*This post originally appeared on the Cherwell blog, prior to the acquisition by Ivanti. 

ITIL's Service Asset and Configuration Management process, found in the Service Transition book, requires IT organizations to establish and maintain a Configuration Management Database (CMDB) to keep track of Configuration Items (CIs) and the relationships between them. An up-to-date and functioning CMDB is one of the most important indicators of ITIL implementation success, yet many organizations seem to overlook its importance in supporting other ITIL processes.

The CMDB is a valuable source of input for many ITIL processes throughout the entire service lifecycle, and effective maintaining it drives numerous operational benefits for the IT organization. We're going to list some of the most important benefits below, but first let's develop a clear understanding of what a CMDB is and the role it plays in the IT organization.

What Is a CMDB?

A CMDB is a special type of electronic database whose purpose is to track configuration items and the relationships between them. ITIL has defined configuration items as "any component or other service asset that needs to be managed in order to deliver an IT service," or "components of an infrastructure that is under configuration management." Configuration items are the fundamental structural units of CMDBs. Any part of the IT infrastructure or environment that needs to be tracked to deliver an IT service should have its own CI record on the CMDB.

CIs have attribute data that corresponds to their type, and there are many different types of CIs. The most commonly tracked types of CIs are hardware and software, but organizations may also choose to create CI records for employees, networks, separate business locations, documents, service agreements, and more. Each type of CI has unique attributes which are recorded in the CI record along with the relationships that each CI have with each other.

Once the CMBD has been populated with CI records, the organization can refer to the CMDB to determine the relationships and interdependencies between IT assets. This information can be used to drive effective decision-making and IT management across a variety of key processes and functions.

CMDB Acts as a Central Reference Point for IT Assets and Infrastructure

In the past, IT organizations lacked a centralized repository for information about configuration items in the environment. There might be a single database for hardware assets, a separate one for software assets, and a separate, totally siloed system for managing software license agreements. With CMDB, all of the IT assets and infrastructure are managed together under a single system that acts as a centralized reference point. This means that a single system can be used to answer questions such as:

  1. How many of a certain type of hardware does the organization currently have deployed?
  2. How many installations of Software X currently exist on all of the IT organization's hardware assets?
  3. How many users are affected by an email outage that occurs in a given time frame?
  4. How many software licenses does the organization need to purchase to cover all of its usage?
  5. What IT assets are connected to a user that was just terminated? What IT assets must be assigned to a new employee in a given role?

These questions encompass some of the most basic knowledge that IT organizations need to have ready access to, and they can all be easily answered by an up-to-date CMDB.

CMDB Promotes Transparency, Visibility, and Better Management of IT Assets

As IT organizations grow in size and complexity, it becomes exponentially more difficult to manually keep track of what assets the organization owns, where they are deployed, and who is controlling them. Inadequate oversight of IT assets exposes the organization to unnecessary risk: old hardware must be disposed through the proper channels to ensure that company data is destroyed or migrated and cannot be stolen by competitors or nefarious actors, and software installations must be tracked to ensure compliance with software license agreements.

The CMDB offers IT organizations a transparent and highly visible means of tracking IT assets within the organization. Anyone can access the CMDB with the right permissions and check on the status and relationships between individual configuration items, and each configuration item is fully accounted for throughout its entire lifecycle.

CMDB Supports Accurate Risk Assessment for New Changes and Deployments

Change deployments and implementations are a significant source of risk for the IT organization. When a deployed change affects systems in an unexpected way, it can lead to service outages that negatively impact the business. The IT organization may have to initiate emergency change protocols to revert back to a stable and functional environment or to otherwise remedy the interruption caused by a change.

Change managers can use the CMDB to understand the relationships between configuration items and anticipate which users, systems, software, and that configuration items could be affected by an upcoming change. In turn, change managers can implement strategies to reduce the risk of business disruption and ensure that the change process is conducted smoothly without causing outages.

CMDBs Centralize Data from a Myriad of Sources

Many IT organizations have some software or hardware asset data stored in log files, reports, and other databases where it is unused and disconnected from other important data about the IT infrastructure. When populated the CMDB with CI records, CMDB software can source data from a variety of existing mediums, including CSV, XML, WS, and other file types. This ensures that existing data can be effectively incorporated into the CMDB and used to populate important attribute data for CIs.

CIs also contain information from incident reports and event reports that are submitted in connection with specific hardware or software, so the CMDB is really serving to aggregate all the data that connects to specific configuration items into one place.

The CMDB Feeds into the SKMS and Knowledge Management Process

Knowledge Management is one the most crucial ITIL processes for organizations that are focused on continual, data-driven process improvement. As part of this process, IT organizations are expected to establish a Service Knowledge Management System (SKMS), a stand-alone platform whose purpose is to manage the data, information, knowledge, and wisdom that IT organizations collect.

The CMDB is an important source of input for the Knowledge Management process and the SKMS itself. The CMDB contains data on each configuration item, including their type, attributes, and relationships with other CIs. All of this data can be sourced by the SKMS and analyzed to develop insight into how assets can be more efficiently managed and deployed.

In ITIL, the CMDB is essentially a sub-part of the SKMS. You can't have effective knowledge management without a robust and up-to-date CMDB because there would be too much important data missing from the system.

CMDB Supports Effective Event/Incident Management

An up-to-date CMDB acts as a valuable source of facts that can be used to enhance Incident and Problem Management activities. When an incident management ticket is received in connection with a specific configuration item, the IT operator can use the CMDB to access the CI record for that specific item and learn everything about it: when the company purchased it, who the supplier was, how long the company has owned it, any previous issues of similar incidents, etc.

While incident management reports themselves are not considered configuration items, IT organizations can use the CMDB to attach incident reports to the relevant CIs, ensuring that incidents are tracked over time in connection with the CIs whose services they impact. This feeds directly into the knowledge and information layers of SKMS, allowing the organization to develop a better understanding of which CIs are the most costly to support.

CMDB Facilitates Investigation of Problem Configuration Items

CMDB allows IT organizations to identify problematic asset classes that should be substituted or phased out to avoid ongoing incidents. Problem configuration items can exist for years in organizations that do nothing to keep track of how incident reports and problems connect to specific IT asset classes. With an up-to-date CMDB, IT organizations can view problem statistics for different asset classes, associate incidents and problems with their related CIs and dependencies, and identify the best opportunities for software and hardware upgrades that reduce service costs and unplanned downtime.

A CMDB also makes it easier for organizations to conduct root cause analysis of known issues, discover their cause or source, and begin to develop a solution.

CMDB Can Be Used to Track Changes to a CI Over Time

Configuration items may not keep the same attribution data throughout their entire life cycle, and IT organizations need a way to keep track of how CIs change over time. A piece of hardware like a laptop may be assigned to a new employee and loaded with software for their specific job role. Later on, the employee leaves and the laptop is returned. IT staff can then load different applications on it and deploy it to another department.

With a CMDB, the IT organization can track how hardware, software, licenses, and other assets are deployed by the company throughout their entire lifecycle. This includes metrics such as:

  • Average time taken to repair a specific configuration item
  • Average time taken to repair a specific asset class
  • Total up-time/downtime ratio for specific CIs or asset classes
  • Total cost of ownership
  • Change and deployment history for each CI

The ability to capture historical usage data means that IT organizations can measure ROI and the impact of new software and hardware purchases in the long term. This allows a more data-driven approach to new software and hardware investment for the organization.

CMDB Population and Maintenance Can Be Automated

One of the major challenges that IT organizations face is keeping their configuration items and CMDB up-to-date on an ongoing basis. Each day, especially in large organizations, there are changes to existing configuration items, CIs that go out-of-service, and CIs that enter service and the organization needs to change and update records to reflect the latest changes to the IT infrastructure.

CMDBs Continuously Change and Evolve

Continual service improvement is a crucial aspect of a successful adoption of ITIL principles and processes. To facilitate that improvement, IT organizations need to leverage systems that can change and evolve over time as the organization increases its knowledge and updates its policies and procedures to reflect new insights and industry best practices.

When an organization solves a problem, it should capture some new learning and knowledge that can be used to prevent the problem from recurring in the future. The changes can be implemented through the CMDB in the form of updated test routines, modified running books, new monitors/alerts to detect specific signals in the IT system, and new documentation in internal knowledge bases. At the same time, the CMDB can be updated with new CI types, relationships, and attributes to reflect changes in the environment.

If a similar problem happens again in the future, IT operators can leverage the newly captured knowledge to more easily resolve the issue.


The CMDB and the service asset configuration management process are important aspects of ITIL that drive success at all levels. Your CMDB creates a central repository of configuration data that promotes transparency and visibility of IT assets and lays the groundwork for effective IT asset management practices. It sources data from multiple locations in your organization using automated process, facilitates the incident management process and feeds directly into the SKMS and risk assessments for new changes. The CMDB can be used to track changes to CIs over time, and IT organizations have the option to automate their software discovery and dependency mapping processes. Finally, CMDB is a flexible and robust tool that can change and grow with your organization, reflecting your most current knowledge and best practices for IT service delivery.