Software and hardware obsolescence: recommendations for organisations and proposals for providers

15 décembre 2021 | ACTUALITÉS, Cigref in english, Communiqués, Publications du Cigref

Cigref has published a double report on the work of the « Software and Hardware Obsolescence » taskforce, led by Olivia Bertout, Digital CSR Leader at Adeo. The work of this taskforce resulted in two interdependent deliverables: internal recommendations for user companies, and proposals for commitments by suppliers of digital products and services.

Companies are increasingly faced with software and hardware obsolescence, which penalises them in terms of security, cost control, limitation of environmental impacts and preservation of resources. Following on from Cigref’s work on digital sobriety, a taskforce met to deal with this issue of obsolescence in more detail.

What are the keys to working with partners to extend the lifespan of hardware and software while ensuring the security of information systems?

The research carried out by this taskforce resulted in two interdependent deliverables:

  1. Internal recommendations to user companies with action areas intended in particular for the Purchasing departments and the IT Department;
  2. Commitment proposals intended for providers of digital products and services, providing a shared platform for study with organisations who use digital technology to fight against the phenomenon of software and hardware obsolescence.

« We, as user companies, must question our practices and our choices. And we also want our suppliers to tackle the subject of obsolescence so that their proposals are able to meet the challenges of a subject that is a regulatory topic of central importance ». Olivia Bertout, Digital CSR Leader at Adeo, , Head of Taskforce

Each of these two deliverables is accompanied by a summary sheet on the state and evolution of regulations concerning the fight against the obsolescence of digital products and services.

Internal recommendations to organisations

This deliverable suggests practices for internal implementation, particularly for Purchasing and IT departments. These recommendations are intended to help integrate the specific requirements of software and hardware obsolescence into the responsible digital purchasing policy and into the day-to-day work of IT departments. Finally, an analysis of costs attributable to the limitation of the lifespan of the software and hardware and of the economic gains linked to the fight against obsolescence is presented as a means of promoting confidence among clients.

Proposals to providers and manufacturers

In this document, user organisations define the expectations they have of their partners who supply digital products and services to enable them to work on defining a common framework for engagement. The proposals relate to key subjects such as: limiting the effects of software – hardware interdependence; extending the duration of technical support and security updates; software modularity (both in terms of version upgrades and user settings); and finally, the development of recovery, repairability and recycling services. These proposals should be considered as a common working platform with suppliers and manufacturers, given that they are intended to be used by organisations in their calls for tenders or their specifications for digital purchases.

Nomenclature des profils métiers du SI – version 2022

Le Cigref maintient, depuis 1991, une Nomenclature des profils métiers existant dans les Directions des Systèmes d’Information (DSI) des entreprises membres du Cigref. Cet outil ne présente pas ce que seront à l’avenir les métiers des SI mais ce qu’ils sont...

Towards a Zero Trust philosophy: a break in continuity for application security

Cigref has published a report on the work of its "Zero Trust" working group, led by Thierry Borgel, CIO of the ICADE group. Zero Trust is a development of IT security principles and a philosophy that organisations will need to adopt to strengthen the security of their...

Vers une philosophie Zero Trust : une rupture dans la continuité pour la sécurité des applications

Le Cigref publie, sous forme de rapport, les travaux de son groupe de travail sur le thème « Zero Trust », piloté par Thierry BORGEL, DSI du groupe ICADE. Le Zero Trust est une évolution des principes de sécurité IT et une philosophie que les...