Eighteen Months and Counting

e are quite confident that all of our systems are Year 2000 compliant. However, we have more than a two-year backlog of Year 2000 compliance forms to fill out, so according to our scheduling database, you should hear back from us in June 1900."

The quote posted recently on a commercial World Wide Web site as a spoof is cute, but the Y2K issue is no laughing matter. Managers around the world face a serious challenge in preparing for the so-called millennium bug, when systems that have only two digits to designate the year hit 2000 and think it's 1900.

The press is full of articles on the Y2K problem (see "Tick, Tick, Tick" in Government Executive, January), and a growing array of resources is available to help. One particularly useful source is the General Services Administration's "U.S. Federal Government Gateway for Year 2000 Information Directories".

The problem is that managers will relegate this one, like so many other information technology-related issues, to the information technologists, for a number of reasons. It is complicated. And worse yet, if you are successful, nothing happens. You will be noticed only if you fail.

John Koskinen, now assistant to the President for Y2K matters, faces the formidable task of educating a group of people who are essentially in denial-managers. They acknowledge there is a potential problem but don't see it as theirs. Having survived the challenges of being the government "shutdown czar," now Koskinen gets to be the "Y2K czar." But if anyone can carry this off, he can.

Retiree Recall

Most of the publicity has focused on fixing large software systems. Hundreds, perhaps thousands, of retired COBOL programmers are being rousted from retirement in sunnier climes and lured back to the workforce for large sums of money. The Office of Personnel Management even has waived dual compensation restrictions to allow retirees critical to the Y2K solution to be paid federal salaries without losing their pensions.

Agencies are scurrying to identify their mission-critical systems, examine whether they are Y2K compliant and fix them if they are not. This is important work, but in the vernacular of the logician, all of this is necessary but not sufficient to prevent serious problems on Jan. 1, 2000.

The Y2K solution isn't just about hiring old COBOL programmers to rewrite their code, although that is a part of it. In fact, there are some ways to avoid having to employ some of those old programmers.

First, there still may be time to discard some of those systems and replace rather than rewrite them. After your staff has shown you an inventory of systems that need to be modified, ask first which can be scrapped entirely or replaced by a commercial package.

Next, ask whether the staff has explored commercial software products that can dramatically simplify the task of fixing software you cannot replace. When you ask programmers how to fix a problem, they will almost always recommend programming solutions. In the words of the epistemologist Abraham Kaplan: "Give a small boy a hammer, and you will find that everything he encounters needs pounding."

No System Is an Island

If your system shares information with other organizations, your ability to perform 18 months from now will depend on more than just having fixed the programs that run on your computers. Fixes can be of two types: either making sure that your partners are Y2K compliant, or else building filters into your systems, so that when your systems receive an electronic transaction with a date of 1/1/00, they don't tilt.

For federal managers, the issue goes well beyond systems they operate. Many have regulatory or oversight responsibilities for large segments of our economy-banking and credit, energy, transportation, health, manufacturing and trade. While the operation of information systems in those sectors is often (and should be) the responsibility of private industry, federal managers can play an important role in convening the relevant players, sensitizing them to the issues and working on a compliance strategy.

As if your headache were not already acute, the problem goes beyond identifying and replacing non-Y2K-compliant software in systems you or even your partners have built. Over the last two decades, billions of computer chips have been installed in everything from process control systems (like aircraft electronics) to consumer devices such as wristwatches, VCRs and microwave ovens. Some use dates including the year to make important calculations.

Have a plan for dealing with reality when things go wrong. A basic precept of computer security is the notion of prevention, detection and recovery. It is always best to avoid a disaster. But absolute prevention is a myth. So make sure you have early warning systems. They will give you time to react when something goes awry. Also have a recovery strategy to sort out the important from the trivial and train staff to deal with critical cases. Think triage.

We have fewer than 550 days until Y2K day. Do you know where your systems are?

Franklin S. Reeder heads The Reeder Group, a Washington-based consulting firm he founded after more than 35 years in government. His e-mail address is reeder@erols.com.