[CONTIGENCY-PLANNING] Comparison with UK contingency planning
'Not one of the state regulatory
commissions appear to have developed an
aggressive Y2K stance to push regulated
sectors to act
04/29/1998: "Two hundred IT professionals from 39 state
governments met at the mid-year conference of the National
Association of State Information Resource Executives (NASIRE) in
Lexington, Kentucky on April 20 -21 to discuss electronic
commerce, welfare reform, outsourcing, and the Year 2000." So
writes, Victor Porlier in his Westergaard Year 2000 column, "State
CIOs Meet on Y2K," 4/29/1998. A further excerpt from his column
reports:
Lastly, not one of the myriad state regulatory commissions
appear to have developed an aggressive Y2K stance to push
regulated sectors to act - banks, utilities, telecommunications,
health, transportation, etc.
State level officials are so busy working with limited human
resources that over half are not keeping their Y2K citizen
awareness Web sites up to date or dealing comprehensively
or effectively with their many local governments and school
districts.
In my own research, I had observed the same thing, most obviously
with water. I recently spoke at the SPG Year 2000 Conference and
Expo in Orlando and sat in on workshops on how things are going
with various state governments. Capers Jones in his 6/21/1998
keynote speech confirmed my fears that water utilities are at the
bottom of the list in addressing Y2K issues -- mainly because they
are city-government operated and are not under the domain of any
state-driven Y2K program. (Actually, they are 2nd from the bottom, I
can't remember the bottom industry except that I did not consider it
critical to life.)
Best Government-Sponsored Fallback Plan
is the UK House of Commons Science and
Technology Committee on the Year 2000
04/29/1998: In contrast to the situation in the United States with
state governments, as discussed above, the Institution of Electrical
Engineers in the UK submitted evidence to the House of Commons
Science and Technology Committee on "The Year 2000 - Computer
Compliance". The resulting report of that committee, available at
parliament.the-stationery-office.co.uk
cmselect/cmsctech/342ii/st0202.htm, is entitled "Science and
Technology - Second Report." This proposal I highly recommend for
all 50 states in the USA and other countries. Here are some of the
report excerpts:
Malfunctions or failures in systems which perform
safety-critical or essential operations, such as air traffic
control systems; road or rail signalling; medical equipment;
safety control equipment in factories or equipment controlling
the labelling, storage and distribution of perishable foods,
would present more fundamental risks to the public. For
example, Thames Water, whose operational monitoring and
control systems for major water and waste processes are
dependent on embedded systems, told us "any failure of our
services for a significant period of time would have a
potentially serious impact on the public health of millions of
people".
...It is more difficult to assess progress in other public bodies,
such as local government or the NHS, partly because far less
information on compliance programmes has been made
publicly available and partly because of the disparate nature
of the large number of organisations concerned. Although the
Chancellor of the Duchy of Lancaster has no responsibility
beyond central Government, he has asked each Secretary of
State to ensure that their department performs an exercise
similar to the one he has undertaken in central Government in
respect of the organisations they sponsor. We recommend
that they should do so. We further recommend that the
results of these reviews should be made available, as a
supplement to the Chancellor of the Duchy of Lancaster's
quarterly reports, so that they can both be scrutinised by
experts and serve to reassure the public that adequate
precautions are being taken.
...There are two aspects to contingency planning in the public
sector. First, each organisation must make alternative
arrangements for essential systems which might fail even
though every effort has been made to make them millennium
ready. The Chancellor of the Duchy of Lancaster has drawn
the attention of each department to the need to make such
plans and has "asked Ministerial colleagues to ensure that the
contingency plans in place to cope with major systems
failures are adequate to deal with any unforeseen Year 2000
processing problems". Nevertheless, we are concerned that
the development of such plans should be monitored. We
recommend that progress reports on contingency planning for
central departments and agencies should form an explicit part
of the Chancellor of the Duchy of Lancaster's quarterly
reviews and further that such reporting should be mirrored by
all Ministers in respect of the public bodies which their
departments sponsor.
...The second area where Government has a responsibility
for contingency planning is in respect of the breakdown of
essential public services, whether provided in the public or
private sector, such as emergency services, power and
transport, however remote such possibilities may be.
Responsibility in this area falls to MISC 4-a Cabinet
Committee, chaired by the President of the Board of Trade,
which met for the first time in January 1998. MISC 4
members have a difficult job to perform as the millennium
approaches in drawing up contingency plans for the worst
possible, and most unlikely, scenarios. They will also have to
balance the need to reassure the public that such plans are in
place with the risk of causing widespread fear and panic.
...We were most concerned to ascertain the extent of
progress towards millennium readiness in those sectors which
provide services on which society depends such as food
distribution, transport, health care, power and water supply,
telecommunications and financial and emergency services.
...Not one of these organisations has yet completed their
Year 2000 projects and all pointed out that projects were
designed to reduce risks to manageable proportions rather
than to achieve full compliance. Furthermore, most pointed
out that while they were confident that their own systems
would by adequately prepared in time, they were unable to
predict whether other organisations on whom they were
critically dependent would be.[108] This situation reinforces
the need for adequate and integrated contingency plans to be
drawn up and tested. Thus, while it is important that each
organisation develop its own contingency plans, there is a role
for Government to ensure that alternative arrangements are
in place should there be any interruption in the ability of
providers of essential public services to deliver.
...Contingency plans are more likely to be effective if those
making the plans know what sort of contingencies should be
planned for. Action 2000 told us that it "stands ready to
contribute ... by gathering information on the state of
preparedness, particularly in key sectors" and we welcome its
commitment to undertake "systematic and regular surveys".
We recommend that Action 2000 commission a quarterly
survey on progress in the business sector, broken down into
categories including core services such as transport,
telecommunications and other critical public services. We
further recommend that the results of the survey be publicly
and freely available.
...Although it is impossible to guarantee performance without
degradation or interruption, we are reasonably content that
widespread failures in key parts of the national infrastructure
will be averted if current Year 2000 programmes for
compliance are continued through to completion on time.
However, we emphasise the need for integrated contingency
planning.
...Another means of reaching businesses directly would be to
include information leaflets in telephone or other utility bills
which are delivered to the vast majority of SMEs [small or
medium-sized enterprises].
...
ourworld.compuserve.com |
