Gary Beach testimony to the Senate (July 22)

greenspun.com : LUSENET : TimeBomb 2000 (Y2000) : One Thread

Senate Y2K Committee

Testimony of:

GARY BEACH

PUBLISHER

CIO MAGAZINE

GLOBAL CORPORATIONS & THEIR EXPOSURE TO Y2K

Before the

UNITED STATES SENATE SPECIAL COMMITTEE

ON THE YEAR 2000 TECHNOLOGY PROBLEM

Washington, DC

July 22, 1999

My name is Gary Beach and I am publisher of CIO magazine, the leading publication for chief information officers (CIOs) and other senior executives who use information technology (IT) to

improve their business. CIO magazine provides current information and case studies on the effective use of technology. Our readers work in major corporations, primarily Fortune 1000, and in federal, state and local government agencies.

My Year 2000 expertise includes daily dialogues with business and technology executives as publisher of CIO magazine, and my work on the Steering Committee of YES Corps, an international network of voluntary Y2K experts supported by the International Y2K Cooperation Center, the United Nations and the World Bank. The subject of my testimony is "Global Corporations and Their Exposure to Y2K."

In June of this year, a public-interest coalition of CIO magazine; Dr. Ed Yardeni's Y2K Center, a public service of the chief economist of Deutsche Bank Securities; and Information Systems Audit and Control Association (ISACA), a recognized global leader in information technology governance, control and assurance, conducted a Y2K Experts Poll. The coalition polled Y2K experts in an effort to help the public and their policy officials assess the Year 2000 readiness of organizations around the world. The survey addressed Y2K corporate issues of readiness, confidence, third-party failures, contingency planning, legal issues, economic impact and the personal at-home actions of executives close to the Y2K remediation process.

The poll was conducted via the Web. An e-mail invitation from the three coalition members asked recipients to participate only if they were professionally and actively involved in Y2K

projects. Respondents linked to an electronic polling form in the e-mail solicitation. CIO magazine invited CIOs and other high-level executives from its subscriber list to participate;

ISACA invited its worldwide members. The titles of respondents included accountant/auditor, chief executive officer, president, chief financial officer, chief technology officer, information

technology consultant, management consultant, Y2K projects consultant, and manager, director, or vice president of information technology or information systems. The online poll closed June 16 with a final, qualified sample size of 892 respondents, a very respectable sample with a plus or minus error of 3.3 percent.

The majority or 55 percent of respondents were from large, U.S.-based corporations. Forty-five percent represented firms outside the United States. Sixty-one percent of respondents reported their firm employed more than 1,000 employees. The majority of poll participants were from the financial sector (26 percent), followed by manufacturing (17 percent), government (9 percent), and healthcare (5 percent). Respondents were roughly split three ways among IT executives, finance executives and corporate management.

The Y2K Experts Poll is a snapshot of Y2K readiness among large global firms with an average of 1,300 partners or suppliers connected in a worldwide, electronic domino chain.

Now, I would like to present the major findings from the Y2K Experts Poll that are particularly relevant to this hearing. For your edification, complete findings of the poll are included with this testimony.

In the survey, we asked respondents when they expected to finish all phases of their Y2K projects, including testing. Their responses indicate 1999 Y2K project completion is moving along, but not completed. Eighty percent reported they were more than three-quarters finished. However, 33 percent admitted they were behind schedule. In addition, 8 percent, or almost one in ten, said they will not complete their Y2K work until the Year 2000 or beyond.

Keep in mind these are huge, global firms with significant fiscal and human resources to focus on Y2K. I am concerned that many companies are behind schedule with only six months left until the immovable deadline. If a significant number of large, global companies are lagging, what does that say for small businesses here and abroad? Small companies simply do not have the same level of manpower and resources as big companies.

Nowhere have I seen data, until this poll, that quantifies the percentage of large firms that admit they are not going to make the turn-of-the-century deadline. The fact remains, no one knows

what will happen if organizations are not ready for the millennium. What this data does show us is that some large, global companies already know their computerized systems will not be ready in time. The consequences could range from minor inconveniences like a disruption in utility service to widespread economic, social and political upheaval. Given the range of outcomes, businesses should obviously make every effort to prepare for the Year 2000.

Respondents were also asked to characterize their organizations' contingency planning. The poll found 49 percent of companies had a contingency plan and 50 percent did not have one or were still in the process of creating one. Of the respondents with a contingency plan, 60 percent said they were already implementing it. Contingency plans could include training employees how to

perform tasks manually versus via computer. The poll also found contingency planning by this group of Y2K experts did not include significant stockpiling of business materials, supplies or

products. Thirty-four percent of companies said they were not stockpiling; 19 percent of companies said they were preparing to have two to seven days of extra inventory on hand. Translation: more than likely, any economic disruptions will be triggered by fear, not by additional inventory stockpiling.

We also asked firms about their supply chain, specifically how they were assessing their vendors' Y2K preparedness as well as what percentage of their vendors were not Y2K ready at the time of

the poll. We found 12 percent of large companies were verifying their business partners' Y2K readiness by conducting on-site visits. Forty-eight percent of respondents had sent out

questionnaires followed by telephone calls, 20 percent had sent out questionnaires with no telephone follow up, and 13 percent were having informal conversations with their partners about the state of their readiness. Mr. Chairman, Y2K readiness is not a topic to be relegated to the level of informal conversations.

In my face-to-face personal conversations with CIOs, many tell me they think they will be ready. But, when I ask about their partners, their eyes drift toward the floor and they say they don=t know. They cannot verify their trading partners' readiness. I am concerned that large corporations are not taking the danger of supplier failure seriously enough. Why not? Three

reasons come to mind: 1) time, there is not enough of it to verify the Y2K readiness of the supply chain, 2) expense, corporations are extended fiscally simply getting their own house in order and 3) logistics, how can they possibly manage the complexities of verifying the Y2K readiness of 1,300 other companies? Too many businesses appear to be relying heavily on trust. Companies are more rigorous when it comes to preparing routine legal contracts. In this case, we are talking about the potential for serious repercussions.

Globally speaking, supply chain readiness poses its own set of problems. While American multinational corporations may be able to exert leverage with domestic trading partners, they may have much less leverage with some of their critical supply-chain partners overseas, namely government-owned telecommunications and electrical utilities in foreign countries. Often national governments operate these services and there are few, if any, alternate commercial providers.

The supply chain, which is heavily interconnected, may seriously be affected by incomplete or no delivery of Y2K-compliant mission-critical software. Thirty-five percent of large firms said they have not received Y2K-compliant versions of mission-critical software programs from third-party vendors.

We asked respondents if any of their mission-critical systems were expected to fail or malfunction as a result of Y2K. One of the most daunting statistics from our survey was that these large firms expected 3 percent of their mission-critical systems to fail or malfunction. Again, we are talking about mission-critical systems. Some large companies, providing anything from utilities to consumer products, may not be able to provide people with the necessities they rely on like food, water and electricity. Furthermore, 3 percent of respondents said they expect major problems in their telecommunications service; and 2 percent said they expect major problems with their electrical service. So there will be problems, not widespread, but major problems nonetheless.

It is clear that not every company is going to make the January 1, 2000 deadline. There is good reason to believe that mission-critical software is not going to be delivered in time. I'd like to leave this committee with the following call to action. By September 30, 1999, organizations should be compelled to have a contingency plan in place. To help them accomplish this goal, the Senate Special Committee on the Y2K Technology Prroblem could provide answers to frequently asked questions about "How To" develop a contingency plan. This information must be made available online.

CIO magazine, ISACA and Dr. Ed Yardeni's Y2K Center will be conducting a second Y2K Experts Poll in September. At that time, it will be interesting to note the percentage of contingency plans companies have created and put into place as well as whether the mission-critical software delivery numbers change.

Thank you for the opportunity to share my testimony and the data from the Y2K Experts Poll with you.

-- Brian (imager@home.com), July 27, 1999

Answers

Thanks for the post, Brian

-- dave (wootendave@hotmail.com), July 28, 1999.

Brian, Thanks. That's pretty straightforward. We're toast.

-- Mara Wayne (MaraWAyne@aol.com), July 28, 1999.

Thanks Brian.

I'd really like to hear what our resident optimists think about this testimony and the poll results. I wonder if they'll comment on it?

Mike

===================================================================

-- Michael Taylor (mtdesign3@aol.com), July 28, 1999.


Isn't this the same poll that 'a' posted? It seems longer ago than June, guess not. We've been toast for some time folks! I'm getting tired of coming to that realization. How times flies when doing battle with the "My happy face is shoved up my rump" crowd.

-- Will continue (farming@home.com), July 28, 1999.

"There is good reason to believe that mission-critical software is not going to be delivered in time." This is one of my primary concerns, that companies and agencies are claiming compliance prior to the end of the year based on software and hardware not yet received for which they cannot know when they will receive it. To the extent that this is a truly critical situation, like an electric generating plant, then it should be publicly disclosed. Otherwise, these comforting predictions mean nothing.

-- Brooks (brooksbie@hotmail.com), July 28, 1999.


Please don't misunderstand this. I read the above article and then decided to check out CIO magazine and Tech Corps to learn a little more on my own.This person is a publisher of an IT magazine whose target audience is other IT professionals. There is an section in the archives of the June 1,1999 issue by a Tom Davenport called the Think Tank Making the Most of an Information Rich Environment. The article is called Millenial Fruitcake. One can draw a conclusion about it's contents from the title if they like or peruse it for themselves if they care to. My point is this, yes, this magazine may well have some info regarding Y2k and its impact on small businesses and global corporations. Mr. Beach sells his magazine which is info to info people, this is his livelihood. I don't think this makes him an expert on Y2k. There's alot of info out there, good-bad-wrong-right?who can judge yet? who's to know the truth now? Because there is so much info and no truth( truth comes from living experience I believe)as of yet, the outcome of Y2k is speculation at best. The "we are toast" mantra does not induce much thinking or exploring for oneself.

-- Barb (awaltrip@telepath.com), July 28, 1999.

I forgot to clarify why I asked for those who read this not to misunderstand. I am a thinking individual who believes from my own research that the y2k issue has potential for disturbance. We most likely can identify the categories of impact to us personally if we choose. We most likely do maintain differences as to the extent. The degree, if any, for that possibility exists as well is yet to be experienced, the truth yet to be known. I have prepared to the extent that my research has led me to conclude my family and I may need. That doesnot make my research nor my view nor my conclusion more or less valid than anyone elses nor do I need to prove this to anyone.

-- Barb (awaltrip@telepath.com), July 28, 1999.

Mike:

I'll make just a few comments on it. I'm familiar with this guy from Ed Yardeni's T-200 audio seminar. He indeed painted a gloomy picture in that seminar. If you missed it, you can still hear it at Yardeni's T-200 Audio Seminar

This poll, which resulted in only 892 responses, was a "By invitation only" poll. This means that if one was NOT a subscriber to this magazine, or NOT a member of Ed Yardeni's Y2k Center, or ISACA, they weren't even invited to respond. Actually, despite these limitations, I've seen the actual poll results and they were overall quite positive. I believe I found them on Yardeni's site, but I'd have to check.

Personally, I don't like the way this guy is presenting statistics. For instance, "The majority or 55 percent of respondents were from large, U.S.-based corporations. Forty-five percent represented firms outside the United States. Sixty-one percent of respondents reported their firm employed more than 1,000 employees." Note in particular that 55% of respondents were from large, U.S.-based corporations, yet doesn't specify whether the firms outside the United States were large or small. Then, he states, "Furthermore, 3 percent of respondents said they expect major problems in their telecommunications service; and 2 percent said they expect major problems with their electrical service." These are now 3% of respondents...which could be small companies overseas or large companies in the U.S. He doesn't specify. He does the same thing when he discusses companies that are behind or don't expect to finish, yet goes on to express his fear of large companies not making it.

Check out the poll results for yourself if you feel it's representative. As I said, I found them positive overall even though I felt the extension of the invitation to three limited groups was a bit akin to asking Green Peace members if the whales are in danger.

One last thought: I didn't much like his comparing large corporations to small, medium-sized companies and concluding that they were in danger. I'm not saying some are NOT in danger, but (as I mentioned in another thread) I have a contractor friend who is knocking out 5-6 SME's at a time in under 2 months including complete documentation. Their job simply never required the years of work typically necessary for large corporations.

I doubt that the Senate will raise the same questions that I just did. They DO have the actual poll results in front of them, so they can easily

-- Anita (spoonera@msn.com), July 28, 1999.


Wow. That's the first time I've been chopped off. They can easily verify the results for themselves.

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

-- Anita (spoonera@msn.com), July 28, 1999.


Moderation questions? read the FAQ