This process makes sure that the content of your Configuration Management System (CMS) / Configuration Management Database (CMDB) is verified and audited to guarantee the required level of data content accuracy. That goal is reached by executing a set of different procedures searching for discrepancies and raising incidents when difference can not be explained (e.g. some discrepancies can be explained by open changes, that means the TO BE State is already defined, but the change has not been deployed yet, so that the AS IS (discovered state) is not YET correct.
Examples for verification and audit routines are:
- Compare the content of the CMS (= authorized or TO BE state of CIs) with the discovered data (= discovered or AS IS state of CIs)
- QA-Procedures (e.g. Domain checking, User-Ownership-Validations)
- Re-Confirmation runs
- Physical audits (this is strictly speaking a task for asset management)
It depends on the nature of your CIs what routines to apply and it is part of the configuration identification process to define the correct verifications and audits for each CI-/CI-Relation Class.
Also for this CoM sub-process the ITIL manual gives no process example. The steps below should be part of the configuration status accounting process:
- Configuration Management gets a verification and/or audit request
- Analyse the Verification and Audit Request
- If the routine does not already exist
==> adjust existing or create new verification and audit routine
- If the routine does not already exist
- Execute the verification and audit routine
- Report results (Configuration Status Accounting)
- If Discrepancies found
- If Discrepancies not explainable
==> raise incident(s)
- If Discrepancies not explainable
- Close the request
You can also find an example for a process flow diagram in the blog
Tags: Process, Verification & Audit