ISO19770 on the route to maturity and acceptance

Although ISO19770 (IT asset management) is a relative young standard, it has been there since the SAM market started to be lively at the midst of the zeroes of the new millennium.

Since a few years, I’m the delegated member of the Dutch National standards Body at the WG21-{WG21 is Workgroup 21 under SubCommission 7 of the Joint Technical Committee 1 of the International Standards Organization}. And I was already connected to the very first beginnings when it was still in the Microsoft SOM development tank. So why isn’t this standard yet globally accepted? It might be that it wasn’t comprehensive enough (till now), and maybe it cannot be in a little while without the proper support. However, the current developments on the standard are impressive and all with focus on the regulation and standardization of the IT- and most specific: the Software assets.

On the question I asked in almost every conversation I had about SAM, with various peers – clients and prospects, if ISO19770 would be the standard for them if it became certifiable, I almost always got a solid yes. So, that is what we proposed to the WG21 meeting in Berlin: make 19770 certifiable. Not every part ( Dash-2 SW-ID tags, Dash-3 Entitlement tags) is yet ready for that, but that might change in the future.

So I started out building requirements and boundaries for the ISO19770-1: Edition3. As this must be a global accepted standard there’s an initial group of countries that promised to support me in getting the certifying framework ready. If you’re interested in getting involved in this, please contact your local representative or national standards body.

Does this mean that every organization that states to be ISO19770 compliant or certified, in fact is not? Unless it’s done by an accreditation body: yes, that does it mean. And even, if an organization is certified correctly, the value of the certificate is doubtful. You probably have read somewhere that the current standard is too vague to set clear requirements. This doesn’t mean that you might not be thoroughly assessed on the standard. It means that you’ve not been assessed according a global accepted set of requirements of the ISO19770 standard. Which makes it a subjective assessment.

A colleague WG21 member from the UK has started also some New Work in Progress on ISO19770; the Dash-8. This will plot the standard to global best practices like ITIL, Cobit, Microsoft’s SOM, etc.

So, if we all put our effort into making ISO19770 the real standard for the whole SAM industry, i.e. the end users, the SAM tooling vendors, the software publishers and the auditors, we will also accomplish mutual acceptance between users and publishers.

As said, I’m looking for organizations that will help us making ISO19770 certifiable and become the first ones certified. I already have some requests from SAM tool vendors to become 19770 certified as they want to be certain that they report on compliance and other business rules, according to the global standard.

As we’re now looking for the local accreditation organizations to support the certification of persons on ISO19770, I would welcome the info on your local representative for that.

It’s a busy time for the ISO19770 family now. There are 4 (four!) documents up for global ballot. Among them is the brand new ISO19770-1:Edition 3. This is a modernized and more market synchronized standard. There are there still tiers (reduced to 3 and changed quite extensively), but not as the central framework. They are mentioned in the annex of the document, just meant as guidance. the ISO19770-4 and -8 are exciting new additions to the family. As aid the -8 will plot all best practices against ISO19770. The -4 is all about Resource Utilization Metering (RUM) and will bring another standard to our growing 19770 family. The fourth ballot is on technical changes to the -2 standard.

You see there’s a lot going on at the WG21 and we need you, SAM experts not already involved, as our conscience and sparring group to get ISO19770 ever improving. If you’re based in the Netherlands, you can contact me for this. When you’re based anywhere else in the world you can contact me or your local representative to discuss current and future ISO19770 matters.

There’s much more to tell about every single standard and how they’re connected to the more known standards like 20000, 27000 and 55000. You can also read the next post(s) of my colleague Hans van der Zanden giving more in-depth information on this topic. In the meantime, I hope you got some interest in this standard and want to know more. Don’t hesitate to contact me or my colleagues at  in2SAM.

Nico Blokland

COO In2SAM, IT&SAM evangelist and specialist

Leave A Reply