'Statement by KARLA W. CORCORAN INSPECTOR GENERAL UNITED STATES POSTAL SERVICE
before the
SUBCOMMITTEE ON GOVERNMENT MANAGEMENT,
INFORMATION, AND TEHCNOLOGY
of the
COMMITTEE ON
GOVERNMENT REFORM AND OVERSIGHT
U.S. HOUSE OF REPRESENTATIVES
February 23, 1999
Chairman Horn, Chairman McHugh, Chairperson Morella, and Members of the Subcommittees, I am Karla Corcoran, Inspector General of the United States Postal Service. I am the first independent Inspector General for the U.S. Postal Service, and have served in this position since January 1997. Prior to becoming Inspector General, I served as an executive in four other audit or Inspector General organizations, most recently with the Air Force Audit Agency. I am pleased to appear before you to discuss the Year 2000 (Y2K) challenges facing the Postal Service. Richard Chambers, Deputy Assistant Inspector General for Audit, is joining me today.
As you know, the Y2K problem results from the way in which computer systems store and process dates. In many systems, the year 2000 will be indistinguishable from the year 1900, thereby causing potential system failures. The Postal Service is heavily dependent on automation to carry out its mission. In 1998, the Postal Service used automation and information systems to deliver 198 billion pieces of mail, maintain its nationwide network of over 38,000 post offices and facilities, and pay its more than 775,000 career employees. This dependency on automated systems makes the Postal Service highly susceptible to the Y2K problem. As a key element in our nation's communication and commerce infrastructure, its preparedness may be crucial to the nation's Y2K readiness. Both the private sector and government may rely on the Postal Service as a contingency if their systems fail on January 1, 2000.
While the Postal Service has made progress in pursuing solutions to its Y2K problems, it still faces significant challenges in the ten months that remain. Today, I will highlight:
The Postal Service's efforts and accomplishments to date to achieve Y2K readiness;
The results of our Y2K reviews;
The current status of the Postal Service's Y2K Initiative; and
Actions we believe the Postal Service should take to minimize risks.
Attached to this testimony are copies of the four Y2K audit reports issued by our office.
I. USPS Y2K EFFORTS AND ACCOMPLISHMENTS
In 1993, the Postal Service's Vice President for Information Systems provided guidance for solving the Y2K problem within the Postal Service. Initially, only one Postal headquarters organization, Information Systems, was committed to, and engaged in, a solution even though it was a Postal-wide problem. In 1995, the Postal Service established a two-person Y2K program office. In 1997, the Postal Service expanded the program office to 12 people and selected an Executive Program Director, who reported to the Vice President of Information Systems, to lead, manage, and report on the Y2K Initiative. During this time, the Postal Service recognized the scope and complexity of the Y2K challenge, and hired contractors to assist in managing and correcting the problem. In January 1998, the Y2K program was expanded to include non-information systems areas such as external suppliers, mail processing equipment, and facilities.
In January 1999, the Postal Service announced the "Year 2000 Executive Council" made up of the Deputy Postmaster General and other senior Postal officials. The purpose of the Executive Council is to "ensure critical active participation of the key business areas" in the Y2K effort. As part of this effort, the Postal Service redesignated organizational responsibilities and authorities regarding Y2K. The Senior Vice President, Chief Technology Officer is now responsible for reviewing and correcting hardware and software that require Y2K modification, and the Chief Operating Officer and Executive Vice President is responsible for developing business continuity plans in the event of Y2K-related systems failures.
Over the past year and a half, among other things, the Postal Service has:
Developed Business Impact Assessments for many areas;
Reviewed and corrected some non-Y2K compliant critical systems;
Created and implemented an independent process to ensure that systems are reviewed and corrected;
Developed Y2K solutions for mail processing equipment and information technology infrastructure components; and
Tested mail processing equipment at three facilities.
To date, the Postal Service estimates it has spent about $200 million to address the Y2K challenge. In its most recent report to the Office of Management and Budget, the Postal Service estimates it will spend a total of $607 million to resolve the Y2K challenge.
II. YEAR 2000 AUDIT RESULTS TO DATE
From our establishment in early 1997, we recognized the significance of the Y2K problem, and during our short existence, the Postal Service's Y2K Initiative has been one of our highest priorities. Prior to January 1997, when I was sworn in as the first independent Inspector General for the Postal Service, there had been no audit coverage of the Y2K Initiative within the Postal Service.
By July 1997, we had hired specially trained information systems auditors and had started to look at the Postal Service's Y2K readiness. In August 1997, the Deputy Postmaster General requested our office to independently monitor the Postal Service's Y2K Initiative. Over the past year, we have issued Y2K reports to Postal management approximately every three months, assessing their progress and outlining our concerns. Generally, Postal management has agreed with our Y2K recommendations and has taken steps to implement corrective actions.
When we began auditing the Y2K Initiative in 1997, we found that Postal management had not fully identified the extent of the Y2K challenge and, in our judgment, was behind schedule in correcting the problem. Subsequent audit coverage concentrated on the adequacy of Y2K reporting and the Postal Service's overall efforts to ensure compliance.
Our first report, issued in March 1998, addressed the extent to which the Postal Service was aware of and had assessed the Y2K challenge. We found the Postal Service had been slow to recognize Y2K as a Postal-wide issue. We also noted that the Postal Service had neither comprehensive Postal-wide planning nor sufficient senior management involvement to allow for the most effective approach to solving the problem. During our audit, Postal management recognized the need for stronger program management and planning, and hired experienced Y2K consultants. The Deputy Postmaster General agreed with our assessment and noted that the Y2K Initiative is a very critical project for the Postal Service and will require continuous senior management involvement.
Our second report, issued in July 1998, assessed the Postal Service's preliminary progress in reviewing, correcting, and testing information systems and information technology infrastructure hardware and software. We found that:
Mainframe operating systems were not entirely Y2K compliant;
Critical information systems were not correctly identified, prioritized, or tested for Y2K compliance; and
Y2K status reporting was not always accurate.
We offered recommendations to enhance project management and to ensure that systems made Y2K compliant were thoroughly tested and documented.
In September 1998, we issued our third audit report, focusing on the process that provides independent verification that Postal Service systems have been reviewed and corrected, and are Y2K compliant. We noted that management had implemented quality control, but we questioned whether the Postal Service should verify 100 percent of the programming code for all the critical systems. To ensure that all these systems would be verified by the year 2000, we recommended the Postal Service use statistical sampling techniques to streamline the independent verification process. The Postal Service agreed with our report findings and recommendations and initiated corrective actions before the audit was complete.
We issued our most recent Y2K report this month. This report addressed the quality and reliability of Y2K information reported by the Postal Service. We found that briefings to senior management and Y2K reports designed for internal and external use were not always complete, consistent, or clear. We also found that the briefings to senior management did not include a standard report on the overall status of Y2K progress and were not provided at regularly scheduled intervals. As a result, senior managers did not always have the information they needed to monitor Y2K progress. Because senior managers did not have this information, they lost time-critical opportunities to make important resource and budget decisions. We recommended that the Postal Service adopt a status report that is comprehensive yet simple to read and shows, at a glance, the overall status of the Y2K Initiative. The Postal Service concurred with all the findings and has agreed to take action on the recommendations.
We also issued an advisory letter to Postal management in 1998 concerning unlimited indemnification language proposed by a Y2K contractor. It was our view that the proposed contract language would impair the Postal Service's ability to hold the contractor accountable for the deliverable services required by the contract. Postal management reacted quickly to the advisory and modified the contract.
We are also coordinating with the General Accounting Office to assess and monitor the Postal Service's Y2K progress.
Ongoing and Future Y2K Audit Coverage
Before moving to the Postal Service's current Y2K status, I would like to give you an overview of our ongoing and planned Y2K work. In the past few months, we have significantly increased the extent of our coverage, and currently have several reviews underway involving almost 25 percent of our audit and evaluator staff. Four specific areas we are or will be looking at are:
1. Overall Status of the Y2K Initiative: The issues outlined in this testimony will be expanded into a report discussing the current status of the Postal Service's Y2K Initiative from an operational standpoint.
2. Executing the Y2K Budget: At the request of Postal officials, we initiated a review to determine the reasonableness of the Postal Service's expenditures on Y2K contractor support. The Postal Service has spent a substantial portion of the total $200 million Y2K expenditures for contractor support on this initiative. As of January 31, 1999, over 1,300 contractor employees were working on the Postal Service's Y2K Initiative. Our review is ongoing, and we have identified some preliminary issues for management such as contractor oversight, security clearances for contract employees, and the skill level of contractor employees. We plan to complete our review of the Postal Service's Y2K expenditures by the end of the month and will issue a draft report to Postal management shortly thereafter.
3. Y2K Readiness: We plan to provide continuous audit coverage and immediate feedback to management on the status of the Postal Service's Y2K Initiative. We plan to publish formal reports at least quarterly. As part of this work, we also plan to review Y2K issues such as supplier readiness and data exchanges.
4. Review of Continuity and Contingency Planning: We plan a comprehensive review of the development, implementation, and testing of the Postal Service's Y2K continuity and contingency plans.
To aid the Postal Service in meeting its Y2K goals, this work will be continuous and extensive for the remainder of the year. We intend to be flexible in terms of our plan.
III. CURRENT STATUS OF THE POSTAL SERVICE'S Y2K INITIATIVE
Now I would like to discuss the current status of the Postal Service's Y2K Initiative. Postal management is keenly aware of the need to achieve Y2K readiness and ensure that critical business processes will continue to operate. With the year 2000 less than a year away, much work remains. As recently as last November, the Postal Service had no comprehensive report that effectively conveyed to senior management the status of the Postal Service's Y2K Initiative. Therefore, in order to highlight the issues requiring attention within the Y2K area, we developed a matrix dealing with Y2K elements within three major categories:
Critical Core Business Infrastructure;
Information Systems Area; and
Business Continuity and Contingency Planning.
Before we discuss each of these areas, I would like to outline the process that the Postal Service is using to achieve Y2K readiness. The Postal Service is using a multi-phase process to achieve Y2K compliance. The process involves assessing the systems for compliance, reviewing and correcting non-compliant systems, and testing and implementing those solutions or workarounds Postal-wide.
Critical Core Business Infrastructure
Without its critical external suppliers, mail processing equipment, or technology-dependent facilities, movement of the mail would be adversely impacted. While the Postal Service is reporting significant progress in developing Y2K solutions for mail processing equipment, it is behind schedule in assessing the readiness of external suppliers and area facilities. I would like to briefly discuss each of these areas:
External Suppliers: The Postal Service relies extensively on external suppliers that are critical to moving the mail, such as airlines, railroads, and the trucking industry. Obviously, these suppliers are also susceptible to the Y2K problem. Therefore, it is important that the Postal Service become aware of the Y2K status of suppliers to plan and minimize potential disruption in services. Postal officials started to address the supplier issue in June 1998 and, to date, have identified almost 8,000 critical suppliers. As of January 1999, the Postal Service knew the Y2K status of 349 of these 8,000 suppliers. These 8,000 suppliers can be categorized into two groups: headquarters and field.
For headquarters' suppliers, in January 1999, the Postal Service had identified 661 critical suppliers and inquired as to their Y2K readiness. Of these, 312 B nearly half B did not respond to inquiries, so the Postal Service did not know their Y2K status. Of the 349 that replied, the Postal Service determined that 254 are at high risk of not being Y2K ready and 95 suppliers will be ready. Generally, the Postal Service has not developed contingency plans to address how it will move the mail if these external suppliers are not ready for the year 2000.
For field suppliers, the Postal Service also identified more than 7,200 critical suppliers that still needed to be assessed for Y2K readiness. Because so much work remains to be done in assessing the readiness of suppliers, the Postal Service faces a significant challenge in developing contingency plans for those critical suppliers that will not be ready.
Mail Processing Equipment: The Postal Service relies extensively on mail processing equipment to sort and process millions of pieces of mail daily. The Postal Service has identified 43 types of equipment that are critical to movement of the mail. These include nationally-managed equipment, such as delivery bar code sorters, advanced facer cancellers, flat sorting machines, and large parcel sorting systems. The 43 types of equipment represent thousands of pieces throughout the country. The Postal Service has reported that Y2K solutions have been developed, or are already in place, for 39 of the 43 types of equipment. The best assurance that systems will work in the year 2000 is to test them in advance. However, Postal management initially elected to test mail processing equipment at only 3 out of more than 350 sites.
The remaining 4 of the 43 types represent less than a thousand pieces of equipment. According to Postal management, these four types are in the process of being assessed, reviewed, and corrected. The Postal Service has projected that all 43 systems' solutions will be in place by August 1999.
Technology-dependent Facilities: The Postal Service operates more than 38,000 facilities nationwide. Many of these facilities are dependent on technology susceptible to Y2K problems, such as fire suppression equipment, heating and cooling systems, and building access controls. The Postal Service considers 700 of these facilities Ahigh risk" because of the high volume of mail. These facilities rely on thousands of pieces of critical Y2K-susceptible equipment.
As of January 1999, the Postal Service did not know the Y2K status of critical equipment in its facilities nationwide. Officials tried to determine the status of equipment starting in June 1998, but had limited success. In January 1999, the Postal Service determined that the most appropriate method for assessing equipment was to conduct a survey of the equipment within 200 "high risk" facilities. The survey is expected to be completed by June 1999.
In the six months remaining after completion of the survey, officials will need to:
Project the results of this survey nationwide;
Determine the business impact of non-Y2K compliant equipment;
Develop, deploy, and test solutions for critical non-Y2K compliant equipment; and
Develop workarounds and contingency plans.
Information Systems Area
Now I would like to turn to the traditional information systems area, which includes computers, communications facilities, hardware and software, and data designed to support the Postal Service's business processes. While the Postal Service has made progress in reviewing and correcting Postal-wide information systems, data exchanges, information technology infrastructure, and readiness testing, much remains to be done. If critical information systems fail, the Postal Service's core business processes -- such as movement of the mail, collection of revenue, payment of bills, and protection of the life and safety of employees and customers -- may be impaired.
We would like to describe what we have learned about these areas to date:
Information Systems: As of January 1999, the Postal Service had identified 152 critical information systems. Critical systems are those crucial to the core business activities of the Postal Service. Examples of these systems include Payroll, National Change of Address, and Stamp Services.
As of January 1999, Postal managers reported that 127 of the 152 systems were reviewed, corrected, and tested at the system level. These systems still need to be certified and independently verified as Y2K compliant. Some systems will also need to undergo readiness testing. The Postal Service's initial target date for reviewing and correcting systems was September 1998. The current completion date is projected for June 1999, nine months after the original projection, which affects other information systems target dates. According to the Postal Service, as of January 31, 1999, 41 of the 127 reviewed and corrected critical systems had been independently verified as Y2K compliant.
Contingency plans identify alternative actions in case a critical system fails, and protect the continuity of business processes. Originally, the Postal Service intended to prepare contingency plans for all 152 critical systems. Currently, the Postal Service's intentions are to develop contingency plans for key business processes. No contingency plans had been completed as of the end of
January 1999.
Data Exchanges: The Postal Service exchanges a significant amount of data internally and with external organizations, such as financial institutions, customers, transportation suppliers, meter manufacturers, and the U.S. Treasury. These data exchanges need to be assessed and certified as compliant if the Postal Service's Y2K effort is to succeed. Even if the Postal Service's critical systems are Y2K compliant, it is possible that exchange partners' systems may not be Y2K ready. As a result, the Postal Service's critical systems may be affected. For example, 5 postage meter manufacturers generate about $21 billion in annual Postal Service revenue. Revenues from these manufacturers are transferred to the Postal Service's systems via data exchanges. The Postal Service is in the process of ensuring these very important data exchanges are Y2K ready and tested.
As of January 1999, the Postal Service had not completed its inventory of internal and external data exchanges. The Postal Service has assessed about 4,300 out of approximately 5,700 data exchanges. About 2,000 of the 4,300 data exchanges assessed have been identified as critical. As of now, 123 of the 2,000 have been reported as Y2K ready.
In the ten months that remain, the Postal Service must:
Identify whether the remaining 1,400 data exchanges are external or internal;
Determine if the 1,400 data exchanges are critical;
Assess the Y2K readiness of all critical data exchanges; and
Develop workarounds and contingency plans for those critical data exchanges that are not Y2K ready.
Information Technology Infrastructure: The Postal Service depends on mainframe systems, midrange computers, network servers, personal computers, and telecommunications equipment. The Postal Service has been working to make this infrastructure Y2K compliant since 1996. As of January 1999, officials estimated that the Postal Service had more than 134,000 actual pieces of hardware, including about 120,000 personal computers and about 14,000 servers.
To manage the inventory, the Postal Service has categorized the hardware and software into 2,000 unique types. As of January 1999, the Postal Service reported that solutions had been developed for 1,600 of the 2,000 types of hardware and software. Deploying the solutions will be a challenge because the Postal Service does not know which specific personal computers and servers are not Y2K compliant. Postal Service officials also indicate they are currently working on solutions and workarounds for the remaining 400 types of hardware and software. Contingency plans and independent verification are in process for the information technology area, but have not been completed.
Readiness Testing: The most reliable way to ensure that the Postal Service's complex information systems and core business processes are Y2K ready is to test them before the year 2000. Officials recently elected to conduct readiness tests on information systems that drive core business processes in areas such as finance, marketing, and mail operations. Readiness testing is a high-level integrated means of ensuring that information systems, data exchanges, and the various technology elements will work together to process information in the year 2000. To date, they have not identified how many of the 152 systems drive core business processes other than in the finance area. The Postal Service has not made a final determination on the extent of readiness testing.
Although the Postal Service plans to complete all readiness testing for systems that drive core business processes by July 1999, a great deal of work remains, such as:
Identifying information systems that drive non-financial key core business processes;
Obtaining resources needed to conduct the tests;
Developing readiness testing plans; and
Correcting any portion of a system that fails a readiness test or developing a workaround.
Business Continuity and Contingency Planning
The last area we will discuss is business continuity and contingency planning. We believe that the Postal Service must act quickly to reduce the risk and potential negative effects of Y2K failures. One weak link anywhere in the chain of critical dependencies B including external suppliers, business partners, and the public infrastructure B could cause major disruptions in Postal Service business operations nationwide. As a result, it is imperative that continuity and contingency plans be developed and tested for all core business processes.
Ten months remain to develop, implement, and test a comprehensive Y2K business continuity plan. Postal management agreed with our March 1998 recommendation to develop, implement, and test these plans for the most critical systems. Because sufficient progress had not been made, we reiterated our concerns in November 1998, and provided management with additional information on such planning. In January 1999, the Postal Service announced the placement of the responsibility for developing the continuity plan under the Chief Operating Officer and Executive Vice President. Since then, the Postal Service has agreed on a methodology to develop corporate business continuity and contingency plans, has started to acquire contractor support, and has begun the process of systematically documenting in detail its core business processes that will be addressed in the plans. The Postal Service plans to complete its business continuity and contingency plans by July 1999, and test them by August 1999.
In the remaining ten months, Postal officials must:
Document the Postal Service's core business processes;
Determine system component dependencies;
Assess risk of failure for each component, including the estimated probability and effect;
Develop business process contingency plans and develop Atrigger strategies;
Establish recovery teams for each critical process;
Test business process contingency plans; and
Update disaster recovery plans and procedures.
The Postal Service is faced with a formidable challenge in completing all of these tasks, and needs to continue to vigorously pursue this area.
IV. ACTIONS WE BELIEVE THE POSTAL SERVICE SHOULD TAKE TO MINIMIZE RISKS
It is critical that the Postal Service's core business processes work on
January 1, 2000. Ideally, all of the Postal Service's Y2K problems would be fixed, and core business processes would transition seamlessly into the year 2000. In reality, there may be more to do than time will permit.
The Postal Service established the total universe of Y2K-affected structures and systems and made an initial determination of its most Y2K-vulnerable structures and systems that would affect carrying out its mission. In the remaining ten months, Postal officials may not be able to obtain new and/or reallocate current resources necessary to correct, deploy, and test the vast numbers of systems and structures identified in the initial assessment.
Therefore, we believe the Postal Service should immediately reevaluate the initial assessment and shift priority to issues that are absolutely necessary to ensure that core business processes work in the year 2000. The core business processes are those that move the mail, pay employees and vendors, protect revenue, and protect the safety of employees and customers. The remaining systems and structures must still be corrected, but not until after the core business processes have been safeguarded against Y2K failures.
Even if core business processes are secured, and the remaining systems and structures are reviewed and corrected in time for the year 2000, it is still critical that the Postal Service develop and test business continuity and contingency plans. Such plans will reduce the consequences of Y2K problems that could impair the Postal Service's core business processes.
In summary, the Postal Service recognizes the Y2K challenge, is taking action, and has made some progress in resolving the Y2K issues. However, with ten months remaining before the year 2000, much work remains. In the coming months, the OIG will continue to work closely with Postal management to identify Y2K challenges and minimize the risk of Y2K-related failures. My office will continue to contribute, in every way we can, to ensure a smooth transition into the next century.
This concludes my statement. Thank you for the opportunity to be here today. I would be pleased to answer any questions.
house.gov |
