[Infowarrior] - An end to the software police?

[Richard Forno]

An end to the software police?

By Colin Barker
http://news.com.com/An+end+to+the+software+police/2100-1013_3-6070951.html

Story last modified Wed May 10 16:41:11 PDT 2006

After months of delay, the ISO has finally published a standard for software
asset management that may protect companies from legal and financial threats
over licensing issues.

The International Standards Organization finally published its standard for
software asset management on Monday.

In the last few years, software asset management (SAM) has become a key
issue for companies trying to keep track of what tools they are using, how
much they are paying in software licensing costs and, crucially, what they
could save by better use of those assets.

The issue has been brought into sharper focus through the activities of the
Business Software Alliance (BSA), the U.K.-based Federation Against Software
Theft (FAST) and companies such as Microsoft that have made clear the
penalties for companies that use improperly licensed software.

The new standard, called ISO/IEC 17990-1, is published jointly by the ISO
and the International Electrotechnical Commission. It had been due for
arrival this March, after missing its original 2005 release date.

Investors in Software is one of the organizations involved in the
development of the standard, which it has been working on for four years.

The group said in a statement on its Web site: "The underlying justification
for SAM is the need to apply good governance to software assets--without it,
organizations could be subjected to significant risks, including legal and
financial exposure."

Shawn Frohlich of IIS is delighted the standard has been finally accepted.
"Until Monday night, companies had no way of establishing that they were
properly managing their assets. They had no way of proving it. Now they do,"
Frohlich said. "There is a standard to work towards."

However, ISO has only published Part 1, which covers processes. The second
part of the standard, covering tools, is expected later this year.

Part 1 is divided into risk management, cost control and competitive
advantage.

For Frohlich, risk management is a key area. "You couldn't demonstrate a
clean bill of health before," he said.

Risk management covers issues that could arise from improper licensing, such
as interruption or deterioriation of IT services, legal and regulatory
exposure and damage to public image.

It is the latter two areas that have focused CIOs and IT managers on
software asset management. Businesses that have been caught infringing on
software licenses have suffered high-profile, and often very expensive,
humiliation at the hands of Fast and the BSA.

Frohlich believes both interest groups will welcome the new standard: "The
BSA has already welcomed it, and I believe Fast is preparing something as
well."

Neil MacBride, BSA's vice president of legal affairs, said in a statement
that the organization is "delighted that the ISO has launched this standard,
and we congratulate all those in the standards and software asset management
community around the world who have worked so hard to bring this to
fruition."

MacBride said it was a milestone in the global development of software
management best practices and would help organizations of all sizes to
ensure that they are fully software compliant and making best use of their
software assets.

According to the ISO, the standard will "enable an organization to prove
that it is performing SAM to a standard sufficient to satisfy corporate
governance requirements and ensure effective support for IT service
management overall."

Colin Barker reported for ZDNet UK in London.