The ITSM Practice: Elevating ITSM and IT Security Knowledge
Join Luigi Ferri, an experienced ITSM & IT Security Professional, in 'The ITSM Practice.' Explore IT Service Management and IT Security, uncovering innovations and best practices with insights from leading organizations like Volkswagen Financial Services, Vodafone, and more. Each episode offers practical guides and expert discussions for learning and growth. Ideal for all ITSM and IT Security Professionals!
Episodes
What DoDAF Can Teach Leaders About Architecture and Complexity
Are modern enterprises losing control of their architecture? In this episode, Luigi Ferri explores why cloud adoption, outsourcing, SaaS expansion, and fragmented governance are creating hidden dependencies and increasing operational risk. Discover how the Department of Defense Architecture Framework (DoDAF) offers valuable lessons for improving architectural visibility, governance, resilience, an
Identity Is the New Perimeter
AI is changing cybersecurity faster than most organizations can govern it. In this episode of The ITSM Practice Podcast, Luigi Ferri explores why identity has become the true enterprise perimeter. As organizations race to deploy Agentic AI, autonomous agents, cloud platforms, and APIs, many are building on identity governance models that were never designed for machine-scale decision-making. From
FINMA and ITIL 4: Building Resilient Swiss Banks
FINMA Circular 2023/1 is transforming operational resilience from a compliance exercise into a strategic leadership priority for Swiss banks. In this episode, Luigi Ferri explains why ITIL 4 is far more than ITSM, it is a powerful enterprise operating model that connects governance, cybersecurity, risk management, supplier coordination, and business continuity to build truly resilient financial in
Broken Transmission: Why Fintech Strategy Fails
Broken Transmission: Why Agile Fintechs Miss Strategy | In this episode of The ITSM Practice Podcast, Luigi Ferri explains why fintech strategy execution fails despite Agile delivery, strong squads, and constant releases. Learn how fragmented ownership, poor prioritization, and disconnected KPIs create operational misalignment, reducing business outcomes and authorization rate performance.In this
FINOS vs ISO 42001: What to Choose
Fintech leaders: stop defaulting to ISO 42001. Discover how FINOS empowers you to design scalable, audit-ready AI governance before regulation forces your hand. Learn to align controls, reduce risk, and build governance by design—not by pressure.In this episode, we answer to:What makes FINOS a powerful alternative to ISO 42001?How can fintechs design governance before audits hit?Why does governanc
Who Owns Cloud Security?
A single question can expose a major cloud risk: who is responsible? This episode breaks down the cloud shared responsibility model, revealing how unclear ownership, misconfigurations, and weak governance lead to data breaches, and how ISO/IEC 27017 helps close the gaps.In this episode, we answer to:Who is really accountable for cloud security failures?Why do misconfigurations cause most cloud dat
CISO Strategy: Where Product Security Fails at Scale
Most organisations manage only build and operate, ignoring growth, where security risk explodes. Luigi Ferri reveals how CISOs miss the most critical phase, where scaling, DevOps, and rapid decisions create hidden security debt. This episode challenges leaders to shift from reactive controls to full product lifecycle governance before risk turns into incidents.In this episode, we answer to:Why is
ITIL 5 Exposed: Accountability Without Authority
ITIL 5 exposes a critical ITSM flaw: Service Owners held accountable without authority. Discover how broken governance, security vs delivery conflicts, and unclear decision rights undermine outcomes. Learn why real accountability starts before operations, and how to redesign Enterprise Service Management for true leadership.In this episode, we answer to:Why are Service Owners accountable but not e
PSD3 Explained: Payments Security & Fraud
PSD3 is reshaping payments security, moving beyond PSD2’s access model to address fraud, scams and trust abuse. This episode explains why strong authentication is no longer enough, how APIs become critical to trust, and what banks and fintechs must change to stay secure, compliant and resilient.In this episode, we answer to:What makes PSD3 fundamentally different from PSD2 in payments security?Is
AI Governance Illusion: Hidden Risks & Accountability in ITSM
AI governance maturity can be misleading. Many organizations rely on frameworks, policies, and dashboards that signal control but fail to reflect true understanding of AI systems. This episode explores the Governance–Understanding Gap, highlighting why unclear decision ownership and limited system insight create hidden risks in AI, ITSM, and Enterprise Service Management environments.In this episo
DevSecOps: Responsibility Without Authority
DevSecOps promises shared security responsibility, but what happens when accountability shifts without decision authority? In this episode of The ITSM Practice Podcast, Luigi Ferri explores governance gaps, risk ownership, Security Champions, burnout, and structural ambiguity in DevSecOps. A sharp reflection for CISOs, AppSec leaders, and ITSM professionals navigating security governance and enter
ISO 31000 vs MoR: Closing the Risk Management Gap
Enterprise Risk Management (ERM) often looks mature—risk registers, ISO 31000 alignment, MoR processes—yet fails to influence real decisions. In fintech and regulated environments, risk governance must shape judgment, not just document compliance. This episode explores why ISO 31000 and MoR lose impact under pressure, and how to align risk appetite, decision-making, and operational execution befor
ITIL 5: Stop Explaining Failures. Start Owning System Decisions
In this episode of the ITSM Practice Podcast, Luigi Ferri explores how ITIL 5 shifts leadership from explaining incidents to owning systemic decisions. In complex service ecosystems, governance must move upstream—before automation, architecture, and risk scale. True IT Service Management leadership is no longer about post-incident justification, but about accountable decision design in Enterprise
ITIL 5, SCF and the Compliance Illusion
In this episode of the ITSM Practice Podcast, Luigi Ferri challenges the illusion of security frameworks and compliance culture. Exploring the Secure Controls Framework (SCF), ISO, NIST and ITIL 5, he exposes governance immaturity, framework sprawl and risk misalignment. A sharp reflection on cybersecurity governance, enterprise risk management and why compliance without thinking weakens leadershi
ITIL 5 for CIOs: Governing AI-Driven Digital Systems at Scale
ITIL 5 marks a decisive shift in IT Service Management. Moving beyond ITIL 4, it reframes services as AI-enabled digital product–service systems governed through data-driven decision models. This episode explores governance, accountability, CIO and CISO implications, and why ITIL 5 transforms service management into system leadership in an AI-native world.In this episode, we answer to:How does ITI
Why IT Maturity Is the Hidden Risk in IT Carve-Outs
In this episode of The ITSM Practice Podcast, Luigi Ferri explains why IT maturity is the decisive factor in successful IT carve-outs. From dependency mapping to ITIL v3 governance and continuity stress testing, the episode shows how disciplined IT Service Management prevents disruption, cost overruns, and failed separations during complex enterprise transitions.In this episode, we answer to:Where
Why ITIL 4 Is Critical for HITRUST Success
HITRUST certification is not a shortcut to trust. In this episode of The ITSM Practice Podcast, Luigi Ferri explains why real success with HITRUST depends on operational maturity, disciplined processes, and ITIL 4 practices. Learn how process consistency, evidence, and repeatability are the true foundations of sustainable compliance and security.In this episode, we answer to:Why do many mid-size o
FISMA in the Cloud: What Midsize Security Teams Need to Know
In this episode of The ITSM Practice Podcast, we explore what FISMA really means for midsize, cloud-native security teams. Using real-world scenarios, we explain why FISMA was built for federal systems, where it clashes with cloud responsibility models, and how a risk-based adoption strengthens governance without falling into compliance theatre.In this episode, we answer to:Do FISMA controls apply
ISO 27001 & ISO 42001: Governing AI Risk
As AI expands the security perimeter, CISOs face new questions about data, trust, and accountability. This episode explains how combining ISO/IEC 27001 and ISO/IEC 42001 creates a unified governance engine for information security and AI governance. Learn how mid-size organizations can turn AI risk, transparency, and compliance into a strategic advantage.In this episode, we answer to:How does AI c
Payment Security by Design with PCI P2PE
In this episode of The ITSM Practice Podcast, Luigi Ferri explains why PCI P2PE is not just encryption but a security-by-design discipline. Learn how point-to-point encryption eliminates clear-text card data, reduces breach impact, simplifies PCI compliance, and integrates with ITIL governance to protect trust from the first millisecond of payment.In this episode, we answer to:What is PCI P2PE and
ITIL v3 as the Backbone of eSIM Security
In this episode of The ITSM Practice Podcast, Luigi Ferri explains how ITIL v3 processes enable compliance with GSMA SAS-SM for secure eSIM provisioning. Discover how governance, service design, change, and continual improvement turn security from theory into an auditable, operational discipline in modern telecom environments.In this episode, we answer to:How can ITIL v3 processes support GSMA SAS
Why Mature ITSM Programs Fail?
Why do mature ITSM programs still fail? This episode explores the hidden risks behind ITSM stagnation, loss of executive sponsorship, outdated KPIs, rigid processes, and misaligned culture. Learn how to sustain ITSM maturity through continual improvement, business-aligned metrics, leadership engagement, and evolution in the age of automation and AI.In this episode, we answer to:Why do mature ITSM
From Readiness to Action: Building Your AI Roadmap
In this episode of The ITSM Practice Podcast, Luigi Ferri moves from AI theory to execution, explaining how medium-sized organizations can define AI use cases, assess data and infrastructure, build skills, and scale pilot projects. The focus is on creating a practical AI roadmap for IT Service Management with measurable, sustainable outcomes.In this episode, we answer to:How can organizations iden
Are We Really Ready for AI?
In this episode of The ITSM Practice Podcast, Luigi Ferri explores AI readiness for service desks and ITSM in medium-sized organizations. Going beyond tools and automation, the discussion focuses on leadership, governance, culture, and skills needed to adopt and scale AI responsibly and align AI initiatives with real business value.In this episode, we answer to:Are medium-sized organizations reall
How to Build a GRC Framework for Fintech Startups
Learn how to build a solid GRC foundation for fintech growth in the EU. We break down governance, risk management, and compliance essentials to help startups scale, earn investor trust, and meet PSD2, GDPR, DORA, MiCA, AML expectations from day one.In this episode, we answer to:How do you set up an effective GRC framework for a fintech startup in the EU?Why must European fintechs prioritize compli
BSI Grundschutz: Inside the Technical Measures – Part 2
A deep dive into BSI Grundschutz technical measures, systems, networks, applications, monitoring, and evidence-based security. Learn how to move from compliance to operational resilience and why German clients expect proof, not promises.In this episode, we answer to:How do BSI Grundschutz technical measures strengthen system, network, and application security?What evidence-based controls are requi
BSI Grundschutz: The Hidden Gatekeeper - Part 1
BSI Grundschutz is the hidden gatekeeper for U.S. companies entering Germany. This episode breaks down the organizational measures, from ISMS design to governance, staff security, and incident evidence, that shape compliance, build trust, and strengthen IT security maturity.In this episode, we answer to:What is BSI Grundschutz and why does it matter for U.S. companies expanding to Germany?How do o
Without a Service Management Office, ITSM Is Just Theatre
Discover why 70% of ITSM initiatives fail and how a strategic Service Management Office (SMO) transforms ITIL from theory into business value. Learn the six-step SMO blueprint, key metrics, and pitfalls to avoid to elevate ITSM maturity and governance.In this episode, we answer to:What is a Service Management Office and why is it critical for ITSM success?How do you build an SMO with governance, v
From Cost to Value: Financial Modelling for ITIL Services
In this episode of The ITSM Practice Podcast, Luigi Ferri dives into Financial Modelling for ITIL-based services — the key to shifting IT from a cost center to a value creator. Learn how Activity-Based Costing (ABC), Unit Costing, Lifecycle Costing, and Showback Models can transform IT governance, pricing clarity, and business alignment in IT Service Management (ITSM).In this episode, we answer to
Trust vs Tech: Why Regional Banks Are Falling Behind
Regional banks face extinction if they don’t evolve. In this episode, Luigi Ferri explains how AI, automation, and customer-driven innovation are redefining digital banking. Learn from Luigi Ferri why “trust” is no longer enough and how agentic banking will shape the future of finance by 2035.In this episode, we answer to:Is AI driving banking transformation, or are customers in control?What is th
BSI C5 vs NIST 800-53: Smart Compliance for Banks
In this episode, Luigi Ferri compares two pillars of cloud security compliance: BSI C5 (Germany) and NIST SP 800-53 (USA). Discover how global banks can harmonize compliance, cut costs, and focus on real security over bureaucracy. Learn how ITSM and IT security teams can transform audit frameworks into governance tools that truly add value.In this episode, we answer to:How can global banks manage
What Is the AICM Framework for AI Compliance?
AI is transforming banking, but so are the rules. In this episode, Luigi Ferri explores how the Artificial Intelligence Control Matrix (AICM) helps financial institutions navigate complex compliance frameworks like ISO 42001, NIST AI RMF, and the EU AI Act, while staying secure and cost-efficient. Discover how to simplify AI governance, reduce audit fatigue, and protect your organization from mode
Process Mining in ITSM: Hidden Workflows Revealed
Discover how Luigi Ferri explains how Process Mining in ITSM transforms service delivery by revealing real workflows hidden behind your dashboards. Learn how to eliminate bottlenecks, prevent SLA breaches, and align your Service Catalogue with reality. Turn ITSM data into actionable insights for compliance, automation, and continuous improvement.In this episode, we answer to:What’s the real differ
How to Build IT Accountability with SoD (ISO 27001 Control 5.3)
In this episode of The ITSM Practice, Luigi Ferri explores ISO/IEC 27001:2022 Control 5.3 – Segregation of Duties (SoD). Learn how to reduce risk, design accountability, and strengthen your ISMS with actionable SoD strategies, especially in ITIL 4 environments. Master RBAC, role clarity, and audit readiness to build trust into your IT processes by design.In this episode, we answer to:How does ISO
The VMO in ITIL 4: Aligning Work with Strategy and Value
The Value Management Office: Moving from Work to Worth. Is your IT team busy… but not sure if it’s delivering real value? In this episode, we uncover how a Value Management Office (VMO) helps organizations shift from tracking activity to measuring true business outcomes. Learn how ITIL 4, value stream mapping, and outcome-based metrics transform IT into a strategic value partner.Maximize value. Al
ISO 31000: Building Risk-Aware Culture Through Smarter Decisions
Discover how ISO 31000 transforms risk from a compliance task into a shared decision-making mindset. In just 8 minutes, learn how to embed risk-aware thinking across IT, business continuity, cybersecurity, and operations—boosting confidence, clarity, and adaptability in every decision.In this episode, we answer to:What makes ISO 31000 different from other risk management standards?How can organiza
Align BIAN and ITIL 4 for Capability-Based IT Governance
Discover how to align BIAN Service Domains with ITIL 4's Service Value System to transform your static CMDB into a dynamic capability governance model. Learn how to drive business value, enable composable architecture, and build accountability in IT services. A must-listen for anyone in Enterprise Service Management, IT Governance, or Banking IT Architecture.In this episode, we answer to:What
No IT Security without Service Management: Integration Strategies for Resilience
In Part 2 of this essential discussion, we move from theory to practice. You’ll learn how to integrate security into service management using frameworks like ITIL, practical change controls, and unified incident response plans.Discover the culture shift needed to make ITSM and security teams collaborate effectively. Learn how to embed security into change management workflows and why continuous im
IT Security Needs Service Management: Exploring the Interdependence
In Part 1 of this powerful two-part series, we break down the foundational link between IT Security and IT Service Management (ITSM). You'll discover how service management processes such as incident handling, asset visibility, and change control provide the essential structure that cybersecurity needs to succeed.IT Security is not a silo. It depends on the operational strength of ITSM to mana
How to Measure Cybersecurity Effectiveness: KPIs, KRIs, and Business Impact
Struggling to prove the value of your cybersecurity efforts? In this episode of The ITSM Practice, Luigi Ferri shows how to turn cybersecurity metrics into business assets. Learn why measuring outcomes—not just activities—can elevate security from cost center to competitive advantage.In this episode, we answer to:What should you measure to show cybersecurity effectiveness in business terms?How do
Securing Agentic AI: Maturity-Based Cybersecurity Strategies
Agentic AI is here, learning, deciding, and acting without human approval. But is your organization mature enough to secure it? In this episode, we explore how to align AI autonomy with tailored security controls using NIST maturity tiers and ISO frameworks.In this episode, we answer to:What makes agentic AI different from traditional automation?Why can’t existing controls fully secure autonomous
How to Reduce Call Center Costs Without Losing Customer Trust
Discover how to reduce call center costs without damaging customer trust. In this episode of The ITSM Practice, Luigi Ferri shares strategic insights on balancing automation, training, remote work, and compliance for long-term value. Make savings without losing meaning.In this episode, we answer to:How can organizations reduce call center costs without harming customer relationships?What are the h
Who Really Defines Project Success? It’s Not the Metrics
A project that met every milestone, but left users unchanged. In this episode, we reveal why real success isn’t measured by delivery but by perception. Discover how top project leaders manage meaning, not just metrics.In this episode, we answer to:How do you define project success beyond KPIs and timelines?Why is stakeholder perception more important than status reports?What practical steps help u
ITIL 4 and Value Stream Mapping: A Smarter Way to Deliver ITSM Value
Discover why shifting from traditional process maps to value stream mapping transforms ITSM. Luigi Ferri explains how VSM breaks silos, aligns IT with business value, and improves service visibility. Learn how to expose waste, measure impact, and build flow-focused culture in modern organizations.In this episode, we answer to:What is the difference between process maps and value stream mapping in
Preparing for Post-Quantum Security
Discover why post-quantum cryptography is urgent for regulated industries. Learn how to protect long-term data, start cryptographic inventory, and align with evolving national strategies. This episode offers a clear, actionable roadmap for future-proofing your digital identity and systems.In this episode, we answer to:How can organizations start preparing for post-quantum cryptography migration?Wh
Security Strategy vs Strategic Plan: What’s the Difference?
Confusing a security strategy with a strategic plan leads to failure. In this episode, Luigi Ferri breaks down the core differences, revealing seven pillars of a winning security strategy, from governance and threat intelligence to resilience. Learn how to shift from vague intentions to real impact.In this episode, we answer to:What is the difference between a security strategy and a strategic pla
Agentic AI: The Future of ITSM
Agentic AI is redefining IT Service Management with autonomous decision-making, intelligent workflow orchestration, and continuous learning. In this episode, we explore how AI transforms service desks into predictive ecosystems, boosts performance, and challenges organizational readiness, ethics, and governance.In this episode, we answer to:What makes Agentic AI different from traditional automati
Outsourcing Code, Keeping Control – ISO/IEC 27001 A.8.30
Outsourced development is growing, but ISO 27001 Annex A 8.30 ensures you don’t outsource control. In this episode, we explain how to secure external software development, from vendor audits to contract clauses and compliance risks. Learn practical steps to protect your business.In this episode, we answer to:How can ISO 27001 Annex A 8.30 secure outsourced development?What security questions shoul
How Enterprise Architecture Transforms Hospital IT and Patient Safety
Discover how Enterprise Architecture in healthcare helps government hospitals improve patient safety, system resilience, and operational efficiency. Learn the five EA pillars driving digital transformation, compliance, and innovation—critical for Managed Service Providers too.In this episode, we answer to:How can Enterprise Architecture reduce IT outages in hospitals?What risks do Managed Service
PCI DSS Explained: Turning Compliance into a Security Strategy
Discover how PCI DSS can become more than just a compliance checklist. This episode explores PCI DSS as a strategic tool to build digital trust, prevent fraud, and unify your security approach. Learn why treating it as a living framework, not a box-ticking task—can transform your security posture.In this episode, we answer to:What are the core PCI DSS requirements most organizations fail to meet?W
FinTech CIOs: From Projects to Products – Lead the Shift to Product-Centric IT
Discover how FinTechs can shift from project-driven IT to a product-centric model that enables continuous value delivery. Learn key strategies for CIOs to build agile, cross-functional teams and redesign governance. Are your teams truly product-led or just rebranded project squads?In this episode, we answer to:How can FinTech CIOs enable a shift from projects to products?What does a product-led op
ISO/IEC 42001 Explained: How to Govern AI Ethically and Securely
Explore how ISO/IEC 42001 sets the standard for responsible, ethical, and secure AI use. Learn how it aligns AI governance with business strategy, mitigates risks, and fosters innovation through transparency and trust.In this episode, we answer to:Why do organizations need a specific standard for AI governance?What are the core components of ISO/IEC 42001 and how do they work in practice?How does
ISO 20022 Explained: Global Payments, Compliance Risks & Transformation Strategies
ISO 20022 is reshaping global payments with rich, structured data, offering enhanced compliance, operational efficiency, and new revenue possibilities. As the 2025 deadline nears, financial institutions must modernize systems, reduce risks, and unlock powerful analytics. Ready or not, change is here.In this episode, we answer to:What happens if you’re not ISO 20022-compliant by November 2025?How d
AI Is Replacing Project Managers — Only the Smart Will Survive
In today’s episode of The ITSM Practice, we explore the future of project management in an AI-driven world. How can project managers stay relevant when AI plans, flags risks, and analyzes moods? Discover how emotional intelligence, critical thinking, and ethical leadership shape the next generation of project leaders. In this episode, we answer to: How should project managers adapt when AI starts
The 3 Risk Models Every IT and Business Leader Must Understand
Dive into this essential episode of "The ITSM Practice Podcast" hosted by Luigi Ferri, where we rethink risk management beyond frameworks and dashboards. Discover how hidden vulnerabilities can silently disrupt operations and why evolving from Risk Officer to Continuity Architect is crucial for true resilience.In this episode, we answer to: Which risks are we ignoring because they don
Why ISO 27001 Certification Is Essential for Fintech Success in 2025
Discover how ISO 27001 boosts fintech security, simplifies compliance, builds customer trust, drives operational efficiency, attracts investors, and supports scaling. Learn why mid-sized fintechs must treat ISO 27001 as a strategic asset, not just a requirement.In this episode, we answer to:How does ISO 27001 improve fintech security and risk management in 2025? Why is ISO 27001 crucial for custom
What is an ITIL 4 Master — And Why It Matters for Your ITSM Career
Many IT Professionals collect certifications, but real mastery means transforming theory into outcomes, leadership, and trust. In this episode, we explore what the ITIL 4 Master journey demands beyond exams and frameworks.In this episode, we answer to:Am I just qualified, or have I truly mastered IT service management? Can I speak the language of the boardroom, not just the server room? How can I
Is BIAN the Cure for Banking’s Integration Chaos or a Framework Too Late?
Discover how BIAN helps banks escape legacy traps by offering standardized, modular service domains and semantic APIs. This episode reveals why BIAN exists, what problems it solves, and how to assess your alignment with it. A must-listen for IT leaders in financial services aiming for agility and interoperability.In this episode, we answer to: What is BIAN and how does it standardize banking archi
How to Make Change Stick: 6 Proven Steps to Lead with Purpose and Impact
Struggling to make change stick? Discover six proven principles that help turn resistance into results. Learn how purpose, communication, leadership, and reinforcement can boost your change success and team engagement.In this episode, we answer to:Why is anchoring change in purpose critical for transformation success? How can leaders support individual transitions during organizational change? Wha
ITIL CMDB Best Practices: Scale Smart with Real Business Value in 7 Steps
Discover how to scale your CMDB from a static list to a powerful tool that drives business value. In this episode, we unpack seven practical steps to create a clean, scalable, and business-aligned CMDB that supports ITSM success and compliance goals.In this episode, we answer to:How can I align my CMDB with business outcomes and KPIs? What are the best practices to keep CMDB data clean and reliabl
ISO 27001 Clause 8 Explained: Turning ISMS Plans into Real Security Operations
In this episode of The ITSM Practice Podcast, Luigi Ferri dives into Clause 8 of ISO 27001, where your Information Security Management System (ISMS) shifts from paper to practice. Discover how operational planning, risk assessments, and treatment plans come alive through evidence, control, and continuous improvement.In this episode, we answer to:What is the real purpose of Clause 8 in ISO 27001, a
ITIL 4 Principles: Key to Organizational Excellence
Explore the transformative power of ITIL 4 Guiding Principles in this episode of The ITSM Practice. Luigi Ferri delves into how these principles can drive organizational value, offering practical exercises to assess and enhance your ITIL 4 maturity. Engage with essential strategies for simplification, automation, and collaboration, all aimed at optimizing operational excellence.In this episode, we
Strategic Enablement through IT Service Management for CIOs
In this episode of The ITSM Practice, Luigi Ferri explores how service management can be a strategic enabler for businesses. We delve into aligning IT Service Management (ITSM) with corporate goals to drive growth and value. This guide covers practical steps for CIOs, from assessing current operations to embedding service management deeply into business strategy, ensuring IT is not just a support
Digital Identity Evolution: Past, Risks, and Future Insights
In this episode of "The ITSM Practice," Luigi Ferri explores the transformative journey of digital identity from basic usernames and passwords to advanced biometric systems and decentralized blockchain solutions. We discuss how digital identity has evolved to enhance security, user convenience, and data integrity, alongside the challenges of privacy, surveillance, and data breaches. Learn about th
Persistent Challenges in Project Management: Why They Endure
In this thought-provoking episode of "The ITSM Practice," host Luigi Ferri explores the persistent challenges in project management, such as scope creep, stakeholder misalignment, unrealistic deadlines, and resource constraints. Luigi delves into how the ITIL 4 framework—emphasizing People, Products, Partners, and Processes—can revolutionize project approaches, moving from task managemen
ITIL 4 in Action: Crafting Standard Service Models for Success
Join Luigi Ferri on The ITSM Practice as we dissect the creation of a Standard Service Model (SSM) using ITIL 4, ensuring IT services are proactive, consistent, and aligned with business objectives. This episode delves into the strategic blueprint for measurable value and minimized risks in service delivery, providing a step-by-step guide to crafting a model that leverages ITIL 4’s flexibility and
3 Years of IBM Breach Reports: Key Business Protections
Join Luigi Ferri on "The ITSM Practice" as we delve into the escalating costs and complexities of data breaches from 2022 to 2024, highlighting a record rise to $4.88 million per incident. This episode unpacks the multifaceted impacts of breaches on businesses, examining the balance between automation and visibility in cybersecurity. Discover actionable steps to safeguard your organizati
Halt Repeat Issues: Easy Problem Management
In today's episode of The ITSM Practice, Luigi Ferri delves into Problem Management, a proactive approach aimed at identifying and eradicating the root causes of recurring IT incidents. We explore practical strategies, from root cause analysis using tools like fishbone diagrams to implementing permanent solutions. Discover the transformative impact of Problem Management on service quality, ope
OT Security Simplified: 6 Key Principles for Critical Systems Protection
In today's episode of "The ITSM Practice," Luigi Ferri delves into Operational Technology (OT) Cybersecurity, crucial for protecting vital infrastructure like energy, water, and healthcare. We discuss six actionable principles essential for safeguarding these systems against cyber threats, emphasizing the importance of safety, business knowledge, data protection, network segmentation
Protect Your Data How FIM and DLP Work Together to Secure Information
In today's episode of "The ITSM Practice," hosted by Luigi Ferri, we explore crucial data protection technologies: File Integrity Monitoring (FIM) and Data Loss Prevention (DLP). Discover how FIM acts as a vigilant monitor of file changes, ensuring system integrity, while DLP secures sensitive content, preventing unauthorized data leaks. Together, they form a robust security framework vital for an
Customer First: Boosting Quality and Profits
In this episode of The ITSM Practice, Luigi Ferri delves into the transformative power of prioritizing customers over products, exploring its profound impact on quality, profitability, and business growth. By shifting focus from product-centric to customer-centric strategies, companies like Apple and Tesla have not only enhanced their offerings but also fostered customer loyalty and operational ex
Transforming IT Operations: How Observability Improves Security and Performance
In this episode of "The ITSM Practice," Luigi Ferri delves into the transformative power of observability in IT management and security. Discover how leveraging contextual data and dynamic thresholds enhances system performance, security measures, and anomaly detection, promoting a proactive and strategic approach to IT security.
In this episode, we answer to:
How can collecting contextual data a
Secure System Design: Building Resilient IT Infrastructure
In this episode of "The ITSM Practice," Luigi Ferri delves into constructing IT systems that are inherently secure, robust, and prepared for future cybersecurity challenges. He highlights the importance of integrating security at every development phase, managing software quality, and the necessity of continuous security improvements, drawing from key NIST publications. These guidelines ensure IT
The Evolving Roles of Project Managers and Process Owners
In today's episode of "The ITSM Practice," Luigi Ferri delves into the evolving roles of Project Managers and Process Owners in the face of increasing business complexities. We explore how these key players transition from operational to strategic roles, leveraging digital tools and cross-functional strategies to align with global business demands. With insights from PRINCE2 and ITIL 4, plus exper
Cloud or On-Premises? Decoding Costs and Strategy
In today's episode of "The ITSM Practice," Luigi Ferri dives into the critical IT decision: Cloud vs. On-Premises. Explore the advantages of cloud solutions for flexibility, speed, and compliance, alongside on-premises systems for control and predictable costs. Uncover hidden costs, and consider the total cost of ownership, scalability, and security aspects of both setups. Discover why hybrid mode
Optimizing ITSM with ITIL 4: Understanding Business and Operating Models
In this episode of "The ITSM Practice," Luigi Ferri dives into the intricacies of aligning business and operating models with ITIL 4 practices. Luigi explores the strategic importance of understanding business and operating models, the roles of key executives, and the benefits and challenges they present. He discusses strategies for building and sustaining model alignment, including clear vision a
Mastering ITIL Feedback: Transform Your Team's Performance
In this insightful episode of The ITSM Practice Podcast, Stefano, a certified ITIL Master and Prince2 Practitioner, delves into the art of giving constructive feedback to help staff grow. Learn the importance of setting measurable goals, understanding employee motivations, and maintaining professionalism without personal emotions. Stefano emphasizes practical feedback strategies that foster employ
Top 5 Gaps in Strategy Execution
In today's episode of "The ITSM Practice," host Luigi Ferri delves into the critical topic of strategy execution, revealing that only 30% of strategic initiatives are successful. We discuss the significant gaps between strategic plans and actual results, such as alignment and communication, resource allocation, cultural resistance, adaptability, and leadership. Each gap presents unique challenges
ITIL Swarming Techniques: Revolutionizing Problem Resolution
In today's episode of The ITSM Practice Podcast, Stefano, an ITIL Master and Prince2 Practitioner, dives into the innovative "Intelligent Swarming" technique, inspired by the cohesive work of honeybees. He explores how cross-functional teams can enhance incident and problem resolution efficiency by collaborating rather than escalating issues through traditional tiered support structures. Stefano i
Enterprise Security 2030: Innovations for a Resilient Framework
In this episode of "The ITSM Practice," host Luigi Ferri explores the future of Enterprise Security, envisioning an ecosystem that not only defends but also anticipates and adapts to threats. Highlighting key innovations such as AI-enhanced CMDB systems, machine learning-driven risk assessments, and policy management automation, Luigi discusses the integration of advanced technologies like SIEM an
