CobiT definition:
Ensuring the integrity of hardware and software configurations requires the establishment and maintenance of an accurate and complete configuration repository. This process includes collecting initial configuration information, establishing baselines, verifying and auditing configuration information, and updating the configuration repository as needed. Effective configuration management facilitates greater system availability, minimises production issues and resolves issues more quickly.
Control over the IT process of
Manage the configuration
that satisfies the business requirement for IT of
optimising the IT infrastructure, resources and capabilities, and accounting for IT assets
by focusing on
establishing and maintaining an accurate and complete repository of asset configuration attributes and baselines, and comparing them against actual asset configuration
is achieved by
- Establishing a central repository of all configuration items
- Identifying configuration items and maintaining them
- Reviewing integrity of configuration data
and is measured by
- Number of business compliance issues caused by improper configuration of assets
- Number of deviations identified between the configuration repository and actual asset configurations
- Percent of licences purchased and not accounted for in the repository
Control objectives:
DS9 Manage the Configuration
DS9.1 Configuration Repository and Baseline
DS9.2 Identification and Maintenance of Configuration Items
DS9.3 Configuration Integrity Review
Check out the links for details on the control objectives.
Related posts:
- DS5 Ensure Systems Security CobiT definition: The need to maintain the integrity of information and protect IT assets requires a security management process. This...
- DS6 Identify and Allocate Costs CobiT definition: The need for a fair and equitable system of allocating IT costs to the business requires accurate measurement...
- AI6 Manage Changes CobiT definition: All changes, including emergency maintenance and patches, relating to infrastructure and applications within the production environment are formally...
- PO7 Manage IT Human Resources CobiT definition: A competent workforce is acquired and maintained for the creation and delivery of IT services to the business....
- AI7 Install and Accredit Solutions and Changes CobiT definition: New systems need to be made operational once development is complete. This requires proper testing in a dedicated...
