IWS - The Information Warfare Site
News Watch Make a  donation to IWS - The Information Warfare Site Use it for navigation in case java scripts are disabled



BKY2KRSM.RVW   990312

"Y2K Risk Management", Steven H. Goldberg/Steven C. Davis/Andrew M.
Pegalis, 1999, 0-471-33352-2, U$39.99/C$62.50
%A   Steven H. Goldberg www.dr2000.com
%A   Steven C. Davis www.davislogic.com
%A   Andrew M. Pegalis www.consult2000.com
%C   5353 Dundas Street West, 4th Floor, Etobicoke, ON   M9B 6H8
%D   1999
%G   0-471-33352-2
%I   John Wiley & Sons, Inc.
%O   U$39.99/C$62.50 416-236-4433 fax: 416-236-4448 rlangloi@wiley.com
%P   312 p.
%T   "Y2K Risk Management"

Bit late in the day for a Y2K book, wouldn't you say?  Well, as the
authors point out, some action is better than none.  And, as they also
point out, this marks your last chance to take a look at what you are
doing, and make sure you are getting the greatest benefit for your
time and effort.

Chapter one is the fairly obligatory "sell or scare" piece.  While
similar to others of the same ilk, it does stress the importance of
interconnected and interoperating systems, as well as emphasizing the
business and legal risks.  On the other hand, it doesn't do a very
good job of presenting the background and technical aspects, for
example discussing different types of computers rather than various
data structures or date usage.  In the same way as many essays on
building a Y2K team, chapter two looks at starting a risk management
project directed at Y2K.  The concepts are presented reasonably, but
the details aren't terribly useful.  Starting a project, and getting
it up to speed as quickly as possible, is covered in chapter three. 
Unfortunately, the advice consists, as usual, of "get the right
people, have the right plan, do the right things," with the
particulars left as an exercise to the reader.  Chapter four, on legal
aspects, is lengthy and detailed, usually explains the concepts well,
occasionally slips into legalese, sticks primarily to common law, but
does sometimes lapse into the US-centric black hole.  Dealing with
suppliers and providers is handled much better than in most books in
chapter five.  One issue hinted at, but not adequately covered, is the
possibility of a single point of failure removed one or more layers of
suppliers from you, such as having multiple grocery suppliers--all of
whose delivery fleets obtain fuel from the same source.

Chapter six, as did chapter three, gives the usual "do the right
thing" counsel for contingency planning.  Large corporate decisions
and Y2K are reviewed in chapter seven, but not really tied together. 
"Due diligence" was a large factor in chapter four: chapter eight
looks at proving your prudence.  Insurance issues are definitely not
made clear by chapter nine.  Chapter ten's overview of "alternative
dispute resolution" (ADR: for pity's sake, *everything* has a TLA
[Three Letter Acronym]!) will probably have value for many, although
personally I found it rather obvious.  Preparing for litigation, in
chapter eleven, has a lot of very useful background, although much of
it seems to assume you will be the suer instead of the suee.  Post Y2K
planning is brief, but touches on a number of important, and often
unregarded, issues in chapter twelve.

Risk management is not really handled all that well in this book.  A
number of risks are identified, but the control of those hazards is
left vague.  On the other hand, a number of topics dealt with here get
short shrift in other year 2000 guides.  Overall, while I couldn't
recommend it as the only reference for those just starting out, I
would say that, for those seriously into Y2K planning, the book should
handily repay the price and time spent on it.

copyright Robert M. Slade, 1999   BKY2KRSM.RVW   990312