Year 2000 Computing Crisis: Actions Needed on Electronic Data Exchanges
(Letter Report, 07/01/98, GAO/AIMD-98-124).

Pursuant to a congressional request, GAO provided information on actions
taken to address year 2000 issues for electronic data exchanges,
focusing on the: (1) key actions taken to date to address electronic
data exchanges among federal, state, and local governments; (2) actions
the federal government has taken to minimize the adverse economic impact
of non-compliant year 2000 data from other countries' information
systems corrupting critical functions of the United States; and (3)
international forums where the worldwide economic implications of this
issue have been or could be addressed.

GAO noted that: (1) key actions to address year 2000 data exchange
issues are still in the early stages; however, federal and state
coordinating organizations have agreed to use a 4-digit contiguous year
format and establish joint federal and state policy and working groups;
(2) to implement these agreements, the Office of Management and Budget
(OMB) issued instructions in January 1998 to federal agencies to
inventory all data exchanges with outside parties by February 1, 1998,
and coordinate with these exchange partners by March 1, 1998; (3) at the
time of GAO's review, no actions had been taken to establish target
dates for additional key tasks; (4) about half of the federal agencies
reported during the first quarter of 1998 that they have not yet
finished assessing their data exchanges to determine if they will be
able to process data with dates beyond 1999; (5) two of the 39
state-level organizations reported having finished assessing their data
exchanges; (6) for the exchanges already identified as not year 2000
ready, respondents reported that little progress has yet been made in
completing key steps such as reaching agreements with partners on date
formats, developing and testing bridges and filters, and developing
contingency plans for cases in which year 2000 readiness will not be
achieved; (7) most federal agency actions to address year 2000 issues
with international data exchanges have been in the financial services
area; (8) ten federal agencies reported having a total of 702 data
exchanges with foreign governments or the foreign private sector; (9)
these foreign data exchanges represented less than 1 percent of federal
agencies' total reported exchanges; (10) federal agencies reported
reaching agreements so far on formats of 98 of the foreign data
exchanges; (11) international organizations addressing year 2000 issues
have been the most active in the financial services area; and (12)
during 1997, several international organizations initiated activities to
increase awareness, provide guidance, and monitor the status of year
2000 efforts.

--------------------------- Indexing Terms -----------------------------

 REPORTNUM:  AIMD-98-124
     TITLE:  Year 2000 Computing Crisis: Actions Needed on Electronic 
             Data Exchanges
      DATE:  07/01/98
   SUBJECT:  Systems conversions
             Information resources management
             Computer software verification and validation
             Strategic information systems planning
             Systems compatibility
             Interagency relations
             International cooperation
             Electronic data interchange

             
******************************************************************
** This file contains an ASCII representation of the text of a  **
** GAO report.  Delineations within the text indicating chapter **
** titles, headings, and bullets are preserved.  Major          **
** divisions and subdivisions of the text, such as Chapters,    **
** Sections, and Appendixes, are identified by double and       **
** single lines.  The numbers on the right end of these lines   **
** indicate the position of each of the subsections in the      **
** document outline.  These numbers do NOT correspond with the  **
** page numbers of the printed product.                         **
**                                                              **
** No attempt has been made to display graphic images, although **
** figure captions are reproduced.  Tables are included, but    **
** may not resemble those in the printed version.               **
**                                                              **
** Please see the PDF (Portable Document Format) file, when     **
** available, for a complete electronic file of the printed     **
** document's contents.                                         **
**                                                              **
** A printed copy of this report may be obtained from the GAO   **
** Document Distribution Center.  For further details, please   **
** send an e-mail message to:                                   **
**                                                              **
**                                            **
**                                                              **
** with the message 'info' in the body.                         **
******************************************************************


Cover
================================================================ COVER


Report to Congressional Requesters

July 1998

YEAR 2000 COMPUTING CRISIS -
ACTIONS NEEDED ON ELECTRONIC DATA
EXCHANGES

GAO/AIMD-98-124

Electronic Data Exchanges

(511434)


Abbreviations
=============================================================== ABBREV

  BIS - Bank for International Settlements
  CIO - Chief Information Officer
  DCI - data collection instrument
  FIA - Futures Industry Association
  HUD - Department of Housing and Urban Development
  IATA - International Air Transport Association
  IOSCO - International Organization of Securities Commissions
  NASIRE - National Association of State Information Resource
     Executives
  OMB - Office of Management and Budget
  SIA - Securities Industry Association

Letter
=============================================================== LETTER


B-279011

July 1, 1998

The Honorable James A.  Barcia
Ranking Minority Member
Subcommittee on Technology
Committee on Science
House of Representatives

The Honorable Bart Gordon
Member
House of Representatives

This report contains information on actions taken to address Year
2000 issues for electronic data exchanges.  Electronic data exchanges
are used extensively to transfer information between computer
systems.  Consequently, as computer systems are converted to process
Year 2000 dates, the associated data exchanges must also be made Year
2000 compliant. 

As requested, our objectives were to identify (1) the key actions
taken to date to address electronic data exchanges among federal,
state, and local governments, (2) the actions the federal government
has taken to minimize the adverse economic impact of noncompliant
Year 2000 data from other countries' information systems corrupting
critical functions of our nation, and (3) international forums where
the worldwide economic implications of this issue have been or could
be addressed.  To obtain this information, we developed and sent a
data collection instrument to survey 42 federal departments and
agencies, all states, the District of Columbia, and Puerto Rico.  All
the federal agencies and 39 of the state-level organizations
responded to our survey during the first quarter of 1998.  Many of
the respondents were not able to provide consistent or complete data
because they had only recently begun inventorying and assessing data
exchanges and this data generally had not been centrally tracked and
managed.  We contacted the respondents to resolve instances of
inconsistent or incomplete data; however, we did not independently
audit and validate any of the data reported by the federal agencies
and states. 

We also collected data from federal and state organizations that are
coordinating activities to resolve Year 2000 computer problems and
from organizations that were identified as potential forums for
international Year 2000 data exchange issues from October 1997
through March 1998. 

We performed our work between September 1997 and April 1998 in
accordance with generally accepted government auditing standards. 
Details of our objectives, scope, and methodology are presented in
appendix I.  We requested comments on a draft of this report from the
National Association of State Information Resource Executives
(NASIRE), the President's Council on the Year 2000 Conversion, and
the Office of Management and Budget (OMB) for comment.  NASIRE and
OMB provided written comments that are discussed in the "Agency
Comments and Our Evaluation" section.  OMB's comments are reprinted
in appendix VIII. 


   RESULTS IN BRIEF
------------------------------------------------------------ Letter :1

Key actions to address Year 2000 data exchange issues are still in
the early stages; however, federal and state coordinating
organizations have agreed to use a 4-digit contiguous year format and
establish joint federal and state policy and working groups.  To
implement these agreements, OMB issued instructions in January 1998
to federal agencies to inventory all data exchanges with outside
parties by February 1, 1998, and coordinate with these exchange
partners by March 1, 1998.  At the time of our review, no actions had
been taken to establish target dates for additional key tasks, such
as testing new exchange formats or developing and implementing
contingency plans. 

About half of the federal agencies reported during the first quarter
of 1998 that they have not yet finished assessing their data
exchanges to determine if they will be able to process data with
dates beyond 1999.  Two of the 39 state-level organizations reported
having finished assessing their data exchanges.  For the exchanges
already identified as not Year 2000 ready, respondents reported that
little progress has yet been made in completing key steps such as
reaching agreements with partners on date formats, developing and
testing bridges and filters, and developing contingency plans for
cases in which Year 2000 readiness will not be achieved. 

Most federal agency actions to address Year 2000 issues with
international data exchanges have been in the financial services
area.  Ten federal agencies reported having a total of 702 data
exchanges with foreign governments or the foreign private sector. 
These foreign data exchanges represented less than 1 percent of
federal agencies' total reported exchanges.  Federal agencies
reported reaching agreement so far on formats for 98 (14 percent) of
the foreign data exchanges. 

International organizations addressing year 2000 issues have been the
most active in the financial services area.  During 1997, several
international organizations initiated activities to increase
awareness, provide guidance, and monitor the status of Year 2000
efforts. 


   BACKGROUND
------------------------------------------------------------ Letter :2

Exchanging data electronically is a common method of transferring
information among federal, state, and local governments; private
sector organizations; and nations around the world.  As computers
play an ever-increasing role in our society, more information is
being exchanged regularly.  Federal agencies now depend on electronic
data exchanges to execute programs and facilitate commerce.  For
example, federal agencies routinely use data exchanges to transfer
funds to contractors and grantees; collect data necessary to make
eligibility determinations for veterans, social security, and
medicare benefits; gather data on program activities to determine if
funds are being expended as intended and the expected outcomes
achieved; and share weather information that is essential for air
flight safety.  To facilitate commerce, federal agencies regulate or
provide oversight to organizations that use data exchanges
extensively to process payments through the banking system; purchase
or sell securities through stock exchanges and futures markets; and
facilitate import and export shipments through ports of entry.  We
have reported on potential data exchange issues that could affect
many of these activities (see the list of related products at the end
of this report). 

An electronic data exchange is the transfer (sending or receiving) of
a data set using electronic media.  Electronic data exchanges can be
made using various methods, including direct computer-to-computer
exchanges over a dedicated network; direct exchanges over
commercially available networks or the Internet; or exchanges of
magnetic media such as computer tapes or disks.  The information
transferred in a data set often includes at least one date. 

Because many computer systems have been using a 2-digit year in the
date format, the data exchanges have also used 2-digit years.  Now
that many formats are being changed to use 4 digits to correctly
process dates beyond 1999, data exchanges using 2-digit year formats
must also be changed to 4 digits or bridges must be used to convert
incoming 2-digit years to 4-digit years or convert outgoing 4-digit
years to 2-digits.  These conversions generally involve the use of
algorithms to distinguish the century (for example, 2-digit years
less than 50 may be considered 2000 dates and 2-digit years of 50 or
more may be considered 1900 dates).  In addition to using bridges,
filters may be needed to screen and identify incoming noncompliant
data to prevent it from corrupting data in the receiving system. 

These conversions are not necessary if the data exchanges are
designed to employ certain electronic data interchange standards (see
appendix II for a glossary of data exchange standards used by some
federal agencies).  A data exchange standard defines the format of a
specific data set for transmission.  Some of these standards specify
a 4-digit year format.  Federal agencies often use exchanges that do
not involve a standard format.  Instead, the data exchanges consist
of individual text files with a structure that is established by
agreement between the exchange partners.  Files using these formats
are generally referred to as flat files. 

As part of their Year 2000 correction efforts, organizations must
identify the date formats used in their data exchanges, develop a
strategy for dealing with exchanges that do not use 4-digit year
formats, and implement the strategy.  These efforts generally involve
the following steps.\1

  -- Assess information systems to identify data exchanges that are
     not Year 2000 compliant. 

  -- Contact the exchange partner and reach agreement on the date
     format to be used in the exchange. 

  -- Determine if data bridges and filters are needed. 

  -- Determine if validation processes are needed for incoming data. 

  -- Set dates for testing and implementing new exchange formats. 

  -- Develop and test bridges and filters to handle nonconforming
     data. 

  -- Develop contingency plans and procedures for data exchanges and
     incorporate into overall agency contingency plans. 

  -- Implement the validation process for incoming data. 

  -- Test and implement new exchange formats. 

The testing and implementation of new data exchanges must be closely
coordinated with exchange partners to be completed effectively.  In
addition to an agency testing its data exchange software, effective
testing involves end-to-end testing--initiation of the exchange by
the sending computer, transmission through intermediate
communications software and hardware, and receipt and acceptance by
receiving computer(s), thus completing the exchange process. 

Resolving data exchange issues will require significant efforts and
costs according to federal and state officials.  At an October 1997
summit, federal and state information technology officials estimated
that about 20 percent of Year 2000 efforts will be directed toward
correcting data exchange problems.  This could be significant
considering the magnitude of expected Year 2000 costs.  According to
OMB's February 15, 1998, Year 2000 status reports of 24 federal
agencies, the federal government's Year 2000 costs are estimated to
be about $4.7 billion.  Based on estimates provided by states to
NASIRE, the states' Year 2000 costs are estimated to be about $5.0
billion. 

If Year 2000 data exchange problems are not corrected, the adverse
impact could be severe.  Federal agencies exchange data with
thousands of external entities, including other federal agencies,
state agencies, private organizations, and foreign governments and
private organizations.  If data exchanges do not function properly,
data will not be exchanged between systems or invalid data could
cause receiving computer systems to malfunction or produce inaccurate
computations.  For example, such failures could result in the

  -- Social Security Administration not being able to determine the
     eligibility of applicants or compute and pay benefits because it
     relies on data exchanges for eligibility information and payment
     processing.  This could have a widespread impact on the public
     since the agency processes payments to more than 50 million
     beneficiaries each month, which in fiscal year 1997 totaled
     about $400 billion;

  -- National Highway Traffic Safety Administration not being able to
     provide states with information needed for driver registrations,
     which could result in licenses being issued to drivers with
     revoked or suspended licenses in other states;

  -- Department of Veterans Affairs not being able to determine
     correct benefits and make payments to eligible veterans;

  -- U.S.  Coast Guard not receiving weather information necessary to
     plan search and rescue operations; and

  -- Nuclear Regulatory Commission not receiving information from
     nuclear reactors that is needed to trigger emergency response
     actions. 

The overall responsibility for tracking and overseeing actions by
federal agencies to address Year 2000 issues rests with OMB and the
President's Council on Year 2000 Conversion that was established in
February 1998.  OMB has been tracking major federal agencies' Year
2000 activities by requiring them to submit quarterly status reports. 


--------------------
\1 The steps listed are based on guidance and best practices in the
information technology industry as described in Year 2000 Computing
Crisis:  An Assessment Guide (GAO/AIMD-10.1.14, September 1997). 


   KEY ACTIONS TO ADDRESS
   ELECTRONIC DATA EXCHANGES AMONG
   FEDERAL, STATE, AND LOCAL
   GOVERNMENTS ARE IN THE EARLY
   STAGES
------------------------------------------------------------ Letter :3

Efforts to address data exchange issues are in early stages.  Federal
and state coordinating organizations reached initial agreements in
1997 on the steps to address data exchanges issues; however, many
federal agencies and states have not yet finished assessing their
data exchanges to determine if they are Year 2000 compliant. 
Further, little progress has been made in completing key steps such
as reaching agreements with partners on exchange formats, developing
and testing bridges and filters, and developing contingency plans. 


      FEDERAL AND STATE EFFORTS TO
      COORDINATE RESOLUTION
      ACTIVITIES
---------------------------------------------------------- Letter :3.1

Federal and state coordinating organizations began to address Year
2000 data exchange problems in 1997.  Initial agreements on steps to
address data exchange issues were reached at a state/federal summit
in October 1997 that was hosted by the State of Pennsylvania and
sponsored by the federal Chief Information Officer Council (CIO
Council) and NASIRE.  At the summit, federal agency and state
representatives agreed to establish a contiguous 4-digit year date as
a default standard for exchanges.  They also agreed that federal
agencies will take the lead in providing information on exchanges
with states, any planned date format changes, and timeframes for any
changes.  In addition, joint federal and state policy and working
groups were established to continue the dialogue on exchange issues. 

To implement these agreements, OMB issued instructions in January
1998 for federal agencies to inventory all data exchanges with
outside parties by February 1, 1998, and coordinate plans for
transitioning to Year 2000 compliant data exchanges with exchange
partners by March 1, 1998.  OMB also set March 1999 as the target
date to complete the data exchange corrections.  In addition, for the
February 15, 1998, quarterly reports, OMB required the federal
agencies to describe the status of their efforts to inventory all
data exchanges with outside entities and the method for assuring that
those organizations will be or have been contacted, particularly
state governments.  However, OMB did not require the agencies to
report their status in completing key steps for data exchanges, such
as those listed earlier in this report. 

According to its Year 2000 Coordinator, NASIRE plans to continue
implementing the agreements reached at the October 1997 summit
through active participation in joint policy and working groups and
by holding additional state/federal meetings on data exchange issues. 
These activities will supplement NASIRE's continuing efforts to
provide states with access to information on vendors, software, and
methodologies for resolving Year 2000 problems. 

The federal CIO Council's State Interagency Subgroup also plans to
continue pursuing the agreements reached at the October 1997 summit
through joint state and federal meetings on data exchange issues and
by hosting a state/federal meeting in April 1998. 

The federal CIO Council also designated an official in the State
Department to act as the focal point for international exchange
issues.  The designee plans to work through federal agencies that
have international operations to increase our foreign data exchange
partners' awareness of Year 2000 issues.  For example, we were told
that the State Department will add Year 2000 issues to bilateral and
multilateral discussion agendas, such as the Summit of the Americas
and the Asian-Pacific Economic Cooperation meetings. 


      FEDERAL DEPARTMENT AND
      AGENCY YEAR 2000 DATA
      EXCHANGE ACTIVITIES
---------------------------------------------------------- Letter :3.2

Twenty of the 42 federal agencies we surveyed reported having
finished inventorying and assessing data exchanges for
mission-critical systems as of the first quarter of 1998.  Eighteen
agencies have not completed their assessments and the status of one
federal agency is not discernable because it was not able to provide
information on their total number of exchanges and the number
assessed.  The remaining three federal agencies said they do not have
external data exchanges. 

Federal agencies reported that they have a total of almost 500,000
data exchanges with other federal agencies, states, local
governments, and the private sector for their mission-critical
systems.  Almost 90 percent of the exchanges were reported by the
Federal Reserve\2 and the Department of Housing and Urban Development
(HUD) which reported having 316,862 and 133,567, respectively.  The
Federal Reserve exchanges data with federal agencies and the private
sector using software it provides to these entities.  The Federal
Reserve reported that it has assessed all of these exchanges.\3
Similarly, HUD has exchanges with housing authorities, states
agencies, and private sector organizations.  HUD has determined that
92 percent of these exchanges are not Year 2000 compliant.  The other
agencies reported their mission-critical systems have about 49,000
data exchanges with other federal agencies, states, local
governments, and the private sector, as shown in figure 1.  These
agencies reported that they have assessed about 39,000, or about 80
percent, of the exchanges.  (See appendix III for the status of
assessments and other actions for each of the federal agencies.)

   Figure 1:  Reported Federal
   Data Exchanges With Other
   Federal Agencies, States, Local
   Governments, and Private Sector
   Organizations

   (See figure in printed
   edition.)

Note:  Includes data exchanges for mission-critical systems only. 
Does not include 450,429 exchanges reported by the Federal Reserve
and Department of Housing and Urban Development. 

Source:  Data reported by federal agencies on GAO's data collection
instrument.  We did not independently verify this information. 

Significant federal actions will be needed to address Year 2000
problems with data exchanges.  Of the 39,000\4 exchanges that federal
agencies said they assessed, they reported about 27 percent as not
being Year 2000 compliant.  Only six federal agencies told us that
all their data exchanges are Year 2000 compliant and these represent
only 123 of the approximately 39,000 data exchanges that have been
assessed. 

As discussed previously, dealing with data exchanges involves a
number of steps.  For each noncompliant exchange, the agency must
reach agreement with the exchange partners on whether they will (1)
change the date format to make it compliant or (2) agree to retain
the existing 2-digit format and use bridges as an interim measure. 
To resolve Year 2000 data exchange problems, all federal agencies
have chosen to adopt a contiguous 4-digit year format; however, some
agencies plan to continue using a 2-digit year format for some of
their exchanges in the near term.  If a 2-digit exchange format is
retained but the agency's system will be using 4-digit years, the
agency must develop, test, and implement (1) bridges to convert dates
to a useable form and (2) filters to recognize 2-digit years and
prevent them from entering agency systems.  In addition, the agencies
should identify the exchanges where there is a probability that, even
though agreements have been reached to exchange 4-digit years, one
partner may not be compliant.  In these cases, agencies must develop
contingency plans to ensure that mission-critical operations
continue. 

The status of activities to contact and reach agreement on Year 2000
readiness with exchange partners varies significantly among federal
agencies.  Only one federal agency reported having reached agreements
with all its exchange partners.  While on average the other federal
agencies reported having reached agreements on about 24 percent of
their exchanges, almost half of federal agencies reported that they
have reached agreements on 10 percent or less of their exchanges, as
shown in figure 2 below. 

   Figure 2:  Reported Percentage
   of Agreements Reached With
   Exchange Partners by 36 Federal
   Agencies

   (See figure in printed
   edition.)

Note:  Figures do not include the status of agreements reported by
the Federal Reserve because it controls the data exchange software
and does not need to reach agreement with exchange partners on
formats. 

Source:  Data reported by federal agencies on GAO's data collection
instrument.  We did not independently verify this information. 

Few federal agencies reported having taken actions to install bridges
or filters.  Seventeen federal agencies responding to our survey have
identified the need to install 988 bridges or filters.  In total, the
agencies reported having developed and tested 203, or 21 percent, of
the needed bridges or filters.  In addition, only 38 percent of the
federal agencies reported having developed contingency plans for data
exchanges.  The need for bridges, filters, and contingency plans may
increase as agencies continue assessing data exchanges and contacting
and reaching agreements with exchange partners. 


--------------------
\2 Information concerning the Federal Reserve was provided by the
Board of Governors of the Federal Reserve System. 

\3 The Federal Reserve has 2-digit and 4-digit year formats in its
data exchanges.  It plans to use 4-digit formats for all exchanges in
the future, but will continue using the 2-digit year format for some
exchanges and have exchange partners bridge to these if necessary. 
Federal Reserve's Year 2000 officials estimated that 20 percent of
their data exchanges have 2-digit year formats.  They also told us
that they have not set a target date for the conversion to 4-digit
year formats. 

\4 These numbers do not include the Federal Reserve and HUD data
exchanges that were previously discussed. 


      STATES' YEAR 2000 DATA
      EXCHANGE ACTIVITIES
---------------------------------------------------------- Letter :3.3

Only two states reported to us that they have finished inventorying
and assessing data exchanges for mission-critical systems.  The
status of 15 of the 39 states that responded to our survey is not
discernable because they were not able to provide us with information
on their total number of exchanges and the number assessed.  In
addition, all but two states were able to provide only partial
responses or estimates on the status of exchanges.  For the 24 states
that provided actual or estimated data on the status of their
exchanges, an average of 47 percent of the exchanges had not been
assessed.\5 Similar to the federal agencies, states reported that the
largest number of exchanges were with the private sector, as shown in
figure 3 below.  (See appendix IV for the status of assessments and
other actions for each state.)

   Figure 3:  Reported State Data
   Exchanges With Federal
   Agencies, Other States, Local
   Governments, and Private Sector
   Organizations

   (See figure in printed
   edition.)

Note:  Includes data exchanges for mission-critical systems of 23
states that provided data in these categories. 

Source:  Data reported by federal agencies on GAO's data collection
instrument.  We did not independently verify this information. 

Significant state actions will be needed to address Year 2000 data
exchange issues.  Of the 12,262 total exchanges that states reported
as having assessed, 5,066 exchanges (41 percent) are reported as not
being Year 2000 compliant.  None of the states reported that all
their data exchanges are Year 2000 compliant.  For each of the
noncompliant exchanges, the states must take the same types of
actions, as described earlier for federal agencies, to reach
agreements with the exchange partners, develop, test, and implement
bridges and filters, and develop data exchange contingency plans. 

Similar to federal agencies, states reported having made limited
progress in reaching agreement with exchange partners on addressing
changes needed for Year 2000 readiness, installing bridges and
filters, and developing contingency plans.  However, we can draw only
limited conclusions on the status of the states actions because data
were provided on only a small portion of states' data exchanges. 
Officials from several states told us that they were unable to
provide actual, statewide data on their exchanges because the states
do not collect and maintain such information centrally and the state
agencies did not provide the data requested in our survey.  According
to NASIRE's Year 2000 committee chairman, individual state agencies
are aware of data exchange issues and have started taking action to
address them, but few state chief information officers have begun
monitoring these actions on a statewide basis. 


--------------------
\5 This includes data from 11 states that provided estimates on the
status of their data exchanges and 11 states that provided partial
data. 


      REGULATORY/OVERSIGHT
      ACTIVITIES TO PROMOTE
      RESOLUTION OF YEAR 2000
      ISSUES
---------------------------------------------------------- Letter :3.4

In addition to working with their exchange partners to resolve Year
2000 issues, some federal agencies are providing Year 2000 guidance
to the organizations that they regulate or oversee and monitoring
their Year 2000 activities.  Sixteen federal agencies reported that
they have regulatory or oversight responsibilities.  Seven of the
agencies focus on the financial services area, including banks,
thrifts, and security exchanges.  The others regulate or provide
oversight to organizations performing government services, such as
housing authorities and grantees, and private organizations in a
variety of industry sectors such as the import and export industry,
the maritime industry, manufacturers of medical devices and
pharmaceuticals, and the oil, gas, and mineral industries. 

All but 3 of the 16 agencies reported providing guidance or
establishing working groups addressing Year 2000 issues for the
organizations for which they have regulatory or oversight
responsibility.  In total, 11 of the 16 federal agencies provided
guidance on Year 2000 issues and the guidance from all but two
addressed data exchange issues, 10 agencies have sponsored Year 2000
working groups, 12 agencies have monitored progress in resolving Year
2000 problems, and 5 have established inspection or validation
programs.  Of the 12 agencies that have been monitoring progress on
the resolution of Year 2000 problems, 10 reported that they have data
on the corrective action status of the organization they regulate or
oversee.  See appendix V for Year 2000 activities undertaken by each
federal regulatory or oversight agency. 


   MOST ACTIONS TAKEN BY FEDERAL
   AGENCIES TO PREVENT
   INTERNATIONAL DATA EXCHANGE
   PROBLEMS HAVE BEEN IN THE
   FINANCIAL SERVICES AREA
------------------------------------------------------------ Letter :4

Federal agencies in the financial services area reported having
initiated efforts domestically and internationally to address Year
2000 problems with international data exchanges, but other federal
agencies reported that they are still in the initial stages of
addressing these issues. 

Ten federal agencies reported having 702 data exchanges with foreign
governments or the foreign private sector.  These 702 foreign data
exchanges reported by federal agencies represent less than 1 percent
of all federal data exchanges.  The federal agencies reported
reaching agreement on formats for 98, or 14 percent, of the foreign
exchanges. 

Three federal agencies--the Departments of the Interior, Treasury,
and Defense--have the bulk of the reported foreign data exchanges. 
For its 416 reported foreign exchanges, Interior plans to notify its
foreign data exchange partners that it will continue to use a 2-digit
year in data exchanges and use bridges with algorithms to compute the
century.  Treasury has reached agreement on year formats for 71 of
its 107 reported foreign exchanges and advised us that it is using
bank examiners to monitor the activities to make all the exchanges
Year 2000 compliant.  The Department of Defense reported reaching
agreement on 18 of its 103 data exchanges with foreign entities.  The
remaining seven federal agencies reported having reached agreement on
9 of their 76 foreign data exchanges. 

Interior was the only agency that reported having developed and
tested bridges and filters to convert dates and prevent the
corruption of its systems.  None of the agencies reported having
developed contingency plans to process transactions if the exchange
partners' systems were not Year 2000 compliant. 

Nine federal agencies--six in the financial services area--said they
have regulatory or oversight responsibility for organizations with
international data exchanges.  Three agencies in the financial
services area said they are relying on bank examiners to monitor
progress and one is providing guidance to exchange partners for
addressing Year 2000 problems.  Four of the nine agencies stated that
they are also addressing Year 2000 problems by working with
international organizations, such as the Bank for International
Settlements, the International Organization of Securities
Commissions, and the Securities Industry Association.  Two of the
nine agencies reported having no ongoing international Year 2000
activities. 


   SEVERAL INTERNATIONAL
   ORGANIZATIONS ARE SERVING AS
   FORUMS FOR ADDRESSING YEAR 2000
   ISSUES
------------------------------------------------------------ Letter :5

International organizations identified by federal agencies as forums
for Year 2000 activities were primarily in the financial services
area including the Bank for International Settlements, International
Organization of Securities Commissions, Securities Industry
Association, and Futures Industry Association.  The Department of
Transportation also identified the International Civil Aviation
Organization as a potential international forum for the resolution of
Year 2000 problems.  In addition, from our search of the Internet for
Year 2000 activities by international organizations, we identified
eight other potential international forums.  The activities of these
organizations are highlighted in table 1 and the reported current and
planned activities of each organization are summarized in appendix
VI. 



                                     Table 1
                     
                         Reported Year 2000 Activities of
                           International Organizations

                                                  Work
                                                  groups or   Monitor
                            Promoting   Issuing   conference  or
Organization                awareness   guidance  s           survey    Other
--------------------------  ----------  --------  ----------  --------  --------
Bank for International      X           X         X           X         X
Settlements

International Organization  X           X                     X
of Securities Commissions

Securities Industry         X           X         X           X         X
Association

Futures Industry            X                     X           X
Association

International Association   X
of Insurance Supervisors

International Civil         X           X
Aviation Organization

International Air           X                     X           X         X
Transport Association

European Commission         X           X         X           X

World Bank                  X           X

United Nations              X           X

Year 2000 Global Steering   X
Committee

International Council for   X                     X
Information Technology in
Government Administration

Interpol                                                                X
--------------------------------------------------------------------------------
Source:  Information was collected from the entities listed and from
their Internet web sites.  We did not independently verify this
information. 

The primary efforts cited by the international organizations are
increasing awareness and providing information and guidance on
resolving Year 2000 problems, including posting the information on
their Internet web sites.  Six organizations also reported that they
are sponsoring conferences or workshops to discuss Year 2000 issues
and six reported that they are monitoring or surveying the status of
their members' Year 2000 activities. 

Organizations in the financial services area are the most active in
Year 2000 efforts.  According to the Bank for International
Settlements, payment and settlement systems are essential elements of
financial market infrastructures through which clearing
organizations, settlement agents, securities depositories, and the
various direct and indirect participants in these systems are
intricately connected.  It is therefore imperative that the systems
be adapted and certified early enough to ensure that they are Year
2000 compliant and to allow for testing among institutions.  To
address these issues, officials at the Bank for International
Settlements told us that it is coordinating with the International
Organization of Securities Commissions and the International
Association of Insurance Supervisors to draw attention to Year 2000
issues.  In September 1997, the Bank for International Settlements
issued a technical paper for banks which sets out a strategic
approach for the development, testing, and implementation of system
solutions as well as defining the role that central banks and bank
supervisors need to play in promoting awareness of the issue and
enforcing action. 

Other organizations have also used the Bank for International
Settlements' technical framework to stimulate activities of their
members.  For example, the Securities Industry Association used the
framework to develop a project plan with target dates for completing
various tasks and posted the plan on its Internet web site for
members to use in planning their Year 2000 activities.  The
Securities Industry Association also used the framework as the basis
for a survey instrument for assessing the status of its members' Year
2000 activities. 

The European Commission has been publishing issue papers and
conducting workshops to increase awareness of Year 2000 computer
problems among its member countries.  These issue papers and
workshops also addressed the implication of European countries'
efforts to convert to the new Euro currency.  Because this conversion
is taking place at about the same time as the Year 2000 date
conversion activities, the two are in competition for financial,
technical, and management resources.  To identify how businesses are
approaching the Euro conversion and the inter-relationship with
activities to resolve Year 2000 problems, the European Commission
sponsored a survey of more than 1,000 senior information technology
managers in 10 countries.  The result of this survey, as well as the
issue papers and workshop results, are posted on the European
Commission's web site (www.ispo.cec.be/y2keuro). 

In addition to assisting their members, several of the international
organizations reported having programs to ensure that their own
systems will be able to process international data exchanges for
their members in the Year 2000.  For example, the Bank for
International Settlements, the International Air Transport
Association, and Interpol told us that they have information systems
that process transactions and information exchanges for their member
organizations.  Each of these organizations said that their Year 2000
programs are on schedule and that they will be able to support
international data exchanges with Year 2000 dates. 


   CONCLUSIONS
------------------------------------------------------------ Letter :6

Unless federal agencies take action to reach date format agreements
with their data exchange partners and deal with data exchanges that
will not be Year 2000 compliant, some of the agencies'
mission-critical systems may not be able to function properly.  The
data reported to us by federal agencies and state governments suggest
that the full extent of the managerial and operational challenges
posed by the heavy reliance on others for data needed to sustain
government activity is not yet known.  For the vast majority of data
exchanges, including those with international entities, federal
agencies have not reached agreement with their exchange partners and,
therefore, do not know if the partners will be able to effectively
exchange data in the Year 2000. 

Without knowing the status of activities or reaching agreements with
exchange partners, federal agencies can not identify all the
exchanges requiring (1) filters to prevent incoming invalid data from
corrupting mission-critical systems or (2) provisions in the
agencies' business continuity and contingency plans to ensure the
continuation of mission-critical operations.  In addition, without
extensive coordination with exchange partners, federal agencies will
not be able to develop and test new data exchange formats, bridges,
and filters to ensure that they will function properly. 

Because federal agencies and states are still in the early stages of
resolving Year 2000 problems for data exchanges and the status of
exchange partner activities is generally unknown, federal agencies
need to take the lead in setting target dates for critical activities
to prevent disruptions to their operations.  These include setting
target dates for testing and implementing new exchange formats and
decision points for initiating the development and implementation of
contingency plans. 

International forums for Year 2000 issues are available for a few
economic sectors and primarily in North America and Western Europe. 
Only recently have any federal activities been directed at
international issues and these have been limited to increasing
awareness. 


   RECOMMENDATIONS
------------------------------------------------------------ Letter :7

We recommend that the Director, OMB, in consultation with the Chair
of the President's Council on Year 2000 Conversion, issue the
necessary guidance to require federal agencies to take the following
actions. 

  -- Establish schedules for testing and implementing new exchange
     formats prior to the March 1999 deadline for completing all data
     exchange corrections; such schedules may include national test
     days that could be used for end-to-end testing of critical
     business processes and associated data exchanges affecting
     federal, state, and/or local governments. 

  -- Notify exchange partners of the implications to the agency and
     the exchange partners if they do not make date conversion
     corrections in time to meet the federal schedule for
     implementing and testing Year 2000 compliant data exchange
     processes. 

  -- Give priority to installing the filters necessary to prevent the
     corruption of mission-critical systems from data exchanges with
     noncompliant systems. 

  -- Develop and implement, as part of their overall business
     continuity and contingency planning efforts, specific provisions
     for the data exchanges that may fail, including the approaches
     to be used to mitigate operational problems if their partners do
     not make date conversion corrections when needed. 

  -- Report, as part of their regular Year 2000 status reports, their
     status in completing key steps for data exchanges, such as the
     percent of exchanges that have been inventoried, the percent of
     exchanges that have been assessed, the percent of exchanges that
     have agreements with exchange partners, the percent of exchanges
     that have been scheduled for testing and implementation, and the
     percent of exchanges that have completed testing and
     implementation. 

We also recommend that the Director, OMB, ensure that the federal CIO
Council (1) identifiy the areas in which adequate forums on Year 2000
issues are not available for our international trade partners and (2)
develop an approach to promote Year 2000 compliance activities by
these trading partners. 


   AGENCY COMMENTS AND OUR
   EVALUATION
------------------------------------------------------------ Letter :8

We provided a draft of this report to NASIRE, the President's Council
on the Year 2000 Conversion, and OMB for comment.  NASIRE stated that
its Year 2000 Committee had reviewed the draft and had no suggested
changes.  The NASIRE President also commented that the information
and recommendations seemed reasonable and should assist federal
agencies and states in their Year 2000 efforts.  The President's
Council on Year 2000 Conversion did not provide comments on the
report.  OMB provided comments that are reproduced in appendix VIII
and summarized and evaluated below. 

OMB provided updated information on the initial steps taken by
federal agencies to address data exchange issues, described actions
taken to partially implement three of our recommendations, cited
plans to implement one recommendation, and gave reasons for
disagreeing with the remaining two recommendations.  OMB commented
that our survey results would have been markedly different if the
data had been collected 1 month later.  OMB stated that, after our
survey, 24 of the largest federal agencies reported that they had
completed their assessments of data exchanges, and that virtually all
of these agencies had now reached agreements with their exchange
partners on exchange formats.  We agree with OMB that these steps
would represent a good start; however, many essential actions are yet
to be completed.  Our recommendations focus on the actions needed to
ensure that federal agencies appropriately build on these fundamental
steps to comprehensively address data exchange issues. 

In commenting on our recommendation concerning the establishment of
schedules for testing and implementation of new exchange formats, OMB
listed the actions that the CIO Council had taken in cooperation with
NASIRE to (1) establish lists of exchanges and a contact point for
each exchange and (2) develop a reporting format for federal agencies
to report monthly on the status of each data exchange with states
starting in July 1998.  OMB stated that this information will be
posted on an Internet web site and be available for federal and state
officials to review and determine whether testing is being conducted
successfully.  While these are positive steps toward implementation
of our recommendation, they do not address the need to establish
schedules for testing and implementing new exchange formats. 
Schedules with target dates for testing and implementation of new
exchanges are needed for coordinating efforts and measuring progress
toward specific milestones.  In addition, the actions described by
OMB apply only to states and thus do not address exchanges with other
federal agencies, local governments, and the private sector that
constitute over 80 percent of the total reported exchanges. 

As to our recommendation concerning the development and
implementation of contingency plans for data exchanges that may fail,
OMB stated that on April 28, 1998, it directed federal agencies to
ensure that their continuity of business plans address all risks to
information flows, including those with external organizations.  OMB
plans to evaluate this guidance and amplify it as necessary based on
its review of agencies' May 15, 1998, Year 2000 status reports.  OMB
has taken an important step by issuing this directive.  However, the
May progress reports showed that federal agencies are making slow
progress in their Year 2000 activities and this reinforces the need
for OMB to provide clear directions on this critical issue.  Because
of the risk that exchange partners may not be able to make their
systems and exchanges Year 2000 compliant and the importance of
developing effective contingency plans, OMB should provide explicit
directions to ensure that agencies devote sufficient management
attention and resources to this critical activity.  Such directions
should clearly require agencies to perform the key tasks associated
with initiating the project, preparing business impact analysis,
developing contingency plans, and testing the plans. 

Regarding our recommendation that OMB require agencies to report
their status in completing key steps for data exchanges as part of
the regular Year 2000 status reports, OMB stated that the posting of
data exchange status information on a web site, as discussed above,
will be used rather than imposing an additional reporting requirement
on agencies.  OMB explained that it and NASIRE have agreed to this
approach because it (1) provides sufficient information at a policy
level to ensure that the work is getting done, (2) promotes the
greatest exchange of information at the working level, and (3)
minimizes duplication of reporting.  As we previously stated,
establishing this status reporting process is a positive step;
however, the website will contain information on thousands of data
exchanges with states and must be summarized and analyzed for it to
be useful in managing and monitoring the time-critical activities to
resolve data exchange issues.  Also, as previously noted, this
reporting requirement only covers the status of exchanges with states
and thus excludes the other data exchanges that constitute over 80
percent of the total exchanges. 

OMB agreed with our recommendation that agencies should give priority
to installing the filters necessary to prevent the corruption of
mission-critical systems and said that it plans to update its
guidance to agencies to make sure they recognize this priority as
well. 

OMB did not agree that agencies need to notify their exchange
partners of the implications to the agency and the exchange partners
if they do not make date conversions in time to meet the schedule for
testing and implementing Year 2000 compliant data exchange processes. 
OMB stated that exchange partners are well aware of the implications
of failing to make date conversions.  Although exchange partners are
aware of the general implications of date exchange failures, the
partners will not know the implications if they do not meet testing
and implementation schedules for specific exchanges, unless the
agencies notify their exchange partners.  Knowledge of these
implications is important because the exchange partners have many
competing demands for Year 2000 resources and may have to decide
which activities will be completed on time and which will be
deferred.  Therefore, exchange partners need to know the implications
of data exchange failures, including the actions that will be needed
under contingency plans if the partners do not meet key milestones
for testing and implementing data exchanges. 

OMB also disagreed with our recommendation that the federal CIO
Council (1) identify the areas in which adequate forums on Year 2000
issues are not available for our international trade partners and (2)
develop an approach to promote Year 2000 compliance activities by
these trading partners.  OMB said that the Chair of the President's
Council on Year 2000 Conversion agreed that international
implications of the Year 2000 problems are of the gravest concern,
but disagreed that the CIO Council would be the right place to begin
addressing these problems.  According to OMB, the Chair has met with
representatives from two international organizations to encourage
them to be more involved in Year 2000 activities and with the
Secretary of State who agreed to have ambassadors conduct outreach
efforts in each country.  OMB also said that the Chair has asked
agency heads to encourage international organizations to cooperate in
addressing Year 2000 problems.  The steps taken by the Chair to
promote international actions on Year 2000 problems represent
progress but much more organized, concerted, and continuous effort
are needed to adequately address this far-reaching and complex
issue--one that the Chair has acknowledged as being of gravest
concern.  Because the CIO Council includes representatives of
agencies that regulate or influence private sector organizations that
operate internationally in every economic sector, it could, and
should, play an important role in providing the President's Council
with the support needed to deal effectively with Year 2000 issues
worldwide. 


---------------------------------------------------------- Letter :8.1

As agreed with your offices, unless you publicly announce its
contents earlier, we plan no further distribution of this report
until 30 days from the date of this letter.  At that time, we will
send copies to the Chairman of the Committee on Science; the Ranking
Minority Member of the Committee on Science; the Chairman of the
Subcommittee on Technology; other interested congressional
committees; the Director, Office of Management and Budget; and other
interested parties.  Copies will also be made available to others
upon request. 

I can be reached at (202) 512-6408 or by e-mail at
[email protected], if you or your staff have any questions. 
Major contributors to this report are listed in appendix IX. 

Joel C.  Willemssen
Director, Civil Agencies Information Systems


OBJECTIVES, SCOPE, AND METHODOLOGY
=========================================================== Appendix I

As requested by the Ranking Minority Member of the Subcommittee on
Technology, House Committee on Science, our overall objectives for
the review were to identify (1) the key actions taken to date to
address electronic data exchanges among federal, state, and local
governments, (2) actions the federal government has taken to minimize
the adverse economic impact of noncompliant Year 2000 data from other
countries' information systems corrupting critical functions of our
nation, and (3) international forums where the worldwide economic
implications of this issue have been or could be addressed. 

To identify the key actions taken to date to address electronic data
exchanges among federal, state, and local governments, we contacted
federal and state organizations responsible for coordinating Year
2000 activities to identify their approaches for addressing data
exchange issues.  We obtained information on the status of actions of
federal agencies and states using a data collection instrument (DCI). 
The DCI contains questions based on our Year 2000 Computing Crisis: 
An Assessment Guide (a copy of the DCI is reproduced in appendix
VII).  The DCI was pretested by having it reviewed for clarity and
reasonableness by three agencies' representatives who are
knowledgeable about data exchanges.  We revised the DCI based on
their comments and further tested it by sending it to six federal
agencies and three states.  Five of the six federal agencies
responded with a completed DCI in November and December 1997 and the
other agency did not respond until February 1998.  The three states
provided oral comments, but did not respond with a completed DCI. 
Based on the five agencies' responses and our subsequent follow-up
questions concerning inconsistent or incomplete data, we revised the
DCI by adding additional definitions and cross references. 

The DCI was sent to an additional 36 federal departments\1 and major
agencies (referred to collectively as federal agencies) and the
remaining 47 states, the District of Columbia, and Puerto Rico.  All
36 federal agencies and 39 of the 52 state-level organizations
responded to our survey between January and March 1998.  Three of the
federal agencies reported that they did not have external data
exchanges.  In cases involving incomplete responses or inconsistent
data on responses, we contacted the respondents to request additional
data or clarification, as appropriate.  Responses to follow-up
questions were received in February, March, and April 1998. 

The DCI was also used to identify the federal government's actions
taken to minimize the adverse economic impact of noncompliant Year
2000 data from other countries' information systems corrupting
critical functions of our nation.  In this regard, we collected
information from federal and state organizations that have, or
oversee entities that have, international data exchanges using the
DCI. 

To identify international forums where the worldwide economic
implications of this issue have been or could be addressed, we
collected information from federal agencies using the DCI and
researched international organization and Year 2000 Internet sites. 
We contacted the organizations identified as potential forums for
international Year 2000 data exchange issues from October 1997
through March 1998 and ascertained their current and planned Year
2000 activities.  Five of the international organizations that we
contacted did not have Year 2000 activities or did not respond to our
request for information.  These organizations were the International
Monetary Fund, Organization for Economic Cooperation and Development,
European Monetary Institute, Asia-Pacific Economic Cooperation, and
Association of Southeast Asian Nations. 

We did not independently verify the data provided in the DCI.  We
performed our work between September 1997 and April 1998 in
accordance with generally accepted government audit standards. 


--------------------
\1 One combined Department of Defense response included information
for the departments of the Army, Navy, and Air Force. 


DATA EXCHANGE STANDARDS GLOSSARY
========================================================== Appendix II


      ANSI ASC X12
------------------------------------------------------ Appendix II:0.1

American National Standards Institute Accredited Standards Committee
X12:  An ANSI committee that formulates electronic data interchange
standards governing transaction sets, segments, data elements, code
sets, and interchange control structure.  Standards define the format
for specific electronic data interchange messages.  In June 1997, the
committee approved the use of a 8-digit date in X12 that includes the
first 2 digits of the year. 


      CHIPS
------------------------------------------------------ Appendix II:0.2

The Clearing House Interbank Payments System:  a computerized network
for the transfer of international dollar payments.  CHIPS links 115
depository institutions which have offices in New York City. 


      EDI MEDICARE
------------------------------------------------------ Appendix II:0.3

ANSI ASC X12 standards for the formatting and transmission of
Medicare electronic transmissions involving enrollments, claims,
reimbursements, and other payments. 


      FEDWIRE
------------------------------------------------------ Appendix II:0.4

Federal Reserve's electronic funds and securities transfer service. 
Fedwire is used by Federal Reserve Banks and branches, the Department
of the Treasury, other government agencies, and depository
institutions. 


      FIPS 4-1
------------------------------------------------------ Appendix II:0.5

Federal Information Processing Standards Publication 4-1,
Representation for Calendar Date and Ordinal Date for Information
Interchange.  FIPS 4-1 strongly encourages agencies to use a 4-digit
year format for data exchanges. 


      HL7
------------------------------------------------------ Appendix II:0.6

A standard for electronic data exchange in certain health care
applications involving patient, clinical, epidemiological, and
regulatory data.  HL7 standards are not used in healthcare insurance
administration applications. 


      UN/EDIFACT
------------------------------------------------------ Appendix II:0.7

United Nations-supported international electronic data exchange
standard for administration, commerce, and transport. 


REPORTED STATUS OF ASSESSMENTS AND
OTHER ACTIONS BY FEDERAL AGENCIES
========================================================= Appendix III

                                        Mission-critical
                                            systems                            Exchanges                         Bridges and filters
                                      --------------------              ------------------------               ------------------------
                                                                                         Percent                                Percent   Contingency
Department/agency\a (response                         With       Total      Percent  noncomplian   Agreements   Identified    developed         plans
date)\b                                   Total  exchanges      number     assessed            t      reached    as needed     & tested     developed
------------------------------------  ---------  ---------  ----------  -----------  -----------  -----------  -----------  -----------  ------------
Agency for International Development         65          6          39           95           89            2            0            -             0
 (1/22/98)
Commodity Futures Trading Commission          2          2          27          100            0           27            0            -             0
 (1/23/98)
Department of Agriculture (3/12/98)       1,320        121       8,091           94           42        2,075           30           27           521
Department of Commerce (4/2/98)             500         73         265           92           63           61          105           37           140
Department of Defense (4/7/98)            2,378        548       1,911           51           51          476           55           49           143
Department of Education (4/1/98)             14         10      13,536           68            0        4,600            0            -            44
Department of Energy (1/29/98)              368      n/a\c         n/a          n/a          n/a          n/a          n/a          n/a           n/a
Department of Health and Human              490        177       6,170           70           57          655          306           19         1,211
 Services (3/26/98)
Department of Housing and Urban              63         21     133,567          100           92        9,514       30,533            0        61,066
 Development (4/8/98)
Department of the Interior (3/18/            95         40       2,921           98           47           12           31           81            12
 98)
Department of Justice (4/9/98)              192         59         280           69           49          150           71           18           173
Department of Labor (1/26/98)                61         18       3,130          100            8          236           14            0            66
Department of State (3/4/98)                 69          9          25           52           31            6            0            -             0
Department of the Treasury (3/25/           311        138       6,898          100           12        2,725           76           32            77
 98)
Department of Transportation (3/5/          516         56         344           51           83           66           78            1            53
 98)
Department of Veterans Affairs (1/           11         10         580          100           23          230            0            -             0
 21/98)
Environmental Protection Agency (2/          61         25       1,000            0          n/a          n/a          n/a          n/a           n/a
 11/98)
Federal Communications Commission            24         21          55          100           55            1           15            0             0
 (4/7/98)
Federal Deposit Insurance                    40         14          79          100           87            0            0            -             0
 Corporation (3/13/98)
Federal Emergency Management Agency          48          3         214          100            2            0            0            -             0
 (1/23/98)
Federal Maritime Commission (3/31/            1          1          86          100            0            0            0            -             0
 98)
Federal Reserve (3/26/98)                     8          8     316,862          100            0       n/n\d\            0            -             -
Federal Trade Commission (1/23/98)           18          6           6          100            0            4            0            -             0
General Services Administration (3/          42         19       1,796           56            6          236            1            0            55
 27/98)
National Aeronautics and Space              158         17         110           37           46           15            5            0             4
 Administration (1/23/98)
National Archives and Records                22          3          40            0          n/a          n/a          n/a          n/a           n/a
 Administration (3/6/98)
National Credit Union Administration         11          1           1          100            0            0            0            -             0
 (1/23/98)
National Science Foundation (1/26/           16          4          18          100           44           10            0            -             0
 98)
National Transportation Safety Board          2          1           2          100            0            0            0            -             0
 (3/9/98)
Nuclear Regulatory Commission (3/             7          1         107          100          100            0          107            0             0
 31/98)
Office of Personnel Management (1/          124         44         166          100           38           92           35            0            96
 27/98)
Overseas Private Investment                   4          2           8          100           88            0            0            -             0
 Corporation (1/22/98)
Pension Benefit Guaranty Corporation         15          3           8           75            0            6            0            -             0
 (1/27/98)
Railroad Retirement Board (3/4/98)           83         17         110           64           56            7            2          100             0
Securities and Exchange Commission           53         18          28            0          n/a            0           18            0             0
 (3/18/98)
Small Business Administration (1/            40          9          40          100           95            2            2          100            16
 30/98)
Social Security Administration (3/          308        n/a         302          100          100            0           37           14             0
 9/98)
U.S. International Trade Commission           4          1           1          100            0            0            0            -             0
 (2/2/98)
U.S. Postal Service (1/26/98)               408         56         903           90           90            0            0            -             0
-----------------------------------------------------------------------------------------------------------------------------------------------------
\a Three agencies are not listed in this table because they reported
having no data exchanges.  These agencies are the Export-Import Bank
of the U.S., Federal Retirement Thrift Investment Board, and U.S. 
Trade and Development Agency. 

\b The date that the agency supplied the most recent information,
including new data supplied as the result of follow-up questions. 

\c n/a means that the agency was not able to provide this data. 

\d n/n means that reaching agreement with exchange partners is not
necessary because the Federal Reserve provides the data exchange
software to the exchange partners. 

Source:  Federal agencies' responses on a data collection instrument
developed by GAO.  We did not independently verify this information. 


REPORTED STATUS OF ASSESSMENTS AND
OTHER ACTIONS BY STATES
========================================================== Appendix IV

          Mission-
          critical                                       Bridges and
          systems                Exchanges                 filters
       --------------         ---------------            ------------
                                                                Perce
                                                                 nt
                                                         Ident  devel
                              Percen  Percent            ified  oped   Contingen
                 With  Total       t     non-  Agreemen   as      &           cy
       Tota  exchange  numbe  assess  complia        ts  neede  teste      Plans
State     l         s      r      ed       nt   reached    d      d    Developed
-----  ----  --------  -----  ------  -------  --------  -----  -----  ---------
Alaba   417       333  2,099      21       44       334    0      0           51
 ma\a
Calif   631       114    769      88       94       104    8     13          202
 orni
 a\a
Conne  1,54       136    196      69       59        46   70      0           40
 ctic     9
 ut\a
Delaw   195        72    849      89       17       487   23     17            0
 are
Georg   378       100    600      50       87     n/a\c   n/a    n/a         n/a
 ia\b
Illin   333       123  3,970      69       18     2,021   298     5            1
 ois\a
India   200        10     10      10        0         0    0      0            0
 na\a
Iowa\   104        66     87      46       65        87    3      0           16
 b
Kansa   262       113    949      53       32       173   28     36           54
 s\b
Kentu   290        76    118      66       49        66    0      0           24
 cky\a
Maryl    30        20     60      67       63         0    0      0            0
 and\b
Michi   718        43     86      50       65         0    0      0            0
 gan\a
Minne  1,62       n/a  1,330      64       50       n/a   320     0            0
 sota     8
 \a
Missi    40        40    105     100       98       100   103     0          n/a
 ssip
 pi\b
New     200       100    100      50       60       n/a   15      0            0
 Hamp
 shir
 e\b
North   171        67     90     100       78         0    0      0            0
 Dako
 ta\b
Ohio\  2,00       800    800      88       29       145   200    50            0
 b        0
Oklah    14         4     65     100       38       n/a    5      0           15
 oma\b
Puert   148        61    464      59       27        41   71      0           52
 o
 Rico
 \b
South   611       189  1,145      59       34       380   19     79           37
 Caro
 lina
 \a
Tenne   231        83  2,218      87       72     1,493  1,370    0            9
 ssee
Utah\   548       112    178      62       47        27   22      0           57
 a
Vermo    80        58  4,051      40       24        24    0      0            0
 nt
West     18        11     17      82       43         7    1      0            0
 Virg
 inia
 \b
--------------------------------------------------------------------------------
Note:  This table does not include state organizations that did not
respond to our survey, including Alaska, Arizona, Arkansas, Hawaii,
Idaho, Louisiana, Maine, Nebraska, New Jersey, New Mexico,
Pennsylvania, Rhode Island, and Wisconsin.  This table also does not
include state organizations that responded to our survey but were not
able to provide the requested data, including Colorado, District of
Columbia, Florida, Massachusetts, Missouri, Montana, Nevada, New
York, North Carolina, Oregon, South Dakota, Texas, Virginia,
Washington, and Wyoming. 

\a These states were not able to provide information for all state
organizations and a significant amount of data were not available. 

\b These states provided estimates. 

\c n/a means that the state was not able to provide these data. 

Source:  States' responses on a data collection instrument developed
by GAO.  We did not independently verify this information. 


GUIDANCE AND MONITORING
INFORMATION PROVIDED BY FEDERAL
AGENCIES THAT HAVE
OVERSIGHT/REGULATORY
RESPONSIBILITIES
=========================================================== Appendix V

                          Issued guidance            Established
                      -----------------------  -----------------------
                                                           Inspection
                      Year       Data          Work        or           Other
                      2000       exchange      groups      validation   approach
Department/agency     problems   issues        or forums   program      es
--------------------  ---------  ------------  ----------  -----------  --------
Commodity Futures     X          X
Trading Commission

Department of         X          X             X
Agriculture

Department of         X          X             X           X
Education

Department of         (no
Housing and Urban     activitie
Development           s
                      reported)

Department of Health  X          X             X                        X
and Human
Services

Department of the                              X                        X
Interior

Department of                                  X                        X
Justice

Department of Labor   X          X             X           X            X

Department of the     X          X             X           X            X
Treasury

Department of                                                           X
Transportation

Environmental         X          X             X
Protection Agency

Federal Deposit       X
Insurance
Corporation

Federal Reserve       X          X                         X

Federal Retirement                                                      X
Thrift Investment
Board

National Credit       X          X             X                        X
Union Administration

Securities and        X                        X           X
Exchange Commission
--------------------------------------------------------------------------------
Source:  Federal agencies' responses on a data collection instrument
developed by GAO.  We did not independently verify this information. 


ACTIVITIES OF INTERNATIONAL
ORGANIZATIONS TO RESOLVE YEAR 2000
PROBLEMS
========================================================== Appendix VI

Information on the Year 2000 activities of international
organizations was obtained by interviews with their officials and
research of information posted on Internet web sites.  There may be
other organizations addressing international Year 2000 issues that we
did not identify. 

BANK FOR INTERNATIONAL SETTLEMENTS

The Bank for International Settlements (BIS) has undertaken a
worldwide campaign to increase awareness, provide guidance, and
identify the status of Year 2000 efforts by central banks and major
international banking organizations.  BIS hosts the Basle Committee
on Banking Supervision and the Committee on Payment and Settlement
Systems that are sponsored by the Group of Ten Governors.\1

According to BIS, payment and settlement systems are an essential
element of financial market infrastructures through which clearing
organizations, settlement agents, securities depositories, and the
various direct and indirect participants in these systems are
intricately connected.  It is therefore imperative that such systems
be adapted and certified early enough to ensure that they are Year
2000 compliant and, very importantly, to allow inter-institution
testing.  This information is available on the BIS web site
(www.bis.org). 

To increase awareness, in September 1997, the Basle Committee on
Banking Supervision issued a technical paper for banks that sets out
a strategic approach for the development, testing, and implementation
of system solutions as well as defining the role that central banks
and bank supervisors need to play in promoting awareness of the issue
and enforcing action. 

The Committee on Payment and Settlement Systems is collecting and
publishing information on the state of preparedness of payment and
settlement systems around the world with respect to the Year 2000
issue.  For this purpose, a special reporting framework has been
developed that operators of payment and settlement systems can use to
indicate the state of internal testing as well as testing with
external participants for key components of their information
technology infrastructure.  The framework distinguishes between the
key components of such infrastructures--the central system, the
networks and network interfaces, the participants' front-end systems,
and other main components.  For each of these components, information
is provided on the start and completion dates for internal testing as
well as testing with external participants.  An indication is also
given as to the connections of the respective payment or settlement
systems with other external systems, on the coordinated effort with
other payment systems and/or major participants, and where more
information can be obtained from the respective operator.  The Basle
Committee also plans to survey the efforts that banking supervisors
have underway in each country as well as the state of readiness of
the local banking system.  They expect to complete these surveys
during the first half of 1998. 

In April 1998, the Basle Committee, the Committee on Payment and
Settlement Systems, the International Organization of Securities
Commissions, and the International Association of Insurance
Supervisors held a round table on the Year 2000 in order to provide a
global platform for the sharing of relevant strategies and
experiences across key industries by international bodies
representing both the public and the private sector. 


--------------------
\1 The Group of Ten Governors are the governors for the central banks
of Belgium, Canada, France, Germany, Italy, Japan, Luxembourg, the
Netherlands, Sweden, Switzerland, the United Kingdom, and the United
States.  These and central bank representatives of 30 other countries
have representation and voting rights at the general meetings of the
Bank for International Settlements. 


      INTERNATIONAL ORGANIZATION
      OF SECURITIES COMMISSIONS
------------------------------------------------------ Appendix VI:0.1

As the principal international organization of securities regulators,
the International Organization of Securities Commissions (IOSCO) has
taken a leadership role in promoting awareness of the Year 2000
computer problem and in encouraging its membership and all market
participants to take swift and aggressive action to address Year 2000
issues.  IOSCO is the largest international organization of
securities regulators with 99 members--principally domestic
government agencies entrusted with securities regulation.  Among
other things, IOSCO has called for regular monitoring of Year 2000
readiness and global, industrywide testing to take place in
sufficient time to address any weaknesses or deficiencies that are
revealed. 

IOSCO currently exchanges information, periodically engages in joint
work with, and to some extent coordinates its ongoing work with, the
Basle Committee on Banking Supervision and the International
Association of Insurance Supervisors.  IOSCO has a working
relationship and/or exchanges information on a regular basis with
BIS, the International Accounting Standards Committee, the
International Federation of Accountants, the Fdration
Internationale des Bourses de Valeurs, the International Monetary
Fund, and members of the World Bank Group.  IOSCO also maintains a
liaison relationship with the International Organization for
Standards.  Information on IOSCO's current work program is regularly
provided to the Group of Seven.\2

IOSCO is surveying and obtaining information on a regular basis about
measures being taken by industry and regulators to address Year 2000
computer issues.  IOSCO is also encouraging global, industrywide
testing.  IOSCO's current work builds on its public statement of June
1997, exhorting all members and market participants in their
jurisdictions to take all necessary and appropriate action to address
the critical challenges presented by the Year 2000 issue. 

IOSCO's Technical Committee, which consists of regulators of the most
developed and internationalized markets, is currently surveying its
members to ascertain what actions are being taken within member
jurisdictions to avoid Year 2000 problems.  Because of the critical
nature of this project, the Technical Committee decided to conduct
similar surveys on industry readiness every 6 months.  Each Technical
Committee member was requested to supply the following information to
the IOSCO Secretary General by January 15, 1998. 

1.  Awareness:  What actions has your organization taken to impress
upon relevant entities (self-regulatory organizations, industry
groups, financial firms) the importance of addressing the Year 2000
issues identified in the Technical Committee Statement? 

2.  Guidance:  What specific policies and/or procedures are being
used by your organization and other relevant organizations within
your jurisdiction to prepare markets and market participants for Year
2000? 

3.  Progress:  What steps (including the use of specific interim
goals) are being taken by your organization and by the other relevant
organizations in your jurisdiction to monitor the progress of
relevant entities in addressing Year 2000 problems? 

4.  Testing:  What plans have been made by your organization or other
relevant organizations in your jurisdiction for industrywide systems
testing for Year 2000 problems? 

IOSCO added a specific section on the Year 2000 issue to its Internet
web site (www.iosco.org) that contains a substantive reference list
on this topic. 


--------------------
\2 The Group of Seven is comprised of the leaders from these seven
countries:  Canada, France, Germany, Great Britain, Italy, Japan, and
the United States. 


      SECURITIES INDUSTRY
      ASSOCIATION
------------------------------------------------------ Appendix VI:0.2

The Securities Industry Association's (SIA) activities are primarily
directed at increasing awareness; however, it is taking a leadership
role in its efforts to establish a testing schedule.  SIA staff have
been making presentations at conferences to increase international
awareness of Year 2000 problems.  For example, SIA staff gave Year
2000 awareness presentations at IOSCO conferences in Kenya, Taipei,
and European cities.  SIA is also conducting scenario planning
sessions at international conferences to stimulate planning.  These
sessions focus on priorities for resolving Year 2000 problems. 

To identify Year 2000 readiness in the securities industry, SIA is
conducting an industrywide survey.  The survey form is posted on its
Internet web site (www.sia.com/year_2000).  If sufficient response is
received, SIA will post a summary of the results on its web site. 
SIA has also developed and posted on its web site a conversion and
testing schedule for its members to use in coordinating their Year
2000 activities.  In addition, SIA is developing a checklist to help
chief executive officers focus on key Year 2000 activities. 

SIA has coordinated extensively with other international
organizations, including the Investment Dealer Association, IOSCO,
International Insurance Association, Futures Industry Association,
Institute Internationale Finance, and Fdration Internationale des
Bourses de Valeurs.  SIA is considering a coordinated effort with
multilateral development banks, such as the World Bank, Asian
Development Bank, and the European Development Bank, to promote
awareness. 


      FUTURES INDUSTRY ASSOCIATION
------------------------------------------------------ Appendix VI:0.3

The focus of the Futures Industry Association's (FIA) Year 2000
activities is information sharing and test coordination among its 200
members.  Its members include futures commissions merchants,
international exchanges, and others interested in the futures market. 
FIA compiled a "conditions catalog" of products and transactions to
be tested on an exchange-by-exchange basis in the United States.  It
is making this available to international members and encouraging
members to adopt the same format for testing between exchanges and
intermediaries.  FIA has posted this information on its Internet web
site (www.fiafii.org).  FIA has also placed information about various
exchanges on the web site and plans to include additional information
about international exchanges in the future. 

FIA met with brokerage firms, exchanges, the London Clearing House,
and key service providers in June and December 1997 to raise
awareness of Year 2000 issues and discuss possible test scenarios. 
FIA also hosted an international meeting at its Futures & Options
Expo in October 1997 to discuss various Year 2000 activities around
the world.  At the FIA International Futures Industry Conference in
March 1998, FIA asked key members to support an industrywide test. 

FIA is surveying 20 of the member exchanges with the highest trade
volume to identify their Year 2000 activities.  At a Global
Technology Forum held in London March 30-April 1, 1998, FIA will
request that the 20 member exchanges provide information about the
scope of their Year 2000 activities, including their current status,
interfaces with intermediaries, plans for individual testing with
intermediaries, and willingness to participate in an industrywide
test. 


      INTERNATIONAL ASSOCIATION OF
      INSURANCE SUPERVISORS
------------------------------------------------------ Appendix VI:0.4

The International Association of Insurance Supervisors' Year 2000
activities are primarily directed at increasing awareness of Year
2000 issues among its insurance supervisor members from over 70
countries.  It is also working cooperatively with other international
organizations to increase awareness.  In November 1997, it issued a
joint statement with the Basle Committee on Banking Supervision and
the International Organization of Securities Commissions that
emphasized the importance of the Year 2000 issue.  The joint
statement urged the development of action plans to resolve Year 2000
problems, including data exchange problems with financial
institutions and clients. 


      INTERNATIONAL CIVIL AVIATION
      ORGANIZATION
------------------------------------------------------ Appendix VI:0.5

In December 1997, the International Civil Aviation Organization sent
a letter to its members to increase their awareness of Year 2000
computer problems.  The letter explained that air traffic service
providers may need to perform assessments on operational air traffic
control systems and nonoperational systems that provide business and
commercial support.  Air traffic service operational systems may be
date dependent and subject to local implementation.  Such systems
include aeronautical fixed telecommunication networks, radar data
processing, and flight data processing systems.  In addition,
operational systems often use date information for logging
performance information.  The letter also suggested a schedule for
assessing, implementing solutions, and testing systems.  The
International Civil Aviation Organization requested that members
advise it on remedial actions they have taken. 


      INTERNATIONAL AIR TRANSPORT
      ASSOCIATION
------------------------------------------------------ Appendix VI:0.6

The International Air Transport Association (IATA) represents and
serves 259 members in the airline industry.  In addition to the
airlines, IATA works with airline industry suppliers, including
airports, air traffic controls, aircraft/avionics manufacturers,
travel agencies, global distribution systems, and information
technology suppliers.  IATA serves as a clearing house between its
airline members to process their debit/credit notes. 

IATA has an internal Year 2000 project that includes four major
steps:  software/hardware inventory, Year 2000 compliance analysis,
software modification, and contingency planning.  IATA has set a
target date of December 25, 1998, for Year 2000 compliance for all of
its products and services. 

As an association of international airlines, IATA has established a
group to coordinate and synchronize efforts within the industry to
ensure timely solutions to Year 2000 issues.  Specifically, the date
format of interline messages (messages airlines exchange among
themselves and other parties as a part of business processes) has
been frozen.  The member airlines' applications will have to handle
date conversion, if required.  In addition, IATA has conducted Year
2000 conferences and seminars to exchange information among members. 

To monitor the status of Year 2000 activities, IATA has conducted
surveys of airline members and industry suppliers.  The survey of
member airlines showed that (1) very few organizations claim to be
fully compliant, (2) the majority of the organizations are well aware
of the problem and have already initiated Year 2000 compliance
activities, and (3) the typical target date for full compliance is
the end of 1998.  The results of the survey are available on IATA's
web site (www.iata.org/y2k). 


      EUROPEAN COMMISSION
------------------------------------------------------ Appendix VI:0.7

The European Commission has declared that it is concerned about the
vulnerability of enterprises, infrastructures, and public
administrations to the Year 2000 computer problem as well as the
possible consequences of this problem for consumers.  The Commission
had extensive consultations with the public and private sectors
during workshops in 1997 to identify the main priorities for action
and the roles for enterprises, associations, administrations, and the
Commission itself.  As a result of these consultations, the
Commission adopted a course of action and published it in an official
communication on February 25, 1998.  The purpose of the communication
was to raise awareness and set out the Commission's steps to address
Year 2000 issues, including

  -- encouraging and facilitating the exchange of information and
     experience on Year 2000 initiatives undertaken by the
     Commission's member states and European associations, with a
     view to identifying how synergies can be established to reduce
     duplication of effort and increase the overall impact;

  -- serving as a liaison with the European and international
     organizations that are responsible for regulating or supervising
     infrastructural sectors with significant cross-border effects
     (finance, telecommunications, energy, transportation) in order
     to exchange information about respective activities and identify
     where cooperation may be required.  An area of particular
     concern is the planning and implementation of coordinated
     cross-border testing activities in those sectors that are likely
     to involve organizations in different member states.  The
     Commission will initiate discussions between relevant
     organizations and member states;

  -- discussing the Year 2000 and its implications through all the
     relevant contacts available to the Commission services in
     industry and member states.  In particular, attention will be
     paid to the impact on and preparation of infrastructural
     sectors, the impact on consumers and small and medium size
     enterprises, and the potential impact on the functioning of the
     internal market; and

  -- maintaining a Internet web site on the Year 2000 computer
     problem (www.ispo.cec.be/y2keuro).  This site provides access to
     information about activities in different economic sectors and
     member states, points to sources of advice on specific aspects
     of the problem, and links to other sites as well as to all
     documents and reports produced by the Commission on the subject. 

The Commission also plans to monitor progress, exchange information,
and benchmark best practices while reporting regularly on the
progress towards Year 2000 readiness and its related issues.  In the
context of its policies such as those on industry, small and medium
size enterprises, consumers, and training, the Commission will
examine whether a further contribution could be made towards helping
raise awareness and address Year 2000-related problems. 

In addition to its Year 2000 activities, the Commission is also
addressing the information technology implications of European
countries' conversion to the new Euro currency.  Because this
conversion is taking place about the same time period as the Year
2000 date conversion activities, the two activities are in
competition for financial, technical, and management resources.  To
identify how businesses are approaching the Euro conversion and the
interrelationship with activities to resolve Year 2000 problems, the
Commission sponsored the survey of over 1000 senior information
technology managers in 10 countries.  The results of this survey, as
well as the issue papers and workshop results, are posted on the
Commission's web site. 


      WORLD BANK
------------------------------------------------------ Appendix VI:0.8

The World Bank is conducting an awareness campaign directed toward
its client governments and implementing agencies that are responsible
for World Bank-financed projects in developing countries.  The Bank
wants to ensure the continued success and viability of its clients
and avoid problems with development projects, many of which comprise
information technology systems and embedded logic components that may
be vulnerable to the Year 2000 problem.  In this effort, however, the
Bank limits its role to raising awareness and pointing clients toward
ways of evaluating and remediating the problem. 

To begin this effort, the Bank is (1) distributing an information
packet on the Year 2000 problem, (2) pointing recipients to further
sources on the Internet, and (3) providing some advice on
ascertaining Year 2000 compliance in the procurement process.  In the
near future, the Bank plans to provide Year 2000 information on the
Bank's Internet web site (www.worldbank.org).  The Bank also is
hiring a contractor to develop a guide for developing country
governments on creating a national Year 2000 policy.  When ready,
this guide will be placed on the Bank's Internet web site and will be
conveyed to governments via seminars to be held around the world. 


      UNITED NATIONS
------------------------------------------------------ Appendix VI:0.9

In November 1997, the United Nations' Information Technology Services
Division posted information on its Internet web site
(www.un.org/members/yr2000) to increase awareness of the actions
needed to resolve Year 2000 computer problems.  This included
information on the actions being taken concerning the computer
systems operated by United Nations' organizations and references to
issue papers and guidance documents that member countries could use
in developing their own Year 2000 program.  It also circulated a
letter to member countries that recommended dates for Year 2000
compliance and contained references to reading materials and
companies providing Year 2000 services.  At that time, the United
Nations was considering a program to encourage member countries that
have not already begun a Year 2000 assessment to take aggressive
action in the development of strategic plans to deal with Year 2000
problems.  It also circulated a letter to member countries that
recommended dates for Year 2000 compliance and contained references
on reading materials and companies providing Year 2000 services. 


      YEAR 2000 GLOBAL STEERING
      COMMITTEE
----------------------------------------------------- Appendix VI:0.10

The Steering Committee is sponsored by the Group of Seven and its
objective is to promote the international sharing of information on
the resolution of Year 2000 computer problems.  To achieve this
objective, the Steering Committee has established an Internet web
site (www.itpolicy.gsa.gov) that includes (1) links to Year 2000 web
sites of various countries and (2) databases showing the Year 2000
compliance status of commercial-off-the-shelf software,
telecommunications, facilities, and biomedical equipment.  The
Steering Committee is also planning to use the web site to conduct a
virtual Year 2000 international conference. 


      INTERNATIONAL COUNCIL FOR
      INFORMATION TECHNOLOGY IN
      GOVERNMENT ADMINISTRATION
----------------------------------------------------- Appendix VI:0.11

The International Council sponsored a workshop in August 1997 with
the objectives of exchanging information among members on Year 2000
issues related to each member country and identifying areas of common
interest.  The workshop was attended by representatives from 14
countries (a report on the workshop is located at
www.ogit.gov.au/ica/icay2k).  The International Council has scheduled
a second workshop for June 1998. 


      INTERPOL
----------------------------------------------------- Appendix VI:0.12

Interpol operates an international network that its 177 member
countries use to exchange law enforcement information.  Member
countries connect to telecommunication hubs that are located around
the world and their information systems transmit data through the
network.  Interpol has a project underway to ensure that its network
will be ready well before the Year 2000.  According to project
officials, Interpol has been working with suppliers to ensure that
the network's hardware and software will be Year 2000 compliant.  It
has also sent its Year 2000 plans to each member country.  A key part
of these plans is the testing of the network.  This testing is
scheduled to be performed in October 1998 and January 1999. 




(See figure in printed edition.)Appendix VII
DATA COLLECTION INSTRUMENT
========================================================== Appendix VI



(See figure in printed edition.)



(See figure in printed edition.)



(See figure in printed edition.)



(See figure in printed edition.)



(See figure in printed edition.)



(See figure in printed edition.)



(See figure in printed edition.)



(See figure in printed edition.)




(See figure in printed edition.)Appendix VIII
COMMENTS FROM THE OFFICE OF
MANAGEMENT AND BUDGET
========================================================== Appendix VI



(See figure in printed edition.)



(See figure in printed edition.)



(See figure in printed edition.)



(See figure in printed edition.)


MAJOR CONTRIBUTORS TO THIS REPORT
========================================================== Appendix IX

ACCOUNTING AND INFORMATION
MANAGEMENT DIVISION, WASHINGTON,
D.C. 

David G.  Gill, Assistant Director
Mirko J.  Dolak, Technical Assistant Director
James R.  Hamilton, Evaluator-In-Charge
William G.  Barrick, Senior Information Systems Analyst
William N.  Isrin, Operations Research Analyst
Michael A.  Tovares, Information Systems Analyst




RELATED GAO PRODUCTS
============================================================ Chapter 0

Year 2000 Computing Crisis:  Continuing Risks of Disruption to Social
Security, Medicare, and Treasury Programs (GAO/T-AIMD-98-161, May 7,
1998). 

Year 2000 Computing Crisis:  Potential for Widespread Disruption
Calls for Strong Leadership and Partnerships (GAO/AIMD-98-85, April
30, 1998). 

Department of the Interior:  Year 2000 Computing Crisis Presents Risk
of Disruption to Key Operations (GAO/T-AIMD-98-149, April 22, 1998). 

Year 2000 Computing Crisis:  Federal Regulatory Efforts to Ensure
Financial Institution Systems Are Year 2000 Compliant
(GAO/T-AIMD-98-116, March 24, 1998). 

Year 2000 Computing Crisis:  Strong Leadership Needed to Avoid
Disruption of Essential Services (GAO/T-AIMD-98-117, March 24, 1998). 

Year 2000 Computing Crisis:  Business Continuity and Contingency
Planning (GAO/AIMD-10.1.19, Exposure Draft, March 1998). 

Year 2000 Computing Crisis:  FAA Must Act Quickly to Prevent Systems
Failures (GAO/T-AIMD-98-63, February 4, 1998). 

FAA Computer Systems:  Limited Progress on Year 2000 Issue Increases
Risk Dramatically (GAO/AIMD-98-45, January 30, 1998). 

Defense Computers:  Air Force Needs to Strengthen Year 2000 Oversight
(GAO/AIMD-98-35, January 16, 1998). 

Social Security Administration:  Significant Progress Made in Year
2000 Effort, But Key Risks Remain (GAO/AIMD-98-6, October 22, 1997). 

Defense Computers:  Technical Support Is Key to Naval Supply Year
2000 Success (GAO/AIMD-98-7R, October 21, 1997). 

Veterans Affairs Computer Systems:  Action Underway Yet Much Work
Remains To Resolve Year 2000 Crisis (GAO/T-AIMD-97-174, September 25,
1997). 

Year 2000 Computing Crisis:  An Assessment Guide (GAO/AIMD-10.1.14,
September 1997). 

Defense Computers:  Improvements to DOD Systems Inventory Needed for
Year 2000 Effort (GAO/AIMD-97-112, August 13, 1997). 

Defense Computers:  Issues Confronting DLA in Addressing Year 2000
Problems (GAO/AIMD-97-106, August 12, 1997). 

Defense Computers:  DFAS Faces Challenges in Solving the Year 2000
Problem (GAO/AIMD-97-117, August 11, 1997). 

Veterans Benefits Computer Systems:  Uninterrupted Delivery of
Benefits Depends on Timely Correction of Year-2000 Problems
(GAO/T-AIMD-97-114, June 26, 1997). 

Veterans Benefits Computer Systems:  Risks of VBA's Year-2000 Efforts
(GAO/AIMD-97-79, May 30, 1997). 

Medicare Transaction System:  Success Depends Upon Correcting
Critical Managerial and Technical Weaknesses (GAO/AIMD-97-78, May 16,
1997). 

*** End of document. ***