We utilize the CMDB in ServiceNow for a handful of items. We mostly have computers, iPhones, pagers, healthcare devices and applications. Most of all items entered into the CMDB are manual entries or imports depending on the item. Over the past month or so, we've been getting some inquiries that have caused us to go down various rabbit holes related to CMDB, and all of those rabbit holes mostly result in the same response... We need a proper CMDB solution. So while we wait for a proper CMDB discovery tool and an implementer to work with us on this, we have to continue using what we have, but we want to get better and be prepared for when that time comes. With that, I'm wondering if anyone would be willing to provide some information around how they handle some of these concepts, just so we can understand what other organizations are doing?

Incident categories/subcategories: I know that incident subcategories should not be very granular. In other words, instead of having the name of the antivirus app (like McAfee) as a subcategory, you would want something like "Security Applications". Well, today we are adding the names of apps to the subcategory field which isn't ideal. 

1. When someone selects "Applications" as a category in your environment, what type of subcategories do you allow your fulfillers to choose from?
2. As an example, let's say someone submits an incident where the category is "Application" and subcategory is "Security Applications", would the CI be the antivirus app, or the PC the user is having the issue on? If the answer is the antivirus app, how do you then tie the correct device CI to the incident then? For example, an issue with McAfee on the server side is very different from the end user side, so being able to distinguish the difference is important. Plus, you might want to see how many incidents were created for the device to see if maybe the device itself is a problem.

TIA