'Race To The Finish -- As 2000 approaches,
tech managers are turning their attention to
compliance efforts of their partners, suppliers, and
customers
By Bruce Caldwell
With 18 months to go before the turn of the century puts computer systems to
the real test, corporate IT managers are turning their attention to the year
2000 compliance efforts of their partners, suppliers, customers, and service
providers. The testing of company-to-company connections for date-change
problems is taking on a sense of urgency amid growing evidence that some
sectors, including small businesses, government agencies, and
telecommunications providers, are behind in their conversion efforts.
While many companies express confidence that their own millennium projects
are on track, the concern has shifted to identifying weak links in the commerce
chain among companies. Failure to do so could result in data-processing
errors or delays, causing checks to go unmailed, products to go unshipped-or
worse.
The issue is coming to the fore as new studies put the spotlight on year 2000
laggards. Last week, the government received an "F" in Rep. Stephen Horn's
(R-Calif.) latest report card on federal year 2000 projects. Just five agencies
were judged to be on track for project completion by the deadline of next
March, with 13 agencies looking to finish in 2000 or later. Audits by federal
banking regulators, also released last week, found that year 2000 projects at
695 banks need improvement, with the efforts at 43 of those institutions listed
as unsatisfactory. Other signs of trouble: A Gallup poll sponsored by Wells
Fargo & Co. found that 75% of small businesses surveyed had yet to take any
action on year 2000. And a nationwide survey of hospitals by Chicago law
firm Gordon & Glickson found that 30% haven't begun year 2000 projects.
The situation is getting the attention of business and technology managers, who
are increasingly evaluating and testing whether their partners' systems are year
2000 compliant. Connecticut On-line Computer Center, a bank processor,
put nearly 100 of its bank clients through grueling test procedures over the
Easter weekend. First Union Corp., a financial firm with $157 billion in assets,
is taking its own steps. "We're out there with all our suppliers and partners,"
says Thomas Fogarty, senior VP of IT services with First Union. "We're
discussing how they'll be compliant, but we're also deciding how we'll organize
for failure."
Still, others warn that there's simply not enough time to test all points of
vulnerability. Even with testing done daily, Chase Manhattan Bank won't be
able to check for system glitches with all of its partners, suppliers, and
customers in the 571 days remaining before 2000, says Steven Sheinheit,
senior VP of corporate systems and architecture. "How do you make sure
everything works on an end-to-end basis?" Sheinheit asked last week at a
year 2000 symposium in New York sponsored by the U.S. Office of Thrift
Supervision.
Pilot Testing Begins
Individual companies and industry groups are moving quickly to address
Sheinheit's question. Next week, the Securities Industry Association will begin
pilot tests with two dozen companies representing various segments of the
securities industry, a precursor to broader testing next year that will involve
more than 1,500 participants. The SIA has set up eight subcommittees to deal
with the year 2000 impact of third parties on its member firms, and it plans to
demonstrate the reliability of year 2000 connections between stock exchanges
and "utilities," the industry term for service bureaus that handle the clearing and
settlement of trading transactions. "If a utility fails, the entire industry has a
problem," says Michael Tiernan, chairman of the SIA's year 2000 committee.
The Auto Industry Action Group (AIAG) has been surveying 70,000 physical
sites of auto parts suppliers worldwide, collecting year 2000 data so that
automakers won't have to duplicate efforts in requesting compliance data. The
scope of the supply-chain search recently expanded when the suppliers asked
that the compliance survey be extended to their own suppliers-and to their
suppliers' suppliers.
"You've got some small companies that ask 'What's Y2K?' especially some of
the plants that support our suppliers," says Rebecca Vest, manager of
strategic planning with the purchasing arm of Toyota Motor Manufacturing
North America, which recently joined the AIAG's year 2000 effort.
As part of that program, Toyota will be able to search the AIAG's database
to determine the year 2000 status of its suppliers. That will let the automaker
focus attention on those it deems most critical. Still, Vest says, it won't be
possible to verify the compliance of all of Toyota's parts suppliers. "We will
have to trust some of them," she says.
How do companies rate their own year 2000 readiness? In a survey last week
by InformationWeek Research, 90% of the 125 companies contacted say
their projects are on schedule and within budget. Even so, much work
remains. Only one in 10 companies has actually finished its conversion work.
That means companies are going to have to balance what remains of their own
year 2000 conversion projects with the external testing they still need to do.
Prudential Insurance Co. of America is wrapping up its year 2000 work,
which it plans to complete this year. At the same time, Prudential has identified
several thousand business partners that could potentially damage Prudential's
business if their IT systems aren't compliant by 2000. Prudential has
segmented them into high- and low-risk categories, based on the level of
conversion work to be done, and has developed an action plan for each. Of
those, more than 200 were identified as high risk. Prudential regularly monitors
each partner's progress, sometimes putting its own IT people on their sites.
With one partner, Prudential went so far as to do a formal audit of its IT
systems.
Top Priority
Despite the fact that Prudential's year 2000 work will be done this year, it's
still the company's top IT priority going forward-given its concern that not all
partners are up to speed, says Bill Friel, Prudential's senior VP and CIO.
"Internally, this will be nailed in '98," Friel says. "But it's something you can't
turn your back on until it's done."
Telecommunications carriers and utility companies are high on the list of
concerns of year 2000 project managers. Karthik Chandromouli, head of the
year 2000 project at Toyota, says the automaker "needs to test the integrity of
its global network." That includes getting assurances from carriers that their
systems are year 2000 complaint-but so far, the response from carriers has
been mixed, says Chandromouli.
Federal regulators require banks to complete their projects this year, but some
carriers won't finish their projects until next year. Bell Atlantic, for example, is
not scheduled to complete its project until mid-1999. That makes it difficult
for banks to comply with regulatory requirements or establish contingency
plans. "It is a problem," acknowledges Ellen Seidman, director of the Office of
Thrift Supervision. "We are going to have to figure out a way to deal with the
situation where pieces are missing."
More Work To Do
Bell Atlantic admits that it has much to do. The phone company has more than
350 kinds of equipment within its network, all of which have to be tested.
"The complex stuff can't happen until all of the individual pieces are
compliant," says Skip Patterson, executive director of the year 2000 program
office at Bell Atlantic.
That doesn't bode well for comprehensive end-to-end testing anytime soon
with external systems. "We're quite sure that we're not going to deal with
everything, given the total number of interconnections and possible
permutations and combinations," says Patterson. Bell Atlantic is ranking which
of its routes carry the most important traffic, based on monetary transactions
or safety concerns.
Electric companies are working hard and spending millions of dollars to
prepare their systems for 2000, says Jon Arnold, chief technology officer of
the Edison Electric Institute, which represents investor-owned electric utilities.
Arnold acknowledges that testing of operational systems that can't be shut
down makes the job more complicated. But in an industry that routinely deals
with service outages, he says, year 2000 is considered little more than "an
operational issue." Arnold says utilities should finish year 2000 testing between
December and mid-1999. He acknowledges that not all utilities will provide
their customers with completion dates-partly in an effort to avoid liability
issues.
...
techweb.com |
