Year 2000 Computing Crisis: Progress Made at Department of Labor, But Key
Systems at Risk (Testimony, 09/17/98, GAO/T-AIMD-98-303).
Pursuant to a congressional request, GAO discussed the significant
information technology challenges that the upcoming century change poses
to the Department of Labor, and to several of its agencies, focusing on:
(1) specific year 2000 issues facing two elements of Labor's Employment
and Training Administration; (2) the year 2000 efforts of the Office of
Workers' Compensation Programs and of the Bureau of Labor Statistics;
and (3) observations on the year 2000 readiness of the Pension Benefit
Guaranty Corporation.
GAO noted that: (1) Labor and its agencies have made progress, but are
still at risk in several areas; (2) these areas include making benefits
payments to laid-off workers, collecting labor statistics, and ensuring
accurate accounting for pension benefits; (3) several of the systems
supporting these business areas are at risk; some could fail as early as
January 1999 because they involve calculations a year into the future;
and (4) accordingly, it is critical that appropriate contingency plans
be developed to ensure business continuity in the event of systems
failures.
--------------------------- Indexing Terms -----------------------------
REPORTNUM: T-AIMD-98-303
TITLE: Year 2000 Computing Crisis: Progress Made at Department of
Labor, But Key Systems at Risk
DATE: 09/17/98
SUBJECT: Systems conversions
Computer software
Computer software verification and validation
Data integrity
Information resources management
Strategic information systems planning
Pensions
Information systems
Employment or training programs
IDENTIFIER: Y2K
PBGC Financial Accounting and Reporting System
******************************************************************
** This file contains an ASCII representation of the text of a **
** GAO report. Delineations within the text indicating chapter **
** titles, headings, and bullets are preserved. Major **
** divisions and subdivisions of the text, such as Chapters, **
** Sections, and Appendixes, are identified by double and **
** single lines. The numbers on the right end of these lines **
** indicate the position of each of the subsections in the **
** document outline. These numbers do NOT correspond with the **
** page numbers of the printed product. **
** **
** No attempt has been made to display graphic images, although **
** figure captions are reproduced. Tables are included, but **
** may not resemble those in the printed version. **
** **
** Please see the PDF (Portable Document Format) file, when **
** available, for a complete electronic file of the printed **
** document's contents. **
** **
** A printed copy of this report may be obtained from the GAO **
** Document Distribution Center. For further details, please **
** send an e-mail message to: **
** **
** **
** **
** with the message 'info' in the body. **
******************************************************************
Cover
================================================================ COVER
Before the Subcommittee on Oversight and Investigations, Committee on
Education and the Workforce, House of Representatives
For Release on Delivery
Expected at
10 a.m.
Thursday,
September 17, 1998
YEAR 2000 COMPUTING CRISIS -
PROGRESS MADE AT DEPARTMENT OF
LABOR, BUT KEY SYSTEMS AT RISK
Statement of Joel C. Willemssen
Director, Civil Agencies Information Systems
Accounting and Information Management Division
GAO/T-AIMD-98-303
GAO/AIMD-98-303T
(511254)
Abbreviations
=============================================================== ABBREV
AJB - x
ASP - x
BLS - x
CIO - x
CPI - x
DFAS - x
DLA - x
DOD - x
ERISA - x
ES - x
ETA - x
EFT�99 - x
FAA - x
FARS - x
IRS - x
LSSC - x
NRC - x
OMB - x
OWCP - x
PBGC - x
SEC - x
SESA - X
SSG - x
UIS - x
USDA - x
VBA - x
Y2K - x
============================================================ Chapter 0
Mr. Chairman and Members of the Subcommittee:
We appreciate the opportunity to share with you today the significant
information technology challenges that the upcoming century change
poses to the Department of Labor, in general, and to several of its
agencies in particular. The Year 2000 computing crisis has rightly
received much attention in recent months; virtually every
organization, public and private, that uses computers is at risk.\1
The upcoming change of century is a sweeping and urgent challenge;
for this reason, we have designated the Year 2000 computing problem a
high-risk area for the federal government,\2 and have published
guidance to help organizations successfully address the issue.\3 To
date, we have issued over 60 reports and testimony statements
detailing specific findings and recommendations related to the Year
2000 readiness of a wide range of federal agencies.\4
In addition to reporting on the status of Labor's 61 mission-critical
systems, I will, as requested, (1) focus on specific Year 2000 issues
facing two elements of Labor's Employment and Training Administration
and (2) discuss the Year 2000 efforts of the Office of Workers'
Compensation Programs (OWCP)\5 and of the Bureau of Labor Statistics
(BLS). Finally, I will provide observations on the Year 2000
readiness of the Pension Benefit Guaranty Corporation (PBGC). In
each case, I will highlight the status of these organizations'
efforts and the specific risks associated with their key systems.
In brief, the Department of Labor and its agencies have made
progress, but are still at risk in several areas. These areas
include making benefits payments to laid-off workers, collecting
labor statistics, and ensuring accurate accounting for pension
benefits. Several of the systems supporting these business areas are
at risk; some could fail as early as January 1999--less than 4 months
away--because they involve calculations a year into the future.
Accordingly, it is critical that appropriate contingency plans be
developed to ensure business continuity in the event of systems
failures.
--------------------
\1 For the past several decades, computer systems have typically used
two digits to represent the year, such as "98" for 1998, in order to
conserve electronic data storage and reduce operating costs. In this
format, however, 2000 is indistinguishable from 1900 because both are
represented as "00." As a result, if not modified, systems or
applications that use dates or perform date- or time-sensitive
calculations may generate incorrect results beyond 1999.
\2 High-Risk Series: Information Management and Technology
(GAO/HR-97-9, February 1997).
\3 Year 2000 Computing Crisis: An Assessment Guide
(GAO/AIMD-10.1.14, September 1997), which addresses the key tasks
needed to complete each phase of a Year 2000 program (awareness,
assessment, renovation, validation, and implementation); Year 2000
Computing Crisis: Business Continuity and Contingency Planning
(GAO/AIMD-10.1.19, August 1998), which describes the tasks needed to
ensure the continuity of agency operations; and Year 2000 Computing
Crisis: A Testing Guide (GAO/AIMD-10.1.21, Exposure Draft, June
1998), which discusses the need to plan and conduct Year 2000 tests
in a structured and disciplined fashion.
\4 A listing of our publications is included as an attachment to this
statement.
\5 A component of Labor's Employment Standards Administration.
BACKGROUND
---------------------------------------------------------- Chapter 0:1
The Department of Labor's mission is to promote the welfare of job
seekers, wage earners, and retirees of the United States by improving
their working conditions, enhancing opportunities for profitable
employment, and protecting their retirement investments. Established
as a department in 1913, Labor is responsible for the administration
and enforcement of over 180 federal statutes covering nearly 10
million employers and over 100 million workers. Labor administers
and enforces a variety of federal laws guaranteeing workers' rights
to a workplace free from safety and health hazards; a minimum hourly
wage and overtime pay; family and medical leave; freedom from
employment discrimination; unemployment insurance; and other income
support, such as workers' compensation benefits. Labor also protects
workers' pension rights; provides job training programs; helps
workers find jobs; works to strengthen free collective bargaining;
and keeps track of changes in employment, prices, and other national
economic measures.
For fiscal year 1998, Labor had an estimated budget of $34.6 billion
and is authorized 16,700 staff. About three quarters of Labor's
budget is composed of mandatory spending on income maintenance
programs. The department's diverse functions are carried out by
different offices in a decentralized structure: 24 component units,
with over 1,000 field offices, to support its various functional
responsibilities.
Labor's five major areas of statutory responsibility include
employment and training, employment health and safety, pension and
welfare benefits, employment standards, and labor statistics. It has
six major program agencies to carry out these responsibilities: the
Employment and Training Administration, the Employment Standards
Administration, the Bureau of Labor Statistics, the Occupational
Safety and Health Administration, the Mine Safety and Health
Administration, and the Pension and Welfare Benefits Administration.
The Pension Benefit Guaranty Corporation is a government corporation
that administers the guaranteed retirement pension system.
Labor's program activities fall into two major categories: enhancing
workers' skills through job training and ensuring worker protection.
In addition, it develops economic statistics, such as the consumer
price index, used by business, labor, and government in forming
fiscal and monetary policy and in making cost-of-living adjustments.
Labor also provides temporary income support for laid-off workers
seeking jobs and serves to assist workers in finding new jobs under
federal-state partnerships.
LABOR'S RISKS REQUIRE STRONG
MANAGEMENT APPROACH
---------------------------------------------------------- Chapter 0:2
To perform its mission, Labor makes extensive use of complex
information technology to support programmatic requirements,
departmentwide communications, administrative functions, and office
automation. It has identified 61 mission-critical systems for which
it must ensure Year 2000 compliance. Without these systems, Labor
has determined, it cannot effectively carry out numerous
mission-critical functions, including (1) providing income security
to millions of workers through a variety of benefits programs, (2)
administering nationwide employment and training programs and
services, (3) generating vital statistics on the U.S. economy, such
as unemployment rates and the consumer price index, and (4) providing
vital information to the public on a variety of employment issues,
such as the security of pension plans, occupational injuries and
illnesses, and employment rights.
If Labor's systems are not Year 2000 compliant on or before January
1, 2000, the potential impact could be significant. For example,
according to Labor officials, billions of dollars in benefits
payments to Americans, such as unemployment insurance and workers'
compensation, would be at significant risk of disruption, and
accurate labor statistics on the economy used by both public and
private organizations may not be produced. Further, the ability to
manage the billions of dollars in assets for pension benefit
guarantees for over 40 million workers could be hampered.
The Year 2000 program is likely the largest and most complex project
management and systems conversion activity ever to be undertaken by
many federal agencies. It requires the disciplined, coordinated
application of scarce resources to an agencywide system conversion
that must be completed by a fixed date, and an understanding of the
wide range of dependencies among information systems. To succeed,
Labor must manage the Year 2000 program as a large systems
development activity.
An organization can mitigate its risk of Year 2000 complications
through a structured approach and rigorous program management. One
generally accepted approach, outlined in our Year 2000 Computing
Crisis: An Assessment Guide (GAO/AIMD-10.1.14), includes five
phases:
-- awareness -- defining the problem and gaining executive-level
support;
-- assessment -- inventorying and analyzing systems, and
prioritizing their conversion or replacement;
-- renovation -- converting, replacing, or eliminating selected
systems;
-- validation -- ensuring that all converted or replaced systems
and interfaces will work in an operational environment; and
-- implementation -- deploying Year 2000-compliant systems and
components, and implementing contingency plans, if necessary.
YEAR 2000 COMPLIANCE IS NOW A
DEPARTMENTAL PRIORITY
---------------------------------------------------------- Chapter 0:3
Labor recognized several years ago that the upcoming change of
century posed significant challenges to the agency, and in May 1996
reported to Congress that it had initiated Year 2000 activities. By
late 1996, Labor's Year 2000 activities had increased, and it
reported to the Office of Management and Budget (OMB) that it
completed the Year 2000 awareness phase in December 1996. During
this time period, the Chief Information Officer (CIO) designated a
Labor project manager for the Year 2000 effort, and together the CIO
and the project manager held a series of briefings with executive
staff, administrative officers, and information technology managers
to ensure that Labor's executive and senior management levels were
fully aware of the importance of the Year 2000 issue.
In May 1997, Labor reported to OMB that its CIO had directed that
each Labor component agency designate a Year 2000 project manager.
The CIO and departmental Year 2000 manager instituted two levels of
monthly meetings, one with Year 2000 project managers and one with
the department's information technology managers, to track progress
and share information on Year 2000 project activities.
To keep senior management informed on an ongoing basis, Year 2000
status reports were provided to the Capital Planning Investment
Board, chaired by the CIO and including the heads of major Labor
program agencies and the department's Chief Financial Officer. In
August 1997, the department reported to OMB that it had completed the
Year 2000 assessment phase using a three-tiered structure to evaluate
and rank its systems to prioritize its Year 2000 compliance efforts.
For example, it assigned the highest priority to the mission-critical
systems that would have a direct impact on the public; enforcement
activities; or financial systems, such as its benefits payment
systems.
In a memorandum dated December 31, 1997, the Secretary of Labor made
Year 2000 compliance a top departmental priority, and directed steps
to accelerate progress in reaching the department's target goals.
The Deputy Secretary has also made the agency's Year 2000 progress a
priority item in monthly meetings with each agency head. In February
of this year, Labor established a monthly exception reporting system,
requiring its component agencies to report any deviations from their
Year 2000 plans. Labor uses this report as an early warning of
potential issues needing attention.
In August, Labor reported to OMB that 24 of its 61 mission-critical
systems were compliant; table 1 shows the reported Year 2000 status
of Labor's mission-critical systems as of August 1998.
Table 1
Reported Year 2000 Readiness Status of
Labor's Mission-Critical Systems as of
August 1998
Reporte Percentag Reporte Percentag
Number Unde d e d e
of r To be complia complia
system repa replac nt compliant nt compliant
Agency s ir ed 8/98 8/98 5/98 5/98
------------------ ------ ---- ------ ------- --------- ------- ---------
UIS 1 1 0 0 0 0 0
ES 0 0 0 0 na na na
BLS 23 4 8 11 48 10 44
OWCP 4 2 1 1 25 0 0
Other 33 15 6 12 36 11 33
================================================================================
Total 61 22 15 24 39 21 34
PBGC\a 13 2 1 10 77 7 54
--------------------------------------------------------------------------------
\a PBGC's mission-critical systems are not included in Labor's
totals.
Source: Department of Labor.
RISKS FACING LABOR COMPONENTS
AFFECT MANY CRITICAL WORKFORCE
ISSUES
---------------------------------------------------------- Chapter 0:4
The public relies on the Department of Labor and its components for
assistance when unemployed, for protection and compensation in the
workplace, for statistics on which many of the nation's critical
economic indicators are based, and for ensuring the security of
private pension plans. The department, its agencies, and the states,
in turn, rely on automated systems to ensure that the expected
operations are carried out.
In each of these areas, the Year 2000 compliance status of all
systems cannot yet be ensured. Several of the systems are at risk of
failure, including some state systems that could fail as early as
January 1999 because they involve calculations a year into the
future.
FEDERAL/STATE SYSTEMS FOR
UNEMPLOYED WORKERS AT RISK
OF EARLY FAILURE
-------------------------------------------------------- Chapter 0:4.1
Labor's programs to help unemployed workers and assist them in
locating employment are carried out by two Employment Training
Administration (ETA) organizations: the Unemployment Insurance
Service (UIS) and the Employment Service (ES). Enacted over 60 years
ago as part of the Social Security Act of 1935 as a federal-state
partnership, the Unemployment Insurance Program has been a major
source of temporary income support for laid-off workers seeking work.
The Employment Services Program, which was established by the
Wagner-Peyser Act of 1933, as amended, has assisted workers in
finding new jobs. State Employment Security Agencies (SESA) operate
the programs in accordance with their own state priorities and
unemployment compensation laws; therefore, each state has substantial
control over provided services, eligibility requirements, and
benefits levels. SESAs provide three distinct benefits:
unemployment insurance, employment services, and state administration
of the Job Training Partnership Act.
The department and the states share responsibility for administration
of the Unemployment Insurance Program. Labor's UIS is responsible
for establishing broad guidelines (including some eligibility
conditions), general oversight, and administrative funding. SESAs
pay unemployment compensation benefits from the Unemployment Trust
Fund to eligible workers and collect state unemployment taxes from
employers.
Today, 97 percent of all wage earners are covered by this program.
Unemployment insurance will pay an estimated $24 billion to
approximately 8 million workers in compensation benefits and
allowances from the Unemployment Trust Fund in fiscal year 1999.
During this same period, SESA staff will handle over 6 million
employer tax accounts, 20 million initial unemployment claims, almost
137 million "weeks claimed," and 1 million appeals. In fiscal year
1998, SESAs collected $22 billion in state unemployment insurance
taxes.
Because each of the 53 SESAs (one for each state and the District of
Columbia, Puerto Rico, and the Virgin Islands) has its own system,
Labor's UIS reported only one mission-critical system to OMB--the UIS
itself, which collects information from numerous state sources to
measure and monitor state unemployment insurance performance and
workload and budgeting activities. According to Labor reports, the
expected implementation date for this system is February 1999.
According to Labor's contingency planning guidance issued to SESAs,
if SESA benefits systems were to become inoperable, benefits payments
could be jeopardized; if its tax system failed, tax collections could
suffer. Successful operation of the benefits and tax functions
depend heavily on complex information systems, a wide range of
internal and external products and services, and the uninterrupted
operation of the major information technology infrastructure.
Many SESA systems are already at risk of date problems due to
Year-2000 related failures occurring as early as January 1999. The
SESAs' unemployment insurance benefits systems are vulnerable to this
because of benefit year date calculations used in determining
claimant eligibility. These projected date calculations are relied
upon throughout state benefits systems, and can cause systems
failures as early as January 1999, if not corrected. For example, if
a claim is filed January 4, 1999, it will have a benefit year ending
date of January 3, 2000. If states' benefits system have not been
repaired, Labor expects these systems to fail as early as January
1999--3 and a half months from today--because they would not properly
recognize dates beyond 2000. Because of this date vulnerability,
Labor has strongly encouraged SESAs to address this problem first,
and has provided each with at least $1 millon to address the Year
2000 problem in its particular state.
SOME SESA SYSTEMS AT HIGH
RISK
-------------------------------------------------------- Chapter 0:4.2
UIS monitors the SESAs' Year 2000 progress through status reports
issued on a quarterly basis. UIS places states in one of four
categories: (1) high alert--SESAs at highest risk of failure and
"that appear almost certain to fail by January 4, 1999," (2) at
risk--those that are significantly behind in their renovation
efforts, (3) yellow caution--SESAs that "are on the border" of not
making sufficient progress toward achieving compliance, and (4)
green--those making adequate progress or already having compliant
systems in place. Figure 1 provides UIS' assessment of the 53 SESAs
as of July 31, 1998.
Figure 1: SESAs' Year 2000
Readiness Risk as of July 31,
1998
(See figure in printed
edition.)
Source: Department of Labor.
We did not independently verify
this information.
(See figure in printed
edition.)
As shown, UIS has placed Puerto Rico and the District of Columbia in
the high alert category. According to UIS, these SESAs need to
immediately focus their resources on developing contingency solutions
to replace their existing systems.
UIS also placed five SESAs in the at risk category: Arkansas,
Delaware, Montana, New Mexico, and the Virgin Islands. Labor issued
a policy directive effective yesterday, September 16, requiring that
the at risk SESAs develop and submit business continuity and
contingency plans for their benefits systems to the department's
regional offices by October 1 of this year--and requiring the rest of
the SESAs to submit plans by November 20, 1998.
EMPLOYMENT SERVICE REPORTS
NO MISSION-CRITICAL SYSTEMS
-------------------------------------------------------- Chapter 0:4.3
Labor's U.S. Employment Service (ES) was created by the
Wagner-Peyser Act of 1933, amended in 1982 to give more authority to
state governors. It provides general direction, funding, and
oversight; Labor estimates that its fiscal year 1999 budget request
of $797 million will result in the placement of over 3 million
individuals in jobs through employment services. Under this act,
grants are allocated to each state to plan and administer a labor
exchange program to best respond to the needs of the state's
employers and workers. ES also assists states with programs of test
development, occupational analysis, and maintenance of the Dictionary
of Occupational Titles.
SESAs operate almost 2,000 local employment service (job service)
offices. Each year these offices assist millions of job seekers and
employers and, in some areas, provide job training and related
services. The public employment service is available to everyone
authorized to work in the United States. In addition, it helps to
implement provisions of the Immigration Reform and Control Act of
1986 and provides specialized assistance to veterans; persons with
disabilities; and other groups, such as youths 16 to 22 and the
economically disadvantaged. Most of the service's appropriations
come from the trust funds collected under the Federal Unemployment
Tax Act, with a small portion (3 percent) coming from general
revenues. Federal regulations require that the states maintain
statewide labor exchanges with certain minimum capabilities,
including assisting job seekers in finding employment, assisting
employers in filling jobs, and meeting the work test for unemployment
insurance claimants, among others.
ES reports that it has no mission-critical systems. According to ES
officials, the organization's primary information system would be
considered America's Job Bank (AJB). Together with the 2,000
state-operated public employment offices, ES operates AJB, a
computerized network linking state employment service offices to
provide job seekers with job opportunities. AJB contains
approximately 800,000 job listings and costs about $1.6 million to
operate annually. ES officials also said that AJB provides rapid,
national exposure for job openings and an easily accessible pool of
candidates for employers. In addition to appearing on the Internet,
the job openings and resumes found in AJB are available on computer
systems in public libraries, colleges and universities, high schools,
shopping malls, transition offices on military bases worldwide, and
other places of public interest. There is no charge to either
employers who list their job vacancies or to job seekers who utilize
AJB to locate employment.
According to the Director of Employment Services, AJB, operated by
the State of New York through an agreement with Labor, has not been
formally assessed for Year 2000 compliance. However, according to
the ES director, the impact of AJB's failure would be minimal because
it is a compilation of all state job banks' listings. The ES
director said that if the system did not operate, states could still
access their respective banks and perhaps contact other states
through the Internet to obtain their listings.
WORKERS' COMPENSATION
PROGRAMS ADDRESSING YEAR
2000 CHALLENGES
-------------------------------------------------------- Chapter 0:4.4
One of Labor's units charged with ensuring worker protection is the
Office of Workers' Compensation Programs (OWCP), which administers
three major workers' compensation acts: the Federal Employees'
Compensation Act, the Longshore and Harbor Workers' Compensation Act,
and the Black Lung Benefits Act. The programs reported in fiscal
year 1997 that these compensation programs processed about 207,000
claims and provided approximately $3 billion in compensation funds
for wage replacement benefits, medical treatment, and vocational and
other benefits to eligible workers. OWCP administers these three
compensation acts through three separate program divisions.
We recently reported on OWCP's efforts to address the Year 2000
computing challenges facing its three workers' compensation programs
and the four supporting mission-critical systems.\6 In assessing
these systems, OWCP determined that each was in need of repair to
make it Year 2000 compliant. Of the four, the one most at risk was
the replacement system for the Black Lung Program, known as the
Automated Support Package (ASP). The current ASP is the program's
case management system; if this mainframe system were to fail, it
could disrupt the payment of benefits to sufferers of pneumoconiosis
(Black Lung disease, caused by habitual inhalation of coal dust), as
well as to their beneficiaries and medical providers.
Until recently, as part of its Year 2000 strategy, the existing
system was scheduled to be retired and replaced by a new
client-server\7 system in November 1999--dangerously close to the
year 2000. However, after discussing this situation with OWCP and
department officials, the agency has revised its strategy and will
now also renovate its existing ASP system in the event the
replacement system is not implemented in time. The renovation work
is now underway, and is scheduled to meet the OMB deadlines.
--------------------
\6 Labor's Workers' Compensation Programs and Y2K (GAO/AIMD-98-207R,
July 29, 1998).
\7 In a client-server environment, individual workstations (the
client) and shared processors (the server) cooperate over a network
to complete tasks.
BLS SYSTEMS CRITICAL TO
CURRENT, ACCURATE ECONOMIC
STATISTICS
-------------------------------------------------------- Chapter 0:4.5
The Bureau of Labor Statistics (BLS) is the principal fact-finding
agency in the federal government in the broad field of economics.
BLS is a national statistical agency that collects, processes,
analyzes, and disseminates essential statistical data to the American
public, the Congress, other federal agencies, state and local
governments, business, and labor. For example, BLS produces the
consumer price index (CPI), the principal source of information
concerning trends in consumer prices and inflation in the United
States and one of the nation's most important economic indicators.
BLS also produces other principal economic indicators, such as
current employment statistics, which are produced monthly and include
data on employment, hours, and earnings, in detail by industry and
geographic area, providing a reliable measure of economic activity.
These estimates serve as components of the index of leading economic
indicators. BLS has eight regional offices throughout the country,
each specializing in the economies of the regions in which they are
located.
BLS has 23 of Labor's 61 mission-critical systems. According to BLS
officials, 11 of the 23 are Year 2000 compliant, 8 are being
replaced, and 4 are being repaired. Should these systems fail,
according to BLS' systems impact statements, such failures could
result in the inability to accurately calculate statistical data.
For example, if the CPI system failed it could have an impact on
other federal programs as it is used as the basis to adjust payments
to Social Security recipients and federal and military retirees and
for a number of entitlement programs, such as food stamps and school
lunches. Further, again according to BLS' systems impact statements,
a reliable measure of economic activity would not be available,
affecting the ability of government decisionmakers to formulate
fiscal and economic policy.
The CPI system, which is being repaired, is not scheduled to meet the
September 1998 renovation target or the December 1998 validation
target set by OMB. BLS' plans call for renovation to be completed by
January 1999, validation by February 1999, and implementation by
March 1999.
BLS is relying on eight replacement systems to be implemented between
October 1998 and March 1999. While these systems vary in size and
complexity, system replacement is often a high risk because federal
agencies have a long history of difficulty in delivering planned
systems on time.\8 Further, the Year 2000 schedule for these eight is
tight. Completion target dates for testing and implementation are
all within a few months of each other.
--------------------
\8 Year 2000 Computing Crisis: USDA Faces Tremendous Challenges in
Ensuring That Vital Public Services Are Not Disrupted
(GAO/T-AIMD-98-167, May 14, 1998).
PENSION BENEFIT GUARANTEES
REQUIRE RELIABILITY OF PBGC
SYSTEMS
-------------------------------------------------------- Chapter 0:4.6
The Pension Benefit Guaranty Corporation (PBGC) is a federal
government corporation established by title IV of the Employee
Retirement Income Security Act (ERISA) of 1974. PBGC administers
programs of mandatory insurance to prevent loss of pension benefits
under covered private, defined-benefit pension plans if
single-employer plans terminate or if multi-employer plans are unable
to pay benefits.
PBGC protects the retirement incomes of about 42 million American
workers--one in every three--in over 45,000 defined-benefit pension
plans. PBGC is financed through premiums collected from companies
that sponsor insured pension plans; investment returns on PBGC
assets; and recoveries from employers responsible for underfunded,
terminated plans. PBGC is responsible for annual premium revenues of
over $1 billion, assets of $16 billion, annual benefits payments of
more than $820 million, and benefits obligation to more than 465,000
workers and retirees in more than 2,500 pension plans.
PBGC has 13 mission-critical systems, 12 of which have been replaced
in the last 4 years. The corporation is on schedule to complete
validation and implementation of these replacement systems by
February 1999.
The Financial Accounting and Reporting System (FARS), the one system
that has yet to be replaced, is not due to be implemented until June
1999. This system is critical to the tracking of billions of dollars
related to PBGC's annual financial transactions. Because of this
late implementation date, PBGC is now beginning to look at other
options in the event FARS is not ready in time.
LABOR INTENDS TO DEVELOP PLANS
TO RESPOND TO POTENTIAL
FAILURES
---------------------------------------------------------- Chapter 0:5
Given the challenges Labor faces in making sure that all of its
mission-critical systems are adequately tested and in addressing the
complexities of the large number of federal-state partnerships, it
will be difficult for the department to enter the new century without
some problems. Therefore, it is critical that Labor initiate the
development of realistic contingency plans to ensure continuity of
core business processes in the event of Year 2000-induced failures.
Business continuity and contingency plans should be formulated to
respond to two types of failure: those that can be predicted (e.g.,
systems renovations that are already far behind schedule), and those
that are unforeseen (e.g., systems that fail despite having been
certified Year 2000 compliant, or those that cannot be corrected by
January 1, 2000, despite appearing to be on schedule today).
Moreover, contingency plans that focus only on agency systems are
inadequate. Federal agencies depend on data provided by their
business partners as well as on services provided by the public
infrastructure. Thus, one weak link anywhere in the chain of
critical dependencies can cause major disruption. Given these
interdependencies, it is imperative that contingency plans be
developed for all critical core business processes and supporting
systems, regardless of whether these systems are owned by the agency.
Our guide to ensuring business continuity and contingency planning,
issued last month, provides further detail.\9 It describes four
phases supported by agency Year 2000 program management: initiation,
business impact analysis, contingency planning, and testing. Each
phase represents a major Year 2000 business continuity planning
project activity or segment.
According to Labor officials, the department is committed to
developing business continuity and contingency plans for each
mission-critical business process and supporting systems. The
department has now drafted such plans for key benefits processes and
supporting systems. Plans for other business areas and supporting
systems are expected later this year.
--------------------
\9 GAO/AIMD-10.1.19, August 1998.
-------------------------------------------------------- Chapter 0:5.1
This concludes my statement, and I would be pleased to answer any
questions that you or other Members of the Subcommittee may have at
this time.
GAO REPORTS AND TESTIMONY
ADDRESSING THE YEAR 2000 CRISIS
================================================== Appendix Attachment
Year 2000 Computing Crisis: Severity of Problem Calls for Strong
Leadership and Effective Partnerships (GAO/T-AIMD-98-278, September
3, 1998).
Year 2000 Computing Crisis: Strong Leadership and Effective
Partnerships Needed to Reduce Likelihood of Adverse Impact
(GAO/T-AIMD-98-277, September 2, 1998).
Year 2000 Computing Crisis: Strong Leadership and Effective
Partnerships Needed to Mitigate Risks (GAO/T-AIMD-98-276, September
1, 1998).
Year 2000 Computing Crisis: State Department Needs To Make
Fundamental Improvements To Its Year 2000 Program (GAO/AIMD-98-162,
August 28, 1998).
Year 2000 Computing: EFT 99 Is Not Expected to Affect Year 2000
Remediation Efforts (GAO/AIMD-98-272R, August 28, 1998).
Year 2000 Computing Crisis: Avoiding Major Disruptions Will Require
Strong Leadership and Effective Partnerships (GAO/T-AIMD-98-267,
August 19, 1998).
Year 2000 Computing Crisis: Strong Leadership and Partnerships
Needed to Address Risk of Major Disruptions (GAO/T-AIMD-98-266,
August 17, 1998).
Year 2000 Computing Crisis: Strong Leadership and Partnerships
Needed to Mitigate Risk of Major Disruptions (GAO/T-AIMD-98-262,
August 13, 1998).
FAA Systems: Serious Challenges Remain in Resolving Year 2000 and
Computer Security Problems (GAO/T-AIMD-98-251, August 6, 1998).
Year 2000 Computing Crisis: Business Continuity and Contingency
Planning (GAO/AIMD-10.1.19, August 1998).
Internal Revenue Service: Impact of the IRS Restructuring and Reform
Act on Year 2000 Efforts (GAO/GGD-98-158R, August 4, 1998).
Social Security Administration: Subcommittee Questions Concerning
Information Technology Challenges Facing the Commissioner
(GAO/AIMD-98-235R, July 10, 1998).
Year 2000 Computing Crisis: Actions Needed on Electronic Data
Exchanges (GAO/AIMD-98-124, July 1, 1998).
Defense Computers: Year 2000 Computer Problems Put Navy Operations
at Risk (GAO/AIMD-98-150, June 30, 1998).
Year 2000 Computing Crisis: A Testing Guide (GAO/AIMD-10.1.21,
Exposure Draft, June 1998).
Year 2000 Computing Crisis: Testing and Other Challenges Confronting
Federal Agencies (GAO/T-AIMD-98-218, June 22, 1998).
Year 2000 Computing Crisis: Telecommunications Readiness Critical,
Yet Overall Status Largely Unknown (GAO/T-AIMD-98-212, June 16,
1998).
GAO Views on Year 2000 Testing Metrics (GAO/AIMD-98-217R, June 16,
1998).
IRS' Year 2000 Efforts: Business Continuity Planning Needed for
Potential Year 2000 System Failures (GAO/GGD-98-138, June 15, 1998).
Year 2000 Computing Crisis: Actions Must Be Taken Now to Address
Slow Pace of Federal Progress (GAO/T-AIMD-98-205, June 10, 1998).
Defense Computers: Army Needs to Greatly Strengthen Its Year 2000
Program (GAO/AIMD-98-53, May 29, 1998).
Year 2000 Computing Crisis: USDA Faces Tremendous Challenges in
Ensuring That Vital Public Services Are Not Disrupted
(GAO/T-AIMD-98-167, May 14, 1998).
Securities Pricing: Actions Needed for Conversion to Decimals
(GAO/T-GGD-98-121, May 8, 1998).
Year 2000 Computing Crisis: Continuing Risks of Disruption to Social
Security, Medicare, and Treasury Programs (GAO/T-AIMD-98-161, May 7,
1998).
IRS' Year 2000 Efforts: Status and Risks (GAO/T-GGD-98-123, May 7,
1998).
Air Traffic Control: FAA Plans to Replace Its Host Computer System
Because Future Availability Cannot Be Assured (GAO/AIMD-98-138R, May
1, 1998).
Year 2000 Computing Crisis: Potential for Widespread Disruption
Calls for Strong Leadership and Partnerships (GAO/AIMD-98-85, April
30, 1998).
Defense Computers: Year 2000 Computer Problems Threaten DOD
Operations (GAO/AIMD-98-72, April 30, 1998).
Department of the Interior: Year 2000 Computing Crisis Presents Risk
of Disruption to Key Operations (GAO/T-AIMD-98-149, April 22, 1998).
Tax Administration: IRS' Fiscal Year 1999 Budget Request and Fiscal
Year 1998 Filing Season (GAO/T-GGD/AIMD-98-114, March 31, 1998).
Year 2000 Computing Crisis: Strong Leadership Needed to Avoid
Disruption of Essential Services (GAO/T-AIMD-98-117, March 24, 1998).
Year 2000 Computing Crisis: Federal Regulatory Efforts to Ensure
Financial Institution Systems Are Year 2000 Compliant
(GAO/T-AIMD-98-116, March 24, 1998).
Year 2000 Computing Crisis: Office of Thrift Supervision's Efforts
to Ensure Thrift Systems Are Year 2000 Compliant (GAO/T-AIMD-98-102,
March 18, 1998).
Year 2000 Computing Crisis: Strong Leadership and Effective
Public/Private Cooperation Needed to Avoid Major Disruptions
(GAO/T-AIMD-98-101, March 18, 1998).
Post-Hearing Questions on the Federal Deposit Insurance Corporation's
Year 2000 (Y2K) Preparedness (AIMD-98-108R, March 18, 1998).
SEC Year 2000 Report: Future Reports Could Provide More Detailed
Information (GAO/GGD/AIMD-98-51, March 6, 1998).
Year 2000 Readiness: NRC's Proposed Approach Regarding Nuclear
Powerplants (GAO/AIMD-98-90R, March 6, 1998).
Year 2000 Computing Crisis: Federal Deposit Insurance Corporation's
Efforts to Ensure Bank Systems Are Year 2000 Compliant
(GAO/T-AIMD-98-73, February 10, 1998).
Year 2000 Computing Crisis: FAA Must Act Quickly to Prevent Systems
Failures (GAO/T-AIMD-98-63, February 4, 1998).
FAA Computer Systems: Limited Progress on Year 2000 Issue Increases
Risk Dramatically (GAO/AIMD-98-45, January 30, 1998).
Defense Computers: Air Force Needs to Strengthen Year 2000 Oversight
(GAO/AIMD-98-35, January 16, 1998).
Year 2000 Computing Crisis: Actions Needed to Address Credit Union
Systems' Year 2000 Problem (GAO/AIMD-98-48, January 7, 1998).
Veterans Health Administration Facility Systems: Some Progress Made
In Ensuring Year 2000 Compliance, But Challenges Remain
(GAO/AIMD-98-31R, November 7, 1997).
Year 2000 Computing Crisis: National Credit Union Administration's
Efforts to Ensure Credit Union Systems Are Year 2000 Compliant
(GAO/T-AIMD-98-20, October 22, 1997).
Social Security Administration: Significant Progress Made in Year
2000 Effort, But Key Risks Remain (GAO/AIMD-98-6, October 22, 1997).
Defense Computers: Technical Support Is Key to Naval Supply Year
2000 Success (GAO/AIMD-98-7R, October 21, 1997).
Defense Computers: LSSC Needs to Confront Significant Year 2000
Issues (GAO/AIMD-97-149, September 26, 1997).
Veterans Affairs Computer Systems: Action Underway Yet Much Work
Remains To Resolve Year 2000 Crisis (GAO/T-AIMD-97-174, September 25,
1997).
Year 2000 Computing Crisis: Success Depends Upon Strong Management
and Structured Approach (GAO/T-AIMD-97-173, September 25, 1997).
Year 2000 Computing Crisis: An Assessment Guide (GAO/AIMD-10.1.14,
September 1997).
Defense Computers: SSG Needs to Sustain Year 2000 Progress
(GAO/AIMD-97-120R, August 19, 1997).
Defense Computers: Improvements to DOD Systems Inventory Needed for
Year 2000 Effort (GAO/AIMD-97-112, August 13, 1997).
Defense Computers: Issues Confronting DLA in Addressing Year 2000
Problems (GAO/AIMD-97-106, August 12, 1997).
Defense Computers: DFAS Faces Challenges in Solving the Year 2000
Problem (GAO/AIMD-97-117, August 11, 1997).
Year 2000 Computing Crisis: Time Is Running Out for Federal Agencies
to Prepare for the New Millennium (GAO/T-AIMD-97-129, July 10, 1997).
Veterans Benefits Computer Systems: Uninterrupted Delivery of
Benefits Depends on Timely Correction of Year-2000 Problems
(GAO/T-AIMD-97-114, June 26, 1997).
Veterans Benefits Computer Systems: Risks of VBA's Year-2000 Efforts
(GAO/AIMD-97-79, May 30, 1997).
Medicare Transaction System: Success Depends Upon Correcting
Critical Managerial and Technical Weaknesses (GAO/AIMD-97-78, May 16,
1997).
Medicare Transaction System: Serious Managerial and Technical
Weaknesses Threaten Modernization (GAO/T-AIMD-97-91, May 16, 1997).
Year 2000 Computing Crisis: Risk of Serious Disruption to Essential
Government Functions Calls for Agency Action Now (GAO/T-AIMD-97-52,
February 27, 1997).
Year 2000 Computing Crisis: Strong Leadership Today Needed To
Prevent Future Disruption of Government Services (GAO/T-AIMD-97-51,
February 24, 1997).
High-Risk Series: Information Management and Technology
(GAO/HR-97-9, February 1997).
*** End of document. ***