Forwarded from: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rsladeat_private> BKAGTBCP.RVW 20020922 [ http://www.amazon.com/exec/obidos/ASIN/0471530158/c4iorg - WK] "A Guide to Business Continuity Planning", James C. Barnes, 2001, 0-471-53015-8, U$35.00 %A James C. Barnes %C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8 %D 2001 %G 0-471-53015-8 %I John Wiley & Sons, Inc. %O U$35.00 416-236-4433 fax: 416-236-4448 %P 174 p. %T "A Guide to Business Continuity Planning" Chapter one is an introduction, and also introduces us to a characteristic of the book: enormous tables with little apparent purpose. Table 1.1 is a list, by country, of regulatory agencies that may have something to require from you in the way of business continuity planning (BCP). The table is stated to be for motivational use, but does point out some BCP ideas or policies. There is also a rather innocent sounding mention that the book is written from the perspective of a consultant: this fact is more significant than the reader may realize. For project foundation, chapter two does not give the usual advice to get management onside and build a broadly based team, but concentrates on costing, expanding, and selling consulting services. (There are confusing areas: having presented one questionnaire, the text tells you to use results from "the two." Some items (such as the advice to use a month's worth of invoices to estimate rate of consumption of supplies) are helpful, but a lot of space seems to be wasted (on things like pages of fake employee and customer data--and a month's worth of supply invoices). The list of threats, consequences, and preventive measures is more than usually detailed (and listed twice), in chapter three, but the discussion of business impact analysis (BIA) itself is *extremely* terse. Chapter four's initial material on strategy selection is quite confused. The example RFP (Request For Proposal) for business continuity services does have some good points, but the pages of lists of specific PCs to be provided seem pointless. Later details are brief, but reasonable. Plan development, in chapter five, assumes multiple teams and, again, has some good points (the provision for leadership succession), but the lists become too specific in many places (does the top level emergency management team really all need to do CPR?) There is almost no general discussion of testing and maintenance in chapter six. The book is not necessarily wrong, but only has enough real material for a good magazine article. copyright Robert M. Slade, 2002 BKAGTBCP.RVW 20020922 -- ====================== rsladeat_private rsladeat_private sladeat_private p1at_private Find book info victoria.tc.ca/techrev/ or sun.soci.niu.edu/~rslade/ Upcoming (ISC)^2 CISSP CBK review seminars (+1-888-333-4458): November 25, 2002 November 29,2002 Toronto, ON, Canada December 16, 2002 December 20,2002 San Francisco, CA February 10, 2003 February 14, 2003 St. Louis, MO - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Nov 21 2002 - 10:58:16 PST