【導讀】inferred.owners.What’sNew?

　　

【正文】 other system, such as the asset register, to manage the resources it owns. A manual procedure needs to be established that ensures that both groups are informed of changes that affect the resources under their control. Establish Standards for Configuration Management Configuration management is only as good as the policies and procedures governing its activities. This includes the procedures that are used in the performance of such configuration management tasks as updating the CMDB, performing audits, reconciling the CMDB, and preparing management reports. All configuration process activities should be clearly defined and documented. The policies and procedures that define the relationships and interaction between configuration management, change management, and release management must also be defined. Without proper planning and munication between these groups, the objectives of the configuration management process cannot be realized. Security guidelines should also be established that provide guidance on how these groups should interact. Definition and documentation of configuration management standards is a best practice, as is maintaining the standards as a single document in a secure location. One example of a best practice policy is: Only a few people and automated processes should have update privileges to the CMDB. Discover IT Components All of the IT ponents that exist within the agreed management boundary must be identified before it can be determined which ones are important enough to be tracked and controlled using configuration management. In this context, IT ponents include process documentation, reference guides, technical manuals, and build documents—in addition to software applications, operating systems, work routers, workstations, and servers. An extensive audit is needed to identify the different types of hardware and software deployed within the agreed management boundary and to collect the documentation (both process and technical) that supports that environment. The audit should also identify relationships between IT ponents. For example, all workstations are built using the Microsoft Windows174。 XP client build document. Decide What Needs to Be Managed Managing and tracking change for every single ponent within even a small IT environment would be impractical. Over and above the challenge of obtaining and loading all of this information into the CMDB, the costs involved in maintaining and updating it would be prohibitive. Therefore, choices need to be made concerning the subset of ponents to be managed. This requires considering the business relevance and importance of the ponent and the relationship(s) it has with other ponents within the IT environment. Best practice calls for managing only those ponents that: ? Are necessary for the effective operation of the business. ? Support the provision of IT services. ? Can be seriously affected by changes to other ponents within the environment. The decision to include a ponent in the CMDB should be reviewed at periodic intervals. Service Management Function 13 Build CMDB The CMDB provides a single source of information about the ponents of the IT environment. This information can be used within the anization to improve system reliability, availability, and control. By establishing a database to track IT ponents, known as configuration items (CIs), configuration management can verify that only authorized ponents are used in the IT environment. Why is the use of only authorized ponents so important? This is an important aspect of control, because an unauthorized ponent introduces an unknown that could have undocumented, detrimental, and/or difficulttotrace effects on related ponents. This single source of information also provides other anizational groups, such as the service desk, incident management, and problem management, with the ability to quickly and accurately assess the impact and cause of incidents and problems. This leads to a faster resolution of problems and a reduction in system downtime. The result is improved availability and reliability of the IT environment. For example, supplying a quick answer to a user’s question typically requires knowledge of the user’s hardware and software configuration. With a CMDB, this information is available at the fingertips of the service desk staff. In addition to selecting the tools and technology to host the CMDB, a number of setup and initialization tasks need to be performed before the database can be populated with information about managed IT ponents and relationships. These tasks include: ? Building table definitions. ? Creating outline reports. ? Designing security and access restrictions. ? Developing maintenance routines (which include backup and recovery procedures). The tasks needed to be acplished at this stage depend on the database product selected and the plexity of the IT environment to be managed. Once these setup activities have been pleted, the process flow activities required to carry out configuration management can take place. 14 C onfiguration Management Establishing Configuration Items The process flow that leads to the identification of configuration items and relationships and their subsequent addition to the CMDB is shown in Figure 3. Figure 3. Establishing configuration items process flow Tracking and controlling changes to an IT ponent involves adding it to the CMDB. This assumes that previously, in the setup stage, the desired level of detail at which to track and control change was identified, and CIs were created in the database that permit managing the ponent at this level. Service Management Function 15 When the ponent is recorded in the CMDB, relationships can be built between CIs to model the realworld situation in which IT ponents are connected to and dependent