miss with the current CMDB configuration? How could I show I resolved these knowledge gaps so the auditors couldn’t use them against me? It worked!
Finally, I could defend my reports because I knew – without a shadow of a doubt – that they were right!
My early experiments developed into a methodology which I call the “Pragmatic ITAM Method.” After a few years, I quit my SAM job. Today, through my company, Boerger Consulting, I teach and coach asset managers to apply the Pragmatic ITAM Method. They are equipped with the skills and knowledge to save their companies millions of dollars in audit penalties and security issues on their own. (See examples here).
Are you ready to stop being a scapegoat and be a hero at your company, instead? Here are three tips from the Pragmatic ITAM method to get you started.
3 Prevention Methods That Safeguard Against Audit Penalties
- Cross-reference your asset discovery with other teams so you can find missing assets and catch unexpected changes in your environment.
- Redefine your asset lifecycle flags so they are based on reportable data, so you can eliminate human error from your deployment and recovery activities.
- Ensure you’ve collected all the data you will need to answer the auditor’s questions before they ask them (here’s a hint: those questions are buried in your license agreements!)
If your department is dealing with recent penalties or proactively preparing for your next audit, consider using a data-based approach instead of relying on process or accounting. You’ll be able to mount a strong defense and your days of being a scapegoat will be over!
Not a subscriber yet? Click here to get more tips to make your work more successful.