2.149.4 Asset Management Software Procedures

Manual Transmittal

May 29, 2024

Purpose

(1) This transmits revised IRM 2.149.4, Information Technology (IT) Asset Management Software Procedures.

Material Changes

(1) IRM 2.149.4, was updated for editorial changes to:

  • remove a decommissioned term, in order to meet the new IRS guidelines

  • correct the Information Technology Infrastructure Library (ITIL) definition

Effect on Other Documents

IRM 2.149.4, dated September 30, 2022 is superseded.

Audience

The IT Asset Management Software Procedures is applicable to all employees enterprise-wide responsible for managing TIER 3 software, including Asset Management’s stakeholders, customers, asset owners, contractors, and vendors.

Effective Date

(05-29-2024)


Rajiv Uppal
Chief Information Officer

Program Scope and Objectives

  1. This document describes the formal process for implementing the requirements of the Asset Management Software Procedures process. It provides an operational definition of the major components of the process and how to perform each step in the process. This document also describes the logical arrangements of steps that are essential to successfully completing the process and achieving its desirable outcome.

  2. Purpose: This document describes the formal Information Technology (IT) policy for implementing the requirements of the Information Technology (IT) Asset Management Policy process. It provides the purpose, scope, authority, and mandates for institutionalizing this process. This policy establishes authority and responsibility for the performance of IT asset management throughout the IRS. It also establishes policies and procedures for management and control of hardware and software assets throughout their lifecycle.

  3. Audience: The TIER 3 Software Asset Management Policy is applicable to all employees enterprise-wide responsible for the management IT equipment, including Asset Management’s stakeholders, customers, asset owners, contractors, and vendors.

  4. Policy Owner: The office of Asset Management within Information Technology, UNS, Operations Service Support.

  5. Program Owner: Information Technology, UNS, Operations Service Support, Program Director is responsible for overseeing and managing IT assets enterprise-wide that meets the established criteria for TIER 3 software.

  6. Primary Stakeholders: All organizations, business units and employees including contractors who have inventory responsibilities are considered stakeholders.

  7. Program Goals: AM is the process responsible for tracking and reporting the value and ownership of financial assets throughout their lifecycle. AM is part of the ITIL Process. An IT asset is property or equipment that is part of the IT infrastructure, including hardware and software for IT and telecommunications data and voice that is in use, in reserve storage, or is awaiting disposal. All IRS organizations (including contractors) developing, maintaining, and controlling IT assets shall adhere to the mandates of this policy and all associated AM procedures.

Background

  1. The process definition laid out in the process description document further breaks down the Activities into Tasks, each of which have a complete set of attributes defined such as data and tool specifications and the role(s) responsible for executing the tasks.

  2. All proposed changes to this document must be submitted in writing, with supporting rationale, to the Information Technology, UNS, Operations Service Support, Asset Management organization.

  3. This document defines the step-by-step instructions for the activities used in the Software Asset Management procedures:

    Step 1 - Manage IT Asset Plan process includes the planning for information technology asset purchases

    Step 2 - Process Acquired IT Asset includes the processing of acquired software information technology assets

    Step 3 - Deploy IT Asset includes a method for deploying information technology software assets

    Step 4 - Maintain IT Asset includes the accountability, support, and maintenance of information technology software assets

    Step 5 - Dispose of IT Asset includes the end of life (EOL)/disposition for information technology software assets

Purpose of Procedure
  1. This document defines the step-by-step instructions on how to conduct the activities used to implement the Asset Management Software Procedures process in the Information Technology, User & Network Services, Operations Service Support, Asset Management organization. The purpose of a procedure document is to institutionalize and formalize the preferred method of performing tasks that staff is using. The objective is to have everyone using the same tools and techniques and follow the same repeatable steps so that the organization can quantify how well the procedure is working and train future staff members who may not currently know the routine. Ensuring consistency is a critical component for ensuring optimum efficiency.

Authority

  1. All proposed changes to this document must be submitted in writing, with supporting rationale, to the Information Technology, UNS, Operations Service Support, Asset Management organization.

Roles and Responsibilities

  1. Each process defines at least one role. Each role is assigned to perform specific tasks within the process. The responsibilities of a role are confined to the specific process. They do not imply any functional standing within the hierarchy of an organization. For example, the process manager role does not imply the role is associated with or fulfilled by someone with functional management responsibilities within the organization. Within a specific process, there can be more than one individual associated with a specific role. Additionally, a single individual can assume more than one role within the process although typically not at the same time.

    Name Description
    Asset Management Specialists - Software
    • Manage control processes and interactions for all enterprise-wide software financial assets and associated components

    • Develop policies and procedures related to the management of software assets as needed

    • Monitor software usage

    • Manage software licenses

    • Ensure compliance with IRS software standards

    • Reconcile software assets receipt data for verification and audit

    • Oversee and coordinate with external/internal auditors (GAO, TIGTA, and CFO) regarding IT assets

    • Administrate guidelines for quality reviews

Program Management and Review

  1. Policies outline a set of plans or courses of action that are intended to influence and determine decisions or actions of a process. Policies provide an element of governance over the process that provides alignment to business vision, mission and goals.

  2. ProcessManagement

    Statement:

    The Asset Management Process will have a single Process Owner and a separate Process Manager, responsible for implementation and ensuring adherence to the process. The process will be reviewed regularly to ensure that it continues to support the business requirements of the enterprise. The process will be designed and developed based on ROI to the business. Process metric will be focused on providing relevant information as opposed to merely presenting raw data.

  3. People

    Statement:

    Roles and responsibilities for the process must be clearly defined and appropriately staffed with people having the required skills and training. The mission, goals, scope and importance of the process must be clearly and regularly communicated by upper management to the staff and business customers of IT. All IT staff (direct and indirect users of the process) shall be trained at the appropriate level to enable them to support the process.

    Rationale:

    It is imperative that people working in, supporting, or interacting with the process in any manner understand what they are supposed to do. Without that understanding the Asset Management Process will not be successful.

  4. Process

    Statement:

    Modifications to the Asset Management Process must be approved by the Process Owner. The design of the process must include appropriate interfaces with other processes to facilitate data sharing, escalation and workflow. The process must be capable of providing data to support real-time requirements as well as historical/trending data for overall process improvement initiatives. The process must be fully documented, published and accessible to the various stakeholders of the process. The process will be reviewed on a periodic basis in order to ensure it continues to support organizational goals and objectives (continuous improvement). The process must include Inputs, Outputs, Controls, Metrics, Activities, Tasks, Roles and Responsibilities, Tool and Data requirements along with documented process flows. The process will be kept straight forward, rational, and easy to understand.

    Rationale:

    The process must meet operational and business requirements.

  5. Technology andTools

    Statement:

    All tools selected must conform to the enterprise architectural standards and direction. Existing in-house tools and technology will be used wherever possible, new tools will only be entertained if they satisfy a business need that cannot be met by current in-house tools. The selection of supporting tools must be process driven and based on the requirements of the business. Selected tools must provide ease of deployment, customization, and use. The selected tools must support heterogeneous platforms. Automated workflow, notification and escalation will be deployed wherever possible to minimize delays, ensure consistency, reduce manual intervention and ensure appropriate parties are made aware of issues requiring their attention. The tools used by this process are the following:

    • Software Asset Management Repositories

    • Discovery Tools

    Rationale:

    Technology and tools should be used to augment the process capabilities, not become an end themselves.

Program Controls

  1. Activities involved in ensuring a process is predictable, stable, and consistently operating at the target level of performance.

Controls
  1. Process controls represent the policies and guiding principles on how the process will operate. Controls provide direction over the operation of processes and define constraints or boundaries within which the process must operate:

    Name Description
    GAO, CFO and TIGTA Audits Formal inspection and verification to check whether a standard or set of guidelines is being followed, that records are accurate, or that efficiency and effectiveness targets are being met.
    Asset Management Policies Policies and regulations that provide guidance for managing the IT Asset Management program.
    Security Policies Policies to ensure the confidentiality, integrity, and availability of IT assets.
    Governance Governance ensures that policies and strategy are actually implemented and that required processes are correctly followed.

Terms/Definitions/Acronyms

  1. Definitions of Asset Management’s terms and acronyms.

Terms and Definitions
  1. The definitions listed below are some commonly used terms and provided as an aid to understanding IT Asset Management.

    Term Definition
    Agreed Life An asset is designed to perform a function at an acceptable level for a predetermined amount of time according to the manufacturer’s life cycle. It ensures that the defined services for the asset are met to provide the level of service required by the customer, in terms of quality and reliability.
    Artifact A work product created by a process or procedure step, e.g., plans, design specifications, etc.
    Asset Any resource or capability. Assets of a service provider include anything that could contribute to the delivery of a service. Assets can be one of the following types: management, organization, process, knowledge, people, information, applications, infrastructure, and financial capital.
    Audit Formal inspection and verification to check whether a standard or set of guidelines is being followed, that records are accurate, or that efficiency and effectiveness targets are being met. An audit may be carried out by internal or external groups.
    Depot A centralized storage area for In Stock IT equipment.
    Certification Issuing a certificate to confirm compliance to a standard. Certification includes a formal audit by an independent and accredited body.
    Entry Criteria The elements and conditions (state) necessary to trigger the beginning of a process step.
    Exit Criteria The elements or conditions (state) necessary to trigger the completion of a process step.
    Hardware Asset Property meeting certain financial and security criteria that is part of the information technology infrastructure and represents a physical piece of computing electronic equipment.
    Incident The Enterprise Service Desk logs and tracks reported incidents. The incident will be assigned to a service provider for resolution.
    Information Technology (IT) The use of technology for the storage, communication, or processing of information. The technology typically includes computers, telecommunications, applications and other software. The information may include business data, voice, images, video, etc. Information technology is often used to support business processes through IT services.
    Information Technology Infrastructure Library (ITIL) A set of best practice guidance for IT service management. ITIL consists of a series of publications giving guidance on the provision of quality IT services, and on the processes and facilities needed to support them.
    IT Asset Property or equipment that is part of the information technology infrastructure, including hardware and software for IT and telecommunications data and voice that is in use, in reserve storage, or is awaiting disposal.
    IT Asset Lifecycle A series of states connected by allowable transitions. The set of business practices that join financial, contractual, and inventory functions to support the management from acquisition to disposition for hardware and software found in the IT environment.
    IT Asset Plan A tactical plan for managing an organization's infrastructure and assets to deliver an agreed standard of service.
    IT Equipment Profile The standardized list of IT equipment given to each employee based upon their occupation in the IRS.
    License Position An organizational view, which identifies whether software is under-licensed (at risk of a compliance audit) or over-licensed (wasting money on unnecessary software purchases), assisting in managing license compliance.
    Move/Add/Change A Service Request is submitted to document the status (location/assignment/user) of any piece of hardware (IT asset). It is used to update the repository.
    Process A structured set of activities designed to accomplish a specific objective. A process takes one or more defined inputs and turns them into defined outputs. A process may include any of the roles, responsibilities, tools, and management controls required to reliably deliver the outputs. A process may define policies, standards, guidelines, activities, and work instructions if they are needed.
    Process Owner A role responsible for ensuring that a process is fit for purpose. The process owner’s responsibilities include sponsorship, design, change management, and continual improvement of the process and its metrics. This role is often assigned to the same person who carries out the process manager role, but the two roles may be separate in larger organizations.
    Quality Reviews Quality reviews ensure compliance to asset management policies.
    RACI (Responsible, Accountable, Consulted, and Informed) This model is used to help define roles and responsibilities, instructions for the activities used in the Hardware and Software Asset Management procedures
    Recipient The point of contact (POC) receiving the IT asset.
    Request for Change (RFC) A formal proposal for a change to be made (work request). An RFC includes details of the proposed change, and may be recorded on paper or electronically. The term RFC is often misused to mean a change record, or the change itself.
    Rogue Asset An unmanaged asset which appears amidst a population of managed assets. This can happen as a result of non-compliance with the policies concerning asset control and barcoding.
    Service Request A request from a user for information, or advice, or for a standard change or for access to an IT service. For example, to reset a password, or to provide standard IT services for a new user. Service requests are usually handled by Enterprise Service Desk, and do not require an RFC to be submitted.
    Software Asset Property meeting certain financial and security criteria that is part of the information technology infrastructure and software installed on personal computers, laptops, desktops, servers, mainframes, network, and mobile devices.
    TIER 3 Software (Micro) Personal computers such as Desktop PC, Laptop PC, etc.
    Tool Job aid for a specific purpose, e.g., checklist, template, application, etc.

Acronyms
  1. The abbreviations and acronyms include an alphabetical listing of some commonly used terms in IT Asset Management.

    Acronyms Definition
    ACIO Associate Chief Information Officer
    AM Asset Management
    ARM Asset Management Report
    CFO Chief Financial Officer
    CMMI Capability Maturity Model Integrated
    COE Common Operating Environment
    CTO Chief Technology Officer
    EOL End of Life
    FMSS Facilities Management and Security Services (formerly Real Estate and Facilities Management (REFM))
    GAO Government Accountability Office
    IRM Internal Revenue Manual
    IRS Internal Revenue Service
    IT Information Technology
    ITIL Information Technology Infrastructure Library
    ITSM Information Technology Service Management
    PD Process Description
    PMI Project Management Institute
    POC Point of Contact
    PR Procedure
    RACI (Responsible, Accountable, Consulted, and Informed) This model is used to help define roles and responsibilities, instructions for the activities used in the Hardware and Software Asset Management procedures
    RFC Request For Change
    ROI Return On Investment
    SAM Software Asset Management
    TIGTA Treasury Inspector General for Tax Administration
    UNS User & Network Services

Related Resources

  1. The following lists the regulatory documents that validate the Asset Management Policy:

    • Public Law 89-306, Automated Data Processing Equipment

    • Office of Management and Budget (OMB) Circular A-123, Management’s Responsibility for Internal Controls

    • Treasury Department Publication 32-01, Accounting Principles and Standards OMB Circular A-127, Financial Management Systems

    • Public Law 101-576, Chief Financial Officers Act of 1990

    • Executive Order 12999, Educational Technology: Ensuring Opportunity for All Children in the Next Century

    • Public Law 104-106, Clinger-Cohen Act of 1996, formerly Information Technology Reform Act of 1996

    • IRM 1.2.1 - Servicewide Policy Statements and IRM 1.2.2 - Servicewide Delegations of Authority, to see information technology activities such as Policy Statement 2-93 (formerly P-1-229)

    • Delegation Order 1-41 Delegation Order MITS-2-1-1, Authority to Approve IT Resources

    • Policies and Procedures Memorandum No. 46.5, Evidentiary Documentation in Support of Receipt and Acceptance

    • IRM 10.8, Information Technology(IT) Security

    • IRM 1.14.4, Personal Property Management, Facilities Management and Security Services

    • IRM 1.35.6, Administrative Accounting, Property and Equipment Accounting

    • IRM 2.21, Shopping Cart Processing for Information Technology Products and Services

    • IRM 1.15, Records and Information Management

    • IRM 6.800, Employee Benefits

    • IRM 2.127, Testing Standards and Procedures

    • National Institute of Standards and Technology Special Publication 800-53, Recommended Security Controls for Federal Information Systems and Organizations (Aug. 2009)

    • Treasury Directive Publication 85-01, Treasury IT Security Program (Nov. 3, 2006)

    • Executive Order, Department of the Treasury Directive 85-02, Software Piracy Policy (May 4, 2010)

    • Executive Order 13103 (Sep. 30, 1998), Computer Software Piracy

    • Executive Order 13589, Promoting Efficient Spending (Nov. 09, 2011)

    • Public Law 113-291, National Defense Authorization Act, Federal Information Technology Acquisition Reform Act, (FITARA) (Dec. 2014)

    • “OMB issued Memorandum M-16-12, dated June 2, 2016:” Improving the Acquisition and Management of Common Information Technology: Software Licensing

    • Public Law 114-210, Megabyte Act of 2016, Making Electronic Government Accountable by Yielding Tangible Efficiencies Act of 2016 (July 29, 2016)

    • Asset Management - Enterprise-wide Software User Guide

    • Asset Management - UNS Software User Guide

    • Asset Management - Hardware User Guide

    • General Services Administration Bulletin Federal Management Regulation (FMR) B - 34, Disposal of Federal Electronic Assets

    • Memorandum, dated July 26, 2011 and signed by CTO for IRS Computer Room and Ownership and Management which assigns ownership of all Computer Rooms to Enterprise Operations

Step 1 - Manage IT Asset Plan Workflow

  1. A workflow consists of Activities and Tasks, Inputs and Outputs, Roles, and Flow Diagrams. It describes the tasks, procedural steps, organizations or people involved, required input and output information, and tools needed for each step of the process.

Main Process Diagram

  1. This step does not have a Main Process Diagram, only Cross-Functional Diagram.

  2. Step 1 - Manage IT Asset Plan outlines the steps required to plan for new IT asset purchases or replacement of existing IT assets.

Entry Criteria

  1. Generally, Step 1 - Manage IT Asset Plan - Software procedure occurs after the following events:

    • Approved Request for IT Asset

    • New technology

Inputs

  1. Process inputs are used as triggers to initiate the process and to produce the desired outputs. Users, stakeholders or other processes provide inputs. The following is a list of inputs for this process:

    Name Description Supplier
    Service Request A request from a User for information, or advice, or for a Standard Change or for Access to an IT Service. Request Fulfillment
    Incident An unplanned interruption to an IT Service or a reduction in the Quality of an IT Service. Incident Management
    RFC/Work Request A formal proposal for a change to be made (work request). An RFC includes details of the proposed change, and may be recorded on paper or electronically. Change Management
    Budget Information The financial data used to support the IT Asset Plan (e.g., Investment Management and Spending Plans). IT Financial Management
    IT Asset The property or equipment that is part of the information technology infrastructure, including hardware and software for IT and telecommunications data and voice that is in use, in reserve storage, or is awaiting disposal. Strategic Supplier Management, Asset Management

Outputs

  1. Each process produces tangible outputs. These outputs can take the form of products or data and can be delivered to a user or stakeholder, or, they can be used as inputs to other processes. Outputs are measurable in terms of quantity and quality.

    Name Description Recipient
    IT Asset Plan A tactical plan for managing an organization's infrastructure and other assets to deliver an agreed standard of service. Strategic Supplier Management, IT Financial Management
    RFC/Work Request A formal proposal for a change to be made (work request). An RFC includes details of the proposed change, and may be recorded on paper or electronically. Change Management
    Budget Information The financial data used to support the IT Asset Plan (e.g., Investment Management and Spending Plans). IT Financial Management
    Knowledge Article The shared information or instructions contained in a centralized database. Knowledge Management, Stakeholders

Exit Criteria

  1. Step 1 - Manage IT Asset Plan - Software procedure is exited when:

    • Submitted requests have been incorporated into an IT Asset Plan

Activities

  1. An activity is a major unit of work to be completed in achieving the objectives of the process. A process consists of a sequence of related activities that transforms inputs into outputs and performed by the roles defined in the process. Identify the activities in the process and provide a brief description. The activities must correspond with the high-level process flow diagram above.

    ID Name Description
    A1 Analyze request Analyze and gather request information for future needs.
    A2 Review repository Analyze repository data for availability of IT asset.
    A3 Process request Manage IT asset inventory levels.

  2. Additional instructions for the following steps are found in the Software Asset Management – User Guides at the UNS, Operation Service Support Hardware Asset Management SharePoint site, see the following section for IRM Policies and Procedures: https://irsgov.sharepoint.com/sites/ossamweb/Pages/IRM-Policies-and-Procedures.aspx.

Roles

  1. Each process defines at least one role. Each role is assigned to perform specific tasks within the process. The responsibilities of a role are confined to the specific process. They do not imply any functional standing within the hierarchy of an organization. For example, the process manager role does not imply the role is associated with or fulfilled by someone with functional management responsibilities within the organization. Within a specific process, there can be more than one individual associated with a specific role. Additionally, a single individual can assume more than one role within the process although typically not at the same time.

    Name Description
    Asset Management Specialists - Software
    • Manage control processes and interactions for all enterprise-wide software financial assets and associated components

    • Develop policies and procedures related to the management of software assets as needed

    • Monitor software usage

    • Manage software licenses

    • Ensure compliance with IRS software standards

    • Reconcile software assets receipt data for verification and audit

    • Oversee and coordinate with external/internal auditors (GAO, TIGTA, and CFO) regarding IT assets

    • Administrate guidelines for quality reviews

Procedure

  1. Procedure Graphs.

A1 Analyze Request
  1. Analyze and gather request information for future needs.

    ID Task Name and Description Role RACI Duties
    A1.1 Receive and validate request

    This task includes receiving purchase requests and renewals to verify that software is approved for use in the environment.
    Stakeholders R Submit purchase requests and renewals for review
        Asset Management Specialists - Software C Review purchase requests and renewals
    A1.2 Provide recommendations

    Asset Management Specialists - Software respond to stakeholders with approval or denial of purchase requests.
    Asset Management Specialists - Software R Review information and provide response
        Stakeholders I Informed of recommendations

A2 Review Repository
  1. Analyze repository data for availability of IT asset.

    ID Task Name and Description Role RACI Duties
    A2.1 Receive request

    This task includes receiving/acknowledging Service and RFC/Work Requests.
    Asset Management Specialists - Software


    Stakeholders
    R



    C
    Acknowledge receipt of request

    Submit Service and RFC/Work Requests
    A2.2 Review and validate request

    This task includes reviewing the information provided for completeness and necessary approvals.
    Asset Management Specialists - Software




    Stakeholders
    R





    C
    Analyze and request additional information if needed

    Provide response as needed
    A2.3 Verify license availability

    This task includes analyzing the repository to identify if the request is for a new or existing IT asset. If existing, determine if licenses are available to fulfill the request.
    Asset Management Specialists - Software R Research repository to check for IT asset availability

A3 Process Request
  1. Manage IT asset inventory levels.

    ID Task Name and Description Role RACI Duties
    A3.1 Identify installations and usage

    This task includes querying the repository and producing an inventory report.
    Asset Management Specialists - Software R Generate Asset Management Reports
    A3.2 Validate report data

    This includes reviewing the report and supporting documentation to determine the license position.
    Asset Management Specialists - Software R Analyze findings to determine license availability
    A3.3 Notify stakeholders of license position

    This task provides the status of the license position to stakeholders.
    Asset Management Specialists - Software



    Stakeholders
    R




    I
    Provide license position to stakeholders

    Receive notification of inventory level

Cross-Functional Diagram
  1. Step 1 - Manage IT Asset Plan - Software Procedure Flow Diagram

    Figure 2.149.4-1

    This is an Image: 67522001.gif

    Please click here for the text description of the image.

Step 2 - Process Acquired IT Asset Workflow

  1. A workflow consists of Activities and Tasks, Inputs and Outputs, Roles, and Flow Diagrams. It describes the tasks, procedural steps, organizations or people involved, required input and output information, and tools needed for each step of the process.

Main Process Diagram

  1. This step does not have a Main Process Diagram, only Cross-Functional Diagram.

  2. Step 2 - Process Acquired IT Asset is to outline the steps required to ensure new IT assets in the IT infrastructure are accounted for in the authoritative repository.

Entry Criteria

  1. Generally, Step 2 - Process Acquired IT Asset - Software procedure occurs after the following events:

    • Purchase Notification

    • Service Request

    • Incident

    • RFC/Work Request

Inputs

  1. Process inputs are used as triggers to initiate the process and to produce the desired outputs. Users, stakeholders or other processes provide inputs. The following is a list of inputs for this process:

    Name Description Supplier
    Purchase Documentation The types of purchase documentation include requisitions awards, shipping information, vendor quotes and contracts. Strategic Supplier Management
    Asset Management Reports The reports generated to provide data on the asset management inventory. Asset Management, Strategic Supplier Management
    Service Request A request from a User for information, or advice, or for a Standard Change or for Access to an IT Service. Request Fulfillment

Outputs

  1. Each process produces tangible outputs. These outputs can take the form of products or data and can be delivered to a user or stakeholder, or, they can be used as inputs to other processes. Outputs are measurable in terms of quantity and quality.

    Name Description Recipient
    Asset Repository An asset record is updated within the Asset Repository. Asset Management
    Asset Management Reports The reports generated to provide data on the current asset management inventory. Asset Management, Strategic Supplier Management, Stakeholders
    Knowledge Article The shared information or instructions contained in a centralized database. Knowledge Management, Stakeholders

Exit Criteria

  1. Step 2 - Process Acquired IT Asset - Software procedure is exited when:

    • Acquired IT asset is obtained to meet requests and successfully added to the repository

Activities

  1. An activity is a major unit of work to be completed in achieving the objectives of the process. A process consists of a sequence of related activities that transforms inputs into outputs and performed by the roles defined in the process. Identify the activities in the process and provide a brief description. The activities must correspond with the high-level process flow diagram above.

  2. Additional instructions for the following steps are found in the Software Asset Management – User Guides at the UNS, Operation Service Support Hardware Asset Management SharePoint site, see the following section for IRM Policies and Procedures: https://irsgov.sharepoint.com/sites/ossamweb/Pages/IRM-Policies-and-Procedures.aspx.

    ID Name Description
    A1 Receive and process notifications Notification is received and processed for all IT asset acquisitions.
    A2 Update repository Create/Update record.

Roles

  1. Each process defines at least one role. Each role is assigned to perform specific tasks within the process. The responsibilities of a role are confined to the specific process. They do not imply any functional standing within the hierarchy of an organization. For example, the process manager role does not imply the role is associated with or fulfilled by someone with functional management responsibilities within the organization. Within a specific process, there can be more than one individual associated with a specific role. Additionally, a single individual can assume more than one role within the process although typically not at the same time.

    Name Description
    Asset Management Specialists - Software
    • Manage control processes and interactions for all enterprise-wide software financial assets and associated components

    • Develop policies and procedures related to the management of software assets as needed

    • Monitor software usage

    • Manage software licenses

    • Ensure compliance with IRS software standards

    • Reconcile software assets receipt data for verification and audit

    • Oversee and coordinate with external/internal auditors (GAO, TIGTA, and CFO) regarding IT assets

    • Administrate guidelines for quality reviews

Procedure

  1. Procedure Graphs

A1 Receive and Process Notifications
  1. Notification is received and processed for all IT asset acquisitions.

    ID Task Name and Description Role RACI Duties
    A1.1 Receive notification of purchase

    This task includes receiving an e-mail or systemic notification for asset purchases initiated.
    Asset Management Specialists - Software R Receive mail or systemic notification
        Stakeholders C Submit purchase notification
    A1.2 Validate purchase data

    This task includes reviewing purchase and supplemental documentation (requisitions and contracts).
    Asset Management Specialists - Software R Verify information in purchasing systems and repository

A2 Update Repository
  1. Create/Update record.

    ID Task Name and Description Role RACI Duties
    A2.1 Validate IT asset receipt

    This task includes verifying the receipt of purchased software.
    Stakeholders


    Asset Management Specialists - Software
    R


    I
    Submit notification

    Confirm receipt of IT assets
    A2.2 Add new IT assets to repository

    This task includes adding the purchased software to the repository.
    Asset Management Specialists - Software R Update asset record in repository
Cross-Functional Diagram
  1. Step 2 - Process Acquired IT Asset - Software Procedure Flow Diagram

    Figure 2.149.4-2

    This is an Image: 67522002.gif

    Please click here for the text description of the image.

Step 3 - Deploy IT Asset Workflow

  1. Step 3 - Deploy IT Asset process is for Hardware IT assets only. Software IT assets are deployed in the Release & Deployment process.

Step 4 - Maintain IT Asset Workflow

  1. A workflow consists of Activities and Tasks, Inputs and Outputs, Roles, and Flow Diagrams. It describes the tasks, procedural steps, organizations or people involved, required input and output information, and tools needed for each step of the process.

Main Process Diagram

  1. This step does not have a Main Process Diagram, only Cross-Functional Diagram.

  2. Step 4 - Maintain IT Asset is to outline the steps required to inventory, count and track assets, monitor usage, and manage warranties (hardware) contracts for maintenance and support. Some of these activities include monitoring the useful life of an asset, quality reviews and continuous evaluations to improve services for future modification. Each activity may have a different trigger(s) that starts the process.

Entry Criteria

  1. Generally, Step 4 - Maintain IT Asset - Software procedure occurs after the following event:

    • IT asset is deployed in the IT infrastructure

Inputs

  1. Process inputs are used as triggers to initiate the process and to produce the desired outputs. Users, stakeholders or other processes provide inputs. The following is a list of inputs for this process:

    Name Description Supplier
    IT Asset The property or equipment that is part of the information technology infrastructure, including hardware and software for IT and telecommunications data and voice that is in use, in reserve storage, or awaiting disposal. Strategic Supplier Management, Asset Management
    Asset Repository The database that stores, maintains, and tracks the value and ownership of assets. Asset Management
    Asset Management Reports The reports generated to provide data on the asset management inventory. Asset Management, Strategic Supplier Management
    Maintenance and Warranty Agreements The warranties are agreements which call for the replacement or repair of hardware assets at no additional charge. Maintenance agreements ensure continued operation of an IT asset by providing preventive and remedial services including support and installation. Strategic Supplier Management
    Purchase Documentation The types of purchase documentation include requisitions awards, shipping information, vendor quotes and contracts. Strategic Supplier Management
    Financial/ Compliance Audits (GAO, TIGTA, CFO) The formal inspection and verification to check whether a standard or set of guidelines is being followed, that records are accurate, or that efficiency and effectiveness targets are being met. Audit Management (Strategy & Planning)
    Service Request A request from a User for information, or advice, or for a Standard Change or for Access to an IT Service. Request Fulfillment
    Incident An unplanned interruption to an IT Service or a reduction in the Quality of an IT Service. Incident Management
    Policies and Directives The guidelines to manage the IT Asset Management program and ensure financial assets are accurately tracked in the authoritative repositories. Asset Management
    RFC/Work Request A formal proposal for a change to be made (work request). An RFC includes details of the proposed change, and may be recorded on paper or electronically. Change Management

Outputs

  1. Each process produces tangible outputs. These outputs can take the form of products or data and can be delivered to a user or stakeholder, or, they can be used as inputs to other processes. Outputs are measurable in terms of quantity and quality.

    Name Description Recipient
    Asset Repository An asset record is updated within the Asset Repository. Asset Management
    Asset Management Reports The reports generated to provide data on the current asset management inventory. Asset Management, Strategic Supplier Management, Stakeholders
    Service Request A request from a User for information, or advice, or for a Standard Change or for Access to an IT Service has been fulfilled and closed. Request Fulfillment, Asset Management
    Incident The resolution of an unplanned interruption to an IT Service or a reduction in the Quality of an IT Service. Incident Management, Asset Management
    Knowledge Article The shared information or instructions contained in a centralized database. Knowledge Management, Stakeholders

Exit Criteria

  1. Step 4 - Maintain IT Asset - Software procedure is exited when:

    • IT assets are managed in the repository until end of life

Activities

  1. An activity is a major unit of work to be completed in achieving the objectives of the process. A process consists of a sequence of related activities that transforms inputs into outputs and performed by the roles defined in the process. Identify the activities in the process and provide a brief description. The activities must correspond with the high-level process flow diagram above.

    ID Name Description
    A1 Manage inventory data Verify IRS owned IT assets are consistent with the inventory.
    A2 Manage report data Generate and analyze reports for recommendations.
    A3 Manage audits Collaborate to ensure compliance and respond to all IT asset internal/external audits and requests for information. The corrective actions will result in improved data and processes.
    A4 Update repository Process the IT asset record changes in the authoritative repository.
    A5 Recommend corrective actions Process data improvements as needed.

Roles

  1. Each process defines at least one role. Each role is assigned to perform specific tasks within the process. The responsibilities of a role are confined to the specific process. They do not imply any functional standing within the hierarchy of an organization. For example, the process manager role does not imply the role is associated with or fulfilled by someone with functional management responsibilities within the organization. Within a specific process, there can be more than one individual associated with a specific role. Additionally, a single individual can assume more than one role within the process although typically not at the same time.

    Name Description
    Asset Management Specialists - Software
    • Manage control processes and interactions for all enterprise-wide software financial assets and associated components

    • Develop policies and procedures related to the management of software assets as needed

    • Monitor software usage

    • Manage software licenses

    • Ensure compliance with IRS software standards

    • Reconcile software assets receipt data for verification and audit

    • Oversee and coordinate with external/internal auditors (GAO, TIGTA, and CFO) regarding IT assets

    • Administrate guidelines for quality reviews

Procedure

  1. Procedure Graphs

A1 Manage Inventory Data
  1. Verify IRS owned IT assets are consistent with the inventory.

    ID Task Name and Description Role RACI Duties
    A1.1 Review and analyze licenses to manage compliance

    This task includes monitoring inventory levels and reviewing documentation to determine license position.
    Asset Management Specialists - Software R Manage licenses:
    • Compare software license versus installed

    • Perform software metering/harvesting

    • Track license compliance

    • Review software contract for compliance

      Go to A5: Recommend Corrective Actions      

A2 Manage Report Data
  1. Generate and analyze reports for recommendations.

    ID Task Name and Description Role RACI Duties
    A2.1 Generate reports

    This task is performed in the daily management of the repository to ensure accuracy and monitoring of the software life cycle. Common triggers for this activity include RFC/Work Request, Service Requests and Maintenance Renewal requests.
    Asset Management Specialists - Software

    Stakeholders
    R




    C
    Generate Asset Management reports

    Submit request
    A2.2 Analyze report findings

    This task involves analyzing reports and supporting documentation to determine availability, identify non -compliance and data discrepancies/anomalies.
    Asset Management Specialists - Software







     
    R










     
    Validate the results of the report query

    Evaluate report results against request

    Communicate findings
     
        Stakeholders C Receive report/findings and provide response
    A2.3 Correct Deficiencies

    This task involves correcting inaccuracies and anomalies in the repository within the scope of the Asset Management Specialists - Software.
    Asset Management Specialists - Software R Update repository
      Go to A5: Recommend Corrective Actions      

A3 Manage Audits
  1. Collaborate to ensure compliance and respond to all IT asset internal/external audits and requests for information. The corrective actions will result in improved data and processes.

    ID Task Name and Description Role RACI Duties
    A3.1 Respond to audit requests

    This task involves providing data to TIGTA, CFO and GAO for audit requests.
    Asset Management Specialists - Software R Conduct research and provide data requested
        Stakeholders C Communicate audit requirements
    A3.2 Receive audit findings

    This task involves receiving and analyzing audit findings from TIGTA, CFO and GAO. Develop and provide an appropriate response.
    Asset Management Specialists - Software R Review information and provide feedback
        Stakeholders C Communicate audit findings
    A3.3 Perform corrective actions based on audit findings

    This task involves performing corrective actions within the scope of the Asset Management Specialists - Software.
    Asset Management Specialists - Software R Implement recommendations to address corrective actions

    Communicate corrective actions implemented
        Stakeholders I Receive notification of corrective actions implemented
      Go to A5: Recommend Corrective Actions      

A4 Update Repository
  1. Process the IT asset record changes in the authoritative repository.

    ID Task Name and Description Role RACI Duties
    A4.1 Process repository changes

    This task involves updating the repository in response to the supporting change documents.
    Asset Management Specialists - Software R Update the repository as requested from:
    • Incident

    • RFC/Work Request

    • Service Request

    • Purchase Notification

        Stakeholders C Submit change request
      The end state is a “Managed IT Asset”      

A5 Recommend Corrective Actions
  1. Process data improvements as needed.

    ID Task Name and Description Role RACI Duties
    A5.1 Manage data discrepancies

    This task includes managing IT asset data discrepancies.
    Asset Management Specialists - Software R Generate Asset Management reports
    A5.2 Issue guidance

    This task includes performing analysis for areas of improvements and making recommendations.
    Asset Management Specialists - Software R Analyze reports and make recommendations
        Stakeholders I Receive recommendations for corrective actions
    A5.3 Process repository changes

    This task includes modifications to the repository in response to the corrective actions.
    Asset Management Specialists - Software R Make changes to the repository to address corrective actions
      The end state is a “Managed IT Asset”      

Cross-Functional Diagram
  1. Step 4 - Maintain IT Asset Overview - Software Procedure Flow Diagram

    Figure 2.149.4-3

    This is an Image: 67522003.gif

    Please click here for the text description of the image.

Step 5 - Dispose IT Asset Workflow

  1. A workflow consists of Activities and Tasks, Inputs and Outputs, Roles, and Flow Diagrams. It describes the tasks, procedural steps, organizations or people involved, required input and output information, and tools needed for each step of the process.

Main Process Diagram

  1. This step does not have a Main Process Diagram, only Cross-Functional Diagram.

  2. Step 5 - Dispose IT Asset is to remove IT assets from active inventory and make them unavailable for use. Some of these activities include determining IT assets reaching end of life and performing disposal activities.

Entry Criteria

  1. Generally, Step 5 - Dispose IT Asset - Software procedure occurs after the following event:

    • IT asset is ready for disposal or reached end of life

Inputs

  1. Process inputs are used as triggers to initiate the process and to produce the desired outputs. Users, stakeholders or other processes provide inputs. The following is a list of inputs for this process:

    Name Description Supplier
    IT Asset The property or equipment that is part of the information technology infrastructure, including hardware and software for IT and telecommunications data and voice that is in use, in reserve storage, or is awaiting disposal. Strategic Supplier Management, Asset Management
    Asset Repository The database that stores, maintains and tracks the value and ownership of assets. Asset Management
    Asset Management Reports The reports generated to provide data on the asset management inventory. Asset Management, Strategic Supplier Management
    Service Request A request from a User for information, or advice, or for a Standard Change or for Access to an IT Service. Request Fulfillment
    Incident An unplanned interruption to an IT Service or a reduction in the Quality of an IT Service. Incident Management
    Policies and Directives The guidelines to manage the IT Asset Management program and ensure financial assets are accurately tracked in the authoritative repositories. Asset Management
    Maintenance and Warranty Agreements The warranties are agreements which call for the replacement or repair of hardware assets at no additional charge. Maintenance agreements ensure continued operation of an IT asset by providing preventive and remedial services including support and installation. Strategic Supplier Management, FMSS

Outputs

  1. Each process produces tangible outputs. These outputs can take the form of products or data and can be delivered to a user or stakeholder, or, they can be used as inputs to other processes. Outputs are measurable in terms of quantity and quality.

    Name Description Recipient
    Asset Management Reports The reports generated to provide data on the current asset management inventory. Asset Management, Strategic Supplier Management, Stakeholders
    Service Request A request from a User for information, or advice, or for a Standard Change or for Access to an IT Service has been fulfilled and closed. Request Fulfillment, Asset Management
    Incident The resolution of an unplanned interruption to an IT Service or a reduction in the Quality of an IT Service. Incident Management, Asset Management
    Asset Repository An asset record is updated within the Asset Repository. Asset Management
    Knowledge Article The shared information or instructions contained in a centralized database. Knowledge Management, Stakeholders

Exit Criteria

  1. Step 5 - Dispose IT Asset - Software procedure is exited when:

    • IT asset has been removed from the IRS environment and record updates have been finalized

Activities

  1. An activity is a major unit of work to be completed in achieving the objectives of the process. A process consists of a sequence of related activities that transforms inputs into outputs and performed by the roles defined in the process. Identify the activities in the process and provide a brief description. The activities must correspond with the high-level process flow diagram above.

    ID Name Description
    A1 Determine IT assets at EOL Monitor and manage IT assets that do not meet operational needs in accordance with end of life (EOL) criteria which is based upon the contract.
    A2 Manage disposal activities Perform the steps to remove IT asset from operational use.
    A3 Update repository Execute disposition updates for IT assets by processing IT asset record changes.

Roles

  1. Each process defines at least one role. Each role is assigned to perform specific tasks within the process. The responsibilities of a role are confined to the specific process. They do not imply any functional standing within the hierarchy of an organization. For example, the process manager role does not imply the role is associated with or fulfilled by someone with functional management responsibilities within the organization. Within a specific process, there can be more than one individual associated with a specific role. Additionally, a single individual can assume more than one role within the process although typically not at the same time.

    Name Description
    Asset Management Specialists - Software
    • Manage control processes and interactions for all enterprise-wide software financial assets and associated components

    • Develop policies and procedures related to the management of software assets as needed

    • Monitor software usage

    • Manage software licenses

    • Ensure compliance with IRS software standards

    • Reconcile software assets receipt data for verification and audit

    • Oversee and coordinate with external/internal auditors (GAO, TIGTA, and CFO) regarding IT assets

    • Administrate guidelines for quality reviews

Procedure

  1. Procedure Graphs.

A1 Determine IT Asset At EOL
  1. Monitor and manage IT assets that do not meet operational needs in accordance with end of life (EOL) criteria which is based upon the contract.

    ID Task Name and Description Role RACI Duties
    A1.1 Validate request for EOL

    This task includes receiving notification for software that is no longer in use.
    Asset Management Specialists - Software



     
    R





     
    Receive information or request regarding IT assets at EOL
     
        Stakeholders C Submit EOL notification
    A1.2 Monitor for software no longer supported

    This task involves checking the repository for existence of EOL software.
    Asset Management Specialists - Software

     
    R



     
    Check repository for EOL IT assets
     
        Stakeholders I Receive information for software no longer supported by manufacturer

A2 Manage Disposal Activities
  1. Perform the steps to remove IT asset from operational use.

    ID Task Name and Description Role RACI Duties
    A2.1 Review EOL request

    This task includes reviewing notification for termination of maintenance/contract agreements.
    Asset Management Specialists - Software R Receive notification from stakeholders about termination of any maintenance/contract agreements
        Stakeholders C Submit notification
    A2.2 Notify stakeholders

    This task includes working with impacted stakeholders for the removal of software from the infrastructure.
    Asset Management Specialists - Software R Collaborate with stakeholders for EOL activities
        Stakeholders I Receive the notification and take appropriate actions

A3 Update Repository
  1. Execute disposition updates for IT assets by processing IT asset record changes.

    ID Task Name and Description Role RACI Duties
    A3.1 Process repository changes

    This task includes modifications to the repository according to the EOL procedures.
    Asset Management Specialists - Software R Update repository to reflect EOL

Cross-Functional Diagram
  1. Step 5 - Dispose IT Asset - Software Procedure Flow Diagram

    Figure 2.149.4-4

    This is an Image: 67522004.gif

    Please click here for the text description of the image.