Integrating CMDB Governance with Identity & Access Management for Enterprise Security
DOI:
https://doi.org/10.63345/sjaibt.v2.i4.202Keywords:
CMDB governance; IAM integration; enterprise security; access risk; configuration managementAbstract
In modern enterprises, Configuration Management Databases (CMDBs) and Identity & Access Management (IAM) are often managed separately, causing gaps in governance, visibility, and security. This study proposes a framework to integrate CMDB governance with IAM systems to enhance enterprise security, reduce risk, and improve compliance. We define governance principles for CMDB, align them with IAM lifecycle events, and simulate integration scenarios to evaluate effects on access anomalies, orphan accounts, and incident response time. Using statistical analysis on simulated data and scenario-based simulation, we show that integrated governance reduces access risk metrics by up to 35 % and improves mean time to detect unauthorized access by 28 %. The findings support adoption of such integration in real enterprises, subject to implementation challenges and tooling alignment.
Downloads
References
• “Identity & Access Management,” ITSM Group. (Online) itsmgroup.com
• “Identity Governance and Identity Management,” Identity Management Institute. (Online) Identity Management Institute®
• “Identity & Access Management On + With ServiceNow,” ServiceNow Community. (Online) ServiceNow
• “Enriching ServiceNow CMDBs with Data-Centric, Risk-Driven Context,” BigID blog. (Online) BigID
• “Identity as a Big Data Problem,” Radiant Logic blog (2025). (Online) Radiant Logic
• “PAM-ITSM Integration: What Good Practices Should Be Applied,” WALLIX blog. (Online) WALLIX
• “The Crucial Significance of Governance, Risk and Compliance in Identity and Access Management,” Omer Eltayeb et al. (2024) ResearchGate
• Nagender Yadav, A. S. Vivek, P. Subramani, Om Goel, Dr. S. P. Singh, & Er. A. Shrivastav. (2024). AI-Driven Enhancements in SAP SD Pricing for Real-Time Decision Making. IJMIRM, 3(3), 420–446.
• Saha, Biswanath, Rajneesh K. Singh, & Siddharth. (2025). Impact of Cloud Migration on Oracle HCM-Payroll Systems in Large Enterprises. IRJMETS, 7(1). https://doi.org/10.56726/IRJMETS66950
• Jaiswal, I. A., & Singh, R. K. (2025). Implementing enterprise-grade security in large-scale Java applications. IJRMEET, 13(3), 424. https://doi.org/10.63345/ijrmeet.org.v13.i3.28
• Tiwari, S. (2022). Global implications of nation-state cyber warfare: Challenges for international security. IJRMEET, 10(3), 42. https://doi.org/10.63345/ijrmeet.org.v10.i3.6
• “Combined Hyper-Extensible Extremely-Secured Zero-Trust CIAM-PAM architecture,” Aggarwal et al. (2025) arXiv
• “The Human-Machine Identity Blur: A Unified Framework for Cybersecurity Risk Management in 2025,” Janani (2025) arXiv
• “Dynamic Role-Based Access Control for Decentralized Applications,” Chatterjee et al. (2020) arXiv
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Scientific Journal of Artificial Intelligence and Blockchain Technologies
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
The license allows re-users to share and adapt the work, as long as credit is given to the author and don't use it for commercial purposes.
