Carlos Casanova is a well-known expert on CMDB/CMS, born in São Miguel, Açores, Portugal (the Azores islands is a paradise halfway between Europe and North America) and comes from the United States. I’ve enjoyed his thoughts and insights on the not so easy Configuration Management and CMDB/CMS topic. His book “The CMDB Imperative” (co-written with Glenn O’Donnell) is a reference for all who want to embark on CMDB/CMS.
1. I love your surname, it means “new house” in Portuguese. What is its origin?
My nationality is Portuguese. I was born in the Azores and moved to the United States as an infant with my family. Since then, some of my family members have worked on our family genealogy and have found ancestors outside of Portugal several generations back in Spain and Argentina. The name translates into “New House” in many languages including Italian. I am not sure if the basis comes from the stories of the famous lover or not but given the spread of the name across the world, it just might be the case.🙂
2. Why writing “The CMDB imperative”?
Prior to writing the book, I was the Director of Configuration Management for a global Financial Services firm based in the United States. I had been asked by the CIO to take on the effort but it was apparent that early on, after the magnitude and potential risk of the effort was clear to leadership, that nobody really wanted to take on the task themselves. For the next 4 years, I kept pushing the initiative forward as best as I could with limited resources and even less senior leadership support. What kept me going however was my vast background across the IT Operational areas, which developed in me a deep-rooted belief that this was the right thing to do for the company. My years working in Enterprise Architecture, IT Security, Disaster Recovery and Business Continuity helped me to develop a vision for a comprehensive entity that could support and deliver tremendous value to most operational area across any organization. Internally, I was losing the battle against Senior Management but externally, across the industry, I was getting a considerable amount of recognition for my accomplishments at the firm. At one point, I even had an industry expert come into my organization to assess our achievements and she was amazed at not only how much the team had achieved, but more so at the vision we had in mind for this enterprise wide entity. Unfortunately, my senior leadership decided to eliminate the remaining budget on the initiative shortly thereafter and I was faced with the decision to keep fighting to help a company who obviously was not ready to accept it or, write a book to help those companies that were ready to grow and build an incredibly valuable resource like the CMDB/CMS.
3. Is Configuration Management success at organizations hindered because IT people focus on the tech-centric CMDB? Why is there such a bad fame on its implementation feasibility and benefit?
I perform formal Configuration Management Assessments for companies and one of the questions in the assessment asks the interviewee to rank three items (People, Process, Technology) in terms of which is the biggest challenge to the success of a Configuration Management Solution. In every assessment so far, when the individual questionnaires are collected across the company from all the interviewees, “People” has always been ranked as the biggest challenge with “Process” in second place. “Technology” has never reached the second ranked position in an assessment at a company. In fact, very few interviewees ever rank “Technology” as the biggest challenge on their individual questionnaire. The issue however is that in the same questionnaire, I ask questions to determine the level of knowledge about Configuration Management and sadly, the answers reflect why there are so many failures. Glenn O’Donnell, my co-author, and I personally hate the term CMDB. Configuration Management System (CMS) was better but still didn’t convey the full view in our opinion. Our preferred term is Service Information System (SIS) which we think better describes the broad objective and capability of the system. In our book, we dedicated a subsection of Chapter 1 to explain “Why the term CMDB must go away”. A major issue is that CMDB implies a single monolithic repository where EVERYTHING is collected and stored and this is not reality. Logically and philosophically, it is a single entity but the CMDB is not really a database in the true sense of a database. The real solution is where the “CMDB” ( aka SIS ) is the portal through which you get your logical perspective even when the pieces are spread out across various departments or regions in the company. It should be the vehicle that helps you get a singular view but it does not need to be the singular keeper of date and information.
Because of the confusion of what a “CMDB” really is and frankly, the push by tool vendors selling a “CMDB” ( aka: relational DB that can store data you put in it ), most efforts fail at least once and typically twice before achieving any level of success. The third attempt comes after resetting expectations based on education and knowledge. Taking on the effort with a better understanding of what they are REALLY trying to accomplish and what problems they are trying to solve is far more likely to succeed. One of the first questions I ask every one of my clients is, Why do you want a “CMDB”? Strangely enough, most answer the questions with reasons for why you might implement an Inventory or Asset Management System. Few ever can fully articulate a reason that is truly in line with why you put in place a Configuration Management solution. Lastly, the fact that the term “CMDB” is used far more often than Configuration Management is a big reason why everyone at some point in time thinks if it as a pure technology effort. Once again, when they enter into it with this mindset, they will fail because they will not have addressed the biggest issues around data quality and people circumventing process. The CMDB will NOT fix these issues.
4. How can we sell Configuration Management to top management in a compelling way?
When I have the opportunity to speak with Senior Management that is knowledgeable about security and risk management, I explain to them that a Configuration Management solution can enable and/or directly support 11 of SANS Top 20 Critical Security Controls. The case studies around reduced call time, reduced MTTR and increased MTBF are great however, they address what I refer to as “soft money”. This is money that if saved, does not actually end up on the bottom line and hence, the senior executive cannot claim it as a real savings. For Senior Management that does not fully understand and appreciate Returned Value on Investment versus just Return On Investment, they won’t see the “soft money” savings as tangible and hence will not provide lots of support.
Now, with more and more pressure on IT Hardening, and bigger budgets in that sector versus the Service Management sector, Senior Managers might be better suited to understand the value that something like a Configuration Management solution brings to IT Hardening. The key is to relate the investment being made to value being delivered to the end users and business customers. You must put it in terms of the positive impact that it will have on the company’s customers and how it will drive better business outcomes.
5. Right now what is the role and impact you see for the Service Management Congress?
I am very disappointed that more did not come of the effort at the 2013 itSMF Fusion Conference in the United States. I am still in full support of the basic ideas that our industry is not functioning at the level of quality and efficiency that I feel it needs to and secondly that far too many so-called certified professionals are promoting utopian approaches to solutions that never deliver value to the business. Many of our peers and many organizations have lost focus on what the intention is and instead focus far too much on the letters and words in the books and try to emulate it word for word in their companies. This DOES NOT WORK! I was hopeful that our effort with SM Congress would be the catalyst to get more people in the industry coming to this awareness. Unfortunately, some individuals across the world, who based on their public stances prior to SM Congress were proponents of similar ideas and concepts, decided to personally attack some individuals in the SM Congress and this drove a major wedge into the effort. We are now more than 6 months removed from the conference and it appears to have been wasted. I still believe in the concepts and have incorporated them into my client work but as an entity, I don’t know if the SM Congress will be intact much by the time the next conference arrives.