Sign up to save your podcasts
Or
Share ITIL 5, SCF and the Compliance Illusion
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
ITIL 5, SCF and the Compliance Illusion
In this episode of the ITSM Practice Podcast, Luigi Ferri challenges the illusion of security frameworks and compliance culture. Exploring the Secure Controls Framework (SCF), ISO, NIST and ITIL 5, he exposes governance immaturity, framework sprawl and risk misalignment. A sharp reflection on cybersecurity governance, enterprise risk management and why compliance without thinking weakens leadership.
In this episode, we answer to:
Is compliance replacing real risk-based security governance?
Why do organizations accumulate ISO, NIST and SCF instead of clarifying risk ownership?
How does ITIL 5 transform control frameworks into accountable governance?
Resources Mentioned in this Episode:
Compliance Forge website, article "The Secure Controls Framework (SCF) Is The Common Controls Framework (CCF)", link https://complianceforge.com/scf/what-is-the-scf/
Secure Controls Framework website, article "The SCF Makes Compliance A Natural Byproduct of Secure Practices", link https://securecontrolsframework.com/what-is-the-scf/
Secure Controls Framework on GitHub, article "The Secure Controls Framework (SCF) is a meta-framework (framework of frameworks) that maps to over 100 cybersecurity and privacy-related laws, regulations and industry frameworks", link https://github.com/securecontrolsframework/securecontrolsframework
Secure Controls Framework website, article "Security, Compliance & Resilience (SCR) Principles", link https://securecontrolsframework.com/domains-principles/
Secure Controls Framework website, article "Secure, Compliant & Resilient Capability Maturity Model (SCR-CMM)", link https://securecontrolsframework.com/free/capability-maturity-model/
Connect with me on:
LinkedIn: https://www.linkedin.com/in/theitsmpractice/
Website: http://www.theitsmpractice.com
And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.
Credits:
Sound engineering by Alan Southgate - http://alsouthgate.co.uk/
Graphics by Yulia Kolodyazhnaya
View all episodes
By Luigi FerriIn this episode of the ITSM Practice Podcast, Luigi Ferri challenges the illusion of security frameworks and compliance culture. Exploring the Secure Controls Framework (SCF), ISO, NIST and ITIL 5, he exposes governance immaturity, framework sprawl and risk misalignment. A sharp reflection on cybersecurity governance, enterprise risk management and why compliance without thinking weakens leadership.
In this episode, we answer to:
Is compliance replacing real risk-based security governance?
Why do organizations accumulate ISO, NIST and SCF instead of clarifying risk ownership?
How does ITIL 5 transform control frameworks into accountable governance?
Resources Mentioned in this Episode:
Compliance Forge website, article "The Secure Controls Framework (SCF) Is The Common Controls Framework (CCF)", link https://complianceforge.com/scf/what-is-the-scf/
Secure Controls Framework website, article "The SCF Makes Compliance A Natural Byproduct of Secure Practices", link https://securecontrolsframework.com/what-is-the-scf/
Secure Controls Framework on GitHub, article "The Secure Controls Framework (SCF) is a meta-framework (framework of frameworks) that maps to over 100 cybersecurity and privacy-related laws, regulations and industry frameworks", link https://github.com/securecontrolsframework/securecontrolsframework
Secure Controls Framework website, article "Security, Compliance & Resilience (SCR) Principles", link https://securecontrolsframework.com/domains-principles/
Secure Controls Framework website, article "Secure, Compliant & Resilient Capability Maturity Model (SCR-CMM)", link https://securecontrolsframework.com/free/capability-maturity-model/
Connect with me on:
LinkedIn: https://www.linkedin.com/in/theitsmpractice/
Website: http://www.theitsmpractice.com
And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.
Credits:
Sound engineering by Alan Southgate - http://alsouthgate.co.uk/
Graphics by Yulia Kolodyazhnaya