Johannesburg, 16 Sep 2005
At least 75% of companies are highly exposed to risk and overspend on IT assets, and are not optimising their IT operations, says PricewaterhouseCoopers (PWC) senior manager Diane Kelway.
Speaking at a PWC book launch in Sandton yesterday, Kelway quoted research firm Gartner as saying that fewer than 25% of companies worldwide had an enterprise-wide lifecycle asset management programme that would proactively address risk, minimise costs and improve the operational efficiency of their environment.
IT asset management was about the proactive management of all aspects of IT assets, not just hardware and software, Kelway said, and involved governance and processes (requisition, procurement, deployment, maintenance and retirement, as well as technology).
"IT asset management is the management of change, configuration, maintenance, cost, contracts and services associated with all IT assets," she added.
In addition to fulfilling corporate governance responsibilities, proper IT asset management could add value to the business by improving productivity, managing risk, controlling costs and creating better business alignment.
"Most companies believe it`s all or nothing," she said. "They believe they have to have governance, processes and technology, but that is not the case.
"The key to IT asset management is the processes. Even Gartner says if you have an IT asset management programme, look at your processes and refine them."
Identity management
Speaking at the same event, PWC senior manager Ugan Naidoo said that identity management was also an essential tool to improve IT and business effectiveness.
He defined identity management as "providing the right people with the right access at the right time".
"The reality is that on the Internet, nobody knows who you are. When we engage with our partners and customers online, do we know who we are dealing with?"
He added that managing the identity of users is one of the challenges companies faced daily. "As our companies grow, we don`t know who is doing what. And when people resign, they are still on the systems a year later. That`s a huge risk."
The centre of a good identity management system should be an enterprise user directory, the central repository of identity information, with the system comprising authentication (such as a password or biometrics), access control (what the user is allowed to access) and user information (managing the lifecycle of an identity).
Naidoo said identity management could lower costs, increase security, improve customer service, increase productivity, increase flexibility and lead to better compliance management.
"This may seem like a lot of promises, but we do believe that ID management can deliver on its promises," he added.
However, identity management was not an IT initiative alone, but should span all business units and be supported by IT.
Share