IT Asset Management Software: 2026 Pillar Guide

Citation capsule

• "The IT Asset Management market reached USD 2.22B in 2026 and is projected to hit USD 3.01B by 2031 (CAGR 6.28%)" (Source: Mordor Intelligence, 2026)
• "ISO/IEC 19770-1:2017 defines four core ITAM processes — inventory, deployment, operations, retirement" (Source: ISO, 2017)
• "CSRD ESRS E1 requires Scope 3 disclosure for ~50,000 EU companies, with first reports filed 2025 on FY2024 data, broadening to all large companies by 2026" (Source: EU Directive 2022/2464)

What is IT asset management software

IT asset management (ITAM) software is the system of record for every hardware and software asset in an organization. It tracks where each device is, who uses it, what software runs on it, when its warranty expires, and what it cost. Modern ITAM extends to license entitlements, energy use, and end-of-life disposition.

The discipline sits between three other categories: a CMDB (configuration relationships), an MDM (mobile device control), and an RMM (remote monitoring for MSPs). ITAM is the financial and lifecycle layer — the one that answers what do we own, what is it worth, and when must it move?

The international reference is ISO/IEC 19770-1:2017, which formalizes four core processes: inventory (identification and documentation), deployment (acquisition tracking), operations (day-to-day management), and retirement (end-of-life and data sanitization). Any ITAM tool that fails to ship measurable capabilities for all four processes is incomplete.

Why ITAM matters now: the 2026 numbers

Three forces pushed ITAM out of the spreadsheet zone over the last 24 months:

1. SaaS waste. The Flexera 2024 State of ITAM Report puts SaaS waste at 30% of spend. On a $5M SaaS budget, that is $1.5M routed to unused seats, duplicated tools, and forgotten subscriptions (Source: Flexera, 2024).
2. CSRD ESRS E1. Roughly 50,000 EU companies now need audited Scope 3 hardware emissions. Assurance reviewers are downgrading spend-based estimates to "high uncertainty" — measurement is the new floor.
3. Endpoint sprawl. A 500-employee org runs 1.4 to 1.8 devices per employee once you count secondary laptops, kiosks, conference-room kit, and contractors. Without ITAM, 18% of the fleet goes uncounted each quarter.

In 2026, ITAM becomes a board-level conversation — not an IT-ops one.

Who needs ITAM software in 2026

Three buyer profiles dominate the market:

1. Mid-market IT teams (50–2000 endpoints) — usually replacing a spreadsheet or a homegrown Access database. The trigger is a Microsoft 365 audit, a CSRD reporting deadline, or a CFO demand for refresh planning.
2. Managed service providers (MSPs) — multi-tenant ITAM is mandatory; per-seat or per-device pricing must scale across 20+ client orgs.
3. Public sector and regulated enterprises — driven by ISO 27001 Annex A.5.9 (asset inventory) and CSRD ESRS E1 (Scope 3 hardware emissions). Data residency in the EU is non-negotiable.

A 500-endpoint fleet in 2026 generates 3,000+ software titles, 1,200 license seats, and 280 hardware refresh decisions per year. Manual tracking breaks above 100 endpoints. The breaking point isn't the inventory — it's the reconciliation work each quarter.

Core capabilities to look for

Every ITAM tool sold in 2026 should ship the following without a paid add-on:

• Hardware inventory — CPU, GPU, RAM, disks, peripherals, BIOS/firmware, serial number
• Software inventory — installed applications with version, install date, and Microsoft Store / winget source
• Lifecycle tracking — purchase date, warranty, depreciation, end-of-support
• License compliance — entitlements vs deployments per vendor
• Reporting & exports — CSV, API, scheduled emails

What separates contenders from leaders in 2026:

• Continuous telemetry (vs nightly scan) — battery health, boot time, app crashes
• Energy and carbon measurement — per-app kWh and per-employee kg-CO₂
• Built-in remote control — no need to layer TeamViewer or AnyDesk
• Multi-tenant MSP mode — one console, many client orgs
• Native EU data residency — for CSRD audit trails and HDS-class data
• Zombie app detection — software installed but unused for 30+ days
• Per-app crash rate — DEX signal for fleet stability

ITAM vendor landscape — 2026

Vendor	Model	Per-device/yr	Strengths	Weaknesses
Lansweeper	SaaS + on-prem	€1.10–€2.40 + agent fee (Starter €199/mo / 2,000 assets)	Network discovery, mature OT/IoT scanner	Carbon module is an estimate, not a measurement
ServiceNow ITSM/ITAM	SaaS	$70–$100 per fulfiller user/month (ITSM Standard); ITAM module billed separately	Enterprise CMDB, workflow engine	Per-fulfiller-user pricing — not per-device. Six-figure floor; ITAM is a sub-module
GLPI	Open source on-prem	€0 (€20+ MSP support)	Free, French-speaking community, helpdesk-first	Perl agent, plugin compatibility, no SaaS hosting
Snipe-IT Cloud	SaaS	from $39.99/mo (5 users / 100 assets)	Asset registry, lightweight	No telemetry, no compliance reports
Atera / NinjaOne	SaaS RMM+ITAM	$129–$209 / tech (Atera MSP annual)	Strong RMM, MSP focus	Inventory is a side feature; thin lifecycle
Action1	SaaS patch	Free ≤ 200 endpoints, then $4 / endpoint / mo (Growth tier)	Patch-first, easy onboarding	Not a real ITAM — no licenses, no contracts
sobrii	SaaS	€12–€20	Per-employee CO₂, per-app kWh, remote control included, zombie apps, 100 % FR/EN, EU-hosted	Younger product (2023+), Windows + macOS only

Pricing reflects publicly listed entry tiers as of May 2026. Enterprise deals are negotiated. Lansweeper Pro tier is €359/month base for 2,000 assets, scaling in 1,000-asset increments to 9,000 (Source: Lansweeper, 2026).

One Rust agent vs a stack of point tools

One Rust agent, < 1% CPU. The ITAM industry average stacks an inventory agent (GLPI), an MDM (Intune), an EDR (CrowdStrike), an RMM (Atera) and a DEX tool (ControlUp). sobrii ships one signed, sandboxed Rust binary with a measured footprint < 1% CPU on Windows and macOS. Fewer agents = smaller attack surface, less battery drain, less support overhead.

Two reasons. First, endpoint security debt: each kernel-level agent is a new CVE pipeline. CrowdStrike's July 2024 outage made the point publicly. Second, end-user experience: stacked agents consume 8–15% CPU at idle on a 5-year-old fleet — the exact population ITAM should help retire, not strain.

Procurement decks rarely frame it as "5 agents vs 1." They compare inventory tool A vs inventory tool B and ignore the four other agents co-resident on every device. Surface that with your security and DEX teams early.

Per-employee carbon footprint via direct telemetry

sobrii measures kWh per employee, not per site. The Rust agent captures real consumption (CPU/GPU/screen/battery) second-by-second, then applies the regional grid emission factor (Ember/EPA eGRID) to produce kg-CO₂/employee/month — exportable directly to CSRD ESRS E1. No category-average proxies: measurement is per device, aggregated per employee.

ADEME's Base Empreinte database lists ~169 kg CO₂e for a 14-inch laptop's production phase alone, with full lifecycle (manufacturing + use + end-of-life) closer to 300–400 kg over five years (Source: ADEME Base Empreinte; Fraunhofer IZM, 2022). Apple's recent MacBook Air Product Environmental Reports put their flagship laptops in the 145–160 kg CO₂e range — a useful low-bound for vendor comparison (Source: Apple, 2023).

Use-phase adds another 50–120 kg/year depending on the regional grid. Without per-device telemetry, finance teams default to category averages — a habit auditors are flagging as 2026 ESRS reports go through assurance.

Per-app energy measurement (kWh)

sobrii attributes kWh per application. For each process (Chrome, Teams, Photoshop, Slack…), sobrii measures CPU + GPU time and reconstructs real power draw. You learn that Teams consumes 3.2 kWh/yr/device and Chrome 5.1 — a measurement GLPI and Lansweeper don't expose.

This unlocks two operational moves: (1) license rationalization (kill the SaaS app that uses 5 kWh/yr/device for 2 hours of monthly use) and (2) standard-image energy budgets, where IT can set a target like "≤ 25 kWh/yr/standard laptop."

The Energy Star database lists certified business laptops at 30–80 kWh/year (Source: Energy Star). When per-app telemetry shows your fleet at 110 kWh/year per device, you have a concrete delta to investigate — usually a sprawling Electron app or a poorly-configured backup client running continuously.

Zombie apps and per-app crash rate

sobrii surfaces zombie apps and per-app crash rate. A "zombie app" = installed on ≥ 30% of the fleet, used by < 5% of employees. sobrii lists them with annual license waste. Same for crash rate: sobrii knows app X crashes 2.4×/day on Dell Latitude 5420s, 0.1× on M2 MacBook Pros — actionable DEX, not a Net Promoter score.

These two signals matter because they convert two abstract conversations into one concrete CSV:

1. License optimization. Procurement asks "which seats can we drop?" and gets a ranked list by waste — Adobe Acrobat Pro at 312 unused seats × $23.99/mo = USD 89,800/yr recovered.
2. DEX prioritization. Support hears "Outlook is slow" forever; the crash-rate-per-hardware-model report points to the actual fix — replace 47 Latitude 5420s on the upgrade list, not the OS or the app.

A 2024 Flexera ITAM survey found that 28–30% of SaaS spend is unused at any given month. For a 500-employee org spending USD 3M on SaaS, that is ~USD 900K of recoverable budget — assuming you can find the zombies.

4-decision lifecycle (upgrade / repair / reallocate / replace)

sobrii adds a 4th lifecycle decision: reallocate. Where GLPI, Lansweeper and Snipe-IT offer 3 paths (keep / repair / replace), sobrii computes 4 options per device — upgrade, repair, reallocate (to the next employee), replace — with cost and CO₂ for each. The reallocate branch extends average service life by 12–18 months and halves per-device embodied carbon.

The default 3-decision pattern is a relic of finance-driven ITAM, where a device is either an asset on the books or a write-off. The reallocate branch reflects how IT actually runs: a power user's 18-month-old laptop is a great machine for a new sales hire — but only if the tool surfaces the option with a SLA-grade refurb workflow.

Decision	Avg CapEx	Avg added service life	Avoided embodied CO₂ vs replace
Upgrade (RAM / SSD)	€120–€280	12–18 mo	~250 kg
Repair (battery, hinge)	€80–€200	12 mo	~280 kg
Reallocate	€60–€150 (refurb cost)	12–24 mo	~300 kg
Replace	€900–€1,800	36–48 mo	0

The reallocate line is the one that doesn't exist in legacy ITAM. It is also the one with the best CO₂/€ ratio.

WebRTC remote control included in plan

Remote control is in the plan, not an add-on. No need to buy TeamViewer or AnyDesk on top: sobrii ships a built-in WebRTC remote-desktop module (peer-to-peer, no external relay, multi-screen, auto-reconnect). 200-device benchmark: TeamViewer Business ≈ $1,020/month (fully-loaded median enterprise spend, not the list Business plan price) → sobrii: $0/month (bundled).

Mid-market teams running both ITAM and a remote-support tool cut a five-figure annual line. MSPs drop the attended-vs-unattended licensing math. See the 2026 remote desktop comparison for the full landscape.

100% bilingual FR/EN product (Métropole Montpellier reference)

sobrii is built FR-first, EN-parity from day one. Every label, CSRD/ISO 27001 report, and CSV export is generated in the user's language — not a 70%-translated glossary. Anchor reference: Métropole de Montpellier — 7,000+ PCs monitored, –10% CO₂ emissions, ~€1.5M in avoided purchases. For IT teams in regulated EU markets, this is the difference between a compliance artifact and an audit-grade record.

Most US-built ITAM platforms ship French as an afterthought. Strings translated post-release. UX terminology drifts from French IT vocabulary ("parc informatique" ≠ "fleet"). CSRD/ISO 27001 reports default to English. For a French public-sector buyer, that is a procurement blocker.

CMDB vs ITAM, made concrete

These two acronyms get blurred in vendor decks. The split:

• CMDB (Configuration Management Database) per NIST SP 800-128: "A database that contains configuration items (CIs) and the relationships among them, used to manage IT assets and configurations for security" (Source: NIST). Question answered: how is the infrastructure wired together?
• ITAM per ISO/IEC 19770-1: lifecycle + financial layer. Question answered: what do we own, what does it cost, and when must it move?

Most mid-market orgs (under 2,000 endpoints) run ITAM-only and handle simple relationships ("this app runs on this server") without a formal CMDB. Above 2,000 endpoints, relationship complexity — microservices, dependencies, cloud — justifies a separate CMDB integrated with the ITAM via API.

How to evaluate ITAM software in 6 weeks

A 6-week proof of concept is realistic for any of the SaaS contenders.

1. Week 1 — agree on a 25-endpoint test scope (mix Windows + macOS + at least one MSP-managed client if applicable).
2. Week 2 — install agents, validate inventory accuracy against a manual sample (target ≥ 95%).
3. Week 3 — connect license sources (Microsoft 365, Adobe, Autodesk).
4. Week 4 — run a refresh-decision report on 25 devices and challenge the recommendation manually.
5. Week 5 — generate a Scope 3 / ESRS E1 export and walk it through your auditor.
6. Week 6 — measure agent CPU and battery impact on the 25 devices; verify uninstall is clean.

The vendor that fails any of weeks 2, 4, or 6 is not ready for production.

Real-world rollout: a 90-day playbook for 500 endpoints

A useful default plan for a mid-market IT team replacing a spreadsheet:

• Day 0–14: discovery. Run agent deployment via SCCM / Intune / Jamf. Target 95% coverage by day 14; flag and chase the long tail manually.
• Day 15–30: license reconciliation. Connect Microsoft 365 admin, Adobe Admin, Autodesk Account, Atlassian Cloud, GitHub Enterprise. Expect to surface 10–20% over-licensing on at least one vendor.
• Day 31–60: refresh model. Feed warranty data, depreciation policy, and CFO's CapEx envelope into the tool. Generate refresh proposal for the next 18 months.
• Day 61–90: CSRD baseline. Activate per-device energy telemetry. Generate first ESRS E1 baseline. Walk the methodology through your sustainability and assurance teams.

Conservative timeline. Teams replacing a clean spreadsheet hit day-90 milestones at day 45. Teams replacing a poorly-maintained GLPI install spend the first 30 days on data cleanup.

Budget framework: TCO for 500 endpoints over 3 years

A realistic 3-year total cost of ownership (TCO) comparison, 500 endpoints, mid-market profile:

Cost line	sobrii (€12/dev/yr)	Lansweeper (Pro €4,308/yr / 2,000 + agent)	ServiceNow ITAM (≈€80/dev/yr equivalent — actual billing per fulfiller user/mo, depends on user:device ratio)	GLPI on-prem (free + ops)
Licenses 3y	€18,000	€14,400	€120,000	€0
Implementation	€5,000	€8,000	€40,000	€15,000 (ops setup)
Remote desktop (avoided / added)	€0 (bundled)	+€36,000 (TeamViewer)	+€36,000	+€36,000
Carbon module (avoided / added)	€0 (bundled)	+€18,000 (3rd-party)	+€30,000 (Sustainability Mgmt add-on)	+€20,000 (manual)
Internal ops (0.25 FTE)	€37,500	€37,500	€60,000	€112,500 (1 FTE)
3-year TCO	€60,500	€113,900	€286,000	€183,500

Numbers are indicative — real deals vary 20–40% with volume. Structural finding: bundled remote control + carbon module flips the comparison against tools that look cheaper on the per-device line.

Common mistakes when buying ITAM

Five patterns I see repeatedly in failed ITAM projects:

1. Buying for inventory only. Pure inventory tools (Snipe-IT, Action1) cap at the registry. License management, telemetry, and lifecycle scoring need a real ITAM.
2. Ignoring the agent count. A "cheap" ITAM that forces you to keep 4 other agents costs more than a single-agent stack.
3. Skipping the auditor conversation. CSRD / ISO 27001 reports must be reviewable. Activity-based telemetry beats spend-based estimates — agree the methodology with your assurance partner before buying.
4. Underestimating data cleanup. A 5-year-old spreadsheet or GLPI install almost always needs 30 days of cleanup. Budget for it.
5. No exit strategy. Ask each vendor for a documented export path. ITAM data is sticky — a tool you can't leave is leverage you don't have.

Verdict

For a mid-market IT team in 2026, the realistic short list: Lansweeper for the broadest scanner, GLPI if on-prem ops are available, ServiceNow only when ITSM is already in production, sobrii when per-employee CO₂ + per-app kWh + zombie-app detection + bundled remote control matter in a single stack. MSPs add Atera or NinjaOne for RMM-heavy workflows. Skip spreadsheets above 100 endpoints — the audit-time cost alone funds an ITAM SaaS license within a year.

For deeper dives, see our CMDB guide, how to run an IT asset inventory, the GLPI SaaS alternative comparison, the IT carbon footprint guide, and the keep-repair-reallocate-replace framework. French-speaking readers: la version française est ici.

To evaluate sobrii directly, see the platform overview.

FAQ

What is IT asset management

IT asset management (ITAM) is the practice of tracking every hardware and software asset in an organization across its full lifecycle — from purchase through retirement. It covers laptops, servers, mobile devices, software licenses, cloud subscriptions, and warranties. The goal is to know what you own, what it costs, and when it must move. ISO/IEC 19770-1:2017 is the canonical reference standard.

What does an IT asset management specialist do

An ITAM specialist owns the asset register, runs the audit cycle (typically quarterly), reconciles license deployments against entitlements, drives the refresh roadmap with finance, and produces compliance reports for ISO 27001, SOC 2, or CSRD. In a 500-endpoint org, this is a 0.5–1 FTE role; above 2000 endpoints, it becomes a small team of 2–4 people.

What are the top 5 IT asset management tools

For 2026, the most-evaluated tools by mid-market IT teams are: Lansweeper, ServiceNow ITAM, GLPI (open source), Snipe-IT (open source, asset-only), and sobrii (modern SaaS with energy and carbon telemetry). For MSPs, Atera and NinjaOne also appear in shortlists. Action1 fits as a patch-management complement, not a full ITAM.

Is ServiceNow a CMDB or an ITAM

ServiceNow is both, but the two are different modules. Its CMDB tracks configuration items and their relationships (servers, applications, dependencies) — aligned with NIST SP 800-128's CMDB definition. Its ITAM tracks lifecycle, license entitlements, and asset financial data. Most ServiceNow customers buy the ITSM core and add ITAM/CMDB as paid sub-modules.

How much does IT asset management software cost

Open-source tools (GLPI, Snipe-IT) are free, with paid support starting around €5–10 per device per year. Mid-market SaaS lands at €12–€30 per device per year (sobrii at €12–€20 with all modules including remote control and zombie-app detection). Lansweeper Starter is €199/month for up to 2,000 assets. Enterprise platforms (ServiceNow ITAM) start in the six figures annually.

Does ITAM software measure carbon emissions

Most legacy ITAM tools (GLPI, Lansweeper, Snipe-IT) do not measure carbon directly — they apply category averages to inventory counts. A small group of modern SaaS tools, including sobrii, measures real per-device energy via an agent and converts it to kg-CO₂ using regional grid factors (France ~55 g/kWh, Germany ~366, US ~370 — Ember 2025), producing CSRD ESRS E1-grade exports.

What is the difference between ITAM and CMDB

ITAM tracks the financial and lifecycle layer (what you own, what it costs, when it expires). CMDB tracks configuration items and their relationships (server A runs app B which depends on database C). NIST SP 800-128 defines CMDB; ISO/IEC 19770-1 defines ITAM. Mid-market orgs (under 2,000 endpoints) usually run ITAM-only. Above that, both tools coexist, integrated via API.