CMDB is only useful for ITAM in the event that it is well integrated
with ITAM processes. Most CMDBs act as a central repository of
configuration data, or it can be easily integrated with other processes
and their datastores. Some store information about the devices connected
to a network, as well as information about software contracts and
licenses, which are associated with ITAM.
Storing all of this data within a CMDB allows information to be
generated in a single process that can be seen easily by other similar
processes—this strong integration enhances those similar, and other
associated, processes.
Strong integration between CMDB and ITAM reduces risk, as it has the
capability to log a server’s CPU, RAM, IP address, MAC address, etc.,
which provides the opportunity to identify any red flags if this
information changes unexpectedly. If a scanning tool finds an
application that didn’t go through the approved channels, it can be a
rogue or harmful application that may introduce vulnerabilities.