Why CMDB - 7 Fundamental Use Cases

WHITE PAPER: COMMON USE CASES FOR A CMDB
Why Implement a
Configuration Management
Database (CMDB)?
Seven Fundamental Use Cases
NOVEMBER 2008
David A. Messineo and Malcolm Ryder
CA SERVICES

Table of Contents
Executive Summary
SECTION 1 2
IT Business Alignment — A Pragmatic
Perspective
The Fundamentals of an IT Business Strategy
IT as the Ultimate Market Enabler
SECTION 2 6
The Seven Fundamental Use Cases for a CMDB
Impact Analysis
Root Cause Identification
Change Governance
Auditing and Compliance
Resource Optimization
Services Mapping
Services Performance Planning
SECTION 3 14
Tying the Fundamental Use Cases Together
SECTION 4: CONCLUSIONS 16
SECTION 5: ABOUT THE AUTHOR 16
Copyright © 2008 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies. This document is for your informational purposes only. To the extent permitted
by applicable law, CA provides this document “As Is” without warranty of any kind, including, without limitation, any implied warranties of merchantability or fitness for a particular purpose, or noninfringement. In no event will CA be
liable for any loss or damage, direct or indirect, from the use of this document, including, without limitation, lost profits, business interruption, goodwill or lost data, even if CA is expressly advised of such damages. ITIL® is a Registered
Community Trademark of the Office of Government Commerce and is registered in the U.S. Patent and Trademark Office.

WHITE PAPER: COMMON USE CASES FOR A CMDB 1
Executive Summary
Challenge
Information Technology increasingly dictates the behaviors of the business. Thus, as
technology becomes obsolete, so does the business. The IT organization now comes under
the constant business pressure to sustain competitiveness by enabling the business to
adapt to marketplace changes through the strategic exploitation of technology. Adoption
of service management practices, such as the IT Infrastructure Library (ITIL®), leads
businesses to emphasize direct support of business growth with their investments in
technology. By incorporating a Configuration Management System (CMS) and its
underlying Configuration Management Database (CMDB), businesses have taken a major
step towards creating an information repository to manage the alignment of IT with the
business. However, many of these initial deployments have been expensively yielding
unsatisfactory results. To generate discernable value to the firm, management must refocus
the efforts related to ITIL and the CMDB on those elements of the business that create the
most value in the marketplace.
Opportunity
The CMDB, as ITIL’s primary information repository, provides a huge opportunity for an IT
organization to focus its operations on business requirements. It requires understanding
both the internal and external forces that are levied on the business and building a robust
service model aligned with the competitive strategy to leverage those forces. Here, success
requires managed commitments, good decision making, and an eye for precision in defining
the kinds of information that weaves the IT operations into the business fabric. By
supporting the seven fundamental Use Cases described in this white paper, an IT
organization can deploy and support an architecture that more consistently instantiates a
chosen business model throughout the organization.
Benefits
By carefully constructing a CMDB, the IT organization effectively transcends its legacy as
an organization focused on cost reduction into being an engine for leveraging three
fundamental IT value dimensions. These are: the management of time, the management of
economy, and their effect on overall profitability. IT productively starts its transition to a full
partner business service firm and value contributor by adopting the language of the
business and its manner of recording results. Building a CMDB with the right focus allows
an IT organization to support IT Service Management Best Practices, while simultaneously
demonstrating its unique ability to drive advantages that are both market-making and
competitor-crushing.

2 WHITE PAPER: COMMON USE CASES FOR A CMDB
SECTION 1
IT Business Alignment — A Pragmatic Perspective
The Fundamentals Of An IT Business Strategy
Every business has a strategy. Some strategies are good, some are not. The degree of
separation between the good and the bad is often reflected by the extent to which that
strategy is made explicit and to the degree that the strategy is actionable with existing and
planned resources. Having an actionable strategy is critical to senior IT management because
it effectively determines the long term direction of an enterprise. It is the longer term that
generally concerns IT because of the lag in time between planned and actual benefits. It is
this linkage of time that requires IT to define what being actionable really means.
Time carries no bias; on its own it is neither productive nor unproductive. It cannot be
purchased, stored, created, or removed. But, it must be consumed. Strategy reflects the
planned usage of time, determining its productivity.
The major consumer of time is, effectively, the drive for profitability. An enterprise adopts a
strategy that focuses on the profitability of the business in comparison with its competition.
It builds its competitive advantage by generally choosing to excel at one of three strategies:
product leadership, customer intimacy, or operational excellence. Each strategy has structural
requirements that determine the path to profitability, and therefore, the usage of time. Along
with a third variable, economy, it is profitability and time that become the hidden IT value
dimensions of market leadership. Table 1 identifies how each of the key business strategies is
impacted by each IT value dimension.
TABLE A — LIST OF KEY BUSINESS STRATEGIES
How does a company construct an economical organization of time to drive profitability? An
organization’s strategy, directed by management leadership, identifies critical services and
products and then assembles processes and resource assignments to support them. In effect,
management configures resources to execute the chosen business strategy. IT helps establish
the balance between time, profitability, and economics by providing flexibility to support the
three core business strategies.
Product Leadership
Customer Intimacy
Operational
Excellence
DEFINITION
Focus on
innovation and
time-to-market
Focus on lifetime
value and
customer attention
Focus on value
and streamlining
operations
TIME
Reduce time-to-
market
Product/Service
Longevity
Asset Turnover
ECONOMY
Coordinate supply
chain
Individual
customization
Reduce unit cost
PROFITABILITY
Market
competitiveness
Customer lock-in
Maximize volume

Regardless of industry approach, every business has three primary operational objectives:
• Running the business Keeping the business viable and profitable is the cornerstone of
running a business. The IT organization plays a critical role in ensuring the infrastructure is in
place to maintain economical connections between the provider and the consumers. Greater
economy motivates consumer investments in adopting better products and services while
reducing the provider’s marginal risks. To bring this about, IT is constantly identifying ways
to streamline essential processes in finance, engineering, manufacturing and support for
faster, more reliable and more secure connectivity with customers and suppliers.
• Growing the business Business competitiveness is ultimately about finding new ways to
grow revenue while managing costs. On the demand side, business looks to capture new
revenue streams more effectively. IT plays a critical role in managing the economics of new
business models, new products and services. IT accelerates the ability to exploit marketplace
dynamics through reducing time-to-market. On the supply side, IT improves profitability
through the continual coordination of scarce resources. Thus, IT shapes the balance between
value creation and resource consumption.
• Transforming the business IT plays a critical role in transitioning the business from one
model to the next through the management of information, the politics of organizational
work distribution, the enforcement of policies and procedures, and the speed at which
changes can be absorbed across all stakeholders. IT provides agility, delivering new ways
to leverage existing skills and capacities into new lines of business.
Table B shows how these three objectives are impacted by the three IT value dimensions.
TABLE B — LIST OF KEY OPERATIONAL OBJECTIVES
Whether a product or service is no longer needed or the economics of other approaches are
better, every business is under the constant pressure of simultaneously serving its existing
customer base and changing its business model to meet new market opportunities. Successful
businesses all run, grow, and transform continuously. A business that neglects any of these
three objectives will inevitably suffer against its competition, in the market, or both. Through
neglect, the well eventually runs empty; cash flows will ultimately dry up.
RUN
GROW
TRANSFORM
DEFINITION
Focus on sustained
operational
continuity
Focus on new
and additional
opportunities
Focus on
adaptation to new
requirements
TIME
Service Level
Management
Service Delivery
Service Definition
ECONOMY
Cost management
Risk management
Optimization
PROFITABILITY
Prioritization
Planning
Change

A business with depleted assets, whether the assets are dollars, customers, service providers,
staff, or even regulatory protections (like patents), will increasingly find itself uncompetitive
and subject to extinction. As evidenced by the number of traditional companies that are no
longer in business, the dynamics of changing markets require an equal ability to adopt changes
in an organization. IT plays a critical role in that endeavor. As technology in an organization
becomes more obsolete, so does the company.
It As The Ultimate Market Enabler
In many respects, IT is the business. Modern business models require coordination of
resources across value chains, and IT makes it economically viable. Modern business models
also require the ability to make decisions quickly and act decisively — while ensuring the
proper risk controls are in place. IT enlightens the organization to new ways of decision making
by providing instant visibility and transparency across the organization.
IT is, however, like business in that it is subject to the same challenges. The proper alignment
between IT and the business demands the simultaneous transition of business changes with
the dynamic nature of IT and its rapid pace of development. IT is pressured every day to run
more efficiently, react more rapidly, and transform more intelligently. But, experience shows
that these efforts often compete with each other. Where is the appropriate balance between
optimizing resources and optimizing agility? What level of planned flexibility will best benefit
the business?
IT creates value by tying together assets, resources, processes, and services. Presently, many
of the challenges presented to IT are managed through the proper application of IT Service
Management Best Practices, IT Standards, and Governance Controls, notably ITIL, ISO 20000,
and CobiT respectively. Applying these frameworks to practices requires knowledge about IT
from various perspectives. Central to this knowledge is understanding infrastructure building
blocks, how these building blocks work in concert, and how they provide the means to
orchestrate key IT competencies.
A repository of building blocks (infrastructure objects) is necessary; a set of defined
authoritative models is required. Currently, this management repository is known, in ITIL
language, as a Configuration Management System or CMS. Its more commonly known
subcomponent, the Configuration Management Data Base (CMDB), is the foundation from
which a repository of knowledge about the usage of IT is constructed. A CMDB is a crucial
instrument for responding to the aforementioned pressures. To fully understand and appreciate
the role of the CMS and its CMDB, we have to start with understanding the overarching goals
of ITIL (Information Technology Infrastructure Library).
ITIL emphasizes that the management of IT is the management of the business services that
are supplied by IT. ITIL defines a number of systems, processes, and disciplines for managing
IT business services. The purpose of the CMS is to provide a central control on the config-
uration of the IT infrastructure. This control functions in IT just as a building blueprint serves
an engineer. An engineer continually consults the blueprint going through the processes of
producing, modifying, and rebuilding. IT engineers use the CMS in the same way. When a
building has no blueprint, the engineers are lost, tracing plumbing lines and guessing what is
hidden behind walls in order to do their work. When IT lacks a CMS, IT engineers are equally
lost. The CMDB helps by acting as a source of information to manage and track the various

resources of the IT enterprise. It further provides context for those resources by tracking the
relationships between resources to understand the interdependencies between them. For
example, using the CMDB, management can see what makes up the infrastructure of a specific
service such as the supporting processes, hardware, software, and so on. This kind of visibility
is critical, as more than ever, IT environments have become heterogeneous in nature.
The principal unit of infrastructure contained within the CMDB’s data is referred to as a
Configuration Item (CI). CIs are the heart of the CMS. Through the CMDB, information about
the CI’s attributes and relationships to other CIs is tracked. But more than that, the CI is a term
that ITIL uses to designate any part of the IT ecosystem, including a wide range of objects, both
physical and logical. For example, hardware devices such as storage units, and business
services such as email, are both CIs. CIs are essentially classified into meaningful objects.
The CMDB plays a critical role in both defining and executing strategy by helping management
provide an environment that is supportive to those structural forces that beneficially impact
time, economy, and profitability. At minimum it assists in simplifying the management and
coordination of resources from a business perspective in seven fundamental ways. Table C
introduces the seven fundamental CMDB use cases and shows how they impact each of the
IT value dimensions.
TABLE C — THE SEVEN FUNDAMENTAL CMDB USE CASES
Impact Analysis
Root Cause
Determination
Change
Governance
Auditing and
Compliance
Resource
Optimization
Services Mapping
Service
Performance
Planning
DEFINITION
Determine
potential fault
issues proactively
Identify underlying
issues causing
faults
Provide
enforcement for
management
policies
Validate operations
are conducted
properly
Profile untilization
and economies of
purpose
Build and track
service assembly
models
Provide logical
blueprinting for
service deployment
TIME
Improved
productivity
Reduced time to
recovery
Stakeholder
approval
Regulatory
enforcement
Asset utilization
Identified
dependencies
Improved service
adoption
ECONOMY
Resource
coordination
Resource planning
Reduced
Bureaucracy
Management
visibility
Economy of scale
Service traceability
SLA compliance
PROFITABILITY
Avoid costs
Cost reduction
Cost reduction
Revenue
protection
Revenue
protection
Increase revenue
Increase revenue

SECTION 2
The Seven Fundamental Use Cases for a CMDB
Impact Analysis
A key to sustaining a viable business is to make sure those resources that encourage economic
agility are working and vigorously exploiting market opportunities through sustaining, growing,
and changing as required.
The livelihood of all businesses stands upon the definition, design, deployment, and delivery of
services. Services are the lifeblood of business sustainability. Running the business is about
ensuring that products and services can be delivered to clients on time and with the expected
level of quality and acceptable cost. If a service fails to meets any of these expected objectives,
an event is triggered and an incident is acknowledged.
Formally, in concept, an incident is an unplanned interruption or reduction in the quality of an
IT service. In practice, support records, called incidents, are created whenever anything goes
wrong in IT. Incidents are often created automatically when some monitor or indicator detects
an abnormal situation. More often than not, the impact of an incident is not immediately clear.
From an operational view, when an incident occurs, the first critical responsibility is to determine
its impact on business services. Understanding the nature of the incident does not directly
communicate its potential impacts on the business. Incidents come in all sizes and take on
many forms; small incidents can have catastrophic downstream impacts, and large incidents,
on the other hand, can be limited to only a localized disruption.
The CMDB plays a critical role in understanding the possible impacts of an incident by relating
the identified affected resources (CIs) with the business services that they support. To be
meaningful to the business, impact is always measured in terms of its positive or negative
effect on IT business services. Consider one CI, an enormous multi-terabyte storage unit.
This is certainly a large and expensive piece of equipment, and a failure (an event) will have
consequences. However, if this large storage device is off the active service line, its impact on
business services will be minimal. The kind of information typically stored in a CMDB allows
responsible technicians to determine if the storage unit device is actually supporting a service.
They have to understand the configuration of the business services that the unit might support.
What separates a CMDB from other kinds of databases is that the CMDB is uniquely designed
to store and understand relationships between CIs. As a device and a business service may
themselves both be defined CIs, a CMDB would store relationships between business services
and the devices that support them. A CMDB can display the relationships between the storage
unit and business services such that the risk of a failure of the unit impacting a given business
service can easily be seen. When the storage unit shuts down in the middle of the night, this
ready display of the relationship is the difference between an all hands emergency and a minor
event that can be deferred to the morning’s day shift.

Root Cause Identification
Once the impact of an event has been identified, the priority for attending to it is directed, and
it becomes important to identify its root cause. By reviewing the CI relationships in the CMDB
and following its chain of connections (interdependencies), the entities, or CIs that generated
the event, are generally identified with a reasonable degree of certainty. This certainly, of
course, is dependent on how robust the CMDB is, meaning the amount and integrity of the
data it maintains.
Let’s consider another example: In many enterprises, employees are empowered to order their
own supplies through a self-service procurement interface. This often results in savings in
resources (time, expense, etc.) that can be redirected toward other, more productive pursuits.
However, these savings also bring new vulnerabilities.
Self-service procurement is typically a complex application with many moving parts. Email,
workflow, purchase order handling, accounts payable, and shipping all play a role. Although
automated systems are usually faster and require fewer resources than equivalent manual
systems, they also tend to be less resilient because manual systems tend to be self-correcting.
When an order for supplies is late, the person who ordered them asks the person who took the
order what happened. This person usually knows something about their part of the ordering
system and will either fix the problem or pass it on to someone who can.
Automated systems are somewhat different. Tracing the cause of a slow order is not so easy.
There is after all, no person to ask. Instead, the user has to register an incident at the service
desk. The service desk analyst or technician has to determine the cause of the slow order and
to identify the correct remedial action. Through proper design and deployment, the CMDB
displays the relationships between the procurement service, the subservices, and the physical
system components and graphically depicts the CIs that procurement depends upon. These
provider CIs are all potential root causes for the slow order. Armed with this information, the
analyst can determine if the cause of the slow order stems from a CI that is functioning below
its agreed upon operational level and take the proper remedial steps.
Root cause determination is even more important when a problem is identified. Assume the IT
support desk has experienced a series of delayed order incidents. The goal of incident
management is to restore the interrupted service. The goal of problem management is to
identify and solve problems. Although the two overlap and are even sometimes hard to
distinguish, they are distinct. For incident management, root cause determination is an aid to
choosing the correct remedial action, but not a necessity. For example, you can speed up an
order by placing it manually with a supplier without knowing why the order was slow. But,
problem management almost always deals in root causes. Fixing a problem by replacing an
entire system is a rare event. Most often, problem managers carefully determine root causes
and then deliver pinpoint solutions that solve closely circumscribed problems.
Once the cause is found, a quick response to correct the problem is in order. It’s this constant
process of issue detection, analysis, and correction that gradually eliminates many of the
perpetual issues facing the IT organization. It is this continual improvement cycle that remains
a persistent force to positively influence the way things work. Adaptation is paramount. Not
surprisingly, the design of the CMDB can provide for both a reactive and proactive approach to
root cause analysis. This exemplifies how IT influences a business model, not just follows it.

Achieving the ability to handle impact analysis and root cause identification goes a long way
to maintaining the viability of IT to support the business, and therefore the viability of the
business itself. However, any true operational process needs to be able to step back and see
whether the overall process is achieving its goals, and achieving them according to the policies
and procedures that have been put in place. In a sense, the CA CMDB, when staged properly,
becomes a mountain of evidence to see whether IT is organizationally and purposefully
supporting the business.
Change Governance
In the previous two sections we discussed impact analysis and root cause identification as
efforts to resolve service issues, making them two critical enablers of sustainable operations.
According to ITIL, another key to sustainability is the change management process. In ITIL,
change management is defined as follows:
• The goal of the Change Management process is to ensure that standardized methods and
procedures are used for efficient and prompt handling of all changes, in order to minimize
the impact of change-related incidents upon service quality, and consequently improve the
day-to-day operations of the organization.
The reality is that change management goes beyond this definition. Change management
ultimately is the key discipline that companies must have to adapt to changes in the
marketplace, whether they are the expected benefits, the delivery channel, the manufacturing
process, or regulatory. Agility is the key to viability, and change management is the support
process that promotes agility.
IT has a fundamentally strategic role with regards to the business when it comes to change
management. Although on the surface, changes in organization structure, responsibilities, and
so on are rarely considered explicitly when making a technology change. The resulting changes
in information flow often require that a change in responsibility, whether technical or
organizational, be made explicit. The less explicitly addressed the expected changes are, the
more likely unplanned work will develop. Unplanned work, at any level, is what causes
organizations to fail under their own weight. Time spent pursuing opportunities is what grows
the business and focuses transitions in a positive direction. Effort related to unplanned changes
distracts the business and diminishes the economic viability of an organization.
Since changes are a fundamentally important part of the marketplace, improving change
management is a key to success in sustaining the business. The way to improve change
management is to institute a Change Governance process. This is where the roles of both the
CMS and CMDB enable IT to play a crucial and effective role in gaining overall agility.
ITIL defines a specific set of activities to perform when managing a change. These include:
creating a formal Request for Change (RFC), reviewing the request for possible negative
impacts, approving the change, verifying that the change happened (or that it was successfully
backed out), and finally, identifying what should be improved to make changes more effective
or efficient going forward.

The CMDB plays a role in each of these activities. As part of the aforementioned service
impact analysis, the CMDB allows the impact to be described in business terms. The CMDB
plays a crucial role in building out the RFC by identifying not only what needs to change but
also what supporting elements are in need of changing to achieve a positive result. It also
supports the efforts of the Change Advisory Board (CAB), whose members are responsible for
overseeing all changes from a management perspective. The CMDB supports a better approval
process because specific stakeholders in a change will be identified. These stakeholders may
not have been identified if the change was viewed only in terms of the directly changed object.
This more rounded, holistic approach to change ensures that responsibility is taken for the
change, helping it to be successful.
The CMDB also has two additional features that are invaluable:
First, the CMDB maintains a critical distinction between the concept of a planned state, an
owned or authorized state, and a discovered or audited state. This allows an important
flexibility in IT because the intended state of the CI can be managed as an approved state
(standard), while the actual existing CI (variable) is managed as an authorized state, respectful
of the approved but pragmatically handled per current necessities. The CMDB further allows
the ability to track against an audit or historical state. This tuple — planned, authorized,
audited — is a key to ensuring that the change process is working. Proactively, it ensures that
what is planned is what is implemented; reactively, it ensures that what was deployed is what
was planned. IT builds integrity into the system. It encourages accountability, which is the end
result of a change governance process.
Second, the CMDB uses the concept of versioning. This allows the CMDB to track the historical
states of a CI over time. The CMDB supports the continuous service improvement process by
making visible what is working and what is not. To determine recommendations for
improvements to CIs, the various states of CIs can be compared to see what changes were
recorded as part of their evolution.
As changes to the business require changes to the technology, the change process itself must
adapt. If there are gaps in the change process, or if some change plans are working better than
others, the CMDB makes the need for change process improvement visible.
Auditing and Compliance
For many years, the domain of IT fell into areas where automation could be easily handled
through routine processes. This included areas like finance and manufacturing. The additional
fact that many of these systems, where based on mainframe, made the effort to ensure they
were working much easier. There were limited databases and limited places where data entry
and reports were generated. There was limited integration between systems. In a sense, this
one–to-one or siloed relationship between the process and its underlying IT meant that
auditing the processes was synonymous with IT Auditing or making sure that the supporting
IT systems were working.

Today, however, modern sourcing models like shared services, pooled infrastructure,
outsourcing, virtual servers and others have made such a one-to-one relationship of process-
to-system comparatively uneconomical. Additionally, the open environment that characterizes
IT requires auditing from several different perspectives including process, security,
performance, and management. To that end, the Information Systems Audit and Control
Association (ISACA) and the IT Governance Institute (ITGI) drafted a set of best practices
known as the Control Objectives for Information and related Technology (CobiT). CobiT
provides managers, auditors, and IT users with a set of defined processes and measures to
assist an IT organization with maximizing the benefits of IT through the development of both
IT Governance practices and supporting control objectives.
CobiT covers four domains:
• Plan and Organize This covers the use of information technology and how it can be
leveraged to meet corporate goals and objectives.
• Acquire and Implement This covers the identification of IT requirements, the provisioning of
technology, and deploying it in a manner that supports the services of the business
• Delivery and Support This focuses on the execution, training, and security of applications
and supporting technology within the IT environment.
• Monitor and Evaluate This deals with assessing whether technology is meeting the needs of
the organization and of any regulatory bodies under which the company falls.
These domains are quite broad and CobiT goes through a great deal of effort to break these
down into specific control objectives with measurements and other tools. It is here that both
the CMS and the CMDB play a key supporting role.
In the ITIL literature, the specification of what is tracked in the CMDB is largely left to the
practitioner. While guidance is provided, it soon becomes apparent that the practical way to
build a CMDB is to decide which IT management decisions and practices need to be supported
decided what processes will provide or consume the information targeted for decision support.
The CMDB plays a large role in the way its data covers the aforementioned CobiT domains.
From a Plan and Organize perspective, there are three key aspects. The CMDB contains the
logical architecture of the IT environment. Decisions about planning and organizing require the
specific ability to see how things are related and how things will be impacted by changes made
to the plan. Putting in a server farm, for example, may provoke radical change in the need for
centralized bandwidth (resources) and updates to the operating systems and databases
supporting high availability. In addition, the ability to manage the relationships between IT
processes and organizations (service levels) is a key aspect of this control objective. Finally,
being able to assess and manage IT risks is paramount to successful planning and organizing;
the CMDB’s record of CI relationships play an ideal role to satisfy this requirement (risks).

From an Acquire and Implement perspective, the CMDB maintains information about the various
hardware, sources, and other resources available in the IT environment. The ability to track
configuration states through versioning supports the ability to manage changes. Through the
use of the CMDB, release units and specific tasks can be identified to ensure that the change is
either satisfied or is rolled back to its correct prechange configuration. Limiting unplanned work
is the key to this control objective and the CMDB is unparalleled in its ability to help manage
safe implementations.
From a Delivery and Support perspective, the CMDB provides CI attributes and CI relationships
that assist the Service Desk with managing incidents, problems, and changes through root
cause analysis and change impact analysis. It aids in both IT and Business service continuity by
identifying possible weaknesses. It helps to manage services levels at the business, user, and
provider levels. Most importantly, it manages the configuration of not only the CI, but the
collection of CIs that reflects the entire IT delivery platform. It provides context to what is being
delivered and how it should be supported.
Finally, from a Monitor and Evaluate perspective, the CMDB helps by providing the ability to
understand how services are constructed and to monitor the individual components and the
collection simultaneously. This allows a holistic top-down and bottom-up approach to IT
management. By tracking the changes and configuration states of CI through time, the CMDB
supports proper auditing and regulatory compliance. By supporting a change process, with its
specific policies around CI changes, it provides the means of IT Governance.
Clearly, through supporting these four perspectives, the CMDB acts as a catalyst to the
business. It supports the Change and Governance processes that allow management to
properly stage and control the activities of the IT organization in parallel with the other
strategic activities of the firm.
Resource Optimization
Up to this point we have discussed four major uses for the CMDB. These reflected the typical
use of a CMDB when an organization is in the process of first implementing a CMDB and
focusing on developing best practices around ITIL Service Support.
As the CMDB becomes enriched with more CIs or more CI types, several additional benefits
become available. The first of these is resource optimization. Resource optimization covers a
wide field. Often, resource optimization is carried out through Asset Management. This
includes software license management and inventory management. Resource optimization is
also covered by HRMS and Project Management. While each area has a particular strength in
managing a certain type of resource, the CMDB can play a supporting role for each of these
areas. But, what makes the CMDB distinctive is not so much its help in optimizing any specific
type or volume of CIs, but rather its focus on the collection of CIs that are assembled to deliver
specific functionality as a service. Unlike other point management systems, the CMDB provides
the ability to consolidate resources per the context of their usage and support for services.

A common example is when a firm is looking to potentially optimize servers, either through
the use of some form of physical consolidation, server clustering, or server virtualization. To
properly stage this optimization, it is essential to understand the underlying relationships that
exist between the physical technologies and the business services that they support. Assume
you had several servers located in three data centers throughout North America (New York,
Chicago, and Los Angeles). The new plan is to consolidate these services to New York. The
plan would require understanding, per the current CMDB, what existing relationships exist and
what the CMDB would show those relationships to be like in a future state. In performing a gap
analysis (of current versus future), it will be clear that many changes will need to be assessed
and justified. In many instances these probable changes would have been invisible had a
CMDB been unavailable.
The CMDB would have a critical role in making visible which CI relationships are redundant.
It would be much easier to determine why specific CIs are candidates to be consolidated,
whether as a host or client. The CMDB would also provide improved capability to determine
the level of work required to make the transition possible.
Moreover, the CMDB allows the economic benefits of consolidation to be more likely realized.
It provides transparency into duplication of efforts, duplication of assignments, and duplication
of structural entities. It reduces the risks of unforeseen expenditures due to lack of perspective
(insight and planning) from a systems view.
Further, the CMDB would help in optimizing resources by providing the means to plan and
validate that the configuration of specific CIs, or relationships between CIs, follow a specific
baseline or reference model. The CMDB becomes a tactical tool to enforce standardization
policies for optimizing the use of resources both at an individual level and as a group. This
essentially drives economies of scale across multiple IT management processes.
Through its impact on the adoption of best practices, it also provides the ability to build
contextually proactive resource optimization into the infrastructure, not just after the fact
realignments. By supporting the separation of a CI definition into three areas — planned,
authorized, and actual — and providing for the means to track baselines, the CMDB goes
beyond simple linear planning models, and supports more dynamic what-if multitier levels. It
reduces the risk of a reactive resource optimization process by staging a proactive one.
From a business perspective, resource optimization helps to keep the business running by
improving the economy of service delivery. It also helps to grow the business by easing the
burden of and quickly adopting to changes that the market requires through the use of
standardization. Finally, resource optimization helps transform the business by providing full
traceability to those resources that are critical for transitioning from one model to another.
Services Mapping
One of the truly unique opportunities that a CMDB provides to the business and IT community
is the ability to track intangible assets as configuration items. The pinnacle of this capability is
the representation of an IT or business service as a CI.

Imagine having the power to consistently communicate the definition of a service across
various business and IT departments. Also, imagine obtaining the ability to coordinate support
efforts by having a consistent understanding of what services are being provided regardless of
where an action is being taken in an organization. The power of having a service as a CI allows
management to be able to embrace a 360-degree view of service, whether in operations,
finance, fulfillment, support, or regulatory.
Outside of siloed, unstructured efforts that are generally limited to a spreadsheet, the CMDB is
the first orchestrated approach to build support tracking of such logical entities in a deliberate
manner, and it is one that follows and enables service management best practices. Defining a
service in the CMDB begins with building a Service Model, which is a way of representing what
constitutes a service. This model can vary from one business to another but often includes and
relates objects such as: applications, infrastructure (hardware/software), databases, documents
(policies, procedures), service level agreements, and other key resources, like people.
This transition from physical assets as CIs to intangible assets as CIs provides the ability to
logically reflect exactly how IT becomes an ecosystem that supports the business. Once the
Service Model has been built, it can be recorded in the CMDB as sets of related CIs. This
provides the basis for the 360-degree management view. It provides the ability to initiate
impact analysis and root cause identification at the level of a service, which is the level most
immediately evident to the business.
As business models rely on services, the CMDB connection to supporting a business model is
clear. By having a Service represented globally as a CI in the CMDB, the time to effectively
communicate key challenges is reduced because people are seeing the same picture even if
they are looking through different lenses (roles). It improves profitability by improving the
ability of IT to understand and protect against the impact of failures to the business. It improves
economy by providing much better decision making and execution coordination across the
organization. The CMDB literally becomes a pragmatic tool to align IT with the business.
Services Performance Planning
The last of the fundamental CMDB use cases is about performance planning for the imple-
mentation of services. Similar in nature to Resource Optimization, Services Performance
Planning is open-ended. There are many way in which an IT organization prepares for performance.
ITIL version 2 itself leverages a set of management processes collectively known as Service
Delivery to specifically handle this task. In ITIL version 3, Service Design is assigned this
responsibility. However, Service Performance Planning includes both hard and soft infrastructure;
it is important to understand that. The understanding is available from a CMDB perspective.
From the infrastructure side, the CMDB provides the ability to understand what relationships
will need to exist for the service to achieve its anticipated quality goals. Whether these goals
are spelled out in a service level agreement (SLA) or not, it becomes clear that part of
performance planning is to understand what relationships are key. This is often driven and
recorded by the Service Model discussed above. In addition, the CMDB helps to identify what
cascading effects may need to be reviewed as part of the planning. The CMDB encourages a
holistic approach to planning instead of a single point of view. Additionally, Services Performance
Planning encourages the management of a service throughout its lifecycle by understanding
not only the immediate impacts of the service, but by how its supporting infrastructure (or
related CIs) is impacted.

On the softer, organizationally-focused side, the CMDB helps determine those activities that
need to be completed to ensure acceptance of the new service. This includes understanding
what stakeholders are impacted and how, and how risks to and from changes can be managed
within an acceptable tolerance level. The CMDB encourages partnerships that are consistent
with the philosophy of developing a 360-degree view. Effectively, transition planning becomes
more organized, with less chance of risk due to unplanned circumstances.
From the standpoint of supporting the business, Services Performance Planning may be the top
use case for deploying a CMDB. Businesses ultimately thrive based on their ability to capture
new market opportunities. Often these opportunities present themselves as services. IT’s
ability to quickly implement services becomes a key time-to-market advantage. It also supports
keeping the business running by ensuring that the appropriate quality level is designed into
both the service and its supporting environment.
Service Performance Planning also encourages the adoption of new services by removing the
risks inherent in making changes. The impact of changes is reflected on people, process, and
technology. The ability to anticipate the impact on the organization from any level is best
addressed by setting expectations. Using the CMDB as one key data source, these expect-
ations can be set by having accurate data on which to base decisions and recommendations.
SECTION 3
Tying the Fundamental Use Cases Together
It is important to understand that these seven fundamental use cases are just that —
fundamental. They do not reflect only those things that can or should be done, but rather
represent those things that a CMDB, and therefore a CMS, must implement to properly
support IT and its alignment with the business. Supporting these use cases will happen over
time, however, and it should not be expected that all seven use cases can be deployed at once.
It should also be understood that these seven use cases were selected because of how they
work both individually and collectively to build an overall support structure, as illustrated in
Figure A.

HIERARCHICAL STRUCTURE OF CMDB FUNDAMENTAL USE CASES
REVIEWING USE CASE 1 — IMPACT ANALYSIS Impacts are a major aspect of the customer
experience of the service. When they cause the service to not meet expectations, the risk of
their occurrence must eventually be designed out of the delivery. As shown in Figure A, the
corresponding resolution of these impacts amounts to decisions about what tolerance will be
maintained for each. Also, these resolutions must be recorded.
REVIEWING USE CASE 2 — ROOT CAUSE IDENTIFICATION The root cause of incidents and
problems become causes due to their position amongst interdependencies of CIs within the
service. To efficiently discover root causes, the interdependencies must be traceable on
demand. By definition, the work of preserving and recovering approved interdependencies
becomes the thrust of infrastructure maintenance.
REVIEWING USE CASE 3 — CHANGE GOVERNANCE Because maintenance takes the lead in
sustaining quality, the complexity and scope of maintenance activity takes a top-tier priority in
operations. The strongest example of this is in proactive and reactive change, where quality is
explicitly managed within the maintenance methods.
REVIEWING USE CASE 4 — AUDITING AND GOVERNANCE The business relevance of quality
attributes established in the infrastructure is defined by standards that set the terms for
business validation, or auditing, of the alignment of the infrastructure to the business needs.
REVIEWING USE CASE 5 — RESOURCE OPTIMIZATION Auditing and other validations reveal the
correlation of how things are to how they worked. Those discoveries establish the relative
importance of keeping the current organization or structures offered by IT for business support,
or of reorganizing them. Therefore, optimizing the infrastructure’s existing relationships of
configurations is a key responsibility of service provision managers.
FIGURE A
The Fundamental Use Cases are
designed to work in unision to support
the business sevices lifecycle process
from an IT perspective.

REVIEWING USE CASE 6 — SERVICES MAPPING The configurations and relationships that are
actually in service and in effect are the real operational environment, but they cannot be
accountable to operational outcomes without an explicit reference to their intended and
authorized state. For that reason, managers must design purposeful models of intended
configurations and map (record) them as the reference vocabulary for follow-on accountability
REVIEWING USE CASE 7 — SERVICES PERFORMANCE PLACING The business value of the
configuration models is established by proactively planning their alignment to expected
business requirements, including the requirements for flexibility and adaptability to
modifications of business requirements. By showing when and why particular models are
pertinent to business, planning links IT architecture to business strategy.
SECTION 4
Conclusions
In conclusion, it is through the CMDB that the CMS helps business success in several ways.
We discussed three of these: time utilization, profitability, and economy. Together through
proper management, these help avoid extinction of a business. They encourage IT financial
management and overall cash flow, keep the well flush with reserves. These three factors in
turn directly promote an agile approach to the business by supporting one or more key
business strategies, whether it be better products, customer intimacy, or cost efficiency.
Further, the CMDB provides the background and coordinating information that allow all critical
IT and most business processes to not only succeed, but become part of constructing an
overarching approach to building a sustainable competitive advantage. The CMDB is certainly
down in the trenches, but within its structure is a firm foundation from which to build.
SECTION 5
About the Authors
David A. Messineo is an ITSM practitioner with more than 20 years experience developing and
deploying enterprise-level software solutions focused on IT management. He is currently a
Practice Director at CA, where he focuses on establishing best practices for consistently
delivering large scale implementations. David holds both an ITIL Service Manager and eSCM
certification.
Malcolm Ryder is an ITSM practitioner with more than 20 years experience designing
enterprise IT management software solutions and delivering solutions to individual companies
and to the US and UK marketplace. He is currently a solutions architect at CA, where he
consultatively establishes requirements and blueprints for integrated ITSM implementations
working directly with customers.

CA (NASDAQ: CA), one of the world’s leading independent,
enterprise management software companies, unifies and
simplifies complex information technology (IT) management
across the enterprise for greater business results. With our
Enterprise IT Management vision, solutions and expertise,
we help customers effectively govern, manage and secure IT.
MP333081108

Why CMDB - 7 Fundamental Use Cases

More Related Content

What's hot (20)

Similar to Why CMDB - 7 Fundamental Use Cases (20)

More from David Messineo (20)

Why CMDB - 7 Fundamental Use Cases