A simple and effective way of controlling a large proportion of external IT expenditure is to have an approved product list. Approved products can be hardware, software, services and/or consumables. A specific approved product policy states the exact piece of equipment, software version or type of consumable a user can buy.
A generic approved product policy comprises a general technical specification where no brand or model is mandated. For example, a generic policy might state that all laser printers must have a minimum resolution of 600dpi, print at a speed of not less than 16 pages per minute and be Postscript compatible.
To run an approved product policy, an organisation must have a procedure for vetting hardware, software, services and/or consumables. All such products must be evaluated and approved by IT management and be in line with the departmental strategy.
Items such as standalone laptops or local printers may require approval, but need not involve the IT department. At the next level are purchases that are designated as "controlled".
Controlled items are those that meet the organisation's technical requirements, but because of possible knock-on cost or enterprise level implications, must be cleared in advance by IT management. There may, for example, be licence fee or network issues or other implications.
Approved suppliers should have appropriate technical expertise, reliability, responsiveness and a good reputation.
Make or break issues in IT management, edited by Dan Remenyi and Ann Brown, is part of the Computer Weekly Professional Series. To order call 01865-888180