oversight

Year 2000 Computing Challenge: Federal Government Making Progress But Critical Issues Must Still Be Addressed to Minimize Disruptions

Published by the Government Accountability Office on 1999-04-14.

Below is a raw (and likely hideous) rendition of the original report. (PDF)

                          United States General Accounting Office

GAO                       Testimony
                          Before the Special Committee on the Year 2000 Technology
                          Problem, U.S. Senate




For Release on Delivery
Expected at
9:30 a.m.
                          YEAR 2000 COMPUTING
Wednesday,
April 14, 1999            CHALLENGE

                          Federal Government
                          Making Progress But
                          Critical Issues Must Still Be
                          Addressed to Minimize
                          Disruptions
                          Statement of Gene L. Dodaro
                          Assistant Comptroller General
                          Accounting and Information Management Division




GAO/T-AIMD-99-144
Mr. Chairman and Members of the Committee:

I am pleased to appear today to discuss efforts to address the Year 2000
computing challenge and to outline remaining actions needed to ensure a
smooth conversion to the next century. The federal government--with its
widespread dependence on large-scale, complex computer systems to
deliver vital public services and carry out its massive operations--faces a
large and difficult task. Unless adequately corrected, Year 2000 computing
problems could lead to serious disruptions in key federal operations,
ranging from national defense to benefits payments to air traffic
management.

Consequently, in February 1997, we designated the Year 2000 computing
problem as a high-risk area. Our purpose was to stimulate greater attention
to assessing the government's exposure to Year 2000 risks and to
strengthen planning for achieving Year 2000 compliance for mission-critical
systems. Since that time, to help agencies mitigate their Year 2000 risks, we
produced a series of Year 2000 guides on enterprise readiness, business
continuity and contingency planning, and testing.1 In addition, we have
issued over 90 reports and testimony statements detailing specific findings
and made dozens of recommendations related to the Year 2000 readiness of
the government as a whole and of a wide range of individual agencies.

My testimony today

• outlines the actions that the federal government has taken to improve its
  Year 2000 approach;
• summarizes the status of the federal government’s remediation of its
  mission-critical systems, with a particular focus on those that are not yet
  compliant;
• discusses the reported status of state-administered federal programs;
  and
• describes the main remaining challenges facing the government in
  ensuring the continuity of business operations, namely end-to-end
  testing and contingency planning.



1
 Year 2000 Computing Crisis: An Assessment Guide (GAO/AIMD-10.1.14, issued as an exposure draft in
February 1997 and in final form in September 1997), Year 2000 Computing Crisis: Business Continuity
and Contingency Planning (GAO/AIMD-10.1.19, issued as an exposure draft in March 1998 and in final
form in August 1998) and Year 2000 Computing Crisis: A Testing Guide (GAO/AIMD-10.1.21, issued as
an exposure draft in June 1998 and in final form in November 1998).




Page 1                                                                       GAO/T-AIMD-99-144
Actions Taken to     Since February 1997, action to address the Year 2000 threat has intensified.
                     In response to a growing recognition of the challenge and urging from
Increase Attention   congressional leaders and others, the administration strengthened the
                     government’s Year 2000 preparation. In February 1998, the President took
                     a major step in establishing the President's Council on Year 2000
                     Conversion. The President also (1) established the goal that no system
                     critical to the federal government's mission experience disruption because
                     of the Year 2000 problem and (2) charged agency heads with ensuring that
                     this issue receives the highest priority attention. Among the initiatives the
                     Chair of the Council has implemented in carrying out these responsibilities
                     are attending monthly meetings with senior managers of agencies that are
                     not making sufficient progress, establishing numerous working groups to
                     increase awareness of and gain cooperation in addressing the Year 2000
                     problem in various economic sectors, and emphasizing the importance of
                     federal/state data exchanges.

                     Many congressional committees have been extremely diligent in addressing
                     the Year 2000 challenge by holding agencies accountable for demonstrating
                     progress and by heightening public appreciation of the problem. Work
                     done by this Committee in holding over 10 hearings on important topics
                     such as the food sector, electric power, and financial services and issuing a
                     major report2 on the impact of the Year 2000 problem has fostered a greater
                     understanding of the problem and focused attention on actions needed.

                     The Office of Management and Budget (OMB), for its part, has taken more
                     aggressive action on Year 2000 matters over the past year and half and has
                     been responsive to our recommendations. For example, in its quarterly
                     report issued in December 1997, OMB accelerated its milestone for
                     agencies to complete the implementation phase from November 1999 to
                     March 1999. OMB also has tightened requirements on agency reporting of
                     Year 2000 progress. It now requires that beyond the original 24 major
                     departments and agencies that have been reporting, 9 additional agencies
                     (such as the Tennessee Valley Authority and the Postal Service) report
                     quarterly on their Year 2000 progress, and that additional information be
                     reported from all agencies. OMB also has clarified instructions for
                     agencies relative to preparing business continuity and contingency plans.




                     2
                       Investigating the Impact of the Year 2000 Problem (United States Senate, Special Committee on the
                     Year 2000 Technology Problem, February 24, 1999).




                     Page 2                                                                         GAO/T-AIMD-99-144
OMB also places each of the 24 major agencies into one of three tiers after
receiving its quarterly progress report, determined by OMB’s assessment of
the agency’s reported progress. Figure 1 shows OMB’s assessment of
agencies’ Year 2000 progress on the basis of their latest quarterly report
issued on March 18, 1999.




Page 3                                                    GAO/T-AIMD-99-144
Figure 1: OMB’s Assessment of Agencies’ Year 2000 Progress




  TIER 1:             Agencies Demonstrating Insufficient Evidence
                      of Progress

                      • HHS              • Transportation
                      • AID


  TIER 2:             Agencies Showing Evidence of Progress But
                      About Which OMB Has Concerns

                      • Agriculture      •   Labor
                      • Commerce         •   Treasury
                      • Defense          •   Justice
                      • Energy           •   State



  TIER 3:             Agencies Making Satisfactory Progress

                      •   HUD            •   NASA
                      •   Interior       •   NSF
                      •   VA             •   NRC
                      •   EPA            •   SBA
                      •   FEMA           •   SSA
                      •   Education      •   GSA
                      •   OPM




Source: Progress on Year 2000 Conversion, (OMB, data received February 12, 1999, issued on
March 18, 1999).


In April 1998, we recommended that the President’s Council on Year 2000
Conversion establish governmentwide priorities, based on such criteria as
the potential for adverse health and safety effects, adverse financial effects



Page 4                                                                    GAO/T-AIMD-99-144
                         on American citizens, detrimental effects on national security, and adverse
                         economic consequences. On March 26, 1999, OMB implemented our
                         recommendation by issuing a memorandum to federal agencies designating
                         lead agencies for the government’s 42 high-impact programs, including
                         those delivering critical benefits such as social security, food stamps, and
                         Medicare; ensuring adequate weather forecasting capabilities; and
                         providing federal electric power generation and delivery. The attachment
                         contains a list of these 42 high-impact programs and the lead agencies.

                         In the memorandum, the lead agency for each high-impact program was
                         charged with identifying the partners integral to program delivery; taking a
                         leadership role in convening those partners; assuring that each partner has
                         an adequate Year 2000 plan and, if not, helping each partner without one;
                         and developing a plan to ensure that the program will operate effectively.
                         According to OMB, such a plan might include testing data exchanges
                         across partners, developing complementary business continuity and
                         contingency plans, sharing key information on readiness with other
                         partners and the public, and taking other steps necessary to ensure that the
                         program will work. OMB directed the lead agencies to provide a schedule
                         and milestones of key activities in the plan by April 15. OMB also asked
                         agencies to provide monthly progress reports.



Reported Percentage      OMB’s most recent reports show improvement in addressing the Year 2000
                         problem. In particular, the federal government has reported significantly
of Compliant Federal     increased percentages of mission-critical systems that are Year 2000
Systems Increased, But   compliant (from 21 percent compliant in May 1997 to a reported 92 percent
                         on March 31, 1999). Many key tasks, however, remain to be completed to
Critical Issues Remain   ensure the continuity of critical services. End-to-end testing and business
                         continuity and contingency planning are not yet complete and, in some
                         cases, are in the beginning stages. Further, not all of the systems reported
                         as compliant have yet completed an independent verification and
                         validation process. For example, 57 Environmental Protection Agency
                         mission-critical systems and 3 Department of the Interior mission-critical
                         systems reported as compliant were still undergoing independent
                         verification and validation.

                         In some cases, independent verification and validation of compliant
                         systems have found serious problems. For example, as we testified in




                         Page 5                                                     GAO/T-AIMD-99-144
                           February 1999,3 none of the Health Care Financing Administration’s
                           (HCFA) 54 external mission-critical systems reported by the Department of
                           Health and Human Services as compliant as of December 31, 1998, were
                           Year 2000 ready, based on serious qualifications identified by the
                           independent verification and validation contractor.


Some Agencies Did Not      As table 1 shows, 11 major departments and agencies reported that some of
Meet Governmentwide Goal   their mission-critical systems did not meet OMB’s governmentwide March
                           31, 1999, implementation goal.



                           Table 1: Agencies Reporting That They Did Not Complete Implementation of Year
                           2000 Compliant Systems by the Government’s March 1999 Goal a

                                                                              Total mission-
                                                                                     critical         Number       Percentage
                           Agency                                                   systems         compliant       compliant
                           National Aeronautics and Space
                           Administration                                                  157              155             99%
                           Department of Commerce                                          473              462             98%
                           Department of Energy                                            420              408             97%
                           Department of Agriculture                                       350              335             96%
                           Department of Health and Human
                           Services                                                        287             262b             91%
                           Department of Justice                                           220              201             91%
                           Department of Treasury                                          322              293             91%
                           Department of Transportation                                    608              541             89%
                           Department of State                                              59               52             88%
                           Department of Defense                                          2038            1793              88%
                           U.S. Agency for International Development                          7                0                -
                           a
                            The Department of Energy’s data are as of April 8, 1999. The Departments of Agriculture, State, and
                           the Treasury data are as of April 7, 1999. The Department of Justice data are as of April 6, 1999. The
                           Department of Transportation data are as of April 5, 1999. The Departments of Commerce, Defense,
                           and Health and Human Services and the National Aeronautics and Space Administration and the U.S.
                           Agency for International Development data are as of March 31, 1999.
                           b
                            The Department of Health and Human Services reported 55 of HCFA’s 78 external mission-critical
                           systems as compliant. We testified in February (GAO/T-AIMD-99-89, February 24, 1999), that none of
                           HCFA’s 54 external mission-critical systems reported by the Department of Health and Human


                                                                                         (Table notes continued on next page)
                           3
                            Year 2000 Computing Crisis: Medicare and the Delivery of Health Services Are at Risk (GAO/T-AIMD-
                           99-89, February 24, 1999).




                           Page 6                                                                         GAO/T-AIMD-99-144
                            Services as compliant as of December 31, 1998, was Year 2000 ready, based on serious qualifications
                            identified by the independent verification and validation contractor.
                            Source: Agencies.




Many Mission-Critical       Many of the mission-critical systems that were not implemented by the
Systems That Missed March   March target date support critical business processes, and some are not
                            scheduled to be Year 2000 compliant for several months. For example, 120
Goal Support Critical
                            systems are scheduled to be Year 2000 compliant in July 1999 or later. Of
Business Processes          these 120 systems, 23 are not expected to be compliant until after
                            September 1999. For these systems, given the limited amount of time
                            available, agencies will be challenged to complete the remaining tasks and
                            respond to unexpected problems.

                            Table 2 shows the schedule for remediating currently noncompliant
                            mission-critical systems.



                            Table 2: Schedule for Implementing Noncompliant Mission-Critical Systemsa

                                                                            July-        October-
                                                        April-June     September        December         January
                            Agency                            1999          1999            1999            2000 Unknown
                            Department of
                            Agriculture                           7                6               2             0            0
                            Department of
                            Commerce                              9                2               0             0            0
                            Department of Defense               168              65               12             0            0
                            Department of Energy                  6                4               1             0           1b
                            Department of Health
                            and Human Services                    2                0               0             0         23c
                            Department of Justice                11                5               3             0            0
                            Department of State                   7                0               0             0            0
                            Department of the
                            Treasury                             16                9               2            2d            0
                            Department of
                            Transportation                       55                4               1             0           7e
                            National Aeronautics
                            and Space
                            Administration                        1                1               0             0            0
                            U.S. Agency for
                            International
                            Development                           6                1               0             0            0
                            Total                               288              97               21             2          31
                                                                                                    (Table notes on next page)


                            Page 7                                                                       GAO/T-AIMD-99-144
aThe  Department of Energy’s data are as of April 8, 1999. The Departments of Agriculture, State, and
the Treasury data are as of April 7, 1999. The Department of Justice data are as of April 6, 1999. The
Department of Transportation data are as of April 5, 1999. The Departments of Commerce, Defense,
and Health and Human Services and the National Aeronautics and Space Administration and the U.S.
Agency for International Development data are as of March 31, 1999.
b
    One noncompliant system was reported with an estimated completion date of March 1, 1999.
c
 According to the Department of Health and Human Services, HCFA was in the process of receiving
and reviewing certifications from their contractors and expected to know the actual status of these
systems by April 21, 1999.
dA    Department of the Treasury official stated that two systems will be retired in January 2000.
e
 The Department of Transportation reported five noncompliant systems with estimated completion
dates of March 1999 or earlier and did not provide the dates for two systems to be retired.
Source: Agencies.


Several of the noncompliant mission-critical systems summarized above
support the 42 high-impact federal programs designated by OMB. These
systems should be given particular attention by agency management, the
administration, and the Congress because of the potential serious
consequences of disruptions in critical services and operations. Examples
include the following.

Air Traffic Control System: The Federal Aviation Administration (FAA)
has identified 26 of its mission-critical systems as posing the greatest risk
to the National Airspace System–the network of equipment, facilities, and
information that supports U.S. aviation operations–should their Year 2000
repairs experience schedule delays or should the systems not be
operational on January 1, 2000. FAA ranked mission-critical air traffic
control systems based on their impact and criticality to the National
Airspace System, their overall functionality, and an evaluation of the risk
associated with solving the Year 2000 problem. Ten of FAA’s 52
noncompliant mission-critical systems are among the systems that meet
this criteria and, therefore, pose the greatest risk. Examples of the 10
systems include (1) the Automated Radar Terminal System IIIE, not
expected to be compliant until June 1, 1999, which provides critical radar
data processing to air traffic controllers in selected terminal radar
approach facilities, and (2) the Host environment, which consists of several
systems and is used to control air traffic at 20 en route centers, is not
expected to be compliant until June 30, 1999. Because of the risks
associated with FAA’s Year 2000 program, we have advocated that the




Page 8                                                                             GAO/T-AIMD-99-144
agency develop business continuity and contingency plans.4 FAA agreed
and has activities underway, which we are currently reviewing.

Medicare: HCFA relies on 78 external mission-critical systems operated
by contractors throughout the country to process Medicare claims. The
Department of Health and Human Services reported that 23 of these
external mission-critical systems were not deemed Year 2000 compliant as
of March 31, 1999. According to the department, it is in the process of
receiving and reviewing certifications from these external contractors and
expects to know the status of these systems by April 21, 1999. Reviews of
contractors reports of Year 2000 compliance have disclosed serious
problems in the past. We testified in February that none of HCFA’s 54
external mission-critical systems reported by the Department of Health and
Human Services as compliant as of December 31, 1998, was Year 2000
ready, based on serious qualifications identified by the independent
verification and validation contractor.5 Among the many recommendations
that we have made to HCFA in September 1998 is that it define the scope of
an end-to-end test of the claims process and develop plans and a schedule
for conducting such a test.6 HCFA agreed and we continue to review its
efforts in this area.

Maritime Search and Rescue: According to an official at the U.S. Coast
Guard, three mission-critical systems used in maritime search and rescue
missions did not meet the March 1999 implementation goal: (1) the
Command and Control Personal Computer, scheduled to be compliant in
September 1999, is used to map search areas, (2) the Digital Global
Positioning System, scheduled to be compliant in April 1999, provides
greater search location accuracy, and (3) voice recorders, due to be
compliant in May 1999, tape records conversations between rescue
response dispatchers and the party requiring assistance.

Indian Health Service: The Department of Health and Human Services
reported that the Indian Health Service’s Resource and Patient


4
 FAA Computer Systems: Limited Progress on Year 2000 Issue Increases Risk Dramatically (GAO/
AIMD-98-45, January 30, 1998), FAA Systems: Serious Challenges Remain in Resolving Year 2000 and
Computer Security Problems (GAO/T-AIMD-98-251, August 6, 1998), and GAO/T-AIMD/RCED-99-118,
March 15, 1999.

5GAO/T-AIMD-99-89,   February 24, 1999.

6
  Medicare Computer Systems: Year 2000 Challenges Put Benefits and Services in Jeopardy (GAO/
AIMD-98-284, September 28, 1998).




Page 9                                                                      GAO/T-AIMD-99-144
                       Management System is scheduled to be compliant by June 30, 1999. This
                       system provides clinical and administrative information in the service’s
                       health care facilities and supports health care planning and delivery,
                       management and research.

                       Defense: We testified in March that while Defense had recently made
                       progress by providing the controls and guidance needed to fix and test
                       systems, it was behind schedule.7 The following are three examples of
                       some of these systems. First, the Global Command and Control System
                       (GCCS) system is deployed at more than 600 sites worldwide and is
                       Defense's primary system for generating a common operating picture of the
                       battlefield for planning, executing, and managing military operations.
                       Completion of the component-level GCCS at some locations is currently
                       scheduled for as late as September 30, 1999. Second, the Defense Switch
                       Network (DSN), scheduled to be completed by September 30, 1999, is the
                       primary long-distance voice communications service for Defense. DSN
                       provides both dedicated and common-user voice communications services
                       at all priority levels for command and control and special command and
                       control users as well as routine service for administrative users throughout
                       the department. Finally, the Theater Battle Management Core Systems
                       (TBMCS) is being developed by the Air Force and is intended to replace
                       three Year 2000 noncompliant legacy systems. TBMCS is to be a primary
                       support tool used by theater commanders to provide information to the
                       warfighter and for peacetime and humanitarian operations. Because of
                       developmental problems that have resulted in schedule slippages, the Air
                       Force does not expect to fully implement TBMCS until September 30, 1999,
                       at the earliest. Schedule slippages have also caused Air Force to remediate
                       a legacy system, the Contingency Theater Automation Planning System--
                       scheduled to be completed in September 1999--in the event of further
                       delays to TBMCS.



Status of State-       About 25 percent of the federal government’s programs designated as high-
                       impact by OMB are state-administered, such as Food Stamps and
Administered Federal   Temporary Assistance for Needy Families. One federal system that did not
Human Services         make the March implementation target is critical to the implementation of
                       several of these programs. This system, the Department of Health and
Programs Not Clear     Human Service’s Payment Management System, processes billions of


                       7
                        Year 2000 Computing Crisis: Defense Has Made Progress, But Additional Controls Are Needed (GAO/
                       T-AIMD-99-101, March 2, 1999).




                       Page 10                                                                    GAO/T-AIMD-99-144
dollars in grant payments to states and other recipient organizations for
vital programs, such as Medicaid. As we testified in February 1999, the
planned replacement system has encountered problems since its inception
and, as a result, is still not operational.8 Consequently, the Department of
Health and Human Services decided to repair the existing system, which is
not expected to be compliant until June 30, 1999.

As we reported in November 1998, many systems that support state-
administered federal human services programs were at risk and much work
remained to ensure continued services.9 In February of this year, we
testified that while some progress had been achieved, many states’ systems
were not scheduled to become compliant until the last half of 1999.10
Accordingly, we concluded that, given these risks, business continuity and
contingency planning was even more important in ensuring continuity of
program operations and benefits in the event of systems failures.

In January 1999, OMB required that federal oversight agencies include the
status of selected state human services systems in their quarterly reports.
Specifically, OMB requested that the agencies describe actions to help
ensure that federally supported, state-run programs will be able to provide
services and benefits. OMB further asked that agencies report the date
when each state’s systems will be Year 2000 compliant. OMB’s latest
quarterly report, issued on March 18, 1999, summarized the information
obtained by the Departments of Agriculture, Health and Human Services,
and Labor on how many state-level organizations reported that they were
compliant or when in 1999 they planned to be compliant. According to
OMB’s report, for programs that had received responses from at least 80
percent of the state-level organizations, the percentage of states that
reported that a program was compliant ranged from 14 percent for
Medicaid Management Information Systems to 48 percent for the Women,
Infants, and Children program. According to the OMB report, for five
programs, the Department of Health and Human Services had not received
responses from 44 percent or more of the state-level organizations.



8
 Year 2000 Computing Crisis: Readiness Status of the Department of Health and Human Services (GAO/
T-AIMD-99-92, February 26, 1999).

9Year2000 Computing Crisis: Readiness of State Automated Systems to Support Federal Welfare
Programs (GAO/AIMD-99-28, November 6, 1998).

10
 Year 2000 Computing Crisis: Readiness of State Automated Systems That Support Federal Human
Services Programs (GAO/T-AIMD-99-91, February 24, 1999).




Page 11                                                                     GAO/T-AIMD-99-144
Remaining Tasks Vital     While it is important to achieve compliance for individual mission-critical
                          systems, realizing such compliance alone does not ensure that business
to Continuity of          functions will continue to operate through the change of century--the
Federal Operations        ultimate goal of Year 2000 efforts. Going forward, it is imperative that the
                          focus be on the government’s overall readiness to ensure continual services
                          for the 42 high-impact programs. This can be accomplished by focusing on
                          ensuring that related systems work together through end-to-end testing.
                          Moreover, coordinated business continuity and contingency plans need to
                          be developed and tested.


End-to-End Testing        The purpose of end-to-end testing is to verify that a defined set of
                          interrelated systems, which collectively support an organizational core
                          business area or function, will work as intended in an operational
                          environment. In the case of the year 2000, many systems in the end-to-end
                          chain will have been modified or replaced. As a result, the scope and
                          complexity of testing--and its importance--are dramatically increased, as is
                          the difficulty of isolating, identifying, and correcting problems. Our Year
                          2000 testing guide sets forth a structured approach to testing, including
                          end-to-end testing.11

                          In January 1999, we testified that with the time available for end-to-end
                          testing diminishing, OMB should consider, for the government’s most
                          critical functions, setting target dates for developing end-to-end test plans,
                          establishing test schedules, and completing the tests.12 This is even more
                          critical today. On March 31, OMB and the Chair of the President’s Council
                          on Year 2000 Conversion emphasized that one of the key priorities that
                          federal agencies will be pursuing during the rest of 1999 will be cooperative
                          end-to-end testing efforts to demonstrate the Year 2000 readiness of federal
                          programs with states and other partners critical to the administration of
                          those programs.


Business Continuity and   Business continuity and contingency plans are essential. Without such
Contingency Plans         plans, when unpredicted failures occur, agencies will not have well-defined
                          responses and may not have enough time to develop and test alternatives.


                          11GAO/AIMD-10.1.21,   November 1998.

                          12
                           Year 2000 Computing Crisis: Readiness Improving, But Much Work Remains to Avoid Major
                          Disruptions (GAO/T-AIMD-99-50, January 20, 1999).




                          Page 12                                                                  GAO/T-AIMD-99-144
Federal agencies depend on data provided by their business partners as
well as on services provided by the public infrastructure (e.g., power,
water, transportation, and voice and data telecommunications). One weak
link anywhere in the chain of critical dependencies can cause major
disruptions to business operations. Given these interdependencies, it is
imperative that contingency plans be developed for all critical core
business processes and supporting systems, regardless of whether these
systems are owned by the agency. Accordingly, in April 1998, we
recommended that the council require agencies to develop contingency
plans for all critical core business processes. 13

OMB has clarified its contingency plan instructions and, along with the
Chief Information Officers Council, has adopted our business continuity
and contingency planning guide.14 In particular, on January 26, 1999, OMB
called on federal agencies to identify and report on the high-level core
business functions that are to be addressed in their business continuity and
contingency plans, as well as to provide key milestones for development
and testing of business continuity and contingency plans, in their February
1999 quarterly reports. Accordingly, in their February 1999 reports, almost
all agencies listed their high-level core business functions.

Our review of the 24 major departments and agencies February 1999
quarterly reports found that business continuity and contingency planning
was generally reported as being underway. However, we also found cases
in which agencies (1) were in the early stages of business continuity and
contingency planning, (2) did not indicate when they planned to complete
and/or test their plan, or (3) did not intend to finish testing the plans until
after September 1999. In January 1999, we testified that OMB could
consider setting a target date, such as April 30, 1999, for the completion of
business continuity and contingency plans, and require agencies to report
on their progress against this milestone, so OMB had more complete
information on this critical issue.15 To provide assurance that agencies’
business continuity and contingency plans will work if they are needed, we
also suggested that OMB consider requiring agencies to test their business
continuity strategy and set a target date, such as September 30, 1999, for
the completion of this validation.


13
     GAO/AIMD-98-85, April 30, 1998.

14GAO/AIMD-10.1.19,     August 1998.

15
     GAO/T-AIMD-99-50, January 20, 1999.




Page 13                                                      GAO/T-AIMD-99-144
On March 31, OMB and the Chair of the President’s Council on Year 2000
Conversion announced that completing and testing business continuity and
contingency plans as insurance against disruptions to federal service
delivery and operations from Year 2000-related failures will be one of the
key priorities that federal agencies will be pursuing through the rest of
1999. OMB also announced that it planned to ask agencies to submit their
business continuity and contingency plans in June. In addition to this
action, we would encourage OMB to implement our previous suggestion
and establish a target date for the validation of these business continuity
and contingency plans.


In summary, progress has been made on the Year 2000 problem, yet a great
deal remains to be accomplished. In particular, complete and thorough
testing is essential to provide reasonable assurance that new or modified
systems process dates correctly and will not jeopardize an agency’s ability
to perform core business operations. Moreover, adequate business
continuity and contingency plans throughout government must be
successfully completed. Further, the federal government, states, and its
other partners must work diligently and cooperatively so that important
services are not disrupted.

Mr. Chairman, this concludes my statement. I will be pleased to respond to
any questions that you or other members of the Committee may have at this
time.




Page 14                                                   GAO/T-AIMD-99-144
Page 15   GAO/T-AIMD-99-144
Attachment

Listing of Federal High-Impact Programs and
Lead Agencies                                                                                                                  AppenIx
                                                                                                                                     di




Agency                                          Program
Department of Agriculture                       Child Nutrition Programs
Department of Agriculture                       Food Safety Inspection
Department of Agriculture                       Food Stamps
Department of Agriculture                       Special Supplemental Nutrition Program for Women, Infants, and Children
Department of Commerce                          Patent and trademark processing
Department of Commerce                          Weather Service
Department of Defense                           Military Hospitals
Department of Defense                           Military Retirement
Department of Education                         Student Aid
Department of Energy                            Federal electric power generation and delivery
Department of Health and Human Services         Child Care
Department of Health and Human Services         Child Support Enforcement
Department of Health and Human Services         Child Welfare
Department of Health and Human Services         Disease monitoring and the ability to issue warnings
Department of Health and Human Services         Indian Health Service
Department of Health and Human Services         Low Income Home Energy Assistance Program
Department of Health and Human Services         Medicaid
Department of Health and Human Services         Medicare
Department of Health and Human Services         Organ Transplants
Department of Health and Human Services         Temporary Assistance for Needy Families
Department of Housing and Urban Development     Housing loans (Government National Mortgage Association)
Department of Housing and Urban Development     Section 8 Rental Assistance
Department of Housing and Urban Development     Public Housing
Department of Housing and Urban Development     FHA Mortgage Insurance
Department of Housing and Urban Development     Community Development Block Grants
Department of the Interior                      Bureau of Indians Affairs programs
Department of Justice                           Federal Prisons
Department of Justice                           Immigration
Department of Labor                             Unemployment Insurance
Department of State                             Passport Applications and Processing
Department of Transportation                    Air Traffic Control system
Department of Transportation                    Maritime Search and Rescue
Department of the Treasury                      Cross-border Inspection Services
Department of Veterans Affairs                  Veterans’ Benefits
Department of Veterans Affairs                  Veterans’ Health Care
Federal Emergency Management Agency             Disaster relief
Office of Personnel Management                  Federal Employee Health Benefits
Office of Personnel Management                  Federal Employee Life Insurance
                                                                                                                     (continued)


                                          Page 16                                                            GAO/T-AIMD-99-144
                                 Attachment
                                 Listing of Federal High-Impact Programs and
                                 Lead Agencies




Agency                                 Program
Office of Personnel Management         Federal Employee Retirement Benefits
Railroad Retirement Board              Retired Rail Workers Benefits
Social Security Administration         Social Security Benefits
U.S. Postal Service                    Mail Service




(511751)                 Letrt   Page 17                                       GAO/T-AIMD-99-144
Ordering Information

The first copy of each GAO report and testimony is free.
Additional copies are $2 each. Orders should be sent to the
following address, accompanied by a check or money order made
out to the Superintendent of Documents, when necessary, VISA and
MasterCard credit cards are accepted, also.

Orders for 100 or more copies to be mailed to a single address are
discounted 25 percent.

Orders by mail:

U.S. General Accounting Office
P.O. Box 37050
Washington, DC 20013

or visit:

Room 1100
700 4th St. NW (corner of 4th and G Sts. NW)
U.S. General Accounting Office
Washington, DC

Orders may also be placed by calling (202) 512-6000
or by using fax number (202) 512-6061, or TDD (202) 512-2537.

Each day, GAO issues a list of newly available reports and
testimony. To receive facsimile copies of the daily list or any list
from the past 30 days, please call (202) 512-6000 using a touchtone
phone. A recorded menu will provide information on how to obtain
these lists.

For information on how to access GAO reports on the INTERNET,
send an e-mail message with “info” in the body to:

info@www.gao.gov

or visit GAO’s World Wide Web Home Page at:

http://www.gao.gov
United States                       Bulk Mail
General Accounting Office      Postage & Fees Paid
Washington, D.C. 20548-0001           GAO
                                 Permit No. GI00
Official Business
Penalty for Private Use $300

Address Correction Requested