Page 201 - Courses
P. 201

IT Essentials — Computer Operations

            Configuration Management

            Hardware operating systems (OSs) and application software contain configuration parameters.
            These parameters tell the operating system (OS) or application software what is and is not allowed.

            The CMDB stores the configuration parameters for devices — if they are assigned to the catalog. The
            configuration management database (CMDB) helps computer operations and others to quickly
            identify which devices need critical patches, which devices have not been patched, which systems
            have particular settings, which devices are nearing end-of-service-support from the vendor, and
            which devices use a particular piece of software.

            Zero-Day Vulnerabilities

            It is important for the internal auditor to remember that the majority of security vulnerabilities exist
            because someone determined how to manipulate the parameters or discovered that the current
            parameter settings grant inappropriate access. These events are commonly referred to as zero-day
            vulnerabilities because the problem has been exposed but a solution is not yet available.

            Those organizations with strong asset and configuration management practices are in a better
            position to implement temporary compensating controls to address these zero-day vulnerabilities.

             TOPIC 5: DEPLOYING UNIFIED SERVICE MANAGEMENT PLATFORMS

            Deploying Unified Service Management Platforms

            Every organization has its own method and tools for managing computer operations.

            Some organizations use unified platforms that have specific modules for configuration, problem,
            change, incident, and knowledge management that link to asset management tools.

            Other organizations have a more distributed model, where multiple tools are implemented, which
            may or may not have interface capabilities. Some service management plans are strictly ad hoc and
            may simply use Microsoft Office products or Microsoft SharePoint.

            Each approach will be described in detail on the next screen.

            Platform Model Approaches

            Platform model approaches include:
                 Unified Service Management Platform Model — One of the major advantages of a unified
                   service management platform model is the minimized integration between modules, which is
                   pre-established within the software operating system (OS) and the need to build interfaces.
                   This type of pre-established approach results in a solution that will allow both devices and
                   software to be assigned to users/machines. From the initial assignment through end-of-life,
                   the asset is tracked and all changes to the assets are logged into a centralized database.



            Copyright © 2021 by The Institute of Internal Auditors, Inc. All rights reserved.
   196   197   198   199   200   201   202   203   204   205   206