Forwarded from: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rsladeat_private> BKDHOBCP.RVW 20020923 "The Definitive Handbook of Business Continuity Planning", Andrew Hiles/Peter Barnes, 1999, 0-471-48559-4, C$90.00 %E Andrew Hiles %E Peter Barnes %C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8 %D 1999 %G 0-471-48559-4 %I John Wiley & Sons, Inc. %O C$90.00 416-236-4433 fax: 416-236-4448 %O http://www.amazon.com/exec/obidos/ASIN/0471485594/robsladesinterne %P 391 p. %T "The Definitive Handbook of Business Continuity Planning" The first two pages of the foreword are a promotional piece for the Survive organization which, incidentally, employs both authors. The foreword also states that the authors expect this to be "the most authoritative work on business continuity planning (BCP) yet produced." Section one is an executive overview. Chapter one states that disasters do happen and can affect business. While not always clearly focused, chapter two's outline of a business continuity strategy is generally good. Vague thoughts on a slightly more generic BCP, under a different name, make up the review of crisis management in chapter three. Chapter four defines multilateral continuity planning as involving interrelated companies, vendors, customers, and so forth. A disaster can result in bad publicity, we are told in chapter five. Chapter six is a partial list of threats. Section two is supposed to be a how-to guide for planning business continuity. Chapter seven presents a basic but reasonable outline of the BCP methodology. The usual advice for project initiation and management is provided in chapter eight. Risk evaluation and management, in chapter nine, is very vague, although part two is better than part one. There are gaps in details and tenuous conceptual presentations of business impact analysis in chapter ten. Chapter eleven talks about BCP, but in respect to specific work areas or business units. Manufacturing BCP is handled in chapter twelve, although not much is different. The same is true for communications-- basically, chapter thirteen's advice boils down to having alternative sources. Chapter fourteen looks at emergency response, planning for the earliest and shortest part of the event. Then there is a repeat of much of the earlier information, under the heading of developing the plan, in chapter fifteen. Chapter sixteen is supposed to be about using auditing, training and testing to drive awareness, but is mostly just about auditing, training, and testing. Maintaining the BCP, in chapter seventeen, is mostly about testing. Chapter eighteen, on selecting BCP tools, gives a listing of tool types, and a number of questions to ask about the tools that are mostly irrelevant for any specific tool. Coping with people in recovery, in chapter nineteen, deals with the psychological trauma that people experience in emergencies. The material is not particularly useful, but it is nice to see the topic addressed. Chapter twenty closes off with a promotion of the idea of business continuity planning. Appendix A is a set of "case studies." These are mostly stories of disasters, without an awful lot of detail or analysis. The material is a reasonable overview of the BCP process, but nothing is particularly helpful or useful. copyright Robert M. Slade, 2002 BKDHOBCP.RVW 20020923 -- ====================== rsladeat_private rsladeat_private sladeat_private p1at_private Find book info victoria.tc.ca/techrev/ or sun.soci.niu.edu/~rslade/ Upcoming (ISC)^2 CISSP CBK review seminars (+1-888-333-4458): February 10, 2003 February 14, 2003 St. Louis, MO March 31, 2003 April 4, 2003 Indianapolis, IN - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Dec 24 2002 - 09:10:46 PST