| IT Asset Management/Portfolio Management |
|
|
|
 |
| Phase I Overview |
|
The first phase of this important state government-wide initiative (to be completed in the 2003-05 biennium) involves the:
- Definition and development of the rules, policies, standards, and guidelines required for the tracking and reporting of assets owned by state agencies.
- Creation of an Enterprise IT Asset Management Program within DAS/EISPD.
- Identification and documentation of the requirements for an IT Asset Management System within DAS/EISPD (e.g. repository, auto-discovery tools, software usage tools, etc.).
- Creation of statewide pricing agreements for IT Asset Management tools and services.
- Collection of an initial inventory of state agency IT assets.
An information technology asset inventory and ongoing Enterprise IT Asset Management Program is needed to efficiently and effectively:
- Track and report the "state of the state´s" IT assets at any given point in time
- Provide sufficient guidance to state agencies for managing key asset types including hardware, software, business systems, and data
- Determine the total cost of ownership of state IT assets throughout the asset life cycle
- Leverage the state’s purchasing power by knowing what IT hardware and software needs to be purchased, in what volume, at what time
- Ensure software license optimization and compliance
- Establish an initial, current and disposal value for the state’s IT assets
- Plan for a common, shared, state government-wide information technology infrastructure
- Acquire the information needed for state government-wide information resources management decision-making.
|
|
|
| Phase II Overview |
|
IT Portfolio (Investment) Management
The second phase of the initiative (to be completed in the 2005-07 biennium) will allow DAS and state agencies to fulfill the legislative intent of ORS 184.473 through 184.477 (IT Portfolio Management; IT Asset Inventory and Management) by:
- Developing state government-wide standards, processes and procedures for the management of the state government-wide information technology portfolio and to conduct and maintain a continuous inventory of each state agency’s information technology (IT) (a compilation of information about those assets and the total life-cycle cost of those assets).
- Conducting and subsequently maintaining that state government-wide inventory.
- Creating an Enterprise IT Portfolio (Investment) Management Program within DAS/EISPD.
- Integrating state agency strategic and business planning, technology planning and budgeting, and project expenditure processes into the Enterprise IT Portfolio (Investment) Management Program.
- Ensuring that state agencies implement portfolio-based management of information technology resources in accordance with ORS 184.473 through 184.477 and with rules adopted by the DAS Director.
An information technology portfolio management system and ongoing Enterprise IT Portfolio (Investment) Management Program is needed to efficiently and effectively:
- Align proposed IT-related investments with the governor’s priorities and initiatives, the Enterprise Information Resources Management (EIRM) Strategy, the Oregon Strategic Plan for Geographic Information Management and other related statewide plans, initiatives, goals and objectives; Ensure that state agencies link their information technology investments with agency business plans.
- Facilitate risk assessment of information technology projects and investments;
- Ensure that state agencies justify information technology investments on the basis of sound business cases.
- Ensure that projects are effectively and efficiently run utilizing appropriate system development lifecycle, project management, and quality assurance methodologies.
- Ensure that state agencies facilitate development and review of information technology performance related to business operations.
- Ensure that state agencies thoroughly analyze (and reengineer, if appropriate) agency business processes prior to the automation of those processes through investments in technology.
- Identify projects, and ensure that state agencies explore opportunities to partner with others on projects, that can cross agency and program lines to leverage resources.
- Plan for a common, shared, state government-wide information technology infrastructure.
- Acquire the information needed for state government-wide information resources management decision-making.
|
|
|
| Policy Information |
|
- DAS Statewide IT Asset Inventory/Management Policy - IRM 107-004-010 (doc) (pdf) - Effective date: April 20, 2004
- Asset Management Chapter - Statewide Technical Architecture (doc) (pdf)
- Policy Action Summary (doc)
|
|
|
| Inventory-related Documents |
|
This following document is intended to help facilitate agency collection and submission of the IT asset inventory required by the Statewide IT Asset Inventory/Management Policy – IRM 107-004-010 (pdf) (Attachment 5: State government-wide ITAM Inventory Submission Schedule).
Further, the purpose of this document is to provide additional guidance related to Policy Attachment 2: Information Technology Asset Inventory Mandatory Attributes (pdf), specifically, to illustrate how the list of mandatory attributes translates into an inventory spreadsheet/database format. Note: A sample inventory spreadsheet is provided below for agency use.
Inventory Definintion Document V2 (doc)(pdf) Posted 10/13/2004
Sample Hardware Spreadsheet (xls) Posted 10/13/2004
Sample Software Spreadsheet (xls) Posted 10/13/2004
As noted in FAQ #4 below we prefer to receive the inventory reports in electronic format. We intend upload/import the spreadsheet information into a small database created from the inventory portion of the Computing and Networking Infrastructure Consolidation project (CNIC). If an alternative electronic format that we can easily import into the database would work best for you (e.g. comma delimited file, fixed format record layout, etc), please contact Sean McSpaden, Enterprise IT Planning Coordinator (contact information below) and we will do our best to accommodate your needs.
|
|
|
| Frequently Asked Questions |
|
Question 1
For our Agency Management Policy, we would like to adopt the statewide policy with a cover letter that includes definitions. Our definitions will define assets. Examples might be that “PC” includes a keyboard, mouse and CPU with installed cards. Monitors and software would be tagged separately. Will this be adequate or do we need a full policy of our own?
Answer 1
As the CIO Council and the State CIO have endorsed the concept of a maturity development model for IT Asset Management (Architecture and Standards (pdf)), yes, an agency can initially adopt the statewide IT Asset Inventory/Management policy as its agency ITAM policy via a cover letter as long as in the agency’s view, the statewide policy (pdf), as written, provides sufficient guidance for agency staff to understand their respective IT Asset Management Program roles, responsibilities, and obligations to the agency and to DAS/EISPD at this point in time.
Agencies may require additional specificity in policies and procedures over time in order to fully mature the agency’s ITAM program. Further, as stated in the policy, the IT asset information detail required for an agency to efficiently and effectively manage its information technology operations (assets) will likely exceed the level of detail required at the state government-wide reporting level (Policy Attachment 2 (pdf) ).
In regard to modifying the definitions in the "agency policy," that would be acceptable as long as agency definitions are in alignment with definitions identified in the policy.
The definitions contained within the Policy Attachment 1 Glossary (pdf) were developed by a multi-agency team over several months. If there is an agency business need to operate/inventory/manage IT assets under a different definition, we need to discuss the need for the modification and its potential impact on the state´s ability to ensure we are collecting inventories across all state agencies on an "apples to apples" basis.
Question 2
The policy indicates that each item should be “tagged.” We would like to use our agency number followed by a dash and the serial number of the product as this unique number. We will not actually tag items since the serial number is already on them.
Answer 2
To summarize the Statewide IT Asset Inventory/Management Policy (pdf) Guidelines IV, V, VI:
Agencies are required to affix an agency or State of Oregon identification tag to:
- Newly purchased IT-related assets (tagging required prior to deployment in the computing environment)
- Existing capital assets (tagging required by December 31, 2004. Also requires the issuance and use of a property control number)
- Existing non-capital assets (tagging required by June 30, 2005 ).
(Note: If an agency utilizes agency-specific asset tags, the agency shall ensure that the agency number assigned by the DAS State Controller’s Division is added to the asset tag number/unique identifier (in the database field, spreadsheet cell, etc.) prior to sending/reporting the information to DAS/EISPD).
In reviewing the proposed tagging option, we came back several times to the Statewide IT Asset Inventory/Management Policy reference to the Oregon Accounting Manual (OAM procedure 10.50.00.PR).
OAM 10.50.00.PR .120 states that: "Personal property meeting the definition of capital assets should be capitalized, tagged with a State of Oregon identification tag and property control number, listed on the capital asset property inventory, and physically inventoried at least annually. Discrepancies should be investigated. Support that a physical inventory has been taken, for all locations, should be retained in the agency’s central accounting office." In reviewing/considering the proposed approach we contacted the State Controller´s Division. In talking with them, it is clear that from the DAS perspective inventory tags affixed to capital assets are necessary and required.
Inventory tags are a control, and the agency needs to control the process, not the manufacturer via a serial number they may/may not be able to certify as unique. The big concern with the option you propose is that the agency is not controlling the numbering system. The number, in the option you propose, is only made unique by the addition of the agency assigned number. However, that only provides a unique identifier in the asset inventory system and not physically, permanently on the asset itself. That would be fine for reporting purposes, but not for the purpose of controlling the asset as required by the OAM procedure.
The tag adds assurance that "wandering assets" are identified as state property, and that it is likely not appropriate for whomever is disposing of the asset to do so. The serial number could be used as part of the inventory record, but we would be extremely leery of using it as a tag number on an ongoing basis.
The guidance DAS has provided to its client agencies is that tags are necessary for capital assets and that tags should have the agency name and the control number affixed. In general, we recommend having tags that are agency # - sequential #. This tagging approach provides better control and ease of a recognizable numbering system. Also, placement of these identification tags in an accessible and readable area is very important. Many of the manufacturer´s serial number tags are behind or underneath the products, and are not easily accessible.
During the required physical inventory process for capital and non-capital assets this could become very important in terms of the time/effort required to complete the inventory. We realize that the time and effort involved is not inconsequential. As the policy indicates, agencies need to affix an agency or State of Oregon asset tag to all IT-related capital assets by December 31, 2004 and to all IT-related non-capital assets by June 30, 2005.
Question 3
The Submission Schedule indicates three dates for submittals. June 30, 2004 , October 29, 2004 and December 31, 2004 . How are these reports different from each other?
Answer 3
ORS 184.475 - requires DAS, in cooperation with state agencies, to conduct and maintain a continuous inventory of each state agency’s current and planned investments in information technology, a compilation of information about those assets and the total life cycle cost of those assets.
In formulating this policy (pdf), the IT Asset Management Domain Team (policy subgroup) discussed at length that collecting a true continuous inventory is problematic based on the fact that today the state has distributed/decentralized management of 14 different WAN´s, data centers, firewalls, and LAN/desktop environments with limited deployment of auto discovery tools within those environments. To fulfill the intent of the statute, the team proposed and the CIO Council adopted a quarterly reporting schedule.
How are these reports different from each other? The reports are intended to reflect the agency´s IT Asset Inventory at a specific point in time as of a certain date. From quarter to quarter, it is likely that minimal changes to the inventory will occur in small agencies with an increased probability for change occurring in the medium to large agencies. With that in mind, there will likely be redundancy of information submitted, but again, the quarterly reporting approach was proposed and adopted to reasonably fulfill the legislative intent for DAS to collect and maintain a continuous inventory. DAS/EISPD will work with agencies to assess the appropriate frequency of inventory reporting based on our collective experience over the next year.
Question 4
What format do you prefer or require for the reports (electronic, hard copy, record layout)?
Answer 4
We prefer to receive the reports in electronic format. We are preparing a spreadsheet format now and will distribute as a template for use as soon as possible. We will be uploading/importing the spreadsheet information into a small database created from the inventory portion of the Computing and Networking Infrastructure Consolidation project (CNIC). If an alternative electronic format that we can easily import into the database would work best for you (e.g. comma delimited file, fixed format record layout, etc), please contact Sean McSpaden (contact information below) and we will do our best to accommodate your needs.
A core objective of the Enterprise IT Asset Management Program is to put in place a fully functional, scalable asset inventory/management repository for use by DAS and state agencies as appropriate. However, until the direction of the CNIC project is known in mid- June 2004 (i.e. will the state proceed with consolidation or not), DAS intends to hold on its active pursuit of an ITAM repository/system.
Question 5
Is there a standard asset tag that is provided by the state? If there is a standard state asset tag, is it provided free or at a cost to the agency?
Answer 5
In talking with the State Controller´s Division there is not a standard asset tag provided by DAS for all agencies to use. Agencies employ a variety of tagging strategies currently with little uniformity at this point in time. The purchase of asset tags is currently an agency responsibility.
The State Controller's Division does not typically issue State of Oregon tags although the agency could decide to use a generic State of Oregon tag along with a numbering scheme that included the agency number assigned by the State Controller´s Division.
Question 6
Is there a format that is preferred in designing the unique identifier used? Specifically I am interested in whether there are minimum or maximum numbers of suggested characters that would be preferable in the reports we will be required to submit. If we decide to use the manufacturer provided information such as a PC service tag or a printer serial number, the number may not be unique if trailing characters are dropped because of some database limitation on the number of characters recognized.
Answer 6
Originally, the team that developed the policy (pdf) had proposed a firm, common tagging strategy for all agencies. Several of the larger agencies (especially those that used automated systems and who had established tagging strategies) requested that we revisit the issue and strive toward a flexible requirement. As the purpose of a common statewide numbering scheme was largely based on the need to be able to quickly identify agency ownership of IT assets, we revised the requirement to the following (Summary of Guidelines IV, V, VI):
Agencies are required to affix an agency or State of Oregon identification tag to:
- Newly purchased IT-related assets (tagging required prior to deployment in the computing environment)
- Existing capital assets (tagging required by December 31, 2004. Also requires the issuance and use of a property control number)
- Existing non-capital assets (tagging required by June 30, 2005 ).
(Note: If an agency utilizes agency specific asset tags, the agency shall ensure that the agency number assigned by the DAS State Controller´s Division is added to the asset tag number/unique identifier (in the database field, spreadsheet cell, etc.) prior to sending/reporting the information to DAS/EISPD).
At this point in time the guidance received from the State Controller´s Division is as follows:
- Tagging of capital assets is required by State Controller´s Division OAM Policies/Procedures (10.50.00.PR)
- Tagging of non-capital assets is required by DAS Statewide IT Asset Inventory/Management Policy (IRM 107-004-010).
Although the specific tagging format and sequence of numbers is at the agency´s discretion, asset tag numbers should be:
Asset tags should be controlled. In other words, the agency should have the ability to account for all tags. They should either be:
- Affixed to deployed/stored IT Assets
- Retired on disposal/surplus of IT Assets
- On hand for future use.
Question 7
Most of the IT equipment in our office with exception of one of our printers cost less than $5,000. Would it be correct that none of the equipment under the cost of $5,000 would require an agency or State of Oregon ID tag (since it is considered non-capital)?
Answer 7
No. Although the State Controller´s Division Oregon Accounting Manual requirement has only been concerned with tagging capital assets in the past, the Statewide IT Asset Inventory/Management Policy also requires the tagging of non-capital assets. To summarize the Statewide IT Asset Inventory/Management Policy (pdf) Guidelines IV, V, VI:
Agencies are required to affix an agency or State of Oregon identification tag to:
- Newly purchased IT-related assets (tagging required prior to deployment in the computing environment)
- Existing capital assets (tagging required by December 31, 2004. Also requires the issuance and use of a property control number)
- Existing non-capital assets (tagging required by June 30, 2005 ).
(Note: If an agency utilizes agency specific asset tags, the agency shall ensure that the agency number assigned by the DAS State Controller´s Division is added to the asset tag number/unique identifier (in the database field, spreadsheet cell, etc.) prior to sending/reporting the information to DAS/EISPD).
Question 8
I assume that the tags you want people to use are property ID tags similar to what DAS uses. A minimum order is 300 tags and the cost is $452. I am not sure that with the recent budget problems that this would be a wise expenditure. We could make our own tags but I am sure they would not have the same integrity as the other tags.
Answer 8
We have received several inquiries from small boards and commissions regarding any assistance DAS may be able to provide. We are working on a couple of options and will factor this issue into the mix as well.
One option could involve DAS possibly purchasing tags (an aggregate purchase) on behalf of small boards and commissions. Only the number of tags required would be distributed to boards/commissions for use and the agency would then be billed by DAS for their prorated portion of the expense. The benefit of this approach would be that one or two rolls of tags could be used by a whole host of boards and commissions. The state could assure uniformity of tagging with unique and consecutive numbering. If agencies are interested in DAS exploring this option, please contact Sean McSpaden (contact information below).
Question 9
I have developed a draft policy for our board to review, however they will not be able to review it until July. Is this going to pose a problem as the e-mail said we need to have a policy in place 90 days from the April 20, 2004 effective date of the DAS policy? Can I get any input regarding the draft policy that I have developed or do you simply want whatever policy our board approves?
Answer 9
We would be happy to review your draft policy and provide whatever feedback we can to help you finalize it. We'd also be glad to work with you on the timing of the formal adoption of your board's policy as well. Let us know.
|
|
|
| Contact for More Information |
|
Sean McSpaden
Manager, IT Investment and Planning
Enterprise Information Strategy and Policy Division
955 Center St NE, room 470
Salem, OR 97301
(503) 378-5257
sean.l.mcspaden@state.or.us
|
|
| |
|
|
