Countdown to 2000: Millennium Bug Risk Assessment and Management
AcArthur, Larry, Risk Management
Millennium Bug Risk Assessment and Management
At the dawn of the computer age nearly 50 years ago, a tragically flawed engineering decision was made by the founding fathers of computing. To save valuable memory space in date fields, they chose to represent the year with only two digits-thus "1952" would be recorded in the computer as "52." As we approach the year 2000, computer programs that still follow this convention will see "00" and will struggle to discern whether it is 1900 or 2000. This seemingly trivial problem, known categorically as the year 2000 problem or the millennium bug, will by most estimates cost more than $600 billion worldwide to fix, and the effects from improper date calculations are likely to generate several hundred billion dollars in litigation.
Many firms are now engaged in urgent efforts to correct their software so it accepts four-digit year information correctly. In addition to correcting problems in programs written in now-obsolete languages (which may include undocumented features), a number of companies are hampering their efforts by failing to align their conversion efforts with their business priorities. By devoting precious time to functions that may not be mission-critical, these firms may actually be increasing their risks of date-compliance problems and business interruptions as the next century dawns.
First Things First
A crucial beginning step in a year 2000 date conversion effort is identifying the computer dependencies associated with the enterprise's most important functions or products. This can be accomplished by creating a software-based highlevel enterprise view known in systems engineering terms as a dependency model. Such an object-oriented dependency model is a powerful tool that allows a company to understand how components of its computer systems support specific business processes that facilitate the manufacture, sales and service of its products and customer support. In addition to demonstrating existing relationships, an enterprise dependency model can also be used to simulate the effects of various change scenarios, such as a plan to fix the enterprise's year 2000 problems.
This crucial step can be overlooked when companies attempt to determine the risks associated with their year 2000 conversion efforts. Many firms prepare good technical plans but often do not address enterprise-level dependency information or priorities. In addition, they may not account for dependencies on suppliers, customers, distribution partners, regulators and other important relationships.
For example, consider an automotive manufacturer that has placed a high priority on maintaining production of its trucks, large cars and minivans, and has identified the ability to access the company's regulatory reports and warranty database as highly important. …