The Seven Circles Of Riskgreenspun.com : LUSENET : TimeBomb 2000 (Y2000) : One Thread
Imagine the Seven Circles of Risk graphically where the size of each circle is inverse to the control a company has over that issue. That is, the smaller the circle, the more control. It is also inverse to the resources devoted to that issue. That is, the smaller the circle, the more resources devoted. Let's now look at the circles of risk.
Core Application Systems
The inner circle is where a company has most control. This circle includes the software and hardware necessary to run a company's business because it is within the walls of the company. Many companies feel they have addressed their Y2K issues once these internal systems are compliant. Let's explore their other risks.
Networks, Workstations, PCs
The second circle looks at the connectivity of peripheral devices in use by a business (PCs, printers, etc). Many companies presume that recently purchased PCs are Y2K compliant. While this may be correct, the reality is that PCs purchased the same day from the same vendor can differ from each other in a number of ways. For sake of brevity in this article, there are five different levels that can vary from PC to PC. Without checking out these levels for each PC and its assorted peripherals and network, a company could have significant Y2K exposure and not realize it.
Third Party Data Exchange
There are multiple ways a company exchanges data with other entities. EFT (Electronic Funds Transfers) and EDI (Electronic Data Interchange) exchange data and payments. The Y2K requirement is for all parties to be on the same page at the same time for data exchange and payments to be smooth. There are additional third party data exchanges to be concerned about. They include e-mail/Internet attached spreadsheets and data files. If they are not Y2K compliant, they could impact your system. Two other data exchanges are shared network files and "sneaker net," the walking of data via disk or tape from one computer to another.
Embedded Systems Popularly called "embedded chips" these systems are literally everywhere. Embedded systems refer to devices which are outside of the mainframe or PC. They are, for ex-ample, in the valves which control pipelines, oil and gas production, water distribution, power plants, manufacturing, elevators, refrigeration, chilled water, airplanes, hospitals, police cars, fire engines, welding machines and countless other places. Do you have the picture? Embedded systems are everywhere! As a general rule, all embedded systems need to be inspected to assure they will work in Y2K.
The testing of these systems falls within the purview of embedded system engineers. They are experienced with the many embedded system issues. These range from systems which can be tested to those which can not be tested to systems where the manufacturer is no longer in busi-ness. Further complicating the embedded system issue is shortage of these engineers. Thus, even if the systems could be inventoried, it is possible that testing is not an option due to the shortage of qualified engineers!
This risk looks at your suppliers and customers. What is the likelihood they will have difficulty paying or supplying you? They also include the electric and water utilities, transportation/shipping companies, banks, insurance companies, telecommunications, etc. In essence, your business partners are any organization necessary for your company to exist! Many companies have mailed questionnaires only to have them end up in their business partners legal department. In addition, companies have found the returned information to be less than satisfactory. A question for you to ponder is whether you can operate without your critical supplies/ customers?
There are several estimates for possible Y2K litigation costs. The Sacramento Business Journal (1/4/99) reports it at $1 Trillion (other estimates are lower and higher). Regardless of your situation, you should, at a minimum, consult with your outside legal counsel, where your attorney/client privilege resides.
This last circle is beyond your control. It is the risk of global recession, according to Dr. Ed Yardeni, Chief Economist, Deutsche Bank Securities. It is the risk that companies will divert business resources to focus on Y2K, Euro conversion or simply delay/put on hold any current/future projects within your company. . . .
-- Andy (2000EOD@prodigy.net), May 16, 1999