- 2.149.2 Asset Management Process Description
- 22.214.171.124 Introduction
- 126.96.36.199.1 Administration
- 188.8.131.52 Overview
- 184.108.40.206 Workflow
- 220.127.116.11.1 Main Process Diagram
- 18.104.22.168.2 Inputs
- 22.214.171.124.3 Outputs
- 126.96.36.199.4 Activities
- 188.8.131.52.5 Roles
- 184.108.40.206 Process Control
- 220.127.116.11 Training
- 18.104.22.168 Exhibits
Part 2. Information Technology
Chapter 149. 9 IT Asset Management
Section 2. Asset Management Process Description
October 19, 2015
(1) This transmits new Internal Revenue Service (IRS), Asset Management Process Description (PD).
(1) The Asset Management Process provides an enterprise-wide method for managing hardware and software information technology (IT) assets.
Terence V. Milholland
Chief Technology Officer
This document describes the formal process for implementing the requirements of the Asset Management Process. It provides an operational definition of the major components of the process and how to perform each step in the process. This document also describes the logical arrangements of steps that are essential to successfully completing the process and achieving its desirable outcome.
A process is defined as “A set of related activities that accomplish a common goal”. The process definition laid out in this document further breaks down these Activities into Tasks, each of which have a complete set of attributes defined such as data and tool specifications and the role(s) responsible for executing the tasks. The document also includes process goal and objectives, metrics, role definitions, policies and other process related attributes.
Asset Management is the process responsible for tracking and reporting the value and ownership of financial assets throughout their lifecycle. This document describes the major steps within the enterprise-wide Asset Management Process, which include:
Step 1 - Manage IT Asset Plan
Step 2 - Process Acquired IT Asset
Step 3 - Deploy IT Asset
Step 4 - Maintain IT Asset
Step 5 - Dispose IT Asset
The process goal describes a specific purpose or achievement toward which the efforts of the process are directed. Each process has a specific focus and when combined with the other processes, forms a comprehensive framework for delivering and managing services.
The Asset Management Process provides direction for managing IT assets throughout their lifecycle and provides oversight for IRS Asset Management policies, procedures and controls. In addition, this process supports lifecycle management and strategic decision-making for the IT environment.
Process objectives describe material outcomes that are produced or achieved by the process. The following is a list of objectives for this process:
Track and report the value and ownership of financial assets for improved accountability throughout the lifecycle
Ensure that asset purchases and disposals are properly authorized and carried out in accordance with core policy, legislation, and regulations
Ensure IRS assets (hardware and software) that comprise the IT infrastructure are used in the most efficient manner by managing compliance, reducing overpurchases, and redeploying assets
Meet Industry standards for commonality in the IT Service Management (ITSM) process
Support the infrastructure for delivery of IT Services to the business units
Maintain accurate and timely asset information for decision-making and reporting purposes
A workflow consists of Activities and Tasks, Inputs and Outputs, Roles, and Flow Diagrams. It describes the tasks, procedural steps, organizations or people involved, required input and output information, and tools needed for each step of the process.
Asset Management Workflow for Hardware & Software
Process inputs are used as triggers to initiate the process and to produce the desired outputs. Users, stakeholders or other processes provide inputs. The following is a list of inputs for this process:
Name Description Supplier Policies and Directives The guidelines to manage the IT Asset Management program and ensure financial assets are accurately tracked in the authoritative repositories. Asset Management Service Request A request from a user for information, or advice, or for a standard change or for access to an IT Service. Request Fulfillment Incident Ticket An unplanned interruption to an IT Service or a reduction in the quality of an IT Service. Incident Management Request for Change (RFC)/Work Request A formal proposal for a change to be made (work request). An RFC includes details of the proposed change, and may be recorded on paper or electronically. Change Management IT Equipment Profile The standardized list of IT equipment given to each employee based upon their occupation in the IRS. Service Level Management Budget Information The financial data used to support the IT Asset Plan. IT Financial Management IT Asset The property or equipment that is part of the information technology infrastructure, including hardware and software for IT and telecommunications data and voice that is in use, in reserve storage, or awaiting disposal. Supplier Management, Asset Management Move/Add/Change Form A form used to document the status (location/assignment/user) of any piece of hardware (IT asset). It is used to update the asset repository. Asset Management, Stakeholders Purchase Documentation The types of purchase documentation include requisitions and contracts. Supplier Management Acquisition Documentation The types of acquisition documentation include transfers from another federal agency and/or seized and forfeited assets. Asset Management, Stakeholders Asset Repository The database that stores, maintains, and tracks the value and ownership of assets. Asset Management Asset Management Reports The reports generated to provide data on the asset management inventory. Asset Management, Supplier Management Maintenance and Warranty Agreements The warranties are agreements which call for the replacement or repair of hardware assets at no additional charge. Maintenance agreements ensure continued operation of an IT asset by providing preventive and remedial services, including support and installation. Supplier Management Financial/Compliance Audits
(GAO, TIGTA, CFO)
The formal inspection and verification to check whether a standard or set of guidelines is being followed, that records are accurate, or that efficiency and effectiveness targets are being met. Audit Management (Strategy & Planning) Testing Documentation The documentation of testing process and results. Release & Deployment Management Annual Inventory Certification Plan The annual overview of hardware asset management objectives, guidelines, and activities necessary to meet IRS’ annual financial audits and deliverables including certifying the accuracy and completeness of IRS’ authoritative inventory system. Asset Management Disposal Documentation The documents used to support the disposal of hardware IT assets. Asset Management, Supplier Management, AWSS/FMSS
Each process produces tangible outputs. These outputs can take the form of products or data and can be delivered to a user or stakeholder, or, they can be used as inputs to other processes. Outputs are measurable in terms of quantity and quality.
Name Description Recipient IT Asset Plan A tactical plan for managing an organization's infrastructure and assets to deliver an agreed standard of service. Supplier Management, IT Financial Management Request for Change (RFC)/Work Request A formal proposal for a change to be made (work request). An RFC includes details of the proposed change, and may be recorded on paper or electronically. Change Management Budget Information The financial data used to support the IT Asset Plan. IT Financial Management Asset Repository An asset record is updated within the Asset Repository. Asset Management Asset Management Reports The reports generated to provide data on the current asset management inventory. Asset Management, Supplier Management, Stakeholders Deployed IT Asset The IT asset is delivered and set up for the recipient. Asset Management, Stakeholders Service Request A request from a user for information, or advice, or for a standard change or for access to an IT Service has been fulfilled and closed. Request Fulfillment, Asset Management Incident Ticket The resolution of an unplanned interruption to an IT Service or a reduction in the quality of an IT Service. Incident Management, Asset Management Disposal Documentation The documents used to support the disposal of hardware IT assets. Asset Management, Supplier Management, AWSS/FMSS Knowledge Article The shared information or instructions contained in a centralized database. Knowledge Management, Stakeholders
An activity is a major unit of work to be completed in achieving the objectives of the process. A process consists of a sequence of related activities that transforms inputs into outputs and performed by the roles defined in the process. Identify the activities in the process and provide a brief description. The activities must correspond with the high-level process flow diagram above.
Additional instructions for the following steps are found in the Asset Management – User Guides at the IT Process Asset Library (PAL) website: IT PAL
ID Name Description Step 1 Manage IT Asset Plan Plan for new IT asset purchases or replacement of existing IT assets Step 2 Process Acquired IT Asset Ensure new and transferred IT assets are accounted for in the IRS authoritative repository Step 3 Deploy IT Asset Provide IT assets needed to the recipient. Some of these activities include identifying assets and entering asset information in a repository
Note: This process step is for Hardware IT assets only. Software IT assets are deployed in the Release & Deployment process
Step 4 Maintain IT Asset Inventory, count and track assets, monitor usage, and manage warranties (hardware) /contracts for maintenance and support. Some of these activities include monitoring the useful life of an asset, quality reviews and continuous evaluations to improve services for future modification. Each activity may have a different trigger(s) that starts the process Step 5 Dispose IT Asset Remove IT assets from active inventory and make them unavailable for use. Some of these activities include determining IT assets reaching end of life and performing disposal activities
Each process defines at least one role. Each role is assigned to perform specific tasks within the process. The responsibilities of a role are confined to the specific process. They do not imply any functional standing within the hierarchy of an organization. For example, the process manager role does not imply the role is associated with or fulfilled by someone with functional management responsibilities within the organization. Within a specific process, there can be more than one individual associated with a specific role. Additionally, a single individual can assume more than one role within the process although typically not at the same time.
Name Description Asset Management Specialists - Hardware
Manage control processes and interactions for all enterprise-wide hardware financial assets and associated components
Develop policies and procedures related to the management of hardware assets as needed
Provide input for hardware asset lifecycle plans
Direct and execute hardware asset certification activities
Develop and maintain disposal policies/activities to ensure data integrity
Reconcile hardware assets receipt data for verification and audit
Process Move/Add/Change Forms
Oversee and coordinate with external/internal auditors (GAO, TIGTA, and CFO) regarding IT assets
Administrate guidelines for quality reviews
Asset Management Specialists - Software
Manage control processes and interactions for all enterprise-wide software financial assets and associated components
Develop policies and procedures related to the management of software assets as needed
Monitor software usage
Manage software licenses
Ensure compliance with IRS software standards
Reconcile software assets receipt data for verification and audit
Oversee and coordinate with external/internal auditors (GAO, TIGTA, and CFO) regarding IT assets
Administrate guidelines for quality reviews
Asset Management Specialists - Equipment
Prepare, coordinate, and ship equipment
Maintain and review repository for inventory accuracy
Receive new IT assets
Manage the receipt of IT assets
Retire IT assets as needed
Coordinate with AWSS to complete the disposal process
Evaluate usage and stock levels for IT assets
Develop policies and procedures related to the management of depot assets as needed
Recommend changes to the inventory plan based on inventory usage and demand levels
Asset Management Specialists - Materials
Develop, implement, execute, and modify the IRS IT Asset Plan
Manage inventory replenishments
Analyze information from multiple, disparate databases and formulate decisions and business justifications to adjust the inventory plan
Develop forecasts and projections to determine demand on the inventory investment
Analyze economic order quantities and delivery times for replenishment of the inventory items
Develop policies and procedures related to the management of depot assets as needed
Manage and control inventory levels
Activities involved in ensuring a process is predictable, stable, and consistently operating at the target level of performance.
Process controls represent the policies and guiding principles on how the process will operate. Controls provide direction over the operation of processes and define constraints or boundaries within which the process must operate
Name Description GAO, CFO and TIGTA Audits Formal inspection and verification to check whether a standard or set of guidelines is being followed, that records are accurate, or that efficiency and effectiveness targets are being met. Asset Management Policies Policies and regulations that provide guidance for managing the IT Asset Management program. Security Policies Policies to ensure the confidentiality, integrity, and availability of IT assets. Annual Inventory Certification Plan Annual overview of hardware asset management objectives, guidelines, and activities necessary to meet IRS’ annual financial audits and deliverables, including certifying the accuracy and completeness of IRS’ authoritative inventory system. Governance Governance ensures that policies and strategy are actually implemented and that required processes are correctly followed.
Metrics are used for the quantitative and periodic assessment of a process. They should be associated with targets that are set based on specific business objectives. Metrics provide information related to the goals and objectives of a process and are used to take corrective action when desired results are not being achieved and can be used to drive continual improvement of process effectiveness and efficiency.
Management will regularly set targets for process performance, gather quantifiable data related to different functions of the Asset Management Process, and review that data in order to make informed decisions and take appropriate corrective action, if necessary. All Measurements will have a defined data dictionary, map to the organizational strategic goals, and be documented in a Process Measurement Plan. The Process Measurement Plan template is available in the IT PAL.
Policies outline a set of plans or courses of action that are intended to influence and determine decisions or actions of a process. Policies provide an element of governance over the process that provides alignment to business vision, mission and goals.
The Asset Management Process will have a single Process Owner and a separate Process Manager, responsible for implementation and ensuring adherence to the process. The process will be reviewed regularly to ensure that it continues to support the business requirements of the enterprise. The process will be designed and developed based on ROI to the business. Process metrics will be focused on providing relevant information as opposed to merely presenting raw data.
Roles and responsibilities for the process must be clearly defined and appropriately staffed with people having the required skills and training. The mission, goals, scope and importance of the process must be clearly and regularly communicated by upper management to the staff and business customers of IT. All IT staff (direct and indirect users of the process) shall be trained at the appropriate level to enable them to support the process.
It is imperative that people working in, supporting, or interacting with the process in any manner understand what they are supposed to do. Without that understanding the Asset Management Process will not be successful.
Modifications to the Asset Management Process must be approved by the Process Owner. The design of the process must include appropriate interfaces with other processes to facilitate data sharing, escalation and workflow. The process must be capable of providing data to support real-time requirements as well as historical/trending data for overall process improvement initiatives. The process must be fully documented, published and accessible to the various stakeholders of the process. The process will be reviewed on a periodic basis in order to ensure it continues to support organizational goals and objectives (continuous improvement). The process must include Inputs, Outputs, Controls, Metrics, Activities, Tasks, Roles and Responsibilities, Tool and Data requirements along with documented process flows. The process will be kept straight forward, rational, and easy to understand.
The process must meet operational and business requirements.
All tools selected must conform to the enterprise architectural standards and direction. Existing in-house tools and technology will be used wherever possible, new tools will only be entertained if they satisfy a business need that cannot be met by current in-house tools. The selection of supporting tools must be process driven and based on the requirements of the business. Selected tools must provide ease of deployment, customization, and use. The selected tools must support heterogeneous platforms. Automated workflow, notification and escalation will be deployed wherever possible to minimize delays, ensure consistency, reduce manual intervention and ensure appropriate parties are made aware of issues requiring their attention. The tools used by this process are the following:
HP Asset Manager (Hardware Repository)
Symantec Management Platform - Altiris Asset Management Suite for Client (Software Repository)
Technology and tools should be used to augment the process capabilities, not become an end themselves.
The tailoring guidelines identify the allowable variations of the IT organization’s standard process as needed for adjustments (adding, deleting, modifying) relative to specific operational or functional needs of another organization. Process tailoring is about roles and procedures, not the standard process or major activities defined in this process. All tailoring request, with supporting rationale, must be submitted in writing to and approved by the Asset Management Process owner.
Process training involves training all stakeholders about key processes that are crucial for an organization to deliver business objectives. Training provides clarity to employees on a set of procedures that needs to be carried out as part of the process and the best possible way to do them. List below the training resources available for this process:
Information Technology Infrastructure Library (ITIL)
The above bullet list are types of training that are recommended for the Asset Management Process.
Refer to Asset Management User Guides located on the IT PAL for specific ELMS courses.
Exhibit A - Acronyms
Exhibit B - Glossary
The abbreviations and acronyms include an alphabetical listing of some commonly used terms in IT Asset Management.
Acronyms Definition ACIO Associate Chief Information Officer AM Asset Management ARM Asset Management Reports AWSS Agency Wide Shared Services CFO Chief Financial Officer CMMI Capability Maturity Model Integrated COE Common Operating Environment CTO Chief Technology Officer EOL End of Life FMSS Facilities Management and Security Services (formerly Real Estate and Facilities Management (REFM)) GAO Government Accountability Office IPM Integrated Process Management IRM Internal Revenue Manual IRS Internal Revenue Service IT Information Technology ITIL Information Technology Infrastructure Library ITSM IT Service Management PAL Process Asset Library PD Process Description PMI Project Management Institute POC Point of Contact RACI (Responsible, Accountable, Consulted, and Informed) This model is used to help define roles and responsibilities, instructions for the activities used in the Hardware Asset Management procedures RFC Request For Change ROI Return On Investment SACM Service Asset & Configuration Management TIGTA Treasury Inspector General for Tax Administration UNS User & Network Services
The definitions listed below are some commonly used terms and are provided as an aid to understanding IT Asset Management.
Term Definition Agreed Life An asset is designed to perform a function at an acceptable level for a predetermined amount of time according to the manufacturer’s lifecycle. It ensures that the defined services for the asset are met to provide the level of service required by the customer, in terms of quality and reliability. Annual Inventory Certification Plan Annual overview of hardware asset management objectives, guidelines, and activities necessary to meet IRS’ annual financial audits and deliverables including certifying the accuracy and completeness of IRS’ authoritative inventory system. Artifact A work product created by a process or procedure step, e.g., plans, design specifications, etc. Asset Any resource or capability. Assets of a service provider include anything that could contribute to the delivery of a service. Assets can be one of the following types: management, organization, process, knowledge, people, information, applications, infrastructure, and financial capital. Audit Formal inspection and verification to check whether a standard or set of guidelines is being followed, that records are accurate, or that efficiency and effectiveness targets are being met. An audit may be carried out by internal or external groups. Certification Issuing a certificate to confirm compliance to a standard. Certification includes a formal audit by an independent and accredited body. Depot A centralized storage area for In Stock IT equipment. Entry Criteria The elements and conditions (state) necessary to trigger the beginning of a process step. Exit Criteria The elements or conditions (state) necessary to trigger the completion of a process step. Hardware Asset Property meeting certain financial and security criteria that is part of the information technology infrastructure and represents a physical piece of computing electronic equipment. Incident Ticket The Enterprise Service Desk logs and tracks reported incidents. The incident will be assigned to a service provider for resolution. Information Technology (IT) The use of technology for the storage, communication, or processing of information. The technology typically includes computers, telecommunications, applications and other software. The information may include business data, voice, images, video, etc. Information Technology is often used to support business processes through IT services. Information Technology Infrastructure Library (ITIL) A set of best practice guidance for IT service management. ITIL is owned by the Office of Government Commerce (OGC) and consists of a series of publications giving guidance on the provision of quality IT services, and on the processes and facilities needed to support them. See http://www.itil.co.uk/ for more information. IT Asset Property or equipment that is part of the information technology infrastructure, including hardware and software for IT and telecommunications data and voice that is in use, in reserve storage, or is awaiting disposal. IT Asset Lifecycle A series of states connected by allowable transitions. The set of business practices that join financial, contractual, and inventory functions to support the management from acquisition to disposition for hardware and software found in the IT environment. IT Asset Plan A tactical plan for managing an organization's infrastructure and assets to deliver an agreed standard of service. IT Equipment Profile The standardized list of IT equipment given to each employee based upon their occupation in the IRS. Knowledge Article Shared information or instructions contained in a centralized database. Move/Add/Change Form A form used to document the status (location/assignment/user) of any piece of hardware (IT asset). It is used to update the asset repository. Process A structured set of activities designed to accomplish a specific objective. A process takes one or more defined inputs and turns them into defined outputs. A process may include any of the roles, responsibilities, tools, and management controls required to reliably deliver the outputs. A process may define policies, standards, guidelines, activities, and work instructions if they are needed. Process Owner A role responsible for ensuring that a process is fit for purpose. The process owner’s responsibilities include sponsorship, design, change management, and continual improvement of the process and its metrics. This role is often assigned to the same person who carries out the process manager role, but the two roles may be separate in larger organizations. Quality Reviews Quality reviews ensure compliance to asset management policies. RACI (Responsible - Accountable - Consulted - Informed) This model is used to help define roles and responsibilities, instructions for the activities used in the Hardware Asset Management procedures. Recipient The point of contact (POC) receiving the IT asset. Request for Change (RFC) A formal proposal for a change to be made (work request). An RFC includes details of the proposed change, and may be recorded on paper or electronically. Rogue Asset An unmanaged asset which appears amidst a population of managed assets. This can happen as a result of non-compliance with the policies concerning asset control and barcoding. Service Request A request from a user for information, or advice, or for a standard change or for access to an IT service. For example to reset a password, or to provide standard IT services for a new user. Service requests are usually handled by Enterprise Service Desk, and do not require an RFC to be submitted. Software Asset Property meeting certain financial and security criteria that is part of the information technology infrastructure and software installed on personal computers, laptops, desktops, servers, mainframes, network and mobile devices. Tool Job aid for a specific purpose, e.g., checklist, template, application, etc.