2.149.1 Asset Management Policy

Manual Transmittal

September 14, 2018

Purpose

(1) This transmits revised IRM 2.149.1 Asset Management, Asset Management (AM) Policy.

Material Changes

(1) IRM 2.149.1 has been revised to include Program Scope and Objectives.

(2) Removed the following obsolete policy memorandums from the Authority and Reference Documents section:

  • Asset Inventory Requirements for Timely Updating of Inventory Records

  • Route All Hardware/Software WebIPS Requisitions through UNS Asset Management Program Office

(3) Added to the Authority and Reference Documents section the following information pertaining to information technology:

  • Public Law 113-291, National Defense Authorization Act, Federal Information Technology Acquisition Reform Act (FITARA) (Dec. 2014)

  • OMB issued Memorandum M-16-12, date June 2, 2016: Improving the Acquisition and Management of Common Information Technology: Software Licensing

  • Public Law 114-210, Megabyte Act of 2016, Making Electronic Government Accountable by Yielding Tangible Efficiencies Act of 2016 (July 29,2016)

Effect on Other Documents

IRM 2.149.1 dated September 23, 2015 is superseded.

Audience

The Asset Management Policy is applicable to all employees enterprise-wide responsible for managing IT equipment, including Asset Management’s stakeholders, customers, asset owners, contractors, and vendors.

Effective Date

(09-14-2018)

S. Gina Garza
Chief Information Officer

Program Scope and Objectives

  1. This document describes the formal Information Technology (IT) policy for implementing the requirements of the Information Technology (IT) Asset Management Policy process. It provides the purpose, scope, authority, and mandates for institutionalizing this process.

Background

  1. User & Network Services (UNS) is responsible for the development, implementation and maintenance of this directive. Approval of this directive, including updates, rests with the Associate Chief Information Officer (ACIO) for UNS. All proposed changes to this directive must be submitted to the Service Asset & Configuration Management (SACM) organization in UNS.

  2. These policies define the Asset Management process and apply to all areas managing information technology assets.

Purpose
  1. This policy establishes authority and responsibility for the performance of IT asset management throughout the IRS. It also establishes policies and procedures for management and control of hardware and software assets throughout their lifecycle.

Scope
  1. Asset Management (AM) is the process responsible for tracking and reporting the value and ownership of financial assets throughout their lifecycle. Asset Management is part of an overall Service Asset and Configuration Management Process. An IT asset is property or equipment that is part of the IT infrastructure, including hardware and software for IT and telecommunications data and voice that is in use, in reserve storage, or is awaiting disposal. All IRS organizations (including contractors) developing, maintaining, and controlling IT assets shall adhere to the mandates of this policy and all associated AM procedures. For additional information, refer to the Asset Management User Guides on the IT Process Asset Library: IT PAL.

Authority

  1. User & Network Services (UNS) is responsible for the development, implementation and maintenance of this directive. Approval of this directive, including updates, rests with the Service Asset & Configuration Management organization in UNS. All proposed changes to this directive must be submitted to UNS.

Mandate

  1. All AM activities shall be planned, managed, implemented, and controlled in accordance with all applicable laws, regulations, IRS policies, processes, and procedures. Throughout the lifecycle of hardware and software assets, the following policies apply:

    • The Chief Technology Officer (CTO) is the official responsible for ownership, management, and control of IT property. Organizations other than IRS IT are not authorized to purchase, acquire, manage, move or maintain IT property. IRS IT is also responsible for the accounting and recording of IT property in the inventory system.

    • The CTO or other delegated executive shall ensure that necessary budget, labor, tools, and appropriate training are available to implement asset management policies and procedures.

    • This process supports the integrity of the data by ensuring accurate and complete asset records are maintained.

    • Reports shall contain complete, reliable, consistent, and timely financial information regarding IT assets.

    • Asset data shall be documented using approved procedures.

    • The IT asset records are periodically audited with the results reported to the applicable business and system stakeholders.

    • The personnel designated or assigned to perform asset management activities shall be trained in the standards, process, and procedures for performing these activities.

    • The collection of metric is used to determine the status of asset management activities and effectiveness to support increasing capability maturation.

    • The asset management process shall ensure economic and efficient purchase, lease, maintenance, operation, and use of IT property.

    • The disposal of hardware assets shall include transfer of excess or surplus computer equipment to qualifying schools and educational non-profits as a high priority.

    • The IRS complies with audit requests from the Treasury Inspector General for Tax Administration’s (TIGTA) Office of Audit and resolves audit findings.

    • The IRS adheres to Government Accountability Office (GAO) policies and procedures.

    • Federal agencies are required to employ tracking systems, such as specialized fully automated applications depending on the needs of the organization, for software protected by quantity licenses to control copying and distribution and to help ensure that software is used in accordance with licensing agreements.

    • Bureaus are required periodically scan their networks to detect and remove any unauthorized or unlicensed software.

    • Federal agencies are required to develop software license management policies and procedures. Federal agencies are also required to prepare inventories of software present on computers to help to ensure that software is used in compliance with copyright laws.

    • Federal agencies are required to take inventory of their information technology assets and ensure they are not paying for unused or under utilized installed software.