The ITSM Practice: Elevating ITSM and IT Security Knowledge

In this episode of the ITSM Practice Podcast, David Barrow explores the crucial role of communication in service management. Emphasizing the significant impact of effective communication strategies, the discussion delves into collaborative practices, transparency, and building trust within an organization. Insights from personal experiences highlight the necessity of communication in enhancing service management, driving towards value-focused outcomes, and ensuring successful stakeholder engagement. For the book reference: An Education in Service Management, is available on Amazon, link https://rb.gy/xxeh2s In this episode, we answer to: How does effective communication influence service management success? What are the key components of a strong communication plan in managing digital services? How can service management professionals utilize communication to build trust and transparency across an enterprise? Connect with us on: LinkedIn: David Barrow link https://www.linkedin.com/in/solsevenstudio/ Website: https://www.solsevenstudio.com/ LinkedIn: Luigi Ferri link https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com Resources Mentioned in this Episode: Effective communication strategies, Collaborative practices, Stakeholder engagement, Trust-building in enterprise environments. And if you want more tips and guidance, follow me, Luigi Ferri, on LinkedIn. I share daily posts about Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

In today's episode of "The ITSM Practice," host Luigi Ferri delves into ITIL 4 and its transformative impact on Project Management. Luigi explores how ITIL 4 integrates strategic elements into IT Projects, ensuring they are not only about outputs but about valuable outcomes. Through key areas like Value Streams, Organizations, and Technology, the framework promotes enhanced service value, proactive management, and strategic alignments. ITIL 4's blend with Agile methodologies is also examined, highlighting its role in maintaining flexibility while ensuring structured governance. In this episode, we answer to: How does ITIL 4 integrate Project Management into the IT Service Value Chain? Does the structured approach of ITIL 4 stifle innovation, or enhance it? How can Agile methodologies be integrated within ITIL 4 to maintain rapid innovation? Resources Mentioned in this Episode: Giva, article "Agile vs. ITIL: How Do They Fit Together? Or Do They?", link https://www.givainc.com/blog/how-do-agile-and-itil-fit-together/ Atlassian, article "A practical guide to ITIL 4 in an age of agile", https://www.atlassian.com/whitepapers/itil4 PeopleCert, article "Combining ITIL 4 and Agile best practices for customer focus", link https://www.axelos.com/resource-hub/blog/combining_itil4_agile_best_practices_customer_focus Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

In the latest ITSM Practice Podcast episode, David Barrow delves into the transformative potential of broadening the scope of service management beyond traditional IT confines. Emphasizing its pivotal role in digital transformation, the discussion highlights how service management ensures agile, reliable services that enhance customer experiences and drive business success. Advocating for a rebrand to simply "service management," the episode explores its strategic impact on organizations and its appeal as a dynamic career path in the digital age. For the book reference: An Education in Service Management, is available on Amazon, link https://rb.gy/xxeh2s In this episode, we answer to: Should we consider removing "IT" from IT service management to broaden its scope? How can service management enhance digital experiences and customer satisfaction? What are the risks and rewards of rebranding ITSM as broader service management? Connect with us on: LinkedIn: David Barrow link https://www.linkedin.com/in/solsevenstudio/ Website: https://www.solsevenstudio.com/ LinkedIn: Luigi Ferri link https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com Resources Mentioned in this Episode: Digital Transformation, Agile Service Delivery, Customer Experience, Operational Excellence, Risk Management. And if you want more tips and guidance, follow me, Luigi Ferri, on LinkedIn. I share daily posts about Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

In today's episode of 'The ITSM Practice', Luigi Ferri delves into how ITIL 4 and Organizational Change Management (OCM) can significantly enhance business adaptation in the digital age. The discussion includes a detailed examination of how these frameworks work together to manage IT Services and the human aspects of change, ensuring sustainable and effective business transformations. Learn key strategies for overcoming resistance and driving success in organizational changes. In this episode, we answer to: What exactly are Organizational Change Management and ITIL 4 Change Management, and how do they intertwine? Why is it beneficial to combine ITIL 4 with Organizational Change Management? How can resistance to change be effectively managed and overcome? Resources Mentioned in this Episode: PeopleCert, article "ITIL 4 Organizational Change Management: bringing people on the journey", link https://www.axelos.com/resource-hub/blog/itil4_organizational_change_management_bringing_people_journey ITSM Tools, article "Organizational Change Management – An Overview", link https://itsm.tools/overview-of-organizational-change-management/ PeopleCert, article "ITIL Practitioner: Organizational Change Management", link https://www.axelos.com/resource-hub/blog/itil-practitioner-organizational-change-management Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

In this episode, Mark Smalley, also known as the Ancient IT Philosopher, dissects the business value of IT, illustrating how IT investments impact business models and performance through four analytical steps. Highlighting the shift from on-premise to cloud services, the discussion emphasizes enhancing operational speed and resilience, and reducing costs. The speech also delves into IT's role in achieving broader business objectives, such as sustainable development and improved customer satisfaction, using practical examples to demonstrate IT’s real-world benefits. For the book reference: 'Are you digitally "done"? Why you should know and care about IT service,' is available on Amazon, link https://rb.gy/rlehg5 In this episode, we answer to: How do IT investments affect the business model and its performance? In what ways can IT enhance operational resilience and efficiency? How can IT contribute to achieving broader business objectives like sustainable development? Connect with us on: LinkedIn: Mark Smalley link https://www.linkedin.com/in/marksmalley/ Website: Smalley.IT LinkedIn: Luigi Ferri link https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com Resources Mentioned in this Episode: Business model, operational resilience, cloud migration, sustainable development, IT investments, utility and warranty of IT systems. And if you want more tips and guidance, follow me, Luigi Ferri, on LinkedIn. I share daily posts about Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

In this episode of 'The ITSM Practice' podcast, Luigi Ferri delves into the critical aspects of Secure Software Development Lifecycle (SSDLC), highlighting the shift from traditional SDLC to Security-by-Design. Through expert insights, the discussion covers the integration of security at every development phase, the role of third-party risk assessments, and the benefits of frameworks like NIST SSDF. The episode also emphasizes the necessity of cultural change within organizations to prioritize security in software development, offering practical advice for enhancing security postures against sophisticated threats. In this episode, we answer to: How critical is the importance of the Secure Software Development Lifecycle in today's tech-driven environment? What steps can organizations take to evolve from Traditional SDLC to Security-by-Design? How can organizations manage risks associated with third-party components in software development? Resources Mentioned in this Episode: Snyk, article "Secure Software Development Lifecycle (SSDLC)". link https://snyk.io/learn/secure-sdlc/ Hackerone, article "What Is the SSDLC (Secure Software Development Life Cycle)?", link https://www.hackerone.com/knowledge-center/what-ssdlc-secure-software-development-life-cycle Synopsys, article "Secure SDLC", link https://www.synopsys.com/blogs/software-security/secure-sdlc.html Vulcan, article "SDLC and secure coding practices: the ultimate guide for 2024", link https://vulcan.io/blog/secure-sdlc-best-practices/ Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

In today's episode of 'The ITSM Practice,' hosted by Luigi Ferri, we delve into the critical aspects of Major Incident Management within IT Service Management (ITSM). This episode explores how ITIL practices can streamline processes to mitigate business risks and enhance operational efficiency. The discussion covers prioritizing Incidents, essential considerations during a crisis, the distinct roles in Incident Management, and the importance of strategic communication and Post-Incident reviews. In this episode, we answer to: How can ITIL practices streamline your Major Incident Management process? What are the essential considerations in Major Incident Management? How do Incident and Problem Management differ? Resources Mentioned in this Episode: PeopleCert, article "How to plan for major incidents in ITSM", link https://www.axelos.com/resource-hub/blog/how-to-plan-for-major-incidents-in-itsm Atlassian, article "Incident management for high-velocity teams", link https://www.atlassian.com/incident-management/itsm/major-incident-management Advisera, article "Major Incident Management – when the going gets tough…", link https://advisera.com/20000academy/knowledgebase/major-incident-management-going-gets-tough/ ITSM Professor, article "Examples of Major Incident Criteria", link https://www.itsmprofessor.net/2010/08/examples-of-major-incident-criteria.html Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

Jeffrey T. Fertiller explores the significant cost advantages of chatbots over traditional service desks in this fourth episode, referencing a Gartner study highlighting the drastic difference in costs between service desk interactions and self-service methods. He delves into the challenges of inadequate knowledge management behind chatbots, emphasizing the need for updated and accurate information to enhance user experience and reduce frustration. In this episode, we answer to: Why are chatbots becoming a preferred solution for organizations? How does poor knowledge management impact the effectiveness of chatbots and self-service portals? What can leaders do to improve the user experience with automated services? Connect with us on: LinkedIn: Jeffrey Tefertiller link https://www.linkedin.com/in/jeffreytefertiller/ Website: http://www.servicemanagement.us LinkedIn: Luigi Ferri link https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com Resources Mentioned in this Episode: Chatbots, Knowledge Management, User Experience, Cost Efficiency in IT Services. And if you want more tips and guidance, follow me, Luigi Ferri, on LinkedIn. I share daily posts about Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

In this episode of The ITSM Practice Podcast, Luigi Ferri explores the critical importance of integrating ISO 27001 standards into your organization's onboarding and offboarding processes. He details how these standards bolster security and efficiency, focusing on vital elements like awareness training, access control, and operational controls. Key steps for a secure offboarding process are also discussed, including asset retrieval, access revocation, and conducting exit interviews. This approach not only protects against information security threats but also fosters a culture of continuous improvement and accountability in Enterprise Service Management. In this episode, we answer to: How can ISO 27001 onboarding and offboarding tactics secure your organization? What are the essential elements to consider when setting up an effective onboarding process in terms of security and operational efficiency? What key steps should be taken to ensure a secure and comprehensive offboarding process for departing employees? Resources Mentioned in this Episode: ISO/IEC 27001 Onboarding Awareness and Training (Clause 7.2, A.7.2.2) Access Control (Clause 9, A.9.1.1, A.9.2.2) Operational Controls (Clause 12, A.12.4.1) ISO/IEC 27001 Offboarding Return of Assets (A.8.1.4) Access Revocation (A.9.2.6) Exit Interviews (A.7.3.1) Documentation and Records (Clause 7.5, A.7.1.2) Audit and Review (Clause 9.2, A.18.2.2) Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

Jeffrey Tefertiller addresses the challenge leaders face in balancing urgent tasks with strategic thinking in his latest podcast episode. He advocates for scheduling regular intervals for deep thinking and strategic planning, emphasizing the importance of disconnecting from daily urgencies. Jeffrey shares practical tips on maintaining focus on long-term goals by engaging proactively with stakeholders and team members, fostering improvement plans, and building meaningful relationships. In this episode, we answer to: How can leaders find time for strategic thinking amidst daily urgencies? What role does proactive communication with stakeholders play in strategic planning? Why is it important to focus on building relationships with stakeholders and teams? Connect with us on: LinkedIn: Jeffrey Tefertiller link https://www.linkedin.com/in/jeffreytefertiller/ Website: http://www.servicemanagement.us LinkedIn: Luigi Ferri link https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com Resources Mentioned in this Episode: Strategic Thinking, Stakeholder Engagement, Leadership Development, Team Improvement Plans. And if you want more tips and guidance, follow me, Luigi Ferri, on LinkedIn. I share daily posts about Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

In this episode of The ITSM Practice Podcast, Luigi Ferri delves into the nuances of Asset Management, highlighting its critical role in enhancing organizational efficiency and achieving strategic objectives. Luigi explains how ISO 55000 defines an asset and outlines the benefits and life cycle of effective asset management, supported by ISO 55001 standards. Discover key strategies for optimizing asset utilization, ensuring compliance, and promoting sustainability within your organization. In this episode, we answer to: What does ISO 55000 define as an "asset"? How can effective asset management benefit an organization? What are the key stages of the Asset Management Life Cycle? Resources Mentioned in this Episode: PECB, article "4 Key Stages of Asset Management Life Cycle", link https://pecb.com/article/4-key-stages-of-asset-management-life-cycle- Comparesoft, article "What You Need to Know About ISO 55001 Before Considering an Asset Management System", link https://comparesoft.com/asset-management-software/iso-55001/ SAI Global, article "ISO 55001 Asset Management Systems", link https://saiassurance.com.au/iso-55001/ Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

In this insightful podcast episode, Jeffrey Tefertiller explores the critical role of people in creating value through well-executed processes in both IT and non-IT sectors. He emphasizes the importance of standardized processes and how they are enhanced by tools and vendor partners. Jeffrey highlights the consumer's perspective as the ultimate judge of value and discusses the need for continuous alignment with stakeholders' evolving needs. Key topics include leveraging automation, artificial intelligence, and machine learning to boost Service Delivery effectiveness. In this episode, we answer to: How do standardized processes contribute to value creation in organizations? What role do consumer perspectives play in evaluating the effectiveness of Service Delivery? Why is alignment with stakeholders crucial for successful Service Management? Connect with us on: LinkedIn: Jeffrey Tefertiller link https://www.linkedin.com/in/jeffreytefertiller/ Website: http://www.servicemanagement.us LinkedIn: Luigi Ferri link https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com Resources Mentioned in this Episode: Enterprise Service Management, IT Service Management, IT Security, Automation, Artificial Intelligence, Machine Learning. And if you want more tips and guidance, follow me, Luigi Ferri, on LinkedIn. I share daily posts about Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

Discover the ins and outs of the Digital Operational Resilience Act (DORA) in this episode of 'The ITSM Practice'. Join Luigi Ferri as he delves into how DORA, enacted by the EU to bolster the digital resilience of the financial sector, mandates stringent digital safety practices for banks, insurance companies, and other financial entities. Understand DORA's crucial role in ensuring the IT Security of digital financial services, its significant impact on IT Risk Management, Incident Reporting, and the importance of a unified approach to digital safety. This episode is a must-listen for professionals navigating the complexities of digital finance. In this episode, we answer to: What does DORA entail for financial companies and their digital defense mechanisms? How does DORA's regulatory framework aim to enhance the digital operational resilience of the financial sector? What challenges and opportunities does DORA present for fostering innovation and global cooperation in financial services? Resources Mentioned in this Episode: PECB, article "What is the Digital Operational Resilience Act (DORA)?", link https://pecb.com/article/what-is-the-digital-operational-resilience-act-dora IT Governance, article "What is DORA?", link https://www.itgovernance.eu/de-de/eu-digital-operations-resilience-act-dora-regulation-de IBM, article "What is the Digital Operational Resilience Act (DORA)?", link https://www.ibm.com/topics/digital-operational-resilience-act Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn! I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Don't miss out on key insights to navigate the ever-evolving landscape of digital finance. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

In this thought-provoking podcast episode, Jeffrey Tefertiller addresses the critical challenges and inefficiencies in IT Service Delivery that many organizations face today. Emphasizing the need for a new Service Delivery Model, Jeffrey discusses the importance of aligning the right people with the right roles and rethinking operational strategies to enhance service quality and performance. Key issues such as technological complexity, outsourcing, and frequent outages at major companies like Meta and AT&T highlight the urgent need for improvement in how services are delivered to both internal and external customers. In this episode, we answer to: Why is the current model of IT Service Delivery failing organizations? How do recent technology outages reflect broader issues in Service Delivery? What does Service Delivery excellence look like in different organizations? Connect with us on: LinkedIn: Jeffrey Tefertiller link https://www.linkedin.com/in/jeffreytefertiller/ Website: http://www.servicemanagement.us LinkedIn: Luigi Ferri link https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com Resources Mentioned in this Episode: IT Service Delivery, Change Management, Technology Outages, Service Delivery Model, Operational Excellence, IT Outsourcing. And if you want more tips and guidance, follow me, Luigi Ferri, on LinkedIn. I share daily posts about Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

In this episode of The ITSM Practice Podcast, host Luigi Ferri delves into the vital aspect of Return on Investment (ROI) in ITIL, emphasizing its importance in evaluating the financial efficiency of ITIL initiatives. The episode covers key concepts such as ROI calculation in ITIL, tangible and intangible benefits of ITIL implementation, and the critical role of Service Level Management in enhancing customer relations. Luigi also explores practical examples demonstrating how ITIL can significantly improve ROI through time savings, cost reduction with self-service solutions, and prioritizing innovation over support. Additionally, the discussion touches on incorporating ITIL's guiding principles for organizational improvement and the significance of cultivating a culture of continual improvement. Luigi cautions against overlooking ROI, pointing out the potential for misallocated resources and initiatives with minimal returns, and highlights the pros and cons of focusing on ROI in ITIL implementation. In this episode, we answer to: What is the essence of ROI Calculation in ITIL? How can ITIL's guiding principles be incorporated to enhance ROI? With the difficulty in quantifying intangible benefits, could we risk underestimating ITIL's true value in our organization? Resources Mentioned in this Episode: TechBeacon, article "How ROI can transform your service management into a profit center", link https://techbeacon.com/enterprise-it/how-roi-can-transform-your-service-management-profit-center Security Boulevard, article "Service Management’s Value – the ROI of ITSM", link https://securityboulevard.com/2022/05/service-managements-value-the-roi-of-itsm/ Apex 365 Tech, article "How to Measure ROI of Managed IT Services?", link https://apex365.ca/how-to-measure-roi-of-managed-it-services/ Doug Tedder, article "What’s The ROI of Service Management?", link https://www.dougtedder.com/2021/11/22/roi-of-service-management/ SysAid, article "What’s the ROI of ITIL?", link https://www.sysaid.com/blog/itil/whats-the-roi-of-itil Advisera, article "Is it possible to calculate ROI for ITIL?", link https://advisera.com/20000academy/blog/2016/09/13/is-it-possible-to-calculate-roi-for-itil/ Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

Explore the critical aspects of threat modeling in this engaging episode of the ITSM Practice podcast with Luigi Ferri. Discover the significance of proactive security measures, the types of threats including Accidental, Tradeoff, and Inherent Threats, and how they're addressed through comprehensive strategies. Learn about the operations involved in Threat Modeling, its importance in today's cybersecurity landscape, and the collaborative effort required for effective implementation. Dive deep into the benefits, challenges, and detailed steps of threat modeling, underlining its pivotal role in securing digital infrastructures. In this episode, we answer to: Why is security Threat Modeling critically important? What are the advantages of a Threat Model? How does threat modeling become a collaborative effort? Resources Mentioned in this Episode: Adam Shostak, whitepaper "Inherent Threats", link https://www.linkedin.com/in/shostack/ or https://shostack.org/about/adam Synopsys, article "Threat Modeling", link https://www.synopsys.com/glossary/what-is-threat-modeling.html#:~:text=Threat%20modeling%20is%20a%20structured,An%20abstraction%20of%20the%20system OWASP, article "Threat Modeling Process", link https://owasp.org/www-community/Threat_Modeling_Process Microsoft, article "Threat Modeling", link https://www.microsoft.com/en-us/securityengineering/sdl/threatmodeling Threat Modeling Manifesto, link https://www.threatmodelingmanifesto.org/ Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

In this episode of the ITSM Practice podcast, Luigi Ferri delves into the critical distinctions between Risk Appetite and Risk Tolerance, emphasizing their pivotal roles in strategic decision-making. Luigi meticulously explains how these concepts guide organizations in navigating their journey towards achieving strategic goals while balancing potential risks and rewards. Featuring nuanced examples and authoritative explanations, this episode offers valuable perspectives for leaders dedicated to refining their Risk Management strategies. In this episode, we answer to: What is the difference between Risk Appetite and Risk Tolerance? How do Risk Tolerance and Appetite levels influence organizational decision-making? What factors drive an organization's willingness to take Risks? Resources Mentioned in this Episode: PECB, article "What Is Risk Tolerance, Why Is It Important, and How to Determine It?", link https://pecb.com/article/what-is-risk-tolerance-why-is-it-important-and-how-to-determine-it Professional Certifications, article "Risk Appetite vs. Risk Tolerance", link https://learn31000.com/risk-appetitive-vs-risk-tolerance/ Splunk, article "Risk Tolerance vs. Risk Appetite Explained", link https://www.splunk.com/en_us/blog/learn/risk-tolerance-vs-risk-appetite.html ISACA, article "Risk Appetite vs. Risk Tolerance: What is the Difference?", link https://www.isaca.org/resources/news-and-trends/isaca-now-blog/2022/risk-appetite-vs-risk-tolerance-what-is-the-difference Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

In this ITSM Practice podcast episode, Luigi Ferri dives into the challenges and solutions for managing IT Security Programs with suppliers. Highlighting the importance of establishing a comprehensive IT Security Governance Team and aligning security objectives with suppliers, the episode addresses common issues such as cybersecurity culture, priority mismanagement, organizational buy-in, and resource constraints. Luigi emphasizes the strategic approach to IT Security, advocating for clarity, efficiency, and effective risk management through program management. In this episode, we answer to: What is a common IT Security Program issue with suppliers? How can organizations and suppliers work together to enhance IT Security? What are the major obstacles in implementing effective IT Security measures? Resources Mentioned in this Episode: Project Manager website, article "Project vs. Program Management: Key Differences and Similarities", link https://www.projectmanager.com/blog/whats-the-difference-between-a-project-and-a-program CyberTalk, article "The short guide to why security programs can fail", link https://www.cybertalk.org/2021/09/23/the-short-guide-to-why-security-programs-often-fail/ Triaxion Security, article "Why Security Programs Fail", link https://www.triaxiomsecurity.com/why-security-programs-fail/ Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

In this episode of "The ITSM Practice" podcast, Luigi Ferri delves into the complexities of Configuration Management Systems (CMS) and Configuration Management Databases (CMDB), crucial for SMEs. With an emphasis on practical approaches and the significance of continuous improvement, this episode is a must-listen for ITSM and IT Security professionals aiming to enhance their IT Service Management and Security Practices. In this episode, we answer to: How can we incorporate a detailed phased implementation strategy for CMS and CMDB? What are the benefits of Configuration Management in IT Service Management? What are the key pros and cons of automation in IT Service Management and Operations? Resources Mentioned in this Episode: PeopleCert / Axelos, book “Service configuration management: ITIL 4 Practice Guide.”, link https://my.axelos.com/resource-hub/practice/service-configuration-management-itil-4-practice-guide ServiceNow, article “Configuration Management Database (CMDB).”, link https://www.servicenow.com/products/servicenow-platform/configuration-management-database.html Atlassian, article “What is a configuration management database (CMDB)?”, link https://www.atlassian.com/itsm/it-asset-management/cmdb Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits:Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

In this episode of "The ITSM Practice Podcast," Luigi Ferri delves into the crucial aspect of selecting the right ITSM tool, highlighting the importance of aligning technology with your organization's process maturity. This episode is a must-listen for ITSM and IT Security professionals aiming to elevate their operational efficiency and strategic goals. In this episode, we answer to: Why is process maturity valued beyond features in understanding tool selection? What are the key considerations for making a sophisticated tool selection? How can process maturity be leveraged in ITSM implementation according to the practical guide to excellence? Resources Mentioned in this Episode: Process Maps, article “ITIL Processes.”, link https://wiki.en.it-processmaps.com/index.php/ITIL_Processes BMC Software, article “How to Choose ITSM Tools”, link https://www.bmc.com/blogs/itsm-tools/ TechBeacon, article “How to choose an IT Service Management tool.”, link https://techbeacon.com/enterprise-it/how-choose-it-service-management-tool Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits:Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya