[Senate Hearing 106-22]
[From the U.S. Government Publishing Office]



                                                         S. Hrg. 106-22


 
                       YEAR 2000 COMPUTER PROBLEM

=======================================================================

                                HEARINGS

                               before the

                      COMMITTEE ON APPROPRIATIONS
                          UNITED STATES SENATE

                       ONE HUNDRED SIXTH CONGRESS

                             FIRST SESSION

                               __________

                            SPECIAL HEARING

                               __________

         Printed for the use of the Committee on Appropriations


                               


 Available via the World Wide Web: http://www.access.gpo.gov/congress/senate

                                 ______

                       U.S. GOVERNMENT PRINTING OFFICE
 54-532 cc                    WASHINGTON : 1999
_______________________________________________________________________
            For sale by the U.S. Government Printing Office
Superintendent of Documents, Congressional Sales Office, Washington, DC 20402
                           ISBN 0-16-058384-5


                        COMMITTEE ON APPROPRIATIONS

                     TED STEVENS, Alaska, Chairman
THAD COCHRAN, Mississippi            ROBERT C. BYRD, West Virginia
ARLEN SPECTER, Pennsylvania          DANIEL K. INOUYE, Hawaii
PETE V. DOMENICI, New Mexico         ERNEST F. HOLLINGS, South Carolina
CHRISTOPHER S. BOND, Missouri        PATRICK J. LEAHY, Vermont
SLADE GORTON, Washington             FRANK R. LAUTENBERG, New Jersey
MITCH McCONNELL, Kentucky            TOM HARKIN, Iowa
CONRAD BURNS, Montana                BARBARA A. MIKULSKI, Maryland
RICHARD C. SHELBY, Alabama           HARRY REID, Nevada
JUDD GREGG, New Hampshire            HERB KOHL, Wisconsin
ROBERT F. BENNETT, Utah              PATTY MURRAY, Washington
BEN NIGHTHORSE CAMPBELL, Colorado    BYRON L. DORGAN, North Dakota
LARRY CRAIG, Idaho                   DIANNE FEINSTEIN, California
KAY BAILEY HUTCHISON, Texas          RICHARD J. DURBIN, Illinois
JON KYL, Arizona
                   Steven J. Cortese, Staff Director
                 Lisa Sutherland, Deputy Staff Director
               James H. English, Minority Staff Director



                            C O N T E N T S

                              ----------                              

                        Friday, January 15, 1999

                                                                   Page

Statement of John Koskinen, Chairman, President's Commission on 
  Year 2000 Conversion...........................................     1
Opening statement of Hon. Ted Stevens............................     1
Statement of Hon. Christopher S. Bond............................     2
Prepared statement of Senator Christopher S. Bond................     3
Prepared statement of Senator Patrick J. Leahy...................     4
Prepared statement of John A. Koskinen...........................     9
7th Quarterly Report--Progress on Year 2000 Conversion...........    21
The President's Council on Year 2000 Conversion--First Quarterly 
  Summary of Assessment Information--January 7, 1999.............    48

                      Wednesday, January 20, 1999

Statement of David M. Walker, Comptroller General of the United 
  States, General Accounting Office..............................    95
Opening statement of Hon. Ted Stevens............................    95
Prepared statement of David M. Walker............................   103
The Federal Government has enhanced its approach.................   104
GAO's efforts to help meet the challenge.........................   106
Serious risks remain.............................................   106
The Nation as a whole faces significant year 2000 challenges.....   108
GAO reports and testimony addressing the year 2000 problem.......   110

                                  (iii)



                       YEAR 2000 COMPUTER PROBLEM

                              ----------                              


                        FRIDAY, JANUARY 15, 1999

                                       U.S. Senate,
                               Committee on Appropriations,
                                                    Washington, DC.
    The committee met at 9:32 a.m., in room SD-192, Dirksen 
Senate Office Building, Hon. Ted Stevens (chairman) presiding.
    Present: Senators Stevens, Bond, Gorton, Burns, Bennett, 
Campbell, Craig, Kyl, Reid, and Durbin.

             PRESIDENT'S COMMISSION ON YEAR 2000 CONVERSION

STATEMENT OF JOHN KOSKINEN, CHAIRMAN


                 opening statement of hon. ted stevens


    Chairman Stevens. Good morning. This is the first hearing 
of the Senate Appropriations Committee for this One Hundred 
Sixth Congress. The topic is the year 2000 computer conversion.
    Let me first tell you what this is not. I have been reading 
the periodicals concerning Y2K. This is Jane Bryant Quinn's 
``Help, Y2K is on the Way'' article in Newsweek. This is the 
Time Magazine, ``The End of the World: Y2K Insanity,'' et 
cetera. And they talk about the end of the world as we know it, 
the millennium bug.
    Now, that is a very serious proposition and I think we are 
all interested in those articles. But that is not what we are 
talking about. We believe that this is one of the top priority 
items for the Federal Government, and we are going to start a 
series of oversight hearings. That is why I have decided to try 
and start off with this one.
    I am very grateful to the Chairman of the President's 
Council on the Year 2000 Conversion, John Koskinen. He has 
agreed to come today so we can make some inquiries about this 
subject.
    To give you a little bit of background, in 1997 our 
committee directed the Office of Management and Budget to make 
quarterly reports to Congress on the progress of efforts to fix 
the Y2K community computer problems for the Federal systems. 
The seventh quarterly report was issued in early December. As 
of that time, six agencies were listed as not making adequate 
progress, seven agencies were making progress but some concerns 
still remained, and eleven agencies were making satisfactory 
progress.
    We are interested in knowing what Mr. Koskinen's--am I 
saying that right? ``KOS-ki-nen''; I'm sorry, apologies--group 
is doing to assist those Federal agencies. Within his 
responsibility is the effort to coordinate the overall 
compliance effort, including not only the Federal Government, 
but the State and Federal Governments too, as I understand it, 
John.
    We hope to get some information from him on what progress 
that he believes is being made before we call some of these 
Federal agencies to come and tell us how they're doing.
    At the request of this committee last year, we started off 
without a request from the President a $3.35 billion emergency 
funding, which finally became part of the omnibus 
appropriations bill. We earmarked $1.1 billion for defense-
related activities, $2.25 billion for non-defense activities, 
which included $29.9 million to be transferred to the 
Legislative Branch, General Accounting Office (GAO), and the 
Judicial Branch.
    There were two rounds of allocations from these funds, I'm 
informed, these emergency appropriations funds. We hope to 
learn about those allocations and the plans of the 
administration, if Mr. Koskinen can tell us, for the remaining 
funds.
    In addition, we want to learn more about the outreach to 
State and local governments, and to the private sector. I do 
not know if you know it, but I asked Senator Bennett to loan me 
his staff and we had a sort of a seminar in Anchorage last year 
to discuss with Alaskans and Alaskan business, State 
government, local government, what was being done to become 
compliant with the Y2K.
    We believe we are probably more affected than most people 
because we rely so much upon the transportation, communication 
and distribution efforts of the systems and we are sort of the 
end of the line, totally dependent upon air transportation and 
the communications capability that is regulated by the Federal 
Government.
    I know that this is short notice. I personally feel that 
the dire predictions we are reading can be averted and it is 
necessary that we take steps to assure that the Federal 
Government leads the system in terms of compliance.
    I expect that several of our members will want to have an 
opportunity to discuss these concerns with you this morning, 
and I would say I would hope that under the circumstances--we 
all know we have about 2 hours--that we would all keep our 
comments short, and that is what I have tried to do.
    So let me yield here at this time to see if any of my 
colleagues has any opening statement. Senator Campbell?
    Senator Campbell. No, I have none.
    Chairman Stevens. Senator Reid?
    Senator Reid. Mr. Chairman, I am wondering if, just because 
you are chairman of the committee, does this room have to feel 
like we are in Alaska?
    Chairman Stevens. Well, I knew how it would feel, so I wore 
one of these nice little sweaters, you see.
    Senator Reid. I have no statement.
    Chairman Stevens. I think it is just because we have not 
been in here for a while. We are starting to heat it up now.
    Senator Bond.


                 statement of hon. christopher s. bond


    Senator Bond. Mr. Chairman, I have this wonderful lengthy 
statement that I have a feeling I am going to submit for the 
record. I thank you and Mr. Koskinen for being here.
    Chairman Stevens. Well, why do you not summarize it for us.
    Senator Bond. It is important for us to oversee Congress' 
efforts to help the Executive Branch become Y2K compliant. We 
are anxiously watching all of the agencies under our 
jurisdiction to see that they are in fact compliant, and we 
would like assurances that their kind words and encouraging 
outlooks are in fact reliable.
    As the chairman of the Small Business Committee, I am most 
anxious to see small businesses become Y2K compliant, and I 
think that agencies that deal with the small business community 
must realize that this is one of the great areas of danger that 
many smaller businesses, not necessarily the smallest ones that 
operate on a yellow pad and a calculator, but some of the 
smallest ones, could face.
    We are trying in the Small Business Committee to address 
that problem with a loan guarantee program and some other 
activities. I hope that when you establish the strategic 
advisory group you will have bona fide representatives of small 
business--and by small business we mean not just the 
manufacturing sector, but the service sector--so that you will 
be able to provide assistance to them as well.
    I thank the Chair.
    [The statement follows:]

           Prepared Statement of Senator Christopher S. Bond

    I want to thank Chairman Stevens for holding this important 
hearing on the Year 2000 (Y2K) computer problem and holding it 
this early in the session. This hearing is a good example of 
how we are continuing to do the people's business, despite all 
that is occurring now. One of those issues that is a priority 
for the nation is the Year 2000 computer problem.
    I would like to thank Mr. Koskinen for appearing today to 
update this Committee on the Administration's efforts to ensure 
that the Executive Branch is Y2K compliant. It is incumbent on 
Congress to closely oversee each agency's efforts to make its 
systems Y2K compliant. I look forward to addressing with Mr. 
Koskinen the compliance status of those agencies over which my 
subcommittee has jurisdiction.
    In addition to the government's Y2K compliance, Congress 
and the Administration, together, should also do everything 
practicable to ensure that the private sector is ready for the 
Y2K problem. The economic consequences will be extreme if 
numerous businesses fail or face prolonged periods for which 
they cannot do business because of the Y2K problem.
    As Chairman of the Senate Committee on Small Business, I 
have been specifically concerned about the nation's small 
businesses being aware of the Y2K problem and then becoming Y2K 
compliant. That is why last Congress I introduced the Small 
Business Year 2000 Readiness Act. This bill would have provided 
small businesses with the resources necessary to repair Year 
2000 computer problems. The Committee on Small Business adopted 
the bill by a unanimous vote and the full Senate approved by 
unanimous consent. Unfortunately, the House of Representatives 
did not act on the legislation prior to adjournment. I intend 
to reintroduce a similar bill at the earliest possible time.
    The consequences of Congress not taking action in assisting 
small businesses to become Y2K compliant are too severe to 
ignore. Last June, the Committee on Small Business, which I 
chair, held hearings on the effect the Y2K problem will have on 
small businesses. The Committee learned that an estimated 4.75 
million small employers are exposed to the Y2K problem. This is 
82 percent of all small businesses that have at least two 
employees.
    Moreover, the Committee also received information 
indicating that 700,000 small businesses may either shut down 
due to the Y2K problem or be severely crippled. Such failures 
will affect not only the employees and owners of failed small 
businesses, but also their creditors, suppliers and customers. 
Given these facts, it is easy to forecast that there will be 
severe economic consequences if small businesses do not become 
Y2K compliant.
    In addition to the foregoing, concerns have recently been 
raised that there may be a credit crunch this year with 
businesses, especially small businesses, unable to obtain 
financing if they are not Y2K compliant. This was not foreseen 
by the Appropriations Committee last year when it put together 
the supplemental appropriation legislation providing federal 
agencies with funds to fix their Y2K problems. It may be 
appropriate to review whether a portion of those funds may be 
available to assist the private sector in obtaining loans to 
become Y2K compliant.
    Again, I would like to thank Chairman Stevens for holding 
this hearing and I look forward to hearing from Mr. Koskinen.

                     additional submitted statement

    Chairman Stevens. Senator Leahy has requested that this 
statement be included in the Record. If there are any other 
statements they will be included also.
    [The Statement Follows:]

             Prepared Statement of Senator Patrick J. Leahy

    Mr. Chairman, the countdown keeps ticking on America's 
computer readiness for the year 2000. This hearing continues 
Congress' efforts to monitor Y2K readiness progress.
    Even in these very difficult times, I was very pleased with 
the Congress' bipartisan approach regarding the Hatch-Leahy Y2K 
readiness law that we passed last Congress. A team of Senators 
from both parties worked together to enact a law that will help 
ensure that everyone--consumers, small business owners, our 
military forces, corporations, local governments, and federal 
agencies--will be as ready as possible for the year 2000. I was 
pleased that we produced a bipartisan consensus bill supported 
by the Administration, and the industries most engaged in 
resolving Year 2000 problems such as the following industries: 
telecommunications, electric utilities, manufacturers, 
auditors, the computer hardware and software manufacturers, 
banking, financial services and information technology.
    In addition, in my home state of Vermont I am sponsoring--
with the Small Business Administration--a symposium on Y2K 
issues and solutions that will be carried live state-wide on 
February 19 on Vermont Interactive Television. I want to make 
sure that all Vermonters are able to get the information they 
need well ahead of midnight on December 31.
    In this same vein, the Hatch-Leahy Y2K readiness law 
contained an amendment which I included to mandate operation of 
a massive Y2K website for consumers, small businesses and local 
governments. This websites contains numerous valuable links and 
serves as a starting point on were to obtain Y2K conversion 
assistance. The address is: www.itpolicy.gsa.gov/mks/yr2000/
y2khome.htm and is also easy to locate on any website searchers 
under simply ``Y2K''.
    Also, I want to thank the President for his efforts 
regarding getting the federal government ready for the year 
2000. On December 28, 1998, the President announced that on New 
Year's Day 2000 that the ``millennium bug will not delay the 
payment of Social Security checks by a single day'' and that 
the social security system is 100 percent ready for the year 
2000. This is extremely important to thousands of Vermonters.
    In addition, the Chair of the President's Council on Year 
2000 Conversion, John Koskinen, has been working hard to 
prevent Y2K conversion problems. I appreciate his efforts.
    At least thousands, and possibly millions, of information 
technology computer systems, software programs, and 
semiconductors are not capable of recognizing certain dates in 
1999 and may not interpret dates in the Year 2000 correctly. 
These Year 2000 problems could cause incapacities in essential 
systems which, in turn, could affect our electric power grids 
and telecommunications, financial markets and health care, and 
government and defense systems. Reprogramming or replacing 
computer systems in a timely and thorough manner is thus a 
matter of paramount necessity for U.S. economic and national 
security.
    The purpose of the ``Year 2000 Information and Readiness 
Disclosure Act'', S. 2392, which passed last year, was to help 
break the silence and encourage full disclosure and exchange of 
Year 2000 computer problems, solutions, test results, and 
general readiness. The bill provides limited liability 
protection for a limited time for specific types of Year 2000 
information that is considered essential to remediation 
efforts. What the bill does not do is provide liability 
protection for failures that may arise from Year 2000 problems. 
The bill thus promotes company-to-company information sharing 
while not limiting rights of consumers.
    Mr. Chairman, I look forward to working with you on Y2K 
funding issues and appreciate your willingness to provide 
additional support for federal agencies and their Y2K efforts. 
The Omnibus Appropriations Bill which I supported last year 
provided a total of $3.35 billion for emergency expenses 
related to Year 2000 conversion of Federal information 
technology systems and related expenses.

    Chairman Stevens. Well, Senator, I think that is an 
interesting comment, because I am hopeful that the 
subcommittees will now, once we get through this and maybe 
another hearing that we will have, will pursue this and make 
the Y2K issue a priority issue for each of the subcommittees. 
For instance, I have been told that the Agency for 
International Development has not received Y2K supplemental 
funds. We are very interested in that in Alaska because of our 
relationship to Eastern Russia and what we are trying to do to 
help them become part of the free enterprise system.
    We are also told that the date that we should all realize 
has been established by the Federal Government--I do not know 
whether it was you or the GAO--the goal is that all agencies 
will be compliant by March 30th of this year, 1999. We do 
intend to ask the GAO to come in and tell the full committee, 
hopefully next week, what has been done in their opinion.
    Then I want to urge each subcommittee to call in agencies 
under the jurisdiction of that subcommittee and ask them what 
they are doing and do they have the funds necessary. I still 
believe the $3.35 billion was necessary and should be 
sufficient, but if more funds are needed we need to know soon 
if we should urge Office of Management and Budget (OMB) to give 
us a request for additional money.
    These dire predictions of doomsday I think are going to 
increase through the year unless we really make this the 
priority it should be.
    Any other comment from members?
    [No response.]
    Chairman Stevens. Let me thank you again for coming. You 
have a very important job, in my opinion. I believe this is the 
first priority of Congress and the Executive Branch, is to get 
this issue behind us. So thank you very much for coming.
    Mr. Koskinen. Thank you, Mr. Chairman. As Chair of the 
President's Council on Year 2000 Conversion, I am pleased to 
appear before the full committee----
    Chairman Stevens. Would you pull that mike up toward you, 
please.
    Mr. Koskinen. Yes.
    I am pleased to appear before the committee to discuss the 
Federal Government's progress on the Year 2000, or Y2K as it is 
known, computer problem and the contingency emergency funds 
that have been provided by Congress for this important work.
    With your permission, Mr. Chairman, like Senator Bond, I 
would like to submit my full statement for the record and 
summarize it here, and also for the record submit the most 
recent OMB quarterly report, the report of the two submissions 
under the emergency funds, and a recent quarterly report from 
the President's Council summarizing the assessment information 
which we have from the private sector about its state of 
readiness.
    Chairman Stevens. Your statement is fairly short, but do 
whatever you want.
    Mr. Koskinen. That is fine. Thank you.
    I appreciate the strong support this committee and you in 
particular, Mr. Chairman, have provided the Federal agencies in 
their Y2K efforts, and I especially appreciate your strong 
leadership in building upon the President's fiscal year 1999 
request for a general emergency fund to create a specific 
designated emergency contingency fund for Y2K remediation.
    The creation of this fund was an important step because, as 
you know, the Y2K problem presents us with a management 
challenge unlike any we have ever seen. As a result, the 
experience in the private sector as well as in Federal agencies 
has been that it is impossible to predict with total accuracy 
the precise demands associated with completing Y2K work.
    With 350 days remaining, the government does not have time 
for the normal supplemental appropriations process to provide 
funding for critical needs in this area, which is why the 
contingency funding you have provided is so significant.
    I am pleased to report that the Federal Government 
continues to make strong, steady progress in solving its Y2K 
problems. As you know, the Federal Government is the only large 
organization in the world with a transparent process for 
reporting on its progress in addressing the Y2K problem. Each 
quarter, as you noted, agencies report in detail to the Office 
of Management and Budget and to the Congress on the state of 
progress of their Y2K work.
    According to the most recent OMB report, released last 
month, 61 percent of all Federal mission critical systems are 
now Y2K compliant, more than double the 27 percent that were 
compliant a year ago.
    Senator Reid. What was that number again?
    Mr. Koskinen. 61 percent.
    The report also states that, of critical systems requiring 
repair work, 90 percent had been fixed as of the beginning of 
November and are now being tested.
    Let me share with you a few examples of recent progress. 
Referring again to Senator Bond's comment on and great interest 
in small business, as of November 15th the Small Business 
Administration had completed all of its work on all of its 
critical systems, ensuring that Small Business Administration 
(SBA) assistance to the Nation's 24 million small businesses 
will not be interrupted in January of the Year 2000.
    At the end of last month, as I am sure you noted, the 
President announced that, thanks to the joint efforts of the 
Social Security Administration and Treasury's Financial 
Management Service, the Social Security System is now Year 2000 
compliant.
    The President has established an ambitious goal of having 
100 percent of the government's mission critical systems Y2K 
compliant by March 31, 1999, 9 months in advance of the 
transition to the Year 2000, which is well ahead of many 
private sector system remediation schedules. As the chairman 
noted, I think it is appropriate and I think it will be 
important for the Federal Government to establish that in fact, 
while there has been a lot of grumbling about and criticism of 
its efforts, we expect that the government will complete its 
work in advance of many private sector industries.
    Although much work remains, we expect that over 80 percent 
of the government's mission critical systems will meet the 
March goal, and monthly benchmarks with a timetable for 
completing the work will be available for every mission 
critical system still being tested or implemented at that time.
    We expect that all of the government's mission critical 
systems will be Year 2000 compliant before January 1, 2000. 
This does not mean that we are without significant challenges. 
For example, while the Defense Department continues to make 
progress in addressing its massive Y2K challenge, OMB reported 
that the Department of Defense (DOD's) rate of progress 
indicates that all of its systems will not meet the March goal 
of 100 percent compliance.
    At a day-long meeting last Saturday at the Pentagon to 
review the status of all DOD mission critical systems, Deputy 
Secretary Hamre and I were advised that most systems will 
either meet the March date or be in the process of 
implementation at that time.
    At Health and Human Services (HHS), the Health Care 
Financing Administration has now finished renovating and 
testing all of its internal systems. However, a tremendous 
amount of systems work and contingency planning will remain 
after March by its Medicare contractors, 60 large companies 
that administer the system. Nonetheless, while that work 
remains, those same contractors are expected to complete 
renovation and testing by the government-wide goal of March 31.
    At the Transportation Department, the Federal Aviation 
Administration (FAA's) rate of progress has improved 
dramatically, but the percentage of the Department of 
Transportation's critical systems that have been tested and 
implemented continues to lag behind the government-wide 
schedule. Nonetheless, I am confident that the air traffic 
system will be totally compliant well in advance of the Year 
2000.
    The availability of emergency contingency funding is 
playing an important role in the ability of agencies to meet 
the Y2K challenge head on, even as they encounter new and 
unexpected Y2K expenditures. Last year's omnibus appropriations 
bill provided, as the chairman noted, a total of $3.35 billion, 
$2.25 billion for non-defense agencies and $1.1 billion for 
defense, for emergency expenses related to Year 2000 conversion 
of Federal information technology systems and related expenses.
    Since the completion of the fiscal year 1999 appropriations 
process, OMB has worked with the agencies to identify 
activities that were included in the President's fiscal year 
1999 budget that Congress directed to be funded from the 
contingent emergency reserve, as well as critical requirements 
that have been identified since the President's fiscal year 
1999 budget was transmitted last February. For these new 
requirements, OMB is reviewing each agency request carefully to 
ensure that funds requested were unanticipated and will solve 
the Year 2000 problem.
    Of the $2.25 billion available for non-defense agencies, 
$1.2 billion has been allocated to date. On November 6, 1998, 
OMB requested the release of $891 million in non-defense 
spending for 17 agencies. OMB requested an additional $338 
million in non-defense spending for 21 agencies on December 
8th. These transfers will support a wide range of activities to 
ensure that important computer systems throughout the Federal 
Government will operate smoothly through the Year 2000 and 
beyond.
    As noted, I have submitted for the record with my testimony 
a copy of the December 8 OMB document which summarizes both 
requests.
    A third request for expenditures from the emergency funds 
is expected to be transmitted to Congress by OMB before the end 
of this month. With regard to the $1.1 billion made available 
by Congress for defense activities, the Defense Department 
furnished OMB with a report on January 8th, last Friday, on how 
DOD plans to use its portion of the supplemental appropriation. 
OMB is currently reviewing the proposal and anticipates making 
recommendations shortly.
    It has been clear from the start that, to operate 
effectively, Federal systems often depend upon a large number 
of outside, non-Federal systems. State systems that support 
State-administered Federal programs such as unemployment 
insurance and Medicaid must work properly for Federal systems 
to effectively carry out their tasks in those areas. At United 
States (U.S.) embassies around the world, Federal systems 
depend on the functioning of host country systems for their 
operations.
    The Federal Government does not have a responsibility to 
fix or pay for the fixes to non-Federal systems, whether they 
be in the private sector, at the State and local level, or 
internationally. However, in some areas it is appropriate for 
the Federal Government to support planning activities and the 
sharing of best practices related to remediating non-Federal 
systems insofar as this contributes to Federal interests and 
the effective operation of Federal systems.
    This support could be critical in key infrastructure areas, 
such as telecommunications and transportation, where States and 
international entities are working together to ensure a 
seamless transition to the Year 2000.
    Progress is being made on the Y2K problem in the Federal 
Government, at the State and local level, in the private 
sector, and internationally. But much work remains to be done 
and I think it is appropriate, Mr. Chairman, for this to be the 
highest priority for Congress and the Executive Branch. As I 
have said often, not every system is going to be fixed by 
January 1, 2000. However, I am confident that difficulties for 
the economy or the public will not be the result of the direct 
failure of any Federal system.
    Agencies are focused on this problem and are managing 
toward ambitious goals for completing their work. The Federal 
Government's successful resolution of the Year 2000 problem in 
its systems will be a tribute to the skill, dedication, and 
hard work of thousands of career employees working across the 
government. It is my pleasure to assist them in whatever way I 
can as part of this vital national effort.

                           prepared statement

    I thank the committee again for its support on this 
important matter and I would be happy to answer any questions 
that you may have.
    [The statement follows:]
                 Prepared Statement of John A. Koskinen
    Good morning, Mr. Chairman. As Chair of the President's Council on 
Year 2000 Conversion, I am pleased to appear before the Committee to 
discuss the Federal Government's progress on the Year 2000 (Y2K) 
computer problem and contingency funding for this important work.
    I appreciate the strong support the Committee has given to Federal 
agencies and their Y2K efforts. I especially appreciate your 
leadership, Mr. Chairman, in building upon the President's fiscal 1999 
request for a general emergency fund to create a specific, designated 
emergency contingency fund for Y2K remediation.
    The creation of this fund was an important step because, as you 
know, the Y2K problem presents us with a management challenge unlike 
any we have ever seen. As a result, the experience in the private 
sector as well as in Federal agencies has been that it is impossible to 
predict with total accuracy the precise demands associated with 
completing Y2K work. With 350 days remaining, the Government does not 
have time for the normal supplemental appropriations process to provide 
funding for critical needs in this area, which is why the contingency 
funding you have provided is so significant.
Federal Agency Progress
    I am pleased to report that the Federal Government continues to 
make strong, steady progress in solving its Y2K problems.
    As you know, the Federal Government is the only large organization 
in the world with a transparent process for reporting on its progress 
in addressing the Y2K problem. Each quarter, agencies report in detail 
to the Office of Management and Budget (OMB) and to Congress on their 
Y2K efforts. The number of mission-critical systems in each agency has 
been identified, and progress is reported in terms of assessment, 
remediation, testing, and implementation. For the past two years, OMB 
has been issuing public summary reports on the status of agency Y2K 
activities.
    According to the most recent OMB report released last month, 61 
percent of all Federal mission-critical systems are now Year 2000 
compliant--more than double the 27 percent compliant a year ago. These 
systems have been tested and implemented and will be able to accurately 
process data through the transition from 1999 into the Year 2000. The 
report also states that, of critical systems requiring repair work, 90 
percent have been fixed and are now being tested.
    Let me share a few examples of recent progress. As of November 15, 
the Small Business Administration (SBA) had completed work on all of 
its critical systems, ensuring that SBA assistance to the Nation's 24 
million small businesses will not be interrupted in January 2000. The 
Interior Department posted a 50 percent increase in its number of Y2K 
compliant systems compared to the last quarter that includes the U.S. 
Geological Survey's National Seismic Network, which provides early 
warnings of earthquakes. The Education Department's number of critical 
systems, many of which are an integral part of processing student 
loans, that are now Y2K compliant increased by more than one-third. And 
at the end of last month, the President announced that, thanks to the 
joint efforts of the Social Security Administration and Treasury's 
Financial Management Service, the Social Security system is now Y2K 
compliant.
    The President has established an ambitious goal of having 100 
percent of the Government's mission-critical systems Y2K compliant by 
March 31, 1999--well ahead of many private sector system remediation 
schedules. Although much work remains, we expect that over 80 percent 
of the Government's mission-critical systems will meet the March goal, 
and monthly benchmarks with a timetable for completing the work will be 
available for every system still being tested or implemented. We expect 
that all of the Government's critical systems will be Y2K compliant 
before January 1, 2000.
    This does not mean that we are without significant challenges. 
While the Defense Department continues to make progress in addressing 
its massive Y2K challenge, OMB reported that DOD's rate of progress 
indicates that all of its systems will not meet the March goal of 100 
percent compliance. At a day-long meeting last Saturday at the Pentagon 
to review the status of all DOD mission-critical systems, Deputy 
Secretary Hamre and I were advised that most systems will either meet 
the March date or be in the process of implementation. In the 
Department's case, implementation includes installing completed Y2K-
compliant systems across the services and the Department. According to 
the last OMB quarterly report, the Energy Department had completed 
testing on only 53 percent of its critical systems--below the 
government-wide average. Secretary Richardson made clear at the 
beginning of his tenure at the Department that this issue will receive 
his personal attention.
    At HHS's Health Care Financing Administration (HCFA), HCFA has 
finished renovating and testing all of its internal systems. Although a 
tremendous amount of systems work and contingency planning will remain 
after March, most Medicare contractors are expected to complete 
renovation and testing by the government-wide goal. The State 
Department faces a significant challenge in simultaneously managing its 
complex Y2K project and completely replacing information systems 
installed around the world. At the Transportation Department, the FAA's 
rate of progress has improved dramatically, but the percentage of DOT's 
critical systems that have been tested and implemented continues to lag 
behind the government-wide schedule. Nonetheless, I am confident that 
the air traffic system will be totally compliant well in advance of the 
Year 2000.
    Let me be clear: Fixing the Year 2000 problem in Federal agencies 
is not a question of commitment. As you know, since last summer I have 
been participating in the monthly Y2K meetings of the senior managers 
in agencies whose systems are most at risk. I can attest that they and 
their staffs are focused on getting the job done. It is more a question 
of doing whatever it takes to overcome obstacles and accelerate 
progress in remediating systems. I am confident that these agencies 
will be able to do that and ensure that their critical systems will be 
ready for the Year 2000.
Contingency Funding
    The availability of emergency contingency funding is playing an 
important role in the ability of agencies to meet the Y2K challenge 
head-on, even as they encounter new and unexpected Y2K expenditures. It 
has been especially helpful to have an expedited process for OMB and 
congressional review of agency needs.
    Last year's Omnibus Appropriations bill provided a total of $3.35 
billion--$2.25 billion for non-defense agencies and $1.1 billion for 
defense--for emergency expenses related to Year 2000 conversion of 
Federal information technology systems and related expenses. Since the 
completion of the fiscal 1999 appropriations process, OMB has worked 
with the agencies to identify activities that were included in the 
President's fiscal 1999 budget that Congress directed to be funded from 
the contingent emergency reserve as well as critical requirements that 
have been identified since the President's budget was transmitted last 
February. For these new requirements, OMB is reviewing each agency 
request carefully to ensure that funds requested were unanticipated and 
will solve a Year 2000 problem.
    Of the $2.25 billion available for non-defense agencies, $1.2 
billion has been allocated to date. On November 6, 1998, OMB requested 
the release of $891 million in non-defense funding for 17 agencies. OMB 
requested an additional $338 million in non-defense funding for 21 
agencies on December 8. These transfers will support a range of 
activities to ensure that important computer systems will operate 
smoothly through the Year 2000 and beyond. Federal agencies would use 
this funding for additional remediation of information technology 
systems, testing to ensure that systems are Y2K compliant, replacement 
of embedded computer chips, creation and verification of continuity of 
operations and contingency plans, and outreach to non-Federal entities 
by agencies in support of the Council.
    I have submitted for the record with my testimony a copy of the 
December 8 OMB document, which summarizes both requests. OMB has also 
notified agencies that, should they continue to identify unforeseen 
Year 2000-related funding requirements, they should forward these 
requirements to OMB for consideration as items that may be funded from 
the contingent emergency reserve. A third request is expected to be 
transmitted to Congress before the end of the month.
    With regard to the $1.1 billion made available by Congress for 
defense activities, the Defense Department furnished OMB with a report 
on January 8 on how DOD plans to use its portion of the supplemental 
appropriation. OMB is currently reviewing the proposal and anticipates 
making recommendations shortly.
    It has been clear from the start that to operate effectively, 
Federal systems often depend upon a large number of outside, non-
Federal systems. State systems that support State-administered Federal 
programs such as unemployment insurance and Medicaid must work properly 
for Federal systems to effectively carry out their tasks in these 
areas. At U.S. embassies around the world, Federal systems depend on 
the functioning of host country systems for their operations.
    The Federal Government does not have a responsibility to fix, or 
pay for fixes to, non-Federal systems--whether they be in the private 
sector, at the State and local level, or internationally. However, in 
some areas, it is appropriate for the Federal Government to support 
planning activities and the sharing of best practices related to 
remediating non-Federal systems, insofar as this contributes to Federal 
interests and the effective operation of Federal systems. This support 
could be critical in key infrastructure areas such as 
telecommunications and transportation, where States and international 
entities are working together to ensure a seamless transition to the 
Year 2000.
    We have provided the Committee copies of the most recent OMB report 
on Federal agency Y2K progress and the Council's quarterly summary of 
assessments regarding private sector and State and local Y2K efforts.
Looking Forward
    Progress is being made on the Y2K problem--in the Federal 
Government, at the State and local level, in the private sector, and 
internationally. But much work remains to be done. As I've said often, 
not every system is going to be fixed by January 1, 2000. However, I am 
confident that difficulties for the economy or the public will not be 
the result of a direct failure of Federal systems. Agencies are focused 
on this problem and are managing toward ambitious goals for completing 
their work. The Federal Government's successful resolution of the Y2K 
problem in its systems will be a tribute to the skill, dedication, and 
hard work of thousands of career employees working across the 
Government. It is my pleasure to assist them in whatever way I can as 
part of this vital national effort.
    I thank the Committee for its support on this important matter, and 
I would be happy to answer any questions that you may have.
                                 ______
                                 
                                           The White House,
                                      Washington, December 8, 1998.
The Speaker of the House of Representatives.
    Sir: In accordance with provisions of Public Law 105-277, the 
Omnibus Consolidated and Emergency Supplemental Appropriations Act, 
1999, I hereby request the following transfers from the Information 
Technology Systems and Related Expenses account:
                       department of agriculture
    Executive Operations, Office of the Chief Information Officer: 
$28,731,000
                         department of commerce
    General Administration, Salaries and Expenses: $5,350,000
    Economic Development Administration, Salaries and Expenses: 
$694,000
    Bureau of the Census, Salaries and Expenses: $10,000,000
    Bureau of the Census, Periodic Censuses and Programs: $10,900,000
    Export Administration, Operations and Administration: $330,000
    National Technical Information Service, NTIS Revolving Fund: 
$1,000,000
    National Institute of Standards and Technology, Industrial 
Technology Services: $21,000,000
                        department of education
    Office of Postsecondary Education, Federal Direct Student Loan 
Program, Program Account: $531,000
    Office of Postsecondary Education, Federal Family Education Loan 
Program Account: $794,000
    Departmental Management, Program Administration: $960,000
              department of housing and urban development
    Management and Administration, Salaries and Expenses: $12,200,000
                       department of the interior
    Departmental Management, Working Capital Fund: $17,701,200
                          department of labor
    Employment and Training Administration, Training and Employment 
Services: $804,000
    Mine Safety and Health Administration, Salaries and Expenses: 
$2,259,000
    Departmental Management, Salaries and Expenses: $1,170,000
    Departmental Management, Office of the Inspector General: 
$1,000,000
                          department of state
    Administration of Foreign Affairs, Capital Investment Fund: 
$10,000,000
                      department of transportation
    Office of the Secretary, Salaries and Expenses: $7,054,000
    Coast Guard, Operating Expenses: $20,505,000
    Federal Aviation Administration, Operations: $9,699,000
    Federal Aviation Administration, Facilities and Equipment: 
$86,612,000
    Federal Aviation Administration, Research, Engineering, and 
Development: $147,000
    Research and Special Programs Administration, Research and Special 
Programs: $182,000
    Research and Special Programs Administration, Pipeline Safety: 
$150,000
    Maritime Administration, Operations and Training: $530,000
                       department of the treasury
    Departmental Offices, Automation Enhancement: $37,403,000
    Bureau of Alcohol, Tobacco and Firearms, Salaries and Expenses: 
$2,665,000
                  federal emergency management agency
    Salaries and Expenses: $3,641,000
    Emergency Management Planning and Assistance: $3,711,000
                    general services administration
    General Activities, Policy and Operations: $12,701,023
                   international assistance programs
    Agency for International Development, Operating Expenses of the 
Agency for International Development: $10,200,000
    Overseas Private Investment Corporation, Overseas Private 
Investment Corporation Noncredit Account: $840,000
    Overseas Private Investment Corporation Program Account: $1,260,000
    African Development Foundation, African Development Foundation: 
$137,485
                     small business administration
    Salaries and Expenses: $890,000
                          district of columbia
    District of Columbia Courts, Federal Payment to the District of 
Columbia Courts: $2,248,660
              national archives and records administration
    Operating Expenses: $6,662,000
                       office of special counsel
    Salaries and Expenses: $100,000
                       railroad retirement board
    Federal Payment to the Railroad Retirement Accounts: $340,000
                        smithsonian institution
    Salaries and Expenses: $4,700,000
    This funding will support efforts to make Federal information 
technology systems Year 2000 compliant and outreach to non-Federal 
entities in support of the Year 2000 Conversion Council.
    I hereby designate all of the above requests as emergency 
requirements pursuant to section 251(b)(2)(A) of the Balanced Budget 
and Emergency Deficit Control Act of 1985, as amended.
    The details of these actions are set forth in the enclosed letter 
from the Director of the Office of Management and Budget. I concur with 
his comments and observations.
            Sincerely,
                                                William J. Clinton.
    Enclosure.
                                 ______
                                 
                 Executive Office of the President,
                           Office of Management and Budget,
                                      Washington, December 8, 1998.
The Honorable Bob Livingston,
Chairman, Committee on Appropriations, U.S. House of Representatives, 
        Washington, D.C.
    Dear Mr. Chairman: In accordance with provisions of Public Law 105-
277, the Omnibus Consolidated and Emergency Supplemental Appropriations 
Act, 1999, I am transmitting a proposed allocation and plan for the 
following agencies to achieve Year 2000 (Y2K) compliance for technology 
information systems:
    Department of Agriculture
    Department of Commerce
    Department of Education [revision]
    Department of Housing and Urban Development
    Department of the Interior [revision]
    Department of Labor [revision]
    Department of State [revision]
    Department of Transportation
    Department of the Treasury [revision]
    Federal Emergency Management Agency
    General Services Administration [revision]
    Agency for International Development
    Overseas Private Investment Corporation
    African Development Foundation
    Small Business Administration
    District of Columbia Courts
    National Archives and Records Administration
    Office of Special Counsel
    Railroad Retirement Board
    Smithsonian Institution
    As noted, for six of the agencies listed above, the materials 
transmitted revise the allocations and plans for these agencies that 
were submitted on November 6, 1998.
    In monitoring Federal agency progress towards Y2K compliance, OMB 
has directed agencies to estimate the total fiscal year 1999 resources 
necessary for Y2K compliance and related expenses. Further, OMB and the 
agencies have worked together to determine whether resource 
requirements associated with Y2K can be accommodated within 
appropriated levels, or whether contingent emergency funds should be 
allocated.
    For the agencies listed above, the allocation of contingent 
emergency funds required at this time is displayed on the enclosed 
table. The table indicates which agencies will be receiving a second 
allocation of emergency funding--those allocations and plans that are 
being revised--to demonstrate how their resource requirements have been 
addressed over time.
    In addition, all of the agencies listed above have been directed to 
provide detailed justification materials for these requirements to the 
committees specified in Public Law 105-277, as well as to the relevant 
appropriations subcommittees, concurrent with the transmittal of this 
allocation and plan. These materials detail agency funding requirements 
associated with systems remediation, and discuss how that funding--both 
base funding and emergency supplemental funding--will assist an agency 
in achieving Y2K compliance. In addition, funding for activities in 
support of the President's Council on Year 2000 Conversion is 
discussed. OMB will continue to monitor agency requirements and will 
address additional funding needs as they emerge.
    OMB's strategy to ensure agency Y2K compliance is predicated on 
agency accountability. We have systematically monitored agency progress 
through agency goals for: compliance of mission critical systems, 
progress on the status of mission critical systems, status of mission 
critical systems being repaired, and agency Y2K cost estimates.
    These performance measures have proved useful in ensuring agency 
accountability without diverting vital resources from Y2K compliance 
activities to reporting requirements. Provided with this package is 
OMB's November 1998 Y2K Quarterly Report to the House and Senate 
Appropriations Committees, which includes an assessment of these 
performance measures and the Government's overall progress. In 
assessing agency progress towards compliance, OMB has focused on the 
four measures described above. The report also details other 
initiatives--such as our work with the States on data exchanges--that 
are part of the Administration's overall plan for achieving Y2K 
compliance.
    For most of the agencies listed in this transmittal, the following 
constitutes the agency plan as required by Public Law 105-277: OMB 
Quarterly Report; and, the justification materials provided by the 
agencies concurrent with the transmittal of this letter.
    For several small, independent agencies included in this 
transmittal--Overseas Private Investment Corporation, African 
Development Foundation, District of Columbia Courts, Office of Special 
Counsel, Railroad Retirement Board, and Smithsonian Institution--the 
justification materials provided serve as the agency plan. OMB has been 
monitoring the progress of these small agencies, and will ask them to 
report back on their status early next year.
    Thank you again for your cooperation on this important issue.
            Sincerely,
                                              Jacob J. Lew,
                                                          Director.
                                 ______
                                 
             [Estimate No. 25, 105th Congress, 2d Session]

                 Executive Office of the President,
                           Office of Management and Budget,
                                  Washington, DC, December 8, 1998.
The President,
The White House.
    Submitted for your consideration are requests to transfer $338 
million from the Information Technology Systems and Related Expenses 
Account for year 2000 (Y2K) compliance to 20 Federal agencies. This is 
the second release of contingent emergency funding for Y2K from funds 
appropriated in Public Law 105-277, the Omnibus Consolidated and 
Emergency Supplemental Appropriations Act, 1999. On November 6, 1998, 
you allocated $891 million to 17 Federal Agencies.
    These transfers will support a range of activities to ensure that 
important computer systems will operate smoothly through the year 2000 
and beyond. Contingent emergency funding would be allocated both for 
activities that were included in your fiscal year 1999 Budget but were 
not funded in the fiscal year 1999 appropriations process, and for 
critical Y2K requirements that have been identified since the fiscal 
year 1999 Budget was transmitted. Federal agencies would use this 
funding for additional remediation for information technology systems, 
testing to ensure that systems are Y2K compliant, replacement of 
embedded computer chips, creation and verification of continuity of 
operations and contingency plans, and outreach to non-Federal entities 
by agencies in support of the Year 2000 Conversion Council.
    Your fiscal year 1999 Budget anticipated that Y2K requirements 
would emerge over the course of the year and included an allowance to 
provide flexible funding to address emerging needs. As you requested, 
Public Law 105-277, the Fiscal Year 1999 Omnibus Consolidated and 
Emergency Supplemental Appropriations Act, provided contingent 
emergency funding for Y2K computer conversion activities--$1.1 billion 
for defense-related activities and $2.25 billion for non-defense 
activities. The enclosed requests for transfers are for non-defense 
agencies; therefore, the funds would be transferred from the 
Information Technology Systems and Related Expenses account established 
by Public Law 105-277.
    OMB continues its oversight of Federal agency progress toward 
fixing the Y2K problem. We are working to ensure that Federal agencies 
have sufficient fiscal year 1999 resources to address Y2K and that 
flexible contingent emergency funding remains available to address 
emerging needs. Pursuant to the requirements of Public Law 105-277, OMB 
will prepare and submit reports to Congress on the proposed allocation 
and plan for each affected agency to achieve year 2000 compliance for 
technology information systems before funds can be released to the 
agency. The report for agencies represented in this second release of 
Y2K contingent emergency funds will be transmitted to the congressional 
committees specified in Public Law 105-277 concurrent with this request 
for release of the funds. In addition, OMB has directed each affected 
agency to provide detailed justification materials in support of its 
plan and allocation to the relevant appropriations subcommittees. OMB 
will continue to monitor agency requirements and will address 
additional funding needs as they emerge.
    I recommend that you designate the amounts listed on the enclosure 
as emergency requirements in accordance with section 251(b)(2)(A) of 
the Balanced Budget and Emergency Deficit Control Act of 1985, as 
amended. No further congressional action will be required. Pursuant to 
Public Law 105-277, funds will be made available to agencies 15 days 
after this designation is forwarded to Congress.
    I have carefully reviewed these proposals and am satisfied that 
they are necessary at this time. Therefore, I join the heads of the 
affected Departments and agencies in recommending that you make the 
requested funds available by signing the enclosed letter to the Speaker 
of the House of Representatives.
            Sincerely,
                                              Jacob J. Lew,
                                                          Director.
    Enclosure.

Emergency Appropriations: Amounts Previously Appropriated Made Available 
by the President

Year 2000 (Y2K) Conversion:
    Department of Agriculture: Executive Operations, 
      Office of the Chief Information Officer...........     $28,731,000
    Department of Commerce:
        General Administration, Salaries and Expenses...       5,350,000
        Economic Development Administration, Salaries 
          and Expenses..................................         694,000
            Bureau of the Census: Salaries and Expenses.      10,000,000
            Periodic Censuses and Programs..............      10,900,000
        Export Administration, Operations and 
          Administration................................         330,000
        National Technical Information Service, NTIS 
          Revolving Fund................................       1,000,000
        National Institute of Standards and Technology, 
          Industrial Technology Services................      21,000,000
    Department of Education:
        Office of Postsecondary Education:
            Federal Direct Student Loan Program, Program 
              Account...................................         531,000
            Federal Family Education Loan Program 
              Account...................................         794,000
        Departmental Management, Program Administration.         960,000
    Department of Housing and Urban Development: 
      Management and Administration, Salaries and 
      Expenses..........................................      12,200,000
    Department of the Interior: Departmental Management, 
      Working Capital Fund..............................      17,701,200
    Department of Labor:
        Employment and Training Administration:
            Training and Employment Services............         804,000
        Mine Safety and Health Administration, Salaries 
          and Expenses..................................       2,259,000
    Departmental Management:
        Departmental Management.........................       1,170,000
        Office of the Inspector General.................       1,000,000
    Department of State: Administration of Foreign 
      Affairs, Capital Investment Fund..................      10,000,000
    Department of Transportation:
        Office of the Secretary, Salaries and Expenses..       7,054,000
        Coast Guard, Operating Expenses.................      20,505,000
        Federal Aviation Administration:
            Operations..................................       9,699,000
            Facilities and Equipment....................      86,612,000
            Research, Engineering, and Development......         147,000
        Research and Special Programs Administration:
            Research and Special Programs...............         182,000
            Pipeline Safety.............................         150,000
        Maritime Administration, Operations and Training         530,000
    Department of the Treasury:
        Departmental Offices, Automation Enhancement....      37,403,000
        Bureau of Alcohol, Tobacco and Firearms, 
          Salaries and Expenses.........................       2,665,000
    Federal Emergency Management Agency:
        Salaries and Expenses...........................       3,641,000
        Emergency Management Planning and Assistance....       3,711,000
    General Services Administration: General Activities, 
      Policy and Operations.............................      12,701,023
    International Assistance Programs:
        Agency for International Development, Operating 
          Expenses of the Agency for International 
          Development...................................      10,200,000
        Overseas Private Investment Corporation:
            Overseas Private Investment Corporation 
              Noncredit Account.........................         840,000
            Overseas Private Investment Corporation 
              Program Account...........................       1,260,000
        African Development Foundation, African 
          Development Foundation........................         137,000
    Small Business Administration: Salaries and Expenses         890,485
    District of Columbia:
        District of Columbia Courts, Federal Payment to 
          the District of Columbia Courts...............       2,248,660
    National Archives and Records Administration: 
      Operating Expenses................................       6,662,000
    Office of Special Counsel: Salaries and Expenses....         100,000
    Railroad Retirement Board: Federal Payment to the 
      Railroad Retirement Accounts......................         340,000
    Smithsonian Institution: Salaries and Expenses......       4,700,000

    The funds made available will enable these agencies to address the 
Y2K problem by supporting additional remediation for information 
technology systems, testing to ensure that systems are indeed Y2K 
compliant, replacement of embedded computer chips, creation and 
verification of continuity of operations and contingency plans, and 
outreach to non-Federal entities by agencies in support of the Year 
2000 Conversion Council.

                                   ALLOCATION OF FISCAL YEAR 1999 Y2K FUNDING
                                   [Budget authority, in thousands of dollars]
----------------------------------------------------------------------------------------------------------------
                                                                                     Financed From
                                                           Estimated  ------------------------------------------
                 Agency/Bureau/Account                      Agency      Fiscal Year     11/06/98      12/07/98
                                                          Requirement       1999        Emergency     Emergency
                                                                       Appropriation     Release       Release
----------------------------------------------------------------------------------------------------------------
DEPARTMENT OF AGRICULTURE: \1\
    Agency-wide funding................................      [71,883]       [43,152]  ............      [28,731]
    Farm and Foreign Agricultural Services.............        7,304          5,719   ............        1,585
    Food, Nutrition, and Consumer Services.............        2,550          1,800   ............          750
    Food Safety........................................        6,488          4,110   ............        2,378
    Marketing and Regulatory Programs..................       11,004         10,804   ............          200
    Natural Resources and Environment..................       13,624          9,717   ............        3,907
    Research, Education, and Economics.................        4,301          2,413   ............        1,888
    Rural Development..................................        9,890          1,390   ............        8,500
    Administration.....................................       16,722          7,199   ............        9,523
                                                        --------------------------------------------------------
      Total, Agriculture...............................       71,883         43,152   ............       28,731
                                                        ========================================================
DEPARTMENT OF COMMERCE:
    General Administration/Salaries and Expenses.......        5,350   .............  ............        5,350
    Economic Development Administration/Salaries and             694   .............  ............          694
     Expenses..........................................
    Bureau of the Census:
        Salaries and Expenses..........................       10,000   .............  ............       10,000
        Periodic Censuses and Programs.................       10,900   .............  ............       10,900
    Economic and Statistical Analysis/Salaries and               105            105   ............  ............
     Expenses..........................................
    Export Administration/Operations and Administration          360             30   ............          330
    National Oceanic and Atmospheric Administration/           1,994          1,994   ............  ............
     Operations, Research, and Facilities..............
    Patent and Trademark Office/Salaries and Expenses..        2,877          2,877   ............  ............
    National Technical Information Service/NTIS                1,250            250   ............        1,000
     Revolving Fund....................................
    National Institute of Standards and Technology:
        Scientific and Technical Research and Serv-            1,200          1,200   ............  ............
         ices..........................................
        Industrial Technology Services.................       21,000   .............  ............       21,000
    National Telecommunications and Information                   20             20   ............  ............
     Administration/Salaries and Expenses..............
                                                        --------------------------------------------------------
        Total, Commerce................................       55,750          6,476   ............       49,274
                                                        ========================================================
DEPARTMENT OF EDUCATION:
    Office of Postsecondary Education:
        Federal Direct Student Loan Program, Program             531   .............  ............          531
         Account.......................................
        Federal Family Education Loan Program Ac-              1,950          1,156   ............          794
         count.........................................
    Departmental Management/Program Administration.....        4,399          1,878         1,561           960
                                                        --------------------------------------------------------
      Total, Education.................................        6,880          3,034         1,561         2,285
                                                        ========================================================
DEPARTMENT OF ENERGY: \2\
    Atomic Energy Defense Activities:
        Weapons Activities.............................       15,066         15,066   ............  ............
        Defense Environmental Restoration and Waste           26,631         16,291        10,340   ............
         Management....................................
        Defense Facilities Closure Projects............        9,514          6,014         3,500   ............
        Defense Nuclear Waste Disposal.................        1,306          1,306   ............  ............
        Other Defense Activities.......................          853            853   ............  ............
    Energy Programs:
        Science........................................          566            566   ............  ............
        Energy Supply..................................        1,201          1,201   ............  ............
        Fossil Energy Research and Development.........           94             94   ............  ............
        Energy Information Administration..............          596            596   ............  ............
        Nuclear Waste Disposal Fund....................           67             67   ............  ............
    Power Marketing Administrations:
        Construction, Rehabilitation, Operation and               73             73   ............  ............
         Maintenance, Western Area Power Administration
    Bonneville Power Administration Fund...............          550            550   ............  ............
    Departmental Administration/Departmental                  11,623          1,623        10,000   ............
     Administration....................................
                                                        --------------------------------------------------------
        Total, Energy..................................       68,140         44,300        23,840   ............
                                                        ========================================================
DEPARTMENT OF HEALTH AND HUMAN SERVICES: \3\
    Departmental Management/Public Health and Social        [285,300]       [96,247]     [189,053]  ............
     Services Emergency Fund (75-1040).................
    FDA................................................       13,328          2,215        11,113   ............
    HRSA...............................................       10,000   .............       10,000   ............
    IHS................................................       25,700          2,300        23,400   ............
    CDC................................................        6,800          1,900         4,900   ............
    NIH................................................       10,825          4,832         5,993   ............
    SAMSHA.............................................          100   .............          100   ............
    AHCPR..............................................          420   .............          420   ............
    HCFA...............................................      194,200         82,500       111,700   ............
    ACF................................................        6,225          1,500         4,725   ............
    AoA................................................          600   .............          600   ............
    OS.................................................        2,719   .............        2,719   ............
    OIG................................................        5,400   .............        5,400   ............
    PSC................................................        8,983          1,000         7,983   ............
                                                        --------------------------------------------------------
      Total, Health and Human Services.................      285,300         96,247       189,053   ............
                                                        ========================================================
DEPARTMENT OF HOUSING AND URBAN DEVELOPMENT:
    Federal Housing Administration/FHA--Mutual Mortgage        5,000          5,000   ............  ............
     Insurance Program Account.........................
    Management and Administration/Salaries and Expenses       18,200          6,000   ............       12,200
                                                        --------------------------------------------------------
        Total, Housing and Urban and Development.......       23,200         11,000   ............       12,200
                                                        ========================================================
DEPARTMENT OF THE INTERIOR: \4\
    Departmental Management/Working Capital Fund.......      [57,776]        [7,175]      [32,900]      [17,701]
    BLM................................................        5,146            250         4,896   ............
    MMS................................................  ............  .............  ............  ............
    OSM................................................          413            413   ............  ............
    Bur Rec............................................        3,907          2,975           444           488
    USGS...............................................       14,447            110         8,439         5,898
    FWS................................................        1,192            700   ............          492
    NPS................................................       13,612   .............        8,720         4,892
    BIA................................................       12,526          2,500         8,526         1,500
    Department-wide systems/Office of the Secretary....        3,622            227         1,875         1,520
    OIA................................................        2,350   .............  ............        2,350
    Office of the Solicitor............................          561   .............  ............          561
                                                        --------------------------------------------------------
      Total, Interior..................................       57,776          7,175        32,900        17,701
                                                        ========================================================
DEPARTMENT OF JUSTICE:
    General Administration:
        Salaries and Expenses..........................          120   .............          120   ............
        Office of Inspector General....................        2,835   .............        2,835   ............
    United States Parole Commission/Salaries and                  20   .............           20   ............
     Expenses..........................................
    Legal Activities and U.S. Marshals:
        Salaries and Expenses General Legal Activities.        6,389   .............        6,389   ............
        Salaries and Expenses, Antitrust Division......            8   .............            8   ............
        Salaries and Expenses, United States Attor-              427   .............          427   ............
         neys..........................................
        Salaries and Expenses, United States Marshals            700   .............          700   ............
         Service.......................................
        United States Trustee System Fund..............        1,003   .............        1,003   ............
    Federal Bureau of Investigation/Salaries and Ex-          10,293   .............       10,293   ............
     penses............................................
    Drug Enforcement Administration/Salaries and               1,967   .............        1,967   ............
     Expenses..........................................
    Immigration and Naturalization Service/Salaries and        9,268   .............        9,268   ............
     Expenses..........................................
    Federal Prison System/Salaries and Expenses........          200   .............          200   ............
                                                        --------------------------------------------------------
      Total, Justice...................................       33,230   .............       33,230   ............
                                                        ========================================================
DEPARTMENT OF LABOR:
    Employment and Training Administration:
        Training and Employment Services...............        2,095            500           791           804
        Program Administration.........................        3,293          1,721         1,572   ............
    Employment Standards Administration/Salaries and           4,405          4,405   ............  ............
     Expenses..........................................
    Occupational Safety and Health Administration/             1,130          1,130   ............  ............
     Salaries and Expenses.............................
    Mine Safety and Health Administration/Salaries and         4,634            575         1,800         2,259
     Expenses..........................................
    Bureau of Labor Statistics/Salaries and Expenses...          137            137   ............  ............
    Departmental Management:
        Salaries and Expenses..........................        4,657            400         3,087         1,170
        Office of the Inspector General................        1,469            469   ............        1,000
    Assistant Secretary for Veterans Employment and              173            173   ............  ............
     Training..........................................
                                                        --------------------------------------------------------
        Total, Labor...................................       21,993          9,510         7,250         5,233
                                                        ========================================================
DEPARTMENT OF STATE: Administration of Foreign Affairs/       57,890   .............       47,890        10,000
 Capital Investment Fund...............................
                                                        ========================================================
DEPARTMENT OF TRANSPORTATION:
    Office of the Secretary/Salaries and Expenses......        8,475          1,421   ............        7,054
    Coast Guard/Operating Expenses.....................       23,505          3,000   ............       20,505
    Federal Aviation Administration:
        Operations.....................................        9,699   .............  ............        9,699
        Facilities and Equipment.......................      131,612         45,000   ............       86,612
        [Host replacement].............................      [72,000]       [20,000]  ............      [52,000]
        [Other F&E request]............................      [59,612]       [25,000]  ............      [34,612]
        Research, Engineering, and Development.........          147   .............  ............          147
    Federal Transit Administration/Administrative Ex-          1,900          1,900   ............  ............
     penses............................................
    Research and Special Programs Administration:
        Research and Special Programs..................          182   .............  ............          182
        Pipeline Safety................................          150   .............  ............          150
    Maritime Administration/Operations and Training....          700            170   ............          530
    Other Administrations..............................        1,264          1,264   ............  ............
                                                        --------------------------------------------------------
      Total, Transportation............................      177,634         52,755   ............      124,879
                                                        ========================================================
DEPARTMENT OF THE TREASURY:
    Departmental Offices:
        Salaries and Expenses..........................        1,238   .............        1,238   ............
        Automation Enhancement.........................       40,165   .............        2,762        37,403
    Financial Management Service/Salaries and Ex-              6,000   .............        6,000   ............
     penses............................................
    Bureau of Alcohol, Tobacco, and Firearms/Salaries          7,665   .............        5,000         2,665
     and Expenses......................................
    United States Customs Service/Salaries and Ex-            10,200   .............       10,200   ............
     penses............................................
    Bureau of the Public Debt/Administering the Public         1,000   .............        1,000   ............
     Debt..............................................
    Internal Revenue Service/Information Systems.......      483,000   .............      483,000   ............
    United States Secret Service/Salaries and Expenses.        3,000   .............        3,000   ............
                                                        --------------------------------------------------------
      Total, Treasury..................................      552,268   .............      512,200        40,068
                                                        ========================================================
OTHER DEFENSE--CIVIL PROGRAMS: Selective Service System          564            314           250   ............
                                                        ========================================================
EXECUTIVE OFFICE OF THE PRESIDENT:
    Office of Administration...........................       12,200   .............       12,200   ............
    Office of Management and Budget....................        1,600          1,600   ............  ............
    Office of the United States Trade Representative...          498   .............          498   ............
                                                        --------------------------------------------------------
      Total, Executive Office of the President.........       14,298          1,600        12,698   ............
                                                        ========================================================
FEDERAL EMERGENCY MANAGEMENT AGENCY:
    Salaries and Expenses..............................        4,541            900   ............        3,641
    Emergency Management Planning and Assistance.......        3,711   .............  ............        3,711
                                                        --------------------------------------------------------
      Total, FEMA......................................        8,252            900   ............        7,352
                                                        ========================================================
GENERAL SERVICES ADMINISTRATION: \5\ General Activities/      24,012          6,511         4,800        12,701
 Policy and Operations.................................
                                                        ========================================================
INTERNATIONAL ASSISTANCE PROGRAMS:
    Agency for International Development/Operating            23,900         13,700   ............       10,200
     Expenses of the Agency for International Develop-
     ment..............................................
    Overseas Private Investment Corporation:
        Overseas Private Investment Corporation                  840   .............  ............          840
         Noncredit Account.............................
        Overseas Private Investment Corporation Program        1,260   .............  ............        1,260
         Account.......................................
    African Development Foundation/African Development           189             51   ............          137
     Foundation........................................
                                                        --------------------------------------------------------
        Total, International Assistance Programs.......       26,189         13,751   ............       12,437
                                                        ========================================================
SMALL BUSINESS ADMINISTRATION: Salaries and Expenses...        2,816          1,926   ............          890
                                                        ========================================================
CORPORATION FOR NATIONAL AND COMMUNITY SERVICE:                  800   .............          800   ............
 Domestic Volunteer Service Programs, Operating
 Expenses..............................................
DISTRICT OF COLUMBIA: District of Columbia Courts/             2,249   .............  ............        2,249
 Federal Payment to the District of Columbia Courts....
FEDERAL COMMUNICATIONS COMMISSION: Salaries and                8,516   .............        8,516   ............
 Expenses..............................................
FEDERAL TRADE COMMISSION: Salaries and Expenses........          550   .............          550   ............
NATIONAL ARCHIVES AND RECORDS ADMINISTRATION: Operating        6,662   .............  ............        6,662
 Expenses..............................................
OFFICE OF SPECIAL COUNSEL: Salaries and Expenses.......          100   .............  ............          100
RAILROAD RETIREMENT BOARD: Federal Payment to the              6,041          5,701   ............          340
 Railroad Retirement Accounts..........................
SECURITIES AND EXCHANGE COMMISSION: Salaries and               7,400   .............        7,400   ............
 Expenses..............................................
SMITHSONIAN INSTITUTION: Salaries and Expenses.........        4,700   .............  ............        4,700
UNITED STATES HOLOCAUST MEMORIAL COUNCIL: Holocaust              680   .............          680   ............
 Memorial Council......................................
UNITED STATES INFORMATION AGENCY: Technology Fund......        7,062   .............        7,062   ............
                                                        ========================================================
      TOTAL, EMERGENCY RELEASES........................  ............  .............      890,680       337,802
----------------------------------------------------------------------------------------------------------------
\1\ Emergency funds will be transferred to the Office of the Chief Information Officer. Detail illustrates
  allocation by mission area (additional detail is included in agency plan).
\2\ Certain Bureau-level requirements will be addressed with centrally-administered funding ($10 million in
  Departmental Management).
\3\ All emergency funding will be transferred to the Public Health and Social Services Emergency Fund. OPDIV
  detail illustrates HHS distribution.
\4\ All emergency funding will be transferred to the Working Capital Fund Bureau detail illustrates Interior's
  reported distribution.
\5\ Amount financed from fiscal year 1999 appropriations is for internal systems conversion and represents
  agency total.

                                 ______
                                 
         7th Quarterly Report--Progress on Year 2000 Conversion
                  u.s. office of management and budget
                      data as of november 15, 1998
                        issued december 8, 1998
                           Executive Summary
    The Administration is committed to ensuring that Federal agencies 
meet the challenges posed by the year 2000 (``Y2K'') computer problem 
so that critical government services will not be disrupted. The Office 
of Management and Budget (OMB), in close cooperation with John 
Koskinen, Assistant to the President and Chair of the President's 
Council on Year 2000 Conversion, continues to work closely with 
individual agencies to ensure that they will be ready for the year 
2000. Since August, most agencies have made significant progress in 
their Y2K efforts. Some agencies remain behind the government-wide 
goals. As of November 15, 1998:
  --Of 6,696 mission critical systems identified by agencies, 61 
        percent are now Y2K compliant, compared to 50 percent in 
        August. These compliant systems include systems that have been 
        repaired or replaced, and those that were already compliant. 
        OMB has established a governmentwide goal of March 1999 for 
        reaching 100 percent compliance.
  --Of the remaining 39 percent, 30 percent are still being repaired, 
        seven percent are still being replaced, and three percent will 
        be retired (totals differ due to rounding).
  --Of those systems that have been or will be repaired, 90 percent 
        have completed renovation, an increase from 71 percent in 
        August. Sixty percent have now completed validation, while 
        implementation is now 52 percent complete.
  --There are now six Tier 1 agencies (not making adequate progress), 
        down from seven in August; seven Tier 2 agencies (making 
        progress, but with concerns), down from eight; and 11 Tier 3 
        agencies (making satisfactory progress), up from nine. The 
        Department of Education moved from Tier 1 to Tier 2; the 
        Departments of Housing and Urban Development and of Interior 
        moved from Tier 2 to Tier 3.
  --Agencies estimate they will spend $6.4 billion fixing the problem 
        from fiscal year 1996 through fiscal year 2000, an increase 
        from the August 1998 estimate of $5.4 billion. This increase is 
        not unexpected, and the President's fiscal year 1999 budget 
        included an allowance to address emerging requirements.
  --Agencies are developing contingency plans for systems that are not 
        expected to be ready by March 1999, and continuity of business 
        plans to ensure that vital public services will continue. 
        Agencies have made progress on assuring that data exchanges 
        with other systems, particularly systems operated by the 
        States, will occur without problems.
    Although most agencies are progressing well, and some have improved 
sufficiently to be moved to a higher Tier ranking, several agencies are 
still behind the government-wide goals. These agencies must intensify 
their efforts, particularly in the areas of validation, contingency 
planning, and continuity of business planning.
    In October, legislation was enacted to provide for emergency 
funding for agency year 2000 fixes. The Omnibus Consolidated and 
Emergency Supplemental Appropriations Act included a provision for 
emergency funding for unexpected Y2K conversion activities, consisting 
of $1.1 billion for defense-related activities and $2.25 billion for 
non-defense activities. This action will help ensure that agencies have 
sufficient resources to make a smooth transition to and beyond 2000. In 
addition to the emergency fund, OMB continues to ensure adequate 
funding and resources through the regular budget process. Throughout 
the budget process for fiscal year 2000, OMB has been working closely 
with agencies to ensure that adequate funding and management resources 
will be available.
     Progress on Year 2000 Conversion Report of the U.S. Office of 
             Management and Budget as of November 15, 1998
                            i. introduction
    This report is the seventh is a series of quarterly reports to 
Congress on the Administration's progress in fixing the year 2000 
(``Y2K'') computer problem in Federal systems. This report builds on 
previous reports by including more information on the Federal 
government's work with State governments to ensure that Federal/State 
data exchanges are ready and that Federally supported, State run 
programs will provide uninterrupted public health and safety services. 
This report also provides more information on the efforts that Federal 
agencies are undertaking on contingency planning, continuity of 
business planning, and independent verification and validation of their 
systems. In summary, the report constitutes the Federal government's 
plan to achieve year 2000 compliance of Federal systems.
    This report summarizes data received on November 15, 1998, from the 
24 agencies that make up the Federal Chief Information Officers' (CIO) 
Council and from nine small and independent agencies.\1\ The 24 
agencies are ranked into Tier 1 (insufficient evidence of adequate 
progress), Tier 2 (progress, but concerns), or Tier 3 (satisfactory 
progress). It also describes the status of a number of government-wide 
activities underway, including the areas of telecommunications, 
buildings, and biomedical devices and equipment.
---------------------------------------------------------------------------
    \1\ Except where noted, the summary data provided in this report 
refer solely to the 24 agencies.
---------------------------------------------------------------------------
    This report and all previous reports are available on OMB's web 
site [http://www.whitehouse.gov/WH/EOP/omb/], on the web site for the 
President's Council on Year 2000 Conversion [http://www.y2k.gov], or 
the CIO Council's web site [http://cio.gov].\2\
---------------------------------------------------------------------------
    \2\ A list of key Federal year 2000 web sites may be found in 
Appendix B.
---------------------------------------------------------------------------
    OMB's initial report on the Y2K problem, entitled ``Getting Federal 
Computers Ready for the Year 2000,'' was transmitted to Congress on 
February 6, 1997. The report outlined the Federal Government's strategy 
to address the Y2K problem in Federal systems; that strategy remains 
predicated on agency accountability. In cooperation with the 
President's Council on Year 2000 Conversion, the agencies are now being 
held accountable at the highest of levels. The Federal government's 
approach to fixing the problem follows the five phases of awareness, 
assessment, renovation, validation, and implementation. Working with 
the CIO Council, OMB set government-wide milestones for the completion 
of each phase. Agencies then established plans for each phase. The five 
phases overlap; for example, validation of some systems continues, 
while some systems are being implemented, and yet others may still be 
undergoing renovation.
    The Administration continues to direct high level attention to this 
issue within and beyond the Federal government to ensure readiness for 
the year 2000. Within the Federal government, the additional focus on 
the year 2000 problem through the budget process has allowed agencies 
to take a close look at their resources and needs and has focused 
management attention on the issue. The year 2000 emergency fund has 
also raised the profile of this issue, while helping to ensure that 
agencies will be ready on time. John Koskinen, Assistant to the 
President and Chair of the President's Council on Year 2000 Conversion, 
along with OMB, continues to participate in monthly meetings with 
senior management of Tier 1 agencies, while agencies in Tiers 1 and 2 
continue to submit monthly reports to OMB on their progress toward 
their milestones.
                ii. summary of government-wide progress
Summary of Systems Progress
    Most agencies are on target to meet the government-wide milestones 
of completion of renovation by September 1998, validation by January 
1999, and implementation by March 1999. Notably, SBA has completed its 
work, while SSA is ahead of schedule and will be finished shortly. (See 
Appendix A, Table 1.)
    There are now six Tier 1 agencies, down from seven in August; seven 
Tier 2 agencies, down from eight; and 11 Tier 3 agencies, up from nine.
    Senior Federal managers continue to reevaluate which systems are 
critical to their organizations' missions and to set their priorities 
accordingly. Agencies now identify 6,696 mission critical systems, a 
reduction from the 7,343 mission critical systems identified in the 
August report. Changes at this time are usually the result of 
recategorizing and reprioritizing of systems. (See Appendix A, Table 
2.)
    Of the 6,696 mission critical systems, 61 percent are now Y2K 
compliant, compared to 50 percent from August. These compliant systems 
include systems that have been repaired or replaced, and those that 
were already compliant. (See Table 1, below, and Appendix A, Table 2.)
    Of the remaining 39 percent, 30 percent are still being repaired, 
seven percent are still being replaced, and three percent will be 
retired (totals differ due to rounding). The increase in systems being 
retired reflects new decisions by managers to retire some systems that 
were to have been repaired. (See Appendix A, Table 2.)
    Of those systems that have been or will be repaired, 90 percent 
have completed renovation, an increase from 71 percent from August. 
Sixty percent have now completed validation, while implementation is 
now 52 percent complete. (See Appendix A, Table 3.)
    Senior management at all large agencies are relying on independent 
verification of the validation process and other internal performance 
measures to ensure that their systems will be ready on time.
    All agencies have begun work on continuity of business plans. Most 
agencies have focused their plans on core business functions to ensure 
that vital public services continue. Developing solid continuity of 
business plans, and contingency plans for systems that will miss the 
March 1999 goal, will be a top priority in the coming months.
Cost Summary
    Agencies now estimate they will spend $6.4 billion fixing the 
problem from fiscal year 1996 through fiscal year 2000, an increase 
from $5.4 billion from August 1998.\3\ (See Appendix A, Table 4.) This 
increase is not unexpected, and the President's fiscal year 1999 budget 
included an allowance to address emerging requirements.
---------------------------------------------------------------------------
    \3\ These estimates include the costs of identifying necessary 
changes, evaluating the cost effectiveness of making those changes (fix 
or scrap decisions), making changes, testing systems, and preparing 
contingencies for failure recovery. They include the costs for fixing 
both mission critical and non-mission critical systems, as well non-
information technology products and systems such as air conditioning 
and heating. They include outreach activities to non-federal entities. 
They do not include the costs of upgrades or replacements that would 
otherwise occur as part of the normal systems life cycle. They also do 
not include the Federal share of the costs for state information 
systems that support Federal programs.
---------------------------------------------------------------------------
    Most of these cost increases are attributable to refinement of 
estimates as agencies move through the validation phase and find that 
some systems need to be reworked, obtain more information about the 
costs of fixing the embedded chip problem, and develop continuity of 
business plans. Other increases reflect decisions to repair legacy 
systems in case those systems are not replaced on time. To the extent 
that agencies encounter additional requirements, these estimates will 
continue to rise.
    The three largest cost increases are: Defense, up $591 million to 
cover increased independent verification and end-to-end testing; HHS, 
up $165 million to cover potential contingencies in fiscal year 2000; 
and Treasury, up $53 million to cover increased testing and validation.
Summary of Other Progress
    The Federal government is continuing to work closely with State 
governments to ensure that data exchanges between the two are 
compliant, and that Federally supported programs that are run by the 
States will be able to provide vital public services.
    For most agencies, embedded chips are used primarily within their 
buildings' systems; at this time, good progress has been made, and GSA 
is confident that this area is under control. A small number of 
agencies use embedded chips in specialized areas, such as scientific 
equipment; these agencies are working hard to fix these systems as 
well, but much work remains.
    Most agencies report that they have completed their assessments of 
non-mission critical systems and are making progress on remediation. By 
definition, such systems are less critical to the functioning of the 
agencies, but many are still important. All of the agencies report 
active programs to fix these systems, albeit as a lower priority.

                  TABLE 1.--GOVERNMENT-WIDE SUMMARY--YEAR 2000 STATUS--MISSION-CRITICAL SYSTEMS
                                                  [In percent]
----------------------------------------------------------------------------------------------------------------
                                                                          Systems Being Repaired
                                            All Systems  -------------------------------------------------------
              Agency Status                Y2K Compliant  Assessment   Renovation    Validation   Implementation
                                                \4\        Complete   Complete \5\  Complete \6\   Complete \7\
----------------------------------------------------------------------------------------------------------------
Tier Three (DOI, VA, EPA, FEMA, GSA, HUD,           84           100           99            90             82
 NASA, NRC, NSF, SBA, SSA)...............
Tier Two (USDA, DOC, Education, DOL, DOJ,           67           100           91            70             63
 Treasury, OPM)..........................
Tier One (DOD, DOE, HHS, State, DOT, AID)           51           100           87            43             34
All Agencies.............................           61           100            9            60             52
----------------------------------------------------------------------------------------------------------------
\4\ Percentage of all mission-critical systems that will accurately process data through the century change;
  these systems have been tested and are operational and includes those systems that have been repaired and
  replaced, as well as those that were found to be already compliant.
\5\ Percentage of mission-critical systems that have been or are being repaired; ``Renovation complete'' means
  that necessary changes to a system's databases and/or software have been made.
\6\ Percentage of mission-critical systems that have been or are being repaired; ``Validation complete'' means
  that testing of performance, functionality, and integration of converted or replaced platforms, applications,
  databases, utilities, and interfaces within an operational environment has occurred.
\7\ Percentage of mission-critical systems that are being or have been repaired; ``Implementation Complete''
  means that the system has been tested for compliance and has been integrated into the system environment where
  the agency performs its routine information processing activities. For more information on definitions, see
  GAO/AIMD-10.1.14, ``Year 2000 Computing Crisis: An Assessment Guide,'' September 1997, available at http://
  cio.gov under Year 2000 Documents.

                      iii. government-wide issues
Validation and Verification Efforts
    Government-wide, 60 percent of mission critical systems have been 
validated. Validation involves multiple phases of testing, including a 
combination of testing of individual components (unit testing), testing 
of entire systems (integration or systems testing), and in some cases, 
testing of a string of systems of interdependent systems (end-to-end 
testing). This incremental approach allows agencies to efficiently 
locate any problems and fix them. It also ensures that the 
implementation phase will be as smooth as possible.
    All agencies are required to independently verify the validation 
process. Senior management at all large agencies are now relying on 
independent verification to provide a double-check that their mission-
critical systems will, in fact, be ready. All large agencies are 
relying on a combination of their Inspectors General and contractors to 
verify the results of agency testing and other measures of progress. 
Now that the government-wide level of validation of mission-critical 
systems has reached 60 percent, verification efforts are particularly 
important. Some agencies have discovered that some systems, which were 
considered compliant, were not. As a result, these non-compliant 
systems will be or have been fixed, and management is afforded a higher 
degree of confidence that the agency will achieve compliance on time.
Continuity of Business Planning and Contingency Planning \8\
---------------------------------------------------------------------------
    \8\ See GAO report, a shared effort with the Year 2000 Committee of 
the CIO Council, ``Year 2000 Computing Crisis: Business Continuity and 
Contingency Planning.'' July, 1998; GAO/AIMD-10.1.19. In addition, 
model Business Continuity and Contingency Plans, including that of the 
Social Security Administration, were shared with other agencies as 
models.
---------------------------------------------------------------------------
    All agencies, regardless of progress, are required to develop 
continuity of business plans. Such plans should describe risk 
mitigation strategies and work-around alternatives to ensure the 
continuity of the agency's core business functions. Such functions rely 
not only on the agency's internal systems, but also on services outside 
of the agency's control, such as the ability of suppliers to provide 
products, services, or data, or the loss of critical infrastructure.
    For this report, all agencies described their progress on 
developing continuity of business plans. Most agencies are basing their 
plans on certain core business functions that the agency believes are 
essential to ensuring that the agency is able to perform its mission. 
Agencies are using a variety of approaches, including ensuring that 
back-up resources are available, determining if paper processes will 
work, and making sure that regional offices can operate independent of 
headquarters, if necessary. Contingency plans, described below, are a 
subset of continuity of business plans.
    Contingency plans are required for those systems that have been 
behind the agency's internal schedule for two months or more over two 
reporting periods or that won't meet the March 1999 goal. (See Appendix 
C.) During this quarter, few agencies reported slippage from their 
internal schedules.
    On the other hand, more agencies reported increasing numbers of 
systems that would not meet the March 1999 goal. (See Appendix C.) 
Although some agencies have contingency plans, many did not mention 
this subject in their report. Notably, Defense listed a large number of 
systems, and while many had contingency plans, Defense did not indicate 
that contingency plans were in place for all of them. While Justice has 
forwarded more than 140 contingency plans to an independent validation 
and verification contractor for review, it indicated that, to date, the 
contractor had reviewed only five plans of the 11 systems behind 
schedule.
    Despite uneven progress, agencies are now focusing their efforts on 
developing solid contingency plans and continuity of business plans. As 
the President's Council on Year 2000 Conversion develops a national 
risk assessment, agencies will have better information on internal and 
external risks and how best to prepare for them. For the next report, 
OMB plans to require more information on continuity of business plans 
and contingency plans, including a description of plans so far, 
completion dates for plans, and a description of how the continuity 
plan will be tested.
Costs and Funding
    Agencies now estimate they will spend $6.4 billion fixing the 
problem from fiscal year 1996 through fiscal year 2000, an increase 
from $5.4 billion from August. (See Appendix A, Table 4.)
    Most of these cost increases are attributable to refinement of 
estimates as agencies move through the validation phase and decide to 
increase testing and independent verification activities, find that 
some systems need to be reworked, obtain more information about the 
costs of fixing the embedded chip problem, and develop continuity of 
business plans. Other increases reflect decisions to repair legacy 
systems in case those systems are not replaced on time. To the extent 
that agencies encounter additional requirements, these estimates will 
continue to rise.
    These increases were not unexpected. The President's fiscal year 
1999 budget requested approximately $1.1 billion in appropriations for 
Y2K. It also included an allowance of $3.25 billion to cover emerging 
and potential costs for Bosnia, natural disasters, and Y2K.
    This spring and summer, the Administration worked with the Congress 
on a contingent emergency funding proposal specifically for unforeseen 
Y2K requirements. In August OMB asked agencies for their current 
estimates of Y2K expenses, distinguishing between requirements included 
in the President's budget and unforeseen requirements.
    In September, the Administration requested a supplemental 
appropriation of $3.25 billion in contingent emergency funding for Y2K 
conversion, consistent with Senate action to that point. The Omnibus 
Consolidated and Emergency Supplemental Appropriations Act for Fiscal 
Year 1999 includes contingent emergency funding for Y2K computer 
conversion activities: $1.1 billion for defense-related activities and 
$2.25 billion for non-defense activities.
    In order to determine how to best to allocate available base and 
emergency funding, OMB evaluated agency requirements. OMB also worked 
with the agencies to identify activities that had already been included 
in the President's fiscal year 1999 Budget, but that Congress directed 
be funded from the contingent emergency reserve. These redirected 
requirements total approximately $590 million, of which: $30 million 
was allocated on October 23, 1998, (for the Legislative and Judiciary 
branches); $464 million was allocated on November 6, 1998; and, $94 
million is being allocated concurrent with the transmittal of this 
report. Additionally, OMB has approved approximately $676 million of 
new funding for Y2K requirements that was not included within agencies' 
fiscal year 1998 appropriated levels. Of this, $427 million was 
allocated on November 6, 1998, and $244 million is being allocated 
concurrent with the transmittal of this report. In total, $891 million 
was allocated on November 6, 1998, and $338 million is being allocated 
concurrent with the transmittal of this report. All amounts allocated 
to date are for non-defense activities.
    Additional transfers from the contingent emergency reserve will be 
made in the future to ensure that all agencies have sufficient 
resources to achieve Y2K compliance. OMB has also notified agencies 
that, as they identify unforeseen funding requirements, they should 
forward these requirements to OMB for evaluation. The Department of 
Defense is reviewing its requirements for the defense contingent 
emergency fund.
Government-wide Initiatives
            Telecommunications Systems
    GSA owns, manages, or resells consolidated telecommunications 
services to Federal agencies throughout the United States. Like the 
private sector, the Federal agencies are reliant upon commercial 
vendors and the information they supply to address the compliance of 
their telecommunications systems. In most cases, agencies must work 
with telecommunications vendors to receive system upgrades; a number of 
agencies, including GSA, continue to express frustration that some 
vendors are not more forthcoming with information about the compliance 
status of their products and services, have been slow to repair their 
systems, or are slow in the delivery of necessary product upgrades, 
often as a result of a shortage of technicians. In fact, many companies 
have indicated that their systems won't be fully compliant until June 
1999, leaving many agencies concerned that they will not have adequate 
time to conduct thorough validation and end-to-end testing.
    The Telecommunications Subcommittee, chaired by GSA's Federal 
Technology Service (FTS), is working with industry to ensure that the 
telecommunications services and systems provided to the Federal 
Government are Y2K compliant. FTS has completed its inventory and 
assessment for all GSA Consolidated Systems, which provide local 
telecommunications services (including hardware, licensed proprietary 
software, and features such as voice mail) to Federal agencies 
nationwide. All Consolidated Systems will be compliant by March 1999. 
GSA also provides voice mail to agencies that purchase services from 
Consolidated Systems using 184 different systems. Although GSA 
considers voice mail a non-mission critical system, it does plan to 
upgrade 63 and replace one system so that all are compliant by the year 
2000.
    With respect to service obtained from Local Exchange Carriers 
(LEC's), GSA has contacted LEC service providers for information on 
their Y2K status which it then provides to other Federal agency users. 
LEC's are dependent upon major network switch manufacturers for 
software upgrades to address the Y2K problem. Switch suppliers have 
committed to shipping these packages by the end of 1998 with LEC 
deployment to follow in the spring of 1999. Responses GSA has received 
to date indicate that most LEC's will complete equipment modifications 
and testing for Y2K compliance by mid-1999. GSA continues to request 
written responses from those LEC's that have not responded and believes 
the passage of the Year 2000 Information Disclosure Act will facilitate 
this process. The Act may also assist Federal agencies that buy 
services from LEC's directly to obtain Y2K compliance status for their 
affected office locations.
    Besides GSA, Federal agencies own and operate or are otherwise 
dependent upon a wide variety of telecommunications systems and 
components. Interagency special interest groups (SIG's) have been 
formed to assist agencies to collectively resolve the Y2K status of 
these items through collaborative testing of telecommunications 
equipment with industry. SIG's are formed by agencies that may rely on 
systems or equipment from one vendor. SIG's either conduct the tests 
themselves or work with the manufacturer to obtain test results which 
are then shared across the government. The SIG's are also taking a lead 
in addressing commonly acquired communications services such as 
wireless and internet access. Equipment testing by the SIG's began in 
December of 1997 and will continue throughout 1999. A web site, http://
y2k.fts.gsa.gov, lists the compliance status of commonly used 
telecommunications equipment and has links to some sixty Y2K industry 
sites. Agencies are responsible for accessing this information, 
determining what equipment they must upgrade, and making the 
appropriate repairs. The SIG's continue to provide a valuable forum to 
share information regarding repairing or replacing telecommunications 
components.
    The telecommunications industry, through associations such as the 
Alliance for Telecommunications Industry Solutions (ATIS) and the U.S. 
Telco Year 2000 Forum, has begun programs for interoperability testing 
between long distance providers and local service carriers. The Federal 
government is an active participant in these efforts. The testing is to 
be performed in early 1999 with the final reports expected to be 
publicly released in January and July 1999.
    In the Washington Metropolitan Area, Washington Interagency 
Telecommunications Systems (WITS) provides approximately 170,000 analog 
and digital lines supporting both data and voice applications to 
Federal agencies. The system was fixed in July 1998. Voice mail 
obtained from WITS is already Y2K compliant.
    FTS2000.--GSA, through its FTS2000 contracts, provides most of the 
Federal Government's long distance telecommunications services. GSA is 
thus responsible for ensuring that the two FTS2000 vendors (Sprint and 
AT&T) are Y2K compliant. GSA is conducting an ``FTS2001'' acquisition 
to replace the expiring FTS2000 contracts. The FTS2001 contracts 
require the winners to provide Y2K compliant services. Where possible, 
GSA and many agencies intend to transition to the FTS2001 contracts 
before the onset of the year 2000 to ensure compliance and a smooth 
transition. GSA expects to extend the current FTS2000 contracts to 
support those agencies that have not completed the transition to 
FTS2001 by January 1, 2000.
    Both FTS2000 vendors have made formal commitments that their 
systems will be Y2K compliant prior to the year 2000. GSA sent letters 
to both Sprint and AT&T to clarify these commitments. In their 
response, AT&T stated that they were on target to complete network 
element certification by year-end 1998 and to complete full testing of 
the network no later than June 30, 1999. Sprint expects to meet similar 
dates for its network but anticipates completion of repairs to several 
supporting and billing systems in June 1999. Sprint also identified 
some customer premise equipment that it provided to agencies under 
terms of the FTS2000 contract which may not be compliant. GSA is 
working with both vendors and agency customers to resolve this and 
other issues related to FTS2000 network compliance.
    International Telecommunications.--Within the United States, the 
International Direct Distance Dialing contract with AT&T that is 
managed by FTS has been certified compliant. Overseas, however, Federal 
agencies that have extensive foreign operations are increasingly 
concerned about the effect that the Y2K may have on their ability to 
communicate with offices located in foreign nations. Some locations may 
be totally dependent upon the telecommunications infrastructures of the 
host nations. The State Department has determined that more than 95 
percent of the telephone equipment it operates overseas is compliant or 
can be operated in a manual mode. In addition, the State Department's 
Diplomatic Telecommunications Services Program Office (DTS-PO) 
continues to assess and upgrade its network and expects to complete its 
efforts in December of 1998.
    On the other hand, roughly five percent of the Department's 
telephone services are met by equipment that is operated by host 
nations. In many cases, links between State Department locations and 
other U.S. government offices overseas rely on host nation services. 
This reliance on foreign networks has led several agencies, including 
the Peace Corps and the Agency for International Development, to 
anticipate that operations in some countries, particularly in more 
remote locations, may be adversely affected by telecommunications 
problems. In these instances, international agencies are working 
together to develop contingency plans or to identify backup systems, 
such as satellites, to ensure communications are maintained. Their 
efforts have been somewhat complicated by the lack of information 
regarding the Y2K compliance status of alternative communications 
services, including new satellite-based mobile communications systems.
    Other Government-wide Telecommunications Services.--The equipment 
supplied by GSA under the Federal Wireless Telecommunications Service 
(FWTS) has been certified compliant by GTE. GSA-maintained, government-
wide contracts for Wire and Cable Service; Electronic Commerce, 
Internet, and E-Mail Access; and Technical and Management Support all 
contain Y2K compliance clauses. All task orders for the 
Telecommunications Support Contract 2, which provides consulting and 
telecommunications services, include Y2K compliance clauses.
    Telecommunications Contingency Planning.--In September, GSA 
prepared and distributed a Telecommunications Contingency Plan for the 
Year 2000. The document describes plans and responsibilities for local 
service and long distance network providers--both GSA and commercial 
firms--leading up to January 1, 2000. It also outlines plans to restore 
service if failures occur. The contingency plan is a dynamic document 
that will be revised if contracts change, vendors modify their 
services, or testing identifies additional requirements. The 
Contingency Plan offers guidance on forming Business Resumption Teams 
that would take the lead in resolving service disruptions.
            Buildings Systems
    Many products or systems in buildings, such as those that control 
or interact with security systems, elevators, or heating and air 
conditioning systems, contain embedded chips. These chips can include a 
date function that helps run the system--for example, to time 
maintenance procedures or to regulate temperature. If this date 
function is not Y2K compliant, then the chip may not work. This problem 
is particularly complex, because chip manufacturers do not closely 
track how these chips are programmed and used. In addition, a 
manufacturer of equipment (such as a security system) is unlikely to 
know the compliance status of the particular chips used. It may also be 
difficult to accurately test the compliance of these chips in a working 
environment. Once non-compliant chips are identified, they must be 
replaced.
    In response, GSA has established a public web site (http://
globe.lmi.org/lmi--pbs/y2kproducts/) that provides Y2K information for 
building systems. There are now over 10,000 products listed on this 
site (up from 9,000 in the previous report), and fewer than four 
percent of all products are identified as non-compliant. Another web 
site has been established which allows personnel from Federal agencies 
to determine the Y2K compliance status of Federally owned and leased 
facilities. This site is for Federal government use only.
    The Year 2000 Buildings Subcommittee of the CIO Council, chaired by 
GSA's Public Buildings Service (PBS), continues to meet about every 
four to six weeks and exchange relevant information.
    Additionally, GSA continues to partner with the private sector on 
year 2000 building systems matters. Both the Building Owners and 
Managers Association and the International Facility Managers 
Association are polling their membership to gather information 
regarding the Y2K readiness of this sector. They will share this 
information with the Federal government to assist the President's 
Council on Year 2000 Conversion with its overall assessment of Y2K 
readiness in the public and private sectors.
    To ensure that buildings used by the Federal government are ready 
for the year 2000, the Building Systems Subcommittee is focusing on the 
charge to ensure that any equipment that contains embedded chips is Y2K 
compliant. The Committee is working with all Federal agencies, whether 
they work in GSA owned or managed space, whether it is space that is 
leased by GSA, or whether it is space that is owned or managed directly 
by the agencies.
    In space where GSA is the owner, PBS continues to thoroughly review 
inventory and coordinate with vendors and manufacturers of equipment 
that contains embedded chips. PBS is now finalizing its test plans, in 
coordination with vendors and regional personnel, and will soon begin 
testing. Additionally, a government-wide contingency plan for buildings 
is under development to prepare for unexpected system failures and 
utility outages.
    The Subcommittee is also working closely with the owners of 
buildings that are leased by GSA. For leased space, GSA sent letters 
requesting that lessors certify their spaces as Y2K compliant. About 40 
have responded, and GSA has sent follow-up letters and surveys to 
``high-risk'' leased locations. Finally, a year 2000 clause was 
developed for inclusion in all Solicitations For Offers.
            Biomedical and Laboratory Equipment
    As of November 17, 1998, the Biomedical Equipment Subcommittee had 
received responses from 70 percent of the 1,932 medical device and 
laboratory equipment manufacturers who make products containing 
electronic components. This highly improved response rate is the result 
of both Congressional attention to this issue, and the efforts of HHS 
(especially the FDA), the Department of Veterans Affairs, the 
Department of Defense, and the President's Council on Year 2000 
Conversion. In addition, the enactment of the Administration's ``Year 
2000 Information Disclosure Act'' \9\ has helped. The key agencies are 
following up with the non-respondents.
---------------------------------------------------------------------------
    \9\ The ``Year 2000 Information Disclosure Act,'' S. 2392, enacted 
into law on October 19, 1998, encourages companies to share information 
about possible solutions to year 2000 problems. The Act provides 
limited liability protections for companies that share information 
about their year 2000 risks and possible solutions. However, the law 
does not affect liability that may arise from year 2000 failures of 
systems or devices.
---------------------------------------------------------------------------
    In addition, the Working Group continues to expand the National 
Biomedical Clearinghouse, a database containing information on 
compliant equipment. The information has been provided by HHS and the 
Department of Veterans Affairs, based on their knowledge and experience 
in using the equipment. The Department of Defense will begin formal 
participation soon. This database is publicly available at http://
www.fda.gov/cdrh/yr2000/year2000.html.
            State Issues
    The Federal government sends and receives data from hundreds of 
different partners in support of thousands of different programs. 
Probably the single most important partnership is with the States. The 
data exchanges that enable Federal and State governments to communicate 
with each other must be fixed on both sides in order to work. Without 
functional data exchanges, important Federal and/or State programs 
won't work.
    In response, the Federal CIO Council, in cooperation with the 
National Association of State Information Resource Executives (NASIRE) 
first agreed at a summit in October of 1997 to make the issue of fixing 
data exchanges a top priority. The CIO Council and NASIRE also agreed 
to continue to meet and to resolve issues between Federal CIO's and 
State CIO's.
    Data Exchanges with States.--To assist in the coordination of data 
exchange activities between Federal agencies and the States, the CIO 
Council has developed the Federal/State Data Exchange Database, managed 
by GSA, which contains the status of exchanges from both the Federal 
and State perspectives. The Federal government has provided information 
to the database on all of its data exchanges with the States, including 
a point of contact and phone number and the status of the Federal 
government's work on the exchange.
    While many States are actively working on their side of the data 
exchanges and are making excellent progress, a number of States and 
territories are still not participating in the database, and 
accordingly, their progress is completely unknown. In particular, as of 
November 16, Alaska, Arkansas, West Virginia, the District of Columbia, 
Guam, and Puerto Rico have not provided any information about their 
data exchange activities. A number of others, including Alabama, 
Oklahoma, Rhode Island, Wisconsin, and Wyoming, have only recently 
begun providing information and are substantially behind. This is of 
concern not only because these data exchanges may not be ready in time, 
but also because this may be symptomatic of overall Y2K efforts within 
these States.
    According to the database, notwithstanding those States that are 
not participating in the database, overall progress on data exchanges 
is proceeding well. (All Federal agencies are participating, except for 
the FBI and the IRS, who are working directly with State partners to 
avoid security risks associated with the database.) To date, 62 percent 
of Federal/State data exchanges are fixed, successfully bridged, tested 
by both parties and/or are fully compliant. All data exchanges are to 
be fully implemented by March 1999.
    Critical Public Health and Safety Programs.--The CIO Council and 
NASIRE are also focusing on other issues of mutual importance. For 
example, the Federal government is working closely with State 
governments to ensure that not only will individual systems run, but 
that Federally supported programs that are run by the States will 
continue to provide vital public services. Such programs include 
Unemployment Insurance, Medicaid, and income maintenance programs such 
as child support and food stamps. Federal agencies will be specifically 
evaluating the impact of the year 2000 on their programs, and OMB will 
report on that in future reports to the Congress.
    Other Joint Initiatives.--Meanwhile, the CIO Council and NASIRE 
continue to meet regularly to discuss other issues. Progress on joint 
issues with those States that are participating continues. Recently, 
for example, at a meeting on October 18 in San Diego, participants 
agreed to work on the following issues:
  --Jointly ensure that the names of data exchanges are the same on 
        both the Federal and State sides to improve tracking.
  --Jointly focus on the needs of State Unemployment Insurance programs 
        and Medicaid. State Unemployment Insurance (UI) systems have a 
        unique Y2K failure horizon date of January 4, 1999 \10\, while 
        Medicaid is expected to encounter unique difficulties in 
        completing its work.
---------------------------------------------------------------------------
    \10\ UI systems look forward one year to calculate a beneficiary's 
UI entitlement. Any State that has not implemented a new year 2000 
compatible system will have a Benefit Year End (BYE) problem and will 
have to go to its contingency plan. The five ``high alert'' or ``at 
risk'' jurisdictions (the District of Columbia, Louisiana, New Mexico, 
Puerto Rico, and the Virgin Islands) are expected to have to implement 
their contingency plans, in most cases using a ``hard coding'' solution 
to override the system's calculation; that is, December 31, 1999, will 
be manually entered as the end date for beneficiary benefits 
calculations through 1999. While this is only a temporary solution, it 
gives those States additional months to remediate their systems. Four 
``yellow caution'' States (Montana, Arkansas, Illinois, and Maine) 
expect to bring their new systems on line in December; if their 
schedules slip, they, too, will have to go to their BYE contingency 
plans.
---------------------------------------------------------------------------
  --Identify the critical public health and safety programs (such as 
        unemployment insurance, Medicaid, food stamps, child support, 
        job training, and housing), supported by data exchanges, that 
        are administered through States, counties, and cities.
  --Jointly undertake the development of Business Continuity and 
        Contingency Plans to ensure that these critical programs will 
        continue to provide services to the public.
            Other Information Sharing Initiatives
    Year 2000 Information Directory.--The Government-wide Year 2000 
Information Directory web site, managed and maintained by GSA on behalf 
of the CIO Council, has some new additions, including topics of 
interest for the average consumers. In addition, the site has been 
redesigned to enhance appearance and navigation. Also available at this 
site is a ``Year 2000 and You'' brochure developed for citizens. The 
web site address is: http://www.itpolicy.gsa.gov/mks/yr2000/
y2khome.htm. The brochure is also available from GSA's Consumer 
Information Center at 1-888-878-3256 in Pueblo, Colorado. The brochure 
will soon be available in Spanish.
    Database of Compliant COTS Products.--GSA also manages and 
maintains a database of compliant, COTS Products that are used by 
Federal agencies. This information is available to the public at http:/
/y2k.policyworks.gov. The database includes information from 756 
vendors and 90 Federal agencies on 2364 products. Agencies are now 
beginning to provide information on the results of product testing they 
have undertaken.
                      iv. agency specific progress
Process of Agency Evaluation
    Nearly all agencies have made good progress in the last quarter. 
Even many of the agencies that are still behind have made good progress 
in the last quarter, appear to have engaged the proper level of 
management attention, and are working hard. Nevertheless, a number of 
agencies are still remain behind the government-wide goals, and, as a 
result, some of their systems may not be ready on time. For this 
reason, all agencies have been asked to heighten efforts on contingency 
planning and continuity of business planning. In evaluating agency 
progress, OMB used the following criteria:
  --Measurable improvement.--Has the agency completed the renovation 
        phase? Is there measurable and adequate progress on validation, 
        and implementation of computer systems, including data 
        exchanges? Is there progress on addressing other systems, 
        including buildings, telecommunications, and systems and 
        products containing embedded chips?
  --Schedule for completion of best practices phases and overall 
        prognosis.--Has the agency adopted a realistic schedule that is 
        consistent with the government-wide goals? Has there been a 
        change in the number of mission critical systems that are 
        expected to miss the March 1999 implementation date? Does the 
        agency have a strong management team and a credible strategy in 
        place?
  --Risk management.--Is the agency preparing a workable continuity of 
        business plan for its core business functions? Does the agency 
        have a deadline for when plans must be complete? Does the 
        agency have an effective validation and independent 
        verification program in place? Is there adequate oversight of 
        efforts to replace non-compliant systems? Are systems 
        previously reported behind being brought back on schedule? Are 
        agencies which have systems which are expected to miss the 
        March 1999 goal working on contingency plans?
  --Dramatic changes in previously reported information or other 
        indications of concern.--Have there been dramatic changes in 
        cost, schedule, changes to the number of systems, or changes to 
        the number of systems behind schedule? Are there any concerns 
        with the availability of key personnel?
Tier One Agencies
    Tier One comprises agencies where there is insufficient evidence of 
adequate progress. There are now six agencies in Tier One, as the 
Department of Education has moved into Tier Two.
            Department of Defense
    The Department of Defense continues to make progress in addressing 
its massive Y2K problem, albeit at a rate too slow to meet the March 
1999 goal. The percentage of mission critical systems compliant has 
risen to 53 percent from 42 percent reported in August. The Department 
also reports that 86 percent of its mission-critical systems to be 
repaired have now completed renovation, an increase from 70 percent 
reported in August. Defense also reports that 36 percent of those 
systems have been tested and implemented, an increase from 27 percent 
reported last quarter.
    As a result, the Secretary and Deputy Secretary have taken a number 
of actions to accelerate the Department's progress toward Y2K 
compliance, including exercising direct personal leadership, requiring 
commanders and service chiefs to personally certify the Y2K status of 
each major information system, and withholding funding for non Y2K work 
on information systems unless and until Military Departments 
demonstrate Y2K progress. In addition, the Department is planning to 
conduct large-scale Y2K operational evaluations and functional tests in 
1999. Finally, the Department is preparing operational plans to ensure 
that all critical functions will continue and that the effect of any 
Y2K related problems will be minimized.
            Department of Energy
    Compliance has increased from 40 percent to 50 percent in the last 
quarter, and progress has been made in the other phases. The 
Department, however, has not completed its renovation work, finishing 
renovation on 88 percent of its mission critical systems. Likewise, the 
Department has completed validation on only 53 percent of its mission 
critical systems. In addition, 11 mission critical systems are 
anticipated to miss the government-wide target of January 1999 for 
finishing the validation phase. The Department notes in this quarter's 
report that the ``steep slope of the planned completion schedule [for 
implementation of compliant systems] is a cause for concern within the 
Department.''
    Work to identify new mission critical systems at its Government and 
contractor sites, and assessment of the Department's embedded chips and 
lab equipment continues. Although DOE has identified 420 systems as 
mission critical, up from 411 in last quarter's report, it has only 
begun to prioritize and allocate resources among those systems. The 
Department's independent Office of Oversight has recommended that DOE 
``focus management attention on complex, critical systems that face 
moderate to significant risk.''
    Data exchanges have improved. Intra-departmental data exchanges 
have improved in compliance from 63 percent to 68 percent, while the 
percentage of compliant data exchanges with other Federal agencies has 
also increased from 56 percent to 68 percent.
    Embedded systems remain a concern. An additional 29,000 embedded 
chip systems, including workstations, lab equipment, and other 
unspecified embedded chip devices, were identified since the last 
quarter's report. On the positive side, between 60 and 75 percent of 
the embedded chip systems are already Y2K compliant.
    The Department's CIO is conducting site compliance reviews in 
cooperation with the Office of the Inspector General and Office of 
Oversight. The compliance reviews have increased awareness of the 
severity of the problem and the need for high-level management 
attention. The Office of Oversight reviewed 52 mission critical systems 
in the past quarter and found that, in general, the Department is well 
positioned to complete the majority of its mission critical systems by 
the government-wide goal of March 1999. In addition, the Office of 
Oversight identified some problems that will require follow-up. These 
include: (1) testing continues to be a weakness; (2) DOE and contractor 
management have not consistently implemented effective quality 
assurance into Y2K efforts; and (3) DOE management at both headquarters 
and regional offices, as well as contractor line management, have not 
been actively involved in Y2K efforts and do not have a detailed 
understanding of the efforts at their respective sites.
            Department of Health and Human Services
    The Department's Health Care Financing Administration (HCFA) has 
made significant progress on renovating its internal and external 
systems. However, HCFA remains a serious concern due to the external 
system remediation schedule and high contingency cost estimates. 
Medicare contractors will have to make an intensive, sustained effort 
to complete validation and implementation of their mission critical 
systems by the government-wide goal of March 31, 1999.
    As of November 13, 1998, all 25 internal mission critical systems 
have been renovated, 36 percent have completed all three levels of 
testing, and 20 percent have been implemented. Medicare contractors, 
while making progress, are still behind the government-wide goals. Over 
74 percent of external systems have been renovated, but none have 
completed testing or implementation. HCFA's independent verification 
and validation (IV&V) contractor estimates that 95 percent of external 
lines of code has been renovated, and the number of renovated systems 
should increase sharply in the next month.
    Virtually all critical systems at HHS will be subject to 
independent verification. In addition to using IV&V on HHS systems, 
HCFA is using an independent verification and validation contractor to 
assist in evaluating Y2K remediation efforts with the States. Data on 
State compliance remains inconsistent, and a recent GAO report (``Year 
2000 Computing Crisis: Readiness of State Automated Systems to Support 
Federal Welfare Program'') clearly suggests that more work needs to be 
done. However, HCFA's ability to require state compliance is limited by 
law.
    All operating divisions are developing contingency plans in case 
some mission critical systems fail in 2000. Of particular importance 
are HCFA's plans. One major contingency HCFA must plan for is external 
system contractors who are permitted under contract to notify HCFA as 
late as June 1999 that they will leave the Medicare program before 
January 1, 2000. This would leave HCFA with only six months to transfer 
workload to another contractor with little margin for error to deal 
with unanticipated problems. Given HCFA's lack of competitive 
contracting flexibility, the Administration strongly urges Congress to 
pass contracting reform legislation, which was transmitted on May 19, 
1998, as soon as possible to ensure that HCFA is able to contract with 
any qualified entity in the case of a claims processing system failure.
    Other HHS operating divisions have had mixed progress. Renovation 
has been completed for all operating divisions' mission critical 
systems except for the Centers for Disease Control (CDC), which had 
completed renovation on 9 of 15 systems; the Indian Health Service 
(IHS), which had not completed its sole system renovation; the National 
Institutes of Health (NIH), which had completed renovation on 6 of 10 
systems; and SAMHSA, which had not completed its sole system 
renovation. The majority of biomedical equipment with embedded chips 
are in IHS, which is still continuing its assessment. The bulk of 
facilities requiring assessment are at NIH and IHS, and assessment on 
telecommunications and information technology infrastructure continues.
    Data exchanges remain a concern because of the large numbers. HHS 
has a total of 218,407 data exchange interfaces, with HCFA accounting 
for 99 percent of them, mostly with Medicare contractors. Currently, 78 
percent of all HHS interfaces are compliant. With State entities, HHS 
reports a total of 1,121 data exchanges interfaces, an increase from 
850 reported in the August Quarterly Report; 75 percent are compliant.
            Department of State
    The Department of State faces a significant challenge in managing 
its complex Y2K project while, at the same time, completely replacing 
information systems installed around the world.
    The Department continues to make progress in renovating and 
replacing its 59 mission critical systems. State has now completed 
renovation on two-thirds of its mission critical systems. Validation 
and implementation continue. The Department has obtained additional 
contractor support to address two key concerns: overall Y2K program 
management and technical ``strike force'' expertise to assist in 
problem areas. While momentum is increasing and results are improving, 
the Department remains behind government-wide goals for overall 
compliance as well as renovation. Concern is growing over delays in 
repairing or replacing systems and the implications this may have on 
the progress that the Department must make in order to meet the March 
31, 1999 implementation goal. For example, slippage in renovating some 
of the Department's financial management systems continues to occur, 
although core financial management systems are now fully implemented. 
The Department must accelerate renovation and replacement if it is to 
meet the Department's own management goals. At the Department's current 
rate of progress, its ability to achieve Y2K compliance within the 
government-wide goals is in jeopardy.
    State has conducted a good assessment of a complex Y2K situation, 
particularly of its embedded systems, and is asserting a leadership 
role in providing Y2K support to U.S. operations overseas. State has 
made good progress in replacing and modernizing its worldwide, internal 
information and telecommunications infrastructure. This is particularly 
important, because State is the major provider of telecommunications 
services to U.S. government agencies operating overseas. Deployment of 
the ALMA (A Logical Modernization Approach) program is proceeding 
nearly on schedule and is critically important for posts to handle the 
Y2K transition.
            Department of Transportation
    The Department of Transportation's improved management oversight, 
combined with an accelerating rate at which the Federal Aviation 
Administration (FAA) is remediating air traffic control system 
components, is significantly mitigating risk. As of mid-November 1998, 
the Department-wide percentage of mission critical systems renovated 
stood at 95 percent, a significant improvement over the 64 percent 
reported in the previous quarter. However, with only 31 percent of its 
mission critical systems validated and 21 percent implemented, the 
Department continues to lag well behind the government-wide schedule.
    The FAA mirrors this improved trend with 99 percent of mission 
critical systems renovated, up from 59 percent in the last quarter. 
However, with 20 percent of its systems validated and 7 percent 
implemented, it remains significantly behind most agencies. To its 
credit, the FAA has paid serious attention to the Host computer system, 
which is the central operating system in each of the air traffic 
control centers, and to other critical air traffic control systems. It 
is proceeding with installation of new Host computers and has verified 
to a reasonable degree of certainty that the existing Host microcode is 
free of Y2K vulnerabilities which would affect the operational 
processing of flight and radar data. In addition, a date roll-back test 
was successfully demonstrated and serves as a contingency in the event 
that replacement efforts are delayed or that the Host system 
experiences unexpected Y2K problems. Notwithstanding this improvement, 
and given the number of systems which are not expected to be 
implemented until after March 1999, the FAA needs to continue to 
reevaluate its master schedule and make a concerted effort to 
accelerate its implementation schedule.
    The U.S. Coast Guard's continued careful management and operational 
attention to Y2K issues has also minimized risk, but its cost estimates 
have increased and two systems remain behind schedule. While still 
facing challenges, the Coast Guard continues to be well positioned to 
ensure continuity of its safety-related systems, although an increasing 
number of systems are falling behind schedule. The Department's other 
operating administrations seem to be on track to a smooth transition 
through and beyond the year 2000.
            U.S. Agency for International Development
    AID continues to make management improvements and has retained 
several contractors to assist project management including performing 
independent validation and verification of contractor deliverables. AID 
completed renovation of two additional systems and has begun the 
certification process. An expert systems and software management 
contractor provides project management assistance to AID and is 
performing assessments, renovations, validations, and implementation of 
other mission critical systems. Senior AID management has taken the 
lead in increasing agency-wide awareness of the Y2K problem. Renovation 
of AID's most important system is underway, including development of 
standard date/time processing functions and line-by-line assessment of 
the system. AID began its continuity of business planning process in 
August, identifying critical functions that must be supported and 
assessing the need for related contingency plans. The Agency has 
assumed a leadership role in performing year 2000 outreach and 
awareness training in the over 80 nations in which it operates, 
providing management assistance to host nations and other international 
aid organizations operating in these countries. The next months will be 
critical as AID faces many challenges in repairing the remaining four 
complex mission critical systems.
Tier Two Agencies
    For agencies in Tier 2, OMB sees evidence of progress, but also has 
concerns. The seven agencies in Tier 2 are: the U.S. Department of 
Agriculture, the Department of Commerce, the Department of Education, 
the Department of Justice, the Department of Labor, the Department of 
the Treasury, and the Office of Personnel Management. Two agencies, 
Housing and Urban Development and Department of the Interior, were 
moved from Tier 2 to Tier 3. One agency, the Department of Education, 
moved to Tier 2 from Tier 1. A summary of progress and concerns for 
Tier 2 agencies appears below.

                 TIER 2 AGENCIES--PROGRESS, BUT CONCERNS
------------------------------------------------------------------------
             Agency                    Progress            Concerns
------------------------------------------------------------------------
U.S. Department of Agriculture..  Management team     Pace of work must
                                   active. Good        increase if
                                   progress on         government-wide
                                   business            goals are to be
                                   continuity and      met, particularly
                                   contingency         with the Forest
                                   planning and        Service. Many
                                   independent         data exchanges
                                   validation and      issues remain to
                                   verification.       be worked out.
Department of Commerce..........  Overall, making     Lags behind
                                   progress. The new   government-wide
                                   CIO is providing    goals. Failed to
                                   leadership on the   complete 100
                                   year 2000 issue;    percent of
                                   undertaking IV&V    renovations by
                                   and contingency     government-wide
                                   planning; PTO has   goal (completed
                                   prepared a          only 86 percent
                                   contingency plan    of renovations).
                                   for the             All 9 of NTIS
                                   Classified Search   mission critical
                                   and Image           systems remain to
                                   Retrieval System    be renovated as
                                   which is not on     of November's
                                   schedule for        quarterly report.
                                   implementation      PTO still has 3
                                   prior to the        systems to repair
                                   government-wide     as of this
                                   goal of March       quarter's report.
                                   1999. NOAA has
                                   implemented an
                                   IV&V for mission-
                                   critical systems.
Department of Education.........  95 percent of the   The PELL system,
                                   Department's 175    which had slipped
                                   mission critical    on its renovation
                                   and noncritical     schedule by 5
                                   systems are Y2K     months in the
                                   compliant and       August quarterly
                                   implemented. The    report, is not
                                   Department has      anticipated to
                                   completed           complete
                                   renovation work     renovation until
                                   on all but one      December of 1998.
                                   mission critical    The Department
                                   system by this      has numerous data
                                   quarter's report.   exchanges with
                                   The remaining       state, local, and
                                   mission critical    private sector
                                   system--PELL,       entities which
                                   which operates      may be at risk
                                   the Federal         and will require
                                   grants program      additional
                                   for higher          oversight and end-
                                   education           to-end testing.
                                   students--is 98     The Department
                                   percent completed   recognizes this
                                   with renovation.    potential risk
                                   The Department      and has
                                   has been a leader   instituted
                                   in outreach         additional
                                   efforts to the      oversight and
                                   nation's            testing.
                                   elementary/
                                   secondary schools
                                   and post
                                   secondary
                                   institutions on
                                   Y2K projects and
                                   readiness
                                   assessments.
Department of Justice...........  Justice made        The Department
                                   significant and     remains behind
                                   accelerated         schedule and is
                                   progress on         at risk of
                                   renovation and      failing to meet
                                   implementation      compliance goals.
                                   during this         Only 54 percent
                                   quarter.            of mission
                                                       critical systems
                                                       are now compliant
                                                       and only 47
                                                       percent of the
                                                       systems have been
                                                       implemented. 11
                                                       systems are now
                                                       identified as not
                                                       meeting the March
                                                       1999 goal, up
                                                       significantly
                                                       from the three
                                                       reported last
                                                       quarter. Justice
                                                       has addressed
                                                       contingency
                                                       planning for only
                                                       5 of those
                                                       systems.
                                                       Additionally,
                                                       another 31
                                                       systems are 2
                                                       months behind the
                                                       Department's
                                                       internal
                                                       milestones.
                                                       Justice should
                                                       take aggressive
                                                       action to
                                                       identify,
                                                       remediate, and
                                                       test remaining
                                                       data exchanges.
Department of Labor.............  Good progress on    A large and
                                   renovations for     complex system,
                                   mission critical    the Consumer
                                   systems.            Price Index, will
                                   Renovation is       not be completed
                                   completed for 27    with renovation
                                   of 28 systems       until January
                                   with the last       1999. Five state
                                   system, the         employment and
                                   Consumer Price      security agencies
                                   Index, scheduled    (SESA's) which
                                   for completing      pay Unemployment
                                   renovation in       Insurance
                                   January 1999.       benefits are
                                   Renovation of the   either on ``high
                                   CPI is currently    alert'' or ``at
                                   98 percent          risk'' of not
                                   complete.           completing the
                                                       required Y2K
                                                       conversions by
                                                       January 1999.
                                                       Four additional
                                                       SESA's are
                                                       receiving an
                                                       increased level
                                                       of oversight. The
                                                       Department is
                                                       ensuring through
                                                       technical
                                                       assistance and on-
                                                       site monitoring
                                                       that sound
                                                       contingency plans
                                                       will be
                                                       operational for
                                                       the seven SESA's
                                                       at risk.
Treasury........................  Strong project      Rate of
                                   team in place.      renovation,
                                   Good progress on    validation, and
                                   embedded chip,      implementation
                                   telecommunication   must improve if
                                   s, contingency      the Department
                                   planning, and       and government-
                                   data exchange       wide goals are to
                                   issues.             be met for ATF.
                                                       IRS should
                                                       continue to focus
                                                       on its
                                                       implementation
                                                       strategy that
                                                       must take into
                                                       account the tax
                                                       processing
                                                       season.
Office of Personnel Management..  OPM continues to    As of the end of
                                   have senior         October, they
                                   management          were only at 54
                                   involvement and     percent for
                                   is on target        validation and
                                   according to        implementation,
                                   their schedule      which does meet
                                   and contingency     their internal
                                   planning is         schedule;
                                   underway.           however, this is
                                                       well behind
                                                       government-wide
                                                       goals.
------------------------------------------------------------------------

Tier Three Agencies
    There are now 11 agencies in Tier 3 (those making satisfactory 
progress), up from nine in the previous report. The Departments of 
Interior and of Housing and Urban Development were moved to Tier 3 from 
Tier 2. The other agencies in Tier 3 are the Social Security 
Administration, the Small Business Administration, the National Science 
Foundation, the Nuclear Regulatory Commission, the National Aeronautics 
and Space Administration, the General Services Administration, the 
Federal Emergency Management Agency, the Environmental Protection 
Agency, and the Department of Veterans Affairs.
Status of Small and Independent Agencies
    For the May 15, 1998 report, OMB asked 41 small and independent 
agencies to report on their Y2K progress. While OMB is continuing to 
work with all small and independent agencies as appropriate, OMB has 
asked only 9 such agencies to report quarterly on their progress. Those 
agencies are: the Federal Communications Commission, the Federal 
Housing Finance Board, the National Archives and Records 
Administration, the National Labor Relations Board, the Office of 
Administration in the Executive Office of the President, the Peace 
Corps, the Tennessee Valley Authority, the U.S. Postal Service, and the 
Office of the U.S. Trade Representative.
    In the last quarter, John Koskinen met with selected small and 
independent agencies, including NARA and the Office of Administration. 
OMB will ask all small and independent agencies to report again on 
February 15, 1999. Previously, OMB had asked for these reports on May 
15, 1999, but OMB has moved up the date in order to ensure a more 
complete picture of Federal progress before the March 1999 government-
wide goal.

                                                TABLE 3.--SUMMARY OF SMALL AND INDEPENDENT AGENCY REPORTS
--------------------------------------------------------------------------------------------------------------------------------------------------------
                                             No. MC    Total Cost
            Agency                No. MC    Systems        (in                       Progress                                   Concerns
                                 Systems   Compliant    millions)
--------------------------------------------------------------------------------------------------------------------------------------------------------
Federal Communications                 30         17        $14.8   Received additional funds from emergency   Move to new building addresses problems
 Commission.                                                         fund, while also using excess regulatory   with embedded systems, but complicates
                                                                     fees to fund efforts. Will obtain IV&V     other year 2000 work. Agency renovation
                                                                     contractor in January 1999. IG involved.   milestones call for two important
                                                                     Major licensing systems compliant.         systems used to monitor the Cable
                                                                     Contingency plans based on manual          Television industry to be completed in
                                                                     license processing or regulatory           October 1999. Rate of progress must be
                                                                     changes. FCC is the lead on President's    sustained, particularly in replacement
                                                                     Commission telecommunications efforts.     systems. FCC should consider becoming a
                                                                                                                member of the CIO Council's Working
                                                                                                                Group on Telecommunications.
Federal Housing Finance Board.          6          1           .34  New year 2000 Coordinator has been hired.  Deadlines for two mission critical
                                                                                                                systems have slipped. Progress on
                                                                                                                renovation, validation, and
                                                                                                                implementation must increase in order to
                                                                                                                meet government-wide goals. Weak
                                                                                                                contingency plan.
National Archives and Records          22  .........          5.7   Has moved up the schedule for one mission  NAIA began work late and is catching up,
 Administration.                                                     critical system that would otherwise       but probably not fast enough to meet the
                                                                     have missed the March 1999                 government-wide goals. Six mission
                                                                     implementation goal. Has begun             critical systems are still estimated not
                                                                     contingency planning for some systems;     to be renovated by March 1999.
                                                                     working on the security and                Contingency planning has not begun for
                                                                     environmental control systems at the       these.
                                                                     various Presidential Libraries; has
                                                                     joined the building Systems Working
                                                                     Group.
National Labor Relations Board         29         14    \11\ 14.2   With move to contingency plan, NLRB is     3 systems have fallen behind schedule. In
                                                                     projecting that all systems will meet      response NLRB plans to move to its
                                                                     the March 1999 goal.                       contingency plan for those systems, by
                                                                                                                having them repaired instead of
                                                                                                                replaced. NLRB has completed only 93
                                                                                                                percent of assessment and 20 percent of
                                                                                                                renovation. No plan for IV&V. Should
                                                                                                                participate in the Year 2000 Building
                                                                                                                and Telecommunications Groups.
Office of Administration, EOP.         86          1         17.1   A new project management team in place     Behind government-wide goals; virtually
                                                                     has established a management strategy;     all work is scheduled to be accomplished
                                                                     received funding from the emergency        in fiscal year 1999.
                                                                     fund; work is underway. Senior White
                                                                     House management team is briefed weekly
                                                                     on progress. The EOP-wide Information
                                                                     Technology Management Team (an oversight
                                                                     entity) reviews progress monthly.
Peace Corps...................         17         13         17.1   Payroll and personnel processing will      Needs to accelerate validation and
                                                                     shift to USDA by June 1999. Renovation     implementation. FMS projected to be
                                                                     of 15 critical systems has essentially     implemented in June 1999. Has incurred
                                                                     been finished, and final user acceptance   additional costs related to
                                                                     testing is scheduled for December.         unanticipated delay in replacing FMS.
                                                                     Repair of two remaining systems has been   Dependent on foreign banks for
                                                                     outsourced. A contract to renovate the     disbursement--has received information
                                                                     Financial Management System (FMS) was      from banks in 82 percent of host
                                                                     awarded in August. All non-critical        nations. Heavy reliance on State
                                                                     systems will be renovated by November      Department for disbursements and
                                                                     and tested by January 1999. Working with   telecommunications services. Peace Corps
                                                                     State, Treasury, and Labor Departments     is concerned that communications status
                                                                     to correct data exchanges. Cooperating     in many posts remains unresolved and
                                                                     with international agencies and            requires contingency plans.
                                                                     organizations to assess overseas issues.
                                                                     Completed embedded systems inventory.
                                                                     Good contingency and continuity planning
                                                                     process. Will begin a user verification
                                                                     process in December.
Tennessee Valley Authority....        488        169         37     The number of compliant, mission critical  The majority of work remains to be done.
                                                                     systems has risen to 169 from the 104
                                                                     reported last quarter. Business
                                                                     continuity plan under development.
U.S. Postal Service...........        155         90        607     The USPS is making good progress in        USPS has a substantial challenge given
                                                                     addressing the problem, having increased   its size, the criticality of its mission
                                                                     its number of compliant, mission           to other organizations, and the
                                                                     critical systems from 56 to 90 in the      potential role it will play in
                                                                     last quarter.                              contingency plans of organizations. USPS
                                                                                                                should take steps to work cooperatively
                                                                                                                on continuity of business plans with
                                                                                                                those agencies which are highly
                                                                                                                dependent on USPS.
U.S. Trade Representative, EOP          6  .........          1.2   Received emergency funding. USTR is        Testing identified potential conflict
                                                                     replacing entire LAN/desktop               between one database being repaired and
                                                                     infrastructure. Critical systems are       USTR's new operating system; this may
                                                                     standard COTS office support packages or   require replacement of the former.
                                                                     simple databases that are being            Additional work required on data
                                                                     renovated. Geneva offices will be          exchanges. Continuity of business
                                                                     compliant in November. Will award task     planning just beginning.
                                                                     order in December for IV&V services.
--------------------------------------------------------------------------------------------------------------------------------------------------------
\11\ Represents fiscal year 1998, 1999, and 2000 costs.

                               Appendix A

                        TABLE 1.--AGENCY GOALS FOR COMPLIANCE OF MISSION CRITICAL SYSTEMS
----------------------------------------------------------------------------------------------------------------
                                                              Assessment  Renovation  Validation  Implementation
                                                                 Date        Date        Date          Date
----------------------------------------------------------------------------------------------------------------
Gov't-wide..................................................      Jun 97      Sep 98      Jan 99        Mar 99
Agriculture.................................................      Oct 97      Sep 98      Jan 99        Mar 99
Commerce....................................................      Mar 97      Sep 98      Jan 99        Mar 99
Defense.....................................................      Jun 97      Jun 98      Sep 98        Dec 98
Education...................................................      Nov 97      Sep 98      Jan 99        Mar 99
Energy......................................................      Jan 97      Sep 98      Feb 99        Mar 99
HHS.........................................................      Sep 98      Dec 98      Feb 99        Mar 99
HUD.........................................................      Jun 97      Sep 98      Jan 99        Mar 99
Interior....................................................      Mar 97      Sep 98      Jan 99        Mar 99
Justice.....................................................      Jun 97      Jul 98      Oct 98        Jan 99
Labor.......................................................      Jun 97      Sep 98      Jan 99        Mar 99
State.......................................................      Jun 97      Sep 98      Jan 99        Mar 99
Transportation..............................................      Aug 97      Sep 98      Jan 99        Mar 99
Treasury....................................................      Jul 97      Oct 98      Dec 98        Dec 98
VA                                                                Jan 98      Sep 98      Jan 99        Mar 99
AID.........................................................      Nov 97      Mar 99      Jun 99        Sep 99
EPA.........................................................      Jun 97      Sep 98      Jan 99        Mar 99
FEMA........................................................      Jun 97      Sep 98      Jan 99        Mar 99
GSA.........................................................      Jun 97      Nov 98      Dec 98        Jan 99
NASA........................................................      Aug 97      Sep 98      Jan 99        Mar 99
NRC.........................................................      Sep 97      Sep 98      Jan 99        Mar 99
NSF.........................................................      Jun 97      Sep 98      Jan 99        Mar 99
OPM.........................................................      Jun 97      Oct 98      Jan 99        Jan 99
SBA.........................................................      May 97      Sep 98      Sep 98        Sep 98
SSA.........................................................      May 96      Sep 98      Dec 98        Jan 99
----------------------------------------------------------------------------------------------------------------
Note: Italicized dates are later than the dates indicated in the previous report. Bolded dates are earlier than
  the dates indicated in the previous report.


                            TABLE 2.--PROGRESS ON STATUS OF MISSION CRITICAL SYSTEMS
----------------------------------------------------------------------------------------------------------------
                                                                    Mission Critical Systems
                                               -----------------------------------------------------------------
                                                                                              Number
                                                  Total      Number    Percent     Number     Still      Number
                                                  Number   Compliant   of Total    Being      Being      Being
                                                                                  Replaced   Repaired   Retired
----------------------------------------------------------------------------------------------------------------
Agriculture...................................        362        234         65         41         79          8
Commerce......................................        458        367         80         33         57          1
Defense.......................................      2,581      1,352         53        102      1,014        113
Education.....................................         14          9         64  .........          5  .........
Energy........................................        420        210         50         86         87         37
HHS...........................................        300        147         49         25        117         11
HUD...........................................         62         45         73          6         10          1
Interior......................................         92         75         82          2         15  .........
Justice.......................................        223        121         54         18         83          1
Labor.........................................         61         41         67         11          9  .........
State.........................................         59         27         46         20         12  .........
Transportation................................        613        311         51         61        236          5
Treasury......................................        323        204         63         26         88          5
VA............................................        319        231         72          2         86  .........
AID...........................................          7          1         14          2          4  .........
EPA...........................................         58         52         90  .........          5          1
FEMA..........................................         46         39         85          4          3  .........
GSA...........................................         58         51         88          1          6  .........
NASA..........................................        157        119         76          6         29          3
NRC...........................................          7          4         57          1          2  .........
NSF...........................................         17         15         88  .........          2  .........
OPM...........................................        109         66         61          7         36  .........
SBA...........................................         42         42        100  .........  .........  .........
SSA...........................................        308        306         99          1  .........          1
                                               -----------------------------------------------------------------
      TOTAL...................................      6,696      4,069         61        460      1,986        187
----------------------------------------------------------------------------------------------------------------


                           TABLE 3.--STATUS OF MISSION CRITICAL SYSTEMS BEING REPAIRED
----------------------------------------------------------------------------------------------------------------
                                                              Assessment  Renovation  Validation  Implementation
                                                   Number of    Percent     Percent     Percent       Percent
                                                    Systems    Complete    Complete    Complete      Complete
----------------------------------------------------------------------------------------------------------------
Agriculture......................................        270         100          95          78            71
Commerce.........................................        155         100          86          67            66
Defense..........................................      1,592         100          86          47            36
Education........................................         14         100          93          64            64
Energy...........................................        168         100          88          54            48
HHS..............................................        158         100          77          17            21
HUD..............................................         41         100         100          76            69
Interior.........................................         85         100          96          93            82
Justice..........................................        157         100          89          67            47
Labor............................................         28         100          96          68            68
State............................................         13         100          69          46             8
Transportation...................................        295         100          95          31            21
Treasury.........................................        233         100          87          71            63
VA...............................................        317         100          99          88            73
AID..............................................          5         100          60          20            20
EPA..............................................         29         100         100          86            83
FEMA.............................................         15         100         100          87            80
GSA..............................................         23         100          74          74            74
NASA.............................................        101         100          99          79            71
NRC..............................................          4         100         100          50            50
NSF..............................................         10         100         100          90            80
OPM..............................................         78         100         100          54            54
SBA..............................................         42         100         100         100           100
SSA..............................................        289         100         100          99            97
                                                  --------------------------------------------------------------
      TOTAL......................................      4,122         100          90          60            52
----------------------------------------------------------------------------------------------------------------


                                 TABLE 4.-- AGENCY YEAR 2000 COST ESTIMATES \12\
                                                  [In millions]
----------------------------------------------------------------------------------------------------------------
                                                       1996      1997      1998      1999    2000 \13\    TOTAL
----------------------------------------------------------------------------------------------------------------
Agriculture........................................       2.7      16.9      62.1      71.9        7.8     161.4
Commerce...........................................       2.6      12.4      35.6      55.8        6.5     112.9
Defense............................................      22.8     377.7   1,236.8     817.3       92.2   2,546.8
Education..........................................        .1       1.4      19.5      20.7        3.8      45.5
Energy.............................................       1.0      20.0      85.7      68.1       19.9     194.7
HHS................................................       7.2      32.1     149.9  \14\ 285  \15\ 200.     674.5
                                                                                         .3          0
HUD................................................        .7       6.2      20.8      23.2        6.2      57.1
Interior...........................................        .2       2.8      10.6      57.8         .7      72.1
Justice                                                   1.5       7.1      34.8      33.2        1.3      77.9
Labor..............................................       1.7       5.4      14.5      25.4       10.0      57.0
State..............................................        .5      49.3      63.1      57.9        6.8     177.6
Transportation \16\................................        .4      11.2     121.9     100.7        6.0     240.2
Treasury \17\......................................       8.4     200.2     592.7     460.6      261.2   1,523.1
VA.................................................       4.0      22.0      73.0      93.0       11.0     203.0
AID................................................       1.1       3.0      18.3      23.9        3.2      49.5
EPA................................................        .8       5.3      11.5      18.6        1.0      37.2
FEMA...............................................       3.8       4.4       3.0       8.3         .5      20.0
GSA................................................        .2        .8       8.7      24.0  .........      33.7
NASA...............................................        .1       6.4      28.2      11.1         .9      46.7
NRC................................................  ........       2.4       4.0       3.9         .6      10.9
NSF................................................  ........        .5        .8        .1         .0       1.4
OPM................................................       1.7       2.1       9.2       2.2         .7      15.9
SBA................................................       1.7       3.3       2.7       2.8         .5      11.0
SSA................................................       2.2      13.3      12.2       5.0         .5      33.2
                                                    ------------------------------------------------------------
      TOTAL........................................      65.4     806.2   2,619.6   2,270.8      641.3   6,403.3
----------------------------------------------------------------------------------------------------------------
\12\ These estimates do not include the Federal share of costs for State information systems that support
  Federal programs. For example, the Agriculture total does not include the potential 50 percent in Federal
  matching funds provided to States for Food and Consumer Services to correct their Y2K problems.
\13\ Fiscal year 2000 estimates are based on an ongoing review of agency requirements and do not reflect final
  budget decisions.
\14\ Fiscal year 1999 approved Y2K plan calls for $285.3 million to be spent. Other HHS proposals for spending
  additional funds in fiscal year 1999 are being reviewed by OMB.
\15\ HHS' fiscal year 2000 costs will likely be between $200 and $500 million. The $200 million shown above
  represents a ``current best'' estimate. HHS' total estimate to OMB (reported November 15, 1998) for likely
  fiscal year 2000 costs was $575 million. OMB will continue to work with HHS on assessing Y2K funding
  requirements.
\16\ Does not include $81.3 million in non-Y2K costs funded with emergency supplemental funds from the
  Information Technology and Related Expenses Account.
\17\ Does not include $91.7 million in non-Y2K costs funded with emergency supplemental funds from the
  Information Technology and Related Expenses Account.

                                 ______
                                 
                               Appendix B

                 KEY FEDERAL WEB SITES ON THE YEAR 2000
------------------------------------------------------------------------
                   Site                                  URL
------------------------------------------------------------------------
President's Council on Year 2000            http://www.y2k.gov
 Conversion.
Federal CIO Council.......................  http://cio.gov
Year 2000 Information Directory...........  http://www.itpolicy.gsa.gov/
                                             mks/yr2000/y2khome.htm
FDA--Biomedical Devices and Laboratory      http://www.fda.gov/cdrh/
 Equip-  ment.............................   yr2000/html
Small Businesses Administration...........  http://www.sba.gov/y2k
Year 2000 Compliant COTS Products.........  http://y2k.policyworks.gov/
GSA Telecommunications Information........  http://y2k.fts.gsa.gov/
Year 2000 Status Vendor Product Database..  http://globe.lmi.org/lmi--
                                             pbs/y2k products/
------------------------------------------------------------------------

                                 ______
                                 
                               Appendix C
  Agency Exception Reports of Mission Critical Systems Behind Schedule
U.S. Department of Agriculture
    Two systems from the Animal and Plant Health Inspection Service are 
reported behind the government-wide goals for the first time. The 
Licensing the Registration Information System tracks the validity of 
licenses, registrants, and inspection records about the Animal Welfare 
Act. The renovation phase is to be completed by the end of December and 
implementation is expected by the end of March 1999. The Integrated 
Systems Upgrade Project supports administrative, financial, and 
personnel functions and the required transmittals to financial 
entities. The Renovation phase is to be completed by the end of January 
1999. Implementation is expected by March 1999.
    Several systems continue to be scheduled for implementation after 
March 1999. The Census of Agriculture is carried out every five years. 
The new system which supports the Census will be ready for the next 
census which begins in 2001. The Accounts Receivable System keeps 
subsidiary transaction level accounts for producers who were once 
insured directly by the agency. This includes all of the billing, 
payment, and indemnity information, and subsequent adjustments. This 
system is scheduled for retirement on September 30, 1999.
    The Debt Management System handles all phases of debt processing 
including due process, interest attachment, establishment of a debt 
account, debt reporting interfaces with the Internal Revenue Service, 
credit reporting agencies, and credit bureaus and 10 year write-off 
processes. It is scheduled for shut down on September 30, 1999.
    The Federal Tax Refund Offset program (FTROP) is a program to 
collect delinquent accounts owned to the Government by individuals due 
to fraud or household error in the Food Stamp Program. While this 
system is not deemed mission-critical by the Department and is not 
date-driven, it does have a sunset date of December 31, 1999. USDA 
cannot proceed independently from the Department of Treasury. This 
system is scheduled to be implemented December 1999.
    The Financial Accounting and Reporting System (FARS) manages 
internal funds control and reporting. The vendor has revised its 
estimated completion date to be due on October 1, 1999.
    The Cotton On-line Processing System monitors cotton inventories 
and price support loans. It also maintains electronic receipts and 
keeps track of benefits. The Department has approved a replacement 
strategy, and its completion is scheduled for July 1999.
    The Department provided no information on its contingency planning 
for these systems.
Department of Commerce
    The Patent and Trademark Office reports that the Classified Search 
and Image Retrieval (CSIR) system will not be Y2K compliant by March 
31, 1999. The CSIR provides patent examiners with the capability to 
electronically search and retrieve U.S. patent images from their 
desktop workstations. PTO indicates that the CSIR system will be 
compliant by June 30, 1999. This system is delayed due to the 
contractor's inability to place qualified staff on the task. A 
contingency plan was submitted on August 14, 1998 for this system.
Department of Defense
    The Department of Defense reports 65 mission critical systems are 
behind schedule for fixing the Y2K problem. This is an increase of 14 
from the previous quarter. In addition, Defense reports that 60 mission 
critical systems will miss the March 1999 goal for being fixed, a 
decrease of 9 systems from the 69 reported in August. No systems that 
support the Intelligence community are included in the counts, since 
the report is unclassified. As a result, the actual number of 
exceptions for the portion of the Department reporting is slightly 
greater in this report than was previously reported. This is due to 
unforeseen problems being identified during testing of some large, 
complex systems with many interfaces. Although the Department reported 
that contingency plans were in place for a large number of systems, the 
Department provided no information on the status of contingency 
planning for many systems behind schedule.
Department of Education
    In the May quarterly report, Education reported two systems which 
had fallen two or more months behind schedule: (1) the Title IV Wide 
Area Network (TIVWAN), and (2) the National Student Loan Data System 
(NSLDS). TIVWAN had slipped from a renovation date of 2/98 to 8/98 and 
NSLDS had slipped from a renovation date of 6/98 to 8/98. In the August 
quarterly report, both of these systems had completed their renovation 
phases as scheduled and are no longer listed as exceptions. Also in the 
August quarterly report Education listed three systems which have 
fallen two or more months behind schedule: the Impact Aid Payment 
System, the Education Local Area Network, and the Pell Recipients' 
Financial Management System. For the Impact Aid Payment System, which 
is a replacement system, the renovation phase has been completed, but 
the validation and implementation phases have slipped by three and two 
months respectively from June 1998 to September 1998, and from July 
1998 to September 1998--both phases of which have been completed as 
this quarter's report.
    For the Education Local Area Network, the renovation phase 
completion date had slipped by two months from September 1998 to 
November 1998 in the August report, but has been completed as of this 
quarter's report. The Pell System renovation phase remains due for 
completion in December 1998. Education has currently completed 98 
percent of the work necessary to finish the renovation phase for the 
Pell System. The Department has drafted contingency plans for all 
systems and will finalize these plans by March 1999. In addition, the 
testing of these plans is scheduled to be completed by the end of June 
1999.
Department of Energy
    In the August quarterly report, the Department had identified six 
systems with implementation dates beyond the March 1999 milestone. 
These six systems remain with implementation dates beyond the March 
1999 milestone in this quarter's report and are joined by a seventh. 
The seven systems are at three DOE facilities--Sandia National Lab, 
Idaho National Engineering Laboratory, and Savannah River. At the 
Sandia National Laboratories, the Oracle Financial System was 
previously reported with an implementation date of October 31, 1999. 
That date has been moved up to be in compliance with the government-
wide goal of March 31, 1999. However, a new system has been identified 
with an implementation date of August 31, 1999--the Enhanced BadgeWorks 
system which is the identification and access control system for the 
Lab.
    At the Idaho National Engineering Laboratory, the one new system 
identified for implementation after March 31, 1999 is the New Waste 
Calcining Facility Distributed Control System (NWCF-DCS). This system's 
renovation will require a shut down of the facility for a short period, 
and therefore implementation is scheduled for June of 1999.
    At the Savannah River site there are five systems. The Nuclear 
Materials Stabilization Program Operations System (implementation date 
of September 30, 1999), the Tank Farm Process Control System 
(implementation date of October 31, 1999), the Tank Farm Manufacturing 
Support System (implementation date of August 19, 1999), the Defense 
Waste Processing Facility Process Control System (implementation date 
of October 31, 1999) and the Defense Waste Processing Facility 
Manufacturing Support System (implementation date of October 31, 1999).
    These are the seven systems reported by the Department in its 
November quarterly report. In addition, however, the Department tracks 
progress against its own milestones and has identified 25 systems (out 
of 420) that are behind their internal baseline schedule milestones by 
more than 60 days. These systems required a change control process to 
rebaseline their schedule. Of these 25 systems, none are anticipated to 
miss the implementation date of March 1999; however, 11 of the systems 
are anticipated to complete validation in February rather than the 
government-wide goal of January 1999.
    The Department indicated that contingency plans for all of these 
systems are to be completed by December 15, 1998.
Environmental Protection Agency
    EPA reports in their November quarterly report that the Air Quality 
(AQ) Subsystem of the Aerometric Information Retrieval Systems (AIRS) 
is experiencing delays. Accordingly, renovation which had been 
scheduled for November 1998 would not be achieved, and therefore 
implementation of a reengineering AQ Subsystem was in danger of not 
meeting the March 1999 goal. The other three Subsystems of AIRS have 
either completed implementation or are on schedule. To forestall the 
potential that the AQ Subsystem does not meet the March 1999 goal, a 
decision was made to renovate the existing AQ Subsystem to AIRS and use 
that until work is completed on the reengineered AQ Subsystem. 
Renovation and validation of the existing AQ Subsystem to AIRS is now 
scheduled to be completed by January 1999. The Department considers the 
renovation of the existing AQ Subsystem to be the implementation of a 
contingency plan in the event that the reengineered AQ Subsystem 
continues to experience delays.
General Services Administration
    The General Services Administration had previously identified one 
system, the Acquisition Management Program (AMP), as being delayed by 
more than two months, slipping from May 1998 to October 1998. AMP is 
used to manage the funds used to acquire vehicles at Fleet Management 
Centers throughout the nation. AMP became Y2K compliant in August and 
was implemented on October 1, 1998.
Department of Health and Human Services
    In the August quarterly report, four Health Care Finance 
Administration (HCFA) external systems (that is, systems run by 
Medicare contractors) were reported with scheduled implementation dates 
two or more months behind the HHS internal goal of December 31, 1998. 
HCFA has worked with Medicare contractors to develop revised schedules, 
which meet the Department's internal goal, for three of these four 
systems. The three Medicare contractors which have revised their 
schedules are Blue Cross/Blue Shield of Arkansas (Part B); Blue Cross/
Blue Shield of Arkansas, New Mexico, and Oklahoma (Part B); and Blue 
Cross/Blue Shield of New Hampshire and Vermont (Part A). The fourth 
previously reported system, Trigon Blue Cross/Blue Shield of Virginia 
(Part A), is still scheduled for completion after the Department's 
internal goal, but with a revised implementation date of February 18, 
1999 (one month earlier than the previously reported March 31, 1999 
date).
    The three Program Support Center systems reported behind the 
internal HHS goal in the August quarterly report--the Current Payroll/
Personnel System, the Automated payment Adjustment System, and the Debt 
Collection System--remain behind the HHS internal goal with the 
previously reported scheduled implementation dates of February 28, 
1999. All three systems have been renovated as of September 30, 1998. 
The February implementation dates were established to allow for 
extensive interface testing.
    In the August quarterly report, three HCFA external systems were 
reported with scheduled implementation dates behind the government-wide 
goal of March 1999. HCFA has worked with the Medicare contractors to 
develop revised schedules, which meet the government-wide goals as well 
as the Department's internal schedule. These systems are the Associated 
Hospital Services of Maine (Part A), the HW Medicare Services (Part A) 
and Blue Cross of California--all of which have moved their 
implementation dates back into December of 1998.
    The Department also had previously reported one Health Resources 
Services Administration (HRSA) system, the Organ Procurement 
Transplantation Network (OPTN) with a scheduled implementation date of 
April 1999, as behind the government-wide goal. HRSA has worked with 
the contractor to revise the OPTN scheduled implementation date to 
January 1, 1999.
    Although the Department provided no information on its contingency 
planning for these systems, the Department has begun to develop 
contingency plans for key business areas.
Department of the Interior
    In the previous report, the Department reported four systems 
behind; all are now back on schedule. Specifically:
    The Supervisory Control and Data Acquisition (SCADA) System for the 
Colorado River Storage Project within the Bureau of Reclamation, which 
is used to manage the Glen Canyon Dam's Power plant and water flow, is 
now back on schedule. In the August report, this system was discussed 
primarily because the preliminary estimates to renovate the system were 
significantly higher than anticipated. A statement of work was 
developed requiring a three-phase effort to reassess costs, make 
repairs, and test the system for Y2K compliance. Additionally, a waiver 
to the Dual-Compensation Act has been granted for 10 Power plant 
Operators as part of a contingency plan that will allow all of the 
bureau's dams to be operated in a manual mode. Currently all of the 
bureau's continuity of operations manuals are being reviewed with 
regard to Y2K impact. Validation is expected to be completed in 
December 1998, while implementation is to be completed by March 1999.
    The Global Seismic Network (GSN) of the U.S. Geological Survey 
collects and provides data from the global digital seismic network to 
incorporated research institutions. This system is integrated with the 
global positioning system and includes information on earthquake 
assessments, oil drilling distribution and maintenance and water 
resource management. Earlier schedule and budget estimates for GSN were 
based on data that was incomplete relative to the severity of several 
problems in the field system operating software; current data indicates 
that the system is back on schedule. Validation of this system was 
completed in October. The system is currently 25 percent implemented.
    The Seismic Event Data Analysis System (SEDAS) of the U.S. 
Geological Survey contains information pertaining to earthquakes 
throughout the world. It is used by USGS researchers for information 
dissemination. Earlier schedule and budget estimates for SEDAS were 
based on inaccurate information. This system has now been successfully 
renovated. Validation is at 90 percent and with a new implementation 
schedule of December 1998, this system will no longer be reported as an 
exception.
    The U.S. National Seismograph Network (USNSN) of the U.S. 
Geological Survey (USGS) provides the hardware and the software for the 
Water Resources Division of USGS for scientific, accounting, and 
personnel information. Earlier schedule and budget estimates for USNSN 
were revised after determining that there is a much more comprehensive 
method for testing and validating total system Y2K compliance than was 
originally envisioned. The slip in the validation schedule is due to 
expanded testing of the system and revisions to the testing schedule 
itself. This system has now been successfully renovated and validated. 
Currently, implementation is at 90 percent, and with a new 
implementation schedule of November 1998, it will no longer be reported 
as an exception.
Department of Justice
    The most recent quarterly report shows a total of 28 systems that 
will miss internal Justice milestones for assessment, renovation or 
validation. The Department states that all these systems will meet the 
government-wide March 1999 goal.
    Justice has identified eleven mission critical systems that will 
miss the March 1999 implementation goal--an increase from the three 
systems reported in August. The Executive Office of the United States 
Attorneys (EOUSA) identified three systems that will not be fully 
implemented until June 1999. Two of these are case tracking systems 
that will be renovated in January 1999. The third system is EOUSA's 
office automation suite that already has been renovated and is being 
deployed on new Y2K compliant personal computers. The Executive Office 
of United States Trustee's (EOUST) case management system, known as 
USTARS, experienced contractual delays related to procurement of 
hardware systems. EOUST expects implementation of USTARS to begin in 
March 1999 and be completed in October 1999. These three systems have 
contingency plans which have been reviewed by the IV&V contractor.
    The Justice Management Division (JMD)'s Debt Management System 
accounts for, disburses and reports on funds collected through various 
Justice financial litigation and collection efforts. The Debt 
Management System is being replaced at the end of its life cycle with a 
new module on the Department's core financial system. However, 
development of the module was delayed by difficulties in obtaining 
programmers. JMD expects the module to be implemented by September 
1999. This system has no contingency plan, but Justice plans to have 
one in place by December 31, 1998.
    The National Drug Intelligence Center is working with the Navy to 
replace its External Communications System with the Y2K compliant 
Defense Message System by June 1999. This system is expected to have a 
contingency plan in place by January 1999.
    Two Office of the Inspector General systems will also not meet the 
March 1999 goal. Renovation of the first system, the Investigations 
Data Management System, was delayed because its host platform and 
supporting software must be replaced. A contingency plan has been 
developed. For the second system, Inspector General Network for 
Information and Telecommunications Exchange (IGNITE), Justice lacks 
funding to replace the network operating system and other network 
components required to make systems Y2K compliant. No date or funding 
has been identified to upgrade IGNITE. A contingency plan has been 
reviewed by an IV&V contractor and is in place.
    As reported last quarter, the Federal Bureau of Investigation's 
(FBI's) Digital Monitoring Workstations support investigative 
collections for authorized foreign counterintelligence surveillance and 
were found to be non-Y2K compliant. The FBI is replacing the twelve 
systems at the rate of approximately one per month and should be fully 
implemented by August 1999. A contingency plan has been prepared and 
has been reviewed by an IV&V contractor.
    The Immigration and Naturalization Service (INS) has decided to 
perform replacement of its mission critical Local Area Network and its 
non-mission critical workstation/office automation upgrades 
simultaneously. Because a large number of sites are involved, INS will 
be unable to complete replacement of this infrastructure until July 
1999. There is no contingency plan for this system.
    Finally, Justice is replacing the Card Key System for its 
Washington, DC headquarters as part of the building's overall 
renovation that will extend beyond the March 1999 goal. Contingency 
plans have been developed but have not yet been reviewed by the IV&V 
contractor.
Social Security Administration
    The Integrated Image-Based Capture System is a stand-alone system 
located in Wilkes-Barre, Pennsylvania that scans paper W-2 forms and 
converts them into electronic format for entry into the Annual Wage 
Reporting System. This system supports the annual tax year operation 
that begins in February of each year and continues until all of the 
paper W-2 forms are processed in September. The application software 
has been renovated to be Y2K compliant and is being implemented for tax 
year 1998 processing, which begins in February 1999. Y2K compliant 
workstations are also being installed. In order for the entire system 
to be Y2K compliant, commercial-off-the-shelf (COTS) software must be 
upgraded to Y2K compliant versions, which are now available. The COTS 
products have been procured and will be implemented for tax year 1999 
processing, because once processing begins changes cannot be made to 
the system until the following tax year operation. Accordingly, the 
COTS infrastructure will be implemented for testing in March 1999. 
Testing of the entire system will continue through August 1999 for 
implementation for tax year 1999 processing, which begins in February 
2000. SSA does not expect difficulties in implementing the COTS 
products for tax year 1999, but if difficulties arise, SSA has a 
contingency plan to use a backup system for data entry of the paper W-2 
forms; this system is Y2K compliant.
State Department
    The State Department has identified one system as not meeting the 
March 1999 goal for implementation. The Travel Document Issuance System 
is expected to be initially installed at its first site in November 
1998. After initial evaluation, the application will be installed at 
other domestic passport agencies. State expects the system to be fully 
deployed by August 1999. A contingency plan has been developed.
    In an improvement from the previous report, the Department has 
taken steps to accelerate deployment of ALMA (A Logical Modernization 
Approach) upgrades to over 230 State Department posts worldwide and 
anticipates that installation will be completed by March 1999. A number 
of Consular Affairs mission critical systems, including the Automated 
Citizen Services function, Modernized Immigrant Visa system, and Non-
Immigrant Visa and Computer Assisted Processing systems are being 
deployed concurrently with installation of the ALMA package. As of 
October 23, 1998, ALMA has been deployed to 136 posts worldwide. State 
is preparing continuity of business plans should any posts or embassies 
not have ALMA installed in time to meet the millennium.
    In the August 1998 Quarterly Report, State Bureau of Administration 
identified the Supply Automated Receiving System (SARS), Enhanced 
Automated Procurement System (EAPCS), Mail Sorting Equipment Network 
(MSE), and the Electronic Receipts System (ERS) as slipping more than 
two months beyond their September renovation milestones. ERS has now 
completed renovation. The remaining systems are now expected to be 
renovated in early 1999 and implemented in March 1999. Also in the 
August report, the Office of Personnel's Medical Archiving Retrieval 
System (MARS), which was behind the September 1998 renovation 
milestone, has now been reclassified as a non-mission critical system.
    In November, the State Department identified a number of other 
systems that have experienced schedule slippage, but are all expected 
to meet the March 1999 implementation goals. The Consular Affairs 
Bureau's IVAMS and DCARS were delayed because contracts to renovate 
these applications took longer to award than envisioned. The Finance 
and Management and Policy Bureau Budget System will be implemented in 
December rather than September, but the most critical modules began 
validation in October. The Paris Accounting and Disbursing System will 
miss the renovation and validation dates because of project management 
and technical difficulties, but is expected to be completed in March 
1999.
    The Department decided to repair rather than replace the System 
Integrity/Crypto Inventory System (SI/CRYPTO) system which is now 
scheduled for completion in March 1999. State decided to implement the 
contingency plan for SI/CRYPTO now to ensure the function is adequately 
supported. A reassessment of the Telegram Distribution System (TeDS) 
was performed after questions were raised with the original assessment. 
Renovation will begin in late November and implementation should be 
completed in March 1999. Although Terminal Equipment Replacement 
Program (TERP V) completed its validation in October, deployment and 
implementation of the application will probably extend into March 1999, 
two months past its scheduled date. All of these systems have 
contingency plans.
Department of Transportation
    The Federal Aviation Administration (FAA) is faced with a 
significant challenge in validating and implementing hundreds of 
systems, particularly air traffic control systems which require 
extensive end-to-end testing. At the present time, the FAA estimates 
that 61 systems will not be implemented by March 1999, a number of 
which are critical to FAA's telecommunications and data exchange 
infrastructure. The FAA presently expects to complete validation 
activities by March 1999 and implementation activities by June 1999. As 
stated in the main report above, the FAA needs to continue to 
reevaluate its master schedule and make a concerted effort to 
accelerate its implementation schedule. The U.S. Coast Guard reports 
that two systems remain behind schedule, but significant progress has 
been made on its safety related systems. The Department has contingency 
plans in place.
Department of Treasury
    The Department currently has three systems within the Bureau of 
Alcohol, Tobacco, and Firearms (ATF) that will be implemented after the 
March goal. Contingency plans for these systems have been completed and 
approved for implementation should it become necessary to do so.
    The Federal Excise Tax System (FET) manages the collection of 
Federal excise taxes on alcohol, tobacco, and firearms. This system was 
previously assessed as compliant. However, when certification testing 
began, it was determined that the system was not compliant and that 
replacement was necessary. This system is currently scheduled for 
implementation on July 16, 1999.
    The Firearms Licensing System (FLS) processes Federal firearms 
licenses, Federal explosive licenses, letters, and electronic data for 
out of business dealers pertaining to the aforementioned items. This 
system was previously assessed as compliant. However, when 
certification testing began, it was determined that the system was not 
compliant and that replacement was necessary. FLS is currently 
scheduled for implementation on July 31, 1999.
    The Alcohol and Tobacco Database (A&T) is used to track smuggling 
and smuggler of alcohol and tobacco products. The database tracks 
surveillance and related events. The system provides criminal 
enforcement and regulatory enforcement users with detailed information 
related to illegal activities of wholesalers, distillers, and 
distributors. A&T is currently scheduled for implementation on May 26, 
1998.
Agency for International Development
    AID and a contractor reviewed the agency's plans and requirements 
for addressing their mission critical systems and adjusted project 
schedules based on a number of factors. As a result of this review and 
adjustment, four AID mission critical systems will be implemented after 
the March 1999 goal. While renovation of the Mission Accounting and 
Control System (MACS) was just completed, validation and implementation 
will not be completed until April and May of 1999. AID is taking steps 
to accelerate this process by establishing more aggressive timetables 
for deployment of operating systems, completion of hardware upgrades 
and pre-deployment testing. This is a particularly important system for 
AID as it is the only automated accounting system available to missions 
worldwide. The Agency's complex financial management, procurement, 
budget and program management system, called the New Management Systems 
(NMS) is scheduled for implementation in September 1999, one month 
later than reported last quarter. AID will have contingency plans in 
place for both of these systems by June 1999.
    AID is also replacing two systems, the Financial Accounting and 
Control System (FACS) and the Loan Accounting Information System 
(LAIS). While FACS will be integrated into version 4 of NMS, AID is 
still developing a strategy for handling the historical data resident 
on the system. AID has outsourced many of the loan servicing functions 
that LAIS supported and is working with the contractor to identify what 
LAIS functionality and historical data needs to be supported. AID 
expects to resolve the LAIS and FACS issues by September 1999. AID is 
working to accelerate deployment of its new desktop infrastructure and 
upgrades to routers and other local and wide area networks in order to 
support deployment of mission critical applications.
                                 ______
                                 
   The President's Council on Year 2000 Conversion--First Quarterly 
           Summary of Assessment Information--January 7, 1999
                          chairman's statement
    With slightly less than a year until January 1, 2000, the 
President's Council on Year 2000 Conversion is committed to providing 
the public on a regular basis information it has obtained about the 
status of government and industry efforts to combat the Year 2000 (Y2K) 
computer problem.
    This report summarizes information the President's Council and its 
more than 25 working groups have gathered either from Federal agencies 
or through cooperative working relationships with industry trade 
associations and other groups who are assessing their members' 
preparedness for the century date change. It is the first in a series 
of quarterly reports the Council will release in 1999.
    It is important to note that, in several industry areas, trade 
associations are still working to gather initial survey data on the 
status of their members' Year 2000 efforts. Where possible, the report 
indicates target dates for completing that work and making information 
publicly available. The content and format for information collected 
over the past few months also varies and, in some cases, is very 
preliminary. The Council is encouraging trade associations to collect 
information in a more standard format in future surveys.
    Subject to these limitations, the available data provide the 
following information about the level of preparedness among key 
industries:
  --Virtually all of the industry areas report high awareness of the 
        problem and its potential consequences.
  --Participants in several areas are mounting aggressive efforts to 
        combat the problem and to ensure that critical systems will be 
        able to process the date change to the Year 2000. Financial 
        institutions, including banks and securities firms, are most 
        notable for their coordination and progress.
  --We are increasingly confident that there will not be large-scale 
        disruptions among banks and in the power and telecommunications 
        industries. Disruptions that do occur will most likely be of a 
        more localized nature.
  --Large organizations often have a better handle on the problem than 
        some of their smaller counterparts. While many small and 
        medium-sized businesses and governments are focused on solving 
        the Year 2000 problem and have made significant progress, some 
        continue to believe the problem will not affect them or are 
        delaying action until failures occur. Lack of preparedness 
        among these organizations increases the risk for localized Y2K 
        disruptions.
  --International failures are likely. Despite recent increased 
        efforts, a number of countries have thus far done little to 
        remediate critical systems. These failures could have a 
        significant impact upon the United States, especially in areas 
        that rely heavily upon cross-border operations.
    At the Federal level, agencies are working to prepare critical 
systems for the Year 2000, and have mounted aggressive efforts to 
ensure that critical services will not be disrupted by the transition 
to the new millennium. According to the most recent OMB report on 
agency progress, as of November 15, 1998, 61 percent of Federal 
critical systems were Y2K compliant, up from 27 percent a year earlier. 
The November data also indicated that 90 percent of critical systems 
requiring repair have already been fixed and are now being tested. A 
small percentage of critical systems are not expected to meet the March 
1999 goal of having all critical systems Y2K compliant, and agencies 
will produce specific benchmarks for completing work on these systems 
before January 1, 2000. All agencies are working to develop contingency 
plans in the event of internal or external failures.
    There is still time remaining for organizations, especially smaller 
firms, to prepare their critical systems for the Year 2000. But at the 
same time, all organizations should be developing back-up, or 
contingency, plans to address internal and external Y2K-related 
failures. Effective contingency plans will help to minimize Year 2000 
disruptions.
                            i. introduction
    Over the past 50 years, computers have made what was once thought 
impossible--possible--in finance, transportation, communications, 
health care and other areas. From electronic commerce to high-speed 
international telecommunications service to medical breakthroughs, they 
have been engines for social and economic progress. Information 
technology has become more pervasive in the every day activities of 
organizations and individuals around the world.
    But human beings, the inventors of this remarkable technology, are 
not infallible. Now, what once was a rational decision--to use two 
digits to represent the year in many computer systems--is now the Year 
2000 (Y2K) problem, an enormous challenge to governments and businesses 
around the world whose operations depend upon these systems.
    This report of the President's Council on Year 2000 Conversion is 
the first in a series of quarterly documents that will summarize 
industry and other assessments of efforts to ensure that information 
technology systems are ready for the century date change. Information 
on the level of preparedness is sparse within some industry areas where 
trade associations and groups are just beginning efforts to survey 
their members. In these areas, the report outlines how information is 
being gathered and when further detail is expected.
The Y2K Problem
    The Y2K computer problem is caused by a shortcut used in many 
information technology systems. Years ago, to conserve memory space, 
computer programmers used two digits to record the year--for example, 
98 would mean 1998. Over time, this became standard programming 
practice.
    Many information technology systems that require knowing the year, 
and use two-digit coding to record it, will, on January 1, 2000, 
recognize 00 not as the Year 2000 but as the Year 1900. This glitch 
could cause them to either shut down or malfunction, a significant 
problem in our electronic information-dependent society.
    The Y2K problem is not new. People have known for years that two-
digit coding would create difficulties when the Year 2000 arrived. But 
many organizations in the United States and around the world have been 
slow to act. Some assumed that a ``quick-fix'' would materialize that 
would enable systems dependent on two-digit coding to process the Year 
2000 or that older systems would be replaced by newer, Y2K-compliant 
models. Unfortunately, there is no permanent, universal quick-fix and, 
in many cases, older, non-compliant systems remain in operation.
    The Y2K problem is solvable. Businesses and governments know how to 
fix non-compliant systems and are devoting significant financial and 
personnel resources toward doing so. Several major financial 
institutions are spending hundreds of millions to ensure that their 
systems will operate in the Year 2000. As of November 15, 1998, the 
Federal Government estimates it will spend $6.4 billion to fix its 
mission-critical systems.
    Solving the Y2K problem is primarily a management challenge. Repair 
and replacement of systems and their interconnections takes time, and 
January 1, 2000, is an immovable deadline. Ensuring that critical 
systems are ready for the Year 2000 is a matter of prioritizing what 
needs to be fixed, devoting adequate personnel and financial resources 
to the project, and developing back-up, or contingency, plans to be 
used in the event that systems, both internal and external, fail.
The Council
    The President's Council on Year 2000 Conversion, established on 
February 4, 1998 by Executive Order 13073, coordinates the Federal 
Government's efforts to address the Year 2000 problem.
    The Federal Government, like any business or organization, is 
responsible for fixing its critical systems. But it also is working to 
encourage the private sector and other governments to do the same for 
the systems for which they have responsibility. Thus, the Council's 
mission is two-fold: (1) to work with the agencies to prepare critical 
Federal systems for the Year 2000, and (2) to promote action on the 
problem outside the Federal Government--among businesses, State, local, 
and Tribal governments, and foreign entities.
    The Council is made up of representatives from more than 30 major 
Federal executive and regulatory agencies that are active in diverse 
areas such as transportation, banking, and telecommunications. Council 
members work together to exchange information on agency Y2K progress 
and shared challenges. They also coordinate interagency testing efforts 
for programs that rely upon multiple agency systems and assist each 
other with contingency planning efforts for potential Y2K-related 
failures.
    To reach out beyond the Federal Government, Council members have 
formed working groups to focus on the Y2K challenges in over 25 sector 
areas such as finance, communications, transportation, electric power, 
health care, water supply and building operations. The working groups 
have reached out to form cooperative working relationships with the 
major trade associations and other umbrella organizations representing 
the individual entities operating in each sector. Working group 
outreach efforts are designed to increase the level of awareness and 
action on the problem and to promote the sharing of information between 
entities.
Information Gathering
    The Council has also been working with these outside organizations 
to gather industry assessments of Y2K preparedness and to encourage 
companies and governments to share publicly information about the 
status of their own Year 2000 efforts.
    Trade associations have special abilities to reach large numbers of 
participants within a particular industry and are especially aware of 
their most critical Y2K challenges. Industry participants generally are 
also more comfortable providing candid information confidentially to 
their umbrella organizations rather than directly to government 
agencies. These industry assessments, which the Council makes publicly 
available through its web site (www.y2k.gov) as soon as they are 
available, are important because they provide businesses, governments, 
and the general public with information about the status of Y2K efforts 
in key areas of the economy.
    For example, an organization that has finished work on its systems 
could still be vulnerable to the Y2K problem if its business partners 
are not prepared. A local grocery store may have ensured that its cash 
registers and inventory software are Year 2000 compliant, but Y2K 
failures among suppliers could affect the store's bottom line. 
Information on progress among suppliers could help the store prepare an 
effective back-up plan.
    Governments also rely upon information gathering efforts to prepare 
contingency plans so that key governmental services will not be 
disrupted and to respond to emergencies that may result from Y2K-
related failures. And consumers need information on the Y2K progress of 
their local businesses and governments so that they can make their own 
informed decisions.
    To help associations and other groups collect and share information 
on the status of Y2K efforts, the Administration worked with Congress 
to enact the ``Year 2000 Information and Readiness Disclosure Act.'' 
This bipartisan legislation provides protection against the use in 
civil litigation of technical Year 2000 information about an 
organization's experiences with product compliance, system fixes, 
testing protocols and testing results when that information is 
disclosed in good faith. It also includes important protections for 
information gathering that is designated as a ``special data gathering 
request'' under the Act. These collections of information cannot be 
reached by private litigants, or used by Federal agencies for 
regulatory or oversight purposes, except ``with the express consent or 
permission'' of the provider of the information.
Industry Assessments
    Shortly after President Clinton signed the ``Year 2000 Information 
and Readiness Disclosure Act'' on October 19, 1998, the Council 
provided industry associations with a guide for Y2K information 
gathering based on earlier surveys designed by some of the Council's 
working groups.
    The Council suggested that industry trade associations gather from 
their members the following information:
  --Do you have a plan for addressing the Y2K problem?
  --Does it include defined milestones?
  --Has your chief executive approved the plan?
  --Does the plan define a Y2K organizational structure?
  --How have you organized your Y2K work?
  --How much to you expect to spend on fixing the problem? How much 
        have you spent to date?
  --What percentage of the work of repairing or replacing mission-
        critical systems have you completed for: assessment (inventory 
        and analyze systems supporting the core business areas and 
        prioritize their conversion or replacement), renovation 
        (convert, replace, or eliminate systems), validation (test, 
        verify, and validate converted or replaced systems), and 
        implementation (integrate converted or replaced systems into 
        the system environment where routine information processing 
        activities are performed)?
  --Have you designed, tested, and put in place plans for internal and 
        external contingencies?
  --If you operate internationally, are you encountering any special 
        difficulties related to the Y2K problem?
                         ii. critical services
    For the purposes of this initial report, the Council has identified 
and summarized assessment information for nine sector areas covering 
the provision of critical services. They are: benefits payments, 
communications, electric power, emergency services, financial services, 
oil and gas, solid waste, transportation, water supply.
    In every area except for benefits payments, the Council is relying 
partially or entirely on industry trade associations to provide 
assessment information on Y2K progress within their sectors. As noted 
earlier, many trade associations are still working to gather initial or 
more comprehensive survey data on the status of their members' Year 
2000 efforts. Target dates for completing that work and making 
information publicly available are provided in those instances. ``Y2K 
compliant'' systems are those that have been tested, are operational, 
and can accurately process data through the century date change.
Benefits Payments (Working Group Chair--Social Security Administration)
    There is still work to be done to ensure the complete Year 2000 
readiness of all systems responsible for making Federal benefit 
payments, but agencies expect that they will be able to deliver 
payments without disruption in January 2000. These benefit payments 
include Social Security, Supplemental Security Income, Government 
civilian and military pensions, veterans benefits, and unemployment 
insurance.
            Social Security Administration
    The Social Security Administration (SSA) has made all its systems 
that produce Social Security and Supplemental Security Income (SSI) 
payments Year 2000 compliant, and has tested and certified those 
systems. In addition, testing from SSA through the Treasury Department 
and the Federal Reserve for direct deposit payments was also 
successfully completed. Beginning with payments made in October 1998, 
the Social Security and SSI benefit payments were generated using Year 
2000 compliant software at both SSA and Treasury. Treasury Department 
systems for making monthly Social Security and SSI payments received 
independent verification of their Y2K compliance in December 1998.
    With regard to disability benefits, SSA is working very closely 
with the State Disability Determination Services (DDS's) to ensure 
there is no disruption to State systems which support medical 
determinations in the Social Security and Supplemental Security Income 
Disability claims process. There are 50 States and territories with 
automated systems. As of November 30, 1998, 45 DDS systems have been 
renovated, tested and implemented. All 50 systems are expected to be 
Year 2000 compliant by January 1999. SSA and each State DDS have 
developed Business Continuity and Contingency Plans in the event that 
unforeseen problems occur. These plans address measures to be taken to 
ensure payments are made and claims are processed.
            Department of Defense
    The Defense Department is confident that payments to military 
retirees and annuitants will continue uninterrupted in January 2000. 
All programming changes and testing of programs for the pay system and 
its interfaces have been completed. The Year 2000 compliant programs 
were implemented in October 1998. The pay system software will be 
migrated to a Year 2000 compliant processing environment, tested and 
implemented by March 31, 1999. Additional end-to-end testing with 
interfacing partners is scheduled for mid-1999. Successful completion 
of these tests and continued close contact with interfacing partners 
will ensure a smooth transition to January 2000.
            Department of Veterans Affairs
    The Department of Veterans Affairs (VA) is making Year 2000 
compliant all systems that deliver compensation, pension, education, 
vocational rehabilitation and loan guaranty benefits to veterans. As of 
October 31, 1998, 99 percent of all benefit payment programs were 
renovated, and 72 percent were implemented. All programs are scheduled 
for implementation by March 31, 1999. VA is currently developing 
business continuity and contingency plans for its benefits delivery 
business areas. These plans are expected to be completed by January 
1999. The Treasury Department systems that make payments on behalf of 
VA are scheduled to be implemented at the end of 1998.
            Office of Personnel Management
    The Office of Personnel Management (OPM) continues to make 
significant progress in achieving compliance for the mission-critical 
systems of its Retirement and Insurance Service that support the 
provision of benefit services to Federal employees and annuitants. As 
of October 1998, OPM has completed renovation of these mission-critical 
systems, and has validated and implemented almost half of them. OPM 
anticipates completing the validation and implementation phases by 
January 1999. OPM is also validating Y2K compliance with the more than 
200 partners with whom it exchanges data and plans to test retirement 
benefit payment files with the Treasury Department. In addition, in 
December 1998, OPM developed final draft business continuity and 
contingency plans to ensure that it can provide essential retirement 
and insurance services in January 2000, and will schedule and conduct 
testing of these plans within the next several months.
            Department of Labor
    The Unemployment Insurance (UI) program is administered by 53 State 
Employment Security Agencies (SESA's). The Department of Labor (DOL) is 
responsible for oversight of the UI program. The Year 2000 problem for 
UI arises in January 1999, because the State systems must calculate an 
end date for new claims. Since the end date is one year from the date a 
claim is filed, the computer must calculate and assign an end date in 
January 2000 for any new benefits claim opened in January 1999.
    In December 1998, DOL stated that 16 SESA's were ``at risk'' of not 
being able to complete permanent fixes to their systems before the 
January 4, 1999 cutoff date, and may need to implement back-up, or 
contingency, plans so that benefits can be processed while they 
continue to prepare systems for the Year 2000. Those SESA's were: 
Arizona, Connecticut, Delaware, the District of Columbia, Hawaii, 
Illinois, Kansas, Louisiana, Massachusetts, Missouri, Montana, New 
Hampshire, New Mexico, Puerto Rico, Vermont, and the Virgin Islands. 
DOL is continuing to provide direct technical assistance to these 
SESA's in addressing the automated system problems and preparing 
contingency plans.
            Reliance on Banks and the U.S. Postal Service
    All of the benefit payment systems are dependent on the financial 
community for direct deposits and the U.S. Postal Service (USPS) for 
check delivery, and in the case of international payments, a variety of 
check delivery systems. Each Federal agency providing benefits is 
working closely with the Treasury Department and the Federal Reserve, 
which is in turn testing with the banking community to ensure a smooth 
transition to 2000 and to plan for any unforeseen disruptions to direct 
deposits.
    With regard to check delivery through the U.S. mail, the USPS has 
renovated 78 percent of its mission-critical systems. The remaining 
renovation and independent verification and validation of all mission-
critical systems will be completed in the first half of 1999. To 
evaluate the readiness of core mail processing equipment, the Postal 
Service advanced the dates and tested the automated mail processing 
equipment at a major mail processing plant in Tampa and a bulk mail 
center in Atlanta. Both tests verified that the equipment, which is in 
use throughout the postal system, will process letters, flats and 
parcels correctly to and through the Year 2000. Although additional 
testing is planned throughout 1999, USPS is confident in its ability to 
sustain mail service through the century date change.
Communications (Working Group Chairs--Federal Communications 
        Commission, General Services Administration)
    Information obtained from the communications industry indicates 
that the major companies have active Year 2000 programs and have made 
substantial progress toward updating their systems. However, less 
information is available regarding smaller organizations, and detailed 
information about some sectors will not be available until late January 
1999.
    The Federal Communications Commission (FCC) regulates the 
communications industry in five sectors: wireline, wireless, cable, 
broadcast, and international. Communications equipment is grouped by 
network elements (transmission and reception), support systems 
(billing, maintenance, inventory), and auxiliary systems (security, 
alarms, environmental control). Continuity of communications requires 
each network element to operate properly and for those elements to 
interoperate effectively.
    The FCC is working closely with a number of organizations to assess 
industry readiness, including: the Network Reliability and 
Interoperability Council (NRIC), the Telco Year 2000 Forum, the 
Alliance for Industry Telecommunications Solutions (ATIS), Cable 
Television Laboratories, Inc. (CableLabs), the International 
Telecommunication Union (ITU), and several other trade associations 
representing various industry segments.
            Wireline
    Data indicate that this segment of the telecommunications industry, 
which includes major companies such as Bell Atlantic, AT&T and MCI, is 
seriously addressing Year 2000 conversion issues and will meet 
remediation goals. Based on the information collected to date, the most 
likely Y2K difficulties would be small, localized problems in the 
network. Companies are developing contingency plans to pool efforts to 
address these types of problems.
    Preliminary information from the NRIC, based on a polling of 
companies representing 94 percent of the access lines in the United 
States, indicates that between September 30, 1998 and December 30, 
1998, the wireline industry was expected to progress from 54 percent to 
69 percent completion of its Y2K project overall, while assessment of 
Y2K problems would go from 94 percent to 98 percent complete, 
renovation or remediation would progress from 66 percent to 81 percent 
complete, and validation or testing would move from 58 percent to 69 
percent complete. Implementing proven solutions across the network was 
expected to progress from 59 percent to 74 percent complete between the 
end of September and the end of December 1998. The average target date 
for complete implementation is June 30, 1999.
            Cable
    While current data are not yet available, the industry expects that 
Y2K problems will not cripple cable system operations, and at this time 
it appears that set-top boxes found in the common household are for the 
most part not at risk. However, switching devices, commercial insertion 
equipment, satellite video playback equipment, and addressable 
controllers could be affected. Cable operator equipment that relies on 
embedded chip technology is also at risk.
    In April 1998, the Cable Services Bureau sent 25 letters to the 10 
largest multiple systems operators (MSO's), 6 major manufacturers, 5 
cable network programmers, and 4 trade associations. The 10 MSO's serve 
approximately 78 percent of the market share of subscribers. The 
manufacturers selected provide the most popular equipment used by cable 
operators and the trade organizations represent a cross-section of 
cable systems across the country. As of May 1998, all respondents had 
initiated an inventory phase of their Year 2000 programs, with the 
majority of the MSO's far along toward completing the review of their 
inventories. The responses indicated that cable systems had made 
minimal progress on remediation, unit testing, and integration. 
Nevertheless, several respondents stated that they will achieve Year 
2000 compliance well ahead of the century date change. Further, 
CableLabs was expected to have begun interoperability testing before 
the end of 1998, and information regarding this testing will be 
available to cable operators at the CableLabs web site.
    On November 25, 1998, the Cable Services Bureau sent a second round 
of Y2K assessments consisting of a questionnaire and associated 
attachments to a cross-section of 50 cable operators. Combined, these 
operators serve approximately 90 percent of all cable subscribers. 
Responses are expected by early January 1999.
            Wireless
    According to the industry, the majority of cellular and PCS phones 
are not date-sensitive. However, there could be problems in trunked 
systems or in other systems that integrate the cellular system into a 
larger network, such as public service answering points operated by 
local emergency response providers.
    The Wireless Telecommunications Bureau sent a letter to licensees, 
associations, and other entities involved with wireless communications 
which provided Y2K information and made a voluntary request for 
information. The response to this voluntary inquiry has been 
insufficient to do an analysis. The current assessment questionnaire 
sent to the wireless industry is mandatory, covering 300 wireless 
carriers, and is meant to complement the information requested from the 
1,200 wireline carriers about wireless services they may provide. 
Information from this assessment will provide a more comprehensive view 
of the industry and will be available in the first quarter of 1999.
    The wireless industry is planning to participate in the 
interoperability testing planned by ATIS starting in January 1999.
            Mass Media
    It appears that the majority of broadcasters are aware of the Y2K 
issue and are addressing it. According to the industry, Y2K problems 
should not cause a loss of essential services because of the 
multiplicity of broadcast services as well as the fact that most 
equipment that could cause serious service outages is capable of being 
manually overridden.
    The major broadcasting networks and group owners have been working 
on the Y2K problem for some time, some as early as 1996. Many broadcast 
groups and networks are working in teams and have formed reporting 
structures to ensure adequate project monitoring and risk assessment. 
The Mass Media Bureau recently sent a survey to a representative cross-
section of 250 broadcasters that will yield additional information 
about the status of Y2K remediation efforts and contingency planning by 
mid-January 1999.
            International
    Telecommunications companies engaged in trans-border services 
indicate that neither dial tone nor data transmission are likely to 
experience significant difficulties resulting from the Y2K problem. 
Some companies report concerns about billing (operations/support 
systems) and maintenance systems. U.S. carriers indicate that 
terminating calls overseas, which depend on the networks of foreign 
Public Telephone Operators (PTO's), may be impeded by Y2K problems.
    The ITU has a Y2K task force that has sent a questionnaire to more 
than 5,000 members--governments, telecommunications carriers, and 
operators--but there has been a low number of responses. Preliminary 
results showed that most of the respondents cited the British Standards 
Institute (BSI) as the standard to which their company is adhering. The 
countries that ranked themselves the least prepared were predominantly 
developing countries from the African continent, South Asia, and 
Southeast Asia. Eastern Europe, the Middle East, and Central and South 
American countries ranked themselves somewhat prepared for Y2K, while 
Western Europe, the United States, the Caribbean, and Pacific Rim 
countries ranked themselves the most prepared for Y2K. The ITU plans to 
redouble its efforts by circulating subsequent questionnaires on an 
ongoing basis to encourage governments to pressure operators to 
respond.
    In addition, the ITU's Y2K inter-carrier task force is conducting 
testing and has developed plans for regional testing worldwide, which 
is expected to start in the first quarter of 1999. One test in early 
September 1998 among Germany, Sweden, and Hong Kong, showed few Y2K-
related problems. However, each of the tested systems had undergone 
extensive remediation and testing.
    Regarding satellite systems, the general consensus within the 
industry appears to be that the satellites themselves contain little, 
if any, date-sensitive information. However, satellite carriers are 
actively evaluating and remediating ground equipment because antenna 
controls are date and time dependent and ground stations contain 
complex electronics and larger computers. Companies are confident that 
they will complete conversion by January 1, 2000, but cite 
interoperability testing as difficult.
    For more information, consult: www.fcc.gov/year2000.
Electric Power (Working Group Chair--Department of Energy)
    According to the most recent assessment information on Y2K 
preparations within the electric power industry, industry 
representatives believe that, with properly coordinated contingency 
planning and accelerated preparations, electric power supply and 
delivery systems will be able to operate reliably into the Year 2000.
    In May 1998, the Secretary of Energy requested that the North 
American Electric Reliability Council (NERC) coordinate efforts within 
the electric power industry to assure a smooth Year 2000 transition. 
NERC is a voluntary, not-for-profit organization made up of 10 regional 
councils, whose membership includes nearly every major provider of 
electricity generation and transmission within the Eastern, Western, 
and Texas interconnections that form the backbone of the electricity 
supply system for the United States, Canada, and a small part of 
Mexico.
    NERC has established recommended industry-wide milestones for 
ensuring that electric systems are ready for the Year 2000. The 
recommended completion dates for the remediation/testing phase of Y2K 
preparations is May 1999. Mission-critical systems and components 
(e.g., power production, energy management systems, telecommunications, 
substation controls and system protection, and distribution systems) 
are to be made Y2K ready by June 30, 1999.
    NERC has worked in partnership with trade associations representing 
investor-owned utilities (Edison Electric Institute), municipal 
utilities (American Public Power Association), rural electric 
cooperatives (National Rural Electric Cooperatives Association), 
nuclear plant operators (Nuclear Energy Institute), and the Canadian 
electric power industry (Canadian Electricity Association) to assure 
the most complete coverage of the industry in the surveys and 
assessments.
    In September 1998, NERC issued an initial status report and 
workplan for Year 2000 readiness within the electric power industry. 
NERC also committed that it would provide further reports on a 
quarterly basis with updated status information developed through 
monthly NERC surveys of the major generation and transmission providers 
(approximately 200 entities) and quarterly surveys of distribution-only 
entities (approximately 3,000 organizations) by cooperating trade 
associations.
    Thus far, more than 75 percent of the electricity supply and 
delivery organizations have participated in the Y2K readiness surveys. 
Responses have been received from 188 of the entities surveyed directly 
by NERC and 2,200 entities surveyed by the cooperating trade 
associations.
    As of October 1998, the overall progress of the 188 bulk electric 
system entities (i.e., large generation and transmission providers) 
that have reported to NERC was as follows:

------------------------------------------------------------------------
                                  Average
       Y2K Program Phase          Percent         Average Projected
                                  Complete         Completion Date
------------------------------------------------------------------------
Inventory.....................           93  August 1998.
Assessment....................           75  November 1998.
Remediation/Testing...........           36  June 1999.
------------------------------------------------------------------------

    The 188 reporting organizations, on average, plan for their systems 
to be Y2K ready by July 1999. Most of the 188 survey respondents are 
still in the early stages of formulating contingency plans and 
preparations.
    The overall progress of the approximately 2,200 distribution 
entities that have responded to surveys through August 1998, was as 
follows:

                                                         Average Percent
        Y2K Program Phase                                       Complete

Inventory.........................................................    86
Assessment........................................................    52
Remediation/Testing...............................................    30

    The electric power industry is placing considerable emphasis on 
contingency planning for the Year 2000 transition. NERC is providing 
direct oversight with respect to operational Year 2000 contingency 
plans for the Eastern, Western, and Texas interconnections of the power 
grid. Contingency planning is also being implemented within each of the 
regional reliability councils, and at the level of individual 
suppliers. NERC is targeting June 1999 as the date for completion of 
contingency plans.
    Particular concerns within the industry include the reliability of 
voice and data communications, needed for monitoring and control of 
power systems, and embedded chips. Embedded chips are used in 
communications and numerous power system device controllers. While it 
is estimated that only 1 to 2 percent of these devices uses a time/date 
function in a manner that could result in a Y2K malfunction, the 
interconnected nature of electric systems make them sensitive to the 
failure of any equipment.
    The next NERC status report and workplan for Year 2000 readiness is 
scheduled for release in mid-January 1999. NERC is also planning to 
conduct industry-wide Y2K preparedness drills in April and September 
1999. All NERC reports, contingency planning guidance, and monthly 
survey results are available on the NERC web site.
    For more information, consult: www.nerc.com.
Emergency Services (Working Group Chair--Federal Emergency Management 
        Agency)
    Initial assessment information on the emergency services sector 
indicates that a significant number of mission-critical systems are 
expected to be Y2K compliant by spring 1999. However, organizations are 
still working to obtain preliminary assessment information for areas 
such as the fire service and 911 centers. This preliminary information, 
along with more complete assessments, will be available as Federal 
agencies continue to receive feedback from their stakeholders in the 
emergency services community. In addition to the fire service and 911 
centers, these entities include State and local emergency management 
organizations, emergency medical services, and other professional and 
private emergency management organizations.
    Federal agencies working with the emergency services community 
include: the Federal Emergency Management Agency (for fire services and 
State and local emergency management); the Department of 
Transportation/National Highway Traffic Safety Administration (for 
emergency medical services); the Department of Health and Human 
Services (for the National Disaster Medical System and disaster medical 
assistance teams); the Department of Commerce/National Oceanic and 
Atmospheric Administration/National Weather Service; the Department of 
Interior; the United States Department of Agriculture and the 
Department of Defense. The American Red Cross is an honorary member.
            Emergency Management Directors
    As of December 1, 1998, emergency management directors from 46 
States, the District of Columbia, and four territories had responded to 
a FEMA request for assessment information on Y2K readiness. FEMA had 
asked the directors to provide information on the status of State and 
local Y2K efforts, funding for Y2K fixes, overall readiness at the 
State and local level, contingency planning, and likely impacts of the 
Y2K problem.
    Early responses indicate all State level agencies have resolved, or 
are planning to resolve, the vast number of Y2K-related issues 
involving critical emergency preparedness facilities, systems, and 
services. To date, nineteen States responded that they expect to be to 
be Y2K compliant by January 1, 2000. Of those, eight States said they 
expect to be compliant by mid-1999. Surveys are ongoing, and more 
information will be gathered throughout 1999.
    Respondents did express several areas of concern. The issue cited 
most often was the limited nature of financial resources to assess, 
fix, test, and validate systems at the State level. Many respondents 
complained about the excessive number and redundancy of status reports 
requested on Y2K plans and preparedness. Respondents also expressed 
concerns about the possibility of power and grid failures, especially 
in areas serviced by smaller utilities. The limited amount of 
contingency planning that has been completed at the State and local 
level was also noted.
    The International Association of Emergency Managers, which has a 
membership of over 1,700 individuals representing local emergency 
management organizations, conducted an on-line survey of Y2K 
preparedness. Of the 172 respondents, 164 are aware of the Y2K problem, 
159 are actively working to ensure their systems will be ready for the 
Year 2000, and 59, or 34 percent, reported their systems are fully 
prepared. Furthermore, 58 percent of the respondents reported that 
internal systems for their community emergency management programs are 
Y2K compliant, and 54 percent reported that their organizations are 
capable of meeting community needs (information, guidance, assistance) 
for Y2K preparedness.
            Fire Service
    An initial assessment of fire service Y2K efforts is expected by 
early 1999. FEMA's United States Fire Administration (USFA), which acts 
as a clearinghouse for Y2K information, is working with the National 
Association of State Fire Marshals (NASFM) to survey 500 representative 
fire departments across all 50 States. The USFA has already distributed 
a brochure of frequently asked questions regarding the Y2K problem to 
33,000 individual fire departments, 50 State fire marshals, 50 State 
fire training directors, 11 major national fire service organizations, 
and eight national associations of manufacturers/distributors of fire 
and emergency services equipment.
            ``911'' Centers
    An initial assessment of Y2K progress among 911 centers is expected 
by early 1999. In partnership with the USFA, the National Emergency 
Number Association (NENA) planned to contact all 4,300 known 911 
centers by the end of 1998 to assess Y2K readiness. The FCC is also 
working with NENA, since local 911 centers are dependent upon the 
commercial communications companies to address and resolve Y2K issues.
            Emergency Medical Services
    While the assessment of State and local Emergency Medical Service 
(EMS) agencies is ongoing, 75 percent of State EMS directors reported 
that their systems would be 100 percent compliant by January 1, 2000, 
in response to a National Highway and Transportation Safety 
Administration survey. The National Association of State EMS Directors 
has agreed to coordinate a State-by-State assessment of preparation and 
compliance among local EMS agencies.
    According to the Department of Health and Human Services (HHS), the 
pre-hospital segment (e.g., ambulance services) of the health services 
sector should have minimal Y2K concerns about internal systems. There 
are no internal Y2K issues affecting systems for deploying ambulances, 
helicopters, and communications and transportation equipment, given an 
operational support infrastructure. The 62 Disaster Medical Assistance 
and Specialty Teams, comprising 7,000 enrolled personnel and their 
equipment cache, will be unaffected.
    HHS is conducting Y2K outreach programs with health care 
organizations, including the American Hospital Association, American 
Medical Association, and Joint Commission on Accreditation of Health 
Care Organizations. HHS also is working with other Federal agencies and 
manufacturers of biomedical equipment to ensure compliance of medical 
devices. As of October 1998, approximately two-thirds of the 1,932 
manufacturers of medical devices containing electronic components have 
responded to queries about the compliance of their products. This 
information is available on a Food and Drug Administration-maintained 
web site (www.fda.gov/cdrh/yr200/year2000.html).
            Federal Response Planning
    Virtually all of the Federal Response Plan (FRP) Primary Agencies--
the Departments of Transportation, Defense, Agriculture, and Energy, 
HHS, FEMA, NCS, GSA, and the Environmental Protection Agency--stated 
that they expect their mission-critical systems used for emergency 
response under the FRP to meet the March 31, 1999 government-wide goal 
for Year 2000 compliance. The American Red Cross expects its critical 
FRP systems to be compliant by July 31, 1999.
    Each of the Primary FRP Agencies is a member of the Catastrophic 
Disaster Response Group (CDRG), which is chaired by FEMA and is 
responsible for providing national policy-level direction on 
interagency disaster planning, coordination, and operations. In July 
1998, FEMA established a Primary Agency Committee of the CDRG to ensure 
that all 26 FRP agencies are Y2K-ready and able to perform effective 
disaster response operations, and to prepare for possible consequences 
of Y2K failures that may require a Federal response.
    For more information, consult: www.fema.gov/y2k/.
Financial Services (Working Group Chair--Federal Reserve Board)
    According to the latest data from Federal supervisory agencies, 
financial institutions are well ahead of most organizations in 
preparing systems for the Year 2000. Banks, credit unions, and the 
futures and securities industries are far into the Y2K remediation 
process and expect that systems will be ready in advance of the new 
millennium. Moreover, the Federal Reserve is making good progress on 
its internal systems and reports that external tests with banks and 
other financial institutions are going well.
    A large proportion of institutions that make up the financial 
sector are supervised by one or more Federal regulatory agencies--
primarily the Federal Deposit Insurance Corporation (FDIC), the Federal 
Reserve, the National Credit Union Administration (NCUA), the Office of 
the Comptroller of the Currency (OCC), the Office of Thrift Supervision 
(OTS), the Commodities Futures Trading Commission (CFTC), and the 
Securities Exchange Commission (SEC). Assessment information is derived 
largely from supervisory data collected by these agencies.
            Depository Institutions and Credit Unions
    The vast majority of the Nation's depository institutions and 
credit unions (approximately 9,000 banks, 1,200 thrift institutions, 
and 13,000 credit unions) are on schedule to meet the Federal Financial 
Institutions Examinations Council (FFIEC) milestone dates for 
completing Year 2000 remediation efforts. The FFIEC's remaining 
milestones for completing the validation and implementation of mission-
critical systems include: (1) by December 31, 1998, testing of internal 
mission-critical systems should be substantially complete; (2) by March 
31, 1999, testing by institutions relying on service providers for 
mission-critical systems should be substantially complete and external 
testing with material other third parties should have begun; and, (3) 
by June 30, 1999, testing of mission-critical systems should be 
complete and implementation should be substantially complete. With 
respect to Year 2000 contingency planning, the FFIEC has established 
June 30, 1999, as the date by which all institutions should have 
substantially completed their Year 2000 business resumption contingency 
plans.
    Depository institutions and credit unions largely have completed 
the awareness and assessment phases, renovations continue, and most are 
now testing mission-critical systems as part of validation phase 
efforts. As of October 31, 1998, approximately 96 percent of depository 
institutions and credit unions examined by the FFIEC agencies were 
rated satisfactory (i.e., have met or are expected to meet all FFIEC 
expectations and timeframes).
            Securities Industry
    The securities markets and industry are making good progress with 
their Year 2000 efforts, and reporting procedures are in place to 
identify any material weaknesses in remediation efforts.
    The SEC is responsible for oversight of U.S. securities markets and 
clearing agencies. In September 1998, the SEC surveyed eight national 
securities exchanges, the National Association of Securities Dealers 
(NASD), the Securities Industry Association (SIAC) (as systems manager 
for the National Market System) and nine registered or exempt clearing 
agencies regarding their Year 2000 efforts. According to the latest 
survey data, the exchanges and NASD have completed remediation and 
testing work on 95 percent of mission-critical systems and have 
finished implementation work on 73 percent. The clearing agencies have 
completed renovation and testing on 87 percent of critical systems and 
implementation on 86 percent.
    Broker-dealers are subject to oversight, including examinations, by 
the SEC and securities self-regulatory organizations (SRO's) such as 
the NASD and the New York Stock Exchange. The SEC required registered 
broker-dealers to file reports regarding their Year 2000 efforts on 
August 31, 1998 and a second report is due on April 30, 1999. According 
to the data, 83 percent of broker dealer firms have a written Y2K plan. 
Thirty percent have completed testing on critical systems, and 51 
percent have developed contingency plans for potential Y2K failures. In 
July 1998, the Securities Industries Association conducted beta testing 
of interconnections between a select number of systems within the 
industry. The test, which identified only a few easily-correctable Year 
2000 errors, was a prelude to a more extensive street-wide test to be 
conducted in spring 1999.
    The SEC also conducts examinations of registered investment 
companies and investment advisers. As of September 30, 1998, the SEC 
had conducted Year 2000 reviews of 3,895 investment advisers and 445 
investment companies. Of the investment companies, 76 percent reported 
having a written Y2K plan, and 50 percent of investment advisors 
reported having such plans. The SEC's reports that 24 percent of the 
investment companies and investment advisers examined have completed 
implementation. An additional 56 percent expected to complete 
implementation by December 31, 1998.
            Commodities Futures Industry
    The futures industry is preparing its systems for the Year 2000, 
subject to CFTC oversight. Testing by the futures exchanges and their 
clearinghouses is progressing on schedule and internal remediation work 
is complete, or nearing completion, at many firms and SRO's. Many 
futures commission merchants (FCM's) use computer service providers, 
who report that their systems are compliant.
    A Futures Industry Association (FIA) report on the September 1998 
Y2K beta testing at futures exchanges indicates that of over 4,000 
transactions processed, 98 percent were considered successful, and the 
errors identified were promptly resolved.
    FCM's who clear on exchanges are required conduct Y2K tests of 
their systems. Non-clearing FCM's are less likely to pose systemic 
risks. However, the responses to the Y2K questionnaires sent out by the 
SRO's indicate an overall awareness of the potential Y2K problems among 
non-clearing FCM's. Most have begun work on assessing their Y2K 
compliance through testing their own systems and confirming compliance 
of systems and data supplied by outside parties.
    More than 500 of the 1,500 commodity pool operators (CPO) and 
commodity trading advisors (CTA) use ``back-office'' service (i.e., 
accounting and processing services) providers. Approximately 15 firms 
provide back office services to CPO's and CTA's. The National Futures 
Association (NFA), an SRO, has contacted most of these firms, all of 
whom have Y2K projects underway with completion dates ranging from 
October 1998 to mid-1999.
            Federal Reserve Year 2000 Readiness Disclosure Statement
    The Federal Reserve provides financial services to depository 
institutions as well as to the federal government. The Federal Reserve 
has met its goals to date for addressing the risks posed by the century 
date change. The Federal Reserve System's internal application testing 
efforts are progressing in a timely manner. As of the end of November 
1998, 67 percent of the Federal Reserve's mission-critical applications 
were Year 2000 ready. Of the remaining 33 percent, 31 percent are 
remediated and being tested, and the Federal Reserve expects that 
implementation will be completed by January 1999. The remaining two 
percent represent new system development initiatives that are on 
schedule for implementation in first quarter 1999.
    External testing with financial institutions and other customers is 
going well. As of December 1, 1998, over 5,000 depository institutions 
had tested with the Federal Reserve, and the Treasury Department's 
Financial Management Service has conducted interface testing with the 
Federal Reserve for Social Security payments.
            Insurance Sector
    Based on information collected by the National Association of 
Insurance Commissioners (NAIC), all States have initiated a survey/
examination effort for domestic insurers. As of December 1998, 64 
percent of regulated insurance entities responded to the survey and 
State regulators are following up with insurers that did not respond. 
The focus for 1999 reviews will be completion of the testing, 
remediation and implementation phases, and contingency planning. The 
States have established June 30, 1999 as the date by which remediation 
of all mission-critical systems should be complete.
Oil and Gas (Working Group Chair--Federal Energy Regulatory Commission)
    Industry representatives are cautiously optimistic that the U.S. 
oil and gas sector will be ready for the transition to the new 
millennium. Survey results indicate that the industry is making good 
progress in implementing Y2K plans, but that the rate of progress needs 
to increase.
    Industry trade associations and individual companies have been 
addressing the Y2K issue for some time. Many companies began as early 
as 1995. Preparations for Year 2000 are a natural extension of the 
industry's thorough contingency planning that covers every area of 
operations from producing fields to refinery and pipeline operations to 
environmental monitoring and control. For example, storage built into 
oil and natural gas delivery systems provides additional flexibility 
for delivering the product to end users should Y2K-related disruptions 
occur.
    Date handling codes show up within various computer applications 
and are embedded in computer chips and throughout the petroleum 
industry, from computer applications to process control devices. 
Potential Y2K problems range from incorrect financial transactions, oil 
field production outages, refinery and pipeline stoppages, product flow 
disruptions, as well as potential environmental and safety hazards.
    Areas of concern include Supervisory Control Area Data Acquisition 
Systems (SCADA) used to acquire information from remote sections of 
pipeline and to control the flow of fuel at remote locations by using 
computers linked to satellite and telephone communications systems. 
Embedded chips, which occur throughout the sector, are also a concern. 
Following an initial focus on software, the industry is now 
concentrating on embedded chips, which are more prevalent in 
operations.
    The Oil and Gas Working Group of the President's Council, in 
cooperation with the American Petroleum Institute, the Interstate 
Natural Gas Association of America, the American Gas Association, the 
American Public Gas Association, and other industry groups, conducted 
its first survey on the Y2K readiness of the U.S. oil and gas industry 
in August 1998. Survey results were presented at a public conference in 
September 1998, and are displayed on the Internet at www.y2k.gov. The 
survey respondents represented 45 percent of U.S. oil and natural gas 
production, 78 percent of U.S. refining capacity, 70 percent of U.S. 
crude oil and refined product pipeline deliveries, 81 percent of 
natural gas interstate pipeline deliveries, 43 percent of U.S. branded 
retail outlets (e.g., service stations), and 50 percent of the total 
natural gas volume of investor-owned local distribution companies.
    According to the August 1998 data, about 86 percent of survey 
respondents were in the process of implementing plans for addressing 
the Y2K problem, with 14 percent still in the planning stage.
    The status of work was broken down as follows:

------------------------------------------------------------------------
                                             Business
                                            Systems and      Embedded
                                            Associated        Systems
                                             Software        Aggregate
                                             Aggregate        Results
                                              Results
------------------------------------------------------------------------
Plan....................................              14              14
Inventory...............................              12              18
Assessment..............................              19              28
Remediation.............................              36              26
Validation..............................              19              14
------------------------------------------------------------------------

    Twenty-two percent of survey respondents expected to complete their 
Y2K work by December 1998; 76 percent expected to be done by June 1999; 
and all expected to be done by December 1999.
    Survey respondents reported that they would complete in the 
remediation and validation phases their contingency planning efforts 
for internal and external failures. All respondents said that their 
contingency plans would be ready by December 1999, with 31 percent 
stating these plans would be complete by December 1998, 73 percent 
expecting completion by June 1999, and all expected to be completed by 
December 1999.
    The next survey was distributed in mid-December 1998, with a due 
date of mid-January 1999. The Oil and Gas Working Group will release 
the survey results at a public conference to be held on February 18, 
1999. Quarterly follow-up surveys will be conducted during 1999.
    The U.S. oil and gas industry is concerned about international oil 
production and shipping, especially in light of the lack of information 
available. Members of the American Petroleum Institute's International 
Oil Y2K Task Force have joined with the Federal Energy Regulatory 
Commission (FERC) and other Federal agencies, along with the 
International Energy Agency, to create an International Oil 
Coordination Council (IOCC). IOCC met in early November 1998 to 
exchange information on industry and government efforts and plan how to 
assess the industry's Y2K readiness on an international scale. IOCC 
will focus on collecting information globally in 1999 and on creating a 
public scorecard of international readiness.
Solid Waste (Working Group Chair--Environmental Protection Agency)
    Waste industry organizations, which include waste haulers, 
handlers, and disposers, use a relatively low level of automation in 
their operations. As a result, the industry reports that waste 
organizations' exposure to Y2K-related difficulties will be minimal.
    Nonetheless, the Environmental Protection Agency's Office of Solid 
Waste has been communicating with the waste management sector about the 
potential risks of Year 2000 failures. EPA has encouraged its contacts 
to identify, assess, manage, and mitigate Y2K risks within the 
industry.
    Organizations and associations with whom EPA has been communicating 
include: the Association of Waste and Hazardous Materials Transporters, 
Browning-Ferris Industries, Inc. (BFI), the Cement Kiln Recycling 
Coalition, Environmental Industry Associations, the Environmental 
Technology Council, the Integrated Waste Services Association, Inc., 
the National Association of Chemical Recyclers, the Solid Waste 
Association of North America, and USA Waste Services Inc./Waste 
Management Inc.
    Thus far, only the Cement Kiln Recycling Coalition has a conducted 
a formal Y2K survey of its members and expects to release the results 
in late January 1999. In the first quarter of 1999, EPA plans to work 
with waste trade associations including the Solid Waste Association of 
North America, which includes major trash haulers like BFI, Inc. and 
Waste USA, on their Y2K efforts.
    EPA's contacts with the industry have yielded some important 
information on the Y2K problem and waste operations. BFI, Inc., which 
owns nearly 40 percent of U.S. collection and operating waste 
facilities, reports that there is little vulnerability related to the 
Y2K problem in the provision of waste collection services, and ranks 
internal operating (e.g., scales) and billing systems as the areas of 
most concern. At incineration plants, early precautions may 
automatically be activated to avoid problems with emission monitors or 
other internal systems.
    Given the relatively low level of automation inherent in trash 
collection, hauling, and disposal, contingency planning within the 
industry is not expected to be highly sophisticated. Industry 
representatives have indicated that should Y2K disruptions occur within 
the industry, waste will be held longer and not disposed of or 
incinerated until system fixes are made.
    For more information, consult: www.epa.gov/year2000.
Transportation (Working Group Chair--Department of Transportation)
    Preliminary survey data and contacts with transportation industries 
indicate that there is a high level of awareness of the Y2K problem 
across the major air carrier and transit service providers, as well as 
in the motor vehicle regulatory and enforcement arena. Air carriers and 
larger airports and transit providers are making significant progress 
in efforts to address the Y2K problem. However, the potential readiness 
of airports and transit services in small communities and rural areas 
is a concern. Additional data is necessary to provide a more 
comprehensive understanding of the level of Y2K readiness among all 
components of the transportation industry.
    Neither the railroad nor maritime industry associations had 
complete, consolidated survey data to share in time for this report, 
but this information is expected early in 1999. Based on external 
reports and outreach efforts, it appears that the rail industry is 
taking appropriate steps to prepare for the Y2K conversion. Concerns 
about the readiness of the international maritime transportation 
industry, however, has prompted the U.S. Coast Guard to begin an effort 
with the International Maritime Organization to improve information 
sharing and accelerate global Y2K remediation efforts and contingency 
planning of the maritime transportation industry. Information sharing 
is taking place through the Ship Operations Cooperative Program (SOCP), 
a joint venture with industry, and the SOCP Y2K website.
    In November 1998, the Council's Transportation Working Group sent a 
letter and sample Y2K assessment form to the heads of 83 key trade 
associations representing all modes of transportation--air, highway, 
transit, rail, and marine. Thus far, the National Air Carrier 
Association, Inc. (NACA), American Association of Motor Vehicle 
Administrators (AAMVA), and the American Public Transit Association 
(APTA) have provided assessment information on their members' Y2K 
efforts.
            Air
    The Transportation Working Group is eagerly awaiting the results of 
the Air Transport Association survey that will cover the larger 
commercial carriers, including the major passenger airlines. Results 
from this survey, and from airport-related surveys, are expected within 
the first quarter of 1999.
    NACA represents a relatively small segment of the air carrier 
market, specializing in low-cost scheduled and charter transportation 
of passengers and cargo. NACA surveyed its member airlines in November 
1998; five of seven members responded. The level of Y2K readiness 
varies across NACA's membership. Some of the smaller carriers are very 
far behind in the work phases, with only 55 percent of assessment 
completed. Larger carriers have made more progress. Estimated costs for 
Y2K remediation among the carriers ranged from around $200,000 to $8 
million. The survey results also indicate that not all contingency 
plans address external failures.
    Respondents reported that they do not currently have plans to 
suspend flights to countries lagging behind the United States in 
dealing with the Y2K problem, although they are closely monitoring the 
international situation. NACA indicated a willingness to conduct 
additional surveys of their members' Y2K readiness in 1999.
            Highway
    AAMVA, an international association representing motor vehicle and 
traffic law enforcement administrators from jurisdictions within the 
United States and Canada, surveyed its members in August 1998, 
receiving 44 responses representing 31 States. Forty-seven percent of 
respondents said the Y2K issue was a ``top priority'' for their 
organization, while 36 percent ranked it as ``very high'' or ``high,'' 
and 9 percent as ``medium'' or ``low.'' On system compliance, 34 
percent reported that they were Y2K compliant; 59 percent said they 
were assessing the issue or had at least one Y2K project planned or 
underway.
    Respondents cited five functional areas of motor carrier 
operations--safety administration, registration, fuel tax, operating 
authority, and oversize/overweight permits--as being vulnerable to the 
Y2K problem. Target dates given for expected compliance of these areas 
range from November 1998 to October 1999. More than 60 percent of 
respondents were fully confident that their jurisdiction would be 
compliant prior to January 1, 2000, another 36 percent fell between 80 
and 99.9 percent confident.
    On contingency planning, 48 percent of respondents do not have 
contingency plans, while 32 percent do. Slightly more than half of 
those without contingency plans do not intend to prepare them. 
Contingency actions included manual procedures; back-up, parallel 
systems operation; and upgrading current system software.
            Transit
    According to a May 1998 APTA survey of over 320 major transit 
providers and suppliers (e.g., rail, bus) 92 percent of the 162 
respondents have begun Y2K reprogramming efforts. One-fifth of 
respondents reported that their systems were fully compliant. Overall, 
79 percent of all respondents indicated systems would be Y2K compliant 
by end of 1999; 21 percent were not fully confident about meeting that 
deadline.
    Survey data indicate that 47 percent of respondents expect no 
problems managing Federal Transit Administration (FTA) grants; 8 
percent expect problems; and 45 percent were unsure. In its analysis of 
the survey results, APTA suggested that technical assistance from FTA 
would be necessary to help transit systems become Y2K compliant. FTA 
has since worked with APTA to conduct Y2K informational seminars at 
APTA's annual meeting in October 1998, and is planning a January 1999 
Y2K conference to be co-sponsored by the Federal Railroad 
Administration.
    For more information, consult: www.y2ktransport.dot.gov or 
www.dot.gov.
Water Supply (Working Group Chair--Environmental Protection Agency)
    The most recent survey data indicates that a majority of public 
water system representatives do not expect the Y2K problem to interrupt 
water services. Most public water systems can be operated using manual 
controls, and sufficient environmental protections can be maintained 
while the system is run in such a manner. However, data indicate that 
system operators have concerns about their exposure to external system 
failures.
            Drinking Water
    In September 1998, the American Water Works Association (AWWA), the 
Association of Metropolitan Water Agencies (AMWA) and the National 
Rural Water Association (NAWC) issued a preliminary report on the Year 
2000 readiness of community public water systems. Together, AWWA, AMWA 
and NAWC represent approximately 4,000 public water systems which 
provide services to 80 percent of the U.S. population.
    According to the preliminary data, gathered in the summer of 1998 
from more than 600 respondents to a survey on Y2K readiness, large 
water systems (serving more than 1 million people) expect minimal 
internal problems related to the century date change. Among operators 
of medium to large-size systems (serving more than 100,000 people), 86 
percent expect their internal systems will be Y2K compliant by January 
1, 2000. However, the data also suggest that few system operators have 
assessed possible exposure to Y2K problems from failures in systems of 
outside service providers (e.g., telecommunications, power, chemical 
suppliers).
    Sixty-one percent of respondents have a formal Y2K plan; 36 percent 
have no plan; and 3 percent responded ``do not know.'' One half of the 
respondents said that they had completed their assessment of internal 
systems, 42 percent said they have not and 8 percent responded that 
they do not know. Only 25 percent of respondents said they had 
completed an assessment of external systems.
    More than three-fourths (81 percent) of water system operators 
expect that their Y2K work on their internal systems will be completed 
by January 1, 2000. A smaller number (63 percent) expect that work on 
external systems will be completed by that date.
    On contingency planning, most public water systems have back-up 
plans for natural disasters (e.g., hurricanes, earthquakes), but it is 
unclear whether system operators have expanded these plans to account 
for potential Y2K-related failures. At the time of the original survey, 
22 percent of respondents said that they had completed contingency 
plans for the Y2K failures in internal systems, and a smaller number 
(12 percent) said that they had completed such plans for external 
system failures. A more extensive report is scheduled for release in 
March 1999.
            Wastewater
    In June 1998, the Association of Metropolitan Sewerage Agencies 
(AMSA), a coalition of over 2,000 of the Nation's publicly owned 
wastewater treatment agencies, conducted a survey of Y2K preparedness 
in the area of wastewater treatment. The survey focused on Year 2000 
problem evaluation, estimated repair costs, repair status, impacts of 
potential system failures and contingency planning efforts.
    Only 54 percent of the responding facilities are automated. 
According to AMSA, 90 percent of respondents said they have implemented 
plans for addressing the Y2K problem and completed the assessment of 
all computer-related systems. Ninety-five percent have begun to 
implement solutions for systems that demonstrated some kind of Y2K 
failure during the assessment phase. More than one quarter of 
respondents (26 percent) stated that they were almost done with their 
remediation efforts.
    On contingency planning, 55 percent report having a back-up plan 
for possible Year 2000 failures--most involving manual operations. 
Water trade association representatives have indicated that, should 
computer failures or any type of dislocation arise on January 1, 2000, 
industry-wide contingency planning calls for conversion to manual 
operations. However, 15 percent of respondents reported concerns about 
manual operations and possible environmental compliance issues.
    A follow-up survey was scheduled for December 1998 that will gather 
further information about contingency plans and the effects of Year 
2000 failures among external service providers (e.g., power, 
telecommunications, chemical vendors). Results are expected early in 
1999.
    For more information, consult: www.epa.gov/year2000.
                            iii. other areas
Federal Government
    The Federal Government operates some of the largest, most complex 
computer systems in the world that provide services to millions of 
Americans. The Health Care Financing Administration (HCFA), for 
example, processes roughly 1 billion Medicare transactions each year, 
worth more than $210 billion in fiscal 1997. The Government also 
exchanges data electronically with the States, which administer key 
Federal programs such as Food Stamps, Medicaid, and unemployment 
insurance.
    Preparing Federal systems for the Year 2000 is an enormous 
challenge, and agencies have mounted aggressive efforts to ensure that 
critical services will not be disrupted by the transition to the new 
millennium. The first interagency task force dealing with the Y2K 
problem was created three years ago. Since late 1996, Federal agencies 
have been required to report quarterly to the Office of Management and 
Budget (OMB) and Congress on their progress to assess, remediate, test, 
and implement mission-critical systems against a government-wide goal 
of having all critical systems Y2K compliant by March 31, 1999.
    According to the most recent OMB report, as of November 15, 1998, 
61 percent of Federal critical systems were compliant, up from 27 
percent a year earlier. The November data also indicated that 90 
percent of critical systems requiring repair have already been fixed 
and are now being tested. A small percentage of critical systems are 
not expected to meet the March goal, and agencies will produce specific 
benchmarks for completing work on these systems before January 1, 2000. 
All agencies are working to develop contingency plans in the event of 
internal or external failures.
    Agencies receiving high marks from OMB for their progress include 
the Small Business Administration, the first agency to report that 100 
percent of its critical systems are now compliant, the Social Security 
Administration, the Department of Veterans Affairs, and the 
Environmental Protection Agency.
    According to OMB, agencies that continue to face significant 
challenges include the Departments of Defense, which operates more than 
one-third of the Government's critical systems, Energy, Health and 
Human Services, State, Transportation, and the Agency for International 
Development. The following descriptions of Y2K challenges at these 
agencies are excerpted from the most recent OMB report.
    Defense.--The Defense Department continues to make progress in 
addressing its massive Y2K problem (percentage of Y2K compliant 
critical systems rose to 53 percent from 42 percent in August 1998), 
albeit at a rate too slow to meet the March 1999 goal. As a result, the 
Secretary and Deputy Secretary have taken a number of actions to 
accelerate the Department's progress toward Y2K compliance, including 
requiring commanders and service chiefs to personally certify the Y2K 
status of each major information system, and withholding funding for 
non-Y2K work on information systems unless and until military 
departments demonstrate Y2K progress.
    Energy.--Compliance increased from 40 percent to 50 percent in the 
last quarter, and progress has been made in the other phases. The 
Department, however, has not completed its renovation work, finishing 
renovation on 88 percent of its critical systems. Likewise, the 
Department has completed validation on only 53 percent of its critical 
systems. The Department's CIO is conducting site compliance reviews in 
cooperation with the Office of the Inspector General and Office of 
Oversight. The compliance reviews have increased awareness of the 
severity of the problem and the need for high-level management 
attention.
    Health and Human Services.--HCFA has made significant progress on 
renovating its internal and external systems. However, HCFA remains a 
serious concern due to potential hurdles in external system remediation 
and high contingency cost estimates. Medicare contractors will have to 
make an intensive, sustained effort to complete validation and 
implementation of their mission critical systems by the government-wide 
goal of March 31, 1999.
    State.--The State Department faces a significant challenge in 
simultaneously managing its complex Y2K project and completely 
replacing information systems installed around the world. The 
Department has obtained additional contractor support to address two 
key concerns: overall Y2K program management and technical ``strike 
force'' expertise to assist in problem areas. While the Department 
remains behind government-wide goals for renovation of systems and 
overall compliance, results are improving.
    Transportation.--The Transportation Department improved management 
oversight, combined with an accelerating rate at which the Federal 
Aviation Administration (FAA) is remediating air traffic control system 
components, is significantly mitigating risk. As of mid-November 1998, 
the Department-wide percentage of critical systems renovated stood at 
95 percent, a significant improvement over the 64 percent reported in 
the previous quarter. However, with only 31 percent of its critical 
systems validated and 21 percent implemented, the Department continues 
to lag behind the government-wide schedule.
    Agency for International Development (AID).--The next months will 
be critical as AID faces many challenges in repairing its remaining 
four complex critical systems. AID has, however, completed renovation 
of two systems and has begun the certification process. AID continues 
to make management improvements and has retained several contractors to 
assist project management including performing independent validation 
and verification of contractor deliverables. Renovation of AID's most 
important system is underway, including development of standard date/
time processing functions and line-by-line assessment of the system.
    For more information on the Government's progress in preparing 
critical Federal systems for the Year 2000, consult the Council's web 
site (www.y2k.gov).
State and Local Government
    Americans rely upon State and local governments for many important 
services, from unemployment insurance to water treatment and emergency 
services. The vast majority of these services rely upon automated 
processes that are at risk of experiencing Year 2000-related failures.
    Progress among State governments in addressing the Year 2000 
problem varies. According to a National Association of State 
Information Resource Executives (NASIRE) survey of State Y2K 
remediation efforts, several States report that they have completed Y2K 
work on more than 70 percent of their systems. But a handful of States 
still have much work left to do, reporting that they haven't yet 
completed work on any of their critical systems. Virtually every State, 
however, has an organized Y2K program in place, often led by a 
designated State Y2K Coordinator.
    Local governments are a more serious concern. At the local level, 
many towns, cities, and counties are aggressively attacking the problem 
and are making good progress, but a significant number are not 
sufficiently organized to prepare critical systems for the new 
millennium. According to a December 1998 National Association of 
Counties survey of 500 counties representing 46 States, roughly half of 
counties do not have a county wide plan for addressing Year 2000 
conversion issues. Almost two-thirds of respondents have not yet 
completed the assessment phase of their Year 2000 work. The survey also 
found that, in general, Year 2000 efforts among larger counties are 
more advanced than their smaller counterparts.
    The Council has been working with the White House Office of 
Intergovernmental Affairs and key groups like the National Governors 
Association, NASIRE, the National Association of Counties, and the 
National League of Cities to promote action on the problem among State 
and local governments. In July 1998, Council members participated in a 
two-day National Governors' Association Y2K conference with Year 2000 
coordinators from 45 States. The Council Chair participates in monthly 
conference calls with State Year 2000 executives to discuss cooperative 
efforts between the Federal Government and the States and how States 
can help each other to address Y2K challenges.
    Federal agencies are also actively working with the States to 
ensure that Federal-State data exchanges used to carry out important 
programs such as Food Stamps and Medicaid will be ready for the Year 
2000. Most Federal agencies and States have now inventoried all of 
their data exchange points and are exchanging information with one 
another to ensure the exchanges will function in the Year 2000. 
However, as of the last OMB quarterly report, three States had not yet 
provided any information on the status of their data exchange 
activities. For the February 1999 quarterly report, OMB has asked 
Federal agencies to provide assessment information, for each State, of 
Y2K progress on State-administered Federal programs.
    One State-administered Federal program, Unemployment Insurance 
(UI), has a unique Y2K failure horizon date of January 4, 1999. UI 
systems look forward one year to calculate a beneficiary's UI 
entitlement which means that, in the first week of January 1999, these 
systems must be able to process dates in January 2000. States that do 
not yet have Year 2000 compliant systems have had to implement 
temporary back-up, or contingency, plans until permanent fixes are 
completed. The Labor Department is working with the States and 
territories that have implemented such plans and is confident that 
benefit payments will continue. This work demonstrates the importance 
to every organization of having an adequate contingency plan. The UI 
experience also illustrates the fact that a Year 2000 failure does not 
have to mean that a program will stop functioning.
Small and Medium-Sized Businesses
    The status of Year 2000 efforts among the Nation's 24 million small 
and medium-sized businesses is an ongoing concern. Most of these 
businesses do not have a vast number of information technology systems, 
but, like large companies, they too need to assess how the Year 2000 
problem could impact their operations. Many small and medium-sized 
businesses are taking steps to address the problem and to ensure not 
only that their own systems are compliant but that those they depend 
upon are ready for the Year 2000 as well. But a significant number of 
these businesses are not preparing their systems for the new 
millennium.
    A recent National Federation of Independent Business survey, 
released in January 1999, indicates that as many as a third of small 
businesses using computers or other at-risk devices have no plans to 
assess their exposure to the Y2K problem. The survey also indicates 
that more than half of small firms have not yet taken any defensive 
steps. The reasons for this inactivity vary. Many of these business 
owners believe that, unless they operate large, mainframe computers, 
the Y2K problem poses no threat to their operations. Others have stated 
that they will fix systems when and if they fail, and that taking 
preemptive action to assess and fix potential Y2K problems is a waste 
of time and money.
    The Small Business Administration (SBA) has mounted an aggressive 
outreach program to increase awareness and promote action on the 
problem among small and medium-sized businesses. SBA is distributing, 
through its web site (www.sba.gov/y2k) and other outlets, information 
about how businesses can assess their exposure to the Year 2000 problem 
and prepare their systems for the new millennium.
    SBA has enlisted the support of private sector organizations in its 
efforts to reach small and medium-sized businesses with information on 
the Y2K problem. National industry trade associations, such as the 
American Bankers Association and the American Insurance Association, 
have distributed SBA Y2K information to their members and encouraged 
them to share it with their clients. The Bank of America, Wells Fargo, 
and other major banks have distributed an SBA Y2K ``bill stuffer'' 
flyer to their business customers. And power companies, like Maine 
Electric and the Potomac Electric Power Company, have also distributed 
SBA information to their customers.
    In October 1998, the Council joined the SBA, the Commerce 
Department, and other Federal agencies in launching ``National Y2K 
Action Week,'' to encourage small and medium-sized businesses to take 
action on the Y2K problem. The week was built around more than 300 Y2K 
educational events for small and medium-sized business managers held at 
Federal agency field offices across the country. Materials promoting 
the Week appeared in the Nation's post offices and the Council ran 
advertisements in 250 newspapers listing the names of more than 160 
national trade associations committed to encouraging their members to 
meet the Year 2000 challenge.
International Activities
    International activities is the area for which there is the least 
amount of information. The State Department and other agencies on the 
Council's International Relations Working Group has been working with 
U.S. embassies and other organizations around the world in an effort to 
gather Y2K information on a country-by-country basis.
    Based on the available information, it is clear that although more 
countries have recently begun to focus on the Year 2000 problem, most 
are significantly behind the United States in efforts to prepare 
critical systems for the new millennium. Awareness remains especially 
low among developing countries. Lack of progress on the international 
front may lead to failures that could affect the United States, 
especially in areas that rely upon cross-border networks such as 
finance, telecommunications, and transportation.
    The United States is working to encourage other nations to take 
action on the problem and to facilitate coordination of country Y2K 
efforts on a regional and international basis. The U.S. worked closely 
with the United Nations to organize the first-ever meeting of national 
Year 2000 coordinators from over 120 countries on December 11, 1998. 
Delegates to the meeting discussed Y2K challenges in key infrastructure 
areas and agreed to work together regionally to share information on 
their Y2K remediation and contingency planning. The U.S., along with 
several other nations that helped to organize the meeting, will also 
work to create an international coordinating center to help support 
these efforts in the coming months.
    The U.S. has also forged bilateral cooperative agreements on the 
Y2K challenge with several nations, including Japan, South Korea, 
Canada, and Mexico. Under these agreements, U.S. authorities are 
working with their counterparts in other countries to exchange 
information on Y2K efforts in key areas such as power, transportation, 
customs, telecommunications, finance, and health care.
    The Council Chair has met with numerous international organizations 
like the Organization of American States, the OECD, the World Bank, and 
the International Monetary Fund to enlist their support in encouraging 
their members to take action on the problem. To assist developing 
countries, the U.S. is working with the World Bank to support its 
program of increasing awareness of the problem among developing 
countries through a series of international conferences on the issue.
    National security is a serious concern. It is important to note 
that the Y2K problem will not cause nuclear weapons to fire 
automatically; they require some form of human intervention for launch. 
The Department of Defense (DOD) has been reaching out to other 
countries to ensure that they too are taking appropriate action to 
secure the readiness of their defense systems. DOD representatives have 
met with NATO to discuss Y2K progress on NATO support systems and 
infrastructure. DOD has also worked, along with defense representatives 
from the United Kingdom and Canada, to form an Allied Y2K Coordination 
Committee which has enabled DOD to meet with defense representatives 
from Germany, New Zealand, the Netherlands, France, and Australia. DOD 
has also met separately with representatives from Russia, Poland, the 
Czech Republic and Hungary to discuss Y2K efforts for their defense 
systems.
    Over the coming year, the Council will continue to focus its 
energies on key areas of concern in our increasingly interconnected and 
interdependent world.
                                 ______
                                 
                Appendix: Other Working Group Activities
Building Operations (Working Group Chairs--Department of Housing and 
        Urban Development, General Services Administration)
    The Buildings and Housing Working Group is working with the 
International Facilities Management Association (IFMA) and the 
International Buildings Operations and Management Association (BOMA) to 
ascertain the Y2K status of common building systems (e.g., elevators, 
climate control systems, security systems). IFMA and BOMA are 
conducting a survey of their membership that is expected to produce a 
detailed assessment in late March 1999.
    The General Services Administration (GSA), chair of the working 
group, has found that 98 percent of systems in its buildings are Y2K 
compliant. GSA also reports that its systems can be manually operated 
if necessary.
    Specific information on building product compliance and contingency 
planning is available on the World Wide Web through www.y2k.gov or 
through www.gsa.gov.
Consumer Affairs (Working Group Chair--Federal Trade Commission)
    The Consumer Affairs Working Group, chaired by the Federal Trade 
Commission (FTC), is assessing the Y2K compliance of consumer products 
and financial services. The group is also conducting a broad-based 
education initiative to make Y2K information available to consumers 
through the Internet and a toll-free information line.
    The Y2K consumer education initiative covers 85 separate topic 
areas ranging from product safety to health care to money. Information 
is made available to consumers through a collection of links to 
government agencies, trade associations, and private companies posted 
to the www.consumer.gov website, and through the toll-free 1-888-USA-4-
Y2K information line.
    The fifty largest companies in the consumer financial services 
industry engaged in direct credit lending to consumers and/or retail 
credit make up 90 percent of the consumer finance industry and report, 
through their trade association, the American Financial Services 
Association, that 90 percent of their systems are Y2K compliant. These 
companies expect to be 99 percent compliant by the end of the first 
quarter of 1999. Similarly, the credit card industry and the mortgage 
banking industry also appear to be making good progress with their Y2K 
efforts. The consumer electronics industry reports that consumers 
should not experience Y2K problems with electronic products other than 
some older model VCR's, camcorder, and fax machines. Home appliance and 
residential heating and cooling equipment manufacturers report through 
their trade associations that no Y2K-related failures are expected for 
these products.
Education (Working Group Chair--Department of Education)
    The Education Working Group, chaired by the Department of Education 
(DOEd), has been working with key education associations to assess Y2K 
preparedness within the elementary/secondary community, the higher 
education community, and among third party service providers (e.g., 
loan guarantee agencies, debt collection agencies, financial 
institutions).
    In the summer of 1998, DOEd and the American Association of 
Community Colleges (AACC) surveyed AACC's 1,300 member schools on their 
Y2K preparedness. In the same timeframe, DOEd also surveyed more than 
1,400 direct loan schools. The combined results indicated that 62 
percent of postsecondary respondents reported the existence of a Y2K 
project plan at their institution. Seventy-six percent reported being 
either completely confident or very confident that their institution 
will be Y2K compliant by March 1999.
    DOEd and the Council of Great City Schools conducted a survey of 
elementary and secondary schools' Y2K preparedness in spring 1998 in 
the nation's 50 largest school districts. Nearly one-third of 
respondents reported their district did not have a written Y2K plan. 
Over 90 percent, however, were confident that their systems would be 
compliant by January 1, 2000. A follow-up survey was launched in fall 
1998, with results expected in January 1999. To better ascertain the 
level of Y2K preparedness among the elementary and secondary community 
in small and medium size school districts, DOEd and the American 
Association of School Administrators are designing a survey of Y2K 
readiness. Results are expected in early 1999.
Employment Related Protections (Working Group Chair--Department of 
        Labor)
    The Employment Related Protections Working Group, chaired by the 
Department of Labor (DOL), is aggressively working with the employment 
sectors of U.S. businesses and State and local governments in order to 
determine the status of Y2K efforts for employee health and safety and/
or employment-related benefits related systems. The working group has 
asked 21 organizations representing DOL constituents to participate in 
a Year 2000 assessment of their membership. The umbrella organizations 
asked to participate represent manufacturing, general industry, 
construction, mining, labor unions, and State and local governments.
    DOL is also working with the 53 State Employment Security Agencies, 
which administer the unemployment insurance (UI) program, to ensure 
that States and other jurisdictions are able to process and distribute 
UI benefits into the Year 2000.
Food Supply (Working Group Chair--Department of Agriculture)
    The Food Supply Working Group (FSWG), led by the U.S. Department of 
Agriculture (USDA), is focused on the Y2K readiness of the U.S. food 
industry and on how the Y2K problem might affect foreign countries as 
markets for U.S. agricultural products and as suppliers of food 
products to the United States. The FSWG works to identify potential 
disruptions to supply and markets.
    The FSWG reports its initial analysis indicates that the state of 
readiness within the food industry is encouraging. Major domestic 
companies that provide most of the foods the American public consumes 
are confident they will continue to operate in spite of the Y2K 
problem. The FSWG reports that an interruption in the food supply so 
severe as to threaten the well-being and basic comfort of the American 
public is unlikely. The group's initial assessment also indicates that 
key foreign markets for U.S. food products will likely have a low risk 
of Y2K disruptions to their import, processing, distribution and retail 
chains. However, some countries and their domestic food supply 
industries have not yet made significant progress on the problem. 
Should there be a disruption of imports, domestically grown fresh 
fruits and vegetables are likely to continue to be available.
Health Care (Working Group Chair--Department of Health and Human 
        Services)
    The Health Care Working Group, chaired by the Department of Health 
and Human Services (HHS), is reaching out to health care professional 
and provider groups to assess the Y2K readiness of the health care 
community. These groups include: the American Ambulance Association, 
American Hospital Association, the American Medical Association, the 
Health Industry Manufacturers Association, the Joint Commission on 
Accreditation of Health Care Organizations, the National Association of 
Community Health Centers, Inc., and the National Association of Rural 
Health Clinics.
    The survey data gathered to date is mostly centered on hospitals 
and larger health care facilities. Responses to an American Hospital 
Association survey and an informal survey conducted by Medical Records 
Briefing newsletter for the health information management industry, 
indicate that more than 70 percent of larger organizations have Y2K 
remediation plans in place. Their anticipated completion dates for Y2K 
work fall throughout 1999.
    Throughout 1999, working group members plan to gather assessment 
information on Y2K readiness, especially among smaller health care 
organizations. With support from the Association of State and 
Territorial Health Officials, the Centers for Disease Control and 
Prevention (CDC) have sent a Y2K readiness assessment survey to 57 
State and Territorial Health Officials. Results are expected by the end 
of January 1999. The HHS Inspector General's Office has plans to survey 
the Y2K readiness of a sample of Medicare providers.
Housing (Working Group Chairs--Department of Housing and Urban 
        Development, General Services Administration)
    The Buildings and Housing Working Group recently gathered initial 
assessment information from more than 150 housing authorities, public 
housing authorities, Tribally designated housing entities, grantees, 
and city/county neighborhood housing and community economic development 
offices.
    Survey results indicate that, as a whole, there is a high level of 
awareness of the problem within the Housing Sector. But much work 
remains. Overall, 25 percent of respondents have completed work on 
mission-critical application systems, and 8 percent have completed work 
on embedded chips.
    Results from this initial survey will factor into the design of on-
going efforts to monitor and motivate preparations by these sector 
participants during 1999.
Human Services (Working Group Chair--Department of Health and Human 
        Services)
    The Human Services Working Group, chaired by the Department of 
Health and Human Services (HHS), monitors the level of Year 2000 
preparedness for many human services programs. They include: Temporary 
Assistance for Needy Families (TANF), Head Start, Medicaid, the Food 
Stamp Program (FSP) and Special Supplemental Nutrition Program for 
Women, Infants, and Children (WIC).
    HHS will obtain updated information on the Y2K compliance status of 
its State administered programs and conduct periodic reassessments of 
State Y2K efforts throughout 1999. On Medicaid, the Health Care 
Financing Administration (HCFA) is working with a contractor to assess 
the status of State Medicaid-related Y2K efforts. HCFA staff will visit 
all States at least twice in 1999. The Department of Agriculture's Food 
and Nutrition Service will continue to prepare quarterly reports on the 
Y2K status of State systems supporting the FSP and WIC, focusing on 
software, hardware, and telecommunications compliance.
Information Technology (Working Group Chair--Department of Commerce)
    The Information Technology Working Group promotes action on the Y2K 
problem among the broad spectrum of companies that make up the 
information technology (IT) industry. The group conducts its outreach 
through organizations such as the Information Technology Association of 
America, the Institute of Electrical and Electronics Engineers, the 
Business Software Alliance, and the Internet Society.
    The working group is forming a task force to assess the Y2K 
readiness of the IT sector as a whole, taking into account both 
business operations and products and services. Results are expected in 
late January 1999. More information about the working group can be 
found at y2k.ita.doc.gov.
International Trade (Working Group Chair--Department of Commerce)
    The International Trade Working Group, which includes 
representatives from the Commerce Department's U.S. and Foreign 
Commercial Service, the U.S. Customs Service, the Department of 
Transportation, and the U.S. Information Agency, is working with a 
number of key trade associations to help assess the progress of Y2K 
efforts in three critical areas of international trade: infrastructure 
(transportation and logistics), manufacturing (suppliers and buyers), 
and services (financial and legal services).
    Participating organizations include the American Association of 
Port Authorities, the American Chambers of Commerce (overseas), the 
American Warehouse Association, the Chamber of Shipping of America, the 
Export Legal Assistance Network, the International Trade Council, the 
National Customs Brokers and Freight Forwarders Association, the Small 
Business Exporters Association, the Small Business Industry Sector 
Advisory Council, and the U.S. Council for International Business.
    In February 1999, each of our association representatives will 
complete a report on its members' Y2K preparedness. In January 1999, 
the U.S. and Foreign Commercial Service is scheduled to release in the 
first quarter of 1999 a report on the Y2K activities of foreign 
governments via the Internet at www.y2k.ita.doc.gov.
Non-Profit Organizations and Civic Preparedness (Working Group Chair--
        Office of Personnel Management)
    This working group, which has representatives from the Office of 
Personnel Management (OPM), the Department of Health and Human Services 
and the Federal Emergency Management Agency, is tracking the Y2K 
progress of non-profit organizations and coordinating inter-sector 
communications related to civic preparedness.
    OPM conducted in August 1998 an informal Y2K readiness poll of 
several non-profit and charitable organizations within the Federal 
Government's Combined Federal Campaign. The responses indicated that 
most large national organizations and their local chapters/affiliates 
are aware of Y2K, and are taking measures to ensure that their internal 
systems will be ready for the century date change. Few organizations, 
however, were assessing internal embedded chip-based systems or outside 
partners' Y2K progress. Results of a more detailed survey, which 
attempts to reach most non-profits 501(c)(3) organizations, will be 
available in February 1999.
Police/Public Safety/Law Enforcement/Criminal Justice (Working Group 
        Chair--Department of Justice)
    This working group, chaired by the Department of Justice (DOJ), has 
been working with a number of non-Federal organizations to promote 
action on the Y2K problem. These organizations include: the 
International Association of Chiefs of Police, the National Association 
of Attorneys General, the National Association of Police Organizations, 
the National District Attorneys Association, the National Sheriffs 
Association, and the National Troopers Coalition.
    Based on informal assessment information, there is a high level of 
awareness of the problem among non-Federal police/law enforcement 
entities. State police/law enforcement entities and departments in 
larger metropolitan areas are making good progress. However, most 
departments at the county and municipality level lack the 
sophistication to assess the Y2K readiness of their service providers. 
These departments do not have their own, dedicated IT resources--money 
and professional staffing--and are instead dependent on the IT 
departments of the county, city, or municipality of which they are a 
part. Dedicated radio communications and dispatch systems are a concern 
for all police/law enforcement organizations and the working group is 
encouraging departments to focus on contingency planning in this area.
Tribal Governments (Working Group Chairs--Department of the Interior, 
        General Services Administration)
    As part of an effort to promote action on the Y2K problem in the 
Native American community, the General Services Administration and the 
Interior Department's Bureau of Indian Affairs in December 1998 worked 
with the National Congress for American Indians to distribute a Y2K 
information package to the leaders of the 554 recognized tribes. Other 
outreach activities included recent meetings with Alaska tribes and the 
Navajo Nation. Another meeting is scheduled at the end of January 1999 
with 39 tribes in Oklahoma.
    Other Federal agencies in the Tribal Governments Working Group, 
such as the Environmental Protection Agency and the Indian Health 
Service, are now meeting with the Bureau of Indian Affairs to design 
and plan a survey that will better define specific Y2K concerns within 
Tribal communities.
Y2K Workforce Issues (Working Group Chair--Department of Labor)
    The Y2K Workforce Issues Working Group, chaired by the Labor 
Department, conducts outreach to connect organizations seeking Y2K 
assistance to those who have skills for tackling the problem. One of 
the group's key initiatives is the IT Job Bank (it.jobsearch.org). This 
subset of the Labor Department's ``America's Job Bank'' 
(www.ajb.dni.us) is a free Internet resource designed to help employers 
connect with individuals that have Y2K expertise.
    The working group also reports to the Council Chair on the status 
of the Y2K labor force within the Federal Government and in other 
areas. For the most part, the Federal Government has thus far not 
experienced labor shortages among personnel qualified for fixing the 
problem. Personnel costs in the private sector are increasing. There 
has been some anecdotal information on shortages in some industries, 
but thus far there is no evidence of a systemic labor shortage in the 
private sector. Concerns are mounting, however, about how increasing 
international Y2K activity may affect the supply of qualified 
personnel.

    Chairman Stevens. Thank you very much.
    First let me congratulate you for this report, the first 
quarterly summary, that you put out on January 7th. I hope the 
members will each get a copy. There is a copy here for 
everyone.
    Mr. Koskinen. There is a copy for each member.
    Chairman Stevens. I think that is a very good summary that 
we should study before we start the subcommittee hearings.
    I have a few questions. First, it is my judgment that there 
are some systems out there that are under primary 
responsibility of the State and local governments that do 
affect the health and safety of our people, including Federal 
employees who are carrying out other programs. Are we looking 
into the interface of this?
    Some States may not be able to secure funding for that 
because of their legislative process. I should think we ought 
to have some way to identify those and perhaps include those in 
a Federal emergency appropriation. The concepts of--I am 
thinking particularly of the highways.
    Just as a footnote, I got a note the other day about a 
young patrolman who got an award in our State because he fixed 
a problem that everyone thought was going to cost hundreds of 
thousands of dollars for less than $100. It was an interesting 
way he did it. But there is innovation out there in the system 
and I think we should be sharing that. But I am not sure that 
the States and the local governments have the money to identify 
those areas that are Federal priorities and to move on those 
Federal priorities, is what I am saying.
    Should we identify some and tell the States, we want you to 
move on these and the local governments to move on these, and 
we will assist you to make them a high priority, those that 
affect the interstate transportation system, those that affect 
the communications system, those that affect the interstate 
airways system?
    It seems to me there are some out there that are direct 
Federal, so much involved with carrying out our 
responsibilities, that we should get the States to make them 
high priorities. Have you done anything along that line?
    Mr. Koskinen. Yes. We actually view this as a three-tiered 
problem. The first tier is the Federal systems we are 
responsible for and have direct authority over.
    The second tier is all the systems we interface with, which 
to a large extent are at the State and local level for the 
administration of a wide range of programs, including highways, 
Medicaid, unemployment insurance, and food stamps.
    The third tier, as you mentioned earlier, is our outreach 
to everyone else in the world, in effect, but certainly 
everyone else in the domestic economy over whom we do not 
necessarily have direct authority or responsibility, but, as 
you note, whose failure would create a problem either for the 
economy or for the public.
    We are working in each of those three tiers.
    Chairman Stevens. Are we financing it, though? The 
interstate airways system, the international airways system, 
for instance. My State is the air crossroads to the world, I 
think, but as a fact of the matter we will not function unless 
those foreign aircraft can solve their problems in their Y2K 
countries of origin.
    Mr. Koskinen. Exactly.
    Chairman Stevens. Are we doing anything along that line?
    Mr. Koskinen. Yes. Let me try to take you through an answer 
to all of that. At the State level, we had a State summit. We 
invited all the States to join us last July here in Washington 
under the aegis of the National Governors Association. With 45 
States, we went through all the critical areas of interest to 
them and their immediate constituents and to the Federal 
Government.
    I now have a monthly conference call for a couple hours 
every month with the State Year 2000 coordinators from across 
the country looking at issues that they are dealing with, 
sharing information as we go, trying to make sure that we and 
they jointly are paying attention to the most important 
problems. We have a specific program going on with the States 
to test every data exchange point of the 160 Federal programs 
that the States actually run to ensure that those data 
exchanges work.
    OMB has asked the Federal agencies, in the next quarterly 
submission, to report on the State administration of the most 
significant Federal programs we are concerned about as we move 
forward. We have continued to monitor State progress in other 
areas. In many of the Federal programs, like the highway 
program, we have had specific meetings with the States. Most of 
the Federal agencies have noted that, in many of these 
programs, existing funding from the Federal Government for the 
program can under the current authorities be used for Year 2000 
remediation efforts. The Transportation Department, the 
Education Department, and other Departments have made that 
clear to the States.
    So with regard to the State level at this point, while 
everyone is always short of revenues and would appreciate more, 
we do not think funding has been a major problem. Rather, in 
some States our major problem has been attention. We have 
increasingly tried to get the States to understand that if the 
governor does not have this as his or her priority, then that 
State is going to have difficulties, and the same is true at 
the county and city level.
    I would feel in some ways more reassured about the problem 
if we had more people saying, ``We do not have funding.'' My 
concern is the people who think the Y2K problem is either not 
their problem or they will wait and see whether or not their 
systems break and then fix them.
    So we have spent a lot of time in the last 9 months 
reaching out at the State level, trying to get the States to 
work with us to reach out to the counties and the cities, to 
make sure that they too understand the importance of dealing 
with this problem.
    Internationally, it clearly is a global village. We are all 
increasingly interconnected. International air traffic systems, 
telecommunications systems, financial service systems, maritime 
shipping systems, all form a network that we depend upon in 
various ways. Certainly in States like Hawaii, Alaska, and 
other importing areas of the country, if international systems 
go down it will directly affect us.
    I had a very good meeting about a week ago with the House 
appropriators and their staff members on the use of emergency 
funds to encourage activities in those areas. As you know, the 
emergency funding is for Federal systems and related expenses. 
We discussed and agreed that only fixing the Federal systems 
that are operated by Federal agencies will not do us any good 
if the systems we depend upon and relate to do not function.
    While at this time there is no agreement that we should be 
using the funding to fix any other nation's systems, it is 
clear that it is appropriate to use those funds to encourage 
increased activities in those areas internationally. For 
example, the FAA is working with the International Air Traffic 
and Civil Aeronautics Associations to in fact reach out to 
other countries to make sure they are paying attention to the 
problem and doing the necessary work on air traffic systems.
    We have arranged with the U.S. Coast Guard to have an 
emergency meeting the first week in March in London of 
international maritime associations, both in the private and 
the public sector, as well as international port associations, 
to begin to try to make sure that we have an organized global 
effort to mitigate interruptions in maritime shipping 
activities.
    But you are right, if we in a lot of these areas cannot 
depend upon our foreign partners in the private sector and in 
the public sector, that will have an adverse effect on at least 
some sectors of our economy and the public.
    Chairman Stevens. Let me do this now since we have 
additional members that have joined us. So I want to make sure 
people understand what this is not. Again, this is not a 
hearing to go into what the Time magazine is talking about, the 
end of the world, or even the Newsweek articles or others we 
are getting. Senator Bennett has got a special committee that 
deals with all those problems.
    We are looking at the subject of the money that we 
appropriated last year, how it has been used, and what 
additional moneys might be needed, and whether there is 
anything that we can do to assist the coordinator of all of the 
Y2K activities for the Federal Government, with outreach to the 
State and local governments, to assure that we are compliant by 
March 31 of this year on major systems.
    I have a couple other questions to ask, but I want to urge 
everyone to sort of keep the questions short in the first round 
because some people may have to leave to go to something else.
    So let me proceed. Now, we are going by the early bird 
rule, which we will follow on this committee entirely, and that 
is if you want to ask questions early be here early. The first 
person to come was Senator Campbell. Senator Campbell?
    Senator Campbell. Thank you, Mr. Chairman. I will try to 
keep it brief.
    It looks as if I am going to chair the Treasury 
Subcommittee again, John, so I am particularly interested in a 
couple of areas. Without going through these very detailed 
reports, I want to ask just a couple of things about the 
Internal Revenue Service (IRS) and the GSA.
    I notice that--it is pretty brief. On page 21 it just says 
under ``Treasury'': ``There is a strong support team in place. 
Good progress on embedded chip, telecommunications, contingency 
planning, and data exchange.'' That does not tell me an awful 
lot.
    Frankly, you know the old taxpayers out there are calling 
and beginning to worry, that is what I want to relate to you. 
Could you in very short order tell me what progress is being 
made in the IRS? The first time there will be filing of tax 
returns, in the early season of the Year 2000, are they going 
to be noticeably impacted by any Y2K problems?
    Mr. Koskinen. The IRS runs some of the largest, most 
complicated systems in the world, and historically it has had 
difficulty dealing with large information technology upgrades 
and replacement efforts. But to the great credit of the 
employees and the very strong leadership of Commissioner 
Rossotti, who has really done a remarkable job, he and we are 
confident that the IRS will meet the March 31 deadline. So that 
as we move to the end of this year and into the filing season 
in the first quarter of the Year 2000, we expect that taxpayers 
can be confident that their returns will be processed 
appropriately, and that refunds will be issued in the 
appropriate manner. And, as I have been asked by callers on C-
SPAN a few times, you can also be assured that if you have not 
paid your taxes, the IRS will be able to handle that 
accordingly as well.
    So I think that they are in very good shape, and it is a 
great tribute to their employees because they had some of the 
largest challenges in the Federal Government when we started.
    Senator Campbell. I thank you. The other question I have 
deals with the GSA and government-owned buildings, the millions 
of square feet of office space housing Federal agencies in it. 
Do we have some assurance that we are going to be in good 
working order so that the Federal employees can do their jobs 
in this environment?
    Mr. Koskinen. Yes. One of the concerns everyone had across 
the country initially was,``Would elevators work?'' We all see 
the inspection certificate that says not valid if you have not 
been inspected in the last 6 months. It turns out all of the 
elevator companies----
    Senator Campbell. Security systems, things of that nature?
    Mr. Koskinen. They are complicated systems. The good news 
is the elevators themselves appear to have no Year 2000-related 
problems, so that the specter of elevators stopping or going to 
the basement or the roof or doing something else is not right.
    Security systems, particularly card entry systems, are at 
risk and need to be checked, and some of them need to be 
upgraded and fixed. It depends building by building, system by 
system, but increasingly that is the security for both parking 
garages and buildings.
    Senator Campbell. Do you know what is being upgraded?
    Mr. Koskinen. Those systems are being upgraded. GSA in its 
outreach program has a very strong working relationship with 
the Building Owners and Managers Association, or BOMA, as it is 
called, and they are working together to share information and 
develop an inventory. GSA has a website with an inventory of 
information in this area.
    We expect that there will not be a problem in the directly 
owned and managed Federal buildings. Part of our issue is to 
deal with those buildings that we lease from others, to ensure 
that the landlords or the owners of those buildings are also 
paying attention, because the most significant risk in a 
relatively small----
    Senator Campbell. Buildings we lease from others, who is 
responsible for paying for the upgrading of security systems? 
Is that in their contract or do we have to provide that money?
    Mr. Koskinen. It depends on the nature of the lease and 
what the contractual terms are. As a general matter, landlords 
have a responsibility to in fact have a building that is open 
and operating. On the other hand, a lot of leases provide for 
the pass-through of certain kinds of expenses, and it is a 
determination of what the lease terms are as to who pays for 
it.
    The cost is less of a concern, going back again to the 
chairman's question about State and local governments, than 
making sure that people have found the problems and fixed them. 
The cost is a relatively modest part of the problem. The bigger 
problem is the systems that do not work.
    Senator Campbell. Do we prioritize? For instance, in this 
environment of potential increased terrorist activities and so 
on, are law enforcement agencies given priority, ATF as an 
example?
    Mr. Koskinen. Yes, we are focused on the fact that New 
Year's 2000 will be an interesting weekend, not only in terms 
of whether or not systems work but also in whether or not 
people will try to take advantage of any potential problems.
    I think one of the important issues for us to be clear 
about not only with the public but with everybody else as well, 
is that our security systems are a high priority for us, that 
monitoring of community security is a high priority for us, and 
in fact there may be more people monitoring these systems that 
weekend than ever before. We think that anyone who wants to 
enter a system in an unauthorized way needs to understand that 
in the private sector as well as the government every 
organization is going to have special weapons assault team 
(SWAT) teams on duty that weekend to monitor those systems.
    Senator Campbell. Good. The last question. Since no one has 
a crystal ball around here and we are not quite sure of the 
total cost, how long after the first of the year do you 
anticipate that you might have to ask for any additional 
emergency funds, or do you anticipate that?
    Mr. Koskinen. I think it is hard to predict with a crystal 
ball. But I think that it is unlikely that we will have any 
significant need for emergency funding after January 1, 2000. 
As I noted, I think that the vast majority of critical 
government systems will be done as of March 31, 1999. 
Additional work will be going on throughout 1999 in some 
agencies and some agencies will be working on non-mission 
critical systems into the Year 2000, but they should be able to 
absorb that without any significant emergency expenses.
    Senator Campbell. Thank you.
    Chairman Stevens. Senator Reid.
    Senator Reid. You indicated that 61 percent of the Federal 
Government's had reported and were on line, so to speak, right?
    Mr. Koskinen. Right.
    Senator Reid. You talked about State and local governments. 
Do we have a percentage breakdown of State and local government 
as to what they have done to comply with our problems?
    Mr. Koskinen. We do not have a full breakout at this time. 
We are working with the National Association of State 
Information Resource Executives and the National Governors 
Association (NGA). In fact, we are talking with the NGA about 
providing them some small amount of emergency funding support 
to increase the amount of activity they have with the States.
    One aspect of that work would be to get a better picture, 
State by State, as to how the States are doing. At this 
juncture there is a website that the state Chief Information 
Officers (CIO) run, where States are beginning to provide 
information about their efforts. But we do not have at this 
point a clear understanding in terms of percentages across the 
country.
    All of the States have their own Year 2000 websites and an 
increasing number are publishing for constituents reports on 
the status of their efforts.
    Senator Reid. What is your estimate of State government and 
local government?
    Mr. Koskinen. I have a higher level of confidence in the 
States than the locals, but it is part of the experience we all 
have. The farther away from your control you get, the more 
concerns you have.
    I think that the vast majority of the States appear to be 
making good progress. I think at this point all of them are 
organized to deal with the problem, but some of them have 
greater challenges than others.
    Our greater concern is at the State and local level. The 
National Association of Counties (NACO) did an assessment for 
us as part of our outreach efforts and they noted that half the 
counties in the United States had very thorough, organized Year 
2000 plans. The problem was half of them did not. It does not 
mean that they were not doing work----
    Senator Reid. I think you misspoke. You said ``State and 
local.'' Did you mean county and city?
    Mr. Koskinen. Counties and cities, I'm sorry, yes, exactly. 
Thank you for the correction.
    NACO did that survey, and it doesn't mean that the half of 
the counties without plans are not doing any work, but it means 
they are not at the same level of organization as those with 
plans.
    One of the reasons they are doing the assessments is that 
we wanted the message to go back to counties. We wanted to have 
citizens asking, ``Are we in the set of counties without a 
plan?'' Again, at this point our concern is to make sure that 
every town mayor, every city mayor, every city manager, every 
county executive, has the Y2K problem on his or her list of 
priorities just as it is on the list of priorities of this 
committee and the President.
    Senator Reid. What about the private sector?
    Mr. Koskinen. As the chairman noted, we are working through 
cooperative relationships, with organizations representing key 
sectors of the economy to gain assessments from them and their 
members.
    Senator Reid. But do we have an estimate as to how they are 
compliant?
    Mr. Koskinen. At this juncture, in virtually all of the 
critical sectors of concern to us, it is clear that the major 
companies are fully engaged. The Federal Government is, as many 
of our critics have even begun to notice, ahead of most 
industry sectors. Our goal is March 31. Most industry sectors 
have a June 30th deadline. I think we will complete more of our 
systems.
    At this juncture there is no evidence, as I said in my 
formal statement, that there will be any national problems or 
collapses of the infrastructure. We think the national power 
grids will hold. We think national telecommunications systems 
will work. As I noted, I am confident that the air traffic 
system will work.
    Where we are concerned, and your question is a good one, is 
with not all but some, small to medium sized organizations in 
the public and the private sector who have decided that this is 
not a problem they are going to deal with now. Any organization 
making that determination is engaged in a high risk roll of the 
dice in terms of whether their systems will function. If they 
do not, that organization is going to be at the end of a very 
long line of those who may have waited to get a new piece of 
equipment.
    Senator Reid. Let me ask my last question. My time is about 
gone. A lot of us have more confidence, of course, in the work 
that you are doing for our country. But we live in an 
international economy now. What happens to countries that are 
in such difficult financial shape, countries like the former 
Soviet Union, Russia, which has all kinds of technical things 
that they depend on, just like we do, and they do not have the 
resources to be spending billions of dollars to update their 
system?
    We could go through the entire litany of countries that are 
having difficult financial problems. What is happening in the 
rest of the world to make sure that, even though we may be okay 
here in 2000, if the rest of the world is doing nothing it 
could be a big economic meltdown?
    Mr. Koskinen. It is a concern. In fact, it is my greatest 
concern. I think we have more risk internationally than we do 
domestically. I think there are a significant number of 
countries that are doing very little and, as you note, may have 
limited resources. Again, my concern internationally has been 
less with countries that say we cannot do it because we do not 
have the money and more with countries that say this is all an 
American problem, we do not have major mainframes, it cannot be 
our problem.
    As a result, somewhat out of desperation, we encouraged and 
worked with the United Nations (U.N.) to invite national Year 
2000 coordinators from around the world to meet with us in 
December. We got a greater response than I thought we would. 
More than 120 countries from around the world sent their Year 
2000 coordinators to meet with us on December 10th and 11th at 
the United Nations.
    It was clear at that meeting that a number of eyes were 
opened. Many countries volunteered that they had not realized 
the extent of their exposure to the problem. We are now 
following up on that. The United States and a number of other 
countries were asked to create an international Y2K cooperation 
center designed to increase the flow and sharing of technical 
information among countries, because the most important 
resource we have is time. The next important resource is not 
money; it is information.
    If we can increase the sharing of technical information 
about how to fix power plants, how to fix telecommunications 
systems, how to fix hospitals, not only domestically but 
internationally, we will increase the chances that more of 
those systems will work.
    There is very good work going on internationally in some 
sectors. The banking and finance industry internationally has 
done a wonderful job and I think financial systems in most 
countries will be in good shape. There is more work going on in 
telecommunications than there was a year ago. There is an 
increasing amount of work in air traffic. But there is very 
little work being coordinated in maritime shipping, which we 
are very concerned about.
    So we are going to spend a reasonable amount of time in the 
next 6 months doing what we can to help organize on a regional 
level and internationally, not only countries but companies, to 
deal with the problem. But I have much less confidence about 
the ability of those organizations, all of them, to solve their 
Y2K problems by the time we get to the end of the year.
    Chairman Stevens. Thank you, Senator.
    Senator Bond.
    Senator Bond. Thank you very much, Mr. Chairman.
    Mr. Koskinen, following up on the small business comments 
that I raised earlier and that Senator Reid mentioned, we had 
testimony last year that there were polls showing that 40 
percent of small businesses did not know or did not even care 
if they had a Y2K problem. We had other estimates that 700,000 
small businesses may shut down.
    So we are anxiously awaiting to see whether the information 
is getting out and we are making any progress. What are your 
plans for small business in your strategic advisory group?
    Mr. Koskinen. As I noted earlier--and I think your concern 
is well placed--we are concerned about small businesses. Again, 
the irony of all this is we are mostly concerned about those 
who do not think it is their problem. Increasingly, the recent 
surveys are showing that small businesses know of the issue, 
but the last small business survey done by the National 
Federation of Independent Businesses showed that up to a third 
of small businesses had no intention of doing anything about 
it.
    Now, of the 24 million small businesses, as you know, about 
90 percent of them have 5 or fewer employees and so their risks 
may be more moderate. They may be at risk primarily for the 
operation of their PCs and, if they are in manufacturing or 
production, some small number of systems. But I think a number 
of them are rolling the dice, and we are concerned.
    The Council, with the SBA, the Commerce Department, and the 
IRS, held a National Y2K Action Week directed at small 
businesses last October. The SBA is planning another major 
outreach effort in March to try to again reach small 
businesses. SBA has a wonderful website with technical and 
organizational information to help businesses deal with the 
problem.
    But at some point--its the classic, you can lead them to 
the water, the question is whether they will imbibe.
    Senator Bond. Well, I hope that you will be involved more 
with that. Our committee and I believe the House committee also 
is anxious to work with small business, because we do believe 
this is a real problem.
    Let me switch to the area where I have responsibility on 
this committee, Veterans Affairs (VA), Housing and Urban 
Development (HUD), and Independent Agencies. I was somewhat 
surprised to see that HUD is doing so well. I assume that 
Appendix A, Table 2, really is a fair overview of who is hot 
and who is not, who has been good and who has been bad.
    Mr. Koskinen. Yes. Between 26 and 27, but 27 particularly, 
that is the short form summary of where the agencies are in 
their progress.
    Senator Bond. We always like short form summaries.
    Mr. Koskinen. Yes, we all do.
    Senator Bond. HUD has been going through so much trauma in 
trying to get its systems under control that, frankly, some of 
the work that has been done there has apparently kept them 
apace with the other agencies.
    You mentioned international affairs and I am very much 
worried about National Aeronautics and Space Administration 
(NASA), which is within our jurisdiction. We have the Space 
Station program with the Russians. What do you see in that 
area? Can we crash the whole international Space Station 
because of Russian Y2K problems?
    Mr. Koskinen. Well, it is a concern. When I started last 
spring, I did an agency of the day tour and I met with the 
heads of all the Cabinet agencies, actually 44 agencies, each 
of them separately with their staffs.
    Senator Bond. Sounds like one of the hearings in our 
subcommittee.
    Mr. Koskinen. That is right.
    I wanted to get them to understand the three-tiered process 
as I saw it, with a special focus on the third tier of 
outreach. When I met with Dan Golden, it was clear that NASA, 
for its internal systems, as you would expect, had generated a 
very strong management control process. So internally I think 
they are fine.
    But in the outreach tier, NASA is concerned not only about 
their partnership with the Russians, but other international 
organizations that are operating in space. It turns out as a 
general matter that the satellites and the communications-based 
systems in space are fine. They are basically just floating 
antennas. It is everything that connects to them on the ground 
that is at risk.
    Obviously the Russians have economic challenges across the 
board independent of the Year 2000 and the relationships with 
the Space Station are challenging, to say the least. At this 
juncture, NASA has a working relationship with the Russians on 
not only the Space Station generally, but looking at the Year 
2000 problem as well. Much like our other international 
relationships in this area, we are getting cooperation, but it 
is more difficult to get information. At this stage I can only 
tell you that NASA is very focused on the issue and we would 
expect that as we move through this year toward the summer we 
will have a better report from them on exactly what the risks 
are, if any, in those systems.
    Senator Bond. Well, we will focus in our hearings with NASA 
on what can be done to wall off problems that arise in other 
countries. If there is a major crash in some country, in some 
other country that is tied in to us, can we protect ourselves 
from having a crash there interfere with our operations? Do we 
have that technology?
    Mr. Koskinen. Yes, I think that is the question we have 
across the board. We want to make sure that we know the status 
of their work, where the risks are, and if we need to wall off 
interconnects that we do that in time.
    Senator Bond. My time is up. We also have the Federal 
Emergency Management Agency (FEMA) under my subcommittee's 
jurisdiction and would welcome your guidance on what we can do 
working with FEMA to assist in local efforts, such as Senator 
Reid raised.
    Finally, I would note for my colleagues that the chairman 
reminded me, last year in the Small Business Committee we did 
pass a small business Y2K loan program specifically to make 
financing available to small businesses. That will be one of 
the very first bills we will pass out of the Small Business 
Committee, and we hope this year the House can get it done so 
the resources are available.
    Please advise us on either this committee or on the Small 
Business Committee if we can be of assistance.
    Thank you, Mr. Chairman.
    Chairman Stevens. Thank you.
    Mr. Koskinen. May I add just two comments? First, with 
regard to HUD, the progress is again a tribute to their hard 
work. Their numbers are accurate. They will in fact complete 
their work on time, and they are one of the better Federal 
agencies in this area.
    Secondly, on SBA, we have asked--and SBA has been delighted 
to do it--the SBA people to continue to work with your staff 
and others who are interested in what additional legislative or 
funding authority would be necessary to try to deal with this 
problem of getting the attention of small businesses.
    As I said, I would feel better about it if we had more 
small businesses saying, we have not got the money to do the 
work and that is the problem. Our real challenge is the third 
of them who say, well, it is not a big issue; we will call you 
if there is a problem later, which is going to be too late.
    Senator Bond. I agree.
    Chairman Stevens. Thank you very much.
    Senator Bennett.
    Senator Bennett. Thank you, Mr. Chairman. Since John 
Koskinen and I speak to each other every Wednesday afternoon 
either face to face or by telephone in my role as chairman of 
the Senate committee on this issue, I am very familiar with 
what he is doing.
    I want to take this occasion to congratulate him and 
congratulate the President for having appointed him. I think we 
have an extraordinary public servant here who understands the 
problem and is working it extremely well.
    My area of responsibility in this committee is as chairman 
of the Legislative Branch Subcommittee, and by definition you 
do not have any authority over any of that. So let me 
springboard from that to a problem that I see that I think you 
might comment on.
    As we have held hearings in the Legislative Branch 
Subcommittee and I have asked the various agencies responsible 
to that committee about their Y2K readiness--the Government 
Printing Office, the Sergeant at Arms, the Senate, the Library 
of Congress, and so on--I have received or our subcommittee has 
received, as you have given the full committee here today, 
assurances that mission critical systems will be ready.
    Now, I asked the question, give me a definition of a non-
mission critical system, and the former Sergeant at Arms the 
last time I asked the question said: Well, for example, 
Senator, the copier in your office. Now, when I say to my 
colleagues that they will be unable to make copies of press 
releases after the Year 2000 if they do not get on this 
problem, suddenly that is mission critical, particularly to 
Senators who are in election cycle. To be unable to make copies 
of press releases is a mission critical issue.
    Now, all of the tables you have given us have to do with 
the state of remediation and readiness for mission critical 
systems. I know enough from our conversations to know that the 
mission critical decision, that is the decision as to what is 
and what is not mission critical, has been made in each agency, 
as indeed it should be. I do not think we should burden you 
with the responsibility of walking through every Cabinet level 
agency and saying, this is mission critical, this is not, and 
so on and so forth. It is the management responsibility of the 
Cabinet Secretary to make that decision and it is his or her 
neck on the line if the decision is wrong.
    But in your efforts to make sure that every agency gets its 
mission critical systems properly identified and remediated, 
have you done any work or have any general sense of what kind 
of disruption will come in the non-mission critical systems 
that might not get fixed, or how serious is it going to be of 
non-mission critical systems that may be neglected in their 
effort to make sure that the numbers that they give you and 
those numbers that then you give to the Congress and to the 
President look good? Is there something that is significant 
that is going to get left behind?
    Mr. Koskinen. That is an important question in the private 
sector as well as in the Federal Government. As a general 
matter, the experience of the agencies when they began was that 
everybody who was running a system decided it was mission 
critical because they needed it. It is a little like the 
copier. If you were using it, by definition you needed it.
    So initially there was some movement back and forth as 
agencies continued to refine and define what was mission 
critical. As you know, I have been meeting monthly with senior 
managers of the tier one or challenged, agencies since May. 
Their inspectors general are reviewing the division between 
mission critical and non-mission critical as well. I am 
satisfied the agencies are making appropriate decisions in this 
area.
    In many cases the non-mission critical systems, if they are 
not fixed over a long period of time, will generate issues. 
They are report-writing systems, database systems, and other 
kinds of secondary systems that do not go to your ability to 
operate day in and day out, but over time will build a 
cumulative risk if left unfixed.
    I think it is important to note that agencies are not in an 
all or nothing situation. Some agencies, like the Department of 
Education, now have a greater percentage of their non-mission 
critical systems compliant than mission critical because of the 
nature of those systems and the remediation process.
    We have asked the agencies to focus on non-mission critical 
systems as well and to continue to refine and understand what 
their risks are if these systems are not up and running. While 
there will be some work continuing into the first quarter or 
even the first 6 months of next year on non-mission critical 
support systems, at this point the agencies do not expect any 
significant disruptions as a result of that ongoing work.
    The final test in this area is that we are now requiring 
the agencies to have contingency plans and continuity of 
business plans. This causes them to again take a look at their 
lines of operation in critical activities, to ensure that if 
they go down the list, they know exactly what their backups 
will be. In the course of that dialogue, agencies are reviewing 
again what are their mission-critical operations, what are the 
things for which they need to have backups.
    In all of my meetings with the agencies, I have not found 
any significant problem or even any problem in that area. But 
it is an important area to continue to review, because what 
happens is that what appears to be a non-mission critical 
system at the start may turn out as you move forward to be a 
critical part of an important process.
    Again, in the private sector as well as in the government, 
oftentimes we have not looked at business processes or lines of 
operations. We have said, I run this computer program, I do 
this piece of work, but have not put it all together into the 
full process. So the final stage of contingency planning I 
think will uncover many of these issues and cause people to 
take a hard look at just the question you raise.
    But at this point we do not see a problem there.
    Senator Bennett. Thank you.
    Chairman Stevens. Just in case Senator Bennett might leave, 
I just wanted to tell you something, if you do not mind just a 
second here, Senator Burns. A friend of mine in Alaska told me 
that he was worried about trying to make the changes in his 
systems to meet this problem because if he failed he might 
increase his liability and decrease the liability of the 
manufacturer.
    Have either of you looked into this problem yet? How should 
we relieve people of assuming liability for original 
malfunctioning if they try to fix it?
    Senator Bennett. That is going to be one of the subjects of 
the hearings that we will hold in our committee. The estimates 
we have received in our committee as far as money is concerned 
tell us that, whatever the cost of fixing this thing worldwide, 
and some estimates say that it will cost more than the Vietnam 
War--the Vietnam War ultimately worldwide cost about $500 
billion--and that this thing is going to cost $600 billion just 
to get it fixed.
    Then the estimates say there could be as much as a trillion 
dollars in liability. If the trial lawyers loved the tobacco 
settlement, they are going to go bananas over this one unless 
we can find ways to deal with it intelligently in the Congress 
and lessen some of the liability class action suits that will 
be brought.
    So on our committee we are going to address that, and 
Senator Kyl, who is the member of our committee who is also a 
member of the Judiciary Committee, is going to take the lead in 
trying to find some kind of safe harbor legislation that might 
make it a little easier to get this problem under control.
    Chairman Stevens. Any comment, John?
    Mr. Koskinen. There has been a concern, and in fact again I 
would compliment Congress for its great cooperation with us in 
the passage of the Information Readiness and Disclosure Act 
last year, which limited liability and protected people making 
voluntary disclosures of information and readiness. I think 
that legislation is going to help us significantly in getting 
information shared.
    We did have at that time and have had an ongoing set of 
conversations with people about the underlying liability issues 
and the concern about either consultants doing work on systems 
or companies who will then be told they made the problem worse 
rather than better, and whether that will increase exposure. As 
a general matter, that has not been a systemic problem. Most 
people interested in liability are concerned about the 
underlying liability: If they make it better but not totally 
compliant and it still does not work, are they going to then 
have massive liability, particularly against information 
technology providers or major service providers?
    The intermediary fixing it, the people doing the work, seem 
as a general matter across the board to have figured out how to 
have done that. The more difficult problem in some ways is the 
warranty or copyright problems. A lot of software systems and 
hardware systems are protected by copyright and patents that 
provide that, if you open the box up and try to fix it 
yourself, you then void the warranty and may be undermining the 
copyright or the patent.
    That is a more technical, issue and I think probably a more 
real concern, that we still have not figured out the answer to 
in terms of people who have providers who will not cooperate 
and yet control the copyright or the patent. So we are taking a 
look at that issue.
    But as a general matter those turn out to be relatively 
peripheral issues to the major amount of work that is going on.
    Chairman Stevens. Thank you.
    Senator Burns.
    Senator Burns. John, thanks for coming down this morning. I 
only have a couple. Most of my questions have been asked. But I 
will tell you what, how important this is. I filed on that 
brand in Montana. It makes a nice looking brand if you have got 
a big enough calf to put it on. ``Y2K'' makes a nice brand. 
Now, I have not gotten my filing back yet. I may have to make a 
lazy Y out of this for not getting the job done.
    We have been aware of this problem for quite a while. In 
fact, under the chairmanship of Jay Rockefeller on Science and 
Technology, back as early as 1991 we had hearings on Y2K. We 
did not get much publicity at that time and we did not get much 
cooperation, to be right honest with you, from any of the 
agencies that thought that this was going to be a problem. 
Under the leadership of Senator Bennett and the Select 
Committee, I think they have done a wonderful job in catching 
up.
    I am wondering, as we look at our areas of responsibility 
in this government. I was concerned about those communications 
satellites that we have been using a long time, the chips that 
were put in those satellites and systems prior to 1990 and 
maybe even prior to 1985. Of course we have seen the growth of 
that industry. I am wondering, when will you make a report to 
Congress to those areas of primary concern?
    I chair Communications on the Commerce Committee. At the 
time we were having those hearings I was the ranking on Science 
and Technology NASA with Jay Rockefeller and we felt a great 
deal of pressure to have these hearings at that time, because 
understanding that new equipment was coming on, new software 
was coming on all the time, and we may avoid some big crash 
exercise at the end in 1999 to deal with a Year 2000 problem.
    Are you making any plans to make any report to those areas 
of Congress which we have primary interest in and some 
institutional knowledge?
    Mr. Koskinen. Yes. The 25 sectors for which we have major 
working groups run across all the critical infrastructure 
areas. We have one for electric power, one for oil and gas, one 
for transportation, and one for telecommunications. The 
telecommunications working group is co-chaired by the Federal 
Communications Commission and GSA, and they are looking at the 
Y2K challenges in all of the communications networks--wire line 
carriers, satellite issues, cable issues, broadcast issues. 
They are in the process with all those industries of doing 
surveys of the status of Y2K readiness and preparedness. As we 
receive those surveys they will be made public, and in our next 
quarterly report the Council will summarize those and other 
assessments.
    But I have talked to a whole range of people who know about 
this issue and it is clear the consensus is that the satellites 
themselves, whenever they were built and whenever they were 
launched, do not have a Year 2000 problem. The problems are in 
the ground stations and connections. All of computer processing 
is in fact on the ground. So the companies know that, and I 
think domestically it will not be an issue.
    But again, going back to the international side, when I met 
with Intelsat, the international telecommunications carrier, in 
the spring, their real focus and concern was the ground 
stations in countries abroad. Intelsat runs six major stations, 
but there are literally hundreds, almost thousands, of ground 
stations around the world and those are at risk. Unfortunately 
a lot of them are in countries that are doing relatively 
little, which means we are going to have some 
telecommunications problems in those countries.
    But as a general matter, the good news is the satellites 
are fine and the risks, if there are any, will be in the ground 
station communications.
    Senator Burns. Well, you know, I have found when we went 
into this problem we can have--we are very much assured of what 
we have done and we have checked everything else, and I think 
the American public has to be aware that one little chip 
somewhere that does some little function that has date and time 
on it can absolutely be a big factor in the overall process of 
the operation that you may have anything to do with.
    So I applaud you for the work that you have done, and I 
applaud Senator Bennett and the work they have done. I will be 
looking forward to that report. I think it is a report that 
should be looked at and maybe have a hearing on that makes 
everybody aware in communications, and especially the users, of 
what has been done and the challenges that are yet in front of 
us.
    Most of my questions have been asked. I thank the chairman 
for having this hearing this morning, because I think again 
this is something that wants high awareness among our people 
and I think a confidence that it is being dealt with in the 
manner in which it should be. So I thank you for that.
    Mr. Koskinen. Thank you. You raise one important point that 
I noted in my statement. What we are trying to make clear to 
everyone is, even when you are done--you have fixed the system, 
you have tested it, you have rolled it out and implemented it--
you cannot guarantee that it necessarily will function. One of 
the reasons we are requiring every Federal agency to have a 
contingency plan for potential failures and one of the reasons 
we are encouraging States, counties, private sector companies 
and countries, to have backup plans, is that, while the vast 
majority of the systems that are fixed will likely work, we 
cannot guarantee that for every system. And people need to be 
prepared and alert to that possibility.
    So that as we go forward I think the goal is not to have no 
system not work, because I do not that is realistic. The goal 
is to have whatever failures occur create relatively modest or 
minor inconveniences and not major shutdowns.
    But I think that we should not be surprised and the public 
should not be led to believe that there will be no 
inconveniences, that there will be no shutdowns anywhere of 
individual systems, even with all the best work in the world.
    Senator Burns. Oh, there will be a glitch here and there.
    Mr. Koskinen. There will be glitches.
    Senator Burns. There will be some glitches. I have not read 
your opening statement, and I assume that probably this report 
that was given me probably details where we are lacking and 
where maybe some acceleration of notice should be made.
    Mr. Koskinen. Yes.
    Senator Burns. Thank you very much.
    Thank you, Mr. Chairman.
    Chairman Stevens. Very well.
    Let me welcome to the committee Senator Durbin. I should 
tell you that--maybe I should not tell you--this is the room 
that Senator Jackson and Senator Allott used for the Energy 
Committee when I first came here. I was sitting down over there 
and Senator Allott, whom I had known for many years, called me 
over and he said: It is nice to have you with us. I said: Thank 
you very much, Senator.
    He said: You see, the distance between your seat and mine 
is not very far. I said no. He said: You have got a lot of seat 
time, though, before you get to my seat. [Laughter.]
    Nice to see you. I hope that you move up a lot faster than 
we did.
    Senator Durbin. Thank you very much, Senator Stevens. I 
have gone through the chairs in the House Appropriations 
Committee to a subcommittee chairmanship and it was a learning 
experience which I think enhanced my ability to serve. I am 
looking forward to doing the same in the Senate.
    Mr. Koskinen, if I can ask you just three questions. Most 
of the areas that have been identified by my staff you have 
already addressed. In the first OMB report there was an 
estimated cost of this project of $2.8 billion. The figure has 
increased from $3.8 billion to $4.7 billion to a current 
estimate of $6.4 billion. The latest OMB report states that, of 
6,696 mission critical systems identified by agencies, 61 
percent are now Y2K compliant, compared to 50 percent in 
August. Of the remaining 39 percent, 30 percent are still being 
repaired, 7 percent are being replaced, 3 percent will be 
retired.
    This is a very good effort. But can you give me an idea of 
how much more money it is going to take to get the remaining 39 
percent Y2K compliant?
    Mr. Koskinen. The OMB estimate of the $6.4 billion was the 
estimate at that time of the amount of money it would take to 
complete the process. As you note, while it has plateaued, as 
one would expect, the costs continue to increase to some 
extent, which, as I noted earlier, is one of the reasons that 
the emergency funding for which this committee and the chairman 
strongly supported earmarking, is critical, because as we move 
forward, even though it is relatively incremental and is a 
relatively small percentage of other expenditures we have, 
timing is our biggest enemy and we need to have the funds 
readily available.
    The ability to have OMB in its normal process review 
additional requests for funds and the Congress to have 15 days 
to discuss that with us turns out to be a critical process, I 
think, as we knew it would be. So I think it is a wonderful 
process.
    Our present estimate--at one point we talked with the staff 
about whether the emergency funding and everything being done 
now will be enough--is that present funding will be sufficient 
to deal with the problem. As you know, we are running out of 
time, obviously, and we are getting close to our March 31 goal 
and the ultimate deadline of January 1, 2000.
    If you ask me what I think in this incremental process the 
final number will be, I think that you are looking at a number 
that is probably in the $7 to $7.5 billion range total for the 
5 years. That increase needs to be monitored carefully, but I 
think the committee's approach and the chairman's approach is 
right, that our problem at this juncture is to make sure the 
money is spent well, and spent in a timely fashion.
    Senator Durbin. Which leads to my second question. I 
understand that all the agencies, regardless of their progress, 
have been asked to develop continuity of business plans. These 
plans will be supported by contingency plans that are required 
for those systems that have been behind their agency's internal 
schedule for 2 or more months.
    Is it true that more Federal agencies have reported 
increasing numbers of systems that will not meet the March 31st 
goal, and does this foreshadow the need for even more money to 
solve this problem?
    Mr. Koskinen. I think overall the number is going down. But 
there are major areas, Defense and Health Care Financing 
Administration (HCFA) for example, where there are a number of 
systems and we are concerned that some of them will not meet 
the March timeframe. But those systems are identified at this 
juncture and the delay in meeting the deadline does not 
necessarily mean it is going to cost significantly more money. 
It is primarily a question of whether the systems can get 
fielded and rolled out in time.
    There will be some expenditures that we can anticipate now 
for what it will cost to implement contingency plans, so we 
expect that there will be, beyond the next presentation from 
OMB at the end of this month, additional requests for 
expenditures out of the emergency fund.
    But at this point, recognizing that nothing is guaranteed 
in this area, it appears that the existing emergency funding 
will be sufficient. But I cannot guarantee you that, and I 
think our goal and the OMB goal is primarily to make sure that 
the agencies are paying attention. As the Senator said early 
on, if we need money we need to know that earlier rather than 
later, and we need to be managing against that problem.
    Senator Durbin. You mentioned that the trend line was 
headed in the right direction, going down. Yet this OMB report 
that I have been handed by my staff, the seventh quarterly 
report, says: ``On the other hand, more agencies reported 
increasing numbers of systems that would not meet the March 
1999 goal. See Appendix C.''
    Mr. Koskinen. Yes, but that does not necessarily mean that 
we are going to spend a lot more money on those systems. There 
is a timing element of that as well as a cost element. So the 
fact that an agency says that, we have got a system and it is 
not going to be done on March 31, it is going to be done on May 
30th, does not mean that there is necessarily a significant 
cost increase associated with that. It may mean that they are 
simply having problems with the timing of it.
    At this juncture, the agencies that have reported such 
things have reported costs associated with them as well. But it 
is an important question. In the ten months I have been on the 
job, when I have been asked the question of cost, I have 
stressed that there is no way to predict accurately. No private 
company has, either. You will see the private sector company 
estimates continue to go up in their Securities and Exchange 
Commission (SEC) filings.
    I think the two issues on which we all need to focus are: 
first, is the money being spent appropriately and wisely; and 
second, is the work being done and is it going to be done in a 
timely fashion. Again, I appreciate the support we have had 
from Congress in saying that the availability of money should 
not be the hangup. I think Congress has a good record of saying 
if we and OMB and the Inspectors General can establish the 
need, Congress will be supportive. So I think we need to 
continue to monitor the spending, but at this juncture we do 
not think that we are going to exceed the existing emergency 
funding.
    Senator Durbin. My last question relates to FEMA, and I 
think that many of us believe that one of President Clinton's 
best appointments was James Lee Witt. He came to the rescue of 
my Congressional district in 1993 in a terrible flooding 
situation. I have really become a great fan of his. I 
understand that you have been working with him in an effort to 
talk about the most fundamental question: What if this does not 
work? What is the contingency plan, the super-contingency plan 
that we are envisioning if we run into some very serious and 
grave problems, not only at the Federal level but at the State 
and local and even the private sector side? Can you tell me a 
little bit about that?
    Mr. Koskinen. Yes. The concept we have had from the start 
is not to reinvent the wheel or set up new structures. Both in 
the government and in our outreach to the private sector, we 
have been trying to deal with existing structures. Clearly, 
that is what we are going to do in our contingency planning 
emergency response effort at the Federal level.
    Our biggest challenge is to coordinate the existing 
emergency response mechanisms, because one of the unique things 
about this problem is, to the extent there are problems, they 
are going to occur more or less all in the same weekend. So we 
will be looking at having to monitor international issues as 
well as domestic issues, that will affect the Federal 
Government as well as State and local governments and the 
private sector.
    So we are in the process of designing a coordinating center 
that will build on and coordinate the domestic efforts of FEMA, 
as well as the efforts of the State Department, the Defense 
Department, the intelligence agencies, and the Treasury 
Department with international responsibilities. The center will 
also coordinate the work of existing command centers for 
agencies like the Department of Transportation and the 
Department of Energy. The key issue is to make sure that these 
efforts are coordinated, that we understand where the overlaps 
are in terms of assumptions about the use of resources.
    FEMA is starting a series of regional meetings with the 
State emergency managers. FEMA has ten offices. They are going 
to have ten regional meetings. In my conference calls with the 
States we have invited the State Year 2000 coordinators to join 
those meetings with their State emergency managers, so again we 
can jointly, with the States and with the localities, design a 
system that will be appropriate.
    I think the biggest challenge we face in that system 
domestically is the same one we face for the government, which 
is a lot of different things may happen at one time. As I said, 
we need to plan for what the worst case scenario might be. I do 
not think we are going to have a major national power outage, 
but I think we are at risk in local communities where either 
the community or the municipal power plant or a small power 
plant has not done enough work, that we could have a power 
outage, a telecommunications outage, a 911 outage, or a water 
treatment plant outage.
    Those things would not be catastrophic if they happened in 
one community, but it is a great challenge if you figure there 
might be 20 or 30 of those communities in a State--and we have 
got 50 States, so you are talking about 1,000 or 1,500 
communities--all having an interesting problem at one time. You 
have to be able to plan to deal with that situation because it 
is a different challenge than you normally have.
    There may not be as much damage as a big hurricane or a 
flood cumulatively, but it may be a great challenge for the 
emergency response organization. So at this juncture we have a 
coordinating group with James Lee Witt and FEMA, with the 
emergency managers from Defense, from State, from Treasury, 
from the Justice Department and from the intelligence 
community. One of my goals is, as we all are concerned about 
public confidence, that we discuss this plan publicly. I think 
it is important for the public to understand exactly how are we 
prepared to deal with this situation.
    In fact, I think the public needs to understand that, just 
as they have confidence in FEMA and in our ability to respond 
to normal natural disasters, they need to have that same level 
of confidence in our ability to respond to whatever Year 2000-
related problems occur. So that all of the planning we are 
encouraging the State and the local governments to do, as well 
as nationally, should be done, I think, publicly. My trilogy 
is: the public needs to know that we are giving them all the 
information we have about what works and what does not, and 
what still remains to be done; they need to know that we are 
managing cooperatively and energetically against the problem; 
and they need to know that we have a backup system and an 
emergency response system capable of dealing with whatever the 
risks are. That is our challenge over the next 6 months.
    Senator Durbin. Thank you very much.
    Mr. Chairman, I think Senator Bennett, who is the resident 
expert on this subject, has identified the liability question 
which still needs to be resolved. I think this raises an 
interesting question, too, because with FEMA's involvement it 
is my understanding that we are talking about the next fiscal 
year and the potential of some liability here for this super-
emergency fund, whatever it might be, and I think we need to 
consider at least the parameters of our exposure at the Federal 
level.
    We do not want to discourage the State and local and 
private sector from doing the right thing and spending the 
money to improve the situation. But we might end up with an 
exposure or liability here that we should discuss at this 
point.
    Thank you, Mr. Chairman. Thank you, Mr. Koskinen.
    Chairman Stevens. Thank you.
    On your page 29, this appendix relating to the cost 
estimates in millions for the agencies, that does not break out 
the source of funding, whether it was routine appropriations to 
the agencies or whether some of those moneys are coming from 
the emergency moneys. I would hope you would tell us that, give 
us a supplement to this, if you would.
    Footnote 12 says:

    These estimates do not include the Federal share of costs 
for State information systems supported by Federal programs. 
For example, the Agriculture total does not include the 
potential 50 percent in Federal matching funds provided the 
States for food and consumer services to correct their Y2K 
problem.

    That was going to be one of my first questions. Then I find 
it here, and in my second round I want to talk to you about 
food stamps and the State-operated systems. Now, we do not have 
any estimate of those. Our subcommittees need those estimates 
as we go into these allocations so we can see whether they can 
meet those emergency costs--I still think they are emergency 
costs--from regular appropriations in their bills or whether we 
should start thinking now about supplemental emergency.
    I take it from what you are saying you do not believe we 
will need a supplemental emergency appropriation. Am I right or 
wrong?
    Mr. Koskinen. That is right. If you ask the States, they 
all would be happy to have funding. But at this point we do not 
have indications of States----
    Chairman Stevens. But this is Federal money now, John. This 
is the money, the Federal share of costs for State programs 
under Federal-State programs.
    Mr. Koskinen. The agencies are funding the Federal share, 
but each program has a different cost-sharing relationship. 
With some, like Medicare and Medicaid, we pay most of the cost; 
in unemployment insurance we pay a significant portion of it. 
At this juncture the agencies are monitoring that and, to the 
extent that the agencies thought there was a need for more 
funds, it would show up in their budget requests.
    So at this point we do not have an indication that there is 
an additional funding need. But I think it is an appropriate 
area of concern, because some of the States are behind the 
Federal Government in terms of their progress so there may be a 
build-up coming along that we do not have a handle on.
    OMB will its next report show what agency funding came from 
normal appropriations and what came from emergency funds. And I 
think that is important information for all of us to track, 
because to some extent it confuses people. When they saw a $3.3 
billion emergency fund, they thought we were going to spend 
that on top of the existing estimates. But the existing 
estimates for 1999 and 2000 assumed the money came from 
somewhere. So while the number is going up, it is not another 
$3.3 billion on top of existing estimates, even though we may 
use a significant portion of the $3 billion as the funding 
source for the 1999 and 2000 expenditures.
    I will ask OMB to update the chart as we know it now in 
terms of the estimated expenditures, what were being funded and 
have been funded out of normal fiscal year appropriations and 
what have been funded out of the emergency fund, so that you 
will have that information.
    Chairman Stevens. What I am going to do now is I am going 
to request each of the subcommittee staff directors to prepare 
a letter to each of the agencies under the respective 
subcommittees' jurisdiction and set forth the question. We had 
a whole series of questions I was going to ask you, but the 
more I think about it I think----
    Mr. Koskinen. They are the right ones.
    Chairman Stevens [continuing]. We ought to get that 
information from them. I am going to ask that they get those 
responses back to us by the 26th of this month, and hopefully 
we can have a follow-on hearing some time the week of February 
1st. We will determine whether or not those will be 
subcommittee hearings or whether we will have just another full 
committee hearing. I really think that some of the 
subcommittees will want to pursue this matter themselves and I 
would rather have that done.
    But I do think there are a whole series of questions that 
need to be asked. One of the things--I do not know whether 
other people are being asked this, but when I was hoping many 
of my friends asked me, where are you going to be on New Year's 
Eve 1999? Are you going to stay down in the area where 
everything is assured and will be protected by the Federal 
Government or are you going to home? We fully expect to be 
home.
    But when I read things like the Gartner Group, which is, I 
am told, one of the leading Y2K consulting groups, says that 
individuals should lay in a supply of candles, flashlights, 
fireplace wood, water jugs, extra food, essential medications, 
gasoline, and oil for whatever purpose it is needed, I have got 
to ask you: Are you telling the Federal agencies to do that?
    Mr. Koskinen. Not at this time. The Gartner Group report as 
they updated it said that they expected it to be a 2 to 3-day 
problem. It is not that everybody ought to have stuff for the 
next 6 months.
    Chairman Stevens. Well, the people who are out there 
running the national parks or off on various functions away 
from major communities in the Federal Government ought to have 
the same instructions, should they not?
    Mr. Koskinen. Our instructions to the Federal employees 
will be the same instructions and advice we give to the public. 
I think we have an obligation to let everybody know exactly 
where we are. Our advice thus far to people is there is no 
indication that there are going to be national failures. We 
will continue to provide information to the public as we move 
through the next 3 to 6 months, and we expect that as we know 
more about what the real risks are that we will be able to 
advise people by May and June, Federal employees, armed service 
people, and others, as well as the public, as to what we think 
is appropriate.
    At this juncture, we do not see any need for people to be 
taking actions today. Much of what Gartner suggests are things 
that people obviously ought to have in their house anyway. As 
one who got up this morning with no power, it was very helpful 
to have flashlights, batteries.
    Chairman Stevens. I understand that, but I am talking about 
Federal agencies now. Are you telling Federal agencies to get 
prepared as these people are telling individual homes to be 
prepared?
    Mr. Koskinen. At this point we have told the Federal 
agencies to draw contingency plans. The President's Council 
will be working across agency lines to look at what the 
challenges are and we will be issuing advice to the agencies 
about what advice they should be giving both to their managers 
for Federal purposes and also to their employees as people, as 
citizens.
    As I said, at this juncture we are not giving that advice 
because we do not think there is evidence on which to base it, 
and we still have a substantial amount of time before people 
need to be dealing with those issues. But the agencies are 
looking at what are their backup plans, what are their 
contingency plans, what do they need to do to make sure that 
they can operate on January 1, 2000.
    Chairman Stevens. All right. Now, we have all agreed here 
that there are systems that must be Y2K compliant by March 
31st, there are other systems that the Federal Government, 
Federal agencies maintain, that may not be. When are we going 
to make statements to the public as to what systems may not be 
Y2K compliant by the critical dates?
    We have not even mentioned September 9, 1999. I am told 
that is one of the critical dates as well as December 31. Will 
we have a way to tell the public when they should be on notice 
that some of these systems that are maintained or offered by 
the Federal Government may not be operable on critical dates?
    Mr. Koskinen. Yes, we will. At this point we are telling 
the public, and we are confident about this, that as we get to 
the end of this year and move into the Year 2000 there will be 
no major Federal system failures.
    Chairman Stevens. I understand that. But I come from part 
of the world where major systems are not as important to some 
as the minor systems.
    Mr. Koskinen. Well, no one will be disadvantaged at this 
juncture by the failure of any nonmission critical system. If a 
minor system fails and you do not get your report of a meeting, 
which is a non-mission critical system, that is not a 
significant problem.
    But we are telling people two things. One is that we are 
confident the Federal Government will meet the Year 2000 
deadline. We are in fact confident that the vast majority of 
critical Federal systems will meet the March 31 goal, which is 
9 months in advance of the year 2000. But we are also telling 
people what we know about the status of non-Federal system. We 
rolled out last week a 1-188 number for consumers. We have a 
website that provides status reports. We are trying to assure 
people that as we find problems, we will talk about them. Our 
goal is to be candid with the public, not to mislead them.
    But at this juncture it would be misleading to tell the 
public that we think the Federal Government is not going to 
make it. We think we will make it.
    With regard to 9-9-99, it is a problem everybody has 
focused on in remediation; and was not a standard programming 
technique. Therefore, much like crossing January 1, 1999, the 
expectation is that it will be a much smaller part of the Year 
2000 problem. But it is a critical date and everyone is testing 
for 9-9-99 problems. People are also looking at April 9, 1999, 
as the ninety-ninth day of the ninety-ninth year, as a 
potential date where there may be glitches in some systems, and 
there may be. There were a handful around the world on January 
1, but literally only a handful.
    But I think your point is extremely important. It is one we 
are trying to make to the private sector as well as the public 
sector, and that is the most important thing for people to have 
is real information. That is why the OMB reporting process is 
very valuable.
    We are telling the public, almost mission critical system 
by system, where the agencies are in their work and where the 
problems are.
    Chairman Stevens. But again, and I do not want to argue 
with you, but you come back to the critical, mission critical 
systems. That is national, I assume.
    Mr. Koskinen. Yes.
    Chairman Stevens. When you get into a local area, what is a 
national critical system may be immaterial. There may be 
another system that the Federal Government's involved in--
support systems for pipelines, support systems for ports, 
support systems for a lot of other things that are very 
critical to those areas.
    Mr. Koskinen. Yes.
    Chairman Stevens. I think we ought to find some way to make 
sure that people understand when you are saying we are assuring 
them mission critical systems are all going to be all right, 
but there may be some things there around you that will not be. 
Now, how are we going to get to some of those, what they are?
    Mr. Koskinen. But those are not Federal systems. Any 
Federal system that is mission critical to a single individual 
was viewed as a mission-critical system. There is not a triage 
that says, well, that will only affect 1,000 people or 5,000 
people. Any system that the Federal Government runs that is 
critical to an individual is a mission critical system.
    But the risk at the local level--and I think there are 
risks, and we are trying to deal with that--are State, county, 
municipal systems, local utility and private sector systems. We 
are very concerned about those. But the assessments we get from 
the industry largely tell us only whether there will be 
national failures.
    The fact that the country is going to have power generally 
will not necessarily solve the problem of a community or a 
residential area where the local power company has not made the 
deadline. We are trying to work with all of the private sector 
critical infrastructure organizations to get them, as we move 
through the next 6 months, to provide the public the same kind 
of candid information about their state of preparedness that 
the Federal agencies are providing.
    I think the Federal Government is leading the way in 
providing information to the public. We have been for the last 
2 years telling people the status of Federal systems, subject 
to some then grumbling about the rate of progress. But nobody 
has had any problem figuring out where the Federal Government 
is. The public has a harder time figuring out where anybody 
else is, in terms of individual companies, and that is an issue 
we need to address, and we need to address it with the people 
running those systems.
    But by and large, those are people at the State, county, 
local government level and at the private sector level. I think 
you are exactly right, that if you live in a community you feel 
comforted by the fact that the country is running, but what you 
really want to know is how is my power company doing, how is my 
telephone company doing, how is the water treatment process 
running? And you want to know that in your community.
    Chairman Stevens. And the emergency ambulance service and a 
lot of other things, the fuel truck that brings fuel to you. 
There are a lot of systems out there that could go down----
    Mr. Koskinen. Yes.
    Chairman Stevens [continuing]. And affect substantial 
areas.
    Mr. Koskinen. Exactly, and unfortunately we do not run the 
vast majority of those systems at the local level. And while it 
is not our responsibility and we don't have the authority to 
run them, I think we do have an obligation to do whatever we 
can to increase the chances that those systems work, and to 
increase the information the public has about them. We are 
doing that across the board.
    Chairman Stevens. I want to thank you very much. We are 
going to try and see if we can get GAO to come in some time 
next week and make a report to us, and I am going to send those 
letters out as I indicated. I am Defense Subcommittee chairman. 
We will have a meeting with the Department of Defense early, 
probably in that third week.
    I want to make sure that everyone really gets the point 
that we think that Congress ought to be fully aware of any 
problems and that we ought to be fully informed about any 
potential needs for additional funding to meet the Federal 
responsibilities on this issue, because it is, as I said, and 
again in my opinion, the number one issue to make sure we do 
everything we can to prevent someone from being harmed by a 
failure of one of these Federal systems.

                            committee recess

    So I do thank you for what you are doing and I agree. I 
also agree with Mr. Durbin's, Senator Durbin's comments, about 
James Lee Witt. I think we will probably have him at the last 
meeting to make sure that we do have a contingency plan that 
will meet the needs through the FEMA operation. That is the 
safety net for these systems as far as I am concerned.
    So I thank you very much.
    Mr. Koskinen. Thank you, Senator.
    [Whereupon, at 11:02 a.m., Friday, January 15, the 
committee was recessed, to reconvene subject to the call of the 
Chair.]



                       YEAR 2000 COMPUTER PROBLEM

                              ----------                              


                      WEDNESDAY, JANUARY 20, 1999

                                       U.S. Senate,
                               Committee on Appropriations,
                                                    Washington, DC.
    The committee met at 9:34 a.m., in room SD-192, Dirksen 
Senate Office Building, Hon. Ted Stevens (chairman) presiding.
    Present: Senators Stevens, Specter, and Bennett.

                       GENERAL ACCOUNTING OFFICE

STATEMENT OF DAVID M. WALKER, COMPTROLLER GENERAL OF 
            THE UNITED STATES
ACCOMPANIED BY:
        GENE L. DODARO, ASSISTANT COMPTROLLER GENERAL FOR ACCOUNTING 
            AND INFORMATION MANAGEMENT DIVISION
        JACK L. BROCK, DIRECTOR FOR GOVERNMENT-WIDE AND DEFENSE 
            INFORMATION SYSTEMS ISSUES, ACCOUNTING AND INFORMATION 
            MANAGEMENT DIVISION
        JOEL C. WILLEMSSEN, DIRECTOR FOR CIVIL AGENCIES INFORMATION 
            SYSTEMS ISSUES, ACCOUNTING AND INFORMATION MANAGEMENT 
            DIVISION

                 OPENING STATEMENT OF HON. TED STEVENS

    Chairman Stevens. Good morning.
    Mr. Walker, I should tell you there is a classified 
briefing going on regarding national missile defense. I think 
some of our members will stay there and listen to the Secretary 
of Defense. But, I am hopeful they will come here, too. Senator 
Bennett is here, as am I.
    We do welcome you to this hearing on the Year 2000 computer 
conversion. I am delighted that Senator Bennett, who is 
chairman of the committee on Y2K problems, is here.
    We heard from administration officials on the progress 
being made by the Federal Government on fixing the Y2K problem 
last week. I am sure you must have heard that John Koskinen was 
here as chairman of the President's Council. We are now in the 
process of trying to review where the agencies are.
    This is your first appearance before our committee. We do 
welcome you. You are the seventh Comptroller General and I am 
sure we are going to see a lot of you in the years ahead. So 
thank you for joining us.
    Mr. Dodaro, it is nice to see you here also as the 
Assistant Comptroller General for Accounting and Information 
Management, as it is to see Jack Brock, the Director for 
Government-wide and Defense Information Systems Issues and Joel 
Willemssen--I hope I pronounced that right--who is Director for 
Civil Agencies Information Systems Issues.
    This is really not a hearing to get involved in Senator 
Bennett's area. We did consult with Senator Bennett about this 
hearing as he is the chair of the Senate's Special Committee on 
the Y2K Problem.
    We initiated the $3.35 billion in emergency funding last 
year--$1.1 billion for defense-related activities and $2.25 
billion for the nondefense activities. We have a Federal 
Government estimate now of conversion costs exceeding $7 
billion. This is 3 times more than the estimate in February of 
last year, almost exactly 1 year ago. We have put this as our 
number 1 issue to try to get a hold on before we start 
distributing monies and before we analyze the individual 
budgets that are going to come from the various agencies and 
departments, as I believe the committee must ascertain if 
additional funds are needed to meet the deadline and, if so, 
who should have them.
    At Friday's hearing, the administration gave us assurances 
that sufficient progress is being made to meet the March 
deadline for completion of the Y2K projects, to have Y2K 
compliance, and, after that, a period of testing, as I 
understand it.
    The committee, and I believe Senator Bennett and I in 
particular, remain very concerned about that deadline. We have 
asked you to join us today to give us your understanding of 
GAO's assessment of the progress being made and, if possible, 
to give us your comments about the adequacy of funding that 
exists in the various agencies to deal with this threat.
    I would yield to Senator Bennett.
    Do you have any opening comments, Senator?
    Senator Bennett. No, not really, Mr. Chairman, other than 
to acknowledge the pivotal role that the General Accounting 
Office (GAO) has played in this whole issue within our 
committee. The chairman is too modest. He sits on that 
committee and without his support a lot of these things that we 
are looking at would not have happened. Within our committee, 
we have used GAO as the principal source of investigative power 
within the Federal Government.
    Mr. Walker, a good part of that work came before you came 
on board. But I want you to know that you are inheriting a 
first class group of very professional people who have made a 
significant contribution in their efforts on this issue. I 
would be remiss if I let this opportunity go without commenting 
on that and letting you know of my very high regard for the 
people in the agency that you now head.
    Chairman Stevens. Senator Specter.
    Senator Specter. Thank you very much, Mr. Chairman. First, 
I want to commend you, Mr. Chairman, for scheduling this 
hearing and for putting the weight of the Appropriations 
Committee behind this very, very important issue.
    I also commend my colleague, Senator Bennett, for the 
important work that he has done.
    Taking a brief look at the chart in the corner, there is 
obvious reason for concern where there are major agencies under 
Tier 1 demonstrating, as the chart says, ``insufficient 
evidence of progress'' in Defense, Energy, Health and Human 
Services (HHS), State, Transportation and Agency for 
International Development (AID).
    This is a matter of the utmost importance as we are all 
right here on January 20, only 11\1/2\ months away from the 
year 2000.
    I wanted to stop by briefly, Mr. Chairman, to express my 
concern and the commitment to follow the proceedings. As you 
know, we have impeachment hearings, or a committee meeting that 
Senator Lott has scheduled in just a few minutes. So I will not 
be able to stay. But I will be following this very closely.
    I appreciate the attention of the full Appropriations 
Committee to see to it that whatever funding is necessary that 
it will be provided.
    Thank you, Mr. Chairman.
    Chairman Stevens. Thank you, Senator.
    Mr. Walker, I think that the comments that were made, 
particularly by Senator Bennett, about your agency really need 
to be repeated. I have always taken the position that you are 
not only an arm of the Congress but you are a shared staff for 
both Houses, and if we did not have your agency with its 
ongoing expertise, we would have a series of committees that 
had the duty to try to replicate some of those areas of 
expertise. And, because of the nature of our system, the 
longevity would be very short, and it would be almost 
impossible for us to have the credibility, as individual 
committees with obvious jurisdictional battles between our 
committees, that you can have.
    I want to assure you that Senator Bennett, as chairman of 
the Legislative Branch Subcommittee here on which I, too, 
serve, and I look forward to the opportunity to work with you 
and to hear your comments about your needs. We want to make 
certain that this area of our expertise on this jointly shared 
basis for Congress remains very strong, that you have the 
capability to reach out and get new people, and that this 
continuity of track record that you have during the period that 
I have been here continues for a long time ahead.
    We are pleased to have your statement, Mr. Walker.
    Mr. Walker. Thank you, Mr. Chairman.
    Good morning, Mr. Chairman and members of the committee. I 
am pleased to appear before you today, not only at my first 
testimony before the Senate Appropriations Committee but my 
first testimony as Comptroller General of the United States.
    With your permission, I will summarize my statement and add 
a few additional comments. I would like for my full statement 
to be inserted in the record, Mr. Chairman.
    Chairman Stevens. We will put all the statements that you 
present in the record in full.
    Mr. Walker. Thank you, Mr. Chairman.
    I am here this morning to discuss the government's efforts 
to remediate problems associated with the century date change, 
the so-called Y2K challenge. More specifically, do we have the 
necessary assurance that it will truly be business as usual 
next January 1?
    The shorter answer is not yet.
    While considerable progress has been made, in our opinion, 
addressing the Y2K challenge remains a high risk area for the 
Federal Government as well as several business segments and 
sectors.
    To amplify on this, I will briefly discuss four topics. 
First is the status of Federal readiness and the costs 
associated with getting ready. Second is the need for complete 
information on sector readiness; that is, the ability of key 
economic and infrastructure sectors to be ready to operate next 
year. Third is GAO's commitment to continue working with the 
Congress and agencies to identify areas of risk as well as 
opportunities for improved oversight, guidance, and 
cooperation. Last is our recommendations for what needs to be 
done to further minimize risk.
    As you mentioned, Mr. Chairman, accompanying me here today 
are Gene Dodaro, Joel Willemssen, and Jack Brock. These 
gentlemen are responsible for leading GAO's effort to evaluate 
government and private sector programs in addressing this 
problem, developing guidance to assist organizations in their 
program management, and monitoring private sector and 
international progress.
    With regard to Federal Government operations, I know that 
you heard from John Koskinen last Friday and that the 
administration is expressing confidence that critical 
government operations will be ready in time. We have worked 
closely with the individual agencies as well as with the 
President's Council on Year 2000 Conversion and we agree that 
significant progress has been made in addressing the problem.
    Every agency is reporting a measure of success and progress 
in meeting OMB's goals for repairing, testing, and validating 
mission critical systems. Some agencies, notably the Social 
Security Administration, are ahead in meeting the 
administration's key milestones.
    However, progress in the Federal Government is uneven, and 
several major agencies have not kept pace with the OMB 
guidelines.
    In February, 1997, we designated the Year 2000 computing 
problem as a high risk area because of poor agency progress in 
addressing the issue. This issue remains a high risk area today 
because of our continuing concern that some agencies remain at 
risk of not being ready.
    For example, if we can look at the first chart that we 
have, you can see the three tiers. There are six agencies that 
are demonstrating insufficient evidence of progress by the 
Office of Management and Budget's (OMB) own criteria which they 
have established--namely, Defense, Energy, HHS, State, 
Transportation, and AID. There are seven agencies that fall 
into the Tier 2 category, agencies showing evidence of progress 
but about which OMB continues to have concerns: Agriculture, 
Commerce, Education, Justice, Labor, Treasury, and Office of 
Personnel Management (OPM). Tier 3 obviously represents 
agencies that in the opinion of OMB are making satisfactory 
progress.
    Collectively, OMB, as of their November, 1998, report, 
shows that 61 percent of all mission critical systems across 
the government are Y2K compliant--61 percent. However, averages 
can be misleading since they do not disclose significant 
differences among the tiers and within individual agencies.
    For example, if you take Tier 3, 84 percent of the systems, 
the mission critical systems are Y2K compliant. 65 percent in 
Tier 2 and only 51 percent in Tier 1 are. So there is 
significant dispersion.
    Additional dispersion exists within individual agencies. 
For example, if you take the State Department, about 30 
percent, I believe, of their mission critical systems were 
compliant as of November, 1998.
    So, as we all know, averages can be misleading.
    Chairman Stevens. You have more than half the budget in the 
first tier.
    Mr. Walker. Yes, Mr. Chairman, you are correct. And some of 
those agencies are particularly critical in a variety of 
national security and economic security perspectives.
    In addition, the failure to have one mission critical 
system ready on time can have unacceptable consequences.
    Each of the Tier 1 agencies provides vital services, such 
as national defense, air traffic control, and Medicare 
payments, which could be negatively affected if not adequately 
addressed.
    We have made more detailed recommendations to most of these 
agencies for improving program management. For example, last 
year we reported that Defense had inadequate management over 
its Y2K program and lacked basic information on program costs, 
systems to be remediated, and interfaces. These problems 
seriously threaten the department's chances of successfully 
meeting the Y2K deadline for its mission critical systems.
    We have recommended numerous improvements for critical 
matters, such as data exchanges, testing, and contingency 
planning. DOD concurred with these recommendations and agreed 
to implement them. However, DOD still remains behind OMB 
deadlines in its overall efforts to address its mission 
critical systems.
    In September of 1998, we reported that, although the Health 
Care Financing Administration (HCFA) had made improvements in 
its Y2K management in response to our May, 1997, 
recommendations, HCFA and its contractors were severely behind 
schedule in repairing, testing, and implementing the mission 
critical systems supporting Medicare. Given the magnitude of 
the tasks, the risks, and the limited time remaining, we 
concluded that it was highly unlikely that all of the Medicare 
systems would be compliant in time to insure the delivery of 
uninterrupted benefits and services.
    Again, we made additional recommendations to HCFA to put 
the program in place. HCFA has concurred. However, they remain 
an area of concern and on the Tier 1 list.
    With regard to the Federal Aviation Administration (FAA), 
the FAA has made progress in managing its Y2K problem. However, 
less than 17 months ago, FAA still had to correct, test, and 
implement many of its mission critical systems. Accordingly, 
FAA must determine how to insure continuity of critical 
operations in the event that some systems fail.
    All agencies, even those making good progress, still need 
to be concerned with other critical elements, including data 
exchanges both within and outside the agency, embedded systems, 
and infrastructure issues such as telecommunications and 
electrical power.
    Mr. Chairman, we also saw in the Washington area this past 
weekend what effect an interruption of electrical power can 
have because if you do not have electricity, in many cases 
nothing works, whether you have the systems ready or not. And 
so the infrastructure issues are important.
    Further, the most critical elements of a good mitigation 
program are now facing all agencies: the need for rigorous end 
to end testing of key business processes and the development of 
business continuity plans so that those processes can continue 
in the event of an unexpected, or even an expected, failure.
    The Senate Appropriations Committee is naturally concerned 
with the cost of this program and with receiving assurances 
that the money is being well spent.
    I now turn, Mr. Chairman, to the second visual display 
which notes that in November, 1998, individual agencies 
estimated that they would collectively expend about $7.2 
billion to address the Y2K program. This is about triple their 
aggregate original estimate made in February, 1997.
    Unfortunately, we simply do not have enough data to tell 
you if more will be needed. I can tell you that we have 
consistently been concerned with historically optimistic and 
incomplete agency expenditure estimates. In addition, agencies 
are now beginning to test systems where most experts estimate 
that at least 50 percent of the total Y2K related costs will 
occur. About half, I believe, of the supplemental appropriation 
for the civilian agencies has already been allocated by OMB. So 
we should know in the not too distant future whether or not 
additional sums will be necessary.
    Furthermore, the necessary allowances for funding 
contingency plans have not, for the most part, been made, and 
it is absolutely critical that they be done and that the 
estimated economic and funding aspect be ascertained.
    With regard to sector readiness, the government's response 
to the Year 2000 challenge is only one dimension of the 
challenge. Our Nation's reliance on a complex array of public 
and private enterprises, having scores of system 
interdependencies at all levels, accentuates the potential 
repercussions of a single failure.
    It is essential that the Year 2000 issue be adequately 
addressed in arenas beyond the Federal Government--for example, 
in State and local governments, the public infrastructure, and 
other key economic sectors.
    State and local governments are responsible for 
implementing many national programs, such as Food Stamps and 
Medicaid. They also provide vital local and regional services.
    Accordingly, Year 2000 induced failures could result in 
payment delays felt at the local level or an interruption of 
key public services, such as law enforcement, traffic 
management, and emergency and health services.
    For example, our survey of State systems using Federal 
welfare programs reveals that the majority of them were not yet 
Y2K compliant. Failure to complete Y2K conversion in a timely 
manner could result in billions of dollars in benefit payments 
not being delivered.
    In an attempt to prevent this for Medicaid systems, HCFA 
has recently hired a contractor to independently verify and 
validate State systems.
    Importantly, Mr. Chairman, much of the data outside of the 
Federal Government is self reported data and, therefore, not 
verified. Fortunately, in some circumstances, where there are 
critical systems that the Federal Government must rely upon for 
delivery of Federal programs at the State and local level, this 
is one example where the Federal Government is taking steps to 
try to obtain some validity and verifiability of what is being 
done at the State and local level. But other efforts are 
necessary.
    The public infrastructure, including critical areas such as 
power, water, and telecommunications, is particularly important 
because most, if not all, major enterprises rely on these 
essential elements for daily functioning. Other key economic 
sectors, such as health, safety, and emergency services, 
banking and finance, transportation, and manufacturing and 
small business, are also important. These sectors are critical. 
Yet the Nation has not had a complete picture of their 
readiness.
    In our April, 1998, report, we recommended the President's 
Council on Year 2000 Conversion develop such a comprehensive 
picture to include identifying and assessing the Nation's key 
economic sectors, including risks imposed by international 
links. We also recommended that the council use a sector based 
approach and establish effective public/private partnerships 
necessary to address this issue.
    The council did subsequently adopt a sector based focus and 
has been initiating outreach activities since it became 
operational last spring.
    More recently, in October of 1998, the chair directed the 
council's sector working groups to begin assessing their 
sectors. Their first report, issued on January 7, summarizes 
information collected to date and indicates that many 
organizations are still working to gather material on sector 
status.
    Mr. Chairman, the effectiveness of the recent legislation 
that was passed, the Safe Harbor and Public Disclosure 
Information legislation that was passed, might be best assessed 
with the success the council will have in being able to gather 
this type of information. Since you know that this information 
is being gathered at the request of the Federal Government, 
therefore it should be covered by the legislation that was 
passed this past fall. Hopefully, that will be enough to 
provide assurances and incentives for individuals to provide 
the necessary information.
    If it does not, it may then need a relook as to whether 
additional legislation might be necessary at that time.
    International concerns are underscored by a September, 
1998, report by the Organization for Economic Cooperation and 
Development (OECD). That OECD report stated that: while 
awareness is increasing, the amount of remediation still 
required is daunting; significant negative economic impact is 
likely in the short-term, although much uncertainty exists 
about the extent of Y2K induced disruptions; governments face a 
major public management challenge requiring acceleration of 
their own preparations and stronger leadership; and stronger 
international cooperation is essential, especially in 
conjunction with cross border testing.
    Fortunately, it is clear that the United States has taken 
the lead in this area and is far ahead of much of the world in 
addressing this issue.
    The United States has also attempted to promote 
international dialog on the Y2K problem. The chair of the 
President's Council has met with the United Nations and other 
international bodies and helped organize a significant 
December, 1998, National Y2K Coordinators Meeting, attended by 
over 120 countries, hosted by the U.N. Working Group on 
Informatics.
    This meeting should help encourage the establishment of 
regional coordinating mechanisms and foster greater 
international dialog on the Year 2000 issue.
    However, time is running out and the January 1 date will 
not change.
    Let me talk about GAO's commitment to serve.
    Mr. Chairman, to date, GAO has issued over 70 reports and 
made dozens of recommendations to individual agencies and OMB. 
These recommendations have led to significant improvements in 
program management as well as real progress in improving the 
prospects of key government operations functioning next year.
    We have worked closely with this committee and other 
committees, including the special Y2K committees in both the 
Senate and the House, conducting and reporting on this work. 
Additionally, our guides on project planning, business 
continuity planning, and testing are used by most agencies as 
well as private sector companies in organizing and managing 
their remediation efforts. They are also now being used around 
the world by many of our counterparts.
    Further, we continue to serve as a resource base for other 
audit agencies as well as the general public. Our Year 2000 
material is now available on our web site--www.gao.gov--and has 
been accessed by thousands and thousands of organizations as 
well as concerned citizens. We have also worked with our sister 
audit agencies at all levels, both domestically and 
internationally, to increase their capability to evaluate and 
discharge their areas of responsibility in their respective 
countries and jurisdictions.
    For example, we have worked with Federal Inspectors General 
at a number of agencies to insure adequate audit coverage at 
their agencies. We have established a working relationship with 
State auditors to provide them with audit guidance. In 
addition, I personally have discussed the Year 2000 issue with 
the leadership of numerous audit institutions, my counterparts, 
across the world and have provided them with access to our 
material and guidance, both through electronic and other means.
    Mr. Chairman, highlighting and addressing the Y2K challenge 
is a vivid example of the impact that GAO can have by working 
with the Congress to make a difference for the government, our 
country, and the American people. I can assure you that our 
commitment in this area will continue.
    In conclusion, we feel confident that progress is being 
made. But I can place confidence only in what we know to be 
fact. This represents a particular challenge since much of the 
Y2K data is based on self reported information. History has 
shown that one should not place undue reliance on self reported 
information.
    Fortunately, efforts are being taken to provide reasonable, 
but not absolute, verification of the work being done on 
mission critical systems in the Federal Government, including 
work by GAO and others. Based on these efforts, we feel 
confident that Federal agencies have processes in place to 
address this important challenge and have made considerable 
progress in addressing the Year 2000 problem.
    We are also confident in stating that progress does not win 
you medals. To get the medal you have to finish on time with no 
or minimal disruption.
    Now is not the time to become complacent over the current 
level of progress. In order to make sure that these risks are 
minimized, we need to insure that the following is done.
    First, it is critical for agencies to assure that, given 
the limited time remaining to address this challenge, they 
establish key priorities, they rigorously test these systems 
and these changes, and they have thorough business continuity 
and contingency plans that are prepared and, as appropriate, 
implemented. Management controls need to be in place to assure 
that these processes are completed and that they are reported 
on on a timely basis and in an accurate manner.
    Our recommendations concerning the Conversion Council need 
to be completely implemented with regular, timely, and complete 
reports being developed for each business sector. It is 
imperative that more complete information on the status of each 
economic and infrastructure sector be developed as quickly as 
possible so that appropriate contingency efforts can be 
developed and implemented as necessary.
    Last but not least, continued Congressional oversight is 
required, both on the fiscal aspects as well as the readiness 
aspects of this challenge. This committee should require 
agencies to report on a regular basis the estimated costs of 
their Y2K effort, the amount of money expended to date, and the 
amount, if any, of additional funding required. Congress should 
also continue to provide oversight of individual agency 
readiness. This oversight has been vital in focusing attention 
on problem areas and assuring that this issue is a top priority 
for Federal agencies.
    The establishment of the Senate Special Committee on the 
Year 2000 Technology Problem has added an important impetus and 
critical focus to this problem. Senator Bennett, as committee 
chair, has already taken the lead in providing oversight over 
banking regulators and the readiness of the Nation's banking 
institutions. This committee has made significant contributions 
to developing a better understanding of the issues connected 
with all aspects of the Y2K problem, particularly those 
associated with key economic and infrastructure sectors.
    As ex officio members, Mr. Chairman, you and Senator Byrd 
provide a critical link to the appropriations process.

                           prepared statement

    Mr. Chairman, that concludes my statement. I would be more 
than happy to answer any questions that you or the other 
Senators might have.
    Thank you.
    [The statement follows:]
                 Prepared Statement of David M. Walker
    Mr. Chairman and Members of the Committee: I am pleased to appear 
today to discuss progress being made in addressing the Year 2000 
computing challenge and to outline actions needed to ensure a smooth 
conversion to the next century. While our country is considered among 
the leaders in addressing this issue, the fact remains that both public 
and private organizations still face a daunting task in providing 
reasonable assurance that it will truly be business as usual beginning 
on January 1, 2000 and continuing throughout this pivotal transition 
year.
    The federal government--with its widespread dependence on large-
scale, complex computer systems to deliver vital public services and 
carry out its massive operations--faces an especially enormous and 
difficult task. Unless adequately confronted, Year 2000--or Y2K--
computing problems could lead to serious disruptions in key federal 
operations, ranging from national defense to benefits payments to air 
traffic management.
    Consequently, in February 1997, GAO designated the Year 2000 
computing problem as a high-risk area. Our purpose was to stimulate 
greater attention to assessing the government's exposure to Year 2000 
risks and to strengthen planning for achieving Year 2000 compliance for 
mission-critical systems. Fortunately, the past 2 years have witnessed 
marked improvement in preparedness as the government has revised and 
intensified its approach to this problem.
    Significant challenges, however, remain--and time is running out. 
In particular, complete and thorough Year 2000 testing is essential to 
providing reasonable assurance that new or modified systems be able to 
process dates correctly and not jeopardize agencies' ability to perform 
core business operations. Moreover, adequate business continuity and 
contingency plans must be successfully completed throughout government.
    The scope of the Year 2000 problem extends well beyond federal 
operations; it spans the entire spectrum of our national as well as 
global economy. Accordingly, in concert with our recommendations, the 
President's Council on Year 2000 Conversion has been reaching out to 
the private sector, state and local governments, and to other countries 
to increase awareness. Working with these entities, the Council also 
has begun to assess the readiness of various sectors, including power, 
water, telecommunications, health care, and emergency services.
    At this juncture, however, a comprehensive picture of the nation's 
readiness is lacking. A great deal more needs to be done--both 
domestically and internationally--to effectively determine readiness 
and prepare necessary contingency plans. Such actions are imperative to 
ensure that technology-dependent services continue to operate reliably 
after the turn of the century, with minimal disruption.
            the federal government has enhanced its approach
    Since February 1997, action to address the Year 2000 threat has 
intensified. In response to a growing recognition of the challenge and 
urging from congressional leaders and others, the administration 
strengthened the government's Year 2000 preparation, and expanded its 
outlook beyond federal agencies. In February 1998 the President took a 
major step in establishing the President's Council on Year 2000 
Conversion. He established the goal that no system critical to the 
federal government's mission experience disruption because of the Year 
2000 problem, and charged agency heads with ensuring that this issue 
receives the highest priority attention.
    Further, the President tasked the Chair of the Council with: being 
chief spokesperson on Year 2000 issues in national and international 
forums; overseeing Year 2000 activities of federal agencies; providing 
Year 2000 policy coordination of executive branch activities with 
state, local, and tribal governments; and promoting appropriate federal 
roles with respect to private-sector activities.
    Among the initiatives the Chair has implemented in carrying out 
these responsibilities are attending monthly meetings with senior 
managers of agencies that are not making sufficient progress; 
establishing numerous working groups to increase awareness of and gain 
cooperation in addressing the Year 2000 problem in various economic 
sectors; and emphasizing the importance of federal/state data 
exchanges.
    OMB, for its part, has tightened requirements on agency reporting 
of Year 2000 progress. It now requires that, beyond the original 24 
major departments and agencies that have been reporting, 9 additional 
agencies (such as the Tennessee Valley Authority and the Postal 
Service) report quarterly on their Year 2000 progress, and that 
additional information be reported from all agencies. OMB has also 
clarified instructions for agencies relative to preparing business 
continuity and contingency plans. Further, OMB places each of the 24 
major agencies into one of three tiers after receiving its quarterly 
progress report, determined by OMB's judgment as to whether evidence of 
the agency's reported progress is or is not sufficient.
    Several agencies have reported substantial progress in repairing or 
replacing systems to be Year 2000 compliant. For example, in October 
1997 we had reported that SSA had made significant progress in 
assessing and renovating mission-critical mainframe software, although 
certain areas of risk remained.\1\ Accordingly, we made several 
recommendations to address these risks, including the development of 
business continuity and contingency plans. SSA agreed; in July 1998 we 
reported that actions to implement these recommendations had either 
been taken or were underway.\2\
---------------------------------------------------------------------------
    \1\ Social Security Administration: Significant Progress Made in 
Year 2000 Effort, But Key Risks Remain (GAO/AIMD-98-6, October 22, 
1997).
    \2\ Social Security Administration: Subcommittee Questions 
Concerning Information Technology Challenges Facing the Commissioner 
(GAO/AIMD-98-235R, July 10, 1998).
---------------------------------------------------------------------------
    As federal agencies have more fully realized the complexities and 
extent of necessary Year 2000 activities, their costs have 
correspondingly risen. As our first chart illustrates, the government's 
24 major departments and agencies' Year 2000 cost estimates more than 
tripled between February 1997 and November 1998.
    There are too many uncertainties to determine whether this cost 
escalation trend has ended. One of the most essential ongoing tasks, 
testing, could consume additional resources; experience is showing that 
testing is taking between 50 and 70 percent of a project's time and 
resources. In addition, agencies may find that the planning and 
possible implementation of business continuity and contingency plans 
could increase costs. As a result of these factors, the Congress needs 
to continue to keep apprised of agencies' Year 2000 efforts and their 
associated costs.



        Chart 1.--Federal Government's Estimated Year 2000 Costs

                                                             In billions

February 1997.....................................................  $2.5
May 1997..........................................................   2.7
August 1997.......................................................   3.8
November 1997.....................................................   3.9
February 1998.....................................................   4.7
May 1998..........................................................   5.0
August 1998.......................................................   6.3
November 1998.....................................................   7.2

Note.--The August 1998 figure of $6.3 billion and the November 1998 
figure of $7.2 billion are the totals of all individual submissions from 
the 24 major departments and agencies that were generally submitted on 
August 14th and November 13th, respectively. In its summaries of the 
agency reports, OMB reported the government's total estimated Year 2000 
costs as $5.4 billion and $6.4 billion, respectively. For the August 
1998 costs, OMB did not include all costs in its estimate because, for 
example, it was still reviewing some of the estimates provided by the 
agencies. For the November 1998 costs, OMB did not provide explanations 
in its report for the discrepancies between the agency reports and its 
estimates for 15 of the 18 agencies with differences.

Source.--February 1997 data is from OMB's report Getting Federal 
Computers Ready for 2000, February 6, 1997. May 1997 to May 1998 data 
are from OMB's quarterly reports. The August and November 1998 data are 
from the quarterly reports of the 24 major federal departments and 
agencies.
---------------------------------------------------------------------------



    Many congressional committees have played a central role in 
addressing the Year 2000 challenge by holding agencies accountable for 
demonstrating progress and by heightening public appreciation of the 
problem. As you know, the Senate formed a Special Committee on the Year 
2000 Technology Problem, under the chairmanship of Senator Bennett, 
which held hearings on the readiness of key economic sectors, including 
power, health care, telecommunications, transportation, financial 
services, emergency services, and general business. The House called on 
the Subcommittee on Government Management, Information and Technology 
of the Committee on Government Reform; and the Subcommittee on 
Technology of the Committee on Science to co-chair the House's Year 
2000 monitoring.\3\
---------------------------------------------------------------------------
    \3\ We will also be testifying today before the House Government 
Reform and Science Committees on actions needed to address the Year 
2000 computing issue.
---------------------------------------------------------------------------
    These committees and others have held many hearings to obtain 
information on the Year 2000 readiness of federal agencies, states, 
localities, and other important nonfederal entities, such as the 
securities industry.
    The Congress also passed important Year 2000 legislation. In 
October 1998 it passed--and the President signed--the Year 2000 
Information and Readiness Disclosure Act. Its purposes include (1) 
promoting the free disclosure and exchange of information related to 
Year 2000 readiness and (2) lessening the burdens on interstate 
commerce by establishing certain uniform legal principles in connection 
with the disclosure and exchange of information related to Year 2000 
readiness. In addition, the Congress passed (and the President signed) 
the Omnibus Consolidated and Emergency Supplemental Appropriations Act, 
1999, which included $3.35 billion in contingent emergency funding for 
Year 2000 conversion activities.
                gao's efforts to help meet the challenge
    As you know, GAO has been very active in working with the Congress 
as well as federal agencies to both strengthen agency processes and to 
evaluate their progress in addressing these challenges. To help 
agencies mitigate their Year 2000 risks, we produced a series of Year 
2000 guides. The first of these, on enterprise readiness, provides a 
systematic, step-by-step approach for agency planning and management of 
its Year 2000 program.\4\ The second, on business continuity and 
contingency planning, provides a structured approach to helping 
agencies ensure minimum levels of service through proper planning.\5\ 
Our third guide sets forth a disciplined approach to Year 2000 
testing.\6\ Federal agencies and other organizations have used these 
guides widely to help organize and manage their Year 2000 programs.
---------------------------------------------------------------------------
    \4\ Year 2000 Computing Crisis: An Assessment Guide (GAO/AIMD-
10.1.14, issued as an exposure draft in February 1997 and in final form 
in September 1997).
    \5\ Year 2000 Computing Crisis: Business Continuity and Contingency 
Planning (GAO/AIMD-10.1.19, issued as an exposure draft in March 1998 
and in final form in August 1998).
    \6\ Year 2000 Computing Crisis: A Testing Guide (GAO/AIMD-10.1.21, 
issued as an exposure draft in June 1998 and in final form in November 
1998).
---------------------------------------------------------------------------
    In addition, we have issued over 70 reports and testimony 
statements detailing specific findings and made over 100 
recommendations related to the Year 2000 readiness of the government as 
a whole and of a wide range of individual agencies.\7\ These 
recommendations have been almost universally embraced.
---------------------------------------------------------------------------
    \7\ A list of reports and testimony on the Year 2000 problem is 
attached to this statement. It can also be found on the Internet at 
GAO's World Wide Web site at www.gao.gov/y2kr.htm.
---------------------------------------------------------------------------
    Our recommendations have centered on the following:
    Project planning.--We have recommended better organizational 
planning and management oversight--including systems inventorying and 
analysis--in a number of programs and entities.
    Priority-setting.--With over 2,600 mission-critical systems still 
needing to be made Year 2000 compliant, it is important to establish 
priorities. Resources need to be focused on those business processes 
and supporting systems that could threaten national security, the 
economy, the health and safety of Americans, or their financial well-
being.
    Data exchanges.--To remediate their data exchanges, agencies must 
(1) identify those that are not Year 2000 compliant, (2) reach 
agreement with exchange partners (such as states) on the date format to 
be used, (3) determine if data bridges and filters are needed and, if 
so, reach agreement on their development, (4) develop and test such 
bridges and filters, and (5) test and implement new exchange formats.
    Testing.--Agencies should perform thorough testing of their 
systems, including end-to-end testing of multiple systems supporting a 
major business function.
    Business continuity and contingency planning.--Given the 
interdependencies among agencies, their business partners, and the 
public infrastructure, it is imperative that contingency plans be 
developed for all critical core business processes and supporting 
systems, regardless of whether these systems are owned by the agency.
    In addition to our work at federal agencies, we have promoted Year 
2000 awareness and solutions--both in the United States and abroad--by 
publishing our guides and reports and making them available on our 
World Wide Web site. I also discussed the Year 2000 issue with the 
leadership of audit organizations from around the world at a recent 
international conference. I subsequently wrote to these leaders to draw 
greater attention to this issue, and to share with them our recent 
publications.
                          serious risks remain
    While much has been accomplished and real progress has been made in 
addressing the Year 2000 problem, both risks and challenges remain. Our 
reviews of federal Year 2000 programs have found uneven progress; some 
major agencies are significantly behind schedule and are at high risk 
that they will not correct all of their mission-critical systems in 
time. As the time remaining diminishes, it becomes increasingly 
difficult to ensure that all mission-critical systems will be compliant 
in time.
    Chart 2 shows OMB's assessment of agencies' Year 2000 progress on 
the basis of their November 1998 quarterly reports.

    ----------------------------------------------------------------

 Chart 2.--OMB's Assessment of Agencies' Year 2000 Progress (November 
                                 1998)

    tier 1: agencies demonstrating insufficient evidence of progress
    Defense, Energy, HHS, State, Transportation, and AID.
 tier 2: agencies showing evidence of progress but about which omb has 
                                concerns
    Agriculture, Commerce, Education, Justice, Labor, Treasury, and 
OPM.
             tier 3: agencies making satisfactory progress
    HUD, Interior, VA, EPA, FEMA, GSA, NASA, NSF, NRC, SBA, and SSA.

    ----------------------------------------------------------------

    We have made detailed recommendations to agencies responsible for 
some of the government's most essential services. For example:
  --DOD and the military services face the threat of significant 
        problems.\8\ In April 1998 we reported that the department 
        lacked complete and reliable information on systems, 
        interfaces, other equipment needing repair, and the cost of its 
        correction efforts.\9\ We found that these and other problems 
        seriously threatened the department's chances of successfully 
        meeting the Year 2000 deadline for its mission-critical 
        systems. Further, taken together, the problems in Defense's 
        Year 2000 program made failure of at least some mission-
        critical systems and the operations they support almost certain 
        unless corrective actions were taken. We have recommended 
        numerous improvements for critical matters such as data 
        exchanges, testing, and contingency planning; DOD concurred 
        with these recommendations and agreed to implement them.
---------------------------------------------------------------------------
    \8\ Defense Computers: Year 2000 Computer Problems Put Navy 
Operations At Risk (GAO/AIMD-98-150, June 30, 1998); Defense Computers: 
Army Needs to Greatly Strengthen Its Year 2000 Program (GAO/AIMD-98-53, 
May 29, 1998); Defense Computers: Year 2000 Computer Problems Threaten 
DOD Operations (GAO/AIMD-98-72, April 30, 1998); and Defense Computers: 
Air Force Needs to Strengthen Year 2000 Oversight (GAO/AIMD-98-35, 
January 16, 1998).
    \9\ GAO/AIMD-98-72, April 30, 1998.
---------------------------------------------------------------------------
  --We reported\10\ that although the Health Care Financing 
        Administration (HCFA) had made improvements in its Year 2000 
        management, the agency and its contractors were severely behind 
        schedule in repairing, testing, and implementing the mission-
        critical systems supporting Medicare. Given the magnitude of 
        the task and the risks and limited time remaining, in September 
        1998 we concluded that it was highly unlikely that all Medicare 
        systems would be compliant in time to ensure uninterrupted 
        delivery of benefits and services. To improve the prospects for 
        success, we recommended that HCFA (1) rank its remaining Year 
        2000 work on the basis of an integrated project schedule, (2) 
        ensure that all critical tasks are prioritized and completed in 
        time to prevent unnecessary delays, (3) define the scope of an 
        end-to-end test of the claims process and develop plans and a 
        schedule for conducting such a test, (4) develop a risk 
        management process, and (5) accelerate the development of 
        business continuity and contingency plans. HCFA has agreed to 
        implement these recommendations.
---------------------------------------------------------------------------
    \10\ Medicare Computer Systems: Year 2000 Challenges Put Benefits 
and Services in Jeopardy (GAO/AIMD-98-284, September 28, 1998).
---------------------------------------------------------------------------
  --As we reported in August 1998,\11\ FAA had made progress in 
        managing its Year 2000 problem and had completed critical steps 
        in defining which systems needed to be corrected and how to 
        accomplish this. The agency had acted upon several of our 
        recommendations from earlier in the year, including making 
        final a Year 2000 strategy and setting priorities.\12\ However, 
        with less than 17 months to go, FAA still had to correct, test, 
        and implement many of its mission-critical systems. 
        Accordingly, FAA must determine how to ensure continuity of 
        critical operations in the event that some systems fail.
---------------------------------------------------------------------------
    \11\ FAA Systems: Serious Challenges Remain in Resolving Year 2000 
and Computer Security Problems (GAO/T-AIMD-98-251, August 6, 1998).
    \12\ FAA Computer Systems: Limited Progress on Year 2000 Issue 
Increases Risk Dramatically (GAO/AIMD-98-45, January 30, 1998) and Year 
2000 Computing Crisis: FAA Must Act Quickly to Prevent Systems Failures 
(GAO/T-AIMD-98-63, February 4, 1998).
---------------------------------------------------------------------------
    Such examples underscore the difficulties confronting agencies to 
make up for lost time; Year 2000 testing alone is consuming between 50 
and 70 percent of a project's time and resources. Thorough testing is 
essential to providing reasonable assurance that new or modified 
systems can process dates correctly and will not jeopardize an 
organization's ability to perform core business functions after the 
change of century.
    Even for agencies that are making good progress, other critical 
issues must be successfully resolved; these include data exchanges, 
telecommunications, and embedded systems.\13\ First, should the 
government's hundreds of thousands of data exchanges not be Year 2000 
compliant, data either will not be successfully exchanged or invalid 
data could cause the receiving computer systems to malfunction or 
produce inaccurate computations. Second, the government depends heavily 
on the telecommunications infrastructure; reliable services are made 
possible by a complex web of highly interconnected networks supported 
by national and local carriers and service providers, equipment 
manufacturers and suppliers, and customers. Third, the century change 
could cause problems for the many embedded computer systems used to 
control, monitor, or assist in operations.
---------------------------------------------------------------------------
    \13\ Embedded systems are special-purpose computers built into 
other devices. Examples include systems in elevators, heating and air 
conditioning units, and biomedical devices, such as cardiac 
defibrillators, and cardiac monitoring systems, which can record, 
process, analyze, display, and/or transmit medical data. (See Year 2000 
Computing Crisis: Compliance Status of Many Biomedical Equipment Items 
Still Unknown (GAO/AIMD-98-240, September 18, 1998).)
---------------------------------------------------------------------------
    If issues such as these are not adequately addressed, the impact of 
Year 2000 failures could disrupt vital government operations. Moreover, 
federal agencies depend on data provided by their business partners, as 
well as on services provided by the public infrastructure (power, 
water, transportation, and voice and data telecommunications). One weak 
link anywhere in the chain of critical dependencies can cause a 
cascading effect of major shutdowns of business operations. 
Consequently, it is imperative that contingency plans be developed for 
all critical core business processes and supporting systems, regardless 
of whether these systems are owned by the agency. Without such plans, 
when unpredicted failures occur, agencies will lack well-defined 
responses, and may not have enough time to develop and test 
alternatives.
      the nation as a whole faces significant year 2000 challenges
    Our nation's reliance on the complex array of public and private 
enterprises having scores of system interdependencies at all levels 
accentuates the potential repercussions a single failure could cause. 
It is essential that Year 2000 issues be adequately addressed in arenas 
beyond the federal government: state and local governments, the public 
infrastructure, and other key economic sectors.
    State and local governments are responsible for the implementation 
of many national programs--such as food stamps and Medicaid--while also 
providing vital local and regional services. Accordingly, Year 2000-
induced failures could result in payment delays felt at the local 
level, or in the interruption of key public services such as law 
enforcement, traffic management, and emergency and health services. For 
example, our survey of the state systems used in federal welfare 
programs revealed that the majority of them were not yet Year 2000 
compliant.\14\ Failure to complete Year 2000 conversion could result in 
billions of dollars in benefits payments not being delivered. In an 
attempt to prevent this for Medicaid systems, HCFA recently hired a 
contractor to independently verify and validate state systems.
---------------------------------------------------------------------------
    \14\ Year 2000 Computing Crisis: Readiness of State Automated 
Systems to Support Federal Welfare Programs (GAO/AIMD-99-28, November 
6, 1998). The survey was conducted in July and August 1998 and included 
the following welfare programs: Medicaid; Temporary Assistance for 
Needy Families; Women, Infants, and Children; food stamps; child 
support enforcement; child care; and child welfare. Forty-nine states, 
the District of Columbia, and three territories responded to our 
survey.
---------------------------------------------------------------------------
    The public infrastructure, including critical areas such as power, 
water, and telecommunications, is particularly important because most, 
if not all, major enterprises rely on these essential elements for 
daily functioning. Other key economic sectors include health, safety, 
and emergency services; banking and finance; transportation; and 
manufacturing and small business.
    These sectors are critical, yet the nation has not had a complete 
picture of their readiness. Accordingly, in our April 1998 report,\15\ 
we recommended that the President's Council on Year 2000 Conversion 
develop such a comprehensive picture, to include identifying and 
assessing risks to the nation's key economic sectors--including risks 
posed by international links. We also recommended that the Council use 
a sector-based approach and establish the effective public-private 
partnerships necessary to address this issue.
---------------------------------------------------------------------------
    \15\ Year 2000 Computing Crisis: Potential for Widespread 
Disruption Calls for Strong Leadership and Partnerships (GAO/AIMD-98-
85, April 30, 1998).
---------------------------------------------------------------------------
    The Council adopted a sector-based focus and has been initiating 
outreach activities since it became operational last spring. More 
recently, in October 1998, the Chair directed the Council's sector 
working groups to begin assessing their sectors. The Chair, in turn, 
plans to issue periodic public reports summarizing these assessments. 
The assessments will be used to help prepare contingency plans and aid 
in crisis management, in which the Council will respond to disruptions 
that may arise in critical services. The first such report, issued on 
January 7, 1999, summarizes information collected to date by the 
working groups and various trade associations.\16\ The Council 
acknowledged that readiness data in certain industries were not yet 
available and, therefore, were not included in the report.
---------------------------------------------------------------------------
    \16\ First Quarterly Summary of Assessment Information (The 
President's Council on Year 2000 Conversion, January 7, 1999).
---------------------------------------------------------------------------
    The Council's report is a good step toward obtaining a picture of 
the nation's Year 2000 readiness. However, the Council must remain 
vigilant and closely monitor and update the information in the sectors 
where information is available and obtain information for those where 
it is not. Particular attention should be paid to the public 
infrastructure, including critical areas such as power, water, and 
telecommunications since most, if not all, major enterprises rely on 
these essential elements for daily functioning. Other key economic 
sectors include health, safety, and emergency services; banking and 
finance; transportation; and manufacturing and small business. In 
addition, with the advent of electronic communication and international 
commerce, the United States is also critically dependent on 
international Year 2000 readiness. Completing these activities is 
absolutely vital to adequately understanding the full range of national 
and international risks.
    International concerns are underscored by a September 1998 report 
by the Organization for Economic Co-operation and Development.\17\ This 
report stated that (1) while awareness is increasing, the amount of 
remediation still required is daunting, (2) significant negative 
economic impact is likely in the short term, although much uncertainty 
exists about the extent of Year 2000-induced disruptions, (3) 
governments face a major public management challenge requiring 
acceleration of their own preparations and stronger leadership, and (4) 
stronger international cooperation is essential, especially in 
conjunction with cross-border testing.
---------------------------------------------------------------------------
    \17\ The Organization for Economic Co-operation and Development 
surveyed its member countries and reviewed existing studies and media 
reports on the Year 2000 problem and issued a report on its findings, 
The Year 2000 Problem: Impacts and Actions (September 1998). The 
organization's 29 member countries are Australia, Austria, Belgium, 
Canada, the Czech Republic, Denmark, Finland, France, Germany, Greece, 
Hungary, Iceland, Ireland, Italy, Japan, Korea, Luxembourg, Mexico, the 
Netherlands, New Zealand, Norway, Poland, Portugal, Spain, Sweden, 
Switzerland, Turkey, the United Kingdom, and the United States.
---------------------------------------------------------------------------
    In addition to addressing domestic Year 2000 issues, the United 
States has attempted to promote international dialog on the problem. In 
June 1998 the United Nations General Assembly adopted a resolution on 
the global implications of the Year 2000 issue. The resolution 
recognized that effective operation of governments, companies, and 
other organizations was threatened by the century change, and 
coordinated efforts were required to address it. The resolution went on 
to request that all member countries attach a high priority to raising 
the level of awareness and to consider appointing a nationwide 
coordinator to tackle the problem.
    The Chair of the President's Council also has met with the United 
Nations and other international bodies, and helped organize a December 
1998 National Y2K Coordinators' meeting attended by over 120 countries, 
hosted by the United Nations' Working Group on Informatics. This 
meeting should help encourage the establishment of regional 
coordinating mechanisms and foster greater international dialog on the 
Year 2000 issue.
    In conclusion, considerable progress has been made in addressing 
the Year 2000 challenge. It is clear that federal agencies have now 
made the Year 2000 a top priority. It is equally clear, however, that 
much more needs to be done. It is critical that agency priorities 
continue to be set, rigorous testing be completed, and thorough 
business continuity and contingency plans be prepared. Further, 
aggressive and sustained action must continue in assessing and 
mitigating national and international risks in both the public 
infrastructure and key economic sectors.
    Such efforts require federal leadership, effective public-private 
partnerships, and international cooperation. Congressional leadership 
and oversight of the Year 2000 issue have been instrumental in raising 
awareness and spurring needed action; such continued leadership on the 
part of the Congress will be crucial. For our part, we will continue to 
support the Congress' oversight efforts by evaluating the effectiveness 
of the federal government's Year 2000 actions and advancing 
constructive suggestions for mitigating the risk of serious Year 2000 
disruption.
    Mr. Chairman, this concludes my statement. I will be pleased to 
respond to any questions that you or other members of the Committee may 
have at this time.
       gao reports and testimony addressing the year 2000 problem
    Status Information: FAA's Year 2000 Business Continuity and 
Contingency Planning Efforts Are Ongoing (GAO/AIMD-99-40R, December 4, 
1998)
    Year 2000 Computing Crisis: A Testing Guide (GAO/AIMD-10.1.21, 
November 1998)
    Year 2000 Computing Crisis: Readiness of State Automated Systems to 
Support Federal Welfare Programs (GAO/AIMD-99-28, November 6, 1998)
    Year 2000 Computing Crisis: Status of Efforts to Deal With 
Personnel Issues (GAO/AIMD/GGD-99-14, October 22, 1998)
    Year 2000 Computing Crisis: Updated Status of Department of 
Education's Information Systems (GAO/T-AIMD-99-8, October 8, 1998)
    Year 2000 Computing Crisis: The District of Columbia Faces 
Tremendous Challenges in Ensuring That Vital Services Are Not Disrupted 
(GAO/T-AIMD-99-4, October 2, 1998)
    Medicare Computer Systems: Year 2000 Challenges Put Benefits and 
Services in Jeopardy (GAO/AIMD-98-284, September 28, 1998)
    Year 2000 Computing Crisis: Leadership Needed to Collect and 
Disseminate Critical Biomedical Equipment Information (GAO/T-AIMD-98-
310, September 24, 1998)
    Year 2000 Computing Crisis: Compliance Status of Many Biomedical 
Equipment Items Still Unknown (GAO/AIMD-98-240, September 18, 1998)
    Year 2000 Computing Crisis: Significant Risks Remain to Department 
of Education's Student Financial Aid Systems (GAO/T-AIMD-98-302, 
September 17, 1998)
    Year 2000 Computing Crisis: Progress Made at Department of Labor, 
But Key Systems at Risk (GAO/T-AIMD-98-303, September 17, 1998)
    Year 2000 Computing Crisis: Federal Depository Institution 
Regulators Are Making Progress, But Challenges Remain (GAO/T-AIMD-98-
305, September 17, 1998)
    Year 2000 Computing Crisis: Federal Reserve Is Acting To Ensure 
Financial Institutions Are Fixing Systems But Challenges Remain (GAO/
AIMD-98-248, September 17, 1998)
    Responses to Questions on FAA's Computer Security and Year 2000 
Program (GAO/AIMD-98-301R, September 14, 1998)
    Year 2000 Computing Crisis: Severity of Problem Calls for Strong 
Leadership and Effective Partnerships (GAO/T-AIMD-98-278, September 3, 
1998)
    Year 2000 Computing Crisis: Strong Leadership and Effective 
Partnerships Needed to Reduce Likelihood of Adverse Impact (GAO/T-AIMD-
98-277, September 2, 1998)
    Year 2000 Computing Crisis: Strong Leadership and Effective 
Partnerships Needed to Mitigate Risks (GAO/T-AIMD-98-276, September 1, 
1998)
    Year 2000 Computing Crisis: State Department Needs To Make 
Fundamental Improvements To Its Year 2000 Program (GAO/AIMD-98-162, 
August 28, 1998)
    Year 2000 Computing: EFT 99 Is Not Expected to Affect Year 2000 
Remediation Efforts (GAO/AIMD-98-272R, August 28, 1998)
    Year 2000 Computing Crisis: Progress Made in Compliance of VA 
Systems, But Concerns Remain (GAO/AIMD-98-237, August 21, 1998)
    Year 2000 Computing Crisis: Avoiding Major Disruptions Will Require 
Strong Leadership and Effective Partnerships (GAO/T-AIMD-98-267, August 
19, 1998)
    Year 2000 Computing Crisis: Strong Leadership and Partnerships 
Needed to Address Risk of Major Disruptions (GAO/T-AIMD-98-266, August 
17, 1998)
    Year 2000 Computing Crisis: Strong Leadership and Partnerships 
Needed to Mitigate Risk of Major Disruptions (GAO/T-AIMD-98-262, August 
13, 1998)
    FAA Systems: Serious Challenges Remain in Resolving Year 2000 and 
Computer Security Problems (GAO/T-AIMD-98-251, August 6, 1998)
    Year 2000 Computing Crisis: Business Continuity and Contingency 
Planning (GAO/AIMD-10.1.19, August 1998)
    Internal Revenue Service: Impact of the IRS Restructuring and 
Reform Act on Year 2000 Efforts (GAO/GGD-98-158R, August 4, 1998)
    Social Security Administration: Subcommittee Questions Concerning 
Information Technology Challenges Facing the Commissioner (GAO/AIMD-98-
235R, July 10, 1998)
    Year 2000 Computing Crisis: Actions Needed on Electronic Data 
Exchanges (GAO/AIMD-98-124, July 1, 1998)
    Defense Computers: Year 2000 Computer Problems Put Navy Operations 
At Risk (GAO/AIMD-98-150, June 30, 1998)
    Year 2000 Computing Crisis: Testing and Other Challenges 
Confronting Federal Agencies (GAO/T-AIMD-98-218, June 22, 1998)
    Year 2000 Computing Crisis: Telecommunications Readiness Critical, 
Yet Overall Status Largely Unknown (GAO/T-AIMD-98-212, June 16, 1998)
    GAO Views on Year 2000 Testing Metrics (GAO/AIMD-98-217R, June 16, 
1998)
    IRS' Year 2000 Efforts: Business Continuity Planning Needed for 
Potential Year 2000 System Failures (GAO/GGD-98-138, June 15, 1998)
    Year 2000 Computing Crisis: Actions Must Be Taken Now to Address 
Slow Pace of Federal Progress (GAO/T-AIMD-98-205, June 10, 1998)
    Defense Computers: Army Needs to Greatly Strengthen Its Year 2000 
Program (GAO/AIMD-98-53, May 29, 1998)
    Year 2000 Computing Crisis: USDA Faces Tremendous Challenges in 
Ensuring That Vital Public Services Are Not Disrupted (GAO/T-AIMD-98-
167, May 14, 1998)
    Securities Pricing: Actions Needed for Conversion to Decimals (GAO/
T-GGD-98-121, May 8, 1998)
    Year 2000 Computing Crisis: Continuing Risks of Disruption to 
Social Security, Medicare, and Treasury Programs (GAO/T-AIMD-98-161, 
May 7, 1998)
    IRS' Year 2000 Efforts: Status and Risks (GAO/T-GGD-98-123, May 7, 
1998)
    Air Traffic Control: FAA Plans to Replace Its Host Computer System 
Because Future Availability Cannot Be Assured (GAO/AIMD-98-138R, May 1, 
1998)
    Year 2000 Computing Crisis: Potential For Widespread Disruption 
Calls For Strong Leadership and Partnerships (GAO/AIMD-98-85, April 30, 
1998)
    Defense Computers: Year 2000 Computer Problems Threaten DOD 
Operations (GAO/AIMD-98-72, April 30, 1998)
    Department of the Interior: Year 2000 Computing Crisis Presents 
Risk of Disruption to Key Operations (GAO/T-AIMD-98-149, April 22, 
1998)
    Tax Administration: IRS' fiscal year 1999 Budget Request and Fiscal 
Year 1998 Filing Season (GAO/T-GGD/AIMD-98-114, March 31, 1998)
    Year 2000 Computing Crisis: Strong Leadership Needed to Avoid 
Disruption of Essential Services (GAO/T-AIMD-98-117, March 24, 1998)
    Year 2000 Computing Crisis: Federal Regulatory Efforts to Ensure 
Financial Institution Systems Are Year 2000 Compliant (GAO/T-AIMD-98-
116, March 24, 1998)
    Year 2000 Computing Crisis: Office of Thrift Supervision's Efforts 
to Ensure Thrift Systems Are Year 2000 Compliant (GAO/T-AIMD-98-102, 
March 18, 1998)
    Year 2000 Computing Crisis: Strong Leadership and Effective Public/
Private Cooperation Needed to Avoid Major Disruptions (GAO/T-AIMD-98-
101, March 18, 1998)
    Post-Hearing Questions on the Federal Deposit Insurance 
Corporation's Year 2000 (Y2K) Preparedness (AIMD-98-108R, March 18, 
1998)
    SEC Year 2000 Report: Future Reports Could Provide More Detailed 
Information (GAO/GGD/AIMD-98-51, March 6, 1998)
    Year 2000 Readiness: NRC's Proposed Approach Regarding Nuclear 
Powerplants (GAO/AIMD-98-90R, March 6, 1998)
    Year 2000 Computing Crisis: Federal Deposit Insurance Corporation's 
Efforts to Ensure Bank Systems Are Year 2000 Compliant (GAO/T-AIMD-98-
73, February 10, 1998)
    Year 2000 Computing Crisis: FAA Must Act Quickly to Prevent Systems 
Failures (GAO/T-AIMD-98-63, February 4, 1998)
    FAA Computer Systems: Limited Progress on Year 2000 Issue Increases 
Risk Dramatically (GAO/AIMD-98-45, January 30, 1998)
    Defense Computers: Air Force Needs to Strengthen Year 2000 
Oversight (GAO/AIMD-98-35, January 16, 1998)
    Year 2000 Computing Crisis: Actions Needed to Address Credit Union 
Systems' Year 2000 Problem (GAO/AIMD-98-48, January 7, 1998)
    Veterans Health Administration Facility Systems: Some Progress Made 
In Ensuring Year 2000 Compliance, But Challenges Remain (GAO/AIMD-98-
31R, November 7, 1997)
    Year 2000 Computing Crisis: National Credit Union Administration's 
Efforts to Ensure Credit Union Systems Are Year 2000 Compliant (GAO/T-
AIMD-98-20, October 22, 1997)
    Social Security Administration: Significant Progress Made in Year 
2000 Effort, But Key Risks Remain (GAO/AIMD-98-6, October 22, 1997)
    Defense Computers: Technical Support Is Key to Naval Supply Year 
2000 Success (GAO/AIMD-98-7R, October 21, 1997)
    Defense Computers: LSSC Needs to Confront Significant Year 2000 
Issues (GAO/AIMD-97-149, September 26, 1997)
    Veterans Affairs Computer Systems: Action Underway Yet Much Work 
Remains To Resolve Year 2000 Crisis (GAO/T-AIMD-97-174, September 25, 
1997)
    Year 2000 Computing Crisis: Success Depends Upon Strong Management 
and Structured Approach, (GAO/T-AIMD-97-173, September 25, 1997)
    Year 2000 Computing Crisis: An Assessment Guide (GAO/AIMD-10.1.14, 
September 1997)
    Defense Computers: SSG Needs to Sustain Year 2000 Progress (GAO/
AIMD-97-120R, August 19, 1997)
    Defense Computers: Improvements to DOD Systems Inventory Needed for 
Year 2000 Effort (GAO/AIMD-97-112, August 13, 1997)
    Defense Computers: Issues Confronting DLA in Addressing Year 2000 
Problems (GAO/AIMD-97-106, August 12, 1997)
    Defense Computers: DFAS Faces Challenges in Solving the Year 2000 
Problem (GAO/AIMD-97-117, August 11, 1997)
    Year 2000 Computing Crisis: Time is Running Out for Federal 
Agencies to Prepare for the New Millennium (GAO/T-AIMD-97-129, July 10, 
1997)
    Veterans Benefits Computer Systems: Uninterrupted Delivery of 
Benefits Depends on Timely Correction of Year 2000 Problems (GAO/T-
AIMD-97-114, June 26, 1997)
    Veterans Benefits Computer Systems: Risks of VBA's Year 2000 
Efforts (GAO/AIMD-97-79, May 30, 1997)
    Medicare Transaction System: Success Depends Upon Correcting 
Critical Managerial and Technical Weaknesses (GAO/AIMD-97-78, May 16, 
1997)
    Medicare Transaction System: Serious Managerial and Technical 
Weaknesses Threaten Modernization (GAO/T-AIMD-97-91, May 16, 1997)
    Year 2000 Computing Crisis: Risk of Serious Disruption to Essential 
Government Functions Calls for Agency Action Now (GAO/T-AIMD-97-52, 
February 27, 1997)
    Year 2000 Computing Crisis: Strong Leadership Today Needed To 
Prevent Future Disruption of Government Services (GAO/T-AIMD-97-51, 
February 24, 1997)
    High-Risk Series: Information Management and Technology (GAO/HR-97-
9, February 1997)

    Chairman Stevens. Thank you very much.
    Again, my greatest concern is about the funding. Have you 
come across any agencies that are not doing some of the work 
that you have suggested because of cost?
    Mr. Walker. It is my understanding, Mr. Chairman, that we 
have not seen that to date, although we have not received 
adequate information to be able fully to assess that. The real 
challenge that we have seen to date is really not the issue of 
financial resources. It is human capital resources. It is being 
able to have enough people, either internally within the 
organization or externally as supplemental resources, in order 
to attack this problem in the amount of time that is left.
    I would ask Gene if he has any supplemental comments.
    Mr. Dodaro. The main issue that we have seen related to 
cost--and we have made a number of recommendations--is that 
agencies were not making complete cost estimates. This is part 
of a deficiency in project management early-on. They did not 
have complete inventories of their systems. They had not 
assessed their Y2K risks extensively. This is why you have seen 
the costs go up. As they have implemented better program 
management tools and assessed their vulnerabilities, they have 
revised their cost estimates accordingly. We have made a number 
of recommendations in that regard.
    So the cost estimates we would expect will continually be 
revised because, as Mr. Walker pointed out in his comments, we 
are right in the midst of testing. I think the results of 
testing could yield additional costs that may be needed to make 
repairs that were not anticipated. Also, agencies are now 
completing business continuity and contingency plans.
    Now the execution of those contingency plans might require 
additional resources. For example, they might need to hire 
additional people to conduct manual operations and work-arounds 
around their systems. Those contingency plans have not yet been 
completed and that is one of the suggestions that we have, that 
costs associated with those contingency plans be specifically 
highlighted in the OMB quarterly reports.
    The other cost dimension of this issue which is very 
important is that, as problems occur potentially--and we think 
they are going to occur at the State and local level and at 
other aspects across the Nation--the Federal Government will be 
de facto asked to provide additional assistance outside of just 
the Federal agencies being remediated. This aspect of cost has 
not been given full attention as well.
    Chairman Stevens. Thank you.
    Yes, Mr. Walker.
    Mr. Walker. Mr. Chairman, an important point I think needs 
to be made to supplement this.
    There are a couple of dimensions to this. One is what is 
the estimated total cost and, second is whether or not 
additional appropriations would be necessary.
    As you know, many Federal agencies have significant 
appropriated dollars as part of their baseline for information 
technology (IT) operations. As a result, even though the costs 
go up, it does not necessarily mean they will need additional 
appropriations. But we will continue to monitor that.
    Importantly, something that I do not think has been focused 
on enough is many agencies--in fact, probably most agencies--
have been using a large part of their discretionary baseline IT 
resources to deal with this Y2K issue. This means that they 
have not been using those resources for security and systems 
upgrades, and what is yet to be determined is to what extent 
there might be a ripple effect on future appropriations needs 
because a lot of the discretionary resources have been focused 
on Y2K and not on some of the other mission critical elements 
that are non-Y2K related which the government has to deal with 
on an ongoing basis.
    I think this is something we will continue to monitor to 
make you aware of as well.
    Chairman Stevens. Now this is the estimate currently of the 
Federal Government's Y2K costs. Is there an estimate, a global 
estimate, for the United States and all State, local, and 
private entities?
    Mr. Dodaro. There have been some estimates, Mr. Chairman, 
that have been made by the Gartner Group early on in the 
several tens of billions of dollars. Also, as Senator Bennett 
knows, because he was primarily the impetus behind having 
private sector organizations report under Securities and 
Exchange Commission (SEC) filings their costs for publicly 
traded corporations, those are in the hundreds of millions of 
dollars for some aspects of that.
    So there have been some estimates. We can provide those to 
the committee. But they are very extensive and go well beyond 
this.
    In fact, I know the securities industry alone has almost 
spent as much as the Federal Government has spent getting ready 
for the Y2K problem.
    [The information follows:]

    Gartner Group, a leading organization specializing in 
information technology issues, estimated in 1996 that the 
global cost of renovating software to be year 2000 compliant 
would range between $300 billion and $600 billion. In 1998, 
Gartner concluded that, based upon updated information, this 
cost range was still valid.

    Chairman Stevens. We tried to create a reserve for Y2K. I 
think it is more than two-thirds allocated now. But my fear is 
that we are going to get down into the last few months of the 
year and the costs of testing and the costs of remediation 
after testing are going to be so excessive that there will not 
be the money there to allocate to cover the costs.
    I would be pleased if you would take a look at that. Should 
we have another reserve account and if so, what restraints 
should there be on it?
    I am particularly concerned about the private sector and 
the State and local government sector. As the President 
mentioned last night, we should be working with the State and 
local governments and with the private sector to make sure that 
this headache is not the first crisis for the next millennium.
    Clearly, the way things are going now, it appears that we 
are still looking at the critical and essential missions to 
have priority. And yet, each one of those has a lot of 
tentacles hanging off of it that, if they are not similarly 
dealt with, we could have so many minor crises that they would 
add up to a major one.
    I do not know how to get to this funding problem. That, 
really, again is my major interest--that funding problem.
    You have not made an analysis of the private sector and 
State and local government requirements, I take it. You have 
had some reports on that, but I do not know that you have made 
any estimate of their requirements financially.
    Mr. Walker. No, Mr. Chairman, we have not done that. With 
regard to the Federal sector, one of our recommendations to the 
President's Council is that they need to have more discipline 
and rigor in their process of getting updates on how much money 
has been spent, how much is likely to be required, and whether 
or not there is expected to be a funding gap. That is something 
that we believe needs to be done. That is something we will 
continue to monitor and keep you apprised of.
    Chairman Stevens. Senator Bennett, go ahead.
    Senator Bennett. Excuse me, Mr. Chairman. Unfortunately, I 
have to leave. If I could just ask about one area, I will read 
the record. I apologize for asking a question and not being 
able to stay.
    I am concerned about the Postal Service. It seems to be 
neither fish nor fowl. That is, it is not a Federal agency. It 
is not listed as to which tier it is in by OMB. But, as I go 
around on this issue, a number of businesses say the Postal 
Service is as essential to their survival as any other 
government agency.
    I understand that GAO has looked at the Postal Service. The 
Federal Government, of course, has a very heavy investment in 
the Postal Service. We do have appropriated funds that go to 
pay for services provided to the Federal Government. When it 
was made a private corporation, that was all worked out.
    I would appreciate it if you would address that issue as 
well. Again, I apologize that I have a standing commitment that 
requires me to leave.
    Chairman Stevens. Thank you. I look forward to your 
hearings on this subject. We are trying to stay out of your 
area, but sometimes that is not easy to do.
    Have you analyzed yet what areas may face a need for 
supplemental funding? I am talking about this current year now. 
We are going to be dealing with a budget and a lot of people 
forget that we are dealing with next year's budget when we 
start our hearings. But we are talking about now, this year, 
1999, the period of prevention of problems in the next 
millennium.
    Have you analyzed the sufficiency of the monies that are 
available to the Federal agencies now, without any further 
supplemental appropriations?
    Mr. Walker. We are not in a position to tell you right now, 
Mr. Chairman. What we need to have happen is the following.
    First, the President's Council on Y2K needs to fully 
implement our recommendations with regard to getting more 
timely updates on the estimated cost, progress to date, and 
whether there are expected to be any gaps. Second, there needs 
to be more progress on the testing.
    As I mentioned, at least 50 percent of the total cost of 
Y2K activities relates to testing. Many of these agencies are 
just now getting into testing. As a result, that should provide 
us some information in the near future about whether or not 
there might be additional appropriation needs.
    Furthermore, I would expect that, to the extent there would 
be, it is most likely to be the ones that are in the Tier 1 
agencies, the ones that are obviously deemed to be at greatest 
risk and having made the least progress.
    As you mentioned before, Mr. Chairman, that represents over 
half the budget and some of the more critical agencies in the 
Federal Government.
    But as soon as we are in a position to do that, Mr. 
Chairman, I can assure you we will report back to this 
committee.
    Chairman Stevens. I keep hearing stories, particularly in 
my State, about systems that have been acquired by State and 
local government agencies that, upon receipt, they found were 
not Y2K compliant.
    Have you looked at that? Is there anything we should do to 
place a greater responsibility on people who actually market 
noncompliant devices and systems? Apparently they have not 
heard Paul Revere. I mean, the word is out that there is a 
problem, and yet they are still marketing systems that are not 
compliant?
    Mr. Walker. I will make one comment and then go to my 
colleagues who may be more familiar with what we have done in 
this area.
    There are many public and private sector enterprises whose 
strategy for Y2K was to buy new systems. That was their answer. 
You are disclosing a situation where sometimes that is not a 
panacea.
    Let me turn to Gene or Jack. Is there anything that we have 
done here?
    Mr. Brock. We have not done any specific work in this area, 
but we know that a problem that has existed at some agencies is 
that, for a while, many were still purchasing systems that had 
no contract or language that would limit Y2K problems.
    The Department of Defense (DOD) Inspector General (IG), for 
example, found that a large percentage of new DOD contracts did 
not, in fact, have any sort of Y2K guarantee language in it.
    I would suspect that that would be true, as you found out, 
in many State and local governments as well.
    So one of the things that people need to do in contracting, 
of course, is to exercise an amount of due diligence to make 
sure that such protective language is written into the 
contract.
    Mr. Dodaro. I would say in addition to that, Mr. Chairman, 
this is one of the reasons we have advocated testing. For those 
products you should have a testing period by the entity 
purchasing the products to make sure they are Y2K compliant. If 
not, Jack is right in that they need to have some recourse 
through the contract language.
    One of the suggestions that we could make is this. The 
President's Council has monthly conference calls with State 
officials around the country. We could urge them to bring this 
issue up to them.
    I know the Federal Government has adopted contract language 
and that could be shared with States, who could then share it 
with localities as well. Perhaps they could put some 
information on their web site in that regard.
    We will follow up to see if that could happen.
    Chairman Stevens. Are we sure of the technology base that 
is doing the testing? I mean, if a system is certified as being 
Y2K compliant, are the tests out there certified by a 
sufficient expertise base that we can rely upon those tests?
    Mr. Dodaro. Basically there is a lot of reliance placed on 
individual vendors to provide assurance. The problem comes when 
people incorporate different software packages into their 
operating systems. It becomes very complex. Really, then, the 
burden shifts from the vendor to how the organizations actually 
are using that particular system, whether or not they make 
modifications to the commercial off-the-shelf software. That is 
often done.
    So in terms of how the system then is used, that really is 
the responsibility of the organization. That is why they have 
to have testing in place, to see how it fits in with their 
entire totality of operations.
    Chairman Stevens. When I talked to one small city group, 
they thought the answer was to replace the system, that it 
would be cheaper just to replace it than to go through all of 
the analysis and upgrade of particular items within the system.
    I asked them who is going to certify the system you buy as 
being compliant. There is no real government agency or anyone 
out there that can put a stamp on it and say this is Y2K 
compliant and the world can rely on that, is there?
    Mr. Walker. There isn't one particular entity that is 
designated as being the entity or the type of person that is 
authorized for certification.
    I would, however, point out, Mr. Chairman, that we have a 
testing guide. GAO has put out a testing guide and that testing 
guide is being used in the Federal Government. In fact, it is 
being used to a great extent in the private sector as well. We 
have confidence in that.
    Joel, would you have any comments?
    Mr. Willemssen. If I may add a couple of comments, Mr. 
Chairman, as a general rule, the more critical a particular 
system is to your business, the higher the likelihood is you've 
got to go out and independently test that for yourself, to make 
sure that it is indeed going to work as intended.
    Second, the General Services Administration and Social 
Security Administration have set up a database for commercial 
off-the-shelf products where they are engaging in some 
independent testing of those commercial off-the-shelf products 
and then placing that information on a web site for use by 
others so that they don't have to go through the same routine--
that indeed these products have been independently tested and 
there is some independent assurance that they are going to work 
as intended.
    That database to date has not been as populated as we would 
like to see. But it represents a good opportunity to get the 
information out to other agencies and to the public on what 
products are going to work.
    Mr. Brock. You are in a very interesting area as well, Mr. 
Chairman. It is accepted by a lot of Y2K experts that State and 
local governments, particularly local governments, are very far 
behind the curve in terms of remediating the Y2K problem. Many 
smaller towns and communities really do not have the 
sophisticated technical expertise that is necessary to make the 
assessments and to take corrective action.
    Of course, for many Americans, the real problems of Y2K 1--
that is, January 1, 2000--will occur in their local 
communities.
    Mr. Walker. As you know, the Information Readiness and 
Disclosure Act was intended to encourage the sharing of 
information to the extent that individuals were having problems 
with purchased software systems or otherwise were having 
experiences that it would be beneficial to be able to share, to 
encourage the sharing of that information while limiting 
potential liability.
    I think one of the things that we and the administration 
will need to continue to monitor is the relative effectiveness 
of that: is it having the intended impact?
    I think, in the near future, as we go through more of this 
testing stage, we will be in a better position to assess that.
    Chairman Stevens. Let me sort of change gears here. Is 
there a timeline now on what must be done in order to be sure 
we have compliance within the Federal Government by the 
critical dates? We have several critical dates this year. But 
is there a timeline out there and do the agencies understand 
that timeline?
    Mr. Walker. The timeline for the Federal Government is 
March 31, 1999. That is the date that has been set as the 
target date for completion of all mission critical systems.
    It is clear that some agencies will not hit that and that 
many agencies will not hit it for all of their systems.
    Now, obviously, that date is 9 months before the end of the 
year and it was established at an early time in order to 
recognize that there may be some slippage. But that is the date 
that has been established. That is the date by which, and the 
interim milestones before that, the reporting was done and the 
tiering was done by OMB.
    In the final analysis, it has to be ready to go by January 
1, 2000. You want it ready, obviously, as far in advance as 
possible. In part, Mr. Chairman, you can do about a limitless 
amount of testing. It is limited by the amount of human capital 
and financial resources that you have.
    The biggest restraint, right now, quite frankly, is 
probably more the human capital constraint. But we will advise 
you if we become aware of situations where there might be a 
financial constraint.
    Chairman Stevens. You have made suggestions to almost every 
Federal agency, I take it, in regard to this issue. Have you 
catalogued their responses?
    Mr. Walker. Yes, we have.
    In general, they have been very responsive, and we do keep 
a summary of agencies' actions in conjunction with this area. 
We are monitoring it very closely.
    Joel, did you have a comment you wanted to make on this?
    Mr. Willemssen. I would just add to Mr. Walker's comment on 
the March 31 date and why that is critical for individual 
mission critical systems. The other key factor on why we would 
need that additional time is it takes multiple systems working 
together to support an entire business area to be Y2K 
compliant. We need that additional time to test from an end-to-
end perspective, including all of those critical systems, to 
make sure that, working together, they are going to work as 
intended for that entire business process.
    That often is the more time consuming and rigorous process 
that we are going to have to go through. That, in large part, 
is why we also need that additional time.
    For example, you can look at air traffic control. That 
relies on about 50 automated systems working together to help 
separate aircraft. So it is one thing to say each of those 
systems is compliant. It is yet another thing to say all of 
them working together to support that business area are 
compliant. That is why we need that additional time.
    Chairman Stevens. Has the President's Council followed the 
recommendations of GAO?
    Mr. Walker. Generally, they have been very responsive to 
our recommendations. We do, however, have some outstanding 
recommendations that we still believe they need to implement, 
including one of the ones that I mentioned, Mr. Chairman, about 
having regular updates not only on progress but on 
expenditures; also on any additional appropriations that might 
be necessary in order to be able to meet the critical dates.
    I think we also need to try to assess better what the 
ripple effect of this might be--in other words, what effect 
might there be in the out-years on IT budgets because so much 
of the discretionary resources have been focused on Y2K--in 
addition to supplemental appropriations that have been provided 
by the Congress.
    Chairman Stevens. We have heard of a series of businesses 
that have accelerated their clocks in order to try to test 
their systems.
    Is that advisable?
    Mr. Walker. I'm sorry, Mr. Chairman. Could you repeat that, 
please?
    Chairman Stevens. We have heard, we have been told of a 
series of businesses that accelerated their clocks in order to 
try to test their systems and what would happen on December 31, 
1999. Is that advisable? Is that a valid test?
    Mr. Walker. That is one means to test and it is something 
that is advisable to do, I believe.
    Joel?
    Mr. Willemssen. Yes, that is a reasonable test. One just 
has to be cautious about doing that in a live operational 
environment. It is more ideal for major complex systems to have 
a separate test bed environment to do those roll-ahead tests. 
But those are absolutely crucial in making sure that the 
systems are Y2K compliant.
    Chairman Stevens. I asked the question because I do not see 
any of that in the Federal testing system.
    Mr. Walker. Oh, they are. I mean, there are systems that 
have done that. I know, for example--the Defense Department is 
an example. I know that they have tested some of the critical 
national defense systems by doing roll forwards, and I'm sure 
others have, too.
    Mr. Brock. Right. The Department of Defense, for example, 
has what they call a time machine that they are establishing in 
their defense megacenters, the giant computing centers, where 
they are rolling systems forward.
    One of the problems with rolling systems forward, though, 
is there are some key aspects of the infrastructure that you 
cannot roll forward. For example, you cannot roll forward the 
public switch telephone network. So to the extent that that 
network may or may not have problems, that won't be tested.
    There are certain other key infrastructure systems that 
also cannot be tested along that way.
    But rolling the clock forward in a test environment is a 
fairly common mechanism that all agencies use.
    Mr. Walker. Mr. Chairman, in addition to getting the 
results of the testing that many of these agencies are involved 
with to try to ascertain whether or not additional supplemental 
appropriations will be necessary, the other issue that I think 
we need to see is what success the council has on this national 
assessment, on trying to assess the critical infrastructure and 
other industry sectors.
    Chairman Stevens. That was going to be my next question. I 
gather from what they told us the other day they don't have 
really yet a national assessment.
    Mr. Walker. Not yet. They are working on it. Obviously, the 
act that was passed this past fall that provides some 
protection for sharing that type of information hopefully will 
aid in their being able to gather the information and analyze 
it.
    That is something we are clearly monitoring.
    Mr. Dodaro. Yes, that is one thing, Mr. Chairman. Overall, 
the council has been very responsive to our recommendations. 
They set up the sector based approach. They have begun outreach 
activities. But the need to do that assessment we raised last 
April, in 1998, and they have been a little bit behind in 
getting that assessment process in place.
    This is why you saw for their first national assessment 
report a lot of holes in that assessment process.
    Now, hopefully, they can get those holes filled quickly. 
But if there is not a good national picture of readiness by 
this spring and summer, the Federal Government and, indeed, the 
Nation, are going to be handicapped in identifying specific 
contingency plans and making critical decisions, both 
domestically and internationally.
    So that is vital. I would urge this committee, as well as 
the other specific committees on Y2K, to monitor closely--I 
know we will be doing so--those assessments and whether or not 
they are completed.
    You can only make good decisions if you have good 
information, and even if it is self-reported information, as 
Mr. Walker pointed out, that is better than no information. And 
then you could do some selective testing.
    That is a critical recommendation we have made that has not 
yet been fully implemented.
    Chairman Stevens. I think you made that point in Alaska 
when your people were up there. I think it did sort of ring a 
bell as far as our people are concerned. I think they are 
looking more deeply into the problem now.
    Senator Bennett's staff has indicated that there is a 
problem if the Y2K testing on a system modification might void 
the warranties on the software or the computer systems that 
have been sold to the government. Have you looked into that?
    Mr. Walker. Has any work been done on that, Joel?
    Mr. Willemssen. No in depth work yet. No.
    Chairman Stevens. Have we looked at the overall legal 
potential liability of the Federal Government and systems it 
operates, particularly where it interfaces with the private 
sector and with the State and local governments to see what 
type of liability we might have out there? I keep reading 
stories in the legal newspapers and periodicals about the scope 
of the total legal system costs for litigation that is going to 
follow on the start of the new century.
    I take it that most of that will not be initiated until 
after this year is completed. But I don't know if we have 
looked at it from a Federal Government point of view as to what 
is our potential liability out there and if there is anything 
we can do to mitigate that potential liability.
    Mr. Walker. Mr. Chairman, our General Counsel, Bob Murphy, 
is working with Senator Bennett's committee in looking at this 
issue right now and trying to assess this.
    Chairman Stevens. Well, some of that surplus the President 
talked about last night could disappear awfully fast if we have 
the kind of liability people are reporting in the legal 
periodicals.
    I would hope that somehow we would be given some 
information on that in terms of this year's analysis of the Y2K 
problem.
    Have you looked at the Department of Justice in your 
examinations?
    Mr. Brock. Not today. We have a review scheduled right now 
of some critical operations both in the Immigration and 
Naturalization Service (INS) as well as the Federal Bureau of 
Investigation (FBI).
    Chairman Stevens. How about this in terms of the capability 
of the government's attorneys being capable of handling the 
kind of litigation that is being presumed to be automatically 
involved come the first of next year?
    Mr. Brock. We don't have that planned. But we will now.
    Mr. Walker. Mr. Chairman, obviously, the best safeguard 
that we can do is to make sure that we complete all the testing 
and have reasonable assurance that our systems are going to 
operate effectively. So, therefore, to the extent that there is 
a problem, it would be because of the interface on the other 
side, rather than because of problems that we are causing.
    Nonetheless, you are pointing out some excellent issues 
that we will follow up on and address to the extent that we 
have not already.
    Chairman Stevens. Well, I am ex officio in Senator 
Bennett's committee, as you point out, as is Senator Byrd. We 
are worried about our job here in terms of this year's money, 
the supplemental funding, and whether or not we have sufficient 
money there to meet the emergency and particularly whether the 
money we put up for that purpose of meeting the emergency is, 
in fact, being used to meet the emergency.
    Tell me, what are your plans to keep us informed about the 
progress of Y2K? Do you have any timeline on that?
    Mr. Walker. I would expect, Mr. Chairman, that we would 
need to give you at least monthly updates on what we have and, 
obviously, as we get to more critical information in the 
interim, to make you aware of it as we become aware of it.
    But I think at this point in time we have to be doing at 
least monthly updates and other information that is critical as 
we become aware of it.
    Mr. Brock. In addition to that, we, Senator Bennett's 
special committee, we have, I think it is fair to say, 
virtually daily contact with staff on that committee on various 
topics that the committee is looking at.
    Chairman Stevens. Yes, I know. That is a very capable 
committee staff and I have real confidence in them in terms of 
the substance of the matter. But I am not sure they are 
addressing what we are addressing, and that is the financing of 
action that is necessary to prevent the collision that many of 
us think is going to happen and to prevent some of the 
individual suffering that is going to take place if it does.
    We have not gotten into that yet. But I keep reading books 
that talk about how many boxes of matches, bottles of water, 
and cans of food I should have in the basement of my home in 
Alaska. While I am still not confident that I should have that, 
I wonder sometimes if those people who are ringing those bells 
ought to be listened to a little bit.
    I asked the question of the President's Council as to 
whether any Federal agencies are listening to that warning and 
laying in additional supplies and taking on the subject of what 
additionally will they need in the event of a crisis. I have 
not seen anything like that.
    Have you all addressed that? Suppose we do have a crisis. 
What should Federal agencies have available to deal with that 
in terms of the potential shut-down of some of these systems?
    Mr. Brock. There is, for example, the work we are doing for 
Senator Bennett on the banking system. We are looking at the 
contingency plans of the Federal Reserve system. Their plans 
are detailed to the point of already reserving hotel rooms at 
hotels, having emergency food supplies available within their 
offices, flashlights, batteries, generators, other personal 
supplies. So some agencies that have truly vital activities to 
carry out, such as the Federal Reserve, are thinking about 
that.
    I am not sure that this thinking extends as much as we 
might like to other agencies.
    Chairman Stevens. Should we ask you to put out guidelines 
for the potential Y2K crisis for the weekend of December 31, 
1999?
    I don't want to be the one looking under beds, but I think 
someone ought to be thinking about what should these agencies 
have on board if this thing does not work.
    Mr. Walker. I think we do, Mr. Chairman, need to look to 
provide some guidelines here. We need some more information. We 
need to have the President's Council respond to some of our 
recommendations first.
    But yes, I do think it is something we ought to do.
    Second, I think in March of this year we should be in a 
much better position to provide some meaningful input to the 
committee on the appropriations issue and for a couple of 
reasons. Number 1, hopefully there will be substantial progress 
on the national assessment and the result of that national 
assessment. Second, as I mentioned before, March 31 is the 
target date for completing all this testing. So, therefore, 
even earlier in March we ought to have a good sense as to where 
things stand and to what extent is the money going to be 
adequate at that point in time.
    So I would say that March would probably be a good time for 
us to get back to you to try to give you at least our best 
estimate at that point in time of what the situation is. And if 
we can do it before, we will do so.
    Chairman Stevens. We may have some questions from members 
that we will send you for the record, gentlemen.
    I am still, in my own mind, worried about people who live 
in apartments in major cities, as well as those people who live 
in very rural areas, such as in my State, in terms of what the 
government should be doing, should be telling them if all of 
these books and everything are correct.
    I noted one suggestion the other day which was not to try 
to rely on credit cards over that weekend. Now ours has gotten 
to be a credit card society. That is going to be a very 
interesting thing, if people who are traveling suddenly find 
out that credit cards do not work.
    I have also heard some suggestions that it may be the 
credit cards will work but the oven and thermostat in their 
home or apartment will not. We heard some of that at our 
hearings in Alaska.
    No one has told me yet whether or not that is true. Is 
anyone in the system analyzing those? The government has those 
things on base, in all of the on-base housing, and what not. 
Will we have problems? Are you looking into that? Are there any 
problems with regard to items in the homes we are providing to 
our personnel which are not going to function because of Y2K?
    Mr. Walker. There are several things, Mr. Chairman. First, 
that is why it is important that this sector analysis be 
completed, because part of the sector analysis relates to 
critical infrastructure. It deals with things like electricity, 
water, and other types of things that are fundamental to 
everyday life, if you will, for not only the Federal Government 
but for everybody in the country.
    Chairman Stevens. Whose job is it to do that? If you travel 
as much as I do, there is a whole shelf in some airports 
devoted to Y2K books. It's enough to scare the pants off you 
and make you decide not to go back to your house but to start 
chopping wood.
    Mr. Walker. The answer is it is a shared responsibility. It 
is a cooperative effort. It is a responsibility of the Federal 
Government, the State government, the major industry groups and 
associations, as well as the enterprises that we rely upon to 
provide these services. It is a cooperative effort.
    This is an area where, as Gene Dodaro mentioned, we had 
recommended early last year that additional work be done. It is 
being done. That is the good news. The bad news is it is not 
done on as timely a basis as we would have liked and it is an 
area that we are monitoring very closely.
    The Federal Emergency Management Agency (FEMA) is working 
with its counterparts at the State and local level to try to 
look at some of these contingency planning issues as well.
    Chairman Stevens. We plan to have them up here sometime.
    I think the best thing we could do is this. You say in 
March you should have these things collated. We can have some 
idea whether or not we will have any financing problems by that 
time, right?
    Mr. Walker. We will have a better idea by March. Yes, Mr. 
Chairman.
    Chairman Stevens. I would like to have you notify the staff 
of when you think you are ready to give us that report. We 
should be starting to work, both the House and the Senate, on 
supplemental appropriations by the middle of March. I am 
confident that Chairman Young and I want to make sure that we 
address those issues at the beginning, so that we do not get 
caught short in September trying to get supplementals for 
September. This must be addressed early.
    We also look forward to having your information as to the 
potential for funds that might be needed in the next fiscal 
year. We have been talking today about this fiscal year. But I 
would hope that you would address the question of are there 
ongoing areas where financing would be needed for the next 
fiscal year.
    Mr. Walker. Not only for Y2K, Mr. Chairman, but I think 
also that ripple effect that I talked to you about before. I 
think that is something that we all have to get a better handle 
on.
    Chairman Stevens. I am confident that is going to happen. 
The question is who is going to have to pay the bill. That, 
again, was my understanding. But the President's Council said 
they have no intention of asking for any additional funding to 
assist the State and local governments. I asked a question 
about those programs, such as Food Stamps, where 50 percent of 
the costs are paid by the Federal Government and whether we 
have looked at the cost the States are going to incur and are 
we going to increase our payments.
    Have you addressed those issues at all?
    Mr. Walker. Joel?
    Mr. Willemssen. If I might speak to that, there are two 
points. We have looked at some of those State administered 
systems that also have Federal funding. By and large, we are 
very disappointed with the progress to date.
    You mentioned Food Stamps. The data that we had when we did 
our report showed that only 24 percent of those systems were 
considered compliant. That was self reported information, too.
    Regarding another key State administered system, Medicaid, 
only 16 percent of those systems were considered compliant.
    One thing to keep in mind also as we talk about costs is 
those costs, the Federal share, are not included in the current 
$7.2 billion estimate. They are separate and apart.
    Chairman Stevens. I found that out the other day. That is 
why I am saying we need to know about that. That, obviously, is 
going to be a supplemental increase.
    Mr. Willemssen. Now one thing that OMB based on our report 
for the next quarterly report that the agencies submit on 
February 12--those Federal agencies are supposed to report on 
those programs, State administered, that also have a Federal 
funding share. So, hopefully, in mid-February we will have 
additional data on where we are with those programs and what 
the funding implications are.
    Chairman Stevens. I was about ready to wind up, but I 
noticed that there was some exchange reported in the newspapers 
about the Post Office and their compliance.
    Have you been involved with the Postal Service?
    Mr. Walker. Mr. Chairman, we currently have a review 
underway of the Postal Service. As Senator Bennett mentioned 
earlier, that is particularly important, not only for the 
Postal Service in its own right and its systems, but because of 
the fact that the Postal Service is basically the primary 
contingency plan for many operations, many commercial 
operations. So that is something we have underway as well and 
on which we are working with Senator Bennett.
    Chairman Stevens. If their computers are down and they are 
delivering Christmas cards, I think we had better find out how 
that system is going to take that strain.
    Mr. Walker. I hear you, Senator.
    Chairman Stevens. Do you have a separate report on them?
    Mr. Walker. Yes, we will.
    Mr. Dodaro. Yes.
    Mr. Walker. We will have a report on that.
    Chairman Stevens. Do you have a deadline, a timeline on 
that?
    Mr. Brock. We expect to have something ready in late 
February on that.
    Chairman Stevens. So we will hear about that in March, 
then.
    Thank you very much, gentlemen. I appreciate it. I do hope 
that somehow or other we will start turning on the lights for 
the people who have jobs that must be done if the public is 
going to be able to avoid both the headache the President 
mentioned and the crisis of next year. I hope we do not have 
both of them, both the headache and the post-headache crisis 
because we are not ready, particularly with regard to Federal 
functions. Those are normally periods when the Federal 
Government sort of goes down to a very low ebb. We all know 
that. From just before Christmas to after New Year, Federal 
systems are down very low.
    This is a period of time, apparently, where the standard 
practice cannot be followed unless we are certain that these 
compliant systems have been tested and will survive that 
crisis.
    I hope that we do develop a real contingency plan for that 
area and we look to you for guidance on that if we should be 
doing anything to fund it.

                         conclusion of hearings

    Thank you very much, gentlemen. We appreciate your 
courtesy.
    Mr. Walker. Thank you, Mr. Chairman.
    [Whereupon, at 10:43 a.m., Wednesday, January 20, the 
hearings were concluded, and the committee was recessed, to 
reconvene subject to the call of the Chair.]

                                  
