Learning Center
Plans & pricing Sign in
Sign Out



									CPU House Report on Mr Andrew Kyte's Presentation on Tackling the Millennium Bug Together

Good afternoon, ladies and gentlemen. My name is Andrew Kyte, I am the Gartner Group Research Director for the Year 2000. The Gartner Group is the world‟s largest provider of research and advisory services on the information technology industry. We are a $500 million company. We have 700 analysts who are looking at the implications of the use of information technology and the future of information technology. We have approximately 9,000 customers world-wide. These are Fortune 1000, Times top 100 companies, multinationals and governments around the world. I tell you this in order to emphasise that I believe that we have the most effective research base for an analyst such as myself to understand what is happening in the world of information technology. I work exclusively on the problem of the year 2000, or as I frequently find myself saying: I used to have a life and then I started working on the Year 2000. I am going to take you through three key issues this afternoon. The first one is to make sure that we have a clear, concise definition of the nature of the problem. And what you will see is that I will explain that in fact we have a danger because there are actually two very distinct problems, with one label. Secondly, I am going to talk about measuring risk. Which industry sectors have which type of risk and where they are, and a method for assessing your progress towards the Year 2000 compliance. And thirdly, I am going to talk about possibly the most important aspect of the Year 2000 problem, certainly throughout 1998, which is the perception of your readiness and how the perception of your readiness will affect your profitability and the way in which your customers view you. Let‟s start with the first key issue. We have two distinct problems. They are very tenuously linked. We have a problem to do with information systems. The systems that you would think of as computer systems, typically with disks and databases, with terminals and keyboards - classic information systems. And there is another separate problem with embedded systems: the microprocessors that you find at the heart of factory control systems, transportation and utility management. Now, these problems are linked tenuously by the fact that in both cases there is a convention of using two digits for a date. Apart from that, the manifestations of the problem are different, the solutions that you will apply are different, the time scales when the problems will hit you are different. Let‟s be very clear about the Year 2000 problem. You do not have to wait for January 1st, 2000 to establish that this problem can really hurt you. Year 2000 problems have started already in many industries and it is certain that many systems will fail throughout 1999. Information systems, classic computer systems, will fail throughout 1999 because we use them to manage the future; they handle predicted

dates. So because we use them to handle the future they are using predicted dates, they are looking forward in time, and because they are looking forward in time they need to be able to process dates in the year 2000, some of them very soon. And if they have not been fixed, they will experience problems. Information systems have these problems throughout 1999. The further we get through 1999 the more problems there will be. Embedded systems, on the other hand - the microprocessors in factory controlled systems, in utilities, in telecommunications - these systems, where they have a Year 2000 problem have a problem in response to the real time event of midnight on 31 December 1999. Therefore they will not fail, in general, throughout 1998 or 1999. There will be no evidence of failure. However, when we reach 31 December 1999, those that can fail will fail at that point. So, when you talk about the Year 2000 problem, please be very clear which of the two problems you are trying to address, because the team of people that address the information systems problem are information technology specialists and the team of people who address the embedded systems problem must be the management team that is normally responsible for the asset integrity of those assets. If it is a building service that is going to fail, it is the building service management team that has to look after it. Information technology specialists know the square root of not very much about embedded systems. They are not in a good position to work on them. Let‟s look at where we find these systems. Information systems – classic computer systems - it is clear that at least 80% of all information systems suffer from Year 2000 problems. At least 80%. And it is a great fallacy to think that Year 2000 problems only affect mainframe computer systems. They affect mainframes and client-server systems and personal computers. On mainframe systems you will find many large administrative functions but it is especially true in this area, for instance, that many of you will say: but we don‟t have mainframes, we have just got client-server systems. Let‟s be very clear. The programming habits learnt on 20 years of mainframe programming were carried over into the client-server world. Many client-server systems still use two digits for a year. Many client-server systems have problems with the year 2000. You are not immune just because you have client-server. And then when we look at PC systems, let‟s also be very clear. You may have seen the reports of PCs failing with the so-called bios problem. This is the problem where on 31 December 1999, at midnight, if you switch your PC on after that point it may think that it is 4 January 1980. This is true for some PCs. It is almost totally irrelevant. The real problem in the PC world are user-developed applications and spreadsheets. The bios problem is a very, very minor problem. User-developed applications need to be looked at very carefully, especially in the financial services industry where you have brokers and traders using PCs to control quite complex financial transactions, including derivatives. Whereas most information systems are affected with Year 2000 problems, a small percentage of embedded systems are affected by Year 2000 problems. As we approach the century boundary there will be approximately 40 billion embedded systems devices in the world. Forty billion. Of these, we would expect less than 2% to exhibit any date processing anomalies. Less than 2% is a small percentage.

However, embedded systems are used in many safety-critical and environmentally-critical installations. The failure of one device out of several thousand on an oil-rig or in a petrochemical refinery can result in catastrophic loss of capital with danger to personal safety and danger to the environment. It is necessary to adopt a risk-base approach to the management of the embedded systems problem. You will find embedded systems in factory process controls, robotics, computer numerically controlled machines. They are also present in most defence systems, utilities and transportation. Telecommunications is a special case. The Gartner Group predicts that 98% of voice calls will be effectively connected through the century boundary. It is a very high rate of productivity. However, it is clear that there will be problems with billing and with bill reconciliation systems after the century boundary and that systems other than straightforward voice-call will experience a level of disruption. You may find that level of disruption acceptable, unless you happen to be the data network manager. When you have brokers in Hong Kong who want to trade New York Stock Exchange and you have to tell them that your data network is not able to do this for an hour or so – “Do you mind, chaps?” I think they do. It is also true to say that a lot of modern medical equipment has embedded microprocessors and a very small percentage of these devices have been found to experience problems processing the year 2000. It is therefore necessary for people involved in health care administration to put in place programmes of action to ensure that all risk is reduced. Just to repeat, we have two problems: embedded systems – nothing happens until 31 December 1999; information systems – start degrading very soon and degrade seriously throughout 1999. Two problems, one label. The Gartner Group assists its clients by providing a view of the future which is expressed in strategic planning assumptions. Two years ago we said we believe the cost of dealing with the information systems problem would be between $300$600 billion world-wide. And we are just about to republish these figures saying we still believe this to be the case. Now, in fact we actually believe that the total cost of fixing all systems would be considerably higher than $600 billion. However, there is not the capacity in the supply side of the industry to be able to deliver services to that value. Therefore, those services will remain undelivered. What does that mean? It means that many people will not get their systems fixed. So our second strategic planning assumption, published last year, says that at least 30% of enterprises world-wide will experience at least one failure in a mission critical system. And the question that you have to ask yourself is not just does this affect you, it is also does it affect your customers and your suppliers. The Year 2000 very clearly teaches us that no organisation is an island. We are all interrelated, we all depend on other people also doing the work. So how do you assess the risk? We now need to look at ways in which you can evaluate different industry sectors. I am going to use the device that was invented by Nick Negroponte. Nick Negroponte is a consultant with the Boston Consulting Group and a professor at the Massachusetts Institute of Technology. He has written many books but one of his most recent ones

is called „On Being Digital‟ and in this he talks about “Negroponte‟s Spectrum”. He talks about “atoms” businesses and “bits” businesses. “Atoms” businesses are not nuclear; he says these are the businesses of the industrial revolution: mining, petrochemical, agriculture, aggregates – things you can pick up and touch. And “bits” businesses are the businesses of the information revolution. The revolution that we are at the very infancy of right now. The information businesses are banking and financial services, and education, and entertainment, where there are no tangible assets other than the bits in a computer system. Now, “bits” businesses have high-risk from information systems failures. What is a bank without its computers? It is a collection of properties that you might be able to turn into reasonable coffee-shops. A bank needs its computer systems to work. So banks, insurance companies and other “bits” businesses have a high degree of risk in terms of their information systems but a moderately low risk with regard to embedded systems. Conversely, “atoms” businesses – mining, petrochemical, shipping, aggregates – where you are picking things up and moving them around and doing things to tangible objects have a high-risk from embedded systems failure and a comparatively low-risk from information systems failure. Of course the reality is that most businesses fit somewhere in-between. Manufacturing and retail, for instance, use “bits” to move “atoms”. In other words they have a dependence on information systems to know what to do but they also have a dependence on embedded systems in order to actually process the physical objects themselves. The key point I want to make here is that none of you can claim immunity to Year 2000 problems. There is no industry sector that can say, “We don‟t have a Year 2000 problem”. Such has been the thorough penetration of computer system technology into every walk of life in the last 30 years, every single industry sector is affected by Year 2000 problems. Some of them heavily information system, some of them heavily embedded system, but most people have a mixture of the two. You have to work on both sides of the problem and there is very little time left to do the necessary work. If that is the way of looking at how you assess your exposure to different types of risk, you need to be able to measure your risk to different types in terms of where you are against different types of risk. The Gartner Group introduced the COMPARE Scale as a simple mechanism for assessing where you are in regard to Year 2000 readiness. It is a five-layer scale. In fact, level 5 fully compliant, for most of our clients is a state that they aspire to at the end of the year 2000 or even into 2001. In other words, what they are concentrating on are their mission critical systems. In other words, they are aiming for what we call level 4 which is operational sustainability. Let us start at the bottom and say where do people start their Year 2000 progress. They start with what we call preliminary activity. This is where people go round saying, in small groups, probably in the IT Department, “I guess we ought to start thinking about the year 2000 sometime; I wonder when they are going to do something about the year 2000”. The reason they use “they” is because the year 2000 is a classic SEP. This is another three-letter acronym from the professor, so I will just explain this one. An „SEP‟ is „Somebody Else‟s Problem‟. And it is very

clear that in many organisations there is nobody who is going to be a hero by picking up the Year 2000 banner. So it tends to be left on the ground - until somebody gets told to pick it up. Many of the Year 2000 programme managers that I work with now, came back from holiday to find that they were a Year 2000 programme manager. A piece of advice: Don‟t go on leave. People spend months in this preliminary activity not really understanding the problem, with nobody really owning it. They then need to move rapidly to level 2 – problem determination. Our criteria for moving from level 1 to level 2 is that you must have a Year 2000 programme manager with authority and budget. If they only have budget without authority it is pointless. If they have authority and no budget it is equally pointless. And I will give you the acid test that we apply in the Gartner Group when we are assessing whether or not an organisation is applying due diligence. We ask the Year 2000 Programme Manager how many projects that are not Year 2000 projects have you postponed recently in order to free up the resources to work on Year 2000? Because it is very clear you can‟t do everything. You can‟t do all the work that you were doing before and then deal with this significant problem. People move to level 2 when they have got this programme manager – somebody who is going to seize the problem properly. And they tend to spend three or four months there doing a complete inventory of all of their systems. And a complete inventory is harder than you would believe. You have systems that you don‟t know about in the central IT Department. You have to go out and find all of these. You have to find the suppliers, you have to understand what the suppliers are doing about Year 2000 compliance. But then you can get into level 3 which is the „Plan Complete and Resources Committed‟. In other words you understand for every single one of your systems how you are going to prove that it is Year 2000 compliant if it is stated to be already, or you are going to be able to make it Year 2000 compliant if you have to undertake some action. So, level 1 is preliminary activity. Level 2 is scoping and inventory. And level 3 is when you have really got a plan and you have the resources and the budget committed to be able to execute it. Then all you have to do is deliver 20 or 30 significant IT projects in nine months or a year in order to be able to achieve level 4. And thankfully, you are all capable of delivering that many projects on time and in budget. So that is not a worry is it? Right. I will just make one further observation about this COMPARE Scale. We have done a lot of research with organisations in our client base, looking at what happens to people‟s view of the potential costs. One of the first questions that gets asked when you are at level 1 is - as you go and approach a senior manager and you say we really ought to do something about this - one of the first questions you will get is: Well, all right, how much is it all going to cost? Now this is a bit like being run-over by a bus, lying in the road and saying, “No, don‟t phone the ambulance yet, I want a bill first; I want to know how much it might cost me.” This is a survival project. What would the wrong answer be? “Oh, I‟m sorry, it is too expensive, we are not going to do it”. What we have found is that of course people have to come up with estimates when

they are at level 1. In other words they do not have an inventory of their systems, they do not know what they have got but they have to come up with an estimate. When they come up with an estimate, what do we find? When they get to level 3 and they have completed their inventory and their planning, their estimate will have increased five times. If you think you have a one million dollar problem now and you think you are at level 1, when you have actually got your plan of work you will have a five million dollar problem. We never – and I repeat never – see it going the other way. The problem is always larger than you think. Now I want you to remember these five layers here because we are now looking at some research that the Gartner Group undertook in January and February this year with 6,400 organisations world-wide. We performed this research in conjunction with a number of universities and business schools, looking at these 6,400 organisations – different industries, sizes, in different geographies. What you can see here is, at the top of the screen you will see the „COMPARE Levels – 1, 2, 3, 4 and 5‟. You will also notice there is a column for zero. That is the „what Year 2000 problem?‟ column. People who are still in total denial, who refuse to accept that there is an issue that they need to tackle. You will also note that the “bits” businesses – the information processing businesses – are well advanced in their progress. You will see that we have provided not a point on the scale but a wide bar. So the bar represents the lowest and highest responses received from that industry segment. So what we are saying is that generally speaking, you can expect a form of bell-curve of statistical distribution within that industry sector. Now it is particularly worrying that you have areas like construction, for instance, which have done nearly nothing about their Year 2000 requirements. Construction organisations are large logistics organisations; they have sophisticated IT systems for purchasing and for planning. All of these systems are highly date dependent. And you will see in your handout – you will be able to go through it at leisure – you will see that there are many areas where industries are fairly well behind the curve; they have a lot of work to do, they have not yet estimated the total size of the problem. The second graph from our survey shows a sample of – and I stress it is a sample of the geographic response state that we received. Now Hong Kong is not present on here because we did not separate out the Hong Kong figures when we published these results. But what I want to highlight to you is that generally speaking it is English-speaking North America – the USA and Canada that is to say – and then the developed English-speaking world through Australasia – Australia and New Zealand – and anglophone countries such as Holland and Scandinavia, the UK and Ireland, which have benefited from being able to share information sources with North American organisations. However, there are other parts of the world which are still pretty much in denial about the reality of the Year 2000 problem and I would just like to spend a moment examining some of these. If you go to the Middle East you will find people who say, “We don‟t have a Year 2000 problem because we are Arab nations and we use the Arab calendar, the Muslim calendar”. However, whilst it is true that on their cheques they would print the Muslim date and on screens they would see the Muslim

date, in the underlying technology they use the Gregorian calendar. In Japan, we get told the same story: “We don‟t have a problem, we don‟t use the Gregorian calendar”. But once again embedded systems world-wide all use the Gregorian calendar: year year – month month – day day. So there are parts of the world where people are in denial because they don‟t want to believe it is true because it is too big a problem. There are other places where people are saying we don‟t have the problem because it is an American problem. And believe me, that is a very persistent attitude. However, what is now happening is that US organisations who are spending a lot of money – and what do I mean by a lot of money? You need to look at the K10 filings; the K10 is a mandatory filing made on the Securities and Exchange Commission which is available for public view on a website, of major US organisations, and you will see that Citibank have stated in their K10 filing that the Year 2000 problem will cost them US$600 million – six hundred million dollars. You will see that other US banks are spending sums ranging from $250 million to $500 million. You will see large insurance companies with figures of $500 million. You will see General Motors with figures of $500 million, which they admit is an estimate and which they expect to need to increase. And these organisations that are spending this money are saying: “Hang on, we are very dependent on other people, on other countries; do we really want to trade with people who are not taking this problem seriously?” So industry status information and global status information, which is being provided by Gartner Group and by many other polling organisations world-wide, is influencing the thinking of supply chain management in large US organisations. It will become increasingly dangerous for countries to be perceived to be behind the curve with regard to Year 2000 readiness. So now we can move on to the problem of perception. Remember, the year 2000 has already started. Most organisations have experienced a small problem which they have managed to stop affecting their client base, which they have managed to stop affecting their service delivery capability, but they have very clear evidence that the year 2000 is a real problem. They can no longer be in denial about it. However, it is now not in the domain of information technology professionals because now the money-men are involved in this and you will see throughout 1998 significant moves being made in markets by merchant bankers and by organisations, based on their perception of risk. One of these areas which we will be seen most tellingly is in the mergers and acquisitions. In the 12 months to the end of March this year there were $800 billion worth of mergers and acquisitions in the North American and Western European market places. It has been the most frantic period. And what is clear is that there is no let-up in this. Now, merchant banks and those who advise on mergers and acquisitions are seeing significant trends. First of all they are seeing that buyers are able to use Year 2000 to achieve knockdown prices on companies because if the company they are going to buy has not started Year 2000 compliance work, they are able to use the lack of Year 2000 compliance to drive the price down in the acquisition. Mergers and acquisitions are going to be radically affected by the perception of the Year 2000 readiness of both parties.

In some cases, regulators may step in and the Federal Reserve Bank in the US has already said it will examine all banking mergers over the next 18 months to see whether there is any risk of the Year 2000 failure of one of the partners passing into the other partner. So mergers and acquisitions are going to be radically affected. If you are involved in M&As you need to make sure that due diligence is carried out for Year 2000 compliance. This is a money-man issue. It is not now a technical issue. But the next group of money-men who move into play are the institutional fund managers – people with a few billion dollars of pension funds to invest. These people are classic risk managers. They look at a broad portfolio, they spread their risk. They are now looking at their portfolio and attempting to assess the extent to which Year 2000 will cause loss in their portfolio. Therefore they are looking, in the way that fund managers do, at industry sector first, geography second and company third. And they are saying do we really want to be investing in companies where we think that there is a high risk that they could suffer damage or loss as a result of Year 2000 failures? Stock market movements will take place off the back of Year 2000 compliance perception. Company auditors are walking a very fine line. Company auditors have been reminded by regulatory authorities in the USA, in Great Britain and in Australasia that Year 2000 creates no special conditions, it is simply a material fact that directors should be taking account of. The auditors have to see whether or not the directors are. The fine tightrope that auditors walk is as follows. If they produce an audit report that says, “We don‟t think this company is doing what it should do for Year 2000”, the share price will get thumped. If they say, “We think this company is doing a good job” and the company experiences losses as a result of Year 2000 failures, the shareholders will sue the auditors. You can expect to see some very creative use of language in audit reports over the next 18 months as auditors try and steer their way through this. Insurance companies are trying to write exclusions. I say trying, because generally speaking what they are writing are what we call „Mercedes clauses‟. We call them „Mercedes clauses‟ because the lawyers will have to spend the money on something. When you write an exclusion clause into an insurance policy you are creating a reason for lawyers to spend weeks in the courts arguing as to whether or not the exclusion clause is valid and whether it applies in this case. However, it is very clear from all the work that we do that insurance companies and reinsurance companies are very, very afraid. We are also seeing companies changing suppliers. There is a risk, and it is a small risk but there is a risk, that we will see the development of a sort of fortress America approach in US organisations as they look at their supply chain and decide that they would rather be dealing with shorter supply chains with local companies in the US who are Year 2000 compliant. Now, not all organisations will do this but as we progress towards the year 2000, if they perceive their supply chains to be at risk they will actually take this action. We are seeing organisations changing their banks. None of them are saying they are doing this for Year 2000 reasons but it is clear that it is impossible that every bank in

the world will be safe because of banks‟ huge dependence on information technology systems. Banks will probably be safe in well-organised, well-regulated economies. And I would certainly class Hong Kong‟s economy as such an economy. You have strong banking regulation and I am sure that your regulator will pull-out all the stops and ensure that your financial services organisations have fully Year 2000 compliant systems. However, there are parts of the world which are not as well-regulated and where it is clear that there will be loss in banks, and businesses are changing their banks in anticipation of that. However, all of that is simply activity that can take place throughout 1998. Because in 1999, next year, what is clear is that the public will own the problem. Next year, unless you have taken the initiative – the businessmen and leaders of this community – have taken the initiative to reduce the public perception of the risk, there is a danger that through mis-reporting in the media and scare-stories, the public will take precipitous action. It is very important that you use the short amount of time that is available this year to try and make sure that you put in place programmes where you are able to fully assure the general public that their assets are safe and that they will not suffer loss as a result of the Year 2000. And there are countries in the world where it is not clear that governments will be able to do this; where the relationship of trust between the public and the government and regulators may have broken-down. There is an opportunity to do it – you need to seize that opportunity now. One of the things that is going to happen as a result of all of the failures that happen throughout 1999 that demonstrate very clearly that the Year 2000 problem is a genuine problem is that businesses will be scared come 31 December 1999. All our research suggests that many organisations, commercial enterprises, will effectively take their foot of the pedal, slow-down their economic cycle as they reach 31 December 1999. Many large publicly-quoted operations are saying, “We will close our factory for two days or four days around the century boundary because it is the most effective way of minimising the risk to which we are exposed.” Many financial services organisations have already looked at their boundary planning and decided that they will not operate major money-transfers on 31 December 1999. Let me just be clear about this. Every day, around the world between two and three trillion dollars, US, circulate the globe. That is a lot of money. It moves around in this area called cyberspace. You have all heard of cyberspace, you know that cyberspace is where the bank keeps your money. This transfer, the moving around of money between large financial services organisations, will not flow normally around the century boundary, not because the technical systems will not be in place but because people will simply not trust them to work. Put yourself in this position. You are in New York on 31 December 1999, it is 4 o‟clock in the afternoon, you are going to send $100 million to Hong Kong. It is 4 o‟clock in the morning on 1 January 2000. How lucky do you feel? Are you actually going to press that button? You are not going to do it. You are not even going to put yourself in the position of having to do it. The Year 2000 century boundary will see a slow-down of activity for a period of days around the century boundary as businesses take actions to minimise their risks. We will also see industries stockpiling. It is very clear that small enterprises who are

expected to supply large manufacturers - for instance auto-manufacturers who require just-in-time deliveries – the large auto-manufacturers wrote to their major suppliers 15 months ago, 18 months ago, in quarter one 1997, and they said, “We are treating Year 2000 seriously, we need lots of supplies to deliver components so a car can roll-off the production line. As one of our suppliers, we hope you are taking this problem seriously as well.” They wrote to them 18 months ago. Now they have narrowed their attention down to 300 or 400 critical suppliers and now they say, “The audit team arrives tomorrow”. They are actually going and seeing the company and testing their Year 2000 compliance status with an audit or review of their programme. Small organisations faced with this, knowing that even if they do all the work on their own systems - if they fix their enterprise resource planning system, their materials management system, their inventory handling – if they do all of that, they are still very vulnerable to infrastructure failures – to failures in electricity supply, in transport, in utilities of various types. They are looking at this and they are deciding that they need to build stockpiles of inventory and move that inventory close to their key customers. This costs money. And the money-men know this costs money. Many organisations are going to experience reduced profitability through 1999 as they build inventories to deal with the contingency of not being able to manufacture or distribute their goods to critical clients. They will also, of course, experience additional costs in the year 2000 as they consume this inventory and still bear all of their fixed production costs. It means that people can get hit even if they have done all the work. I need to spend a little bit of time talking about some of the potential social impacts of the Year 2000. I want to stress here the Gartner Group is not saying these things will happen. What we are saying is that these are potential issues that need to be addressed within Year 2000 programme. They need to be understood because they are being widely discussed in the general media, in television programmes, on internet sites and in the newspapers. It is clear there is a particular issue with a potential, in some cases, for civil unrest. It would be wrong to talk about the Year 2000 and to ignore this potential. It would be equally wrong to say that there is a high probability of this happening. Let‟s recognise the fact that unless firm action is taken now there is a risk that the public will lose confidence in the banking system and we could see liquidity problems. We could see some sectors of the population having fear that their money is not safe in banks and deciding that they want to put it under the mattress. This is not going to be particularly sane behaviour but nobody said that the general public en masse reacts logically. It will be necessary to control the messages that get sent out and to actually do the work in order to be able to assure the general public that their investments and savings are safe, that they are well-regulated and that the work will be done. That means firm action needs to be taken to ensure that the computer systems are ready for this. There is certainly a potential, in some instances, for government systems not to be ready in time. Government systems and public sector in general account for more than 20% of all information technology spread around the world. Governments have a significant problem in tackling the Year 2000 problem. They have large complex IT systems and significant programmes of work related to implementing legislative

changes which are extremely difficult to put aside. Governments therefore tend to have to implement all of their existing projects plus the Year 2000. It is hard. Some of them will not make it in time. They will experience problems in their systems. You can also expect to see the public, in some cases, stockpiling and buying material and you need to understand this is not necessarily a third-world issue, it can happen in the developed economies as well. There is certainly potential for infrastructure and environmental damage and obviously in some environments a temporary failure of the electricity supply is something that people can cope with, in other cases it can cause severe social problems. And there is also the case, in some environments, of public concern about the safety of environmentally-sensitive installations. And I stress it is the public concern about. If US senators start getting lots of letters from people saying we are worried about the safety of certain installations, they may force the regulators to take action, even though from an engineering perspective there is zero or very low risk. So public concern must be managed by presenting the public with accurate information and taking the problem seriously. There is certainly potential for heightened international tension, and security services around the world are looking at and evaluating their scenario responses to potential threats at and around the century boundary. And there is also significant interaction with „Fin de Siecle‟ reporting. What do I mean? I mean that in 1999 a lot of people are going to be talking about the end of the millennium. We know, classically speaking, it is not the end of the millennium but it won‟t stop people talking about it like that. There are many people, for instance Christian fundamentalists in the United States, who believe that the year 2000 represents the second-coming, it represents the end of the world. I have had people approaching me and saying, “Nostradamus predicts”. Now, you are not going to fall for this but the fact is, there will be people who together with all of this other reporting about the predictions, adding into that predictions about computer system failures, creates a heady soup which needs to be managed. The century boundary will be a fraught time. Let us just finally now look at what will happen at the century boundary. The first point I want to make on this slide is that 1 January 2000 is a Saturday, which I think is excellent planning. The second point is that you can expect the close of the stock market on 31 December 1999 to be an extremely frantic period of trading as people try and adjust their positions. You can expect the opening of the stock market on Monday, 3 January, to be an equally frantic time as people try and adjust their positions. In other words, you need to understand for your business sector what are the critical timings for you at around this period. You need a business plan to say: will we be operational; will we actually keep the offices open; will we deliver all of our services? As I say, many enterprises, where they have a choice, are deciding to shut down. You need an IT Operational Plan because IT managers, typically on a Friday night, would be faced with end of day, end of week, end of month, end of quarter, and end

of year processing. It is a very busy time, you need to know whether or not you can do it. You need a Resumption Plan to know how to get back together. And we are seeing a lot of activity being placed now in contingency planning and circumvention management and crisis management, as people try and work out how they will respond to failures that are outside of their control at this time. And you need a Resource Plan because, I have to tell you, that those of you in information technology are likely to be very busy that weekend. So bosses take note. Send out a memo today: “We would appreciate volunteers for working through this very busy period.” And you would all, of course, volunteer. The fact is that the information technology industry has created this problem and although it will actually be resolved by effective management, in all business departments the IT group must ensure that they do their bit. The IT professionals are responsible for the information technology systems and they must make sure that they are ready. Equally, I must emphasise, this is not an IT problem, it belongs in all business units and it is essential that the executive management team in every enterprise take the lead in explaining their Year 2000 status to all of their critical stakeholders. If we seize the opportunity now, if you really go back to your place of work and put in place a programme of activity to ensure that you identify all of your systems, you understand the risks and you put in place the management to be able to get through this period, you will get through it. Continuing to be in denial will cause you, your trading partners and the social environment in which you live to be at more risk. So please take the action. Thank you for your time and attention.


To top