CMDB health assessment methodology

Dan Herrick1 · ‎09-01-2022

Hello all, I am an experienced IT Asset Management practitioner who is new at a US university that implemented ServiceNow CMDB about 2 years ago and has been operating the CMDB without oversight for the last 6+ months. As part of a larger Asset Management project, I am trying to perform an assessment and remediate any outstanding major issues relating to the CMDB performance. I’d like to get your suggestions on how to approach this CMDB assessment.

What I have come up with so far is this approach:

Assess CMDB Technical Health: Using ServiceNow built-in platform functionality (CMDB Health Dashboard) to test Configuration Item records for completeness, correctness, compliance, and relationships.
Evaluate Discovery: This includes the scope (meaning what device classes are being discovered and what device info we collect), schedules, behaviors (discovery probes, mid servers, the orchestration of discovery components), and credentials.
Evaluate integration sources: Primarily SCCM (which is an active integration), but also including other integrations (either via a ServiceNow integration or API) that I don’t yet know about and evaluating the impact of the one-time manual imports that have been done over time.
Evaluate ServiceNow platform configuration relating to the CMDB. This includes ServiceNow’s identification and reconciliation rules (that determines which data sources can update CI attributes), precedence rules, and Asset CI field mapping.

How would YOU go about this? Are there things in my approach you would add to, remove, or do differently? I’m looking for best practices and practical advice.

A little more info about this scenario. For reference, there are about 1M CIs in the CMDB. Assume that there is no institutional knowledge (no one to ask how things were set up and performed, and no documentation). I am the practice owner for both Asset and Configuration, so yes, I’ve consulted with the practice owners. I'm not a ServiceNow admin but have support from one at the org. Given our resource constraints, including time, we can only address the major impacts to performance/health now and log minor impacts for later resolution.

Tony K · ‎09-02-2022

Hi Dan,

I'll do my best to answer as we too are going through some CMDB cleanup. These are short answers, in no way the end all be all.

1) You have to decide what's important. With 1m CI's you'll never manage that successfully. So I would determine the classes that can be maintained and provide the most value. Could be windows servers, computers, network. Someone needs to maintain and monitor those classes as well. That is for your team to decide.

2) You have to review discovery and make sure ranges are accurate for what you decide to monitor from #1. Maybe you don't need to scan ranges that have no data that is relevant to monitor or maybe ranges are missing as the people who set it up could be long gone. You'll also need some processes around when new sites/ranges need to be added/removed. We've spend a lot of time in this area since Discovery will scan but without valid credentials or devices being setup consistently, a lot will come back credential less. You'll need help from other teams.

3) Setup Health dashboards based on the classes that matter. The remediation tasks like duplicates, orphans, etc. Those need to be looked at, so that the data can be maintained and accurate.

4) Creating processes and owners are key. Owners for a class, someone to monitor tasks, overall monitoring of dashboards, etc. Without that, then someone will just have to go through this same exercise in a year or two anyway.

These are brief answers but hopefully it helps.