Sign in | Join United States - English [Change]
View my documents ()
 Home > Insights 

To ITIL® V3 and Beyond: Travels with Rob Stroud

Travel around the world with this IT best practices evangelist as he speaks on IT Service Management, IT Governance and ITIL trends

January 2008 - Posts

  • CMDB and Provisioning

     

    Of course I was delighted when CA CMDB r11.1 received a gold award in SearchDataCenter.com's Data Center Products of the Year 2007. I did think that the title of the award category, "CMDB and provisioning," was quite interesting, especially after just coming off of some itSMF USA planning meetings where we discussed, among other topics, the continued and growing interest in the CMDB and the need for automation to ensure the correct focus, timely updating, and ultimately value, of a CMDB initiative.

     

    "Provisioning" refers to the solution's ability "to supply" or "to fit out" the CMDB-that is to automate to ensure that the appropriate data is loaded and managed.  The fact that the other award category titles (i.e. Data Center Automation and Performance Management Tools) did not include the "and provisioning" modifier, though they could have, makes me wonder why CMDB was singled out in this manner.  In a way, it was a nod towards an idea I blogged about that beyond the CMDB there is a Configuration Management System or CMS that provides the automated functionality that supports the provisioning of the CMDB.

     

    Whether or not there was a real need to include "and provisioning," there is no doubt that CMDBs devoid of the tools needed to provision are apt to become outdated quickly. Automation of the CMDB is more than advantageous--it is essential to ensure the integrity and practicability of the CMDB.                

     

    Share this post: Email it! | bookmark it! | digg it! | reddit!
    Posted Jan 25 2008, 12:50 PM by Robert Stroud with no comments
    Tags:

  • Meet me in Oman

     

    For those of you interested in taking the title of my blog literally ("Travels with Rob Stroud"), I invite you to meet me in Muscat, Sultanate of Oman, at the Shangri-La, Barr Al Jissah Resort and Spa on January 21 and 22. I'll be delivering the keynote at the Asia-Pacific Computer Audit, Control and Security (CACS) Conference hosted by ISACA. With more than 65,000 members in more than 140 countries, ISACA is a recognized worldwide leader in IT governance, control, security and assurance, and I'm proud to be a board member. The keynote will feature my thoughts on "Harmonizing COBIT, Val IT, ITIL® and ISO 20000: Best Practices for IT Governance."

     

    I couldn't resist showing you this gorgeous venue. I'll bring you news from the conference in a future blog.

     

     

    omar small

     

    ITIL® is a Registered Trade Mark, and a Registered Community Trade Mark of the Office of Government Commerce, and is Registered in the U.S. Patent and Trademark Office.

    Share this post: Email it! | bookmark it! | digg it! | reddit!
    Posted Jan 03 2008, 11:10 AM by Robert Stroud with 2 comment(s)
    Tags: , ,

  • ITIL and Security

     

    The commingling of ITIL® and security has drawn increased attention at the conferences I've attended recently. No doubt security is a hot topic, fueled by highly publicized security exposures. 

     

    Though ITIL v3 formally introduces the security concept of Access Management to ITIL for the first time, ITIL processes have dealt with security issues for several years. Five years ago, IT service desks everywhere faced a huge issue in the ever-mounting numbers of password resets needed--a problem caused by the large number of passwords, draconian password change rules and lack of self help capabilities. Password resets represented up to 60% of all service desk incidents in many organizations. Today we have a self help capability for resetting passwords and automated processes to request and automate access. These automated processes are similar to the ITIL v3 processes from the Service Operations volume for Access Management and Self Help and are great examples of business driven automation now promoted by ITIL v3.    

     

    Within the security arena there are evolving standards in the ISO 27000 series (the series of standards have been specifically reserved by the International Organization for Standardization (ISO) for information security matters). ISO 27001 is an accepted standard currently in use and is intended to be used in conjunction with the coming ISO 27002, which will replace ISO 17799. ISO 17799 is a generic set of best practices for the security of information systems, considered by some to be the foremost security specification document in the world.

     

    The IT Governance Institute, of which I am a board member, worked with the Office of Government Commerce (OGC) on a paper exploring the relationship between the best practice frameworks COBIT and ITIL with security management as described in IS0 17799. The joint publication on "Aligning COBIT, ITIL and ISO 17799 for Business Benefit" is available for download and is one of ITGI's most requested publications.

     

    I am pleased to advise that a refresh of this document is currently underway and is scheduled for release in the first half of 2008. The new version will provide additional guidance on leveraging COBIT and ITIL to address security issues.

     

     

     

    ITIL® is a Registered Trade Mark, and a Registered Community Trade Mark of the Office of Government Commerce, and is Registered in the U.S. Patent and Trademark Office.

     

    Share this post: Email it! | bookmark it! | digg it! | reddit!
    Posted Jan 02 2008, 01:35 PM by Robert Stroud with no comments
    Tags: ,
 
 
Page Tools
ShareShare