What is a configuration management database (CMDB)?

A configuration management database (CMDB) is a central repository that acts as a data warehouse, storing information about your IT environment, and it is a purpose-built database for configuration management.

A CMDB provides a common place to store data associated with IT assets and configuration items (CIs). The fundamental building block of a CMDB is the CI. A CI represents an item under configuration management, such as a router, a server, an application, a virtual machine, a container, or even a logical construct such as a portfolio. Data import tools are usually used to identify CIs in the environment, and transfer them to the CMDB. Some IT teams may also use manual tools to keep their CMDB updated but this is not a good practice as it cannot scale and it introduces errors, such as duplicates and unnecessary CIs. Once all of the information is gathered and unified, it must be reviewed for accuracy and consistency, and any data-gaps should be identified and resolved.

For a CMDB to function optimally, it must remain highly accurate, necessitating constant updating and ideally automated updates.

Graphic showing how a CMDB works.

At its core, one of the most significant benefits of a CMDB is that it takes all of the siloed data required to run IT from across the entire enterprise, and brings it together in a single place, giving IT Operations visibility into all the IT resources in the enterprise. It prevents data from being scattered across multiple locations. A CMDB helps IT teams in a number of ways; here are just a few: it helps eliminate outages, significantly reduce the time it takes to remediate an outage, remain in compliance, avoid security and audit fines, understand important service contexts when making decisions, which benefits risk assessment and reporting, and track software licence and cloud costs.


CMDBs helps technology managers plan at both a detailed level with asset management and at a high level with enterprise architecture.


Core ITSM practices are improved by CMDBs, including incident, change, and problem management.

CMDBs can improve risk assessment in change management by anticipating which systems and users might be impacted the most. They also aid compliance by helping teams manage audit trails and controls.

CMDBs affect incident management by identifying the changes and root causes of an incident, and moving towards a faster resolution. Incident records are associated with their CIs, which helps teams track incidents over time in conjunction with the assets impacted by the incident.

Problem management benefits from CMDBs in that they help with root-cause analysis, which helps teams get to the source of a problem more quickly. They also support proactive management by helping teams identify assets that are in need of an upgrade, thus reducing service costs and downtime.


It’s important to have application and service codes in IT finance, as it helps allocate billing statements and manage other finances.

Seamless dashboards

Integration of dashboards with CI metrics and analytics makes it easy to track the health of data, the impact of changes, patterns that lead to incidents or problems, and the health of the CIs. It gives the operations team real-time insights into the previous incident, problem or change related to a CI, which significantly reduces the time it takes to remediate an issue.

Access controls

Access controls provide the ability to give access levels to different individuals or teams as needed, and trace any changes back to their source in the event of incidents or questions.


You’ll get detailed records for visibility purposes, which will help with audits. Insights into records include the state of CIs, historical changes, checks and balances, and incidents.

Creation of CIs and data population

This is supported across three different types of method: integrations, discovery tools, and manual input, which all scan IP addresses within an organisation’s network to find software and hardware information. This process creates an inventory of all assets and devices within a company, including cloud resources.

Federated data sets

Support for federated data sets includes reconciliation and normalisation of CIs and their relevant data.

IT service mapping

A physical representation of relationships and dependencies related to an IT service.

Despite the obvious advantages of CMDBs, many organisations fail to generate value from their CMDB solutions. The reasons for this include: the manual processes used to build the CMDB, and the lack of people and processes in place to identify the critical data that should be moved into the CMDB or the automated tools to ensure that the data is put in the right place in the CMDB. However, this does not mean that the technology itself is flawed; by identifying the factors at play, it is possible to prepare for and prevent issues that might hamper CMDB effectiveness.


It can be difficult to maintain the accuracy of a CMDB—some of these difficulties include discovery tools not running frequently enough, an absence of automation protocols, or too much reliance on data input. By focusing on and optimising discovery within your CMDB, you will improve accuracy.


While a CMDB is a centralised place to view data, this does not necessarily mean that all asset data needs to live exclusively in the CMDB. A best practice is to take data from other tools so that the most relevant tool is used to support each case.

Multiple data sources

While a CMDB does act as a centralised repository for IT asset information, there can sometimes be too many sources of data that are feeding into the CMDB. This can create confusion and muddled data that may be difficult to categorise.


Some organisations function under the perception that CMDBs are for mapping legacy infrastructure and software rather than the new stack of cloud and software infrastructure. It’s important to not let the conversation around semantics prevent you from tracking the value of your CIs in a tool that provides a wide view of your technical ecosystems.


Some companies treat their CMDBs as the singular source of truth, and this can lead to organisations trying to combine all of their data into that location without considering use cases and what is relevant to their needs. A CMDB should contain only useful and focused data that supports processes. Ensure that it defines value, objective, owner, and ways to update all of the data.

Team commitment

Team commitment is one of the most important factors in the integration and use of new technologies and processes, and whether or not they are successful. If your organisation and the people involved are not fully committed to the success of your CMDB solution, then it likely will not succeed.


It’s crucial to choose the right tool if you want to avoid failure. Some CMDB tools are simply asset repositories that are fixed on legacy infrastructure discovery tools with a slow reaction to change. The best CMDB tools are those that are able to pivot quickly, and that account for new types of assets.

IT asset management (ITAM) is the process of accounting for assets during their lifecycle. This includes procurement and purchasing, software licence management, technology refresh, and asset valuation. ITAM oversees more financial and contractual components of assets. CMDBs are centred around the data used to manage assets during the period of time in which they are live and present within your IT environment. This includes understanding what comprises a service or asset, how it is used, and how it is related to other assets and services.

Each organisation has different use cases and goals with CMDBs, and that should determine the extent of their setup.

Technical entities

This includes application software, containers, virtual machines, databases, operation systems, hardware, ports, business services, technical services, and networks.

Non-technical entities

These are users, organisations, locations, documents, customers, and service agreements.

A CMDB is only useful for ITAM if it is well integrated with ITAM processes. Most CMDBs act as a central repository of configuration data, or they can be easily integrated with other processes and their datastores. Some store information about the devices connected to a network, as well as information about software contracts and licences, which are associated with ITAM.

Storing all of this data within a CMDB allows information to be generated in a single process that can be seen easily by other similar processes. This strong integration enhances those similar, and other associated, processes.

Strong integration between CMDB and ITAM reduces risk, as it has the capability to log a server’s CPU, RAM, IP address, MAC address etc., which provides the opportunity to identify any red flags if this information changes unexpectedly. If a scanning tool finds an application that didn’t go through the approved channels, it could be a rogue or harmful application that may introduce vulnerabilities.

The common service data model (CSDM) is all about doing CMDBs the right way. A CSDM is a centralised repository of standard and consistent sets of terms and their definitions. It is an essential best practice framework for CMDB management and modelling, and can provide guidance on modelling with its standardised terms and definitions. In other words, it’s a backbone for configuration that connects a CMDB from a business and technical perspective with recommended mappings and their respective relationships.

If done properly, the CSDM offers visibility into service and application data from varying domains, combined into a single view, allowing you to configure your IT strategy with a company strategy and the various capabilities. A proper CMDB also provides faster incident resolution, improved security, and a better judgement of the impact of change.

An IT infrastructure library (ITIL) describes processes for asset and configuration management, with the end goal being to maintain information about configuration items. This information includes lists of items, in addition to their relationship to each other. An ITIL also depicts underlying technical capabilities that are needed to support assets and configuration management that may span multiple CMDBs.

Companies are beginning to embrace Agile and DevOps, which means that CMDBs will take on a larger role in allowing IT employees to understand their production environments and make decisions in real time. SaaS usage is also expanding, and companies need to integrate their external data sources into a CMDB to have a big picture perspective of their hybrid IT environment.

Capabilities that scale with your business

Foresee problems before they arise with ServiceNow.

Loading spinner