[House Report 105-827]
[From the U.S. Government Publishing Office]
Union Calendar No. 469
105th Congress, 2d Session - - - - - - - - House Report 105-827
THE YEAR 2000 PROBLEM
__________
FOURTH REPORT
by the
COMMITTEE ON GOVERNMENT
REFORM AND OVERSIGHT
together with
ADDITIONAL VIEWS
October 26, 1998.--Committed to the Committee of the Whole House on the
State of the Union and ordered to be printed
COMMITTEE ON GOVERNMENT REFORM AND OVERSIGHT
DAN BURTON, Indiana, Chairman
BENJAMIN A. GILMAN, New York HENRY A. WAXMAN, California
J. DENNIS HASTERT, Illinois TOM LANTOS, California
CONSTANCE A. MORELLA, Maryland ROBERT E. WISE, Jr., West Virginia
CHRISTOPHER SHAYS, Connecticut MAJOR R. OWENS, New York
CHRISTOPHER COX, California EDOLPHUS TOWNS, New York
ILEANA ROS-LEHTINEN, Florida PAUL E. KANJORSKI, Pennsylvania
JOHN M. McHUGH, New York GARY A. CONDIT, California
STEPHEN HORN, California CAROLYN B. MALONEY, New York
JOHN L. MICA, Florida THOMAS M. BARRETT, Wisconsin
THOMAS M. DAVIS, Virginia ELEANOR HOLMES NORTON, Washington,
DAVID M. McINTOSH, Indiana DC
MARK E. SOUDER, Indiana CHAKA FATTAH, Pennsylvania
JOE SCARBOROUGH, Florida ELIJAH E. CUMMINGS, Maryland
JOHN B. SHADEGG, Arizona DENNIS J. KUCINICH, Ohio
STEVEN C. LaTOURETTE, Ohio ROD R. BLAGOJEVICH, Illinois
MARSHALL ``MARK'' SANFORD, South DANNY K. DAVIS, Illinois
Carolina JOHN F. TIERNEY, Massachusetts
JOHN E. SUNUNU, New Hampshire JIM TURNER, Texas
PETE SESSIONS, Texas THOMAS H. ALLEN, Maine
MICHAEL PAPPAS, New Jersey HAROLD E. FORD, Jr., Tennessee
VINCE SNOWBARGER, Kansas ------
BOB BARR, Georgia BERNARD SANDERS, Vermont
DAN MILLER, Florida (Independent)
RON LEWIS, Kentucky
Kevin Binger, Staff Director
Daniel R. Moll, Deputy Staff Director
David A. Kass, Deputy Counsel and Parliamentarian
Lisa Smith Arafune, Deputy Chief Clerk
Phil Schiliro, Minority Staff Director
Subcommittee on Government Management, Information, and Technology
STEPHEN HORN, California, Chairman
PETE SESSIONS, Texas DENNIS J. KUCINICH, Ohio
THOMAS M. DAVIS, Virginia PAUL E. KANJORSKI, Pennsylvania
JOE SCARBOROUGH, Florida MAJOR R. OWENS, New York
MARSHALL ``MARK'' SANFORD, South CAROLYN B. MALONEY, New York
Carolina JIM TURNER, Texas
JOHN E. SUNUNU, New Hampshire
RON LEWIS, Kentucky
Ex Officio
DAN BURTON, Indiana HENRY A. WAXMAN, California
J. Russell George, Staff Director and Chief Counsel
John L. Hynes, Professional Staff Member
Randall J. Kaplan, Professional Staff Member and Counsel
Matthew Ebert, Clerk
Mason Alinger, Staff Assistant
Brian Cohen, Minority Professional Staff Member
LETTER OF TRANSMITTAL
----------
House of Representatives,
Washington, DC, October 26, 1998.
Hon. Newt Gingrich,
Speaker of the House of Representatives,
Washington, DC.
Dear Mr. Speaker: By direction of the Committee on
Government Reform and Oversight, I submit herewith the
committee's fourth report to the 105th Congress. The
committee's report is based on a study conducted by its
Subcommittee on Government Management, Information, and
Technology.
Dan Burton,
Chairman.
C O N T E N T S
----------
Page
I. Summary of Oversight Findings and Recommendations.................1
A. Introduction.......................................... 1
B. Overview of Investigation............................. 3
C. Committee Findings.................................... 4
D. Committee Recommendations............................. 12
II. Report on the Committee's Oversight Review.......................16
A. Background............................................ 16
B. Proceedings of the Subcommittee....................... 17
1. 104th Congress................................... 17
2. February 24, 1997, Hearing....................... 18
3. March 20, 1997, Hearing.......................... 19
4. July 10, 1997, Hearing........................... 20
5. September 15, 1997, News Conference.............. 22
6. October 17, 1997, Hearing........................ 23
7. December 11, 1997, News Conference............... 23
8. February 4, 1998, Hearing........................ 24
9. March 4, 1998, News Conference................... 25
10. March 18, 1998, Hearing.......................... 27
11. June 2, 1998, News Conference.................... 29
12. June 10, 1998, Hearing........................... 30
13. June 22, 1998, Hearing........................... 31
14. August 13, 1998, Field Hearing (New York, NY).... 32
15. August 17, 1998, Field Hearing (Mesquite, TX).... 34
16. August 19, 1998, Field Hearing (New Orleans, LA). 36
17. September 1, 1998, Field Hearing (Lakewood, OH).. 38
18. September 2, 1998, Field Hearing (Indianapolis,
IN).............................................. 39
19. September 3, 1998, Field Hearing (Palatine, IL).. 41
20. September 9, 1998, News Conference............... 42
21. September 24, 1998, Hearing...................... 44
22. September 29, 1998, Hearing...................... 46
23. October 2, 1998, Hearing......................... 48
C. The Federal Level..................................... 48
1. The Federal Year 2000 Problem..................... 48
2. The Federal Leadership Role....................... 55
D. The State and Local Level............................. 60
1. The State and Local Government Year 2000 Problem.. 60
2. Basic Infrastructure: Electricity,
Telecommunications, Water........................ 66
III.Conclusions......................................................70
Appendixes
Appendix A.--Correspondence...................................... 71
Appendix B.--Subcommittee Report Cards........................... 86
Appendix C.--Executive Order..................................... 101
Appendix D.--Citizen's Check Lists............................... 104
Appendix E.--Committee Findings and Recommendations.............. 110
Views
Additional views of Hon. Stephen Horn............................ 111
Additional views of Hon. Henry A. Waxman, Hon. Dennis J.
Kucinich, Hon. Tom Lantos, Hon. Robert E. Wise, Jr., Hon. Major
R. Owens, Hon. Edolphus Towns, Hon. Paul E. Kanjorski, Hon.
Gary A. Condit, Hon. Carolyn B. Maloney, Hon. Thomas M.
Barrett, Hon. Eleanor Holmes Norton, Hon. Elijah E. Cummings,
Hon. Rod R. Blagojevich, Hon. Danny K. Davis, Hon. John F.
Tierney, Hon. Thomas H. Allen, and Hon. Harold E. Ford, Jr..... 112
Union Calendar No. 469
105th Congress Report
HOUSE OF REPRESENTATIVES
2d Session 105-827
_______________________________________________________________________
THE YEAR 2000 PROBLEM
_______
October 26, 1998.--Committed to the Committee of the Whole House on the
State of the Union and ordered to be printed
_______________________________________________________________________
Mr. Burton of Indiana, from the Committee on Government Reform and
Oversight, submitted the following
F O U R T H R E P O R T
On October 8, 1998, the Committee on Government Reform and
Oversight approved and adopted a report entitled, ``The Year
2000 Problem.'' The chairman was directed to transmit a copy to
the Speaker of the House.
I. Summary of Oversight Findings and Recommendations
A. INTRODUCTION
The Committee on Government Reform and Oversight (the
``committee'') has primary legislative and oversight
jurisdiction with respect to the ``overall economy, efficiency
and management of Government operations and activities,
including Federal procurement.'' \1\ In addition:
---------------------------------------------------------------------------
\1\ Rules of the House of Representatives, 105th Congress, X,
1(g)(6).
[T]he Committee on Government Reform and Oversight
may at any time conduct investigations of any matter
without regard to the provisions . . . conferring
jurisdiction over such matter upon another standing
committee. The committee's findings and recommendations
in any such investigation shall be made available to
the other standing committee or committees having
jurisdiction over the matter involved.\2\
---------------------------------------------------------------------------
\2\ Rules of the House of Representatives, 105th Congress, X,
4(c)(2).
Pursuant to this authority, the Subcommittee on Government
Management, Information, and Technology (the ``subcommittee'')
convened an oversight hearing on April 16, 1996 to examine
whether computers throughout the Federal Government, the United
States, and the world would be able to handle the transition
from the year 1999 to the year 2000. The subcommittee has
continued this investigation throughout the 105th Congress.
The potential problem, known as the Year 2000 problem or
Y2K, is simple: In the 1960s, when large computers had very
little storage space, programmers saved computer memory by
using two digits instead of four digits to represent a calendar
year--for example, 1966 became ``66.'' This method functions
well until computers confront the year 2000, which will appear
as ``00.'' Unless corrected, computers will not know if ``00''
means the year 1900 or the year 2000. If computers and
microchips around the globe are unable to recognize this date,
they could generate corrupted data, suffer malfunction, or even
shut down entirely.
For Federal computers, this could affect everything from
Social Security and Veterans' benefit payments to missile
maintenance systems, from the Federal Aviation Administration
to the Internal Revenue Service. There are at least 7,000
mission critical computer systems (those systems essential to
the performance of important governmental functions) in the
executive branch of the Federal Government.
It is now clear that a large number of Federal computer
systems simply will not be prepared for January 1, 2000. At the
same time, the utilities industry, the financial services
industry, the telecommunications industry, vital modes of
transportation, and other indispensable industrial sectors are
all at risk.
The problem lies not just with software in mainframe
computer systems, but with embedded microchips as well. These
chips serve as the brains of devices from elevators to security
systems to automated manufacturing equipment. There may be as
many as 25 billion microchips in use around the world. Seven
billion microchips were shipped across the globe in 1997. It is
estimated that between 2 and 5 percent of all microchips have
the date problem.\3\ This sounds like a tiny fraction, but it
is a tiny fraction of a huge number. Furthermore, embedded
chips by definition are hard to find and hard to test for Year
2000 compliance.
---------------------------------------------------------------------------
\3\ See ``Year 2000 Risks: What are the Consequences of Information
Technology Failure?,'' Mar. 20, 1997 (testimony of Ann Coffou, Giga
Group).
---------------------------------------------------------------------------
The Year 2000 problem could result in a stunning array of
technological failures. Air traffic could be delayed or even
grounded; telephone service could be interrupted; breakdowns in
the production and distribution of electricity could bring
widespread power failures; automatic teller machines might
malfunction; traffic lights could stop working; timeclocks at
factories might malfunction. Government payments, including
checks from the Internal Revenue Service, the Treasury, and the
Veterans Benefits Administration, could be interrupted;
military technology, including the Global Positioning Satellite
System, could malfunction. Closer to home, devices with a
timing function, including microwave ovens, personal computers,
video cassette recorders, and climate control systems could all
falter or even shut down entirely.
Some early failures have already occurred. According to one
survey, more than 40 percent of companies in the United States
already have encountered Year 2000-related system failures. In
1995, for example, computers at the Unum Life Insurance Co.
automatically deleted 700 records from a database that tracks
the licensing status of brokers when a computer program
interpreted some of the ``00'' expiration dates as 1900. More
dramatically, when Phillips Petroleum ran a Year 2000 test on
an oil rig in the North Sea, a safety system that detects
emissions of deadly hydrogen sulfide gas stopped working. When
the Chrysler Corp. turned clocks forward at one of its assembly
plants in 1997 to simulate the date change, the security system
failed, preventing people from leaving the building. In a
similar exercise by NORAD personnel in 1993, the result was
total system blackout.\4\
---------------------------------------------------------------------------
\4\ Fred Kaplan, ``Military on Year 2000 Alert,'' Boston Globe,
June 21, 1998.
---------------------------------------------------------------------------
Failures such as these may be the tip of the iceberg.
Solving the problem, however, is an expensive process. In 1996,
the Gartner Group estimated that the worldwide cost of Year
2000 repairs would reach $600 billion, with half of that going
to repairs in the United States, and $30 billion to the Federal
Government. The Office of Management and Budget has insisted
the Federal cost would be much lower, but has repeatedly raised
its own estimate. Beginning with $2.3 billion in 1997, OMB's
estimate swelled to $5.4 billion as of August 15, 1998
(although the 24 largest departments and agencies were asking
for $6.3 billion at that time). Subcommittee Chairman Stephen
Horn has long argued that the executive branch should be
prepared for costs to exceed $10 billion. In the private
sector, General Motors expects to spend $565 million, Citicorp
estimates its costs at $600 million, and MCI at $400 million.
The Federal Government must be sure that the most important
systems at the key Federal agencies are revamped before January
1, 2000. Similar action needs to be taken by nations around the
globe. By failing to address the Year 2000 problem, the United
States could suffer severe disruptions in the delivery of
essential governmental and private industry services. It has
been suggested that this could even precipitate an economic
recession.\5\
---------------------------------------------------------------------------
\5\ See, for example, ``Year 2000 Recession? `Prepare for the
worst. Hope for the best.' '' By Dr. Edward Yardeni, chief economist,
Deutsche Morgan Grenfell, New York.
---------------------------------------------------------------------------
B. OVERVIEW OF INVESTIGATION
The subcommittee has worked to build an understanding and
awareness of the Year 2000 problem and the remedial actions
that must be taken by organizations everywhere. The
subcommittee has provided oversight of government and industry
efforts by conducting a series of hearings to explore the
problem.\6\ The subcommittee has also issued report cards
grading the progress (or lack of progress) Federal agencies are
making toward Year 2000 compliance.\7\
---------------------------------------------------------------------------
\6\ The subcommittee and committee have been joined by many other
committees in the House of Representatives. Combined, committees of the
House (and their subcommittees) have conducted more than 40 hearings on
Y2K. These include the Committees on Agriculture, Appropriations,
Banking, Education and the Workforce, Resources, Science, Small
Business, Transportation and Infrastructure, Veterans' Affairs, and
Ways and Means.
\7\ The minority staff did not participate in preparing these
report cards.
---------------------------------------------------------------------------
One important objective has been to inspire action by the
President. As Chief Executive, the President must play an
active leadership role in moving the Nation forward on the Year
2000 problem. In July 1997, the chairman and ranking member of
the subcommittee, together with the chairwoman and ranking
member of the Technology Subcommittee of the House Committee on
Science, formally asked the President to use the ``bully
pulpit,'' as Theodore Roosevelt called it, to explain the
problem to the American people. They also recommended that he
appoint a senior administration official as coordinator for the
national Year 2000 effort.\8\
---------------------------------------------------------------------------
\8\ See Appendix A.
---------------------------------------------------------------------------
The President has still not implemented the first
recommendation: to explain the Year 2000 problem to the
American people. In July 1998, he addressed some of the members
of the National Academy of Sciences. That is preaching to the
choir. He has been urged to speak in a ``fireside chat''
environment, similar to the approach of President Franklin D.
Roosevelt in the 1930s. The appointment of a full-time
coordinator to pull together the pieces of the administration's
effort took place in February 1998, when he designated John
Koskinen, a retired Office of Management and Budget official,
as Assistant to the President. Mr. Koskinen did not take office
until March 1998.\9\
---------------------------------------------------------------------------
\9\ This was part of Executive Order 13073, ``Year 2000
Conversion,'' which was issued on Feb. 4, 1998. See Appendix C.
---------------------------------------------------------------------------
Despite this belated step in the right direction, many
Federal agencies are simply not moving quickly enough to be
Year 2000 compliant by January 1, 2000. As noted above, the
subcommittee has prodded executive branch agencies to action by
grading them on their Year 2000 efforts. The grades are based
on an analysis of the quarterly reports from the agencies
themselves as well as follow-up investigative work by the staff
of the subcommittee and the General Accounting Office, the
fiscal and program auditors for the legislative branch. Each
report card has revealed a disturbing lack of progress within
the executive branch. Overall, the administration has received
a grade of ``F'' and ``D'' in the last two quarters.
The subcommittee has concentrated not just on Federal
computer systems and the effect their failure would have on the
delivery of services, but also on the leadership role that the
Government plays throughout society. For example, the
Securities and Exchange Commission and the Federal
Communications Commission have important oversight and
leadership functions in segments of the private sector. At a
higher level, the President can voice priorities for society as
a whole. Oversight of this leadership element of the Federal
Year 2000 effort is central to the subcommittee's investigation
and to this report.
C. COMMITTEE FINDINGS
Based on the investigation and oversight hearings conducted
by the Subcommittee on Government Management, Information, and
Technology, the committee finds as follows:
1. The Federal Government is not on track to complete necessary Year
2000 preparations before January 1, 2000
The most recent data on Federal executive branch
preparations were released for the quarter ending August 15,
1998. There are approximately 7,300 mission critical systems in
the executive branch of the Federal Government. As of August
15th, only 50 percent of these systems were Year 2000
compliant. At the current rate of progress, the percentage
compliant would climb only to 66 percent by March 1999, the
President's deadline to fix noncompliant systems and still have
enough time to test and implement the systems.
The committee is deeply concerned that approximately one-
third of all Federal mission critical systems will not be
compliant by March 1999, only 9 months before January 1, 2000,
and only 6 months from the beginning of the Federal
Government's new fiscal year on October 1, 1999. This is
troubling in part because once these systems are ``compliant,''
they need to be put back into operation, their compliance must
be verified by an independent party, and they must be put
through a rigorous end-to-end testing process that ensures
coordination among multiple systems. Testing and verification
can take at least 9 months, and often requires even more time
than that.
Several additional factors raise concerns about Federal
Year 2000 preparations. One is that the focus has been almost
exclusively on mission critical systems. The problem is that
mission critical systems are only a small percentage of the
total number of Federal computer systems. Many of these
secondary systems are important even if not mission critical.
It is unwise to ignore their Year 2000 compliance. A second
concern is that many agencies are planning to replace rather
than repair some of their noncompliant computer systems. This
is a high-risk strategy. Experience shows that the Government
does not put new computer systems in place on schedule.\10\
This time, the executive branch faces a deadline that cannot be
extended.
---------------------------------------------------------------------------
\10\ This is equally true of large computer projects at
nongovernmental organizations. One witness before the subcommittee
cited statistics showing that about 80 percent of computer projects
costing over $5 million fail. See ``Year 2000: Biggest Problems and
Proposed Solutions,'' June 22, 1998, original transcript, p. 85
(testimony of Tom McCabe, Sr., chairman, McCabe & Associates).
---------------------------------------------------------------------------
A crucial component of Year 2000 remediation is the
exchange of data between organizations. Fixing internal systems
simply is not enough. Federal agencies have data exchange
partners throughout society--including other Federal agencies,
State and local governments, and private and non-profit
organizations. These data exchanges must be tested through
cooperative effort. Current indications are that the Federal
agencies lag badly in this area.
The August 15, 1998 quarterly reports were the primary
basis for the subcommittee's September 9, 1998 report card.
Overall, the executive branch of the Federal Government earned
a `D.' This was only a modest improvement from the `F' earned
on the June report card. Several specific agency grades were
especially troubling. The Department of Justice and the
Department of Education each went from a `D' in June to an `F'
in September. The Department of Defense earned a `D' and simply
is not on track to complete Year 2000 compliance efforts before
January 1, 2000. The committee is encouraged, however, by the
strong leadership demonstrated recently by Defense Secretary
Cohen and Deputy Secretary Hamre. They are making the Year 2000
problem a top priority, and the importance of this kind of
executive leadership is the key to success. But, the leadership
must develop an organization that can do the job. Defense has
lost several top people from its Year 2000 project.
The Department of Transportation merited a `D.' The Federal
Aviation Administration is part of this grade. The Nation's air
traffic could face serious disruptions for an extended period
after December 31, 1999 if the FAA's Year 2000 repairs are not
done on time. The Department of Health and Human Services
earned an `F' for the second quarter in a row, as did the
Department of Energy.
Many people in the Federal Government are working hard on
the Year 2000 problem. Progress is being made--but it is not
being made fast enough. The Government must be the leader,
setting an example for the Nation.
2. Some State and local governments are lagging in Year 2000 repairs
and in many cases lack reliable information on their Year 2000
status
While the data on Federal systems reflects a somewhat
gloomy picture, at least overall data exist. The same cannot be
said for the status of State and local entities. Subcommittee
hearings found that there is limited aggregated data for Year
2000 activity at the State and local levels.
From the data that are available, States and cities are at
varying degrees of readiness. Many smaller municipalities are
stuck in the awareness stage--still trying to understand the
problem. Large cities have made more progress in converting
their systems but have not fully assessed embedded systems,
identified exchange partners, or developed contingency plans.
Also, some States and larger cities are concentrating on
outreach efforts with institutions (universities, private
entities), while many smaller governments are left to struggle
on their own.
A July 1998 survey found that about one-third of the States
had reported that 50 percent or more of their mission critical
computer systems had been assessed, remediated, and tested.
This survey was conducted by the National Association of State
Information Resource Executives.\11\ A survey by Public
Technology Inc. and the International City/County Management
Association in late 1997 found that approximately 3,200 of
3,673 cities, ranging in population from 2,500 to more than 1
million, were lagging in their Year 2000 efforts.\12\
---------------------------------------------------------------------------
\11\ See ``Oversight of the Year 2000 Problem: Lessons to be
Learned from State and Local Experiences,'' Aug. 17, 1998, original
transcript, p. 21 (testimony of Joel Willemssen, Director, Information
Resources Management, Accounting and Information Management Division,
U.S. General Accounting Office).
\12\ See ``The Status of the District of Columbia's Year 2000
Compliance Effort,'' Oct. 2, 1998, prepared testimony of Jack Brock,
U.S. General Accounting Office.
---------------------------------------------------------------------------
3. The Year 2000 status of basic infrastructure services, including
electricity, telecommunications, and water, is largely unknown
No one knows the overall extent of our Nationwide
vulnerability to Year 2000 risks, or the extent of our
readiness. No assessment across private and public sectors has
been undertaken. The President, through his Council on the Year
2000 Conversion, should conduct a broad assessment of the
Nation's Year 2000 readiness, identifying and assessing the
risks to the Nation's key economic sectors. This should include
risks posed by international linkages and by the failure of
critical infrastructure components.
The President's Council on the Year 2000 Conversion, headed
by Assistant to the President John Koskinen, has established
over 20 working groups to focus on distinct sectors of society.
The working groups are organized according to important
sectors: buildings/real estate, consumer products, defense,
education, energy, environment, finance/banking, food supply,
health care, other industry, information technology, insurance,
international, public benefits, science and technology, small
business, social service, state and local services, taxes,
telecommunications, transportation, and worker protection
(human resources).
The President's Council has released very little
information about these groups and what they are doing. In any
case, they are currently not playing a leadership role in
setting out a national strategy for dealing with the most
urgent and universal aspect of the problem: power,
telecommunications, water, and other essential infrastructure.
Inadequate attention to the Year 2000 problem by electrical
utilities is seen as the cause for ``potentially major
catastrophes,'' writes a representative of large electrical
users.\13\ Major industrial power users are ``concerned'' and
``dismayed'' that ``electrical utilities lag behind other
industries'' in preparing their computers for the next
millennium. The lack of action in the past is most likely to
lead to very high costs when the Y2K problem is dealt with on
an emergency basis. Public utility commissions in the States
must exercise oversight over utilities in their States to
ensure that action is taken. The public, State and local
governments, Federal department, and agencies, Congress, and
private organizations must be kept informed as to how critical
sectors are progressing. If progress is not made on a steady
basis, this might lead to a last-minute panic in hiring those
workers who can make the repairs on time. That unplanned effort
will lead to higher human resources costs.
---------------------------------------------------------------------------
\13\ John A. Anderson, Electricity Consumers Resource Council,
Elcon Report, No. 3, 1998, p. 3.
---------------------------------------------------------------------------
4. Embedded microchips are difficult to find, difficult to test, and
can lead to unforeseen failures
Although initially the Year 2000 problem was understood
mainly in terms of software-operating systems, databases, and
other programs, the vulnerability of embedded chips has been
widely publicized. There are between 25 and 40 billion such
chips in use around the world. Many of them are hard to access,
encased in products or equipment. Some are simply invisible:
the owners and operators of the equipment do not know that it
depends on embedded chips, or at least do not know which
functions depend on the chips.
Organizations addressing the Year 2000 problem generally
understand the embedded chip aspect and are working diligently
on it. Based on subcommittee hearings and investigation,
however, it appears that the sheer number and relative
inaccessibility of embedded chips will overwhelm these efforts.
The result will be failure--often unforeseen. One witness
before the subcommittee, an expert in embedded chips, stated:
``Fewer than 10 percent of the enterprises in the world have
begun serious embedded systems testing . . . [E]very
microprocessor-based embedded system and equipment item must be
individually tested to be sure of its Year 2000 status. There
is insufficient time and trained resources to assess every
microprocessor-based embedded system and equipment item in the
United States, much less the world.'' \14\
---------------------------------------------------------------------------
\14\ ``Oversight of the Year 2000 Problem: Lessons to be Learned
from State and Local Experiences,'' Sept. 3, 1998, pp. 68-69 (testimony
of David Hall, Senior Engineer, CARA Corp.).
---------------------------------------------------------------------------
The Office of Management and Budget conceded the
seriousness of the embedded chip problem when Deputy Director
for Management Edward DeSeve observed that ``this is the great
unknown about the Year 2000 problem . . . At this point, it
appears that any large piece of machinery could have an
embedded chip problem.'' \15\
---------------------------------------------------------------------------
\15\ DeSeve, ``Year 2000: Biggest Problems and Proposed
Solutions,'' June 22, 1998, original transcript p. 10.
---------------------------------------------------------------------------
5. Strong leadership from senior management is necessary to address the
Year 2000 problem
The key to success is support from senior level management.
Awareness of the Year 2000 problem among the technology experts
at an organization is meaningless if those experts do not have
the backing and direction of senior management. Year 2000
repairs deliver no new benefit to an organization. Management
tends to see the repairs as a burden to be delayed for as long
as possible. This is in part because of the persistent belief
that someone will invent a silver bullet to fix the problem.
Unfortunately, there is no silver bullet. Instead, management
must bite the bullet--devoting considerable resources to the
repair effort. Inevitably, this means taking support away from
other projects. Senior management must make hard choices, but
the process begins with recognizing there is a problem and, if
it is to be solved, organized action must occur in a timely
way.
For too long, Federal management has been in denial about
the Year 2000 problem. In the Department of Transportation, for
example, the Federal Highway Administration first learned of
the Year 2000 problem in the late 1980s. That agency began
working on repairs. But the fact that other Department of
Transportation computers were vulnerable to Year 2000 failure--
including such crucial systems as air traffic control at the
Federal Aviation Administration--was neither accepted nor acted
upon anywhere else in the Department. This denial at the
management level continued until 1997, when the Department's
Chief Information Officer admitted he had never heard of the
Year 2000 problem until late in 1996.\16\
---------------------------------------------------------------------------
\16\ ``I didn't even know there was such a thing as a year 2000
problem until August (1996) when I became the Acting CIO.'' Michael
Huerta, Associate Deputy Secretary, Acting Chief Information Officer,
Department of Transportation, ``Will Federal Computers Be Ready for the
Year 2000?'' Feb. 24, 1997, p. 100.
---------------------------------------------------------------------------
The General Accounting Office emphasized the importance of
strong management in the context of the Federal Year 2000
effort at a subcommittee hearing in 1997: ``Whether agencies
succeed or fail will be largely influenced by the quality of
executive leadership and program management. Executive
leadership sets the tone; program management makes it happen.
It will be imperative for top agency management, including the
agency head . . . to not only be fully aware of the importance
of this undertaking, but to communicate this awareness and
urgency to all agency personnel in such a way that everyone
understands why year 2000 compliance is so important.'' \17\
---------------------------------------------------------------------------
\17\ Joel Willemssen, Director, Information Resources Management,
Accounting and Information Management Division, U.S. General Accounting
Office, ``Will Federal Computers Be Ready For The Year 2000?'' Feb. 24,
1997, pp. 12-13.
---------------------------------------------------------------------------
6. Organizations are dependent on the Year 2000 preparedness of their
data exchange partners
The constant exchange of data between all types of
organizations makes each organization dependent on the Year
2000 preparedness of its data exchange partners. Federal
agencies and State governments use thousands of electronic data
exchanges to communicate with each other and other entities.
Much work remains to ensure that Federal and State data
exchanges will be Year 2000 compliant. As of August 1998, over
half of the Federal agencies reported that they have not
finished assessing their data exchanges. Furthermore, only two
agencies had completely identified and reached agreements with
all of their data exchange partners. They were the National
Science Foundation and the Nuclear Regulatory Commission.
One witness before the subcommittee illustrated the
extraordinary level of connectivity between organizations and
therefore the shared nature of the Year 2000 problem by
describing a routine international transaction between a buyer
and seller: ``[Y]ou have two port authorities, maybe a
railroad, you have a couple of trucking companies, two banks,
an insurance company, warehousing facilities . . .'' And then
there is the transactional side: ``[T]he flow of paper, the
purchase orders, the releases, the shipping documents, the
money, the customs inspections. All of this is done
electronically.''\18\
---------------------------------------------------------------------------
\18\ Testimony of Dennis Grabow, president, Millennium Corp., June
22, 1998, original transcript pp. 86-87.
---------------------------------------------------------------------------
One witness before the subcommittee articulated the
importance of data exchanges this way: ``Fixing internal
systems is but one leg of a multi-legged stool. It is one thing
to be able to say that all our systems are millennium ready, it
is a whole other thing to be able to say that after their
conversion, they still have the ability to talk to one
another.'' \19\ This witness, who spoke from the perspective of
the health care industry, spoke in disturbing terms about the
Year 2000 readiness of data exchanges in that field. ``[T]he
billing and collection function for services rendered in health
care is one of the most complex processes in our industry . . .
. I believe there is a very high probability of failures at
this billing and reimbursement interface.'' \20\
---------------------------------------------------------------------------
\19\ Dr. C. Martin Harris, chief information officer, the Cleveland
Clinic Foundation, testifying at ``Oversight of the Year 2000 Problem:
Lessons to be Learned from State and Local Experiences,'' Sept. 1,
1998, original transcript, p. 87.
\20\ Ibid. p. 84.
---------------------------------------------------------------------------
7. Data exchanges, testing, and contingency planning have received far
too little attention
Based on hearings and analysis of agency quarterly reports,
the committee found that many organizations are focusing solely
on fixing their own computer systems, paying little or no
attention to their data exchanges with other organizations, the
need to thoroughly test their systems once repairs are
completed, and the need for contingency planning even if the
repairs are on schedule.
Organizations must ensure that their systems can reliably
exchange data with other systems and that they are protected
from errors that can be introduced by external systems. To
achieve this goal, agencies must perform end-to-end testing for
their critical core business processes. The purpose of end-to-
end testing is to verify that a defined set of interrelated
systems--which collectively support an essential function--work
as intended. In the Federal Government, agencies that
administer benefits payment programs exchange data with the
Department of the Treasury which, in turn, interfaces with
various financial institutions to ensure that benefits checks
are issued.
In the process of preparing for the year 2000, many systems
in the end-to-end chain will have been modified or replaced.
This makes testing more complicated but also more important. It
makes it more difficult to isolate, identify, and correct
problems. Organizations must therefore begin working with their
data exchange partners as soon as possible to conduct end-to-
end tests.
Business continuity and contingency plans should be
formulated to respond to both predictable and unpredictable
failures. Predictable failures include systems where
renovations are already far behind schedule. Unpredictable or
unforeseen failures include systems that fail despite having
been on schedule for compliance before January 1, 2000 or even
having been certified as Year 2000 compliant. Organizations
that develop contingency plans only for systems currently
behind schedule are not addressing the need to ensure the
continuity of even a minimal level of core business operability
in the event of unforeseen failures.
Moreover, contingency plans cannot focus solely on internal
systems. Most organizations depend on data provided by business
partners, as well as services provided by the public
infrastructure (power, telecommunications, transportation,
water, et cetera). One weak link anywhere in the chain of
critical dependencies can cause major disruptions to business
operations. Given these interdependencies, it is imperative
that contingency plans be developed for all critical core
business processes and supporting systems, regardless of
whether these systems are owned by the organization. Further,
those program managers responsible for core business processes
should take a leading role in developing business continuity
and contingency plans because they best understand their
business processes and how problems can be resolved.
8. Fear of legal liability has made some organizations reluctant to
share the Year 2000 status of their products and internal
systems with other businesses and data exchange partners
Although the Year 2000 computer problem is complex and
technological, the key to solving it is committed management.
Organizations should share information in order to identify
obstacles and master solutions as quickly as possible. Sharing
information among individuals, workers, and firms is critical
to resolving the Year 2000 problem. Sharing information without
the fear of lawsuits will expedite Year 2000 problem resolution
by the private and government sectors. A potential barrier to
information sharing, however, is the fear that any disclosure
of information related to the Year 2000 problem could increase
an organization's risk of being sued.\21\
---------------------------------------------------------------------------
\21\ Some legal experts have contended that disclosure--even of bad
news--will not increase an organization's liability.
---------------------------------------------------------------------------
Companies are afraid, for example, that if they disclose
the Year 2000 compliance of their own products and there turns
out to be errors in this information, they could lose in court.
The same applies to disclosure of a company's own
administrative Year 2000 progress, as well as the test results
of other companies' products. The result is that companies are
not holding candid--and crucial--conversations with their
suppliers, vendors, and others. Companies must be able to
engage in these communications without fear that their
statements could be used as an admission of liability in court
unless they were made recklessly or with the intent to deceive.
Several Year 2000 lawsuits have already been filed,
although none pertains specifically to information disclosure.
In one recent example, some owners of the financial software
called Quicken, which is made by Intuit Inc. of Cupertino, CA,
filed a class action lawsuit against Intuit. The complaint was
that Intuit was unfairly forcing customers either to upgrade to
Quicken 98 at a cost of $20 to $40 or to experience the
consequences of Year 2000 defects in their software.\22\
Potential Year 2000 liability claims include fraud, breach of
warranty, liability, personal injury, and shareholder actions
against company directors for failing to prepare for the Year
2000.
---------------------------------------------------------------------------
\22\ See ``Software Makers Win a Round in Year 2000 Court Fight,''
the New York Times, Sept. 7, 1998, p. C2.
---------------------------------------------------------------------------
9. Resource problems center around hiring and retaining skilled workers
and attaining the needed funding to perform the Year 2000 fixes
The No. 1 challenge faced by those with Year 2000 problems
is finding the right people to perform the fix. People with
skills to fix Year 2000 problems are found working within the
computer and data processing industry. Their skills are in
great demand throughout America.
Demand has increased rapidly for high tech workers and this
is expected to continue well into the next century. According
to the Bureau of Labor Statistics [BLS], there are over 1.2
million computer and data processing services workers today
with 2.5 million expected by 2006. Rarely, in history, have we
seen such sustained rapid job growth within an industrial
sector.
Thus employment in the computer and data processing
services industry will increase by over 100 percent between
1996 and 2006. BLS finds that ``Computer scientists, computer
engineers, and systems analysts are expected to be the three
fastest growing occupations through the year 2006. Employment
of computing professionals is expected to increase much faster
than average as technologies, making for plentiful job
openings.''
A growing list of high tech service providers are not
taking on any more Y2K work as they are already booked up
through January 2000. The bottom line is that there will be a
Y2K personnel shortage as we enter the home stretch toward the
new millennium. Over 100,000 new high tech workers must be
trained each year for new jobs and this does not count
replacements--projected to be as many as 60,000--for workers
moving up to management position or out.
Starting salaries for computer professionals are among the
highest in America. Hardware design and development college
graduates accepted offers that averaged $41,237 in 1997. New
Ph.D. computer engineers earned $63,367. And men and women with
special computer skills and experience may earn $200,000 or
more in the private sector. Thus the demand for Year 2000
workers has raised the level of their salaries and benefits. No
downturn is projected through at least 2006.
Federal officials have expressed serious concerns about
their ability to hire and retain skilled workers to perform the
Year 2000 fixes. Many stated that it is difficult to compete
with the private sector salaries and benefits.
State and local government witnesses noted that hiring
skilled people is more difficult because of private sector
competition. Officials from local communities expressed concern
because many of the senior level officials such as city council
members are still unaware of the magnitude of the problem. As a
result, smaller cities have not provided the staff or funding
needed to adequately undertake Year 2000 preparations.
A representative from the city of Chicago reported: ``We
particularly are having trouble finding skilled workers.'' She
went on to note: ``We have chosen to privatize almost the whole
year 2000 project, for a couple of reasons. One is our
attrition is up near 20 percent and we are constantly seeing
people turn out of our technology department.'' \23\
---------------------------------------------------------------------------
\23\ Ms. Beth Boatman, chief information officer, City of Chicago,
testifying at ``Oversight of the Year 2000 Problem: Lessons to be
Learned from State and Local Experiences,'' Sept. 3, 1998, original
transcript, p. 57.
---------------------------------------------------------------------------
D. COMMITTEE RECOMMENDATIONS
1. The President and the executive branch of the U.S. Government must
approach the Year 2000 problem with greater urgency
Executive leadership is the key to rectifying the Year 2000
problem. Senior executive management--in Federal agencies,
other levels of government, and for-profit and non-profit
organizations throughout society--must make Year 2000 efforts a
priority. This involves accepting the responsibility, freeing
up the necessary resources, and insisting on a timeline for
finishing the job before January 1, 2000. This is especially
true for the Federal Government. The Federal Government is
uniquely positioned to publicize the Year 2000 crisis as a
national priority and to take a leadership role. The President
is the elected leader of the Nation. All efforts to combat the
Year 2000 problem take their cue from the top.
The current evidence points to considerable Year 2000
failure unless the rate of progress throughout society improves
considerably. In too many sectors, there is simply no reliable
information about Year 2000 vulnerability. We cannot head into
the new millennium unprepared. It is time for the President to
declare that the Year 2000 problem is a National Priority. If
sufficient progress is not made by an intermediate deadline, he
may even need to escalate the Year 2000 problem to a National
Emergency.
The point of calling for such urgency is not to trigger
panic, but in fact to avoid panic. If this problem does not
receive the attention it demands during the next 6 to 9 months,
and if we allow the date change to approach without knowing our
vulnerability, panic will be the inevitable result. The only
way to avoid this is to act now. The President must sound the
alarm and address to the Nation now in order to avoid panic
later.
2. Public and private organizations as well as Federal, State, and
local governments must all work in partnership to prepare for
the Year 2000 date change
America needs a national Year 2000 Conversion strategy. As
the year 2000 approaches, anxiety will increase throughout
society. One major aggravation to this anxiety, which could
cause more problems than the technology failure itself, is lack
of information. It is imperative that citizens have as much
information as possible. This includes information that can
help individuals, families, and organizations prepare for the
year 2000. This also includes information on how others are
preparing: the Federal Government, State and local governments,
telephone companies, utility companies, schools, banks, and so
on. It also includes information on all kinds of products, from
complex medical equipment to microwave ovens. Making this type
of information available will have the double benefit of
preparing citizens and pressuring organizations to complete
their Year 2000 fixes on time.
Along with Congress, State, and local representatives, the
President must work in partnership with private companies and
associations to define a Year 2000 action plan and make this
information available. In addition to specific action items, a
minimal strategy should include goals, objectives, benchmarks,
and performance measures. Most Federal departments and agencies
have a Year 2000 strategy and are well on their way to
satisfying requirements. The private sector has a much broader
range of effort. Some have just begun their effort. Others are
nearing completion.
At the current time, the most logical mechanism for
establishing a Year 2000 strategy to coordinate efforts, share
information, and alert citizens to the status of Year 2000
preparations is the President's Council on the Year 2000
Conversion. It is headed by Assistant to the President John
Koskinen. As noted above, this Council has already established
a number of working groups to focus on particular sectors of
society, but these efforts seem to be taking place behind
closed doors. Openness is crucial: dissemination of information
should be a primary function of these working groups. For
example, each of these groups should establish a database of
compliant and noncompliant products as well as other
information relevant to the sector.
A coordinated, public/private effort, under the leadership
of the President, could effectively bring together the key
economic sectors to coordinate the Nation's Year 2000 efforts
and ensure that all sectors, as well as interdependencies
between sectors, are being adequately addressed, and that the
American people are fully informed as the year 2000 approaches.
3. Congress and the President should establish carefully limited
Federal liability protection for organizations that share
information in order to facilitate Year 2000 repairs
Companies that go out of their way to inform other
companies and the public of their Year 2000 status should not
be exposed to civil liability for unintentionally inaccurate
statements. Limited protection from such liability would
facilitate information sharing as the clock ticks toward
January 1, 2000. S. 2392, the ``Year 2000 Information
Disclosure Act,'' establishes a uniform standard of legal
liability to protect those who, in good faith, share
information on the Year 2000 problem and solutions to it. This
bill passed the Senate on September 28, 1998. The House of
Representatives passed the same bill by unanimous consent on
October 1, 1998.\24\
---------------------------------------------------------------------------
\24\ Although the bill had not become law by the time this report
went to press, the President was supportive of the measure and was
expected to sign it. Assistant to the President John Koskinen expressed
support for the bill, which was based on a White House proposal, when
it passed Congress: ``No one's ever confronted this kind of issue
before,'' said John Koskinen, chairman of President Clinton's Year 2000
Conversion Council. ``People have to be able to compare notes.'' See
``President Sent Bill on Year 2000,'' Associated Press, Oct. 1, 1998.
---------------------------------------------------------------------------
The key provision of the bill shields companies that make
inaccurate statements on Year 2000 issues from civil liability
unless the statements are knowingly false or negligent. The
bill also ensures that there is no threat of product defamation
from inaccurate Year 2000 statements unless they are knowingly
false or negligent. Even well-tested systems can fail,
especially in unusual situations.
The bill would not relieve companies of liability for
building bad products. It protects sharing of information, but
nothing more. The committee believes it would be
counterproductive to relieve companies of liability for
building bad products, doing sloppy work, or being careless
with the truth. But with this legislation, Congress recognized
that mistakes can be made, and that it is now more important
for organizations to share Year 2000 information than to argue
over liability. The real work must begin in earnest as time is
short. By taking the liability card off the table,
organizations can share crucial information and focus on
getting the Year 2000 job done.
4. Year 2000 problem managers should develop goals that are linked to
readiness measures
Effective oversight by Congress and the executive branch
needs to measure regular progress toward Year 2000 compliance
for both public and private sectors. Year 2000 management
should develop sector-by-sector goals. These goals should be
linked to Year 2000 readiness measures. The measures will
provide a basis for determining what is being accomplished.
The Year 2000 problem must not be allowed to spark a
national crisis. Good measures of Year 2000 readiness will be
both a technological and psychological antidote to panic. For
example, the subcommittee has measured how well the Federal
Government is meeting the Year 2000 challenge. It has developed
a report card for the critical computer systems in the
executive branch. Grades are determined by the number of Year
2000 compliant systems which are remediated by each agency
achieves.
This model should be replicated. Markers or benchmarks must
be developed for the broad spectrum of Year 2000 problems
across the country. The Year 2000 computer problem will not be
resolved unless we approach it systematically. A results-
oriented approach to Year 2000 will go a long way to moving the
United States constructively into the 21st century.
One of the most difficult jobs in any human organization is
to develop these markers, the behavioral standards, benchmarks,
the points along the way toward achieving goals. These markers
measure performance and are meant to hold people accountable
for their performance. A few State and national governments
have shown leadership here.\25\
---------------------------------------------------------------------------
\25\ The States of Oregon and Florida have developed broad policy
goals and benchmarks. New Zealand and Australia have also done this.
New Zealand, for example, uses results-oriented government for its
Central Bank (the equivalent of our Federal Reserve). If the head of
the Central Bank does not hold inflation to 2 percent, this person's
salary is cut substantially. The message is clear: ``produce or live
with the consequences.''
---------------------------------------------------------------------------
5. Citizens should demand information on Year 2000 readiness from their
State and local governments, their utility companies, and other
organizations upon which they are dependent
As noted above, there are at least two significant barriers
to effective Year 2000 remediation: (1) Management denial--the
reluctance of senior management to recognize the Year 2000
problem and make the hard choices necessary to solve it; and
(2) fear of legal liability--which can have the effect of
stifling the kind of disclosure and exchange of information
necessary to solve the problem. These barriers to serious Year
2000 efforts must be broken down. Perhaps the most effective
means of doing so is public pressure. Profitmaking
organizations respond to pressure from consumers; political
institutions respond to pressure from constituents; non-profit
organizations respond to their donors and public opinion as
well.
Furthermore, the Year 2000 problem raises the specter of
widespread panic. There has been talk of customers withdrawing
their money out of banks, stockpiling weapons, and taking other
steps that could be more dangerous than the technological
failure itself. One of the best antidotes to this panic is
information. People need to speak directly with their banks,
utility companies, and other organizations whose failure would
have drastic consequences. They need to assure themselves that
the fixes will be made. They need to know--based on direct
contact--that there is no reason to panic. They need to know
what reasonable steps should be taken to prepare as January 1,
2000 approaches. Some general advice in this area can be found
at the end of this report.
The ProFutures Financial Group stated that investors have
not been given adequate disclosure of Year 2000 issues by
public companies. In addition, the ProFutures Financial Group
stated that the Federal Reserve must start releasing the names
of banks which are behind in their compliance programs. A
consultant with Roma International stated that many vendors,
suppliers, customers are either refusing to respond to Year
2000 inquiries or are responding with vague generalities on the
advice of their legal counsels. This consultant was uncertain
whether a ``safe harbor'' bill would improve the situation.
II. Report on the Committee's Oversight Review
a. background
The Year 2000 problem first became apparent in large--and
often old--mainframe computer systems. The challenge of
preparing these systems for the new century was measured by how
many lines of computer code would need to be reviewed and
renovated. Generally, organizations scheduled their Year 2000
project around the ultimate goal of having these systems fixed,
tested, and implemented by the end of 1999. Slowly,
organizations have begun to realize that there are several
other aspects of preparing for the date change, including
embedded systems, data exchanges, and contingency planning.
Embedded systems--microprocessors embedded in devices
ranging from fax machines to elevators to assembly line
equipment--are easily overlooked. In part, this is because Year
2000 projects naturally fall to an organization's computer or
information technology group, while embedded systems are
generally under the care of those in maintenance. Another
reason is that embedded systems are hard to locate and hard to
test.
Embedded chips are a special case of the Year 2000 problem
because of the difficulties of finding them, assessing their
compliance, and renovating them. Embedded chips feed data to
process control systems, which in turn, feed data to software
applications. The embedded chips themselves may fail. The
process control logic boards may fail. And, the dependent
software may fail. Worse, an embedded chip failure may cause a
process control misunderstanding, which in turn may
purposefully cause the software application to shut the whole
system down.
Although most information technology executives and
managers have understood their interdependency on the Year 2000
status of organizations with which they share data, most have
also been slow about pursuing this aspect of the problem. One
popular solution to the date problem is called ``windowing.''
This is a shortcut that allows organizations to avoid the time
consuming and expensive process of changing all two-digit years
to four-digit years. Windowing enables the computer to
calculate the date by assuming that certain two-digit dates,
such as ``50'' to ``99,'' are from the 1900's, while others,
such as ``00'' to ``49,'' are from the 2000's. The computer
would therefore interpret ``98'' as 1998 and ``01'' as 2001.
Contingency planning is essential even if an organization
has made all of its internal systems and equipment Year 2000
compliant. The date change will inevitably involve unexpected
failures. Because there is no way to anticipate all of the
consequences, contingency planning is crucial.
Increasingly, organizations are taking into account these
different aspects of the Year 2000 problem. This is a major
step forward, but time is running short. This report is an
attempt to assess the current situation and make effective
recommendations for the next year. The committee believes that
neither assessment nor the recommendations can be made without
taking into account each aspect of the Year 2000 problem.
b. proceedings of the subcommittee
1. Proceedings during the 104th Congress (1995-1996)
On April 29, 1996, Chairman Stephen Horn and then Ranking
Minority Member Carolyn Maloney sent a joint congressional
oversight letter to the heads of each executive department and
10 additional agencies.\26\ The letter asked 13 detailed
questions intended to ascertain the status of each agency's
preparation for the year 2000.
---------------------------------------------------------------------------
\26\ See Appendix A.
---------------------------------------------------------------------------
The overall response the subcommittee received was
discouraging. Only 9 of the 24 departments and agencies
reported that they had a plan for addressing the problem. Five
of them had not even designated an official within the
organization to be responsible. Seventeen of the departments
and agencies lacked any cost estimates. Even those with partial
cost estimates could only provide projections for a limited
part of the agency. On the positive side, the Social Security
Administration had begun its Year 2000 initiatives in 1989 and
the Small Business Administration also had more advanced Year
2000 efforts.
Chairman Horn and other members of the subcommittee
released their conclusions based on the agency responses at a
July 30, 1996 news conference.\27\ To underscore their
conclusions, each of the 24 departments and agencies received a
letter grade based on the subcommittee's assessment of its
performance. Four were given ``As.'' Four were given ``Fs.''
Ten were given ``Ds.'' None of the ``Ds'' had any plan in place
for addressing the problem, or available cost estimates. The
decision to give each agency a grade was intended to emphasize
the responsibility that each individual department or agency
must take the problem seriously and quickly become effective in
addressing it.
---------------------------------------------------------------------------
\27\ See Appendix B.
---------------------------------------------------------------------------
Other major findings resulting from the April 29th
oversight letter presented at the news conference included:
1. Major departments were in the initial planning
stages of this effort.
2. Even those agencies considered leaders in this
effort, such as the Social Security Administration,
were not close to completing the inventory and solution
stages of the conversion process.
3. Only six agencies had any cost estimates on the
monetary resources needed to address the problem.
4. The Department of Defense had not yet completed
its inventory of the computer software code in need of
conversion.
5. The National Aeronautics and Space Administration
(NASA) is one of the most innovative, advanced and
computer dependent agencies in the Federal Government,
but it had not prepared a plan to solve the problem and
did not anticipate having a plan completed until March
1997.
The subcommittee held two hearings on the Year 2000 problem
during the 104th Congress. On September 27, 1996, the committee
issued a report on the problem entitled, ``Year 2000 Computer
Software Conversion: Summary of Oversight Findings and
Recommendations.'' The findings and recommendations in that
report laid the foundation for action by the subcommittee and
committee in the 105th Congress.
2. February 24, 1997, Oversight hearing: ``Will Federal Government
Computers Be Ready for the Year 2000?''
The first Year 2000 hearing of the 105th Congress drew, in
part, on agency responses to a January 14, 1997 oversight
letter requesting each of the department and agency chief
information officers to provide the subcommittee with updated
plans and activities on the Year 2000 problem within their
jurisdiction.
Chairman Horn opened the hearing with three questions for
each major agency: (1) Have you defined the size and scope of
the problem? (2) Do you know how and when the fixes will be
made? (3) Have you identified mission critical systems and set
clear priorities for action? There was grave concern that 12 of
the 14 Federal departments planned to implement their solutions
in the final 3 months of 1999, leaving no margin for error in
such a limited time for testing.
Witnesses included the following agency chief information
officers: Ms. Liza McClenaghan, Department of State; Assistant
Secretary Emmett Paige, Department of Defense; Ms. Patricia
Lattimore, Department of Labor; Mr. John J. Callahan,
Department of Health and Human Services; Associate Deputy
Secretary Michael Huerta, Department of Transportation; and Mr.
Mark D. Catlett, Department of Veterans Affairs. In addition,
Joel Willemssen, Director, Civil Agencies Information Systems,
Accounting and Information Management Division, U.S. General
Accounting Office, testified about GAO's work on the topic.
Mr. Willemssen's testimony focused on GAO's newly-released
report: ``Year 2000 Computing Crisis: An Assessment Guide.''
The purpose of the report was to provide a useful framework for
agency managers planning and implementing their Year 2000
programs. The Guide set out five phases of a Year 2000 project:
awareness, assessment, renovation, validation, and
implementation. The assessment phase includes decisions about
which systems are mission critical. The renovation phase should
involve consideration of interdependencies among systems as
well as data exchanges. Mr. Willemssen stressed the importance
of the validation--testing--phase, saying: ``In many cases,
this is going to take agencies at least a year to do, and we
generally have set aside the entire calendar year 1999, to
address most of this phase.'' \28\
---------------------------------------------------------------------------
\28\ ``Will Federal Computers Be Ready for the Year 2000?'' Feb.
24, 1997, p. 10.
---------------------------------------------------------------------------
The General Accounting Office also told the subcommittee of
a recent Year 2000 failure. The Defense Logistics Agency in
Columbus, OH, devised a 3-year contract beginning on January 1,
1997. The agency's computer system, mistakenly identifying the
ending date asJanuary 1, 1900, generated a 97-year delinquency
notice.\29\
---------------------------------------------------------------------------
\29\ Ibid., testimony of Mr. Keith Alan Rhodes, Technical Director,
Office of Chief Scientist, U.S. General Accounting Office, p. 25.
---------------------------------------------------------------------------
Ms. McClenaghan testified that the Department of State had
accurately defined the Year 2000 problems it faced. She
reported that 57 of the 85 mission-critical systems were not
Year 2000 compliant. She estimated the total cost of the Year
2000 problem for the State Department at $135.2 million. The
strategy she presented included integrating Year 2000 fixes
into a larger plan for modernization of information technology
infrastructure.
Assistant Secretary of Defense Emmett Paige testified that
the DOD was ``far down the road to completing'' the assessment
phase. He pointed to the Defense Integration Support Tools, or
DIST, as a management tool to track essential information
regarding DOD systems. He also noted that the DOD was
reprogramming resources from all areas for use in solving the
Year 2000 problem and asked that Congress reduce the drain on
resources by lowering the number of special reporting
requirements.
3. March 20, 1997, Oversight Hearing: ``Year 2000 Risks: What Are the
Consequences of Information Technology Failure?'' (held jointly
with the House Science Subcommittee on Technology)
The subcommittee's second hearing on the Year 2000 problem
in 1997 extended the focus beyond standard computer systems to
survey other affected technologies, including embedded
microprocessors. Witnesses included: Bruce Hall, Research
Director, the Gartner Group; Ann Coffou, Managing Director,
Giga Group; Vito Peraino, attorney with Hancock, Rothert &
Bunshoft; Harris Miller, President, Information Technology
Association of America.
The subcommittee learned that many critical technology
systems depend on automated devices that control their
operations. These can include security systems for badge
readers, surveillance and home security systems, medical
devices, factory machinery, and telephone systems. Furthermore,
telephone systems, video recorders, bar code readers, automatic
teller machines, factory machinery, civilian and military
avionics, process control and monitoring equipment, sprinkler
systems, and air-conditioning systems could all be at risk.
Automated devices such as these malfunction when they encounter
situations that their software is not designed to recognize.
Sometimes the malfunction means failing to perform properly.
Sometimes it means shutting down altogether. Many products
contain multiple embedded systems made by multiple
manufacturers. Testing these products for year 2000 compliance
is difficult and can be expensive.
Bruce Hall was asked to elaborate on the Gartner Group's
cost estimate for Federal Year 2000 repairs. He stressed
caution in trying to estimate cost, saying that any current
estimate would ultimately prove inaccurate because it was
necessarily based on inadequate information. He suggested that
fixing Federal computers would be like renovating an old house.
We are ``all weighing in on what we anticipate to be the cost
of remodeling this house. [But] we've yet to ascertain the
square footage. We've yet to understand even how many rooms
there are, or even how extensive the modeling job needs to be
to achieve minimum requirements.'' \30\
---------------------------------------------------------------------------
\30\ ``Year 2000 Risks: What are the Consequences of Information
Technology Failure?'' Mar. 20, 1997, p. 38.
---------------------------------------------------------------------------
Ann Coffou testified on the problems with embedded
microchips. She described Year 2000 tests of fax machines and
microwave ovens that resulted in total shutdown of the
machines. She also told of a camera with an automatic dating
feature, purchased recently, and for which neither the store
nor the manufacturer could attest to its Year 2000 compliance.
Ms. Coffou advised that the rule for embedded chips must be
guilty until proven innocent. ``I recommend for the general
public to start putting the pressure on manufacturers. Call and
find out. Ask questions.'' \31\
---------------------------------------------------------------------------
\31\ Ibid. p. 39.
---------------------------------------------------------------------------
Vito Peraino covered the potential for Year 2000 liability
claims. Referring to the Gartner Group's estimate that Year
2000 repairs would cost $300-$600 billion worldwide, Mr.
Peraino observed that never in history has such an expensive
problem failed to attract significant legal attention. ``I know
a litigation catastrophe when I see one. For better or for
worse, the Year 2000 problem is a litigation catastrophe
waiting to happen.'' \32\
---------------------------------------------------------------------------
\32\ Ibid. pp. 25, 28.
---------------------------------------------------------------------------
Harris Miller testified about the Information Technology
Association of America's [ITAA] Year 2000 certification
program, called ITAA*2000. This was ITAA's response to Chairman
Horn's 1996 request for a industry-based ``Good Housekeeping
Seal of Approval'' on Year 2000 repairs. Mr. Miller testified
that as of March 1997, 11 organizations had received
certification under the program, while a further 18 were under
technical evaluation and a total of 189 had requested the
questionnaire necessary to become certified. ``The focus of the
program is on the processes and methods that organizations use
to develop Year 2000 compliant software and services . . . [W]e
have designed the program to apply to any company,
organization, government agency, or any entity involved in a
Y2K conversion . . . It provides an independent, third party
review of their Y2K processes and methods.'' \33\
---------------------------------------------------------------------------
\33\ Ibid. p. 33.
---------------------------------------------------------------------------
Following the hearing, the chairmen and ranking members of
the two subcommittees sent an oversight letter to department
and agency heads to determine whether the agencies were
assessing their vulnerability to the embedded chip problem.\34\
The letter was targeted especially to the various regulatory
authorities that already have the power to alert people. The
responses to that letter indicated that many agencies were only
just beginning to assess the problem of embedded microchips
with the Year 2000 problem.
---------------------------------------------------------------------------
\34\ See Appendix A.
---------------------------------------------------------------------------
4. July 10, 1997, Oversight Hearing: ``Will Federal Government
Computers Be Ready for the Year 2000?'' (held jointly with the
House Science Subcommittee on Technology)
The third hearing on the Year 2000 problem in 1997, was
again held jointly with the House Science Subcommittee on
Technology. Federal Year 2000 progress was evaluated on
thebasis of the quarterly progress report provided to Congress by the
Office of Management and Budget on June 23, 1997. At this hearing,
several subcommittee members called upon executive branch officials to
attach far greater urgency to the Year 2000 effort.
Witnesses included Sally Katzen, Administrator, Office of
Information and Regulatory Affairs, Office of Management and
Budget; Joel Willemssen, Director, Civil Agencies Information
Systems, Accounting and Information Management Division, U.S.
General Accounting Office; Kathleen Adams, Chair of the
Interagency Year 2000 Subcommittee of the Chief Information
Officers Council and Assistant Deputy Commissioner for Systems,
Social Security Administration; and Joe Thompson, Chief
Information Officer, General Services Administration.
At this hearing, the subcommittee focused on the essential
elements of preparing for the century date change, including:
(1) Are agencies moving fast enough to address the Year 2000
problem? (2) Are the agency timetables realistic and adequate
to address the Year 2000 problem? (3) Do the department and
agencies have sufficient management processes to monitor their
Year 2000 efforts?
Chairman Horn opened the hearing by stressing the
importance of high-level executive attention. With a senior
official of the Office of Management and Budget as the lead
witness, he asked: ``Has the President of the United States
made this an issue? He is one of the great communicators of
this century. We need him to awaken the Nation to this very
serious situation.'' \35\
---------------------------------------------------------------------------
\35\ ``Will Federal Government Computers be Ready for the Year
2000?'' July 10, 1997, p. 40.
---------------------------------------------------------------------------
Chairman Horn asked these questions in the context of the
disappointing news reflected in OMB's May 15, 1997 quarterly
report (issued on June 23rd), which showed that some agencies
with critical responsibilities for providing public services
were stuck at the starting gate. As of May 15th, fully 18 out
of 24 agencies had yet to finish assessing the vulnerability of
their computer systems to the Year 2000 problem. Out of 24
agencies, 10 had yet to complete any testing of software
changes. These were discouraging and worrisome statistics.
Joel Willemssen of the General Accounting Office was much
less optimistic. He testified that based on the latest
information, Federal agencies simply did not have enough time
to complete all necessary fixes. He strongly urged agencies to
prioritize so that critical systems are fixed in time: ``OMB's
perspective would seem to imply that there is no cause for
alarm. We don't share that view. On the contrary, we believe
that OMB and Federal agencies need to increase their level of
concern, and move with more urgency to clearly demonstrate that
a business-as-usual approach on the Year 2000 issue won't
work.'' \36\
---------------------------------------------------------------------------
\36\ Ibid. p. 24.
---------------------------------------------------------------------------
Joe Thompson testified that the General Services
Administration was working to raise awareness of the Year 2000
problem throughout the government. He reported that GSA's
Federal Supply Service has notified manufacturers and service
and equipment providers that all products sold to the
Government must be Year 2000 compliant. He also described GSA's
database of Year 2000 compliant commercial-off-the-shelf
products. Representative Morella, chair of Science's Technology
Subcommittee, asked how GSA determines that these products are
compliant. Mr. Thompson noted that GSA lacked the resources to
carry out the testing itself. ``Those items have been tested
and verified by the corporations themselves whose records of
testing can be obtained from them.'' \37\
---------------------------------------------------------------------------
\37\ Ibid. p. 104.
---------------------------------------------------------------------------
Kathleen Adams testified on the role of her interagency
Year 2000 Subcommittee. She reported that they were developing
a database that will contain information regarding whether
commercial-off-the-shelf software presently in use in Federal
agencies will function properly after January 1, 2000. She
stressed that although the efforts such as this database can
help, the responsibility for success or failure ultimately lies
with the Chief Information Officer of each agency and with the
Office of Management and Budget.
Sally Katzen testified that the administration's estimate
for the cost of preparing its executive branch computers for
the date change had risen from $2.3 billion in February to $2.8
billion in July. Despite this, she insisted that the Government
was on track to complete all necessary fixes before January 1,
2000. Her prepared testimony concluded that ``the Year 2000
computer problem will be a non-event.'' Subcommittee member
Representative Tom Davis expressed amazement that Ms. Katzen,
speaking for OMB and therefore the President of the United
States, was taking such a casual approach to the Year 2000
problem. ``You have to approach this more cautiously than that,
don't you?'' Ms. Katzen replied that ``we will all breathe a
very happy sigh of relief on December 31st 1999.'' \38\
---------------------------------------------------------------------------
\38\ Ibid. pp. 14, 54.
---------------------------------------------------------------------------
5. September 15, 1997, news conference on Year 2000 report card
At this news conference, Chairman Horn released his second
report card of Federal preparations for the Year 2000 problem.
These grades measured the progress that 24 departments and
agencies of the Federal Government had made in fixing their
Year 2000 problems by August 15, 1997. Mr. Horn made the
following statement:
Averting electronic chaos at the turn of the
millennium is going to be labor intensive. Without time
and a concerted effort by management, there is no way
to avoid a breakdown of unpredictable proportions.
This is the real danger. The Year 2000 problem is a
procrastinator's nightmare. Time is marching
relentlessly toward the absolute deadline of January 1,
2000. Thousands of Government computer programs must be
changed before then. The Administration can not issue
an Executive order postponing the coming of the
millennium.
These grades are sad. No ex-professor can be happy
when handing out 11 Ds and Fs but only one A in a class
of 24. Last year agencies could get good grades simply
by establishing plans and putting someone in charge of
addressing the Year 2000 problem. This year plans
arenot enough. Action is required for a good grade because at this
point, action is required to get the job done on time.
On average, only 14 percent of Federal systems in
need of repair have been fixed and tested. Some
agencies have not even completed an assessment of their
systems to see what repairs they face.
I cannot issue these poor grades without feeling
sadness and disappointment. We have been working with
these agencies for almost two years now. I see
disturbingly little concern among agency management
that service to the taxpayers might suffer.
This casual approach also makes it hard to get a
serious estimate of the costs we face. The Office of
Management and Budget put the figure at $2.3 billion in
February and $2.8 billion in July and now (September
1997) estimates $3.8 billion.
Still, we must not lose hope. It is within the power
of every agency listed here to earn an A by next year.
But the starting point for such progress is a serious
commitment of attention and resources by the head of
each agency. Short of such a commitment, we can forget
about celebrating on the eve of the new millennium.
6. October 17, 1997, subcommittee meeting in Beverly Hills, CA:
``Russia's Year 2000 Problem''
On Friday, October 17, 1997, the subcommittee held a
meeting on Russia's Year 2000 problem and its implications for
the United States. Former Soviet President Mikhail Gorbachev
discussed the Year 2000 problem with Chairman Horn and then
Ranking Member Carolyn Maloney. Initially, Mr. Gorbachev had
been scheduled to testify before the subcommittee as the sole
witness at a hearing.\39\ Following the meeting, Mr. Horn
addressed the audience gathered at the Beverly Hills City Hall:
---------------------------------------------------------------------------
\39\ President Gorbachev had earlier requested a meeting with
Chairman Horn to learn more about the Year 2000 problem. That meeting
was held in Washington, DC, on Apr. 16, 1997. The chairman was
accompanied by Subcommittee Staff Director Russell George. President
Gorbachev was accompanied by his translator.
This hearing was to have President Gorbachev testify.
We have just met with former President Gorbachev to
hear a report on what he has been able to accomplish in
Russia by discussing the Year 2000 problem with Prime
Minister [Chernomyrdin] of Russia and alerting [Russian
leaders] to what this subcommittee has been doing since
April of 1996 with the American Government. [Mr.
Gorbachev] has assured us that he feels his portion of
that job, to alert his own country, is sufficient.
He has various commitments in Los Angeles he has to
keep, so except for our 20-minute meeting, he will not
be testifying today. I am sorry that he won't, because
I think he has made a lot of progress on this subject,
but he feels he needs to leave it to the Russian
Government now to carry on addressing the Year 2000
problem. . . .
``[W]hat Russia faces, the United States faces, every
nation in the world faces, is how do we solve this
problem by January 1st 2000? Mr. Gorbachev has been the
first former statesman in Europe to take this problem
seriously, but he feels he can't go much beyond Russia
on this; and I am hopeful other statesmen in Europe
will urge their governments to move ahead, just as
parts of our Government have done.
7. December 11, 1997, news conference on Year 2000 projections
Executive departments and agencies released their third
quarterly Y2K status reports on November 15, 1997. The
subcommittee and GAO staffs analyzed these reports. Their
analysis provided the basis for Chairman Horn's projected
completion dates for each agency. The primary effort was on
judging the current pace of each agency. The projections showed
that, without an increase in the rate of progress, the
Department of Energy and the Department of Labor would not
finish Year 2000 conversions until the year 2019; the
Department of Defense would finish in 2012; the Department of
Transportation in 2010; and the Department of the Treasury in
2004. In opening the news conference, Chairman Horn stated:
Another year has passed and the latest data show that
the current work on the Year 2000 problem in Federal
computers is unacceptable and potentially disastrous.
Unless agencies make faster progress soon, the Federal
Government runs a serious risk of massive electronic
breakdown on January 1, 2000.
Year 2000 problems need to be fixed in thousands of
Federal computer systems. If Federal computers fail
because they cannot understand the year 2000, the
distribution of benefit checks could be disrupted, the
air traffic control system could become gridlocked, and
computerized records could be lost or damaged. At best,
we may face a major headache, at worst, an electronic
disaster.
In addition to releasing these projections, a letter was
sent to then Director of Office of Management and Budget
Franklin Raines recommending possible ways to improve progress
on the Year 2000 problem.\40\ The recommendations included
making quarterly reports more accurate; expanding the scope to
include mission critical systems being replaced, second-tier
systems, and embedded microchips. The Chairman also repeated
his call for a full-time coordinator to spearhead the Federal
Y2K effort.
---------------------------------------------------------------------------
\40\ A copy of this letter can be found in Appendix A.
---------------------------------------------------------------------------
8. February 4, 1998, Oversight hearing: ``FAA at Risk: Year 2000 Impact
on the Air Traffic Control System'' (held jointly with the
House Science Subcommittee on Technology)
This hearing reviewed the Year 2000 readiness of the
Federal Aviation Administration [FAA], with particular emphasis
on the Air Traffic Control System. The subcommittees focused on
the deficiencies and progress of the FAA in both fixing and
testing its computer systems for the Year 2000 problem. The
primary purpose of the hearing was to alert the new
FAAAdministrator to the importance of this problem with the objective
of improving the percentage of compliance FAA could achieve in the
following 23 months.
Specific issues addressed at the hearing included the
FAA's data exchanges and contingency plans. In terms of data
exchanges, this included what interface standards the FAA had
established for commercial airlines, both domestic and foreign.
In terms of contingencies, the subcommittees were interested in
what level of flight capacity the FAA could sustain if forced
to use a completely manual system.
Witnesses at the hearing included Federal Aviation
Administrator Jane Garvey; Department of Transportation
Inspector General Ken Mead; Federal Aviation Administration
Chief Information Officer Theron Gray; Joel Willemssen,
Director, Civil Agencies Information Systems, Accounting and
Information Management Division, U.S. General Accounting
Office; and Stanley Graham, Senior Management Consultant, Tech-
Beamers, Inc.
Representatives of the General Accounting Office and the
Department of Transportation Inspector General each reported on
studies they had recently conducted on the Year 2000 problem at
FAA. Each study found the FAA seriously lacking in several key
areas. At its rate of progress during late 1997 and January
1998, the FAA would be unable to finish fixing all of its
mission critical systems before January 1, 2000. Further, it
appeared that even those systems the FAA would be able to fix
would not be thoroughly tested before the new century and the
FAA did not have a viable contingency plan for this likelihood.
All agreed that the question is not one of safety. The
airlines, the pilots, and the tower controllers will not allow
a plane to take off unless they are absolutely sure it is safe
to do so. The airline industry default condition is: ``when in
doubt, ground it.'' But this leaves unanswered a serious
question about capacity: If failures occur, what flight
capacity will FAA be able to support, and for how long will the
airline industry be forced to operate at reduced capacity?
The General Accounting Office testified that the Federal
Aviation Administration has lagged in making its computer
systems ready for the year 2000. Without an increased rate of
progress, the FAA would not be ready for the new century. The
agency has been severely behind schedule in completing basic
awareness activities, a critical first phase in an effective
Year 2000 program. For example, FAA appointed its initial
program manager for Year 2000 issues only 6 months before this
hearing, and its overall Year 2000 strategy was not yet final.
The FAA also did not know the extent of its Year 2000
problem because it had not yet completed assessing the Year
2000 vulnerability of its computers. The potential consequences
include degraded safety, grounded or delayed flights, higher
airline costs, and customer inconvenience. Delays in completing
awareness and assessment activities also leave FAA little time
for critical renovation, validation, and implementation
efforts--the final three phases in an effective Year 2000
program. With 2 years left, FAA was quickly running out of
time, making contingency planning for continuity of operations
even more critical. FAA estimates that the entire program will
cost $246 million, although the agency lacks the information it
needs to develop reliable cost estimates.
9. March 4, 1998, news conference on Year 2000 report card
Chairman Horn released his third report card, assigning new
grades to Federal departments and agencies on their Year 2000
efforts. For the first time, a governmentwide grade was also
issued: it was a `D-.' The following statement was made by the
Chairman:
As almost everyone now knows, [the Year 2000 problem]
refers to the use of two digits rather than four to represent
the year in computer date functions. When the ``00'' of the
year 2000 rolls around, computer systems and embedded
microchips that are not prepared to recognize the new
millennium will become very confused. A range of possible
computer failures and shutdowns could result.
Our focus is on the Year 2000 problem of the Executive
branch of the Federal Government. Over the past several weeks,
we have received the very latest information on where the
largest Federal departments and agencies stand in fixing this
problem. These data reveal a troubling portrait. We have
analyzed these data and have summarized the result as a report
card agency by agency. This follows on report cards issued by
the Subcommittee on Government Management, Information, and
Technology in the summer of 1996 and again last September
(1997). We are shortening the grading periods as the deadline
approaches.
For the first time, we are issuing a governmentwide grade
along with grades for individual agencies. As you can see, most
are grades you would not want to take home to your parents. But
the key point of this exercise has always been to focus high-
level attention on this problem. On that score, there is a
slight ray of hope coming through the dark El Nino clouds
above.
When we first issued grades, the criteria focused almost
exclusively on whether the leaders at each agency had a clue
about this problem. The grades last fall took account of
whether an agency was making progress on actually fixing the
problem.
This time, the focus is shifting to the broader
perspective: how is the Government doing overall? It is
increasingly clear that a large number of Federal computer
systems simply will not be prepared for the date change on
December 31, 1999. The goal now is to make certain that the
most important systems at the most important agencies can
function in the new century.
The need for governmentwide focus is easily illustrated.
First, look at the Department of Defense. It has one third of
all the mission-critical computer systems in the entire Federal
Government. You do not have to think very hard about the
function of many of those Defense systems to agree that failure
is intolerable. Added to this is the disturbing fact that
Department of Defense has just suffered an exodus of its entire
staff leadership on the Year 2000 problem. It is time for
people outside Defense--as well as inside --to start sweating
about this.
In a second illustration, consider the Financial Management
Service, which is part of the Department of the Treasury. Most
Federal agencies have their checks issued through the Financial
Management Service. When Treasury's Financial Management
Service is lagging behind, all the hard work to be Year 2000
compliant at Social Security (SSA) or the Small Business
Administration (SBA) is for naught. SSA's and SBA's checks
cannot be processed in a timely way unless the Financial
Management Service completes its Year 2000 work.
The Year 2000 problem, then, is a governmentwide problem
that demands a governmentwide strategy. That strategy must set
clear priorities and begin focusing intense attention,
expertise and resources on the most critical systems. The one
ray of hope I see now is that President Clinton recently signed
an Executive Order recognizing the urgency of the problem and
establishing a task force to address it. The task force will be
headed by Assistant to the President John Koskinen, the
respected former Deputy Director for Management at the Office
of Management and Budget.
Even John Koskinen's skills, however, do not change the
fact that the Executive branch is still on the edge of failure.
There are almost 8,000 mission-critical computer systems in the
Executive branch. At the current rate of progress, only 63
percent of those systems will be ready for January 1, 2000 when
the clocks roll over less than 667 days from now. We need a
centralized approach. We need to prioritize. We need to
coordinate. We need to do all of those stages very soon.
Over the past two years, our subcommittee has worked to
create an awareness that this is a serious, urgent problem. I
believe we are succeeding in that effort. Now we will focus our
attention on the need for a coordinated and effectively
implemented strategy.
Phase one of this effort--defining the problem--took almost
two years. Phase two--solving the problem--must be completed in
less than 22 months. We have a long way to go and a short time
to get there.
10. March 18, 1998, Oversight hearing: ``Governmentwide Year 2000
Issues and the Department of the Treasury'' (held jointly with
the House Science Subcommittee on Technology)
At this hearing, the subcommittee reviewed the
governmentwide Year 2000 effort with a particular focus on the
Department of the Treasury and on agencies within the Treasury
Department that perform crucial governmentwide functions.
The witnesses were: John Koskinen, Assistant to the
President and Chair, President's Council on Year 2000
Conversion; Gene Dodaro, Assistant Comptroller General, U.S.
General Accounting Office; Michael P. Harden, President,
Century Technology Services, Inc.; Constance E. Craig,
Assistant Commissioner, Information Resources, Financial
Management Service; Jim Flyzik, Acting Chief Information
Officer; Arthur A. Gross, Associate Commissioner for
Modernization and Chief Information Officer, Internal Revenue
Service; and Denis Schindel, Deputy Assistant Inspector General
for Audit, Department of the Treasury.
On the governmentwide level, the General Accounting Office
completed a study of Year 2000 issues and made recommendations
at this hearing. The subcommittee also took this opportunity to
welcome Assistant to the President John Koskinen to the Year
2000 effort as the Chair of the President's Council on Year
2000 Conversion. Mr. Koskinen had previously served at Deputy
Director for Management at the Office of Management and Budget.
``I can't think of a better person for the Administration to
bring in at this time,'' said Representative Tom Davis, who
added: ``I think it's a huge task ahead of you . . . there are
some agency heads who give [the Year 2000 problem] lip service
but still don't seem to get the enormity of this problem.''
\41\
---------------------------------------------------------------------------
\41\ ``Joint Hearing on the Oversight of the Government's Year 2000
Efforts,'' Mar. 18, 1998, original transcript, p. 20.
---------------------------------------------------------------------------
Chairman Horn urged Mr. Koskinen to put the laggard
agencies on a weekly reporting schedule. ``There needs to be a
real interaction with your office knowing what the agencies are
doing.'' Chairman Horn noted that too much slippage had already
occurred when agencies report on a quarterly basis: ``When we
looked at the last quarterly reports, some people had done
absolutely nothing. . . . Something is needed to keep them on
track and to let you know what kind of progress [they are
making]. There's nothing like a weekly report to shape people
up, I can assure you, having run a fairly large organization.''
\42\
---------------------------------------------------------------------------
\42\ Ibid. pp. 50-51.
---------------------------------------------------------------------------
At the departmental level, the Department of the Treasury
reported 327 mission-critical systems. As of February 15, 1998,
only 22 percent of these mission-critical systems were
renovated. Continuing at its previous rate of progress,
Treasury would renovate only 38 percent more of its mission-
critical systems before the deadline, leaving 40 percent or 130
mission-critical systems noncompliant by January 1, 2000. This
is unacceptable for any Federal department and especially for
Treasury, which plays such a critical role in Federal finance.
The subcommittee also focused on the Internal Revenue
Service and the Financial Management Service. IRS takes the
money in and FMS sends the money out. Both had serious
questions of readiness. The Financial Management Service
reported 62 mission-critical systems. As of February 15, 1998,
only 16 percent of these mission-critical systems were
finished. FMS did not complete implementation of any fixed and
tested mission-critical systems in the last 3 months. FMS
issues all the non-Defense checks for the entire Federal
Government. Social Security will deliver its address tapes on
time, but if the systems at FMS are not done, then the 48.3
million monthly checks will not be processed.
The Internal Revenue Service reported 123 mission-critical
systems. As of February 15, 1998, only 14 percent of these
mission-critical systems were finished. Besides the Year 2000
problem, the IRS has three additional computer challenges
occurring simultaneously. IRS is consolidating mainframes from
10 Service Centers into 2 Computing Centers. IRS is replacing
its input and remittance systems with a new system that is
scheduled to be installed in all 10 Service Centers before the
end of 1999. And, of course, the IRS must make the refunds for
individuals who have had too much deducted from their payroll
checks and input the changes to reflect any tax law revisions
in time to handle tax season in the year 2000. This confluence
of challenges raised serious questions about whether the IRS
would be able to prepare for the year 2000 in time. In its 1998
reform of the Internal Revenue Service, Congress stressed that
appropriate time must be made available for becoming Year 2000
compliant.
11. June 2, 1998, news conference on Year 2000 report card
Chairman Horn released his fourth card grading Federal
departments and agencies on their Y2K efforts. Each of the
Government's 24 largest departments and agencies received a
grade primarily on the basis of when its mission-critical
computer systems would become Year-2000 compliant. Four
additional criteria were used in grading: contingency planning,
telecommunication systems, embedded microchips, and external
data exchanges. The following statement was made by the
Chairman:
About two weeks ago, a single communications satellite spun
out of control. For the next couple of days, 90 percent of all
pagers in the United States were useless, many television
stations had nothing to broadcast, several news wires failed,
and gasoline stations, banks, and retail stores that use small
satellite dishes found themselves in the dark. All this
resulted from the failure of just one satellite. It was a
timely reminder of what is really at stake in the smooth
functioning of technology--a tiny hint of what the Year 2000
could bring. With Federal Y2K efforts cast in this urgent
light, we turn to the latest data on Federal preparations.
Overall, the Federal Government earned an ``F.'' Underlying
this dismal grade is a disturbing slow-down in the Government's
rate of progress. For the quarter ending February 15, the
Government brought mission-critical systems into compliance at
a rate of 9.4 percent; for the quarter that ended May 15, the
rate of progress slowed to 5.4 percent. This would be
discouraging in any context. Less than a year before the
President's March 1999 deadline for Y2K repairs, a reduction in
productivity is deeply troubling. This trend must be reversed.
Specific agency grades raise further concerns. The
Department of Defense earned a ``D'' and is still not on track
to complete Y2K compliance efforts until two years after the
date change. The Department of Transportation merited an ``F.''
This grade includes the Federal Aviation Administration, which
provides crucial services to the flying public. Without
dramatic improvements, the Nation's air traffic could face
serious disruptions for an extended period after December 31,
1999. The Department of Health and Human Services also earned
an ``F.'' The Medicare program, among others, depends on the
smooth functioning of its computer systems.
At the other end of the curve, the Social Security
Administration (SSA) is a model for all agencies. SSA earned an
``A+'' this quarter by achieving 92 percent compliance and by
paying close attention to two secondary areas: contingency
planning and external data exchanges. SSA also deserves credit
for actively assisting other agencies in their Year 2000
efforts. We are counting on more of this coordination and
teamwork over the next 18 months.
I noted last quarter that SSA's outstanding performance may
be for naught: Social Security checks are actually issued by
the Treasury Department's Financial Management Service (FMS).
This is a potential bottleneck of dramatic proportions. The
Treasury Department earned a ``C'' this quarter, held back by a
dismal performance by FMS. Despite urgent calls for progress in
March, FMS's accomplishments over the last three months have
been far from reassuring. We must have action on this urgent
problem.
With January 1, 2000 a year and a half away, we must
not panic. The President and his administration must
set priorities if the conversion is to be successful.
We must not become discouraged by the work that still
remains. This is the time to focus, to redouble our
efforts, and to move forward aggressively.
As we have urged before, the President must use the
bully pulpit and inform the people of this Nation. Now
is the time for the President to designate the Year
2000 problem as a national priority.
According to the June report card, of the 7,336
mission critical systems in government, 2,766 are not
expected to be converted in time for the March 1999
milestone. That is unacceptable.
12. June 10, 1998, Oversight hearing: ``Status Update on the Year 2000
Problem''
This hearing involved broad oversight of Federal Y2K
efforts based on the May 15th quarterly reports. Four
departments particularly behind in their efforts were selected
as witnesses for this hearing: Defense, Education, Energy, and
Health and Human Services.
Witnesses included Joel Willemssen, Director, Civil
Agencies Information Systems, Accounting and Information
Management Division, U.S. General Accounting Office; John
Callahan, Assistant Secretary, Management and Budget,
Department of Health and Human Services; Marshall Smith, Acting
Deputy Secretary, Department of Education; William A. Curtis,
Special Assistant for Year 2000, Department of Defense; and
Howard E. Lewis Jr., Acting Chief Information Officer,
Department of Energy.
Chairman Horn opened the hearing by noting the crucial
importance of the departments and agencies developing
contingency plans, assessing the effectiveness of the
telecommunications systems, identifying the various embedded
systems, and reviewing the external data exchanges. Regarding
these last two, Mr. Horn remarked: ``Embedded systems are the
sleeping giant in the Year 2000 problem. Tiny little computer
chips embedded in control devices are everywhere in industry
throughout the world. They can stop an automobile assembly
line, a chemical plant, or an electric utility grid . . .
External data exchanges are also crucial. Most systems pass
data from computer to computer. Consider a simple bank check
which may go through dozens of computer systems.''
At the March 18th hearing on Year 2000, Joel Willemssen of
GAO and Assistant to the President John Koskinen agreed that
not all mission-critical systems will be done in time. Two
months later, the rate of progress had not improved. As of May
15, 1998, only 39 percent of all Federal mission-critical
systems were Year 2000 compliant. At the current rate of
progress, over 3,000 mission-critical systems would not be done
by the President's deadline of March 1999.
Worse, some systems that are completed on time would still
fail, either because the testing was not rigorous enough or
because of corruption from data exchanges with other
noncompliant systems. The Federal Government must be prepared
with contingency plans to maintain core business activities
even for systems believed to be compliant.
The first question to each Department at this hearing was
basically the same: ``Why are you behind?'' The second was:
``What do you need to improve your rate of progress?'' The
intent of the subcommittee was to help agencies become
compliant.
The General Accounting Office discussed the results of the
most recent reports submitted to the Office of Management and
Budget on the Federal Government's slow progress in achieving
Year 2000 compliance. Mr. Willemssen raised serious concerns
about the high number of noncompliant systems that Federal
agencies plan to replace rather than repair. ``[G]iven the
Federal Government's track record on replacement systems, of
not being able to often deliver those systems when promised,
these replacement efforts generally should be viewed as high
risk.'' Mr. Willemssen also emphasized the issue of testing.
``[A]gencies are going to need a significant amount of time for
end-to-end testing of multiple systems that have individually
been deemed Year 2000 compliant. . . . Without such testing,
systems individually deemed as compliant may not work as
expected when linked with other systems.'' \43\
---------------------------------------------------------------------------
\43\ ``Status Update on the Year 2000 Problem,'' June 10, 1998,
original transcript p. 13 (testimony of Joel Willemssen, Director,
Information Resources Management, Accounting and Information Management
Division, U.S. General Accounting Office).
---------------------------------------------------------------------------
13. June 22, 1998, hearing: ``Year 2000: Biggest Problems and Proposed
Solutions''
At this hearing, the subcommittee solicited the views of
recognized experts in the field. With less than 18 months
remaining, the emphasis was to discuss the top priority
problems and possible solutions. The focus was on managerial
and practical solutions rather than on a technical or
theoretical exploration.
The scope of the Year 2000 problem is both global and
local--from international trade to the embedded chip in your
fax machine. This is a challenge that confronts everyone from
the Federal Government to local water districts; from
multinational corporations to Mom-and-Pop businesses. The scope
of the problem is also cross-functional--from agriculture to
medicine. There are problems in government, finance,
manufacturing, distribution, and services. There are problems
in wholesale, retail, and the infrastructure. The question at
this hearing was what role Congress could play in moving Year
2000 efforts forward.
The witnesses included: Edward DeSeve, Deputy Director for
Management, Office of Management and Budget, accompanied by
Bruce McConnell, Chief of Information Policy and Technology,
Office of Information and Regulatory Affairs; Dr. Rona
Stillman, Chief Scientist for Computers and Telecommunications,
General Accounting Office, accompanied by Joel Willemssen,
Director, Civil Agencies Information Systems, Accounting and
Information Management Division, U.S. General Accounting
Office; Dennis Grabow, President, Millennium Corp.; Dan
Steinberg, Synthesis: Law & Technology; Alan Simpson,
President,ComLinks.Com; Bruce Webster, Chief Technical Officer,
Object Systems Group and Washington DC Y2K Group; and Tom McCabe,
Chairman, McCabe & Associates.
The General Accounting Office testified that the executive
branch of the Federal Government is extremely vulnerable to
Year 2000 problems because of its widespread dependence on
computer systems to process financial transactions, deliver
vital services, maintain national security, and carry out many
of its basic administrative operations. This challenge is made
even more difficult by the age and poor documentation of some
of the Government's existing systems and its lackluster record
in modernizing them. As of May 1998, Federal agencies reported
that only about 40 percent of their mission critical computer
systems were prepared for the Year 2000. Unless progress
improves dramatically, a substantial number of mission critical
systems will not be Year 2000 compliant in time.
Mr. DeSeve informed the subcommittee that those agencies
still behind schedule would begin reporting on a monthly rather
than a quarterly basis.\44\ Dennis Grabow stressed the
importance of testing, including end-to-end testing of linked
systems. The General Accounting Office emphasized the
importance of independent verification.
---------------------------------------------------------------------------
\44\ ``Year 2000: Biggest Problems and Proposed Solutions,'' June
22, 1998, original transcript, p. 9.
---------------------------------------------------------------------------
14. August 13, 1998, field hearing (New York, NY): ``Oversight of the
Year 2000 Problem: Lessons to Be Learned from State and Local
Experiences''
This was the first in a series of six subcommittee field
hearings on the Year 2000 problem at the State and local level.
Witnesses included Mr. Joel Willemssen, Director, Civil
Agencies Information Systems, Accounting and Information
Management Division, U.S. General Accounting Office; Mr. Joseph
Lhota, Deputy Mayor for Operations, city of New York; Mr. Gary
Davis, Project Director, Office of Technology, State of New
York; Mr. Peter Sullivan, Year 2000 Program Director, State of
Connecticut; Mr. Douglas Wipperman, Director of Data
Processing, Nassau County, NY; Mr. Charles Adrion, Director,
Year 2000 Project Office, Westchester County, NY; Mr. Arthur
Thomas, Senior Vice President of Global Operations, Merrill
Lynch (representing the Securities Industry Association); Mr.
George Thomas, Senior Vice President and Director of
Information, New York Clearing House; and Mr. Robert Hedlund,
Director, Technology Services, Consolidated Edison Co., of New
York.
Representative Maloney noted at the hearing: ``Evidence to
date strongly suggests that our city will face a serious
disruption if we do not fix the millennium bug by the Year
2000.'' She also noted that ``the interdependence of computer
systems requires that nearly all computer systems be Year 2000
compliant . . . [I]f a fixed Federal Government [computer]
interfaces with a noncompliant State computer, both computers
will fail.'' \45\
---------------------------------------------------------------------------
\45\ ``Oversight of the Year 2000 Problem: Lessons to be Learned
from State and Local Experiences,'' Aug. 13, 1998, original transcript
p. 7.
---------------------------------------------------------------------------
Mr. Willemssen alerted the subcommittee to a July 1998
survey of the States Year 2000 readiness. It was conducted by
the National Association of State Information Resource
Executives. Willemssen also cited a survey of State food stamp
programs conducted by the Food and Nutrition Service of the
Department of Agriculture. The chief focus of GAO's testimony
was the problem of data exchanges:
Federal agencies reported that their mission-critical
systems had almost half a million data exchanges with
other Federal agencies, States, local governments, and
the private sector. To successfully remediate exchanges
is a very complex, time-consuming process. To
successfully remediate their data exchanges, federal
agencies and the states must (1) assess information
systems to identify data exchanges that are not Year
2000 compliant; (2) contact exchange partners and reach
agreement on the date format to be used in the
exchange; (3) determine if data bridges and filters are
needed and, if so, reach agreement on their
development; (4) develop and test such bridges and
filters, (5) test and implement new exchange formats;
and (6) develop contingency plans and procedures for
data exchanges.\46\
---------------------------------------------------------------------------
\46\ Prepared testimony of U.S. General Accounting Office.
Deputy Mayor Lhota testified as the individual responsible
for New York City's Year 2000 efforts. New York has 706
computer systems, of which 287 were compliant and 419 were in
need of repair. As of August 1998, costs had reached $319
million. As for contingency planning, the Mayor's Office of
Emergency Management is working in coordination with
utilities--such as gas and electric--and with telephone
companies and hospitals, to prepare for January 1, 2000.
The New York State government was represented by Gary
Davis, Year 2000 Project Manager, Office of Technology. He
testified that in April 1996, Governor Pataki established the
Year 2000 Date Change Initiative to facilitate New York State's
millennium compliance efforts. The State expects to spend $250
million on Y2K efforts. The Office of Technology tracks
compliance progress on a quarterly basis. Mr. Davis stated that
``we have been working with our Department of Public Service to
address utility preparedness, including electricity, gas,
water, and telecommunications. The department has completed a
general assessment and met with the State's major utilities.
The utilities have reported that they understand the scope of
the problem, have implemented a compliance plan, allocated
resources, and are on schedule to be compliant.'' Mr. Davis
also struck a cautious note: ``While New York State has
accomplished a great deal, there is still a substantial amount
of work to be done over the next 16 months.'' \47\
---------------------------------------------------------------------------
\47\ ``Oversight of the Year 2000 Problem: Lessons To Be Learned
From State and Local Experiences,'' Aug. 13, 1998, original transcript,
p. 32.
---------------------------------------------------------------------------
Mr. Charles Adrion, Director, Year 2000 Project Office,
Westchester County, NY, testified that Westchester County
anticipates no staff shortage problems. But he also testified
that ``both within the municipalities and business
organizations in Westchester County there has been less of an
inclination to even discuss the problem of cooperation, and
particularly status, where we are with our implementations,
because of advice given by legal counsel.'' \48\
---------------------------------------------------------------------------
\48\ Ibid. p. 76.
---------------------------------------------------------------------------
Mr. Arthur Thomas, Senior Vice President of Global
Operations, Merrill Lynch, representing the Securities Industry
Association, testified that ``the Y2K effort represents
thelargest-ever business and technology undertaking of the financial
industry at a cost of somewhere between $4 billion and $6 billion.''
\49\ Despite the size of the task, however, Mr. Thomas expressed
confidence at the state of preparations in the financial sector. He
noted the industry's early start on Year 2000 repairs. He also reported
on the successful ``test test'' conducted over the summer of 1998,
showing that efforts to date have been effective.
---------------------------------------------------------------------------
\49\ Ibid. p. 85.
---------------------------------------------------------------------------
Mr. George Thomas, Senior Vice President and Director of
Information, New York Clearing House, testified that the
financial sector is too dependent on electric power and other
basic support systems to make contingency plans for their
failure. Contingency plans ``rely on mission-critical support
systems that are so integral to payment system operations that
without them, not only the banking industry but also business
in general may be severely impaired.'' \50\
---------------------------------------------------------------------------
\50\ Ibid. p. 96.
---------------------------------------------------------------------------
Mr. Robert Hedlund, Director, Technology Services,
Consolidated Edison Co. of New York, testified that automated
supervisory controls are embedded in production and
distribution systems of electricity, gas, and steam. Technology
specifically vulnerable to the Year 2000 problem includes
servers, routers, and switchers. Mr. Hedlund reported that Con
Edison was communicating with supplies of critical products and
services as well as neighboring utilities with which Con Edison
is interconnected. Mr. Hedlund also testified that he knows of
no Federal oversight taking place right now.\51\
---------------------------------------------------------------------------
\51\ Ibid. pp. 102, 112.
---------------------------------------------------------------------------
15. August 17, 1998, Field Hearing (Mesquite-suburb of Dallas, Texas):
``Oversight of the Year 2000 Problem: Lessons to Be Learned
from State and Local Experiences''
The subcommittee's series of field hearings continued in
the district of subcommittee Vice Chairman Pete Sessions.
Mesquite is located in Dallas County and is a suburb of the
city of Dallas. Representative Kevin Brady, who represents the
8th district of Texas, including Houston, joined the panel for
the hearing.
Witnesses included Mr. Joel Willemssen, Director, Civil
Agencies Information Systems, Accounting and Information
Management Division, U.S. General Accounting Office; Shannon
Porterfield, Year 2000 Project, Director, State of Texas;
Judith Shaw, Assistant Director, Information Services, city of
Dallas, TX; Ron Lewis, Assistant City Manager, city of Lubbock,
TX; Michelle Brand, Purchasing and Telecommunications
Coordinator, city of Mesquite, TX; and Eric Schmitt,
Communications Support Manager, Texas Utilities.
Representative Sessions stressed at the beginning of the
hearing the issue of legal liability. The issue of Year 2000
liability arises for ``an incredibly wide variety of products
and software, including vendors of hardware or software to
their purchasers, service providers to their customers, banks
to their depositors and borrowers, insurance providers to their
insured, airlines to their passengers, corporations to their
shareholders, and stockbrokers to their accounts.'' \52\
Representative sessions observed the importance of
congressional action in this area.
---------------------------------------------------------------------------
\52\ ``Oversight of the Year 2000 Problem: Lessons to be Learned
from State and Local Experiences,'' Aug. 17, 1998, original transcript,
pp. 12-13.
---------------------------------------------------------------------------
Shannon Porterfield noted she would be unable to report on
the Year 2000 status of data exchanges at Texas State agencies
until October. She testified that the State of Texas is
particularly vulnerable to embedded chip failure in
correctional institutions. The State of Texas planned to
organize a national conference for ``correctional embedded
systems coordinators.'' \53\ In terms of municipalities in
Texas, Ms. Porterfield observed that city governments seem to
be modestly ahead of county governments in preparing for the
Year 2000 problem.
---------------------------------------------------------------------------
\53\ Ibid. original transcript, p. 70 (testimony of Judith Shaw,
Assistant Director, Information Services, city of Dallas, TX).
---------------------------------------------------------------------------
Judith Shaw testified that the city of Dallas planned to
complete its Year 2000 repairs by December 1998. But she noted:
``There are things that we do not have control over . . . and
that's dealing with the vendors. I think if there is a scary
part to us, that's it.'' \54\ Ms. Shaw reported that Dallas
expects to spend approximately $3 million on its Year 2000
repairs. Representative Brady noted that this figure appeared
considerably lower than other cities and organization of
similar size. Ms. Shaw attributed the low cost to starting Year
2000 fixes early and repairing rather than replacing equipment.
``We have encouraged our department not to use the Year 2000 as
an excuse to trade out computers.'' \55\ She also told the
subcommittee that Dallas has been able to retain its technical
personnel by giving them bonuses at the end of each
quarter.\56\
---------------------------------------------------------------------------
\54\ Ibid. p. 30.
\55\ Ibid. p. 47.
\56\ Ibid. p. 79.
---------------------------------------------------------------------------
Ron Lewis, Assistant City Manager, city of Lubbock, TX,
noted that Lubbock owns and operates an electric utility
company. Mr. Lewis asserted that this responsibility had
inspired a very ``businesslike'' approach to the Year 2000
problem. This approach included ``incorporating the Year 2000
problem into an emergency scenario.'' \57\ Calling it a Year
2000 drill, Mr. Lewis described how a small group of experts
was developing, in strict secrecy, scenarios based on potential
Year 2000 related failures. For the sake of realism, no
department was aware of the scenario that the control group was
creating, and the drill was to be scheduled at night. ``This
drill will give our elected officials and citizens the
opportunity to see how well we perform under simulated
circumstances . . . I believe the most important aspect when
preparing for the Year 2000 problem is providing open and
honest communication with our citizens and employees on a
regular basis.'' \58\
---------------------------------------------------------------------------
\57\ Ibid. p. 37.
\58\ Ibid. pp. 38-39.
---------------------------------------------------------------------------
Michelle Brand testified that the city of Mesquite does not
have a full-time employee dedicated to the Year 2000 problem.
Further, Mesquite had hired no consultants to work on the
problem, although that step was under active consideration at
least for help with assessing thecompliance of radio equipment.
``It's been extremely difficult to devote staff time to such a large
inventory of equipment.'' \59\
---------------------------------------------------------------------------
\59\ Ibid. p. 45.
---------------------------------------------------------------------------
Eric Schmitt, Communications Support Manager, Texas
Utilities, addressed efforts to prepare hardware and software
not supported by the IT organization: ``These systems include
items that have traditionally been procured, developed, and
maintained by individual business unit organizations. Typically
heavily dependent on microprocessor based technology; these
systems cover a variety of products such as power plant control
and monitoring systems, gas and electrical distribution
networks, and our transmission system. Also being addressed by
this project are protective devices, security systems, building
facilities (elevators, HVAC & lighting) and business unit. . .
. We have tested a number of systems, and so far have found
very few instances where a system functionally was affected.''
\60\
---------------------------------------------------------------------------
\60\ Ibid. pp. 95-96.
---------------------------------------------------------------------------
After listening to the testimony, Mr. Willemssen, U.S.
General Accounting Office observed: ``I haven't heard water and
waste water mentioned too much here. As it pertains to embedded
chips, that would be one area that I'd be particularly
interested in focusing on if I were in the shoes of the
individuals here.'' \61\
---------------------------------------------------------------------------
\61\ Ibid. p. 71.
---------------------------------------------------------------------------
16. August 19, 1998, field hearing (New Orleans, LA): ``Oversight of
the Year 2000 Problem: Lessons To Be Learned from State and
Local Experiences''
The third subcommittee field hearing was held in New
Orleans. In opening the hearing, Chairman Horn made a renewed
plea for presidential attention to this matter: ``The President
needs to make more speeches to alert the Nation.'' In addition
to raising awareness of the problem, the President can calm
fears about it. There are ``scare mongers trying to make money
off [the Year 2000 problem and] we need to head that off.''
\62\
---------------------------------------------------------------------------
\62\ ``Oversight of the Year 2000 Problem: Lessons To Be Learned
From State and Local Experiences,'' Aug. 19, 1998, original transcript,
p. 3.
---------------------------------------------------------------------------
Witnesses included Joel Willemssen, Director, Civil
Agencies Information Systems, Accounting and Information
Management Division, U.S. General Accounting Office; Edgar
McManus, Project Director, Year 2000 Readiness Project, USDA
National Finance Center; Renea Austin, Division of
Administration, State of Louisiana, accompanied by, Ms. Chris
LaBlanc, Project Manager, Louisiana Year 2000 Coordination
Project; Mike Walker, Director, Information Services, city of
Baton Rouge; Mary Beth Tatar, First Vice President, Louisiana
Parish Government Association; Theresa Comeaux Vice President
of Regulatory Compliance, Century Solutions/Blue Cross & Blue
Shield.
Edgar McManus, Project Director, Year 2000 Readiness
Project, USDA National Finance Center, testified that the
Finance Center is in an excellent position to be compliant by
January 1, 2000. He attributed the success to strong support
and leadership from top management. ``I can assure you that
this project is our number one priority, as evidenced by the
fact that [National Finance Center Director John R.] Ortego
made the unpopular move of putting all agency requests for
system modifications on hold pending completion of the Y2K code
renovation effort. . . . This proved invaluable in helping us
meet our self-imposed deadline of June 30, 1998, to have all
mission critical production code renovated, user tested, and
returned to production.'' \63\
---------------------------------------------------------------------------
\63\ Ibid. pp. 21-22.
---------------------------------------------------------------------------
Ms. Chris LaBlanc, Project Manager, Louisiana Year 2000
Coordination Project, testified that the Governor of Louisiana
has set July 1, 1999 as the deadline for completion of all Year
2000 work. This deadline was set by Executive order in January
1998. Ms. LaBlanc also described the Louisiana Year 2000
Coordination Project. This entity was established ``to
coordinate the planning, administration support, progress
monitoring and communication for the Year 2000 work effort at
the State level.'' \64\ The Coordination Project convenes
monthly Task Force meetings to share information on best
practices and communicate with the State's business partners.
---------------------------------------------------------------------------
\64\ Ibid. p. 28.
---------------------------------------------------------------------------
Marlin Gusman, Chief Administrative Officer for the city of
New Orleans, testified that the city's two most important
systems handle financial management and payroll. The financial
management system became Year 2000 compliant in September 1997;
the payroll system is scheduled for implementation in February
1999. Mr. Gusman was accompanied by Earl Kilbride,
Administrator of Management and Information Systems, who
testified that New Orleans has no Year 2000 contingency plans
and does not intend to make any.
Mike Walker, Director, Information Services, city of Baton
Rouge, testified that the 911 system depends on the city's
mainframe computers. ``When a 911 call comes into our center,
we get an address verification, telephone numbers which feed
into our computer-aided dispatching system that dispatches our
fire, police, and emergency medical teams.'' Baton Rouge plans
to have its mainframe computers fixed by the end of 1998, but
has yet to assess the embedded chip problem: ``we still have a
lot of question marks around, such as traffic signals, fire
truck operations, 911 operations and things of that nature.''
He also testified that Baton Rouge has made no contingency
plans for the Year 2000 problem.\65\
---------------------------------------------------------------------------
\65\ Ibid. pp. 89-90.
---------------------------------------------------------------------------
Mr. Walker also discussed testing the Year 2000 status of
equipment on their fire trucks. To their dismay, it turned out
that the water pumps, the mechanisms operating their ladders,
and a variety of other equipment on the trucks all depend on
embedded chips. The result is that Baton Rouge will need to
conduct expensive and difficult testing in order to know
whether the firetrucks will be ready for the year 2000. This is
a fine illustration of how the Y2K problem can arise where you
least expect it. Further, as Baton Rouge reported on its
findings, representatives from the city of New Orleans admitted
they had never thought to test their fire trucks. This
illustrates yet another crucial point: the value of sharing
information. It is essential at every level--Federal, State,
local, non-profit, and private-sector.
Mary Beth Tatar, First Vice President, Louisiana Parish
Government Association, testified that parishes (counties) in
Louisiana have not fully taken account of the Y2K problem.
``I'm finding that Parish Government doesn't realize that there
are three problems, they addressed only the first one, the
software problem. They're really not looking at the hardware
with embedded chips, and they're really not looking at the
connectivity as a whole.'' \66\
---------------------------------------------------------------------------
\66\ Ibid. pp. 52-53.
---------------------------------------------------------------------------
17. September 1, 1998, field hearing (Lakewood-suburb of Cleveland,
OH): ``Oversight of the Year 2000 Problem: Lessons To Be
Learned from State and Local Experiences''
This hearing took place in the Cleveland area, in the
district of subcommittee Ranking Member Dennis Kucinich. In
addition to exploring the status of State and local government
Y2K efforts, the focus was on utilities, health care, and the
financial sector. Witnesses included Mr. Donald Mason,
Commissioner, Public Utilities Commission of Ohio; Mr. Stanley
Kozlowski, Year 2000 Manager, Cuyahoga County Information
Services Center; Mr. John Gill, Senior Vice President,
FirstEnergy Corp.; Dr. C. Martin Harris, Chief Information
Officer, the Cleveland Clinic Foundation; Mr. Kevin Blakely,
Executive Vice President for Risk Management, Key Corp; Mr.
Fred Kowitz Director, Ameritech Corp.; Mr. Jeffrey Nicolet,
Year 2000 and Contingency Planning Practice Manager, Romac
International.
On the issue of data sharing, Mr. Ronald Vidmar, Deputy
Director, Computer Services Division, Ohio Department of
Administrative Services, testified that ``the web sites from
all States and from the Federal Government are one of the major
tools, in my opinion, in helping us to share in good
information from others.'' \67\
---------------------------------------------------------------------------
\67\ ``Oversight of the Year 2000 Problem: Lessons To Be Learned
From State and Local Experiences,'' Sept. 1, 1998, original transcript,
p. 19.
---------------------------------------------------------------------------
Witnesses expressed concerns about the Year 2000 readiness
of health care payment systems, which are highly dependent upon
electronic transfers between multiple parties. Witnesses at the
hearing also were concerned about the Year 2000 readiness of
medical devices health care practitioners use to gather data to
make treatment decisions.
Dr. C. Martin Harris, Chief Information Officer of the
Cleveland Clinic Foundation, noted concern about data exchanges
in the health care industry. ``[T]he billing and collection
function for services rendered in health care is one of the
most complex processes in our industry. . . . I believe there
is a very high probability of failures at this billing and
reimbursement interface.'' Further, ``fixing internal systems
is but one leg of a multi-legged stool. It is one thing to be
able to say that all our systems are millennium ready, it is a
whole other thing to be able to say that after their
conversion, they still have the ability to talk to one
another.'' \68\
---------------------------------------------------------------------------
\68\ Ibid. pp. 84, 87.
---------------------------------------------------------------------------
Dr. Harris noted that while the Cleveland Clinic is using
its best efforts to inventory and identify medical equipment
which is most critical in the patient care process, ``it is
impossible to make a final determination of compliance without
well organized and definitive information from medical
equipment manufactures.'' Dr. Harris suggested the creation of
a mandatory national reporting program with consistent
reporting standards. This system would greatly enhance the
quality of provider equipment repair programs while minimizing
risks to patients. If the Cleveland Clinic was unable to get
adequate feedback from a medical equipment manufacturer, they
would not use that piece of equipment. The hope of the
Cleveland Clinic is to know what to do with 90 percent of the
equipment and carry out an alternative program for the
remaining 10 percent.
According to Jeffrey Nicolet, ``[t]he health care industry
is a mixed bag and appears to be at great risk.'' He warned
that ``[s]ome organizations act like the proverbial deer caught
in the headlights of an oncoming truck. They do not seem to
realize that even the smallest steps in the right direction
could literally save their business. They continue to under
staff, under fund, and under prioritize the Year 2000
project.'' \69\
---------------------------------------------------------------------------
\69\ Ibid. pp. 102-103.
---------------------------------------------------------------------------
It was pointed out that the Food and Drug Administration
has established a voluntary site, however, only approximately
30 to 40 percent of the equipment is listed on the site.
According to Joel Willemssen, the General Accounting Office is
in the process of preparing a report on the Year 2000 readiness
of biomedical devices. Mr. Willemssen noted that the best
database of biomedical devices and Year 2000 compliance is
maintained by the Department of Veterans Affairs. This database
is not publicly available. The VA received a greater response
rate on the compliance of biomedical devices, than the FDA,
because the VA is a major customer of biomedical devices.
Mr. Donald Mason of the Public Utilities Commission of Ohio
discussed the importance of information sharing among
organizations--even competitors, and making sure that data
exchanges work properly. Among utilities and other essential
services, ``the driving force is not only becoming Y2K
compliant themselves, but sharing that information [because]
they have to serve their customer on January 1 and the only way
they can do that is by making sure that those people they do
business with are Y2K compliant.'' \70\
---------------------------------------------------------------------------
\70\ Ibid. p. 52.
---------------------------------------------------------------------------
18. September 2, 1998, field hearing (Indianapolis, IN): ``Oversight of
the Year 2000 Problem: Lessons To Be Learned From State and
Local Experiences''
This hearing was held in the district of Representative Dan
Burton, Chairman of the committee. Chairman Burton was
committed to bringing the subcommittee to Indiana to focus on
original ideas, industry solutions, national perspectives
brought to Indiana, and to hear from State and local
organizations. The subcommittee was joined in Indianapolis by
Representative Mark Souder, who represents the fourth district
of Indiana and is a member of the committee.
Witnesses included Steve Forbes, Chairman and Chief
Executive Officer, Forbes Magazine; Indianapolis Mayor Stephen
Goldsmith; Joel Willemssen, Director, Civil Agencies
Information Systems, Accounting and Information Management
Division, U.S. GeneralAccounting Office; Carlton Curry,
Chairman, City-County Council Y2K Subcommittee, city of Indianapolis
and Marion County; Laura Larimer, Director of Information Technology,
State of Indiana; Jerry Smith, President, Sion Group; J. Gregory
Garrison, Attorney and Host of the Greg Garrison Show, WIBC Radio.
Jerry Smith, President of Sion Group, testified on his
experience as a participant in the Year 2000 effort at Purdue
University. He reported on his success with the use of the
windowing approach to solving the Year 2000 problem.\71\ Mr.
Willemssen addressed the data exchange issue in the context of
windowing. ``[T]he partners in the exchange have to know how
they are exchanging data. They should have written agreements
on how they are exchanging data, they should test those
agreements to make sure it works like they think it is going to
work. That is a very time-consuming exercise.'' \72\
---------------------------------------------------------------------------
\71\ Windowing is a Year 2000 technique that avoids converting
technology from the two-digit year to the four-digit year. Generally,
the first two digits of a calendar year (the century) are determined by
the value of the two-digit year field. If the year is less than 50, for
example, the century is assumed to be 20; if it is 50 or higher, it is
assumed to be 19.
\72\ ``Oversight of the Year 2000 Problem: Lessons to be Learned
from State and Local Experiences,'' Sept. 2, 1998, original transcript,
p. 88.
---------------------------------------------------------------------------
Steve Forbes approached the Year 2000 problem from a
national perspective. He suggested the United States can be a
leader on this issue by encouraging open debate and discussions
about problems and solutions. Other nations will look to
America to help solve their problems. But there has been a
management and leadership problem on the part of the
administration, said Mr. Forbes.
He focused his testimony on the Year 2000 liability issue,
asserting that lawyers are preparing massive lawsuits as Y2K
problems arise. They are behaving like ``trial lawyer sharks
smelling blood in the water.'' It is essential that remedial
legislation be passed to provide safe harbors for businesses to
address the problem in advance. Proposed legislation would
allow companies and individuals acting in good faith not to be
subject to frivolous lawsuits.
Internally such proposals would allow a free exchange of
information. Externally information could be exchanged between
suppliers and customers. Antitrust laws should not prevent
companies from working together to exchange information to get
industry-wide solutions. Mr. Forbes argued those companies,
small and large, that are trying in good faith to solve this
problem should have protection from liability. Information must
be shared with the private sector--especially small
businesses--about experiences and what they have been able to
do in terms of trial runs and working with each other.
Indianapolis Mayor Steve Goldsmith was concerned with the
Y2K problems that can affect Indianapolis, including the prison
system and the traffic lights. Indianapolis will spend $15 to
$20 million to ensure that basic services are working.
Indianapolis could raise the awareness of smaller cities and
counties during statewide meetings by addressing the scope of
the level of activity in Indianapolis.\73\
---------------------------------------------------------------------------
\73\ Ibid. p. 37.
---------------------------------------------------------------------------
No matter how well a given organization fixes its own
system, if it has not dealt with data exchange all best efforts
may be for naught. There are hundreds of thousands of data
exchanges in Federal, State and local governments and with the
private sector. Each of these exchanges need to be inventoried
and assessed. Agreements need to be reached with partners and
those agreements tested. Agreements with partners on data
exchange and the testing of those exchanges is the more
difficult issue.\74\
---------------------------------------------------------------------------
\74\ Ibid. testimony of Joel Willemssen, Director, Information
Resources Management, Accounting and Information Management Division,
U.S. General Accounting Office, pp. 43-44.
---------------------------------------------------------------------------
19. September 3, 1998, field hearing (Palatine-suburb of Chicago, IL):
``Oversight of the Year 2000 Problem: Lessons To Be Learned
From State and Local Experiences''
This hearing was held near Chicago in the district of
Representative Phil Crane. Mr. Crane joined the panel for the
hearing.
Although there was a wide range of witnesses, there was a
particular focus on the embedded chip issue. Witnesses included
Joel Willemssen, Director, Civil Agencies Information Systems,
Accounting and Information Management Division, U.S. General
Accounting Office; Mr. William Vetter, Manager, Bureau of
Communication and Computer Services, State of Illinois,
accompanied by Randy von Liski, Manager, Information Management
Services; Ms. Beth Boatman, Chief Information Officer, city of
Chicago; Mr. Michael Cassady, Acting Village Manager, Village
of Palatine; Mr. Dave Hall, Embedded Systems Expert, Cara
Corp.; Mr. Craig Lang, Senior Vice President, Technology
Development, Chicago Transit Authority; Mr. Alan Ho, Y2K
Manager, Information Services, Commonwealth Edison Utility Co.;
Dr. Galen Crow, Director, Information Systems Technology,
Illinois State University; Dr. Wendy Wintersteen, Director,
Agriculture and Natural Resources Extension, Iowa State
University.
Randy von Liski, Manager of Information Management Services
for the State of Illinois, noted one of the difficulties in
assessing and repairing embedded chips: ``[Y]ou could have two
devices that are side-by-side, same manufacturer, same model,
that would potentially have different chips and could in fact
have different results.'' \75\
---------------------------------------------------------------------------
\75\ ``Oversight of the Year 2000 Problem: Lessons to be Learned
from State and Local Experiences,'' Sept. 3, 1998, written testimony of
Randy von Liski.
---------------------------------------------------------------------------
Another witness, David Hall, was an expert in embedded
systems from the Cara Corporation. He reported that ``fewer
than ten percent of the enterprises in the world have begun
serious embedded systems testing. . . . [E]very microprocessor-
based embedded system and equipment item must be individually
tested to be sure of its Year 2000 status. There is
insufficient time and trained resources to assess every
microprocessor-based embedded system and equipment item in the
United States, much less the world.'' He also raised concerns
about the embedded chips in the health care industry. ``T]he
health care industry has been very late in getting started . .
. there are some systems that are life-sustaining that have run
into problems.'' \76\
---------------------------------------------------------------------------
\76\ Ibid. pp. 68-69, 94.
---------------------------------------------------------------------------
Beth Boatman, Chief Information Officer for city of
Chicago, stated that embedded chips are a top priority for
their Y2K project: ``What we have decided is that we need to go
out and touch every [embedded chip] and what we are right now
doing is marshaling the manpower to go out and do that.''
Dr. Wendy Wintersteen, Director, Agriculture and Natural
Resources Extension, Iowa State University, testified in
dramatic terms about vulnerability in the agricultural sector.
``In Iowa, we have 14 million hogs in confined environmentally
maintained houses. In Minnesota, they have 44 million turkeys
in the same types of situations. . . . The important fact to
understand here is that when we lose ventilation systems in
these houses, we can have animals die in six hours.'' Further:
``Power interruptions on a cold winter's day could lead to
severe problems and animal loss, particularly for poultry and
livestock producers.'' \77\
---------------------------------------------------------------------------
\77\ Ibid. p. 90.
---------------------------------------------------------------------------
Dr. Wintersteen informed the subcommittee that computers
and other electronic control systems are used for feed
preparation of livestock, maintaining records about fertilizer,
seed and chemicals and other inputs related to agriculture.
Grain stored in the United States is also controlled by systems
that could have Y2K problems. In addition to these
vulnerabilities, technology failure could affect the marketing
of commodities and the records of these transactions. She
concluded that the ``possibility exists of significant
disruptions in the marketing channel and related business
transactions and day-to-day recordkeeping.'' \78\
---------------------------------------------------------------------------
\78\ Ibid. p. 91.
---------------------------------------------------------------------------
20. September 9, 1998, news conference on Year 2000 report card
In releasing a new set of grades based on the August 15,
1998 quarterly reports from Federal departments and agencies,
subcommittee Chairman Horn made the following statement:
We are here to offer a new assessment of Federal efforts to
combat the Year 2000 technology problem. The grades released
today take into account the latest data from the Executive
departments and the major independent agencies. These data
report on the quarter ending August 15, 1998.
Overall, the Executive branch of the Federal Government has
earned a ``D.'' This is an improvement from the ``F'' earned on
the June report card. We should be cautious, however, about
using the word ``improvement'' in the context of a ``D'' grade.
As a former professor, I have seen students flunk out of
college by earning too many ``Ds.'' This is not a grade you
take home to your parents; and it is definitely not a grade to
take back to the voters and taxpayers.
Underlying this ``D'' is deep concern that the Federal
Government will be unable to fix a substantial number of
systems before January 1, 2000. Based on current projections,
more than one-third of the Government's mission critical
systems will not be ready on time. Also, many agencies are
planning to replace rather than repair some of their non-
compliant computer systems. This is a high-risk strategy. When
was the last time you heard of the Government putting a new
computer system in place on schedule? This time, the Executive
branch faces a deadline that cannot be extended. There is no
room for the usual slippage. There is no margin for error.
The cost of the Federal Y2K effort continues to rise. The
24 departments and agencies listed on this report card each
submitted a cost estimate, and the total of those estimates is
now $6.3 billion. I note that this is almost $1 billion more
than the estimate released by the Office of Management and
Budget last week. And both staff at OMB and the subcommittee
did read the same documents. OMB claims that the total cost to
the Government will be $5.4 billion. But the General Accounting
Office has carefully calculated the total of all specific
agency estimates to be $6.3 billion. OMB has yet to offer a
satisfactory explanation for the $1 billion discrepancy.
Several specific agency grades are especially discouraging.
The Department of Justice and the Department of Education have
each gone from a ``D'' in June to an ``F'' now. The Department
of Defense earned a ``D'' and simply is not on track to
complete Y2K compliance efforts before January 1, 2000. We are
encouraged, however, by the strong leadership demonstrated
recently by Defense Secretary Cohen and Deputy Secretary Hamre.
They are making Y2K a top priority, and the importance of this
kind of leadership cannot be overstated.
The Department of Transportation merited a ``D.'' The
Federal Aviation Administration (FAA) is part of this grade. I
noted three months ago that the Nation's air traffic could face
serious disruptions for an extended period after December 31,
1999 unless there are dramatic improvements in FAA's Y2K
effort. I have great faith in FAA Administrator Jane Garvey,
but faith is not enough when it comes to grading progress on
the Year 2000 problem. Unfortunately, this is just as true
today. The Department of Health and Human Services earned an
``F'' for the second quarter in a row, as did the Department of
Energy.
It is important to look beyond Federal agencies and their
internal computer systems. State and local governments as well
as private and large non-profit organizations must also be
prepared for the date change on January 1, 2000. The
Subcommittee on Government Management, Information, and
Technology has just completed a series of six field hearings
around the country on the Year 2000 problem. After hearings in
New York, Dallas, New Orleans, Cleveland, Indianapolis, and
Chicago, it is clear that the news in our towns, cities, and
States is not much better than it is here in Washington.
We found in our field hearings that while some
organizations are on the right track, many have concerns about
identifying and repairing embedded systems located in such
critical equipment as nuclear plants, water and sewer
processing systems, and even traffic signals. There are
approximately 25 billion embedded chips in use throughout the
world and as many as 50 million of them depend on date
calculations.
The delivery of basic services--from utilities to public
safety--is a major issue, and this raises an obvious question:
What is the Executive branch doing to facilitate repairs in
this area? Where do we stand? The Federal Government must reach
out to the State, local, and private entities that have
responsibility for the delivery of basic services.
Many people in the Federal Government are working hard on
the Year 2000 problem. Progress is being made-but it is not
being made fast enough. We need to redouble our efforts and we
need to make more progress faster if the Executive branch and
the Nation are going to be ready for a smooth transition into
the new millennium.
21. September 24, 1998, Oversight hearing: ``Year 2000: Issues Facing
the Consumer'' (held jointly with the House Science
Subcommittee on Technology)
This hearing was convened to consider the Year 2000 status
of consumer products and services. The subcommittees hoped that
information uncovered at this hearing would help consumers make
informed decisions as January 1, 2000 approached.
Witnesses included: Robert Holleyman, Chief Executive
Officer, Business Software Alliance; Gary J. Beach, Publisher,
CIO Magazine; Paloma O'Riley, Executive Director, the Cassandra
Project; Dr. Michael S. Hyatt, Author, ``The Millennium Bug:
How to Survive the Coming Chaos'' and Gary Shapiro, President,
Consumer Electronics Manufacturing Association.
At the hearing, subcommittee Chairman Horn stated: ``while
great strides have been made in raising awareness and inspiring
action, still more has to be done by the Executive branch.''
The President needs to work the Year 2000 problem into other
speeches he makes around the country, said Mr. Horn. The Year
2000 problem ``is a global Management problem that will only be
successfully resolved by effective management and the active
involvement of citizens in nearly every country.'' \79\
---------------------------------------------------------------------------
\79\ ``Year 2000: Issues Facing the Consumer,'' Sept. 24, 1998,
original transcript, pp. 8-9.
---------------------------------------------------------------------------
The importance of Executive leadership was emphasized by
several of the panelists as well. It was cited as a crucial
element in preparing consumers for the possible ramifications
of the century date change. Paloma O'Riley argued that `` . . .
by being silent or equivocal, the administration is hampering
essential grassroots efforts . . . [I]nformation given to the
public will not cause a panic, but the continued lack of solid
factual information of rumors and misstatements and a clear
lack of leadership will.'' \80\ Mr. Hyatt quoted a verse in the
Bible to make the same point: ``if a trumpet sounds an
uncertain sound, then how shall the people prepare themselves
for battle?'' \81\
---------------------------------------------------------------------------
\80\ Ibid. pp. 40-41.
\81\ Ibid. p. 78.
---------------------------------------------------------------------------
There are a variety of consumer products that need to be
checked for Year 2000 compliance, including software
applications on personal computers. Problems with personal
computers are more likely to cause inconvenience than
significant harm.\82\ A more significant concern lies in
embedded chips.
---------------------------------------------------------------------------
\82\ Ibid. p. 19.
---------------------------------------------------------------------------
Gary Shapiro discussed traditional consumer electronic
products. Most products do not suffer Year 2000 vulnerability
and in fact do not even have a date function. A small
percentage of these products-mainly those over 10 years old-may
be affected. The problems normally are easily fixed simply by
resetting the product, such as TV sets, VCR's, camcorders.
``[I]f you take the over 1 billion products that are in
American homes, we estimate that there may be some impact for
some very old products. But based on the information from our
members, it will be a relatively small impact.'' \83\
---------------------------------------------------------------------------
\83\ Ibid. p. 28.
---------------------------------------------------------------------------
Witnesses also discussed actions consumers can take to
prepare themselves for the century date change. Robert
Holleyman suggested that consumers ask questions. Owners of
personal computers, for example, need to determine how old the
computer is, what is the likelihood of a problem with the
software or hardware, and then find solutions available through
businesses. Gary Shapiro suggested that the best way for
consumers to find out if their products have a Year 2000 issue
is to contact the manufacturer to try to get the information.
Paloma O'Riley and Michael Hyatt discussed potential
preparations consumers can take to prepare for disruption of
services in January 2000. Paloma O'Riley noted that ``people
across the U.S. and Canada are now taking steps to prepare for
potential worse case Y2K scenarios. They are making reasoned
and appropriate decisions as how they may best take
precautions.'' \84\ She recommended that citizens should be
developing contingency plans of their own by talking to their
neighbors, learning among them who may be vulnerable, and
together attempting to create a safety net for those who may
need it.
---------------------------------------------------------------------------
\84\ Ibid. p. 40.
---------------------------------------------------------------------------
Michael Hyatt expressed that consumers ultimately have very
little influence over whether the organizations they depend
upon get their systems repaired in time, but that, `` . . .
this does not mean that they have to become victims, but it
does mean that we must become proactive, take the initiative to
make contingency plans, and engage in a little old fashion
emergency preparedness.'' \85\ He describes this as life
continuity plans. He states, ``they must determine how they
continue to meet their own needs and those of their loved ones
in the face of possible disruption of basic services . . .
especially as it relates to food, water, shelter, and
especially heat.'' \86\
---------------------------------------------------------------------------
\85\ Ibid. p. 47.
\86\ Ibid. p. 48.
---------------------------------------------------------------------------
Each of these panelists also conveyed that information is
essential to solving the Year 2000 problem and recommended to
the committee that legislation is needed to facilitate
information disclosure. Mr. Holleyman stated that the Year 2000
liability issue is a problem, `` . . . but it is a problem for
which there are solutions. And the solution is information.''
\87\
---------------------------------------------------------------------------
\87\ Ibid. pp. 21-22.
---------------------------------------------------------------------------
Gary Shapiro believed that if Congress moved quickly to
provide limited liability protection legislation, then it would
encourage manufacturers to share all information and thus it
would be quite helpful to the industry as well as to the
consumer. He added that ``. . . we think everyone would be a
little more comfortable if there weren't all these lawyers
hovering around,ready to file lawsuits.'' \88\ Mr. Beach
concurred: ``I believe the bills are a step in the right direction, but
I would encourage more action.'' \89\
---------------------------------------------------------------------------
\88\ Ibid. p. 29.
\89\ Ibid. p. 60.
---------------------------------------------------------------------------
22. September 29, 1998, Oversight hearing: ``Aviation Year 2000: Will
We Get There In Time?'' (held jointly with the Committee on
Transportation and Infrastructure and the House Science
Subcommittee on Technology)
This hearing focused on the Year 2000 preparations of the
aviation industry. Experts with experience across the
government and private industry addressed what specific actions
industry officials have implemented to ensure compliance by the
year 2000.
Witnesses included Jane F. Garvey, Administrator, Federal
Aviation Administration; Jack Kelly, Administrator, National
Weather Service, Department of Commerce; Carol Hallett, Chief
Executive Officer, Air Transit Association; Bruce Webster, Co-
Chair, Washington, DC Y2K Group; David Sullivan, Zonar Corp.;
Richard C. Cullerton, Metropolitan Washington Airports
Authority [MWAA]; Walt Coleman, President, Regional Airline
Association; and Dwight Greenley, Wichita Airport.
One of the most frequently asked questions on the Year 2000
problem is whether it will be safe to fly on January 1, 2000.
The aviation industry faces numerous issues related to the
readiness of navigational systems, airline maintenance,
reservation systems, and airport security, among others.
Airlines depend heavily on computer systems for almost all
aspects of their operations including flight planning and
routing, crew scheduling, capacity planning, pricing,
ticketing, and billing. The day to day operations of a major
air carrier require hundreds of individual systems to work in
concert so that the airlines and airports can deliver quality
service to their customers. The systems vary from large
mainframes handling millions of transactions involving flight
operations and reservations, to simple personal computers
handling staff planning for small airports with just a few
gates.
The joint committees heard first from former Congressman
William F. Clinger, Jr., who served as chairman of the
Government Reform and Oversight Committee in the 104th
Congress. Mr. Clinger testified as a private citizen but also
as a board member of the Aviation Safety Alliance, a non-profit
group of aviation professionals. Mr. Clinger set the tone for
the hearing by observing: ``Of the many critical issues before
the aviation industry, and therefore the traveling public, none
has more far-reaching implications than those associated with
the Year 2000 problem.'' \90\
---------------------------------------------------------------------------
\90\ ``Year 2000: Will We Get There on Time?'' Sept. 29, 1998,
written statement of former Congressman William F. Clinger, Jr., p. 1.
---------------------------------------------------------------------------
Administrator Jane Garvey assured the joint committees that
the FAA had made considerable progress on Year 2000 repairs
since the February 4, 1998 hearing. ``I have given my
commitment to the American public, and now commit to you, their
representatives, that aviation safety will not be compromised
on January 1, 2000.'' \91\ She noted that by September 30, 1998
(the OMB deadline for renovations), the agency would complete
renovation of 99 percent of its mission critical systems.
Administrator Garvey emphasized that the FAA was ``on schedule
to have the majority of [its] systems compliant [by] March 31,
1999 [and full compliance] by the end of June 1999.'' \92\
---------------------------------------------------------------------------
\91\ ``Year 2000: Will We Get There on Time?'' Sept. 29, 1998,
written statement of Jane F. Garvey, Federal Aviation Administrator, p.
1.
\92\ Ibid. pp. 2-3.
---------------------------------------------------------------------------
Administrator Garvey also addressed the issues of regional
and international air travel. She was concerned that many
smaller airports lack the resources to conduct the necessary
Year 2000 work. She believed that the FAA was working hard to
raise international awareness of the Year 2000 problem,
particularly through the International Civil Aviation
Organization [ICAO]. The FAA cosponsored a resolution that
would require ICAO to develop and publish international Year
2000 assessment criteria as well as status information. In
response to a question from Representative Constance Morella,
Chair of the Science Subcommittee on Technology, Ms. Garvey
stated that the FAA has the authority, if necessary, to suspend
flights to international destinations if those destinations are
not fully Year 2000 compliant. The FAA is closely monitoring
the compliance of foreign airports and will make safety
judgments as the year 2000 approaches.
John Kelly testified on the Year 2000 efforts of the
National Weather Service [NWS]. He observed that the Weather
Service has more than 170 data exchanges with other Federal
agencies, private meteorological firms, research institutions,
and other nations. Many of these data exchanges involve
thousands of hourly weather observations that are put into
complex mathematical weather models. The data in these models
is not, itself, Year 2000 sensitive, but the data exchanges
could be. ``Aviation operations at all U.S. airports are
heavily dependent on these hourly and special surface weather
observations, as well as airport terminal forecasts produced by
NWS.'' \93\
---------------------------------------------------------------------------
\93\ ``Year 2000: Will We Get There on Time?'' Sept. 29, 1998,
written statement of John J. Kelly, Jr., Assistant Administrator for
Weather Services, National Oceanic and Atmospheric Administration, U.S.
Department of Commerce, p. 2.
---------------------------------------------------------------------------
Speaking on behalf of the Washington, DC Y2K Group, Bruce
Webster pleaded that the Clinton administration must make the
Year 2000 problem the No. 1 priority for the next 16 months,
even ahead of Social Security and education reform. Mr. Webster
raised concern over polls that suggest two-thirds of Americans
know little about the Year 2000 problem. He also asserted that
``there has been a profound lack of leadership from the
Administration'' on the Year 2000 problem.
Mr. Sullivan informed the joint committees of a specific
technological approach to preparing computers for the year
2000. This approach involves in effect postponing the Year 2000
problem by changing the value for the two digit years that
exist now, rather than going through the effort of changing
those two-digit years to four-digit years. Mr. Sullivan argued
that this approach is in fact much safer than the conversion to
the four-digit year because such a massive conversion will
inevitably involve numerous unintended mistakes. ``The current
plan requires changing hundreds of billions of lines of old,
reliable program code into new, improved, untested code. Based
on computer industry statistics, hundreds of millions of errors
will be made in this process, and a large percentage of these
errors will not be repaired before these new programs must be
put in service to handle Y2K.'' \94\
---------------------------------------------------------------------------
\94\ ``Year 2000: Will We Get There on Time?'' Sept. 29, 1998,
written statement of David E. Sullivan, President, Zonar Corp., p. 2.
---------------------------------------------------------------------------
Richard C. Cullerton of the Metropolitan Washington
Airports Authority described contingency capabilities at the
Ronald Reagan Washington National Airport and Dulles
International Airport. In terms of temporary power generation,
Washington National is more advanced than Dulles and could
operate indefinitely at 80 percent of normal electrical usage
indefinitely. Dulles could only generate enough power to
operate at ``a very diminished level of services.'' Mr.
Cullerton pointed out, however, that functions such as airfield
lighting are deemed ``critical load'' and would continue even
in the event of a power outage.
23. October 2, 1998, Oversight hearing: ``The Status of the District of
Columbia's Year 2000 Compliance Effort'' (held jointly with the
Subcommittee on the District of Columbia and the House Science
Subcommittee on Technology)
The subcommittee held a joint hearing on the preparations
for the year 2000 in the District of Columbia. Witnesses
included Jack Brock, Director, Accounting and Information
Management Issues, General Accounting Office; Constance B.
Newman, Vice-Chairman, DC Financial Responsibility and
Management Assistance Authority; Camille Barnett, Chief
Management Officer, District of Columbia; and Suzanne Peck,
Chief Technology Officer, District of Columbia.
c. the federal level
1. The Federal Year 2000 problem
The Federal Government is confronting the Year 2000 problem
on two levels. The first is the Federal effort to prepare its
own technology for January 1, 2000. The second is the Federal
effort to play a leadership role in the United States and
throughout the world. The subcommittee has conducted extensive
oversight of Federal efforts in each of these areas. This
section of the report will address first the various aspects of
Federal Year 2000 repairs, and second the Federal leadership
role.
a. Mission critical systems
The subcommittee first raised concerns about the Federal
Government's computer systems in the spring of 1996. Although a
few agencies, most notably the Social SecurityAdministration,
were aware of the problem and already at work on it, most were
oblivious to the Year 2000 problem. The Year 2000 problem has been
closely associated with the kind of large, customized, mainframe
computer systems used in Federal agencies such as the Internal Revenue
Service, the Social Security Administration, and the Federal Aviation
Administration. Similar systems are in use in institutions throughout
the country.
Appearing before the House Appropriations Subcommittee on
Treasury, Postal Service and General Government on March 11,
1997, the Director of the Office of Management and Budget
responded to subcommittee concerns by committing to furnish
Congress with a quarterly report on Federal progress toward
correcting the Year 2000 computer problem.\95\ As the year 2000
approached, subcommittee Chairman Horn called on the Executive
branch to switch to monthly or even weekly reporting. Beginning
in the summer of 1998, the Office of Management and Budget
finally required monthly reports from lagging agencies.
---------------------------------------------------------------------------
\95\ The first quarterly report was transmitted to Congress on June
23, 1997. It was based on data provided to OMB by all major departments
and agencies on May 15, 1997.
---------------------------------------------------------------------------
Since September of 1997, the subcommittee has issued four
report cards on the basis of the quarterly reports. Although
these reports cards have increasingly taken into account
factors such as contingency planning, data exchanges, and
embedded systems, the primary issue reported on and the primary
basis for the grades has been the status of repairs of mission
critical computer systems.
There are approximately 7,300 mission critical systems in
the executive branch of the Federal Government. As of August
15, 1998, 50 percent of these systems were Year 2000 compliant.
At the current rate of progress, the percentage compliant would
climb only to 66 percent by March 31, 1999. This date is the
President's deadline for fixing noncompliant systems.
It is of deep concern that about one-third of all Federal
mission critical systems will not be compliant by March 1999,
only 9 months before January 1, 2000, and only 6 months from
the beginning of the Federal Government's new fiscal year on
October 1, 1999. This is troubling in part because even once
these systems are ``compliant,'' they need to be independently
verified, implemented (returned to operation), and then put
through a rigorous end-to-end testing process involving all
related systems. Testing and verification can take at least 9
months, and often requires even more time than that.
A further concern is that virtually all data on Federal
Year 2000 status are self-reported. Questions have been raised
about the reliability of these data. On June 5, 1998, the
Defense Department's Inspector General published a highly
critical audit of Defense's Year 2000 remediation. The purpose
of the audit was to ``determine whether the year 2000
certification process is adequate to ensure that mission
critical technology systems will continue to operate properly
after the year 2000'' and to evaluate ``the year 2000
certification process'' through a random sample of systems
already certified as compliant by the individual managers in
charge.\96\
---------------------------------------------------------------------------
\96\ Department of Defense, Office of the Inspector General, Audit
Report 98-147, p. i.
---------------------------------------------------------------------------
The audit uncovered two separate but related problems in
DoD implementation of the Management Plan. First, many systems
were certified as compliant when in fact no adequate
justification for such assertions existed. The Inspector
General estimated that only 109 of the 430 systems reported as
compliant by November 1997 were in fact adequately validated
according to the five-phase process.
These inconsistencies were in turn traceable to a second
problem: the vagueness and ambiguity of definitions and
procedures outlined by the first version of the ``DoD Year 2000
Management Plan.'' Much was left to the individual discretion
of officials on the spot. Also, the ``oversight requirements or
processes'' for the Assistant Secretary of Defense for Command,
Control, Communications, and Intelligence were not clearly
defined. This unfortunately has led to many dubious reports of
positive progress to the OMB and Congress in the past, although
the specificity and rigor of reporting requirements and the
visibility of the Secretary of Defense in the whole process
have been improving.
This ambiguity extends even to the central concepts and
terms utilized in the Year 2000 remediation community,
including statements given to Department of Defense project
managers by the relevant private vendors. For instance, it has
been hard in practice to determine precisely what is meant by
the terms ``certification'' and ``compliance.'' As General
Accounting Office representative Alan Rhodes recently argued:
``What I would say is that the data that are out there are
suspect. The numbers that are presented are not uniform. [The
General Accounting Office is] having trouble finding clear
definitions. . . . You say tomato, I say tomato. There's a
great deal of people who say four things you can hear from a
vendor. One you probably will never hear, and that is certified
Y2K compliant. . . . Second point would be just Y2K compliant.
That's going to come to you from the General Counsel. And it
will be a large document, and I promise you won't understand it
when you're done. Third thing's Y2K ready. I have no idea what
that means. The fourth one is, we don't foresee a problem; and
if you have one, call us.'' \97\
---------------------------------------------------------------------------
\97\ Comments at a roundtable on the Year 2000 problem sponsored by
the Center for Strategic and International Studies, June 2, 1998,
transcript, pp. 9-10.
---------------------------------------------------------------------------
In addition, there has been much uncertainty about the
criteria for naming a system ``mission critical.'' \98\ As the
Year 2000 program has proceeded, many mission critical systems
have disappeared from the central database not because of
successful completion of the five managerial phases and final
certification, but because they were re-identified as ``non-
critical'' to Defense's ``core capabilities.'' Thus, an
agency's ``progress'' may be predicated on a reshuffling of
cards rather than timely completion of Year 2000 technical
objectives.
---------------------------------------------------------------------------
\98\ Department of Defense, Office of the Inspector General, Audit
Report 98-147, pp. 11-12.
---------------------------------------------------------------------------
b. Testing
Testing is a major aspect of the Year 2000 problem.
According to many experts, testing is also the hardest, most
expensive, and most time-consuming aspect of fixing the
problem.\99\ The concern is that many Federal agencies will not
have sufficient time to thoroughly test their systems. Evidence
so far suggests that this is a major problem. The General
Accounting Office described the state of Federal testing as
``one of the more alarming problems we have come across.''
\100\
---------------------------------------------------------------------------
\99\ One witness before the subcommittee articulated the importance
of testing this way: ``[S]ince there is currently no requirement for an
objective measurement of date testing or reporting, the answer to the
question about where we stand on remediation today is that nobody
knows. This is quite unacceptable and, I might add, very, very
dangerous.'' He went on to say that testing is ``between 50 and 70
percent of the total conversion effort.'' Tom McCabe, Sr., chairman,
McCabe & Associates, testifying at ``Year 2000: Biggest Problems and
Proposed Solutions,'' June 22, 1998, original transcript pp. 46, 48.
\100\ ``Year 2000: Biggest Problems and Proposed Solutions,'' June
22, 1998, original transcript p. 19 (testimony of Joel Willemssen).
---------------------------------------------------------------------------
Agencies need a significant amount of time for essential
end-to-end testing of multiple systems that have individually
been deemed Year 2000 compliant. Such end-to-end testing seeks
to ensure that systems collectively supporting a core business
function operate as intended. Without such testing, systems
individually deemed as compliant may not work as expected when
linked together with other systems in an operational
environment. These systems include not only those owned and
managed by the organization, but also any external systems with
which they interface.
For example, the Federal Aviation Administration's Enhanced
Traffic Management System monitors flight plans nationwide,
controlling high-traffic situations and alerting airlines and
airports to bring in more staff during times of extra traffic.
Since it must exchange data with airlines' flight planning
systems in order to accomplish this, end-to-end testing is
essential, and would include systems for all entities involved,
as well as their supporting telecommunications.
It is particularly important that the testing process
involve verification by an outside source, called Independent
Validation and Verification. The General Accounting Office has
voiced the concern that most of the data available on the Year
2000 status of Federal agencies is self reported. It is crucial
that these data are subjected to independent review. GAO points
to two known instances of inaccurate reporting. The Inspector
General at the Department of Defense found that the Department
had no adequate basis for reporting about 320 Year 2000
compliant mission critical systems in November 1997. And in May
1998, the Department of Agriculture reported as Year 2000
compliant 15 replacement systems that were still in the
planning stages.\101\
---------------------------------------------------------------------------
\101\ Ibid.
---------------------------------------------------------------------------
c. Embedded chips
Only a small percentage of embedded chips keep track of the
year (many operate on a 24-hour clock or on a 7 day week,
ignoring longer measures of time), and many of those that do
are Year 2000 compliant. Nevertheless, there are billions of
embedded chips in operation throughout the world and in the
Federal Government and they all need to be tested for Year 2000
compliance. It is extremely difficult to identify and to locate
all of the embedded chips in any given system or piece of
equipment. Even once located, it is difficult to test the chips
for compliance.
The problem is exacerbated by the fact that identical
pieces of equipment--two fax machines made by the same
manufacturer, for example--will often use different embedded
chips. This is because manufacturers frequently switch chip
suppliers based on the best available price. Sometimes
suppliers will use chips that keep track of the date even
though the piece of equipment does not need that particular
function. This means that organizations cannot eliminate
potential Year 2000 failures simply by asking whether a
particular system or piece of equipment relies on a date
function. The chip may fail even if its date function is unused
in a particular piece of equipment.
The Department of Defense is especially susceptible to the
embedded chip problem. The Office of Management and Budget
conceded the seriousness of the embedded chip problem when
Deputy Director for Management Edward DeSeve observed that
``this is the great unknown about the Year 2000 problem. . . .
At this point, it appears that any large piece of machinery
could have an embedded chip problem.'' \102\ Defense has
focused on fixing ``Commercial-Off-the-Shelf'' embedded chips.
Since creating chips from scratch is prohibitively expensive,
many Defense weapons and systems have traditionally relied on
these cheap and readily available mass-produced chips. Some
generic chips are suspected of having time functions that might
effect operations even though the system does not utilize date
fields in everyday operations. Thus, the absence of direct date
functions in a communications network or weapons system is not
necessarily an accurate indicator of future success in
weathering the change to year 2000.
---------------------------------------------------------------------------
\102\ Ibid. p. 10. Edward DeSeve is Deputy Director for Management
at the Office of Management and Budget.
---------------------------------------------------------------------------
Deputy Secretary of Defense John Hamre graphically defined
the risks while briefing Senate Armed Services Committee on
June 4, 1998. In his remarks, Secretary Hamre stated: ``The
failure of an embedded microchip in a discrete, localized
computer or machine, such as a wristwatch or the air-
conditioning system in a building, can be merely inconvenient.
However, failure of a microchip in a critical, large, or
dangerous piece of machinery--loss of air pressure in an F-15
or a submerged submarine--can be devastating and even life-
threatening.''
The Chief Information Officers Council has created
interagency working groups in areas such as biomedical devices
and laboratory equipment, commercial products, and
telecommunications. Each interagency working group, chaired by
a key program agency, is tasked with raising awareness across
government and working with manufacturers to assure that
products are fixed. Each group is contacting vendors on behalf
of the entire Federal Government, performing tests to verify
the compliance of products, and sharing information through
electronic databases.\103\
---------------------------------------------------------------------------
\103\ See the list of these and other web sites in Additional Views
of Hon. Stephen Horn.
---------------------------------------------------------------------------
d. Data exchanges
As computers play an ever-increasing role in our society,
exchanging data electronically has become a common method of
transferring information among Federal, State, and local
governments, as well as nongovernmental organizations
throughout society. The Social Security Administration
exchanges data files with the States to determine the
eligibility of disabled persons for disability benefits. The
National Highway Traffic Safety Administration provides States
with information needed for driver registrations. As computer
systems are converted to process Year 2000 dates, the
associated data exchanges must also be made Year 2000
compliant. If the data exchanges are not Year 2000 compliant,
data will not be exchanged or invalid data could cause the
receiving computer systems to malfunction or to produce
inaccurate computations.
Federal agencies have more than 10,000 data exchanges with
each other, foreign governments, State and local governments,
and private entities.\104\ The subcommittee was informed by the
Office of Management and Budget that the executive branch is
working closely with the National Association of State
Information Resource Executives as well as the National
Governors' Association. OMB has directed Federal agencies to
report on their inventory of data exchanges, State by State,
and to ensure that they are all Year 2000 compliant by March
1999.\105\
---------------------------------------------------------------------------
\104\ Testimony of Edward DeSeve, Deputy Director for Management,
Office of Management and Budget, at subcommittee hearing ``Year 2000:
Biggest Problems and Proposed Solutions,'' June 22, 1998, original
transcript p. 9.
\105\ Ibid. pp. 9-10.
---------------------------------------------------------------------------
For example, agencies that administer key Federal benefits
payment programs, such as the Department of Veterans Affairs,
exchange data with the Department of the Treasury which, in
turn, interfaces with various financial institutions to ensure
that benefits checks are issued. In addition, Department of
Defense systems interface with thousands of systems belonging
to foreign military sales customers, private contractors, other
Federal agencies, and international organizations such as the
North Atlantic Treaty Organization.
e. Cost
The cost of the Federal Y2K effort continues to rise. The
24 departments and agencies listed on this report card each
submitted a cost estimate, and the total of those estimates is
now $6.3 billion. This is almost $1 billion more than the $5.4
billion estimate released by the Office of Management and
Budget.
The subcommittee and committee strongly believe that
Federal agencies are responsible for conducting Y2K efforts
without delay. In terms of funding, that means primarily
reprogramming the resources necessary to fund all Y2K projects.
If reprogramming is insufficient, the committee expects Federal
agencies, through the Office of Management and Budget, to
request all necessary additional funding through the
appropriations process. The committee considers the Year 2000
problem a top priority. The Speaker of the House of
Representatives has repeatedly stressed to executive branch
officials that they have full congressional support for
reprogramming, additional appropriations, or whatever else they
need to get the job done.
On July 10, 1997, subcommittee Chairman Horn had the
following exchange with Sally Katzen, then Administrator,
Office of Information and Regulatory Affairs, OMB: ``I gather .
. . you feel you have sufficient authority from the Congress in
order to deal with the use of resources at the right place at
the right time. And if you don't, you're going to ask us for
it?'' Ms. Katzen replied, ``Absolutely.'' \106\
---------------------------------------------------------------------------
\106\ July 10, 1997, p. 41.
---------------------------------------------------------------------------
f. Personnel
The subcommittee heard testimony that raised serious
concerns about the ability of the Federal Government to retain
and to afford the technological talent necessary to carry out
Year 2000 repairs. ``I believe that we are going to see an
exodus of Government programming talent into the private
sector,'' predicted one witness.\107\ He went on to say, ``I
don't believe that I can overstate the challenge that the
Federal Government will face over the next two years to
actually find and maintain the staff it needs to fix its
problem.'' \108\
---------------------------------------------------------------------------
\107\ Testimony of Dr. Michael Harden, president, Century
Technology Services, joint hearing on the Oversight of the Government's
Year 2000 Efforts, Mar. 18, 1998, original transcript p. 46.
\108\ Ibid. pp. 47-48.
---------------------------------------------------------------------------
OMB Deputy Director for Management Edward DeSeve testified
that the Department of Defense has created a number of
department-wide Y2K teams that move from one problem to the
next, regardless of organizational boundaries. Further, these
teams will be made available to domestic agencies if DOD
eventually has surplus technical capacity.\109\ Similarly, FAA
Administrator Jane Garvey noted that her agency would make
available five or six technical experts to help small airports
with limited resources to prepare for the Year 2000
problem.\110\ John Callahan, Assistant Secretary, Management
and Budget, Department of Health and Human Services, urged: ``I
think governmentwide, as . . . each day passes, it certainly
would make good common sense inside the government for there to
be some sharing of critical computer personnel.'' \111\
---------------------------------------------------------------------------
\109\ Testimony of Edward DeSeve, June 22, 1998, original
transcript p. 70.
\110\ ``Year 2000: Will We Get There on Time?'' Sept. 29, 1998,
Jane F. Garvey, Federal Aviation Administrator.
\111\ ``Year 2000: Biggest Problems and Proposed Solutions,'' June
22, 1998, original transcript, p. 96.
---------------------------------------------------------------------------
Obtaining and retaining adequate and skilled staff for the
Year 2000 challenge has been an increasing concern.
Representatives of agencies and departments have described
problems that they or their contractors have encountered in
obtaining or retaining information technology personnel.
However, no governmentwide strategy has existed to address
recruiting and retaining information technology personnel with
the appropriate skills for Year 2000-related work.
On April 30, Assistant to the President Koskinen stated
that the President's Council on the Year 2000 Conversion would
be working with several agencies, including the Office of
Personnel Management [OPM], to examine options for ensuring an
adequate number of qualified people to perform Year 2000 work.
On March 30, the OPM issued a memorandum that the Year 2000
problem was an ``unusual circumstance'' and agencies grant
waivers to allow them to rehire retired Federal personnel on a
temporary basis without financial penalty to the retiree
involved. The memorandum also advised that agency heads could
make exceptions to the biweekly limitation on premium pay if a
determination was made that an emergency involving a direct
threat to life or property exists. In addition, the Council has
formed a Year 2000 workforce issues working group chaired by
the Deputy Secretary of Labor.
g. Contingency planning
The General Accounting Office has found that contingency
planning by Federal agencies has been inadequate. ``Without
[contingency] plans, when unpredicted failures occur, agencies
will not have well-defined responses and may not have enough
time to develop and test alternatives. Because Federal agencies
depend on data provided by their business partners and services
provided by the public infrastructure [including] voice and
data telecommunications, it's imperative that contingency plans
be developed for all systems supporting critical core business
processes, regardless of whether these systems are owned by the
agency.'' \112\
---------------------------------------------------------------------------
\112\ Ibid. p. 18.
---------------------------------------------------------------------------
In March 1998, OMB clarified its contingency plan
instructions, stating that plans should be developed for all
core business functions. Further, on April 28, 1998, OMB asked
agencies to describe their processes and activities for
developing contingency plans. Although these are positive
steps, much work on contingency planning remains to be
completed.
2. The Federal leadership role
In addition to preparing its own technology for the year
2000, the Federal Government must play a leadership role, both
within the United States and internationally. This would be
appropriate for any wide-spread problem, but is particularly so
in light of the fact that technology is highly interdependent
and the United States relies on technology more than any
country in the world. Furthermore, the Year 2000 problem has
the potential to cause excessive anxiety and even panic in
people who fear the worst. As noted earlier in the report, this
kind of fear is allayed by access to information and confidence
in elected leadership. For these reasons, the subcommittee has
repeatedly called on the President of the United States as well
as the departments and agencies of the executive branch to take
a strong leadership role in addressing the Year 2000 problem.
The importance of Federal leadership has also been stressed
repeatedly at subcommittee hearings. Subcommittee Ranking
Member Dennis Kucinich stated that the Federal Government, in
particular, must take a leadership role. ``It's not enough that
the Federal Government fix its own systems, the Government must
also facilitate private sector conversion.''\113\ One witness
asserted that ``[w]e need a broad public acknowledgment of the
nature, scope, and difficulty of the Year 2000 problem,
starting with President Clinton and followed by other leaders
in the Administration, in Congress, in the military industry,
and elsewhere.'' \114\
---------------------------------------------------------------------------
\113\ ``Oversight of the Government's Year 2000 Efforts,'' Mar. 18,
1998, original transcript p. 15.
\114\ ``Year 2000: Biggest Problems and Proposed Solutions,'' June
22, 1998, original transcript, p. 40 (testimony of Bruce F. Webster,
Director, Washington, DC Year 2000 Group).
---------------------------------------------------------------------------
At the subcommittee's joint hearing on July 10, 1997,
Chairman Horn told Sally Katzen, then Administrator of the
Office of Information and Regulatory Affairs at the Office of
Management and Budget, that the Year 2000 problem is worthy of
Presidential attention. Chairman Horn asked: ``Have you or the
Director of OMB recommended to the President that he speak in
this area in a radio address or by other means of
communication?'' Sally Katzen replied that they had not.\115\
She also argued against the idea of a governmentwide
coordinator or ``Y2K Czar,'' saying ``[t]his is not an area, in
particular with the Year 2000 issue, where a silver bullet or a
dose of medicine administered at a centralized point is going
to solve the problem.'' \116\ Fortunately, the White House
eventually changed its position and the President appointed a
coordinator, Assistant to the President John Koskinen, who
chairs the President's Council on the Year 2000 Conversion.
This action was taken on February 4, 1998.\117\
---------------------------------------------------------------------------
\115\ ``Will Federal Government Computers be Ready for the Year
2000?'' July 10, 1997, p. 40.
\116\ Ibid. p. 47.
\117\ See Appendix C.
---------------------------------------------------------------------------
But establishing the President's Council on the Year 2000
Conversion was not, by itself, enough. There are further steps
the President and his administration should take. For example,
the General Accounting Office testified before the subcommittee
on prioritization within the Federal Government: ``We have
recommended the [President's] Council [on the Year 2000
Conversion] Chairman [John Koskinen] establish governmentwide
and agency-specific priorities based on criteria such as
adverse health and safety impacts, national defense, adverse
financial impact and economic repercussions. The Chairman
disagreed with this recommendation, stating that agencies have
already established priorities.'' \118\
---------------------------------------------------------------------------
\118\ June 10, 1998, original transcript 14.
---------------------------------------------------------------------------
In terms of international leadership, trade is especially
vulnerable to the Year 2000 problem because it is highly
dependent on technology. Every import and export transaction
involves a number of sequential steps and several companies,
including transportation companies, ports, freight forwarders,
banks, warehouses, and government agencies. All these entities
rely on information technology systems and embedded systems.
Furthermore, it is actually impossible to test the systems
until January 1, 2000, due to the sheer number of discrete
technologies and enterprises that make up a foreign trade
transaction. One witness put the international picture in
dramatic terms: ``[W]e come to the conclusion that foreign
trade, unfortunately, is going to decline very rapidly and very
quickly as we move into next year.'' \119\
---------------------------------------------------------------------------
\119\ ``Year 2000: Biggest Problems and Proposed Solutions,'' June
22, 1998, original transcript, p. 24 (testimony of Dennis Grabow,
president, Millennium Corp.).
---------------------------------------------------------------------------
In addition to trade, the same civilian and military
mission critical systems at risk of failure in the United
States--such as command and control systems in the defense
context--are also at risk of failure in other nations. The
global nature of this problem may become increasingly apparent
in telecommunications networks. This is an area of
vulnerability that has so far received very little attention.
It illustrates both the expanding nature of the problem and the
difficulty in coming to a detailed understanding of the
specific consequences we face. All nations, especially those
with nuclear arsenals and other sophisticated satellite and
weapons systems, must understand the potential impact of the
Year 2000 problem.
OMB Deputy Director for Management Edward DeSeve testified
on the international outreach effort at the subcommittee's June
22nd hearing.\120\ He also noted that the President raised the
Year 2000 problem at the G-8, and that the executive branch is
working with the United Nations,\121\ the World Bank, the
International Monetary Fund, and other organizations.\122\
These steps are just the beginning of effective leadership. The
President needs to take a more visible role, especially with
our own residents.
---------------------------------------------------------------------------
\120\ Ibid. pp. 56-57.
\121\ See Appendix A for correspondence between Subcommittee
Chairman Horn and U.N. Secretary General Annan.
\122\ ``Year 2000: Biggest Problems and Proposed Solutions,'' June
22, 1998, original transcript, pp. 80-81.
---------------------------------------------------------------------------
The Federal Government also needs to exert leadership
through effective management. The executive branch Year 2000
effort unfortunately is indicative of the general state of
executive branch management problems. Federal managers often
lack the basics--strategic plans, missions, goals, objectives,
benchmarks, performance measures for outcomes and results, and
most important the will to use the tools that must be available
to management if it is to succeed. Dealing with the Year 2000
problem is a very good example of the lack of management
capabilities available to the President.
There is a great need to resolve long-standing financial
management problems that plague the Federal Government.
Billions of dollars of taxpayers money are being lost each year
to fraud, waste, abuse, and mismanagement in hundreds of
programs. One of the root causes of this loss is poor financial
management systems and practices that are obsolete and
ineffective and do not provide complete, consistent, reliable,
and timely information to congressional decisionmakers, the
President, and senior department and agency management.
Financial losses can be identified and significantly reduced by
improved management. So can the loss of effective and timely
administration of program resources. Parallels with the Y2K
compliance effort are clear.
Congress enacted a series of laws designed to ensure that
agency management problems were fixed. In fact, the Chief
Financial Officers Act of 1990, as expanded by the Government
Management Reform Act of 1994 and amended by the Federal
Financial Management Improvement Act of 1996, provided the most
sweeping reform of Federal financial management in over 40
years. However, agencies have yet to implement these laws
fully. And now with the Y2K crisis, all citizens are at risk
because of these long term management failures. Congress needs
to provide the incentive to get it right.
On March 31, 1998, the General Accounting Office released
its audit report on the financial status of the Federal
Government. This report provided, for the first time, a concise
accounting for the myriad problems faced by the Federal
Government. The first-ever Governmentwide financial audit and
balance sheet demonstrated that there are serious problems with
financial management in the majority of Federal agencies.
GAO's audit report provided a synopsis of the significant
financial systems weaknesses, problems with fundamental
recordkeeping, incomplete documentation, and weak internal
controls, including computer controls, that prevent the Federal
Government from accurately reporting a large portion of its
assets, liabilities, and costs. According to the GAO, these
problems ``affect the [Federal] government's ability to
accurately measure the full cost and financial performance of
programs and effectively and efficiently manage its
operations.''
The subcommittee held a hearing on April 1, 1998, to
examine the results of the Governmentwide audit and then held a
series of hearings examining the results of the audits of the
Internal Revenue Service, Department of Defense, Social
Security Administration, and Health Care Financing
Administration. Oversight by the subcommittee and efforts by
others are having an effect. On May 26, 1998, the President
issued a memorandum to the heads of executive departments and
agencies directing the Office of Management and Budget and the
heads of certain agencies to take steps to resolve issues
preventing a clean opinion.
Congress must continue to take steps to rid the Federal
Government of pervasive financial management problems. Not only
do these problems preclude an audit opinion, they undermine the
confidence of the American people. The Federal Government needs
to manage the funds entrusted to it efficiently and
effectively. To do otherwise is a violation of the trust
citizens and taxpayers place in their government. These
problems are severe and we cannot allow them to persist.
The Year 2000 problem has served to highlight poor
management in the Federal Government. With rare exceptions over
the last 77 years, management has been de-emphasized relative
to budget within President's Bureau of the Budget and its
successor, the Office of Management and Budget.
Management's third class status is no secret. Today,
experts agree that the ``M'' in OMB has been in steady decline
and now barely exists. Presidential advisory groups have
recommended strengthening management within the Executive
Office of the President. Two Congressional Research senior
specialists noted that ``whether by intention or neglect,
recent Presidents have, arguably, been ineffective managers,
and the negative results have been cumulative.'' \123\
---------------------------------------------------------------------------
\123\ ``Creating an Office of Management,'' May 12, 1998, joint
statement of Harold C. Relyea and Virginia A. McMurtry, Specialists in
American National Government, Congressional Research Service.
---------------------------------------------------------------------------
As the Year 2000 problem has illustrated, the ``M''--
management must be put back into the Presidency. The solution
is to give management a powerful profile within the Executive
Office of the President. Legislation would create an Office of
Management on equal footing with the Office of Budget. There is
little debate over whether the executive branch of the Federal
Government needs better management. There is virtually
universal agreement that it does. The question is how to bring
about substantial, enduring improvements. Rather than focus
solely on today's particular set of problems, we would be wise
to prepare for the long term. We must look to the larger
picture of organizational structure.
There are two basic alternatives for management in the
Federal Government: to leave general management
responsibilities in the Office of Management and Budget, where
they currently reside, or to move general management
responsibilities to a new Office of Management in the Executive
Office of the President with a Director reporting to the
President. OMB would become the Office of Budget with its
Director continuing to report to the President.
This is not a question of theory; it is a question of
practicality. Certainly it is within the power of the President
and the Director of the Office of Management and Budget to
bring about serious management improvements within the present
structure. They are free to treat management as a top priority.
But, knowing that in practice management is not always made a
top priority, we must set a structure that endures.
When President Nixon put a stress on the ``M''--
Management--component and renamed the Bureau of the Budget the
Office of Management and Budget, the presumption was: ``At last
the management needs of the Executive Branch will get
attention. With budget clout, those in Cabinet departments and
independent agencies will improve their orientation so the
clients--the taxpayers--will have better service. The
presumption was wrong. Senior civil servants and political
appointees in the 1970s, 1980s, and the early 1990s kept saying
``it is not working.'' Experts have repeatedly argued that
budget deficit pressures and management of a $5-$6 trillion
national debt have driven out management issues.
The Federal Government is the largest, most complex
organization in the world. Federal management is not practiced
well. Management has always been the third-cousin behind
politics, programs, and budgets. By the time these have been
addressed there is little left for effective organizational
structure and strategic plans, personnel development, cost
accounting, financial management, integrated computer systems,
and results-oriented program administration. For generations
there have been myriad complaints about the symptoms of poor
management, even some recognition that poor management is a
major cause of program failure, but management itself has not
improved.
Although there are lessons to be learned from the private
sector, nobody is suggesting that the Federal Government should
be run like a commercial corporation. It is different.
Politics, programs and budgets are the big kids on the block.
However, management must be improved; it is the vehicle for
effectively and efficiently implementing the big issues.
Management does not and should not drive politics, but neither
can it be ignored.
There are few places in the Federal Government where staff
is dedicated to improving management. A tiny, tiny piece of OMB
focus is management but it is overwhelmed with the budget
burden and unfortunately is regularly ignored because short
term policy and budgeting issues drive out longer term
management initiatives.
Historically Federal management has received little
attention. The Bureau of the Budget was created in 1921.
Virtually no attention was given to management in the early
years. Accounts agree that, during 1921 to 1939, BOB conducted
no organization or management studies. Over the years the BOB/
OMB has assumed responsibility for various management
functions--administrative, intergovernmental, personnel
utilization, procurement, paperwork/information, statistical,
regulatory, financial, among others. Since the 1950s, when
performance budgeting was first used in the Federal Government,
the BOB/OMB has been required by successive administrations to
adopt and adapt to a variety of changing of arrangements for
planning and budgeting.
The only solution that has not been tried is splitting
Budget and Management into separate offices. The notion that
only the clout of the budget can force management reforms has
proven false. The empirical evidence proves just the opposite.
In the Federal Government, budget does not help management;
budget drives out management. Legislation is needed to create a
separate Office of Management and to transfer to it all
existing management responsibilities such as the Government
Performance and Results Act and Year 2000 computer problems.
The bulk of OMB is unaffected except for a name change to
Office of Budget and Office of Management.
Presidents deserve better. As Chief Executive, the
President needs to have a small group of experts on management
that can work with members of the Cabinet and other senior
officials in an administration to improve management
capability.
D. THE STATE AND LOCAL LEVEL
1. The State and local government Year 2000 problem
The Year 2000 problem has broad ramifications at the State
and local level. State, county, and city governments must
prepare their own technology. In many ways this is a problem
even more challenging than that faced by the Federal
Government. State and local governments deal with a vast array
of equipment that depends on embedded chips, for example. This
equipment includes everything from fire trucks and paramedic
equipment to railroad crossing signals to traffic lights to
police radios and 911 equipment. Furthermore, the critical
public safety functions of local government must not lapse even
temporarily as the date changes. This means these governments
have to do careful and comprehensive contingency planning.
This section of the report divides the State and local
level into two broad areas: the efforts of governments to
prepare their own technology, and the basic infrastructure
services that these governments oversee and in some cases
operate. The first area is organized according to the level of
government (State, county, city); the second area is organized
according to four basic services: electricity, sewage,
telecommunications, and water.
As noted above, the subcommittee held a series of six field
hearings to examine the State and local aspects of the Year
2000 problem. The first was held on August 13, 1998, in New
York, New York. The last was held on September 3, 1998, in a
suburb of Chicago, IL. In between, the subcommittee stopped for
hearings in a suburb of Dallas, TX; New Orleans, LA; a suburb
of Cleveland, OH; and Indianapolis, IN. These geographically
diverse areas offer an important sample of Year 2000
preparations at the State and local government level across the
United States.
a. State governments
The subcommittee heard testimony from a total of seven
State governments. There was great variation among these States
in terms of the extent of their Year 2000 challenges, the level
of preparation achieved so far, the costs involved, and-perhaps
most important--the data available.
Mr. Peter Sullivan testified on behalf of the State of
Connecticut. He is the director of the Year 2000 Program within
the Connecticut Department of Information Technology. This
department was created by statute in July 1997. Connecticut
reported that 69 percent of its 800 mission-critical systems
require remediation, upgrade, or replacement. The State
reported completing 35 percent of its conversion efforts and 20
percent of its testing efforts. Connecticut has adopted a
completion goal of March 1999. In April 1998, Connecticut
budgeted $95 million for the Year 2000 effort. According to
current reporting, ``agencies have completed 35 percent of
their conversion efforts and 20 percent of their testing
efforts overall.'' \124\
---------------------------------------------------------------------------
\124\ ``Oversight of the Year 2000 Problem: Lessons To Be Learned
From State and Local Experiences,'' Aug. 13, 1998, original transcript,
p. 37.
---------------------------------------------------------------------------
Mr. William Vetter, Manager, Bureau of Communication and
Computer Services, State of Illinois, noted that many Illinois
agencies ``began to address the Y2K challenge several years
ago, even in the 1980s.'' 125 The State's target
completion date for Year 2000 repairs is January 1, 1999.
---------------------------------------------------------------------------
\125\ ``Oversight of the Year 2000 Problem: Lessons To Be Learned
From State and Local Experiences,'' Sept. 3, 1998, original transcript,
p. 23.
---------------------------------------------------------------------------
Laura Larimer, Director of Information Technology for the
State of Indiana, reported that Indiana agencies are divided
into those that have used central contractors for their Year
2000 assessment and remediation and those that have not.
Although Indiana did not report on its current status, it
reported that agencies using the central contractors are on
track to complete analysis, remediation, and testing of custom
software by June 1999.
Ms. Larimer also reported that two significant agencies
that did not use the central contractors, the Department of
Transportation and the Department of Workforce Development, are
progressing in accordance to plan. She did not provide current
status or anticipated completion dates. Indiana also reported
that, with the exception of medical devices (which were 18
percent complete), it has completed the inventory of hardware,
software, telecommunications equipment, and facility
processors. Indiana expects to have all vendor compliance
information by November, 1998.
Louisiana did not report any Year 2000 status information.
Renea Austin, Division of Administration, State of Louisiana,
who was accompanied by Ms. Chris LaBlanc, Project Manager,
Louisiana Year 2000 Coordination Project State, noted that
Louisiana agencies were asked to submit remediation status
reports in June 1998. Also, the State plans to coordinate with
colleges and universities around that State to provide a
downlink for this broadcast and distribute videotapes for those
unable to attend.
Mr. Ronald Vidmar, Deputy Director, Computer Services
Division, Ohio Department of Administrative Services: ``The
State of Ohio began assessing this problem in early 1996. . . .
We determined that from a funding standpoint, we had a $61
million problem. . . . To date, we have not increased that
amount.'' 126 Mr. Vidmar reported that Ohio agencies
were approximately 60 percent complete at the end of August
1998, according to self reporting. ``[I]deally we would have
all of our agencies through remediation by the end of this
year. I honestly do not believe that will be
possible.''127
---------------------------------------------------------------------------
\126\ ``Oversight of the Year 2000 Problem: Lessons To Be Learned
From State and Local Experiences,'' Sept. 1, 1998, original transcript,
p. 18.
\127\ Ibid. pp. 45-46.
---------------------------------------------------------------------------
Ohio is not having a problem keeping technology personnel
on the payroll: ``[T]oday we have found that our retention rate
is very high, we have lost probably less than 10 percent as far
as the State government is concerned. . . . Now that is today.
I will be equally concerned three months from now because I
agree that at some point this pool is likely to dry up.''
128
---------------------------------------------------------------------------
\128\ Ibid. p. 60.
---------------------------------------------------------------------------
Mr. Gary Davis, Project Director, Office of Technology,
testified for the State of New York. He observed that Governor
Pataki had recognized the problem early on and the ``Year 2000
Date Change Initiative'' was established in April 1996. The
State decided to prioritize early in the project, identifying
40 ``top priority'' systems ``that have a direct impact on
public health, safety, and welfare.'' 129 Systems in
this category include child welfare, criminal history, inmate
population, and tax processing.
---------------------------------------------------------------------------
\129\ ``Oversight of the Year 2000 Problem: Lessons To Be Learned
From State and Local Experiences,'' Aug. 13, 1998, original transcript,
p. 27.
---------------------------------------------------------------------------
As of the August 13, 1998 hearing, New York State had 6 of
its top 40 systems Year 2000 compliant; the remainder were
scheduled to be competed by January 1999. New York also
reported that 19 percent of its 900 data exchanges were
compliant. The State put its cost estimate at $250 million.
``We have implemented numerous strategies to recruit, retain,
and compensate staff.'' 130 Mr. Davis also noted
that his State is actively participating in Federal-State Year
2000 coordination meetings and working with other State and
local governments on the issue.
---------------------------------------------------------------------------
\130\ Ibid. p. 29.
---------------------------------------------------------------------------
Texas reported that it believes that most mission-critical
systems will be ready for the Year 2000. All coding changes are
targeted to be completed by December 31, 1998. All agencies
with embedded systems are supposed to report to the Texas Year
2000 Project Office in October 1998.
In October 1997, Pennsylvania hosted the first State-
Federal Chief Information Officers' Summit. Participants at
this summit made significant decisions on how to proceed in the
Year 2000 challenge, including: (1) to use a four-digit year
standard for data exchanges between States and Federal
agencies; (2) to establish a national policy group, co-chaired
by the Office of Information and Regulatory Affairs in the
Office of Management and Budget and the president of the
National Association of State Information Resource Executives;
and (3) to create a joint State/Federal technical group, co-
chaired by the chair of the Federal Chief Information Officers'
Council Year 2000 Committee and the chair of the National
Association of State Information Resource Executives'
Subcommittee on the Year 2000.\131\
---------------------------------------------------------------------------
\131\ See ``Year 2000 Computing Crisis: Potential for Widespread
Disruption Calls for Strong Leadership and Partnerships,'' U.S. General
Accounting Office Report to Congress, GAO/AIMD-98-85, p. 17.
---------------------------------------------------------------------------
Despite this positive effort, the ability of State
governments to prepare for the year 2000 remains in doubt. As
January 1, 2000 approaches, time for thorough testing will run
short for States trying to do too much at the last minute.
Costs will rise, and the technical expertise necessary to
implement and test sophisticated systems will be increasingly
scarce. ``Texas, Missouri, California, and a number of others
have already cited the fact that they are unable to attract and
retain the resources that they need to fix their problems.''
\132\
---------------------------------------------------------------------------
\132\ ``Joint Hearing on the Oversight of the Government's Year
2000 Efforts,'' Mar. 18, 1998, original transcript p. 47 (testimony of
Dr. Michael Harden, president, Century Technology Services).
---------------------------------------------------------------------------
b. County governments
The subcommittee took testimony from four county
governments. They were generally less prepared than the State
governments. For example, the 1st Vice President of the Police
Jury Association of Louisiana reported that many of Louisiana's
smaller rural parishes (Louisiana's equivalent of counties)
have not addressed the Year 2000 problem and some have not even
realized that they may have a problem. This was a disturbing
revelation. The county level is crucial since many basic
services, including public safety, police protection, welfare
administration, and utilities, are provided by this level of
government.
Cuyahoga County of Ohio reported that, as of July 30, 1998,
its implementation phase (which includes coding and testing)
was 53 percent complete and 3 weeks behind schedule. The county
estimated its Year 2000 costs at approximately $9.8 million.
Nassau County, NY was represented by Douglas Wipperman,
Director of Data Processing for the county. He reported that
the County discovered the problem early on and decided to
approach it through full remediation of expanding to the four-
digit year rather than through windowing. ``Many of the
consultants approached us suggesting that [windowing] was the
way to go, but what happens is, we are left holding the bag
after they are gone.'' \133\
---------------------------------------------------------------------------
\133\ ``Oversight of the Year 2000 Problem: Lessons To Be Learned
From State and Local Experiences,'' Aug. 13, 1998, original transcript,
pp. 53-54.
---------------------------------------------------------------------------
Nassau's mainframe applications are expected to be Year
2000 compliant by December 1998. However, Nassau County did not
report on an expected completion date for its mini-computer and
PC applications. Nassau County expects its Year 2000 costs to
be between $28 and $35 million. Mr. Wipperman informed the
subcommittee that Nassau used the Year 2000 problem as an
opportunity to replace some aging systems.
Westchester County, NY reported that 71 percent of its Year
2000 project would be completed by the end of 1998 and that all
applications would be complete by September 1999. The County
has budgeted $15.75 million for its Year 2000 efforts. The
county is using the windowing technique to prepare for 2000.
Westchester was represented by Mr. Charles Adrion, Director of
the county's Year 2000 Project Office. He told the subcommittee
that the county executive required every department to assign a
Year 2000 coordinator.
Mr. Adrion also testified that ``[a]t present, there is no
reason to believe that staff shortage will affect our ability
to complete [preparations] on time.'' \134\ He did, however,
express concern over legal liability, saying fear of liability
has led to a decline in cooperation between public and private
organizations. ``[W]e highly recommend consideration by
Congress of legislation which would hold harmless local
governments for problems both of our own creation and those
outside our control.'' \135\ Mr. Adrion was pessimistic about
his county's ability to finish all Year 2000 preparations on
time.\136\
---------------------------------------------------------------------------
\134\ ``Oversight of the Year 2000 Problem: Lessons To Be Learned
From State and Local Experiences,'' Aug. 13, 1998, original transcript,
p. 46.
\135\ Ibid. p. 47.
\136\ Ibid. p. 72 (``I have managed a number of projects over the
years, and it's unusual that . . . our projects finish on time'').
---------------------------------------------------------------------------
c. City governments
City governments expressed more concerns about both funding
and hiring and retaining qualified personnel to deal with the
Year 2000 problem. Several of the cities hoped to get some
funding assistance from the Federal Government.\137\
---------------------------------------------------------------------------
\137\ New York City's deputy mayor, for example, stated that
Federal aid to State and local governments to help pay for Year 2000
work would allow them to continue to provide current, new, or expanded
services.
---------------------------------------------------------------------------
The Mayor of Baton Rouge, LA announced a ``call for
action'' to enhance local government and community awareness of
the Year 2000 problem. Coinciding with this announcement, Baton
Rouge has hosted governmental and community Year 2000 seminars.
Baton Rouge reported to the subcommittee on the Year 2000
readiness of 130 hardware and software items. Of these, about
one third were scheduled to be replaced or repaired. Many of
these items were scheduled to be implemented by the first
quarter of 1999, however, several items had no implementation
date.
Baton Rouge, LA stated that the initial process of
identifying what devices have embedded systems is cumbersome
and that a central repository of equipment and devices would be
useful. Also, Mike Walker, Director of Information Services for
the city of Baton Rouge, testified: ``It has been extremely
difficult for us to recruit new employees.'' \138\
---------------------------------------------------------------------------
\138\ ``Oversight of the Year 2000 Problem: Lessons To Be Learned
From State and Local Experiences,'' Aug. 19, 1998, original transcript,
p. 105.
---------------------------------------------------------------------------
Ms. Beth Boatman, Chief Information Officer for the city of
Chicago, reported that their Year 2000 Project had been active
since late 1996 and that the city is aiming to complete mission
critical systems remediation during the first quarter of
1999.\139\ She reported two major concerns: personnel and
embedded chips. ``We particularly are having trouble finding
skilled workers. * * * We have chosen to privatize almost the
whole year 2000 project, for a couple of reasons. One is our
attrition is up near 20 percent and we are constantly seeing
people turn out of our technology department.''\140\ Regarding
embedded chips, Ms. Boatman asserted that her ``biggest concern
right now is probably the embedded systems piece.'' \141\
---------------------------------------------------------------------------
\139\ ``Oversight of the Year 2000 Problem: Lessons To Be Learned
From State and Local Experiences,'' Sept. 3, 1998, original transcript,
p. 29.
\140\ Ibid. p. 57.
\141\ Ibid. p. 41.
---------------------------------------------------------------------------
Indianapolis, IN reported that the third quarter of 1998
marked the beginning of its intensive renovation and concurrent
testing phases. Specific status information or completion dates
were not provided. Indianapolis reported that it expects its
Year 2000 costs to be about $13 million. Indianapolis also
stated that the Congress can assist municipalities by directing
grant funds toward a more timely replacement of some outdated
Year 2000 noncompliant hardware.
Lubbock, TX plans to distribute a Year 2000 newsletter to
its recreation and senior centers, libraries, and municipal
facilities. Lubbock also plans to distribute a bilingual insert
in its city-owned utility company's October utility bills.
Lubbock reported that it was planning a Year 2000 ``drill'' for
an unannounced night in September 1998. As part of this drill,
Lubbock was designing scenarios of possible items that may fail
due to the Year 2000 as well as ``normal'' scenarios (such as
inclement weather) that may occur on December 31, 1999. This is
an excellent approach to testing and the committee hopes other
entities will emulate it.
New Orleans, LA reported that its computer infrastructure
had been updated and its biggest applications completed. The
remaining Year 2000 work (including the completion of its
mission-critical Human Resources System) is scheduled to be
completed in the first quarter of 1999.
New York City reported that as of August 4, 1998, 287 of
its 706 priority systems were in the process of being tested
and certified as Year 2000 compliant. Work was continuing on
the remaining 419 systems, but no projected completion date was
provided. Mr. Joseph Lhota, Deputy Mayor for Operations,
reported that New York has spent or appropriated $319 million
for Year 2000 repairs already, and ``unfortunately that number
will only go up.'' \142\
---------------------------------------------------------------------------
\142\ ``Oversight of the Year 2000 Problem: Lessons To Be Learned
From State and Local Experiences,'' Aug. 13, 1998, original transcript,
p. 19.
---------------------------------------------------------------------------
Mr. Lhota indicated that New York has an ambitious approach
to the Year 2000 problem: ``Generically, anything that goes
wrong in New York is always blamed on the Mayor, so it's
important that he make sure we know what's going [throughout
the City].'' \143\ In terms of a technical workforce, New York
City implemented a technology training and mentoring program.
New York City reported that it has trained over 300 people in
this fashion. Also encouraging is that the New York sewer
system is not vulnerable to the Year 2000 problem.\144\
---------------------------------------------------------------------------
\143\ Ibid. pp. 21-22.
\144\ Ibid. p. 82.
---------------------------------------------------------------------------
2. Basic infrastructure: electricity, telecommunications, water
``Frankly, we as a nation do not know where we stand on key
infrastructure areas like power, water, and telecom . . .
There's a lot of talk but when you get beneath that talk there
is no underlying data.'' \145\
---------------------------------------------------------------------------
\145\ ``Oversight of the Year 2000 Problem: Lessons To Be Learned
From State and Local Experiences,'' Sept. 2, 1998, original transcript,
p. 126 (testimony of Joel Willemssen, Director, Information Resources
Management, Accounting and Information Management Division, U.S.
General Accounting Office).
---------------------------------------------------------------------------
a. Electricity
The importance of electricity is almost too obvious to
merit discussion. Without power, the Year 2000 readiness of
virtually all technology will be a moot point. But as a
society, we rely on electricity for much more than computers.
One witness before the subcommittee discussed the importance of
power in the context of agriculture. ``In Iowa, we have 14
million hogs in confined environmentally maintained houses. In
Minnesota, they have 44 million turkeys in the same types of
situations. . . . The important fact to understand here is that
when we lose ventilation systems in these houses, we can have
animals die in six hours.'' And: ``Power interruptions on a
cold winter's day could lead to severe problems and animal
loss, particularly for poultry and livestock producers.'' \146\
---------------------------------------------------------------------------
\146\ ``Oversight of the Year 2000 Problem: Lessons To Be Learned
From State and Local Experiences,'' Sept. 3, 1998, original transcript,
p. 90 (testimony of Dr. Wendy Wintersteen, director, Agriculture and
Natural Resources Extension, Iowa State University; see also Dr.
Wintersteen's prepared testimony, p. 1).
---------------------------------------------------------------------------
Unfortunately, experts are raising grave concerns about the
preparedness of the power industry. The production and
distribution of power rely to a great extent on embedded
technology. Furthermore, the ``power grid'' is highly
interconnected. Failure in one region of the country could
precipitate failures elsewhere. ``[I]t's very likely that we
will have brownouts in this country, and possibly some
intermittent blackouts . . . only because if you look at the
entire grid it's . . . basically an end-to-end system that has
to be tested. There are 6,000 power plants out there that all
have to be remediated; and unfortunately, as we look at the
work from our analysis, we don't see that [remediation and
testing] is being done in every case.'' \147\
---------------------------------------------------------------------------
\147\ ``Year 2000: Biggest Problems and Proposed Solutions,'' June
22, 1998, original transcript p. 23 (testimony of Dennis Grabow).
---------------------------------------------------------------------------
The Consolidated Edison Co. of New York reported that its
critical systems were either renovated or in the process of
being renovated, with an expected completion date in the fourth
quarter of 1999. Other systems of lesser importance are
expected to be completed by June 1999. The Consolidated Edison
Co. of New York also reported that it is researching the
embedded systems in its control systems components to determine
if they are Year 2000 compliant. The company reported that it
has not identified any fatal flaws that would have a
catastrophic effect on its operations. Renovation of these
embedded systems is expected to be completed by mid-1999.
The Texas Utilities Co. reported that more than 90 percent
of inventory and assessment activities are complete and 25
percent of its testing. The utility company reported it is
examining 291 software products and approximately 300 client-
server applications. Additionally, the company reported that
its Year 2000 project was on schedule and that 25 percent of
the inventoried applications are compliant. Software conversion
and testing was in progress and would continue through 1998
with full integrated testing and implementation in 1999.
Assessment of its information technology infrastructure was
scheduled for completion by the end of the summer and work was
scheduled to be complete by the end of the year. Inventory of
the utility companies embedded systems (about 11,000) has been
in progress since last year and conversion is expected to be
mostly completed by the end of 1998, with some work extending
into 1999. The Texas Utilities Co. reported an expected Year
2000 cost between $28 and $31 million.
FirstEnergy reported that it was nearing the completion of
a full-scale inventory and assessment of all computer hardware,
software, and embedded systems and is identifying which systems
need to be renovated and which need to be replaced. This phase
of FirstEnergy's Year 2000 project is expected to be completed
by the end of 1998. In particular, the FirstEnergy is (1)
assessing its power generation function, which was projected to
be completed in the fall, (2) evaluating its nuclear power
plants, and (3) assessing its fossil plants (its largest ones
are currently undergoing an inventory). FirstEnergy expects to
complete Year 2000 remediation by the first quarter of 1999 and
testing by the third quarter of 1999. Mr. John Gill, Senior
Vice President, FirstEnergy Corp., observed that ``power
generation is probably the most complicated area to assess
because of the number and complexity of the systems.'' \148\
---------------------------------------------------------------------------
\148\ ``Oversight of the Year 2000 Problem: Lessons To Be Learned
From State and Local Experiences,'' Sept. 1, 1998, original transcript,
p. 75.
---------------------------------------------------------------------------
b. Telecommunications
With almost half of the world's computer capacity and 60
percent of its Internet assets, the United States is the
world's most advanced--and most dependent--producer and user of
information and telecommunications technologies. Such
technologies have helped fuel the growth of the U.S. economy
and have enabled major improvements in the Nation's
infrastructure. The Year 2000 readiness of these
telecommunications technologies is therefore of great concern.
The telecommunications infrastructure is comprised of the
public telecommunications network, the Internet, and the
millions of computer systems for government, defense,
commercial, and personal use. The telecommunications network
includes communications and information transmissions via a
complex web of interconnected networks operated by local and
long-distance telephone carriers, cellular networks, and
satellite services. Significant portions of the Internet rely
on services provided by the public telecommunications networks.
The array of reliable telecommunications services is made
possible by a complex web of highly interconnected networks
supported by switches and other telecommunications devices.
Along with national and local carriers and service providers,
important links in the chain include the equipment
manufacturers and suppliers and customers. The key is
connectivity: all of the pieces must work together.
All telecommunications network components--including
switches, routers, PBXs, and Internet servers--must be assessed
and tested to ensure compliance with the Year 2000 computer
problems. The potential problems are further compounded by the
global nature of today's telecommunications systems, which rely
on seamless connections among widely scattered and widely
diverse networks.
Telecommunications systems are critical to the operations
of nearly every public and private sector organization
including financial services and brokerage institutions;
health, safety, and emergency services; transportation;
utilities; and manufacturing and small business. Disruption in
the service provided by the public telecommunications network
can affect millions of users and cause massive financial
losses.
The Federal Government depends heavily on the
telecommunications infrastructure. Many agencies, including
those in the Department of the Treasury and Department of
Health and Human Services [HHS], rely on both their private
networks and on the public telecommunications network to
conduct mission-critical business. An electronic Medicare
payment, for example, may traverse several networks: those
operated by HHS, computer systems and networks at the
Department of the Treasury, and the Federal Reserve's Fedwire
electronic funds transfer system.
Businesses and financial institutions rely heavily on
telecommunications networks to participate in the global
payments system, to exchange information with trading partners
and regulatory agencies, and to manage their internal control
systems and sophisticated computer equipment.
Year 2000 failure in the telecommunications infrastructure
would bring potentially disastrous consequences. Financial
institutions would be unable to process financial transactions
and trades. Major disruption in the service provided by the
public telecommunications network can affect millions of users
and cause massive financial losses. The cost of disruptions and
outages caused by noncompliant computer or telecommunications
systems was discussed in a recent study of the potential impact
of Year 2000-related foreign exchange settlement failures.
According to the study, the market costs of a single major
bank's inability to settle its trades could reach $3.3 billion
in a single week. Other basic services are also vulnerable. Air
traffic control communications systems would fail; some
consumer credit card transactions would fail; and 911 emergency
service transmissions could not be processed.
Most major carriers expect to achieve Year 2000 compliance
of their network services by December 1998. Most major carriers
also plan to be fully compliant, including support services and
systems, by mid-1999. At a June 1998, House Ways and Means
subcommittee hearing, the General Accounting Office testified
that it will be a ``massive challenge'' to bring the
telecommunications industry into compliance on time. With less
than 19 months remaining, the GAO was concerned that no one
currently had an overall assessment of the degree of year 2000
risk in the telecommunications infrastructure. There may not be
time to ready all systems, but there is time to concentrate on
the most important ones affecting health, safety, national
defense and economic concerns.
Ameritech reported that it will come close, though not
quite achieve, its goal of having its mission critical systems
ready by January 1, 1999. As of the end of the second quarter,
1998, Ameritech had remediated over 80 percent of Ameritech-
owned code and certified and deployed over one half of its
applications. In addition, Ameritech reported that, by the end
of the second quarter of 1998, it had tested and completed the
deployment of Year 2000 upgrades in over 50 percent of its
network switches requiring upgrades. Assessments of Ameritech's
facilities and product management is on-going (and expected to
be completed during the third quarter of 1998).\149\
---------------------------------------------------------------------------
\149\ ``Oversight of the Year 2000 Problem: Lessons To Be Learned
From State and Local Experiences,'' Sept. 1, 1998 (see testimony of Mr.
Fred Kowitz Director, Ameritech Corp.).
---------------------------------------------------------------------------
Ameritech is participating in the Year 2000 Telco Forum
Interoperability Testing. This testing, which was due to start
in July 1998, will cover a broad cross-section of services,
from voice to high speed data circuits to complex 911 emergency
services. It will use a laboratory to simulate peak traffic
loads and analyze actual network performance. Ameritech also
reported that it is participating with the Alliance for
Telecommunications Industry Solutions [ATIS] which is planning
additional nations, and possibly international,
interoperability testing of the telecommunications network.
c. Water
To power and telecommunications, a third essential service
must be added: the water supply. Water is essential for not
only for human consumption, but for sanitation as well. A
failure in the water supply could very quickly lead to
dangerous conditions, including a lack of potable water and
sewage backups.
Water and sewer companies rely on computers as well as
equipment operated by embedded chips for a wide range of
functions. These include electronic pressure recorders,
generators, collection systems monitoring, flow monitoring,
mobile equipment, meter reading, and routing. They also include
laboratory analysis, industrial compliance determinations, and
geographic information systems.\150\ If their technology fails,
a variety of malfunctions could result.
---------------------------------------------------------------------------
\150\ This list is derived largely from the Association of
Metropolitan Sewerage Agencies.
---------------------------------------------------------------------------
The Public Utilities Co. of Ohio sounded an optimistic note
when testifying before the subcommittee. ``I would say every
utility in Ohio, primarily due to I think the initial Federal
efforts but then obviously subsequent State efforts, have gone
through the process of awareness and assessment. They have all
inventoried, they have all gone fairly well through remediation
and testing.'' \151\
---------------------------------------------------------------------------
\151\ Ibid. p. 74 (testimony of Mr. Donald Mason, commissioner,
Public Utilities Commission of Ohio).
---------------------------------------------------------------------------
David Hall, an embedded chip expert and Senior Engineer,
CARA Corporation, reported on his discouraging observations of
Year 2000 preparations at water treatment plants: ``Every
municipality I have worked with said that their wastewater
treatment and wastewater flow is the most critical item, bar
none, even electricity. And I have yet to see anybody from a
national level or even a state level start looking or trying to
get everybody together to determine whether the water and the
wastewater flow and the other things can come together.'' \152\
The General Accounting Office made a similar observation:
``[T]here is increasing evidence of a great number of embedded
chips in water and wastewater systems that must be dealt with
quickly.'' \153\
---------------------------------------------------------------------------
\152\ ``Oversight of the Year 2000 Problem: Lessons To Be Learned
From State and Local Experiences,'' Sept. 3, 1998, pp. 188-189.
\153\ Ibid. p. 120 (testimony of Joel Willemssen).
---------------------------------------------------------------------------
III. Conclusions
Based on the findings of the subcommittee's investigation,
the Year 2000 problem requires one of the most massive and
coordinated repair efforts in human history. An enormous amount
of progress has been made, but at least as much remains to be
done and, unlike virtually every other major challenge, the
Year 2000 problem presents an absolute deadline. Both because
of the enormity of the challenge and because of the
extraordinary potential for fear and panic, this problem calls
for strong leadership. The committee hopes that the President
of the United States, as well as executive leadership in
organizations throughout the country and the world, will rise
to this challenge in the months to come.
[Additional information may be found in the appendix.]
A P P E N D I X E S
----------
APPENDIX A. CORRESPONDENCE
1. April 29, 1996 Oversight Letter from Subcommittee
Chairman Stephen Horn and then Ranking Member Carolyn Maloney
to Major Federal Departments and Agencies Asking for Details of
Year 2000 Awareness and Planning.
2. March 26, 1997 Oversight Letter from Subcommittee
Chairman Stephen Horn, then Ranking Member Carolyn Maloney, and
Science Subcommittee on Technology Chair Constance Morella and
Ranking Member Bart Gordon to Major Federal Departments and
Agencies Asking for Awareness, Planning, and Oversight of
Embedded Chip Problem.
3. May 22, 1997 Letter from Subcommittee Chairman Horn to
U.N. Secretary General Kofi Annan; together with September 18,
1997 response.
4. July 16, 1997 Letter from Subcommittee Chairman Stephen
Horn, then Ranking Member Carolyn Maloney, and Science
Subcommittee on Technology Chair Constance Morella and Ranking
Member Bart Gordon to President Clinton.
5. December 11, 1997 Letter from Subcommittee Chairman
Stephen Horn to Office of Management and Budget Director
Franklin Raines on Agency Year 2000 Quarterly Reports.
[The information referred to follows:]
APPENDIX B. SUBCOMMITTEE REPORT CARDS
----------
1. July 1996 Report Card Based on Responses to April 29,
1996 Oversight Letter.
2. September 1997 Report Card Based on August 15, 1997
Quarterly Reports.
3. December 1997 Projections Based on November 15, 1997
Quarterly Reports.
4. March 1998 Report Card Based on February 15, 1997
Quarterly Reports.
5. June 1998 Report Card Based on May 15, 1998 Quarterly
Reports.
6. September 1998 Report Card Based on August 15, 1998
Quarterly Reports.
[The information referred to follows:]
APPENDIX C. EXECUTIVE ORDER 13073, ``YEAR 2000 CONVERSION,'' ISSUED
FEBRUARY 4, 1998
----------
[The information referred to follows:]
APPENDIX E. COMMITTEE FINDINGS AND RECOMMENDATIONS
----------
Findings:
1. The Federal Government is not on track to complete
necessary Year 2000 preparations before January 1, 2000.
2. Some State and local governments are lagging in Year
2000 repairs and in many cases lack reliable information on
their Year 2000 status.
3. The Year 2000 status of basic infrastructure services,
including electricity, telecommunications, and water, is
largely unknown.
4. Embedded microchips are difficult to find, difficult to
test, and can lead to unforeseen failures.
5. Strong leadership from senior management is necessary to
address the Year 2000 problem.
6. Organizations are dependent on the Year 2000
preparedness of their data exchange partners.
7. Data exchanges, testing, and contingency planning have
received far too little attention.
8. Fear of legal liability has made some organizations
reluctant to share the Year 2000 status of their products and
internal systems with other businesses and data exchange
partners.
9. Resource problems center around hiring and retaining
skilled workers and attaining the needed funding to perform the
Year 2000 fixes.
Recommendations:
1. The President and the Executive Branch of the United
States Government must approach the Year 2000 problem with
greater urgency.
2. Public and private organizations as well as Federal,
State, and local governments must all work in partnership to
prepare for the date change.
3. Congress and the President should establish Federal
liability protection for organizations that share information
in order to facilitate Year 2000 repairs.
4. Year 2000 problem managers should develop goals that are
linked to readiness measures.
5. Citizens should demand information on Year 2000
readiness from their State and local governments, their utility
companies, and other organizations upon which they are
dependent.
ADDITIONAL VIEWS OF HON. STEPHEN HORN
As this report highlights, information is essential to
solving the Year 2000 problem. Senior management must have all
the information necessary for understanding the significance of
the problem and for allocating resources to address it.
Technical staff must have access to information in order to
avoid duplicating research into Year 2000 compliance that
others have already done and to keep abreast of the best
solutions available. Furthermore, organizations must coordinate
closely with all data exchange partners. The essence of this
coordination is sharing information.
The web sites listed below reflect the central role that
the Internet is playing in the Year 2000 problem. These are
Federal sites only, but through them people with access to the
Internet can locate a vast range of private as well as public
sites.
Congressional Year 2000 Web Sites:
Government Reform and Oversight Committee, Subcommittee on
Government Management, Information, and Technology: http://
www.house.gov/reform/gmit/y2k.
House Majority Leader Richard Armey: http://freedom.gov/
y2k.
Representative Pete Sessions: http://www.house.gov/
sessions/Y2K.
House Small Business Committee: http://www.house.gov/smbiz/
leg/y2k.
House Science Committee: http://www.house.gov/science/y2k.
House Banking Committee: http://www.house.gov/banking/
year2000.
The General Accounting Office: http://www.gao.gov/y2kr.
United States Senate Special Committee on the Year 2000
Technology Problem: http://www.senate.gov/y2k.
Executive Branch Year 2000 Sites:
President's Council on the Year 2000 Conversion:
www.y2k.gov.
Chief Information Officers Council Committee on Year 2000
Information Directory (this site is a clearinghouse for
information on the Year 2000 problem, with links to sites on
best practices, contingency planning, testing, commercial off-
the-shelf product databases, and many others):
www.itpolicy.gsa.gov/mks/yr2000/cioy2k.
The Federal Year 2000 Commercial Off-the-shelf (COTS)
Product Database: y2k.policyworks.gov.
The Small Business Administration: www.sba.gov/y2k.
The Food and Drug Administration, including a database on
the Year 2000 status of biomedical equipment: www.fda.gov/cdrh/
yr2000/year2000.
Steve Horn.
ADDITIONAL VIEWS OF HON. HENRY A. WAXMAN, HON. DENNIS J. KUCINICH, HON.
TOM LANTOS, HON. ROBERT E. WISE, JR., HON. MAJOR R. OWENS, HON.
EDOLPHUS TOWNS, HON. PAUL E. KANJORSKI, HON. GARY A. CONDIT, HON.
CAROLYN B. MALONEY, HON. THOMAS M. BARRETT, HON. ELEANOR HOLMES NORTON,
HON. ELIJAH E. CUMMINGS, HON. ROD R. BLAGOJEVICH, HON. DANNY K. DAVIS,
HON. JOHN F. TIERNEY, HON. THOMAS H. ALLEN, AND HON. HAROLD E. FORD,
JR.
The Subcommittee on Government Management, Information, and
Technology has held a series of oversight and legislative
hearings related to the Year 2000 (``Y2K'') computer problem
and its impacts on the government and the private sector. These
hearings were reviewed in the report approved by the full
Committee on October 8, 1998. The report found that the federal
government was lagging in its efforts to prepare for the Year
2000, and that, if not fixed, the Y2K problem presents the risk
of interruption of key government services. The report also
indicated that state and local governments and the private
sector face significant challenges from the Y2K problem.
While we support the findings of the report approved on
October 8, we submit these views to provide additional
information that was not included in the report.
administration progress
While we agree with the findings of the report that more
progress needs to be made, President Clinton and Vice President
Gore have demonstrated significant leadership on these issues,
and are making substantial efforts to ensure that the federal
government does not experience significant disruption due to
the Y2K problem.
In February 1998, President Clinton named John Koskinen, a
respected former OMB official, to head the White House Y2K
Council. Under Mr. Koskinen's leadership, the Y2K Council is
actively engaged in many activities to increase awareness of
the problem in and beyond the federal government. For example,
the Council has created 35 working groups to address Y2K
activities in key economic sectors. Through these working
groups, and via other avenues, the Y2K Council and executive
agencies are reaching out to private sector organizations,
state and local governments, and key international
institutions.
The President made a major speech about the Year 2000
problem before the National Academy of Sciences in July 1998.
This speech highlighted the risk of the problem and the need to
focus on solutions. The majority report described this speech
as merely ``preaching to the choir,'' implying that the speech
was directed at and heard by only the scientific community.
This is not the case. The speech was directed at the American
people and received significant coverage in the popular print
and electronic media.
The President, through the Y2K Council, continues to
educate and inform the public about the Y2K problem. The
Council, working with over 100 private-sector organizations,
has declared October 19-23, 1998, to be National Y2K Action
Week. The core focus of the week will be hundreds of
educational events hosted by federal government field offices,
including the Small Business Administration, the Department of
Commerce, the Department of Agriculture, the Social Security
Administration, and the Department of Transportation. The
events will focus on assisting managers of small- and medium-
sized businesses to assess and remediate Y2K problems.
The Administration is also working closely with agencies
that appear to be having compliance problems. On June 19, 1998,
OMB directed all so-called ``Tier 1'' agencies (agencies
showing insufficient evidence of adequate progress), as well as
``Tier 2'' agencies (agencies that have demonstrated progress,
but still have significant concerns), to provide monthly plans
and progress reports to OMB. Mr. Koskinen is actively engaged
in planning activities of Tier 1 agencies, and on September 2,
1998, Vice President Gore met with senior officials in the
seven Tier 1 agencies to stress the importance of the Y2K
problem.
Although the staff report focused on the government
agencies that are not performing well, many agencies are ahead
of schedule. Chairman Horn's August 15 report card identified
eight Federal agencies that received grades of B or better for
their progress on Y2K conversion.1 The report also
found that 20 of 24 agencies were making progress toward
solving external data exchange problems, and 12 of 24 were
focusing on embedded systems. OMB's 6th Quarterly Report on
Progress on Year 2000 Conversion as of August 15, 1998,
highlighted the progress made by the federal government:
---------------------------------------------------------------------------
\1\ The Social Security Administration, the National Science
Foundation, the Small Business Administration, the General Services
Administration, the Department of Commerce, the Environmental
Protection Agency, the Department of Veterans Affairs, and the Federal
Emergency Management Agency.
---------------------------------------------------------------------------
Of the governments 7,343 mission critical systems,
3,692, or 50%, are now Y2K compliant, up from 40% in May.
Of the remaining 3,651 mission critical systems,
2,910 are being repaired, 650 are being replaced, and 91 are
being retired.
Only two agencies--AID and HHS--are working toward
dates that are beyond the Government-wide milestones
(renovation by September 1998, validation by January 1999, and
verification by March 1999) for the completion of Y2K work.
Several agencies, including Justice, Treasury, GSA, OPM, the
Small Business Administration, and the Social Security
Administration, are ahead of schedule.
Agencies are also taking steps to assess embedded
chips and to assess the status of non-mission critical systems.
y2k and consumer issues
The federal government has been the focus of the
Committee's Y2K oversight hearingsfor the last two years. As a
result, the Committee has held only one hearing on consumer issues, on
September 23, 1998. Although the witness list for that hearing included
authors, software publishers, and organizations that sell products to
consumers, it did not contain representatives from any organization
that actually represents consumers. Despite this lack of attention,
consumers will be affected by numerous aspects of the Y2K problem, and
Congress must address these issues.
The Committee report correctly notes that a lack of
information is a serious problem and indicates that the lack of
information complicates efforts to solve Y2K problems, and may
cause panic on the part of individuals, making minor problems
even worse. The report also recommends that consumers should
demand information from state and local governments, utilities,
and other organizations. However, the report does not address
the issue of whether utilities, software developers, and
producers of electronic equipment will provide the public with
the required information voluntarily.
To date, consumers have been provided with minimal
information. For example, most software companies are not
sending out program upgrades to all their customers. Instead,
they are posting notices of Y2K problems, and providing
solutions for these problems, via their web sites. Only those
consumers that have the time and knowledge to actively seek out
information via the Internet or other purposes have been able
to obtain any sort of information. Even federal government
agencies have had little success obtaining information. For
example, when the FDA sent letters to manufacturers requesting
information on the Y2K compliance status of medical equipment,
they received answers from less than one-half of these
companies. There is presently no provision of law which would
require that manufacturers inform consumers of potential
problems. Providing accurate and timely information about their
products is the responsibility of the businesses that sell
them. If these organizations will not accept this
responsibility, Congress must ensure that consumers receive
adequate information about Y2K problems.
Congress Must Provide Adequate Y2K Funding in Timely Fashion
The majority report indicates the federal government did
not begin fixing Y2K problems on their computers in a timely
fashion. However, Congress shares responsibility for this lack
of action because Congress was slow in approving funds for
agencies to address Y2K problems.
At the Administration's request, the House Treasury,
Postal, and General Government Appropriations Bill (H.R. 4104)
initially included $2.25 billion, and the House Defense
Appropriations Bill (H.R. 4103) initially included $1.6 billion
in emergency spending to assist the federal government in its
efforts to make all computer systems Y2K compliant.
Unfortunately, because of disputes over offsets, opposition
from Republican members of the House of Representatives caused
this funding to be cut before the legislation reached the House
floor. Although it appears that this critical Y2K funding may
be included in the final omnibus appropriations bill that is
expected to be signed by the President, this funding has not
yet been approved. This delay and uncertainty has complicated
efforts by senior management to address Y2K problems within
their agencies and departments.
Just as federal government agencies have a responsibility
to fix Y2K problems, Congress must meet its responsibility to
provide adequate funding for these agencies.
H.R. 4756, ``The Year 2000 Preparedness Act''
On October 13, 1998, the House of Representatives passed
H.R. 4756, ``The Year 2000 Preparedness Act.'' This legislation
contains two key provisions, originally contained in
legislation sponsored by Rep. James A. Barcia, that will help
consumers and small businesses.
The legislation directs the Department of Commerce to
develop a consumer awareness program to help inform consumers
of the implications of, and solutions to, Y2K-related problems.
This program will include the development of self-assessment
checklists, resource lists, Y2K-approved products, and a series
of public awareness announcements. The legislation also directs
the Small Business Administration and the National Institute of
Standards and Technology to develop a similar Y2K outreach
program for small- and medium-sized businesses. While these
provisions will not solve Y2K problems for all consumers and
small businesses, they represent the first step taken by
Congress to protect these key constituencies.
At the time these additional views were filed, it was not
clear if the Senate would pass this legislation.
Henry A. Waxman.
Dennis J. Kucinich.
Tom Lantos.
Robert E. Wise, Jr.
Major R. Owens.
Edolphus Towns.
Paul E. Kanjorski.
Gary A. Condit.
Carolyn B. Maloney.
Thomas M. Barrett.
Eleanor Holmes Norton.
Elijah E. Cummings.
Rod R. Blagojevich.
Danny K. Davis.
John F. Tierney.
Thomas H. Allen.
Harold E. Ford, Jr.
�