.svg "Header-logo"){kind=small}
If you've ever tried to stand up a SAM program in ServiceNow, you've probably seen it: teams trying to run before they can crawl.
It's not because they don't know what good looks like. It's because the pressure to show quick ROI pushes teams into the deep end too soon. They rush to automate reclamation, roll out datacenter compliance, or build dashboards for leadership before the data foundation is solid.
And then, inevitably, it falls apart: reconciliation results change wildly week to week, compliance dashboards nobody trusts, and reclamation workflows that pull back licenses people are actually using. The ROI story crumbles because the data underneath it was never reliable.
That's why a crawl-walk-run approach matters. It's a structured, realistic way to build a SAM practice that actually sticks, one that turns scattered data into reliable insights and ongoing savings, without burning your team out.
This is Part 1 of a three-part series on building SAM programs that work. Today we're talking about Crawl, the unglamorous foundation work that makes everything else possible. Get this right, and you'll have visibility you can trust. Skip it, and you'll spend months rebuilding what should have been done in week one.
The Foundation Most Teams Skip
Here's the pattern I see repeatedly: teams activate the SAM plugin, import data from SCCM or some other source, create some entitlements, run reconciliation, and report the results to leadership.
The problem? Those numbers are usually wrong.
Your discovery tools report raw installation strings, such as "Microsoft Office 2021 ProPlus," "MS Office Professional Plus 2021," "Office365ProPlus". They're all the same product, but your system doesn't know that yet. Without normalization, you can't reconcile accurately, and without accurate reconciliation, you can't prove compliance or identify savings.
This is the data problem nobody wants to talk about: SCCM data isn't "good enough" out of the box. Neither is Intune. Neither is Jamf. And yet teams treat discovery data as source of truth, build processes on top of it, and then wonder why nothing adds up.
The teams that succeed understand this: SAM isn't a plugin activation; it's a data discipline practice. And that discipline starts in the Crawl phase.
What "Crawl" Actually Means
The Crawl phase has one goal: establish clean, trustworthy data across your end-user computing environment.
That means focusing on laptops, desktops, and SaaS applications, especially the software that's easiest to discover and easiest to prove value with. Save datacenter software (SQL Server, VMware, Oracle) for later. That licensing is exponentially more complex, and you need your process solid before tackling it.
In the Crawl phase, you're building six things:
- A clean CMDB foundation (no duplicates, proper relationships)
- Normalized software data (standardized publisher, product, version)
- Accurate entitlements with correct license metrics
- Reliable reconciliation that produces explainable results
- Your first reclamation opportunities identified
- A weekly review cadence that keeps data quality high
This typically takes 6-8 weeks. I know that feels slow when leadership wants results yesterday, but here's what I tell every client: you can spend 6 weeks building it right, or you can spend 6 months rebuilding it wrong.
The Six Steps That Actually Matter
Let me walk you through what a successful Crawl phase looks like, not every technical detail, but the sequence and why it matters.
Step1: Start with CMDB Health (Even Though Everyone Wants to Skip It)
I get pushback on this every time. "Our CMDB is fine, Gary. Let's just start importing software."
But here's what happens when you skip this step: one client discovered they had 12,000 computer CIs for 8,000 actual devices. The 4,000 duplicates came from systems that were reimaged but kept their old records. When they ran reconciliation, every license appeared 50% over-deployed.
Before you import a single software installation, run a duplicate CI check. Get your duplicate rate under 5%. Verify that computers are properly related to users (if you're doing user-based licensing). Clean up retired devices that are still showing as active.
It's boring work, but non-negotiable.
Step 2: Connect Your Discovery Source (And Actually Validate the Data)
Most organizations already have SCCM, Intune, or Jamf managing their endpoints. Installing the ServiceNow connector is fairly straightforward and is something you can do on your own or work with a partner to assist.
The part people mess up? They assume if the import completes successfully, the data is good.
After your first import, look at what came through. Navigate to the Software Discovery Models table and spot-check a few dozen records. Are you seeing installation data? Are the discovered publisher and product fields populated? Are you missing entire categories of software you know is deployed?
I've seen imports "succeed" while silently failing to capture half the installed software because of misconfigured filters or permission issues.
One other critical point: schedule daily imports. Software changes constantly. If you're only importing weekly or monthly, your compliance data is already stale.
➡️For a deeper look at what CMDB tables and attributes Intune updates in ServiceNow https://www.servicenow.com/docs/bundle/zurich-servicenow-platform/page/product/configuration-management/reference/cmdb-intune-classes.html
Step 3: Let Normalization Do Its Magic (And Help It Along)
Here's where ServiceNow SAM really shines. Every night, your instance downloads updated content from ServiceNow's Content Library, a database of millions of software signatures maintained by ServiceNow's research team. Then a scheduled job runs that compares your messy discovery data against this library and standardizes it.
When it works, it's beautiful. "Microsoft Corporation" and "MS Corp" and "Microsoft Inc." all become "Microsoft." Different version strings all get standardized. You even get lifecycle data and classification codes automatically.
Out of the box, you'll typically see 85%+ normalization rates. That's good, but not great.
Here's the move that makes the difference: opt into the Content Service. This lets you submit your unnormalized software to ServiceNow's content team for research. Within 2-4 weeks, they'll add it to the Content Library, and suddenly thousands of your installations are normalized.
In one environment, more than 8,000 Cisco AnyConnect installations weren’t normalizing because of a pattern mismatch. After submitting it to ServiceNow Content Service, updated definitions were released within 10 days and every installation normalized automatically. It transformed thousands of ‘unknown’ records into clean, reconcilable software data.
For internal custom software, you'll need to manually normalize those because ServiceNow can't research your proprietary applications. But that's usually a small percentage of your overall install base.
Check your normalization dashboard weekly during Crawl. If your numbers aren't improving, something's wrong.
Step 4: Create Entitlements (And Get the Metrics Right)
This is where I see the most mistakes. Teams rush to create entitlements without understanding the licensing model, and then they can't figure out why reconciliation shows them massively over-deployed.
The #1 culprit? Wrong license metrics.
Microsoft 365 is licensed per user, not per device. One person can have Office installed on their laptop, desktop, phone, and tablet—that's still just one license needed. But if you set your entitlement metric to "Device," ServiceNow will count all four installations and think you need four licenses per person.
I've seen this mistake cost weeks of troubleshooting.
Start with your biggest spend items. For most organizations, that's Microsoft 365, Adobe products, and a handful of common SaaS applications. Use the Guided Setup wizard to guide you through the right questions and help you avoid metric mistakes.
Don't try to create entitlements for everything in week one. Focus on 10-15 products that represent 80% of your software spend. You'll add more as you go.
Step 5: Connect Your SSO Provider (This One's a Quick Win)
If you're using Azure AD or Okta for single sign-on, you can integrate it with ServiceNow in about 30-45 minutes. And the value you get is immediate.
Suddenly you can see every SaaS application your users are accessing, even if it's not installed on any device. More importantly, you can see who's not using what they have access to.
The first time I show clients this data, they're shocked. "We have 50 people with Adobe Creative Cloud who haven't logged in once in six months? That's $33,000 a year we're wasting."
This becomes your first ROI story. Week four, you walk into your stakeholder meeting with a list of unused SaaS licenses and the dollar value attached. That's tangible savings identified before you've automated anything.
➡️For more detailed information on Azure AD integration, check the article here: https://www.servicenow.com/docs/bundle/xanadu-it-asset-management/page/product/software-asset-management2/concept/integrate-with-azure-ad.html
Step 6: Run Reconciliation and Face the Truth
This is your moment of truth. You've got normalized installations, documented entitlements, and usage data flowing. Now you run reconciliation and see if your data holds up.
The first time you run it, manually trigger it so you can watch what happens. Don't wait for the scheduled job.
Then download the ITAM Health Check app from the ServiceNow Store and run a full scan. This tool will find configuration mistakes you didn't know you had, such as entitlements with missing software models, incorrect metrics, orphaned records.
What "success" looks like at the end of Crawl:
✅You can explain every compliance result to a stakeholder
✅Your normalization rate is 85%+ and stable
✅The Health Check shows no critical issues
✅Week-to-week results are consistent (not wildly fluctuating)
If you can't check those boxes, don't move to Walk phase yet. Fix the foundation first.
The Mistakes I See Over and Over
Let me save you some pain. Here are the mistakes I've watched teams make repeatedly:
- Skipping CMDB cleanup because it's boring. Then spending three months confused about why compliance numbers are wrong.
- Creating entitlements before normalization is complete. Then rebuilding all those entitlements when they realize installations aren't linking properly.
- Setting up reconciliation but never reviewing the results. Then discovering six weeks later that it's been failing silently the whole time.
- Not running ITAM Health Check until something breaks. Then finding 20+ critical configuration issues that have been accumulating.
The pattern I've seen work: slow down in Crawl, speed up in Walk and Run. The teams that rush Crawl always end up coming back to fix it.
When You're Ready to Walk
You've completed Crawl when you trust your data. That's the whole goal.
You should be able to pull up any compliance result, drill into the details, and explain exactly why ServiceNow is showing what it's showing. You should have a weekly rhythm of reviewing reconciliation results and catching data quality issues before they compound.
And you should have your first set of reclamation opportunities documented and ready to act on.
That's when you're ready for Walk—where we'll automate the reclamation process, expand into datacenter software, and start building the governance workflows that turn SAM from a project into a program.
We'll cover all of that in Part 2.
Let's Talk About Your SAM Program
I've been doing this long enough to know that every organization has unique challenges. If you're standing up a SAM program and want to talk through your specific situation, reach out to our team at Coreio.
We've helped dozens of organizations build SAM foundations that deliver value. Happy to share what we've learned.
About the Author:
Gary Collins is the Director of Service Delivery at Coreio, with over 20 years of hands-on experience implementing and optimizing the ServiceNow platform. He specializes in helping organizations transform their IT operations through ITIL process optimization, CMDB maturity, and IT Asset Management. With a background in financial services, Gary works with enterprise organizations to deliver sustainable value from their ServiceNow investments.
