Asset & Configuration - Audit Manager

Click when you are finished.

Welcome to the Asset & Configuration - Audit Manager learning. Click each sequential tab below to find key learnings and information.

{magictabs}

Introduction ::

The Audit & Verification Process is designed to measure the validity and accuracy of data in the Configuration Management System (CMS) and to confirm that Asset & Configuration Management procedures are followed properly. The Audit & Verification Process is also designed to trigger the immediate correction of data that is determined to be invalid or inaccurate. The Audit & Verification Process goals are to:

Obtain and maintain 99% data accuracy on critical, ratified data fields.
Provide a tool and process that can be used to measure and validate the accuracy of any other, non-critical data field.

Having accurate data in the CMS is critical for Legal and Finance compliance. The following 4 key benefits show why accurate data results in improved operations and service.

	Efficient Operation Asset data is used on a daily basis by operations for a number of reasons: Incident and problem management Space and resource planning Determine refresh rates and schedules
	Information Security In the event of a security incident, hardware data can be used to identify and nullify a threat. Inaccurate contact or location data can delay risk mitigation efforts.
	Cost Savings/Avoidance and Financial Reporting Asset data feeds our financial database, ensuring we pay taxes appropriately and that we are compliant with governments' reporting requirements. Warranty and maintenance contracts are based on Intel's hardware inventory. Having accurate data on what we have in our environment, and how it is being used, ensures we do not over- or under-spend on support costs. Asset inventory data is used for capital budget planning purposes.
	Environment Responsibility Accurate asset data is critical for determining IT's power consumption and identifying ways to reduce Intel's carbon footprint.

99% Data Accuracy

How we obtain a 99% data accuracy goal is through strategic planning and tactical execution of audit and monitoring activities. The following highlights these key activity tasks.

Physical
Attributes
Audit

Client or Non-Client

Tool: ISMP Certification and Intel Mobile Asset Auditor

Sampling
Measures accuracy of fields

Logical
Attributes
Audit

Client or Non-Client

Tool: ISMP Certification

Sampling
Measures accuracy of fields.

Data
Quality
Monitors

Unmanned reporting processes that check validity when there is a source for comparison, and accuracy, when there is logic to define correct/incorrect, of data on a mass scale.

Additional Resources

The following resources provide further learning opportunities and additional information:

||||

Audit Manager: Roles/Responsibilities::

Four job roles are involved in the Asset & Configuration Auditor processes. This learning focuses on roles and responsibilities for the Audit Manager and Audit Manager for the Service tasks. The Auditor Logical and Auditor Physical roles have separate learning, but are referenced here as they perform roles and responsibilities from the Audit Manager's task output and ongoing monitoring.

The primary responsibilities include:

Schedule formal and independent audits to verify Configuration Item (CI) accuracy.
Analyze and report out service-related audit results to identify accuracy issues and trends.
Act as the point of escalation for audit issues, i.e., audit tool or process issues.
Manage Configuration Management System (CMS) asset accuracy indicator(s).
Determine, document, and implement remediation plans to resolve audit issues that are not service-specific.

Both the Auditor Logical and Auditor Physical execute the actual audit tasks.

The primary responsibilities include:

Ensure that formal audits are assigned to the appropriate auditors.
Schedule informal audits to verify Configuration Item (CI) accuracy.
Analyze and report out service-related CIs accuracy trends and issues.
Act as the point of escalation for audit issues, e.g., missing assets identified, major data quality issues, central role audit tool or process issues.
Ensure that problem investigation occurs with improvements implemented to resolve service-specific Asset & Configuration data quality issues.

Differences: Audit Manager and Audit Manager for the Service


Audit Type	Issues both formal and independent audits.	Issues informal audits.
Service Type	Service-Agnostic (responsible for the accuracy of critical data fields across all services).	Service-Specific (responsible for all Configuration Item (CI) data for their service). Responsible to ensure audits issued from the Audit Manager are completed.
Point of Contact	Audit related issues.	Service related accuracy issues.

Click to view a demonstration how to View Your Role in the Service Now Tool.

Audit & Verification Process {showhide title="See More ..." changetitle="Hide ..."}

The Audit & Verification Process is divided into two distinct workflows as reflected in the job role's tasks and process flow activities.

Audit Management (Audit Manager / Audit Manager for the Service

Audit Execution (Auditor Logical / Auditor Physical)

Audit Manager's Tasks:

Decide which Configuration Item (CI) fields require validation
Create and assign audits appropriately to an Auditor Logical or Auditor Physical role
Analyze the audit results
Develop and implement corrective action plans to remediate low data accuracy

The Auditor Logical or Auditor Physical receives audit tasks from the Audit Managers to validate and correct (as needed) data in the CMS.

Audit Management Process Flow

Step 1: Create an Audit Definition

Audit Definition: A reusable template that defines the parameters of any audit object generated from it. It contains qualifiers such as which fields will be audited, sample type and size, audit owner, etc.

Step 2: Create an Object from the Audit Definition

Audit Object Definition: A container that generates and holds the CIs that require certification. It is assigned to an auditor, or group of auditors, who generate and certify the CIs. Each audit object is single-use only. Once all the CIs it contains have been certified, the audit is complete.

Step 3: Assign the Audit Object to an Auditor Group or a specific Auditor

An Audit Manager can identify assignment within the tool based on Location, Service, or a combination of both.

Audit Execution Process Flow

Step 1: Take ownership of an Audit Object

Step 2: Create the Certification Task List

Step 3: Open the appropriate validation tool
- (tool) Auditor Logical: ISMP Certification Tool
- (tool) Auditor Physical: Intel Mobile Asset Auditor

Step 4: Validate and correct records

Step 5: Certify records or submit audit
- Auditor Logical: Certify each record
- Auditor Physical: Submit the completed audit

{/showhide}

Audit Management Process {showhide title="See More ..." changetitle="Hide ..."}

The Audit Execution Process involves the Audit Manager and Audit Manager for the Services roles. The process tasks to be completed when performing their respective audit activities involve the following process steps.

Step

Action

Preparation

Preparation

Review the following demonstration to learn Integrated Service Management Platform general navigation and features when managing Audit Definitions and Audit Objects.

Click to view a demonstration how to Navigate the Audit Definition Screen & Completed Audit.

Step 1

&

Step 2

Create an Audit Definition & Create an Object from the Audit Definition

The process steps to create an Audit Definition and to create an Object from the Audit Definition are closely integrated and work together. The Audit Definition defines the scope parameters for the audit and the Object defines all Configuration Items (CIs) that will be included in the audit tasks.

Click to view a demonstration how to Create a New Audit Definition & Audit Object.

Click to view a demonstration how to Copy an Audit Definition.

Step 3

Assign the Audit Object to an Auditor Group or a specific Auditor

With the audit scope and CIs identified, it is important to assign the audit tasks to be completed to an Auditor Group or to a specific Auditor. The assignment provides visibility and tracking for work being processed and completed.

Click to view a demonstration how to Issue an Audit From an Existing Definition.

Additional
Tasks

Process a Client Mismatch Reconciliation and Monitor Audit Assignments

There can be findings during the audit steps where a client mismatch occurs, or when work completion needs further investigation (or proactive monitoring).

Click to view a demonstration how to Process a Client Mismatch Reconciliation.

The Auditor Logical and Auditor Physical receive audit tasks from Audit Managers. The Auditors are required to validate and correct the data in the Configuration Management System. If a Due Date is identified within the ISMP for audit tasks (performed by the Auditor Logical or Auditor Physical), Audit Managers are alerted if the tasks are incomplete. If it is not identified, it will be up to the Audit Manager to monitor the completion. When an audit is closed, an email notification is sent to the Audit Manager.

{/showhide}

||||

|| Completion || ::

When you have completed the learning in this content, click the below Track Completion button.

This allows the IT Service Management team to know that you have completed this learning and are prepared for relevant next steps.

Click when you are finished.

{/magictabs}