IT Service Management
Showing results for 
Search instead for 
Do you mean 

COBIT5 : Where Configuration Management Systems optimize your IT Management.

HPE-SW-Guest ‎09-25-2013 11:47 AM - edited ‎09-25-2015 10:47 PM

Guest post by Myles Suer, Senior Manager, ITPM Field and Partner Evangelism


Configuration management is about defining and maintaining information on all your IT assets and their overall relationship with each other and your organization. With good configuration management you greatly reduce your business risk because you have the ability to see the effects of any proposed change. Configuration Management and Configuration Management Databases (CMBD) obviously have been hot topics for several years because of the need for IT organizations to establish fundamental control over their IT infrastructure. Naturally, interpretations of configuration management can vary from company to company.


When people say “configuration management” they typically mean one of the following:


1)      Loading configuration information for the service desk

2)      Maintaining configuration information

3)      Managing/maintaining configuration of specific classes of devices

4)      A CMBD that includes configuration discovery of actual state and dependencies as well as the ability to detect configuration drift.


Users naturally have a lot of interpretations of what configuration management is. COBIT 5 suggests that IT organizations need to achieve both items three and four. The configuration management function, according to COBIT 5, includes:

  •  Establishing configuration baselines
  • Verifying and auditing the state of configuration information
  • Updating the recorded state in a configuration repository


The purpose of configuration management is to provide sufficient information about service assets to enable the services to be effectively managed, the impact of changes to be assessed, and allow for service incidents to be dealt with appropriately. Simply put, these functions require configuration to be up-to-date as well as controlled and managed.


Goal for configuration management

To improve this process and reduce IT and business risk, COBIT 5 suggests IT organizations measure themselves against just one process improvement goal. This goal is that the configuration repository is accurate, complete and up-to-date.


Two metrics have been provided to determine if your configuration repository is up to snuff:

1) Number of deviations between the configuration repository and live configuration

2) Number of discrepancies relating to incomplete or missing configuration information


The first number tells you about how managed state and actual state relate to each other. The latter reflects either things discovered that are not recorded or the quality of the recording process as a whole.


So where should you start?

As always, my suggestion is that you start where the most immediate value can be driven. But if it were up to just me, I would start with the number of deviations between the configuration repository and live configuration. We need to drive deviations to a very small number if we are to increase the change success rate, to reduce security vulnerabilities, and to drive up availability and reliability.  What do you think? What would be first on your list? I would love to hear back from you.


I also encourage you to read another post I wrote on the value of COBIT5 on IT strategy: Making COBIT 5 part of your IT strategy

0 Kudos
About the Author


This account is for guest bloggers. The blog post will identify the blogger.

27 Feb - 2 March 2017
Barcelona | Fira Gran Via
Mobile World Congress 2017
Hewlett Packard Enterprise at Mobile World Congress 2017, Barcelona | Fira Gran Via Location: Hall 3, Booth 3E11
Read more
Each Month in 2017
Software Expert Days - 2017
Join us online to talk directly with our Software experts during online Expert Days. Find information here about past, current, and upcoming Expert Da...
Read more
View all