ISO/IEC

19770-3

19770-3

ABOUT

ISO/IEC 19770-3 provides a technical definition of a schema that can encapsulate the details of software entitlements, including usage rights, limitations, and metrics.

The primary intentions of this part of ISO/IEC 19770 are:

a) to provide a basis for common terminology to be used when describing entitlement rights, limitations, and metrics, and

b) to provide a schema which allows effective description of rights, limitations, and metrics attaching to a software license.

The specific information provided by an entitlement schema (Ent) may be used to help ensure compliance with license rights and limits, to optimize license usage and to control costs. Though Ent creators are encouraged to provide the data that allow for the automatic processing, it is not mandated that data be automatically measurable. The data structure is intended to be capable of containing any terms and conditions included in a software license agreement. This part of ISO/IEC 19770 supports software asset management (SAM) processes as defined in ISO/IEC 19770-1. It is also designed to work together with software identification tags as defined in ISO/IEC 19770-2. Standardization in the field of software entitlements provides uniform, measurable data for both the license compliance and license optimization, processes of SAM practice.

BENEFITS

It is intended that this standardized schema will be of benefit to all stakeholders involved in the creation, licensing, distribution, release, installation and ongoing management of software and software entitlements.

End-User OrganizationS

The benefits for software consumers, SAM practitioners, IT support professionals, and end-users include, but are not limited to:

  • receipt of consistent and uniform data from software licensors, resellers, and SAM tools providers;
  • more consistent and structured entitlement information supporting the use of automated techniques to determine the need for remediation of software licensing;
  • improved reporting from additional categorization made possible by the use of Ents;
  • improved SAM and software license compliance capabilities stemming from standardized, software licensor-supplied, ISO/IEC 19770-2 software identification tags to reconcile with these Ents;
  • improved ability to avoid software license under-procurement or over-procurement with subsequent cost optimization;
  • standardized usage across multiple platforms, rendering heterogeneous computing environments more manageable.

SAM TOOL PROVIDERS

Benefits to SAM tool providers, deployment tool providers, resellers, resellers, software packages and release managers include, but are not limited to:

  • receipt of consistent and uniform data from software licensors and Ent creators;
  • more consistent and structured entitlement information supporting the use of automated techniques to determine the need for remediation of software licensing;
  • improved reporting from additional categorization made possible by the use of Ents;
  • improved SAM tool entitlement reconciliation capabilities resulting from standardization in location and format of software entitlement data;
  • ability to deliver value-added functionality for compliance management through the consumption of entitlement data.

SOFTWARE LICENSORS

Benefits to software licensors who provide Ents include, but are not limited to:

  • Immediate software consumer recognition of details of the usage rights derived from their software entitlement;
  • ability to specify details to customers that allow software assets to be measured and reported for license compliance purposes;
  • increased awareness of software license compliance issues on the part of end-customers;
  • improved software consumer relationships through quicker and more effective license compliance audits.

    ADOPTION/SUPPORT

    The availability of training and certification programs based on 19770-1 enables both individuals and organizations to gain knowledge of 19770-based SAM and have their level of knowledge evaluated.Some of these programs have been in operation for several years.

    Current examples are:

    a. BSA’s Verafirm certifications (see http://www.verafirm.org);

    b. IAITAM’s ITAM 360/19770 knowledge base and assessment system (http://www.iaitam.org).

    c) The availability of cross-references between accepted industry practice and 19770-1. Annex C of 19770-1:2012 contains cross-references between 19770-1 and IAITAM Best Practice Library, Japan’sSAMACBest Practices (http://www.samac.or.jp) ,and CobiT 4.1 (http://www.isaca.org/COBIT/).

    d) The availability of additional guidance documentation on 19770-1. Current examples are:

    Definitive Guide to SAM Assessment and ISO/IEC 19770-1 (see http://www.ecpmedia.com/publications.html#sm_guidetosam);

    • The ITAM Review (e.g. http://www.itassetmanagement.net/2012/11/12/microsoft-sam-optimizationmodel-isoiec-197701/); and
    • The SAM Guide (see http://www.samguides.com/).

      Preview or Buy To preview or buy a copy of the ISO Processes and tiered assessment of conformance, please visit ISO here:

      Preview or Buy Here