Which underlying components are required for Configuration Compliance?

The correct answer highlights the essential components required for Configuration Compliance, which primarily revolves around the Configuration Management Database (CMDB) and Asset Management.

The CMDB serves as a foundational element, providing a detailed inventory of all configuration items (CIs) within an organization. It holds essential information about the configurations, relationships, and dependencies between these items, which is crucial for understanding the state of IT assets in relation to compliance standards.

Asset Management complements the CMDB by tracking, managing, and optimizing the purchase, deployment, maintenance, and disposal of assets. It ensures that organizations maintain an accurate inventory of assets and confirms that those assets are in line with compliance requirements.

Together, these two components facilitate a comprehensive view of an organization’s configuration items, enabling effective monitoring and management of compliance statuses. Their integration allows teams to assess whether configurations align with established policies and standards, thus supporting overall governance and risk management initiatives.

In this context, options that do not include both the CMDB and Asset Management lack vital components needed for monitoring and enforcing Configuration Compliance effectively.