The General Accounting Office is Congress's watchdog. It has issued
a series of reports on y2k and the failure of the U.S. government to solve it.
Its April 30 report on the military is very long and very uncomplimentary. Yet the official in charge of the y2k project for the military says he agrees with the GAO's recommendations.
The Department of Defense has systems that still have yet to be assessed. According to the
California White Paper, awareness is 1% of a y2k repair; inventory is 1%; assessment is 5%. Then the hard work begins.
Any system still not assessed is not going to get fixed by Jan. 1, 2000. The report does not say this, but that is the obvious implication.
Here is a damning conclusion by the report: "It is spending limited resources fixing nonmission-critical systems even though most mission-critical systems have not been corrected."
As to the size of the project, consider this: "the department is responsible for more than 1.5 million computers, 28,000 automated information systems, and 10,000 networks."
* * * * * * * * * * *
GAO noted that: (1) DOD relies on computer systems for some aspect of all of its operations, including strategic and tactical operations, sophisticated weaponry, intelligence, surveillance and security efforts, and routine business functions, such as financial management, personnel, logistics, and contract management; (2) failure to successfully address the year 2000 problem in time could severely degrade or disrupt any of DOD's mission-critical operations; (3) DOD has taken many positive actions to increase awareness, promote sharing of information, and encourage components to make year 2000 remediation efforts a high priority; (4) however, its progress in fixing systems has been slow; (5) in addition, DOD lacks key management and oversight controls to enforce good management practices, direct resources, and establish a complete picture of its progress in fixing systems; (6) as a result, DOD lacks complete and reliable information on systems, interfaces, other equipment needing repair, and the cost of its correction efforts; (7) it is spending limited resources fixing nonmission-critical systems even though most mission-critical systems have not been corrected; (8) it has also increased the risk that: (a) year 2000 errors will be propagated from one organization's systems to another's; (b) all systems and interfaces will not be thoroughly and carefully tested; and (c) components will not be prepared should their systems miss the year 2000 deadline or fail unexpectedly in operation; (9) each one of these problems seriously endangers DOD chances of successfully meeting the year 2000 deadline for mission-critical systems; and (10) together, they make failure of at least some mission-critical systems and the operations they support almost certain unless corrective actions are taken. . . .
Defense has taken many positive actions to increase awareness, promote sharing of information, and encourage components to make Year 2000 remediation efforts a high priority. However, its progress in fixing systems has been slow. For example, the department is still assessing systems even though it originally anticipated this would be done in June 1997. In addition, Defense lacks key management and oversight controls to enforce good management practices, direct resources, and establish a complete picture of its progress in fixing systems. For example:
-- There is no program office or full-time executive in charge of the departmentwide effort.
-- Information being reported to Defense by components does not provide a reliable indication of program status because it is not being validated for accuracy or completeness.
-- Defense has not issued adequate guidance to its components on key issues concerning status reporting, interfaces, and testing.
-- Defense has not determined, at the departmentwide level, which systems have the highest impact on its mission.
-- Defense is not ensuring that its components are preparing written interface agreements and contingency plans.
As a result, Defense lacks complete and reliable information on systems, interfaces, other equipment needing repair, and the cost of its correction efforts. It is spending limited resources fixing nonmission-critical systems even though most mission-critical systems have not been corrected. . . .
Most of Defense's automated information systems and weapon systems computers are vulnerable to the Year 2000 problem, which is rooted in the way dates are recorded, computed, and transmitted in automated information systems. . . .
In addition, any electronic device that contains a microprocessor or is dependent on a timing sequence may be also vulnerable to Year 2000 problems. This includes computer hardware, telecommunications equipment, building and base security systems, street lights at military installations, elevators, and medical equipment. For example, Defense components reported to ASDC3I in February 1998 that more than half of the over 730,000 personal computers they had checked had a Year 2000 problem.
For Defense, the Year 2000 effort is a significant management challenge because it relies heavily on computers to carry out aspects of all operations, and time for completing Year 2000 fixes is short. For example, the department is responsible for more than 1.5 million computers, 28,000 automated information systems, and 10,000 networks. Its information systems are linked by thousands of interfaces that exchange information within Defense and across organizational and international lines. Successful operation after January 1, 2000, requires that Defense's systems and all of the systems that they interface with be Year 2000 compliant. . . .
In February 1998, Defense reported to OMB that it had 2,915 mission-critical systems and 25,671 nonmission-critical systems. According to Defense, 1,886 mission-critical systems need to be repaired and about half of these are in the renovation phase and a third in the validation phase. In addition, Defense now reports that 15,786 nonmission-critical systems need to be repaired, an increase of over 6,500 systems from the number reported by components in November 1997. Like the mission-critical systems, about half of these nonmission-critical systems are reported to be in the renovation phase.