Strategies for Y2K Contingency Planning.Businesses have concentrated on Year 2000 issues to varying degrees. Many began the process early and over time concluded that their Year 2000 projects have been managed successfully, while others remain concerned that various critical systems may not be compliant. After all the time and money organizations have spent to fix or replace non-compliant systems, many senior managers can be forgiven for asking, "Why do I need Y2K See Y2K problem and Y2K compliant. Y2K - Year 2000 contingency plans A plan involving suitable backups, immediate actions and longer term measures for responding to computer emergencies such as attacks or accidental disasters. Contingency plans are part of business resumption planning. ?" Consider some of the issues that leave the organization open to multiple and significant business failures. The points below illustrate some of the potential Y2K failures and disruptions that may occur despite the best efforts of an organization to be prepared. While it is certainly impossible to anticipate every potential failure or disruption, an organization that has given thought and planning to risks in key areas will be better prepared to handle any contingency than an organization that simply waits to deal with failures when they occur. Incomplete Functionality Testing Any untested functionality is a significant business threat, particularly within a global organization due to system complexity and extended business support. Examples may include automated packaging and shipping facilities, building security systems, or billing systems. Incorrect Code Repair Automated or manual processes require considerable effort to ensure issue identification, particularly with less obvious issues. Automated efforts demand significant external support and manual efforts are tedious and require visual program code review. In either case, the business is exposed if testing is incomplete and unremediated. Indequate Change Control/Change Management And Deficient de·fi·cient adj. 1. Lacking an essential quality or element. 2. Inadequate in amount or degree; insufficient. deficient a state of being in deficit. IT/IS Inventories IT/IS assets often change to support the business environment, which introduces possible Year 2000 error conditions if forgotten or overlooked in the repair effort. Incomplete Infrastructure Compliance While business applications may be Year 2000 compliant a. 1. (Computers) having dates fully and properly represented, and not susceptible to failure due to the year 2000 bug. , the process may have overlooked infrastructure verification and compliance. Business applications may be inaccessible inaccessible Surgery adjective Unreachable; referring to a lesion that unmanageable by standard surgical techniques–eg, lesions deep in the brain or adjacent to vital structures–ie, not accessible. See Accessible. if infrastructure components such as electricity, water, telephone, or buildings are not Year 2000 compliant. Non-Compliant Proprietary Software, Hardware, Or Embedded Systems Embedded systems Computer systems that cannot be programmed by the user because they are preprogrammed for a specific task and are buried within the equipment they serve. Utility or connective connective - An operator used in logic to combine two logical formulas. See first order logic. third party IT/IS assets (software or hardware) are essential for distributive dis·trib·u·tive adj. 1. a. Of, relating to, or involving distribution. b. Serving to distribute. 2. applications to operate. Businesses may be unable to perform mission critical functions if Year 2000 compliance remains unverified. Non-Compliant Key Suppliers Key suppliers supporting the core business elements or product delivery to customers present risk if they are not Year 2000 compliant. Non-Compliant Customers Customers that are not Year 2000 compliant may not be able to accept product delivery, affecting cash flow, inventory, expenses, and profitability. Why Contingency Planning? Contingency planning manages the business risks associated with Year 2000 from both a business function and related systems failure perspective. While there are options that organizations consider as viable alternatives to contingency planning, they do not provide the foundation for an organization to manage business operations Business operations are those activities involved in the running of a business for the purpose of producing value for the stakeholders. Compare business processes. The outcome of business operations is the harvesting of value from assets on an ongoing basis given a failure occurrence. A solid contingency plan may, in fact, include other approaches as ways to further protect the organization, but by themselves these alternatives are insufficient to adequately protect the business enterprise and operations. In the absence of contingency plans, some of the largest threats to continued profitability or corporate existence would arise from any number of areas. Customers, a company's greatest asset, could quickly seek alternatives to satisfy their own needs, resulting in a temporary or permanent loss of business and market share. Likewise, new business opportunities could be lost due to an inability to attract new customers because of Y2K disruptions. Cash flow reductions due to customer losses and/or the inability to accept or pay for goods and services In economics, economic output is divided into physical goods and intangible services. Consumption of goods and services is assumed to produce utility (unless the "good" is a "bad"). It is often used when referring to a Goods and Services Tax. may also cripple crip·ple n. One that is partially disabled or unable to use a limb or limbs. v. To cause to lose the use of a limb or limbs. a business. Vendor support for restocking supplies, equipment, and product also becomes problematic when the bills are not being paid. An organization's reputation can thus become tarnished, resulting in a loss of financial community confidence that can cause restrictions or increased costs in acquiring capital. Disaster recovery contractors and other vendors will not necessarily assume responsibility for Year 2000 compliance of parallel or complementary systems. The Year 2000 is being viewed as a foreseen event and not as an unexpected potential disaster. Some organizations believe that there are viable alternatives to contingency planning, particularly as a solution to Year 2000 compliance. These approaches can leave significant issues unattended that senior management should be aware of and consider in decision-making. While compliance efforts will continue well into the new millennium, companies must face the reality that things will be missed and mission critical systems and suppliers will fail. An adequate contingency plan will likely mitigate failures since issues are discovered and operable operable /op·er·a·ble/ (op´er-ah-b'l) subject to being operated upon with a reasonable degree of safety; appropriate for surgical removal. op·er·a·ble adj. plans are implemented to prevent or overcome business disruptions. And Year 2000 contingency plans are documents that will serve as the foundation for enterprise-wide contingency plans. For instance, company leaders should be asking them-selves what happens when a mission-critical component is unavailable to support the business (e.g., staff, technology assets, embedded chip See embedded processor. systems, utilities, security systems, key suppliers, etc.). What is the impact of these failures to the business? How prepared is the organization to respond to component failures that support mission-critical activities? What can be done to prevent or mitigate these disruptions? At the planning level, the questions will include: * Who has to be involved in the restoration of the failed business component? * Who has to be informed of the problem when the lack of business functionality affects individuals or organizations outside of the company? * What steps and processes must occur to maintain business as usual in the event of a failure? * Is the failed component repaired, replaced, worked around, abandoned, etc.? * What and where are the resources to make the business component operational? Considering the questions just raised, businesses must prepare for system failures and the possibility that key suppliers will be unable to provide services and materials. The greatest uncertainty is when and what will fail. Contingency planning is the primary process by which the effect of a failure is minimized to allow business to be conducted as usual. Contingency planning is not just an IT/IS requirement, but an issue that will serve as the foundation for the entire enterprise. 15 "Real World" Examples Millennia III has been providing end-to-end Y2K solutions for more than 50 major corporate clients since 1996. For the most part, these Y2K programs are in the final stages of repair and testing, as well as assessing risks from suppliers, vendors, and customers. While we and our clients are confident that they have minimized the vast majority of Y2K business risks, we are still advising and most of our clients are accepting our recommendations to create specific contingency plans. Below are some examples of various Year 2000 contingency plans already adopted by businesses in the United States United States, officially United States of America, republic (2005 est. pop. 295,734,000), 3,539,227 sq mi (9,166,598 sq km), North America. The United States is the world's third largest country in population and the fourth largest country in area. , the United Kingdom and Europe. 1. An additional payroll will be issued in December 1999 for distribution in January 2000 in case of system problems. 2. Alternate suppliers are being identified in the event a primary vendor is unable to deliver. 3. Printed copies are being ordered prior to Dec. 31 for critical year documentation and reports (e.g., P&L, General Ledger General Ledger A company's accounting records. This formal ledger contains all the financial accounts and statements of a business. Notes: The ledger uses two columns: one records debits, the other has offsetting credits. , Position Statements, and Customer Portfolio). 4. IT departments are setting up 24-hour help desk functions to field calls prior to and after year-end. 5. Some companies are creating "SWAT" Recovery Teams to react quickly and repair Y2K problems Y2K problem or Y2K bug: see Year 2000 problem. (Year 2000 problem) The inability of older hardware and software to recognize the century change in a date. . 6. No vacations are being allowed for employees critical to the Y2K effort during the last two weeks of December and first two weeks of January. 7. Hotel rooms have been reserved near the office for key personnel. 8. Manufacturing companies are planning (and in some cases have begun) to stockpile stock·pile n. A supply stored for future use, usually carefully accrued and maintained. tr.v. stock·piled, stock·pil·ing, stock·piles To accumulate and maintain a supply of for future use. inventory materials. 9. Year-end reporting will be changed from Dec. 31, 1999 to Nov. 30, 1999. 10. Certain tax filings will either be completed early or late (a small fine may be incurred in some cases for late reporting). 11. In some cases, commission payments will be postponed and forecasting and expense distribution systems will be brought forward. 12. Some insurers are depositing twice the value of known payment liabilities for January 2000 in banks other than those in which such reserves are normally retained. 13. Organizations are programming mobile phones to select between at least three networks. Staff is classified into geographic "clusters," which have between them mobile phones connected to each of the selected networks. The "clusters" have a temporary base local to their homes with basic equipment to support critical functions. 14. Where spreadsheet applications are run on client-server networks, alternative PC spreadsheet software is being installed on a number of dedicated, standalone stand·a·lone adj. Self-contained and usually independently operating: a standalone computer terminal. PCs with crucial data downloaded to the PCs in a common format prior to Dec. 31, 1999. This will enable some, albeit skeletal skeletal /skel·e·tal/ (skel´e-t'l) pertaining to the skeleton. skeletal pertaining to the skeleton. See also skeletal muscle. , activity should the network experience failures. For network word processing word processing, use of a computer program or a dedicated hardware and software package to write, edit, format, and print a document. Text is most commonly entered using a keyboard similar to a typewriter's, although handwritten input (see pen-based computer) and software, templates are being created on stand-alone PCs A desktop or laptop computer that is not permanently connected to a local area network (LAN) or a wide area network (WAN). Throughout the 1990s, millions of stand-alone PCs were networked in offices, but it is no longer uncommon to find computers networked in the home so that family as necessary and using common formats such as .txt as the intermediary Intermediary See: Financial intermediary intermediary See financial intermediary. . 15. Many companies are contracting with temporary personnel agencies and security agencies for additional support staff. Other plans call for training of staff from non-essential areas within organizations to support Y2K emergency efforts. It's becoming conventional wisdom that Y2K, at least in the U.S., will not be the cataclysmic cat·a·clysm n. 1. A violent upheaval that causes great destruction or brings about a fundamental change. 2. A violent and sudden change in the earth's crust. 3. A devastating flood. event that some have feared, but is more likely to result in a series of disruptions, the scale of which is anyone's guess. That's why it is imperative to put contingency plans in place now, even as you test the thousands of systems and millions of lines of code The statements and instructions that a programmer writes when creating a program. One line of this "source code" may generate one machine instruction or several depending on the programming language. A line of code in assembly language is typically turned into one machine instruction. you may have repaired over the course of your Year 2000 project. Experts concur CONCUR - ["CONCUR, A Language for Continuous Concurrent Processes", R.M. Salter et al, Comp Langs 5(3):163-189 (1981)]. that for every 100,000 lines of application code that are repaired, 1,000 defects will be introduced. Testing will find many, but not all; moreover, test results are only as good as the script devised for the test. Even with the highest level of confidence in your own Y2K compliance, you are still vulnerable to failures that could not have been foreseen. Patrick Riley is the senior vice president of marketing at Millennia III (Westport, CT). |
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion