Learn from industry analysts how IT organizations are using configuration management to meet compliance requirements and instill best practices. Find out how these organizations are applying the resulting processes to enhance security and improve operational efficiency in order to increase their level of service delivery.
W H I T E P AP E R C o n f i g u r a t i o n a n d C h a n g e M a n a g e m e n t f o r I T C o m p l i a n c e a n d R i s k M a n a g e m e n t : T h e T r i p w i r e Ap p r o a c h Sponsored by: Tripwire Frederick W. Broussard Vivian Tero November 2007
E X E C U T I V E S U M M A R Y moc. Increasingly, IT departments are regarded as service providers to end users. Thus, IT cdi. departments must manage their hardware and software assets with the objective of ww providing efficient customer service to all constituents. Service provision requires that w IT identify specific sets of services (such as in a service catalog), identify the assets 510 required to deliver the services, authorize users to access the services, and establish 4.53 processes and best practices for service delivery on an ongoing basis. 9.805. The need for effective processes for service delivery has resulted in the increasing F adoption of best practices based on IT Infrastructure Library (ITIL), ISO 20000, 002 Six Sigma, and other process standards and frameworks. Indeed, these best 8.2 practices are being adopted worldwide by IT departments that wish to improve 78.8 customer service to both internal and external customers. These standards help 05. streamline and standardize internal IT processes, resulting in higher IT efficiency and P improved service delivery to end users. One of the most critical areas that need AS strong operational processes is managing changes to the IT infrastructure. This U 10 includes processes for management of authorized and planned changes as well as 710 facilities for detecting and preventing unauthorized changes. AM ,m What is needed is a streamlined, integrated approach to managing change that ahg incorporates hardware and software asset discovery, discovers relationships between nim assets, and ensures that approved hardware and software asset configurations are arF maintained intact and are not corrupted by accidental or unauthorized changes. This te is a key foundation for meeting a variety of regulatory compliance requirements. ertS Tripwire has developed solutions that address this need, and when integrated with ne other solutions for discovery, these offerings can provide the necessary configuration epS and change management for multiple types of IT environments. IDC recommends 5 :s that IT managers consider Tripwire solutions to support these functions. retrauqdae I N T H I S W H I T E P AP E R H lab This IDC White Paper discusses key issues surrounding configuration management olG and compliance. These issues center on the IT department's need to lower costs, increase management flexibility and control, and increase responsiveness to business needs and requirements. Managing change and satisfying compliance requirements are critical parts of the IT department's service delivery mission. Accidental or unplanned changes to the IT configuration, or configuration settings that "drift away" from standards, can have drastic consequences in terms of
service disruption for the business as a whole. IT organizations need software solutions that can address the need to effectively manage and control changes to configuration settings.
S I T U AT I O N O V E R V I E W
Change is intrinsic to any business. Technology innovation, evolving customer preferences and requirements, disruptions in the supply chain, and regulatory developments are market forces that demand that businesses adapt quickly to these shifts and be able to innovate. IDC's January 2007 QuickLook Survey of senior business and IT executives underscores this business sentiment. The results show that the top 5 business initiatives leading the CEO's agenda are (in order of highest to lowest frequency rates):
! Customer care and service enhancement
! Product (or service) innovation/development
! Sales productivity/performance improvement
! Regulatory compliance
! Business performance monitoring
IT organizations must have the ability to effectively manage their IT assets and changes to the IT infrastructure to enable the business to respond to market developments i... [download for more]
