IT Service Management: A Guide for ITILFoundation Exam

Candidates, Second Edition

by Ernest Brewster, Richard Griffiths, Aidan Lawes and John Sansbury
BCS. (c) 2012. Copying Prohibited.

Reprinted for Alexandru Gheorghiu, Capgemini US LLC

none@books24x7.com
Reprinted with permission as a subscription benefit of Books24x7,
http://www.books24x7.com/

All rights reserved. Reproduction and/or distribution in whole or in part in electronic,paper or

other forms without written permission is prohibited.

ITServiceManagement:AGuideforITILFoundationExamCandidates,SecondEdition

Chapter 21: Service Asset and Configuration Management (ST 4.3)

INTRODUCTION AND SCOPE
Organisations invest huge amounts of money in IT equipment and ancillary resources, which are assets of the
organisation. Accordingly, we need to maintain information about those assets in terms of their source, value, location, who
controls them etc. This is asset management.
Configuration management goes beyond this in providing us with information about the relationships that exist between the
various components. This is essential to effective service management solutions since this information underpins all of the
other processes particularly incident, problem, availability and change management.
When a change is proposed, comprehensive configuration information enables the rapid and accurate assessment of the
impact of the change on services and components. Similarly, calls to the service desk can be simplified if the agent can
automatically see what services and systems the caller uses.
PURPOSE AND OBJECTIVES
The purpose of service asset and configuration management (SACM) is to:
n

identify and control all items of interest;

manage and protect the integrity of assets.

The objective of SACM is to define and control the components of services and infrastructure, and to maintain accurate
configuration information on the historical, current and planned states of these components, services and infrastructure.
Asset management covers service assets across the whole service lifecycle. It provides a complete inventory of assets and
records who is responsible for their control. It includes full lifecycle management of IT and service assets, from the point of
acquisition through maintenance to disposal.
Configuration management provides a configuration model of the services, assets and infrastructure by recording the
relationships between service assets and configuration items. It ensures that components are identified, baselined and
maintained and that changes to them are controlled. The scope covers interfaces to internal and external service providers
where there are assets and configuration items that need to be controlled (e.g. shared assets).
SACM optimises the performance of service assets and configurations and therefore improves the overall performance of
the service and minimises the costs and risks caused by poorly managed assets (e.g. service outages, fines, incorrect
licence fees and failed audits).
BASIC CONCEPTS
All of the information that we are interested in will be held in a repository known as the configuration management system
(CMS) as a series of configuration item (CI) records, each of which has descriptive information (known as attributes)
including relationship data to other CIs. The CMS will typically consist of one or more configuration management
databases (CMDBs). Historically, there has often been confusion about this aspect, with many organisations striving to
develop a single physical CMDB when it is the logical concept of a repository, the CMS, which is important.
CONFIGURATION ITEM
A configuration item (CI) is any component that needs to be managed in order to deliver an IT service. Information about
each CI is recorded in a configuration record within the configuration management system and is maintained throughout
its lifecycle by service asset and configuration management. CIs are under the control of change management. CIs
typically include IT services, hardware, software, buildings, people and formal documentation such as process
documentation and SLAs.
CIs should be selected using established selection criteria, grouped, classified and identified in such a way that they are
manageable and traceable throughout the service lifecycle.
One of the most challenging aspects of establishing effective configuration management is defining the most appropriate
Page 2 / 6
ReprintedforQ4OGY\302672,CapgeminiUSLLC

BCS,BritishInformaticsSocietyLimited(c)2012,CopyingProhibited

ITServiceManagement:AGuideforITILFoundationExamCandidates,SecondEdition

level at which CIs are defined. A balance must be struck between having sufficient information to be truly useful and the
effort that is involved in collecting and maintaining the information.
Representing the components and their relationships pictorially can help greatly in reaching an understanding of what is
required.
CONFIGURATION MODEL
A configuration model is a model of the services, assets and the infrastructure that includes relationships between CIs,
enabling other processes to access valuable information (e.g. assessing the impact of incidents, problems and
proposed changes; planning and designing new or changed services and their release and deployment; optimising
asset utilisation and costs).
An example of a configuration model is shown in Figure 21.1.

Figure 21.1: Example of a logical configuration model (Source: The Cabinet Office ITIL Service Transition ISBN 978-01 13313-06-8)
CONFIGURATION MANAGEMENT SYSTEM
A configuration management system (CMS) is a set of tools, data and information that is used to support service asset
and configuration management. The CMS is part of an overall service knowledge management system and includes
tools for collecting, storing, managing, updating, analysing and presenting data about all configuration items and their
relationships. The CMS may also include information about incidents, problems, known errors, changes and releases.
The CMS is maintained by service asset and configuration management and is used by all IT service management
processes.

CONFIGURATION MANAGEMENT DATABASE

A configuration management database (CMDB) stores configuration records containing attributes of CIs and their
relationships. A CMS may include one or more CMDBs.

DEFINITIVE MEDIA LIBRARY

A definitive media library (DML) is one or more locations in which the definitive and approved versions of all software
Page 3 / 6
ReprintedforQ4OGY\302672,CapgeminiUSLLC

BCS,BritishInformaticsSocietyLimited(c)2012,CopyingProhibited

ITServiceManagement:AGuideforITILFoundationExamCandidates,SecondEdition

CIs are securely stored. The DML may also contain associated CIs such as licences and documentation. The DML is a
single logical storage area even if there are multiple locations. All software in the DML is under the control of service
asset and configuration management and is recorded in the configuration management system. Only software from the
DML is acceptable for use in a release. See Figure 21.2.

Figure 21.2: Relationship between the DML and the CMS (Source: The Cabinet Office ITIL Service Transition ISBN
978-0-113313-06-8)
The CMS contains information about the logical software components, while the DML is a secure library which contains the
definitive authorised versions of software approved for live use within the organisation, regardless of their source. The
CMS and DML are used together in the building of a release prior to deployment, as illustrated in Figure 21.2.
Software held in the DML will have passed quality assurance tests, demonstrating its integrity and its freedom from viruses.
DML software can be trusted. As said above, the DML stores definitive versions irrespective of source and essential
documentation. It therefore holds not only in-house developed software but also third party/purchased software, along with
licence documents or evidence of licences purchased.
The DML must be secure, in terms of preventing unauthorised access, in terms of SACM controlling what comes into and
goes out of the store and, critically, in terms of the physical security and safety of its contents in the event of fire, flood and
so on.
CONFIGURATION BASELINE
A configuration baseline is the configuration of a service, product or infrastructure that has been formally reviewed and
agreed on, which thereafter serves as the basis for further activities and can be changed only through formal change
procedures. A configuration baseline can be used to checkpoint a service development milestone, as a basis for future
builds and changes, to assemble components for a change or release and to provide the basis for a configuration audit or
back-out.
ACTIVITIES
The key activities of SACM are illustrated in Figure 21.3 and are:

Page 4 / 6
ReprintedforQ4OGY\302672,CapgeminiUSLLC

BCS,BritishInformaticsSocietyLimited(c)2012,CopyingProhibited

ITServiceManagement:AGuideforITILFoundationExamCandidates,SecondEdition

Figure 21.3: Configuration activities (Source: The Cabinet Office ITIL Service Transition ISBN 978-0-113313-068)
n

management and planning: defining the level of configuration management required for a service or a change
project;
configuration identification: defining CI types and groupings, naming conventions etc.;
configuration control: ensuring there are adequate mechanisms to control CIs while maintaining a record of all
changes to ensure no mismatch with the physical world;
status accounting and reporting: maintaining the status of CIs as they progress through their discrete states (e.g.
development, approved, live, withdrawn);
verification and audit: checking that the physical CIs exist, records in the CMS match the real world and that
documentation is accurate;
information management: back-up copies of the CMS should be taken regularly and securely stored. It is advisable
for one copy to be stored at a remote location for use in the event of a disaster.

CHALLENGES
Service asset and configuration management can be one of the most difficult disciplines to introduce. Although it underpins
virtually every aspect of service management, it is perceived as having little direct value itself. The following challenges are
very common:
n

Persuading technical support staff of the value of SACM because they may see it as a hindrance.

Funding of SACM, because it is not visible to the business.

Over-engineering and collecting too much data: getting the balance between what can be recorded and what needs to
be.
The CMS can become out of date as CIs are moved or changes are made. An out-of-date CMS is actually very
dangerous since incorrect decisions can be made on the basis of the information.

RELATIONSHIPS WITH OTHER SERVICE MANAGEMENT PROCESSES

SACM underpins virtually every other service management process as we have already seen. The most significant
relationships are:
n

Change management: identifying the impact of proposed changes;

Financial management: capturing key financial information;

IT service continuity management: providing awareness of assets the business depends on and controlling key spare
Page 5 / 6

ReprintedforQ4OGY\302672,CapgeminiUSLLC

BCS,BritishInformaticsSocietyLimited(c)2012,CopyingProhibited

ITServiceManagement:AGuideforITILFoundationExamCandidates,SecondEdition

assets and software;

n

Incident and problem management: providing and maintaining key diagnostic information and maintaining and providing
data to the service desk;
Availability management: supporting detection of points of failure.

METRICS
Most of the metrics that indicate successful configuration management are actually seen in other processes. Some of the
key ones are:
n

the ratio of used licences to paid for licences (this should be close to 1 : 1);

accuracy in budgets and charges for the assets used by each customer or business unit;

the percentage reduction in business impact of outages and incidents caused by poor asset and configuration
management;
the reduction in the use of unauthorised hardware and software, and in non-standard and variant builds that increase
complexity, support costs and risk to the business services.

ROLES
n

Service asset manager: manages the lifecycle of assets.

Configuration manager: manages the lifecycle and relationships of all CIs.

Configuration analyst: analyses/proposes scope of asset and configuration processes; undertakes process activities.

Configuration administrator/librarian: controls the receipt, identification, storage and withdrawal of all supported CIs
(content control).
CMS/Tools administrator: monitors the performance and capacity of asset and configuration management systems and
recommends improvement opportunities (technical control).

TEST QUESTIONS FOR CHAPTER 21

ST 05, ST 09, ST 16, ST 24, ST 25
A 19

Page 6 / 6
ReprintedforQ4OGY\302672,CapgeminiUSLLC

BCS,BritishInformaticsSocietyLimited(c)2012,CopyingProhibited