Blog

5 Best Practices for DDM and CMDB to Improve Change Management

Posted by on February 16, 2021

5 Best Practices for DDM and CMDB to Improve Change Management

The CMDB is a critical ITSM data source as it defines the context connecting incident management, request management, and change management processes with systems, applications, and business services.

IT organizations often delay this integration because CMDB’s are notorious for poor data quality.

CMDB’s are often developed with a hodgepodge of manual processes, scripts, and tools that require manual steps to run, review, and cleanse. The more IT pursues accurate and detailed data, the more effort they must invest in tuning scripts and reviewing results. It’s a futile approach, especially because many IT organizations manage hybrid clouds with rapidly changing infrastructure. Changes come from the cloud’s elastic compute capabilities, DevOps teams deploying frequently, and other infrastructure automations.

An agentless discovery and dependency mapping (DDM) capability integrated with the CMDB is the game changer. This capability runs on a recurring schedule, scans private and public clouds for system configurations, identifies dependencies based on traffic flows, and updates CMDBs with accurate information. Let’s take a look five best practices to follow when integrating Change Management with the CMDB.

5 Best Practices for DDM and CMDB to Improve Change Management_Image 1

Start by Integrating Change Management with the CMDB

Most IT organizations have basic ITSM implementations, including change management, request management, and incident management. They focus on the workflow, role assignments, forms, reports, automations, and integrations that help employees escalate their needs and enable IT Ops to support them.

But as organizations mature, they seek to add more contextual data to expand IT services, perform analytics, and prioritize improvements.

Change management is the first process ITSM leaders should integrate with a DDM powered CMDB. Changelogs record who, when, why, and how IT implemented a change. With a DDM-powered CMDB, IT also captures where they implemented changes and the impacted systems. This added data provides an important context for capturing insights and actioning improvements.

Here’s how IT can leverage a DDM powered CMDB.

1. Centralize Business Service Definitions and CMDB Connections

When IT develops confidence in the CMDB’s accuracy, they’re better prepared to capture top-down information on business services, service owners, and service levels from their stakeholders. It’s a much easier process with a DDM backed CMDB

DDM captures the relationships and dependencies between networks, applications, and systems running in data centers and public clouds. IT administrators can then visualize all of an application’s components, including web servers, application servers, API services, data integrations, and databases.

Once there’s an accurate picture of IT systems and applications, it leads to a more meaningful discussion around business services and service owners. Since many business leaders don’t know all of the IT systems that enable the customer experiences, operational workflows, and integrations utilized in their business, IT can use the DDM’s topological maps to illustrate the connections between business services and their applications.

Identifying the service mapping is an important undertaking in defining service levels for each business, service, and application.

5 Best Practices for DDM and CMDB to Improve Change Management_Image 2

For example, multiple businesses may be utilizing a common ecommerce platform, but different fulfillment and supply chain services. They are likely to have different service levels depending on revenue, customer impacts, and prime usage periods, and these may also differ by geography, application type, and other operational factors. Once business leaders understand the mapping of business services to applications, they are better positioned to discuss service levels, outage windows, and other operational factors.

2. Automate Infrastructure Adjustments as Change Events

You know the famous saying, “If a tree falls in the forest, and there’s nobody around to hear, does it make a sound?”

The same is true if updating the CMDBs isn’t automated after change events. The greater the frequency of changes, the bigger the drift between the CMDB’s representation and the actual configuration.

Consider the following change events that many IT organizations automate as DevOps best practices:

  • Continuous Integration and Continuous Delivery (CI/CD) pipelines deploying applications
  • Infrastructure as Code (IaC) scripts provisioning new environments
  • Cloud elastic computing capabilities ramping up or down infrastructure
  • Load balancers redistributing traffic between data centers and public cloud zones
  • IT automations patching, upgrading, and updating configurations

With a DDM backed CMDB, updating the CMDB doesn’t have to be tightly coupled to change scripts. Instead, the DDM updates the CMDB and reflects the current state of the infrastructure.

3. Understand Dependencies Before Deploying Changes

Proactive IT organizations assign a risk metric to changes based on the business impact of the implementation and potential failures. Very often, a change approval board (CAB) reviews changes with subject matter experts to decide on the risks and plan for remediations. These can be long, unproductive meetings, and CABs often assigns risk scores based on qualitative information from subject matter experts rather than quantifiable facts.

5 Best Practices for DDM and CMDB to Improve Change Management_Image 3

A DDM powered CMDB can help IT quantify risks by considering the number of dependent systems and their associated service levels. In some cases, calculating the risk score can be automated and then used to validate and auto-approve low-risk DevOps automations impacting production.

4. Notify Business Service Owners of Changes

Wouldn’t you like to implement a simple, personalized, and automated rule to notify business owners and users around system changes? It sounds like a straightforward concept, but it’s often challenging to implement, especially if you want to enable people to personalize the notifications.

For example, an executive might only want information when a change is projected to create an outage, while a business manager wants notifications of all high-risk changes.

Also, some changes are hard to trace to the impacted services unless a DDM backed CMDB captures all the dependencies between systems and business services.

Having this changelog also helps address concerns about whether a change event drove a major incident. The correlation between changes and incidents is often the first question that surfaces when a service leader escalates system performance problems. Changes tracked to system components help IT pinpoint issues or rule out these concerns.

5. Identify Experience Impacts After Completed Changes

One final question surrounds how IT verifies whether completed changes had unanticipated system, application, or business service impacts. Proactive IT Ops groups don’t wait for end-users to experience poor performance, open tickets, or escalate to their managers that an IT change created the issue.

5 Best Practices for DDM and CMDB to Improve Change Management_Image 3

While IT should have monitoring tools and AIOps solutions to alert on issues proactively, a DDM topological map becomes a new tool to help validate performance and drill into potential problems. When monitors from dependency systems send out alerts, IT operations can use the DDM flow tools to research root causes.

Where to Start Integrating a DDM Backed CMDB?

The best practice for proactive IT teams is to follow a stepped approach to using a DDM backed CMDB in ITSM practices. Here is a checklist on getting started:

  • Enable the DDM and iteratively add networks, systems, and applications
  • Run DDM on a schedule and train IT Ops on using monitoring tools
  • Validate the CMDB’s accuracy and begin connecting changelogs to the CMDB
  • Partner with business leaders to define services and service levels
  • Quantify risk scores, redefine decision processes, and update automations based on service levels

We all know how much more important and useful a CMDB is beyond tracking assets. With a DDM powered CMDB, IT can finally capture the context of changes and use the data to improve service levels.

Isaac Sacolick, President of StarCIO, guides companies through smarter, faster, innovative, and safer digital transformation programs that deliver business results. He is the author of the Amazon bestseller, Driving Digital: The Leader’s Guide to Business Transformation through Technology, industry speaker, and blogger at Social, Agile, and Transformation.

The Gartner 2020 Magic Quadrant is now available

Get Cherwell’s industry-leading tips, guidance, and case studies for better serivce management to help your business deliver, right in your inbox.

*Please complete email field