In the world of IT and cybersecurity, the term “interdependency” is used frequently when discussing the KPAs (key performance areas). This month, however, it struck a chord with us.
The Conversation
In our industry, interdependence is essential when different technologies work together and rely on one another to get things done. Take the internet, for example. All those different services are linked up and work together, each one needing the others to do their jobs properly.
As our team was discussing IAITAM’s (International Association of IT Asset Management) best practices for SAM (storage asset management), we came across the topics of compliance audits, preparedness for audits, and keeping a library of documentation to prove that you are complying with regulations or have documentation that diminishes your exposure to costly reconciliation fees or compliance fines.
One of the key areas of documentation was to have an accurate inventory process. This means not only surveying what’s active but also what’s sitting in inventory for either disposal or redeployment. Additionally, it’s important to look at the records of what is already imaged on those assets, documentation, and an audit trail or record of what has been dispositioned, Thus, bringing the concept of interdependency within our space.
How it Works
Due to the silo effect, many organizations have little communication between the CSAM (Cybersecurity Asset Management) & CITAD (Certification in IT Asset Disposition) departments. CITAD folks are always looking for ways to reduce their disposal costs and often they will decide to only audit and track hard drives that are being disposed of.
While capturing this info during the disposition process and getting a validation report from your vendor is a best practice, you will be leaving a huge documentation gap for your SAM team if you elect to forgo the audit/validation report from your disposition vendor. As a Hardware Asset Manager or ITAD Manager, you are trying to be responsible by controlling costs but in fact are creating a huge risk/liability for the SAM team to document compliance for software licensing on any asset class that requires software use tracking.
ITAD professionals are constantly grappling with the intricate relationships between different aspects of IT asset management, such as hardware disposal, data security, and regulatory compliance. The interconnected nature of these factors highlights the importance of recognizing and addressing the dependencies between them to ensure smooth operations and mitigate risks. As ITAD practices evolve and become more complex, the conversation around interdependency continues to shape the strategies and approaches adopted by industry professionals like us. All 12 of IAITAM’s KPAs operate interdependently, and we must open communications with other IT departments to ensure we are working as one team.