Changing the DNA of IT: Sarbanes-Oxley and Service Management

For many organizations, implementing ITIL has resulted in cost savings through improved management and IT governance.However, organizations should recognize that ITIL isn't an automatic path to good governance.

For example, a key element of ITIL is the configuration management database (CMDB) designed to control changes to configuration. The CMDB defines the relationships between configurations to minimize the risk to a business when it plans and implements change. This is an excellent practice, but it won't succeed if the CMDB itself is fragmented and not adequately maintained.

Maintaining a CMDB is impossible without a view of IT enterprise management that touches every IT process. Without this view, the unified database quickly degenerates to a collection of unconnected spreadsheets used by isolated departments. These islands of data don't reflect the true state of the infrastructure and result in a mad scramble to collect data when an audit is imminent.