Treasury Board of Canada Secretariat
Symbol of the Government of Canada

ARCHIVED - A Guide to Effective Business Continuity in Support of the Year 2000 Challenge

Warning This page has been archived.

Archived Content

Information identified as archived on the Web is for reference, research or recordkeeping purposes. It has not been altered or updated after the date of archiving. Web pages that are archived on the Web are not subject to the Government of Canada Web Standards. As per the Communications Policy of the Government of Canada, you can request alternate formats on the "Contact Us" page.

7.0  Control

In response to variances in the plans or risk events, departments must initiate actions that will ultimately correct the situation and return the operations to their normal status. The control step addresses all of the process areas required to achieve this goal namely: contingency plans, crisis response and business resumption. The control step assumes an orderly and structured approach to recovering from a crisis. Unprepared departments are likely to prolong the crisis state and potentially face total failure of certain functions.

7.1 Process

The Integrated Business Continuity Approach

Note: Business continuity control is based on the SEI "Control" process [CRM Guidebook, Chapter 8, Page 91].

The control step is closely related to the decision-making process found within the governance structure and primarily consists of activating pre-planned responses to predictable events and applying a structured decision-making framework to unforeseen events. The objective of the control step is to make informed, timely, and effective decisions regarding risks, failures and crises related to Year 2000 issues.

7.2 Data Flow

Figure 8 – Control Data Flow

The following data inputs are required:


Table 13: Control Data Inputs
Data Input Description
Status Reports Contains status of business continuity plan implementation and status of risks.
Risk Information Sheet(s) Developed during the previous activities, the sheets contain the risk status.
Updated Plans Updated version of the plans defined in the "Plan" activity.


The deliverables to be developed as part of this task include:

  1. Record of decisions, including replan, close, invoke contingency or continue tracking;
  2. Lessons learned; and
  3. Updated risk information sheet(s), with control decision for risks.

7.3 Techniques and Tools

This table provides a summary of the techniques and tools used for this activity. Details of the techniques and tools can be found in the appendices.

Table 14: Control Techniques and Tools
Activity Techniques and Tools
  • "Control" Detailed procedures
    (Appendix U);
  • Risk Information Sheets (Appendix I);
  • Risk status report – can use a format similar to the "Spreadsheet Risk Tracking" (similar concept to the Risk Action Plan Implementation Tracking spreadsheet) [CRM Guidebook, Chapter A-30,
    Page 461]; and
  • Cause and Effect Analysis [CRM Guidebook, Chapter A-8, Page 301].

7.4 Guidelines and Tips

The following are general guidelines and tips for effectively implementing this activity:

  1. Make informed decisions based on the indicators/measures identified on the Risk Information Sheets;
  2. Document lessons learned; and
  3. Document the rationale for closing risks.