16 Questions to Get You Started on CMDB/CMS
July 20, 2011
Dennis Drogseth - EMA
Share this

The list below is about technology attributes -– a kind of mini RFP if you like. But before you even get started looking to invest in a CMDB or CMS, you should know WHAT it is you want to achieve and have a pretty good idea who’s involved. Some really bad reasons are “to be ITIL compliant,” or “because we need a CMDB” or “we’re not sure but once we get the data we’ll figure it out.” Good reasons have to do with the use cases and benefits associated with them listed in the next three articles, which you can link to at the bottom of this page.

But there are nevertheless some general criteria for selecting CMDB/CMS. I’ve grouped this according to general categories -- which also happen to fit how I assessed the eleven vendors in the radar report I mentioned in the first article.

Deployment, Administration and Cost

1. Basic costs and impacting factors

Basic software costs and typical impacting factors -- impacting factors can range from obvious features such as hardware and OS costs, to more complex and often more significant factors such as integration costs with third-party solutions, which need to include internal opex costs (your personnel costs) as well as outside services costs.

2. Cost for maintenance

What is the cost for maintenance? This can actually be a pretty significant delta. For instance one of the eleven vendors charged nothing for maintenance. Another charged the full 20%.

3. Software-as-a-service

Do they offer a SaaS solution? As I mentioned, five out of the eleven offered a SaaS delivery at the time of the radar, and soon another will join the pack. Another way of rephrasing this question is: do they ONLY offer a SaaS solution, or do they provide multiple types of licensing and deployment options? Choice is generally good, as your needs and priorities may change.

4. ROI, POC, costs and duration

You need validated insights on ROI, POC, costs and duration of deployments. EMA consulting always prefaces CMDB/CMS deployment ROI questions with the notion that, while ROI isn’t superfluous, it is as elusive as ROI for an effective transit and highways system for a city. It’s a fundamental, lifeblood improvement, but hard to calculate. Nonetheless, softer calculations -- before it took us this long to do xyz, now it takes half the time, or MTTR is improved 70% for critical services -- may not be scientifically pure ROI, but they are your best options and typically resonate well with execs.

5. Human Resources

You need validated insights about FTEs required for a certain number of CIs, or a deployment scaled like yours. Vendors categorically underestimate this –- not just the big platform vendors, either. This is a great use of social networking as long as you don’t take any one source too seriously.

6. Support for administration, modeling, reporting

Support for administration, modeling, reporting relevant to:
a. Ease of initial CMDB/CMS population.
b. Flexibility and ease of setting policies for discovery and reconciliation.
c. Ease of customizing and extending the reach of out-of-the-box models.
d. Ease of maintaining, updating and validating modeled groups against discovered environments.
e. Reports to support maintenance, scope, accuracy, and administration of the CMDB/CMS itself.
f. Ease of entering “domain expertise” for CMDB updates.

7. Professional and consulting resources

Evaluate professional and consulting resources available to support your needs and their costs. Some of the vendors stressed how minimally their customers needed these resources, and most partnered with third-parties to enhance their consulting portfolio. Nonetheless, good, targeted consulting that’s surgically directed at your needs can go a long way in actually saving you money -- and is well worth the price when it’s available.

Architecture, Integration and Functionality

8. Scalability

What is the highest number of CIs you are architected to support? CIs are a tricky metric, admittedly -– so we asked how many included desktops and at what percentage to get a more balanced picture. Scalability can also be measured in number of users supported.

9. Range of discovery

Can you natively, or through third-party integrations, support discovery for network (layer 2 and or 3), systems, applications, application components, third-party applications, Web and Web 2.0, storage, database, desktops, mobile devices, and virtualized environments? Can you discover configurations for the above? Ability to assimilate and reconcile third-party solutions is also key here.

10. Application dependency

Do you support application dependency mapping, or dependency mapping in general as either an automated and/or manual process? Does this include application-to-application, infrastructure-to-infrastructure, application-to-infrastructure, and/or application-to-application components? Do you do this directly and/or through third-party integration?

11. Reconciliation and normalization

Can you reconcile, normalize and if appropriate synchronize data from multiple (in-brand and third-party) sources? Can you support weightings for “trusted sources” to prioritize one source over another for a certain CI? We also looked at workspace options, analytics and automation in support of this critical and too often daunting task.

12. Integration

What types of management data repositories (MDRs) can you access both across your portfolio and from third-party sources? One way to capture the profile of the CMDB/CMS vendor you’re looking at is to see what MDRs they feature as integrated out of the box -- within and outside their portfolio. This is something of a litmus test to see which use cases they favor.

13. Modeling and Metadata

How versatile and extensible is your modeling to support various CI relationships, types, families, classes, attributes, states? Modeling is at the heart of the CMDB/CMS -- and the market is at an exciting inflection point in extending the reach of core service modeling beyond the CMDB itself to become a spine for the large CMS system.

14. Analytics

What types of analytics do you offer either directly through the CMDB, or indirectly through your own portfolio or third-party integrations? Some examples might be if/then change analysis, correlation, data mining, trending among other heuristics.

15. Automation

What types of automation can you leverage directly, with or without human intervention, including automation from your own and third party sources? Integration strategies may sometimes begin with automation, or dashboards -- as below—versus CMDB/CMS deployments. But the CMDB/CMS is the richest foundation and smart IT shops are realizing that service models that drive cohesion upwards into automation and visualization is, long term at least -- the best model.

16. Visualization

What visualization technologies do you support –- such as portals, scorecards, Web access, widgets, etc.? What roles do you support inside and outside of IT?

This is of course a very summary list, but it should be enough to get you started in asking the right questions. You might say these are "meta questions" (questions about questions) to help you ask the right more detailed questions.”

In the next three articles, I'll focus more directly on three individual use cases which can help you to shade these questions more effectively.

Click here to read the CMDB/CMS use cases for Asset Management and Financial Optimization

Click here to read the CMDB/CMS use cases for Change Management and Change Impact Analysis

Click here to read the CMDB/CMS use cases for Service Impact Management


Share this

The Latest

June 08, 2023

Interestingly, some experts say that — although convergence is happening, and sharing the data has great value — the security dashboards should not necessarily be combined with observability dashboards for ITOps, NetOps or DevOps ...

June 07, 2023

The experts have all agreed that security teams can gain great benefits from utilizing observability data. But does this mean security and observability tools should be integrated, or even combined? ...

June 06, 2023

One reason why observability and security make a good pairing is that traditional telemetry signals — metrics, logs, and traces — are helpful to maintain both performance and security ...

June 06, 2023

Observability and security — are they a match made in IT heaven, or a culture clash from IT hell? Sorry to be so dramatic, but it's actually a serious question that has gravity. The convergence of observability and security could change IT operations as we know it. And many IT authorities see this as a good thing. With input from industry experts — both analysts and vendors — this 8-part blog series to be posted over the next two weeks will explore what is driving this convergence, the challenges and advantages, and how it may transform the IT landscape ...

June 01, 2023

The journey of maturing observability practices for users entails navigating peaks and valleys. Users have clearly witnessed the maturation of their monitoring capabilities, embraced DevOps practices, and adopted cloud and cloud-native technologies. Notwithstanding that, we witness the gradual increase of the Mean Time To Recovery (MTTR) for production issues year over year ...