BKY2KRSM.RVW 990312 "Y2K Risk Management", Steven H. Goldberg/Steven C. Davis/Andrew M. Pegalis, 1999, 0-471-33352-2, U$39.99/C$62.50 %A Steven H. Goldberg www.dr2000.com %A Steven C. Davis www.davislogic.com %A Andrew M. Pegalis www.consult2000.com %C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8 %D 1999 %G 0-471-33352-2 %I John Wiley & Sons, Inc. %O U$39.99/C$62.50 416-236-4433 fax: 416-236-4448 rlangloi@wiley.com %P 312 p. %T "Y2K Risk Management" Bit late in the day for a Y2K book, wouldn't you say? Well, as the authors point out, some action is better than none. And, as they also point out, this marks your last chance to take a look at what you are doing, and make sure you are getting the greatest benefit for your time and effort. Chapter one is the fairly obligatory "sell or scare" piece. While similar to others of the same ilk, it does stress the importance of interconnected and interoperating systems, as well as emphasizing the business and legal risks. On the other hand, it doesn't do a very good job of presenting the background and technical aspects, for example discussing different types of computers rather than various data structures or date usage. In the same way as many essays on building a Y2K team, chapter two looks at starting a risk management project directed at Y2K. The concepts are presented reasonably, but the details aren't terribly useful. Starting a project, and getting it up to speed as quickly as possible, is covered in chapter three. Unfortunately, the advice consists, as usual, of "get the right people, have the right plan, do the right things," with the particulars left as an exercise to the reader. Chapter four, on legal aspects, is lengthy and detailed, usually explains the concepts well, occasionally slips into legalese, sticks primarily to common law, but does sometimes lapse into the US-centric black hole. Dealing with suppliers and providers is handled much better than in most books in chapter five. One issue hinted at, but not adequately covered, is the possibility of a single point of failure removed one or more layers of suppliers from you, such as having multiple grocery suppliers--all of whose delivery fleets obtain fuel from the same source. Chapter six, as did chapter three, gives the usual "do the right thing" counsel for contingency planning. Large corporate decisions and Y2K are reviewed in chapter seven, but not really tied together. "Due diligence" was a large factor in chapter four: chapter eight looks at proving your prudence. Insurance issues are definitely not made clear by chapter nine. Chapter ten's overview of "alternative dispute resolution" (ADR: for pity's sake, *everything* has a TLA [Three Letter Acronym]!) will probably have value for many, although personally I found it rather obvious. Preparing for litigation, in chapter eleven, has a lot of very useful background, although much of it seems to assume you will be the suer instead of the suee. Post Y2K planning is brief, but touches on a number of important, and often unregarded, issues in chapter twelve. Risk management is not really handled all that well in this book. A number of risks are identified, but the control of those hazards is left vague. On the other hand, a number of topics dealt with here get short shrift in other year 2000 guides. Overall, while I couldn't recommend it as the only reference for those just starting out, I would say that, for those seriously into Y2K planning, the book should handily repay the price and time spent on it. copyright Robert M. Slade, 1999 BKY2KRSM.RVW 990312