Item - 2015.AU1.17
Tracking Status
- City Council adopted this item on March 31, 2015 without amendments and without debate.
- This item was considered by the Audit Committee on February 27, 2015 and adopted without amendment. It will be considered by City Council on March 31, 2015.
AU1.17 - Software Licenses - Managing the Asset and Related Risks
- Decision Type:
- ACTION
- Status:
- Adopted on Consent
- Wards:
- All
City Council Decision
City Council on March 31, April 1 and 2, 2015, adopted the following:
1. City Council request the Chief Information Officer to ensure there is a software owner identified for all software assets and that activities to ensure compliance with software licensing agreements are performed in accordance with the divisional policy.
2. City Council request the Chief Information Officer to ensure there is adequate coordination between asset purchases and anticipated changes in corporate information technology configurations.
3. City Council request the Chief Information Officer to ensure key contract terms and conditions are summarized and used to facilitate effective contract management.
4. City Council request the Chief Information Officer to take appropriate action to ensure there is no significant further delay in the implementation of all relevant modules of the information technology asset management system.
5. City Council request the Deputy City Manager and Chief Financial Officer to ensure that divisional staff responsible for recording purchases in the financial information system are adequately trained on the appropriate account codes to be used and that procedures include sufficient reviews to provide assurance that correct codes are used.
6. City Council request the Chief Information Officer to develop a formal procedure for the coordination of acquisition of information technology with the City's agencies and corporations. Such procedures should include clearly defined steps to be taken to ensure agencies and corporations are made aware of all significant opportunities.
7. City Council request the Deputy City Manager and Chief Financial Officer to direct City divisions to facilitate, to the maximum extent possible, the automated collection and monitoring of software license related information.
8. City Council request the Chief Information Officer to implement a process to review and validate reasons for restrictions on the use of the data collection tool.
9. City Council request the Chief Information Officer to proceed with the software reconciliation process for those software titles where the software owner has been identified.
10. City Council request the Chief Information Officer to ensure software owners perform annual software reconciliations and report the results to the Information and Technology Division.
11. City Council request the Chief Information Officer to ensure that the inventory of software is completed as soon as possible and that software usage reports be developed and distributed to software owners for their review. Software owners should report back on license usage to the Chief Information Officer so that proper decisions can be made in relation to City software assets.
12. City Council request the Chief Information Officer to develop and implement procedures for the decommissioning and disposal of software assets.
13. City Council request the Chief Information Officer to document policies and procedures for granting and maintaining administrative rights.
14. City Council request the Chief Information Officer to ensure that a comprehensive and functional database of users with administrative rights is established and maintained.
Background Information (Committee)
https://www.toronto.ca/legdocs/mmis/2015/au/bgrd/backgroundfile-76330.pdf
AU1.17 - Software Licenses - Managing the Asset and Related Risks
- Decision Type:
- ACTION
- Status:
- Adopted
- Wards:
- All
Committee Recommendations
The Audit Committee recommends that:
1. City Council request the Chief Information Officer to ensure there is a software owner identified for all software assets and that activities to ensure compliance with software licensing agreements are performed in accordance with the divisional policy.
2. City Council request the Chief Information Officer to ensure there is adequate coordination between asset purchases and anticipated changes in corporate information technology configurations.
3. City Council request the Chief Information Officer to ensure key contract terms and conditions are summarized and used to facilitate effective contract management.
4. City Council request the Chief Information Officer to take appropriate action to ensure there is no significant further delay in the implementation of all relevant modules of the information technology asset management system.
5. City Council request the Deputy City Manager and Chief Financial Officer to ensure that divisional staff responsible for recording purchases in the financial information system are adequately trained on the appropriate account codes to be used and that procedures include sufficient reviews to provide assurance that correct codes are used.
6. City Council request the Chief Information Officer to develop a formal procedure for the coordination of acquisition of information technology with the City's agencies and corporations. Such procedures should include clearly defined steps to be taken to ensure agencies and corporations are made aware of all significant opportunities.
7. City Council request the Deputy City Manager and Chief Financial Officer to direct City divisions to facilitate, to the maximum extent possible, the automated collection and monitoring of software license related information.
8. City Council request the Chief Information Officer to implement a process to review and validate reasons for restrictions on the use of the data collection tool.
9. City Council request the Chief Information Officer to proceed with the software reconciliation process for those software titles where the software owner has been identified.
10. City Council request the Chief Information Officer to ensure software owners perform annual software reconciliations and report the results to the Information and Technology Division.
11. City Council request the Chief Information Officer to ensure that the inventory of software is completed as soon as possible and that software usage reports be developed and distributed to software owners for their review. Software owners should report back on license usage to the Chief Information Officer so that proper decisions can be made in relation to City software assets.
12. City Council request the Chief Information Officer to develop and implement procedures for the decommissioning and disposal of software assets.
13. City Council request the Chief Information Officer to document policies and procedures for granting and maintaining administrative rights.
14. City Council request the Chief Information Officer to ensure that a comprehensive and functional database of users with administrative rights is established and maintained.
Origin
Summary
The Auditor General’s Work Plan included a review of the software asset management process. The objective of the audit was to determine the adequacy of management controls over the use of software licenses and to examine the procedures being used to ensure the City complies with software license agreements.
Software license acquisition and maintenance is a significant investment for the City of Toronto. In 2014, the City spent approximately $14 million on acquisitions and $22 million on maintenance and support of more than 7,200 software titles. The total spent over the past five years was approximately $140 million.
This report contains fourteen recommendations along with management's response to each of the recommendations. The implementation of these recommendations will improve compliance with software licensing agreements and enhance efficiencies over the administration and management of information technology software assets.
Background Information
https://www.toronto.ca/legdocs/mmis/2015/au/bgrd/backgroundfile-76330.pdf