Eric Maiwald and William Seiglin strive in this book to provide a concise crash course in establishing an information security and disaster recovery plan for your company. With recent global events and malicious code incidents such as Code Red, Nimda and recently Slammer more and more companies are quickly becoming aware of the need to develop such plans.

While many companies may be realizing the necessity of implementing information security policies and procedures and developing a disaster recovery plan for the event that there is any sort of catastrophic interruption of their information technology resources, many also do not have a budget to bring in experts or hire experienced personnel to create these plans. Often, the added title is thrust upon an already over-burdened IT staff member.

If you are that over-burdened IT staff member tasked with creating plans that you know nothing about, this book is an excellent starting point. Security Planning and Disaster Recovery covers the technological, policy and legal aspects of corporate information security. It will help you quickly understand what needs to be considered in order to develop a comprehensive proactive information security policy and what factors need to be accounted for in creating your disaster recovery plan.

The use of real-life scenarios to emphasize points helps to provide a foundation for the user to understand the information better and put it in perspective for how it relates to their own company or situation. The sample plans, security checklists and design maps that are included will help you quickly on your way to establishing a security policy and disaster recovery plan for your company.

The book focuses not only on technology, but also discusses the laws and regulations that are part of security planning, It helps you develop staff training to increase user awareness of information security, create systematic plans for recovering from information security incidents and how to effectively use auditing and proactive testing to periodically assess the security of your network and identify areas for improvement.

This book is an excellent beginning for anyone who is new to security planning or disaster recovery and can also serve a valuable resource for CIO’s and IT executives to understand the why’s and how’s of information security.