ISO 19770 A Complete Guide
You're under pressure. Audit season is coming. Your leadership team wants proof of software compliance. Your tools are fragmented. Your spreadsheets are outdated. And you're expected to deliver airtight software asset reports without clear standards or support. There’s real risk here. Non-compliance means six-figure fines. Inefficiency means wasted budget. And confusion around ISO 19770 leaves you vulnerable-exposed not just financially, but professionally. But there's also a massive opportunity. An opportunity to become the go-to expert in software asset management. To turn chaos into control. To build processes so robust they become the blueprint for your entire organisation. That transformation starts with ISO 19770 A Complete Guide. This is not theory. It’s a field-tested, step-by-step blueprint used by top enterprises to pass audits, reduce licensing costs, and establish automated, compliant software management systems that scale. One recent learner, Maya R., IT Compliance Lead at a global financial firm, used this guide to cut her team’s audit preparation time from three weeks to four days. Her process now passes internal review on the first try-and she was promoted six months later. Imagine walking into any meeting with complete confidence in your SAM framework, knowing every tool, process, and policy aligns with the international standard. That’s what this course delivers: clarity, compliance, and credibility-all in one proven system. Here’s how this course is structured to help you get there.Course Format & Delivery Details Learn at Your Own Pace, On Any Device, Anytime
This is a self-paced learning experience designed for real professionals with real responsibilities. You gain immediate online access upon enrollment, with no fixed dates, live sessions, or strict timelines. You decide when and where to learn-during flights, after meetings, or between audits. The entire curriculum is mobile-friendly, fully responsive, and accessible 24/7 from anywhere in the world. Most learners complete the course in 21 to 30 days, dedicating just 45–60 minutes per session. But the real impact starts much sooner. Within the first 72 hours, you’ll have actionable templates and checklists you can implement immediately-even before finishing the full program. Lifetime Access & Continuous Updates Included
Enroll once, benefit forever. You receive lifetime access to all course materials, including any future updates to ISO 19770 standards and related frameworks. As regulations evolve, your knowledge stays current-at absolutely no additional cost. No subscriptions. No hidden fees. Just one upfront investment in your expertise. Expert-Led, Practitioner-Validated, Results-Driven
You are not learning from academics. You are guided by industry practitioners with 15+ years of real-world software asset management deployment across Fortune 500 companies. Your questions are supported via direct instructor feedback channels, with structured guidance built into every module to ensure clarity and confidence at each step. Certificate of Completion Issued by The Art of Service
Upon finishing the course, you receive a formal Certificate of Completion issued by The Art of Service-a globally recognised credential respected by auditors, compliance officers, and IT leaders worldwide. This is not a participation badge. It’s verified proof of mastery in ISO 19770 implementation, trusted by thousands of professionals across 90+ countries. Transparent Pricing. No Risk. Full Confidence.
Pricing is straightforward with no hidden fees. We accept all major payment methods including Visa, Mastercard, and PayPal. Your transaction is secure, instant, and fully encrypted. After enrollment, you will receive a confirmation email, and your access details will be delivered separately once your course materials are prepared-ensuring accuracy and readiness before you begin. We back this course with a powerful promise: if you complete all modules and don’t feel significantly more confident in designing, implementing, and auditing an ISO 19770-compliant software asset management system, you’re eligible for a full refund. No questions asked. This Works Even If…
- You’ve never implemented a formal SAM framework before
- Your organisation uses hybrid or multi-cloud environments
- You’re new to compliance standards or reporting structures
- You work in a highly regulated sector like finance or healthcare
- Your current tools don’t fully support ISO 19770 requirements
Our material is role-specific, outcome-focused, and built for practical adoption. You’ll find examples tailored to SAM managers, IT auditors, compliance leads, and enterprise architects. Over 87% of past participants reported measurable improvements in audit readiness within 30 days of completion. This isn’t just knowledge transfer. It’s risk reversal. You gain everything. You risk nothing.
Module 1: Foundations of ISO 19770 and Software Asset Management - Understanding the purpose and global relevance of ISO 19770
- Evolution of software asset management from reactive to strategic
- Key differences between ISO 19770-1, 19770-2, 19770-3, and 19770-4
- Role of ISO 19770 in supporting ITIL, COBIT, and other governance frameworks
- Why standards matter in software licensing and vendor negotiations
- Mapping ISO 19770 to business value and cost optimisation
- Overview of software lifecycle management in compliance context
- Common misconceptions about software tagging and discovery
- Integrating ISO 19770 with existing IT service management platforms
- Defining scope: on-prem, cloud, SaaS, PaaS, IaaS
Module 2: ISO 19770-1: Software Lifecycle Management Overview - Core principles of ISO 19770-1: governance and structure
- Defining organisational roles and responsibilities in SAM
- Establishing a Software Asset Management policy framework
- Developing a SAM strategy aligned to business objectives
- Creating a SAM steering committee: who should be involved
- Aligning SAM goals with procurement, finance, and IT departments
- Risk-based prioritisation of software assets
- Measuring SAM maturity: CMMI model integration
- Documenting processes for internal audit and external validation
- Linking software lifecycle phases to compliance requirements
Module 3: ISO 19770-2: Software Identification Tags (SWID Tags) - Introduction to SWID tags: definitions and core concepts
- Purpose of SWID tags in discovery, inventory, and reconciliation
- Structure of a SWID tag: Entity, Meta, Link, and Payload elements
- Understanding tag creation: authoritative sources and ownership
- Difference between primary and secondary SWID tags
- Tagging software installations vs software entitlements
- Best practices for generating SWID tags in-house
- Using metadata: product title, version, publisher, unique ID
- XML schema compliance for SWID tag structure
- Validating SWID tags using standard parsers and tools
Module 4: Implementation of SWID Tagging Strategies - Choosing between tag formats: compact vs full
- Deploying SWID tags in Windows, Linux, and macOS environments
- Integrating SWID tags with configuration management databases (CMDB)
- Automating tag generation using build pipelines or DevOps tools
- Tagging virtualised applications and containerised workloads
- Handling multi-language and regional software versions
- Managing updates and version changes with SWID tags
- Using digital signatures to secure SWID tag integrity
- Resolving conflicts when multiple tags claim the same software
- Audit trail practices for tag creation and modification
Module 5: ISO 19770-3: Entitlement Management and Licensing - Introduction to ISO 19770-3: software entitlement schema
- Differentiating between software identity and usage rights
- Modelling entitlements: licences, subscriptions, tokens, and rights
- Defining relationships between licences and installations
- Using XML schema to express licensing rules and constraints
- Representing bulk licences, floating pools, and concurrent users
- Modelling upgrade paths, downgrade rights, and licence transfers
- Linking entitlements to procurement contracts and purchase orders
- Creating reusable templates for common licensing models
- Automating compliance checks using entitlement-to-installation mapping
Module 6: Building an Entitlement Reconciliation Process - Matching discovered software with entitlement records
- Identifying under-licensed and over-licensed applications
- Using reconciliation reports for vendor negotiations
- Resolving discrepancies: false positives, stale data, virtual usage
- Tracking software transfers and reassignments
- Integrating with procurement systems to auto-update entitlements
- Automating reconciliation using rule-based engines
- Reporting on licence optimisation opportunities
- Handling time-bound licences and trial software
- Documenting reconciliation procedures for auditors
Module 7: ISO 19770-4: Process-Measurement and Conformance - Overview of ISO 19770-4: process metrics and measurement
- Defining KPIs for software discovery, inventory accuracy, and compliance
- Measuring effectiveness of SWID tag adoption across systems
- Tracking reconciliation completeness and timeliness
- Benchmarking SAM performance against industry standards
- Setting thresholds for high-risk software categories
- Creating dashboards for executive reporting
- Using process metrics to justify SAM programme funding
- Establishing continuous improvement cycles in SAM
- Mapping metrics to audit preparedness and risk mitigation
Module 8: Discovery and Inventory Tools Integration - Evaluating discovery tools for ISO 19770 compliance support
- Assessing compatibility with SWID tag parsing and ingestion
- Configuring tools to prioritise software identification accuracy
- Reducing false positives through normalisation rules
- Handling agent-based vs agentless discovery methods
- Integrating discovery data with service desks and CMDBs
- Managing cloud workloads and ephemeral instances
- Validating completeness of discovery across hybrid environments
- Using synthetic transactions to test discovery coverage
- Creating reconciliation reports from raw discovery data
Module 9: Data Normalisation and Software Identification - Challenges in software title consistency across systems
- Building a corporate software dictionary
- Using publisher, version, and edition for accurate matching
- Differentiating between patches, service packs, and minor releases
- Handling bundled software and suite products
- Normalising names from different discovery tools
- Automating normalisation using rule sets and AI logic
- Linking normalised data to SWID tags and entitlements
- Maintaining version-to-entitlement mappings
- Auditing normalisation decisions for compliance review
Module 10: Establishing a Software Catalogue - Designing a centralised software catalogue architecture
- Determining ownership and stewardship of entries
- Defining mandatory fields: product name, publisher, category, risk level
- Linking catalogue entries to SWID tags, licences, and policies
- Classifying software by business criticality and security risk
- Managing approved, restricted, and prohibited software lists
- Integrating the catalogue with onboarding and procurement workflows
- Automating catalogue updates based on discovery findings
- Using the catalogue to enforce policy during deployment
- Reporting on catalogue completeness and governance adherence
Module 11: Building a SAM System Architecture - Defining the components of a SAM ecosystem
- Selecting tools: discovery, inventory, reconciliation, reporting
- Integrating SAM tools with ITSM, ERP, and procurement systems
- Ensuring data flow integrity between systems
- Designing role-based access controls for SAM data
- Securing sensitive licensing and compliance data
- Choosing between on-prem, hosted, and SaaS solutions
- Planning for scalability and data volume growth
- Testing integration points with sample workloads
- Documenting architecture for internal and external audit
Module 12: Policy Development and Governance Frameworks - Writing a corporate SAM policy: structure and content
- Establishing compliance expectations across departments
- Defining escalation paths for policy violations
- Linking policies to disciplinary and financial consequences
- Communicating policies to end users and technical teams
- Setting review cycles for policy updates
- Incorporating regulatory requirements into policy design
- Aligning with cybersecurity, data privacy, and licensing laws
- Creating supporting procedures and standards documents
- Training staff on policy awareness and enforcement
Module 13: Stakeholder Engagement and Cross-Functional Alignment - Identifying key stakeholders in SAM: IT, legal, procurement, finance
- Understanding stakeholder motivations and concerns
- Creating value propositions for each department
- Hosting regular SAM governance meetings
- Developing shared success metrics across teams
- Managing resistance through transparency and quick wins
- Using case studies to demonstrate ROI to leadership
- Building trust through consistent reporting and follow-up
- Establishing feedback loops for process improvement
- Running quarterly SAM performance reviews with executives
Module 14: Audit Preparedness and Vendor Interaction - Recognising signs of an impending software audit
- Preparing data packs: inventory, entitlements, reconciliation reports
- Validating data accuracy and completeness before submission
- Responding to vendor questionnaires and audit requests
- Negotiating audit scope and timelines with vendors
- Using ISO 19770 compliance as a defensive strategy
- Presenting SWID tags and entitlement records as evidence
- Calculating true-up exposure and identifying leverage points
- Engaging legal counsel with clear, standardised documentation
- Post-audit review: lessons learned and process improvements
Module 15: Continuous Compliance and Automation - Transitioning from point-in-time to continuous compliance
- Designing automated workflows for discovery and reconciliation
- Scheduling regular data validation routines
- Setting up alerts for licensing breaches and discovery gaps
- Integrating with change and release management processes
- Automatically updating entitlements after purchases
- Handling decommissioned software with removal tracking
- Using APIs to sync data across systems in near real-time
- Reducing manual effort through workflow orchestration
- Maintaining audit-ready status at all times
Module 16: Advanced Topics in Virtualisation and Cloud - Applying ISO 19770 principles in virtual environments
- Tagging software in VMs, containers, and serverless functions
- Managing dynamic workloads with auto-scaling and ephemeral nodes
- Tracking software in Kubernetes, Docker, and OpenShift
- Handling multi-tenant SaaS environments and usage metrics
- Mapping subscriptions to individual business units
- Measuring consumption-based licensing across cloud providers
- Integrating with AWS, Azure, and GCP billing and usage APIs
- Normalising cloud-native software names for reporting
- Applying SWID principles to proprietary cloud services
Module 17: Third-Party and Open Source Software Compliance - Identifying open source software in your environment
- Understanding licensing obligations: MIT, GPL, Apache, etc.
- Using SCANS and SBOMs to track open source usage
- Creating policies for open source approval and use
- Managing dependencies and nested components
- Assessing security risks associated with open source libraries
- Detecting unauthorised or outdated open source components
- Reporting open source usage to legal and compliance teams
- Applying SWID-like tagging to key open source packages
- Integrating with software composition analysis tools
Module 18: SAM Maturity Assessment and Roadmap Creation - Conducting a baseline assessment of current SAM capabilities
- Using the ISO 19770 maturity model to score your organisation
- Identifying immediate improvement areas and long-term goals
- Creating a prioritised implementation roadmap
- Setting milestones and success criteria
- Securing executive sponsorship for next-phase initiatives
- Building business cases around cost avoidance and risk reduction
- Scaling SAM from project to programme to operational function
- Tracking progress against maturity benchmarks
- Reporting maturity improvements to stakeholders annually
Module 19: Case Studies and Real-World Implementations - Global bank implements ISO 19770 to reduce audit findings by 78%
- Healthcare provider avoids $2.3M in licensing penalties
- Tech company standardises on SWID tags across 12 subsidiaries
- Retail chain reconciles 45,000 endpoints in under two weeks
- Government agency achieves 99.4% software inventory accuracy
- Manufacturer automates entitlement management across ERP systems
- University deploys SWID tagging in research computing clusters
- Pharmaceutical firm reduces software spend by 31% in one year
- Logistics company integrates SAM with change management workflows
- Insurance provider creates cloud-based SAM dashboard for auditors
Module 20: Certification Preparation and Next Steps - Reviewing key concepts across all ISO 19770 parts
- Practicing with realistic compliance scenarios and case problems
- Preparing for the final assessment: format and expectations
- Submitting required documentation for Certificate of Completion
- Receiving verification and official certification from The Art of Service
- Adding your certification to LinkedIn and professional profiles
- Accessing alumni resources and community forums
- Exploring advanced certifications in enterprise IT governance
- Using your credential in job applications and performance reviews
- Continuing professional development with updated materials
- Understanding the purpose and global relevance of ISO 19770
- Evolution of software asset management from reactive to strategic
- Key differences between ISO 19770-1, 19770-2, 19770-3, and 19770-4
- Role of ISO 19770 in supporting ITIL, COBIT, and other governance frameworks
- Why standards matter in software licensing and vendor negotiations
- Mapping ISO 19770 to business value and cost optimisation
- Overview of software lifecycle management in compliance context
- Common misconceptions about software tagging and discovery
- Integrating ISO 19770 with existing IT service management platforms
- Defining scope: on-prem, cloud, SaaS, PaaS, IaaS
Module 2: ISO 19770-1: Software Lifecycle Management Overview - Core principles of ISO 19770-1: governance and structure
- Defining organisational roles and responsibilities in SAM
- Establishing a Software Asset Management policy framework
- Developing a SAM strategy aligned to business objectives
- Creating a SAM steering committee: who should be involved
- Aligning SAM goals with procurement, finance, and IT departments
- Risk-based prioritisation of software assets
- Measuring SAM maturity: CMMI model integration
- Documenting processes for internal audit and external validation
- Linking software lifecycle phases to compliance requirements
Module 3: ISO 19770-2: Software Identification Tags (SWID Tags) - Introduction to SWID tags: definitions and core concepts
- Purpose of SWID tags in discovery, inventory, and reconciliation
- Structure of a SWID tag: Entity, Meta, Link, and Payload elements
- Understanding tag creation: authoritative sources and ownership
- Difference between primary and secondary SWID tags
- Tagging software installations vs software entitlements
- Best practices for generating SWID tags in-house
- Using metadata: product title, version, publisher, unique ID
- XML schema compliance for SWID tag structure
- Validating SWID tags using standard parsers and tools
Module 4: Implementation of SWID Tagging Strategies - Choosing between tag formats: compact vs full
- Deploying SWID tags in Windows, Linux, and macOS environments
- Integrating SWID tags with configuration management databases (CMDB)
- Automating tag generation using build pipelines or DevOps tools
- Tagging virtualised applications and containerised workloads
- Handling multi-language and regional software versions
- Managing updates and version changes with SWID tags
- Using digital signatures to secure SWID tag integrity
- Resolving conflicts when multiple tags claim the same software
- Audit trail practices for tag creation and modification
Module 5: ISO 19770-3: Entitlement Management and Licensing - Introduction to ISO 19770-3: software entitlement schema
- Differentiating between software identity and usage rights
- Modelling entitlements: licences, subscriptions, tokens, and rights
- Defining relationships between licences and installations
- Using XML schema to express licensing rules and constraints
- Representing bulk licences, floating pools, and concurrent users
- Modelling upgrade paths, downgrade rights, and licence transfers
- Linking entitlements to procurement contracts and purchase orders
- Creating reusable templates for common licensing models
- Automating compliance checks using entitlement-to-installation mapping
Module 6: Building an Entitlement Reconciliation Process - Matching discovered software with entitlement records
- Identifying under-licensed and over-licensed applications
- Using reconciliation reports for vendor negotiations
- Resolving discrepancies: false positives, stale data, virtual usage
- Tracking software transfers and reassignments
- Integrating with procurement systems to auto-update entitlements
- Automating reconciliation using rule-based engines
- Reporting on licence optimisation opportunities
- Handling time-bound licences and trial software
- Documenting reconciliation procedures for auditors
Module 7: ISO 19770-4: Process-Measurement and Conformance - Overview of ISO 19770-4: process metrics and measurement
- Defining KPIs for software discovery, inventory accuracy, and compliance
- Measuring effectiveness of SWID tag adoption across systems
- Tracking reconciliation completeness and timeliness
- Benchmarking SAM performance against industry standards
- Setting thresholds for high-risk software categories
- Creating dashboards for executive reporting
- Using process metrics to justify SAM programme funding
- Establishing continuous improvement cycles in SAM
- Mapping metrics to audit preparedness and risk mitigation
Module 8: Discovery and Inventory Tools Integration - Evaluating discovery tools for ISO 19770 compliance support
- Assessing compatibility with SWID tag parsing and ingestion
- Configuring tools to prioritise software identification accuracy
- Reducing false positives through normalisation rules
- Handling agent-based vs agentless discovery methods
- Integrating discovery data with service desks and CMDBs
- Managing cloud workloads and ephemeral instances
- Validating completeness of discovery across hybrid environments
- Using synthetic transactions to test discovery coverage
- Creating reconciliation reports from raw discovery data
Module 9: Data Normalisation and Software Identification - Challenges in software title consistency across systems
- Building a corporate software dictionary
- Using publisher, version, and edition for accurate matching
- Differentiating between patches, service packs, and minor releases
- Handling bundled software and suite products
- Normalising names from different discovery tools
- Automating normalisation using rule sets and AI logic
- Linking normalised data to SWID tags and entitlements
- Maintaining version-to-entitlement mappings
- Auditing normalisation decisions for compliance review
Module 10: Establishing a Software Catalogue - Designing a centralised software catalogue architecture
- Determining ownership and stewardship of entries
- Defining mandatory fields: product name, publisher, category, risk level
- Linking catalogue entries to SWID tags, licences, and policies
- Classifying software by business criticality and security risk
- Managing approved, restricted, and prohibited software lists
- Integrating the catalogue with onboarding and procurement workflows
- Automating catalogue updates based on discovery findings
- Using the catalogue to enforce policy during deployment
- Reporting on catalogue completeness and governance adherence
Module 11: Building a SAM System Architecture - Defining the components of a SAM ecosystem
- Selecting tools: discovery, inventory, reconciliation, reporting
- Integrating SAM tools with ITSM, ERP, and procurement systems
- Ensuring data flow integrity between systems
- Designing role-based access controls for SAM data
- Securing sensitive licensing and compliance data
- Choosing between on-prem, hosted, and SaaS solutions
- Planning for scalability and data volume growth
- Testing integration points with sample workloads
- Documenting architecture for internal and external audit
Module 12: Policy Development and Governance Frameworks - Writing a corporate SAM policy: structure and content
- Establishing compliance expectations across departments
- Defining escalation paths for policy violations
- Linking policies to disciplinary and financial consequences
- Communicating policies to end users and technical teams
- Setting review cycles for policy updates
- Incorporating regulatory requirements into policy design
- Aligning with cybersecurity, data privacy, and licensing laws
- Creating supporting procedures and standards documents
- Training staff on policy awareness and enforcement
Module 13: Stakeholder Engagement and Cross-Functional Alignment - Identifying key stakeholders in SAM: IT, legal, procurement, finance
- Understanding stakeholder motivations and concerns
- Creating value propositions for each department
- Hosting regular SAM governance meetings
- Developing shared success metrics across teams
- Managing resistance through transparency and quick wins
- Using case studies to demonstrate ROI to leadership
- Building trust through consistent reporting and follow-up
- Establishing feedback loops for process improvement
- Running quarterly SAM performance reviews with executives
Module 14: Audit Preparedness and Vendor Interaction - Recognising signs of an impending software audit
- Preparing data packs: inventory, entitlements, reconciliation reports
- Validating data accuracy and completeness before submission
- Responding to vendor questionnaires and audit requests
- Negotiating audit scope and timelines with vendors
- Using ISO 19770 compliance as a defensive strategy
- Presenting SWID tags and entitlement records as evidence
- Calculating true-up exposure and identifying leverage points
- Engaging legal counsel with clear, standardised documentation
- Post-audit review: lessons learned and process improvements
Module 15: Continuous Compliance and Automation - Transitioning from point-in-time to continuous compliance
- Designing automated workflows for discovery and reconciliation
- Scheduling regular data validation routines
- Setting up alerts for licensing breaches and discovery gaps
- Integrating with change and release management processes
- Automatically updating entitlements after purchases
- Handling decommissioned software with removal tracking
- Using APIs to sync data across systems in near real-time
- Reducing manual effort through workflow orchestration
- Maintaining audit-ready status at all times
Module 16: Advanced Topics in Virtualisation and Cloud - Applying ISO 19770 principles in virtual environments
- Tagging software in VMs, containers, and serverless functions
- Managing dynamic workloads with auto-scaling and ephemeral nodes
- Tracking software in Kubernetes, Docker, and OpenShift
- Handling multi-tenant SaaS environments and usage metrics
- Mapping subscriptions to individual business units
- Measuring consumption-based licensing across cloud providers
- Integrating with AWS, Azure, and GCP billing and usage APIs
- Normalising cloud-native software names for reporting
- Applying SWID principles to proprietary cloud services
Module 17: Third-Party and Open Source Software Compliance - Identifying open source software in your environment
- Understanding licensing obligations: MIT, GPL, Apache, etc.
- Using SCANS and SBOMs to track open source usage
- Creating policies for open source approval and use
- Managing dependencies and nested components
- Assessing security risks associated with open source libraries
- Detecting unauthorised or outdated open source components
- Reporting open source usage to legal and compliance teams
- Applying SWID-like tagging to key open source packages
- Integrating with software composition analysis tools
Module 18: SAM Maturity Assessment and Roadmap Creation - Conducting a baseline assessment of current SAM capabilities
- Using the ISO 19770 maturity model to score your organisation
- Identifying immediate improvement areas and long-term goals
- Creating a prioritised implementation roadmap
- Setting milestones and success criteria
- Securing executive sponsorship for next-phase initiatives
- Building business cases around cost avoidance and risk reduction
- Scaling SAM from project to programme to operational function
- Tracking progress against maturity benchmarks
- Reporting maturity improvements to stakeholders annually
Module 19: Case Studies and Real-World Implementations - Global bank implements ISO 19770 to reduce audit findings by 78%
- Healthcare provider avoids $2.3M in licensing penalties
- Tech company standardises on SWID tags across 12 subsidiaries
- Retail chain reconciles 45,000 endpoints in under two weeks
- Government agency achieves 99.4% software inventory accuracy
- Manufacturer automates entitlement management across ERP systems
- University deploys SWID tagging in research computing clusters
- Pharmaceutical firm reduces software spend by 31% in one year
- Logistics company integrates SAM with change management workflows
- Insurance provider creates cloud-based SAM dashboard for auditors
Module 20: Certification Preparation and Next Steps - Reviewing key concepts across all ISO 19770 parts
- Practicing with realistic compliance scenarios and case problems
- Preparing for the final assessment: format and expectations
- Submitting required documentation for Certificate of Completion
- Receiving verification and official certification from The Art of Service
- Adding your certification to LinkedIn and professional profiles
- Accessing alumni resources and community forums
- Exploring advanced certifications in enterprise IT governance
- Using your credential in job applications and performance reviews
- Continuing professional development with updated materials
- Introduction to SWID tags: definitions and core concepts
- Purpose of SWID tags in discovery, inventory, and reconciliation
- Structure of a SWID tag: Entity, Meta, Link, and Payload elements
- Understanding tag creation: authoritative sources and ownership
- Difference between primary and secondary SWID tags
- Tagging software installations vs software entitlements
- Best practices for generating SWID tags in-house
- Using metadata: product title, version, publisher, unique ID
- XML schema compliance for SWID tag structure
- Validating SWID tags using standard parsers and tools
Module 4: Implementation of SWID Tagging Strategies - Choosing between tag formats: compact vs full
- Deploying SWID tags in Windows, Linux, and macOS environments
- Integrating SWID tags with configuration management databases (CMDB)
- Automating tag generation using build pipelines or DevOps tools
- Tagging virtualised applications and containerised workloads
- Handling multi-language and regional software versions
- Managing updates and version changes with SWID tags
- Using digital signatures to secure SWID tag integrity
- Resolving conflicts when multiple tags claim the same software
- Audit trail practices for tag creation and modification
Module 5: ISO 19770-3: Entitlement Management and Licensing - Introduction to ISO 19770-3: software entitlement schema
- Differentiating between software identity and usage rights
- Modelling entitlements: licences, subscriptions, tokens, and rights
- Defining relationships between licences and installations
- Using XML schema to express licensing rules and constraints
- Representing bulk licences, floating pools, and concurrent users
- Modelling upgrade paths, downgrade rights, and licence transfers
- Linking entitlements to procurement contracts and purchase orders
- Creating reusable templates for common licensing models
- Automating compliance checks using entitlement-to-installation mapping
Module 6: Building an Entitlement Reconciliation Process - Matching discovered software with entitlement records
- Identifying under-licensed and over-licensed applications
- Using reconciliation reports for vendor negotiations
- Resolving discrepancies: false positives, stale data, virtual usage
- Tracking software transfers and reassignments
- Integrating with procurement systems to auto-update entitlements
- Automating reconciliation using rule-based engines
- Reporting on licence optimisation opportunities
- Handling time-bound licences and trial software
- Documenting reconciliation procedures for auditors
Module 7: ISO 19770-4: Process-Measurement and Conformance - Overview of ISO 19770-4: process metrics and measurement
- Defining KPIs for software discovery, inventory accuracy, and compliance
- Measuring effectiveness of SWID tag adoption across systems
- Tracking reconciliation completeness and timeliness
- Benchmarking SAM performance against industry standards
- Setting thresholds for high-risk software categories
- Creating dashboards for executive reporting
- Using process metrics to justify SAM programme funding
- Establishing continuous improvement cycles in SAM
- Mapping metrics to audit preparedness and risk mitigation
Module 8: Discovery and Inventory Tools Integration - Evaluating discovery tools for ISO 19770 compliance support
- Assessing compatibility with SWID tag parsing and ingestion
- Configuring tools to prioritise software identification accuracy
- Reducing false positives through normalisation rules
- Handling agent-based vs agentless discovery methods
- Integrating discovery data with service desks and CMDBs
- Managing cloud workloads and ephemeral instances
- Validating completeness of discovery across hybrid environments
- Using synthetic transactions to test discovery coverage
- Creating reconciliation reports from raw discovery data
Module 9: Data Normalisation and Software Identification - Challenges in software title consistency across systems
- Building a corporate software dictionary
- Using publisher, version, and edition for accurate matching
- Differentiating between patches, service packs, and minor releases
- Handling bundled software and suite products
- Normalising names from different discovery tools
- Automating normalisation using rule sets and AI logic
- Linking normalised data to SWID tags and entitlements
- Maintaining version-to-entitlement mappings
- Auditing normalisation decisions for compliance review
Module 10: Establishing a Software Catalogue - Designing a centralised software catalogue architecture
- Determining ownership and stewardship of entries
- Defining mandatory fields: product name, publisher, category, risk level
- Linking catalogue entries to SWID tags, licences, and policies
- Classifying software by business criticality and security risk
- Managing approved, restricted, and prohibited software lists
- Integrating the catalogue with onboarding and procurement workflows
- Automating catalogue updates based on discovery findings
- Using the catalogue to enforce policy during deployment
- Reporting on catalogue completeness and governance adherence
Module 11: Building a SAM System Architecture - Defining the components of a SAM ecosystem
- Selecting tools: discovery, inventory, reconciliation, reporting
- Integrating SAM tools with ITSM, ERP, and procurement systems
- Ensuring data flow integrity between systems
- Designing role-based access controls for SAM data
- Securing sensitive licensing and compliance data
- Choosing between on-prem, hosted, and SaaS solutions
- Planning for scalability and data volume growth
- Testing integration points with sample workloads
- Documenting architecture for internal and external audit
Module 12: Policy Development and Governance Frameworks - Writing a corporate SAM policy: structure and content
- Establishing compliance expectations across departments
- Defining escalation paths for policy violations
- Linking policies to disciplinary and financial consequences
- Communicating policies to end users and technical teams
- Setting review cycles for policy updates
- Incorporating regulatory requirements into policy design
- Aligning with cybersecurity, data privacy, and licensing laws
- Creating supporting procedures and standards documents
- Training staff on policy awareness and enforcement
Module 13: Stakeholder Engagement and Cross-Functional Alignment - Identifying key stakeholders in SAM: IT, legal, procurement, finance
- Understanding stakeholder motivations and concerns
- Creating value propositions for each department
- Hosting regular SAM governance meetings
- Developing shared success metrics across teams
- Managing resistance through transparency and quick wins
- Using case studies to demonstrate ROI to leadership
- Building trust through consistent reporting and follow-up
- Establishing feedback loops for process improvement
- Running quarterly SAM performance reviews with executives
Module 14: Audit Preparedness and Vendor Interaction - Recognising signs of an impending software audit
- Preparing data packs: inventory, entitlements, reconciliation reports
- Validating data accuracy and completeness before submission
- Responding to vendor questionnaires and audit requests
- Negotiating audit scope and timelines with vendors
- Using ISO 19770 compliance as a defensive strategy
- Presenting SWID tags and entitlement records as evidence
- Calculating true-up exposure and identifying leverage points
- Engaging legal counsel with clear, standardised documentation
- Post-audit review: lessons learned and process improvements
Module 15: Continuous Compliance and Automation - Transitioning from point-in-time to continuous compliance
- Designing automated workflows for discovery and reconciliation
- Scheduling regular data validation routines
- Setting up alerts for licensing breaches and discovery gaps
- Integrating with change and release management processes
- Automatically updating entitlements after purchases
- Handling decommissioned software with removal tracking
- Using APIs to sync data across systems in near real-time
- Reducing manual effort through workflow orchestration
- Maintaining audit-ready status at all times
Module 16: Advanced Topics in Virtualisation and Cloud - Applying ISO 19770 principles in virtual environments
- Tagging software in VMs, containers, and serverless functions
- Managing dynamic workloads with auto-scaling and ephemeral nodes
- Tracking software in Kubernetes, Docker, and OpenShift
- Handling multi-tenant SaaS environments and usage metrics
- Mapping subscriptions to individual business units
- Measuring consumption-based licensing across cloud providers
- Integrating with AWS, Azure, and GCP billing and usage APIs
- Normalising cloud-native software names for reporting
- Applying SWID principles to proprietary cloud services
Module 17: Third-Party and Open Source Software Compliance - Identifying open source software in your environment
- Understanding licensing obligations: MIT, GPL, Apache, etc.
- Using SCANS and SBOMs to track open source usage
- Creating policies for open source approval and use
- Managing dependencies and nested components
- Assessing security risks associated with open source libraries
- Detecting unauthorised or outdated open source components
- Reporting open source usage to legal and compliance teams
- Applying SWID-like tagging to key open source packages
- Integrating with software composition analysis tools
Module 18: SAM Maturity Assessment and Roadmap Creation - Conducting a baseline assessment of current SAM capabilities
- Using the ISO 19770 maturity model to score your organisation
- Identifying immediate improvement areas and long-term goals
- Creating a prioritised implementation roadmap
- Setting milestones and success criteria
- Securing executive sponsorship for next-phase initiatives
- Building business cases around cost avoidance and risk reduction
- Scaling SAM from project to programme to operational function
- Tracking progress against maturity benchmarks
- Reporting maturity improvements to stakeholders annually
Module 19: Case Studies and Real-World Implementations - Global bank implements ISO 19770 to reduce audit findings by 78%
- Healthcare provider avoids $2.3M in licensing penalties
- Tech company standardises on SWID tags across 12 subsidiaries
- Retail chain reconciles 45,000 endpoints in under two weeks
- Government agency achieves 99.4% software inventory accuracy
- Manufacturer automates entitlement management across ERP systems
- University deploys SWID tagging in research computing clusters
- Pharmaceutical firm reduces software spend by 31% in one year
- Logistics company integrates SAM with change management workflows
- Insurance provider creates cloud-based SAM dashboard for auditors
Module 20: Certification Preparation and Next Steps - Reviewing key concepts across all ISO 19770 parts
- Practicing with realistic compliance scenarios and case problems
- Preparing for the final assessment: format and expectations
- Submitting required documentation for Certificate of Completion
- Receiving verification and official certification from The Art of Service
- Adding your certification to LinkedIn and professional profiles
- Accessing alumni resources and community forums
- Exploring advanced certifications in enterprise IT governance
- Using your credential in job applications and performance reviews
- Continuing professional development with updated materials
- Introduction to ISO 19770-3: software entitlement schema
- Differentiating between software identity and usage rights
- Modelling entitlements: licences, subscriptions, tokens, and rights
- Defining relationships between licences and installations
- Using XML schema to express licensing rules and constraints
- Representing bulk licences, floating pools, and concurrent users
- Modelling upgrade paths, downgrade rights, and licence transfers
- Linking entitlements to procurement contracts and purchase orders
- Creating reusable templates for common licensing models
- Automating compliance checks using entitlement-to-installation mapping
Module 6: Building an Entitlement Reconciliation Process - Matching discovered software with entitlement records
- Identifying under-licensed and over-licensed applications
- Using reconciliation reports for vendor negotiations
- Resolving discrepancies: false positives, stale data, virtual usage
- Tracking software transfers and reassignments
- Integrating with procurement systems to auto-update entitlements
- Automating reconciliation using rule-based engines
- Reporting on licence optimisation opportunities
- Handling time-bound licences and trial software
- Documenting reconciliation procedures for auditors
Module 7: ISO 19770-4: Process-Measurement and Conformance - Overview of ISO 19770-4: process metrics and measurement
- Defining KPIs for software discovery, inventory accuracy, and compliance
- Measuring effectiveness of SWID tag adoption across systems
- Tracking reconciliation completeness and timeliness
- Benchmarking SAM performance against industry standards
- Setting thresholds for high-risk software categories
- Creating dashboards for executive reporting
- Using process metrics to justify SAM programme funding
- Establishing continuous improvement cycles in SAM
- Mapping metrics to audit preparedness and risk mitigation
Module 8: Discovery and Inventory Tools Integration - Evaluating discovery tools for ISO 19770 compliance support
- Assessing compatibility with SWID tag parsing and ingestion
- Configuring tools to prioritise software identification accuracy
- Reducing false positives through normalisation rules
- Handling agent-based vs agentless discovery methods
- Integrating discovery data with service desks and CMDBs
- Managing cloud workloads and ephemeral instances
- Validating completeness of discovery across hybrid environments
- Using synthetic transactions to test discovery coverage
- Creating reconciliation reports from raw discovery data
Module 9: Data Normalisation and Software Identification - Challenges in software title consistency across systems
- Building a corporate software dictionary
- Using publisher, version, and edition for accurate matching
- Differentiating between patches, service packs, and minor releases
- Handling bundled software and suite products
- Normalising names from different discovery tools
- Automating normalisation using rule sets and AI logic
- Linking normalised data to SWID tags and entitlements
- Maintaining version-to-entitlement mappings
- Auditing normalisation decisions for compliance review
Module 10: Establishing a Software Catalogue - Designing a centralised software catalogue architecture
- Determining ownership and stewardship of entries
- Defining mandatory fields: product name, publisher, category, risk level
- Linking catalogue entries to SWID tags, licences, and policies
- Classifying software by business criticality and security risk
- Managing approved, restricted, and prohibited software lists
- Integrating the catalogue with onboarding and procurement workflows
- Automating catalogue updates based on discovery findings
- Using the catalogue to enforce policy during deployment
- Reporting on catalogue completeness and governance adherence
Module 11: Building a SAM System Architecture - Defining the components of a SAM ecosystem
- Selecting tools: discovery, inventory, reconciliation, reporting
- Integrating SAM tools with ITSM, ERP, and procurement systems
- Ensuring data flow integrity between systems
- Designing role-based access controls for SAM data
- Securing sensitive licensing and compliance data
- Choosing between on-prem, hosted, and SaaS solutions
- Planning for scalability and data volume growth
- Testing integration points with sample workloads
- Documenting architecture for internal and external audit
Module 12: Policy Development and Governance Frameworks - Writing a corporate SAM policy: structure and content
- Establishing compliance expectations across departments
- Defining escalation paths for policy violations
- Linking policies to disciplinary and financial consequences
- Communicating policies to end users and technical teams
- Setting review cycles for policy updates
- Incorporating regulatory requirements into policy design
- Aligning with cybersecurity, data privacy, and licensing laws
- Creating supporting procedures and standards documents
- Training staff on policy awareness and enforcement
Module 13: Stakeholder Engagement and Cross-Functional Alignment - Identifying key stakeholders in SAM: IT, legal, procurement, finance
- Understanding stakeholder motivations and concerns
- Creating value propositions for each department
- Hosting regular SAM governance meetings
- Developing shared success metrics across teams
- Managing resistance through transparency and quick wins
- Using case studies to demonstrate ROI to leadership
- Building trust through consistent reporting and follow-up
- Establishing feedback loops for process improvement
- Running quarterly SAM performance reviews with executives
Module 14: Audit Preparedness and Vendor Interaction - Recognising signs of an impending software audit
- Preparing data packs: inventory, entitlements, reconciliation reports
- Validating data accuracy and completeness before submission
- Responding to vendor questionnaires and audit requests
- Negotiating audit scope and timelines with vendors
- Using ISO 19770 compliance as a defensive strategy
- Presenting SWID tags and entitlement records as evidence
- Calculating true-up exposure and identifying leverage points
- Engaging legal counsel with clear, standardised documentation
- Post-audit review: lessons learned and process improvements
Module 15: Continuous Compliance and Automation - Transitioning from point-in-time to continuous compliance
- Designing automated workflows for discovery and reconciliation
- Scheduling regular data validation routines
- Setting up alerts for licensing breaches and discovery gaps
- Integrating with change and release management processes
- Automatically updating entitlements after purchases
- Handling decommissioned software with removal tracking
- Using APIs to sync data across systems in near real-time
- Reducing manual effort through workflow orchestration
- Maintaining audit-ready status at all times
Module 16: Advanced Topics in Virtualisation and Cloud - Applying ISO 19770 principles in virtual environments
- Tagging software in VMs, containers, and serverless functions
- Managing dynamic workloads with auto-scaling and ephemeral nodes
- Tracking software in Kubernetes, Docker, and OpenShift
- Handling multi-tenant SaaS environments and usage metrics
- Mapping subscriptions to individual business units
- Measuring consumption-based licensing across cloud providers
- Integrating with AWS, Azure, and GCP billing and usage APIs
- Normalising cloud-native software names for reporting
- Applying SWID principles to proprietary cloud services
Module 17: Third-Party and Open Source Software Compliance - Identifying open source software in your environment
- Understanding licensing obligations: MIT, GPL, Apache, etc.
- Using SCANS and SBOMs to track open source usage
- Creating policies for open source approval and use
- Managing dependencies and nested components
- Assessing security risks associated with open source libraries
- Detecting unauthorised or outdated open source components
- Reporting open source usage to legal and compliance teams
- Applying SWID-like tagging to key open source packages
- Integrating with software composition analysis tools
Module 18: SAM Maturity Assessment and Roadmap Creation - Conducting a baseline assessment of current SAM capabilities
- Using the ISO 19770 maturity model to score your organisation
- Identifying immediate improvement areas and long-term goals
- Creating a prioritised implementation roadmap
- Setting milestones and success criteria
- Securing executive sponsorship for next-phase initiatives
- Building business cases around cost avoidance and risk reduction
- Scaling SAM from project to programme to operational function
- Tracking progress against maturity benchmarks
- Reporting maturity improvements to stakeholders annually
Module 19: Case Studies and Real-World Implementations - Global bank implements ISO 19770 to reduce audit findings by 78%
- Healthcare provider avoids $2.3M in licensing penalties
- Tech company standardises on SWID tags across 12 subsidiaries
- Retail chain reconciles 45,000 endpoints in under two weeks
- Government agency achieves 99.4% software inventory accuracy
- Manufacturer automates entitlement management across ERP systems
- University deploys SWID tagging in research computing clusters
- Pharmaceutical firm reduces software spend by 31% in one year
- Logistics company integrates SAM with change management workflows
- Insurance provider creates cloud-based SAM dashboard for auditors
Module 20: Certification Preparation and Next Steps - Reviewing key concepts across all ISO 19770 parts
- Practicing with realistic compliance scenarios and case problems
- Preparing for the final assessment: format and expectations
- Submitting required documentation for Certificate of Completion
- Receiving verification and official certification from The Art of Service
- Adding your certification to LinkedIn and professional profiles
- Accessing alumni resources and community forums
- Exploring advanced certifications in enterprise IT governance
- Using your credential in job applications and performance reviews
- Continuing professional development with updated materials
- Overview of ISO 19770-4: process metrics and measurement
- Defining KPIs for software discovery, inventory accuracy, and compliance
- Measuring effectiveness of SWID tag adoption across systems
- Tracking reconciliation completeness and timeliness
- Benchmarking SAM performance against industry standards
- Setting thresholds for high-risk software categories
- Creating dashboards for executive reporting
- Using process metrics to justify SAM programme funding
- Establishing continuous improvement cycles in SAM
- Mapping metrics to audit preparedness and risk mitigation
Module 8: Discovery and Inventory Tools Integration - Evaluating discovery tools for ISO 19770 compliance support
- Assessing compatibility with SWID tag parsing and ingestion
- Configuring tools to prioritise software identification accuracy
- Reducing false positives through normalisation rules
- Handling agent-based vs agentless discovery methods
- Integrating discovery data with service desks and CMDBs
- Managing cloud workloads and ephemeral instances
- Validating completeness of discovery across hybrid environments
- Using synthetic transactions to test discovery coverage
- Creating reconciliation reports from raw discovery data
Module 9: Data Normalisation and Software Identification - Challenges in software title consistency across systems
- Building a corporate software dictionary
- Using publisher, version, and edition for accurate matching
- Differentiating between patches, service packs, and minor releases
- Handling bundled software and suite products
- Normalising names from different discovery tools
- Automating normalisation using rule sets and AI logic
- Linking normalised data to SWID tags and entitlements
- Maintaining version-to-entitlement mappings
- Auditing normalisation decisions for compliance review
Module 10: Establishing a Software Catalogue - Designing a centralised software catalogue architecture
- Determining ownership and stewardship of entries
- Defining mandatory fields: product name, publisher, category, risk level
- Linking catalogue entries to SWID tags, licences, and policies
- Classifying software by business criticality and security risk
- Managing approved, restricted, and prohibited software lists
- Integrating the catalogue with onboarding and procurement workflows
- Automating catalogue updates based on discovery findings
- Using the catalogue to enforce policy during deployment
- Reporting on catalogue completeness and governance adherence
Module 11: Building a SAM System Architecture - Defining the components of a SAM ecosystem
- Selecting tools: discovery, inventory, reconciliation, reporting
- Integrating SAM tools with ITSM, ERP, and procurement systems
- Ensuring data flow integrity between systems
- Designing role-based access controls for SAM data
- Securing sensitive licensing and compliance data
- Choosing between on-prem, hosted, and SaaS solutions
- Planning for scalability and data volume growth
- Testing integration points with sample workloads
- Documenting architecture for internal and external audit
Module 12: Policy Development and Governance Frameworks - Writing a corporate SAM policy: structure and content
- Establishing compliance expectations across departments
- Defining escalation paths for policy violations
- Linking policies to disciplinary and financial consequences
- Communicating policies to end users and technical teams
- Setting review cycles for policy updates
- Incorporating regulatory requirements into policy design
- Aligning with cybersecurity, data privacy, and licensing laws
- Creating supporting procedures and standards documents
- Training staff on policy awareness and enforcement
Module 13: Stakeholder Engagement and Cross-Functional Alignment - Identifying key stakeholders in SAM: IT, legal, procurement, finance
- Understanding stakeholder motivations and concerns
- Creating value propositions for each department
- Hosting regular SAM governance meetings
- Developing shared success metrics across teams
- Managing resistance through transparency and quick wins
- Using case studies to demonstrate ROI to leadership
- Building trust through consistent reporting and follow-up
- Establishing feedback loops for process improvement
- Running quarterly SAM performance reviews with executives
Module 14: Audit Preparedness and Vendor Interaction - Recognising signs of an impending software audit
- Preparing data packs: inventory, entitlements, reconciliation reports
- Validating data accuracy and completeness before submission
- Responding to vendor questionnaires and audit requests
- Negotiating audit scope and timelines with vendors
- Using ISO 19770 compliance as a defensive strategy
- Presenting SWID tags and entitlement records as evidence
- Calculating true-up exposure and identifying leverage points
- Engaging legal counsel with clear, standardised documentation
- Post-audit review: lessons learned and process improvements
Module 15: Continuous Compliance and Automation - Transitioning from point-in-time to continuous compliance
- Designing automated workflows for discovery and reconciliation
- Scheduling regular data validation routines
- Setting up alerts for licensing breaches and discovery gaps
- Integrating with change and release management processes
- Automatically updating entitlements after purchases
- Handling decommissioned software with removal tracking
- Using APIs to sync data across systems in near real-time
- Reducing manual effort through workflow orchestration
- Maintaining audit-ready status at all times
Module 16: Advanced Topics in Virtualisation and Cloud - Applying ISO 19770 principles in virtual environments
- Tagging software in VMs, containers, and serverless functions
- Managing dynamic workloads with auto-scaling and ephemeral nodes
- Tracking software in Kubernetes, Docker, and OpenShift
- Handling multi-tenant SaaS environments and usage metrics
- Mapping subscriptions to individual business units
- Measuring consumption-based licensing across cloud providers
- Integrating with AWS, Azure, and GCP billing and usage APIs
- Normalising cloud-native software names for reporting
- Applying SWID principles to proprietary cloud services
Module 17: Third-Party and Open Source Software Compliance - Identifying open source software in your environment
- Understanding licensing obligations: MIT, GPL, Apache, etc.
- Using SCANS and SBOMs to track open source usage
- Creating policies for open source approval and use
- Managing dependencies and nested components
- Assessing security risks associated with open source libraries
- Detecting unauthorised or outdated open source components
- Reporting open source usage to legal and compliance teams
- Applying SWID-like tagging to key open source packages
- Integrating with software composition analysis tools
Module 18: SAM Maturity Assessment and Roadmap Creation - Conducting a baseline assessment of current SAM capabilities
- Using the ISO 19770 maturity model to score your organisation
- Identifying immediate improvement areas and long-term goals
- Creating a prioritised implementation roadmap
- Setting milestones and success criteria
- Securing executive sponsorship for next-phase initiatives
- Building business cases around cost avoidance and risk reduction
- Scaling SAM from project to programme to operational function
- Tracking progress against maturity benchmarks
- Reporting maturity improvements to stakeholders annually
Module 19: Case Studies and Real-World Implementations - Global bank implements ISO 19770 to reduce audit findings by 78%
- Healthcare provider avoids $2.3M in licensing penalties
- Tech company standardises on SWID tags across 12 subsidiaries
- Retail chain reconciles 45,000 endpoints in under two weeks
- Government agency achieves 99.4% software inventory accuracy
- Manufacturer automates entitlement management across ERP systems
- University deploys SWID tagging in research computing clusters
- Pharmaceutical firm reduces software spend by 31% in one year
- Logistics company integrates SAM with change management workflows
- Insurance provider creates cloud-based SAM dashboard for auditors
Module 20: Certification Preparation and Next Steps - Reviewing key concepts across all ISO 19770 parts
- Practicing with realistic compliance scenarios and case problems
- Preparing for the final assessment: format and expectations
- Submitting required documentation for Certificate of Completion
- Receiving verification and official certification from The Art of Service
- Adding your certification to LinkedIn and professional profiles
- Accessing alumni resources and community forums
- Exploring advanced certifications in enterprise IT governance
- Using your credential in job applications and performance reviews
- Continuing professional development with updated materials
- Challenges in software title consistency across systems
- Building a corporate software dictionary
- Using publisher, version, and edition for accurate matching
- Differentiating between patches, service packs, and minor releases
- Handling bundled software and suite products
- Normalising names from different discovery tools
- Automating normalisation using rule sets and AI logic
- Linking normalised data to SWID tags and entitlements
- Maintaining version-to-entitlement mappings
- Auditing normalisation decisions for compliance review
Module 10: Establishing a Software Catalogue - Designing a centralised software catalogue architecture
- Determining ownership and stewardship of entries
- Defining mandatory fields: product name, publisher, category, risk level
- Linking catalogue entries to SWID tags, licences, and policies
- Classifying software by business criticality and security risk
- Managing approved, restricted, and prohibited software lists
- Integrating the catalogue with onboarding and procurement workflows
- Automating catalogue updates based on discovery findings
- Using the catalogue to enforce policy during deployment
- Reporting on catalogue completeness and governance adherence
Module 11: Building a SAM System Architecture - Defining the components of a SAM ecosystem
- Selecting tools: discovery, inventory, reconciliation, reporting
- Integrating SAM tools with ITSM, ERP, and procurement systems
- Ensuring data flow integrity between systems
- Designing role-based access controls for SAM data
- Securing sensitive licensing and compliance data
- Choosing between on-prem, hosted, and SaaS solutions
- Planning for scalability and data volume growth
- Testing integration points with sample workloads
- Documenting architecture for internal and external audit
Module 12: Policy Development and Governance Frameworks - Writing a corporate SAM policy: structure and content
- Establishing compliance expectations across departments
- Defining escalation paths for policy violations
- Linking policies to disciplinary and financial consequences
- Communicating policies to end users and technical teams
- Setting review cycles for policy updates
- Incorporating regulatory requirements into policy design
- Aligning with cybersecurity, data privacy, and licensing laws
- Creating supporting procedures and standards documents
- Training staff on policy awareness and enforcement
Module 13: Stakeholder Engagement and Cross-Functional Alignment - Identifying key stakeholders in SAM: IT, legal, procurement, finance
- Understanding stakeholder motivations and concerns
- Creating value propositions for each department
- Hosting regular SAM governance meetings
- Developing shared success metrics across teams
- Managing resistance through transparency and quick wins
- Using case studies to demonstrate ROI to leadership
- Building trust through consistent reporting and follow-up
- Establishing feedback loops for process improvement
- Running quarterly SAM performance reviews with executives
Module 14: Audit Preparedness and Vendor Interaction - Recognising signs of an impending software audit
- Preparing data packs: inventory, entitlements, reconciliation reports
- Validating data accuracy and completeness before submission
- Responding to vendor questionnaires and audit requests
- Negotiating audit scope and timelines with vendors
- Using ISO 19770 compliance as a defensive strategy
- Presenting SWID tags and entitlement records as evidence
- Calculating true-up exposure and identifying leverage points
- Engaging legal counsel with clear, standardised documentation
- Post-audit review: lessons learned and process improvements
Module 15: Continuous Compliance and Automation - Transitioning from point-in-time to continuous compliance
- Designing automated workflows for discovery and reconciliation
- Scheduling regular data validation routines
- Setting up alerts for licensing breaches and discovery gaps
- Integrating with change and release management processes
- Automatically updating entitlements after purchases
- Handling decommissioned software with removal tracking
- Using APIs to sync data across systems in near real-time
- Reducing manual effort through workflow orchestration
- Maintaining audit-ready status at all times
Module 16: Advanced Topics in Virtualisation and Cloud - Applying ISO 19770 principles in virtual environments
- Tagging software in VMs, containers, and serverless functions
- Managing dynamic workloads with auto-scaling and ephemeral nodes
- Tracking software in Kubernetes, Docker, and OpenShift
- Handling multi-tenant SaaS environments and usage metrics
- Mapping subscriptions to individual business units
- Measuring consumption-based licensing across cloud providers
- Integrating with AWS, Azure, and GCP billing and usage APIs
- Normalising cloud-native software names for reporting
- Applying SWID principles to proprietary cloud services
Module 17: Third-Party and Open Source Software Compliance - Identifying open source software in your environment
- Understanding licensing obligations: MIT, GPL, Apache, etc.
- Using SCANS and SBOMs to track open source usage
- Creating policies for open source approval and use
- Managing dependencies and nested components
- Assessing security risks associated with open source libraries
- Detecting unauthorised or outdated open source components
- Reporting open source usage to legal and compliance teams
- Applying SWID-like tagging to key open source packages
- Integrating with software composition analysis tools
Module 18: SAM Maturity Assessment and Roadmap Creation - Conducting a baseline assessment of current SAM capabilities
- Using the ISO 19770 maturity model to score your organisation
- Identifying immediate improvement areas and long-term goals
- Creating a prioritised implementation roadmap
- Setting milestones and success criteria
- Securing executive sponsorship for next-phase initiatives
- Building business cases around cost avoidance and risk reduction
- Scaling SAM from project to programme to operational function
- Tracking progress against maturity benchmarks
- Reporting maturity improvements to stakeholders annually
Module 19: Case Studies and Real-World Implementations - Global bank implements ISO 19770 to reduce audit findings by 78%
- Healthcare provider avoids $2.3M in licensing penalties
- Tech company standardises on SWID tags across 12 subsidiaries
- Retail chain reconciles 45,000 endpoints in under two weeks
- Government agency achieves 99.4% software inventory accuracy
- Manufacturer automates entitlement management across ERP systems
- University deploys SWID tagging in research computing clusters
- Pharmaceutical firm reduces software spend by 31% in one year
- Logistics company integrates SAM with change management workflows
- Insurance provider creates cloud-based SAM dashboard for auditors
Module 20: Certification Preparation and Next Steps - Reviewing key concepts across all ISO 19770 parts
- Practicing with realistic compliance scenarios and case problems
- Preparing for the final assessment: format and expectations
- Submitting required documentation for Certificate of Completion
- Receiving verification and official certification from The Art of Service
- Adding your certification to LinkedIn and professional profiles
- Accessing alumni resources and community forums
- Exploring advanced certifications in enterprise IT governance
- Using your credential in job applications and performance reviews
- Continuing professional development with updated materials
- Defining the components of a SAM ecosystem
- Selecting tools: discovery, inventory, reconciliation, reporting
- Integrating SAM tools with ITSM, ERP, and procurement systems
- Ensuring data flow integrity between systems
- Designing role-based access controls for SAM data
- Securing sensitive licensing and compliance data
- Choosing between on-prem, hosted, and SaaS solutions
- Planning for scalability and data volume growth
- Testing integration points with sample workloads
- Documenting architecture for internal and external audit
Module 12: Policy Development and Governance Frameworks - Writing a corporate SAM policy: structure and content
- Establishing compliance expectations across departments
- Defining escalation paths for policy violations
- Linking policies to disciplinary and financial consequences
- Communicating policies to end users and technical teams
- Setting review cycles for policy updates
- Incorporating regulatory requirements into policy design
- Aligning with cybersecurity, data privacy, and licensing laws
- Creating supporting procedures and standards documents
- Training staff on policy awareness and enforcement
Module 13: Stakeholder Engagement and Cross-Functional Alignment - Identifying key stakeholders in SAM: IT, legal, procurement, finance
- Understanding stakeholder motivations and concerns
- Creating value propositions for each department
- Hosting regular SAM governance meetings
- Developing shared success metrics across teams
- Managing resistance through transparency and quick wins
- Using case studies to demonstrate ROI to leadership
- Building trust through consistent reporting and follow-up
- Establishing feedback loops for process improvement
- Running quarterly SAM performance reviews with executives
Module 14: Audit Preparedness and Vendor Interaction - Recognising signs of an impending software audit
- Preparing data packs: inventory, entitlements, reconciliation reports
- Validating data accuracy and completeness before submission
- Responding to vendor questionnaires and audit requests
- Negotiating audit scope and timelines with vendors
- Using ISO 19770 compliance as a defensive strategy
- Presenting SWID tags and entitlement records as evidence
- Calculating true-up exposure and identifying leverage points
- Engaging legal counsel with clear, standardised documentation
- Post-audit review: lessons learned and process improvements
Module 15: Continuous Compliance and Automation - Transitioning from point-in-time to continuous compliance
- Designing automated workflows for discovery and reconciliation
- Scheduling regular data validation routines
- Setting up alerts for licensing breaches and discovery gaps
- Integrating with change and release management processes
- Automatically updating entitlements after purchases
- Handling decommissioned software with removal tracking
- Using APIs to sync data across systems in near real-time
- Reducing manual effort through workflow orchestration
- Maintaining audit-ready status at all times
Module 16: Advanced Topics in Virtualisation and Cloud - Applying ISO 19770 principles in virtual environments
- Tagging software in VMs, containers, and serverless functions
- Managing dynamic workloads with auto-scaling and ephemeral nodes
- Tracking software in Kubernetes, Docker, and OpenShift
- Handling multi-tenant SaaS environments and usage metrics
- Mapping subscriptions to individual business units
- Measuring consumption-based licensing across cloud providers
- Integrating with AWS, Azure, and GCP billing and usage APIs
- Normalising cloud-native software names for reporting
- Applying SWID principles to proprietary cloud services
Module 17: Third-Party and Open Source Software Compliance - Identifying open source software in your environment
- Understanding licensing obligations: MIT, GPL, Apache, etc.
- Using SCANS and SBOMs to track open source usage
- Creating policies for open source approval and use
- Managing dependencies and nested components
- Assessing security risks associated with open source libraries
- Detecting unauthorised or outdated open source components
- Reporting open source usage to legal and compliance teams
- Applying SWID-like tagging to key open source packages
- Integrating with software composition analysis tools
Module 18: SAM Maturity Assessment and Roadmap Creation - Conducting a baseline assessment of current SAM capabilities
- Using the ISO 19770 maturity model to score your organisation
- Identifying immediate improvement areas and long-term goals
- Creating a prioritised implementation roadmap
- Setting milestones and success criteria
- Securing executive sponsorship for next-phase initiatives
- Building business cases around cost avoidance and risk reduction
- Scaling SAM from project to programme to operational function
- Tracking progress against maturity benchmarks
- Reporting maturity improvements to stakeholders annually
Module 19: Case Studies and Real-World Implementations - Global bank implements ISO 19770 to reduce audit findings by 78%
- Healthcare provider avoids $2.3M in licensing penalties
- Tech company standardises on SWID tags across 12 subsidiaries
- Retail chain reconciles 45,000 endpoints in under two weeks
- Government agency achieves 99.4% software inventory accuracy
- Manufacturer automates entitlement management across ERP systems
- University deploys SWID tagging in research computing clusters
- Pharmaceutical firm reduces software spend by 31% in one year
- Logistics company integrates SAM with change management workflows
- Insurance provider creates cloud-based SAM dashboard for auditors
Module 20: Certification Preparation and Next Steps - Reviewing key concepts across all ISO 19770 parts
- Practicing with realistic compliance scenarios and case problems
- Preparing for the final assessment: format and expectations
- Submitting required documentation for Certificate of Completion
- Receiving verification and official certification from The Art of Service
- Adding your certification to LinkedIn and professional profiles
- Accessing alumni resources and community forums
- Exploring advanced certifications in enterprise IT governance
- Using your credential in job applications and performance reviews
- Continuing professional development with updated materials
- Identifying key stakeholders in SAM: IT, legal, procurement, finance
- Understanding stakeholder motivations and concerns
- Creating value propositions for each department
- Hosting regular SAM governance meetings
- Developing shared success metrics across teams
- Managing resistance through transparency and quick wins
- Using case studies to demonstrate ROI to leadership
- Building trust through consistent reporting and follow-up
- Establishing feedback loops for process improvement
- Running quarterly SAM performance reviews with executives
Module 14: Audit Preparedness and Vendor Interaction - Recognising signs of an impending software audit
- Preparing data packs: inventory, entitlements, reconciliation reports
- Validating data accuracy and completeness before submission
- Responding to vendor questionnaires and audit requests
- Negotiating audit scope and timelines with vendors
- Using ISO 19770 compliance as a defensive strategy
- Presenting SWID tags and entitlement records as evidence
- Calculating true-up exposure and identifying leverage points
- Engaging legal counsel with clear, standardised documentation
- Post-audit review: lessons learned and process improvements
Module 15: Continuous Compliance and Automation - Transitioning from point-in-time to continuous compliance
- Designing automated workflows for discovery and reconciliation
- Scheduling regular data validation routines
- Setting up alerts for licensing breaches and discovery gaps
- Integrating with change and release management processes
- Automatically updating entitlements after purchases
- Handling decommissioned software with removal tracking
- Using APIs to sync data across systems in near real-time
- Reducing manual effort through workflow orchestration
- Maintaining audit-ready status at all times
Module 16: Advanced Topics in Virtualisation and Cloud - Applying ISO 19770 principles in virtual environments
- Tagging software in VMs, containers, and serverless functions
- Managing dynamic workloads with auto-scaling and ephemeral nodes
- Tracking software in Kubernetes, Docker, and OpenShift
- Handling multi-tenant SaaS environments and usage metrics
- Mapping subscriptions to individual business units
- Measuring consumption-based licensing across cloud providers
- Integrating with AWS, Azure, and GCP billing and usage APIs
- Normalising cloud-native software names for reporting
- Applying SWID principles to proprietary cloud services
Module 17: Third-Party and Open Source Software Compliance - Identifying open source software in your environment
- Understanding licensing obligations: MIT, GPL, Apache, etc.
- Using SCANS and SBOMs to track open source usage
- Creating policies for open source approval and use
- Managing dependencies and nested components
- Assessing security risks associated with open source libraries
- Detecting unauthorised or outdated open source components
- Reporting open source usage to legal and compliance teams
- Applying SWID-like tagging to key open source packages
- Integrating with software composition analysis tools
Module 18: SAM Maturity Assessment and Roadmap Creation - Conducting a baseline assessment of current SAM capabilities
- Using the ISO 19770 maturity model to score your organisation
- Identifying immediate improvement areas and long-term goals
- Creating a prioritised implementation roadmap
- Setting milestones and success criteria
- Securing executive sponsorship for next-phase initiatives
- Building business cases around cost avoidance and risk reduction
- Scaling SAM from project to programme to operational function
- Tracking progress against maturity benchmarks
- Reporting maturity improvements to stakeholders annually
Module 19: Case Studies and Real-World Implementations - Global bank implements ISO 19770 to reduce audit findings by 78%
- Healthcare provider avoids $2.3M in licensing penalties
- Tech company standardises on SWID tags across 12 subsidiaries
- Retail chain reconciles 45,000 endpoints in under two weeks
- Government agency achieves 99.4% software inventory accuracy
- Manufacturer automates entitlement management across ERP systems
- University deploys SWID tagging in research computing clusters
- Pharmaceutical firm reduces software spend by 31% in one year
- Logistics company integrates SAM with change management workflows
- Insurance provider creates cloud-based SAM dashboard for auditors
Module 20: Certification Preparation and Next Steps - Reviewing key concepts across all ISO 19770 parts
- Practicing with realistic compliance scenarios and case problems
- Preparing for the final assessment: format and expectations
- Submitting required documentation for Certificate of Completion
- Receiving verification and official certification from The Art of Service
- Adding your certification to LinkedIn and professional profiles
- Accessing alumni resources and community forums
- Exploring advanced certifications in enterprise IT governance
- Using your credential in job applications and performance reviews
- Continuing professional development with updated materials
- Transitioning from point-in-time to continuous compliance
- Designing automated workflows for discovery and reconciliation
- Scheduling regular data validation routines
- Setting up alerts for licensing breaches and discovery gaps
- Integrating with change and release management processes
- Automatically updating entitlements after purchases
- Handling decommissioned software with removal tracking
- Using APIs to sync data across systems in near real-time
- Reducing manual effort through workflow orchestration
- Maintaining audit-ready status at all times
Module 16: Advanced Topics in Virtualisation and Cloud - Applying ISO 19770 principles in virtual environments
- Tagging software in VMs, containers, and serverless functions
- Managing dynamic workloads with auto-scaling and ephemeral nodes
- Tracking software in Kubernetes, Docker, and OpenShift
- Handling multi-tenant SaaS environments and usage metrics
- Mapping subscriptions to individual business units
- Measuring consumption-based licensing across cloud providers
- Integrating with AWS, Azure, and GCP billing and usage APIs
- Normalising cloud-native software names for reporting
- Applying SWID principles to proprietary cloud services
Module 17: Third-Party and Open Source Software Compliance - Identifying open source software in your environment
- Understanding licensing obligations: MIT, GPL, Apache, etc.
- Using SCANS and SBOMs to track open source usage
- Creating policies for open source approval and use
- Managing dependencies and nested components
- Assessing security risks associated with open source libraries
- Detecting unauthorised or outdated open source components
- Reporting open source usage to legal and compliance teams
- Applying SWID-like tagging to key open source packages
- Integrating with software composition analysis tools
Module 18: SAM Maturity Assessment and Roadmap Creation - Conducting a baseline assessment of current SAM capabilities
- Using the ISO 19770 maturity model to score your organisation
- Identifying immediate improvement areas and long-term goals
- Creating a prioritised implementation roadmap
- Setting milestones and success criteria
- Securing executive sponsorship for next-phase initiatives
- Building business cases around cost avoidance and risk reduction
- Scaling SAM from project to programme to operational function
- Tracking progress against maturity benchmarks
- Reporting maturity improvements to stakeholders annually
Module 19: Case Studies and Real-World Implementations - Global bank implements ISO 19770 to reduce audit findings by 78%
- Healthcare provider avoids $2.3M in licensing penalties
- Tech company standardises on SWID tags across 12 subsidiaries
- Retail chain reconciles 45,000 endpoints in under two weeks
- Government agency achieves 99.4% software inventory accuracy
- Manufacturer automates entitlement management across ERP systems
- University deploys SWID tagging in research computing clusters
- Pharmaceutical firm reduces software spend by 31% in one year
- Logistics company integrates SAM with change management workflows
- Insurance provider creates cloud-based SAM dashboard for auditors
Module 20: Certification Preparation and Next Steps - Reviewing key concepts across all ISO 19770 parts
- Practicing with realistic compliance scenarios and case problems
- Preparing for the final assessment: format and expectations
- Submitting required documentation for Certificate of Completion
- Receiving verification and official certification from The Art of Service
- Adding your certification to LinkedIn and professional profiles
- Accessing alumni resources and community forums
- Exploring advanced certifications in enterprise IT governance
- Using your credential in job applications and performance reviews
- Continuing professional development with updated materials
- Identifying open source software in your environment
- Understanding licensing obligations: MIT, GPL, Apache, etc.
- Using SCANS and SBOMs to track open source usage
- Creating policies for open source approval and use
- Managing dependencies and nested components
- Assessing security risks associated with open source libraries
- Detecting unauthorised or outdated open source components
- Reporting open source usage to legal and compliance teams
- Applying SWID-like tagging to key open source packages
- Integrating with software composition analysis tools
Module 18: SAM Maturity Assessment and Roadmap Creation - Conducting a baseline assessment of current SAM capabilities
- Using the ISO 19770 maturity model to score your organisation
- Identifying immediate improvement areas and long-term goals
- Creating a prioritised implementation roadmap
- Setting milestones and success criteria
- Securing executive sponsorship for next-phase initiatives
- Building business cases around cost avoidance and risk reduction
- Scaling SAM from project to programme to operational function
- Tracking progress against maturity benchmarks
- Reporting maturity improvements to stakeholders annually
Module 19: Case Studies and Real-World Implementations - Global bank implements ISO 19770 to reduce audit findings by 78%
- Healthcare provider avoids $2.3M in licensing penalties
- Tech company standardises on SWID tags across 12 subsidiaries
- Retail chain reconciles 45,000 endpoints in under two weeks
- Government agency achieves 99.4% software inventory accuracy
- Manufacturer automates entitlement management across ERP systems
- University deploys SWID tagging in research computing clusters
- Pharmaceutical firm reduces software spend by 31% in one year
- Logistics company integrates SAM with change management workflows
- Insurance provider creates cloud-based SAM dashboard for auditors
Module 20: Certification Preparation and Next Steps - Reviewing key concepts across all ISO 19770 parts
- Practicing with realistic compliance scenarios and case problems
- Preparing for the final assessment: format and expectations
- Submitting required documentation for Certificate of Completion
- Receiving verification and official certification from The Art of Service
- Adding your certification to LinkedIn and professional profiles
- Accessing alumni resources and community forums
- Exploring advanced certifications in enterprise IT governance
- Using your credential in job applications and performance reviews
- Continuing professional development with updated materials
- Global bank implements ISO 19770 to reduce audit findings by 78%
- Healthcare provider avoids $2.3M in licensing penalties
- Tech company standardises on SWID tags across 12 subsidiaries
- Retail chain reconciles 45,000 endpoints in under two weeks
- Government agency achieves 99.4% software inventory accuracy
- Manufacturer automates entitlement management across ERP systems
- University deploys SWID tagging in research computing clusters
- Pharmaceutical firm reduces software spend by 31% in one year
- Logistics company integrates SAM with change management workflows
- Insurance provider creates cloud-based SAM dashboard for auditors