Pocket CIO:The Guide to Successful IT Asset Management
上QQ阅读APP看书,第一时间看更新
上一章目录下一章

Definitions

  • Disposition refers to the reassignment, recycling, and/or disposal of IT equipment through responsible, ethical, and environmentally sound means.
  • Obsolete refers to laptops/desktops and all other equipment which no longer meets requisite functionality and/or no longer under warranty.
  • Surplus refers to hardware or software that has been replaced by upgraded equipment or is superfluous to existing requirements.
  • Beyond reasonable repair refers to any and all equipment whose condition requires fixing or refurbishing that is likely to cost as much or more than total replacement.
  • Commercial Software refers to purchased software, company is legally allowed to use. Unlike hardware, commercial software is not owned by the company. When purchased, a product's software license only gives a company the right to use the software, but does not transfer ownership rights to the company. Thus, the rules of use are mandated by the vendor via software licensing terms and conditions.
Allocating responsibility
Your process should include two levels of responsibility: overall responsibility for the function and responsibility for ensuring appropriate actions is taken. Each key action must be assigned to a staff member whose responsibilities are clearly defined. Responsibility for an action does not necessarily mean that the person given the responsibility actually carries out the action.

Acceptable methods for the disposition of IT assets are as follows:

  • Used as a trade-in against cost of replacement item
  • Re-tasked/reassigned to a less critical business operation function
  • Recycled and/or refurbished to enable further use (within limits of reasonable repair)
  • Disposed of through a certified disposal partner

It is the responsibility of your organization to ensure that IT assets are dispossessed according to one or more of the methods prescribed above. It is imperative that all dispositions are done appropriately, responsibly, and according to corporate IT lifecycle standards, as well as with company resource planning in mind.

The following rules must therefore be observed:

  1. Obsolete IT Assets: As explained previously, obsolete refers to any and all computer or computer-related equipment that no longer meet requisite functionality. You should identify and classify when IT assets are obsolete. Decisions on this matter are sometimes made according to an organization's purchasing/procurement strategies. Equipment lifecycles should be determined by IT asset management best practices (such as total cost of ownership, required upgrades, etc.)
  2. Reassignment of Retired Assets: determine reassignment of computer hardware to a less-critical role. Whenever possible - reassign IT assets in order to achieve full return on investment (ROI) from the equipment and to minimize hardware expenditures organization-wide.
  3. Cannibalization and Assets beyond Reasonable Repair: Verify and classify any IT assets beyond reasonable repair. Equipment identified as such should be cannibalized for any spare and/or working parts that are worth the costs associated with removal. The IT department will inventory and stockpile these parts. Remaining parts and/or machines unfit for use can be sold to an approved scrap dealer or salvaging company after data wiping. Handling of any hazardous materials such as lead, mercury, bromine, and cadmium should not be done onsite, but should be contracted to a government-certified disposal company.
  4. Decommissioning of Hardware Assets: All hardware slated for disposition by any means should be scanned to discover installed software and be flagged as decommissioned in the Central Asset Repository (which will release software to be harvested/reclaimed), before being fully wiped of all company data. Your IT department(s) should assume responsibility for decommissioning equipment by deleting all files, company-licensed programs, and applications, following your organizations Information Security Policies & Standards.

Hardware should be picked up by a reputable, environmentally certified recycling company in compliance with all local, state, and federal laws. The certified recycling company must provide credible documentation that verifies adequate data wiping, tag or label removal, and disposition and disposal that meet regulated environmental standards.

Some key points of regulations are:

  1. All non-working/obsolete computer products should be disposed of in an environmentally sound manner
  2. Monitors and terminals are always hazardous
  1. Other components of a computer system (for example, circuit boards, keyboards, mice) could be hazardous depending on their lead, mercury, or cadmium content, which can vary from product to product
  2. Substantial penalties may apply for non-compliance
  1. Decommissioning of Software Assets: For old software that is no longer used, licensed or unused versions of commercial software, you must adhere to the terms and conditions of the governing license at the time of disposal, which will vary from vendor to vendor and from operating system (OS) to application software

Follow these guidelines to dispose of unused commercial software:

  • Delete/Uninstall electronic media and software.
  • Destroy the manuals.
  • Keep all serial numbers, dates of purchase, dates of destruction, and means of destruction in the Central Asset Repository. This will provide a complete audit trail in the event of a software audit.

Other best practices related to asset retirement include:

  • Suitability for role: Where possible, always ensure that training and qualifications of staff match the requirements of the task.
  • Training: Each team member should be trained to accomplish the assigned task, and should have a clear understanding of how to carry out the assigned responsibility, as well as how his or her assigned responsibilities fit into the overall process.
  • Process and procedural documentation: Employees should have open access to clear documentation outlining who, what, how, when, and why assigned actions are taken.
  • Return of equipment: During the re-issue process for assets, either return equipment to stock or designate it for retirement. Equipment designated for retirement should be removed at the time of issuing the new equipment. An asset return form must be completed, with a copy sent to HR for inclusion in their records. This action can be automated with links from the asset management system to the HR system. Typically, an employee's manager assumes responsibility for the return of equipment, which can then be re-allocated to a new employee.

In situations and organizations where no ITAM system exists, you should be aware of the following potential issues or concerns:

  • Concerns for costs: While the total cost of an asset can be difficult to calculate, the true cost of owning an asset is frequently the result of guesswork. Not having this information can be perilous for organizations because there is no clear means of defining which assets provide the best value as opposed to those providing little or no organizational value. Organizations working without ITAM fare poorly indecision making relating to asset procurement. This, in turn, results in spiraling costs.
  • Wasted resources: Without a means to effectively deploy assets, the implementation of new processes can be problematic. Resources must be dedicated to identifying the location and ownership of missing assets, and to updating inaccurate databases.
  • Minimal order: Believing that missing equipment may reappear, organizations are reluctant to write off missing equipment. This situation often develops as a response to other internal organizational pressures to acquire new equipment quickly, whenever required, without being concerned about removing old equipment.
  • Data Accuracy: Accurate data must be maintained at all times. This applies to any items that are deemed to be assets of the company. IT assets often are the cause of heightened anxiety, because the equipment is often portable, costly and a possible security risk.
  • Business inefficiency: Typically, organizations operating without the benefit of ITAM cannot answer these essential questions:
    • What assets do we own?
    • Where are these assets?
    • Who is using them?
    • What contract terms and conditions govern these assets?
    • Do we have the necessary software licenses?
    • What software is currently in use?
    • Are we adhering to the terms and conditions of the licenses?
    • What assets are still under warranty?
    •  Are the guidelines for hardware and software upgrades being followed?
    • What are the total costs involved in the use of our assets?
上一章目录下一章