Managing Multiple Stakeholders – Meeting the Challenges of Implementing Disposal Management

By Cindy Miller

With increased media, shareholder, and customer attention on corporate data breaches and environmental impacts, IT asset retirement is becoming a key service. Many companies are looking to create enterprise-wide standards and manage the process and costs of the disposal process. As with many other aspects of the job, the IT Asset Manager often has the responsibility for the program and yet also has to respond to the needs of multiple stakeholders.

Everyone in your organization would probably agree that there are general goals for a successful IT Asset Disposal program that begin with making it as simple as possible, fitting the program in with the needs of the business. Maintaining absolute data security is a must as well as ensuring full environmental compliance. These goals are balanced against minimizing the cost of disposition.

As an IT Asset Manager your concerns will most likely include the following:

  • Software and operating system license compliance
  • Minimum cost
  • Maximum investment recovery
  • Availability of resources for handling, storing, tracking assets
  • Integration of disposition data into existing asset management systems

Notwithstanding the above, different departments and roles may also have their own requirements. Below are those most often involved in asset retirement – including a few that you may not have considered in the past. We’ve listed their key concerns, and what you can incorporate into your ITAD program in order to address those concerns.

1. Information Security/Risk Management

ITAD concerns:

  • Compliance: HIPPA/HITECH, SOX, PCI, Gramm-Leach, etc.
  • State and federal regulations related to all PII (Personally Identifiable Information)
  • Solid State Drive (SSD) data security at retirement
  • Corporate data security and risk policies

ITAD Program Solutions:

  • Use certified (e.g. NAID AAA) vendors for all information destruction, including hard drives and storage media – also copiers, network printers and PDA’s!
  • On-site data wipe and/or drive destruction
  • Use of certified, professional software for data sanitization
  • Physical destruction methods that meet the current NIST 800-88 government standard (and the older DoD standard)
  • Detailed disposition reporting by serial number
  • E&O insurance that includes a Data Privacy Liability policy rider
2. Facilities Management

ITAD concerns:

  • Adequate space for secure storage
  • Sufficient time, resources, and material for packing
  • Tracking assets, audits

ITAD Program Solutions:

  • Plan the disposition process in order to manage storage space most efficiently – more frequent pickups, less time in storage, boxes, containers, etc.
  • Have the vendor provide packing services
  • Have the vendor perform audits onsite prior to packing or at the processing facility
3. Data Center Operations/Infrastructure

ITAD concerns:

  • Refresh and end-of-life decision-making to ensure maximum value and return on investment (ROI) for capital budget
  • Secure storage capability and space for removed hard drives and/or storage tapes
  • Resource availability for hard drive data destruction
  • Space and handling for decommissioned assets
  • Quality assurance process; ability to audit

ITAD Program Solutions:

  • Obtain current and forecast market values for assets to plan EOL and disposition to maximize investment recovery when possible
  • Hire certified service provider to perform onsite and/or off site data destruction
  • Documented by serial number
  • Option to videotape, in-person view of process
  • Procure secure storage bins/containers for hard drives and tapes
  • Schedule packing and collections to manage storage requirements
4. Supply Chain/Purchasing

ITAD concerns:

  • Ensure vendors meet corporate requirements
  • Minimize cost
  • Simplify

ITAD Program Solutions:

  • Require industry certifications: i.e. e-Stewards, R2/RIOS, NAID AAA
  • Select only services and process that you need to minimize your risks and ensure compliance
  • Maximize ROI
  • Obtain reporting and financial analysis customized to your needs
5. Finance

ITAD concerns:

  • Inventory accuracy by asset, status on books
  • Software and operating system license compliance
  • Minimal cost
  • Maximum investment recovery

ITAD Program Solutions:

  • On-site or off-site serial number capture (electronic) and sign off
  • Full data wiping of any hard drives not destroyed – certified by serial number
  • For PC’s and laptops, ensure OS is removed or new authorized version installed (MS Authorized Refurbisher)
  • Obtain current and forecast market values for assets to plan EOL and disposition for best investment recovery when possible
6. Environmental/Sustainability/Green Team

ITAD concerns:

  • Compliance with all environmental regulations and corporate sustainability goals
  • Obtain report details for corporate environmental/sustainability reporting

ITAD Program Solutions:

  • Require industry certifications: e-Stewards
  • Obtain reporting that includes asset categories, weights
  • Perform analysis of diversion from landfill for recycling and reuse
7. Remote/Smaller Location Onsite Person

This is the person at each location who may not have anything to do with the decision making but is tasked with making sure that ITAD happens at their facility.

ITAD concerns:

  • Ease of requesting a pickup
  • Storage, handling, tracking of assets

ITAD Program Solutions:

  • Ability to use the contact method that’s easiest for them – i.e. each person can choose to use an e-mail address, single phone number, or online request form
  • A customer service contact who knows their company program and can advise them the process
  • Availability of packing and audit services
The Program Approach to IT Asset Disposition

By identifying stakeholders and their concerns, you’re on the road to creating a Next Generation Enterprise ITAD program. This program will clearly define specific roles and procedures for every link in the chain, recognize the differences among the various departments and locations in your organization, and tailor the process to fit stakeholder needs and capabilities.

Performing a detailed assessment is the first step in the process, followed by a gap analysis to look at where your current program is hitting the mark and where you can make improvements. Having completed these tasks, it makes sense to work with an ITAD professional to develop a program that is customized to your organization. This approach makes it as easy as possible for team members to do ITAD right, every time, for every location. This programmatic approach to ITAD will enable your organization to manage costs better and maximize returns through an enterprise-wide service structure from your ITAD vendor.

Including all stakeholders in the development of a program that addresses everyone’s concerns will ultimately make your job easier and enable you to focus on your other IT Asset Management priorities.

About the Author

Cindy Miller is the Managing Director of LifeSpan.