Here’s why configuration management is critical in a digital world, with an introduction to the ITIL practice of Service Asset and Configuration Management (SACM).

by Phyllis Drucker
Date Published October 23, 2022 - Last Updated January 20, 2023

How do you operate a complex computing environment in the dark? You don’t. When you try to, the goblins will come out and get you, causing service interruptions when you least expect them. The service asset and configuration management practice turns the lights on for effective computer operations.

Shining a Light on Operations

Many think of configuration management as building a CMDB, but that’s just a tool implementation. Configuration management is part of an ITIL practice called “Service Asset and Configuration Management,” or SACM. This practice combines asset management with understanding the configuration and use of those assets. There are several essential outcomes of this practice:

  • Identifying the assets owned and operated by the enterprise and documenting the services they support assists in determining the cost of owning and using services.
  • An online asset inventory can be used to limit network access to devices owned or registered with the organization, improving network security.
  • Understanding how each device should be configured supports a more effective technical operation in several ways:
  1. It ensures that security vulnerabilities have been addressed consistently throughout the enterprise. Combined with device monitoring applications, it ensures all devices have been protected, lowering the risk of cyber-attack.
  2. Consistent device configurations mean consistent device operation, lowering errors and improving availability. This, in turn, ensures consistent application performance as all end users are running the correct operating systems and patches and the latest software versions on devices that are also properly configured.
  3. Knowing which assets are needed to operate a service (also known as service mapping) helps understand the potential impact of a component’s failure and also helps to prioritize work from vulnerability management to incident management.

Looking at the basics of SACM and some of the outcomes it supports, it’s easy to see why organizations that have not embraced it are still struggling to deliver services effectively. They’re throwing assets into operation and letting them run themselves, then fixing the problems caused by not configuring and managing them effectively. They then focus on incident and problem management to avoid the issues, but they will continue to operate reactively until they take control of their assets.

Exorcizing the Ghosts

There are three things organizations need to do to begin managing their computing enterprise with SACM:

Build a business case

As the tools and staff resources needed for effective service asset and configuration management can be costly, it’s essential to understand the business case. Value for SACM comes from:

  • Increased ability to protect the organization from cyber-attack by managing known vulnerabilities before they can be exploited and by early instruction detection using a monitoring system to detect anomalies in expected asset usage.
  • Configuration management and automation enable technicians to use their time more effectively by lowering their manual work to keep the environment running. This means they can successfully manage a larger digital footprint and no longer have to ignore endpoints to focus only on infrastructure. This improves security and availability.
  • Employees are more productive due to increased availability and performance.

Build a roadmap

This is not a sprint; SACM is a practice, which means ongoing work. The full CMDB will not be built overnight and needs constant maintenance. Creating a roadmap enables the organization to understand the vision and how it will be achieved. It also allows the organization to start small and iterate improvement. Most organizations already have the tools to build a CMDB between monitoring systems and deployment tools. Integrating these with the service management tools is a great way to start building the CMDB, helping to justify the expense of broader discovery tools.

Obtain funding and resources

While technicians can get started small and in their spare time to help build the business case, this effort will take time and money. Use the road map to consider the annual investment to build a robust configuration management practice.

Phyllis Drucker is an ITIL® 4 Managing Professional certified consultant and information leader at Cognizant’s Linium ServiceNow practice. Phyllis has more than 20 years of experience in the disciplines and frameworks of service management as both a practitioner and consultant. She has served HDI since 1997 and itSMF USA since 2004 in various capacities, including speaker, writer, local group leader, board member, and operations director. Last year, she completed her term as Chair for itSMF International after three years of service. Since 1997, Phyllis has helped to advance the profession of ITSM leaders and practitioners worldwide by providing her experience and insight on a wide variety of ITSM topics through presentations, whitepapers, and articles and now her new book on the service request catalog, Online Service Management: Creating a Successful Service Request Catalogue (International Best Practice). Follow Phyllis on Twitter @msitsm.

Tag(s): supportworld, best practice, IT service management


More from Phyllis Drucker