If a CI in a third-party scan cannot be matched to the CMDB, what occurs?

When a configuration item (CI) from a third-party scan cannot be matched to the Configuration Management Database (CMDB), it results in the creation of a new CI in the Unmatched CI class. This process allows the organization to effectively manage items that do not have a corresponding entry in the existing CMDB, facilitating further investigation and potential integration into the configuration management system.

Creating an unmatched CI provides a structured method for system administrators and analysts to review and assess these items. This step is crucial because it prevents the loss of valuable data and ensures that all discovered CIs are accounted for in the vulnerability response process.

This action supports ongoing efforts to maintain an accurate and comprehensive CMDB, which is vital for effective IT service management. By flagging CIs that need further scrutiny rather than deleting them or ignoring them, organizations can ensure they consider all potential vulnerabilities associated with new or unverified configurations.

Additionally, maintaining a record of unmatched CIs allows for the possibility of identifying patterns in discrepancies that could highlight broader issues in the mapping of third-party assets to the organization's inventory.