The starting point is recognizing that traditional ITAM tools and taxonomies (rooted in static, on-premises models) are ill-equipped for a world of dynamic, cloud-based services and AI workloads. Our survey reveals that fewer than 40% of organizations have fully adapted their ITAM processes to support today’s hybrid environments. In this chapter, we explore the foundational shifts required to track, classify, and govern transient assets, elastic usage patterns, and AI development stacks. This includes updating data models, redefining ownership roles, and integrating ITAM with cloud-native and DevOps tooling. In a world where assets are no longer physical or persistent, building these foundations is the critical first step. 

Software-as-a-Service (SaaS) is a defining feature of modern IT, but remains a blind spot for many ITAM teams. Our survey highlights the governance challenges posed by partially decentralized SaaS management: shadow IT, weak compliance controls, fragmented vendor relationships, and poor visibility into consumption. While some organizations are experimenting with quick fixes (like end-user training or bulk licensing) these are rarely enough. Key #2 urges organizations to modernize their SaaS governance playbooks. This includes expanding the ITAM–FinOps alliance, implementing real-time SaaS management tools, and embedding structured workflows for procurement and compliance. Without this shift, the cost and risk of SaaS sprawl will only grow.

In the wake of growing regulatory scrutiny and escalating cyber threats, ITAM is emerging as an enabler of operational resilience and compliance. Yet only 29% of organizations formally include ITAM in their cybersecurity strategy. This chapter shows how deeper integration between ITAM, and security functions can improve threat response, data traceability, and regulatory assurance. We also highlight how ITAM is playing a bigger role in resilience planning, particularly under frameworks like DORA, NIS2, and the Canadian OSFI B-13. Perhaps most notably, our findings reveal a troubling lack of preparedness around open-source software risk. Forward-looking organizations are now embedding ITAM into their broader cyber and compliance fabric, not just to meet requirements but to lead with confidence.

Manual or partially automated ITAM processes cannot keep up with the scale, speed, and complexity of today’s IT estates. This key explores how AI, Gen AI, and intelligent automation are being used to transform ITAM from a reactive function to a predictive, insight-driven capability. Our survey identifies clear value areas for automation from license management to optimization, but also uncovers barriers around data quality, unclear ROI, and skills gaps. The message is clear: automation is not a plug-and-play fix. To succeed, it must be grounded in clean data, embedded in strategic workflows, and supported by cross-functional alignment. Organizations that get this right are beginning to reap the benefits e.g., cutting costs, accelerating decisions, and strengthening governance.

The final key takes a step back and asks a bigger question: what is the purpose of ITAM in today’s world? Increasingly, the answer lies in its ability to support environmental, social, and governance (ESG) outcomes. Nearly half of survey respondents now say their ITAM strategies directly support sustainability, while two-thirds report alignment with broader enterprise goals. In this chapter, we examine how organizations are using ITAM to extend asset life, reduce e-waste, improve license reuse, and embed asset data into ESG reporting. Technology with purpose is not just a theme but is becoming a strategic mandate. ITAM, with its data, reach, and governance footprint, has a central role to play.