InformationWeek

September 14, 1998

Executive Report: Keep Year 2000 Details Up-To-Date

By Bruce Caldwell

Return to:

he moment of truth is approaching. Corporate year 2000 projects will be scrutinized by outsiders who have the clout to seriously influence a company's future. Investors, regulators, lenders, bond rating agencies, and major customers and suppliers will want to see status reports.

The Securities and Exchange Commission is requiring companies to disclose details of their year 2000 risks, costs, contingency plans, and project status. Investors can sue a company if it appears that the company provided inadequate notice of an earnings shortfall because of year 2000 project expenses or problems.

chart In addition, lending institutions have plans to deny or, if the loan has already been made, require early payment of a loan if the borrower's year 2000 project isn't up to snuff. In the public sector, government bodies and school boards might find it impossible to raise money through bonds if their year 2000 efforts don't pass muster with rating agencies. Suppliers may find their customers turning to other sources if they can't satisfy them that everything possible has been done to avoid year 2000 problems in commercial transactions.

Also, CIOs might find themselves jobless-and, in some cases, the object of lawsuits-if the records disclosing the details of a year 2000 project are not there, or if the year 2000 project itself is inadequate and flawed. Whether a CIO is legally liable, says lawyer Clara Ruvan Martin, is contingent on a company's bylaws, the CIO's employment contract, or the responsibilities delegated to the CIO. Investors angered by falling stock prices linked to year 2000 woes might sue every person involved at a company. The question is, says Martin, "Are you a target?"

What can be done now? Double-check to make sure everyone in the organization who needs to be on-board with the year 2000 project-from the CEO down-is doing what needs to be done. Then have an outside auditor double-check. Pennsylvania, for instance, established a comprehensive audit and quality-control program two years ago for its year 2000 project, virtually assuring the state would have no trouble with bond-rating agencies. It just made sense to do so for such a massive, complex project, says Larry Olson, the state's deputy secretary for IT and an InformationWeek columnist.

Keep good records. Record everything done in a year 2000 project. Those records may be a company's most valuable asset in defense of a claim. That's what the securities industry did, documenting every step of its year 2000 compliance efforts. "This industry really pulled together to get something done," says Malcolm Chamalian, managing director at the Securities Industry Automation Corp., which provides IT services to the New York and American stock exchanges, among others.

However, recordkeeping could backfire if documents show a company didn't do enough to prevent the millennium bug from harming business. Still, good records are necessary for any organization to pass an inspection, and demonstrate good faith and good management. The absence of records would certainly alarm most outside examiners.

Editor-at-large Bruce Caldwell covers IT services and year 2000 issues.

"Executive Report: IT Innovators"

Back to This Week's Issue

Send Us Your Feedback

Top of the Page