CobiT definition:
Ensuring the integrity of hardware and software configurations requires the establishment and maintenance of an accurate and complete configuration repository. This process includes collecting initial configuration information, establishing baselines, verifying and auditing configuration information, and updating the configuration repository as needed. Effective configuration management facilitates greater system availability, minimises production issues and resolves issues more quickly.
Control over the IT process of
Manage the configuration
that satisfies the business requirement for IT of
optimising the IT infrastructure, resources and capabilities, and accounting for IT assets
by focusing on
establishing and maintaining an accurate and complete repository of asset configuration attributes and baselines, and comparing them against actual asset configuration
is achieved by
- Establishing a central repository of all configuration items
- Identifying configuration items and maintaining them
- Reviewing integrity of configuration data
and is measured by
- Number of business compliance issues caused by improper configuration of assets
- Number of deviations identified between the configuration repository and actual asset configurations
- Percent of licences purchased and not accounted for in the repository
Control objectives:
DS9 Manage the Configuration
DS9.1 Configuration Repository and Baseline
DS9.2 Identification and Maintenance of Configuration Items
DS9.3 Configuration Integrity Review
Check out the links for details on the control objectives.
No related posts.