Executive overview

The SCO read-only thesis, pointed at IT operations: spend, service health, incidents, and the cost of cloud and SaaS - observed across your ITSM, monitoring, and cost systems to show what IT delivers and where it leaks, not to run IT.

What this is, and what it is not. A preview of a planned domain, not a live product. In production it would sit read-only on top of your ITSM, monitoring, asset/CMDB, and cloud-cost systems - reading service, cost, and ticket data and surfacing health, spend, and waste. It does not manage IT, change configuration, or action tickets; it gives IT leaders a cost-and-health view. It is distinct from Security Operations. All figures here are synthetic.

$28M

IT spend (TTM)

6.2% of revenue

99.92%

Service uptime

+0.04 pts

42

Open incidents

3.2 hrs

MTTR

-0.5 hrs

1,800

Tickets / month

$7.2M

Cloud spend (yr)

180

SaaS apps

42 unsanctioned

78%

License utilization

IT spend & plan ($M) synthetic

Trailing 8 quarters with a 4-quarter plan and band.

IT spendPlanBand

IT spend by category synthetic

Signals worth attention

42 unsanctioned SaaS apps, ~$0.9M - shadow IT spend outside procurement; duplicate tools and an access risk (links to Security).

Cloud spend up 21% YoY, ~18% idle - the clearest cost-recovery opportunity in the IT budget.

Uptime 99.92% with MTTR down half an hour - service reliability is strong and improving.

Synthetic preview. In production, derived read-only from ITSM, monitoring, CMDB, and cloud-cost systems with SHA-256-anchored lineage, as in SCO.

Service health

Availability and reliability of the services the business runs on.

99.92%

Overall uptime

96%

SLA attainment

2

Services below SLA

4.1 hrs

Downtime (TTM)

Uptime by service

ERP99.98%

Email / collaboration99.95%

MES / plant systems99.85%

E-commerce / portal99.71%

The customer portal is the weakest service - below its SLA; the same system flagged for outdated libraries in Security.

Synthetic, aggregated. Reads availability monitoring read-only; SLA per the customer's service catalog.

Incidents & tickets

Volume and severity of incidents and service requests, and how fast they close.

42

Open incidents

3

P1 / critical

1,800

Tickets / month

3.2 hrs

MTTR

Incident trend (per quarter) synthetic

Tickets by category read-only

Category	Volume	Avg resolve
Access / accounts	38%	2 hrs
Hardware / endpoint	22%	1 day
Application support	19%	4 hrs
Network / connectivity	12%	3 hrs
Other	9%	5 hrs

Access requests are 38% of tickets - the biggest target for self-service or automation to free the service desk.

Synthetic, aggregated. Reads ticket and incident metadata read-only from ITSM; MTTR = mean time to resolve.

IT spend

Where the IT budget goes, and how it paces against plan.

$28M

IT spend (TTM)

6.2%

% of revenue

run

62% run vs change

+4%

vs budget

IT spend bridge ($M) synthetic

Prior year to current.

Spend detail read-only

Category	Spend	vs plan
Infrastructure / cloud	$8M	+9%
Applications / SaaS	$7M	+6%
Personnel	$6M	0%
Network / telecom	$3M	-2%
Security	$2M	+3%
End-user / devices	$2M	-4%

Cloud and SaaS drive the budget growth - the two categories over plan; also where the waste sits.

Synthetic, aggregated. Reads IT cost read-only; run vs change = keep-the-lights-on vs transformation.

Cloud cost

Cloud spend over time, where it concentrates, and how much is recoverable.

$7.2M

Cloud spend (yr)

+21%

YoY growth

18%

Idle / waste

$1.3M

Savings identified

Cloud spend trend ($K / quarter) synthetic

Spend & waste by area

Compute$3.1M (22% idle)

Storage$1.8M

Data / analytics$1.4M

Network / egress$0.9M

$1.3M is recoverable - idle compute and oversized instances; right-sizing is the single biggest IT cost win.

Synthetic, aggregated. Reads cloud-cost data read-only; waste = unused/idle resource cost.

SaaS & licenses

The full SaaS estate - what is sanctioned, what is shadow, and how much license sits unused.

180

SaaS apps

42

Unsanctioned

78%

License utilization

$0.9M

Recoverable spend

SaaS apps by function synthetic

License waste read-only

App	Seats	Used	Waste
Collaboration suite	2,400	2,050	$0.3M
CRM	320	210	$0.2M
Design / CAD	180	120	$0.2M
Analytics	240	150	$0.2M

42 shadow apps and ~$0.9M of unused license - consolidation and reclaim recover real budget and shrink the access surface.

Synthetic, aggregated. Reads SaaS-management and license data read-only; shadow = apps outside the sanctioned catalog.

Assets & lifecycle

The IT asset estate and where it is aging out of support.

4,180

IT assets

24

End-of-life

180

Refresh due (yr)

94%

Under support

Assets by lifecycle stage

Current2,980

Aging980

Refresh due180

End-of-life24

24 assets are end-of-life - concentrated in plant/OT; the same systems flagged unsupported in Security.

Synthetic, aggregated. Reconciles asset inventory read-only across CMDB and endpoint management.

Service levels

How well IT meets its commitments - response and resolution against target.

96%

SLA attainment

98%

Response SLA

93%

Resolution SLA

4

Breaches (quarter)

SLA attainment by priority

P1 / critical99%

P2 / high96%

P3 / medium91%

P4 / low88%

Critical-priority SLAs are nearly perfect; the slippage is in low-priority resolution - a backlog, not a reliability problem.

Synthetic, aggregated. Reads SLA performance read-only; targets per the customer's service agreements.

IT projects

The IT delivery portfolio - status of the transformation and infrastructure work.

12

Active IT projects

2

Red status

$11M

IT project budget

70%

On schedule

IT projects read-only

Project	Status	Budget	Note
ERP upgrade	Red	$6.4M	Scope + schedule
CRM consolidation	Amber	$1.8M	Resourcing
Network refresh	Green	$1.2M	On track
Zero-trust rollout	Green	$0.9M	With Security

IT projects feed the same portfolio the PMO view tracks - the ERP upgrade is the shared red item across both.

Synthetic, aggregated. Reads IT project status read-only; a subset of the full PMO portfolio.

Connectors & data

Where IT Operations would read from, and the posture it would read with.

Read-only. These connectors are scaffolded, not built - each reports 0/12 conformance until a tenant integration is done. In production they read service, cost, and asset metadata read-only, with SHA-256-anchored lineage. AssetShop does not manage IT, change configuration, or action tickets; ITSM and cloud systems stay authoritative.

IT connectors

System	Category	Mode	Status
ServiceNow	ITSM	Read-only	Scaffolded 0/12
Datadog / monitoring	Observability	Read-only	Scaffolded 0/12
CMDB / asset mgmt	Assets	Read-only	Scaffolded 0/12
AWS / Azure cost	Cloud cost	Read-only	Scaffolded 0/12
SaaS management	SaaS / license	Read-only	Scaffolded 0/12

How it stays trustworthy

Read-only - no path to change configuration, action tickets, or touch infrastructure.

Complements, not replaces - it sits alongside your ITSM and FinOps tools, not over them.

Lineage on every figure - each number traces to a source record via SHA-256 anchoring, as in SCO.

Planned domain. Connectors are scaffolds; functional conformance (12/12) is verified per tenant at integration, never assumed.

Signals & opportunities

IT operations signals across reliability, capacity, and cost - read-only from ITSM, monitoring, and SAM. Surfaces patterns; changes run in your tools. Figures synthetic (Meridian Industrials).

9

Open signals

$1.7M

Exposure

1

High severity

$0.9M

Addressable

Detected signals synthetic

Each signal is an observation with a source lineage; confidence reflects how directly the data supports it.

Signal	Area	Severity	Magnitude	Conf.	Source
Change-failure rate up	Reliability	high	18% vs 8%	high	ITSM
SLA breaches - P1/P2	Service	medium	6 this month	high	ITSM
MTTR drift	Reliability	medium	+2.4h	med	monitoring
Capacity headroom low	Capacity	medium	12% free	high	monitoring
License waste - SaaS	Cost	medium	$0.6M unused	high	SAM
Incident volume up	Operations	medium	+14% QoQ	med	ITSM
Change backlog	Operations	low	22 pending	med	ITSM

Opportunities the signals point to

What the observation suggests. AssetShop quantifies; your team decides and acts in the source systems.

$0.6M

SaaS license reclamation on unused or duplicate entitlements.

$0.3M

Incident-driver reduction on the top change-failure category.

6 SLA

Address breaches concentrated in one service.

How to read this

High signals are concentrated, well-evidenced, and material - act on these first.

Confidence separates observed facts from modeled estimates.

Every figure traces to a read-only source. Nothing here is written back to any system.

Synthetic. Signals computed from read-only ITSM / monitoring / SAM data; magnitudes labeled modeled are estimates, not posted figures. Operational signal, not advice; AssetShop never writes back to source systems.

Ticket detail

Incidents and changes by service - the data behind IT-operations signals.

$1.7M

Addressable

18%

Change-fail

6

SLA breaches

9

Shown

Detail records synthetic

P1/P2 incidents concentrate on Order API and Payments. Use Export above to download exactly these rows as CSV.

Ticket	Type	Priority	Service	Age (d)	Status
TK-1	incident	P1	Order API	2	open
TK-2	change	P2	Billing	1	in-progress
TK-3	incident	P2	Auth	3	open
TK-4	incident	P3	Reporting	5	resolved
TK-5	change	P2	Order API	1	in-progress
TK-6	incident	P1	Payments	4	open
TK-7	change	P3	Portal	2	resolved
TK-8	incident	P2	Billing	6	open
TK-9	change	P2	Auth	1	in-progress

Synthetic (ITSM + monitoring). Read-only detail; AssetShop never writes back to source systems. Figures illustrate Meridian Industrials.