Skip over navigation
Ultima Risk Management Logo linking to homepage
  • Contact us
  • Site map
  • Home
  • Consultancy
    • Introduction
    • Information Security (ISO 27001)
    • Business Continuity Management (BS 25999)
    • PCI DSS
    • IT Service Management (ITIL & ISO 20000)
    • Data Protection
    • Information Risk Management
    • Software Asset Management
    • Polices & Procedures
  • Training
    • Training Courses
    • CISMP - ISEB Certificate in Information Security Management Principles
    • PCBCM - ISEB Practitioner Certificate in Business Continuity Management
    • PCIRM - ISEB Practitioner Certificate in Information Risk Management
    • SAM - ISEB Certificate in Software Asset Management Essentials
    • PCSAM - ISEB Practitioner Certificate in Software Asset Management
    • BCM - BCI Understanding BCM Principles and Good Practice
    • All other courses
    • Training Schedule
  • Products
    • ISO 27001 Risk Assessment Tool
    • BS 25999 Risk Assessment Tool
  • Events
    • BS 25999 Implementation Seminar
  • Case Studies
    • Audatex - Global first Dual certification
  • About us
    • Company Profile
    • URM's Partners
    • How to contact us
Home / Consulting / Software Asset Management / Approach
getting the balance right
Getting the Balance Right

URM's Software Asset Management Methodology

URM's approach to SAM compliance and certification is built on the need to avoid solutions that are over-engineered, expensive, time consuming and bureaucratic.

The starting point for any SAM project is, therefore, to carry out a software risk assessment, based on ISO 19770-1 using URM's market leading risk assessment software. The SAM risk assessment takes just a few days to complete. Completing a risk assessment ensures that the actual requirements of an organisation are identified rather than those that are perceived, and/or either over and under specified. The risk assessment provides an excellent opportunity to engage everyone in an organisation who has a key role to play in SAM compliance, including executive officers.

The results of the risk assessment are used to highlight areas of SAM risk, calibrate the extent of the risks and identify controls from ISO 19770-1 that can be used to prioritise and facilitate risk reduction.

The reports from the SAM risk assessment are clear, comprehensive and explicitly address the needs of the business.

URM's experience in delivering pragmatic and effective corporate governance consultancy, built upon the sound principles of risk assessment, has allowed it to rapidly develop services relating to SAM and ISO 19770-1. The benefits of adopting a risk based approach, as opposed to a more generic and less focussed gap analysis methodology, are significant. Customers, for an investment of just a few days effort themselves, can obtain a highly customised view of the SAM risks they face, who should own responsibility for risk reduction and how to prioritise risk reduction effort. Prioritisation is extremely important as organisations will still have many "business as usual" activities to contend with alongside its SAM risk reduction programme.

Embracing SAM in any organisation offers opportunities for better control of costs throughout the software life cycle, achieving competitive advantage and improved customer satisfaction, and greater work place efficiency.

  • Introduction
  • Information Security (ISO 27001)
  • Business Continuity Management (BS 25999)
  • PCI DSS
  • IT Service Management (ITIL & ISO 20000)
  • Data Protection
  • Information Risk Management
  • Software Asset Management
  • URM's approach to Software Asset Management
  • Polices & Procedures

Copyright © Ultima Risk Management, 2008. All Rights Reserved.

contact us | careers | terms of use | privacy | site map