The year 2000 crisis: state of the industry - Industry Trend or Event

Software Magazine, Oct 15, 1997 by William Ulrich

It's October 1997. Few companies have achieved complete Year 2000 compliance. Some have not launched all-out remediation projects. Others have already admitted failure, and are considering triage options. Still others pretend no problem exists. Sound dire? It is. But with good execution by both your IT staff and senior management, there's still time to meet the millennium head on. Imagine it's October 1985 and that the IT and business communities have fully grasped the implications of the Year 2000 problem. We have more than 5,052 days to fix the problem. We set standards to ensure that all new systems being built are compliant. IT has time to convert or replace existing systems. We would not even consider windowing, time-boxing, or other Year 2000 shortcuts. Hardware and software requests for new PC, telephony, manufacturing, and other embedded systems all specify compliance requirements and limit future liability to old equipment. Every company easily reaches compliance, so there will be no issues related to supply-chain breakdown, negative customer impacts, or infrastructure collapse. The annual cost of the century date-change upgrade effort is negligible and the problem never graces the cover of Newsweek.

Instead, it is October 1997, and our procrastination has allowed the Year 2000 issue to reach crisis proportions. To quote the SEC task force on the Year 2000, ". . . it is not possible for any entity or collective enterprise to represent that it has achieved complete Year 2000 compliance. The problem is too complex for such a claim to have legitimacy . . ." As of October 1, there were 822 days until January 1, 2000. Companies planning to devote 1999 to testing had 456 days to complete software corrections. Incredibly, many organizations still have not launched full-scale remediation efforts. Shortcuts are commonplace.

Many organizations are already admitting failure. Contingency planning and triage are the hottest topics among Year 2000 project teams, and the failure of supply chains is a growing concern. The latest trend is retraction letters from vendors who claimed compliance in early surveys. Yet, amazingly, there are still people who believe the problem is a fraud perpetuated by consultants.

The Naked Truth

The scope of the Year 2000 problem is much larger than expected. In fact, as we learn more about the problem, we keep finding new layers of issues (see graphic, this page). The much-maligned Cobol mainframe systems may account for the greatest volume of code, but given the tools and consulting support, they are the eas- iest to correct. Client/server systems, meanwhile, are not completely compliant -- and much harder to fix. Furthermore, end-user software is fraught with problems. Just because Excel and Access are compliant does not mean that the applications using them will function properly.

Date problems appear in a huge variety of non-IT systems and devices including security systems, networks and telecommunications equipment, factory floor machinery, embedded computer chips, and even end products. Are all of these components affected by dates? No, but one factory test found that over 50% of its process control equipment encountered date-related problems. To minimize these problems, we must realize we are all dependent on each other: One company's compliance is useless unless other companies remain viable. Credit cards cannot process transactions unless all links between merchants and banks are operating. A compliant assembly line cannot create products without supplies. We all depend on federal, state, and local governments for an array of services. It's a good bet that numerous local governments don't even know about the problem.

The upside is that Year 2000 is leading to greater cooperation between companies than ever before. The downside is that legal liability concerns are chilling the flow of information.

Not an IT Problem

The Year 2000 crisis is a business problem, not an IT problem. Although the root of the problem is technical, procrastination has turned the century date change into a business concern. Many of the most critical issues, such as customer and supplier compliance, are outside the control of IT. Legal and audit concerns, resource and budget requirements, and the effects on merger and acquisition strategies have forced the Year 2000 issue into the domain of senior management. As this awareness grows, overall responsibility for corporate Year 2000 projects is shifting from IT to the business community.

Because this problem affects virtually every computer system, the Year 2000 is truly a global issue. Yet, the rest of the world lags the U.S. in awareness and action by six months to a year or more. Skepticism about the reality of the problem is common in the U.K., while concern over the European Monetary Union (EMU) is slowing European response to the problem. Asia and Latin America are even further behind. The bad news is that Year 2000 failures in the rest of the world will impact U.S. corporations. The bright spot is that other countries can learn from our mistakes, which should accelerate awareness.