Sveriges mest populära poddar
The ITSM Practice: Elevating ITSM and IT Security Knowledge
Teknologi

ITIL 5, SCF and the Compliance Illusion

9 min10 mars 2026

In this episode of the ITSM Practice Podcast, Luigi Ferri challenges the illusion of security frameworks and compliance culture. Exploring the Secure Controls Framework (SCF), ISO, NIST and ITIL 5, he exposes governance immaturity, framework sprawl and risk misalignment. A sharp reflection on cybersecurity governance, enterprise risk management and why compliance without thinking weakens leadership.


In this episode, we answer to:

Is compliance replacing real risk-based security governance?

Why do organizations accumulate ISO, NIST and SCF instead of clarifying risk ownership?

How does ITIL 5 transform control frameworks into accountable governance?


Resources Mentioned in this Episode:

Compliance Forge website, article "The Secure Controls Framework (SCF) Is The Common Controls Framework (CCF)", link https://complianceforge.com/scf/what-is-the-scf/


Secure Controls Framework website, article "The SCF Makes Compliance A Natural Byproduct of Secure Practices", link https://securecontrolsframework.com/what-is-the-scf/


Secure Controls Framework on GitHub, article "The Secure Controls Framework (SCF) is a meta-framework (framework of frameworks) that maps to over 100 cybersecurity and privacy-related laws, regulations and industry frameworks", link https://github.com/securecontrolsframework/securecontrolsframework


Secure Controls Framework website, article "Security, Compliance & Resilience (SCR) Principles", link https://securecontrolsframework.com/domains-principles/


Secure Controls Framework website, article "Secure, Compliant & Resilient Capability Maturity Model (SCR-CMM)", link https://securecontrolsframework.com/free/capability-maturity-model/


Connect with me on:

LinkedIn: https://www.linkedin.com/in/theitsmpractice/

Website: http://www.theitsmpractice.com

And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.


Credits:

Sound engineering by Alan Southgate - http://alsouthgate.co.uk/


Graphics by Yulia Kolodyazhnaya

Fler avsnitt av The ITSM Practice: Elevating ITSM and IT Security Knowledge

Visa alla avsnitt av The ITSM Practice: Elevating ITSM and IT Security Knowledge
AI Security Strategy: Why Midmarket Organizations Get It Wrong
13 min
What DoDAF Can Teach Leaders About Architecture and Complexity
11 min
Identity Is the New Perimeter
10 min
FINMA and ITIL 4: Building Resilient Swiss Banks
10 min
Broken Transmission: Why Fintech Strategy Fails
6 min
FINOS vs ISO 42001: What to Choose
9 min
Who Owns Cloud Security?
9 min
CISO Strategy: Where Product Security Fails at Scale
8 min
ITIL 5 Exposed: Accountability Without Authority
8 min
PSD3 Explained: Payments Security & Fraud
9 min

The ITSM Practice: Elevating ITSM and IT Security Knowledge med Luigi Ferri finns tillgänglig på flera plattformar. Informationen på denna sida kommer från offentliga podd-flöden.