How will businesses be forced to acknowledge Y2k problems?greenspun.com : LUSENET : TimeBomb 2000 (Y2000) : One Thread
A few weeks ago, I was interviewed by the company's banker regarding Y2k preparedness. He indicated we were in pretty good shape compared to most other companies. However, this indicated that companies in general must be getting some kind of wakeup calls.
This morning I had a conversation with the company's auditor, PricewaterhouseCoopers. I was informed that at the next audit of all companies audited by them, they would ask each company to respond to a checklist of questions regarding Y2k compliance of mission critical systems. If the answers are inadequate, the auditor will issue an opinion stating that there is question whether the company can continue as a "going concern".
If this is going to be done by auditing companies in general, then this should be a real wake up call for company management. A "going concern" comment by an auditor on their audit report is devastating - management will have to respond. Management may be able to ignore the letters from vendors and suppliers about Y2k compliance, but they can't ignore their auditors, or they will soon lose their bank line of credit.
Will this get the attention of your company or employer?
-- Dan Hunt (email@example.com), September 29, 1998
BTW, when the banker left, did he leave behind any written assurances of his employers Y2K status?
-- Mike (firstname.lastname@example.org), September 29, 1998.
Unfortunately, since NOBODY (and I mean, NOOOOOOOBODDDY)is Y2K compliant, this tends to take the bite out of any otherwise credible threat to get Y2K compliant. Passing a Y2K audit means demonstrating that you have issued memos to create Awareness, done your Inventory to get that "protective paper trail", allocated big bucks for Remediation, put it in your plan to do Testing, and Queried your 3rd party vendors/suppliers/customers so that they will give you the same legal fluff you give everyone who asks you.
-- Joe (email@example.com), September 30, 1998.
<< Unfortunately, since NOBODY (and I mean, NOOOOOOOBODDDY)is Y2K compliant, this tends to take the bite out of any otherwise credible threat to get Y2K compliant. >>
Check out www.itaa.org. ITAA is an organization that has created a Y2K ceritfication program. The list of companies that have been certified si available at that site. While ITAA certification does not guarantee total remediation, the process that ITAA has put together is fairly comprehensive.
Most of the companies on the list as certified are software vendors, but there are a few others, including one bank. Again, having ITAA certification does not mean all your problems are solved, but it does mean that claims such as "NOBODY is Y2K compliant" may be incorrect. It should at least give a reason to be a bit less forcefull with such assertions.
-- Paul Neuhardt (firstname.lastname@example.org), September 30, 1998.
Look, what part of "nobody is Y2K compliant" is not understood? All that ITAA (as well as any other type of body, including the non-compliant FDIC, which is supposed to be the Big Heavy telling banks to get compliant) is "certify" that an organization is adhering to "best practices" towards attaining Y2K compliance. Which means doing Awareness, Inventory, ..., as I noted in my previous post. This "riding on a smile and a shoe shine" game will end within 15 months.
-- Joe (email@example.com), October 01, 1998.
Joe, maybe you missed me talking about it. The company I work for inserts a Y2K warranty in each of our manuals. A neighbor of mine works for one of GM's suppliers; he says they're also compliant.
Two down, millions to go....
To address the original question, are private firms also required to go through this auditing process? I'm currently under the impression that only publicly-owned companies need to be audited like that.
-- Larry Kollar (firstname.lastname@example.org), October 01, 1998.
Larry, My company is private, but has annual audits. Often bankers will require audited financial statements, or at least what are called "reviewed" financial statements, a somewhat less rigorous examination by auditors, thus many private companies will have an "independent accountant". However, that may be an accountant with a less rigorous approach than a Big Six (Big Five?) accounting firm, and they may not bring up the topic of Y2k.
-- Dan Hunt (email@example.com), October 01, 1998.