What is often under-appreciated in the context of ServiceNow, is how important a robust and trusted Configuration Management Dataset is to digital resilience efforts, and the importance of effective Asset Lifecycle Management. In AC3’s experience, maturity in the Configuration Management Database (CMDB), is often a tell-tail sign of the broader maturity of IT Service Management processes.

The CMDB in ServiceNow, is the most critical capability in ServiceNow, when considering the enhancement and maturity of digital resilience efforts. Without a mature CMDB dataset, investment in solutions that support risk mitigation, governance, operational stability, and user experience, will never truly hit the mark.

Over recent years, AC3 has delivered some significant transformations pertaining to the CMDB, and in most of these engagements, it has been a catalyst to support to next wave of delivery. It has been a pre-requisite to drive other outcomes.

So, why is the CMDB important to digital resilience efforts?

Here’s why:

A trusted CMDB dataset allows for reporting on the broader technical environment. It enables granular insight to be obtained into where problems may lie, supports trend analysis, and also allows for the assessment of performance of delivery teams for the services or outcomes they are responsible for.    The CMDB, if established correctly, will map relationships between technical components. This allows for impact assessment for incidents, problems and changes to be assessed, and can facilitate notifications, approvals or communications based on impacted components in delivery.

An accurate CMDB is a foundational element that can support automation efforts in ServiceNow. Whether this be through automated routing of incidents through ‘Advanced Work Assignment’, or through the integration of monitoring capabilities like Datadog, Qualys, Splunk, Dynatrace, Azure Monitor, Akips, etc.    An accurate CMDB supports impact assessment for Cyber Related incidents. In a time where cyber-attacks are prevalent, enabling the ability to assess and respond quickly is critical to protect the organisation and minimise impact. Recently one of our customers was was able to assess the impact of the Log4J Cyber Security Vulnerabilities in the space of four hours due to our shared efforts in maturing the CMDB.    The CMDB brings business context to technical data, through the mapping of technical components to Business Services.    The CMDB is a pivotal reference point for Governance, Risk & Compliance capabilities in ServiceNow. Whether it be to support alignment of risks and issues to configuration items, or alignment of Business Continuity Plans to technical applications within the CMDB. The CMDB is often a key reference point to also meet compliance objectives.

Why is Asset Lifecycle Management so important to digital resilience efforts?

Understanding the hardware and software assets deployed in your environment, enables you to make informed decisions on future investments, and helps to manage the risk and security posture across your organisation. In times of economic uncertainly, businesses often have to make tough decisions pertaining to people, processes, and technology to better manage costs. It is therefore imperative to know what you have deployed in the technical environment, who has custody of hardware assets, where assets are located, and who is consuming software licenses. This isn’t just critical to help manage costs, but also to support the reclaiming of assets if employees are offboarded from your organisation.

For many organisations, the concept of lifecycle management doesn’t exist. Spreadsheets still reign supreme, which is unfortunate, but it doesn’t have to be this way. The concept of Asset Lifecycle Management is to ensure that from procurement to retirement, the asset is managed effectively within your IT Ecosystem.

ServiceNow can play a key role in supporting lifecycle management in your environment, and due to the existing solutions available, there are modules available to support the differing levels of maturity for your organisation.

Within the core IT Service Management suite, each customer has access to basic Asset Management capabilities. This allows organisations to integrate solutions like SCCM, InTune, SNOW Asset Management, or other COTS (Commercial off the Shelf) Products into ServiceNow. For those still operating from spreadsheets, ServiceNow also supports the ability to conduct data loads into the platform.

If you’re operating from a higher level of maturity, the ITAM Products Hardware Asset Management (HAM) and Software Asset Management (SAM) which are licensed together or separately, may be a better fit to support evolution of your Asset Management Practices.

Improving digital resilience in IT Asset Management provides the transparency you didn’t know you needed. It is an enabler for helping to make informed decisions on sweating assets when times are tough, it helps to provide clarity on volumes deployed across your environment, it reduces the investments you need to make due to being able to reclaim assets effectively, and also helps to understand the risk profile of your IT Assets.

AC3 recommendations:
  • Recognise the importance of the CMDB, and invest the right technologies, processes, and supporting teams to ensure the CMDB is managed and maintained.
  • Leverage the ServiceNow ITOM Suite to maximise the accuracy and auto-map relationships between technical components.
  • Assign a Configuration Management Process Owner. If the process is not managed, governed, and internal teams are not constantly reminded of why the CMDB is important, this will likely lead to the CMDB not being seen as a trusted and reliable data source. Leverage CMDB Health Dashboards to drive action to maintain the CMDB.
  • Recognise that in a fast-paced environment where digital transformation is constant, that the CMDB requires ongoing maintenance. Ensure a support arrangement is in place with a ServiceNow Partner like AC3, to ensure the CMDB related solutions are continually optimised.
  • Focus on populating the CMDB with technical components first, before proceeding to the mapping of business services. This will ensure the right context is obtained when looking bottom up, or top down in the context of a business service.
  • Assign an IT Asset Manager to drive governance and process ownership of your IT real estate.
  • Work to understand the importance of effective IT Asset lifecycle management as a key mechanism to help control IT spend. You will be surprised what you discover once all of your Assets are represented in ServiceNow.
  • Integrate where possible to support Lifecycle Management. This will remove the need to manage your IT Asset Management processes manually. There are many pre-built integrations available for Asset Management systems of record.
  • Understand what an employee has in the way of hardware and software, limits your risk when an employee moves to a new role, or is offboarded from the company.
  • Hardware Assets Management in ServiceNow within the ITAM suite is best deployed on the back of an ITOM Discovery implementation with the IP Ranges and subnets already defined.
  • To build further maturity, if you implement Software Asset Management, leverage Client Software Distribution, which enables auto deployment of software from the Service Catalogue, post approval. This is a key mechanism to remove the human glue in delivery and leverages supporting platforms in place within your organisation.

For more information on how we can help you improve your digital resiliency with ServiceNow, click here.