Revisions

Ver

Date

By

Pages

Description

1.0

January 1997

E Roberg

 

Overview only.

2.0

November 1997

E Roberg

 

Added sections on Programme Management; Detailed Discovery and Assessment Phase. Created in MS Publisher 95.

3.0

May 1998

E Roberg

 

Reverted to Word 97. Added sections on Remediation, Verification & Validation and Implementation. Reworked much of existing text.

3.1

July 1998

E Roberg

 

Various adjustments and corrections made.

 

 

Confidentiality and Process

Restrictions

This document is the property of Business Transformation Services.

In the interests of a successful and timely completion of Year 2000 projects, the document is made available for general use.

This document may thus be freely copied and used subject to the following provisions:

Disclaimer: The author, nor Business Transformation Services, can accept no liability for any unsuccessful results that may flow from the use of this document and any aspect of it.

Every care has been taken to ensure the correctness of the information provided in this document, however, considering the urgency of dealing with Y2000 problems, expediency has taken precedence over rigour.

References

ANSI/IEEE 1008-1987 Software Unit testing.

ANSI/IEEE 1012-1986 Software Verification and Validation Plans.

Beizer, Boris. Testing and the Year 2000 Problem. American Programmer, Vol10 No8, Aug97. Cutter Information Corp.

Chaabouni, Moez. A Framework for Testing Year 2000 Application Conversions. Compuware Corp. Internet Article.

IEEE 2000.1 Standard for Year 2000 Terminology.

IEEE 2000.2 Recommended Practice for IT Year 2000 Test Methods.

ISO 8601:1988 Data elements and interchange formats – information interchange – representation of dates and times. (Available in South Africa as ARP010 : 1989)

ISO/IEC 12207 Information Technology Software Lifecycle Processes.

ISO 9001 : Quality Systems – Model for Quality Assurance in Design / Development, Production, Installation and Servicing.

ISO 9000-3 : Quality Management and Quality Assurance Standards – Part 3: Guidelines for the application of ISO 9001 to the design, development, supply, installation and maintenance of computer software.

Jones, T Capers. The Year 2000 Software Problem. Wokingham: Addison-Wesley, 1997.

Kaner, Cem; Falk, Jack; Nguyen, Hung Quoc. Testing Computer Software. 2nd Edition. New York: van Nostrand Reinhold. 1993.

Kappelman, Leon A. Year 2000 Problem: Strategies and Solutions from the Fortune 100. Boston: International Thomson Computer Press. 1997.

McCabe, Thomas J; Watson, Athur H. Structured Testing: A Testing Methodology Using Cyclomatic Complexity Metric. Internet Article.

Ragland, Bryce. The Year 2000 Problem Solver: A Five-Step Disaster Prevention Plan. New York: McGraw-Hill. 1997.

SABS ARP 021: 1992 The application of SABS 0259 to the validation of computer programs.

SABS ARP 034 : 1993 Quality assurance in the verification of computer software development.

Ulrich, William M. & Hayes, Ian S. The Year 2000 Software Crisis: Challenge of the Century. NEW Jersey: Yourdon Press. 1997.

Contents

Introduction *

Managing a Year 2000 Programme *

Introduction *

Programme Management Framework *

Best Practices and Worst Practices *

Zachman Framework for Enterprise Architecture *

Methodology Framework Summary *

General Approach *

Project Administration *

Overview *

Awareness & Planning *

Overview *

Year 2000 Compliance *

Is the Y2000 a Leap Year? *

The Responsibility of Directors *

Discovery & Assessment *

Overview *

Determination of Y2000 Risk Level *

Is it critical? *

Is there a Y2000 impact? *

Will it be a lot of work to fix? *

Taxonomy *

Classification Process. *

Remediation *

Overview *

Verification & Validation *

Y2000 Testing Process *

Awareness *

Discovery & Assessment *

Remediation *

Validation *

Implementation *

Y2000 Testing Project Deliverables *

Testing Proposal *

Testing Strategy *

Test Plans *

Functions *

Acceptance Criteria *

Refined Test Bed Requirements *

Test Case *

Test Log *

Test Incident Reports *

Reducing Testing Time *

Implementation *

Introduction

This document describes a generic approach to managing Y2000 projects. But why have another Y2000 methodology?

The Year 2000 Software Problem presents the IT industry with some never-before faced challenges.

The word deadline comes from a line that was around prisons of old. If a prisoner crossed over that line, he was shot. No warning given.

Now the IT industry is faced with a project that has such a deadline. What’s more, almost every organisation world-wide is faced with it, at the same time.

In fact, project management is just not adequate to deal with the challenge. Senior IT project managers will have to learn, very quickly, to become programme managers.

The date is fixed, resources limited, technology will vary in every organisation resulting in unusually high risk.

What every project manager needs, like a hole in the head, is to learn a new method.

What we are presenting here, is the application of familiar techniques, to a complex problem.

This methodology distinguishes itself from its peers in the following ways:

Further, we proceed from the following two basic assumptions:

  1. It will not be possible to find and fix every Y2000 problem before the deadline.
  2. Even if we were able to do so, we may not want to fix everything, for cost and other reasons. For example, if a secretary is using non-compliant technology for the purposes of creating documents, and dates can simply be typed, there may be no compelling reason to do an upgrade; especially if the money and time could be put to better use on more compelling problems.

 

Managing a Year 2000 Programme

Introduction

In essence, Y2000 projects are no different from many other familiar type of project.

So why make such a fuss of Y2000 projects? Mainly, because there are some characteristics of Y2000 projects that demand a slightly different approach.

Usually, when speaking of critical success factors (CSF), we would think of factors like time, cost, scope, quality and communication. They all apply here, but there is tendency towards a particular alignment of CSFs.

Firstly, there is the fixed end date. In the case of Y2000 projects, it cannot be moved. No legislation, no edict from the pope, nothing, will change when 1 January 2000 will occur.

Secondly, there is the matter of quality. South African IT staff have tended to lag in the ability to find most bugs before handing applications over to their users. In the case of Y2000 projects, this is not acceptable - so, much more attention will have to be paid to the quality aspects - reviews, walk-throughs, testing, and so on.

Thirdly, cost. One may take the high-handed approach, which says, it will cost what it will cost, however, this is not likely to win lifelong friends - and remember, we will probably need jobs after the Y2000 has finally been put to rest.

What is a given, is that costs will rise, as the gap between supply and demand gets greater. Better, would be if we could show our customers that we are doing everything in our power to keep those, inevitably high costs to a minimum.

Finally, there is the matter of communication. There is nothing worse than nasty surprises. Y2000 projects offer the opportunity for many.

So far, so good, as to what are considered to be project CSF’s. Here however, is another, one you will agree, that becomes almost paramount: risk management.

If we accept the conventional wisdom that 50% of organisations will not be ready in time, what do we do? The trick will be in choosing which items to focus on, so that the organisation is not unduly threatened.

Programme management ensures that there is a common vision across all sub-projects. Furthermore, it ensures that the failure of one or more projects will not jeopardise the success of the programme as a whole. It considers that the whole is made up of many independent and interdependent chunks that are tangible, achievable and measurable. It ensures that the interfaces (between projects, partners, applications, etc.) are managed effectively, especially where dependencies occur.

Based on the flock of geese principle, it ensures that the end objective is not dependent on one critical component. It is concerned with business risk, as opposed to project risk, so that the project objectives may be modified if these are found to not be in line with business objectives. Finally, it recognises that there are many different strategies that may be applied, given the characteristics of a project.

In keeping with the programme management approach, the tendency to focus on one deliverable (or set of deliverables) to the detriment of business objectives is avoided and each deliverable is merely seen as one part of the overall goal.

Programme Management Framework

The accompanying diagram describes the different components of a Year 2000 Programme.

Some of the key functions of the programme office would be to

Best Practices and Worst Practices

During 1995, the US Dept of Defence contracted a group of highly respected industry experts (called the Airlie Software Council) to define what would be considered to be the best practices in the IT software development industry.

9 best practices were identified. We believe that every one of the "best practices" is applicable in a Y2000 project, and we have structured the methodology to take them into account. In addition, we believe there are some additional best practices that extend the work done, that are specific to Y2000 project.

Adopt a programme management architecture (there are just too many interdependent projects to manage independently).

Apply robust, Y2000-specific project management life cycles that take into account the different compliance approaches and strategies.

Use appropriate tools (researchers have shown that the starting time for a large Y2000 programme aiming for completion by end 1999, without effective tools, has passed).

Validate conversion strategies and approaches against the plan. Whilst certain conversion strategies and approaches may be the most desirable, the plan may not allow for such "luxuries". For example, there has been much debate that compliance approaches like windowing or language extensions are merely postponing the problem. However, from a business risk perspective, this may be the only workable approach. This validation needs to be done at each project review point. If this approach becomes a paradigm, then projects will be planned with the assumption that it may need to be necessary to change course mid-stream.

Recognise that there are probably as many opportunities as there may be risks. Plan flexibly, so that opportunities may be capitalised, when they are identified.

Part of the programme management approach would be to identify additional "best practices" and "worst practices" and communicate these to all partners.

In addition to these "best practices", the Airlie Software Council also identified 9 "worst practices". We believe that these are as applicable to Y2000 projects.

Caveat Emptor!

Airlie Software Council: Worst Practices

Airlie Software Council Best Practices

Zachman Framework for Enterprise Architecture

The Zachman Framework for Enterprise Architecture is a model of the real world as it applies to an enterprise. Models are abstractions of real objects (which Zachman calls "artefacts") or situations (e.g. a risk occurrence). In fact, Zachman suggests that it would be possible to apply the framework to a much broader scope, namely, life itself. That, however, is not the subject of this exercise, except to indicate, that if it can be applied to something much larger, it can also be applied to a more constrained example (like an enterprise).

Models are useful because they allow us to take a very complex real-life and abstract it down to a level where we can deal with it in a manageable fashion. For example, consider the problem of two trains hurtling towards each other on the same track. If the problem is "what will the impact be when they collide", we probably do not need to consider the context (involving the weather at the time, whether the wheels were made of stainless steel, what the driver’s name was, who was the sultan of Brunei at the time, or whether Bill Gates was still the richest man in the world), in fact, we can probably abstract the problem down to a simple mathematical formula. One, in fact, which could probably be resolved by a high school pupil. It obviously depends on what the question is which will determine which factors must be included in the abstraction (or model). For example, if Bill Gates is on one of the trains, that fact may be relevant, or it may still not be.

Since humans (and computers even less) are not very good at dealing with masses of facts, it is imperative that we break the problem down (abstract it) to a level where it can be dealt with. It is amazing how simple some abstractions can be, regardless of the complexity of the problem. All will agree that there are probably only a handful of people who really understand what the theory of relativity is all about, it can be abstracted to a level where even a child can at least memorise one of its major assertions: E = mc2. His first paper on the subject was published at the age of 26 (in 1905), but the concept was already there, at age 12, when he "decided to devote himself to solving the riddle of the ‘huge world’". It was only on 29 May 1919 when his theory was verified by a scientific expedition to photograph a solar eclipse, and "the modern world began" (as the historian Paul Johnson asserts).

From observation, it is possible to organise Einstein’s work into a framework - from the concept (and even the concept can be abstracted into: Why? What? How? When? Where?) to a physical reality: the atom bomb.

The framework was first proposed in the IBM Systems Journal in 1987 and has, thus been around for a substantial period of time. In that time, it has been picked up by a number of people and applied to a variety of problems. Zachman originally got the idea of the framework from a combination of looking at the way a manufacturing company build products, and realising that it was not a miraculous invention how they went about it, but merely common sense. No doubt, his degree in chemistry, with its fundamental Periodic Table, must have got the juices flowing as he struggled with IBM’s Business Systems Planning methodology to which he was a contributor. This common sense he then applied to creating a model of the enterprise.

At is lowest level, the framework is made up of 6 rows and 6 columns.

The rows define a perspective of the problem or issue. Zachman described these to be the perspectives of the planner, the owner, the designer, the builder and the sub-contractor (as the one who actually does each little bit of work). The final perspective is (or should be) that of some result or reality.

Secondly, the columns describe a particular focus, namely, the "What? How? Where? Who? When? Why?" of whatever is being considered. So, R2C1, would describe what was required from the perspective of the owner. R2C2 would describe how the owner wanted it to be done. Note also, that whilst that may the owner’s primary perspective at that time, no cell is independent of the cells above, below or beside it.

Zachman went on to show that whilst the framework could be used to effectively represent the dimensions of the reality, the framework is in fact multi-dimensional and recursive.

Firstly, there may be any number of product frameworks in any enterprise (many iterations, which vary in content to the nature of the product).

Secondly, there is also a framework that describes the enterprise and how it works to produce or service the products that it provides. All these procedures, etc. are the model of the enterprise.

Thirdly, whilst there may be many enterprise frameworks (many iterations which vary in content to the nature of the enterprise), it is possible to create an abstraction of how the enterprise works. This abstraction, the information system, is really the meta-model of the enterprise.

Finally, we have a model that describes the way in which we create the enterprise information system. This model consists of similar artefacts that exist in the other three abstractions - and answer the "What? How? Where? Who? When? Why?" of the model of the model (or meta-meta-model). This is the framework that the CASE manufacturer uses to manufacture a repository which contains all the artefacts which are required to build the enterprise information system, which supports the enterprise which makes the product.

But there still appears to be one interrogative that is missing: "Which?" In fact, it should be evident that each framework describes the "Which?"

Furthermore, it is even possible to have parallel iterations of the various frameworks that describe the current situation ("is") as opposed to desired future situations ("to be").

Also notice the following: as an artefact passes from one row to the next, it undergoes a transformation. For example, a plan results in a number of design specs, which result in various types of diagrams (e.g. an electrical circuit diagram). These diagrams result in spec sheets, which ultimately result in a physical unit (e.g. a circuit board, or a transistor). This process of transformation usually also results in an explosion in detail. Whilst there may be less than 10 artefacts in row 1, there could be many millions of artefacts in row 6.

We believe that the Zachman Framework for Enterprise Architecture is particularly useful as a "control mechanism to ensure that nothing is missed. Since it is not known very widely as yet, we have taken the time to discuss it in more detail.

We suggest that the proposed standardised deliverable address levels 1 and 2 (Scope & Enterprise). At levels below that, the deliverables should be customised to the environment and objectives.

Methodology Framework Summary

Year 2000 projects can vary dramatically according to the objectives and scope of the work to be done.

On the one hand, we may need fix a system that was developed internally. In some cases, the system may be so old that much of the original source code is lost. In other cases, the versions of the underlying platforms may have to be upgraded before the code can be fixed.

In other cases, we may need to upgrade a package to the latest version. This may be as simple as purchasing the latest version and letting the software do all the work for us, or it may be necessary to perform a cascade of upgrades (from v3 to v4 then to v5 to finally get to v6). Along the way, there may have been a change in technology, so that the platforms would need to be upgraded first, before an upgrade can be made to a particular version.

Then there may be cases where the original builders of the system no longer exist, and, if the software is important enough, we will have to replace it with something else, or worse, rebuild it ourselves.

The point is that there is such a wide variety of problems that no single detailed methodology would be able to address every variation and problem domain.

Thus, whilst we have tried to address the as many of the most common issues as possible, the methodology cannot be all things to all men.

In any event, project management is a "thinking head process" and what we are attempting to do here, is to provide a good starting point for the project manager who has been given a Year 2000 project and has been told "go and solve it".

Now he sits with a blank sheet of paper before him and wonders where he should start.

General Approach

We have followed the general life cycle for Year 2000 projects as described by IEEE P2000.1.

We identify every task by a CoA ID (Chart of Accounts identifier), which is not the same as a WBS ID (work breakdown structure identifier), although it would be preferable that the CoA ID be used as a part of a WBS ID. Our recommendation would be the WBS be made up of CoA ID and Deliverable ID. If this is done, it is easy to record actual time spent (effort) and duration for the completion of each deliverable. This information is invaluable for calibrating estimating models.

The structure of the CoA ID is as follows: PATTS where
P: Phase (0 – 9)
A: Activity (A – Z)
TT: Task (01 – 99)
S: Sub-task (a – z)

Deliverables are identified according to the following convention:
TT: Deliverable type
NNN: Number

Exit Criteria describe the checkpoints that define completion of the task. There are 3 priorities: A (must be conformed to); B (should be conformed to, or by way of an alternative, if appropriate); C (is a useful check, though may not always be applicable).

We have created an MS Access 97 database that can be used to capture and store the information that is collected during the Assessment phase. The database is under continual enhancement (for example, at the time v3.0 of this document, the database was being enhanced to incorporate Change Control and Time Recording).

In addition, MS Excel 97 and MS Word 97 templates have been created to support various of the tasks defined by the methodology.

Resources

The following resources are available:

Project Administration

Overview

Please see the Project Management Guide for the general discussion of how to plan projects. What follows is a list of the activities and tasks that would typically be performed in any project.

It is our experience that around 25% of total project effort be budgeted for these activities. This is much higher than what one normally expects for IT projects (usually 9% - 18% depending on the size of the project), but is borne out by observation.

0A Feasibility Study

0A01

Create Project Request

   

0A02

Perform Feasibility Study

PM010

Feasibility Report

0A03

Create Project Definition

PM030

Project Definition

0A04

Obtain Approval

   

A feasibility study is initiated by the receipt of a project request. Typically, the amount of effort is determined by the amount of time available to do the study. When the time is up, the results are documented, and presented to management. As a consequence, one or more projects may be defined. These are then described in the Project Definition.

B Planning

0B01

Scope Definition

YM101

YM102

YM111

YM112

YM121

YM122

YM901

YM902

YM903

YM904

YM905

Business Unit Inventory

Locations Inventory

Application Area Inventory

System Inventory

Platform Inventory

Vendor Inventory

BU / Location xref

BU / Application Area xref

Applic Area / System xref

Vendor / System xref

Vendor / Platform xref

0B02

Estimating

PM102

PM100

Est Criteria

Y2 Estimating Template

0B03

Scheduling

PM202

PM231

PM303

GANTT Chart

Resource Histogram

Milestone Summary

0B04

Budgeting

PM013

Project Budget

0B05

Create Project Charter

PM040

Project Charter

Planning involves collecting summary information about the scope, so that a detailed estimate may be prepared.

If possible, an estimating tool should be used.

Once the size of work is known, and the levels of skills required, it is possible to schedule the work.

Rates are typically associated with skill level. This, timephased as per the schedule, together with additional costs (travelling, infrastructure, training, etc.) then go into the budget.

Finally, all of this is consolidated into the Project Charter, which becomes the formal contract between management and the project team.

0C Organise Project

0C01

Staff Project

PM232

PM233

PM231

PM230

Resource Inventory

Skills Inventory

Resource Histogram

Responsibility Matrix

0C02

Establish Project Environment

YI601

Facilities Required Memo

0C03

Establish Reporting Requirements

QM110

Project Reporting Requirements

0C04

Project Kick-off

   

Organising the project involves recruiting and selecting staff for the project team, defining roles, agreeing what reporting will be required, and setting up the physical environment - work areas, hardware, software, and so on. A kick-off meeting is held to describe how the project will be run, its objectives and so on.

0D Risk Management

0D01

Perform Risk Assessment

PM501

Risk Memo

0D02

Manage Risks

PM511

Top-10 Risks Summary

0D03

Problem/Opportunity Management

PM512

Opportunity Memo

Risk Management is one of the most important activities in any Y2000 project.

Two types of risk need to be distinguished: Business risks, which describe what will happen to the business should we fail in any way; and Project risks which describe what could cause us to not complete on time.

Understand that inherent in any risks, there are also usually opportunities. These opportunities typically involve an entirely new set of risks.

However, it may only be from taking risks, that we can achieve the best results.

0E Quality Management

0E01

Establish Quality Requirements

QM001

QM Statement

0E02

Maintain Mission, Objectives, Procedures, Guidelines & Standards

   

0E03

Perform Joint Reviews

QM911

Joint Review Report

0E03a

Conduct Joint Review of Software Architectural Design

QM911

Joint Review Report

2E03b

Conduct Joint Review of Software Detailed Design

QM911

Joint Review Report

0E04

Perform Quality Audits

QM912

QR Audit Report

Y2000 projects cannot afford defects to creep through. After all, this is the reason we are conducting Y2000 projects.

0F Communication

0F01

Management Communication

PM301

PM302

Progress Report

Progress Summary

0F02

Steering Committee

   

0F03

Users

   

0F04

Project Team

PM301

PM310

Progress Report

Time Report

0F05

External

   

Communication within projects and between projects making up the programme is vital. At every step of the way, concerned parties must be kept informed about how the work towards readiness is progressing.

0G Configuration Management

0G01

Change Management

   

0G01a

Administer Change Requests

PM412

Issue

0G01b

Perform Impact Assessment

YI900

Impact Assessment Report

0G01c

Approve Change Requests

   

0G01d

Perform Impact Analysis

   

0G01e

Plan Changes

PM411

PM210

Change Control Summary

Project Plan

0G02

Manage Project Office

   

0G02a

Manage H/W Baseline Library

   

0G02b

Manage S/W Baseline Library

   

0G02c

Manage Support Tools

   

0G02d

Manage Policies, Procedures, Standards & Guidelines

   

0G02e

Manage Training Baseline Library

   

0G02f

Manage Work Products

   

0G02g

Configuration Status Reporting

TD821

Version Control Report

Once the Project Charter has been accepted, the estimates and schedule become the baseline against which progress and costs must be measured.

Inherent in every Y2000 project is change - scope will fluctuate as the degree of compliance is revealed. Missed items will be identified.

To retain control, every one of these changes must be recorded, course of action determined, approval obtained and then tracked in concert with the baseline plan.

Similarly, the project environment needs to be kept up to date and modifications made where necessary.

The format of deliverables should be modified as the need arises.

0H Controlling

0H01

Status Management

PM300

Project Control Workbook

Project control involves regularly checking on the status of work, determining whether the plan is still on target. If not, then contingency action must take place, or the baseline must be reviewed. The plan can only be changed if management approval is first obtained.

Often changes in approach, or re-assignment of staff can make the difference to bring the project back on track again.

The best form of control is still via management by the sole of the foot!

0I Contract Administration

0I01

Negotiate Contract

PM030

PM090

PM012

PM502

Engagement Cost Summary

Billing Summary

Arrangement Letter/ Contract

Engagement Risk Assessment

0I02

Administer Contract

PM310

PM091

Time / Expense Report

Invoice

0I03

Contract Close Off

 

Engagement Sign Off

Contract administration involves ensuring that the relationship between all parties involved in the assignment is at an optimum level. That there are no undue risks as a consequence of improperly defined responsibilities, that everyone is paid correctly and on time, and that all issues of due diligence are properly taken care of.

Awareness & Planning

Overview

Awareness: Define the year 2000 problem and gain executive level support and sponsorship. (IEEE P2000.1 Draft Standard for Year 2000 Terminology.)

During the Awareness & Planning Phase, a quick assessment of the possible impact of the Year 2000 on the systems must be done, and the organisation must be then be convinced that urgent action to rectify these problems is required.

Experience has shown that most organisations have taken up to 9 months to pass through this phase.

Usually, the Y2000 champion is faced by disbelief that there could be such a problem (after all, what difference could two digits in a date make - be real!). This is then followed by denial (it can’t be that big. Bill Gates will invent a tool that will fix it. We spent millions to buy a system that would last us 10 years. You promised us.)

When the nature of the beast really dawns, panic often sets in.

Since we just do not have 9 months, in most cases, the Y2000 champion must convince senior management as soon as possible that there is a problem, and how it can be solved.

Some early estimating techniques to determine impact and cost have been proposed by groups like Gartner ($x per line of source code), the British Computer Society (Rx per head working in the organisation) and Capers Jones (cost per function point, normalised to industry and technology). By mid 1997, many estimates had already started appearing in the press, so that organisations can find comparable situations elsewhere as an order-of-magnitude measure.

None of these measures are likely to be definitive, and it is necessary to move to a Discovery & Assessment Phase. However, to be able to do this, one needs to obtain commitment and resources. These are the major challenges of the Awareness phase.

In practice, the Awareness exercise will probably continue in parallel with other activities, because the level of awareness varies within the enterprise, let alone in the supply chain.

We will not say much more here, except to mention that there are many resources available in places like the Internet, which include descriptions of the problem, presentations, and so on.

Some of the most useful sites on the Internet are:

http://year2000.com

http://cinderella.co.za

By 1998, numerous books have been written on the subject. Some of which have been included in the references at the front of this document.

In addition, there are a seemingly endless list of conferences and there is hardly a week that goes by without extensive references to the problem in the media.

 

Year 2000 Compliance

There are many differing views on compliance. Here are some definitions.

The IEEE P2000.1 Standard for Year 2000 Terminology has the following definitions:

"Conformance

"Vendors who claim that their products conform to this standard declare that their use of the term "Year 2000 Compliant" and of defined terms within its definition are in accordance with the definitions in this standard.

"Definitions

"Year 2000 compliant: Technology is Year 2000 compliant if it is capable of accurately processing, providing, and/or receiving date data within and between the 20th and 21st centuries, provided that:

1. the technology is used in accordance with its associated documentation, and
2. all other technology used with it properly exchanges date data with it.

"Technology: Hardware, software, and firmware systems and system elements including but not limited to information technology, embedded systems, or any other electro-mechanical or processor-based systems.

"Date processing: The handling of date data within a system or system element.

"Date exchange: The interchange of date data between two or more systems or system elements. In order to facilitate proper date data exchange between two or more systems or system elements, defined formats should be identified and documented by the suppliers of systems or system elements. Such formats may be specified by the standards or other publications listed in section 2, other generally accepted industry date representations, or other documented methods of date representation. Depending upon the date formats selected, additional information such as, but not limited to, valid date interval, pivot year, and encoding technique may also need to be documented."

The British Standards Institute views compliance this way:

"Year 2000 conformity shall mean that neither performance nor functionality is affected by dates prior to, during or after the year 2000. In particular:

"Rule 1: No value for current date will cause any interruption in operation.

"Rule 2: Date-based functionality must behave consistently for dates prior to, during and after the year 2000.

"Rule 3: In all interfaces and data storage, the century in any date must be specified either explicitly or by unambiguous algorithms or inferencing rules.

"Rule 4: Year 2000 must be recognised as a leap year.

"Amplification:

"Rule 1: Known as "general integrity rule".

Ensures that rollover between all significant demarcations (days, mths, years, centuries) will be performed correctly.

Current date means today's date as known to the equipment or product.

"Rule 2: Known as "date integrity rule".

All equipment and products must calculate, manipulate and represent dates correctly for the purposes for which they were intended.

Functionality includes both processes and the results of processes.

Rule does not exclude reference points for date values and calculations (e.g. integer date)

No equipment or product shall use particular date values for special meanings (e.g. "99" = "do not erase", or "00" = "beginning of file")

"Rule 3: Known as "explicit/implicit century rule"

Explicit: representation of century in year

Implicit: based on inferencing rules (e.g. yy>50 implies 19yy, yy<=50 implies 20yy)."

Others have described less complex definitions. For example, the US State of Washington, describes Y2000 Compliance as follows:

"Information systems are Y2000 compliant if they are "able to accurately process date data - including but not limited to, calculating, comparing, and sequencing - from, into, and between the twentieth and twenty-first centuries, including leap year calculations."

The definitions assume that all software must be able to process dates correctly. Since this is unlikely to be true of many older applications, this could result in enormous costs, and more importantly, reduce the chances of being ready on time.

Organisations therefore need to take a more pragmatic view and focus on the software items that are most critical to the organisation and assess to what degree compliance is important.

For example, many fax machines have the ability to print the date and time of transmission or receipt, together with the sender name and telephone number. If your organisation is a firm of attorneys, where the automatic logging of date and time is important to establish when something was done, then there is no question that this needs to be fixed, but otherwise? Does it really need to be fixed?

To avoid delays later, you need to define your rules early.

Is the Y2000 a Leap Year?

Leap years are years that are divisible by 4, unless the year is also divisible by 100.

However, if the year is divisible by 400, then it is a leap year.

Therefore, 2000 is a leap year (divisible by 4 and by 400), but 1900 wasn’t (divisible by 100, but not 400), nor will 3000 be a leap year (ditto). 2004 will also be a leap year (divisible by 4, but not by 100).

The reason for these strange (or so it appears) rules, is that a year is not 365 or 366 days, but approximately (ha!) 365.24219878 days.

The Responsibility of Directors

This matter is sometimes referred to as "Due Diligence" and it involves the responsibility of directors and others entrusted with the protection of stakeholders’ interests.

In essence, directors have the responsibility to ensure that the concern under their supervision is maintained as a "going concern". As such, they have the responsibility to take every reasonable action to ensure that the enterprise does not fail, or failing that, to make this known to stakeholders.

If they do no do so, they may expose themselves to legal action. If lives are lost, the legal action may involve criminal prosecution.

What we have been able to establish from discussion with various attorneys is the following:

There are a number of firms of attorneys that are specialising in this field. If in doubt, an attorney should be consulted.

 

 

 

Deliverable

Exit Criteria

CoA

Name

Description

ID

Name

Prio

Description

1 Awareness & Planning

1A

Determine Exposure

1B Create Awareness & Obtain Support

1B01

Internal Awareness

1B02

Business Partners Awareness

1B03

Other Agency Awareness

1C

Develop Macro Estimate

1D

Establish Executive Committee

Discovery & Assessment

Overview

Assessment (Inventory): Evaluate the year 2000 impact on the enterprise; develop contingency plans to handle data exchange issues and system failures (dysfunction or system crashes); triage (prioritise) systems by identifying those that are mission critical. (IEEE P2000.1 Draft Standard for Year 2000 Terminology.)

Before we start, we need to be clear about just what we mean by compliance. This compliance needs to be defined in context: in the case of COTS, the context is what it interfaces with, and the platform(s) it runs on. In the case of embedded software, what would be the consequences of an incorrect date being returned. Sometimes it matters, sometimes it does not.

Vendors and other developers need to specify what the degree and level of compliance is. Be aware that a conditional reply may be of no value.

The scope of the project is confirmed by checking that all application areas that support a business area have been identified. As well as who the key decision-maker is. We need to also identify the systems, or applications, that make up the application area. In addition, identify the platforms that the systems require to operate effectively and the vendors that supplied the software.

This information would typically be obtained by conducting interviews with the key people. They also need to be asked about how important the systems are to the business - would business operations be unaffected if date problems had to cause errors. Establish to what degree the business would be affected.

All this data should be captured into an inventory, and the results published.

The next step is to conduct a Detailed Investigation.

Each of the platforms must be described in detail to identify whether the specific version or release has Y2000 implications. This would be obtained from the vendors who supply or support the platform.

Each system, or application, must also be described in full. Note however, that if a COTS package is being reviewed, the amount of detail will depend on how it is used. In some cases, it may be sufficient to establish that the COTS is Y2000 compliant.

In many cases, these systems interact with other systems, and it is important that the nature of this interaction is defined. Again, judgment should be used: the level of detail one is required to collect depends on the nature of the interaction.

Having now collected a great deal of information, it is now possible to review the priorities and the degree of Y2000 impact. It may also be necessary to revisit some aspects to gain greater clarity.

In the case of bespoke or custom developed systems, it may be necessary to do code and database analysis to identify exactly which lowest level items (line of code or data field) may have Y2000 implications.

Whilst one is performing this exercise, it may also be possible to identify redundant code, or improvements.

Having completed this detailed analysis, priorities and risks need to be re-evaluated. If it is found that risks are very high, it may be necessary to adopt a different approach - possibly fast-tracking the readiness project for one of the systems or platforms.

At this time, we would also determine, for each system, what the course of action should be - do we retire the system, modify it, upgrade it, or how else should we deal with it.

Then we need to define just how we may be certain that we were successful, by identifying what testing will be required, and the nature of that testing.

All of these changes must then be documented.

The full inventory is then reviewed during the Level 1 Compliance Verification, to ensure that nothing has been left out. Assumptions regarding risk and readiness must be revisited to ensure that they are still correct. Finally, the work required to convert non-compliant systems and platforms must be estimated, and the time that is required to complete the conversion work must be determined.

Typically, the results will be unacceptable because of timing and resource constraints, which means that one will have to review different scenarios to determine the most appropriate course of action.

Having done this, the plans need to be authorised by the client, so that work may start on the conversion activities.

Considering the great number of variables and concurrent tasks that need to take place, project and programme management will need to be effectively conducted.

Determination of Y2000 Risk Level

Risk level is a summary of the overall risk that a Compliance Configuration Item (CCI) is seen to have. As the accompanying figure shows, Risk Level considers three basic factors:

Is it critical?

This implies one or more of the following:

JM Juran describes the process of Criticality Analysis as to "identify the ‘vital few’ features so that they will receive priority of attention and assets." He goes on to list what he calls the product features that should be considered as critical:

Juran’s perspective is essentially a manufacturing one, but it looks at criticality from the view of the customer and the supplier and it is a useful model. (Juran, J.M. Juran on Quality by Design. New York: The Free Press. 1992. pp174-175.)

Is there a Y2000 impact?

This question addresses whether there is a date-related impact to do with the changeover from 1999 - 2000. The answer is either Yes or No.

Will it be a lot of work to fix?

This question is not so easy to answer, since "a lot" is a relative term. A lot of money means something quite different to a poor person as opposed to the CEO of a Fortune 500 company. Similarly, "a lot of work" seen in our context must be taken in relation to the enterprise. A company like Fluor manages multibillion projects as a matter of course. The same is not true of most companies. We recommend that a questionnaire be created that would place the following issues into context in the company concerned, to ensure that subjectivity is reduced and classification can be consistent.

We describe "a lot of work" in one or more of the following ways:

All of these require, potentially, a lot of work to resolve. Note: the guidelines given assume that remediation projects will commence by latest 3rd quarter 1998!

Note that none of the above lists are necessarily conclusive! The evaluation of the risk level criteria could be a lot broader than what we have described above.

That is why we have developed a classification scheme of CCIs to assist with the determination of risk level.

Taxonomy

This classification scheme considers each CCI from a number of different perspectives. The exact classifications are summarised at the end of this document.

CCI type classification.

Configuration Item Type. This describes whether the CCI is an application or a platform. If it is a platform, what type of platform is it.

Configuration Item Type (Jones). Capers Jones has described 20 different types that give a good indication of the complexity and effort associated with each type.

Configuration Item Scope. The scope ranges from a single line of code (which is the CCI that a code scanner typically addresses), through to a compound system (like SAP, BPCS, etc. which are actually sets of systems).

Importance Index. This describes the level of usage, ranging from a single user to a COTS, which may be used by millions. There is usually a correlation between development and maintenance cost and rigour and the nature of the use of the CCI.

Date Involvement.

This set of classes describes the extent and nature of date usage in the CCI.

Date Class. The date class considers the manner in which dates play a role in the application

Acceptability Index. This classification considers the types of dates used (Julian, ordinal, ISO8601, etc.).

Risk Assessment.

Compliance Certification Level. This classification describes the level of certification of the CCI. The range is from a system that has already been retired (but still appears on lists) to uncertified.

Note also that certification is a sticky issue. Very few and quite possibly only foolhardy vendors would be prepared to offer a carte blanche certification for their product. This is because certification depends on so many different factors, including the way in which the CCI is installed and its interaction with other CCIs. As a consequence there has been significant backtracking on the part of many vendors in the last year with regards to the certification level of each CCI.

In any event, compliance level can only be verified if the certificate is accompanied by a description of the testing process (often a proprietary issue, or trade secret) and documented test results, which can be replicated consistently.

Risk Category. The risk category considers the likely result if a CCI is not fixed. It ranges from no impact (if there is no date processing involved – although there may be dates in the system, but they are for sight purposes only, not used in calculation, access, sequencing, manipulation, etc.)

Compliance Item Priority. This classification describes the use of the CCI in the enterprise and its likely effect if it should fail.

Proposed Action.

Compliance Strategy. We need to determine how the problem will be addressed at a high level. For example, elimination, repair, retirement, developing an interim solution, replacement, transfer, and so on.

Compliance Action. The compliance action describes what should be done to address non-compliant CCIs (nothing, fix, etc.).

Compliance Approach. If the proposal is to fix a date related problem, then what is the approach that is proposed – expansion, masking, etc.

All of these aspects come into play in finally determining the risk level of a CCI.

Classification Process.

The process that is followed can be roughly described as follows:

  1. Investigate CCIs. Part of which would be to ask the owner of the system what they feel the criticality and amount of work would be.
  2. Document the results.
  3. Complete the classification scheme.
  4. Review the opinion of the system owner (with regard to risk level) against the results of the investigation and the classification scheme.
  5. Revise the risk level.
  6. Confirm the findings.
  7. Prepare plans for follow-on work and a testing proposal on the basis of the risk level.
  8. Seek approval for the general approach.

The classification of items is based on the following simplified model of the role of technology in the enterprise (see the accompanying figure).

In its most simple form, an enterprise is made up of business units, which are supported by application areas. Application areas are made up of one or more applications or systems.

Business units can be functional, geographical, hierarchical, or according to any other classification. For example, they may be Admin, Finance, Manufacturing. Or they may be Gauteng region, Western Cape region.

Application areas are typically groups of applications or systems that work together to support a particular function or set of functions, for example, Financial Accounting, Production Planning, Order Processing, etc.

The terms systems and applications are used interchangeably as any combination of software and procedures that are applied to supporting a business function (for example, Debtors, General Ledger, Salaries, Master Production Scheduling, etc.)

A platform is any technology that is required by the application or system

Platforms therefore only have a reason for existence by virtue of the applications that require them.

Deliverable

Exit Criteria

CoA

Name

Description

ID

Name

Prio

Description

2 Discovery & Assessment

2A Preparation

2A01

Define Y2000 Compliance

Year 2000 compliant: technology, including but not limited to, information technology, embedded systems, or any other electro-mechanical or processor-based system, when used in accordance with its associated documentation, is capable of accurately processing, providing, and/or receiving date data from, into, and between the twentieth and twenty-first centuries, and the years 1999 and 2000, including leap year calculations; provided that all other technology properly exchanges date data with it. (IEEE P2000.1 Draft Standard for Year 2000 Terminology.)

Describe how the enterprise views compliance. Note that there are instances where it will not be necessary for technology to be compliant.

YI001

Compliance Requirements Definition

A

Approved YI001

2A02

Create Draft Compliance Information Request

As a pert of the "due diligence" process, it is essential that one obtains statements of compliance from vendors, customers, partners and other enterprises that provide services or sell products to the enterprise.

It is not practical to send the same letter to everyone. Letters need to be tailored according to potential risk and information required. If you right one all-encompassing letter, and send it to 5-6000 enterprises that interact with your enterprise in some way, and let us say that a miracle occurs and they all complete the 20-page missive completely, how will you process all the information received?

YI101

Compliance Information Request

B

Compliance Info Request letters sent

2A03

Confirm Scope with Sponsors

Scoping a Y2000 project is very difficult. It is only at the end of this phase that one will be able to say with some measure of confidence what the impact of the Y2000 on the enterprise is likely to be.

Be especially careful to not use "definite language" in this phase. Most enterprises find that they are faced with scope ballooning (rather than scope creep) when entering into a Y2000 project.

YM101

YM102

YM111

YM112

YM121

YM122

YM901

YM902

YM903

YM904

YM905

YM101

YM102

YM111

PM230

FD400

WP001

Business Unit Inventory

Locations Inventory

Application Area Inventory

System Inventory

Platform Inventory

Vendor Inventory

BU / Location xref

BU / Application Area xref

Application Area / System xref

Vendor / System xref

Vendor / Platform xrefBU Inventory

Locations Inventory

AA Inventory

Responsibility Matrix

System Inventory

Meeting Notes

A

Scope agreed to.

2A04

Create Macro Inventory

All known information, at a high level, should be captured using a reusable mechanism, so that detail may be added as it is discovered.

YI801

YI803

CCI Inventory

CCI Summary

2A05

Determine Priorities

Identify which systems are most important to the enterprise, and where the highest Y2000 impact is likely to be (in conjunction with the projected work to make the systems Y2000 ready). Identify which systems will need to be code scanned.

Start preparations for taking code off-site for scanning. Agree whether the approach is to be impact assessment only, scanning only or scanning and remediation. If code scanning is to be done, be aware that most factories will have a methodology that is to be followed.

FD400

FD400

System Inventory

Inventory of Systems to be Scanned

Impact Assessment Strategy

2A06

Document Findings

The purpose of this deliverable is to act as the first definitive measure of the impact of Y2000 on the enterprise. It can be used to determine a macro estimate for the amount of work, cost and time that is to follow.

Users should use this deliverable to verify that no important areas have been missed, and that the project team is on the right track.

YI901

Macro Assessment Report

A

User signoff of information presented.

2B Detailed Investigation

2B01

Describe Platforms

YI121

YI122

Platform Summary

Vendor Summary

A

All platforms identified

2B02

Obtain Vendor Compliance Statements

YI101

YI121

YI122

FD401

Compliance Information Request

Platform Summary

Vendor Summary

System Summary

A

A

A

All vendors identified

Vendors ranked by importance

Letters sent to all important vendors

2B03

Investigate System

Depending on the Assessment strategy, assess the systems through interviews, documentation reviews, sight checking, or code scanning.

WP001

YI131

YI411

YI422

Notes

Database Compliance Summary

Inputs Compliance Summary

Outputs Compliance Summary

2B04

Describe System

YI655

FD401

System Map

System Summary

2B05

Define Application & System Interfaces

FD430

FD431

YI432

Interface Inventory

Interface Description

Memo to Partner System Project

2B06 Check Compliance

2B06a

Do Code Analysis

 

 

YI804

YI806

YI805

Code Removal Contract

Code Removal Plan

Code Changes List

Unused Code Summary

Collateral Improvement Summary

2B06b

Identify Replacement / Upgrade Items

YI113

COTS Replacement / Upgrade Summary

Compliance Requirements

High Level Compliance Assessment

2B07

Confirm Priorities

FD400

Systems Inventory

2B08

Confirm Business Risks

YI412

PM504

Contingency Requirements

Business Risk Summary

2B09

Determine Compliance Strategy

YI652

YI801

YI803

Recommended Compliance Strategy

CCI Inventory

CCI Summary

2B10

Specify Changes & Action Steps

YI802

YI651

YI602

YI670

YI701

YM014

CCI Segmentation Summary

Implementation Alternatives

Conversion Tool Recommendation

Conversion Environment Recommendation

Configuration Management Tool Recommendation

High Level Cost Estimate

2B11

Define Compliance Testing Requirements

TD701

YI702

YI703

Test Proposal

Testing Facility Requirements

Testing Tool Recommendation

2B12

Finalise Requirements Specification

YI900

Impact Analysis Report

2C

Level 1 Compliance Verification

YM112

YM121

Platform Inventory

Platform Summary

2D

Planning & Authorisation

PM014

PM203

PM210

Programme Budget

Sub-Programme Work Plan

Project Plans

Client Authorisation of Budget

Client Authorisation of Sub-Programme Work Plan

Remediation

Overview

Remediation (Renovation): Convert, replace, or eliminate one or more system elements; modify interfaces. (IEEE P2000.1 Draft Standard for Year 2000 Terminology.)

The Remediation Phase is the most difficult to provide a definitive framework for, since the exact tasks will depend on the remediation strategy (replace, retire, repair) and approach (expansion, encapsulation, masking). The tasks below should thus be regarded as being at a high level only. We recommend that sub-projects be created for, especially, the system renovation tasks. These can then be consolidated into tasks at a macro level in order to provide a comprehensive picture.

For example, if the renovation strategy is that a system will be replaced with new development, then the sub-project would be made up of the tasks that are typically associated with a new development framework. If the strategy is to repair, the sub-project would be made up of all the tasks typically involved with a maintenance framework. Instead of a project per system, one could group similar systems, or the systems that make up an application area. Alternatively, systems could be group by strategy.

However one groups remediation work, risk must be considered. It would generally be bad practice to group together high-risk systems with those of lower risk.

In fact, if a system is high risk (Risk Level is A or B), one should consider managing it as a separate project. This ensures that the focus on high risk systems is not lost.

When lower risk systems are grouped with a high-risk system, there is the possibility that attention will focus on the lower risk items to the detriment of the high-risk system.

The first step in remediation is to review the strategy that was proposed during the Assessment phase. One needs to confirm whether this strategy is still the right one – especially if there has been a number of parallel Assessment phases (typical in large enterprises).

The activity is concluded with the acceptance of Project Charter(s) for the Remediation Phase. A separate Charter should be created for each remediation project.

Having obtained management approval on the way to go, the next step is to prepare for the renovation work. If platforms are non-compliant, then they need to be updated (typically involves a "patch" or a "service release) or upgraded (usually involves a new version). The amount of work varies quite dramatically, depending on whether we are dealing with an update or an upgrade. Updates are often free, whilst upgrades must usually be paid for.

Upgrades may also involve changes in functionality. Therefore, it is possible that follow-on work may be involved (for example, if functionality has been added, or existing functionality has changed, or underlying data structures have changed).

Then, if a platform runs on other platforms, the upgrade may result in a cascade of upgrades. For example, the enterprise uses an MS-DOS-based accounting package that is not compliant. As it turns out, the only compliant version is the latest version, which requires Windows 95. In this case, to upgrade the package, the enterprise will probably have to replace the hardware, then upgrade to Windows 95 before the accounting package can be upgraded. As an additional knock-on effect, it is possible that other software would also need to be upgraded (like the word processor, spreadsheet and so on). Then, the users will have to be trained to work with a mouse, graphical user interface and so on.

In addition, if physical renovation work has to take place, it may be necessary to prepare the technical environment for this – latest versions of platforms must be ordered and installed, etc.

If code renovation is to be done off-site, authorisation must be obtained to do so, etc. In addition, it may be necessary to obtain software factory quotes, negotiate impact analysis and / or code renovation contracts, and so on.

Having done the preparatory work, it is then necessary to design the changes that will be made. This will depend on the nature of the remediation strategy. If a system is to be replaced, the existing system must be taken out (retired), this may involve modifications to partner systems, since it is unlikely that the functionality of the replacing system will match the existing system exactly.

If a system that is no longer required, is being replaced, one needs to be certain that there are no partner systems that depend on functionality that will no longer be available.

Therefore, the design of the solution can be quite complex and an essential task.

If there are any interfaces, the changes need to be planned, designed and implemented very carefully. An interface always has at least three essential components.

The "owner" of the interface is the system that has control over the layout of the data in the interface, how often it occurs, what the format must be, and so on. The owner is usually the system that required the interface to be created in the first place.

One of the main challenges is co-ordinating that all of these things occur in a properly synchronised fashion.

If the remediation approach is to expand dates, then data file layouts will change. Again, there may be other systems (partner systems) that share the same data. Changes to data layouts may impact on these partner systems.

Regardless of the strategy and approach that is adopted, the changes to the system need to be designed.

If a masking approach is adopted, bridging routines must be developed.

Before the renovation is attempted, the production system must be backed up and a freeze zone started. By definition, no changes may be made to the production system during the freeze zone (other than what one would call emergency changes - statutory changes or bug fixes).

The remediation strategy is then implemented, and regression testing is performed (note: it is vital that the remediation work be limited to Y2000-related changes to ensure that the duration of the frozen zone and complexity be kept to a minimum). Regression testing merely tests that the changes that have been made have not caused the software to regress – or go backwards, i.e. the system still does exactly what it did before the changes were made.

There is often a temptation to fix other problems that are uncovered in the process. Care should be taken that this extra work does not jeopardise the successful and timely completion of the Y2000 project. Note that allowing other changes to be made would impact on regression testing, and could require changes to be made to standard test cases.

Before the system can then be transferred back into production, a delta analysis must be performed to identify any changes that were made to the production system that slipped past change control. This is typically done by doing a binary comparison between the copy made of the production system when it was transferred to "maintenance" and the production system. If any changes did slip through, plus if there were "emergency" changes recorded by change control, these must first be retrofitted to the renovated system before it can be transferred back to production.

Finally, there would typically be a "warranty period" during which time the renovation project team would be on hand to fix any failures that might occur, before the renovated system is signed off.

 

Deliverable

Exit Criteria

CoA

Name

Description

ID

Name

Prio

Description

3 Remediation

3A Confirm Phase

3A01

Review Remediation Strategy

Consider whether the strategy proposed during the assessment phase is still correct (replace, retire, repair). This may have changed as a consequence of elapsed time (there is not enough time anymore to implement the proposed strategy, if the time to go-ahead decision point was too long); enterprise priorities as a result of other projects force a change, etc.

PM040

Project Charter

A

Approved Strategy

3A02

Review Remediation Approach

Review the proposed approach (expansion, bridging, windowing, etc). Is the approach still feasible within the time remaining?

PM040

Project Charter

A

Approved Approach

3A03

Approve Phase

Create a Project Charter for each system to be remediated.

PM040

PM220

Project Charter

Remediation Phase Plan

A

Signed-off Charter

3B Prepare for Remediation

3B01 Perform Platform Update / Upgrade

This activity is required if the system is dependent on platforms, that must be updated (apply patches, service releases, etc) or upgraded (install new version of software / hardware).

3B01a

Confirm Version

Verify that the version of the software identified in the Assessment phase is still current. If the required CIs are not available, record follow-up notes for when they are. Identify the material differences between the current version and the new version (defect fixes, new features, changed functions, etc). Identify whether there will be a ripple effect (platform upgrade requires upgrade to the platforms it runs on – for example, operating system upgrade, which in turn requires a hardware upgrade. Do these upgrades have consequent knock-on effects, e.g. that other software that run on them must be upgraded?)

YI101

PM413

YI121

YT210

Vendor Information Request

Follow-up Note

Platform Summary

Delta Summary (New Features, Changes, etc.)

3B01b

Obtain Update / Upgrade

Investigate the contractual terms that exist between the company and the vendor that is supplying the platform. Is the update / upgrade free? What are the conditions that apply? (Note that this task may involve a little effort, but may materially affect the duration.)

Contract

Software

3B01c

Plan Installation

Identify how much work will be involved, who will do it and by when. Note especially how any new features and changed functions will be dealt with – changed procedures, retraining, etc.

PM220

Software Update/Upgrade Plan

3B01d

Perform Installation

When the update / upgrade has been received, it must be installed.

Updated / Upgraded Software

3B01e

Validate

Test that the installation was correctly done. Especially verify that there were no unexpected knock-on effects.

TD710

QM591

Test Plan

Confirmation Report

3B01f

Update Environment

If there were changes to / new features it may be necessary to train personnel and update procedures.

Updated Procedures

Trained Personnel

3B01g

Warranty Period Support

Provide hands-on support for required period after successful completion.

PM414

Incident Reports

3B02 Prepare Remediation Environment

3B02a

Prepare Technical Environment

This task would involve obtaining and setting up all the components that are required to perform remediation work. For example, to purchase bridges, language extensions and standard date routines, if these are available. In addition, it may be necessary to consider licence issues like having a temporary copy available for testing purposes, ensuring that the system date may be rolled forward / back without licence agreements being violated.

Obtain language extensions, tools, etc.

Establish remediation technical environment

3B02b

Prepare Organisation Environment

If software is to be renovated off-site, there may be a need to establish a removal contract. The change control policy and a freeze period enforcement approach must be completed to ensure the minimum retrofitting of emergency changes.

Worst case should be that production software libraries are password protected and that copying into production can only be done under controlled circumstances. Look out especially for violations after hours when control tends to be more lax because of batch run failures.

YM201

YM211

YM210

Source Removal Agreement

Change Control Policy

System Freeze Policy

A

Enforceable Freeze Zones

3B03 Design Remediation Architecture

3B03a

Confirm Renovation Approach

Having been through the initial work in this phase, we must once again re-look at the renovation approach. Expansion is theoretically the best approach, since it will have the effect of reducing follow-on work, however, on large projects, it could take more than 3 times as long to implement as a language extension (if this is available) and almost twice as long as masking (which purists would argue is wrong, because it merely postpones the problem.

The interface policy must be determined early, as it may have to be negotiated with external partners. There may be third parties as well, who might force the issue because of a lack of resources (e.g. the government, data transmission agencies like VANs and the ACB, where financial transactions are concerned).

The data management policy has to do with the management of data and the interactions of the system with the database (including "flat files"). Is it even feasible to adopt expansion – regardless of the cost and time issues (sometimes files sizes may be so large that adding 2 extra bytes is not a desirable option? Should one mix expansion and masking? What about timing of the data changes? What about backups, archiving, disaster recovery?

After a detailed look at these matters, the renovation approach summary describes the proposed architecture.

Interface Policy

Date Management Policy

Renovation Approach Summary

3B03b

Confirm Data Conversion Strategy

If data conversion is to take place, then describe why, what, how, when, who, where this should be done. Of key concern is the interrelationship of different systems with the database. Especially the synchronisation of the required changes to the systems that the database changes will necessitate.

Data Conversion Strategy

A

DBA approval

3B03c

Confirm System Architecture

Describe the changes to the system, review the system map and plot the changes, identify and record the key dates by when actions must happen, before which they cannot happen, when decisions must be taken, when status of the implementation of critical path decisions must be checked, etc.

Describe how versioning will be controlled, how emergency changes will be kept to a minimum during changes, how changed system will be transferred back to production, synching issues with other systems.

System Summary

System Map

Key Dates Summary

Configuration Management Issues

A

A

Management approval

Decision to proceed

3C Renovate Interfaces

3C01

Design Interface Renovation

Review the list of interfaces, is it complete? Has it changed? Are the interface details described correctly and completely? Is the list of configuration items that may be affected by date related interfaces complete? Have the required changes been described in sufficient detail to act as a "change spec"? Are all of the interface partner systems listed and described?

If masking is to be implemented, create a spec for the different routines to be used, including rules as to where they need to be implemented.

Produce the interface design spec.

FD430

FD431

YI801

YI803

YI804

TD431

Interface Inventory

Interface Summary

CCI Inventory

CCI Summary

Masking Spec

Interface Design Spec

A

A

Passes design walkthrough

Conforms to strategy

3C02

Plan Interface Implementation

Confirm implementation dates with partner system owners. If any partner dates do not fit in with critical path dates, develop a contingency plan, modify specs accordingly.

TD431.1

PM220

PM420

Interface Design Spec: List of partner systems

Interface change deployment plan

Contingency Plan

A

B

Approve plans

Partner system owner approval

3C03 Change Interfaces

This task would typically only be required if there are actual changes to the interface file(s), e.g. as a consequence of adopting expansion as the renovation approach. If the approach is masking, this task will not be required.

3C03a

Change Interface File Layouts

Modified Data CCIs

A

DBA approval

3C03b

Change Partner System Programs

If interface file layouts change, the programs that interact with those files will need to be changed. Keep in mind that since it is not always possible to modify all partner systems simultaneously, masking routines will have to be developed to present that new data in the old format to unchanged programs.

Masking Routines

Modified CCIs

3C03c

Test Changes

Test the changed programs, check before and after images of interface data – either to check that they are identical (if masking is used) or that they have changed correctly (if expansion is used).

Ensure that processing of interface is correct, via transaction trace and via data file comparison.

Data Delta Analysis

Change Confirmation

A

A

Interface contents confirmed

Data processing correctness confirmed

3D Renovate Data Files

This task would typically only be required if there are actual changes to the data file(s), e.g. as a consequence of adopting expansion as the renovation approach. If the approach is masking, this task will not be required. Note that the scope is not limited to permanent files (i.e. those described as internal logical files by the rules of function point analysis), but also temporary files as well (those that exist by virtue of the technology or processing approach).

3D01 Design File Changes

3D01a

Define Data Changes

Check that all of the data files were identified and have been recorded, as well as that there is sufficient information about each to design the changes. Check that CCI’s exist for each field that is impacted. Describe the changes that must be made.

FD140

FD145

FD115

Data File Inventory

Data Record Inventory

List of Impacted Fields

3D01b

Design Conversion Programs

Design the programs and procedures that will be required to do data conversion. If the data is accessed by more than one system, there may be a need to implement masking for those systems that cannot be modified simultaneously.

TD650

UD850

UD851

Data Conversion Spec

Conversion Program Spec

Conversion Process Flow Diagram

A

DBA approval

3D02

Plan Data Conversion & Roll-out

Develop a detailed plan for the development and testing of conversion programs and describing when and how conversion will be done. If synchronous conversion is planned, define a contingency plan in case of failure.

PM220

PM420

Data conversion & deployment plan

Contingency Plan

B

Partner systems approval

3D03 Convert Data

3D03a

Write Conversion Programs

Conversion Program

Operator Instructions

3D03b

Back Up Files

Before files are converted, ensure that they are backed up and in a safe place and that the recovery procedures work.

Backed-up Files

Contingent Software and Data backups

DRP Copies

Recovery Procedure

3D03c

Perform Conversion

Converted Files

3D03d

Validate Successful Conversion

Check that conversion was executed successfully. Confirm that data was changed, or was unaffected as the case may be.

Delta Analysis Report

Confirmation Report

A

DBA approval

3E Roll-out Data Changes

3E01

Inform Partner System Owners

Confirm the plan to role out the converted data files with partner system owners. Review contingency plan if critical dates cannot be met.

Interface Change Memo

Contingency Plan

B

Partner system owner approval

3E02

Agree Implementation Dates

Finalise role out planning by agreeing firm role-out dates.

Follow-up Dates

3E03

Apply Changes to Production

Copy changed data files to production.

Changed Data Files

3E04

Provide Warranty Period Support

Be ready to provide immediate support if this should be required.

Incident Reports

3F Renovate Systems

3F01 Design System Renovation

3F01a

Confirm Impact Analysis

Review the findings of the Assessment study. Identify any missing issues. Confirm the recommendations made at that time.

System Summary

A

Business Owner Approval

3F01b

Design System Changes

Design changes based on the strategy adopted (retire: ensure no dependent components will be adversely affected. Replace: ensure that dependent components will continue to operate without failure. Repair: design to normal maintenance project standards, with additional risk management activities.)

Also include the design of standard date routines, masking routines, etc.

As per risk-management-influenced maintenance methodology.

Date Routine Inventory

A

Design sign off

3F02 Renovate Systems

3F02a

Develop Standard Routines

Code and test standard routines.

Date Routine Inventory

Date Routine Module

3F02b

Freeze Production System

Implement freeze procedures and ensure that no program changes can occur without passing through formal change control and without the use of configuration management tools, if possible.

Incident Reports

Change Control Log

Change Control Summary

A

A

A

Regular monitoring of change control

Effective change control in place

Only "A" priority changes are permitted

3F02c

Back Up Production System

3F02d

Update / Upgrade System

This process assumes that the software is COTS, or a "package" developed by an outside party, which is subject to version and release control. Releases are typically involve maintenance updates (i.e. fixes), whilst versions typically include new or changed function.

This is often the easiest to manage, unless there are knock-on effects. For example, data structures may have changed, requiring data conversion.

If the software had previously been customised, it may be necessary to remove the changes before the upgrade can be made, after which the customisation may have to be retrofitted.

If version upgrades have been missed, it may be necessary to do a stepwise upgrade. Be aware that if version numbers are substantially different, technology changes may have occurred as well (for example, from "green screen" to Windows-based).

Thus the upgrade may involve retraining, procedure changes, data conversion, etc.

Most suppliers have standard project planning templates for updating / upgrading their software. It is preferable to use those and not make your own.

However, be aware of critical dates and follow-on projects. Consider these carefully when finalising the detailed plan.

3F02e

Replace System

This strategy involves replacing the existing, non-compliant system with a completely different system. It usually applies when the existing system cannot be made Y2000 ready, for whatever reason.

This is a high risk approach, as it often involves technology unfamiliar to the enterprise.

Develop Replacement Plan

Execute Development Plan

Convert Old to New Database

3F02f

Renovate Code

Code renovation may be performed in house, manually or with semi or fully automated tools. Alternatively, it may be done externally by a software factory.

If done by a software factory, there usually are project planning templates describing tasks and deliverables.

3F02g

Retire System

When retiring a system, be aware that there may be other systems that share data, or receive interfaces from or provide interfaces to the retired system.

Procedures may also need to be changed, and staff retrained.

Retirement Agreement

Retirement Plan

Partner System Change Design

Partner System Change Specs

Partner System Changes

Partner System Test Plans

3F02h

Develop Interim Solution

An interim solution is intended to provide key functionality for a limited time only. Because controls are typically not as tight as in a proper functioning system, care needs to be taken that there are manual controls in place to ensure that errors are trapped before major failure occurs.

In interim solution is often a drain on resources and requires much higher level of ongoing support.

Existing System / Interim Solution Difference Report

3F02I

Develop Workaround

Workarounds should be developed for every critical function. Workarounds are typically designed to be activated if a system remains non-operational for a predetermined period of time.

Be aware that in enterprises where re-engineering has recently taken place, It may not be a simple matter to re-activate discontinued manual procedures.

List of Workarounds

Workaround Procedure Spec

Workaround

Workaround Procedure Checklist

Workaround User Guide

Training Materials

3F02j

Transfer System

This typically involves transferring the running and maintenance of a system to an outside party (outsourcer).

The outsourcer typically has project planning templates to assist with planning the project tasks and deliverables.

Be aware of critical dates and follow-on projects.

3G Regression Testing

3G01

Develop Test Plans

Test Plans

Configuration Management Procedure

3G02

Create Test Packs

Test Scripts

Test Data Files

Baseline Pack

3G03

Test System & Data Changes

Test Log

Incident Reports

3H Transfer

3H01

Plan Return to Production

Cut-over Plan

Recovery Proposal

3H02 Apply Changes to Production

3H02a

Perform Delta Analysis

3H02b

Retrofit Emergency Changes

3H03

Transfer Renovated System

3H04

Provide Warranty Period Support

3H05

Develop Fallback Procedures

3H06

Sign Off Renovation

Verification & Validation

Validation (audit): Test, certify and validate one or more converted or replaced system elements. (IEEE P2000.1 Draft Standard for Year 2000 Terminology.)

During remediation, our objective was to disrupt business as little as possible by keeping frozen zones as short as possible. As a consequence, we recommended that testing should be limited to regression testing.

It is unlikely that any sizeable enterprise will have only one system that is impacted by the Y2000 problem and must consequently be fixed. Since it is quite likely that there are multiple systems, these systems must be tested specifically for the Y2000 as well as that one will not upset the other.

There is a strong case to be made that Y2000 testing will be the greatest challenge any Y2000 programme will face – not only in terms of effort and duration (there is much evidence to indicate as much as 50 –70% of total project duration and more than 50% of effort (person hours)), but also in complexity.

During Verification & Validation, we must verify that the Y2000 changes were correctly done and validate that the different system will work together correctly during the year 2000 and after.

For example, we will need to set the system date forward to 1 January 2000, 29 February 2000, etc.

Year 2000 testing is one of the most critical activities that any Year 2000 project will engage in. Practice has shown that most companies are rather poor at testing. The average system will be delivered with only around 95% of "bugs" removed.

The accompanying table shows the generic types of testing that are usually performed. Of interest, is also the percentage of organisations that actually perform those types of tests. Not all of the tests apply to Y2000 projects, and the type of test often depends on the nature of the system.

In the case of Year 2000 projects, this means that these bugs will only be discovered after the 31 December 1999, with the consequent disruptions to business and associated problems.

When modifying code, most organisation will inject one new defect for every 14 they fix (the best organisations achieve 1:50 and the worst 1:5).

It is therefore critical that proper attention be paid to the planning and management of testing. This is especially true because testing is the last major activity to occur and time will in all likelihood have run out – i.e. there will be no time for recovery from lost opportunities or unavoidable error.

What makes Y2000 testing particularly difficult and complex is the number of systems that must be tested at the same time (this may be by choice or by requirement) and the divergent nature of the systems being tested. In addition, it is likely that the testing phase will be subjected to severe time constraints.

Y2000 Testing Process

We will describe the testing-related activities that should be executed during each of the phases of a year 2000 project in this section.

Awareness

There are no specific testing related activities envisaged during the Awareness Phase, other than to warn the enterprise of the criticality of testing and the input that will be required on the part of business.

Discovery & Assessment

Since management is requested to approve a strategy for Y2000 compliance remediation at the end of the Assessment phase, it is important that the risks are clearly defined for review.

Associated with risk, testing must be performed to "prove" that the enterprise will not be subjected to excessive business risk (beyond what it has normally accepted and lived with in the past). Since there are broader issues involved than just the correct operation of systems (for example, there is quite possibly an issue of "due diligence" that affects directors and officers of the enterprise, and there is the likelihood that auditors will be required to report on the effectiveness of Y2000 remediation exercises), it is important that management be made aware, and have the power to influence, the plans to prove the remediation work.

It is thus important that a Test Proposal and High Level Test Plan be completed before the conclusion of the Assessment Phase, and that these documents be included as a part of the Assessment Phase exit criteria.

Create Test Proposal

The purpose of the Test Proposal would be to describe to management what the different options for testing are (from no testing at all, to in depth testing), including the rationale for each. A recommendation is made.

Describe Hi-level Test Strategy

The team that has done the assessment of systems should have a good understanding of what testing will be required. For the recommended approach (a la the proposal), a broad strategy is described – what should be done, what input will be required from the business, when it should be done, what the test bed requirements are likely to be, etc.

Remediation

During remediation, whilst the changes are being made to the system, is the time when detailed test cases should be developed.

Ideally, a separate team should be working on this. They can act as check on the remediation team to ensure that the most important objectives are being achieved. If the remediation team develop the test cases, there is a chance that the time pressure will seduce them into cutting testing, or developing test cases that prove what they have done (rather than proving what they should have done).

The remediation team should be responsible for unit testing of changes, limited integration testing (for example, at the function level) and regression testing (proving that the changes have not changed existing functionality, or introduced new errors.

Test beds should be readied during this phase.

Validation

The validation phase should be restricted to Y2000 testing.

The test beds should be ready, configuration management in place to manage the relationship of systems in production and test, etc.

The testing of each system should be concluded with an acceptance test, where users take back control of the fixed systems.

Implementation

Implementation should not include any testing activities.

Y2000 Testing Project Deliverables

Testing Proposal

Base assumption: it will not be possible / may not be necessary to test everything. Test Proposal is created during Assessment Phase to propose to business what, why, how, where, when testing should be done, and by whom. Dec’97 Cap-Gemini survey indicated that all surveyed companies would perform partial testing only.

Purpose: to show the decision-making process involved in determining what should be tested, and what not. Reason: for the sake of "due diligence".

Test Strategy applies to those systems that will be considered for testing. (Note this important distinction!)

Test Proposal should describe how different systems may be grouped for portfolio testing (note that a system may be a part of more than one portfolio) as well as the objectives of enterprise testing.

Proposal assumes a risk driven approach. Generic strategies are:

The Testing Proposal should include the following components:

A high level Testing Strategy, which would include:

Testing Strategy

For those systems that will be subjected to testing, describe what, why, how, where, when this testing will be done. I.e. the test strategy would be a refinement of the Test Proposal, for the subset of systems that will be included for testing.

A Test Strategy is typically determined for each system, or portfolio of systems to be tested. Partition on the basis of what can conveniently be handled by one team. Note that the remediation team would typically be involved in the testing effort. This should make scheduling interesting.

Testing should generally be restricted to date-related testing. There is unlikely to be enough time and resources to do more.

The Test Strategy should address the following aspects:

The Test Strategy is typically made up of the following components:

Test Plans

The Test Plan describes the scope, approach, resources and schedule of intended testing activities, as well as the testing environment. The Test Plan describes the specific functions, transactions and features to be tested, who will do the testing, how they will do this and when, and what contingency action will be taken should major risks be realised.

The nature and comprehensiveness of testing should be tailored to the criticality of the item. (See the Classification Codes for more information on determining criticality, impact and approach.)

It is often useful to make use of a network-diagramming tool (such as may be found in a project management tool like MS Project) to describe the dependencies and flow of a major testing activity.

Functions

An Inventory of relevant (date-impacted) Business and Technical Events should be created during the Assessment Phase. Events result in processes that are supported by Business and Technical Functions. Inventories of these, together with Function Summaries for relevant functions should also be created.

Business and Technical Functions should be categorised according to the degree of date impact and the criticality to the enterprise or business unit.

Critical Functions should be reviewed to determine the nature and level of testing that should be performed. Test cases would be devised for these functions.

Functions are performed by executing transactions. Thus, test cases should describe the event that causes a transaction to be executed, followed by a detailed transaction flow until the condition arises that causes activity to stop.

For each relevant function, identify whether (or not) the function will be included for testing and the rationale behind the decision.

Acceptance Criteria

There are generally two types of criteria: generic (which apply across the board, and should be considered for test cases in all test plans) and specific (which apply to a specific application).

Examples of generic criteria include testing for century change, leap year, etc.

Examples of specific criteria include for specific action that would relate to specific application-determined dates, century-spanning, etc.

Refined Test Bed Requirements

As the nature and comprehensiveness of the testing is clarified, it is possible to be more specific about the exact requirements of the test bed.

Information required for the provision of the test bed includes:

Test Case

A Test Case specifies the set of test data, together with the associated procedures developed with a particular objective in mind. Test data includes a populated database, input values and expected results. The amount of data will depend on the nature of the testing (whether an aspect of performance is included, possible condition coverage, etc). Test cases must be defined for both internal interactions of a system, as well as interaction with other systems (interfaces).

In some instances, Pass/Fail criteria may be defined. For example, if a range is acceptable, the low and high values need to be specified.

The objective of the test case should be clearly defined (why this test case should be executed).

Test conditions should be described, which define different scenarios that would apply (for example, century rollover, century spanning). In addition, any constraints should also be defined (time constraints, dependencies, etc).

The test procedures should list the exact steps that need to be followed to achieve the desired level of certification.

Expected test results should be identified that can be used to verify a successful test.

Test Log

A test log should be used during the course of applying test cases to ensure that every test step is executed according to plan.

Small incidents that are resolved immediately by the testing team, and do not require additional follow-up should be recorded on the test log.

Test Incident Reports

A test incident report should be completed for every incident that occurs that requires additional action. Small issues that are resolved immediately can be included in the test log.

Reducing Testing Time

Considering the comment made in the introduction about the risks associated with testing (that there will in all likelihood be no time for error), it would be useful to consider some ways in which the elapsed time could be reduced.

Remember that there are usually benefits associated with risk taking (else why would you take the risk?). The key is to ensure that one receives the benefit, and is not punished (by realising the risk).

Deliverable

Exit Criteria

CoA

Name

Description

ID

Name

Prio

Description

4 Verification & Validation

2T Assessment Phase Activities

2T01

Business Area Analysis

Identify what the major functions of the business unit are, and how these are supported by technology. This exercise can be useful as a check to ensure that all systems have been identified.

FD220

FD221

Business Function Inventory

Business Function Summary

2T02

Business Function Analysis

Prioritise the business functions to identify which are the most important ones.

TD902

FD430

Business Function / System Function xref

System Interfaces Inventory

2T03

Critical Function Analysis

Identify the technology that is used to support each of the most important functions.

TD902

FD902

FD431

Business Function / System Function xref

Function / Entity xref

System Interface Summary

2T04

Testing Tool Investigation

Investigate whether there are tools available to assists with testing.

 

YI703

Tools Survey

Tool Recommendation

B

Tools / lack of identified

2T05

Describe Testing Requirements

Based on the information gathered about systems, a testing proposal should be developed that describes what should be tested and to what degree. Subject to management approval, a testing strategy is then defined.

TD700

TD701

Test Proposal

Hi Level Test Strategy

A

Testing Proposal Approved

3T Remediation Phase Activities

3T01 Y2000 Test Planning

3T01a

Review Testing Proposal

TD700

3T01b

Review Testing Strategy

TD701

3T01c

Review Test Bed Requirements

3T02 Y2000 Test Preparation

3T02a

Create Test Plans

TD710

3T02b

Create Test Cases

TD711

3T02c

Establish Test Beds

4T Y2000 testing

4T01 Prepare for Testing

4T01a

Review Testing Strategy

TD701

4T01b

Approve Phase Plan

4T02 Perform Y2000 Testing

4T02a

Conduct Future Date Tests

4T02b

Conduct Y2000 Regression Tests

4T02c

Conduct System Integration Tests

4T02d

Conduct Other Specialised Tests

4T03 Y2000 Certification

4T03a

Create Certification Packs

4T03b

Verify Successful Test Completion

Implementation

Implementation: Place into production one or more converted or replaced system elements. (IEEE P2000.1 Draft Standard for Year 2000 Terminology.)

During Implementation, the usual tasks associated with placing systems back into production are addressed. However, in most case, these have been addressed in prior phases. For example, after code renovation, regression testing was done, after which the system was placed back into production. At the end of Y2000 validation, there should not have been any issues that would require special handling - after all, the system should have been working in production for some time.

What we will need to focus on, is to prepare the enterprise for the year 2000. For example, making staff fully aware of contingency plans and fallback procedures. If the decision has been made to place less important functions on hold during the fist weeks of January 2000, and use the staff to support critical functions, then they would need to be trained.

Time need to be taken to do "what if" scenarios, to ensure that as many critical failure issues are covered as possible.

Finally, it is conceivable that processes and procedures will have changed during Y2000 Validation. These need to be implemented.

Deliverable

Exit Criteria

CoA

Name

Description

ID

Name

Prio

Description

5 Implementation

5A

Training

5B

Update Procedures

5C

Enterprise preparation

5D

Enterprise Y2000 Risk Management