Software asset lifecycle
Standard
QH-IMP-399-2:2013
1.
Statement
This Standard identifies the processes to be followed when acquiring a software licence including
requesting, purchasing, testing, receipting, registration, installation or de-installation.
2.
Scope
Compliance with this standard is mandatory.
This standard applies to all employees, contractors and consultants within the Department of Health
divisions and commercialised business units.
This standard may be used by Hospital and Health Services (HHS) either as is, by re-branding or as a basis
for a Hospital and Health Service specific standard.
3.
Requirements
3.1
Procedure for software requests
Note: These processes are written on the assumption that all financial and procurement approvals
have been gained as outlined in the Queensland Procurement Policy and the Queensland Health
Procurement Procedures.
Client obtains approval from relevant cost centre manager and forwards request for software to
Service Desk. The Service Desk logs the request. The Service Desk forwards the request to the
Software Licence Manager. The steps below set out the steps to be followed by the relevant parties
to process requests for software.
Step
Actions
Step 1
Client forwards Request for Software to Service Desk. The request must include
appropriate financial and business approvals. Otherwise it will be returned to the
client.
Step 2
The Service Desk logs the request.
Step 3
The Service Desk forwards request to the Software Licence Manager.
Step 4
(Decision)
The Software Licence Manager checks to determine if the requested software is
approved or non-approved. If software is approved, refer Step 7. If software is not
approved, refer to Step 5.
Step 5
(Non
Approved
Software)
The Software Licence Manager checks to determine if alternative software is
available for use. If an appropriate alternative is available, refer Step 6. If no
appropriate alternative is available, refer to Step 10.
Step 6
The Software Licence Manager notifies the Client of an existing alternative. Does
the Client accept the alternative? Yes, refer Step 7. No, refer Step 10
Step 7
The Software Licence Manager checks the Software Asset Register (SAR) for an
available licence If a licence is available, refer Step 8. If a licence is not available,
refer Step 9.
(Approved
Software)
Step 8
The Software Licence Manager assigns the service call to the applicable resolver
group within the HP Open View Service Desk program to initiate the Software
Installation Procedure.
Step
Actions
Step 9
The Software Licence Manager advises the customer that a licence must be
purchased, and advises the customer of the appropriate procurement and pathway
in which to purchase the licence.
Step 10
The Software Licence Manager informs the Client that Technical Approval is
required for the requested software. The Software Licence Manager advises the
Client of the appropriate process in which the software should be sent to be tested
and forwards the service call to the appropriate resolver group within the HP Open
View Service Desk program.
(Alternative
Software
not
accepted testing)
Step 11
(Testing
3.2
fails)
The Software Licence Manager informs the Client that the software is nonapproved and that no alternative software is available and advises on alternative
options.
Step 12
The Software Licence Manager closes the service call.
Procedure for software technical approval
This procedure outlines only the portion of the Technical Approval Procedure that relates directly to
Software Asset Management and does not cover the steps necessary to define the depth or
substance of the testing that is required in order to evaluate whether or not a piece of software will
be compatible and functional with the Standard Operating Environment.
Step
Actions
Step 1
A quote for the process of technical assessment and testing is provided to the
client.
Step 2
Client accepts or rejects quote. If rejected, go to Step 9.
Step 3
The Software Licence Manager acquires a copy of the software and provides this
software to the Technical Testing Officers for the purposes of evaluation and testing
Step 4
Technical Testing Officer determines whether software is secure, safe and suitable
for the Queensland Health environment. This will involve testing for compliance with
the SOE and general robustness and suitability.
Step 5
Software is deemed suitable, refer Step 6
Software is deemed unsuitable, refer Step 7
Step 6
(Suitable
Technical Testing Officer creates and tests a software installation package (e.g.
Microsoft Installation Package MSI) for Standard Operating Environment SOE
interoperability
software)
3.3
Step 8
MSI goes through ICT Change Procedure for release to the Queensland Health
environment.
Step 9
The requests for software and for technical approval are closed.
Step 10
The Software Technical Approval Procedure is now complete.
Procedure for software receipt
Step
Actions
Step 1
When software is delivered to Queensland Health, it is to be forwarded to the
Software Licence Manager immediately.
Software Asset lifecycle Standard
Chief Health Information Officer
ICT Industry Engagement, Contract and Procurement Services
Effective date: 01 July 2015
Printed or saved copies are uncontrolled.
Page 2 of 9
3.4
Step 2
The Software Licence Manager is then responsible for matching the Invoice
attached to the goods, with the original Purchase Order and ensuring that the
software has been procured in the name of ‘The State of Queensland’.
Step 3
The Software Licence Manager is then responsible for goods receipting in
FAMMIS, and forwarding all relevant documentation for payment.
Step 4
The software receipt process is now completed.
Procedure for software licence registration
Step
Actions
Step 1
All software, media and other relevant items relating to software procurement are to
be received from the Vendor by the ICT Purchasing Officer, and forwarded to the
relevant Software Licence Manager.
Step 2
The Software Licence Manager ensures that software is registered in the name of
‘The State of Queensland’ and enters the details of a new software licence into the
SAR. This should include as a minimum:
Software Manufacturer e.g. Microsoft
Product e.g. Visio
Edition e.g. Professional
Version e.g. 2003
Machine Name/Client Name
Licence Number
Cost Centre Code
Purchase Order Number
Date of Purchase
Vendor or Supplier e.g. Data #3
Quantity
Licence Type
Part Number
Maintenance Expiry Date
Authorisation Number (where provided)
Expiry Date
Step 3
The Software Licence Manager catalogues and stores the software and any
physical licence in the Definitive Software Library (DSL).
Step 4
The Software Licence Manager notifies the appropriate resolver group within the
HP Open View Service Desk program that the software is ready for testing or
installation.
Step 5
The Software Registration Procedure is now complete.
Software Asset lifecycle Standard
Chief Health Information Officer
ICT Industry Engagement, Contract and Procurement Services
Effective date: 01 July 2015
Printed or saved copies are uncontrolled.
Page 3 of 9
3.5
3.6
4.
Procedure for software installation
Step
Actions
Step 1
The appropriate resolver group within the HP Open View Service Desk program
receives approval notification to install software
Step 2
The software is booked and logged out from the Definitive Software Library if
required.
The Software Licence Manager updates the Definitive Software Library, with details
of borrower, date and due return date.
Step 3
Software is installed.
Step 4
Software is returned to the Definitive Software Library by the due date and the
Software Licence Manager updates the Definitive Software Library.
If software fails to be returned by the due date, Software Asset Management staff
contact the relevant Technology Officer requesting return and/or grants extension.
Step 5
The Software Installation Process is now complete.
Procedure for software de-installation
Step
Actions
Step 1
A service call is logged for de-installation of software. Software will be de-installed if
Software Asset Management staff have determined or are advised that the software
is:
• under-utilised
• illegal
• installed without authorisation
• not approved
• single client licensed software whose client is moving to another PC
• no longer commercially supported or retired or not currently in active use (an
upgraded version of the same software or different software package with similar
functionality shall be deployed before this can apply)
Step 2
The software is de-installed from the specified workstation.
Step 3
Software Asset Management staff ensure that the Definitive Software Library and
the Software Asset Register are updated accordingly.
Step 4
Software Asset Management staff shall ensure that the software is made available
for re-use if the licence has not expired.
Step 5
The Software De-Installation Procedure is now complete.
Related legislation and documents
Relevant legislation and associated documentation includes, but is not limited to, the following:
Legislation
 Copyright Act 1968 (Cth)
 Financial Accountability Act 2009
 Financial Accountability Regulation 2009
 Financial and Performance Management Standard 2009
Software Asset lifecycle Standard
Chief Health Information Officer
ICT Industry Engagement, Contract and Procurement Services
Effective date: 01 July 2015
Printed or saved copies are uncontrolled.
Page 4 of 9
 Public Records Act 2002
Supporting documents
 Software Asset Management Policy
 Software Asset Management Standard
Related policy or documents
 Queensland Procurement Policy, Department of Housing and Public Works
 Queensland Health Procurement Procedures
 Government Information Technology Conditions (GITC), Queensland Government Chief
Information Office
 Queensland Government Enterprise Architecture (QGEA), Department of Science, Information
Technology, Innovation (DSITI):
ICT Resources Strategic Planning Policy (IS2)
Procurement and Disposal of ICT Products and Services Standard – IS13
Information Security Standard – IS18
Retention and Disposal of Public Records Standard – IS31
Recordkeeping Standard – IS40
Intellectual Property Factsheet
Open Source Software Policy
Software Asset Management Policy
Software Currency Policy
Use of Copyright Materials Guideline
Use of ICT Facilities and Devices Policy (IS38)
 Queensland Health:
Financial Management Practice Manual (QH-POL-267)
Intellectual Property Policy (QH-POL-009)
Procurement Procedures
 Department of Health:
Health Service Directive – Enterprise Architecture (QH-HSD-015)
Health Services Information Agency – Support Services Agreement with Hospital and
Health Services
ICT Planning and Reporting Policy
ICT Release Management Policy (ID00456)
Information Security Policy
Records Management for Administrative and Functional Records
 ISO/IEC 19770-1 Information Technology – Software Assets Management Part 1 (Nov 2009)
 ISO/IEC 19770-2 Information Technology – Software Assets Management Part 2 (Nov 2009)
 Code of Conduct for the Queensland Public Service
 Australian Governments Open Access and Licensing Framework (Ausgoal)
 Information Technology Infrastructure Library (ITIL)
5.
Definitions
Term
Definition
Source
Approved
software
Approved software has undergone extensive testing in order
to determine its suitability, robustness and functional fit within
the agency.
Software Asset lifecycle Standard
Chief Health Information Officer
ICT Industry Engagement, Contract and Procurement Services
Effective date: 01 July 2015
Printed or saved copies are uncontrolled.
Page 5 of 9
Term
Definition
Source
Central
Repository
Electronic repository of application installation files (configured
for the department), used as a source for populating local
repositories around the state with application files installed as
needed, accessed by the software distribution application.
Definitive
Software Library
(DSL)
A Definitive Software Library consists of both a secure
physical store and a logical store to manage and track all
software media within the agency. The physical store is the
secure storage where master copies of approved software
media are stored with copies of other physical assets such as
proof of licence and manuals. Only authorised software media
should be accepted into the DSL.
The logical store is the Software Media Catalogue which
houses the index of software and releases, version detail, and
highlights where the physical media can be located.
Queensland Government
Enterprise Architecture
Software Asset
Management Guideline
Definitive
Software Media
Catalogue
The logical store of the Definitive Software Library that houses
the index of software and releases, version detail, and
highlights where the physical media can be located.
Queensland Government
Enterprise Architecture
Software Asset
Management Guideline
Dormant Licence
A licence allocated to a user where the user is not making use
of the software allocated to them under the licence.
FAMMIS/SAP
Financial and asset management application utilised by
Department of Health.
Freeware
All software is protected by copyright. Freeware usually
applies to software which is distributed or made available free
of charge. While free, there may be terms and conditions
applying in relation to the number of copies that can be made,
passing on to others, etc. For example, it is illegal to distribute
freeware for profit.
Business Software
Alliance, Software
Association of Australia
HP Open View
Service Desk
HP OpenView Service Desk is the Incident Management,
Change Management and Configuration Management
program used by the InfoService Centre to log service calls
(Incidents, Service Requests, Advice Requests, Complaints
and Compliments), and for HP Account holders to log
requests.
HP Open View Service
Desk
Lifecycle
Good business practice requires that assets be appropriately
secured and maintained, used for the purposes intended,
periodically accounted for, assessed to ensure their continued
value to the organisation and properly disposed of. Lifecycle
stages include Plan; Construct/Create/Acquire;
Commission/Organise/Store; Access; Use; Assess; Maintain;
Retire
Queensland Government
Chief Information Office –
ICT and information asset
lifecycle guideline
MSI
Microsoft Windows installation information in a file with a .msi
extension
Non-approved
software
Non-approved software is software that has been retired or
that does not pass technical approval.
Open Source
Open source software is often developed in a public,
collaborative manner. The source code may be included in inhouse developed and third party software, or used in its own
right.
Reseller
Large software publishers often do not sell direct to end user
companies, but instead distribute their wares through
resellers. Resellers purchase software from the publishers on
Software Asset lifecycle Standard
Chief Health Information Officer
ICT Industry Engagement, Contract and Procurement Services
Effective date: 01 July 2015
Printed or saved copies are uncontrolled.
Open Source™
Page 6 of 9
Term
Definition
Source
behalf of the end-user.
Resolver Group
When a service call is logged with the InfoService Centre it is
allocated to one or more resolver groups in the HP OpenView
Service Desk (HPOVSD) system.
Retired Software
Licence
A licence that has been determined to be obsolete, and is no
longer to be maintained or utilised.
Shareware
Shareware is software that is copyright protected. It is
marketed free of charge by the software publisher, usually
through the internet. It usually allows the user to use the
software for a specific period of time. At the conclusion of this
time, the user is required to pay for the licence.
Business Software
Association of Australia
Software
The programs, routines, and symbolic languages that control
the functioning of the hardware and direct its operation.
In the context of this policy, software refers to:
www.thefreedictionary.co
m
•
An original Diskette, CD or DVD containing computer files
which can be either installed or executed.
•
Computer program files residing on any computing device,
which can be executed and operated.
Information Technology
Infrastructure Library
Software Asset
Management
The process responsible for tracking and reporting the use
and ownership of software assets throughout their lifecycle.
Software asset management is part of an overall service asset
and configuration management process.
Software Asset
Management
Staff
The staff who are responsible for software asset management
within the ICT Industry Engagement Contract and
Procurement Services group.
Software Asset
Register (SAR)
A definitive register of software licensing details. The
information collected on the register is used to cost effectively
manage the use of software licenses and manage compliance
with this policy on an ongoing basis.
The Register must comply with the requirements of this policy
and the Queensland Government Enterprise Architecture–
Software Asset Management Policy and Guideline.
Queensland Government
Enterprise Architecture
Software Asset
Management Guideline
Software Audit
Software audit is the investigation of the software installed on
computer networks and devices within an agency with the
purpose of determining what software is installed, whether the
software is appropriately licensed and whether the use of the
software that is installed is being optimised
Queensland Government
Enterprise Architecture
Software Asset
Management Guideline
Software
Licence
Agreement
The licence agreement is a contract between the software
supplier and the user. It sets out the terms, and establishes
limits of usage, for specific software applications. When
software is purchased, the publisher retains the full rights to
the software in addition to the sole rights for further distribution
and reproduction.
Software
Licence
Manager
The Software Licence Manager maintains a software licence
database and manages software licence compliance within the
designated business area(s) in consultation with ICT Industry
Engagement Contract and Procurement Services.
Queensland Government
Enterprise Architecture
Software Asset
Management Guideline
Software
Licence Metering
Metering measures active usage of a software application, so
that usage of available licences can be optimised.
An auditing package with software metering capabilities will
assist an agency in locating software deployed but not
currently being used.
Queensland Government
Enterprise Architecture
Software Asset
Management Guideline
Software Asset lifecycle Standard
Chief Health Information Officer
ICT Industry Engagement, Contract and Procurement Services
Effective date: 01 July 2015
Printed or saved copies are uncontrolled.
Page 7 of 9
Term
Definition
Software
Licence Owner
The State Government of Queensland is responsible for all
Department of Health assets on behalf of the public of
Queensland and, as its representative; the Director-General
assumes ultimate responsibilities for Department of Health
Software Assets.
Software Media
The means by which software is stored is in an electronic
format. It is generally removable from a computer storage
device and includes but is not limited to:
Software Misuse
Source
•
Read-Write CDs and DVDs
•
Data tape cassettes
•
Data Sticks/USB keys
•
Zip Drives
•
External drives.
Includes but not limited to any act that:
•
does not comply with the requirements of the Software
Asset Management Policy or Implementation Standard
•
exposes Department of Health to actual or potential
monetary loss through inappropriate use of software
licences
•
involves the use of software for unauthorised or illicit
purposes, which may include violation of any law,
regulation or reporting requirements of any law
enforcement or Government body.
Software
Product Edition
Defines which feature-set of the product name is purchased
(Standard, Enterprise, Professional, Developer etc.)
Software
Product Release
Date
The date the software vendor officially released their product
for sale to the public.
Spare Licence
A licence that has not been allocated to a user or device.
Third Party
Software
An individual or an organisation outside of the individual
agency that provides labour or services. Third party software
is any software not developed within the Department of
Health.
May also be considered to be any additional software that is
purchased to aid or assist in the functions of the primary
software but is not made by the same manufacturer.
Type of Software
Licence
Licensing model under which the software was purchased
(Retail, OEM, Volume, Enterprise, etc.).
Volume
Licensing
Agreement
Information
Information which includes details on the:
•
Software vendor
•
Volume licensing agreement
•
Agreement / contract number
•
Expiry date
•
Reseller
•
End user licence agreement (EULA)
•
Licence confirmations.
Software Asset lifecycle Standard
Chief Health Information Officer
ICT Industry Engagement, Contract and Procurement Services
Effective date: 01 July 2015
Printed or saved copies are uncontrolled.
Queensland Government
Chief Information Office
Glossary
Queensland Government
Enterprise Architecture
Software Asset
Management Guideline
Page 8 of 9
Version Control
Version
Date
Comments
1.0
10 Dec. 2013
New standard.
1.1
21 May 2015
Transferred information to new template, reviewed by ICT Industry Engagement,
Contract and Procurement Services.
Software Asset lifecycle Standard
Chief Health Information Officer
ICT Industry Engagement, Contract and Procurement Services
Effective date: 01 July 2015
Printed or saved copies are uncontrolled.
Page 9 of 9