Understanding The IT Asset Management Lifecycle

As an industry, we do a pretty poor job of defining precisely what the IT asset management lifecycle looks like. Therefore, it’s incredibly difficult, if not impossible, to automate both the reporting and the processing of the asset lifecycle. Organizations have to rely on manual feedback on work orders and inventories to know what kind of hardware and software is actually being used. It’s a problem.

Instead, we should be defining IT asset management lifecycle stages in such a way that it’s clear what an asset is, and the asset can report back to our CMBD or asset MDR to tell us where it is in the lifecycle.

In my book,?Rethinking IT Asset Management, I go into depth on the IT asset management lifecycle. The TL;DL (too long; didn’t read) version is below:

The 5-Step IT Asset Management Lifecycle

Step One – Procured

Also known as Purchased, Acquired, Requested Money, or the promise of money, has been paid for the possession of or right to use the asset.

Step Two – Inventoried

AKA: Delivered, Received, Processed, Making Ready Asset has been physically received and is being made ready for use in the computing environment.

Step Three – Installed

AKA: In Use, Deployed, Implemented, Active Asset is active in the computing environment.

Step Four – Recovered

AKA: Returned, Fit for use, Recycled Asset has been removed from the computing environment temporarily, with the intent it will be used again.

Step Five – Disposed

AKA: Retired, Lost/Stolen, Sold, Destroyed, Trashed, Removed From Service Asset has been removed from the computing environment permanently and is no longer the property or concern of the organization.

You’ll notice something very particular about these definitions – they are mutually exclusive. That means something that is In Use can’t be in any other stage. For example, something that is Disposed can’t be on the shelf in inventory. It’s gone. Something that’s In Use can’t be sitting on the truck on its way to be delivered.

So, with these definitions in mind, can you craft data attributes that will signal to you or your CMDB that an asset is not where it was in the last cycle but in a new spot?

The IT Asset Management Lifecycle – Look For The Data Details

The short answer is this: there are certain details to look for that tell you where an asset is.

• Installed: If an asset is installed, you should see it active on your network. People are logging into it, it has an IP address, it’s consuming power, it appears on network scans, etc.
• Disposed: You should have a certification, receipt, or something else that shows your organization no longer has the asset in hand. If you have such a document, but the asset is behaving as if it’s installed, you have a problem and had better look into it!
• Procured: It shouldn’t show up anywhere other than on a P.O. or tracking number. But if it acts like it is installed, then it is a good bet someone skipped a step.? And a skipped step could mean skipped protections and a cybersecurity threat.
• Inventoried & Recovered:? This is the trickiest part. We know they’ve been purchased because we have documentation saying so. We know they haven’t been thrown away because we don’t have a document staying so. We know they aren’t deployed because they’re not showing active in the network. Therefore, the only place these devices should be is in your warehouse or staging area. And that should be an easy walk to look and find it.

What’s the point of this exercise? By reorganizing your hardware around this kind of IT asset management lifecycle, you will know with a much higher degree of certainty what hardware is being used and what isn’t. Consequently, you’ll know what software needs to be licensed because it’s (almost always) running on the deployed hardware. The benefit then is that as hardware comes in and out of service, you know which software licenses can be recovered and redeployed. And that’s the first step in optimizing your hardware and software expenditures.