IT Event Management Stuck at The Crossroads

I’ve been in IT for longer than I’d like to admit and one thing I’ve seen repeatedly is companies taking a disorganized and ad-hoc approach to Event Management and monitoring of their infrastructure that includes network, servers/VMs, databases, applications, etc.. Most IT organizations I’ve worked with suffer from tool sprawl, having acquired — over time — dozens of point and siloed monitoring tools and element managers. In most cases, each tool sends an event via an text message or email to individual subject matter experts (SMEs). This approach does not provide a centralized way to proactively identify potential issues (including cyber-attacks) at an Enterprise-visible level. In addition, the high volume of “noise” generated from these different tools makes it nearly impossible to determine the real issues and take action.  This leaves IT exposed to client satisfaction issues (end-users know about problems before IT), service outages and unnoticed cyber-attacks.

Here’s what we are seeing:

  • Too many events and noise
  • No correlation or de-duplication of events coming from diverse sources
  • Too many false positives
  • Events / alerts go to multiple groups and handled independently
  • Lack of event enrichment — alerts are cryptic and not actionable
  • No business context and therefore minimal business value
  • And more…

The complete lack of prioritization, budget and a cohesive organizational strategy for Event Management and monitoring is the primary cause and this mindset clearly cannot continue.

We work with clients to develop an Event Management Architecture Plan (EMAP). An EMAP is an actionable strategic blue print and roadmap to get a handle on this tool sprawl, reduce the number of point monitoring solutions to those necessary. We put a plan in place to define Event Management from a people, process and technology perspective. How do we enable the EMAP and turn it into reality?

ServiceNow’s Event Management Solution provides for the automatic creation of actionable alerts from third-party point monitoring tools such as SCOM, Solarwinds, NNMi and others. The application brings events captured by existing infrastructure monitoring tools into ServiceNow for consolidation, analysis, and action. Events are then processed through filters that normalize and de-duplicate the incoming event stream to generate alerts. From there, our clients can simply integrate with other processes enabled within ServiceNow including Incident, Problem and Change Management. Coupled with Service Mapping and the CMDB, our EMAP and ServiceNow implementation services finally allow IT to become more proactive and predictive and bring visibility to the business via service reporting.

When you are ready to implement Event Management within ServiceNow, we will be there to help you!

Contact us at or contact us at +1.888.718.1708 to learn more about ServiceNow and our EMAP  services.

Maintain Business Continuity Plans with Change Management

In our last post I mentioned a few thoughts that came to mind following attendance at the NorthEast Disaster Recovery Information X-Change’s (NEDRIX) spring conference. I had had some discussions with people who were charged with developing and maintaining plans for Business Continuity in the event of a major disruption.

Last time I pointed out that a Service Management capability would assist in developing such plans. This was because a Service Management approach would make it easier to include planning for Continuity at the earliest stages of the design of an organization’s services and business processes. It is easier to build your Continuity Plans into the design, rather than to retrofit them later.

OK, now that the Continuity Plans are built into your services and business processes from the time they are transitioned into production, how do you keep them current?

One part of the answer is Change Management. I know; this is a rather simple and obvious answer. However, when I discussed the difficulty of keeping Business Continuity plans current with my fellow conference attendees– not a single one claimed to have their continuity plans significantly tied in with a Change Management process.

Admittedly this was not a scientific sample, but it does resonate with my personal experience.

From a Service Management approach Change Management is a keystone. The key to a Service Management framework, such as ITIL, is that it defines several business processes that inter-relate. This integration of processes makes each process, and the entire (Service) Management System, stronger. Change is one of the processes that integrates and strengthens many of the other processes in the framework. This includes Continuity Management.

It is not only Services and component CI’s that can be addressed by Change Management. Any document that relates to Service Operation and delivery should be treated as a CI, and placed under Change control. This includes the overall Continuity Plan and any Continuity Planning documents that address specific services.

If you have a CMDB these documents are treated as CI’s and relationships are created to link them to the Services they are associated with. This makes it easy to call them up and address any requisite updates when Changes are proposed against those Services.

With or without a fully baked CMDB, it should be a standard checklist question at the Change Advisory Board (CAB) for any Normal Change that has been raised – ‘does this have impact on the Continuity Plan?’

As I stated above, this is pretty simple advice. However, in my experience it is not put into practice often enough.

As for the second part of the answer to how to keep your Continuity Plans up to date; that involves Knowledge Management. More about that in our next post.


To CMDB or not to CMDB (a hallway conversation at CPP)

For today’s blog post we listen in on a typical conversation in the ‘halls’ of CPP (man, we can be Geeks…):

 From: Anne Formalarie

Sent: Friday, June 14, 2013 10:08
To: Bill Cunningham; Katie Gravelle
Subject: CMDB

HI Katie and Bill

Have either of you designed/implemented a CMDB?  Just curious about the amount of work it takes and the value it delivers.

Anne Formalarie

Service Catalyst

From: Bill Cunningham
Sent: Friday, June 14, 2013 11:15 AM
To: Anne Formalarie; Katie Gravelle
Subject: RE: CMDB

Yes. In fact – I’m on a conference call now where we are working on the release plan for Configuration Management.

But man!! The second part of your questions is a HUGE topic!  We could talk all weekend about it. (Well, I could anyway.)

I have said – ‘Configuration Management is difficult to do poorly.’  What I mean is—it’s difficult to do; and even more difficult to do correctly.

The payoff is that it underpins the other ITIL processes. Without accurate CMDB data – there is a limit to how mature your front end processes – such as Change, Incident and Problem, can be- and even more of a limit to how mature your back-office processes – such as Availability and Capacity can be.

E.g. — A frequent argument among ITIL Geeks is whether you can really do Change Mgt. without a CMDB.



From: Katie Gravelle

Sent: Friday, June 14, 2013 13:35
To: Bill Cunningham; Anne Formalarie
Subject: RE: CMDB

Hi Anne and Bill,

Great input Bill–

An example – try migrating 1853 application instances to your brand spanking new, latest and greatest technology equipped data center  where 98% of the infrastructure is new, whilst effectively decommissioning the old applications and infrastructure services (some in your existing datacenters and some outsourced) — without a fully blown, integrated CMBD!!

Hello <insert typical not uncommon client name here>, the perfect example of a large enterprise that never integrated its CMDB with Change or Incident management.  (Fortunately, after literally spending – and still spending-  $$10’s of millions on the project resources to migrate to their new data center, they learned their lesson and they are integrating the CMDB as part of their ITSM Software implementation; in fact it’s a priority!!)

This is just one example of how the financial bottom line is affected without the CMDB. The default is excessive manual intervention, Change management that doesn’t “see” any underpinning services, a half-baked Service Catalog and no “glue” to hold together the ITSM tool modules that are operational!

It’s like trying to teach anatomy and physiology at the organ level without mention of the skeletal system, tendons, ligaments, muscles and skin! It just can’t stand up and stay together for the good of the whole!!

The ITIL Geeks are 100% correct as far as I am concerned. If you invest in a full suite ITSM tool, you will never realize the full value and ROI without the CMDB, and you will suffer lost productivity and multiple inefficiencies in service delivery! It costs a fortune and it degrades your credibility in the eyes of your IT resources and business users because you lack agility. It hampers compliance to your standards and frankly makes you more vulnerable in so many ways!

Like Bill, I could go on for hours on this topic…. These are just my thoughts for now!

Thanks! Katie

 Kathleen Gravelle

ITSM Consultant
Service Catalyst

IT Service Management Consulting and Education

From: Bill Cunningham
Sent: Friday, June 14, 2013 2:14 PM
To: Katie Gravelle; Anne Formalarie
Subject: RE: CMDB

And, while I agree with everything Katie said…

I am firmly in the camp that you can do effective Change Mgt. – and Incident Mgt. – WITHOUT a CMDB. The scripture disagrees… but in the real world… I’d even go so far as to say that for some organizations the payoff in Configuration Mgt. and the CMDB would not be worth the investment.

Because it is difficult, and expensive, to do poorly – let alone well. And for some orgs, they don’t need those processes to operate at the highest level of maturity. Others really can’t do without it.


From: Katie Gravelle

Sent: Friday, June 14, 2013 14:37
To: Bill Cunningham; Anne Formalarie
Subject: RE: CMDB

Absolutely – it isn’t necessary for everyone… it can be overkill… it’s all about value and ROI and in some cases the need and costs to implement doesn’t warrant it..

Gee Bill, it’s almost scary that we pretty much agree on everything! Yay!


Kathleen Gravelle

ITSM Consultant
Service Catalyst