A Manager’s Guide to ISO22301 Book Review

This post contains affiliate links. Affiliate disclosure: As an Amazon Associate, we may earn commissions from qualifying purchases from and other Amazon websites.

IT Governance – This book comes from IT Governance USA. Learn more about IT Governance and their role in securing your corporation by clicking here.

It Governance Discounts:

DiscountDiscount CodeLink
Get 30% off IT Governance’s distance learning training coursesDL30
Get 20% off IT Governance’s Live Online Training CoursesONLINE20
Receive 15% off all ToolkitsToolkit15
Receive 50% off our ITIL 4® Foundation Distance Learning CourseITIL50

A Manager’s Guide to ISO22301 Book Summary:

Authors: Tony Drewitt
Publishers: IT Governance Publishing
Format: Softcover

BCM involves managing risks to ensure that mission-critical functions continue to provide an acceptable level of service, even in the event of a major disaster.

Implementing a BCMS that complies with the international standard ISO 22301 ensures your organization can provide a minimum acceptable service despite a disruption, and helps preserve corporate reputation and revenue.

A Manager’s Guide to ISO22301 provides essential guidance to help successfully develop and implement an ISO 22301-compliant BCMS.

Manager’s Guide to ISO22301 Book Review:

“A Manager’s Guide to ISO22301” is a book that is designed for the non-technical manager who has to decide whether it is appropriate for the organization to base its risk management process on the ISO standards. In summary, the book provides an overview of the risk management process and advice on how to implement it within an organization. The manner in which the book is organized means the reader will be able to easily and quickly grasp the concepts.

The authors start with a review of the principles behind ISO22301 and how it fits within the corporate framework. They go on to explain the importance of getting the scope right for both the business continuity management strategy and the BCMS. As far as the BCMS is concerned the authors have really packed a lot of information into this small volume. They go on to explain the process of getting the BCMS “approved” by someone senior to the project manager. There are some good pointers on how to simplify this process by reducing the amount of documentation needed. There is also the importance of involving the IT department team from the onset.

The authors then explain to the reader what assets they have to consider during the scope process and how to value them. They give some good examples to help the readers understand the important of valuation. They explain how to build a risk ranking matrix, and how this may be complemented with BCDR plans. They also explain how to gain executive approval, and how much of the project resources to allocate to the BCMS. The authors go on to explain the generic approach to managing incidents, and the importance of devising a communication plan. Finally, they go through the entire process of a successful BCMS project and provide a real-life case study and much more.

There are quite a few comments on the tone and style of the book. For example, some people felt that the book was pitched at a level that was a little too low for people with prior knowledge of BCMS concepts. There were also comments that the book is a little too simple, and fails to go into enough detail in some parts.

All in all, A Manager’s Guide to ISO22301 is a great book for those individuals responsible for bringing a business continuity management process into their organisation. It is not an in-depth reference tool, but it takes you all the way from conception to implementation, in a quick easy format.

Leave a Reply

Your email address will not be published.

An Introduction to Information Security and ISO 27001 (2013) A Pocket Guide, Second Edition Review

Business Continuity and the Pandemic Threat Book Review