The ITSM Practice: Elevating ITSM and IT Security Knowledge

Welcome back to "The ITSM Practice." I'm Luigi Ferri. Today, we’re delving into SDLC release management models in regulated sectors like Fintech, Finance, Telecommunications, and Healthcare. Effective release management in these fields ensures compliance with strict regulations, enhancing security, efficiency, and stakeholder trust. We explore ITIL, Waterfall, Agile, and DevOps models, highlighting their strengths and challenges in maintaining regulatory compliance while fostering innovation.

In this episode, we answer to:

What are the benefits and drawbacks of the ITIL model in regulated sectors?

How does the Waterfall model ensure compliance in financial and healthcare software development?

What challenges does Agile face in maintaining strict compliance amidst rapid changes?

Resources Mentioned in this Episode:

- ITIL model in regulated sectors

- Waterfall model for compliance

- Agile practices in Fintech

- DevOps in competitive industries

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

Welcome back to "The ITSM Practice." I'm Luigi Ferri, and today we explore how the Service Management Office (SMO) and Value Management Office (VMO) transform Service Management. The SMO enhances IT services by addressing inefficiencies and aligning them with enterprise goals, while the VMO maximizes value across all departments, driving comprehensive value creation and strategic advancement.

In this episode, we answer:

What is the role of the Service Management Office (SMO) in enhancing IT services?

How does the Value Management Office (VMO) contribute to overall business objectives?

What are the key steps to establishing effective SMO and VMO in an organization?

Both offices play critical roles in integrating ITIL 4 principles to ensure sustainable growth and a competitive edge. Reflect on how well your SMO and VMO are integrated into your strategic initiatives and discuss with your team for better alignment and value creation.

Resources Mentioned in this Episode:

Oneio, article "Service Management Office (SMO) goals, roles and responsibilities in 2024", link https://www.oneio.cloud/blog/smo-goals-roles-and-responsibilities

Axelos, article "The Service Management Office and ITIL 4", link https://www.axelos.com/resource-hub/blog/the-service-management-office-and-itil-4

Cognixia, article "How to build an effective Service Management Office with ITIL 4?", link https://www.cognixia.com/blog/how-to-build-an-effective-service-management-office-with-itil-4/

HDI, article "Best of HDI in 2021 - #7: A Service Management Office is No Longer a Luxury", link https://www.thinkhdi.com/library/supportworld/2021/service-management-office-is-a-necessity

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

Welcome back to "The ITSM Practice." I’m Luigi Ferri, your host. In this episode, we dive into why it's essential to sell the value of ITIL 4 to key business stakeholders. We explore the benefits of ITIL, how it improves IT Service Delivery, and strategies to communicate its value to top management. Whether it's improved margins, better customer experiences, reduced risks, or greater agility, understanding these elements is crucial for successful ITIL adoption.

In this episode, we answer to:

Why is it essential to sell the value of ITIL 4 to key business stakeholders?

How can the overall value of ITIL adoption be sold?

Why are stakeholders key in ITIL implementation?

Resources Mentioned in this Episode:

Goodlearning, article "How to Sell ITIL 4 to Your Organization", link https://goodelearning.com/articles/how-to-sell-itil4-practices-to-your-organization/

Joe The IT Guy, article "Selling the Value of ITIL 4", link https://www.joetheitguy.com/selling-the-value-of-itil-4/

Axelos, article "Selling the value of ITIL to your peers and superiors", link https://www.axelos.com/resource-hub/blog/selling-the-value-of-itil-to-your-peers-and-superiors

ITSM Solutions, article "How to Sell ITIL to the Top", link https://www.itsmsolutions.com/newsletters/DITYvol5iss51.htm

Next MSC, article "IT Service Management Market Overview", link https://www.nextmsc.com/report/it-service-management-itsm-market

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this episode of "The ITSM Practice," host Luigi Ferri delves into the critical topic of cybersecurity and the risks of over-reliance on external vendors. Luigi explores whether outsourcing IT security to numerous vendors enhances protection or inadvertently introduces new vulnerabilities. He emphasizes the importance of designing security processes internally and not just depending on vendor-provided solutions. This discussion also covers the potential financial and strategic drawbacks of vendor dependence, advocating for a balanced approach to cybersecurity that combines internal vigilance with external expertise. Connect with Luigi Ferri for more insights on Enterprise Service Management, IT Service Management, and IT Security on LinkedIn and his website.

In this episode, we answer to:

Are we actually compromising our security by depending too much on cybersecurity vendors?

Does outsourcing cybersecurity to multiple vendors lead to a false sense of security and potential data exposure?

How does vendor lock-in affect our ability to innovate and respond to security threats effectively?

Resources Mentioned in this Episode:

Cloud Security Alliance, article "Mitigating Risks and Optimizing Benefits in Vendor Consolidation", link https://cloudsecurityalliance.org/blog/2023/08/02/mitigating-risks-and-optimizing-benefits-in-vendor-consolidation

ISTARI, article "Managing Cyber Risk Across the Extended Vendor Ecosystem", link https://istari-global.com/insights/spotlight/managing-cyber-risk-across-the-extended-vendor-ecosystem/

Dark Reading, article "Addressing the Cybersecurity Vendor Ecosystem Disconnect", link https://www.darkreading.com/endpoint-security/addressing-the-cybersecurity-vendor-ecosystem-disconnect

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this episode of "The ITSM Practice," Luigi Ferri delves into the transformative potential of Service Integration and Management (SIAM) for enhancing IT service delivery and aligning it with business goals. Luigi explains the SIAM structure and its critical role in managing multiple service providers to ensure seamless service integration. He addresses the challenges and emphasizes the importance of robust governance and advanced technology in crafting a dynamic IT environment.

In this episode, we answer to:

How can you build an effective SIAM operating model that enhances service delivery?

What role does technology play in Service Integration and Management?

What challenges does Service Integration and Management present?

Resources Mentioned in this Episode:

Exalate, article "How to Build an Effective SIAM Operating Model", link https://exalate.com/blog/siam-model/

Oneio, article "What is SIAM in IT service management?", link https://www.oneio.cloud/blog/what-is-siam-in-it-service-management

Scopism, article "What is Service Integration and Management (SIAM)?", link https://www.scopism.com/what-is-service-integration-and-management-siam/

BMC, article "What Is SIAM? Service Integration & Management Explained", link https://www.bmc.com/blogs/service-integration-and-management-siam-for-beginners/

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

Join Stefan Kempter in this informative episode as he shares his extensive experience and insights into optimizing ITIL and Service Management processes. With over 25 years in the field, Stefan emphasizes the importance of simplicity and adaptability in process design, advocating for a streamlined approach that aligns with the ever-evolving business and technological landscapes.

In this episode, we explore:

How have ITIL frameworks evolved, and what can organizations learn from these changes?

The significance of maintaining simplicity in Service Management processes.

Stefan's recommendations for adopting streamlined processes in IT Service Management (YaSM).

Connect with us on:

LinkedIn: Stefan Kempter link https://www.linkedin.com/in/stefankempter/

Website: https://en.it-processmaps.com

LinkedIn: Luigi Ferri link https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

Resources Mentioned in this Episode:

YaSM, ITIL Versions, Service Management Best Practices, Streamlined IT Processes.

And if you want more tips and guidance, follow me, Luigi Ferri, on LinkedIn. I share daily posts about Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this revealing episode of "The ITSM Practice," host Luigi Ferri explores the critical topic of ISO 27001 compliance, specifically addressing the top five non-conformities that organizations often face. From lack of senior management commitment to inadequate incident management and business continuity planning, Luigi provides actionable advice on how to strengthen your Information Security Management System (ISMS) and ensure robust security measures.

In this episode, we answer to:

How can organizations ensure senior management's commitment to ISO 27001?

What are the best practices for managing third-party security controls?

Why is regular security testing crucial for maintaining ISO 27001 compliance?

Resources Mentioned in this Episode:

Isoqar, article "Top 10 non-conformities with ISO 27001", link https://isoqar.com/resources/blog/top-10-nonconformities-with-iso-27001/

NQA, article "Common causes of Non-conformities in ISO 27001", link https://www.nqa.com/en-gb/resources/blog/July-2021/common-non-conformities-in-iso-27001

ISMS Online, article "How to avoid common ISO 27001 internal audit mistakes", link https://www.isms.online/iso-27001/how-to-avoid-common-iso-27001-internal-audit-mistakes/

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this inspiring episode, Pirkko Haver addresses the significant gender disparities in IT Service Management (ITSM) and broader tech roles. She challenges the stereotypes that deter women from entering the field and advocates for a more inclusive IT Environment. Pirkko discusses the essential role of strategic initiatives, like mentorships and workshops, in encouraging young women to pursue careers in ITSM beyond just technical roles.

In this episode, we explore:

Why are women underrepresented in ITSM, and what are the root causes?

How can the IT industry foster a more welcoming environment for women?

Effective strategies and initiatives to attract and retain women in ITSM roles.

Connect with us on:

LinkedIn: Pirkko Haver link https://www.linkedin.com/in/pirkkohaver/

LinkedIn: Luigi Ferri link https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

Resources Mentioned in this Episode:

Gender Diversity in IT, Women in Technology, Career Development in ITSM, Career Development in ITIL

And if you want more tips and guidance, follow me, Luigi Ferri, on LinkedIn. I share daily posts about Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this episode of "The ITSM Practice," Luigi Ferri tackles the top five obstacles in IT Service Management (ITSM) adoption and offers practical solutions to overcome them. From enhancing Knowledge and Training to handling Resistance to Change, streamlining Inefficient Processes, improving Tool Integration, and demonstrating ROI effectively, Luigi provides actionable insights to help organizations fully leverage ITSM. Emphasizing the importance of strategic integration and comprehensive training, this episode is essential for IT professionals aiming to enhance service management and drive business success.

In this episode, we answer to:

How can organizations enhance their team's ability to use ITSM tools strategically?

What are effective strategies for managing resistance to change in ITSM implementations?

How can ITSM tools be integrated seamlessly with existing systems to avoid inefficiencies?

Resources Mentioned in this Episode:

ITDEVTECH, article "Common Challenges In ITSM Processes And Their Solutions", link https://itdevtech.com/blog/challenges-in-itsm-process/

ITSM Tools Blog, article "What are The Common Challenges in ITSM Processes and Their Solutions", link https://itsm.tools/itsm-challenges/

Desk Director, article "4 Common ITSM Challenges", link https://www.deskdirector.com/dd-blog/4-common-itsm-problems

Panlearn, article "Challenges in ITSM Adoption", link https://www.panlearn.com/articles/it-service-and-architecture/challenges-in-itsm-adoption

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this enlightening podcast episode, Adrian Bunea delves into Service-Level Agreements (SLAs) and the pervasive issue known as the Watermelon Effect. Adrian explains how SLAs, while crucial for tracking service performance, often paint a misleading picture of user satisfaction and operational success. He unpacks the dangers of this phenomenon, where metrics may appear satisfactory externally but fail to reflect the underlying issues, likening it to a watermelon—green on the outside but red on the inside.

In this episode, we explore:

What is the Watermelon Effect, and why is it a critical concern in Service Management?

How do SLAs contribute to this deceptive scenario, and what can organizations do to mitigate its impact?

Practical strategies to align service performance metrics with real user experiences.

Connect with us on:

LinkedIn: Adrian Bunea link https://www.linkedin.com/in/adrianbunea/

Website: http://www.itholding.ro

LinkedIn: Luigi Ferri link https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

Resources Mentioned in this Episode:

ITIL, Service-Level Agreements, Watermelon Effect, Performance Metrics, User Experience.

And if you want more tips and guidance, follow me, Luigi Ferri, on LinkedIn. I share daily posts about Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In today's episode of "The ITSM Practice," Luigi Ferri tackles the significant issue of Chief Information Security Officers (CISOs) being unfairly scapegoated following security breaches. By examining the roles of unclear regulations, unrealistic expectations, high role visibility, and a blame-centric culture, this discussion sheds light on why CISOs often bear the brunt of criticism and how these factors contribute to their high turnover rates. Insights from industry studies underscore the challenges CISOs face, emphasizing the need for realistic expectations and shared responsibilities in cybersecurity.

In this episode, we answer to:

Why are CISOs often viewed as scapegoats in the corporate world?

What are the main challenges CISOs face with current cybersecurity regulations and expectations?

How can organizations support CISOs to improve cybersecurity practices and reduce unfair blame?

Resources Mentioned in this Episode:

RSAC, article "How CISOs Should Protect Themselves Against Indictments", link https://www.infosecurity-magazine.com/news/ciso-should-protect-indictments/

F5, article "Could A Data Breach Land Your CISO In Prison?", link https://www.f5.com/labs/articles/cisotociso/could-a-data-breach-land-your-ciso-in-prison

CSO Online, article "Some strategies for CISOs freaked out by the specter of federal indictments", link https://www.csoonline.com/article/2099763/some-strategies-for-cisos-freaked-out-by-the-specter-of-federal-indictments.html

IBM Security, article "Cost of Data Breach Report 2023", link https://www.ibm.com/reports/data-breach

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this episode of 'The ITSM Practice,' host Luigi Ferri delves into the intricacies of TOGAF, The Open Group Architecture Framework. Luigi evaluates whether TOGAF remains a vital blueprint for architects seeking to enhance business efficiency or if it's become an overly complex framework. The episode explores TOGAF’s benefits in aligning IT architecture with business strategies and discusses its structured yet potentially rigid methodology that might challenge smaller organizations. Tune in to understand TOGAF's relevance and strategic implementation in modern enterprise architecture.

In this episode, we answer to:

Is TOGAF® truly the architect’s blueprint for business efficiency or merely another complicated framework?

What are the advantages and challenges of implementing TOGAF in agile IT environments?

How does TOGAF align IT architecture with business strategies, and what are the risks of its improper implementation?

Resources Mentioned in this Episode:

Simplilearn, article "Navigating ITIL vs TOGAF: Optimal Frameworks in 2024", link https://www.simplilearn.com/itil-vs-togaf-article

CIO.com, article "What’s new in TOGAF 10?", link https://www.cio.com/article/400374/whats-new-in-togaf-10.html

Dice, article "Is TOGAF Certification Worth It?", link https://www.dice.com/career-advice/togaf-certification-worth

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this episode of "The ITSM Practice," host Luigi Ferri delves into the effectiveness of social engineering tactics and the critical oversights that heighten organizational vulnerability. Luigi emphasizes the importance of comprehensive training and developing a robust security culture within businesses to combat these psychological manipulations effectively. He illustrates how attackers exploit trust and curiosity, often leading to significant security breaches, and underscores the necessity for more than just technological defenses.

In this episode, we answer to:

How do social engineering attackers exploit human psychology to infiltrate organizations?

Why is comprehensive cybersecurity training crucial in preventing social engineering attacks?

What are the common mistakes in incident response plans that exacerbate the impact of social engineering breaches?

Resources Mentioned in this Episode:

PECB, article "Social Engineering and Risk from Cyber-Attacks", link https://pecb.com/article/social-engineering-and-risk-from-cyber-attacks

ENISA, article "What is "Social Engineering"?", link https://www.enisa.europa.eu/topics/incident-response/glossary/what-is-social-engineering

IBM, article "What is social engineering?", link https://www.ibm.com/topics/social-engineering

CISCO, article "What Is Social Engineering?", link https://www.cisco.com/c/en/us/products/security/what-is-social-engineering.html

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this informative episode of "The ITSM Practice," hosted by Luigi Ferri, we delve into the NIS 2 Directive's influence from a customer's standpoint. We explore how this directive serves as a shield against cyber threats by enforcing enhanced security measures, standardizing incident reporting, and ensuring supply chain transparency. However, we also consider the potential burdens, including increased costs and complex implementation challenges, which could affect service quality and customer experiences. Join Luigi as he unpacks the pros and cons of this crucial cybersecurity regulation.

In this episode, we answer to:

How does the NIS 2 Directive impact customers from their viewpoint?

What are the potential drawbacks of the NIS 2 Directive from a customer perspective?

Is the NIS 2 Directive a necessary safeguard or an undue burden for customers?

Resources Mentioned in this Episode:

PECB, article "A Comprehensive Guide: Understanding the NIS 2 Directive", link https://pecb.com/article/a-comprehensive-guide-understanding-the-nis-2-directive

IT Governance UK, article "The NIS 2 Directive – What you need to know”, link https://www.itgovernance.eu/en-ie/green-papers/nis2-directive-what-you-need-to-know-ie

DeepBlue Security & Intelligence, article "NIS2 Directive: What does it mean for your organization?", Link https://www.linkedin.com/pulse/nis2-directive-what-does-mean-your-organization-ka7ke/

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this podcast episode, David Barrow discusses the transformative impact of establishing value-focused communities of practice (CoPs) within organizations. These communities enhance service management and foster career development and mentoring, particularly for marginalized groups. The episode highlights how CoPs break down silos and align digital and enterprise teams to co-create value, thus boosting service quality and customer satisfaction.

For the book reference: An Education in Service Management, is available on Amazon, link https://rb.gy/xxeh2s

In this episode, we answer to:

What benefits do value-focused communities of practice offer to service management?

How do these communities align organizational strategy with digital service delivery?

What role do continuous feedback loops play in the success of these communities?

Connect with us on:

LinkedIn: David Barrow link https://www.linkedin.com/in/solsevenstudio/

Website: https://www.solsevenstudio.com/

LinkedIn: Luigi Ferri link https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

Resources Mentioned in this Episode:

Community of Practice, Digital Service Quality, Value Creation, Continuous Improvement, Stakeholder Engagement.

And if you want more tips and guidance, follow me, Luigi Ferri, on LinkedIn. I share daily posts about Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In today's episode of "The ITSM Practice" we delve into ITIL 4 Problem Management, discussing its essential role in preventing IT Incidents and minimizing their impacts. We explore how Problem Management not only enhances service reliability and stability but also contributes to cost efficiency and a culture of continuous improvement within IT teams.

In this episode, we answer to:

How does ITIL 4 Problem Management prevent incidents?

Why is Problem Management crucial during times of significant transformation?

What are the common misconceptions about Problem Management?

Resources Mentioned in this Episode: ITIL 4, Incident Management Process, Problem Management Process, Service Reliability, Continuous Improvement, IT Service Stability.

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this episode of the ITSM Practice Podcast, David Barrow explores the crucial role of communication in service management. Emphasizing the significant impact of effective communication strategies, the discussion delves into collaborative practices, transparency, and building trust within an organization. Insights from personal experiences highlight the necessity of communication in enhancing service management, driving towards value-focused outcomes, and ensuring successful stakeholder engagement.

For the book reference: An Education in Service Management, is available on Amazon, link https://rb.gy/xxeh2s

In this episode, we answer to:

How does effective communication influence service management success?

What are the key components of a strong communication plan in managing digital services?

How can service management professionals utilize communication to build trust and transparency across an enterprise?

Connect with us on:

LinkedIn: David Barrow link https://www.linkedin.com/in/solsevenstudio/

Website: https://www.solsevenstudio.com/

LinkedIn: Luigi Ferri link https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

Resources Mentioned in this Episode:

Effective communication strategies, Collaborative practices, Stakeholder engagement, Trust-building in enterprise environments.

And if you want more tips and guidance, follow me, Luigi Ferri, on LinkedIn. I share daily posts about Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In today's episode of "The ITSM Practice," host Luigi Ferri delves into ITIL 4 and its transformative impact on Project Management. Luigi explores how ITIL 4 integrates strategic elements into IT Projects, ensuring they are not only about outputs but about valuable outcomes. Through key areas like Value Streams, Organizations, and Technology, the framework promotes enhanced service value, proactive management, and strategic alignments. ITIL 4's blend with Agile methodologies is also examined, highlighting its role in maintaining flexibility while ensuring structured governance.

In this episode, we answer to:

How does ITIL 4 integrate Project Management into the IT Service Value Chain?

Does the structured approach of ITIL 4 stifle innovation, or enhance it?

How can Agile methodologies be integrated within ITIL 4 to maintain rapid innovation?

Resources Mentioned in this Episode:

Giva, article "Agile vs. ITIL: How Do They Fit Together? Or Do They?", link https://www.givainc.com/blog/how-do-agile-and-itil-fit-together/

Atlassian, article "A practical guide to ITIL 4 in an age of agile", https://www.atlassian.com/whitepapers/itil4

PeopleCert, article "Combining ITIL 4 and Agile best practices for customer focus", link https://www.axelos.com/resource-hub/blog/combining_itil4_agile_best_practices_customer_focus

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In the latest ITSM Practice Podcast episode, David Barrow delves into the transformative potential of broadening the scope of service management beyond traditional IT confines. Emphasizing its pivotal role in digital transformation, the discussion highlights how service management ensures agile, reliable services that enhance customer experiences and drive business success. Advocating for a rebrand to simply "service management," the episode explores its strategic impact on organizations and its appeal as a dynamic career path in the digital age.

For the book reference: An Education in Service Management, is available on Amazon, link https://rb.gy/xxeh2s

In this episode, we answer to:

Should we consider removing "IT" from IT service management to broaden its scope?

How can service management enhance digital experiences and customer satisfaction?

What are the risks and rewards of rebranding ITSM as broader service management?

Connect with us on:

LinkedIn: David Barrow link https://www.linkedin.com/in/solsevenstudio/

Website: https://www.solsevenstudio.com/

LinkedIn: Luigi Ferri link https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

Resources Mentioned in this Episode: Digital Transformation, Agile Service Delivery, Customer Experience, Operational Excellence, Risk Management.

And if you want more tips and guidance, follow me, Luigi Ferri, on LinkedIn. I share daily posts about Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In today's episode of 'The ITSM Practice', Luigi Ferri delves into how ITIL 4 and Organizational Change Management (OCM) can significantly enhance business adaptation in the digital age. The discussion includes a detailed examination of how these frameworks work together to manage IT Services and the human aspects of change, ensuring sustainable and effective business transformations. Learn key strategies for overcoming resistance and driving success in organizational changes.

In this episode, we answer to:

What exactly are Organizational Change Management and ITIL 4 Change Management, and how do they intertwine?

Why is it beneficial to combine ITIL 4 with Organizational Change Management?

How can resistance to change be effectively managed and overcome?

Resources Mentioned in this Episode:

PeopleCert, article "ITIL 4 Organizational Change Management: bringing people on the journey", link https://www.axelos.com/resource-hub/blog/itil4_organizational_change_management_bringing_people_journey

ITSM Tools, article "Organizational Change Management – An Overview", link https://itsm.tools/overview-of-organizational-change-management/

PeopleCert, article "ITIL Practitioner: Organizational Change Management", link https://www.axelos.com/resource-hub/blog/itil-practitioner-organizational-change-management

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this episode, Mark Smalley, also known as the Ancient IT Philosopher, dissects the business value of IT, illustrating how IT investments impact business models and performance through four analytical steps. Highlighting the shift from on-premise to cloud services, the discussion emphasizes enhancing operational speed and resilience, and reducing costs. The speech also delves into IT's role in achieving broader business objectives, such as sustainable development and improved customer satisfaction, using practical examples to demonstrate IT’s real-world benefits.

For the book reference: 'Are you digitally "done"? Why you should know and care about IT service,' is available on Amazon, link https://rb.gy/rlehg5

In this episode, we answer to:

How do IT investments affect the business model and its performance?

In what ways can IT enhance operational resilience and efficiency?

How can IT contribute to achieving broader business objectives like sustainable development?

Connect with us on:

LinkedIn: Mark Smalley link https://www.linkedin.com/in/marksmalley/

Website: Smalley.IT

LinkedIn: Luigi Ferri link https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

Resources Mentioned in this Episode:

Business model, operational resilience, cloud migration, sustainable development, IT investments, utility and warranty of IT systems.

And if you want more tips and guidance, follow me, Luigi Ferri, on LinkedIn. I share daily posts about Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this episode of 'The ITSM Practice' podcast, Luigi Ferri delves into the critical aspects of Secure Software Development Lifecycle (SSDLC), highlighting the shift from traditional SDLC to Security-by-Design. Through expert insights, the discussion covers the integration of security at every development phase, the role of third-party risk assessments, and the benefits of frameworks like NIST SSDF. The episode also emphasizes the necessity of cultural change within organizations to prioritize security in software development, offering practical advice for enhancing security postures against sophisticated threats.

In this episode, we answer to:

How critical is the importance of the Secure Software Development Lifecycle in today's tech-driven environment?

What steps can organizations take to evolve from Traditional SDLC to Security-by-Design?

How can organizations manage risks associated with third-party components in software development?

Resources Mentioned in this Episode:

Snyk, article "Secure Software Development Lifecycle (SSDLC)". link https://snyk.io/learn/secure-sdlc/

Hackerone, article "What Is the SSDLC (Secure Software Development Life Cycle)?", link https://www.hackerone.com/knowledge-center/what-ssdlc-secure-software-development-life-cycle

Synopsys, article "Secure SDLC", link https://www.synopsys.com/blogs/software-security/secure-sdlc.html

Vulcan, article "SDLC and secure coding practices: the ultimate guide for 2024", link https://vulcan.io/blog/secure-sdlc-best-practices/

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In today's episode of 'The ITSM Practice,' hosted by Luigi Ferri, we delve into the critical aspects of Major Incident Management within IT Service Management (ITSM). This episode explores how ITIL practices can streamline processes to mitigate business risks and enhance operational efficiency. The discussion covers prioritizing Incidents, essential considerations during a crisis, the distinct roles in Incident Management, and the importance of strategic communication and Post-Incident reviews.

In this episode, we answer to:

How can ITIL practices streamline your Major Incident Management process?

What are the essential considerations in Major Incident Management?

How do Incident and Problem Management differ?

Resources Mentioned in this Episode:

PeopleCert, article "How to plan for major incidents in ITSM", link https://www.axelos.com/resource-hub/blog/how-to-plan-for-major-incidents-in-itsm

Atlassian, article "Incident management for high-velocity teams", link https://www.atlassian.com/incident-management/itsm/major-incident-management

Advisera, article "Major Incident Management – when the going gets tough…", link https://advisera.com/20000academy/knowledgebase/major-incident-management-going-gets-tough/

ITSM Professor, article "Examples of Major Incident Criteria", link https://www.itsmprofessor.net/2010/08/examples-of-major-incident-criteria.html

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

Jeffrey T. Fertiller explores the significant cost advantages of chatbots over traditional service desks in this fourth episode, referencing a Gartner study highlighting the drastic difference in costs between service desk interactions and self-service methods. He delves into the challenges of inadequate knowledge management behind chatbots, emphasizing the need for updated and accurate information to enhance user experience and reduce frustration.

In this episode, we answer to:

Why are chatbots becoming a preferred solution for organizations?

How does poor knowledge management impact the effectiveness of chatbots and self-service portals?

What can leaders do to improve the user experience with automated services?

Connect with us on:

LinkedIn: Jeffrey Tefertiller link https://www.linkedin.com/in/jeffreytefertiller/

Website: http://www.servicemanagement.us

LinkedIn: Luigi Ferri link https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

Resources Mentioned in this Episode:

Chatbots, Knowledge Management, User Experience, Cost Efficiency in IT Services.

And if you want more tips and guidance, follow me, Luigi Ferri, on LinkedIn. I share daily posts about Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this episode of The ITSM Practice Podcast, Luigi Ferri explores the critical importance of integrating ISO 27001 standards into your organization's onboarding and offboarding processes. He details how these standards bolster security and efficiency, focusing on vital elements like awareness training, access control, and operational controls. Key steps for a secure offboarding process are also discussed, including asset retrieval, access revocation, and conducting exit interviews. This approach not only protects against information security threats but also fosters a culture of continuous improvement and accountability in Enterprise Service Management.

In this episode, we answer to:

How can ISO 27001 onboarding and offboarding tactics secure your organization?

What are the essential elements to consider when setting up an effective onboarding process in terms of security and operational efficiency?

What key steps should be taken to ensure a secure and comprehensive offboarding process for departing employees?

Resources Mentioned in this Episode:

ISO/IEC 27001 Onboarding

Awareness and Training (Clause 7.2, A.7.2.2)

Access Control (Clause 9, A.9.1.1, A.9.2.2)

Operational Controls (Clause 12, A.12.4.1)

ISO/IEC 27001 Offboarding

Return of Assets (A.8.1.4)

Access Revocation (A.9.2.6)

Exit Interviews (A.7.3.1)

Documentation and Records (Clause 7.5, A.7.1.2)

Audit and Review (Clause 9.2, A.18.2.2)

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

Jeffrey Tefertiller addresses the challenge leaders face in balancing urgent tasks with strategic thinking in his latest podcast episode. He advocates for scheduling regular intervals for deep thinking and strategic planning, emphasizing the importance of disconnecting from daily urgencies. Jeffrey shares practical tips on maintaining focus on long-term goals by engaging proactively with stakeholders and team members, fostering improvement plans, and building meaningful relationships.

In this episode, we answer to:

How can leaders find time for strategic thinking amidst daily urgencies?

What role does proactive communication with stakeholders play in strategic planning?

Why is it important to focus on building relationships with stakeholders and teams?

Connect with us on:

LinkedIn: Jeffrey Tefertiller link https://www.linkedin.com/in/jeffreytefertiller/

Website: http://www.servicemanagement.us

LinkedIn: Luigi Ferri link https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

Resources Mentioned in this Episode:

Strategic Thinking, Stakeholder Engagement, Leadership Development, Team Improvement Plans.

And if you want more tips and guidance, follow me, Luigi Ferri, on LinkedIn. I share daily posts about Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this episode of The ITSM Practice Podcast, Luigi Ferri delves into the nuances of Asset Management, highlighting its critical role in enhancing organizational efficiency and achieving strategic objectives. Luigi explains how ISO 55000 defines an asset and outlines the benefits and life cycle of effective asset management, supported by ISO 55001 standards. Discover key strategies for optimizing asset utilization, ensuring compliance, and promoting sustainability within your organization.

In this episode, we answer to:

What does ISO 55000 define as an "asset"?

How can effective asset management benefit an organization?

What are the key stages of the Asset Management Life Cycle?

Resources Mentioned in this Episode:

PECB, article "4 Key Stages of Asset Management Life Cycle", link https://pecb.com/article/4-key-stages-of-asset-management-life-cycle-

Comparesoft, article "What You Need to Know About ISO 55001 Before Considering an Asset Management System", link https://comparesoft.com/asset-management-software/iso-55001/

SAI Global, article "ISO 55001 Asset Management Systems", link https://saiassurance.com.au/iso-55001/

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this insightful podcast episode, Jeffrey Tefertiller explores the critical role of people in creating value through well-executed processes in both IT and non-IT sectors. He emphasizes the importance of standardized processes and how they are enhanced by tools and vendor partners. Jeffrey highlights the consumer's perspective as the ultimate judge of value and discusses the need for continuous alignment with stakeholders' evolving needs. Key topics include leveraging automation, artificial intelligence, and machine learning to boost Service Delivery effectiveness.

In this episode, we answer to:

How do standardized processes contribute to value creation in organizations?

What role do consumer perspectives play in evaluating the effectiveness of Service Delivery?

Why is alignment with stakeholders crucial for successful Service Management?

Connect with us on:

LinkedIn: Jeffrey Tefertiller link https://www.linkedin.com/in/jeffreytefertiller/

Website: http://www.servicemanagement.us

LinkedIn: Luigi Ferri link https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

Resources Mentioned in this Episode:

Enterprise Service Management, IT Service Management, IT Security, Automation, Artificial Intelligence, Machine Learning.

And if you want more tips and guidance, follow me, Luigi Ferri, on LinkedIn. I share daily posts about Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

Discover the ins and outs of the Digital Operational Resilience Act (DORA) in this episode of 'The ITSM Practice'. Join Luigi Ferri as he delves into how DORA, enacted by the EU to bolster the digital resilience of the financial sector, mandates stringent digital safety practices for banks, insurance companies, and other financial entities. Understand DORA's crucial role in ensuring the IT Security of digital financial services, its significant impact on IT Risk Management, Incident Reporting, and the importance of a unified approach to digital safety. This episode is a must-listen for professionals navigating the complexities of digital finance. In this episode, we answer to: What does DORA entail for financial companies and their digital defense mechanisms? How does DORA's regulatory framework aim to enhance the digital operational resilience of the financial sector? What challenges and opportunities does DORA present for fostering innovation and global cooperation in financial services? Resources Mentioned in this Episode: PECB, article "What is the Digital Operational Resilience Act (DORA)?", link https://pecb.com/article/what-is-the-digital-operational-resilience-act-dora IT Governance, article "What is DORA?", link https://www.itgovernance.eu/de-de/eu-digital-operations-resilience-act-dora-regulation-de IBM, article "What is the Digital Operational Resilience Act (DORA)?", link https://www.ibm.com/topics/digital-operational-resilience-act Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn! I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Don't miss out on key insights to navigate the ever-evolving landscape of digital finance. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

In this thought-provoking podcast episode, Jeffrey Tefertiller addresses the critical challenges and inefficiencies in IT Service Delivery that many organizations face today. Emphasizing the need for a new Service Delivery Model, Jeffrey discusses the importance of aligning the right people with the right roles and rethinking operational strategies to enhance service quality and performance. Key issues such as technological complexity, outsourcing, and frequent outages at major companies like Meta and AT&T highlight the urgent need for improvement in how services are delivered to both internal and external customers.

In this episode, we answer to:

Why is the current model of IT Service Delivery failing organizations?

How do recent technology outages reflect broader issues in Service Delivery?

What does Service Delivery excellence look like in different organizations?

Connect with us on:

LinkedIn: Jeffrey Tefertiller link https://www.linkedin.com/in/jeffreytefertiller/

Website: http://www.servicemanagement.us

LinkedIn: Luigi Ferri link https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

Resources Mentioned in this Episode:

IT Service Delivery, Change Management, Technology Outages, Service Delivery Model, Operational Excellence, IT Outsourcing.

And if you want more tips and guidance, follow me, Luigi Ferri, on LinkedIn. I share daily posts about Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this episode of The ITSM Practice Podcast, host Luigi Ferri delves into the vital aspect of Return on Investment (ROI) in ITIL, emphasizing its importance in evaluating the financial efficiency of ITIL initiatives. The episode covers key concepts such as ROI calculation in ITIL, tangible and intangible benefits of ITIL implementation, and the critical role of Service Level Management in enhancing customer relations. Luigi also explores practical examples demonstrating how ITIL can significantly improve ROI through time savings, cost reduction with self-service solutions, and prioritizing innovation over support. Additionally, the discussion touches on incorporating ITIL's guiding principles for organizational improvement and the significance of cultivating a culture of continual improvement. Luigi cautions against overlooking ROI, pointing out the potential for misallocated resources and initiatives with minimal returns, and highlights the pros and cons of focusing on ROI in ITIL implementation.

In this episode, we answer to:

What is the essence of ROI Calculation in ITIL?

How can ITIL's guiding principles be incorporated to enhance ROI?

With the difficulty in quantifying intangible benefits, could we risk underestimating ITIL's true value in our organization?

Resources Mentioned in this Episode:

TechBeacon, article "How ROI can transform your service management into a profit center", link https://techbeacon.com/enterprise-it/how-roi-can-transform-your-service-management-profit-center

Security Boulevard, article "Service Management’s Value – the ROI of ITSM", link https://securityboulevard.com/2022/05/service-managements-value-the-roi-of-itsm/

Apex 365 Tech, article "How to Measure ROI of Managed IT Services?", link https://apex365.ca/how-to-measure-roi-of-managed-it-services/

Doug Tedder, article "What’s The ROI of Service Management?", link https://www.dougtedder.com/2021/11/22/roi-of-service-management/

SysAid, article "What’s the ROI of ITIL?", link https://www.sysaid.com/blog/itil/whats-the-roi-of-itil

Advisera, article "Is it possible to calculate ROI for ITIL?", link https://advisera.com/20000academy/blog/2016/09/13/is-it-possible-to-calculate-roi-for-itil/

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

Explore the critical aspects of threat modeling in this engaging episode of the ITSM Practice podcast with Luigi Ferri. Discover the significance of proactive security measures, the types of threats including Accidental, Tradeoff, and Inherent Threats, and how they're addressed through comprehensive strategies. Learn about the operations involved in Threat Modeling, its importance in today's cybersecurity landscape, and the collaborative effort required for effective implementation. Dive deep into the benefits, challenges, and detailed steps of threat modeling, underlining its pivotal role in securing digital infrastructures.

In this episode, we answer to:

Why is security Threat Modeling critically important?

What are the advantages of a Threat Model?

How does threat modeling become a collaborative effort?

Resources Mentioned in this Episode:

Adam Shostak, whitepaper "Inherent Threats", link https://www.linkedin.com/in/shostack/ or https://shostack.org/about/adam

Synopsys, article "Threat Modeling", link https://www.synopsys.com/glossary/what-is-threat-modeling.html#:~:text=Threat%20modeling%20is%20a%20structured,An%20abstraction%20of%20the%20system

OWASP, article "Threat Modeling Process", link https://owasp.org/www-community/Threat_Modeling_Process

Microsoft, article "Threat Modeling", link https://www.microsoft.com/en-us/securityengineering/sdl/threatmodeling

Threat Modeling Manifesto, link https://www.threatmodelingmanifesto.org/

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this episode of the ITSM Practice podcast, Luigi Ferri delves into the critical distinctions between Risk Appetite and Risk Tolerance, emphasizing their pivotal roles in strategic decision-making. Luigi meticulously explains how these concepts guide organizations in navigating their journey towards achieving strategic goals while balancing potential risks and rewards. Featuring nuanced examples and authoritative explanations, this episode offers valuable perspectives for leaders dedicated to refining their Risk Management strategies.

In this episode, we answer to:

What is the difference between Risk Appetite and Risk Tolerance?

How do Risk Tolerance and Appetite levels influence organizational decision-making?

What factors drive an organization's willingness to take Risks?

Resources Mentioned in this Episode:

PECB, article "What Is Risk Tolerance, Why Is It Important, and How to Determine It?", link https://pecb.com/article/what-is-risk-tolerance-why-is-it-important-and-how-to-determine-it

Professional Certifications, article "Risk Appetite vs. Risk Tolerance", link https://learn31000.com/risk-appetitive-vs-risk-tolerance/

Splunk, article "Risk Tolerance vs. Risk Appetite Explained", link https://www.splunk.com/en_us/blog/learn/risk-tolerance-vs-risk-appetite.html

ISACA, article "Risk Appetite vs. Risk Tolerance: What is the Difference?", link https://www.isaca.org/resources/news-and-trends/isaca-now-blog/2022/risk-appetite-vs-risk-tolerance-what-is-the-difference

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this ITSM Practice podcast episode, Luigi Ferri dives into the challenges and solutions for managing IT Security Programs with suppliers. Highlighting the importance of establishing a comprehensive IT Security Governance Team and aligning security objectives with suppliers, the episode addresses common issues such as cybersecurity culture, priority mismanagement, organizational buy-in, and resource constraints. Luigi emphasizes the strategic approach to IT Security, advocating for clarity, efficiency, and effective risk management through program management.

In this episode, we answer to:

What is a common IT Security Program issue with suppliers?

How can organizations and suppliers work together to enhance IT Security?

What are the major obstacles in implementing effective IT Security measures?

Resources Mentioned in this Episode:

Project Manager website, article "Project vs. Program Management: Key Differences and Similarities", link https://www.projectmanager.com/blog/whats-the-difference-between-a-project-and-a-program

CyberTalk, article "The short guide to why security programs can fail", link https://www.cybertalk.org/2021/09/23/the-short-guide-to-why-security-programs-often-fail/

Triaxion Security, article "Why Security Programs Fail", link https://www.triaxiomsecurity.com/why-security-programs-fail/

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this episode of "The ITSM Practice" podcast, Luigi Ferri delves into the complexities of Configuration Management Systems (CMS) and Configuration Management Databases (CMDB), crucial for SMEs. With an emphasis on practical approaches and the significance of continuous improvement, this episode is a must-listen for ITSM and IT Security professionals aiming to enhance their IT Service Management and Security Practices.

In this episode, we answer to:

How can we incorporate a detailed phased implementation strategy for CMS and CMDB?

What are the benefits of Configuration Management in IT Service Management?

What are the key pros and cons of automation in IT Service Management and Operations?

Resources Mentioned in this Episode:

PeopleCert / Axelos, book “Service configuration management: ITIL 4 Practice Guide.”, link https://my.axelos.com/resource-hub/practice/service-configuration-management-itil-4-practice-guide

ServiceNow, article “Configuration Management Database (CMDB).”, link https://www.servicenow.com/products/servicenow-platform/configuration-management-database.html

Atlassian, article “What is a configuration management database (CMDB)?”, link https://www.atlassian.com/itsm/it-asset-management/cmdb

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:
Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this episode of "The ITSM Practice Podcast," Luigi Ferri delves into the crucial aspect of selecting the right ITSM tool, highlighting the importance of aligning technology with your organization's process maturity. This episode is a must-listen for ITSM and IT Security professionals aiming to elevate their operational efficiency and strategic goals.

In this episode, we answer to:

Why is process maturity valued beyond features in understanding tool selection?

What are the key considerations for making a sophisticated tool selection?

How can process maturity be leveraged in ITSM implementation according to the practical guide to excellence?

Resources Mentioned in this Episode:

Process Maps, article “ITIL Processes.”, link https://wiki.en.it-processmaps.com/index.php/ITIL_Processes

BMC Software, article “How to Choose ITSM Tools”, link https://www.bmc.com/blogs/itsm-tools/

TechBeacon, article “How to choose an IT Service Management tool.”, link https://techbeacon.com/enterprise-it/how-choose-it-service-management-tool

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:
Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this episode of The ITSM Practice Podcast, we dive deep into the essence of Disaster Recovery in IT, emphasizing its significance in ensuring business continuity amidst adversities like cyber-attacks, natural disasters, or human errors. Luigi outlines a comprehensive guide to constructing a resilient Disaster Recovery plan, highlighting the importance of understanding potential threats, identifying critical assets, and establishing clear recovery objectives.

In this episode, we answer to:

What are the essential components of a Disaster Recovery plan?

How do different Disaster Recovery options like DRaaS and Hot Sites benefit businesses?

Why is regular testing crucial for the effectiveness of a Disaster Recovery plan?

Resources Mentioned in this Episode:

LogicMonitor, article “IT Outage Impact Study.”, link https://www.logicmonitor.com/resource/outage-impact-survey

Uptime Insitute, article “Uptime Institute’s 2022 Outage Analysis Finds Downtime Costs and Consequences Worsening as Industry Efforts to Curb Outage Frequency Fall Short.” link https://www.businesswire.com/news/home/20220608005265/en/Uptime-Institute%E2%80%99s-2022-Outage-Analysis-Finds-Downtime-Costs-and-Consequences-Worsening-as-Industry-Efforts-to-Curb-Outage-Frequency-Fall-Short

Invenio IT, article “Avoid Downtime With Our Guide to IT Disaster Recovery Management.”, link https://invenioit.com/continuity/disaster-recovery-management/#

Connect with me on:

LinkedIn: https://www.linkedin.com/in/t”heitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:
Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

Explore the dual nature of AI in IT Security as both a risk and an opportunity in this episode of "The ITSM Practice" podcast with Luigi Ferri. Dive into AI's transformative role in automating tasks, enhancing threat detection, and decision-making, while also tackling challenges like the 'Black Box' issue and integration complexities. Learn about strategic AI integration, the importance of data quality, and the future of AI in cybersecurity, including its role in NATO's security strategies.

In this episode, we answer to:

How can we balance the ethical use of AI in cybersecurity with its advancement?

What strategies are crucial for organizations to integrate AI seamlessly into their existing security frameworks?

As AI evolves, how will it reshape the roles and responsibilities within the cybersecurity sphere?

Resources Mentioned in this Episode:

NATO, article “NATO starts work on Artificial Intelligence certification standard.” link https://www.nato.int/cps/en/natohq/news_211498.htm

Connect with me on:

LinkedIn: https://www.linkedin.com/in/t”heitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:
Sound engineering by Alan Southgate - http://alsouthgate.co.uk/
Graphics by Yulia Kolodyazhnaya

Luigi Ferri explores Business Relationship Management (BRM) in "The ITSM Practice Podcast," highlighting its importance in aligning IT with business goals, transforming IT into a key business partner. BRM manages and improves relationships, fostering trust and collaboration. The discussion covers technology's role, risks of poor BRM, and the value of a culture promoting training and development.

In this episode, we answer to:

What is the purpose and objectives of Business Relationship Management (BRM)?

How does governance and policy setting in BRM ensure alignment with organizational strategy?

How does technology facilitate BRM in aligning IT services with business needs?

Resources Mentioned in this Episode:

Business Relationship Management Institute, article “How Many Business Relationship Managers Should You Have?” link https://brm.institute/how-many-business-relationship-managers-should-you-have/

PeopleCert, article “Business Relationship Manager”, link https://www.peoplecert.org/advance-your-career/it-service-management/business-relationship-manager

Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.

Credits:
Sound engineering by Alan Southgate - http://alsouthgate.co.uk/
Graphics by Yulia Kolodyazhnaya

Join Luigi Ferri on "The ITSM Practice" as he explores the significance of a Service Catalogue in IT Service Management. This episode sheds light on the role of a Service Catalogue beyond just listing services, emphasizing its importance in transparency and operational clarity for customers. Luigi discusses the key components like the Service Portfolio and Service Catalogue Views, their advantages in enhancing clarity and decision-making, and the challenges such as complexity in management and technology dependence. The discussion also touches on the integration of the Service Catalogue with ITSM processes, the roles involved, and the importance of keeping it relevant and user-friendly. Tune in for insightful reflections on how a well-structured Service Catalogue aligns IT Services with business goals, and join the conversation on LinkedIn to share your experiences in Service Catalogue Management.

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this enlightening episode of "The ITSM Practice," host Luigi Ferri unpacks the concept of 'Security by Design' and its fundamental principles. Luigi explains that 'Security by Design' is an approach where security is embedded as a foundational element from the beginning of the IT system development and management process, rather than being an afterthought. The episode dives into the core principles that underpin this approach, including Defense in Depth, Secure by Default, Least Privilege, Separation of Duties, Minimizing Attack Surface, Complete Mediation, Open Design, Isolated Compartments, Evidence Production, and Application Coding Best Practices. Luigi emphasizes that integrating these principles into ITSM is not just a technical endeavor but also involves fostering a culture where IT Security is prioritized at every stage of Service Design and Implementation. The discussion culminates with the importance of adopting a mindset where IT Security is an integral part of every IT Process and decision-making activity, highlighting its role in building a secure, resilient foundation for IT Services that are aligned with business goals and capable of countering evolving digital threats. Tune in for an in-depth exploration of 'Security by Design' and its significance in today's digital landscape, and join Luigi on LinkedIn for further insights into adapting IT Practices for enhanced IT Security.

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this informative episode of "The ITSM Practice," host Luigi Ferri delves into the critical process of determining the appropriate IT Security Policy for businesses. The discussion begins with an examination of the vital role of security policies, including guiding technical controls, setting clear expectations for employees, fulfilling regulatory and compliance requirements, and improving organizational efficiency. Luigi then explores various types of IT security policies, such as Program or Organizational Policy, Acceptable Use, Remote Access, Data Security, and Firewall Policies. The episode further outlines a structured approach to selecting the right policy, emphasizing the importance of assessing business needs, evaluating current security postures, understanding objectives, and considering risk factors. Luigi highlights the essential components of constructing an effective policy, ensuring it aligns with the organization's risk appetite and is supported by senior management. Concluding with an invitation for further discussion on LinkedIn, this episode is a must-listen for those seeking to align their IT Security Policy with business goals and culture effectively.

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this insightful episode of "The ITSM Practice," Luigi Ferri addresses a crucial question for today's digital age: the necessity of an ITIL Change Management Process in businesses of all sizes. Through a detailed exploration, Luigi clarifies what 'change' means in the ITIL context and breaks down its key components, including Change Control Practice and Change Model. The episode emphasizes the guiding principles of ITIL 4, such as simplicity, stakeholder collaboration, and a customer-centric approach. Luigi dispels common misconceptions about change management, highlighting its importance across all departments for aligning with overall business goals. This episode is an essential listen for any organization aiming to foster a culture of agility and continuous improvement, underscoring the critical role of effective change management in ensuring operational success. Join Luigi for a comprehensive discussion on adapting to and thriving amidst constant change.

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

Join Luigi Ferri in this edition of "The ITSM Practice" for a comprehensive exploration of ITIL adoption in large organizations. This episode delves into the systematic process management consultants follow, from aligning with executive strategies to the tangible application of ITIL practices. We discuss the significance of each step, including service definition, role assignment within ITIL frameworks, gap analysis, and meticulous process planning. This episode provides an informative perspective on the strategic implementation of ITIL, emphasizing its role in enhancing IT Service Management and aligning with business objectives. Engage with us on this journey of ITIL integration in the realm of professional ITSM.

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this insightful episode of "The ITSM Practice," I, Luigi Ferri, guide you through the complexities and opportunities of service provision within ITIL 4. We'll explore how it impacts IT services, discussing its essential role, benefits, and the inherent challenges. Topics include resource optimization, enhancing user experiences, fulfilling service agreements, and the imperative of continuous improvement. However, we also tackle the challenges such as management complexity, cost factors, and the balancing act of resource availability. This episode is a comprehensive look at service provision in ITIL 4, offering insights into effectively managing services while navigating its challenges. Join the discussion on LinkedIn to share your experiences and strategies in ITSM. Tune in for a thought-provoking session on elevating your IT service management practices.

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this episode of 'The ITSM Practice', I, Luigi Ferri, delve into the 'Value Streams and Processes' dimension of ITIL 4. This critical aspect focuses on streamlining and optimizing organizational processes to create and deliver value efficiently. We explore the advantages, such as improved productivity and workflow clarity, alongside the challenges of managing complex processes and the risk of inefficiency. I invite listeners to share their experiences and insights on optimizing these elements in ITSM, and to join the conversation on LinkedIn. This episode emphasizes the importance of continuously enhancing value flow in ITIL, a key to success in IT Service Management. Join me, Luigi Ferri, for this insightful journey into making the most of ITIL's value streams and processes.

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this episode of 'The ITSM Practice,' I, Luigi Ferri, guide you through the complexities of the 'Partners and Suppliers' dimension in ITIL 4. We discuss the strategic importance of managing these relationships for optimizing service management, from design to continual improvement. The episode highlights the benefits, such as accessing specialized expertise and shared risks, while also addressing the challenges like coordination complexities and aligning different organizational cultures. I invite listeners to share their strategies and experiences in managing these vital relationships in their ITSM framework on LinkedIn. Discover how effective collaboration with partners and suppliers can revolutionize your approach to ITSM. Join me, Luigi Ferri, as we delve into fostering these essential connections for a successful ITSM journey.

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this episode of 'The ITSM Practice', Luigi Ferri focuses on the 'Information and Technology' dimension of ITIL 4, a vital component of IT Service Management. The discussion explores how technology intersects with information to enhance service management, examining the interplay of infrastructure, applications, data management, and information security. Luigi highlights the benefits, such as improved efficiency and data-driven decision-making, alongside challenges like rapid technological change and the risk of overlooking the human element. He invites listeners to share their experiences with technology in ITSM on LinkedIn. The episode concludes with the emphasis on finding the right balance between advanced technology and the essential human touch in service management, urging listeners to innovate while staying true to ITIL 4 principles.

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this episode of 'The ITSM Practice,' I delve into the 'Organizations and People' dimension of ITIL 4, a vital aspect of IT Service Management. We explore how this dimension focuses on aligning human skills and capabilities with organizational goals to enhance IT service delivery. The discussion covers the benefits, such as improved team dynamics and enhanced employee engagement, along with challenges like managing diverse personalities and resistance to change. I invite listeners to share their experiences and insights on LinkedIn. We also look at success metrics, emphasizing the importance of employee satisfaction, team collaboration, and customer satisfaction in reflecting the health of this dimension. Join me in understanding how people and culture are the true driving forces behind successful ITSM, and how continuous improvement and adaptation are key. Tune in to gain insights into maximizing the potential of your team in the ITIL 4 framework.

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In this episode of 'The ITSM Practice', I dive into the transformative world of ITIL 4, focusing on its four pivotal dimensions that are reshaping IT Service Management and IT Security. I explore the human element in 'Organizations and People', the strategic 'Value Streams and Processes', the foundational 'Information and Technology', and the critical role of 'Partners and Suppliers'. Join me in understanding how these dimensions impact ITSM strategies and decision-making. I encourage you to share your experiences and insights on LinkedIn, and to join our ongoing conversation about the nuances of service management in our digital era. Tune in for an engaging and insightful journey into the heart of ITIL 4 with 'The ITSM Practice'.

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

In the 'The ITSM Practice' episode, Luigi Ferri, with over 25 years of experience, discusses 'Ten Common ITIL Implementation Mistakes to Avoid at All Costs.' He gives advice on using IT frameworks effectively, including having a clear plan, securing top management support, and tailoring ITIL to your organization. Luigi encourages sharing ITIL experiences and connecting on LinkedIn for further talks. This podcast is valuable for IT Service Management and IT Security professionals, offering tips and insights into overcoming ITSM challenges. Tune in to enhance your ITSM and IT Security knowledge.

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya

Welcome to 'The ITSM Practice' with Luigi Ferri, exploring the evolution of ITIL into ITIL 4 for IT Service Management and IT Security. Today, we dive into ITIL's history and its latest adaptation for the digital era. Luigi shares his insights on ITIL 4's key features, including the Service Value System, the Four Dimensions, and the shift from processes to practices. Join the discussion on LinkedIn and share how ITIL 4 has impacted your ITSM strategies. This episode is a guide to adapting ITIL for the digital age and enhancing IT service management. Tune in for more insights in future episodes and connect for ongoing discussions on ITSM and IT Security.

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/

Graphics by Yulia Kolodyazhnaya