The key to a successful book is not just content but also timing. (And I'm speaking as someone who once wrote a Y2K guide that was so delayed by production issues that it had barely hit the bookshelves before Big Ben chimed midnight on 31st December 1999.) A book certainly shouldn't follow the wave and while being on the crest is good, being ahead of the wave is even better – which brings me to Rupert Kendrick's new book Outsourcing IT: a governance guide.

Kendrick, as many of you will know, is a solicitor turned tech journalist and writer who in recent years has increasingly focused on cyber security and risk management issues. His new book could not be more timely, coinciding in the huge surge of interest in IT outsourcing, including SaaS and cloud computing. However, instead of getting bogged down in the details of either the technology or outsourcing contracts, he focuses on the more top level management issues of how organisations should initially approach the outsourcing process; how they should manage the relationship with outsourcers and, finally, how they should assess and manage the risks associated with outsourcing. In other words, as the book's subtitle says, it is all about governance.

This is very much a book for management  both enterprise management and IT management. And, in the light of the outsourcing horror stories we've all heard, some sections (particularly those dealing with due diligence and service level agreements) should be made mandatory reading for anyone considering outsourcing in one form or another.

* Outsourcing IT: a governance guide by Rupert Kendrick (IT Governance Publishing, 2009, ISBN 978-1-84928-025-9, paperback, price £47.95, pp 324. www.itgovernance.co.uk