CMDB Management

Folder + window icons

What is the CMDB?

The Configuration Management Database provides the capability to keep track of assets such as products, systems, software, facilities, responsible people as they exist at specific points in time, and the relationship between all assets.

ASU uses the CMDB for centralized inventory of assets including, High and Medium criticality systems, GDPR, and change management processes.

View this KB article for more detailed information.

View CMDB Inventory

High/Medium Criticality Applications

GDPR Applications 

 

Adding a Web Application to the CMDB

To request a new application be added to the the CMDB, complete the ServiceNow catalog form listed here

All departments are responsible for the Customer Application's data update once import.  

If an application's criticality rating is High or Medium, the Vulnerability team has to verify it before adding.

 

Adding a Vendor in the CMDB

If the Application is Third-Party, the Vendor must also be added to the CMDB.

How to request an new Vendor Record Creation or Vendor Import.

 

Decommissioning an Application in the CMDB

  1. Take the application offline and verify it is no longer published to the web
  2. Clear all application vulnerabilities in ServiceNow Application Vulnerability Response.
  3. Confirm assignment group in ServiceNow as AVR Decom.
  4. Change the status of the application in the CMDB to Non-Operational
  5. Remove the application from the scanning queue

 You can find a more detailed walkthrough for decommissioning an application here.

Additional Resources