Knowledge24 banner

The Common Service Data Model (CSDM) explained – Aligning IT to business strategy

17 minutes
Common Service Data Model - The Game

ServiceNow has made a major change to their database involving the Common Service Data Model (CSDM). It enables you to link your IT CIs in the Configuration Management Database (CMDB) to your services, users, costs, and more based on best practices. Labeled as a ‘change for the better’, CSDM 3.0 is a framework and prescriptive guidance for building your service aware CMDB. But how do you grow the new CSDM model into your organization? What is CSDM exactly and how do you stand to benefit from it?

First things first: what is a CMDB?

The ServiceNow CMDB provides a single system of record for IT. When paired with ServiceNow Service Mapping, the CMDB becomes service aware, enabling your ServiceNow applications to be service aware as well. Now with your CMDB, you gain full visibility of your infrastructure and services, leading to more control of your environment and better decisions.

Real-world CMDB challenges

We see our clients are faced with several CMDB related challenges:

  • Customizations to overcome challenges with CMDB data, like how to classify CIs and relate them to company capabilities, products and services
  • Poor to little architecture alignment with the CMDB
  • Working in silos leads to a lack of stakeholder collaboration and data ownership
  • Lack of IT Infrastructure Library Service Management principles
  • No formally defined services
  • Low CMDB visibility and awareness leads to a lack of ownership, an inaccurate CMDB and puts core ITSM processes at risk

CSDM is all about doing CMDB right

The Common Service Data Model is a best practice framework for CMDB data modeling and data management. It gives you guidance on service modeling and comes with a standard set of terms and definitions. It’s the backbone for the service configuration and connects your CMDB from both a business and technical perspective with recommended mappings and relationships. Done well, it provides visibility into service and application related data from different domains, consolidated in one single view, enabling you to align your IT strategy with company strategy and capabilities. But that’s not all. A high-quality CMDB brings along many benefits, like faster incident resolution, an improved security vulnerability profile and better judgment of change impact.

TIP: For more in-depth information about the model, see the Common Service Data Model 3.0 Whitepaper from ServiceNow.

What CSDM is not

X   One-size-fits-all guide that defines your application or business services

X   Set of reports

X   Code to install a product

X   Fix for past implementations

X   Process that defines your services

Are you following the best practices for a healthy CMDB?

What it is CSDM

CSDM is an evolution that aligns your CIs and services with your business strategy. It is both the data structure and the data development that supports your operations and provides your executives with key data. In fact, CSDM has a huge potential for mapping technology into capabilities that support and align with your organization.

  • It connects your CMDB to services from both a business and technical perspective with excellent reporting
  • Is a best practice for CMDB modelling, providing:
    • A guideline on where to put data
    • An understanding of service costs
    • One service language
    • Recommended mapping and relationships
  • A basis for many ServiceNow modules

CSDM includes best practices related to the proper data modeling using out-of-the-box (OOTB) tables and relationships. You can use it as a reference for mapping your IT services into ServiceNow. Whereas the intent is to provide prescriptive guidance, the model has been specifically designed with extensibility in mind, so you can extend as needed.

Based on three color-coded domains – Design, Manage Technical Services and Sell/Consume – the model provides guidelines to organize data in line with your organizational context. Additionally, the model introduces the concept of Manage Business Services that encompasses portions of all 3 domains. It also accounts for how different persona archetypes may consume, view, and populate.

The CSDM phased approach

Do not try to implement all CSDM elements at once. Approach CSDM in a staged manner by adhering to ServiceNow’s CRAWL, WALK, RUN and FLY stages. And remember, not all stages need to be achieved for all applications or services.

Common service data model phased approach

The CSDM CRAWL phase

CSDL CRAWL phase turtle

ServiceNow’s phased approach starts with the CRAWL phase. Here are five tips to get you get started off on the right track:

  • Create an overview of your Business Applications and Application Services
  • Understand ownership and responsibilities for Business Applications and Application Services
  • Determine business criticality of Application Services
  • Critical CIs first
  • Expand


Create an overview of your Business Applications and Application Services

This seems trivial, but a complete overview of all applications is often missing, especially in large enterprises. This first step is essential for you to get started on CSDM. So, make sure all of your Business Applications and Application Services are in ServiceNow.


Understand ownership and responsibilities for Business Applications and Application Services

It is key to understand who is accountable (ownership) for a Business Application and responsible for Application Service quality and operations. Don’t forget external suppliers to whom you have outsourced the responsibility for an Application Service, who might be hosting the services in their own (cloud) data centre.

Tip: During your CSDM CRAWL efforts, focus on the services that you manage yourself.


Determine business criticality of Application Services

Now that we have a list of Application Services that you are responsible for, it is important to understand how critical they are to the business. Because not all application services are equally critical. Focus on highly critical services first. Manage them properly, and implement changes in a controlled manner.

To determine criticality, involve the Business Application Owners to perform a Business Impact Analysis (BIA) and score your services. In case you’re not using the custom tables provided in your ITSM bundle, you could use them to support this process to collect input from your service owners. Want to know which questions to ask or how to do a Business Impact Analysis? Please ask us for our best practices in this area.

Tip: Start your journey with the top 25 most critical Business Applications.


Critical CIs first

Now that we’ve got a list of 25 critical Business Application that you’re responsible for, we should now focus on getting the critical Configuration Items (CIs) in place.

You need to work with your Application Owners and the groups responsible for supporting your services to identify the right data. The trick is to train these people in what the CSDM is and how to maintain this data in ServiceNow themselves. The CSDM game we developed is a nice way to ensure teams understand the meaning and importance of the CSDM. This game can be played virtually or hosted in our office, whichever you prefer.

During the CSDM CRAWL phase, focus on critical components like your Load Balancers, Application servers, Database Servers, key network equipment and other major components. Create simple dependencies between these Critical CIs. Ensure they’re related to the right Application Service and that the Application Services are related to the right Business Application.

Tip: Less is more. Especially when you need to maintain this data manually.



Now that you have your common service data model populated for your 25 most critical services, identify the next batch of Business Applications / Application Services to populate.


The CSDM WALK phase

CSDM Walk Phase

The WALK phase provides some interesting possibilities, especially when you decide to use ServiceNow Event Management. Doing so will give you an instant overview of which critical CIs are failing and how this affects your (critical) Application Services.

Not only will this reduce your Mean Time To Resolve (MTTR), it will also ensure better risk assessment for changes. Knowing which critical CIs are linked to one another will ensure the right precautions can be taken to avoid any unplanned downtime of critical Application Services, reducing the number of P1s and ultimately improving business performance.

As you move through the CRAWL and WALK phase, the amount of data you need to capture in your CSDM exponentially increases. Therefore, we strongly advise to look into automated discovery options to keep your transition manageable.

In order to make your CSDM WALK Phase a success, we advise you to take the following 5 steps:

  1. Create a Technical Services and Offerings overview
  2. Understand ownership and responsibilities
  3. Determine criticality
  4. Link Technical Service Offerings to corresponding Application Services
  5. Identify and link critical CIs of Technical Service Offerings to critical CIs of Critical Application Services


Create a Technical Services and Offerings overview

The effectiveness of your Application Services largely depends on your Technical Services, in combination with their offerings. Examples of Technical Services are hosting (windows), internet access, Local/Wide Area Network, storage (SAN), identity management (like AD), anti-virus, etc. In enterprises, this list is usually shorter than the list of Application Services.

When listing your Technical Service Offerings, it is important to work with a clear definition. According to the ServiceNow CSDM Whitepaper, a “Technical service offering is a service offering type defined as a stratification of the technical service into options including localization/geography, environment, pricing, availability, capability, support group (for incident), technical approval group (for change), and packaging options (commitments).”

Let’s take Identity Management as an example of a Technical Service. Associated offerings could be Active Directory Azure Cloud (external hosting) or Active Directory 2018 Prod / Active Directory 2018 Non-Prod (internal hosting). Looking at the internal hosting options, it is important to differentiate between Prod and Non-Prod, because their service levels differ.

Play our online CSDM game: Book now


Understand ownership and responsibilities

In order to capture the right data, you need to know who’s responsible. Therefore, it is essential to understand who is accountable (ownership) for service quality and service operations.

Some have outsourced the responsibility for a technical service to an external supplier, like for Azure Cloud. Our advice is to focus your CSDM WALK efforts on the technical services that you manage inhouse or of which you are the asset owner. The latter situation occurs when organizations have outsourced network maintenance to an external vendor, but still own the majority of the network equipment (like routers, switches, etc.).


Determine criticality

Now that we have a list of Technical Services and Technical Service Offerings for which you are responsible, it is important to determine their criticality.

We need to focus on highly critical services first, set up monitoring and implement changes in a controlled manner. Involve the Technical Service Owners to perform a Business Impact Analysis (BIA) and score your services. In case you aren’t using the custom tables provided in your ITSM bundle, you could use them to support this process to collect input from your service owners.

If you’d like help with asking the right questions or performing a Business Impact Analysis, do reach out to us. We can share our best practices in area.

Tip: Start with your top 25 most critical Technical Service Offerings.


Link Technical Service Offerings to corresponding Application Services

Now that we have identified the critical Technical Service Offerings, we can link them to the Application Services they support. This overview is key, because once in place, a Technical Service Owner can see the impact of a change on related applications with a single click. The other way around, your Application Owners and Support Groups can see all dependencies and they know exactly who to contact when incidents occur.

Furthermore, it is important to keep in mind that the Technical Service Offering object is used to capture important information like Approval and Support Group. The data you capture at this level can now be easily copied to associated CIs, which makes maintaining this data at CI level much easier, keeping things manageable.


Identify and link critical CIs of Technical Service Offerings to critical CIs of Critical Application Services

Criticality is important in this step, emphasizing the need to do more with less. IT infrastructures are becoming more and more complex, so you need to focus on what matters most. For the 25 most critical Technical Services Offerings you are responsible for, we’ll now focus on getting the critical Configuration Items (CIs) in place:

  • First, you need to map out the dependencies between critical Application Services and critical Technical Service Offerings. Since you have created this overview in step 4, this information is now easy to extract.
  • Next, the Technical Service Offering owners need to identify the critical CIs, like your SAN instances, key network equipment and other large building blocks that are connected to the critical CIs linked to your Application Services (application servers, database servers, etc.). In case you don’t have these critical Application Service CIs, then you probably have forgotten some steps in the CRAWL phase.
  • Don’t forget to map out the interdependencies between critical CIs as well

The CSDM RUN phase

CSDM RUN phase

In order to make your CSDM RUN Phase a success, make sure to follow these six steps:

  • Involve business users and service owners
  • Define SLAs and subscription methods
  • Identify and select business services
  • Define your business services (your offering)
  • Close the GAP (relate/depend business to IT)
  • Expand


Involve business users and service owners

When you’ve reached the RUN phase of CSDM, you’re entering the Sell/Consume domain. This domain is all about reaching out to service consumers. In order to maximize the value for consumers and customers, it’s important to involve them in the process as soon as possible. Additionally, this phase allows you to include non-IT services, like workplace services/facility services, etc.

The first step would be to identify a group of business stakeholders or key customers that you would like to involve. Take a deep dive with them into the services consumed to understand the service and offering commitments and required SLAs. Make sure that these service consumers understand the defined services and service offerings. Next, identify and involve the relevant service owners to translate the more technical services into end-user and customer-proof business services. This will greatly improve the Employee and Customer Experience.

TIP: If your organization does not have service owners yet, you should start thinking of employees that would be suitable for the job. Service owners are responsible for end-to-end Service Delivery and Performance. Identifying and involving service owners is key for success.


Define SLAs and subscription methods

Introducing Business Service Offerings and Business Services into your ServiceNow environment enables SLA management. Defining commitments on the Business Service Offering allows for SLA tracking on a different level than the Incident Task priority. We recommend tracking SLAs on business offering level by leveraging the commitments. In case commitments are in place, you could compare the OLAs with the SLAs for any service. Important to keep in mind here is that commitments to the business should not be stricter than the ones agreed upon with the supplier or internal support depts.

Next, decide how you want to subscribe users to the business service (offerings). You have multiple subscription options to choose from: user, company, location, department and group. Pick the one that matches your organizations’ structure best. By subscribing users to business service offerings, you greatly improve the Employee Experience as this will only show items in the Service Catalogue that are relevant to them.


Identify and select business services

Now it is time to identify which services you want to bring to the RUN maturity level. Not all services need to be defined up to business service level. Decide per service whether it’s worth to define a business service and service offering for it. Don’t boil the ocean, so make a selection of services to start on first. There are multiple ways to prioritize. The most common ways of prioritizing are by filtering on the most frequently used, most critical or most expensive services. Make your selection based on available data related to time requested, service criticality and perhaps financial details of services. The selected number of services for the first batch differs and often depends on available resources on your side.

Don’t know where to start with identifying business services? The easiest starting point is to dive into your instance and see which services are currently already defined and offered to internal or external users. In case there are no services defined in the current environment, we can provide a list of standard services. We’ll walk you through this standard list to tailor it your business environment.

Tip: Start your journey with the top 5 most critical business services.


Define your business services (your offering)

After you’ve selected your business services, it will become evident on how you should continue defining your business services. In the end, you’ll have your total service offering to (internal/external) customer defined. First, it is important to focus on delivering strategic business value by building a business service hierarchy into logical service portfolios. Next, you define the service offerings based on availability, scope, pricing, etc. Lastly, you include required agreements like external SLAs and internal OLAs to be measured for successful service delivery management.


Close the GAP (relate/depend business to IT)

In this step, you start with mapping the business services to the defined business service offerings. Each business service should have at least one or more business service offerings. How to do this? Zoom in on your business service offerings to understand what services are required for this offering. Note that multiple business services can provide a single business service offering. You do this to get a grip on what business services (and offerings) are relevant to which consumer. The goal here is to only show relevant services to your customers and end-users.

The next step is an exciting one! You can start connecting business and IT in the service model. By now, you know the relation between your business services and business service offerings per customer group. First, create dependencies to understand what application services a business service relies on. This will show the business criticality of an application service and its related SLAs/OLAs. Now, do you remember step 5 of the WALK phase? In this step, technical service offerings and related CIs were mapped to application services and related CIs that were already linked are now related to what is critical to your business.



Now that you have your common service data model populated for your 5 most critical business services, identify the next batch of business services and repeat the steps above. Once you’re all done, you’ve successfully completed the CSDM RUN phase and you can move on to the FLY phase.

The CSDM FLY phase

Canary in flight with sky and trees in background

The very last phase is the Fly Phase. We advise to take the following five steps to make it a success:

  • Identify use cases/services for FLY phase
  • Service Catalog
  • Define Business Capabilities
  • Link Business Capabilities with Business Applications and Business Services
  • Relate Information Objects to Business Applications


Identify use cases/services for FLY phase

Determine which services and use cases should be taken up to the FLY maturity level. As stated in the previous blogs, you don’t need to promote every service to the FLY stage.


Service Catalog

In this phase, the Service Catalog is introduced. Previously, catalog items were created and placed within a category and subcategory. Now, you’ll introduce Service Offerings that will be related to a Catalog Item, which will be published in the Service Catalog.

By relating the Catalog Item to the Service Offering, you gain insight on Service Offering level, e.g. how often and by whom it is consumed. Furthermore, by leveraging the subscribed by functionality, you can manage access/view rights of offerings on your Service Portal.

When creating the Service Catalog, best practice is to define multiple catalogs and see if certain bundles can be created related to a Service (e.g. Workplace bundle: Laptop, Mouse, Software).

Play our online CSDM game: Book now


Define Business Capabilities

Definition of Business Capabilities is very much a strategic exercise. Important here is to clearly describe what the organization is going to do in order to create value. When defining Business Capabilities, stick to the Business and Enterprise Architecture. Within the market, there are frameworks and standards that can be leveraged to lower the effort related to defining the Business Capabilities. Business Capabilities are hierarchical and can go up to 6 levels deep.


Link Business Capabilities with Business Applications and Business Services

In order to get an end-to-end view and allow for application and service rationalization, relationships should be created from the Business Capability to the Business Application and the Business Services. These relationships will enable the organization to make informed decisions based on data coming from multiple layers within the organization (Operations, Sell/Consume, Design/Planning).


Relate Information Objects to Business Applications

In this step, you’re going to relate Information Objects to Business Applications. This step can be taken earlier if there is a clear need from an IRM or GDPR perspective. Make sure you administer what kind of data runs through the Business Applications and the databases serving it in order to understand and be aware of the risk locations related to data.

Need help with CSDM? We’ve got you covered!

We’ve already helped many customers embark on their ServiceNow CSDM journey. And we can also support you! We make sure you avoid common pitfalls like budget overruns, missed deadlines and scope creep.

Our very own online CSDM game explains your team what the common service data model is and what phases there are: CRAWL, WALK, RUN and FLY. After only one workshop, we extract the right services data. And most importantly, because we successfully completed the journey before, we ensure your common service data model initiative will become a success. Request the workshop here.