2.149.2 Asset Management Process Description

Manual Transmittal

October 19, 2015

Purpose

(1) This transmits new Internal Revenue Service (IRS), Asset Management Process Description (PD).

Material Changes

(1) The Asset Management Process provides an enterprise-wide method for managing hardware and software information technology (IT) assets.

Effect on Other Documents

Approval of this Asset Management Policy replaces IRM 2.14.1, Asset Management, IT Asset Management.

Audience

The Asset Management Process Description is applicable to all employees enterprise-wide responsible for managing IT equipment, including Asset Management’s stakeholders, customers, asset owners, contractors, and vendors.

Effective Date

(10-19-2015)

Terence V. Milholland
Chief Technology Officer

Introduction

  1. This document describes the formal process for implementing the requirements of the Asset Management Process. It provides an operational definition of the major components of the process and how to perform each step in the process. This document also describes the logical arrangements of steps that are essential to successfully completing the process and achieving its desirable outcome.

Administration

  1. All proposed changes to this document must be submitted in writing, with supporting rationale, to Service Asset & Configuration Management (SACM) organization in User & Network Services (UNS).

Overview

  1. A process is defined as “A set of related activities that accomplish a common goal”. The process definition laid out in this document further breaks down these Activities into Tasks, each of which have a complete set of attributes defined such as data and tool specifications and the role(s) responsible for executing the tasks. The document also includes process goal and objectives, metrics, role definitions, policies and other process related attributes.

Process Description

  1. Asset Management is the process responsible for tracking and reporting the value and ownership of financial assets throughout their lifecycle. This document describes the major steps within the enterprise-wide Asset Management Process, which include:

    • Step 1 - Manage IT Asset Plan

    • Step 2 - Process Acquired IT Asset

    • Step 3 - Deploy IT Asset

    • Step 4 - Maintain IT Asset

    • Step 5 - Dispose IT Asset

Goal

  1. The process goal describes a specific purpose or achievement toward which the efforts of the process are directed. Each process has a specific focus and when combined with the other processes, forms a comprehensive framework for delivering and managing services.

    • The Asset Management Process provides direction for managing IT assets throughout their lifecycle and provides oversight for IRS Asset Management policies, procedures and controls. In addition, this process supports lifecycle management and strategic decision-making for the IT environment.

Objectives

  1. Process objectives describe material outcomes that are produced or achieved by the process. The following is a list of objectives for this process:

    • Track and report the value and ownership of financial assets for improved accountability throughout the lifecycle

    • Ensure that asset purchases and disposals are properly authorized and carried out in accordance with core policy, legislation, and regulations

    • Ensure IRS assets (hardware and software) that comprise the IT infrastructure are used in the most efficient manner by managing compliance, reducing overpurchases, and redeploying assets

    • Meet Industry standards for commonality in the IT Service Management (ITSM) process

    • Support the infrastructure for delivery of IT Services to the business units

    • Maintain accurate and timely asset information for decision-making and reporting purposes

Workflow

  1. A workflow consists of Activities and Tasks, Inputs and Outputs, Roles, and Flow Diagrams. It describes the tasks, procedural steps, organizations or people involved, required input and output information, and tools needed for each step of the process.

Main Process Diagram

  1. Asset Management Workflow for Hardware & Software

    Figure 2.149.2-1

    This is an Image: 67331001.gif

    Please click here for the text description of the image.

Inputs

  1. Process inputs are used as triggers to initiate the process and to produce the desired outputs. Users, stakeholders or other processes provide inputs. The following is a list of inputs for this process:

    Name Description Supplier
    Policies and Directives The guidelines to manage the IT Asset Management program and ensure financial assets are accurately tracked in the authoritative repositories. Asset Management
    Service Request A request from a user for information, or advice, or for a standard change or for access to an IT Service. Request Fulfillment
    Incident Ticket An unplanned interruption to an IT Service or a reduction in the quality of an IT Service. Incident Management
    Request for Change (RFC)/Work Request A formal proposal for a change to be made (work request). An RFC includes details of the proposed change, and may be recorded on paper or electronically. Change Management
    IT Equipment Profile The standardized list of IT equipment given to each employee based upon their occupation in the IRS. Service Level Management
    Budget Information The financial data used to support the IT Asset Plan. IT Financial Management
    IT Asset The property or equipment that is part of the information technology infrastructure, including hardware and software for IT and telecommunications data and voice that is in use, in reserve storage, or awaiting disposal. Supplier Management, Asset Management
    Move/Add/Change Form A form used to document the status (location/assignment/user) of any piece of hardware (IT asset). It is used to update the asset repository. Asset Management, Stakeholders
    Purchase Documentation The types of purchase documentation include requisitions and contracts. Supplier Management
    Acquisition Documentation The types of acquisition documentation include transfers from another federal agency and/or seized and forfeited assets. Asset Management, Stakeholders
    Asset Repository The database that stores, maintains, and tracks the value and ownership of assets. Asset Management
    Asset Management Reports The reports generated to provide data on the asset management inventory. Asset Management, Supplier Management
    Maintenance and Warranty Agreements The warranties are agreements which call for the replacement or repair of hardware assets at no additional charge. Maintenance agreements ensure continued operation of an IT asset by providing preventive and remedial services, including support and installation. Supplier Management
    Financial/Compliance Audits
    (GAO, TIGTA, CFO)
    The formal inspection and verification to check whether a standard or set of guidelines is being followed, that records are accurate, or that efficiency and effectiveness targets are being met. Audit Management (Strategy & Planning)
    Testing Documentation The documentation of testing process and results. Release & Deployment Management
    Annual Inventory Certification Plan The annual overview of hardware asset management objectives, guidelines, and activities necessary to meet IRS’ annual financial audits and deliverables including certifying the accuracy and completeness of IRS’ authoritative inventory system. Asset Management
    Disposal Documentation The documents used to support the disposal of hardware IT assets. Asset Management, Supplier Management, AWSS/FMSS

Outputs

  1. Each process produces tangible outputs. These outputs can take the form of products or data and can be delivered to a user or stakeholder, or, they can be used as inputs to other processes. Outputs are measurable in terms of quantity and quality.

    Name Description Recipient
    IT Asset Plan A tactical plan for managing an organization's infrastructure and assets to deliver an agreed standard of service. Supplier Management, IT Financial Management
    Request for Change (RFC)/Work Request A formal proposal for a change to be made (work request). An RFC includes details of the proposed change, and may be recorded on paper or electronically. Change Management
    Budget Information The financial data used to support the IT Asset Plan. IT Financial Management
    Asset Repository An asset record is updated within the Asset Repository. Asset Management
    Asset Management Reports The reports generated to provide data on the current asset management inventory. Asset Management, Supplier Management, Stakeholders
    Deployed IT Asset The IT asset is delivered and set up for the recipient. Asset Management, Stakeholders
    Service Request A request from a user for information, or advice, or for a standard change or for access to an IT Service has been fulfilled and closed. Request Fulfillment, Asset Management
    Incident Ticket The resolution of an unplanned interruption to an IT Service or a reduction in the quality of an IT Service. Incident Management, Asset Management
    Disposal Documentation The documents used to support the disposal of hardware IT assets. Asset Management, Supplier Management, AWSS/FMSS
    Knowledge Article The shared information or instructions contained in a centralized database. Knowledge Management, Stakeholders

Activities

  1. An activity is a major unit of work to be completed in achieving the objectives of the process. A process consists of a sequence of related activities that transforms inputs into outputs and performed by the roles defined in the process. Identify the activities in the process and provide a brief description. The activities must correspond with the high-level process flow diagram above.

  2. Additional instructions for the following steps are found in the Asset Management – User Guides at the IT Process Asset Library (PAL) website: IT PAL

    ID Name Description
    Step 1 Manage IT Asset Plan Plan for new IT asset purchases or replacement of existing IT assets
    Step 2 Process Acquired IT Asset Ensure new and transferred IT assets are accounted for in the IRS authoritative repository
    Step 3 Deploy IT Asset Provide IT assets needed to the recipient. Some of these activities include identifying assets and entering asset information in a repository
    Note: This process step is for Hardware IT assets only. Software IT assets are deployed in the Release & Deployment process
    Step 4 Maintain IT Asset Inventory, count and track assets, monitor usage, and manage warranties (hardware) /contracts for maintenance and support. Some of these activities include monitoring the useful life of an asset, quality reviews and continuous evaluations to improve services for future modification. Each activity may have a different trigger(s) that starts the process
    Step 5 Dispose IT Asset Remove IT assets from active inventory and make them unavailable for use. Some of these activities include determining IT assets reaching end of life and performing disposal activities

Roles

  1. Each process defines at least one role. Each role is assigned to perform specific tasks within the process. The responsibilities of a role are confined to the specific process. They do not imply any functional standing within the hierarchy of an organization. For example, the process manager role does not imply the role is associated with or fulfilled by someone with functional management responsibilities within the organization. Within a specific process, there can be more than one individual associated with a specific role. Additionally, a single individual can assume more than one role within the process although typically not at the same time.

    Name Description
    Asset Management Specialists - Hardware
    • Manage control processes and interactions for all enterprise-wide hardware financial assets and associated components

    • Develop policies and procedures related to the management of hardware assets as needed

    • Provide input for hardware asset lifecycle plans

    • Direct and execute hardware asset certification activities

    • Develop and maintain disposal policies/activities to ensure data integrity

    • Reconcile hardware assets receipt data for verification and audit

    • Process Move/Add/Change Forms

    • Oversee and coordinate with external/internal auditors (GAO, TIGTA, and CFO) regarding IT assets

    • Administrate guidelines for quality reviews

    Asset Management Specialists - Software
    • Manage control processes and interactions for all enterprise-wide software financial assets and associated components

    • Develop policies and procedures related to the management of software assets as needed

    • Monitor software usage

    • Manage software licenses

    • Ensure compliance with IRS software standards

    • Reconcile software assets receipt data for verification and audit

    • Oversee and coordinate with external/internal auditors (GAO, TIGTA, and CFO) regarding IT assets

    • Administrate guidelines for quality reviews

    Asset Management Specialists - Equipment
    • Prepare, coordinate, and ship equipment

    • Maintain and review repository for inventory accuracy

    • Receive new IT assets

    • Manage the receipt of IT assets

    • Retire IT assets as needed

    • Coordinate with AWSS to complete the disposal process

    • Evaluate usage and stock levels for IT assets

    • Develop policies and procedures related to the management of depot assets as needed

    • Recommend changes to the inventory plan based on inventory usage and demand levels

    Asset Management Specialists - Materials
    • Develop, implement, execute, and modify the IRS IT Asset Plan

    • Manage inventory replenishments

    • Analyze information from multiple, disparate databases and formulate decisions and business justifications to adjust the inventory plan

    • Develop forecasts and projections to determine demand on the inventory investment

    • Analyze economic order quantities and delivery times for replenishment of the inventory items

    • Develop policies and procedures related to the management of depot assets as needed

    • Manage and control inventory levels

Process Control

  1. Activities involved in ensuring a process is predictable, stable, and consistently operating at the target level of performance.

Controls

  1. Process controls represent the policies and guiding principles on how the process will operate. Controls provide direction over the operation of processes and define constraints or boundaries within which the process must operate

    Name Description
    GAO, CFO and TIGTA Audits Formal inspection and verification to check whether a standard or set of guidelines is being followed, that records are accurate, or that efficiency and effectiveness targets are being met.
    Asset Management Policies Policies and regulations that provide guidance for managing the IT Asset Management program.
    Security Policies Policies to ensure the confidentiality, integrity, and availability of IT assets.
    Annual Inventory Certification Plan Annual overview of hardware asset management objectives, guidelines, and activities necessary to meet IRS’ annual financial audits and deliverables, including certifying the accuracy and completeness of IRS’ authoritative inventory system.
    Governance Governance ensures that policies and strategy are actually implemented and that required processes are correctly followed.

Metrics

  1. Metrics are used for the quantitative and periodic assessment of a process. They should be associated with targets that are set based on specific business objectives. Metrics provide information related to the goals and objectives of a process and are used to take corrective action when desired results are not being achieved and can be used to drive continual improvement of process effectiveness and efficiency.

  2. Management will regularly set targets for process performance, gather quantifiable data related to different functions of the Asset Management Process, and review that data in order to make informed decisions and take appropriate corrective action, if necessary. All Measurements will have a defined data dictionary, map to the organizational strategic goals, and be documented in a Process Measurement Plan. The Process Measurement Plan template is available in the IT PAL.

Policies

  1. Policies outline a set of plans or courses of action that are intended to influence and determine decisions or actions of a process. Policies provide an element of governance over the process that provides alignment to business vision, mission and goals.

  2. ProcessManagement

    Statement:

    The Asset Management Process will have a single Process Owner and a separate Process Manager, responsible for implementation and ensuring adherence to the process. The process will be reviewed regularly to ensure that it continues to support the business requirements of the enterprise. The process will be designed and developed based on ROI to the business. Process metrics will be focused on providing relevant information as opposed to merely presenting raw data.

  3. People

    Statement:

    Roles and responsibilities for the process must be clearly defined and appropriately staffed with people having the required skills and training. The mission, goals, scope and importance of the process must be clearly and regularly communicated by upper management to the staff and business customers of IT. All IT staff (direct and indirect users of the process) shall be trained at the appropriate level to enable them to support the process.

    Rationale:

    It is imperative that people working in, supporting, or interacting with the process in any manner understand what they are supposed to do. Without that understanding the Asset Management Process will not be successful.

  4. Process

    Statement:

    Modifications to the Asset Management Process must be approved by the Process Owner. The design of the process must include appropriate interfaces with other processes to facilitate data sharing, escalation and workflow. The process must be capable of providing data to support real-time requirements as well as historical/trending data for overall process improvement initiatives. The process must be fully documented, published and accessible to the various stakeholders of the process. The process will be reviewed on a periodic basis in order to ensure it continues to support organizational goals and objectives (continuous improvement). The process must include Inputs, Outputs, Controls, Metrics, Activities, Tasks, Roles and Responsibilities, Tool and Data requirements along with documented process flows. The process will be kept straight forward, rational, and easy to understand.

    Rationale:

    The process must meet operational and business requirements.

  5. Technology andTools

    Statement:

    All tools selected must conform to the enterprise architectural standards and direction. Existing in-house tools and technology will be used wherever possible, new tools will only be entertained if they satisfy a business need that cannot be met by current in-house tools. The selection of supporting tools must be process driven and based on the requirements of the business. Selected tools must provide ease of deployment, customization, and use. The selected tools must support heterogeneous platforms. Automated workflow, notification and escalation will be deployed wherever possible to minimize delays, ensure consistency, reduce manual intervention and ensure appropriate parties are made aware of issues requiring their attention. The tools used by this process are the following:

    • HP Asset Manager (Hardware Repository)

    • Symantec Management Platform - Altiris Asset Management Suite for Client (Software Repository)

    Rationale:

    Technology and tools should be used to augment the process capabilities, not become an end themselves.

Tailoring Guidelines

  1. The tailoring guidelines identify the allowable variations of the IT organization’s standard process as needed for adjustments (adding, deleting, modifying) relative to specific operational or functional needs of another organization. Process tailoring is about roles and procedures, not the standard process or major activities defined in this process. All tailoring request, with supporting rationale, must be submitted in writing to and approved by the Asset Management Process owner.

Training

  1. Process training involves training all stakeholders about key processes that are crucial for an organization to deliver business objectives. Training provides clarity to employees on a set of procedures that needs to be carried out as part of the process and the best possible way to do them. List below the training resources available for this process:

    • Data Management

    • Asset Repository

    • Technical Writing

    • Information Technology Infrastructure Library (ITIL)

    • Data Analysis

    • Problem Solving

    • Communications

  2. The above bullet list are types of training that are recommended for the Asset Management Process.

  3. Refer to Asset Management User Guides located on the IT PAL for specific ELMS courses.

Exhibits

  1. Exhibit A - Acronyms

  2. Exhibit B - Glossary

Exhibit A - Acronyms

  1. The abbreviations and acronyms include an alphabetical listing of some commonly used terms in IT Asset Management.

    Acronyms Definition
    ACIO Associate Chief Information Officer
    AM Asset Management
    ARM Asset Management Reports
    AWSS Agency Wide Shared Services
    CFO Chief Financial Officer
    CMMI Capability Maturity Model Integrated
    COE Common Operating Environment
    CTO Chief Technology Officer
    EOL End of Life
    FMSS Facilities Management and Security Services (formerly Real Estate and Facilities Management (REFM))
    GAO Government Accountability Office
    IPM Integrated Process Management
    IRM Internal Revenue Manual
    IRS Internal Revenue Service
    IT Information Technology
    ITIL Information Technology Infrastructure Library
    ITSM IT Service Management
    PAL Process Asset Library
    PD Process Description
    PMI Project Management Institute
    POC Point of Contact
    RACI (Responsible, Accountable, Consulted, and Informed) This model is used to help define roles and responsibilities, instructions for the activities used in the Hardware Asset Management procedures
    RFC Request For Change
    ROI Return On Investment
    SACM Service Asset & Configuration Management
    TIGTA Treasury Inspector General for Tax Administration
    UNS User & Network Services

Exhibit B - Glossary

  1. The definitions listed below are some commonly used terms and are provided as an aid to understanding IT Asset Management.

    Term Definition
    Agreed Life An asset is designed to perform a function at an acceptable level for a predetermined amount of time according to the manufacturer’s lifecycle. It ensures that the defined services for the asset are met to provide the level of service required by the customer, in terms of quality and reliability.
    Annual Inventory Certification Plan Annual overview of hardware asset management objectives, guidelines, and activities necessary to meet IRS’ annual financial audits and deliverables including certifying the accuracy and completeness of IRS’ authoritative inventory system.
    Artifact A work product created by a process or procedure step, e.g., plans, design specifications, etc.
    Asset Any resource or capability. Assets of a service provider include anything that could contribute to the delivery of a service. Assets can be one of the following types: management, organization, process, knowledge, people, information, applications, infrastructure, and financial capital.
    Audit Formal inspection and verification to check whether a standard or set of guidelines is being followed, that records are accurate, or that efficiency and effectiveness targets are being met. An audit may be carried out by internal or external groups.
    Certification Issuing a certificate to confirm compliance to a standard. Certification includes a formal audit by an independent and accredited body.
    Depot A centralized storage area for In Stock IT equipment.
    Entry Criteria The elements and conditions (state) necessary to trigger the beginning of a process step.
    Exit Criteria The elements or conditions (state) necessary to trigger the completion of a process step.
    Hardware Asset Property meeting certain financial and security criteria that is part of the information technology infrastructure and represents a physical piece of computing electronic equipment.
    Incident Ticket The Enterprise Service Desk logs and tracks reported incidents. The incident will be assigned to a service provider for resolution.
    Information Technology (IT) The use of technology for the storage, communication, or processing of information. The technology typically includes computers, telecommunications, applications and other software. The information may include business data, voice, images, video, etc. Information Technology is often used to support business processes through IT services.
    Information Technology Infrastructure Library (ITIL) A set of best practice guidance for IT service management. ITIL is owned by the Office of Government Commerce (OGC) and consists of a series of publications giving guidance on the provision of quality IT services, and on the processes and facilities needed to support them. See http://www.itil.co.uk/ for more information.
    IT Asset Property or equipment that is part of the information technology infrastructure, including hardware and software for IT and telecommunications data and voice that is in use, in reserve storage, or is awaiting disposal.
    IT Asset Lifecycle A series of states connected by allowable transitions. The set of business practices that join financial, contractual, and inventory functions to support the management from acquisition to disposition for hardware and software found in the IT environment.
    IT Asset Plan A tactical plan for managing an organization's infrastructure and assets to deliver an agreed standard of service.
    IT Equipment Profile The standardized list of IT equipment given to each employee based upon their occupation in the IRS.
    Knowledge Article Shared information or instructions contained in a centralized database.
    Move/Add/Change Form A form used to document the status (location/assignment/user) of any piece of hardware (IT asset). It is used to update the asset repository.
    Process A structured set of activities designed to accomplish a specific objective. A process takes one or more defined inputs and turns them into defined outputs. A process may include any of the roles, responsibilities, tools, and management controls required to reliably deliver the outputs. A process may define policies, standards, guidelines, activities, and work instructions if they are needed.
    Process Owner A role responsible for ensuring that a process is fit for purpose. The process owner’s responsibilities include sponsorship, design, change management, and continual improvement of the process and its metrics. This role is often assigned to the same person who carries out the process manager role, but the two roles may be separate in larger organizations.
    Quality Reviews Quality reviews ensure compliance to asset management policies.
    RACI (Responsible - Accountable - Consulted - Informed) This model is used to help define roles and responsibilities, instructions for the activities used in the Hardware Asset Management procedures.
    Recipient The point of contact (POC) receiving the IT asset.
    Request for Change (RFC) A formal proposal for a change to be made (work request). An RFC includes details of the proposed change, and may be recorded on paper or electronically.
    Rogue Asset An unmanaged asset which appears amidst a population of managed assets. This can happen as a result of non-compliance with the policies concerning asset control and barcoding.
    Service Request A request from a user for information, or advice, or for a standard change or for access to an IT service. For example to reset a password, or to provide standard IT services for a new user. Service requests are usually handled by Enterprise Service Desk, and do not require an RFC to be submitted.
    Software Asset Property meeting certain financial and security criteria that is part of the information technology infrastructure and software installed on personal computers, laptops, desktops, servers, mainframes, network and mobile devices.
    Tool Job aid for a specific purpose, e.g., checklist, template, application, etc.