The ITSM Practice: Elevating ITSM and IT Security Knowledge

Luigi Ferri
  • 5.0 (1)
  • TECHNOLOGY
  • UPDATED WEEKLY

Join Luigi Ferri, an experienced ITSM & IT Security Professional, in 'The ITSM Practice.' Explore IT Service Management and IT Security, uncovering innovations and best practices with insights from leading organizations like Volkswagen Financial Services, Vodafone, and more. Each episode offers practical guides and expert discussions for learning and growth. Ideal for all ITSM and IT Security Professionals! Stay Connected: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Youtube: https://www.youtube.com/@theitsmpractice Website: http://www.theitsmpractice.com

  1. 6D AGO

    Are We Really Ready for AI?

    In this episode of The ITSM Practice Podcast, Luigi Ferri explores AI readiness for service desks and ITSM in medium-sized organizations. Going beyond tools and automation, the discussion focuses on leadership, governance, culture, and skills needed to adopt and scale AI responsibly and align AI initiatives with real business value. In this episode, we answer to: Are medium-sized organizations really ready for AI in ITSM and service delivery? What does AI readiness mean beyond automation and technology? How can leaders assess governance, skills, and culture before adopting AI? Resources Mentioned in this Episode: How to Assess AI Readiness for Service Delivery, link https://theitsmpractice.gumroad.com/l/HowtoAssessAIReadinessforServiceDelivery IMD website, article "AI Maturity Index", link https://www.imd.org/artificial-intelligence-maturity-index/ Boston Consulting Group website, article "When Companies Struggle to Adopt AI, CEOs Must Step Up", link https://www.bcg.com/publications/2025/when-companies-struggle-to-adopt-ai-ceos-must-step-up Cloud Security Alliance website, article "A Guide On How AI Pilot Programs are Shaping Enterprise Adoption", link https://cloudsecurityalliance.org/blog/2025/03/28/a-guide-on-how-ai-pilot-programs-are-shaping-enterprise-adoption Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

    11 min

  2. 12/23/2025

    How to Build a GRC Framework for Fintech Startups

    Learn how to build a solid GRC foundation for fintech growth in the EU. We break down governance, risk management, and compliance essentials to help startups scale, earn investor trust, and meet PSD2, GDPR, DORA, MiCA, AML expectations from day one. In this episode, we answer to: How do you set up an effective GRC framework for a fintech startup in the EU? Why must European fintechs prioritize compliance, risk, and governance early to scale safely? What roles, processes, and oversight are essential to meet PSD2, GDPR, DORA, AML requirements? Resources Mentioned in this Episode: European Central Bank (ECB) website, article "The PSD2 supports innovation and competition in retail payments … and enhances the security of payment transactions and the protection of consumer data.", link https://www.ecb.europa.eu/press/intro/mip-online/2018/html/1803_revisedpsd.en.html? Deloitte website, article "The Revised Payment Services Directive (PSD2)", link https://www.deloitte.com/lu/en/Industries/banking-capital-markets/research/psd2-revised-payment-services-directive.html? European Parliament website, article "GDPR: Overview of the EU General Data Protection Regulation", link https://europa.eu/youreurope/business/dealing-with-customers/data-protection/data-protection-gdpr/index_en.htm?utm_source=chatgpt.com German BaFin website, article "Prevention of money laundering and terrorist financing", link https://www.bafin.de/EN/Aufsicht/Geldwaeschepraevention/geldwaeschepraevention_node_en.html? ESMA website, article "Official summary from authoritative EU sources: Digital Operational Resilience Act (DORA)", link https://www.esma.europa.eu/esmas-activities/digital-finance-and-innovation/digital-operational-resilience-act-dora? ESMA website, article "Official overview by the European Securities and Markets Authority (ESMA): Markets in Crypto-Assets Regulation (MiCA)", link https://www.esma.europa.eu/esmas-activities/digital-finance-and-innovation/markets-crypto-assets-regulation-mica?utm_source=chatgpt.com Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

    10 min

  3. 12/16/2025

    BSI Grundschutz: Inside the Technical Measures – Part 2

    A deep dive into BSI Grundschutz technical measures, systems, networks, applications, monitoring, and evidence-based security. Learn how to move from compliance to operational resilience and why German clients expect proof, not promises. In this episode, we answer to: How do BSI Grundschutz technical measures strengthen system, network, and application security? What evidence-based controls are required to prove resilience and compliance? How does Grundschutz compare to the NIST Cybersecurity Framework for SaaS and cloud environments? Resources Mentioned in this Episode: Eena 112 website, whitepaper "Cybersecurity Practical Approach", link https://eena.org/wp-content/uploads/2020_05_06_Cybersecurity_PracticalApproach.pdf BSI - German Federal Office for Information Security, publication "BSI Magazin", link https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Magazin/BSI-Magazin_2021-01.pdf?__blob=publicationFile&v=5 ACC Management Consulting, article "BSI - IT Baseline Protection: A Method for Information Security", link https://www.acc-management-consulting.de/bsi-grundschutz-isms BSI - German Federal Office for Information Security, WiBa tool, link https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Grundschutz/WiBA/WiBA_Tool_Excel.xlsx?__blob=publicationFile&v=2 Dr. Datenschutz website, article "The path to basic security for your IT", link https://www.dr-datenschutz.de/der-weg-in-die-basisabsicherung-fuer-ihre-it/ BSI - German Federal Office for Information Security, article + videos "Getting Started - Guidance and videos for raising awareness of cyber security", link https://www.bsi.bund.de/EN/Themen/Unternehmen-und-Organisationen/Informationen-und-Empfehlungen/KMU/leichter_Einstieg/leichter_Einstieg_node.html Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

    9 min

  4. 12/09/2025

    BSI Grundschutz: The Hidden Gatekeeper - Part 1

    BSI Grundschutz is the hidden gatekeeper for U.S. companies entering Germany. This episode breaks down the organizational measures, from ISMS design to governance, staff security, and incident evidence, that shape compliance, build trust, and strengthen IT security maturity. In this episode, we answer to: What is BSI Grundschutz and why does it matter for U.S. companies expanding to Germany? How do organizational measures like ISMS, governance, and role clarity improve security and compliance? How does documenting incidents and responsibilities increase trust with German clients and regulators? Resources Mentioned in this Episode: Secureframe website, article "BSI IT-Grundschutz", link https://secureframe.com/frameworks-glossary/bsi-it-grundschutz Hisolutions website, article "BSI IT-Grundschutz", link https://www.hisolutions.com/security-consulting/informationssicherheit/bsi-it-grundschutz BSI - German Federal Office for Information Security, article "Advanced Protection", link https://www.bsi.bund.de/EN/Themen/Unternehmen-und-Organisationen/Informationen-und-Empfehlungen/KMU/Expertise/Expertise_node.html BSI - German Federal Office for Information Security, article "IT-Grundschutz", link https://www.bsi.bund.de/EN/Themen/Unternehmen-und-Organisationen/Standards-und-Zertifizierung/IT-Grundschutz/it-grundschutz.html Secfix website, article "ISO 27001 und BSI-Grundschutz", link https://de.secfix.com/beitrag/iso-27001-bsi-grundschutz Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

    9 min

  5. 12/02/2025

    Without a Service Management Office, ITSM Is Just Theatre

    Discover why 70% of ITSM initiatives fail and how a strategic Service Management Office (SMO) transforms ITIL from theory into business value. Learn the six-step SMO blueprint, key metrics, and pitfalls to avoid to elevate ITSM maturity and governance. In this episode, we answer to: What is a Service Management Office and why is it critical for ITSM success? How do you build an SMO with governance, value alignment, and CIO-level sponsorship? Which metrics and maturity levels define real ITSM performance and business impact? Resources Mentioned in this Episode: Pink Elephant website, whitepaper "The IT Service Management Office", link https://www.pinkelephant.com/uploadedfiles/Resources/PinkPapers/The-IT-Service-Management-Office.pdf Littlefish website, article "Strategic Power of a Service Management Office (SMO)", link https://www.littlefish.co.uk/insights/service-management-office-smo/ IT Process Maps, article "ITIL Service Strategy", link https://wiki.en.it-processmaps.com/index.php/ITIL_Service_Strategy Echolon website, article "The importance of an effective ITIL® service strategy for success in IT service management", link https://www.echolon.de/en/blog/itil-it-service-strategy/ Scrumprep website, article "Answering: Which metrics will help a Product Owner determine if a product is deliverying value?", link https://scrumprep.com/answering-which-metrics-will-help-a-product-owner-determine-if-a-product-is-delivering-value/ Value Delivery Metric website, video https://youtu.be/pjnkWgq7I6I ITSM Tools website, article "The Making of an IT Service Management (ITSM) Maturity Model", link https://itsm.tools/the-making-of-a-maturity-model-an-approach-to-culture-and-client-support/ Navvia website, whitepaper "The Making of an IT Service Management (ITSM) Maturity Model", link https://navvia.com/hubfs/MKTG Folder/Learn center - Courses Slides/SMO Service Management Office -Slides.pdf Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

    10 min

  6. 11/25/2025

    From Cost to Value: Financial Modelling for ITIL Services

    In this episode of The ITSM Practice Podcast, Luigi Ferri dives into Financial Modelling for ITIL-based services — the key to shifting IT from a cost center to a value creator. Learn how Activity-Based Costing (ABC), Unit Costing, Lifecycle Costing, and Showback Models can transform IT governance, pricing clarity, and business alignment in IT Service Management (ITSM). In this episode, we answer to: How can IT leaders connect services, costs, and value in ITIL-based organizations? Which financial models (ABC, Unit Cost, Lifecycle) fit your ITSM strategy best? How can financial transparency turn IT from “too expensive” to a strategic partner? Resources Mentioned in this Episode: PeopleCert website, article "ITIL 4 Value Streams Doing Right Things for Customers", link https://www.axelos.com/resource-hub/blog/itil-4-value-streams-doing-right-things-for-customers QRP website, article "ITIL 4 Service Value Chain and Value Stream", link https://www.qrpinternational.be/blog/it-governance-and-service-management/service-value-chain-and-value-stream/ IT Process Map website, article "Financial Management", link https://wiki.en.it-processmaps.com/index.php/Financial_Management PMI website, article "Activity Based Costing (ABC)", link https://www.projectmanagement.com/wikis/232994/activity-based-costing--abc- Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

    10 min

  7. 11/18/2025

    Trust vs Tech: Why Regional Banks Are Falling Behind

    Regional banks face extinction if they don’t evolve. In this episode, Luigi Ferri explains how AI, automation, and customer-driven innovation are redefining digital banking. Learn from Luigi Ferri why “trust” is no longer enough and how agentic banking will shape the future of finance by 2035. In this episode, we answer to: Is AI driving banking transformation, or are customers in control? What is the future of regional banks in the age of agentic AI? How can traditional banks survive digital disruption and customer flight? Resources Mentioned in this Episode: Spherical Insights, article "Global AI Agents In Financial Services Market To Exceed USD 19890.2 Million By 2035 | CAGR 40.03%", link https://www.sphericalinsights.com/press-release/ai-agents-in-financial-services-market Global Banking and Finance website, article "Banking in 2035 How Emerging Technologies Will Transform the Way We Bank", link https://www.globalbankingandfinance.com/banking-in-2035-how-emerging-technologies-will-transform-the-way-we-bank/ CIO Africa website, article "How Edge Computing Is Transforming Banking", link https://cioafrica.co/how-edge-computing-is-transforming-banking/ World Economic Forum website, article "How Agentic AI will transform financial services with autonomy, efficiency and inclusion", link https://www.weforum.org/stories/2024/12/agentic-ai-financial-services-autonomy-efficiency-and-inclusion/ Money Vehicle website, article "Digital Banking 2024: Exploring the Evolution and Its Impacts", link https://yourmoneyvehicle.com/banking/digital-banking-2024-exploring-the-evolution-and-its-impacts/ Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

    7 min

  8. 11/11/2025

    BSI C5 vs NIST 800-53: Smart Compliance for Banks

    In this episode, Luigi Ferri compares two pillars of cloud security compliance: BSI C5 (Germany) and NIST SP 800-53 (USA). Discover how global banks can harmonize compliance, cut costs, and focus on real security over bureaucracy. Learn how ITSM and IT security teams can transform audit frameworks into governance tools that truly add value. In this episode, we answer to: How can global banks manage cloud compliance across BSI C5 and NIST SP 800-53 without duplicating effort? What are the key differences and overlaps between BSI C5 and NIST SP 800-53? Does compliance really improve security — or just increase documentation? Resources Mentioned in this Episode: German Federal Office for Information Security website, article "Criteria catalogue C5", link https://www.bsi.bund.de/EN/Themen/Unternehmen-und-Organisationen/Informationen-und-Empfehlungen/Empfehlungen-nach-Angriffszielen/Cloud-Computing/Kriterienkatalog-C5/kriterienkatalog-c5_node.html Securance website, article "What is BSI C5?", link https://audit-professionals.de/bsi-c5/ CyberSaint Security website, article "What is NIST SP 800-53?", link https://www.cybersaint.io/blog/what-is-nist-800-53 6 Clicks website, article "Comparison between NIST Cybersecurity Framework (CSF) and NIST SP 800-53", link https://www.6clicks.com/resources/comparisons/nist-cybersecurity-framework-csf-vs-nist-sp-800-53 Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

    8 min
See All (127)

About

Join Luigi Ferri, an experienced ITSM & IT Security Professional, in 'The ITSM Practice.' Explore IT Service Management and IT Security, uncovering innovations and best practices with insights from leading organizations like Volkswagen Financial Services, Vodafone, and more. Each episode offers practical guides and expert discussions for learning and growth. Ideal for all ITSM and IT Security Professionals! Stay Connected: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Youtube: https://www.youtube.com/@theitsmpractice Website: http://www.theitsmpractice.com

Information