Software Asset Management (SAM) Consultancy

Risk assessment ensures that all risks are considered and enables treatment to be prioritised.

The need for SAM

Software is an important business asset which organisations depend upon for delivering customer services, maintaining business partnerships and supporting internal processes and systems. Without control over software assets senior managers expose their organisations and themselves to uncontrolled risks associated with:

• Legal and financial exposure
• Failure to satisfy the need for transparent corporate governance practices
• Damaged reputation
• Unexpected budgetary and workload impact
• Security breaches including unauthorised disclosure and modification of confidential information
• Interruption to operations
• Unsupportable operations
• Ad hoc audits by software manufacturers.

SAM Risk Assessment

The objective of SAM is to manage, control, and protect an organisation's software assets, including the management of the risks arising from the use of those software assets. It is not merely concerned with reconciling installed software against licences held. The introduction of a new ISO standard "19770-1: 2006 Software Asset Management Part 1: Processes" (ISO 19770-1) provides a comprehensive set of controls and outcomes for every aspect of SAM that should be used to establish an organisation's internal processes. ISO 19770-1 is the only authoritative Standard that covers all aspects of SAM and is supported by software manufacturers and independent industry bodies. It recommends risk assessment as being the starting point of any SAM process, thus ensuring that any SAM plan is based on an assessment of identified risks rather than perceived risks. This will also ensure any SAM plan is based around real business needs and is endorsed by senior management.

URM is ideally positioned to assist any organisation wishing to implement SAM processes in line with ISO 19770-1. URM is the only organisation to offer risk assessment, accredited training and a nationally recognised qualification in the subject. URM was the first organisation to be accredited by BCS/ISEB to deliver the Certificate in Software Asset Management Essentials training course.

URM's consultants are highly experienced in risk assessment, a key starting point for any SAM project, and corporate governance. URM has a proven risk assessment methodology enabling organisations to either comply or certify to the ISO 19770-1 Standard. The results of the URM Risk Assessment will form the foundation of the SAM Plan.

URM's consultancy team contains individuals with significant expertise of SAM processes. These individuals have many years' experience providing organisations with practical and effective solutions to their risk, SAM and corporate governance requirements.

• Consultancy Introduction
• Information Security (ISO 27001)
  • Information Security (ISO 27001)
  • Relationship between ISO 27002 & ISO 27001
  • How to Comply with ISO 27002 or Certify to ISO 27001
  • ISO 27001 Awareness Training
  • ISO 27001 Case Studies
• Information Security (PCI DSS)
  • Information Security (PCI DSS)
  • Stages of Compliance to PCI-DSS
• Information Security (DMA DataSeal)
• Business Continuity Management (BS 25999)
  • Business Continuity Management (BS 25999)
  • Significance of BS 25999
  • How to deploy BS 25999 - Lifecycle Stages
  • Crisis Management Simulation Exercises
  • New ISO Standard for BCM - ISO 22301
• IT Service Management (ITIL & ISO 20000)
  • IT Service Management (ITIL & ISO 20000)
  • Significance of ITIL & ISO 20000
  • How to deploy ITIL or certify with ISO 20000
• Data Protection
  • Data Protection - Introduction
  • URM's approach to Data Protection
  • BS 10012 - New DPA Standard
• Information Risk Management
  • Information Risk Management
  • URM's approach to Information Risk Management
• Software Asset Management
  • Software Asset Management
  • URM's approach to Software Asset Management
• Polices & Procedures
  • Polices & Procedures
  • URM's approach to Polices & Procedures