Sometimes it is important to understand the impact of a CI in the big service delivery picture. In such a case you could investigate all CI´s that are affected by this CI, but it is also possible to summarize this impact into a number of attributes, such as SoX relevance and Security Level.

In this article I will show a relatively simple concept of making sure that these attributes are inherited and calculated from the parents to their children (and in turn to their children… etc).

The setup used in this example is as follows:

  • A customer has several Applications in his CMDB.
  • Each of these applications has a number of instances (for instance Production, Development, etc).
  • Each of these Application Instances is supported by one or more Servers.
  • Each Server supports one or more Application Instances.
  • Each Server also resides in one Data Center.

The goal of this exercise is to make sure that – at any time – you know if a certain Server or Data Center is supporting a SoX compliant Application Instance and what the maximum Security Level (0, 1, 2, 3, 4 or 5) of the supported Application Instances is.
Continue reading…»