What tools and methodology would you leverage to come up with a metric to prove accuracy and completion of your asset inventory? How would you prove that it’s accurate and how would you prove that its complete?
Great question. I believe metrics for asset accuracy are lifecycle status/stage specific. For example, during the disposition process there is a significate difference between an asset that is retired versus disposed. This distinction is necessary because there may be a significant time between the retirement (asset is no longer being used) and the physical disposal (asset is shipped to a disposal vendor). Of course, there is also a transfer of ownership. An asset should not be considered Disposed until, and unless, there is positive transfer of custody established. A disposal vendor will not accept ownership or responsibility for an asset until it is received.
Accuracy during disposition is measured several ways. The most important metric we have is Tracked. In short, an asset is considered tracked if chain of custody can be established by serial number and or disposal tag. An inventory (of disposed assets) is not accurate if there are asset untracked.
The second part of your question (how accuracy can be proven) is fantastic. There should be a consensus protocol. Metrics must have clear definitions understood and agreed to by all. Measurements should be auditable and reliable (if someone else measures, the get the same results).
Thanks for the great question.
I would say that you a methodology that is underpinned by the following processes:
- management of the financial/supplier data around the IT assets (contract, supplier, cost, depreciation)
- inventorying the computing devices that are live on the network
- lifecycle updates
So yes we are talking about CMDB as the single source of truth that pulls together datasets from SAM inventory tools, procurement tools/processes, disposal and recycling process, third party supplier data and produces a reliable view of distinct assets are delivering a business value or cost.
The metrics would focus on inconsistencies or gaps in the data for example;
% correlation between the datasets. Any misalignment could mean that your inventory capture tool is deficient, or your purchase data ingest isn’t complete or your disposal process somehow permits machines back on the network after they have been marked as “for disposal” etc etc.
If you have multiple inventory tools, you could devise a system of measuring how much confidence that an asset actually exists - which tool has the most recent scan/ping date? how much do you trust that tool? Have at least two inventory tools reported this device in the last 7 days?
I would base completeness on looking at all the potential assets that could exist from purchase data, Anti Virus tool data, inventory tool data and having a robust logical system to throw out bad or unreliable data and grade the data based on confidence level. Automate the logic and tweak to taste.
your IT assets are being bought but not being used or the decommissioned