Why you should add ISO 19770-3 to your RFP must have list

Governance Home IT Contract Management Practices Software

by | June 12, 2017

In April 2015 the International Standards Organization (ISO) released a new standard for the ITAM (19770) family of standards. ISO/IEC 19770-3 is a standard defining a schema for encapsulation of Software License Entitlements. We call records compliant with this standard “Ent Tags”.

In this blog you’ll learn:

How this standard can reduce risk for your company
How this standard can make License Management and Software Asset Management (SAM) easier in your organization and
Why you should add a requirement for software vendors to supply you with an ISO 19770-3 compliant “Ent Tag” to every RFP (and software purchase) from now on

What is ISO 19770-3?

The standard itself is intended to allow the details of a software license transaction to be recorded. It provides a schema to encapsulate things like “Vendor”, “Title”, “Edition”, “Metric” and “Quantity” for software license entitlements.
Who created ISO 19770-3?

Anything published by ISO has had a LOT of different people feed into it. Defining and publishing a standard takes years, with multiple teams providing input, corrections, review, etc. The person who coordinates this is called the “Convener” or “Editor” of the standard. I am the Editor for ISO 19770-3, so I know quite as much about it as anyone else – and although I am a contributor to the standard, there is no one author.

Dave Bicket of m-Assure, an ISO behemoth and someone who spent 13 years working in Enterprise Risk Services for Deloitte did the majority of the revamp which brought the standard to its published form. WG21 (ISO Working Group 21) is the team that Dave and I are part of, which has responsibility for all 19770 family standards. While the standard was being developed WG21 had active participation from employees of IBM, Microsoft, Symantec and other software publishing companies. IBM and Microsoft, in particular, did a lot of testing and validation of the standard. That doesn’t mean IBM and Microsoft implement the standard – it just means that some of their employees, who work with ISO, have worked on it and/or tested it.
How can it benefit me/my company?

Most companies today have significant challenges recording and understanding their Software License Entitlements – for a wide variety of reasons. ISO 19770-3 Ent Tags are intended to resolve the root cause issue: Software Companies to date have not had a standard way of recording the entitlements they have sold you.

That’s what ISO 19770-3 enables. It effectively allows software vendors to provide you with a standardized “Receipt” for the licenses your organization buys.

Once the vendor provides you with this type of Receipt:

The vendor can no-longer challenge the details of your license record (because they provided it)
Today your records will be a mixture of details that have been interpreted by you, or by your SAM tool. No third party SAM tool (not even ours) is canonical. An ISO 19770-3 tag provided by the vendor of the software is canon.
You can trace the origin of any record to its original source
Let’s say you buy 1,000 licenses of Product X. You give 200 copies to Business Unit 1 (Faco) and 800 to Business Unit 2 (Imagino). Faco and Imagino each get supplemental “child” tags recording the internal allocation, which include a reference to the original “parent” record.

6 years later, Imagino is divested and becomes a separate company. The vendor is contacted and asked if the 800 licenses can be allocated to the new legal entity. They (reasonably enough) ask for details of the original license for the 800 entitlements. You can trace that these 800 licenses were part of an allocation 6 years previously and provide the original Entitlement ID’s (EntID) of the parent. Each EntID is Globally Unique – so will never be repeated.

You have perfect clarity on what you are entitled to/licensed for
Unlike relying on records from procurement systems or invoices which often lack the level of detail required to understand a software entitlement, ISO 19770-3 Ent Tags are designed to provide the required information. No more trying to figure out if 500 “Oracle” licenses mentioned on a receipt from 2009 are for the database or some other piece of software and are for Named User Plus or Concurrent User license types… all of the details will be in the Tag.
No more manual data entry
When you record a license transaction today you often do so manually. Ent Tags mean the vendor has provided you already with all of the details – just import them! This also means
You are no longer reliant on third party, non-canonical catalogs or repositories.
More freedom from SAM tool vendors
Yes – 1E is a SAM tool vendor, but we think of our customers first. Customers don’t want to be locked into keeping the same, crappy SAM tool around forever – they want data portability. They want to move to AppClarity J. Seriously though – by using a tool that is ISO 19770-3 compliant, you can move your data into any other 19770-3 compliant tool with ease.
Picking a SAM tool that is compliant with ISO 19770-3 (which AppClarity is) reduces your risk of picking a poor/sub-standard tool. If the tool is compliant, it can, by default, handle entitlement records for perpetual licenses, subscriptions, maintenance licenses, named user licenses, concurrent user licenses, resource based licenses (like Oracle Processor, MS SQL core-based licenses), literally ANY license type at all, with all associated Rights and Limitations.

So – with Ent Tags your risks are reduced and your processes for SAM are made faster and more accurate. Requesting that a vendor provides you with ISO 19770-3 compliant Ent Tags is entirely reasonable – it’s like asking a the Grocery store for a receipt when you buy groceries.



Subscribe To Our Newsletter

Subscribe To Our Newsletter

ITAM Channel brings the best news and views from the ITAM industry. Sign up for the newsletter and get them straight to your inbox

You have Successfully Subscribed!