Crawl-Walk-Run approach in implementing a SAM program in ServiceNow

Implementing a SAM program in ServiceNow is a structured journey that enhances software asset visibility, minimizes risks, and boosts operational efficiency. By adopting the Crawl-Walk-Run approach, ...

... organizations can progressively improve their SAM maturity. In the past years Noventiq Northern Europe has implemented ServiceNow SAM, HAM and Discovery for many customers. We have walked the walk and talked the talk, resulting in a lot of lessons learned for all parties.
 

Every organization is unique, but one thing is clear: organizations benefit immensely from a step-by-step approach. We have helped customers define a logical sequence of activities, and helped prioritize based on common sense and feasibility of progress. All aimed at ensuring that their SAM Program brings value as they expand it across the entire organization.

Recently Kieron Dean from ServiceNow published a valuable article   on the ServiceNow community. He links the Crawl-Walk-Run method   to the maturity items that are available in the ServiceNow Success portal view in Software Asset Workspace.

We would like to highlight some of the main topics from the Crawl Phase. In the next editions we will then move to Walk and Run!

Crawl Phase: Visibility Into Software Estate/Spend

In this first phase, organizations establish a healthy Configuration Management Database (CMDB), identify tools to discover software data, and establish processes and roles. They should focus on End-user computing (EUC) or SaaS integrations, for which licensing isn't overly complex and software discovery sources are readily available.

The main focus points for this stage are:

• A CMDB Health Check: This is crucial, as the CMDB holds all asset and configuration data. The check should look at validating asset and configuration data, ensuring well-defined asset classes, categories, and relationships to other IT services to avoid fragmentation and resolving any data discrepancies.
• Establishing SAM Management processes (as Noventiq we feel that this would preferably be combining the SAM process guide from ServiceNow with the ISO 19770-1 standard)
• Identifying key stakeholders: Establishing clear communication and gathering input from these stakeholders could help in gaining support for the SAM program.
• Assigning responsibility to each role based on level of involvement in the SAM program;
• Defining the Success Criteria of the SAM program;
• Creating a software end-user request process: Creation of standard and non-standard software requests is critical for establishing a single point of entry for requests and for the ability to source the request from existing licenses if available;
• Measuring and share success achieved in the SAM Program;
• Establishing data import activities to capture procurement information to related software licenses, if a full integration into the procurement system is not achievable;
• Training both internally for end users and externally for SAM resources is essential to a successful SAM Program;
• Service Graph Connectors: Software license compliance varies greatly between the datacenter environment and the end-user computing (EUC) environment because of the distinct ways software is deployed and utilized in each setting. During the Crawl phase, we suggest focusing on identifying software within the EUC environment, as this information is typically accessible through Endpoint Management Tools in most organizations (e.g., Microsoft SCCM/MECM, Microsoft Intune, Tanium, Jamf, etc.).
• EUC (end-user computing) - Normalization: Software data can originate from various sources and consequently may have different formats. Keeping an always-clean software asset database, automatic and continuous normalization standardizes this data. Software normalization is a continuous process, because software is constantly being added to and removed from your environment. In ServiceNow SAM, scheduled tasks make sure the normalization process runs regularly for all Software Discovery Models and instantly whenever new ones are generated.
• EUC - SaaS Usage via Single Sign-On: The software discovery sources discussed in the previous section will provide visibility into software locally installed on devices in the EUC estate. However, end users increasingly consume software products that are not installed on any device in an organization. Such software is consumed via a web browser and is typically licensed on a subscription basis. This software delivery model is known as Software-as-a-Service (SaaS). Companies can leverage Single Sign-On (SSO) data to gain insights into SaaS application usage by analyzing user authentication patterns.