Change Orders › Change Management › Configuration Audit and Control Facility › How to Define Policies for Change Verification

How to Define Policies for Change Verification

Complete the following recommended steps to begin using CACF in your CA SDM environment:

1. Review the Managed Change States in the CA SDM environment. Update the default Managed Change States or add states as necessary to suit your change management strategy.

   Change verification initiates when the status of a Change Order changes to a Change State that CACF manages, such as Verification in Progress.

2. Identify the available CI Managed Attributes that you want CACF to manage for change verification.
   • For example, you want to manage changes to Memory Installed (phys_mem) so that the attribute must have a matching Change Order for the test* server. You also consider changes to IP Address (alarm_id) as normal and always allowed.
   • For example, you want to manage changes to Memory Installed (phys_mem), MAC Address (mac_address), and IP Address (alarm_id) so that the attribute must have a matching Change Order for prod*. You do not want MDR1 to update IP Address and prefer MDR2 to complete this update. When you have a problem, create an Incident. Closing the Change Order also closes the Incidents automatically.
3. Determine what CIs or subset of the CIs in your system that you want to monitor.

   For example, you want to control all servers name test* and prod*. In addition, you control what CIs based on CI Class and CI Location.

4. Determine what MDRs and sources of data that you want to monitor.

   For example, you want to restrict data from MDR1 for the IP Address attribute from updating any CIs.

5. Determine the appropriate verification policy to manage the following types of change:
   • CI changes that match change orders.
   • CI changes that match the attributes in a Change Order, but do not match the value.
   • CI changes that you consider as rogue updates.
   • CI changes that you consider as rogue inserts.
6. Determine the appropriate update behavior that CACF takes when it detects a variance for a policy:
   • Always allow the attribute update request.
   • Allow the attribute update only when a corresponding change specification is specified for the update.
   • Always cancel the entire transaction.
   • Keep the existing attribute value.
   • Write data to the TWA.
   • Create an Incident when CACF detects a variance.
   • Automatically close any Incidents after Change Order verification.

Note: For more information about change verification planning and implementation, see the Administration Guide.

This section contains the following topics:

Example: Change Specification in the Pending Verification Status

Example: Change Specification in the Verified Status

Example: Change Specification in the Set After Change Verified Status

Example: Accept the Planned Value

Example: Accept the Discovered Value

Example: Manage Changes from an Unauthorized MDR

Verify a CI Attribute Value Update Manually