The ITSM Practice: Elevating ITSM and IT Security Knowledge

Luigi Ferri
  • 0.0 (0)
  • TECHNOLOGY
  • UPDATED WEEKLY
The ITSM Practice: Elevating ITSM and IT Security Knowledge

Join Luigi Ferri, an experienced ITSM & IT Security Professional, in 'The ITSM Practice.' Explore IT Service Management and IT Security, uncovering innovations and best practices with insights from leading organizations like Volkswagen Financial Services, Vodafone, and more. Each episode offers practical guides and expert discussions for learning and growth. Ideal for all ITSM and IT Security Professionals! Stay Connected: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Youtube: https://www.youtube.com/@theitsmpractice Website: http://www.theitsmpractice.com

  1. 1D AGO

    Outsourcing Code, Keeping Control – ISO/IEC 27001 A.8.30

    Outsourced development is growing, but ISO 27001 Annex A 8.30 ensures you don’t outsource control. In this episode, we explain how to secure external software development, from vendor audits to contract clauses and compliance risks. Learn practical steps to protect your business. In this episode, we answer to: How can ISO 27001 Annex A 8.30 secure outsourced development? What security questions should you ask every software vendor? How do you turn contracts into enforceable cybersecurity controls? Resources Mentioned in this Episode: HighTable, article "ISO 27001 Annex A 8.30 Outsourced Development", link https://hightable.io/iso27001-annex-a-8-30-outsourced-development/ ISMS.online website, article "ISO 27001:2022 Annex A 8.30 – Outsourced Development", link https://www.isms.online/iso-27001/annex-a/8-30-outsourced-development-2022/ ISMS.online website, article "ISO 27002:2022 – Control 8.30 – Outsourced Development", link https://www.isms.online/iso-27002/control-8-30-outsourced-development/ GRC Mana website, article "ISO 27001 Annex A 8.30: A Step-by-Step Guide", link https://www.grcmana.io/blog/iso-27001-annex-a-8-30-outsourced-development Advisera website, article "Big guide to ISO 27001 clauses — How is this standard structured?", link https://advisera.com/iso27001/control-8-30-outsourced-development/ Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

    9 min

  2. JUL 8

    How Enterprise Architecture Transforms Hospital IT and Patient Safety

    Discover how Enterprise Architecture in healthcare helps government hospitals improve patient safety, system resilience, and operational efficiency. Learn the five EA pillars driving digital transformation, compliance, and innovation—critical for Managed Service Providers too. In this episode, we answer to: How can Enterprise Architecture reduce IT outages in hospitals? What risks do Managed Service Providers face without solid architecture? How does EA help align IT with national healthcare goals? Resources Mentioned in this Episode: Sparx Systems website, article "The Case for Enterprise Architecture in the Government", link https://trerado.sparxsystems.com/resources/eaglobalsummit-2024/the-case-for-enterprise-architecture-in-the-government/ SCW website, article "How Enterprise Architecture plays a vital role in navigating the NHS’s future", link https://scwcsu.nhs.uk/news-and-views/blog/how-enterprise-architecture-plays-a-vital-role-in-navigating-the-nhs-s-future iTrobes website, article "ERP For Hospitals – A Complete Guide", link https://www.itrobes.com/hospital-management-erp-software/ SAP website, article "Enterprise Architecture Maturity Models & Assessment", link https://www.leanix.net/en/wiki/ea/enterprise-architecture-maturity-stages-and-assessment Confiz website, article "Building service excellence: 6 pillars of Managed Services Framework", link https://www.confiz.com/blog/building-service-excellence-6-pillars-of-managed-services-framework/ Ardoq website, article "What Is Enterprise Security Architecture? The Complete Guide to More Holistic Risk Management", link https://www.ardoq.com/knowledge-hub/enterprise-security-architecture ValueBlue website, article "Top 10 Benefits of Enterprise Architecture for Your Business", link https://www.valueblue.com/blog/top-10-benefits-of-enterprise-architecture-for-your-business Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

    11 min

  3. JUL 1

    PCI DSS Explained: Turning Compliance into a Security Strategy

    Discover how PCI DSS can become more than just a compliance checklist. This episode explores PCI DSS as a strategic tool to build digital trust, prevent fraud, and unify your security approach. Learn why treating it as a living framework, not a box-ticking task—can transform your security posture. In this episode, we answer to: What are the core PCI DSS requirements most organizations fail to meet? Why should PCI DSS be treated as a continuous strategy, not a one-time audit? Who is actually in scope for PCI DSS, and why does size not exempt you? Resources Mentioned in this Episode: TechTarget website, article "What is PCI DSS (Payment Card Industry Data Security Standard)?", link https://www.techtarget.com/searchsecurity/definition/PCI-DSS-Payment-Card-Industry-Data-Security-Standard Stripe website, article "What is PCI DSS compliance?", link https://stripe.com/guides/pci-compliance Bridewell website, article "Who Needs to Be PCI DSS Compliant?" link https://www.bridewell.com/insights/blogs/detail/who-needs-to-be-pci-dss-compliant AuditBoard website, article "The 12 PCI DSS Compliance Requirements: What You Need to Know", link https://www.auditboard.com/blog/pci-dss-requirements/ Exabeam website, article "What Is PCI Compliance? The 12 Requirements", link https://www.exabeam.com/explainers/pci-compliance/pci-compliance-a-quick-guide/ Sprinto website, article "Who Must Comply with PCI DSS? Payment Security Explained", link https://sprinto.com/blog/to-whom-does-pci-dss-apply/ Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

    8 min

  4. JUN 24

    FinTech CIOs: From Projects to Products – Lead the Shift to Product-Centric IT

    Discover how FinTechs can shift from project-driven IT to a product-centric model that enables continuous value delivery. Learn key strategies for CIOs to build agile, cross-functional teams and redesign governance. Are your teams truly product-led or just rebranded project squads? In this episode, we answer to: How can FinTech CIOs enable a shift from projects to products? What does a product-led operating model look like in FinTech? How can teams self-assess their product-readiness? Resources Mentioned in this Episode: CIO.com website, article "Making the shift to product-based IT", link https://www.cio.com/article/219649/making-the-shift-to-product-based-it.html Ernst & Young website, article "How a product-driven IT operating model can help reimagine banking", link https://www.ey.com/en_us/insights/banking-capital-markets/how-a-product-driven-it-model-can-reimagine-banking Gartner website, article "IT Organization Design Roadmap: How to Shift from Project to Product", link https://www.gartner.com/en/publications/it-org-design-project-to-product-roadmap Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

    6 min

  5. JUN 17

    ISO/IEC 42001 Explained: How to Govern AI Ethically and Securely

    Explore how ISO/IEC 42001 sets the standard for responsible, ethical, and secure AI use. Learn how it aligns AI governance with business strategy, mitigates risks, and fosters innovation through transparency and trust. In this episode, we answer to: Why do organizations need a specific standard for AI governance? What are the core components of ISO/IEC 42001 and how do they work in practice? How does aligning with ISO 42001 impact innovation and business trust? Resources Mentioned in this Episode: ISMS.online website, article "Understanding ISO 42001 and Demonstrating Compliance", link https://www.isms.online/iso-42001/ Schellman website, article "How to Assess and Treat AI Risks and Impacts with ISO/IEC 42001:2023", link https://www.schellman.com/blog/iso-certifications/how-to-assess-and-treat-ai-risks-and-impacts-with-iso42001 Scytale website, article "Exploring the Role of ISO/IEC 42001 in Ethical AI Frameworks", link https://scytale.ai/resources/exploring-the-role-of-iso-iec-42001-in-ethical-ai-frameworks/ Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

    10 min

  6. JUN 10

    ISO 20022 Explained: Global Payments, Compliance Risks & Transformation Strategies

    ISO 20022 is reshaping global payments with rich, structured data, offering enhanced compliance, operational efficiency, and new revenue possibilities. As the 2025 deadline nears, financial institutions must modernize systems, reduce risks, and unlock powerful analytics. Ready or not, change is here. In this episode, we answer to: What happens if you’re not ISO 20022-compliant by November 2025? How does ISO 20022 improve payment data quality and analytics? What are the key phases to successfully transition your systems? Resources Mentioned in this Episode: StoneX website, article "STS – ISO 20022: A Global Shift in Cross-Border Payments", link https://www.stonex.com/en/thought-leadership/02-03-2025-sts-iso-20022/ SWIFT website, article "ISO 20022 for Financial Institutions: Focus on Payments Instructions", link https://www.swift.com/standards/iso-20022/iso-20022-financial-institutions-focus-payments-instructions S&P Global Market Intelligence website, article "ISO 20022 Adoption Poses Challenges and Presents Opportunities", link https://www.spglobal.com/market-intelligence/en/news-insights/research/iso-20022-adoption-poses-challenges-and-presents-opportunities Ernst & Young website, article "Nine Considerations for ISO 20022 Migration", link https://www.ey.com/en_gl/insights/banking-capital-markets/nine-considerations-for-iso-20022-migration Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

    9 min

  7. JUN 3

    AI Is Replacing Project Managers — Only the Smart Will Survive

    In today’s episode of The ITSM Practice, we explore the future of project management in an AI-driven world. How can project managers stay relevant when AI plans, flags risks, and analyzes moods? Discover how emotional intelligence, critical thinking, and ethical leadership shape the next generation of project leaders. In this episode, we answer to: How should project managers adapt when AI starts shaping decisions? What skills will make project managers future-proof in an AI-driven environment? How can we trust AI tools without losing human judgment and leadership? Resources Mentioned in this Episode: PMI Blog, article “Preparing Project Managers for an AI-Driven Future”, link https://www.pmi.org/blog/preparing-project-managers-for-an-ai-driven-future Atlassian website, article “How to utilize AI for project management”, link https://www.atlassian.com/work-management/project-management/ai-project-management PPM Express website, article “The Future of AI in Project Management: Trends and Innovations”, link https://ppm.express/blog/the-future-of-ai-in-project-management-trends-and-innovations/ Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

    7 min

  8. MAY 27

    The 3 Risk Models Every IT and Business Leader Must Understand

    Dive into this essential episode of "The ITSM Practice Podcast" hosted by Luigi Ferri, where we rethink risk management beyond frameworks and dashboards. Discover how hidden vulnerabilities can silently disrupt operations and why evolving from Risk Officer to Continuity Architect is crucial for true resilience. In this episode, we answer to: Which risks are we ignoring because they don't fit usual categories? How can we identify informal, undocumented, or assumed asset dependencies? What would happen if a quiet, always-working process failed unexpectedly? Resources Mentioned in this Episode: Scytale website, article “Asset-Based Risk Assessment”, link https://scytale.ai/glossary/asset-based-risk-assessment/ Aptine website, article “How to conduct Threat-Based Risk Assessment, link https://aptien.com/en/kb/articles/how-to-conduct-threat-based-risk-assessment BCP Builder website, article “What is the relationship between Business Continuity and Risk Management”, link https://www.bcpbuilder.com/business-continuity-risk-management/ Connect with me on: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Website: http://www.theitsmpractice.com And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security. Credits: Sound engineering by Alan Southgate - http://alsouthgate.co.uk/ Graphics by Yulia Kolodyazhnaya

    8 min
See All (103)

About

Join Luigi Ferri, an experienced ITSM & IT Security Professional, in 'The ITSM Practice.' Explore IT Service Management and IT Security, uncovering innovations and best practices with insights from leading organizations like Volkswagen Financial Services, Vodafone, and more. Each episode offers practical guides and expert discussions for learning and growth. Ideal for all ITSM and IT Security Professionals! Stay Connected: LinkedIn: https://www.linkedin.com/in/theitsmpractice/ Youtube: https://www.youtube.com/@theitsmpractice Website: http://www.theitsmpractice.com

Information

You Might Also Like

To listen to explicit episodes, sign in.

Stay up to date with this show

Sign in or sign up to follow shows, save episodes, and get the latest updates.
Select a country or region

Africa, Middle East, and India

Asia Pacific

Europe

Latin America and the Caribbean

The United States and Canada