InformationWeek.com

Welcome Guest. | Log In| Register | Membership Benefits

January 4, 1999

Y2K
Ready Or Not, Here Comes 2000

Contingency plans in spotlight as year 2000 troubles begin this year

By Bruce Caldwell

Related stories:

Year 2000 Resource Center

And From Our Sister Publications:

InternetWeek Y2K: Will you Make It?

Windows Tick, Tick, Tick...Are You Ready For 2000?

Planet IT Year 2000 Tech Center

oliday leaves and vacations at the Vanguard Group have been canceled for the turn of the century. The mutual fund company's principals and other critical employees will be staffing a war room dedicated to avoiding disruptions related to the year 2000 computer problem. "The is the year of being prepared," says Carol Dow, a principal in the IT group at Vanguard and head of its year 2000 project. A central war room will be in touch with smaller war rooms in business areas throughout the company to watch closely for problems and act quickly if something goes wrong.

Like Vanguard, companies across the country are drawing up year 2000 contingency plans as the millennium nears. Businesses are establishing clear chains of command and control for year 2000 emergencies and establishing monitoring and repair procedures. They're carefully watching their suppliers, with the intent to replace them before they become a problem. Most companies also are canceling leave time to ensure they have enough personnel at the turn of the century.

But focusing on that moment alone would be a mistake. A mere 8% of the total year 2000 disruptions will take place on Jan. 1, 2000, according to Lou Marcoccio, an analyst at Gartner Group Inc. Problems will arise throughout this year, double in volume in 2000, and trail off in 2001, Marcoccio predicts.

bar chart

Indeed, the number of organizations that will still be working on year 2000 assessments, inventories, remediation, and testing throughout this year and into next is substantial. Only 33% of the 300 IT executives surveyed in November by InformationWeek Research said their strategic systems were already compliant. The majority, 53%, expect to need the first quarter or half of this year to finish strategic systems compliance, with the rest finishing up nearer to or after Jan. 1, 2000. Recently, the Federal Reserve Board proposed giving banks merging between July 1998 and May 1999 more time to tackle the problem. The Fed is offering to treat such merged companies as separate banks until June 1, 2000.

Also, many packaged commercial applications--83% according to Gartner Group--have yet to be brought into compliance, delaying completion of year 2000 projects. Also, applications that forecast into the future by specific periods of time, could fail. In addition, the "9999" marker that's frequently used to indicate the end of a file could screw up apps: When April 9, 1999 (the 99th day for systems using the Julian calendar) and Sept. 9, 1999, roll around, these applications could terminate.

The majority of respondents to the InformationWeek Research survey expect problems--mostly brief glitches and slight data losses, but significant numbers anticipate financial losses and prolonged business disruptions. No wonder year 2000 was voted the top strategic priority by survey respondents, cited by 19%. ERP came in a fairly distant second, at 11%. More than two-thirds of the respondents said their year 2000 budgets will increase or stay the same this year.

Beyond Technology
The pervasiveness and multiple aspects of the year 2000 problem make it as much a logistical nightmare as a technical one. The volume and cost of non-IT work will double and triple in the coming year, Gartner Group's Marcoccio says. Non-IT work includes preparation of compliance disclosure statements required by the Securities and Exchange Commission as well as by business partners; compliance work related to embedded products, services, and investments; and public and investor relations. Insurance costs and legal fees related to broken contracts with suppliers that need to be replaced because of noncompliance are also destined to grow, Marcoccio says.

bar chart

When it comes to computer systems, year 2000 problems are likely to occur as multiple, simultaneous events, according to Gartner Group, and only 10% of them will last more than three days. These problems will cost between $10,000 and $3.5 million each to resolve, Gartner says.

Capers Jones, chief scientist at Artemis Management Systems and author-researcher on software productivity, uses a four-level severity scale to rate year 2000 problems. Half of these glitches, he says, will be level one, stopping software in its tracks. Based on his analysis of thousands of incidents, 30% of level-one problems can be fixed in a day or less, 65% in one week, and 5% in one month. Another 40% of year 2000 problems will be level two, in which the software runs but not as it should, says Jones. Again, the majority, 55%, of these problems will take a week to fix, while 15% will be repaired in a day or less and 30% in a month or more.

The time to repair lengthens as the severity level drops, Jones says, because the most serious problems are dealt with immediately, while the less-severe ones are handled as time permits. Most level-three and level-four problems, which involve minor errors and cosmetic problems, will be given little to no attention.

Whatever its level, a year 2000 computer problem and its solution may not be readily apparent. A problem, for example, could be technical in origin, but require business acumen in addition to technical action. A contingency plan might require a cutover to a different supplier, which could involve contractual issues as well as staffing and business-process issues.

Complications
Coordination can be particularly complicated when corporate lines of authority are unclear. This is the case at Reed Elsevier plc, a $6 billion publisher created in a 1993 merger of London's Reed International plc and Amsterdam's Elsevier NV. A single CEO for the merged companies won't be named until April, and the company's many business units, subsidiaries, and new acquisitions further complicate internal lines of communication. Year 2000 program management is centralized in the Reed Elsevier Technology Group, says Allan McLaughlin, VP of IS and acting head of the group.

The publisher has already seen how year 2000 problems can disrupt operations. Three-year subscriptions issued in 1998 were seen as ending in 1901 instead of 2001 and considered expired by the systems as soon as they were input, says McLaughlin. While the subscriptions were still fulfilled, the erroneous data about the expiration of the subscription was causing internal confusion for the company.

To address such problems, Reed Elsevier is developing a "CEO road map" that governs year 2000 contingency plans. The road map is meant to help business unit CEOs understand what the potential breaking points are, prioritize these points, and decide which problems can be delegated down and which ones need to be handled by the CEO. Reed Elsevier is also forming hub-and-spoke command centers staffed round-the-clock by technical, operations, and business personnel to help diagnose and prioritize simultaneous year 2000 problems.

Tight coordination is also essential at Merrill Lynch & Co., because "there will be so many moving parts the week before and two weeks to 30 days after Jan. 1, 2000," says Art Thomas, senior VP of global operations services at the financial services firm, which is also setting up year 2000 command centers.

Before these command centers are put into operation, Merrill Lynch is taking a number of other risk-management steps. The company has been closely monitoring some 3,300 IT vendors and 18,700 IT products for year 2000 compliance, says Bob Dieckmann, a first VP and director of year 2000 program management. Of those products, 65% are compliant, 25% are under review, and 10% will never be compliant. Contingency plans have been drawn up for the replacement of any vendor and/or products that aren't compliant before the third quarter.

The company itself will be working on remediation of 80 remaining systems during the first and second quarters. These systems, which represent 4% of the total at Merrill Lynch, weren't remediated by the end of 1998 because they were recently inherited through acquisitions. "We don't plan to go into the third quarter with anything hanging," says Dieckmann.

Merrill Lynch is also expanding its customary year-end freeze on new development and enhancements. Normally, the freeze is in effect for the last two weeks of the year and the first week of the new year to make sure nothing interferes with the production of year-end reports. This year, Dieckmann notes, that freeze will go into effect in mid-October and extend into 2000.

bar chart

Systems Tests
Once compliance work is complete, Merrill Lynch will be testing, testing, and re-testing throughout the year. Testing of service providers and products will be complete by the second quarter, when the Securities Industry Association's industrywide tests will also be finished. From January through September, the company will test its systems on an end-to-end basis.

Fortunately, Dieckmann says, Merrill Lynch chose to remediate systems by field expansion rather than windowing. The windowing technique means that some remediated code isn't tested by the real world until the actual date change occurs, triggering a conversion process. In field expansion, code fixes work as soon as the system is in production.

While damage estimates are hard to predict, one thing is clear about the weekend that begins Jan. 1, 2000: Plenty of people will be on hand to witness whatever happens. Says Peter de Jager, a year 2000 author, lecturer, and InformationWeek columnist, "I predict most programmers will be sleeping on cots in data centers everywhere." Exactly what they wake up to depends largely upon what they--and everyone else--has done during this year of preparation.

next story: Web Commerce: E-Business Work Starts