ITAA's Year 2000 Outlook June 5, 1998 Volume 3, No. 22 Published by the Information Technology Association of America, Arlington, VA Bob Cohen, Editor bcohen@itaa.org Read in over 70 countries around the world ITAA's Year 2000 Outlook is sponsored in part by CACI International Inc., DMR Consulting Group Inc., and Y2Kplus Feds Fail Horn Test Noting that government productivity on Year 2000 conversion has actually declined in the last quarter, Rep. Stephen Horn (R-CA) released his federal report card and served up an overall "F" for Uncle Sam's efforts. Horn said the government's rate of prog ress on bringing mission critical systems into compliance slipped from 9.4 percent to 7.9 percent in the period ending May 15. "This would be discouraging in any context," Horn said. "Less than a year before the March 1999 deadline for Y2K repairs, a reduction in productivity is deeply troubling. This trend must be reversed." Six federal agencies received failing marks from the House Subcommittee on Government Management, Information and Technology, which Horn chairs. The government's poorest performers are the Environmental Protection Agency (EPA), the Departments of State, Health and Human Services, Energy, and Transportation and the Agency for International Development. The Departments of Agriculture, Defense, Justice and Education received Ds. Top performers are the Social Security Administration, General Services Admin istration, Federal Emergency Management Agency (FEMA) and National Science Foundation. Leading backslider among agencies were the EPA, which fell three grades from a B to an F. Most improved on the list were FEMA (D- to A-) and Labor (F to C). A former high ranking government official says agencies now have the history and timelines they need to make sense of the Y2K issue. They should have the good bar graphs to know what its going to take, he said, adding that agencies not performing well on the Horn scorecard will in all likelihood have serious problems. He said the governments progress may be slowed by a variety of factors, including the fact that as more work is performed, more problems are discovered. Corrected systems may be beco ming re-contaminated by other systems, adding to the backward momentum. Agencies using rigorous independent verification and validation processes may also be sending portions of so-called fixed systems back to the bench for additional remediation, he sai d. According to the Horn Subcommittee, of the 7336 mission critical systems in government, 2766 are not expected to be converted by the Office of Management and Budget March 1999 deadline. The government's efforts should have been aided by the disappearance of 356 mission critical systems from the total; the Subcommittee tallied 7692 such systems last February. Despite this drop in the number of systems to be fixed, the government still managed to lose ground. Only 62 percent of systems are on track for th e March 1999 deadline as opposed to 71 percent in the last report. Some agencies actually saw their percentage of completed systems go down between quarters. Education, for instance, slid from 36 to 29 percent done; HHS went from 38 percent to 34 percent; Justice from 33 percent to 29 percent. Only 11 of 24 government agencies are on track to have their mission critical systems converted before the rollover. The Horn report card also includes federal grades for contingency plans, telecommunications systems, embedded systems and data exchanges (F, D, F and C respectiv ely). The government is repairing 42 percent of its mission critical systems, replacing 14 percent and retiring 4 percent. Forty percent are deemed Y2K compliant. Horn posts the government's Y2K total costs at $4.9 billion. DoD Official Outlines Testing Framework Calling on Congress to resist the temptation to craft a legislative fix to the Year 2000, Deputy Secretary of Defense John Hamre outlined the Department of Defense (DoD) approach to the issue and asked the lawmakers for the leeway to use it to solve the p roblem. Hamre appeared before the Senate Armed Services Committee and said the Y2K issue is not a problem that can be legislated away or solved by levying new requirements on the DoD or its program managers. Hamres testimony focused primarily on the defense agencys Y2K testing and contingency planning program. In setting the stage for his remarks, he suggested that the DoD has certain unique and daunting characteristics. The Y2K problem is an especially large, complex and insidious threat for the Department of Defense-an organization roughly the population of metropolitan Washington, D.C.; the complexity of a small nation; resources to sustain a global reach; and an information infrastructure that relies heavily on old legacy computer systemsMoreover, DoDs national security role requiresextra precautions in allowing access to systems containing classified data and private sector programmers capable of working on the Y2K problem must be screened. Interestingly, while Hamre said that the situation warrants the attention and leadership of a CEO not just a CIO, he failed to identify a role for Defense Secretary William Cohen to play. Rather, he spelled out the Y2K responsibility of the DoD CIO, th e special assistant for Y2K, the DoD Y2K Steering Committee, DoD component heads, and the Y2K Interface Assessment Workshops. Hamre described DoD testing in terms of systems-centric, functional-centric and mission-centric perspectives. Functional and mission-centric testing will test the agencys ability to conduct collaborative programs. Functional testing, he said, will be b ased on an appropriate combination of interoperability and laboratory testing across Components, Departments, NATO and Allies. Hamre continued: Exemplary among collaborative efforts is the systematic and comprehensive process that the nuclear communi ty is implementing to assess mission readiness for the Nuclear C3I System of Systems. The process builds on end-to-end single string testing that initially demonstrates interoperability from sensor to shooter. Hamre said mission level testing will require the joint community to agree on how to test end-to-end operational capabilities, continuity of operations planning and risk areas. Referring to continuity of operations, Hamre said there are no guarantees that DoDs systems will be risk free by the century rollover. Systems whose risks have been mitigated through renovation and testing could fail, and the failure of one system coul d disrupt many others. The defense department executive provided few details on when functional and mission tests will be conducted, who would participate in such testing, how test results would be communicated, or whether re-tests will be scheduled should initial tests fail. On a related note, the Senate Appropriations Defense Subcommittee has appended $1.6 billion to the Administrations FY 1999 budget in emergency funds for Y2K repairs. Buildings Stressed by Date Dilemma The Year 2000 New Year's celebration may mean more than noisy tenants to landlords and building managers. The Building Owners and Managers Association (BOMA) has published a guide to help property professionals cope with a building full of potentially ba d dates. The 38-page pamphlet discusses how Y2K problems may have taken up residence in many buildings and what can be done about it. Why raise the roof over the issue? Many buildings stand on a foundation of information systems applications: environmental control, water, power, telecommunications, lighting, security, fire control and more. The BOMA booklet notes that systems may m isconstrue the scheduled maintenance required for boilers, chillers or elevators and postpone it-by 100 years. Leases could be lost, tenant payments miscalculated, entry systems could lock-up, surveillance cameras could malfunction. Building owners mus t be concerned about their own systems, and they should be taking steps to communicate impacts--if any--on tenant owned systems also. The booklet provides the outlines of a Year 2000 plan, along with checklists, sample letters to vendors and tenants, and other resources. BOMA members own or manage six billion square feet of commercial properties across North America. The organization is on the web at http://www.boma.org. Small Business Administration Launches Y2K Campaign The Small Business Administration (SBA) this week launched a Y2K awareness campaign in a Washington, D.C. press conference that featured Sen. Robert Bennett (R-UT), Sen. Christopher Dodd (D-CN) and Y2K Czar John Koskinen. In a prepared statement, SBA Adm inistrator Aida Alvarez said, "The collective health of America's 23 million small businesses is one of our economy's vital signs. When small business is disrupted to a significant degree, the effects ripple throughout the economy." SBA's Y2K campaign will include televised public service announcements and mass mailings to small business owners. At the press event, Koskinen defended the Administrations Y2K progress, suggesting that this weeks grades issued by Rep. Stephen Horn were not representative of the true state of affairs within the agencies. In particular, Koskinen indicated that the F ederal Aviation Administration deserves more credit for its Y2K efforts. Also this week, the Senate Small Business Committee held a hearing on the Y2K impact for small businesses. ITAA President Harris Miller testified before the Committee, laying out a series of actions necessary by government, international organizations an d major corporations to help small businesses grapple with the date issue. Y2K is like a global hurricane. In this case, we can see the hurricane coming, and so there should be an emergency response plan in place, Miller said, calling for government to offer small businesses low interest loans, tax breaks, and even a Y2K smal l business corps to offer technical assistance. Also at the hearing, Sen. Bennett, a member of the Senate Small Business Committee, referred to a recent study by Wells Fargo Bank that finds 80 percent of small businesses do not have Y2K contingency plans and, of those, 50 percent had no plans to create them. According to Bennett, That is a call to arms. Closer to Home The Global Product Development Division of Great Plains Software, Inc. of Fargo, North Dakota and Ceridian Employer Services of Minneapolis, Minnesota have received ITAA*2000 certification. ITAA*2000 is the industrys century date change certification pr ogram. The program examines processes and methods used by companies to perform their Year 2000 software conversions. Business to Business SERENA Software has begun shipping SyncTrac version 6.2.0, a synchronization and data set change tracking product for MVS. CIO Communications, Inc. and International Data Corporation have announced a new instrument that enables business organizations to determine the 'degree of pain' they are likely to experience when the millennium bug strikes. According to the Pain Inde x, the enterprise with 20 connected applications has a 26.5% chance of having a problem that is annoying, a 14.0% chance of a disruptive problem, a 4.1% chance of a business critical problem and a 0.2% chance that something catastrophic will occur. Viasoft, Inc. has announced the general availability of OnMark 2000 version 2.1. The OnMark family of software technology addresses each phase of year 2000 conversion on personal computer (PC) desktops and client/server applications. Computer Associates International, Inc. (CA) and Information Analysis Inc. say will provide the state of West Virginia with Year 2000 products and services. ITAA Y2K Information Center Solution Providers Directory http://www.itaa.org/script/2000vend.cfm ITAA*2000 Certification Program http://www.itaa.org/2000cert.htm Outlook Archive http://www.itaa.org/script/get2klet.cfm Legislative and Litigation Table http://www.itaa.org/Y2Klaw.htm Calendar http://www.itaa.org/y2kcal.htm Vendor/User Status Questionnaires http://www.itaa.org/questmain1.htm Sponsor Advertising CACI International Inc. -- Restore 2000 CACI leverages 35 years of information technology experience and over 10 years of reengineering systems - solving the same problems Y2K poses - to offer a total solution to the Year 2000 challenge: Restore 2000SM. The Restore 2000 methodology applies a comprehensive three-phase process to your information systems: Assess, Plan, and Remediate. Furthermore, we give you the option of buying our methodology or our services - both backed by CACI experience and Y2K expe rts. The Restore 2000 methodology is ITAA*2000 certified. In addition, software development processes at CACI have been independently certified as being at Level 3 of the Software Engineering Institute (SEI) Capability Maturity Model. Achieving SEI Level 3 p rovides clients further assurance that CACI solutions successfully and effectively deliver Year 2000 compliance while allowing you to save money, reduce risk, and minimize systems disruption. With approximately 3700 employees worldwide and FY97 revenues in excess of $270 million, CACI provides a depth of experience and expertise you can rely on. We've performed Year 2000 conversions for many of America's biggest enterprises, including major he alth insurance providers, retail clothing manufactures, gas companies, airlines, and government agencies. Superior functionality backed by decades of experience - CACI's Restore 2000. Worldwide Headquarters 1100 North Glebe Rd. Arlington, VA 22201 http://www.caci.com e-mail:npeters@hq.caci.com DMR Consulting Group Inc. DMR Consulting Group Inc.(formerly DMR TRECOM), an Amdahl company, is a global consulting organization of nearly 8,000 employees providing a comprehensive range of information technology services. Our Year 2000 Practice comprises a comprehensive offering of consulting, assessment, remediation, testing, and implementation services utilizing a formal methodology (APM/2000), best-in-class software tools, and six global conversion centers. We have mul ti-disciplinary experience in most mainframe, mid-range, and client-server/desktop environments. APM/2000 includes: 7 Program Management 7 Enterprise-Wide Assessment 7 Impact Analysis 7 Conversion Delivery 7 Testing and Implementation Year 2000 Risk Management Consulting Services include: Program Review, Stakeholder Readiness Assessment, Risk Management and Vendor Compliance Research. Contact: Stephen Frycki Managing Director, Year 2000 Services - US Phone: 201-200-3923 Fax: 201-200-9046 Email: fryckis@dmr.com Websites: http://www.dmr.com Y2Kplus Y2Kplus provides a portfolio of "best of class" software products and outsourcing services that address Year 2000 issues. These offerings are available both to IT Solution Providers and IT organizations. Y2Kplus has offerings that address the following needs: Our offerings include: * Year 2000 risk assessment * Mainframe inventory verification & code remediation (COBOL, Natural, Assembler & PL/1) * Midrange COBOL remediation (DEC, HP, UNISYS, Wang, DG, NCR, Bull & Tandem) * AS/400 remediation (RPG & COBOL) * Networked PC Year 2000 Analysis tools Applications: Access, Excel, Foxpro, Lotus 1-2-3 Languages: Basic, Visual Basic, C, C++, dBase, Clipper, Paradox PC Hardware, BIOS & Operating Systems * Testing: Tools: Data Commander for future date testing, TCS (Test Control System), Services: Test management & execution, Facilitated Test Planning, Test strategy. For more information, please send email to info@y2kplus.com, visit our web site at http://www.y2kplus.com or call Dave Ehlke at 781-863-8111. ITAA's Year 2000 Outlook is published every Friday to help all organizations deal more effectively with the Year 2000 software conversion. If you would like to receive this free publication, please sign up on the web at https://www.itaa.org/transact/2kout looksub.htm. Copyright ITAA 1998. All rights reserved. The Information Technology Association of America, 1616 N. Fort Myer Drive, Suite 1300, Arlington, VA 22209. Internet: http:\\www.itaa.org