Get Instant Access
to This Blueprint

Infrastructure Operations icon

Automate IT Asset Data Collection

Acquire and use discovery tools wisely to populate, update, and validate the data in your ITAM database.

You have a mandate to collect data on IT assets in your environment, but:

  • Existing asset management procedures are manual and time consuming.
  • Existing data is untrustworthy. Manual entry leads to typos, and data entry is often delayed or forgotten.
  • Manual audits by the IT team are time-consuming and disruptive.

Our Advice

Critical Insight

  • If existing IT asset management processes aren’t focused on value, automation will only create useless data faster.
  • It’s difficult to make the case for new tools if existing tools aren’t well used.
  • Understand what data you need before you go to market to buy a tool. Different tools will provide different data, and some data can’t be discovered at all.

Impact and Result

  • Acquire or configure tools that effectively populate, update, and validate the data in your ITAM database.

Automate IT Asset Data Collection Research & Tools

1. Automate IT Asset Data Collection

Understand what discovery tools can and can’t do and identify where they can provide value to your ITAM practice.

2. ITAM Data Dictionary

Identify the hardware and software attributes that must be tracked to answer the questions the ITAM team is expected to answer, the issues related to data discovery today, and the action items to address outstanding data collection issues.

Automate IT Asset Data Collection

Acquire and use discovery tools wisely to populate, update, and validate the data in your ITAM database.

Executive Summary

Your ChallengeCommon ObstaclesInfo-Tech’s Approach
You have a mandate to collect data on IT assets in your environment, but:
  • Existing asset management procedures are manual and time consuming.
  • Existing data is untrustworthy. Manual entry leads to typos, and data entry is often delayed or forgotten.
  • Manual audits by the IT team are time-consuming and disruptive.
You want to implement automation to streamline asset data collection, but:
  • Existing processes aren’t focused on value, so automation will only create useless data faster.
  • It’s difficult to make the case for new tools, in part because existing tools aren’t well used.
  • Some assets will be difficult to discover (e.g. not network connected, or on a secure subnet).
  • Some data can’t be pulled from the asset itself and may require manual data entry or integrations.
  • Fix your ITAM processes first. New tools won’t automatically fix process problems.
  • Identify the questions the ITAM practice must answer, and what data you need to collect to provide those answers.
  • Evaluate the tools you already have, what they do today, where they could be better used, and where they fall short.
  • Identify the missing capabilities you need to build or buy to collect appropriate data for analysis.

Info-Tech Insight
Focus your automation efforts by understanding what data you need before you go to market to buy a tool. Different tools will provide different data, and some data can’t be discovered at all.

Track asset data

Good asset data is foundational to strong IT operations and enhances the value of IT to the business

  • Track and repurpose unused equipment and software licenses rather than buying new.
  • Ensure you remain within the number of software installs permitted in your contracts to avoid costly and disruptive software audits. Provide detailed data required to calculate complex licensing requirements.
  • List hardware due for replacement in the next year to support planning and budgeting. Identify deprecated software that must be retired in the near future.
  • Improve your negotiating position with vendors with a better view of what you own and what you use.
  • Flag devices that could present a security risk (e.g. active but unassigned, unpatched, in the wrong location, etc.)
  • Support incident management with an enriched understanding of the assets involved in an incident (e.g. user, model, warranty, related support contracts, etc.)
  • Provide insight into the complete IT environment to other teams to inform strategic technology decisions, including the office of the CIO, procurement, enterprise architecture, IT security, applications, and infrastructure.
  • Meet regulatory and audit requirements to have a comprehensive inventory of IT assets.
  • And more…

Automate asset tracking to address tough ITAM challenges

  • Discovery tools are a necessary (though not sufficient) condition for creating a comprehensive and accurate view of IT assets.
  • It’s critical not only to have a discovery tool, but the right tool, implemented the right way, to realize the value you expect to receive.
  • Some tools will provide insight into use of installed software or use of particular features. Identifying a lack of use provides an opportunity to investigate whether the license could be repurposed or downgraded.
  • Find vendors that view tracking new technologies as part of their product roadmap and can partner with you to define and develop new ways to track your evolving technology landscape.
  • There’s no substitute for an experienced and capable asset management team, but relieving the team of repetitive, manual work can help address process bottlenecks and quality issues. Manual processes require regular training and typically require constant monitoring for data quality and process adherence issues.

What are your challenges with SAM? 1

Chart: What are your challenges with SAM?

Not all data is “discoverable”

Machine-generated data is just the tip of the iceberg

  • Your computers can’t tell you everything.
  • While machine-generated data is indispensable, you won’t be able to answer some of the critical questions the ITAM team is asked with it alone.
  • Use the insights and the process outlined in this research to identify:
    • What “other” data you need to capture.
    • How it’s being collected, and where it’s being collected today.
    • Opportunities to modernize data collection (e.g. via integrations with other systems).

Combination of machine and human generated data

Start by getting your ITAM processes in order. Then,

Use insights from process improvement exercises to identify the questions you need data to answer.

How do you gather needed data today? What are your current tools’ strengths and weaknesses?

Review features of discovery tools. Identify capabilities required beyond discovery tools.

Acquire and/or configure tools and integrations. Audit your data for accuracy.

00 Identify a working group

30 minutes

Identify a group of participants who can fill the following roles and inform the discussions in this research. A single person could fill multiple roles, and some roles could be filled by multiple people.

The core working group will consist of the facilitator, asset manager, and ITAM team.

Project SponsorAccountable for business outcomes of the ITAM practice. Provides strategic direction and organizational alignment.Jake Long
Lead FacilitatorSchedules and facilitates working sessions. Ensures activity outputs are completed.Eve Maldonado
Asset Manager(s)SME for the ITAM practice. Oversees ITAM tools, processes, and staff. Responsible for building a roadmap to mature ITAM capabilities in line with organizational goals.Eve Maldonado
ITAM teamHands-on ITAM professionals. Provide input on tactical challenges and opportunities.Bruce Wayne, Clark Kent
ITAM tool expertsTechnical SMEs for tools that currently used to track assets. This might include dedicated ITSM or ITAM software, but also discovery tools, endpoint management tools, homegrown spreadsheets and more.Clark Kent, Elphereth Bondy
ITAM data consumersCurrent or potential consumers of ITAM data, who can speak to what they could achieve with better data. Data consumers could be inside or outside IT. Some examples of ITAM data consumers: CISO, enterprise architects, Service Desk Manager, Applications Manager, Procurement, Accounting, Compliance, Facilities, business managers.Marcelina Hardy, Edmund Broughton, Jane Hardy, Effie Schmidt, Goran Bregovic, Reza Mirzaou
  • Organizational context
  • A working understanding of the activities and outcomes in this research
  • A list of participants in your working group for this project
  • Typically, start with the sponsor and asset manager and have them identify the other members of the working group.

Develop and refine ITAM processes first

Automating a bad process will give you a bad process, faster.

  • Review existing processes to confirm how ITAM should be deployed in your organization to meet business requirements.
  • You can then find a tool that helps you streamline a working but manual process.
  • A process review should answer these questions:
    • What’s the scope of the asset program? What do we track, and not track?
    • How do we procure, receive, deploy, manage, retire, and dispose of assets?
    • How do we track purchase records, invoices, and contracts?
    • When do we need to update asset records during their lifecycle to ensure asset data remains current and accurate?
    • Where do we currently store asset records?
    • Who is responsible for updating asset records?
    • Where are there opportunities for automation?

Implement Hardware Asset Management
Develop foundational hardware asset management practices to procure, deploy, manage, harvest, refresh, and dispose of hardware.

Implement Software Asset Management
Develop foundational software asset management practices to manage licenses, deploy and harvest software, and prepare for vendor audits.

Develop an IT Asset Management Strategy
Define a coherent, sustainable, and business-aligned approach to ITAM.

01 Identify the questions ITAM is expected to answer

30-60 minutes per session

To understand what data you need to collect, start by listing the questions that ITAM needs to answer.

Most ITAM practices provide data stakeholders across the organization (e.g. IT, Finance, Procurement) and at different levels of management (e.g. technicians, business managers). Consider running this exercise multiple times with different stakeholder groups.

  1. To break the ice in a brainstorming exercise, it’s useful to provide participants with examples of what you’re looking for. You will find lists of example questions on the next slide. Meet with just the ITAM team to review and refine the list of example questions.
  2. Schedule and run brainstorming sessions to “identify questions the ITAM team could help you answer.” Review the list of example questions to kickstart the conversation. Record the questions as you go in simple, unambiguous language. Ask follow-up questions if you’re unclear what a particular term might mean. Don’t discount any questions as out of scope at this point.
    • Many questions will require data that’s not typically collected by a discovery tool.
    • Set the expectation that you may not be able to deliver answers to all questions and that you’ll need to investigate further to confirm if, how, and when you’ll have the data to answer those questions.
  3. Repeat the exercise, and consolidate and refine the growing list of questions until you have a reasonable working list.
  • Organizational context and priorities
  • A list of questions that ITAM is expected to answer
  • Facilitator, Asset Manager, Sponsor
  • ITAM team
  • ITAM data consumers

01 Example: Questions ITAM is expected to answer

Portfolio Management:

  • How many different end-user device types do we manage across the organization? How many laptop models?
  • How many devices are deployed by department?
  • What cloud-based software has been purchased by the company outside of standard IT procurement processes (e.g. via company credit card)?
  • How many users in a department are using a particular software title?
  • How many different software titles do we have in a particular category (e.g. CRM)?
  • How many license entitlements do we have? Are we over- or under-licensed?

Lifecycle Management:

  • How many devices will be refreshed this year or next year? How many by department?
  • How much needs to be budgeted for the refresh? How much by department?
  • What software will reach end-of-support next year?
  • How many licenses for this software do we own?

Cost and Financial Management:

  • What’s our annual spend on software and hardware? By department?
  • What’s the total cost of assets associated with a particular application?
  • What costs have we avoided by re-using existing equipment and licenses?
  • What is the location and operating status of IT capital assets?


  • Are any devices or software out of compliance with our current standards?
  • Which devices have not been connected to the network for the last x number of days?
  • What is the current status of devices that are authorized to access highly sensitive systems or data?
  • What equipment has been lost or stolen in the last year? What action have we taken to retrieve the equipment and secure company data?

IT Support:

  • Who is assigned this piece of equipment? Who last logged into it?
  • What hardware and software is assigned to a particular user?
  • What’s the average time between request and purchase for software?
  • What warranties cover this piece of equipment? What support do we have for this software?
  • How many deployments of have there been in the last x days?
  • How many laptop deployments took longer than the service level objective?
  • How many devices or licenses of a particular type do we have in stock?

What Else?

02 What data do you need to collect?

3-4 hours

With the list of questions in hand, let’s identify the data fields (or attributes) you need to track in order to answer the questions you’ve identified.

  1. Download a copy of Info-Tech’s ITAM Data Dictionary tool. The tables in this tool are intended to provide a summary view of the data that you’ll collect and report on through the ITAM program and describe how data will be collected. The tool has three tabs:
    • Hardware Attributes: Lists key hardware attributes and how data is collected and stored in the asset record.
    • Software Attributes: Lists key software attributes and how data is collected and stored in the asset record.
    • Outstanding Issues: Consolidates the issues identified on the other two tabs. Identify specific steps you could take to address those issues. This tab is optional.
  2. Start by updating the hardware and software attributes tab.
  3. Cross reference the list of attributes with the list questions from the previous exercise. Can you answer the questions in the list with the attributes identified in the tool? Add to the list of attributes as needed.
  4. Consolidate issues and ideas on the final tab. This tab provides a summary view of data collection problems and how you could go about addressing them.
  • Questions the ITAM practice is expected to answer
  • Knowledge of existing data-collection practices
  • A view of how hardware and software data is collected today
  • Asset manager
  • Other members of the ITAM team or SMEs as required

Download the ITAM Data Dictionary Tool

03 Evaluate your current tools

30-60 minutes

With context from the previous exercises, identify the strengths and weaknesses of the tools you currently use for IT asset management. Use a whiteboard to recreate the table below, or update the table directly below. Document your tools in use, their purpose, their constraints, and any opportunities you could leverage.

If possible, involve tool experts/owners in this discussion, otherwise validate your assumptions with them after the fact.

Assets SpreadsheetCurrently used for hardware tracking.Extremely manual.
Data quality is likely poor, concurrent editing is not possible.
  • We’re ready to move on from this spreadsheet. Identify if key fields and functionality could be moved into a new tool.
IT Asset Manager
ERPContains finance tags and tracks purchases.Only contains minimal data and tracks only capital assets.
  • Consider integrations with a possible new ITAM tool.
Scanning ToolProvides information about devices on the corporate network.Doesn’t keep a record of devices no longer on the network.
Can’t update the asset spreadsheet.
  • Consider integrations with new ITAM tool.
  • Get ITAM access for infrastructure tracking?
IT Infrastructure
  • Knowledge of existing tools that support ITAM activities
  • A list of existing tools, their constraints, and possible opportunities
  • Asset Manager
  • ITAM team
  • ITAM tool experts

Review common discovery tool capabilities

What machine-generated data do you need a tool to capture?

Not all tools will collect the following information in enough detail to meet your needs.

Assess which of the following features are most important to you:

Integrations: At a minimum, the tool must populate your ITAM database. Consider whether discovery data needs to be fed directly into other systems, including ITSM, monitoring, or security systems.

Device types & operating systems: Different tools will capture different data based on the operating system of the device being scanned. Most tools will scan common device types and Windows (though to different levels of detail), but you may need specialized tools to gather the data you require on mainframes, Macs, smartphones, IoT devices, manufacturing equipment, medical devices, and more.

Application-specific data: Complex enterprise software agreements, such as SAP, Oracle, and SQL Server require detailed and specific information about the software and the infrastructure on which the software runs. Navigating renewals can be a challenge without a discovery tool that is designed to collect data as required to manage these software licenses.

Application use: When was this software last used? For how long? Which modules? This data can be a starting point for investigating which licenses can be discarded or reallocated.

“ITAM’s not just laptops. It’s SaaS, it’s cloud compute, it’s serverless, it’s containers, and more.”

Jason Goldberg
Solution Architect

Review common discovery tool capabilities (continued)

SaaS management and discovery: In many organizations, SaaS is the default option for new software purchases – both through officially approved IT channels as well as unofficially through one-off expensed purchases by business units themselves. Ask prospective discovery vendors how they collect data on SaaS subscriptions that have been approved by IT, and those that haven’t.

Public cloud IaaS and PaaS environments: Discovery tools provide different levels of detail on different cloud platforms, or on specific services within a given platform. Confirm tools can discover the services you use most in your environment.

Virtualization platforms: Confirm tools can capture information both about the hypervisors themselves and the VMs running on those hypervisors.

Secure environments: Consider how you’ll collect data on environments that are highly controlled, on secure and separate subnets, or fully air gapped from the rest of your environment. Some tools offer a “collector” function that lives in a secure subnet and sends data out of that subnet via HTTPS.

Historical data: Do you need to know logins past 30 days or every software title ever installed on a machine? Will archives live primarily in the discovery tool or your asset database?

Dependency mapping: Do you need to identify dependencies between IT assets? What types of associations do you need to discover or build (e.g. hosting or data flow relationships)? Between what types of assets? Dependency mapping is more associated with configuration management than asset, so confirm whether this data can be tracked in your ITAM database or whether it needs to be tracked somewhere else.

Viable tools emerged from different disciplines*

Vendors have added discovery features in ways that build on their original strengths. There can be value in leveraging one of these tools to populate your ITAM database if they’re already available to you, and can be reliably integrated with your ITAM database. Examples provided are simply examples rather than recommendations.

ITAMStand-alone ITAM tools often include discovery capabilities. Control over the discovery tool helps ensure the right data is well-integrated with the ITAM database.
Examples: Sassafras KeySight, USU Software Asset Management, Snow Asset Discovery and Inventory.
IT Service ManagementMany core ITSM tools include discovery capabilities to feed asset, configuration, or endpoint management modules in the solution.
Examples: Ivanti Neurons, ManageEngine AssetExplorer, ServiceNow Discovery.
Endpoint ManagementFor many organizations, an endpoint management tool is the first discovery tool they’ll use. Tools will collect some level of data on the endpoints they manage.
Examples: MECM, Mosyle, Tanium.
Infra & OpsMonitoring, alerting, and configuration management tools for infrastructure will typically provide deeper insight into networks, servers, and storage.
Examples: Device42, SolarWinds, PRTG, Datadog.
Information SecurityThe infosec space has produced its own entrants into the discovery tool market. Asset management may be the main use case, or a secondary feature in vulnerability scanning or endpoint security tools.
Examples: Qualys, Nessus, Axonius.

*There is, naturally, overlap across all of these categories, and many of the example solutions compete in more than one category.

Weigh the pros and cons of agentless tools

Agentless discovery: A central process will run scans to identify devices on your corporate network, available data about those devices, installed software, and more.

  • No need to install or update a discovery agent.
  • Can detect devices that can’t have agents installed on them (e.g. routers and switches).
  • Will pick up devices that aren’t centrally managed by IT (e.g. devices on the guest network) which can help you spot anomalies and potential threats.
  • Good agentless tools run scans using multiple protocols (e.g. WMI, SNMP, DNS, etc.) and rationalize duplicates found in different scans.
  • Typically have access to less data than agent-based tools.
  • Data can be “noisier” – tool will pick up everything it sees on the network, not all of which may be of interest to you.
  • Can’t find corporate devices not connected to the corporate network.
  • If scans are run too frequently, scanning can cause network congestion. If scans are run infrequently, your data will become stale.
  • Some scanning tools can trigger anti-malware sensors, requiring exceptions from the network team to allow scanning.

Info-Tech Insight
A combination of agent and agent-less solutions are often required to collect required data.

Weigh the pros and cons of agent-based tools

Agent-based discovery: A small program, or agent, is installed on all endpoints. The agent will run periodically on the machine, gather data, and send data to a central server.

  • Agent-based solutions will often gather or have access to detailed data that can’t be accessed or collected by agentless tools. For example, more detailed software usage data typically requires an agent.
  • Agents will continue to collect and store data on the endpoint if the network connection is interrupted and push it to the central server when the connection is restored to minimize gaps in your data set.
  • Some agents are architected to only send data that has changed since their last report, minimizing network resource consumption and bandwidth usage at the endpoint.
  • You can be more confident that devices found by agentless tools are devices you care about.
  • It may not be possible to install agents on all OSes (e.g. MacOS, AIX) or device types (e.g. routers, switches, IoT devices) due to technical constraints or security restrictions.
  • Installing the agent on deployed endpoints can be challenging, slowing the roll-out of functionality (e.g. because a remote user must be connected to a VPN to install the agent).
  • Agents must be patched and updated over time. Updates can fail, possibly causing the agent to malfunction until the issue is noticed and fixed.
  • Agents can consume computer resources to the extent they cause performance issues on older or less powerful machines, particularly when running alongside other background processes (e.g. malware scans or software updates).

Identify data that discovery tools can’t capture

Some of the data you require can’t be captured by discovery tools. Identify what data you need to import from other sources and how you’ll bring that data into the ITAM tool.

Example Use Case, Create a Software Compliance Report

Explore your options to gather undiscoverable data

B2B (business-to-business) integrations from vendors and publishers.

  • Hardware makers, software publishers, and value-added resellers may offer data on your purchases in a format you can ingest into your ITAM database. This is sometimes offered free but may incur an additional fee or come as part of an additional service such as tagging or imaging equipment for you.
  • Data could be provided in different ways. Some vendors may maintain an API your ITAM database can query directly for information. Other vendors may provide a CSV document, either sent after each purchase or available on-demand from a purchasing portal.
  • Types of data: Hardware specs and serials, warranty terms and dates, license entitlements, PO & invoice number, price, support agreements.

System integrations within your own environment.

  • Asset data can be enriched by data entered in other business systems. Identify integrations between the ITAM database and other systems.
  • Types of data: user and organization data from AD; ticket, catalog and configuration data from the ITSM system; contracts in a contract management system; cost and purchase data in an ERP or accounting system.

Libraries of software signatures and licensing rules.

  • Discovered software data is often messy. Understanding which discovered software corresponds to which title and how many licenses you need requires licensing rules and software signature recognition that can be complex. When purchasing an ITAM tool, confirm whether this functionality exists for your most important software contracts, how often rules are updated, and whether any special contract terms for your organization can be written into the rules.

Info-Tech Insight
If you need data quickly, resellers are often better to approach with ad hoc requests about the licenses you own than software publishers. While your reseller does have an incentive to sell more, which they could do if you’re out of compliance, they also have more to lose from a frustrated customer than a publisher does. It’s typically easier to move to a new reseller than it is to switch software.

A good reseller should see a request for asset data as an opportunity to add value by helping you better understand your software estate. A publisher might see the same request as an opportunity for an audit.

Manage expectations for discovery tools

Prepare for the following challenges:

1Gaps: No tool will gather all the data you need. Different tools gather more or richer data on certain operating systems, software titles, types of hardware, or cloud environments. And if the discovery tool can’t access the system in the first place (e.g. because of security restrictions) you won’t have data. Understand likely gaps and consider alternative methods to gather required data.
2Noise: Agentless tools may report on everything in the network rather than just tracked assets. Multiple builds or patch levels may register as different software. Discovery may pick up “ghost” installs if software isn’t properly uninstalled. Run a proof of concept on prospective tools to assess the “noisiness” of the data you’ll receiving for your environment, and explore options to filter out noise.
3Misunderstandings: Due to the above gaps and noise, don’t expect the data to stand on its own. Rather than initially providing read access to the ITAM database, make ITAM the point of contact for asset data initially, so you have an opportunity to provide context to your data consumers.
4Shared responsibilities: You will need to work with infrastructure and application SMEs to fix scanning or integration issues that arise (e.g. due to patches or system changes). If you’re scanning hosted environments, you’ll have to work with your managed service provider to ensure your discovery tool can access hosted systems. You may need to clarify who is responsible for addressing issues if access is broken or blocked in the future. Clearly establish roles and responsibilities up-front.
5Unpleasant surprises: Running discovery the first time may turn up problems that must be dealt with quickly. Knowing is better than not knowing, but be ready to take action to investigate unauthorized or outdated assets that pose a significant risk.

The bottom line: Embrace the fact that discovery data will likely never be perfect. Manage expectations up front, audit data on a regular basis, and investigate and address data issues as they arise.

04 Identify missing capabilities

1-2 hours

Based on the previous discussions, and the slides above outlining what discovery tools can and can’t do, identify any capabilities you think the ITAM practice must develop in order to deliver expected value. Think about capabilities as things your organization has to be good at - and can get better at (e.g. through practice, continuous improvement, new techniques or technologies.)

Some examples are provided below to help you get started. Frame these capabilities in non-technical language.

Don’t pigeon-hole your thinking to just the types of capabilities that discovery tools can provide for the moment.

  1. Brainstorm missing capabilities as a group. What do we need to do, that we can’t do today? Use the list of example capabilities on the next page as a starting point, if needed.
  2. Identify which of these capabilities could be supported with better discovery features.
  3. Ask your tool experts – can you deliver these discovery features with the tools currently available to you?
  4. If reconfiguring existing tools is an option, list specific action items are required to reach your target state. Identify who’s assigned to those action items, the effort required, and whether you’ll be able to deliver that functionality in the short- medium-, or long-term.
  5. Take this information offline, and decide: do you need a new tool? If you do, use Info-Tech’s Rapid Application Selection Framework (RASF) to guide the software selection process.
  • An understanding of current capability gaps.
  • Needed capabilities, including functional capabilities for a discovery tool
  • Facilitator.
  • Asset manager.
  • ITAM team.
  • ITAM tool experts.

04 Example capabilities

We need to be able to:

  • Compare license entitlements to software allocations.
  • Create a list of unused Microsoft products to support reallocation and renewals.
  • Identify the location, business owner, and user for every laptop and desktop reaching end of life each year.
  • Connect deployed equipment to their original purchase order.
  • Offer licensing consulting services for new development projects.
  • Identify likely spend for devices requiring refresh by business unit.
  • Identify unauthorized devices on the corporate network.
  • List corporate equipment that’s been missing from the corporate network for more than 60 days.
  • Provide a list of a user’s assigned software and hardware to technicians working on their ticket.
  • Maintain a comprehensive list of all switches, routers, and access points in the corporate network, including age, warranty end date, and links to any support agreements.

What Else?

Accelerate the tool selection process

The Rapid Application Selection Framework (RASF) is a comprehensive, fast-moving approach to help you select the right software for your organization.

Accelerate the tool selection process

Review Info-Tech’s Rapid Application Selection Framework today, and book a call with our analyst team to guide you through the process.

Audit ITAM data

With tools in place, trust, but verify.

Compare Tool RecordsIT-led AuditUser-led audit
Audit your data by comparing records in the ITAM system to other discovery sources.
  • Ideally, use three separate data sources (e.g. ITAM database, discovery tool, security tool). Use a common field, such as the host name, to compare across fields.1
  • Run reports to compare records and identify discrepancies. This could include assets missing from one system or metadata differences such as different users or installed software.
  • Over time, discrepancies between tools should be well understood and accepted; otherwise, they should be addressed and remediated.
Conduct a hands-on investigation led by ITAM staff and IT technicians.
  • In-person audits require significant effort and resources. Each audit should be scoped and planned ahead of time to focus on known problem areas.
  • Provide the audit team with exact instructions on what needs to be verified and recorded. Depending on the experience and attention to detail of the audit team, you may need to conduct spot checks to ensure you’re catching any issues in the audit process itself.
  • Automation should be used wherever possible (e.g. through barcodes, scanners, and tables for quick access to ITAM records).
Have users validate the IT assets assigned to them.
  • Even more than IT-led audits, don’t use this approach too frequently. Keep the scope as narrow as possible and the process as simple as possible.
  • Ensure users have all the information and tools they’ll need readily available to complete this task, or the result will be ineffective and will only frustrate your users.
  • Consider a process integrated with your ITSM tool: once a year, when a user logs in to the portal, they will be asked to enter the asset code for their laptop (and provided with instructions on where to find that code). Investigate discrepancies between assignments and ITAM records.

1To learn more about discovery tool analysis, see Jeremy Boerger’s book, Rethinking IT Asset Management.

05 Outline an approach to internal data audits

1-2 hours

Review the three internal data audit approaches outlined on the previous slide, and identify which of the three approaches you’ll use. For each approach, complete the fields in the table below.

Audit approachHow often?What scope?Who’s involved?Comments
Compare tool recordsMonthlyCompare ITAM DB, Intune/ConfigMgr, and Vulnerability Scanner Data; focus on end-user devices to start.Asset manager will lead at first.
Work with tool admins to pull data and generate reports.
IT-led auditAnnualEnd-user devices at a subset of locations.Asset manager will work with ITSM admins to generate reports. In-person audit to be conducted by local techs.
User-led auditAnnualAssigned personal devices (start with a pilot group)Asset coordinator to develop procedure with ITSM admin. Run pilot with power users first.
  • An understanding of current data audit capabilities and needs
  • An outline of your approach to data audits, including frequency, scope, required resources
  • Facilitator
  • Asset manager
  • ITAM team

Research Contributors and Experts

Jason Schackai
Training and Communications Manager
Sassafras Software

Yama Habibzai
Chief Marketing Officer
Device 42

Olaf Diehl
Director of Product Management

Julian Devlon
Sassafras Software

Jason Goldberg
Solution Architect and Director
Device 42

Julien Roemers
Sales Engineer

Related Info-Tech Research

Implement Hardware Asset Management
Develop foundational hardware asset management practices to procure, deploy, manage, harvest, refresh, and dispose of hardware.

Implement Software Asset Management
Develop foundational software asset management practices to manage licenses, deploy and harvest software, and prepare for vendor audits.

Develop an IT Asset Management Strategy
Define a coherent, sustainable, and business-aligned approach to ITAM.


Balbix. “What is asset inventory management?” Balbix Blog. ND. Web. 31 Jan 2023.

Boerger, Jeremy. Rethinking IT Asset Management. Business Expert Press, 2021.

Butcher, Michael. “The False Promise of Discovery Tools – Part 1.” Blazent, 28 Sep 2022. Web. 31 Jan 2023.

Clinton, Nancy. “IT procurement and ITAM: A blossoming relationship in asset management that you can’t afford to ignore,” Spend Matters. 15 Apr 2021. Web. 31 Jan 2023.

Cognixia. “Effective IT asset management with ITIL 4,” Cognixia Blog. 13 Sep 2022. Web. 31 Jan 2023.

McCall, Alice. “A guide to tracking IT equipment,” Setyl Blog. 22 Feb 2022. Web. 31 Jan 2023.

Flexera. “Flexera State of ITAM Report 2022.” October 2022. Web. 31 Jan 2023.

Kula, Emma. “Why procurement must work with IT and software asset management.” Vector Networks Blog, ND. Web.

Thompson, Martin. “Which software publishers are currently auditing? Survey results part 2/3,” ITAM Review. 6 Jan 2021. Web. 31 Jan 2023.

Ulyanov, Oleg. “Microsoft SQL Server Licensing for On-Premises VMware vSphere Implementations – Part One.” Vmware Blog, 14 July 2020. Web. 31 Jan 2023.

Palo Alto Networks. “What is IT asset inventory?” Palo Alto Cyberpedia. Web. 31 Jan 2023.

Automate IT Asset Data Collection preview picture

About Info-Tech

Info-Tech Research Group is the world’s fastest-growing information technology research and advisory company, proudly serving over 30,000 IT professionals.

We produce unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. We partner closely with IT teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.

What Is a Blueprint?

A blueprint is designed to be a roadmap, containing a methodology and the tools and templates you need to solve your IT problems.

Each blueprint can be accompanied by a Guided Implementation that provides you access to our world-class analysts to help you get through the project.

Talk to an Analyst

Our analyst calls are focused on helping our members use the research we produce, and our experts will guide you to successful project completion.

Book an Analyst Call on This Topic

You can start as early as tomorrow morning. Our analysts will explain the process during your first call.

Get Advice From a Subject Matter Expert

Each call will focus on explaining the material and helping you to plan your project, interpret and analyze the results of each project step, and set the direction for your next project step.

Unlock Sample Research


Andrew Sharp


  • Jason Schackai and Julian Devlin, Sassafras Software
  • Yama Habibzai and Jason Goldberg, Device42
  • Olaf Diehl and Julien Roemers, USU AG
Visit our IT Cost Optimization Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019