What is a logical Best Practice for ITSM Governance processes to require the ITSM tool's function? ITSM Governance body wants to control the usage of Configuration Item records on Change Request and Incident Ticket input by users by making the Configuration Item field on Request and Ticket forms "mandatory." In this case, a user can't submit a Change Request or an Incident Ticket without a Configuration Item attached, assuming that every Configuration Item is in the CMDB. Is it too much of an assumption to think that 100% of CIs for an organization are represented in their CMDB? What is the typical percentage of CIs an organization should strive toward from a CMDB representation perspective?

i tihink it depends on your organization  maturity but you can always prioritize according with your level.
- Depending on your type or user but commonly they are not aware of CI´s so in case or self service ticket registration you should enable simple service catalogues that already includes CI´s information when submit action is apply. Is registration is trhough Service Desk agent they must select the impacted CI or Service and second level can should always verify issue related CI. As well as change registration, CI´s must be related.
- At the same time you should work on your configuration management process to provide an accurate CI´s information to be selected when tickets or changes registration is happening.

My five cent:

1) The coverage of assets in CMDB will vary depending on the maturity of your organization. A level sufficient for manadatory field is possible, but you'll know better than we if this would work for your specific company.

2) Of course, making CI mandatory for Incindets could enforce higher coverage , but only
a) if managed properly (i.e. having reasoably high coverage + giving users an option to report missing CIs in a simple way) and
b) at the cost of annoying users when they cannot request help because of missing CI data

3) Even if you have very high CI coverage, it might still be challenging for users to identify which CI they need to add to the ticket (here stuff like scannable QR-codes might help, as well as presenting a workplace user with a list of CIs assgined to him)

4) And still: There's always the chance the user might get it wrong

Regarding your question about the representation of CIs in the CMDB:

It's typically unrealistic to expect that 100% of an organization's CIs are represented in the CMDB. Achieving a 100% representation is challenging for several reasons:

Some CIs may be obscure or unknown, especially in complex or legacy environments.
Temporary or transient CIs might not be included.
There may be limitations in terms of discovering and updating CIs, especially in constantly changing environments.

Organizations should strive to represent critical and high-impact CIs in the CMDB. The percentage of CIs represented can vary depending on the organization's size, complexity, and industry. As a general guideline, organizations should aim for a representation that covers the most critical and impactful components of their IT infrastructure. Achieving 80-90% representation for these critical items is considered good practice.

It's important to regularly review and update the CMDB to keep it as accurate and comprehensive as possible. Additionally, as the organization matures in its ITSM and ITIL (IT Infrastructure Library) practices, the CMDB's coverage can improve.

The key is to balance the effort and cost of CI representation with the benefits gained from having a reliable and well-maintained CMDB. This balance can vary from organization to organization.

I believe most of the large organizations are making CIs mandtory for request from users and change controls. At times, people experience issues but they are able to select similar CI for tickets and changes and later work with ticket/change handler. Organziations should always aim for 100% CIs as having robust CMDB saves time, helps in capacity planning, improve customer experience and also better for cyber security and visiblity.

Service now tool used securely with cyberark helping with 92% perspective and details to be noted in ANT profiler.