CIs attestation

  • Release version: Yokohama
  • Updated January 30, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of CIs attestation

    CIs attestation in ServiceNow enables organizations to systematically verify the existence and accuracy of their IT infrastructure and application Configuration Items (CIs) within the CMDB. This process helps maintain CMDB integrity by identifying and removing stale or obsolete CIs that no longer represent actual assets.

    Show full answer Show less

    The attestation process involves creating policies that define which CIs require verification and how often. Tasks are then assigned to knowledgeable users who can attest to or reject the CIs. Rejected CIs can subsequently be retired, archived, or deleted to keep the CMDB current.

    Key Features

    • Attestation Policies: Defined via the CMDB Data Manager in CMDB Workspace to specify CIs for attestation and set the frequency of verification.
    • Task Assignment and Management: Attestation tasks are assigned to users familiar with the CIs. Users can access these tasks through the My Work view in CMDB Workspace to review and process them.
    • Smart Detection and Auto-Attestation: This feature streamlines attestation by automatically identifying CIs eligible for auto-attestation based on recent discovery data. It requires Discovery or Service Graph Connectors to be enabled.
    • System Properties for Smart Detection: Several system properties control smart detection behavior:
      • sncmdbws.attestation.smartdetection.disabled: Enables or disables smart detection (default: enabled).
      • sncmdbws.attestation.smartdetection.discoverywindow: Defines the time window (in days) within which CIs must be discovered to qualify for auto-attestation (default: 30 days).
      • sncmdbws.attestation.smartdetection.discoverysource.exclusion: Lists discovery sources excluded from smart detection to avoid unreliable data.

    Practical Benefits for ServiceNow Customers

    • Maintains CMDB accuracy by systematically validating CI existence and status.
    • Improves CMDB data quality by enabling timely removal of outdated CIs.
    • Reduces manual effort through smart detection and auto-attestation based on recent discovery results.
    • Allows flexibility in managing attestation policies and task assignments tailored to organizational roles and CI ownership.

    Verify the existence of actual IT infrastructure and applications that you own, systematically and in bulk. As CIs are continuously ingested into the CMDB from various data sources, ensure the integrity of the CMDB. Remove any stale CIs that are associated with IT infrastructure or applications that no longer exists.

    Use the CMDB Data Manager in CMDB Workspace to create an Attestation policy, specifying CIs that need to be attested and the attestation frequency. Assign Attestation tasks to users that are familiar with or that manage the CIs, and who can attest or reject the IT infrastructure or applications that those CIs represent. Rejected CIs that are no longer needed can then be retired, archived, or deleted from the CMDB.

    Users can go to the My Work view in CMDB Workspace to see their assigned attestation tasks, and then review and process the tasks.

    Smart detection and auto-attestation

    Smart detection streamlines and simplifies CI attestation. With smart detection you can auto-attest CIs that are automatically detected by discovery programs, based only on recent discovery results.

    The following conditions must be met to enable smart detection:
    In addition, smart detection uses the following system properties as filters when creating a list of CIs that are candidates for auto-attestation. To be included as candidates for auto-attestation, CIs must be discovered:
    • Within the discovery time window specified by the sn_cmdb_ws.attestation.smart_detection.discovery_window system property (for example, within the last 30 days)
    • By any discovery source that isn't excluded by the sn_cmdb_ws.attestation.smart_detection.discovery_source.exclusion system property
    Then, when you review those candidate CIs, you can choose to auto-attest them.

    Properties associated with Attestation

    Property Description

    sn_cmdb_ws.attestation.smart_detection.disabled

    Disables smart detection.
    sn_cmdb_ws.attestation.smart_detection.discovery_source.exclusion

    Comma-separated list of discovery sources that are excluded in smart detection processing. For example, a data source that is unreliable in detecting CIs.

    CIs discovered by discovery sources in the list, can't be candidates for auto-attestation.
    sn_cmdb_ws.attestation.smart_detection.discovery_window

    Number of days (discovery window) that smart detection uses to determine whether a CI is a candidate for auto-attestation. Only CIs that were discovered within this discovery window can be candidates for auto-attestation.