Skip to content
  • There are no suggestions because the search field is empty.

ITAM Maturity Assessment: Expanded Overview

The ITAM Maturity Assessment is designed to help organisations benchmark and improve their software asset management practices. This article provides a detailed breakdown of the assessment domains and example questions, helping clients understand what to expect before participation.

📊 What Is the ITAM Maturity Assessment?

Our ITAM Maturity Assessment evaluates how well your organisation manages IT assets across critical domains. It aligns with industry frameworks (e.g., ISO/IEC 19770) and supports structured improvement through insight-driven results.

There are 116 total questions in the ITAM Maturity Assessment. This article includes 44 sample questions, providing coverage across all major assessment domains.

🧩 Assessment Domains & Sample Questions

1. Strategy & Planning

Assesses the existence and alignment of formal ITAM strategies and operational plans.

  • Do you have a strategic ITAM plan?

  • Is your plan aligned with IT and business objectives?

  • Does your strategy include:

    • Stakeholder engagement

    • KPIs and performance targets

    • Technology roadmap

  • Does your operational plan cover:

    • Lifecycle stages (procurement, deployment, disposal)

    • Continuity planning

 

2. Governance & Sponsorship

Focuses on leadership involvement, sponsorship, and ITAM accountability.

  • Do you have an executive ITAM sponsor?

  • How engaged is the sponsor (passive → accountable)?

  • Does the sponsor:

    • Attend reviews

    • Allocate funding

    • Drive cross-functional alignment

 

3. Policy Management

Evaluates documentation and enforcement of ITAM policies.

  • Do you have a formal ITAM policy?

  • Is the policy:

    • Standalone or embedded in wider governance?

    • Communicated and reviewed regularly?

  • Does it include:

    • Licensing obligations

    • Acceptable use criteria

    • Asset types and ownership

 

4. Scope & Boundaries

Reviews the breadth of the ITAM system across asset types and locations.

  • Is your ITAM scope clearly defined?

  • Does it cover:

    • End-user devices

    • Data centre and cloud infrastructure

    • BYOD and SaaS applications

  • Is it reviewed and updated regularly?

 

5. Risk Management

Assesses ITAM-specific risk identification and mitigation practices.

  • Do you have a risk management framework?

  • Is it aligned with enterprise risk management?

  • Does it address:

    • Software audits

    • Licensing gaps

    • Risk owners and escalation processes

 

6. Competency, Training & Awareness

Looks at the capability and awareness of stakeholders involved in ITAM.

  • Do you have an ITAM training plan?

  • Is training:

    • Role-specific and continuous?

    • Based on frameworks (e.g., SFIA)?

  • Does it cover:

    • Vendor licensing models

    • Induction and refresher training

 

7. Information & Documentation Management

Reviews data governance and documentation controls.

  • Do you maintain an information management plan?

  • Is it:

    • Version-controlled?

    • Linked to audit trails and ownership?

    • Secure and accessible?

 

8. Quality Assurance & Verification

Evaluates process reliability and data validation practices.

  • Do you have a QA framework for ITAM?

  • Do you verify:

    • Inventory accuracy vs. CMDB

    • License entitlements vs. usage

  • Are these checks periodic or continuous?

 

9. Supplier & Contract Management

Focuses on managing vendors, license agreements, and renewals.

  • Do you track software contracts and entitlements?

  • Do you review:

    • Compliance clauses

    • True-up provisions

    • Renewal milestones

 

10. Modern IT Practices (Cloud, BYOD, SaaS)

Examines how modern environments are governed under ITAM.

  • Is there a BYOD management policy?

  • Do you monitor:

    • SaaS consumption

    • Cloud asset deployment

    • Shadow IT exposure?

 

11. Reporting & Continuous Improvement

Assesses how insights are used to drive decisions.

  • Do you report regularly on ITAM performance?

  • Do reports include:

    • Risk and non-compliance summaries

    • Financial optimisation opportunities

  • Are reports used to inform business cases or process improvements?

 

📝 What to Expect from the Assessment

  • Format: Multiple-choice questions with maturity scaling

  • Outcome: Domain-level maturity profile with tailored recommendations

  • Intended Audience: ITAM managers, governance leads, procurement teams, compliance officers