Desired State

  • Release version: Australia
  • Updated March 12, 2026
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Desired State

    Desired State enables scheduled or on-demand audits of Configuration Management Database (CMDB) data to verify compliance with organizational standards. It checks if configuration items (CIs) meet expected attributes and relationships, such as software licensing for computers. Any discrepancies identified during audits lead to automatic task assignments for remediation.

    Show full answer Show less

    Key Features

    • Compliance Audits: Evaluate CIs against defined standards for attributes and relationships.
    • Role Management: Users must have the certificationadmin role to access and configure certification elements. Additional roles may be required for full access to necessary tables.
    • Certification Process: Administrators create definitions of desired states, schedule audits, and generate follow-on tasks for discrepancies.
    • Filter and Template Creation: Users can create filters that define CIs to certify and templates that specify desired physical attributes and relationships.
    • Audit Scheduling: Audits can be set to run on a schedule or on demand, generating results based on specified templates.
    • Follow-on Task Management: The system can create new follow-on tasks for recurring audit failures, ensuring ongoing compliance efforts.
    • Discrepancy Correction: Users can view audit results to identify discrepancies and complete assigned tasks to correct them.

    Key Outcomes

    By leveraging Desired State, ServiceNow customers can effectively manage and ensure compliance of their CIs, streamline the auditing process, and promptly address discrepancies. This leads to improved data integrity and alignment with organizational standards, ultimately enhancing operational efficiency.

    Desired State performs scheduled or on-demand audits of CMDB data to determine which records match the expected attributes, CI relationships, and relationships to other records in the system.

    For example, desired state can determine if a computer has a license for a particular software program. The compliance process checks configuration items (CI) to ensure that their attributes and relationships comply with standards set by your organization. Audit results show any discrepancies in the desired state of a record, and ServiceNow automatically assigns follow-on tasks to qualified users who can remediate those discrepancies.

    Desired State roles

    To access or configure certification elements, a user must have the certification_admin role. These users can create, update, and delete filters if they have the proper access to necessary tables.

    In the base system, certification_admin users have limited system rights and do not have access to all the necessary tables. When assigning compliance resources, make sure to grant additional roles to the certification_admin user as needed. For example, the certification administrator requires roles that grant access to these tables:
    • Company [core_company]
    • Cost Center [cmn_cost_center]
    • Schedule [cmn_schedule]

    Desired State process

    The desired state certification process can mean checking servers to ensure that their physical resources, such as CPU speed or memory, comply with certain standards. This process also ensures that all critical business services have a manager, support group, and approval group assigned.

    The administrator responsible for certification creates definitions of desired states and then schedules an audit to check CIs for compliance. The audit results identify CIs that pass certification and itemize the discrepancies in those CIs that fail. The ServiceNow system automatically generates follow-on tasks to track the process of adjusting the CIs to the desired state.

    Desired state differs substantially from data certification. Data certification is a manual process to ensure that your data matches reality. Desired state examines the same data and determines when the configuration of each item is in the desired and approved state.

    1. Create a certification filter: Create a filter that defines a subset of configuration items to certify. You can create multiple versions of a filter, and then activate the version you want to use for certification. You can create filters on the Configuration Item [cmdb_ci] table and all tables that extend it.
    2. Create a template: Create a template with conditions that define the desired state of the physical attributes, related records, and relationships for a CI. The certification filter you select for the template determines which configuration items the system examines.
    3. Create and run an audit: Create an audit using the template. Set the audit to run on a schedule or on demand. The audit generates a set of results based on the conditions from the template you specify. Determine usage of follow-on tasks:
      • Determine if the audit creates follow-on tasks and assignment.
      • Determine if the same follow-on task is used for the same audit failure across multiple runs. The system property glide.allow.new.cert_follow_on_task is set to true by default, allowing for new follow on tasks to be created for the same failure, at each audit run (this property applies only to audits which aren't scripted).
    4. View audit results: View the audit results which display any discrepancies between the desired state, as specified by the template, and the actual state of the target configuration items.
    5. Correct discrepancies: Correct the discrepancies the audit found by completing the follow-on tasks created by the system.