SAM, Effective License Positions and Being a Master of Change

Cut software spend with major software vendors - If you have recently completed your first ELP, (Effective License Position) then congratulations are in order. This is no small feat and you should feel a justifiable sense of pride in your work.

If you have recently completed your first ELP, (Effective License Position) then congratulations are in order.  This is no small feat and you should feel a justifiable sense of pride in your work. 

However, what may not have been covered in any SAM courses to date would be just how reliable that ELP will be. This statement is not to undermine your interpretation of licensing, or the due diligence you applied to the calculations, but rather the fact that your ELPs have a half-life. 

As soon as a copy of the ELP is printed, various changes within the IT estate will start to erode at the accuracy of your report.  This is where you should exercise caution when you enter into presenting statistics with any cast-iron certainty to Senior Management – caveats and qualifications of the data used to arrive at a given position should be included.

Below we have offered a selection of those elements of an IT estate that could cause your ELP to become eroded over time and a suggestion concerning the frequency of change that could make you think just how frequently you need to refresh those reports. Your refresh rate should also make you think about how frequently and how high up the management chain your ELPs should travel.

Inventory Data

Potentially daily, depending on the software vendor you are putting under review, installations, upgrades, downgrades, moves, additions and deletions.

Usage data

Potentially daily, depending upon the scale and complexity of the system, and the number of log-ons available to a single user for an enterprise resource planning (ERP) system. The requirement to refresh a compliance position is very high, and let’s not forget the joiners, movers and leavers among staff going through their own employment cycle.

Contract Data

Low. However, the consequences of ignoring or misunderstanding contract terms and conditions could be huge. Please don’t move from one organization to another and assume that traditional boiler-plate terms and conditions apply in your new post. Your new company could have a very proactive procurement function that takes software vendors to task on a regular basis and insists upon more favorable benefits.

Purchase Data

Potentially daily. Wouldn’t it be great if your company only purchased software in given windows of activity so that you could focus on ensuring your IT estate is accurately mapped in your SAM suite? Regrettably, growth is the soul of business – and growth is the seed of change that means you have to stay on your toes.

License Terms and Conditions

Vendor-dependent. Some vendors, such as Microsoft, updates its clients about tweaks and added nuances across their software portfolio every 90 days; others announce changes at the point of purchase (Oracle for instance). Once you have got the hang of the rates of change for licensing, you can start to consider if you should refresh your ELPs at the same rate.

IT Terminology

Take the time to understand how different software vendors view standard terminology within computing circles: Failover, Clustering, Development, High Availability, even Virtual etc. Do not make the assumption that because software vendor A applies one type of definition to a term, that software vendor B, C or D will interpret that term in the same way.  

Business Data/Direction

Business-dependent. Just in case you didn’t have enough to keep your eye on, changes within your own business hierarchy (mergers and acquisitions, sell offs etc.) could result in a bow-wave of change for your contracts and how they are applied to the IT estate. So a company sell-off could result in a drop from a favorable pricing band to a more expensive level because your reduced number of IT devices won’t support the purchasing volumes that warranted the original discount.

Change in IT Architecture

Business-dependent. Finally, we have the Installs, Moves, Adds and Changes (IMAC) activity that our IT departments feel is required to make best use of resources. However, this doesn’t always take into account the licensing and contract terms and conditions to which we are supposed to adhere. Also, if you wish to tackle your big-ticket items, make sure your program/ project office is aware of the consequences of ignoring SAM.

3rd Level Metric Data

Those elements of data that are used in a compliance calculation that a typical inventory system would not pick up. Full Time Employee Head-Count, Millions of Barrels of Oil Produced in a Day, the number of financial transactions conducted by the software – activity spikes that drive up licensing fees should be aligned to improved business value to ensure that the software being measured in such a way is worth keeping.

PREPARE FOR AUDIT

Once you are in a position to place change indicators against all of the above from a vendors’ perspective, you can then align those statistics against market data for the likelihood of being audited by those vendors. All of a sudden, you have compelling evidence to drive the frequency of accurate Compliance Reports and an agenda that your SAM team and your business can buy into.

A huge misconception within SAM is that you have to treat all software vendors with the same weight of crushing attention to detail as you would your most critical software vendor. This will lead to burn-out, or eyebrow-raising demands for a SAM team that could rival the accounts/ purchasing department for head count.

Such a risk agenda should be plugged into the wider business risk management scheme, so that the SAM team are not operating in isolation and can call upon appropriate representation at the higher level if the SAM team felt that its message was not being heard.

A further advantage of treating SAM in this holistic way is that you are not operating in a reactive fashion should an audit be called; your vendor risk profile will have you doing dummy runs of SAM and Compliance reports well in advance of that audit letter landing on your desk. Such dummy runs will validate your team’s ability to produce quality ELPs in a timely fashion, but may equally highlight changes to the IT estate your SAM function was not made aware of before the change took place.

Image removed.