Skip to content

Narrow screen resolution Wide screen resolution Auto adjust screen size Increase font size Decrease font size Default font size
You are here:Home arrow News arrow ISO/IEC 19770-2 Standard is Published!
ISO/IEC 19770-2 Standard is Published! PDF Print

After 3 years of significant effort and peer review, the ISO/IEC 19770-2 standard has been published by ISO.  Individuals and organizations can purchase the standard from ISO, ANSI, or your national bodies standards organization. is helping the SAM ecosystem create, certify and deploy software identification tags and all software publishers, or other organizations or individuals that need to deal with software identification or SAM processes should join

Software publishers that publish software identification tags will see a reduction in costs for overall software identification management.  This will be seen in the training, negotiation efforts and if it is required, the auditing phases.  Software publishers will also be able to promote the fact that they understand their customers' needs and frustrations and are working diligently to resolve the problems that are inherent in SAM programs - especially in the software discovery phase.

This standard is the first step in revolutionizing the software asset management market.  As software gets more expensive and hardware costs continue to plummet and software audit findings are rising, software purchasers are realizing that they need to more effectively manage their software assets.  The problem is that SAM programs are expensive to implement.  One of the reasons for the high cost of SAM programs is due to resource costs involved in manually identifying software inventory, or fixing 3rd party identification libraries that have been unverified and untested. 

The 19770-2 standard resolves the issues with software identification.  For publishers that recognize the value proper software identification can bring to their organization as well as to their customers and to the rest of the SAM ecosystem, will provide certification services that ensure all SWID tags conform to the standard, include normalized values for all elements, and are authoritatively signed with a digital signature and timestamp.  These procedures allow end-user organizations, such as the US Government to validate that they are following the procedures recommended by the consensus audit guidelines (CAG).  They also allow all SAM ecosystem members to know exactly what software is installed on the computing devices in their organization.

Next >


Goodwin Proctor has written an article on the 10 steps required to ensure License Compliance.  These steps mirror the processes detailed in ISO specification 19770-1.  Read the article...