Mima

What is Software Asset Management (SAM)?

A practical definition of SAM for IT, procurement, and compliance teams. What it covers, why it matters, and how modern SAM differs from legacy spreadsheet tracking.

Mima Intelligence · 18 July 2026 · 4 min read

Software Asset Management in one sentence

Software Asset Management (SAM) is the practice of knowing exactly what software your organisation owns, where it is installed, who is using it, and whether you are compliant with every vendor’s licensing terms.

That sounds simple. In practice, it is the single most expensive visibility gap in enterprise IT.

Why SAM exists

Every commercial software vendor sells usage rights, not software. When you buy 500 Microsoft 365 E5 seats, you are buying the right for 500 named users to run a specific set of applications under a specific set of conditions. The moment user 501 signs in — or user 12 installs a feature outside the E5 entitlement — you are technically non-compliant.

Vendors know this. Their audit programmes are designed to find exactly these gaps and convert them into back-billing claims. Oracle’s License Management Services (LMS), SAP’s License Audit and Workplace (LAW), and IBM’s License Metric Tool (ILMT) all exist to discover usage that exceeds what you have paid for.

SAM exists to give you the same visibility the auditor has — before they arrive.

What SAM actually covers

A mature SAM programme covers five operational areas:

AreaWhat it means in practice
DiscoveryKnowing every piece of software installed across every device, server, and cloud tenant in your estate.
Entitlement managementMaintaining a single source of truth for what you have purchased — contracts, SKUs, renewal dates, and licensing metrics.
ReconciliationComparing what is installed against what is entitled, per vendor methodology. This is where compliance gaps surface.
OptimisationIdentifying waste — dormant licenses, duplicate subscriptions, over-provisioned tiers — and reclaiming spend.
Audit defenseProducing verifiable, vendor-methodology-aligned evidence packs that can withstand scrutiny from an external auditor.

Most organisations have partial coverage of the first two. Very few have a defensible reconciliation. Almost none have automated audit defense.

The problem with legacy SAM

Traditional SAM tools — Flexera, Snow Software, ServiceNow SAM Pro — were designed for a world where software lived on desktops and servers. They rely on heavyweight agents, manual data imports, and analyst-driven reconciliation.

This model breaks in three ways:

  1. SaaS is invisible to agents. A desktop agent cannot see a browser tab running an AI coding tool or an OAuth-connected third-party app.
  2. Reconciliation is manual. An analyst must map discovered installations to contract entitlements by hand, vendor by vendor. This takes weeks per audit.
  3. Evidence is not portable. A dashboard is not an audit defense. Auditors require methodology-specific evidence packs — not screenshots of a SAM tool.

What modern SAM looks like

Modern SAM platforms combine agentless discovery (API-based, identity-linked, network-aware) with automated reconciliation that runs continuously — not quarterly, not annually, but nightly.

The output is not a dashboard. The output is a defensible position: a vendor-methodology-aligned evidence pack that can be handed directly to an auditor, with every finding traceable to a source.

This is the approach Mima takes. Every vendor’s methodology runs against your estate overnight. The brief arrives at 06:45. You walk into the meeting ahead.

Who needs SAM

Any organisation with more than 500 employees and a diverse software estate is exposed. The most common triggers for investing in SAM:

Further reading

Last reviewed on July 14, 2026 by Mima Intelligence

See your position before the auditor does.

Mima runs the auditor's methodology against your estate continuously — for every vendor, with every finding grounded in a citable source.

See how Mima works →