CMDB audit vs Data certification

jain25rajesh
Kilo Expert

We have a CI audit module(desired state) in compliance application , which helps "Desired State performs scheduled or on-demand audits of CMDB data to determine which records match the expected attributes, CI relationships, and relationships to other records in the system."

Other than that there is a separate module for Data Certification ( paid plugin) ,which also helps in "manages scheduled and on-demand validations of the configuration management database (CMDB) data."

Can someone please help in understanding the difference in above both CI data certification procedures and which one to use when ?

1 ACCEPTED SOLUTION

jain25rajesh
Kilo Expert

Got the Answer 

Desired state differs substantially from data certification. Data certification is a manual process to ensure that your data matches reality. Desired state examines the same data and determines when the configuration of each item is in the desired and approved state.

https://docs.servicenow.com/bundle/london-servicenow-platform/page/product/compliance/reference/r_De...

View solution in original post

5 REPLIES 5

jain25rajesh
Kilo Expert

Got the Answer 

Desired state differs substantially from data certification. Data certification is a manual process to ensure that your data matches reality. Desired state examines the same data and determines when the configuration of each item is in the desired and approved state.

https://docs.servicenow.com/bundle/london-servicenow-platform/page/product/compliance/reference/r_De...

Muskan Dixit
Tera Contributor

what is the need to use Data certification(manual process) when we have compliance process(which is automated)?

Is data certification older module & now we can completely replace it with compliance and audit?

Data Certification and Desired State/compliance have different purposes. Here's a trivial example:

  • Say you have 25 servers in 3 data centres. 
  • Desired State could check to make sure that the [location] field for each server is one either Room A, B, or C - that is every server should be located in one of your 3 data centres.
  • But if at some point you move a server from Room A to Room B and forget to update the location field, or you decommission a server to a storage room and forget to update the location, that's where Data Certification comes in.
  • Data Certification can run every 6 months to remind you to check all server records in the CMDB to make sure that the location data for each are still accurate - not just that they match some condition but that they are also correct.

Tobias
Tera Contributor

I believe the use cases are different. 

 

Audit/compliance runs a check on fields being empty/not empty according to desired state, e.g. owner is specified. 

 

Data certification provides a way to manually validate that the data in given field is in fact correct according to reality, e.g. is this person still the right owner.