Featured eBooks
Budget Outlook for Fiscal 2025
Cyber Workforce
Missile Defense
Magazine

Tick, Tick, Tick

Nancy Ferris

|
nferris@govexec.com

A

gencies are starting to consider what they will do if the unthinkable occurs and their vital computer systems aren't ready for the new millennium.

As yet, there has been no official acknowledgment of the likelihood that some mission-critical systems won't work at the dawn of the new century. But senior federal IT managers like David Borland, the Army's deputy chief information officer, are saying it's by no means certain that every faulty line of computer code will be repaired in time.

"We will have some 'aw-shucks' " on Jan. 1, 2000, Borland predicted at an October conference-although he was quick to add that all the Army's mission-critical systems will be fixed.

"We know there will be problems, and we know that there will be failures," Rep. Steve Horn, R-Calif., said in September when he issued a report card with poor grades for agencies' repair work. "Every federal agency is at risk of widespread system failures," the General Accounting Office reported that month.

And in an interview, White House year 2000 coordinator Sally Katzen agreed it is time to focus on contingency planning in case system repairs aren't finished on time.

Agency year 2000 coordinators insist they don't deserve the poor grades handed out on Capitol Hill. But they also continue to discover new wrinkles as they dig into the problem.

Just identifying all their computer systems has been difficult for some agencies, despite years of legislative demands and Office of Management and Budget nagging. For example, agencies reported to OMB in May 1997 that they had 7,769 mission-critical systems. Three months later, they had uncovered 913 more.

Almost as serious, agencies continue to have trouble identifying all the systems with which they exchange data. The issue here is whether an automated data transfer will deliver spurious or indigestible information into a system even after the system has been updated. One way this can happen is if a trading partner opts for a different technical solution for achieving year 2000 readiness. It's not difficult to translate one date format to another, but each agency needs to know what new formats its partners are using.

One agency that is in the process of such an assessment, the Centers for Disease Control and Prevention (CDC), has discovered that it probably has more than 100,000 interfaces with public and private health agencies worldwide, according to James D. Seligman, director of CDC's Information Resources Management Office. The agency has more than 100 systems that process public health reports from 3,000 local health departments, 50 states and thousands of hospitals and other health care providers.

"The number of interfaces is astounding to people" who don't work closely with the systems, says Terry W. Glasgow, an executive with Computer Sciences Corp.'s Systems Engineering Division. One CSC client found its systems shared data with 100 other systems-and there were no records to show why the interfaces existed, whom to contact about them or what the technical specifications were.

The Social Security Administration is widely regarded as the leading federal agency with respect to coping with year 2000 problems, and yet last year SSA found it had overlooked a set of interfaces with 54 state government systems. Unless the states fix those systems in a mutually acceptable way, they could upload faulty data to SSA's computers, bringing to a halt the systems that process initial claims for disability benefits, GAO reported. SSA replied that it expects the systems will be fixed this year.

In fact, data exchanges among federal, state and local agencies have emerged as particularly troublesome. In October, Katzen led a federal delegation to Pittsburgh for a year 2000 summit meeting of federal and state officials. "The states are in various states of readiness," Katzen says. "They're looking for some guidance." She says the meeting was characterized by an unusual degree of cooperation, as the participants agreed to standardize on a four-digit year format.

The Blame Game

More often, the year 2000 issue has given rise to finger-pointing, as everyone involved with computer systems tries to evade blame for the coming debacle. Software companies are denying responsibility for keeping older products running. Federal IT shops are blaming budget decision-makers. Hardware and software buyers are threatening to sue. And Congress and its watchdogs in the GAO keep issuing reports on how the executive branch has mishandled the problem.

In truth, there's plenty of blame to go around. What is lacking is money. The administration resolved early on that the year 2000 problem would not be a money pit. OMB took the position that agencies should be able to get their systems fixed within their existing IT budgets, which total some $26 billion a year. Congress happily concurred.

There have been some breaches in that position for the current fiscal year, as agencies make a case for more money to head off disasters. Chances are that fiscal 1999 budget requests will include more funding for special cases. But a lot of new money isn't likely to materialize.

Though this is not the kind of problem solved by mere application of money, line managers in some agencies have viewed the lack of year 2000 funding as a message from the policy-makers. "There's no resources that came down for this crisis," one Air Force colonel says. "Therefore, it's not a crisis."

The decision not to provide extra funding may make sense, though, given the palpable greed of some in the IT industry who regard the year 2000 problem as simply an opportunity to drum up new business. The vultures, with their dire warnings of disaster, have been circling for a couple of years now, prompting congressional hearings to expose the urgency of the problem, and conferences where questionable cures are touted. Even reputable companies have been caught up in the atmosphere of hype.

Although federal officials acknowledge the seriousness of the millennium bug, many view the disaster scenarios laid out by some vendors as self-serving. The Clinton administration has tried to walk a fine line between using scare tactics and carrying on with business as usual. The current mantra in business and government alike: "This is not a technical problem. This is a management problem."

Degrees of Readiness

One software vendor, Brian Anderson of Compuware Corp., Farmington Hills, Mich., takes issue with using the label "year 2000-compliant" to describe systems that are ready for the century change. The implication is that either your systems are in shape or they're not. In fact, he says, there's a defensible middle ground.

"There's a good chance that 70 percent [readiness] is sufficient" to keep your agency operating, as long as you identify the correct 70 percent, Anderson says. Compuware's File-Aid data management products include a "data ager" that can test year 2000 readiness by fast-forwarding a system's internal clock. Use of tools like this can help managers select the most critical among their systems for top priority in repairs.

The notion of triage, borrowed from emergency medicine, is becoming increasingly attractive. Some systems clearly should be fixed before others. "I know there will be triage going on in the U.S. Army," Borland says.

For many organizations, the biggest fear may be making sure that their payroll system works. But for agencies that disburse benefits checks to the public, the systems that generate such payments could be the most important.

Seligman says certain CDC systems could be turned off for days or weeks without causing major disruptions, if they are not fixed before 2000. Some processes could be handled manually. But when it comes to financial systems, he says, "we don't have enough green-eyeshade people to get the job done" without the computers.

Tasks for Machines

Automation is also key to getting maximum results from year 2000 programs. There are many tools on the market and more emerging, even at this late hour. For example, in November, Viasoft Inc., a Phoenix company already regarded as a market leader, introduced new software tools for managing and carrying out a code renovation program in-house.

Separating the credible claims in the marketplace from the outlandish ones is tough for agencies, but most seem to be getting some help from contractors with their repairs. Besides acquiring software tools, most have hired private firms to supply extra manpower. The situation also has prompted some agencies to buy new computers for testing and running their repaired software. But many IT companies in the federal market have been disappointed that a business bonanza has not materialized.

Although the year 2000 price tag for the entire federal government now tops $4 billion, that money is being spent over several years and as part of normal maintenance activities and system upgrades. With no extra money for this project, agencies are diverting funds and postponing discretionary projects. At CDC, for example, a 12-person team is working on its central systems, such as accounting systems, but its business units are handling repairs of their own applications software with support from contractors already in place.

In some cases, year 2000 concerns are prompting agencies to replace systems that otherwise might have stayed in place a few more years. The Customs Service is replacing its mainframe financial software with a newer version from American Management Systems Inc. of Fairfax, Va. The shift didn't eliminate the year 2000 problem altogether, because of old data still in use and because of interfaces with other systems, Customs' Vincette Goerl says. But because of the replacement project, the Office of Finance finished its year 2000 repairs last year and began testing the renovated software.

Unproductive Dollars

There is a powerful incentive to undertake such replacements. Year 2000 fixes of an agency's core financial systems could cost in the neighborhood of $5 million, a sum that would go a long way toward buying a new software system that would work better and cost less.

One of the most disturbing things about the year 2000 situation, in the eyes of many managers, is that when the deadline arrives and the job is done, the agency will be no better off than it was in 1998. Every dollar spent on year 2000 is an unproductive dollar-unless other system repairs and upgrades are done at the same time. Some agencies are doing just that, causing cynics to accuse IT managers of using the impending crisis as an excuse for empire-building. Others view the doubling up of year 2000 with other work as simply good management.

One of the biggest management challenges is finding and holding onto the staff to handle the millennium problem. Retention of both contract and federal employee staffs has been a problem, as the cost of labor has risen along with the demand for knowledgeable programmers and analysts.

Some federal employees, no doubt attracted by large compensation packages in the private sector, have concluded that "the solution to the year 2000 problem is to retire," says Kathleen Adams, an assistant Social Security commissioner and chairperson of the Year 2000 Interagency Committee. The Internal Revenue Service has lost 18 percent of its programmers recently.

"We're all in competition for the same resources," sighs Customs' Goerl. Keeping experienced IT employees is even more important for agencies trying to wrestle old software into readiness for the century change. "Sometimes your old programmers are the ones who understand the nuances of the code," Goerl says.

It's Getting Late

As the deadline that can't slip gets closer, some are questioning whether agencies need more prodding. Katzen, administrator of OMB's Office of Information and Regulatory Affairs, had a lot on her plate before year 2000 coordination became her responsibility. While careful not to criticize Katzen directly, Rep. Horn has been calling for a full-time year 2000 czar in OMB. His House Subcommittee on Government Management, Information and Technology wrote to the White House in July asking the President to issue a directive and address the public on the issue.

But the White House position is that agencies are making progress and more oversight isn't needed, at least for now. "OMB is out in front on this like you don't usually see us," says OIRA branch chief Bruce McConnell. Katzen says the administration has put considerable pressure on agencies, out of the public eye. "I've been known to pick up the phone and call the secretary" of a lagging Cabinet agency, she says, naming no names. And the topic has been on the agenda of at least one Cabinet meeting.

Experts have briefed the President's Management Council on how to manage the repair programs and what questions to ask of their IT managers. The Chief Information Officers Council has paid substantial attention to the issue. Defense Secretary William S. Cohen has met with military service leaders to assess their progress.

"I will not tell you that we will get all the systems repaired," Katzen says. "I think this is a real challenge."

NEXT STORY: Road Warriors Win Awards