Year 2000 Computing Crisis: Actions Needed on Electronic Data Exchanges
(Letter Report, 07/01/98, GAO/AIMD-98-124).
Pursuant to a congressional request, GAO provided information on actions
taken to address year 2000 issues for electronic data exchanges,
focusing on the: (1) key actions taken to date to address electronic
data exchanges among federal, state, and local governments; (2) actions
the federal government has taken to minimize the adverse economic impact
of non-compliant year 2000 data from other countries' information
systems corrupting critical functions of the United States; and (3)
international forums where the worldwide economic implications of this
issue have been or could be addressed.
GAO noted that: (1) key actions to address year 2000 data exchange
issues are still in the early stages; however, federal and state
coordinating organizations have agreed to use a 4-digit contiguous year
format and establish joint federal and state policy and working groups;
(2) to implement these agreements, the Office of Management and Budget
(OMB) issued instructions in January 1998 to federal agencies to
inventory all data exchanges with outside parties by February 1, 1998,
and coordinate with these exchange partners by March 1, 1998; (3) at the
time of GAO's review, no actions had been taken to establish target
dates for additional key tasks; (4) about half of the federal agencies
reported during the first quarter of 1998 that they have not yet
finished assessing their data exchanges to determine if they will be
able to process data with dates beyond 1999; (5) two of the 39
state-level organizations reported having finished assessing their data
exchanges; (6) for the exchanges already identified as not year 2000
ready, respondents reported that little progress has yet been made in
completing key steps such as reaching agreements with partners on date
formats, developing and testing bridges and filters, and developing
contingency plans for cases in which year 2000 readiness will not be
achieved; (7) most federal agency actions to address year 2000 issues
with international data exchanges have been in the financial services
area; (8) ten federal agencies reported having a total of 702 data
exchanges with foreign governments or the foreign private sector; (9)
these foreign data exchanges represented less than 1 percent of federal
agencies' total reported exchanges; (10) federal agencies reported
reaching agreements so far on formats of 98 of the foreign data
exchanges; (11) international organizations addressing year 2000 issues
have been the most active in the financial services area; and (12)
during 1997, several international organizations initiated activities to
increase awareness, provide guidance, and monitor the status of year
2000 efforts.
--------------------------- Indexing Terms -----------------------------
REPORTNUM: AIMD-98-124
TITLE: Year 2000 Computing Crisis: Actions Needed on Electronic
Data Exchanges
DATE: 07/01/98
SUBJECT: Systems conversions
Information resources management
Computer software verification and validation
Strategic information systems planning
Systems compatibility
Interagency relations
International cooperation
Electronic data interchange
******************************************************************
** This file contains an ASCII representation of the text of a **
** GAO report. Delineations within the text indicating chapter **
** titles, headings, and bullets are preserved. Major **
** divisions and subdivisions of the text, such as Chapters, **
** Sections, and Appendixes, are identified by double and **
** single lines. The numbers on the right end of these lines **
** indicate the position of each of the subsections in the **
** document outline. These numbers do NOT correspond with the **
** page numbers of the printed product. **
** **
** No attempt has been made to display graphic images, although **
** figure captions are reproduced. Tables are included, but **
** may not resemble those in the printed version. **
** **
** Please see the PDF (Portable Document Format) file, when **
** available, for a complete electronic file of the printed **
** document's contents. **
** **
** A printed copy of this report may be obtained from the GAO **
** Document Distribution Center. For further details, please **
** send an e-mail message to: **
** **
** **
** **
** with the message 'info' in the body. **
******************************************************************
Cover
================================================================ COVER
Report to Congressional Requesters
July 1998
YEAR 2000 COMPUTING CRISIS -
ACTIONS NEEDED ON ELECTRONIC DATA
EXCHANGES
GAO/AIMD-98-124
Electronic Data Exchanges
(511434)
Abbreviations
=============================================================== ABBREV
BIS - Bank for International Settlements
CIO - Chief Information Officer
DCI - data collection instrument
FIA - Futures Industry Association
HUD - Department of Housing and Urban Development
IATA - International Air Transport Association
IOSCO - International Organization of Securities Commissions
NASIRE - National Association of State Information Resource
Executives
OMB - Office of Management and Budget
SIA - Securities Industry Association
Letter
=============================================================== LETTER
B-279011
July 1, 1998
The Honorable James A. Barcia
Ranking Minority Member
Subcommittee on Technology
Committee on Science
House of Representatives
The Honorable Bart Gordon
Member
House of Representatives
This report contains information on actions taken to address Year
2000 issues for electronic data exchanges. Electronic data exchanges
are used extensively to transfer information between computer
systems. Consequently, as computer systems are converted to process
Year 2000 dates, the associated data exchanges must also be made Year
2000 compliant.
As requested, our objectives were to identify (1) the key actions
taken to date to address electronic data exchanges among federal,
state, and local governments, (2) the actions the federal government
has taken to minimize the adverse economic impact of noncompliant
Year 2000 data from other countries' information systems corrupting
critical functions of our nation, and (3) international forums where
the worldwide economic implications of this issue have been or could
be addressed. To obtain this information, we developed and sent a
data collection instrument to survey 42 federal departments and
agencies, all states, the District of Columbia, and Puerto Rico. All
the federal agencies and 39 of the state-level organizations
responded to our survey during the first quarter of 1998. Many of
the respondents were not able to provide consistent or complete data
because they had only recently begun inventorying and assessing data
exchanges and this data generally had not been centrally tracked and
managed. We contacted the respondents to resolve instances of
inconsistent or incomplete data; however, we did not independently
audit and validate any of the data reported by the federal agencies
and states.
We also collected data from federal and state organizations that are
coordinating activities to resolve Year 2000 computer problems and
from organizations that were identified as potential forums for
international Year 2000 data exchange issues from October 1997
through March 1998.
We performed our work between September 1997 and April 1998 in
accordance with generally accepted government auditing standards.
Details of our objectives, scope, and methodology are presented in
appendix I. We requested comments on a draft of this report from the
National Association of State Information Resource Executives
(NASIRE), the President's Council on the Year 2000 Conversion, and
the Office of Management and Budget (OMB) for comment. NASIRE and
OMB provided written comments that are discussed in the "Agency
Comments and Our Evaluation" section. OMB's comments are reprinted
in appendix VIII.
RESULTS IN BRIEF
------------------------------------------------------------ Letter :1
Key actions to address Year 2000 data exchange issues are still in
the early stages; however, federal and state coordinating
organizations have agreed to use a 4-digit contiguous year format and
establish joint federal and state policy and working groups. To
implement these agreements, OMB issued instructions in January 1998
to federal agencies to inventory all data exchanges with outside
parties by February 1, 1998, and coordinate with these exchange
partners by March 1, 1998. At the time of our review, no actions had
been taken to establish target dates for additional key tasks, such
as testing new exchange formats or developing and implementing
contingency plans.
About half of the federal agencies reported during the first quarter
of 1998 that they have not yet finished assessing their data
exchanges to determine if they will be able to process data with
dates beyond 1999. Two of the 39 state-level organizations reported
having finished assessing their data exchanges. For the exchanges
already identified as not Year 2000 ready, respondents reported that
little progress has yet been made in completing key steps such as
reaching agreements with partners on date formats, developing and
testing bridges and filters, and developing contingency plans for
cases in which Year 2000 readiness will not be achieved.
Most federal agency actions to address Year 2000 issues with
international data exchanges have been in the financial services
area. Ten federal agencies reported having a total of 702 data
exchanges with foreign governments or the foreign private sector.
These foreign data exchanges represented less than 1 percent of
federal agencies' total reported exchanges. Federal agencies
reported reaching agreement so far on formats for 98 (14 percent) of
the foreign data exchanges.
International organizations addressing year 2000 issues have been the
most active in the financial services area. During 1997, several
international organizations initiated activities to increase
awareness, provide guidance, and monitor the status of Year 2000
efforts.
BACKGROUND
------------------------------------------------------------ Letter :2
Exchanging data electronically is a common method of transferring
information among federal, state, and local governments; private
sector organizations; and nations around the world. As computers
play an ever-increasing role in our society, more information is
being exchanged regularly. Federal agencies now depend on electronic
data exchanges to execute programs and facilitate commerce. For
example, federal agencies routinely use data exchanges to transfer
funds to contractors and grantees; collect data necessary to make
eligibility determinations for veterans, social security, and
medicare benefits; gather data on program activities to determine if
funds are being expended as intended and the expected outcomes
achieved; and share weather information that is essential for air
flight safety. To facilitate commerce, federal agencies regulate or
provide oversight to organizations that use data exchanges
extensively to process payments through the banking system; purchase
or sell securities through stock exchanges and futures markets; and
facilitate import and export shipments through ports of entry. We
have reported on potential data exchange issues that could affect
many of these activities (see the list of related products at the end
of this report).
An electronic data exchange is the transfer (sending or receiving) of
a data set using electronic media. Electronic data exchanges can be
made using various methods, including direct computer-to-computer
exchanges over a dedicated network; direct exchanges over
commercially available networks or the Internet; or exchanges of
magnetic media such as computer tapes or disks. The information
transferred in a data set often includes at least one date.
Because many computer systems have been using a 2-digit year in the
date format, the data exchanges have also used 2-digit years. Now
that many formats are being changed to use 4 digits to correctly
process dates beyond 1999, data exchanges using 2-digit year formats
must also be changed to 4 digits or bridges must be used to convert
incoming 2-digit years to 4-digit years or convert outgoing 4-digit
years to 2-digits. These conversions generally involve the use of
algorithms to distinguish the century (for example, 2-digit years
less than 50 may be considered 2000 dates and 2-digit years of 50 or
more may be considered 1900 dates). In addition to using bridges,
filters may be needed to screen and identify incoming noncompliant
data to prevent it from corrupting data in the receiving system.
These conversions are not necessary if the data exchanges are
designed to employ certain electronic data interchange standards (see
appendix II for a glossary of data exchange standards used by some
federal agencies). A data exchange standard defines the format of a
specific data set for transmission. Some of these standards specify
a 4-digit year format. Federal agencies often use exchanges that do
not involve a standard format. Instead, the data exchanges consist
of individual text files with a structure that is established by
agreement between the exchange partners. Files using these formats
are generally referred to as flat files.
As part of their Year 2000 correction efforts, organizations must
identify the date formats used in their data exchanges, develop a
strategy for dealing with exchanges that do not use 4-digit year
formats, and implement the strategy. These efforts generally involve
the following steps.\1
-- Assess information systems to identify data exchanges that are
not Year 2000 compliant.
-- Contact the exchange partner and reach agreement on the date
format to be used in the exchange.
-- Determine if data bridges and filters are needed.
-- Determine if validation processes are needed for incoming data.
-- Set dates for testing and implementing new exchange formats.
-- Develop and test bridges and filters to handle nonconforming
data.
-- Develop contingency plans and procedures for data exchanges and
incorporate into overall agency contingency plans.
-- Implement the validation process for incoming data.
-- Test and implement new exchange formats.
The testing and implementation of new data exchanges must be closely
coordinated with exchange partners to be completed effectively. In
addition to an agency testing its data exchange software, effective
testing involves end-to-end testing--initiation of the exchange by
the sending computer, transmission through intermediate
communications software and hardware, and receipt and acceptance by
receiving computer(s), thus completing the exchange process.
Resolving data exchange issues will require significant efforts and
costs according to federal and state officials. At an October 1997
summit, federal and state information technology officials estimated
that about 20 percent of Year 2000 efforts will be directed toward
correcting data exchange problems. This could be significant
considering the magnitude of expected Year 2000 costs. According to
OMB's February 15, 1998, Year 2000 status reports of 24 federal
agencies, the federal government's Year 2000 costs are estimated to
be about $4.7 billion. Based on estimates provided by states to
NASIRE, the states' Year 2000 costs are estimated to be about $5.0
billion.
If Year 2000 data exchange problems are not corrected, the adverse
impact could be severe. Federal agencies exchange data with
thousands of external entities, including other federal agencies,
state agencies, private organizations, and foreign governments and
private organizations. If data exchanges do not function properly,
data will not be exchanged between systems or invalid data could
cause receiving computer systems to malfunction or produce inaccurate
computations. For example, such failures could result in the
-- Social Security Administration not being able to determine the
eligibility of applicants or compute and pay benefits because it
relies on data exchanges for eligibility information and payment
processing. This could have a widespread impact on the public
since the agency processes payments to more than 50 million
beneficiaries each month, which in fiscal year 1997 totaled
about $400 billion;
-- National Highway Traffic Safety Administration not being able to
provide states with information needed for driver registrations,
which could result in licenses being issued to drivers with
revoked or suspended licenses in other states;
-- Department of Veterans Affairs not being able to determine
correct benefits and make payments to eligible veterans;
-- U.S. Coast Guard not receiving weather information necessary to
plan search and rescue operations; and
-- Nuclear Regulatory Commission not receiving information from
nuclear reactors that is needed to trigger emergency response
actions.
The overall responsibility for tracking and overseeing actions by
federal agencies to address Year 2000 issues rests with OMB and the
President's Council on Year 2000 Conversion that was established in
February 1998. OMB has been tracking major federal agencies' Year
2000 activities by requiring them to submit quarterly status reports.
--------------------
\1 The steps listed are based on guidance and best practices in the
information technology industry as described in Year 2000 Computing
Crisis: An Assessment Guide (GAO/AIMD-10.1.14, September 1997).
KEY ACTIONS TO ADDRESS
ELECTRONIC DATA EXCHANGES AMONG
FEDERAL, STATE, AND LOCAL
GOVERNMENTS ARE IN THE EARLY
STAGES
------------------------------------------------------------ Letter :3
Efforts to address data exchange issues are in early stages. Federal
and state coordinating organizations reached initial agreements in
1997 on the steps to address data exchanges issues; however, many
federal agencies and states have not yet finished assessing their
data exchanges to determine if they are Year 2000 compliant.
Further, little progress has been made in completing key steps such
as reaching agreements with partners on exchange formats, developing
and testing bridges and filters, and developing contingency plans.
FEDERAL AND STATE EFFORTS TO
COORDINATE RESOLUTION
ACTIVITIES
---------------------------------------------------------- Letter :3.1
Federal and state coordinating organizations began to address Year
2000 data exchange problems in 1997. Initial agreements on steps to
address data exchange issues were reached at a state/federal summit
in October 1997 that was hosted by the State of Pennsylvania and
sponsored by the federal Chief Information Officer Council (CIO
Council) and NASIRE. At the summit, federal agency and state
representatives agreed to establish a contiguous 4-digit year date as
a default standard for exchanges. They also agreed that federal
agencies will take the lead in providing information on exchanges
with states, any planned date format changes, and timeframes for any
changes. In addition, joint federal and state policy and working
groups were established to continue the dialogue on exchange issues.
To implement these agreements, OMB issued instructions in January
1998 for federal agencies to inventory all data exchanges with
outside parties by February 1, 1998, and coordinate plans for
transitioning to Year 2000 compliant data exchanges with exchange
partners by March 1, 1998. OMB also set March 1999 as the target
date to complete the data exchange corrections. In addition, for the
February 15, 1998, quarterly reports, OMB required the federal
agencies to describe the status of their efforts to inventory all
data exchanges with outside entities and the method for assuring that
those organizations will be or have been contacted, particularly
state governments. However, OMB did not require the agencies to
report their status in completing key steps for data exchanges, such
as those listed earlier in this report.
According to its Year 2000 Coordinator, NASIRE plans to continue
implementing the agreements reached at the October 1997 summit
through active participation in joint policy and working groups and
by holding additional state/federal meetings on data exchange issues.
These activities will supplement NASIRE's continuing efforts to
provide states with access to information on vendors, software, and
methodologies for resolving Year 2000 problems.
The federal CIO Council's State Interagency Subgroup also plans to
continue pursuing the agreements reached at the October 1997 summit
through joint state and federal meetings on data exchange issues and
by hosting a state/federal meeting in April 1998.
The federal CIO Council also designated an official in the State
Department to act as the focal point for international exchange
issues. The designee plans to work through federal agencies that
have international operations to increase our foreign data exchange
partners' awareness of Year 2000 issues. For example, we were told
that the State Department will add Year 2000 issues to bilateral and
multilateral discussion agendas, such as the Summit of the Americas
and the Asian-Pacific Economic Cooperation meetings.
FEDERAL DEPARTMENT AND
AGENCY YEAR 2000 DATA
EXCHANGE ACTIVITIES
---------------------------------------------------------- Letter :3.2
Twenty of the 42 federal agencies we surveyed reported having
finished inventorying and assessing data exchanges for
mission-critical systems as of the first quarter of 1998. Eighteen
agencies have not completed their assessments and the status of one
federal agency is not discernable because it was not able to provide
information on their total number of exchanges and the number
assessed. The remaining three federal agencies said they do not have
external data exchanges.
Federal agencies reported that they have a total of almost 500,000
data exchanges with other federal agencies, states, local
governments, and the private sector for their mission-critical
systems. Almost 90 percent of the exchanges were reported by the
Federal Reserve\2 and the Department of Housing and Urban Development
(HUD) which reported having 316,862 and 133,567, respectively. The
Federal Reserve exchanges data with federal agencies and the private
sector using software it provides to these entities. The Federal
Reserve reported that it has assessed all of these exchanges.\3
Similarly, HUD has exchanges with housing authorities, states
agencies, and private sector organizations. HUD has determined that
92 percent of these exchanges are not Year 2000 compliant. The other
agencies reported their mission-critical systems have about 49,000
data exchanges with other federal agencies, states, local
governments, and the private sector, as shown in figure 1. These
agencies reported that they have assessed about 39,000, or about 80
percent, of the exchanges. (See appendix III for the status of
assessments and other actions for each of the federal agencies.)
Figure 1: Reported Federal
Data Exchanges With Other
Federal Agencies, States, Local
Governments, and Private Sector
Organizations
(See figure in printed
edition.)
Note: Includes data exchanges for mission-critical systems only.
Does not include 450,429 exchanges reported by the Federal Reserve
and Department of Housing and Urban Development.
Source: Data reported by federal agencies on GAO's data collection
instrument. We did not independently verify this information.
Significant federal actions will be needed to address Year 2000
problems with data exchanges. Of the 39,000\4 exchanges that federal
agencies said they assessed, they reported about 27 percent as not
being Year 2000 compliant. Only six federal agencies told us that
all their data exchanges are Year 2000 compliant and these represent
only 123 of the approximately 39,000 data exchanges that have been
assessed.
As discussed previously, dealing with data exchanges involves a
number of steps. For each noncompliant exchange, the agency must
reach agreement with the exchange partners on whether they will (1)
change the date format to make it compliant or (2) agree to retain
the existing 2-digit format and use bridges as an interim measure.
To resolve Year 2000 data exchange problems, all federal agencies
have chosen to adopt a contiguous 4-digit year format; however, some
agencies plan to continue using a 2-digit year format for some of
their exchanges in the near term. If a 2-digit exchange format is
retained but the agency's system will be using 4-digit years, the
agency must develop, test, and implement (1) bridges to convert dates
to a useable form and (2) filters to recognize 2-digit years and
prevent them from entering agency systems. In addition, the agencies
should identify the exchanges where there is a probability that, even
though agreements have been reached to exchange 4-digit years, one
partner may not be compliant. In these cases, agencies must develop
contingency plans to ensure that mission-critical operations
continue.
The status of activities to contact and reach agreement on Year 2000
readiness with exchange partners varies significantly among federal
agencies. Only one federal agency reported having reached agreements
with all its exchange partners. While on average the other federal
agencies reported having reached agreements on about 24 percent of
their exchanges, almost half of federal agencies reported that they
have reached agreements on 10 percent or less of their exchanges, as
shown in figure 2 below.
Figure 2: Reported Percentage
of Agreements Reached With
Exchange Partners by 36 Federal
Agencies
(See figure in printed
edition.)
Note: Figures do not include the status of agreements reported by
the Federal Reserve because it controls the data exchange software
and does not need to reach agreement with exchange partners on
formats.
Source: Data reported by federal agencies on GAO's data collection
instrument. We did not independently verify this information.
Few federal agencies reported having taken actions to install bridges
or filters. Seventeen federal agencies responding to our survey have
identified the need to install 988 bridges or filters. In total, the
agencies reported having developed and tested 203, or 21 percent, of
the needed bridges or filters. In addition, only 38 percent of the
federal agencies reported having developed contingency plans for data
exchanges. The need for bridges, filters, and contingency plans may
increase as agencies continue assessing data exchanges and contacting
and reaching agreements with exchange partners.
--------------------
\2 Information concerning the Federal Reserve was provided by the
Board of Governors of the Federal Reserve System.
\3 The Federal Reserve has 2-digit and 4-digit year formats in its
data exchanges. It plans to use 4-digit formats for all exchanges in
the future, but will continue using the 2-digit year format for some
exchanges and have exchange partners bridge to these if necessary.
Federal Reserve's Year 2000 officials estimated that 20 percent of
their data exchanges have 2-digit year formats. They also told us
that they have not set a target date for the conversion to 4-digit
year formats.
\4 These numbers do not include the Federal Reserve and HUD data
exchanges that were previously discussed.
STATES' YEAR 2000 DATA
EXCHANGE ACTIVITIES
---------------------------------------------------------- Letter :3.3
Only two states reported to us that they have finished inventorying
and assessing data exchanges for mission-critical systems. The
status of 15 of the 39 states that responded to our survey is not
discernable because they were not able to provide us with information
on their total number of exchanges and the number assessed. In
addition, all but two states were able to provide only partial
responses or estimates on the status of exchanges. For the 24 states
that provided actual or estimated data on the status of their
exchanges, an average of 47 percent of the exchanges had not been
assessed.\5 Similar to the federal agencies, states reported that the
largest number of exchanges were with the private sector, as shown in
figure 3 below. (See appendix IV for the status of assessments and
other actions for each state.)
Figure 3: Reported State Data
Exchanges With Federal
Agencies, Other States, Local
Governments, and Private Sector
Organizations
(See figure in printed
edition.)
Note: Includes data exchanges for mission-critical systems of 23
states that provided data in these categories.
Source: Data reported by federal agencies on GAO's data collection
instrument. We did not independently verify this information.
Significant state actions will be needed to address Year 2000 data
exchange issues. Of the 12,262 total exchanges that states reported
as having assessed, 5,066 exchanges (41 percent) are reported as not
being Year 2000 compliant. None of the states reported that all
their data exchanges are Year 2000 compliant. For each of the
noncompliant exchanges, the states must take the same types of
actions, as described earlier for federal agencies, to reach
agreements with the exchange partners, develop, test, and implement
bridges and filters, and develop data exchange contingency plans.
Similar to federal agencies, states reported having made limited
progress in reaching agreement with exchange partners on addressing
changes needed for Year 2000 readiness, installing bridges and
filters, and developing contingency plans. However, we can draw only
limited conclusions on the status of the states actions because data
were provided on only a small portion of states' data exchanges.
Officials from several states told us that they were unable to
provide actual, statewide data on their exchanges because the states
do not collect and maintain such information centrally and the state
agencies did not provide the data requested in our survey. According
to NASIRE's Year 2000 committee chairman, individual state agencies
are aware of data exchange issues and have started taking action to
address them, but few state chief information officers have begun
monitoring these actions on a statewide basis.
--------------------
\5 This includes data from 11 states that provided estimates on the
status of their data exchanges and 11 states that provided partial
data.
REGULATORY/OVERSIGHT
ACTIVITIES TO PROMOTE
RESOLUTION OF YEAR 2000
ISSUES
---------------------------------------------------------- Letter :3.4
In addition to working with their exchange partners to resolve Year
2000 issues, some federal agencies are providing Year 2000 guidance
to the organizations that they regulate or oversee and monitoring
their Year 2000 activities. Sixteen federal agencies reported that
they have regulatory or oversight responsibilities. Seven of the
agencies focus on the financial services area, including banks,
thrifts, and security exchanges. The others regulate or provide
oversight to organizations performing government services, such as
housing authorities and grantees, and private organizations in a
variety of industry sectors such as the import and export industry,
the maritime industry, manufacturers of medical devices and
pharmaceuticals, and the oil, gas, and mineral industries.
All but 3 of the 16 agencies reported providing guidance or
establishing working groups addressing Year 2000 issues for the
organizations for which they have regulatory or oversight
responsibility. In total, 11 of the 16 federal agencies provided
guidance on Year 2000 issues and the guidance from all but two
addressed data exchange issues, 10 agencies have sponsored Year 2000
working groups, 12 agencies have monitored progress in resolving Year
2000 problems, and 5 have established inspection or validation
programs. Of the 12 agencies that have been monitoring progress on
the resolution of Year 2000 problems, 10 reported that they have data
on the corrective action status of the organization they regulate or
oversee. See appendix V for Year 2000 activities undertaken by each
federal regulatory or oversight agency.
MOST ACTIONS TAKEN BY FEDERAL
AGENCIES TO PREVENT
INTERNATIONAL DATA EXCHANGE
PROBLEMS HAVE BEEN IN THE
FINANCIAL SERVICES AREA
------------------------------------------------------------ Letter :4
Federal agencies in the financial services area reported having
initiated efforts domestically and internationally to address Year
2000 problems with international data exchanges, but other federal
agencies reported that they are still in the initial stages of
addressing these issues.
Ten federal agencies reported having 702 data exchanges with foreign
governments or the foreign private sector. These 702 foreign data
exchanges reported by federal agencies represent less than 1 percent
of all federal data exchanges. The federal agencies reported
reaching agreement on formats for 98, or 14 percent, of the foreign
exchanges.
Three federal agencies--the Departments of the Interior, Treasury,
and Defense--have the bulk of the reported foreign data exchanges.
For its 416 reported foreign exchanges, Interior plans to notify its
foreign data exchange partners that it will continue to use a 2-digit
year in data exchanges and use bridges with algorithms to compute the
century. Treasury has reached agreement on year formats for 71 of
its 107 reported foreign exchanges and advised us that it is using
bank examiners to monitor the activities to make all the exchanges
Year 2000 compliant. The Department of Defense reported reaching
agreement on 18 of its 103 data exchanges with foreign entities. The
remaining seven federal agencies reported having reached agreement on
9 of their 76 foreign data exchanges.
Interior was the only agency that reported having developed and
tested bridges and filters to convert dates and prevent the
corruption of its systems. None of the agencies reported having
developed contingency plans to process transactions if the exchange
partners' systems were not Year 2000 compliant.
Nine federal agencies--six in the financial services area--said they
have regulatory or oversight responsibility for organizations with
international data exchanges. Three agencies in the financial
services area said they are relying on bank examiners to monitor
progress and one is providing guidance to exchange partners for
addressing Year 2000 problems. Four of the nine agencies stated that
they are also addressing Year 2000 problems by working with
international organizations, such as the Bank for International
Settlements, the International Organization of Securities
Commissions, and the Securities Industry Association. Two of the
nine agencies reported having no ongoing international Year 2000
activities.
SEVERAL INTERNATIONAL
ORGANIZATIONS ARE SERVING AS
FORUMS FOR ADDRESSING YEAR 2000
ISSUES
------------------------------------------------------------ Letter :5
International organizations identified by federal agencies as forums
for Year 2000 activities were primarily in the financial services
area including the Bank for International Settlements, International
Organization of Securities Commissions, Securities Industry
Association, and Futures Industry Association. The Department of
Transportation also identified the International Civil Aviation
Organization as a potential international forum for the resolution of
Year 2000 problems. In addition, from our search of the Internet for
Year 2000 activities by international organizations, we identified
eight other potential international forums. The activities of these
organizations are highlighted in table 1 and the reported current and
planned activities of each organization are summarized in appendix
VI.
Table 1
Reported Year 2000 Activities of
International Organizations
Work
groups or Monitor
Promoting Issuing conference or
Organization awareness guidance s survey Other
-------------------------- ---------- -------- ---------- -------- --------
Bank for International X X X X X
Settlements
International Organization X X X
of Securities Commissions
Securities Industry X X X X X
Association
Futures Industry X X X
Association
International Association X
of Insurance Supervisors
International Civil X X
Aviation Organization
International Air X X X X
Transport Association
European Commission X X X X
World Bank X X
United Nations X X
Year 2000 Global Steering X
Committee
International Council for X X
Information Technology in
Government Administration
Interpol X
--------------------------------------------------------------------------------
Source: Information was collected from the entities listed and from
their Internet web sites. We did not independently verify this
information.
The primary efforts cited by the international organizations are
increasing awareness and providing information and guidance on
resolving Year 2000 problems, including posting the information on
their Internet web sites. Six organizations also reported that they
are sponsoring conferences or workshops to discuss Year 2000 issues
and six reported that they are monitoring or surveying the status of
their members' Year 2000 activities.
Organizations in the financial services area are the most active in
Year 2000 efforts. According to the Bank for International
Settlements, payment and settlement systems are essential elements of
financial market infrastructures through which clearing
organizations, settlement agents, securities depositories, and the
various direct and indirect participants in these systems are
intricately connected. It is therefore imperative that the systems
be adapted and certified early enough to ensure that they are Year
2000 compliant and to allow for testing among institutions. To
address these issues, officials at the Bank for International
Settlements told us that it is coordinating with the International
Organization of Securities Commissions and the International
Association of Insurance Supervisors to draw attention to Year 2000
issues. In September 1997, the Bank for International Settlements
issued a technical paper for banks which sets out a strategic
approach for the development, testing, and implementation of system
solutions as well as defining the role that central banks and bank
supervisors need to play in promoting awareness of the issue and
enforcing action.
Other organizations have also used the Bank for International
Settlements' technical framework to stimulate activities of their
members. For example, the Securities Industry Association used the
framework to develop a project plan with target dates for completing
various tasks and posted the plan on its Internet web site for
members to use in planning their Year 2000 activities. The
Securities Industry Association also used the framework as the basis
for a survey instrument for assessing the status of its members' Year
2000 activities.
The European Commission has been publishing issue papers and
conducting workshops to increase awareness of Year 2000 computer
problems among its member countries. These issue papers and
workshops also addressed the implication of European countries'
efforts to convert to the new Euro currency. Because this conversion
is taking place at about the same time as the Year 2000 date
conversion activities, the two are in competition for financial,
technical, and management resources. To identify how businesses are
approaching the Euro conversion and the inter-relationship with
activities to resolve Year 2000 problems, the European Commission
sponsored a survey of more than 1,000 senior information technology
managers in 10 countries. The result of this survey, as well as the
issue papers and workshop results, are posted on the European
Commission's web site (www.ispo.cec.be/y2keuro).
In addition to assisting their members, several of the international
organizations reported having programs to ensure that their own
systems will be able to process international data exchanges for
their members in the Year 2000. For example, the Bank for
International Settlements, the International Air Transport
Association, and Interpol told us that they have information systems
that process transactions and information exchanges for their member
organizations. Each of these organizations said that their Year 2000
programs are on schedule and that they will be able to support
international data exchanges with Year 2000 dates.
CONCLUSIONS
------------------------------------------------------------ Letter :6
Unless federal agencies take action to reach date format agreements
with their data exchange partners and deal with data exchanges that
will not be Year 2000 compliant, some of the agencies'
mission-critical systems may not be able to function properly. The
data reported to us by federal agencies and state governments suggest
that the full extent of the managerial and operational challenges
posed by the heavy reliance on others for data needed to sustain
government activity is not yet known. For the vast majority of data
exchanges, including those with international entities, federal
agencies have not reached agreement with their exchange partners and,
therefore, do not know if the partners will be able to effectively
exchange data in the Year 2000.
Without knowing the status of activities or reaching agreements with
exchange partners, federal agencies can not identify all the
exchanges requiring (1) filters to prevent incoming invalid data from
corrupting mission-critical systems or (2) provisions in the
agencies' business continuity and contingency plans to ensure the
continuation of mission-critical operations. In addition, without
extensive coordination with exchange partners, federal agencies will
not be able to develop and test new data exchange formats, bridges,
and filters to ensure that they will function properly.
Because federal agencies and states are still in the early stages of
resolving Year 2000 problems for data exchanges and the status of
exchange partner activities is generally unknown, federal agencies
need to take the lead in setting target dates for critical activities
to prevent disruptions to their operations. These include setting
target dates for testing and implementing new exchange formats and
decision points for initiating the development and implementation of
contingency plans.
International forums for Year 2000 issues are available for a few
economic sectors and primarily in North America and Western Europe.
Only recently have any federal activities been directed at
international issues and these have been limited to increasing
awareness.
RECOMMENDATIONS
------------------------------------------------------------ Letter :7
We recommend that the Director, OMB, in consultation with the Chair
of the President's Council on Year 2000 Conversion, issue the
necessary guidance to require federal agencies to take the following
actions.
-- Establish schedules for testing and implementing new exchange
formats prior to the March 1999 deadline for completing all data
exchange corrections; such schedules may include national test
days that could be used for end-to-end testing of critical
business processes and associated data exchanges affecting
federal, state, and/or local governments.
-- Notify exchange partners of the implications to the agency and
the exchange partners if they do not make date conversion
corrections in time to meet the federal schedule for
implementing and testing Year 2000 compliant data exchange
processes.
-- Give priority to installing the filters necessary to prevent the
corruption of mission-critical systems from data exchanges with
noncompliant systems.
-- Develop and implement, as part of their overall business
continuity and contingency planning efforts, specific provisions
for the data exchanges that may fail, including the approaches
to be used to mitigate operational problems if their partners do
not make date conversion corrections when needed.
-- Report, as part of their regular Year 2000 status reports, their
status in completing key steps for data exchanges, such as the
percent of exchanges that have been inventoried, the percent of
exchanges that have been assessed, the percent of exchanges that
have agreements with exchange partners, the percent of exchanges
that have been scheduled for testing and implementation, and the
percent of exchanges that have completed testing and
implementation.
We also recommend that the Director, OMB, ensure that the federal CIO
Council (1) identifiy the areas in which adequate forums on Year 2000
issues are not available for our international trade partners and (2)
develop an approach to promote Year 2000 compliance activities by
these trading partners.
AGENCY COMMENTS AND OUR
EVALUATION
------------------------------------------------------------ Letter :8
We provided a draft of this report to NASIRE, the President's Council
on the Year 2000 Conversion, and OMB for comment. NASIRE stated that
its Year 2000 Committee had reviewed the draft and had no suggested
changes. The NASIRE President also commented that the information
and recommendations seemed reasonable and should assist federal
agencies and states in their Year 2000 efforts. The President's
Council on Year 2000 Conversion did not provide comments on the
report. OMB provided comments that are reproduced in appendix VIII
and summarized and evaluated below.
OMB provided updated information on the initial steps taken by
federal agencies to address data exchange issues, described actions
taken to partially implement three of our recommendations, cited
plans to implement one recommendation, and gave reasons for
disagreeing with the remaining two recommendations. OMB commented
that our survey results would have been markedly different if the
data had been collected 1 month later. OMB stated that, after our
survey, 24 of the largest federal agencies reported that they had
completed their assessments of data exchanges, and that virtually all
of these agencies had now reached agreements with their exchange
partners on exchange formats. We agree with OMB that these steps
would represent a good start; however, many essential actions are yet
to be completed. Our recommendations focus on the actions needed to
ensure that federal agencies appropriately build on these fundamental
steps to comprehensively address data exchange issues.
In commenting on our recommendation concerning the establishment of
schedules for testing and implementation of new exchange formats, OMB
listed the actions that the CIO Council had taken in cooperation with
NASIRE to (1) establish lists of exchanges and a contact point for
each exchange and (2) develop a reporting format for federal agencies
to report monthly on the status of each data exchange with states
starting in July 1998. OMB stated that this information will be
posted on an Internet web site and be available for federal and state
officials to review and determine whether testing is being conducted
successfully. While these are positive steps toward implementation
of our recommendation, they do not address the need to establish
schedules for testing and implementing new exchange formats.
Schedules with target dates for testing and implementation of new
exchanges are needed for coordinating efforts and measuring progress
toward specific milestones. In addition, the actions described by
OMB apply only to states and thus do not address exchanges with other
federal agencies, local governments, and the private sector that
constitute over 80 percent of the total reported exchanges.
As to our recommendation concerning the development and
implementation of contingency plans for data exchanges that may fail,
OMB stated that on April 28, 1998, it directed federal agencies to
ensure that their continuity of business plans address all risks to
information flows, including those with external organizations. OMB
plans to evaluate this guidance and amplify it as necessary based on
its review of agencies' May 15, 1998, Year 2000 status reports. OMB
has taken an important step by issuing this directive. However, the
May progress reports showed that federal agencies are making slow
progress in their Year 2000 activities and this reinforces the need
for OMB to provide clear directions on this critical issue. Because
of the risk that exchange partners may not be able to make their
systems and exchanges Year 2000 compliant and the importance of
developing effective contingency plans, OMB should provide explicit
directions to ensure that agencies devote sufficient management
attention and resources to this critical activity. Such directions
should clearly require agencies to perform the key tasks associated
with initiating the project, preparing business impact analysis,
developing contingency plans, and testing the plans.
Regarding our recommendation that OMB require agencies to report
their status in completing key steps for data exchanges as part of
the regular Year 2000 status reports, OMB stated that the posting of
data exchange status information on a web site, as discussed above,
will be used rather than imposing an additional reporting requirement
on agencies. OMB explained that it and NASIRE have agreed to this
approach because it (1) provides sufficient information at a policy
level to ensure that the work is getting done, (2) promotes the
greatest exchange of information at the working level, and (3)
minimizes duplication of reporting. As we previously stated,
establishing this status reporting process is a positive step;
however, the website will contain information on thousands of data
exchanges with states and must be summarized and analyzed for it to
be useful in managing and monitoring the time-critical activities to
resolve data exchange issues. Also, as previously noted, this
reporting requirement only covers the status of exchanges with states
and thus excludes the other data exchanges that constitute over 80
percent of the total exchanges.
OMB agreed with our recommendation that agencies should give priority
to installing the filters necessary to prevent the corruption of
mission-critical systems and said that it plans to update its
guidance to agencies to make sure they recognize this priority as
well.
OMB did not agree that agencies need to notify their exchange
partners of the implications to the agency and the exchange partners
if they do not make date conversions in time to meet the schedule for
testing and implementing Year 2000 compliant data exchange processes.
OMB stated that exchange partners are well aware of the implications
of failing to make date conversions. Although exchange partners are
aware of the general implications of date exchange failures, the
partners will not know the implications if they do not meet testing
and implementation schedules for specific exchanges, unless the
agencies notify their exchange partners. Knowledge of these
implications is important because the exchange partners have many
competing demands for Year 2000 resources and may have to decide
which activities will be completed on time and which will be
deferred. Therefore, exchange partners need to know the implications
of data exchange failures, including the actions that will be needed
under contingency plans if the partners do not meet key milestones
for testing and implementing data exchanges.
OMB also disagreed with our recommendation that the federal CIO
Council (1) identify the areas in which adequate forums on Year 2000
issues are not available for our international trade partners and (2)
develop an approach to promote Year 2000 compliance activities by
these trading partners. OMB said that the Chair of the President's
Council on Year 2000 Conversion agreed that international
implications of the Year 2000 problems are of the gravest concern,
but disagreed that the CIO Council would be the right place to begin
addressing these problems. According to OMB, the Chair has met with
representatives from two international organizations to encourage
them to be more involved in Year 2000 activities and with the
Secretary of State who agreed to have ambassadors conduct outreach
efforts in each country. OMB also said that the Chair has asked
agency heads to encourage international organizations to cooperate in
addressing Year 2000 problems. The steps taken by the Chair to
promote international actions on Year 2000 problems represent
progress but much more organized, concerted, and continuous effort
are needed to adequately address this far-reaching and complex
issue--one that the Chair has acknowledged as being of gravest
concern. Because the CIO Council includes representatives of
agencies that regulate or influence private sector organizations that
operate internationally in every economic sector, it could, and
should, play an important role in providing the President's Council
with the support needed to deal effectively with Year 2000 issues
worldwide.
---------------------------------------------------------- Letter :8.1
As agreed with your offices, unless you publicly announce its
contents earlier, we plan no further distribution of this report
until 30 days from the date of this letter. At that time, we will
send copies to the Chairman of the Committee on Science; the Ranking
Minority Member of the Committee on Science; the Chairman of the
Subcommittee on Technology; other interested congressional
committees; the Director, Office of Management and Budget; and other
interested parties. Copies will also be made available to others
upon request.
I can be reached at (202) 512-6408 or by e-mail at
[email protected], if you or your staff have any questions.
Major contributors to this report are listed in appendix IX.
Joel C. Willemssen
Director, Civil Agencies Information Systems
OBJECTIVES, SCOPE, AND METHODOLOGY
=========================================================== Appendix I
As requested by the Ranking Minority Member of the Subcommittee on
Technology, House Committee on Science, our overall objectives for
the review were to identify (1) the key actions taken to date to
address electronic data exchanges among federal, state, and local
governments, (2) actions the federal government has taken to minimize
the adverse economic impact of noncompliant Year 2000 data from other
countries' information systems corrupting critical functions of our
nation, and (3) international forums where the worldwide economic
implications of this issue have been or could be addressed.
To identify the key actions taken to date to address electronic data
exchanges among federal, state, and local governments, we contacted
federal and state organizations responsible for coordinating Year
2000 activities to identify their approaches for addressing data
exchange issues. We obtained information on the status of actions of
federal agencies and states using a data collection instrument (DCI).
The DCI contains questions based on our Year 2000 Computing Crisis:
An Assessment Guide (a copy of the DCI is reproduced in appendix
VII). The DCI was pretested by having it reviewed for clarity and
reasonableness by three agencies' representatives who are
knowledgeable about data exchanges. We revised the DCI based on
their comments and further tested it by sending it to six federal
agencies and three states. Five of the six federal agencies
responded with a completed DCI in November and December 1997 and the
other agency did not respond until February 1998. The three states
provided oral comments, but did not respond with a completed DCI.
Based on the five agencies' responses and our subsequent follow-up
questions concerning inconsistent or incomplete data, we revised the
DCI by adding additional definitions and cross references.
The DCI was sent to an additional 36 federal departments\1 and major
agencies (referred to collectively as federal agencies) and the
remaining 47 states, the District of Columbia, and Puerto Rico. All
36 federal agencies and 39 of the 52 state-level organizations
responded to our survey between January and March 1998. Three of the
federal agencies reported that they did not have external data
exchanges. In cases involving incomplete responses or inconsistent
data on responses, we contacted the respondents to request additional
data or clarification, as appropriate. Responses to follow-up
questions were received in February, March, and April 1998.
The DCI was also used to identify the federal government's actions
taken to minimize the adverse economic impact of noncompliant Year
2000 data from other countries' information systems corrupting
critical functions of our nation. In this regard, we collected
information from federal and state organizations that have, or
oversee entities that have, international data exchanges using the
DCI.
To identify international forums where the worldwide economic
implications of this issue have been or could be addressed, we
collected information from federal agencies using the DCI and
researched international organization and Year 2000 Internet sites.
We contacted the organizations identified as potential forums for
international Year 2000 data exchange issues from October 1997
through March 1998 and ascertained their current and planned Year
2000 activities. Five of the international organizations that we
contacted did not have Year 2000 activities or did not respond to our
request for information. These organizations were the International
Monetary Fund, Organization for Economic Cooperation and Development,
European Monetary Institute, Asia-Pacific Economic Cooperation, and
Association of Southeast Asian Nations.
We did not independently verify the data provided in the DCI. We
performed our work between September 1997 and April 1998 in
accordance with generally accepted government audit standards.
--------------------
\1 One combined Department of Defense response included information
for the departments of the Army, Navy, and Air Force.
DATA EXCHANGE STANDARDS GLOSSARY
========================================================== Appendix II
ANSI ASC X12
------------------------------------------------------ Appendix II:0.1
American National Standards Institute Accredited Standards Committee
X12: An ANSI committee that formulates electronic data interchange
standards governing transaction sets, segments, data elements, code
sets, and interchange control structure. Standards define the format
for specific electronic data interchange messages. In June 1997, the
committee approved the use of a 8-digit date in X12 that includes the
first 2 digits of the year.
CHIPS
------------------------------------------------------ Appendix II:0.2
The Clearing House Interbank Payments System: a computerized network
for the transfer of international dollar payments. CHIPS links 115
depository institutions which have offices in New York City.
EDI MEDICARE
------------------------------------------------------ Appendix II:0.3
ANSI ASC X12 standards for the formatting and transmission of
Medicare electronic transmissions involving enrollments, claims,
reimbursements, and other payments.
FEDWIRE
------------------------------------------------------ Appendix II:0.4
Federal Reserve's electronic funds and securities transfer service.
Fedwire is used by Federal Reserve Banks and branches, the Department
of the Treasury, other government agencies, and depository
institutions.
FIPS 4-1
------------------------------------------------------ Appendix II:0.5
Federal Information Processing Standards Publication 4-1,
Representation for Calendar Date and Ordinal Date for Information
Interchange. FIPS 4-1 strongly encourages agencies to use a 4-digit
year format for data exchanges.
HL7
------------------------------------------------------ Appendix II:0.6
A standard for electronic data exchange in certain health care
applications involving patient, clinical, epidemiological, and
regulatory data. HL7 standards are not used in healthcare insurance
administration applications.
UN/EDIFACT
------------------------------------------------------ Appendix II:0.7
United Nations-supported international electronic data exchange
standard for administration, commerce, and transport.
REPORTED STATUS OF ASSESSMENTS AND
OTHER ACTIONS BY FEDERAL AGENCIES
========================================================= Appendix III
Mission-critical
systems Exchanges Bridges and filters
-------------------- ------------------------ ------------------------
Percent Percent Contingency
Department/agency\a (response With Total Percent noncomplian Agreements Identified developed plans
date)\b Total exchanges number assessed t reached as needed & tested developed
------------------------------------ --------- --------- ---------- ----------- ----------- ----------- ----------- ----------- ------------
Agency for International Development 65 6 39 95 89 2 0 - 0
(1/22/98)
Commodity Futures Trading Commission 2 2 27 100 0 27 0 - 0
(1/23/98)
Department of Agriculture (3/12/98) 1,320 121 8,091 94 42 2,075 30 27 521
Department of Commerce (4/2/98) 500 73 265 92 63 61 105 37 140
Department of Defense (4/7/98) 2,378 548 1,911 51 51 476 55 49 143
Department of Education (4/1/98) 14 10 13,536 68 0 4,600 0 - 44
Department of Energy (1/29/98) 368 n/a\c n/a n/a n/a n/a n/a n/a n/a
Department of Health and Human 490 177 6,170 70 57 655 306 19 1,211
Services (3/26/98)
Department of Housing and Urban 63 21 133,567 100 92 9,514 30,533 0 61,066
Development (4/8/98)
Department of the Interior (3/18/ 95 40 2,921 98 47 12 31 81 12
98)
Department of Justice (4/9/98) 192 59 280 69 49 150 71 18 173
Department of Labor (1/26/98) 61 18 3,130 100 8 236 14 0 66
Department of State (3/4/98) 69 9 25 52 31 6 0 - 0
Department of the Treasury (3/25/ 311 138 6,898 100 12 2,725 76 32 77
98)
Department of Transportation (3/5/ 516 56 344 51 83 66 78 1 53
98)
Department of Veterans Affairs (1/ 11 10 580 100 23 230 0 - 0
21/98)
Environmental Protection Agency (2/ 61 25 1,000 0 n/a n/a n/a n/a n/a
11/98)
Federal Communications Commission 24 21 55 100 55 1 15 0 0
(4/7/98)
Federal Deposit Insurance 40 14 79 100 87 0 0 - 0
Corporation (3/13/98)
Federal Emergency Management Agency 48 3 214 100 2 0 0 - 0
(1/23/98)
Federal Maritime Commission (3/31/ 1 1 86 100 0 0 0 - 0
98)
Federal Reserve (3/26/98) 8 8 316,862 100 0 n/n\d\ 0 - -
Federal Trade Commission (1/23/98) 18 6 6 100 0 4 0 - 0
General Services Administration (3/ 42 19 1,796 56 6 236 1 0 55
27/98)
National Aeronautics and Space 158 17 110 37 46 15 5 0 4
Administration (1/23/98)
National Archives and Records 22 3 40 0 n/a n/a n/a n/a n/a
Administration (3/6/98)
National Credit Union Administration 11 1 1 100 0 0 0 - 0
(1/23/98)
National Science Foundation (1/26/ 16 4 18 100 44 10 0 - 0
98)
National Transportation Safety Board 2 1 2 100 0 0 0 - 0
(3/9/98)
Nuclear Regulatory Commission (3/ 7 1 107 100 100 0 107 0 0
31/98)
Office of Personnel Management (1/ 124 44 166 100 38 92 35 0 96
27/98)
Overseas Private Investment 4 2 8 100 88 0 0 - 0
Corporation (1/22/98)
Pension Benefit Guaranty Corporation 15 3 8 75 0 6 0 - 0
(1/27/98)
Railroad Retirement Board (3/4/98) 83 17 110 64 56 7 2 100 0
Securities and Exchange Commission 53 18 28 0 n/a 0 18 0 0
(3/18/98)
Small Business Administration (1/ 40 9 40 100 95 2 2 100 16
30/98)
Social Security Administration (3/ 308 n/a 302 100 100 0 37 14 0
9/98)
U.S. International Trade Commission 4 1 1 100 0 0 0 - 0
(2/2/98)
U.S. Postal Service (1/26/98) 408 56 903 90 90 0 0 - 0
-----------------------------------------------------------------------------------------------------------------------------------------------------
\a Three agencies are not listed in this table because they reported
having no data exchanges. These agencies are the Export-Import Bank
of the U.S., Federal Retirement Thrift Investment Board, and U.S.
Trade and Development Agency.
\b The date that the agency supplied the most recent information,
including new data supplied as the result of follow-up questions.
\c n/a means that the agency was not able to provide this data.
\d n/n means that reaching agreement with exchange partners is not
necessary because the Federal Reserve provides the data exchange
software to the exchange partners.
Source: Federal agencies' responses on a data collection instrument
developed by GAO. We did not independently verify this information.
REPORTED STATUS OF ASSESSMENTS AND
OTHER ACTIONS BY STATES
========================================================== Appendix IV
Mission-
critical Bridges and
systems Exchanges filters
-------------- --------------- ------------
Perce
nt
Ident devel
Percen Percent ified oped Contingen
With Total t non- Agreemen as & cy
Tota exchange numbe assess complia ts neede teste Plans
State l s r ed nt reached d d Developed
----- ---- -------- ----- ------ ------- -------- ----- ----- ---------
Alaba 417 333 2,099 21 44 334 0 0 51
ma\a
Calif 631 114 769 88 94 104 8 13 202
orni
a\a
Conne 1,54 136 196 69 59 46 70 0 40
ctic 9
ut\a
Delaw 195 72 849 89 17 487 23 17 0
are
Georg 378 100 600 50 87 n/a\c n/a n/a n/a
ia\b
Illin 333 123 3,970 69 18 2,021 298 5 1
ois\a
India 200 10 10 10 0 0 0 0 0
na\a
Iowa\ 104 66 87 46 65 87 3 0 16
b
Kansa 262 113 949 53 32 173 28 36 54
s\b
Kentu 290 76 118 66 49 66 0 0 24
cky\a
Maryl 30 20 60 67 63 0 0 0 0
and\b
Michi 718 43 86 50 65 0 0 0 0
gan\a
Minne 1,62 n/a 1,330 64 50 n/a 320 0 0
sota 8
\a
Missi 40 40 105 100 98 100 103 0 n/a
ssip
pi\b
New 200 100 100 50 60 n/a 15 0 0
Hamp
shir
e\b
North 171 67 90 100 78 0 0 0 0
Dako
ta\b
Ohio\ 2,00 800 800 88 29 145 200 50 0
b 0
Oklah 14 4 65 100 38 n/a 5 0 15
oma\b
Puert 148 61 464 59 27 41 71 0 52
o
Rico
\b
South 611 189 1,145 59 34 380 19 79 37
Caro
lina
\a
Tenne 231 83 2,218 87 72 1,493 1,370 0 9
ssee
Utah\ 548 112 178 62 47 27 22 0 57
a
Vermo 80 58 4,051 40 24 24 0 0 0
nt
West 18 11 17 82 43 7 1 0 0
Virg
inia
\b
--------------------------------------------------------------------------------
Note: This table does not include state organizations that did not
respond to our survey, including Alaska, Arizona, Arkansas, Hawaii,
Idaho, Louisiana, Maine, Nebraska, New Jersey, New Mexico,
Pennsylvania, Rhode Island, and Wisconsin. This table also does not
include state organizations that responded to our survey but were not
able to provide the requested data, including Colorado, District of
Columbia, Florida, Massachusetts, Missouri, Montana, Nevada, New
York, North Carolina, Oregon, South Dakota, Texas, Virginia,
Washington, and Wyoming.
\a These states were not able to provide information for all state
organizations and a significant amount of data were not available.
\b These states provided estimates.
\c n/a means that the state was not able to provide these data.
Source: States' responses on a data collection instrument developed
by GAO. We did not independently verify this information.
GUIDANCE AND MONITORING
INFORMATION PROVIDED BY FEDERAL
AGENCIES THAT HAVE
OVERSIGHT/REGULATORY
RESPONSIBILITIES
=========================================================== Appendix V
Issued guidance Established
----------------------- -----------------------
Inspection
Year Data Work or Other
2000 exchange groups validation approach
Department/agency problems issues or forums program es
-------------------- --------- ------------ ---------- ----------- --------
Commodity Futures X X
Trading Commission
Department of X X X
Agriculture
Department of X X X X
Education
Department of (no
Housing and Urban activitie
Development s
reported)
Department of Health X X X X
and Human
Services
Department of the X X
Interior
Department of X X
Justice
Department of Labor X X X X X
Department of the X X X X X
Treasury
Department of X
Transportation
Environmental X X X
Protection Agency
Federal Deposit X
Insurance
Corporation
Federal Reserve X X X
Federal Retirement X
Thrift Investment
Board
National Credit X X X X
Union Administration
Securities and X X X
Exchange Commission
--------------------------------------------------------------------------------
Source: Federal agencies' responses on a data collection instrument
developed by GAO. We did not independently verify this information.
ACTIVITIES OF INTERNATIONAL
ORGANIZATIONS TO RESOLVE YEAR 2000
PROBLEMS
========================================================== Appendix VI
Information on the Year 2000 activities of international
organizations was obtained by interviews with their officials and
research of information posted on Internet web sites. There may be
other organizations addressing international Year 2000 issues that we
did not identify.
BANK FOR INTERNATIONAL SETTLEMENTS
The Bank for International Settlements (BIS) has undertaken a
worldwide campaign to increase awareness, provide guidance, and
identify the status of Year 2000 efforts by central banks and major
international banking organizations. BIS hosts the Basle Committee
on Banking Supervision and the Committee on Payment and Settlement
Systems that are sponsored by the Group of Ten Governors.\1
According to BIS, payment and settlement systems are an essential
element of financial market infrastructures through which clearing
organizations, settlement agents, securities depositories, and the
various direct and indirect participants in these systems are
intricately connected. It is therefore imperative that such systems
be adapted and certified early enough to ensure that they are Year
2000 compliant and, very importantly, to allow inter-institution
testing. This information is available on the BIS web site
(www.bis.org).
To increase awareness, in September 1997, the Basle Committee on
Banking Supervision issued a technical paper for banks that sets out
a strategic approach for the development, testing, and implementation
of system solutions as well as defining the role that central banks
and bank supervisors need to play in promoting awareness of the issue
and enforcing action.
The Committee on Payment and Settlement Systems is collecting and
publishing information on the state of preparedness of payment and
settlement systems around the world with respect to the Year 2000
issue. For this purpose, a special reporting framework has been
developed that operators of payment and settlement systems can use to
indicate the state of internal testing as well as testing with
external participants for key components of their information
technology infrastructure. The framework distinguishes between the
key components of such infrastructures--the central system, the
networks and network interfaces, the participants' front-end systems,
and other main components. For each of these components, information
is provided on the start and completion dates for internal testing as
well as testing with external participants. An indication is also
given as to the connections of the respective payment or settlement
systems with other external systems, on the coordinated effort with
other payment systems and/or major participants, and where more
information can be obtained from the respective operator. The Basle
Committee also plans to survey the efforts that banking supervisors
have underway in each country as well as the state of readiness of
the local banking system. They expect to complete these surveys
during the first half of 1998.
In April 1998, the Basle Committee, the Committee on Payment and
Settlement Systems, the International Organization of Securities
Commissions, and the International Association of Insurance
Supervisors held a round table on the Year 2000 in order to provide a
global platform for the sharing of relevant strategies and
experiences across key industries by international bodies
representing both the public and the private sector.
--------------------
\1 The Group of Ten Governors are the governors for the central banks
of Belgium, Canada, France, Germany, Italy, Japan, Luxembourg, the
Netherlands, Sweden, Switzerland, the United Kingdom, and the United
States. These and central bank representatives of 30 other countries
have representation and voting rights at the general meetings of the
Bank for International Settlements.
INTERNATIONAL ORGANIZATION
OF SECURITIES COMMISSIONS
------------------------------------------------------ Appendix VI:0.1
As the principal international organization of securities regulators,
the International Organization of Securities Commissions (IOSCO) has
taken a leadership role in promoting awareness of the Year 2000
computer problem and in encouraging its membership and all market
participants to take swift and aggressive action to address Year 2000
issues. IOSCO is the largest international organization of
securities regulators with 99 members--principally domestic
government agencies entrusted with securities regulation. Among
other things, IOSCO has called for regular monitoring of Year 2000
readiness and global, industrywide testing to take place in
sufficient time to address any weaknesses or deficiencies that are
revealed.
IOSCO currently exchanges information, periodically engages in joint
work with, and to some extent coordinates its ongoing work with, the
Basle Committee on Banking Supervision and the International
Association of Insurance Supervisors. IOSCO has a working
relationship and/or exchanges information on a regular basis with
BIS, the International Accounting Standards Committee, the
International Federation of Accountants, the Fdration
Internationale des Bourses de Valeurs, the International Monetary
Fund, and members of the World Bank Group. IOSCO also maintains a
liaison relationship with the International Organization for
Standards. Information on IOSCO's current work program is regularly
provided to the Group of Seven.\2
IOSCO is surveying and obtaining information on a regular basis about
measures being taken by industry and regulators to address Year 2000
computer issues. IOSCO is also encouraging global, industrywide
testing. IOSCO's current work builds on its public statement of June
1997, exhorting all members and market participants in their
jurisdictions to take all necessary and appropriate action to address
the critical challenges presented by the Year 2000 issue.
IOSCO's Technical Committee, which consists of regulators of the most
developed and internationalized markets, is currently surveying its
members to ascertain what actions are being taken within member
jurisdictions to avoid Year 2000 problems. Because of the critical
nature of this project, the Technical Committee decided to conduct
similar surveys on industry readiness every 6 months. Each Technical
Committee member was requested to supply the following information to
the IOSCO Secretary General by January 15, 1998.
1. Awareness: What actions has your organization taken to impress
upon relevant entities (self-regulatory organizations, industry
groups, financial firms) the importance of addressing the Year 2000
issues identified in the Technical Committee Statement?
2. Guidance: What specific policies and/or procedures are being
used by your organization and other relevant organizations within
your jurisdiction to prepare markets and market participants for Year
2000?
3. Progress: What steps (including the use of specific interim
goals) are being taken by your organization and by the other relevant
organizations in your jurisdiction to monitor the progress of
relevant entities in addressing Year 2000 problems?
4. Testing: What plans have been made by your organization or other
relevant organizations in your jurisdiction for industrywide systems
testing for Year 2000 problems?
IOSCO added a specific section on the Year 2000 issue to its Internet
web site (www.iosco.org) that contains a substantive reference list
on this topic.
--------------------
\2 The Group of Seven is comprised of the leaders from these seven
countries: Canada, France, Germany, Great Britain, Italy, Japan, and
the United States.
SECURITIES INDUSTRY
ASSOCIATION
------------------------------------------------------ Appendix VI:0.2
The Securities Industry Association's (SIA) activities are primarily
directed at increasing awareness; however, it is taking a leadership
role in its efforts to establish a testing schedule. SIA staff have
been making presentations at conferences to increase international
awareness of Year 2000 problems. For example, SIA staff gave Year
2000 awareness presentations at IOSCO conferences in Kenya, Taipei,
and European cities. SIA is also conducting scenario planning
sessions at international conferences to stimulate planning. These
sessions focus on priorities for resolving Year 2000 problems.
To identify Year 2000 readiness in the securities industry, SIA is
conducting an industrywide survey. The survey form is posted on its
Internet web site (www.sia.com/year_2000). If sufficient response is
received, SIA will post a summary of the results on its web site.
SIA has also developed and posted on its web site a conversion and
testing schedule for its members to use in coordinating their Year
2000 activities. In addition, SIA is developing a checklist to help
chief executive officers focus on key Year 2000 activities.
SIA has coordinated extensively with other international
organizations, including the Investment Dealer Association, IOSCO,
International Insurance Association, Futures Industry Association,
Institute Internationale Finance, and Fdration Internationale des
Bourses de Valeurs. SIA is considering a coordinated effort with
multilateral development banks, such as the World Bank, Asian
Development Bank, and the European Development Bank, to promote
awareness.
FUTURES INDUSTRY ASSOCIATION
------------------------------------------------------ Appendix VI:0.3
The focus of the Futures Industry Association's (FIA) Year 2000
activities is information sharing and test coordination among its 200
members. Its members include futures commissions merchants,
international exchanges, and others interested in the futures market.
FIA compiled a "conditions catalog" of products and transactions to
be tested on an exchange-by-exchange basis in the United States. It
is making this available to international members and encouraging
members to adopt the same format for testing between exchanges and
intermediaries. FIA has posted this information on its Internet web
site (www.fiafii.org). FIA has also placed information about various
exchanges on the web site and plans to include additional information
about international exchanges in the future.
FIA met with brokerage firms, exchanges, the London Clearing House,
and key service providers in June and December 1997 to raise
awareness of Year 2000 issues and discuss possible test scenarios.
FIA also hosted an international meeting at its Futures & Options
Expo in October 1997 to discuss various Year 2000 activities around
the world. At the FIA International Futures Industry Conference in
March 1998, FIA asked key members to support an industrywide test.
FIA is surveying 20 of the member exchanges with the highest trade
volume to identify their Year 2000 activities. At a Global
Technology Forum held in London March 30-April 1, 1998, FIA will
request that the 20 member exchanges provide information about the
scope of their Year 2000 activities, including their current status,
interfaces with intermediaries, plans for individual testing with
intermediaries, and willingness to participate in an industrywide
test.
INTERNATIONAL ASSOCIATION OF
INSURANCE SUPERVISORS
------------------------------------------------------ Appendix VI:0.4
The International Association of Insurance Supervisors' Year 2000
activities are primarily directed at increasing awareness of Year
2000 issues among its insurance supervisor members from over 70
countries. It is also working cooperatively with other international
organizations to increase awareness. In November 1997, it issued a
joint statement with the Basle Committee on Banking Supervision and
the International Organization of Securities Commissions that
emphasized the importance of the Year 2000 issue. The joint
statement urged the development of action plans to resolve Year 2000
problems, including data exchange problems with financial
institutions and clients.
INTERNATIONAL CIVIL AVIATION
ORGANIZATION
------------------------------------------------------ Appendix VI:0.5
In December 1997, the International Civil Aviation Organization sent
a letter to its members to increase their awareness of Year 2000
computer problems. The letter explained that air traffic service
providers may need to perform assessments on operational air traffic
control systems and nonoperational systems that provide business and
commercial support. Air traffic service operational systems may be
date dependent and subject to local implementation. Such systems
include aeronautical fixed telecommunication networks, radar data
processing, and flight data processing systems. In addition,
operational systems often use date information for logging
performance information. The letter also suggested a schedule for
assessing, implementing solutions, and testing systems. The
International Civil Aviation Organization requested that members
advise it on remedial actions they have taken.
INTERNATIONAL AIR TRANSPORT
ASSOCIATION
------------------------------------------------------ Appendix VI:0.6
The International Air Transport Association (IATA) represents and
serves 259 members in the airline industry. In addition to the
airlines, IATA works with airline industry suppliers, including
airports, air traffic controls, aircraft/avionics manufacturers,
travel agencies, global distribution systems, and information
technology suppliers. IATA serves as a clearing house between its
airline members to process their debit/credit notes.
IATA has an internal Year 2000 project that includes four major
steps: software/hardware inventory, Year 2000 compliance analysis,
software modification, and contingency planning. IATA has set a
target date of December 25, 1998, for Year 2000 compliance for all of
its products and services.
As an association of international airlines, IATA has established a
group to coordinate and synchronize efforts within the industry to
ensure timely solutions to Year 2000 issues. Specifically, the date
format of interline messages (messages airlines exchange among
themselves and other parties as a part of business processes) has
been frozen. The member airlines' applications will have to handle
date conversion, if required. In addition, IATA has conducted Year
2000 conferences and seminars to exchange information among members.
To monitor the status of Year 2000 activities, IATA has conducted
surveys of airline members and industry suppliers. The survey of
member airlines showed that (1) very few organizations claim to be
fully compliant, (2) the majority of the organizations are well aware
of the problem and have already initiated Year 2000 compliance
activities, and (3) the typical target date for full compliance is
the end of 1998. The results of the survey are available on IATA's
web site (www.iata.org/y2k).
EUROPEAN COMMISSION
------------------------------------------------------ Appendix VI:0.7
The European Commission has declared that it is concerned about the
vulnerability of enterprises, infrastructures, and public
administrations to the Year 2000 computer problem as well as the
possible consequences of this problem for consumers. The Commission
had extensive consultations with the public and private sectors
during workshops in 1997 to identify the main priorities for action
and the roles for enterprises, associations, administrations, and the
Commission itself. As a result of these consultations, the
Commission adopted a course of action and published it in an official
communication on February 25, 1998. The purpose of the communication
was to raise awareness and set out the Commission's steps to address
Year 2000 issues, including
-- encouraging and facilitating the exchange of information and
experience on Year 2000 initiatives undertaken by the
Commission's member states and European associations, with a
view to identifying how synergies can be established to reduce
duplication of effort and increase the overall impact;
-- serving as a liaison with the European and international
organizations that are responsible for regulating or supervising
infrastructural sectors with significant cross-border effects
(finance, telecommunications, energy, transportation) in order
to exchange information about respective activities and identify
where cooperation may be required. An area of particular
concern is the planning and implementation of coordinated
cross-border testing activities in those sectors that are likely
to involve organizations in different member states. The
Commission will initiate discussions between relevant
organizations and member states;
-- discussing the Year 2000 and its implications through all the
relevant contacts available to the Commission services in
industry and member states. In particular, attention will be
paid to the impact on and preparation of infrastructural
sectors, the impact on consumers and small and medium size
enterprises, and the potential impact on the functioning of the
internal market; and
-- maintaining a Internet web site on the Year 2000 computer
problem (www.ispo.cec.be/y2keuro). This site provides access to
information about activities in different economic sectors and
member states, points to sources of advice on specific aspects
of the problem, and links to other sites as well as to all
documents and reports produced by the Commission on the subject.
The Commission also plans to monitor progress, exchange information,
and benchmark best practices while reporting regularly on the
progress towards Year 2000 readiness and its related issues. In the
context of its policies such as those on industry, small and medium
size enterprises, consumers, and training, the Commission will
examine whether a further contribution could be made towards helping
raise awareness and address Year 2000-related problems.
In addition to its Year 2000 activities, the Commission is also
addressing the information technology implications of European
countries' conversion to the new Euro currency. Because this
conversion is taking place about the same time period as the Year
2000 date conversion activities, the two activities are in
competition for financial, technical, and management resources. To
identify how businesses are approaching the Euro conversion and the
interrelationship with activities to resolve Year 2000 problems, the
Commission sponsored the survey of over 1000 senior information
technology managers in 10 countries. The results of this survey, as
well as the issue papers and workshop results, are posted on the
Commission's web site.
WORLD BANK
------------------------------------------------------ Appendix VI:0.8
The World Bank is conducting an awareness campaign directed toward
its client governments and implementing agencies that are responsible
for World Bank-financed projects in developing countries. The Bank
wants to ensure the continued success and viability of its clients
and avoid problems with development projects, many of which comprise
information technology systems and embedded logic components that may
be vulnerable to the Year 2000 problem. In this effort, however, the
Bank limits its role to raising awareness and pointing clients toward
ways of evaluating and remediating the problem.
To begin this effort, the Bank is (1) distributing an information
packet on the Year 2000 problem, (2) pointing recipients to further
sources on the Internet, and (3) providing some advice on
ascertaining Year 2000 compliance in the procurement process. In the
near future, the Bank plans to provide Year 2000 information on the
Bank's Internet web site (www.worldbank.org). The Bank also is
hiring a contractor to develop a guide for developing country
governments on creating a national Year 2000 policy. When ready,
this guide will be placed on the Bank's Internet web site and will be
conveyed to governments via seminars to be held around the world.
UNITED NATIONS
------------------------------------------------------ Appendix VI:0.9
In November 1997, the United Nations' Information Technology Services
Division posted information on its Internet web site
(www.un.org/members/yr2000) to increase awareness of the actions
needed to resolve Year 2000 computer problems. This included
information on the actions being taken concerning the computer
systems operated by United Nations' organizations and references to
issue papers and guidance documents that member countries could use
in developing their own Year 2000 program. It also circulated a
letter to member countries that recommended dates for Year 2000
compliance and contained references to reading materials and
companies providing Year 2000 services. At that time, the United
Nations was considering a program to encourage member countries that
have not already begun a Year 2000 assessment to take aggressive
action in the development of strategic plans to deal with Year 2000
problems. It also circulated a letter to member countries that
recommended dates for Year 2000 compliance and contained references
on reading materials and companies providing Year 2000 services.
YEAR 2000 GLOBAL STEERING
COMMITTEE
----------------------------------------------------- Appendix VI:0.10
The Steering Committee is sponsored by the Group of Seven and its
objective is to promote the international sharing of information on
the resolution of Year 2000 computer problems. To achieve this
objective, the Steering Committee has established an Internet web
site (www.itpolicy.gsa.gov) that includes (1) links to Year 2000 web
sites of various countries and (2) databases showing the Year 2000
compliance status of commercial-off-the-shelf software,
telecommunications, facilities, and biomedical equipment. The
Steering Committee is also planning to use the web site to conduct a
virtual Year 2000 international conference.
INTERNATIONAL COUNCIL FOR
INFORMATION TECHNOLOGY IN
GOVERNMENT ADMINISTRATION
----------------------------------------------------- Appendix VI:0.11
The International Council sponsored a workshop in August 1997 with
the objectives of exchanging information among members on Year 2000
issues related to each member country and identifying areas of common
interest. The workshop was attended by representatives from 14
countries (a report on the workshop is located at
www.ogit.gov.au/ica/icay2k). The International Council has scheduled
a second workshop for June 1998.
INTERPOL
----------------------------------------------------- Appendix VI:0.12
Interpol operates an international network that its 177 member
countries use to exchange law enforcement information. Member
countries connect to telecommunication hubs that are located around
the world and their information systems transmit data through the
network. Interpol has a project underway to ensure that its network
will be ready well before the Year 2000. According to project
officials, Interpol has been working with suppliers to ensure that
the network's hardware and software will be Year 2000 compliant. It
has also sent its Year 2000 plans to each member country. A key part
of these plans is the testing of the network. This testing is
scheduled to be performed in October 1998 and January 1999.
(See figure in printed edition.)Appendix VII
DATA COLLECTION INSTRUMENT
========================================================== Appendix VI
(See figure in printed edition.)
(See figure in printed edition.)
(See figure in printed edition.)
(See figure in printed edition.)
(See figure in printed edition.)
(See figure in printed edition.)
(See figure in printed edition.)
(See figure in printed edition.)
(See figure in printed edition.)Appendix VIII
COMMENTS FROM THE OFFICE OF
MANAGEMENT AND BUDGET
========================================================== Appendix VI
(See figure in printed edition.)
(See figure in printed edition.)
(See figure in printed edition.)
(See figure in printed edition.)
MAJOR CONTRIBUTORS TO THIS REPORT
========================================================== Appendix IX
ACCOUNTING AND INFORMATION
MANAGEMENT DIVISION, WASHINGTON,
D.C.
David G. Gill, Assistant Director
Mirko J. Dolak, Technical Assistant Director
James R. Hamilton, Evaluator-In-Charge
William G. Barrick, Senior Information Systems Analyst
William N. Isrin, Operations Research Analyst
Michael A. Tovares, Information Systems Analyst
RELATED GAO PRODUCTS
============================================================ Chapter 0
Year 2000 Computing Crisis: Continuing Risks of Disruption to Social
Security, Medicare, and Treasury Programs (GAO/T-AIMD-98-161, May 7,
1998).
Year 2000 Computing Crisis: Potential for Widespread Disruption
Calls for Strong Leadership and Partnerships (GAO/AIMD-98-85, April
30, 1998).
Department of the Interior: Year 2000 Computing Crisis Presents Risk
of Disruption to Key Operations (GAO/T-AIMD-98-149, April 22, 1998).
Year 2000 Computing Crisis: Federal Regulatory Efforts to Ensure
Financial Institution Systems Are Year 2000 Compliant
(GAO/T-AIMD-98-116, March 24, 1998).
Year 2000 Computing Crisis: Strong Leadership Needed to Avoid
Disruption of Essential Services (GAO/T-AIMD-98-117, March 24, 1998).
Year 2000 Computing Crisis: Business Continuity and Contingency
Planning (GAO/AIMD-10.1.19, Exposure Draft, March 1998).
Year 2000 Computing Crisis: FAA Must Act Quickly to Prevent Systems
Failures (GAO/T-AIMD-98-63, February 4, 1998).
FAA Computer Systems: Limited Progress on Year 2000 Issue Increases
Risk Dramatically (GAO/AIMD-98-45, January 30, 1998).
Defense Computers: Air Force Needs to Strengthen Year 2000 Oversight
(GAO/AIMD-98-35, January 16, 1998).
Social Security Administration: Significant Progress Made in Year
2000 Effort, But Key Risks Remain (GAO/AIMD-98-6, October 22, 1997).
Defense Computers: Technical Support Is Key to Naval Supply Year
2000 Success (GAO/AIMD-98-7R, October 21, 1997).
Veterans Affairs Computer Systems: Action Underway Yet Much Work
Remains To Resolve Year 2000 Crisis (GAO/T-AIMD-97-174, September 25,
1997).
Year 2000 Computing Crisis: An Assessment Guide (GAO/AIMD-10.1.14,
September 1997).
Defense Computers: Improvements to DOD Systems Inventory Needed for
Year 2000 Effort (GAO/AIMD-97-112, August 13, 1997).
Defense Computers: Issues Confronting DLA in Addressing Year 2000
Problems (GAO/AIMD-97-106, August 12, 1997).
Defense Computers: DFAS Faces Challenges in Solving the Year 2000
Problem (GAO/AIMD-97-117, August 11, 1997).
Veterans Benefits Computer Systems: Uninterrupted Delivery of
Benefits Depends on Timely Correction of Year-2000 Problems
(GAO/T-AIMD-97-114, June 26, 1997).
Veterans Benefits Computer Systems: Risks of VBA's Year-2000 Efforts
(GAO/AIMD-97-79, May 30, 1997).
Medicare Transaction System: Success Depends Upon Correcting
Critical Managerial and Technical Weaknesses (GAO/AIMD-97-78, May 16,
1997).
*** End of document. ***