Treasury Board of Canada Secretariat
Symbol of the Government of Canada

ARCHIVED - A Guide to Effective Business Continuity in Support of the Year 2000 Challenge


Warning This page has been archived.

Archived Content

Information identified as archived on the Web is for reference, research or recordkeeping purposes. It has not been altered or updated after the date of archiving. Web pages that are archived on the Web are not subject to the Government of Canada Web Standards. As per the Communications Policy of the Government of Canada, you can request alternate formats on the "Contact Us" page.

2.0  Set Up a Business Continuity Governance Structure

Departments must ensure that the business continuity process is supported by a sound governance structure that can steer and respond to decision requests that emerge from the process. An inadequate governance structure will impede the success and significantly impact the effectiveness of the business continuity efforts.

2.1 How to Set Up a Business Continuity Governance Structure

The first step towards implementing business continuity is to set up the required governance structure to support the process, identify and mobilize the department's resources, obtain governance structure members' commitment and involve these individuals in the business continuity process. While the business continuity governance structure should not be different but integrated within the existing Year 2000 Project governance structure found in the departments, the following generally accepted characteristics of a sound governance structure should be present during the set-up step:

  1. The governance structure should extend the functional (business side) and technical (compliance side) organizations up to the point of convergence;
  2. The governance structure should extend to three layers of management:
    • Corporate Governance that corresponds to the Assistant Deputy Minister levels. Deputy Ministers are normally at the point of convergence and are ultimately responsible for the performance of both sides of the governance structure;
    • Direct Governance that normally corresponds to the Director General, Director, and Year 2000 Project Manager levels; and
    • Planning and Control that corresponds to the business function owners and project leaders responsible for the day-to-day conversion activities and monitoring of the project activities;
  3. Along this structure, clear accountabilities and roles should be defined regarding business continuity, including the responsibility to decide on the department's response to risks; and
  4. Accountability for the continuity of operations should rest with the functional personnel; accountability for the conversion of assets should rest with the technical personnel within the organization; and committees should only be used to provide guidance and build consensus.

The governance structure is depicted in Figure 3. The remaining sections provide additional information about the tasks that must be performed in support of this activity.

Figure 3 – Business Continuity Governance Structure

Figure 3 – Business Continuity Governance Structure

2.2 Set Up Governance

Process

The objective of this first activity is to identify the stakeholders that will be involved in the business continuity process. Similar to the governance structure depicted in Figure 3, departments should ensure that key representatives both from the functional and technical side of the organization are identified.

Output/Deliverable

The deliverable associated with this activity consists of a governance structure with key stakeholders identified at all levels of the organization.

2.3 Develop Business Continuity Plan

Process

The objective of the Business Continuity Plan activity is to provide the department's specific details regarding the implementation of this guide. It should answer the basic questions: what, who, when, how.

Note: Currently, departments have only been asked to develop risk management plans. These plans will need to be enhanced to include the other aspects of this revised guide.

Output/Deliverable

The deliverable to be developed as part of this task consists of a Business Continuity Plan which provides the department's specific details regarding the implementation of this guide. A sample table of contents is provided in Appendix A.

2.4 Obtain Commitment

Process

Business continuity issues will emerge well before the Year 2000 and members of the governance structure will need to be involved. The objective of the "Obtain Commitment" activity is to obtain the commitment of these stakeholders to support the process documented in the plan and to adapt to the needs of the department regarding timely decisions, strategic and policy directions, as well as oversight.

Output/Deliverable

The deliverable for this task is a revised or new project charter that clearly identifies the members of the governance structure and their roles and responsibilities regarding the business continuity process. One of the most important aspects of the new charter is the governance structure member's responsibility regarding their organization's response vis--vis certain risks. For example, members of the governance structure on the functional side of the organization should make the final decision regarding the development and activation of contingency plans.

The charter should include highlights of the business continuity plan including the resource commitments (human and financial) made to the business continuity process. A sample table of contents is provided in Appendix B.

2.5 Involve the Governance Structure

Process

The objective of the "Involve the Governance Structure" activity is to develop vehicles to ensure the continuous involvement of the governance structure members.

Ouput/Deliverable

The deliverables for this task include:

  1. Monthly Steering Committee meetings;
  2. Minutes of the monthly Steering Committee meetings with the attendance list;
  3. Revised risk list;
  4. Status reports; and
  5. Revised plans.

2.6 Techniques and Tools

Table 2 provides a summary of the techniques and tools used for this step. Details of the techniques and tools can be found in the appendices or the referenced documents.

Table 2: Business Continuity Governance Structure Setup Techniques and Tools
activity techniques and tools
Setup the Governance No specific tool
Develop Business Continuity Plan Business Continuity Plan – Table of Contents (Appendix A)
Obtain Commitment
Involve the Governance Structure
  • Monthly Steering Committee meetings;
  • Minutes of the monthly Steering Committee meetings with the attendance list;
  • Revised risk list;
  • Status reports; and
  • Revised plans.