ITIL and the CMDB: Think Small?
A Configuration Management Database provides an early foundation for changing a reactive IT culture into a proactive service provider.

April 10, 2006
By

Patrick Moore

E-MAIL

COMMENT

SHARE
- Digg
- del.icio.us
- Newvine
- furl
- StumbleUpon
- BlinkList
- Newsvine
- Magnolia
- Facebook
- Tailrank
- Slashdot
- Technorati
- Google Bookmarks
- Yahoo Favorites
- Windows Live
- Ask

Improved Security Deployment and Assessment of Risk. When assessing a known vulnerability on a server, CMDB information can be used to assess risk based on both the severity of a patch, as well as the business context of the vulnerability. This capability allows IT organizations to prioritize patches that support the business and ensure that critical systems are secured first.

More Accurate and Streamlined Compliance. To better facilitate Sarbanes-Oxley and HIPAA initiatives, IT organizations can tap into the CMDB data model to ensure that asset information is accurate and complete. Additionally, the CMDB coupled with the assignment of accountable CI owners and auditors can better enable IT organizations to demonstrate better internal controls. Tracking CIs, relationships and validating their accuracy through continuous monitoring can provide a higher level of assurance that IT systems and related components are controlled and managed in accordance with legislative requirements.

Other advantages of deploying and optimizing a standard CM process and supporting CMDB toolset may include:

Key IT Solutions

Centralize storage of physical and logical infrastructure information

Establish clear ownership and accountability for IT components

Allow more efficient planning and support of the IT infrastructure

Highlight technical inefficiencies for correction and/or improvement

Provide a foundation for standard ITIL-based service management (ITSM)

Compliment regulatory compliance and auditing activities

Decrease the cost of patching, repairing and troubleshooting

Minimize downtime and improve customer responsiveness

Decrease redundancy of IT operational support activities

Support proactive Problem Management initiatives

Track intangible attributes of IT assets and their relationships

Fine-tune Incident Management and operational support

Allow for more efficient handling of data center and/or IT asset migrations

Articulate the business context of IT processes and associated activities

Proactively assess inherent risk from potential IT service failures

Support Business and IT Service Continuity (ITSCM) initiatives · Promote IT standards to the broader IT community

Provide a service-oriented view of the IT infrastructure

Foster an environment of continuous improvement

Implementing a CMDB

Deployment of a CMDB can only be accomplished in parallel with a Configuration Management process. Therefore, IT organizations need to establish goals, create a baseline and foster an environment of continuous improvement. In turn, related activities will help IT management and supporting personnel to gain momentum and demonstrate the value of standard policies, processes and supporting procedures.

In order to establish an effective Configuration Management process, process stakeholders need to ensure that any data associated with core IT operational processes is appropriately stored and managed. Guaranteeing the integrity, validity, accuracy and completeness of CM data is no small task, and requires certain levels of accountability and ownership in order to properly manage the data.

Therefore, deployment of a CMDB requires careful consideration of who owns and is accountable for the operational components of the repository itself. At a minimum, the following Key Goal Indicators (KGI) should be reviewed, established and/or communicated to all stakeholders prior to commencing any CM strategy or CMDB implementation:

Establish process ownership and executive sponsorship for the Configuration Management process

Ensure accountability for the setup, ongoing maintenance and support of CMDB related hardware and components

Ensure network availability, throughput, capacity and access to CMDB related resources is provided

Implement regular, scheduled backup of data and related files required for continuous, reliable CMDB operation

Plan for timely audit and validation of CMDB data to ensure ongoing accuracy of IT environment

Establish a continuous improvement program specific to CM that focuses on the people driving the process

Bottom Line: For many organizations, simply establishing a starting point for a CMDB can greatly help facilitate effective awareness and maturity of the Configuration Management process. However, incorporating too much detail during an initial CMDB deployment can add significant cost to the process and exceed the actual (or perceived) value it provides. In the end, early adopters of CMDB tools that take a tactical, realistic approach to deployment will be rewarded with more rapid realization of IT service support and delivery efficiencies.

1 2

IT Management Daily Newsletter

Whitepapers and eBooks

Helpful Cloud Computing Resources

MORE WHITEPAPERS, EBOOKS, AND ARTICLES

Webcasts

User Experience Management Indicators for Business and IT Success
Ensuring Performance Meets Business and Web User Needs

MORE WEBCASTS, PODCASTS, AND VIDEOS

Downloads and eKits

MORE DOWNLOADS, EKITS, AND FREE TRIALS

Tutorials and Demos

Demo: Google Site Search
Virtual Event: Master Essential Techniques for Leveraging the Cloud
Article: Explore Application Lifecycle Management Tools in Visual Studio 2010
Internet.com Hot List: Get the Inside Scoop on IT and Developer Products

New Security Solutions Using Intel(R) vPro(TM) Technology
All About Botnets
MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES