NEW YORK CITY'S YEAR 2000 CHALLENGE

Thank you for the opportunity to appear before the Task Force on Technology in Government to present the views of the New York City Independent Budget Office (IBO) on City's computer challenge for the Year 2000. My testimony today will focus on our survey of how other entities are dealing with the date recognition problem - including the governments of other cities and states, federal agencies, a private financial services firm, as well as some of the covered agencies in the City (BOE, CUNY, HHC, and NYC Transit). Based on the survey, we'd like to identify what we believe to be important but less obvious planning considerations.

• In compiling the inventory during the assessment stage, it is important to be comprehensive and look beyond just applications software. Date compliance problems can arise in other forms of code and in hardware and non-computer durables that employ processing chips.
  • Securities Industry News surveyed information technology (IT) managers in the financial information industry and suggested including the following when surveying: (1) operating systems; (2) compilers; (3) communications equipment (e.g., PBXs); (4) networking hardware and software; (5) computer hardware like BIOS (basic input-output system) chips. We were told by some IT managers that many 486 PCs and even some early Pentium PCs utilize non-compliant BIOS (basic input-output software) chips. In general, PC-based code is a less obvious potential source of non-Year 2000 compliance.

  • The General Accounting Office (GAO), which is helping to support and audit the federal government's management of the Year 2000 problem, pointed to hardware compliance as a particularly important issue. Elevators in federal office buildings and even missiles in silos have computer chips that may have to be upgraded. The GAO has found that the cost of repairing this embedded software is as much as four times as expensive as repairing program code. Local examples might include traffic lights or elevators in City-owned buildings.

• All workload should be prioritized following risk assessment, especially if there is a possibility that not all repairs will be made in time to meet the deadline.
  • The NYS Governor's Task Force on Information Resource Management (Governor's Task Force) is preparing a risk assessment to identify the most critical systems, help set compliance deadlines, and evaluate the consequences of non-compliance. They believe this exercise will help them allocate limited resources more efficiently by focusing on mission critical functions.

• One dominant aspect of the scope of the Year 2000 problem is the need to ensure system compatibility between internal and external systems and programs and data from vendors and interaction with third party users. Virtually every organization we spoke to commented on this issue.
  • The financial services firm we contacted emphasized that it has worked closely with industry user groups to ensure effective communication. Further, the firm has requested vendor certification of product compliance in writing.

  • To avoid data corruption, the Social Security Administration, as well as all other federal agencies, are required to adopt expansion as their only means of repairing external interfaces.

  • New York City faces less complicated concerns related to this problem than the financial services industry, where firms regularly maintain on-line contact with external organizations. For the most part, the City's contact with external systems is largely limited to off-line data transfers.

• We found that the primary ways that Year 2000 compliance has been achieved is expansion of date fields or the application of "windowing" logic. Windowing is a change in programming logic to enable applications to properly interpret two-digit year fields. The choice between the two appears to be based not just on organizational needs but on differences of opinion on future technology needs.
  • The federal government's requirement that all agencies use field expansion is based on concerns about the need for system compatibility and the discretion available when windowing is applied.

  • The State of Nebraska is using field expansion because they want a permanent solution. Windowing repairs necessarily expire at some point in the coming century.

  • The financial services firm believes that expansion is too costly, potentially introduces new complexities and failure points, while windowing provides for an adequate period of working condition of 50 to 80 years, depending on the window that is set up.

  • The Governor's Task Force has yet to make a final decision on methodology. They, like the City, will have to consider compatibility issues for the programs that interact with federal agencies or any other outside entities.

• We found that testing is considered the most time-consuming step in the Year 2000 repair process because of the amount of intra- and inter-system coordination that is necessary to ensure data accuracy and compatibility.
  • The Governor's Task Force estimates that 45 percent of total project resources may be consumed by testing alone. Both the financial services firm and GAO suggested that the testing and debugging phase was more in the range of 50 percent and above for them. However, the issue of systems interface is less important for the City, which unlike the financial services sector, does not share data under real time conditions.

  • The financial services firm emphasized the need to include external parties during the testing phase to ensure compatibility and data integrity.

  • The Social Security Administration, the Board of Education, and CUNY plan to be testing by the end of 1998. The financial services industry as a whole also plans to begin testing by 1998 because of the tremendous level of inter-system communication.

• As the deadline for compliance approaches, and demand for programming services increases, it is believed that costs may rise significantly.
  • In our research, we found reports of labor costs increasing 30 percent in the past year alone, from $1.10 per line of code to $1.50 per line of code (LOC).

  • The Year 2000 project manager in the county of Milwaukee pointed out that they had signed longer-term contracts to ensure consistent and predictable labor costs.

  • In general, there was universal agreement among those surveyed concerning the need to procure vendor services as quickly as possible as a safeguard against rising labor costs. Efforts by the Task Force on Technology in Government, in conjunction with the Contract Committee, to facilitate the City's procurement process is thus helpful in this regard.

• Strategic use of scanning and scenario simulation tools can greatly reduce the amount of work needed for code conversion and testing.
  • According to a project manager at IBM, up to 95 percent of "date," "current date," and Julian date calculations can be identified, depending on the tool. Industry experts agree that up to 70-80 percent of the manual work associated with code conversion can be accomplished with automated tools.

COVERED AGENCIES

Year 2000 repairs will also cause the City to incur costs at covered agencies. We have also collected the following information.

Board of Education

• BOE has been continuously upgrading its computer systems over the past few years, reducing the number of non-compliant applications and lines of code that must be adjusted. Of the 150 applications that warrant repair, containing 15 million lines of code (LOC), the vast majority of date instances will be expanded. According to BOE's Year 2000 project manager, the organization believes in obtaining the most permanent solution available and is confident that full expansion can be accomplished by the deadline. BOE is currently in the midst of conducting its impact assessment, and expects to begin code conversion in October. The testing phase is planned for the first quarter of 1999. The Board has budgeted $5 million for the repair.

NYC Transit

• Transit began its Year 2000 compliance initiative in 1996, and also expects to finish by the deadline. Out of the 15,500 programs (18 million LOC) that need repair, about 9,500 programs (7 million LOC) will be replaced/retired, at a cost of $3 million, while the remaining 6,000 programs (11 million LOC) will be modified, at a cost of $5 million. The $0.42 cost to repair each line of code is low in comparison to industry standards due to a number of earlier upgrades to the central system, as well as extensive use of existing staff.

City University of New York

• CUNY reports that it is in good standing as well with regard to its Year 2000 project, which began three and a half years ago. The University has used the Year 2000 project as an opportunity to centralize several information systems. For example, instead of repairing the student information and financial accounting systems at each of the eighteen colleges, these systems have been or will be brought into a central system that has been made Year 2000 compliant. CUNY believes that this strategy has simplified the repairs greatly and allowed for improved efficiency. The fact that its computer systems operate largely in isolation from other systems allows CUNY to concentrate solely on code compliance without the added complexity of compatibility. The testing phase is planned for 1998. All work associated with code modification is being done by four full-time, in-house personnel.

Health and Hospitals Corporation

• HHC is also addressing its Year 2000 compliance needs. We are currently looking into its progress, and expect to complete an assessment in the next few weeks.

This concludes my testimony. I will be pleased to answer any questions you may have.