What is the difference between ITAM and ITSM?
IT Asset Management (ITAM) and IT Service Management (ITSM) are often used together, and their tooling frequently overlaps, but they answer different questions. ITAM tracks what you own. ITSM runs the services those assets support.
Most enterprises need both. Mature IT operations usually have ITAM feeding the asset records that ITSM uses to deliver services — with the CMDB (Configuration Management Database) sitting at the intersection of both disciplines.
Quick answer
ITAM is the discipline and tooling for managing the full lifecycle of every IT asset — hardware, software, SaaS, cloud. Its aim is visibility, cost control, and risk reduction across the asset register.
ITSM is the discipline and tooling for delivering IT services — incident management, change management, service requests, problem management. Its aim is keeping services running and resolving user issues efficiently.
ITAM answers "what do we have, where is it, what is its state?" ITSM answers "what is currently happening to our services, and who needs help?" They share data through the CMDB but address fundamentally different operational questions.
Side-by-side differences
Dimension | ITAM | ITSM |
|---|
Dimension | ITAM | ITSM |
|---|---|---|
Primary question | What assets do we have, where, and what is their state? | What is happening to our services, and how do we fix/change/deliver them? |
Scope | Hardware, software, SaaS, cloud, licences, entitlements | Service operations — incidents, changes, problems, requests, knowledge |
Data model centre | Asset register and entitlement database | Ticket queue, service catalogue, CMDB |
Standards framework | ISO/IEC 19770 (ITAM) | ITIL 4 (service management practices) |
Primary stakeholders | Procurement, finance, IT architecture, compliance | Service desk, operations, business service owners |
Typical tools | Certero, Flexera, Snow, Lansweeper, ServiceNow SAM/HAM | ServiceNow, Atlassian Jira Service Management, Zendesk, TopDesk, ManageEngine |
Primary KPIs | Asset register accuracy, licence compliance position, total cost of ownership | Mean time to resolve (MTTR), service availability, first-call resolution, SLA adherence |
Feeds into | Financial reporting, audit defence, renewal planning | User experience, service uptime, business continuity |
Where they overlap — the CMDB
The Configuration Management Database (CMDB) is where ITAM and ITSM meet. The CMDB is the authoritative record of configuration items (CIs) — the services, applications, servers, and relationships that keep IT running.
Good ITAM feeds good ITSM by populating the CMDB with accurate asset data. Without it, incidents get routed to the wrong team, changes collide with assets that should not be touched, and service-dependency maps are unreliable.
Where ITAM and ITSM are operated in silos — ITAM maintaining its own asset register, ITSM running its own CMDB with different data — the classic symptoms appear:
Service desk tickets against devices that ITAM records say were retired last year.
Software installs triggering incidents because the ITAM licence position is out of date.
Change windows impacting assets ITSM did not know existed.
Mature operations feed ITAM discovery directly into the ITSM CMDB, with reconciliation between the two.
Where they differ
Asset versus service
ITAM treats a laptop as an asset: bought, deployed, depreciated, retired. It cares about the serial number, the warranty, the licences it holds, and the user assigned.
ITSM treats the same laptop as part of a service: it supports a user who raises incidents, requests changes, and has an SLA. It cares about the ticket history, the service it supports, and the downstream dependencies if the laptop fails.
Both perspectives are valid — they are different projections of the same physical reality.
Lifecycle focus
ITAM focuses on the asset lifecycle: procurement, deployment, operation, retirement, disposal. The milestones are purchase events, warranty expirations, licence renewals, and end-of-life.
ITSM focuses on the service lifecycle: strategy, design, transition, operation, continual improvement (ITIL 4). The milestones are service launches, change windows, incident patterns, and improvement reviews.
Financial frame
ITAM is essentially a financial discipline — controlling what you spend on assets and proving you are in compliance with what you have bought.
ITSM is essentially an operational discipline — controlling how services behave and how fast you respond when they break.
Tooling category
ITAM tools are optimised for inventory accuracy, licence metering, entitlement management, and compliance reporting. Their strength is depth of asset knowledge.
ITSM tools are optimised for workflow, ticketing, knowledge management, and automation. Their strength is throughput — handling large volumes of requests and incidents efficiently.
Modern platforms blur the line. ServiceNow, for example, has both ITSM and SAM Pro/ITAM capabilities on one platform. Jira Service Management has asset-management add-ons. But the underlying disciplines remain distinct, and organisations still need to decide which tool is the system of record for asset data (often different from the system of record for service data).
Can I do ITSM without ITAM?
Technically yes, but badly. ITSM without ITAM means:
Incidents are raised against CI records that may be stale or missing.
Changes are planned without a reliable picture of what they affect.
Service-dependency maps have gaps that only surface during outages.
Licence and cost questions go unanswered because the ITSM tool was never designed to track them.
Most organisations discover this when their service desk fields questions that ITSM cannot answer: "which of our laptops is out of warranty?", "how many users have the Salesforce Enterprise tier?", "what are we actually paying for Microsoft 365 seats no one uses?" Those are ITAM questions, and ITSM tools answer them poorly.
Can I do ITAM without ITSM?
Also technically yes. Small organisations sometimes run ITAM (often focused on software licensing) without a formal ITSM practice, relying on email and ad-hoc workflows for service delivery.
This breaks down once an organisation grows past roughly 500 employees or 100 IT services. The coordination cost of email-based incident handling, informal change control, and tribal-knowledge service delivery becomes unsustainable — and that is when ITSM tooling starts paying for itself.
The CMDB question
Who owns the CMDB is the perennial ITAM/ITSM fault line. Three common patterns:
ITSM tool is the CMDB. ServiceNow or similar platforms provide a CMDB, and ITAM data is imported into it via connector or discovery. ITSM owns the record; ITAM is a contributor.
ITAM tool is the authoritative inventory; CMDB is a view. ITAM systems discover and reconcile asset data; the ITSM CMDB subscribes to that data as its source of truth. ITAM owns the record; ITSM consumes.
Federated model. Multiple authoritative sources feed a logical CMDB, with reconciliation and data quality rules on top. Most common in very large enterprises.
The right pattern depends on data-quality priorities. If inventory accuracy is critical (audit-heavy estates, complex licensing), ITAM-authoritative wins. If service speed dominates (retail, consumer-facing digital), ITSM-authoritative often wins.
When to use which tooling
You prioritise ITAM tooling if:
Your biggest risk is a vendor audit or compliance failure.
You manage expensive enterprise agreements (Microsoft, Oracle, SAP, IBM).
You have significant software spend and need usage-based rationalisation.
You are consolidating after M&A and need to untangle overlapping entitlements.
CMDB accuracy is constantly undermined by bad asset data.
You prioritise ITSM tooling if:
Your service desk is drowning in tickets.
Change and incident volumes are growing faster than the team.
You need formalised SLAs and service reporting for business stakeholders.
You are adopting ITIL 4 practices and need the tooling to support them.
Digital employee experience matters more than cost optimisation.
You need both mature if:
You are a regulated enterprise with both audit exposure and service-quality obligations.
Your CMDB is critical to both compliance reporting and service delivery.
You are trying to eliminate the silo between finance (asset cost) and operations (service quality).
How Certero fits with ITSM platforms
Certero is an ITAM specialist. CerteroX ITAM, CerteroX SAM, and CerteroX Datacenter Management maintain the authoritative asset register, entitlement database, and licence position — feeding that data into whichever ITSM/CMDB platform an organisation has already invested in.
Typical deployment patterns:
Certero + ServiceNow. Certero discovers, normalises, and meters; ServiceNow consumes that data into its CMDB and uses it for incident routing, change impact analysis, and service modelling. This pattern is common because ServiceNow's native asset and SAM capabilities are strong on workflow but often need deeper discovery and entitlement data to cover complex estates.
Certero + Jira Service Management. Certero provides the asset and licence backbone; JSM handles service requests, incidents, and change approval.
Certero + ManageEngine / TopDesk / BMC / Ivanti. Same pattern — Certero as the ITAM system of record, ITSM tool handles service operations.
The Certero product family includes:
CerteroX ITAM — hardware asset management, device lifecycle, software metering, CMDB integration, mobile device inventory, discovery across Windows, macOS, Linux, and Unix.
CerteroX SAM — entitlement management, Effective Licence Position, reclamation, publisher modules for Microsoft, Oracle (Oracle Certified Partner), IBM, SAP.
CerteroX Datacenter Management — server, virtualisation, and datacenter-specific licensing for Oracle, IBM, SAP workloads.
CerteroX SaaS Management — three-method SaaS discovery (browser + IdP + 200+ deep connectors) across a 35,000+ application catalogue.
CerteroX Cloud Management — FinOps Certified Platform covering AWS, Azure, Google Cloud, Oracle Cloud, and Kubernetes.
Gartner Peer Insights recognises Certero as a four-time Customers' Choice for Software Asset Management, with a 97 percent "would recommend" rating.
Frequently asked questions
Is ITAM just a part of ITSM?
No — ITAM predates ITSM as a distinct discipline and has its own standards framework (ISO/IEC 19770). Some ITSM platforms offer ITAM modules, but that reflects tooling convergence, not a disciplinary hierarchy. Many organisations run best-of-breed ITAM alongside an ITSM platform.
Does ITIL cover ITAM?
ITIL 4 acknowledges ITAM as a practice but describes it at a high level. The detailed ITAM process framework is ISO/IEC 19770-1, which complements rather than duplicates ITIL. Service Asset and Configuration Management (SACM), an ITIL practice, is where the two frameworks most obviously intersect.
Can ServiceNow replace my ITAM tool?
ServiceNow's SAM Pro and HAM Pro products cover much of the ITAM surface. Whether they replace a dedicated ITAM tool depends on depth: for estates dominated by common SaaS and straightforward licensing, ServiceNow's native capability is often sufficient. For estates with complex Oracle, IBM, SAP, or datacenter-virtualisation licensing, a specialist ITAM tool alongside ServiceNow typically delivers deeper entitlement accuracy and audit-defence coverage.
What about the CMDB — should it live in the ITAM tool or the ITSM tool?
See the "CMDB question" section above. The short answer: it depends on whether inventory accuracy or service speed matters more for your organisation. Most enterprises end up with ITAM as the authoritative inventory and ITSM holding the CMDB view, with reconciliation between them.
How does DEX (Digital Employee Experience) fit in?
DEX is a newer layer — using endpoint telemetry, sentiment surveys, and productivity signals to measure how IT actually feels to employees. It complements both ITAM (which has some of the device-level data DEX needs) and ITSM (which is where DEX insights drive action, e.g. ticket patterns correlated with slow devices).
Where does security fit?
Security crosses both. Vulnerability management and patching need ITAM data (what assets exist, what is installed). Incident response and SOC workflows often live in ITSM (or dedicated SIEM/SOAR tooling). Modern security programmes integrate all three.
Is AI governance going to need its own category?
Increasingly yes. AI Management — covering AI models, AI features inside SaaS, and the consumption-based costs those generate — is emerging as a distinct discipline alongside ITAM, SAM, SaaS Management, ITSM, and Cloud Management, aligned with frameworks like the EU AI Act, NIST AI RMF, and ISO/IEC 42001.
Related articles
v1 — 2026-04-21 — New article created for query "What is the difference between ITAM and ITSM?" (Q2 from question-mining). Completes the comparison-query trio (SAM-vs-ITAM, SAM-vs-SaaS, ITAM-vs-ITSM). Positions Certero alongside ITSM platforms (ServiceNow, JSM, etc) rather than competing — aligned with real-world enterprise deployment patterns.