Hi,

The configuration management is an organ of the change management process.

CMDB is basically the directory of the configurations both original and the add-ons,namely,patches,fixes,versions etc and the relevant others.

The configuration is the focal point of business requirements that requires mapping in to the sysytem,the technology itself,the availability of the net work,web-based services and so on.The threat assessment,mitigation too converge on the CMDB.The CMDB is also a focal point of divesrse functional and non-functional attributes[ like security,SLAs,Escrow etc].The business,security requirements and technology being dynamic and which undergoes a constant self-immolation[obsolecense,cessation of features etc],a non-volatile,static CMDB which can render "An one size-fit all" solution is impossible here.

Building an acceptable,good CMDB is essentially an organic one and involves a huge expenditure of time and other resources.Until then this is bound to remain shallow.

Regards,

Ramesh.