CSA Standards

Information technology - Software asset management - Part 1: Processes and tiered assessment of conformance
 N CAN/CSA-ISO/IEC 19770-1:13

Annotation

Purpose

This part of ISO/IEC 19770 establishes a baseline for an integrated set of processes for Software Asset Management (SAM), divided into tiers to allow for incremental implementation, assessment and recognition.

Field of application

This part of ISO/IEC 19770 applies to SAM processes and can be implemented by organizations to achieve immediate benefits. ISO/IEC 19770-2 provides a corresponding specification for software identification tags, which requires implementation by software manufacturers (external and internal) and by tool developers for its full benefits to be achieved

It is intended that this part of ISO/IEC 19770 be an implementation standard for organizations. Future editions may provide a measurement framework that is aligned to the requirements in ISO/IEC 15504-2:2003 or the future International Standard ISO/IEC 330031.

This part of ISO/IEC 19770 applies to all organizations of any size or sector. For the purposes of conformance, this part of ISO/IEC 19770 can only be applied to a legal entity, or to parts of a single legal entity. It may also be applied to multiple legal entities (e.g. the parent and subsidiaries of a multinational organization) where there is a legal controlling relationship between them, so that one entity may exercise control over the others. It applies only where such a controlling entity exercises control over the entire scope (as defined for purposes of conformance) and the assessor of conformance accepts this definition of organizational scope.

NOTE The definition of organizational scope is documented as part of the Corporate governance process for SAM (4.2.2). This part of ISO/IEC 19770 may be applied to an organization which has outsourced SAM processes, with the responsibility for demonstrating conformance always remaining with the outsourcing organization.