CSA - ISO/IEC 19770-1-06
Information technology Software asset management Part 1: Processes
|Publication Date:||1 December 2006|
This part of ISO/IEC 19770 establishes a baseline for an integrated set of processes for Software Asset Management (SAM).
Field of application
This part of ISO/IEC 19770 applies to SAM processes and can be implemented by organizations to achieve immediate benefits. ISO/IEC 19770-2 provides a specification for SAM data, which requires implementation by software manufacturers (external and internal) and by tool developers for its full benefits to be achieved.
It is intended that this part of ISO/IEC 19770 be an implementation standard for organizations. Future editions may provide an assessment framework that is aligned to the requirements in ISO/IEC15504-2.
This part of ISO/IEC 19770 applies to all organizations of any size or sector. This part of ISO/IEC 19770 can only be applied to a legal entity, or to parts of a single legal entity.
NOTE The definition of organizational scope is documented as part of the Corporate governance process for SAM.
This part of ISO/IEC 19770 may be applied to an organization which has outsourced SAM processes, with the responsibility for demonstrating conformance always remaining with the outsourcing organization.
This part of ISO/IEC 19770 can be applied to all software and related assets, regardless of the nature of the software. For example, it can be applied to executable software (such as application programs, operating systems and utility programs) and to non-executable software (such as fonts, graphics, audio and video recordings, templates, dictionaries, documents and data).
NOTE The definition of software asset scope (software types to be included within the scope) is documented as part of the SAM Plan developed in the Planning for SAM process. It may be defined in any way considered appropriate by the organization, such as for all software, for all program software, for all software on specific platforms, or for the software of specified manufacturers, as long as it is unambiguous.
The following forms of software assets are within the scope of this part of ISO/IEC 19770:
a) software use rights, reflected by full ownership (as for in-house developed software) and licenses (as for most externally sourced software, whether commercial or open-source);
b) software for use, which contains the intellectual property value of software (including original software provided by software manufacturers and developers, software builds, and software as installed and executed); and
c) media holding copies of software for use.
NOTE From a financial accounting point of view, it is primarily category (a) which may be considered an asset, and even then it may have been completely written off. From a financial accounting point of view, category (b) may be viewed as actually creating a liability (rather than an asset) with commercial software if it is not properly licensed. This part of ISO/IEC 19770 considers categories (b) and (c) proper assets to be controlled as well as (a). Licenses may have bookkeeping value, but software in use in particular should have business value and needs to be treated as a business asset.
Related assets within the scope are all other assets with characteristics which are necessary to use or manage software in scope. Any characteristics of these related assets which are not required to use or manage software are outside of the scope. Table 1 provides examples of these.