Information technology governance and controls methods and apparatuses
First Claim
Patent Images
1. A non-transitory computer-readable storage device storing computer-executable instructions, which when executed by a computer cause the computer to perform a method, the method comprising:
- detecting one or more changes to an element at a data processing node by comparing a current state of the element to a baseline state of the element, the data processing node being a data processing node within an information technology (IT) infrastructure, the detected changes comprising a change to a configuration of the data processing node or a change to a file at the data processing node;
determining whether the detected changes include any unknown out-of-band changes by comparing a first memorialization of the detected changes to a second memorialization of one or more in-band changes that should have been made at the data processing node;
determining whether the detected changes conform to a conformance authority, the conformance authority comprising guidelines that define changes as conforming or nonconforming;
if the detected changes are conforming and in-band changes, updating the baseline state of the element to the current state; and
if the detected changes include a non-conforming or out-of-band change, generating an alert instead of updating the baseline state of the element to the current state.
5 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the present invention provide methods and systems for automated change audit of an enterprise'"'"'s IT infrastructure, including independent detection of changes, reconciliation of detected changes and independent reporting, to effectuate a triad of controls on managing changes within the IT infrastructure, preventive controls, detective controls and corrective controls.
163 Citations
18 Claims
-
1. A non-transitory computer-readable storage device storing computer-executable instructions, which when executed by a computer cause the computer to perform a method, the method comprising:
-
detecting one or more changes to an element at a data processing node by comparing a current state of the element to a baseline state of the element, the data processing node being a data processing node within an information technology (IT) infrastructure, the detected changes comprising a change to a configuration of the data processing node or a change to a file at the data processing node; determining whether the detected changes include any unknown out-of-band changes by comparing a first memorialization of the detected changes to a second memorialization of one or more in-band changes that should have been made at the data processing node; determining whether the detected changes conform to a conformance authority, the conformance authority comprising guidelines that define changes as conforming or nonconforming; if the detected changes are conforming and in-band changes, updating the baseline state of the element to the current state; and if the detected changes include a non-conforming or out-of-band change, generating an alert instead of updating the baseline state of the element to the current state. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method, comprising:
by a change detection agent at a data processing node; detecting one or more changes to an element at the data processing node by comparing a current state of the element to a baseline state of the element, the data processing node being a data processing node within an information technology (IT) infrastructure, the detected changes comprising a change to a configuration of the data processing node or a change to a file at the data processing node;
by a change control subsystem;determining whether the detected changes include any unknown out-of-band changes by comparing a first memorialization of the detected changes to a second memorialization of one or more in-band changes that should have been made at the data processing node; determining whether the detected changes conform to a conformance authority, the conformance authority comprising guidelines that define changes as conforming or nonconforming; if the detected changes are conforming and in-band changes, updating the baseline state of the element to the current state; and if the detected changes include a non-conforming or out-of-band change, generating an alert instead of updating the baseline state of the element to the current state. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
18. A system, comprising:
-
a change detection agent at a data processing node configured to detect a change to an element at the data processing node by comparing a current state of the element to a baseline state of the element, the data processing node being a data processing node within an information technology (IT) infrastructure, the change being a change to a configuration of the data processing node or a change to a file at the data processing node; a change control subsystem configured to determine whether the change is an out-of-band change by comparing a first memorialization of the change to a second memorialization of one or more in-band changes that should have been made at the data processing node, determine whether the change conforms to a conformance authority, the conformance authority comprising guidelines for defining changes as conforming or nonconforming, and, if the change is a conforming and in-band change, updating the baseline state of the element to the current state, but, if the change is a non-conforming or out-of-band change, generating an alert reporting the change instead of updating the baseline state of the element to the current state.
-
Specification