Everyone loves to talk about Software Asset Management (SAM). It’s where the big money and big risks sit — audits, vendor negotiations, million-pound savings. Boards perk up when they hear “licensing optimisation.”

But here’s the uncomfortable truth:
SAM lives or dies on the “A” of SACM.
If your Asset Management foundation is weak, your SAM programme is a house of cards. Tools, dashboards, savings targets — all just theatre if you don’t have control of your hardware and software assets from cradle to grave.

And too often, that’s exactly where IT organisations are failing.

---

The False Comfort of SAM Dashboards

Vendors like to sell SAM as a silver bullet. Install a shiny tool, ingest some data, and voilà: you’re in control of your software estate. But this is smoke and mirrors.

Tools like Flexera and Snow are brilliant at metering usage. They’ll tell you what’s installed, how it’s being consumed, and where you’re overspending. ServiceNow’s SAM module takes it further, reconciling entitlements against discovered data — but here’s the kicker: it relies on accurate asset data flowing from the CMDB and metering tools.

If that data is wrong? The dashboards look slick, but you’re still blind.
Garbage in, garbage out.

The point is simple: tools don’t create truth; they amplify whatever discipline you already have. If you’re sloppy on the “A” of SACM, SAM will just make your sloppiness look prettier.

---

The Audit Horror Story You Don’t Hear

We once worked with an organisation that got hit with a £10M compulsory purchase order after a major software audit. The team scrambled, wheeled out every SAM consultant in town, and managed to beat it down to £5M.

They high-fived. Leadership called it a “great save.”

But let’s pause here. They still had to cut a cheque for £5M they hadn’t budgeted for.
That wasn’t a win. That was a failure of Asset + SAM discipline.

Because if they had truly known their estate — what was installed, who was using it, and what entitlements they had — then that £5M would’ve been forecast. It wouldn’t have been a surprise. Audits should be a validation exercise, not a panic project.

The lesson: don’t be impressed by “savings against audit claims.” The real benchmark is whether you can predict your exposure before the vendor tells you.

---

The Temperature Check: Is Your Asset Management Working?

So how do you know if your “A” of SACM is solid? Here are six uncomfortable questions to test yourself today:

1. Inventory accuracy – Can you reconcile what’s in your CMDB with what’s in procurement and what’s actually installed?

2. Lifecycle visibility – When an asset is retired or decommissioned, do you know if the associated licenses are terminated, reused, or still a liability?

3. Cloud vs on-prem split – Can you say, with confidence, how much of your estate is cloud-based vs on-premise, and what licensing models apply?

4. Metering reality – Do you trust the usage data from Flexera/Snow, and is it cross-checked against your CMDB assets?

5. Joiners/movers/leavers discipline – When an employee leaves, do you know exactly what happens to their software entitlements?

6. Audit forecasting – If your top 3 software vendors audited you tomorrow, could you predict the outcome within 10% accuracy?

If you can’t answer these, you don’t have Asset Management. You have a hope, a spreadsheet, and a looming audit risk.

---

The Three Stages of Asset Management Maturity

Let’s make this real. Most organisations sit in one of these maturity stages:

1. Chaos

• Asset data is fragmented across spreadsheets, procurement systems, and the CMS/CMDB.

• Nobody can produce a single version of the truth.

• SAM = firefighting. Audits = panic.

2. Control

• Basic inventory and lifecycle processes exist.

• Assets can be tracked from procurement to decommissioning.

• SAM = risk management. The organisation can usually negotiate audits down.

3. Confidence

• Asset and software data is reconciled, continuously maintained, and trusted.

• Metering feeds align with entitlements.

• SAM = proactive optimisation. The business forecasts spend, avoids surprises, and negotiates from strength.

The leap from Chaos → Control is about process discipline.
The leap from Control → Confidence is about embedding those processes into culture and governance.

---

The Tool Trap

Here’s where organisations stumble:

• Flexera & Snow are excellent at metering, but they only see usage. Without lifecycle governance, they can’t tell you whether an unused install is still a liability and can only tell you about what you point it at.

• ServiceNow SAM integrates entitlements and discovered data, but if your CMDB is incomplete, you get false reconciliations. It’s not a silver bullet.

• Dashboards don’t equal compliance. Too many boards are lulled into a false sense of security by beautiful graphs showing “compliance posture.” But the data underneath is still junk.

Line to remember:
Don’t let a glossy tool convince your board you’re in control. Tools amplify your discipline (or lack of); they don’t create it.

---

The Risk and the Opportunity

Every asset and entitlement sits on a knife edge between risk and opportunity.

• Risk = You’re using more than you’re entitled to. Audit exposure, penalties, and compulsory purchases.

• Opportunity = You’ve purchased more than you’re using. Shelfware, wasted spend, and negotiation leverage.

Understanding your Effective License Position (ELP) is the key. It boils down to three questions every quarter:

1. What have we used?

2. What are we allowed to use?

3. What’s the delta — risk or opportunity?

If you can’t answer that, you don’t have SAM. You have exposure.

---

Why ITSM Leaders Should Care

Heads of ITSM sometimes dismiss Asset and SAM as “back-office hygiene.” Wrong.

• Incident, Problem, and Change all rely on accurate asset data.

• Service request fulfilment is crippled if assets aren’t visible and managed.

• Event Management and Observability depend on knowing what’s where, and who owns it.

• Even IT Service Continuity hinges on asset truth. If you don’t know what you own, how can you assure recovery?

The “A” of SACM isn’t a standalone practice. It’s the scaffolding that holds ITSM together. Ignore it, and the whole structure wobbles.

---

The CIO / ITSM / Asset Leader Playbook

Here’s what you should do this quarter if you want to get serious:

1. Demand Inventory Discipline
   Stop accepting “we think.” You either know what assets you own, or you don’t.

2. Embed Lifecycle Governance
   Track assets from cradle to grave. Don’t just monitor install to uninstall — include procurement, reassignment, and retirement.

3. Reconcile ELP Quarterly
   Make the “What have I used? What am I allowed?” conversation part of regular governance, not just audit season.

4. Validate Tool Outputs
   Take what Flexera, Snow, or ServiceNow tells you — then validate it against ground truth. Never assume the dashboard is right.

5. Forecast Audit Outcomes
   Ask your SAM/Asset teams: if Vendor X audited us tomorrow, what would they find? Then compare their forecast against actuals. Measure them on accuracy, not just responsiveness.

---

The Provocation

Too many organisations still measure SAM success by how much they “save” in audits. That’s the wrong yardstick.

The real measure is: Do you know your exposure before the vendor tells you?

If you don’t, you’re not in control. You’re just lucky.

And luck isn’t a strategy.