Configuration Management Plan includes Personnel, Responsibilities, Resources, Training Requirements, Administrative Meeting guidelines
The CMP also includes the following
Configuration Identification-Consists of setting and maintaining baselines, which define the system or subsystem architecture, and components before deployment.
Change Control- consists of configurations that are controlled, how changes are requested, approved and implemented
Configuration Status Accounting-Includes the process of recording and reporting configuration item (e.g., hardware, software, firmware, etc.) and How changes are tracked.
Change control is a systematic approach to managing all changes made to a product or system. The purpose is to ensure that no unnecessary changes are made, that all changes are documented, that services are not unnecessarily disrupted and that resources are used efficiently. Within information technology (IT), change control is a component of change management.
Configuration Verification and Audit: An independent review of hardware and software for the purpose of assessing compliance with established requirement. e.g. The United States Government Configuration Baseline (USGCB)/Federal Desktop Core Configuration (FDCC) http://usgcb.nist.gov/usgcb_faq.html#usgcbfaq_usgcbfdcc
Using scanning tools that are FDCC or USGB compliant can help detect whether a system or application is implemented according to the USA government requirements. Example: Nessus, Saint etc…..
Remedy change management software can be used to track and request change
Sample CMP
error: Content is protected !!
Login
Accessing this course requires a login. Please enter your credentials below!