Forwarded from: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rsladeat_private> BKMIENRI.RVW 20020916 "Minimizing Enterprise Risk", Corinne Gregory, 2003, 0-273-66158-2, UK#156.99/C$319.99 %A Corinne Gregory corinne.gregoryat_private %C London, UK %D 2003 %G 0-273-66158-2 %I Prentice Hall/Financial Times %O UK#156.99/C$319.99 +1-201-236-7139 fax: +1-201-236-7131 %O http://www.amazon.com/exec/obidos/ASIN/0273661582/robsladesinterne %P 120 p. %T "Minimizing Enterprise Risk: A practical guide to risk and continuity" Chapter one defines four types of risks--and immediately contradicts itself with tables of other types of risks. The basic point seems to be that risks exist. Chapter two looks at the new product development process and reputation management (after all, one type of risk is bad publicity). There is a look at risk mitigation, but not risk acceptance or avoidance, a cost/benefit analysis that is not very detailed, and a contrived use of the "9/11" World Trade Center disaster (but no mention of the brokerage firm that survived) that undercuts the ultimate message about having a disaster plan. Enterprise continuity, in chapter three, has, like other chapters, good ideas mixed in with a random collection of topics from business continuity planning, disaster recovery, incident response, contingency planning, and other areas. Business impact analysis is proposed as a justification for planning, in chapter four, although it should be part of risk analysis itself. Otherwise this material is pretty basic; get a committee, list the risks, think of what to do about them; the type of thing you would see in any decent article on risk management. Chapter five states that Internet use is risky, and has a (short) list of some precautions. Anyone who thinks that they understand risk management or business continuity planning from reading this book is seriously misled, and possibly a liability to the company. copyright Robert M. Slade, 2002 BKMIENRI.RVW 20020916 -- ====================== rsladeat_private rsladeat_private sladeat_private p1at_private Find book info victoria.tc.ca/techrev/ or sun.soci.niu.edu/~rslade/ Upcoming (ISC)^2 CISSP CBK review seminars (+1-888-333-4458): February 10, 2003 February 14, 2003 St. Louis, MO March 31, 2003 April 4, 2003 Indianapolis, IN - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Jan 07 2003 - 04:56:47 PST