InformationWeek

Y2K Stragglers

By Bronwyn Fryer

ompanies that are just beginning-or haven't yet begun-their year 2000 bug-hunt face rapidly diminishing options. "People that haven't begun to deal with the problem are in denial, and those who are just beginning to be aware of this problem are panicking," says Ken Orr, president of the Ken Orr Institute, a Topeka, Kan., consulting firm.

Unfortunately, a huge number of businesses are still far behind in addressing their year 2000 problem. According to a recent Gartner Group study, 30% of all companies internationally have not yet begun to deal with it. The majority of these are companies with 2,000 or fewer employees ( InformationWeek , Nov. 10, 1997, "Year 2000: No Small Job" ).

The first task for IT managers in companies that have missed the millennium boat is to force the CEO and board to wake up, says Lou Marcoccio, Gartner Group's year 2000 research director. "Starting now is extremely dangerous," he insists, "but compa nies can work 30% to 50% faster if the CEO owns the problem."

Unfortunately, too many CEOs are "Internots," a term coined by David Lewis, a London psychologist who specializes in IT-related problems. "An Internot is a closet Luddite," explains Lewis, adding that two in five business leaders he encounters are still in denial. "They're thinking that the year 2000 problem is hype or a way for consultants to make money," he says. "There's also a lot of corporate inertia. A lot of business leaders are on the Titanic, but they won't realize it until they discover they're knee-deep in water."

Brian Wengenroth, a VP in the IT division of New York consulting firm Booz, Allen & Hamilton, illustrates this point. He says many top executives he knows mistakenly believe that because their companies have recently implemented new systems, their troubles are over. He cites the example of the top management of a large oil company that recently implemented SAP and thus "assumed they didn't have a problem."

But while the c ompany was testing some of the equipment that controls oil valves in its refineries, engineers inadvertently discovered a host of new problems. "Thousands of terminals that control the [dispensation] of oil have old chips with a year 2000 problem. The chips all need replacing, but the new chips won't fit on the old motherboards," Wengenroth notes. "And the new motherboards don't fit the old valves, so all the valves have to be replaced, too." If the company doesn't address all these problems, it soon won't be able to deliver oil to its customers.

What does it take to wake up an Internot? Lewis suggests shock therapy: building a demo that graphically demonstrates what will happen to the company should a bread-and-butter system fail. For those who don't have time to build demos, a PC-based simulation tool -- Thinking Tools' Think 2000 at www.thinkingtools.com --may do the job. It creates a complex model of the business, including what areas of the business need to be addressed-and by when-and then delivers a detailed picture of what will happen if things aren't fixed by Jan. 1, 2000.

Others suggest raising the spectre of costly legal liability. Not only can public companies face charges from the Securities and Exchange Commission, but shareholders can sue the company for failure to convert systems. Regardless of size, a company also can face breach-of-contract suits from vendors. "Senior management needs to know that it will cost the company big bucks if they neglect to spot the issue," says Barry Weiss, a partner in the Chicago office of the IT law firm Gordon & Glickson P.C.

Fanning Out
Once top management has signed on, it should boldly, loudly, and continuously communicate the importance of the issue to the rest of the company. Then it must appoint year 2000 project managers for each and every busines s unit. These should report directly to the CEO. "Companies must stop all work on other projects and divert all dollars and resources to the year 2000 problem," says Gartner Group's Marcoccio. That may sound extreme, but Irene Dec, VP of corporate IT at Prudential Insurance Co. in Newark, N.J., says the chief reason her company is well ahead of most in addressing the issue is that the CEO insists it take top priority over all other projects. "We have a mandate from the top that this will be a nonevent to our customers," she notes.

Next, Marcoccio says, management should hire a trusted outside consultant-preferably through an established vendor with a long track record-to help begin risk assessment. Companies must "put as much money as possible" into examining every area of the business, and they must conduct a careful inventory of business area exposure, he adds.

For example, an oil company's greatest exposure may lie in the embedded chips that run refinery equipment; a service company may be most hur t if a critical supplier is not year 2000-compliant.

Regardless of the kind of business the company is in, "Management needs to step back and ask, `What will cause the business to fail?'" says Jennifer O'Neill, president of Cypher Systems, a year 2000 consulting firm in Calgary, Alberta.

At the same time, companies should create a detailed contingency plan for each application in case of failure. A company whose payroll system fails, for example, can perform a check run using information from the prior pay period, suggests Brian Keane, co-president of Keane and Co., a Boston IT consulting firm. "Sure, doing things that way doesn't eliminate the probability that mistakes will be made, but at least the check run will be 98% accurate," he says.

Organizations that are seriously behind should now be thinking about backing out of less-strategic lines of business, since those lines also threaten liability or otherwise badly affect the organization as a whole. "If you're in a financial service and your c redit-card business is marginally important to the company," suggests Booz Allen's Wengenroth, "you may want to consider axing it, selling it, or looking for alliance partners to bring into it."

Global Concerns
Analysts and consultants are especially concerned for global organizations with dispersed international offices. No wonder: By October 1996, only 9% of European companies had even completed an audit of their systems, according to a survey of 520 companies conducted by PA Consulting of London. Further, just 15% of European senior managers were reported to be fully aware of their problems. "The continuing low awareness is disappointing in view of the critical need for senior management backing and involvement if the problem is to be resolved," the survey concluded.

Wengenroth, who spends much of his time in Asia and South America, is particularly nervous about his clients' non-U.S. subsidiaries. "There's less oversight of the year 2000 problem outside the United States, and certain cultures have a reluctance to admit something might be wrong," he notes. "A big organization will say, `Oh, we've been collecting compliance data from our Asian subsidiaries,' but if you ask them if they've actually tested a certain system, you get a long, pregnant pause," he says.

"The question is, How do you know all your business units are making the progress they need to be making, especially if they're in a different country and culture?" he adds. "How do you make sure they're doing more than just glorified data collection?"

The answer: Assign a hard-nosed project manager to each overseas line of business, who will drive the conversion effort quickly into the remediation and testing stage.

Finally-and in tandem with all of the above efforts-companies should protect themselves from the legal risks that accompany the date-change problem, says Gordon & Glickson's Weiss. Aside from disclosing their present and future year 2000 susceptibility to the SEC, or their compliance information to clients, companies need to carefully review vendor contracts.

For instance, Weiss suggests, find out what contract provisions or intellectual property cover third-party systems, so you can correct the software without violating software licensing agreements. Also, track down any year 2000 warranties provided by vendors and find out whether the vendor can be held liable if the conversion fails.

Of course, the thought of dealing with salivating lawyers and consultants is off-putting. But putting off a long-overdue confrontation with the bug is no longer an option. "If a company's not interested in addressing their year 2000 problem at this point, I'd make sure I didn't have any investments in it," says Weiss. "All I can say to it is `Good luck.'"

Ten Key Year 2000 Questions

Has your company completed a comprehensive ana lysis of its year 2000 vulnerabilities? Have you allocated the budget and people necessary to deal with the problem? Have you sorted the most critical problems from the ones you can deal with later? Do you have contingency plans and backup options? Are your suppliers, distributors, and key customers addressing their own vulnerabilities? Have you examined legal liabilities? Are you adequately insured?

Have you properly disclosed your situation to your directors and shareholders? Are contingency plans in place should banks stop loaning money because of lack of progress toward compliance? Are your physical plants vulnerable to outages from systems containing embedded chips, such as elevators, heating, and air conditioning? Will government services critical to your business be compromised? DATA: Millennia III Inc.

Back to News in Review

Send Us Your Feedback

Top of the Page

Today's Top News

• 4 Keys To Storage Management
• 2010 Data Center Trends Report
• App-Aware Networks Get Closer To Reality
• 10 Steps To Ace A FISMA Audit
• App-Aware Networks Get Closer To Reality
• 10 Steps To Ace A FISMA Audit

See Image Galleries

Specialty Resources

• VIEW ALL BRIEFING CENTERS

Featured Microsite

 

---

---

CIOs & IT Professionals

• Black Hat
• Cloud Connect
• Dark Reading
• Enterprise 2.0
• Enterprise Efficiency
• HDI
• InformationWeek
• InformationWeek 500
• InformationWeek 500 Conference
• InformationWeek Analytics
• InformationWeek Events
• InformationWeek Global CIO
• InformationWeek Healthcare
• InformationWeek India
• InformationWeek SMB
• Intelligent Enterprise
• Interop
• Network Computing
• No Jitter
• Plug into the Cloud
• TechWeb.com
• VoiceCon

Software Developers

• Dr. Dobbs
• Dr. Dobbs M-Dev
• Dr. Dobbs Digest
• Dr. Dobbs Report
• TechWeb.com

Web & Digital Professionals

• Internet Evolution
• Web 2.0 Expo
• Web 2.0 Summit
• TechWeb.com

Government Officials

• Gov 2.0 Expo
• Gov 2.0 Summit
• GTEC
• InformationWeek Government
• TechWeb.com

Vertical Markets

• Advanced Trading
• Bank Systems & Technology
• InformationWeek Government
• InformationWeek Healthcare
• Insurance & Technology
• Light Reading / Telecom
• Wall Street & Technology

Game Industry Professionals

• Gamasutra.com
• Game Developer Magazine
• Game Developers Conference (GDC)
• GDC Austin
• GDC Canada
• GDC China
• GDC Europe

Global Communications
Service Providers

• Heavy Reading
• Heavy Reading Insiders
• Pyramid Research
• Light Reading
• Light Reading Mobile
• Light Reading Cable
• Light Reading Europe
• Light Reading Asia
• Ethernet Expo
• TelcoTV
• Tower Summit
• Light Reading Live & Virtual Events
• Webinars

Most Popular

• ANTenna
• Bob Evan's Global CIO
• Cable Catchup
• David Berlind's Tech Radar
• Digital Life
• Evil Bytes
• InformationWeek Analytics
• My Interop
• Jon Erickson's Blog
• Microsoft/Windows Blog
• Monkey Bidness
• Over the Air
• The Philter
• Valley Wonk
• Wolfe's Den

UBM TechWeb Reader Services

• About UBM TechWeb
• Advertising Contacts
• Technology Marketing Solutions
• Contact Us
• Feedback

• Reprints
• TechWeb Digital Library / White Papers
• TechWeb Events Calendar
• TechWeb.com

• Terms of Service
• |
• Privacy Statement
• |
• Copyright © 2010 UBM TechWeb, All rights reserved.

• InformationWeek Home
• News
• Blogs
• Software
• Security
• Hardware
• Mobility
• Windows
• Internet
• Global CIO
• Government
• Healthcare
• Financial

• About Us
• Contact Us
• Current Issue
• Back Issues
• Site Map
• Reprints
• Briefing Centers
• Editorial Calendar