TRM vs SAM restricted/approved software

Kelly_Beyer
Tera Contributor

In our organization today the Enterprise Architecture team approves and restricts software for use in the environment.  They manage the lifecycle of a small percentage of the approved software. In my research it is a little confusing if SAM owns the restricted/approved function or if they just own the software model that has the flag and all software is vetted thru TRM process.  What is best practice process for approving and restricting software in ServiceNow? I think we will need a software model for all approved software and set the flag on the model so when a request comes in you can auto approve if its not restricted software?  Any insight is helpful.

 

3 REPLIES 3

dreinhardt
Tera Sage

Hello @Kelly_Beyer,

great question, it took a few weeks after SAMP was implemented and other streams asking about the models and how to use them 🙂

 

When an approved TRM product is established, comprising details such as Product, Version, and Edition, the certified flag is triggered for the corresponding software model ( cou can also add the TRM related list). Subsequently, the next phase of a TRM project involves creating a unique software model for each product version and edition combination to be managed.

 

Two distinct approaches emerge:

  1. Enable Software Model Auto Creation: This method provides a broad overview of all models to be managed. It involves automatically generating software models, offering a preliminary understanding of the scope of management. Keep in mind, this includes only generic models - based on product/edition level.

  2. Step-by-Step Approach: This approach is based on existing portfolio management or installation data. It entails a more systematic process of creating software models, potentially leveraging existing data to inform decision-making.

When a TRM product is no longer approved or has been retired, the corresponding software model must be updated accordingly. The blacklisted flag is set to true in such cases. This mechanism offers a significant advantage: all installations matching the software model (based on the discovery model) are identified as reclamation candidates. This ensures a proactive approach to managing software assets and mitigating potential risks associated with unapproved or retired products.

 

Looming forward to any other approach or idea. Thanks! Dennis

Should my response prove helpful, please consider marking it as the Accepted Solution/Helpful to assist closing this thread.

Hi @dreinhardt,

 

Is there any automation to check the certified flag in the software model after creating a TRM product with at least one version and lifecycle?

 

I didn't find anything to do this automatically.

Hi @MatheusS6921946,

no it isn't, but based on the product and linked software models you can "dot.walk" and use on a script/business rule to update the certified field.

 

Best, Dennis

 

Should my response prove helpful, please consider marking it as the Accepted Solution/Helpful to assist closing this thread.