The global skills and competency framework for the digital world

Configuration management CFMG

Planning, identifying, controlling, accounting for and auditing of configuration items (CIs) and their interrelationships.

Updates for SFIA 9

  • There is an updated version of this skill for SFIA 9.
  • Minor readability changes only
  • You can move to SFIA 9 when you are ready - SFIA 8 skill descriptions will still be available to use.
  • Previous SFIA assessments or skills mapping are not impacted by this change.

Guidance notes

Configuration items (CIs) can include a wide variety of components (objects) such as — but not limited to — source code, software, products, systems, hardware, networks, buildings, suppliers, process definitions and documents.  A coherent set of CIs forms a configuration.

Activities may include — but are not limited to:

  • identifying and documenting the functional and physical characteristics of CIs
  • identifying the relationships and maintain coherence between CIs for specific configurations
  • identifying the associated configuration(s), status, version and other characteristics of CIs at distinct points in time
  • controlling changes to CI characteristics, recording and reporting change processing and implementation status
  • systematically controlling changes to a configuration and maintaining the integrity, coherence, and traceability of that configuration throughout the project, system and/or service life cycle
  • adhering to established safety, security and quality standards
  • verifying and auditing CI records for data quality and compliance with specified internal and external requirements.

Levels of responsibility for this skill

2 3 4 5 6

Configuration management: Level 1

This skill is not typically observed or practiced at this level of responsibility and accountability.

Configuration management: Level 2

Applies tools, techniques and processes to administer, track, log, report on and correct configuration items, components and changes.

Assists with audits to check the accuracy of the information and undertakes any necessary corrective action under direction.

Configuration management: Level 3

Applies tools, techniques and processes to track, log and correct information related to configuration items.

Verifies and approves changes ensuring the protection of assets and components from unauthorised change, diversion and inappropriate use.

Ensures that users comply with identification standards for object types, environments, processes, life cycles, documentation, versions, formats, baselines, releases and templates.

Performs audits to check the accuracy of the information and undertakes any necessary corrective action under direction.

Configuration management: Level 4

Proposes and agrees the configuration items (CIs) to be uniquely identified with naming conventions.

Puts in place operational processes for secure configuration, classification and management of CIs, and for verifying and auditing configuration records.

Develops, configures and maintains tools (including automation) to identify, track, log and maintain accurate, complete and current information.

Reports on the status of configuration management. Identifies problems and issues and recommend corrective actions.

Configuration management: Level 5

Plans the capture and management of CIs and related information.

Agrees scope of configuration management processes and the configuration items (CIs) and related information to be controlled.

Identifies, evaluates and manages the adoption of appropriate tools, techniques and processes (including automation) for configuration management.

Contributes to the development of configuration management strategies, policies, standards, and guidelines.

Configuration management: Level 6

Develops configuration management strategies, policies, standards, and guidelines.

Champions the importance and value of configuration management and develops new methods and organisational capabilities (including automation) for configuration management.

Provides resources to drive adoption of, and adherence to, policies and standards.

Measures and monitors adherence to standards and ensures consistent execution of the process across the organisation.

Configuration management: Level 7

This skill is not typically observed or practiced at this level of responsibility and accountability.