If you’re a network administrator or a systems architect, the likelihood is you’ll be roped in to help out on a software audit in the next three years. As the economy focuses on nailing down costs, one in three companies expects to be asked to perform a spot-check, according to Fast Ltd, one of the leading authorities on software asset management and IT compliance.
By Helen Beckett [18/08/2010]
The insight adds to the continuing debate on how best to cost-justify software investment or, equally, the risk and cost of non-investment and non-compliance. Straitened times in the IT department have tended to produce two different responses, according to Fast Ltd: a keener interest in how asset management can expose and reduce cost or, alternatively, a head-in-the sand approach towards software asset management procedures.
Calculating the costs
Phil Heap, head of membership services and products at Fast Ltd, conceded that evaluating the tangible benefits of software implementation is complex because of the difficulty of mapping out impacts across the organisation. However he recommended the cost of non-compliance as another valid calculation.
“If companies worked out the cost of settlement [of non-compliance] with a publisher, versus the cost and labour of purchasing and implementing licenses for desktops, this may make investment more palatable”, he suggested.
Extensive reach
The approach, dubbed the return on prevention, ROP, is being applied to other technology point tools on order to justify investment. Last week a study by the Ponemon Institute concluded that businesses should adopt its new metric in the field of security in order to save money. The formula tots up the benefit of technologies, controls and governance practices aimed at preventing or mitigating cyber attacks, human error and system weaknesses.
"We believe our ROP model can help make it easier for IT and IT security practitioners to make the business case for acquiring enabling security technologies and related control activities," said Larry Ponemon, chairman and founder of the Ponemon Institute.
A white paper on Calculating Return from the Cloud, published by the Open Group, also includes risk management among other more traditional methods, such as total cost of ownership (TCO). Mark Skilton, of the Open Group’s Cloud Computing work group and author of the white paper, used the five following metrics to measure the return of the cloud.
Metrics for measuring return from the cloud
1. Speed and rate of change
2. Optimising total cost of ownership (TCO)
3. Elastic provisioning to scale up and down to actual demand
4. Risk and compliance improvement
5. Access to business skills and capability improvement
Auditing accountability
With ROP likely to become an increasingly fashionable metric, a broad swathe of the IT workforce will also become more involved in the auditing process. IT managers tend to take responsibility for audits in the first instance, confirms Fast Ltd’s Heap, but often in a reactive scenario, after being approached by a software publisher for verification.
“A series of technical tasks are then delegated to different members of the team, such as network administrators or systems architects, and more companies are bringing project managers with broad-based experience onto audits; it’s not just a series of technical tasks but crosses the boundary into procurement, too,” emphasises Heap.
Browse our latest network engineer jobs
Browse our latest administrator jobs
Browse our latest system administrator
Browse our latest architect jobs
