Crawling to compliance

The clock is ticking.

In the final year before it is scheduled to strike, the Year 2000 technology problem is commanding global attention. Once an obscure software oddity, the now-infamous bug has become a major media event discussed at the United Nations and debated in Congress.

As the concern intensifies, federal agencies are working overtime to meet a White House-imposed March 31 deadline. If the agencies don't bring their systems into compliance, Y2K experts warn, Americans could feel the consequences in paralyzed air travel, nuclear plant shutdowns, or undelivered pension checks.

The gravity of the situation was underscored last night in President Clinton's State of the Union address.

"We must be ready for the 21st century from its very first moment, by solving the Y2K computer problem," Clinton declared. "If we work hard with state and local governments and businesses large and small, the Y2K problem can be remembered as the last headache of the 20th century, not the first crisis of the 21st."

The millennium bug refers to the fact that many computers are programmed to register only the last two digits of the year, meaning that "2000" may be read as "1900." If left uncorrected, such programs could generate errors and scramble the computers that companies use to keep track of customers, run their payrolls, and handle their accounts.

Despite the spring deadline the Clinton administration has set for federal agencies to have all mission critical systems prepared for the Year 2000 date change, a number of federal agencies are still far behind in their efforts to bring computer systems into Year 2000 compliance. Furthermore, the cost to rid all systems of the technology glitch will be $1 billion more than earlier estimates, according to the administration.

Although generally pleased with the progress that most federal agencies have made in bringing their computers into Y2K compliance, officials at the Office of Management and Budget said several still face "significant challenges."

For the first time since the OMB began reporting on Y2K status of federal government computers, the administration has acknowledged that some agencies may not make the March deadline for Year 2000 compliance and has urged agencies to develop contingency plans for systems that are not expected to be ready.

"We're going to have people without power and without telecommunication unless a lot more work is done at the local level," according to John Koskinen, the White House point man on the Y2K problem.

Making a system Y2K-compliant includes evaluating, testing, and in many cases rewriting software and replacing embedded microchips and individual lines of code. This can be done in house by information technology workers or through outsourcing and consulting contracts.

According to the OMB report, of the remaining 39 percent of the government's mission-critical systems that are not yet Y2K-compliant, 30 percent are still being repaired, 7 percent are still being replaced, and 3 percent will be retired.

At present, six agencies are not making adequate progress, down from seven in August. Seven agencies are making progress but with some concerns, down from eight last quarter. Eleven agencies are making satisfactory progress, compared with nine when the last report was released.

Reaction to the latest government Y2K progress report has been mixed.

The chairman of the House task force on the problem, Rep. Stephen Horn (R-California), released an earlier report card that details the progress of the largest efforts to avoid Year 2000 problems in federal computer systems and embedded chips.

"Unfortunately, the federal government has not made enough progress since the last report card when it also received a 'D,'" Horn said in a statement during the release of his report. "Executive branch departments and agencies are responding too slowly in assessing and repairing their mission-critical systems, their telecommunications equipment..., embedded-chip systems, and...data exchanges."

The White House's John Koskinen on the crisis. (CNET TV video) 1.5M

Jack Gribben, spokesperson for the President's Council on Year 2000 Conversion, said the latest report showed that some progress is being made by federal agencies on Year 2000 conversion. "But there are still some agencies that have a long way to go. As we have moved along it has become clear that some computers won't make the March 1999 deadline. About 10 to 15 percent of government systems will not meet the deadline."

Gribben insisted that the vast majority of the federal government will make the March deadline. But for those who do not, the administration will ask for monthly updates on the status of lagging Y2K programs and systems.

Reasons for missing the deadline vary depending on the agency. But a general criticism is that many agency heads have failed to establish solid management plans to tackle the job.

For instance, when the Defense Department was chastised by the General Accounting Office for moving at a snail's pace on its Y2K program, it was told to establish key management and oversight controls to enforce better management practices and develop a complete picture of its progress.

Gribben said not all of the systems that miss the deadline will be within agencies that are behind schedule or those put into the so-called Tier 1 category in the OMB report. That dubious distinction includes agencies, like the Pentagon, that are not making adequate progress; Tier II includes agencies such as the Education Department that are making progress but with concerns; and Tier III includes agencies making satisfactory progress, including the Environmental Protection Agency.

Regardless of the category, Gribben is quick to caution: "We can't tell you we won't have a system outside of the Tier I group that won't fail."

Although some agencies are lagging behind in their efforts to eradicate the bug, the majority of the federal government appears to be making the Y2K grade. But the same may not be the case for the private sector.

According to the Gartner Group, 23 percent of all companies have not started any Year 2000 effort. Of those, 83 percent are companies with fewer than 2,000 employees.

In April 1997, 50 percent of companies, across all industries, had not started Year 2000 efforts. By November 1997, the number dropped to 30 percent. By October 1, 1998, 23 percent of companies throughout the world had not started, 83 percent of which are defined as small companies.

The Connecticut-based technology services and consulting firm predicts that in January 2000, nearly 20 percent of all companies will still not have started. It predicts those companies will mostly be small firms and companies in lagging countries.

Of companies and government agencies worldwide, 30 percent to 50 percent will experience at least one mission-critical system failure (including all sizes, all industries, all countries) in the first three months of 2000. In the United States, 15 percent of companies and government agencies will experience a mission-critical system failure.

Jon Arnold, CTO, Edison Electric Institute, on dealing with people. (CNET TV photo) 1.7M

Ten percent of failures will last three days or longer, according to Gartner. The cost of recovering from a single failure after it occurs will range from $20,000 to as much as $3.5 million.

Although far behind their public sector counterparts, companies have been less open about their Y2K conversion progress. However, for those publicly traded companies required to report their Y2K progress to the Securities and Exchange Commission, status of work on the problem is significantly clearer.

In fact, some companies are admitting that they will not beat the clocks and expect some failures--statements that analysts say are being made to guard against possible securities litigation.

Corporate giants such as Chevron and AT&T say their systems may be vulnerable to significant failures as they grapple with the date change. McDonald's and DuPont are more confident their machines can handle the date change but are less sure about those of suppliers and local governments.

Dennis Grabow, CEO of the Millennium Investment, said the "corporate world's line is, 'We're making progress but are more worried about our suppliers and vendors.' We don't see that as the case."

Grabow, whose firm consults people on ways to protect their financial investments from Y2K disasters, said businesses still have not addressed most embedded systems affected by the problem. As an example, he pointed to Philadelphia-based chemical manufacturer Rohm and Haas's admission that it plans to shut down its plants in December to avoid glitches.

He said he has talked with companies that have already begun cutting off business with business partners that have not begun or are making slow progress with their Y2K conversion programs. He anticipates and warns his clients of a significant market correction this year because of system failures, conversion costs, and business decisions related to Year 2000 issues.

While many companies are developing elaborate contingency plans in anticipation of outside failures, others are still wrestling with modifications to their own systems, according to a recent report by Tryaxis Research.

Chevron has said it will not fix all its systems by December 31, 1999, and Year 2000 business interruptions could prevent it from making and delivering refined products and producing oil and gas. AT&T has acknowledged the potential for failure across its systems and has cranked up Year 2000 spending by more than 50 percent.

Nevertheless, while disclosing such problems in SEC filings may head off some lawsuits, it won't keep businesses running if the computers operated by the companies and their vendors don't work.

Jim Woodward, senior vice president of Cap Gemini America and head of its TransMillennium Services, says the urgency of the situation is obvious. Although it is more than 11 months before New Year's Eve, he said, "companies are already feeling the effects of the Year 2000 problem."  

Go to: Who will pay the bills?