Question

Configuration management is a process of requesting, tracking, and approving all changes to a system. It...

Configuration management is a process of requesting, tracking, and approving all changes to a system. It not only involves the identification, control, and auditing of all changes made to a system, it also pertains to all hardware, software, network, and any other changes that pertain to security.

Provide an example of a situation where change control was not followed that resulted with a disastrous result. (This may or may not be real)

Then identify the necessary steps that should have been included as part of the change control process.


0 0
Add a comment Improve this question Transcribed image text
Answer #1
  • Configuration management (CM) could be a systems engineering method for establishing and maintaining consistency of a product's performance, functional, and physical attributes with its necessities, design, and operational info throughout its life.
  • The CM method is wide employed by military engineering organizations to manage changes throughout the system lifecycle of complicated systems, like weapon systems, military vehicles, and knowledge systems.
  • CM is that the observe of handling changes consistently so a system maintains its integrity over time. CM implements the policies, procedures, techniques, and tools that manage, judge projected changes, track the standing of changes, and maintain a list of system and support documents because the system changes.
  • CM programs and plans give technical and body direction to the event and implementation of the procedures, functions, services, tools, processes, and resources needed to with success develop and support a fancy system.
  • Throughout system development, CM permits program management to trace necessities throughout the life-cycle through acceptance and operations and maintenance. Changes square measure inevitable once software system is constructed.
  • A primary goal of software system engineering is to enhance the convenience with that changes may be created to software system. Configuration management is all concerning modification management.
  • Each computer programmer must fret with however changes created to figure merchandise square measure half-tracked and propagated throughout a project. To confirm that quality is maintained the modification method should be audited. A software system Configuration Management (SCM) arranges defines the strategy to be used for modification management.
  • The standard software system configuration management (SCM) method is looked upon by practitioners because the best resolution to handling changes in software system comes.
  • It identifies the useful and physical attributes of software system at varied points in time, and performs systematic management of changes to the known attributes for the aim of maintaining software system integrity and traceability throughout the software system development life cycle.
  • Configuration identification is that the method of characteristic the attributes that outline each side of a configuration item. A configuration item could be a product   that has an end-user purpose.
  • These attributes square measure recorded in configuration documentation and baseline. Base lining associate degree attribute forces formal configuration modification management processes to be settled within the event that these attributes square measure modified.
  • Configuration modification management could be a set of processes and approval stages needed to vary a configuration item's attributes and to re-baseline them.
  • Configuration standing accounting is that the ability to record and report on the configuration baselines related to every configuration item at any moment of your time.
  • Configuration audits square measure broken into useful and physical configuration audits. They occur either at delivery or at the instant of effecting the modification.
  • A useful configuration audit ensures that useful and performance attributes of a configuration item square measure achieved, whereas a physical configuration audit ensures that a configuration item is put in accordance with the necessities of its elaborate style documentation.
  • The Information Technology Infrastructure Library specifies the employment of a Configuration management system or Configuration management info as a method of achieving business best practices for Configuration Management.
  • CMDBs square measure accustomed track Configuration things (CIs) and therefore the dependencies between them, wherever CIs represent the items in associate degree enterprise that square measure value chase and managing, like however not restricted to computers, software, software system licenses, racks, network devices, storage, and even the elements among such things.
  • For info assurance, CM may be outlined because the management of security measures and assurances through management of changes created to hardware, software, firmware, documentation, test, take a look at fixtures, associate degreed take a look at documentation throughout the life cycle of a system.
  • CM for info assurance, generally remarked as Secure Configuration Management, depends upon performance, functional, and physical attributes of IT platforms and merchandise and their environments to see the suitable security   and assurances that square measure accustomed measure a system configuration state.
  • For instance, configuration necessities could also be totally different for a network firewall that functions as a part of associate degree organization's net boundary versus one that functions as an enclosed native network firewall.

  • Change management is presently employed in varied merchandise and systems . For IT systems it's a serious side of the broader discipline of modification management.
  • Typical examples from the pc and network environments square measure patches to software system merchandise, installation of latest in operation systems, upgrades to network routing tables, or changes to the electric power systems supporting such infrastructure.
  • There is wide overlap and confusion between modification management, configuration management and alter management. The definition below isn't however integrated with definitions of the other.,
  • Certain specialists describe modification management as a group of six steps
  • Record / Classify
  • Assess
  • Plan
  • Build / take a look at
  • Implement
  • Close / Gain Acceptance
  • The impact tax assessor or assessors then build their risk analysis usually by responsive a group of queries regarding risk, each to the business and to the method, and follow this by creating a judgment on United Nations agency ought to perform the modification.
  • If the modification needs over one form of assessment, the top of the modification management team can consolidate these. Everybody with a stake within the modification then should meet to see whether or not there's a business or technical justification for the modification.
  • The modification is then sent to the delivery team for coming up with. Management can assign the modification to a selected delivery team, sometimes one with the particular role of concluding this particular form of modification.
  • The team's initial job is to arrange the modification well moreover as construct a regression arranges just in case the modification has to be backed out.
  • Once the shopper agrees that the modification was enforced properly, the modification may be closed

PLEASE KINDLY GIVE ME LIKE

Add a comment
Know the answer?
Add Answer to:
Configuration management is a process of requesting, tracking, and approving all changes to a system. It...
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions
  • The purpose of a change control board process is to evaluate and implement potential changes to...

    The purpose of a change control board process is to evaluate and implement potential changes to the system during the desugn or post development stage. The need for change can result from what factor? New or changed requirement Changed hardware or software Cost saving opportunities Design Defects New Technology All of the above None of the above

  • A new version of the operating system is being planned for installation into your department’s production...

    A new version of the operating system is being planned for installation into your department’s production environment. What sort of testing would you recommend is done before your department goes live with the new version? Identify each type of testing and describe what is tested. Explain the rationale for performing each type of testing. [ your answer goes here ] Would the amount of testing and types of testing to be done be different if you were installing a security...

  • 1. Consider a grocery supermarket planning to computerize their inventory management. The items on shelves will...

    1. Consider a grocery supermarket planning to computerize their inventory management. The items on shelves will be marked with Radio Frequency Identification (RFID) tags and a set of RFID reader-devices will be installed for monitoring the movements of the tagged items. Each tag carries a 96-bit EPC (Electronic Product Code) with a Global Trade Identification number, which is an international standard. The RFID readers are installed on each shelf on the sales floor. The RFID system consists of two types...

  • The discussion: 150 -200 words. Auditing We know that computer security audits are important in business....

    The discussion: 150 -200 words. Auditing We know that computer security audits are important in business. However, let’s think about the types of audits that need to be performed and the frequency of these audits. Create a timeline that occurs during the fiscal year of audits that should occur and “who” should conduct the audits? Are they internal individuals, system administrators, internal accountants, external accountants, or others? Let me start you: (my timeline is wrong but you should use some...

  • Which role has the PRIMARY responsibility for the documentation of control implementation? Systems security engineer Control...

    Which role has the PRIMARY responsibility for the documentation of control implementation? Systems security engineer Control assessor Information System Owner (ISO) Information Owner/Steward When making determinations regarding the adequacy of common controls for their respective systems, Information System Owner (ISO) refer to the Common Control Providers’ (CCP) Privacy Impact Assessment (PIA) Business Impact Analysis (BIA) Authorization Packages Vulnerability Scans An organization-wide approach to identifying common controls early in the Risk Management Framework (RMF) process does which of the following? Considers...

  • TRUE/FALSE QUESTIONS:  Foundations of Information Security and Assurance 1. There is a problem anticipating and testing for...

    TRUE/FALSE QUESTIONS:  Foundations of Information Security and Assurance 1. There is a problem anticipating and testing for all potential types of non-standard inputs that might be exploited by an attacker to subvert a program. 2. Without suitable synchronization of accesses it is possible that values may be corrupted, or changes lost, due to over-lapping access, use, and replacement of shared values. 3. The biggest change of the nature in Windows XP SP2 was to change all anonymous remote procedure call (RPC)...

  • Using the CNA Insurance company Knowledge Management scenario (below), carry out the following knowledge management assignment...

    Using the CNA Insurance company Knowledge Management scenario (below), carry out the following knowledge management assignment Questions after reading the scenario/essay: =============================================================================================================== For Gordon Larson, telling stories is all in a day's work at his job as chief knowledge officer at CNA, and that's just fine with executives at the Chicago-based insurance giant. Larson owes his job to a shift in corporate direction. Three years ago, under the direction of a new chairman, CNA set off on a new mission....

  • The information systems (IS) department at Jacobsons, Inc., consists of eight employees, including the IS Manager, Melinda Cullen. Melinda is responsible for the day-to-day oversight of the IS functio...

    The information systems (IS) department at Jacobsons, Inc., consists of eight employees, including the IS Manager, Melinda Cullen. Melinda is responsible for the day-to-day oversight of the IS function and reports to Jacobsons' chief operating officer (COO). The COO is a senior vice president responsible for the overall retail operations who reports directly to the president and chief executive officer. The COO attends board of director meetings to provide an update of key operating performance issues. Because Melinda takes an...

  • Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around...

    Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...

  • CASE STUDY U.S. Office of Personnel Management Data Breach: No Routine Hack The U.S. Office of...

    CASE STUDY U.S. Office of Personnel Management Data Breach: No Routine Hack The U.S. Office of Personnel Management (OPM) is conducted, may have been extracted. Government offi responsible for recruiting and retaining a world-class cials say that the exposure of security clearance irn workforce to serve the American people and is also mation could pose a problem for years responsible for background investigations on pro- spective employees and security clearances. In June the OPM system, and its records were protected...

ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT