Skip over navigation
Ultima Risk Management Logo linking to homepage
  • Contact us
  • Site map
  • Home
  • Consultancy
    • Introduction
    • Information Security (ISO 27001)
    • Business Continuity Management (BS 25999)
    • PCI DSS
    • IT Service Management (ITIL & ISO 20000)
    • Data Protection
    • Information Risk Management
    • Software Asset Management
    • Polices & Procedures
  • Training
    • Training Courses
    • CISMP - ISEB Certificate in Information Security Management Principles
    • PCBCM - ISEB Practitioner Certificate in Business Continuity Management
    • PCIRM - ISEB Practitioner Certificate in Information Risk Management
    • SAM - ISEB Certificate in Software Asset Management Essentials
    • PCSAM - ISEB Practitioner Certificate in Software Asset Management
    • BCM - BCI Understanding BCM Principles and Good Practice
    • All other courses
    • Training Schedule
  • Products
    • ISO 27001 Risk Assessment Tool
    • BS 25999 Risk Assessment Tool
  • Events
    • BS 25999 Implementation Seminar
  • Case Studies
    • Audatex - Global first Dual certification
  • About us
    • Company Profile
    • URM's Partners
    • How to contact us
Home / Consulting / Software Asset Management
getting the balance right
Getting the Balance Right

Software Asset Management (SAM) Consultancy

Risk assessment ensures that all risks are considered and enables treatment to be prioritised.

The need for SAM

Software is an important business asset which organisations depend upon for delivering customer services, maintaining business partnerships and supporting internal processes and systems. Without control over software assets senior managers expose their organisations and themselves to uncontrolled risks associated with:

  • Legal and financial exposure
  • Failure to satisfy the need for transparent corporate governance practices
  • Damaged reputation
  • Unexpected budgetary and workload impact
  • Security breaches including unauthorised disclosure and modification of confidential information
  • Interruption to operations
  • Unsupportable operations
  • Ad hoc audits by software manufacturers.

SAM Risk Assessment

The objective of SAM is to manage, control, and protect an organisation's software assets, including the management of the risks arising from the use of those software assets. It is not merely concerned with reconciling installed software against licences held. The introduction of a new ISO standard "19770-1: 2006 Software Asset Management Part 1: Processes" (ISO 19770-1) provides a comprehensive set of controls and outcomes for every aspect of SAM that should be used to establish an organisation's internal processes. ISO 19770-1 is the only authoritative Standard that covers all aspects of SAM and is supported by software manufacturers and independent industry bodies. It recommends risk assessment as being the starting point of any SAM process, thus ensuring that any SAM plan is based on an assessment of identified risks rather than perceived risks. This will also ensure any SAM plan is based around real business needs and is endorsed by senior management.

URM is ideally positioned to assist any organisation wishing to implement SAM processes in line with ISO 19770-1. URM is the only organisation to offer risk assessment, accredited training and a nationally recognised qualification in the subject. URM was the first organisation to be accredited by BCS/ISEB to deliver the Certificate in Software Asset Management Essentials training course.

URM's consultants are highly experienced in risk assessment, a key starting point for any SAM project, and corporate governance. URM has a proven risk assessment methodology enabling organisations to either comply or certify to the ISO 19770-1 Standard. The results of the URM Risk Assessment will form the foundation of the SAM Plan.

URM's consultancy team contains individuals with significant expertise of SAM processes. These individuals have many years' experience providing organisations with practical and effective solutions to their risk, SAM and corporate governance requirements.

  • Introduction
  • Information Security (ISO 27001)
  • Business Continuity Management (BS 25999)
  • PCI DSS
  • IT Service Management (ITIL & ISO 20000)
  • Data Protection
  • Information Risk Management
  • Software Asset Management
  • URM's approach to Software Asset Management
  • Polices & Procedures

Copyright © Ultima Risk Management, 2008. All Rights Reserved.

contact us | careers | terms of use | privacy | site map