A Risk Management Approach to Business Continuity: Aligning Business Continuity with Corporate Governance
A helpful text for security professionals in need of guidance when creating and maintaining business continuity plans.
***** A Risk Management Approach to Business Continuity: Aligning Business Continuity with Corporate Governance. By Julia Graham and David Kaye; published by Rothstein Associates, www.rothstein.com (Web); 420 pages; $89.
Organizations of all types are placing greater emphasis than ever before on planning to ensure business continuity. At the same time, the need for knowledgeable professionals to create and maintain these plans is growing, as is the need for good textbooks to guide them. A Risk Management Approach to Business Continuity: Aligning Business Continuity with Corporate Governance is a helpful start. The book is, however, somewhat uneven.
Authors Julia Graham and David Kaye and editor Philip Jan Rothstein are all seasoned specialists and the text is a solid guide to the basic components of creating business continuity plans of all types.
Among the book’s strengths is its demonstration that planning about business continuity is starting to evolve from its roots in IT backup, and that risk management no longer means simply buying an insurance policy. There is also an emphasis on the importance of involving senior organizational leadership in the planning and the need to identify all stakeholders at some point in the process. Helpfully, there are a number of useful suggestions for doing this.
Some sections provide considerable information, and there are a number of useful outlines. One provides suggested section headers for a continuity plan. Other sections, however, fall short of the mark. Numerous “case studies,” for example, are little more than brief descriptions and could more accurately be called “case summaries.”
Nonetheless, this book is a very good beginner’s reference guide for any manager new to the business continuity game. Experienced planners will find it a helpful refresher.
Reviewer: Mayer Nudell, CSC (Certified Security Consultant), is an independent consultant on crisis management, contingency planning, and related issues. He is a member of ASIS.