OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: InfoSec News (isn_at_c4i.org)
Date: Tue Jan 07 2003 - 03:27:04 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Forwarded from: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rsladesprint.ca>

    BKMIENRI.RVW 20020916

    "Minimizing Enterprise Risk", Corinne Gregory, 2003, 0-273-66158-2,
    UK#156.99/C$319.99
    %A Corinne Gregory corinne.gregoryhartgregorygroup.com
    %C London, UK
    %D 2003
    %G 0-273-66158-2
    %I Prentice Hall/Financial Times
    %O UK#156.99/C$319.99 +1-201-236-7139 fax: +1-201-236-7131
    %O http://www.amazon.com/exec/obidos/ASIN/0273661582/robsladesinterne
    %P 120 p.
    %T "Minimizing Enterprise Risk: A practical guide to risk and
          continuity"

    Chapter one defines four types of risks--and immediately contradicts
    itself with tables of other types of risks. The basic point seems to
    be that risks exist. Chapter two looks at the new product development
    process and reputation management (after all, one type of risk is bad
    publicity). There is a look at risk mitigation, but not risk
    acceptance or avoidance, a cost/benefit analysis that is not very
    detailed, and a contrived use of the "9/11" World Trade Center
    disaster (but no mention of the brokerage firm that survived) that
    undercuts the ultimate message about having a disaster plan.
    Enterprise continuity, in chapter three, has, like other chapters,
    good ideas mixed in with a random collection of topics from business
    continuity planning, disaster recovery, incident response, contingency
    planning, and other areas. Business impact analysis is proposed as a
    justification for planning, in chapter four, although it should be
    part of risk analysis itself. Otherwise this material is pretty
    basic; get a committee, list the risks, think of what to do about
    them; the type of thing you would see in any decent article on risk
    management. Chapter five states that Internet use is risky, and has a
    (short) list of some precautions.

    Anyone who thinks that they understand risk management or business
    continuity planning from reading this book is seriously misled, and
    possibly a liability to the company.

    copyright Robert M. Slade, 2002 BKMIENRI.RVW 20020916 

    -- 
======================
rsladevcn.bc.ca  rsladesprint.ca  sladevictoria.tc.ca p1canada.com
Find book info victoria.tc.ca/techrev/ or sun.soci.niu.edu/~rslade/
Upcoming (ISC)^2 CISSP CBK review seminars (+1-888-333-4458):
    February 10, 2003   February 14, 2003   St. Louis, MO
    March 31, 2003      April 4, 2003       Indianapolis, IN

    -
ISN is currently hosted by Attrition.org

    To unsubscribe email majordomoattrition.org with 'unsubscribe isn'
in the BODY of the mail.