Taxonomy and Classification of IT Assets

One of the most useful ways in which to improve asset and policy management of IT assets is to classify them based on a well organized schema or taxonomy. When this is done, the benefits include:

• Since similar classes of assets tend to have similar structures and behaviors, accurate predictions can be made about the behavior, characteristics and the life cycle of assets.
• Asset planning is simplified.
  
• Policies can be defined and shared for assets which reside in the same category. Policy administration, monitoring and enforcement is therefore simpler and more efficient
• Skills and resources can be shared if asset similarities are recognized. Training can be optimized as necessary.
• Transparency and visibility of IT assets can be achieved. Accounting, security, governance and risk management are simplified
• Designers (and system vendors) can discover and understand the policies that apply to the selection, purchase, modification and creation of assets
• Impact and dependency analysis is easier to carry out
  
• Increased asset interoperability is possible, leading to lower integration costs
• Assets can be rationalized. Asset utilization can be increased, since asset sharing is more likely

A taxonomy provides a vocabulary for the classification scheme, a relationship schema between categories, and a membership test for assets. A taxonomy is a good one, if:

• Categories are organized and related in intuitive and natural ways.
  
• Names, conventions and rules are simple and consistent.
• Barriers to use are low.
  
• Errors in classification are difficult to make. Membership rules are clear and easy to understand.
• There are significant policy differences that apply to an asset because of the difference in classification.

There are several common errors when taxonomies are created. These include:

• Categories exist with no significant differences between the categories. Membership rules do not lead to important differences in behavior or properties. For example, the color of a computer has no impact on its behavior.
  
• Categories exist which have no policy differences. This leads to policy duplication and inconsistency. This is the same problem as the first point.
  
• Failure to recognize significant differences between assets. For example whales were classified as fish for a long time before this was corrected.
• Membership rules in a category are ambiguous or incomplete.
• Incomplete schemas. Some assets cannot be assigned to a category.

No taxonomy is perfect, but if there are many problems with a taxonomy, then policy definition and enforcement become difficult. If enough policy exceptions and workarounds occur, then policy usually falls by the wayside, and decisions are made on a local adhoc basis, rather than using a managed, disciplined and standardized process.