IT Operations Blog

Introduction to Configuration Management

3 minute read
Muhammad Raza

Enterprise IT assets are often deployed in a complex and hybrid mix of deployment architectures across on-site datacenter and cloud environments. These assets have configurations, or interface dependencies, between each other that must be identified, managed, and controlled to ensure that the IT environment behaves as required:

  • Any change in configurations can dramatically impact the performance, security, and functionality of the code and the underlying IT assets.
  • Infrastructure configured to run tests can be vastly different from the requirements of the production environment.

The task for IT Operations is to ensure that the configurations are managed correctly, following frameworks and guidelines such as ITIL®. In this article, we will explore the key concepts associated with configuration management, its components, and the activities involved.

What is configuration management?

ITIL defines Service Asset and Configuration Management (SACM) as: “The process responsible for ensuring that the assets required to deliver services are properly controlled, and that accurate and reliable information about those assets is available when and where it is needed. This information includes details of how the assets have been configured and the relationships between assets.”

Configuration management can also be described as activities associated with a technology platform that automates this process at scale.

A good example is DevOps environments where a mix of hybrid and multi-cloud services and assets are employed: companies use a Configuration Management System (CMS) to identify configuration states, control the changes, and audit the process for compliance and validation. A comprehensive CMS solution will ensure that the configurations are accurately identified, tracked, managed, and controlled across different SDLC stages, projects, and even the involved organizational departments.

Components of configuration management

According to ITIL, service assets and configuration management are closely associated and encompass all components, products, and services that must be managed from their inception to retirement.

IT professionals involved with Configuration Management will repeatedly come across the following key concepts:

  • Configuration model: A tool that consolidates interactions between dependent components and service assets that must be managed and controlled. The model connects these components, evaluating infrastructure changes and causes of incidents.
  • Configuration item (CI): Any infrastructure or service component that requires management in order to enable an IT service. A CI can be a fundamental structural unit in a CMS that can be managed and modified independently of other components in the IT environment. Examples range from documents and models to hardware assets and software components.
  • Configuration records: A set of records describing CI attributes and relationships.
  • Configuration management database (CMDB): A database that stores configurations records, including relationships between the configuration items.
  • Service asset: Resources that enable the delivery of an IT service. These can include the services provided by third-party vendors or the overall capability of an organization to address IT and security incidents. Therefore, service assets are not necessarily manageable by the organization, but the information about their state can support critical decisions related to IT service delivery.
  • Definitive management library (DML): A protected library containing authorized versions of configuration items as well as master copies of controlled software and documentation. The DML also defines capacity planning activities, security arrangements, and audit procedures.

The purpose of configuration management

Configuration management is intended to realize the following goals for IT projects, regardless of your ITSM framework:

  • Defining, identifying, and understanding configuration dependencies between assets. Any configuration change has the potential to affect the service performance and security.
  • Maintaining accurate configurations information across the varied state of infrastructure assets. Accurate information of the configuration states allows IT teams to maintain the IT environment in an optimal state for every individual phase of the SDLC lifecycle, such as development, test, production, and release.
  • Supporting informed decision making such as change authorization, release management and incident resolution, and other related service functions of an ITSM framework.
  • Controlling how configurations are updated and modified. These controls encompass Infrastructure as a Code (IaaC) and Configuration as a Code (CaaC) practices adopted in a DevOps setting. Ensure that formal approvals are followed for releases into controlled environments.
  • Documenting configuration information and accounting for changes that may affect the integrity of CIs. Audit the configuration management process to ensure that the necessary security and compliance protocols are followed.

Activities within configuration management

To achieve these goals, incorporate these actions into your regular IT activities to support Continuous Improvement:

Configuration management supports ITSM processes

Configuration management activities are closely related with other ITSM domains. Specifically, it is related with change management, a process with which configurations are changed to support the removal, addition or modification of a service component that can affect the delivery of an IT service.

Other relevant service domains can include financial management, availability management, and incident and problem management, among others.

Additional resources

BMC Blogs offers a variety of beginner and advanced topics about IT service management, including configuration and asset management. For more information, consult our ITIL 4 Guide, with 20+ related articles. Ready for the only end-to-end ITSM and ITOM platform for your company? Explore BMC Helix.

New strategies for modern service assurance

86% of global IT leaders in a recent IDG survey find it very, or extremely, challenging to optimize their IT resources to meet changing business demands.


These postings are my own and do not necessarily represent BMC's position, strategies, or opinion.

See an error or have a suggestion? Please let us know by emailing blogs@bmc.com.

Business, Faster than Humanly Possible

BMC empowers 86% of the Forbes Global 50 to accelerate business value faster than humanly possible. Our industry-leading portfolio unlocks human and machine potential to drive business growth, innovation, and sustainable success. BMC does this in a simple and optimized way by connecting people, systems, and data that power the world’s largest organizations so they can seize a competitive advantage.
Learn more about BMC ›

About the author

Muhammad Raza

Muhammad Raza is a Stockholm-based technology consultant working with leading startups and Fortune 500 firms on thought leadership branding projects across DevOps, Cloud, Security and IoT.