This content is part of the Essential Guide: Disaster prevention and mitigation strategies: Strike early and often
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Configuration management, IT asset management need to be integrated

To align configuration management and asset management processes, ITSM expert Derek Lonsdale says start with the data and use an integrated tool set.

Enterprises need to track the individual components of their IT services (IT asset management) while at the same time protect the integrity of these IT services (configuration management). Both processes have numerous touchpoints, but one can't substitute for the other.

In this SearchCIO podcast, Derek Lonsdale, IT transformation leader, Lean expert and CIO advisor of global management and IT strategy with consulting firm PA Consulting, sets out to clear up the confusion between configuration management and IT asset management and explain why the lifecycles of both processes need to be in sync for service delivery optimization. In the second part of this podcast, Ken Lewis, service management consultant with PA Consulting, makes a strong case for merging the asset and configuration management  systems.

We were talking recently about ITSM [IT Service Management] and how CIOs need to track components of IT services through IT asset management and also protect the integrity of those IT services through configuration management. How do you really do both?

Derek LonsdaleDerek Lonsdale

Derek Lonsdale: Doing both requires the processes to work in harmony. Configuration management, which is a process that really looks at the integrity of the services, covers some of asset management. But it only covers a small part of asset management. The asset lifecycle has two sub-processes called deploy and then operate and optimize. Those processes are really where configuration management gets heavily involved.

Other aspects of the asset management lifecycle can also be involved in configuration management. We know that assets are really more about the finances, looking at how much it costs, who owns the asset and so on. So asset management is much more finance focused, but it still looks at things; for instance, a server. So, an IT component such as a server could also be a configuration item. In turn, the server needs to be managed by both asset management and configuration management. So there are some fundamental synergies between both processes.

The asset management process is actually a longer process than configuration management. If you think of the sub-processes, actually it [asset management] goes from plan through procure, receiving the asset, deploying the asset, then operating and optimizing the asset before eventually you move to decommission and dispose. As I said, the main parts of the asset management lifecycle are deploy and operate, then optimize, which is where the configuration process comes in.

And with configuration, you have planning and management of the configuration item. You need to be able to identify the configuration item, control it, report on the status of the configuration item, and then you will do some audit and verification. So the processes have so many interfaces they have to operate in harmony.

How do you get to that point where they do operate in harmony?

If you can … have one single source of proof, that makes it easier to harmonize both processes.

Derek Lonsdale,
CIO advisor of global management and IT strategy, PA Consulting

Lonsdale: The first thing is harmonizing the data between the two processes. So I'll give you an example of the server that we talked about earlier. The server has some data that's required by both processes -- location is a perfect example of a shared data point.

If we need to understand what is the location of our server, asset management needs to know, and configuration management needs to know too. By harmonizing the data, what I'm saying here is that we need to call location the same thing in both tool sets and both processes. It's no good having the asset management process report back on the server's being in the "Manhattan data center location North," and then configuration management saying that the data center is in "Manhattan, data center location N." The two things don't harmonize. We need to have the same thing.

So that's No. 1, data harmonization.

No. 2 is identifying what the best source of this data is and [making] it the truth. If we have discovery data on this server, we want that data to go to the asset database and the configuration management database.

But how do we do that? Do we have different discovery tools that work for asset management and configuration management? Or do we try and route that data so that maybe it goes to the asset server first or the asset database first, and then through to the configuration management database?

If you can do the latter and have one single source of proof, that makes it easier to harmonize both processes. It's having a single lifecycle process where that asset goes from plan through to dispose, and configuration goes from planning through to audit and verification. Having a single view of that process, then identifying very clearly where the touchpoints are, so that when you design both processes, you're not designing them in isolation, you're designing them then to be integrated.

No. 3 is having this single integrated view of the process so that you're using best practices of both ITIL configuration management and asset management.

Many IT shops have different asset management and configuration management tools. How can you move more to just that single view?

Lonsdale: I think reduction in the number of tools is essential. I'll give you one example. We've been working with a number of clients now that have many different asset management tools. So that's expensive. It's expensive in terms to manage the tools with resources. It's expensive in license management. But you also have the issues of data harmonization, source of truth and so on. You do need to have a more integrated tool set.

Let us know what you think of this podcast; email Christina Torode, editorial director.

Dig Deeper on Enterprise systems management

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

What are your challenges in integrating asset and configuration management tool sets? Don't hold back!
One big problem to integrating asset and configuration management is the change management process is often broken in many organizations. This makes it difficult to define which source of data entry is authoritative. I say which source, because often there are multiple IT Security tools in an emterprise that do the same thing. For example, you may have remote sensors on your network for identifying rogue devices, you may be doing discovery scans with your vulnerability scanner, you may have passive vulnerability scanners that sense newly added devices, and you have your asset management database. So what happens when you find devices through automated sensors that are not in your asset management database? This is a breakdown in the change management process which is far to often the reality with most organizations. Correlating the 11 Security automation domains into a central database is the first step in reconsiling those differencing, but tightening up the change management policy to put consequences to admins who add unauthorized devices is as equally important.