I am preparing a management report that will act as a means of explaining to every one in IT department why we perform Config Management audits.
While I personally know the reason for performing such audits, would anybody help me point to a few points that describes why such an audit should be performed?
You should perform audits to ensure that the organization is compliant to the Configuration Management process. When measuring Key Performance Indicators (KPIs), you should measure against:
Value (show me the money)
Performance (how fast or how many)
Quality (how well or accurate)
and Compliance (are we doing what we are supposed to be doing)
And all of your process should have some representation of metrics from each of these categories. A CMDB audit is a key Compliance measurement.