Poorly managed software estates are leaving businesses exposed to legal, commercial, operational and reputational risk, with 60% of IT managers believing the situation could lead to compliance problems.

Against that backdrop, the Federation Against Software Theft has called for organisations to reassess their software asset management policies and improve the level of understanding they have of their software licence commitments.

The call follows a study which highlighted a majority of organisations believed that they already had effective SAM practices in place, yet many of them were lacking the necessary tools, resources and skills to meet the demands of standards such as ISO 19770-1 or best practice models such as the Microsoft Software Asset Management Optimisation Model.

The research stems from a 2008 survey of 601 IT executives and buyers of software in the UK sponsored by the Software Industry Research Board (SIRB), an organisation made up of software publishers, resellers and lawyers, and which was founded by FAST in March 2008.

It revealed that the procurement office is responsible for buying software in 70% of organisations, the board accounts for 15%, line of business managers 14% and the IT department itself just 13%. 

Only 48% of general management staff in larger enterprises were found to consider that compliance was a risk to their organisation, compared to 60% of their IT colleagues. But 38% admitted that they had only a basic understanding of their software licences.

In a special report commissioned for the study and published by IDC, the researchers noted several outcomes of poor software and asset management.

It leads to more software licences being purchased than are required, more software being deployed than there are legitimate licences to cover, or licences being held that do not meet business requirements.

Among the danger signals are the lack of a software catalogue, failed patching processes, software being purchased from suppliers not accredited by the software vendor, and software being use that cannot be easily tied to volume licence agreements or reseller relationships.

Businesses are urged to invest in the right tools to manage software assets and ensure that the ultimate responsibility for software asset management is seen to rest with the board, which is where operational, legal, commercial and reputational risk resides.