Configuration management is the process of controlling changes to device configurations in an IT environment. There are five basic operations in configuration management:
- Status accounting
- Verification and audit
Together, these operations provide the means to control the establishment and maintenance of device configurations.
Planning within configuration management is similar to other IT operations; that is, the focus is on setting an overall strategy, defining the policies and procedures necessary to implement that strategy, and identifying configuration items that should be tracked within the CMDB. The configuration management strategy defines the scope and objectives of the configuration management process. For example, the scope of a typical plan includes all managed devices within an organization; the objectives include maintaining the availability and integrity of devices, ensuring efficient use of resources, and minimizing maintenance and training costs.
The planning process also defines roles and responsibilities. A single device may be maintained by several roles. A server, for example, may be the responsibility of a systems manager who is responsible for the OS and access controls, a network administrator who is responsible for configuring network hardware and protocols, and an application administrator who maintains services provided by the server. The CMDB is used across service support operations, but its function and maintenance fall under the scope of configuration management planning.
Although the planning process focuses on the overall configuration management process, the identification process addresses the details of the operation.
Any entity tracked by configuration management is known as a configuration item (CI). Several characteristics of configuration items are recorded:
- Name and description
- Owner of item
- Relationships to other items
- Unique identifiers
It is important to identify CIs to the level of independent change. For example, if laptops are treated as a single unit and hard drives are not moved among laptops, there is no need to track the hard drives independently of the laptop. However, optical drives used for backups and moved among servers should be managed as distinct devices.
The control process ensures that all configuration items are properly identified, their information is recorded in the CMDB, and any changes are done in accordance with change management procedures. (Change control is discussed in detail later.)
Status accounting is the process of recording state changes to a configuration item. The most common states are:
- On order
- Received, pending testing
- Under test
- Installed to production
- Under repair
All state changes should be recorded so that the CMDB always has an accurate representation of the IT infrastructure. This information is also useful for problem management, especially for detecting devices with high incidents of repair or long repair periods.
Verification and Audit
During verification and audit, the contents of the CMDB are compared with the physical configuration items to ensure that information about them is correctly recorded. Documentation about changes to configuration items should also be verified during audits.
Configuration management is an ongoing operation. Some processes, such as planning and verification, occur at regular intervals. The other processes are continuous.
Implementing System Management Services
Home: Deploying Service Support
Part 1: Elements of Service Support
Part 2: Incident Management
Part 3: Problem Management
Part 4: Configuration Management
Part 5: Change Management
Part 6: Release Management
The above tip is excerpted from Chapter 5, "Implementing System Management Services, Part 1: Deploying Service Support" of The Definitive Guide to Service-Oriented Systems Management by Dan Sullivan. Get a copy of this ebook at Realtime Publishers.
About the author: Chief Technology Officer of Redmont Corporation. Dan's 17 years of IT experience include engagements in enterprise content management, data warehousing, database design, natural language processing and artificial intelligence. Dan has developed significant expertise in all phases of the system development lifecycle and in a broad range of industries, including financial services, manufacturing, government, retail, gas and oil production, power generation, and education. In addition to authoring various books, articles and columns, Dan is the leader of The Realtime Messaging and Web Security Community where he posts to his Messaging and Web Security weblog and produces his expert podcast.
This was first published in February 2007