Or as the Virgil quote says, “If I can not bend the will of Heaven, I shall move Hell.”
I’m having a moan tonight about misconceptions centered around tools, choice of tools, the reason for tools when the simplicity of the path ahead is neither understood nor defined. What I’m saying is, know why you do anything before you start doing it… And yes I could get to the point right here, but I’m not trying to sell you anything and you’re not paying, so you’ll either read the whole thing or not, your choice :p
Apologies, I have been busy. At this point, I shall not disclose what I have been so busy with, as the process goes on and might do so, for a while yet. All I can reveal at this point is that: I and my old partner in crime (Stian, in case you wonder) have been trying to redefine SAM, in a manner. Not so much the ISO behind it, as rather how to explain SAM in a few well-chosen sentences. That part has gone well. It’s not Plato’s Allegory of the cave, but it works and it does so in about 20 seconds. However, in the process, there’s more to explain. I am accustomed to using words and prose, much less alas, drawing, painting a picture, or creating stunning presentations. (Presentations are not US in this case)
What bothers me the most is that I can’t find easily accessible content in form of pictures, illustrations, or graphs to use. Everything must be created from scratch. One of the questions needing answers is making the wallet holder, the customer, sponsor, stakeholder, or otherwise “the money bag” understand the benefits of SAM. It’s not my meaning to come with derogatory references. I try to exemplify my point, those who make funding decisions do not understand the world of SAM. They don’t understand how many moving parts it is, what it takes to maintain them all, and also, regretfully don’t understand, that even SAM tools not only come with a maintenance cost, they also require significant upkeep to perform well.
Also, they actually have to be tailored to the business at hand, how the business is built, how it functions, and many more aspects of what a business can be. If you are thinking that the goal of your SAM is or should be compliance, save yourself the money and your nerves and rather pay the fines. I think it will be more pleasant, although expensive and defamatory.
Let me be honest. I have built (together with a team), once, a fully functional, ISO19770 compliant, partially (mostly) automated SAM system within a huge, ever-changing, 40 000 people organization, through mergers, acquisitions, joint-ventures, and divestitures. ONCE. (I have also run it for many years, but that’s beside the point)
Let me be equally honest, without full backing and interest of a “C-level” management, well, it’s hard to impossible. I know, this argument is used often, but for other reasons than you might initially think. You are then actually asked to help salesmen to sell you a “solution” when they use the C-level management support. I’m saying it to you, because if your management doesn’t understand why “all those costs and resources”, what the benefits are and could be, they will either buy in partly and for a time, or not really. And without their interest and support, you will always be a “Don Quijote”.
Let me come with further confessions: just compliance isn’t worth it. It costs too much to keep people in the “know”, motivate them, have your internal resources sweat doing endless renewals, true-ups for a result which you can outsource a few times a year, which will be performed more accurately, faster, and with less risk than your super-shared, undervalued IT resources. Save your money and your nerves and take the bus, let someone else do this for you, and pay the fines in the worst case(because you asked them to do compliance on a publisher or set of products, not your estate). Investing in compliance, as a result, is like buying a car, without being able to afford the gas. SAM is a team-sport, SAM is not IT, it supports IT, SAM caters to IT, caters to management, to business functions, and the “whatever” business itself. SAM best benefits finance, contracting, procurement. Once you understand the ultimate goal of SAM you will understand why it’s not really IT.
The meaning and ultimate reason for SAM is really simple: It is to produce the cost of doing business(from a software perspective). When I feel like it, I will explain it in more detail, but for now please trust me. Just keep in mind that the point of SAM is not to juggle licenses, but to manage the value invested in the software portfolio, meaning money(which is why we refer to licenses as assets), and on the opposite side meet legal and regulatory requirements, meaning do what you agreed to as soon a piece of software was installed, because with disregard of who installed it or why, he or she just bound your entire organization by clicking Accept, in order to install it. In other words, a legal contract has been entered between your organization and the software publisher/licensor. Now, good luck 😉
Many organizations purchase some sort of a SAM tool thinking, their prayers have been answered. There’s absolutely nothing wrong with that. There are no good nor bad tools. There are only tools meeting your requirements, there are tools offering more than you could possibly require, and tools seemingly offering you what you want, mostly because you don’t know what you want.
As with all tools, for good manufacturing of results, you actually need a professional, who not only possesses the skill, understanding, and experience but also an iron will to battle the management and the rest of the organization(it is the irony of SAM, that SAM must continuously justify itself).
Why? That’s a long story and not the aim of this article. As with most of my articles, I choose to discuss the topic at heart, and in this case, I wish to debate misconceptions and indirectly how selling points for (some, any) SAM software became the goal of SAM on the internet and among some SAM groups, somehow. Therefore for future reference, I’m totally agnostic, to the point of being a purist, of sorts.
Let me start with: Gartner is a provider of information, trends and research analysis. They are good at what they do and the info they provide is mostly willingly provided by people. Should you wish to quote information from Gartner and their magic quadrant, please read what Gartner is first, what they do, then please consider what data topic you are viewing and for a moment consider who is publishing the information, how, for whom, and why. For those who missed the point, Gartner gathers, collates and analyzes information from external sources. They are a research company, they don’t build anything, they don’t invent anything, and last time I checked and heard, Gartner doesn’t employ people to sift through logs of various organizations and create order out of chaos for them. They research. If they have real-life data or not, I don’t know. I’m guessing they don’t because if I worked SAM within an organization or was responsible for a company I wouldn’t share my findings with any outside organization, aside from my LAR or my SAM partner.
For the same reason as to why politicians never really commit to anything or why you should never talk to the arresting police officer (you should speak to your lawyer).
Now consider qui bono, who benefits? The most important part is to keep in mind, that although companies like Gartner are good at what they do, they don’t read minds and do not necessarily know your needs.
So what I’m saying is, please do your own research, if you don’t have resources, then hire some. It is so difficult to explain to a customer that because you didn’t do your due diligence for decades, and because you assumed that what you read in one article is the absolute truth, now we have to unwind all that you have done, then undo years of neglect before we can start to actually address the problems.
I’m assuming that most critical thinkers would do their own research, check all facts presented and make their own opinion, if possible. Everyone else will adopt some other strategy, best suited to their own characters. There’s nothing wrong with either side, the question is, what do you need and how can you get it.
It’s the same question since the cavemen, although the subject of the questions changes, it’s still about “how do we achieve what we want.”
With that being said, my firm opinion on SAM tools is: requirements, requirements, requirements.
You, as the customer, will either ask informed questions and double-check the data, or you won’t. If you have never dealt with versioning, releases, testing, deployments, version succession, implementations, migrations, or consolidations, your chances of getting it right will depend on the articles you read and their angle or consultants you hire and their experiences.
If you will (do your diligence), you will start analyzing your organization’s situation, your needs and after a while, you will discover that you need a professional just to understand what you need. If you won’t(do your diligence), well, you will either spend money on whatever is being recommended to you by whatever source you chose as your Pythia, or you will some other way come to “some conclusion” and miss some valid points, potentially. The important part is to remember, we are all ourselves responsible for our actions, and also for the lack of action in some cases. I remember a case where the customer has purchased a “system”, we can call it simply software. Most companies that I know use something like that, so it’s very common. The client has passed on all security options. If this was because he had no clue, or because he thought security issues won’t happen in his organization or whatever else he might have thought, he passed. It didn’t take long before he was hacked. Severely. To that he didn’t have any insurance covering it. So he tried to put blame on everyone, from the selling organization to the manufacturer, to the insurance company he had, because in his mind they should have told him. Of course, he was to blame. And yes he was advised, yet chose to save money. So who’s to blame here? Good question. Personally, I ask myself often if humanity can actually keep up with the commercialism ruling the world.
Let me give you a free tip: you need a couple of systems/software for recording and keeping records and on top of that, you need a discovery/inventory tool. You can get away with a good inventory/discovery piece, but only if your process will support it. The problem with that is the waste of time anyone wishes to have access to some specific data set regarding your contracts or licenses, costs, state of maintenance, etc. But you might feel you saved some costs if you skip it. I don’t recommend it, but you can try.
Then you need a way or system to reconcile the records to give you the actual results you wish to have. If you are thinking that Excel will solve most of your needs, I’ll say only: time is money and people make mistakes.
In addition to the above, you need professionals who know what they are doing (licensing rules change often, systems have weaknesses for which you are responsible for) and you need processes because there is no software that does it all for you and people need a path to follow, especially if you want measurable repeatable results.
One more free tip for you: SAM is a program, not a project, it doesn’t end and you can’t budget for it all.
So if you think you have chosen well, because you just spend a lot of money on a system (let’s rejoice it wasn’t your money), although you did not check your own needs and thus requirements, you are still right, because you chose one of the expensive ones or perhaps even the most expensive one. Congrats!
(There’s a whole scene from a movie I’d love to quote for you, but I’ll let you feel good about your decision instead and not quote it, aside from a short ending of the scene: “How do you like them apples?”, although this punchline will come later, and most likely it will hit the organization in the face and not specifically you because although someone was responsible for acquiring “this”, they usually are not accountable for results of that aqcuisition later)
However more and more I see organizations that chose a tool, an expensive tool at that, and after a while, they discontinue the tool.
It might be they didn’t see any value in it, or they stopped seeing any value in it. And yes, in both cases they are right. On one end, they bought a car, and for whatever reason, couldn’t use it. On the other, after reaching the initial benefits of scratching the surface (yes, only the surface!) they discontinued because taking a bus was cheaper. And I do not blame them, nor do I blame anyone else. The thing is, this is exactly where I will come in.
Firstly, I don’t blame people for not wanting to read through the ISO documentation. It is massive and for someone with little interest, it would be like reading technical documentation of the car’s electrical systems (pun intended in these electric car times). You can still drive, although you haven’t read it, and although you don’t understand how the car actually functions.
Secondly, you completely missed the point. ISO19770 is not the instruction manual on how to operate a car, it’s instruction on how to build a system capable of having a car/cars driven within it efficiently, and maintained. It only describes how to best create a system to manage the various aspects of managing your software portfolio in other words. It will not provide you with compliance. Systems won’t provide you with compliance, how you handle everything, the process in place, people who know what they are doing every single action they take, that and then some will give you compliance. Breaking down entitlements, keeping meticulous records, and having the capability to run a reconciliation will get you closer to that goal. Or call me.
So let’s make it simple:
SAM is a practice of how to manage your software portfolio and all aspects of interacting with it. SAM’s goals are many, but the ultimate goal is to get out of it what using the software you lease, own, rent, or otherwise use, costs you, so that you can price your services or products accordingly.
After all, you want to know how much it costs you to make that pencil, that computer, or provide that service, so that you don’t rob your customer blind or so that you don’t lose on whatever it is you are doing for your customers.
You can get your TCO, your ROI, and many other acronyms too, but it’s not as easy as the software vendors make it sound, and no, it’s not automatic. It costs aside of money, serious time, significant blood, buckets of sweat, and occasional tears (and in my case hair from the top of my scalp rather than any tears).
Disclaimer: If you make pencils, you most likely do not need a SAM program and you have probably googled something and ended with this article.
I hope reading it was as entertaining for you as it was writing it for me, even though the potential benefits of reading it is simply this confirmation, making it obvious for you, as a pencil maker, not to invest in any SAM tools, since you now know, you don’t need them.
For all others: being compliant is a requirement from software publishers, vendors, and your national taxation office, it is not the goal of SAM, but it is a by-product of having a SAM program!
If you haven’t understood this yet, please read the article again.
