Y2K World Status Update

Analyst’s Note: A portion of the statistical data points in this article come from self-assessment surveys provided by businesses, government organizations, trade associations and academic research consortia. This raw data is adjusted for self-reporting bias and is supplemented by analysts’ input including observed status, product information from the vendor community and the results of custom client research projects.

GartnerGroup’s fourth quarter 1998 world status update describes the Year 2000 compliance status of countries and industries throughout the world, as measured using GartnerGroup’s Compliance Progress and Readiness (COMPARE) scale.

This article helps prioritize IS risk management activities; however, this is just a starting point and is no substitute for detailed assessment of trading partners. Country status estimates include the status of all sizes of companies, plus government agencies, within each country.

COMPARE

COMPARE is used by companies and governments worldwide as a method of measurement and reporting. It consists of the following levels:

Level 0 – Year 2000 effort has not yet begun.

Level 1 – Awareness of the problem exists; year 2000 effort has begun; champion has been identified; IT and other business dependency inventory effort has begun.

Level 2 – Conduct detailed inventory of all IT systems and other business dependencies.

Level 3 – Detailed project plans and resources in place; conduct risk assessment for business dependencies; complete compliance efforts on 20 percent of mission-critical dependencies; complete mission-critical contingency plans.

Level 4 – Complete compliance efforts on remaining 80 percent of mission-critical dependencies and implement contingency plans.

Level 5 – Complete compliance of non-critical dependencies and implement policies to guard against post-Year 2000 failures.

General Status Summary

The companies and governments farthest ahead significantly increased the speed of compliance efforts, and further extended the gap between themselves and those farthest behind. The less-developed countries that are farthest behind have made little progress.

The U.S. government has extended its lead over other governments in Year 2000 compliance, and recently launched major policy, legislation and status-monitoring efforts from within the U.S. Senate. Messages in the world press have begun to change from "doom and gloom" to realistic and more optimistic views. This change is partly due to the availability of better information, since many companies now know whether they will be able to finish their compliance efforts, and they have had to more clearly define Year 2000 risks related to their business operations.

Progress Highlights. Since October 1998, several important changes have taken place. For example, the following entities have progressed by at least one full status phase: large companies in France, Mexico, Argentina, Thailand, Taiwan, Japan and Bermuda, as well as banks in Mexico and Hong Kong. Most large companies in industrially developed countries, U.S. federal government agencies, infrastructure utilities and banks have progressed, with banking overall holding the status lead over all other industries. Additionally, large pharmaceutical companies, the largest food-processing companies, discrete and electronics manufacturing companies, the largest chemical processing companies, airlines in developed countries, infrastructure utilities (power and telecommunications) in developed countries and the largest hospitals have all progressed by at least one full status phase.

In general, the highest amount of progress has been made by: countries with the highest gross domestic product (GDP); industries heavily focused on financial businesses; the companies and industries that are the most highly regulated and controlled; the largest companies; and infrastructure providers in developed countries.

Other key progress highlights include trends in spending. Enterprise year 2000 spending is changing rapidly, as 15 to 30 percent of IT budgets was spent on Year 2000 compliance in 1998, up from 5 percent in 1997; with a forecast of 20 to 40 percent to be spent on Year 2000 compliance in 1999. The biggest change in spending in large enterprises was in non-IT Year 2000 projects. Non-IT Year 2000 spending grew to a level equal to that of IT-related Year 2000 spending during 1998. A large portion of this non-IT spending was related to business risk management and contingency planning. Not surprisingly, "Ownership" of Year 2000 compliance shifted from IT management to business management in 38 percent of large companies, up from 5 percent one year ago.

Large companies in the countries farthest ahead have completed remediation of 50 percent to 100 percent of internal systems, and have tested 25 percent to 100 percent of these systems. Meanwhile the U.S. Department of Commerce reports that it has been quite successful in motivating progress in specific industries and countries by working through trade associations and industry-focused working groups. In fact, joint efforts by governments and private industry associations have shown the most positive results in effecting and motivating progress.

Limited Progress. Those farthest behind include the following:

  • Segments of the transportation industry (airports, ocean shipping, railroads, ports and distribution centers)
  • Healthcare (small hospitals, medical practices and elderly care facilities)
  • Agriculture (commercial farming, and agricultural shipping and distribution)
  • Construction (business operations, and financial and payroll systems)
  • Education (public and smaller universities)
  • Oil (extraction, refining and shipping)
  • Small to midsize retail companies
  • Government services in most countries (two-thirds of the world’s governments are still lagging the leaders by more than 12 months)
  • Local town governments
  • Regional utilities in lagging countries (power, natural gas and cable)
  • Countries in Africa, the Middle East, parts of South America, Central America and most of mainland Asia

Unfortunately, efforts to get less-developed countries and lagging industries moving more quickly have met with minimal success by international groups and associations.

According to the March 5, 1999, written testimony submitted to the U.S. Senate by the World Bank, its efforts so far have been met with only modest success. Although the World Bank has been successful in raising awareness in lagging countries, overall it has found it difficult to motivate significant world progress across all less-developed countries.

Several other witnesses testified that the United Nations’ efforts appear to be successful when it comes to the sharing of information and practices; however, it too has had only a modest success in motivating overall world progress.

The U.S. Commerce Department reports that it has been quite successful in motivating progress in specific industries and in some countries by working through trade associations and industry-focused working groups. While a combination of all of these efforts will likely motivate progress, we do not see a significant government push from within legislatures across the world’s governments on a scale similar to that of the U.S. Congress.

More country governments will need to take a much more active role in dealing with the Year 2000 problems within their countries and throughout the world. Joint efforts by governments and private industry associations have shown the most positive results in effecting and motivating progress. Since some system failures will occur throughout 1999, 2000 and 2001, it is important for companies and countries to continue compliance efforts throughout 2000 and beyond, even if they are lagging. They must also launch parallel contingency-planning efforts to reduce risks and avoid operational or business interruptions, during the periods when system failures are most likely and throughout the compliance process.

Fourth Quarter ’98

Large companies (those with more than 20,000 employees) typically lead all other companies within their respective industries and countries.

Several factors may be used to estimate how significant the impact will be to infrastructure, businesses, government, economy and dependencies of countries. To estimate the likelihood of higher numbers of systems and mission-critical failures, the percentage of GDP spending devoted to information and communication technology could be one indicator of additional dependency on technology and computing systems. However, this may not consistently and directly indicate the severity or duration of those failures.

Since we estimate that 10 percent of failures will last three days or longer, higher failure volumes should relate to an increased number of severe failures. Industries typically experience varying numbers of mission-critical failures per year (outside of the Year 2000 problem), and understanding these typical failure amounts per industry may provide another indicator related to overall impact and severity to a region.

There are two schools of thought concerning the impact of added failures in countries where high volumes of mission-critical failures are already common. Some maintain that Year 2000 failures in such countries will not cause much additional impact, because the businesses in these countries are used to dealing with regular interruptions. Others suggest that they may be close to a "breaking point" already, and further failures may cause serious impact in areas such as business, infrastructure, trade and government.

The distribution and severity estimates are a product of 1) current status, 2) the typical period of time required to make mission-critical systems compliant, and 3) the typical criticality and failure scenarios calculated for these infrastructure areas. The estimates do not take into account how some less-developed countries may experience an additional number of mission-critical failures (beyond the typical, everyday failures) with little additional impact on businesses and government because businesses in such countries may have already become more accustomed to a typically high number of infrastructure-related failures.

Bottom Line

Since Year 2000 system failures will become more common in the second half of 1999, little time remains to conduct risk assessments and develop contingency strategies. Enterprises that have not yet reached COMPARE Level 4 must begin to define and implement contingency plans immediately. Testing is an important part of compliance; however, with so little time remaining, contingency plans must be developed and implemented in areas where testing was not thorough enough, may not have been done at all, may have been overly rushed or was completed.

About the Author:

Lou Marcoccio is the Research Director at GartnerGroup and Year 2000 Analysts.

***

Mainframe Demand in 1999 -- User Lock-Down?

by Mike Chuba

As the countdown to the Year 2000 raises the threat of a freeze on data center activity in the latter part of 1999, the question remains: How will users acquire, manage and dispose of centralized, high-end server assets and know they have the best deal?

When hurricanes approach the eastern seaboard of the United States, extreme evacuation measures are often taken in anticipation of the "worst case" scenario. A similar situation is developing as we approach the Year 2000 deadline. An informal, anecdotal polling of GartnerGroup North American clients has indicated that many are formally planning a freeze on mainframe activity in the latter part of 1999 and extending into early 2000.

Mainframe capacity shipments, both new placements and upgrades, will experience a decline in second half 1999 in anticipation of preparation for the Year 2000, and this will negatively impact mainframe suppliers’ financial results in second half 1999 -- a 0.7 probability.

In fact, most users report that they will prohibit any changes in their mainframe environment after September 1999, until as late as March 2000, with a few indicating that the freeze could occur as early as June 1999. The reason: Clearing the decks for last-minute preparation and stabilization for Year 2000, followed by a period of as long as three months to clean up whatever mess is uncovered after the clock strikes midnight on January 1, 2000.

Mainframe installations have come a long way in the past 20 years, and few in the data center would view upgrades at this point as being major disruptions. However, these lock-downs are increasingly being driven by senior management, and not just data center management.

It should be noted that lock-downs are a normal occurrence. In any given year, many users operate with a lock-down period -- particularly between Thanksgiving and Christmas. This has not precluded large amounts of equipment being shipped in December, with some of that equipment not being put into production, or some not even being formally installed. However, what is different about 1999 is that the lock-down period may be longer.

Market Impact

What will be the market impact? In a typical calendar year, 65 percent of mainframe capacity is shipped in the second half of the year, with almost 40 percent of the capacity shipped in the last ten weeks of the year. Some users, anticipating continued transaction growth through the lock-down period, will opt to install excess capacity earlier in 1999 to carry them through the balance of the year. Some users are already negotiating lease extensions to make certain no equipment comes to term in their lock-down window.

Nevertheless, not all mainframe shipments will be front-loaded into 1999. Together with the impact of the Asian financial crisis, and a bottleneck in the pipeline of new applications caused by diversion of resources to test Year-2000 readiness, the mainframe industry could be in line for a devastating period of a dearth of incremental mainframe demand. However, the impact will not be as severe as that -- 0.8 probability. The launch of new products such as the Amdahl "900" series, the IBM "G6," the Hitachi "P9" and the Hitachi ACE follow-on could all be disrupted if the first customer shipments are not scheduled until fourth quarter 1999 or early 2000.

It may be that as the deadline approaches, users will have greater confidence in their readiness for Year 2000, and the "gloom and doom" scenario may dissipate, particularly if business conditions prevail. For example, some enterprises will not be able to maintain the freeze due to unforeseen events, such as competitors’ actions, macroeconomic situations, business changes (like mergers), or other non-IT-driven factors that impact requirements. Enterprises need a "shadow" or contingency plan should priorities suddenly shift. Ones that are well prepared for the Year 2000 may view late 1999 as a window of opportunity to gain competitive advantage over those less prepared in their industry.

While GartnerGroup has not performed a detailed survey on other data center equipment, we suspect that major new enterprise applications, such as a big data warehouse application, are not likely to be allowed to go live in 4Q99. Whether the lock-down extends to less-extensive changes (for example, adding an incremental server for Notes/Exchange) remains to be seen. A lock-down on DASD also seems to be an unknown quantity, even with firms well into the testing process. We expect there will be users that will extend the lock-down to DASD, which could impact storage vendors.

For organizations well-prepared for Year 2000, a lock-down may be unwarranted. However, management dictates must be adhered to. In today’s vendor-driven environment, where the focus is most intense on the current fiscal quarter, insufficient attention is being paid to a potential 1999 lock-down, and crisis alert will likely not occur until Wall Street awakens to the potential ramifications. Each organization should look at its ability to install all classes of equipment at the same time as the final crunch of Year 2000. Users that have not revisited their lease expiration dates in contracts should do so now; waiting to negotiate with lessors until the user is in a lock-down period will result in little negotiating leverage.

Plans to install capacity by June or September 1999 with a cushion should increasingly be a focus of negotiations with hardware vendors -- so as to not overpay for "premature" MIPS. Vendors that work with users to develop transitional plans and provide sound logic to dispel any market hysteria will reap the benefits.

About the Author:

Mike Chuba is Vice President and Research Director of the GartnerGroup.