Becoming Resilient: The Definitive Guide to ISO 22301 Implementation – Book Review

By   ISBuzz Team
Writer , Information Security Buzz | Dec 19, 2013 02:11 am PST

If you’re interested in business continuity, here’s a new book that might attract your attention: Becoming Resilient: The Definitive Guide to ISO 22301 Implementation. So, if you are looking for some tips on how to implement this standard, here’s a brief overview of the book.

What is this book about

Main goal for this book was to provide practical step-by-step guidelines for implementing ISO 22301 – on one hand, author Dejan Kosutic covered all the in-depth details of such complex implementation, but on the other hand he avoided using specialized language that no one understands.

Kosutic tried to make this book as practical as possible – each section that describes different business continuity elements covers the following aspects:

– Purpose – the purpose of each business continuity element, how it fits with other elements, and how to deal with it with optimum effort
– Inputs – which inputs you need to take into account when making decisions about the implementation
– Options – which options exist for implementing particular elements of business continuity
– Decisions – which decisions need to be made when starting the implementation
– Documentation – which documents need to be written, and how to structure them

Basically, the book gives a complete methodology for ISO 22301 implementation, seen from a consultant perspective: the author tried to pass along his own knowledge collected throughout his consulting career.

Who it is written for

In the first place, this book is written for beginners in business continuity – the people who are just entering this area, and have very little knowledge about it. All the steps, from the very beginning all the way to the ISO 22301 certification are explained, including many practical examples.

However, the book might also be interesting for business continuity professionals – e.g. for ISO 22301 consultants, especially the part where implementation options are explained.

Finally, the book might be interesting for experienced business continuity practitioners because it systematically summarizes all the key business continuity elements in the ISO 22301 framework.

The topics covered in the book

The book covers all the core business continuity elements: business impact analysis, risk assessment and mitigation, business continuity strategy, business continuity planning, incident response, crisis management, recovery, exercising and testing, etc.

However, it also focuses on other important requirements of ISO 22301 – role of the top management, objectives, measurement, document control, internal audit, corrective actions, etc.

At last, the book covers all the steps that come before and after the implementation – the crucial step of how to convince your top management to fund this kind of a project, how to structure the project team, and also how to prepare for the certification and how to speak to the certification auditor.

To learn more about the book, visit the Becoming Resilient official website.

ISO 22301


Notify of
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x