In-Depth

Countdown to Year 2000

• 02/01/1999

With Information Technology (IT) divisions around the globe nearing the end of the countdown to 2000 (or 1900 if they are not successful), many companies find themselves only mid-way into the conversion process. While some Fortune 1000 companies are close to completion, many small-to-mid sized companies are lagging behind due to budget constraints, lack of trained staff to aid in the conversion, or a belief that their systems are already compliant. The Year 2000 conversion process has five major components: Awareness, Assessment, Renovation, Validation and Implementation.

By some estimates, approximately 58 percent of major companies are still in the throes of the assessment phase - drafting their budget and developing a plan to ensure a compliant system. These efforts will have a significant impact on a company's overall financial and competitive position. Triaxsys Research L.L.C., tracks the largest corporations based on their annual revenues and studies their SEC files for the Y2K statements contained in the quarterly and annual reports. Triaxsys reported that as of July 1998 a mere 6 percent of the top 250 corporations have reached the testing phase.

Based on current estimates, many companies will complete their Y2K conversion projects very close to the final deadline, leaving little room for an all-important "check up" on their Validation phase. Once past the Assessment and Renovation phases, organizations should take an additional, but worthwhile step toward checking that renovated systems are truly Y2K-compliant.

Independent Verification and Validation (IV&V) and Intensive Testing is perhaps the most critical stage of the Y2K conversion project. A total of 45 to 60 percent of a company's total Y2K budget should be allocated for this phase, during which many unforeseen difficulties often surface, including incorrect coding changes or difficulties with electronic data interchange.

Accurate documentation of code changes during the Renovation phase will drastically speed IV&V and Intensive testing. Most remediation tools enable the programmer to include notes or comments in the lines of source code, noting precisely where changes were made and what the changes entailed as a form of audit trail. A validation tool allows testers to search the program quickly to find areas that were changed. Human errors in editing and logic inevitably play a role as source code is altered, and the audit trail leaves footprints that facilitate the IV&V process.

The techniques involved in a Y2K second look follow the same stages or phases as sequential software development methodologies. The analyst team follows a model that defines the problem and requirements, its specification, design and coding, followed by testing, operation and maintenance. The effort assumes that the system is not ready, and as in a regular testing procedure, sets out to determine where dates are present by scanning source code. The analyst team can re-interview subject matter experts to identify which programs or components are most critical, and re-evaluate risk assessment should particular programs or components have failed in early validation tests. With this intelligence, the analyst team prioritizes the review process, and initiates a four-phase testing procedure with each building for the next test phase.

• Unit Testing
- This includes scanning the source code as a whole for dates and double-checking each area where the documentation notes that changes were made and the use of various testing routines (Requirements, Regression, Date Aging, etc.) and test data libraries.
• Integration Testing
- The analyst team continues with the various testing routines and review of output from these tests to ensure integration of modules and applications is successful.
• System Testing
- Frequently, software applications are linked to other applications on the same system or with other distributed computer systems. The data shared must be checked to confirm that the interchange has functioned correctly. The review of testing output will check to see that data and parameters are passed correctly and if application timing has been disrupted across the system(s).

Organizations should adhere to a single methodology and tool set throughout the conversion project. Companies that outsource Y2K renovation, however, should consider a different tool for the second check. The additional expenditure may be a factor, however, the costs associated with a non-compliant system will far outweigh the cost of any preventative measure.

As businesses race closer to January 1, 1999, increasing attention should be paid to ensuring that business partners, vendors, distributors, suppliers, telcom, utilities and banking services are also Y2K-compliant. Special task forces will help organizations focus on the different links of each chain. Their first priority should be to establish a list of an organization's EDI interchanges and gain an understanding of the information data that is being exchanged. The task force must then investigate each point of failure identified as outside of company control for their Y2K conversion project status and progress to date.

Finally, the Year 2000 issue has called worldwide attention to our ultimate reliance on Information Technology. A long lasting benefit of the conversion process should be more advanced QA/QC procedures that will enhance overall business practices. In the long run, organizations that use Y2K as an opportunity to redefine and enhance these procedures will be well positioned to survive - and thrive - in the next millennium.