<DOC>
[106th Congress House Hearings]
[From the U.S. Government Printing Office via GPO Access]
[DOCID: f:60954.wais]
THE YEAR 2000 COMPUTER PROBLEM: LESSONS LEARNED FROM STATE AND LOCAL
EXPERIENCES
=======================================================================
HEARINGS
before the
SUBCOMMITTEE ON GOVERNMENT MANAGEMENT,
INFORMATION, AND TECHNOLOGY
of the
COMMITTEE ON GOVERNMENT REFORM
HOUSE OF REPRESENTATIVES
ONE HUNDRED SIXTH CONGRESS
FIRST SESSION
__________
AUGUST 13, 14, AND 17, 1999
__________
Serial No. 106-48
__________
Printed for the use of the Committee on Government Reform
U.S. GOVERNMENT PRINTING OFFICE
60-954 WASHINGTON : 1999
Available via the World Wide Web: http://www.house.gov/reform
______
COMMITTEE ON GOVERNMENT REFORM
DAN BURTON, Indiana, Chairman
BENJAMIN A. GILMAN, New York HENRY A. WAXMAN, California
CONSTANCE A. MORELLA, Maryland TOM LANTOS, California
CHRISTOPHER SHAYS, Connecticut ROBERT E. WISE, Jr., West Virginia
ILEANA ROS-LEHTINEN, Florida MAJOR R. OWENS, New York
JOHN M. McHUGH, New York EDOLPHUS TOWNS, New York
STEPHEN HORN, California PAUL E. KANJORSKI, Pennsylvania
JOHN L. MICA, Florida PATSY T. MINK, Hawaii
THOMAS M. DAVIS, Virginia CAROLYN B. MALONEY, New York
DAVID M. McINTOSH, Indiana ELEANOR HOLMES NORTON, Washington,
MARK E. SOUDER, Indiana DC
JOE SCARBOROUGH, Florida CHAKA FATTAH, Pennsylvania
STEVEN C. LaTOURETTE, Ohio ELIJAH E. CUMMINGS, Maryland
MARSHALL ``MARK'' SANFORD, South DENNIS J. KUCINICH, Ohio
Carolina ROD R. BLAGOJEVICH, Illinois
BOB BARR, Georgia DANNY K. DAVIS, Illinois
DAN MILLER, Florida JOHN F. TIERNEY, Massachusetts
ASA HUTCHINSON, Arkansas JIM TURNER, Texas
LEE TERRY, Nebraska THOMAS H. ALLEN, Maine
JUDY BIGGERT, Illinois HAROLD E. FORD, Jr., Tennessee
GREG WALDEN, Oregon JANICE D. SCHAKOWSKY, Illinois
DOUG OSE, California ------
PAUL RYAN, Wisconsin BERNARD SANDERS, Vermont
HELEN CHENOWETH, Idaho (Independent)
DAVID VITTER, Louisiana
Kevin Binger, Staff Director
Daniel R. Moll, Deputy Staff Director
David A. Kass, Deputy Counsel and Parliamentarian
Carla J. Martin, Chief Clerk
Phil Schiliro, Minority Staff Director
------
Subcommittee on Government Management, Information, and Technology
STEPHEN HORN, California, Chairman
JUDY BIGGERT, Illinois JIM TURNER, Texas
THOMAS M. DAVIS, Virginia PAUL E. KANJORSKI, Pennsylvania
GREG WALDEN, Oregon MAJOR R. OWENS, New York
DOUG OSE, California PATSY T. MINK, Hawaii
PAUL RYAN, Wisconsin CAROLYN B. MALONEY, New York
Ex Officio
DAN BURTON, Indiana HENRY A. WAXMAN, California
J. Russell George, Staff Director and Chief Counsel
Bonnie Heald, Professional Staff Member
Grant Newman, Clerk
C O N T E N T S
----------
Page
Hearing held on:
August 13, 1999.............................................. 1
August 14, 1999.............................................. 187
August 17, 1999.............................................. 443
Statement of:
Aikens, Willie, Director, companywide process and strategy,
the Boeing Co.; Don Jones, director of year 2000 readiness,
Microsoft Corp.; Joan Enticknap, executive vice president,
Seafirst Bank; William Jordan, deputy superintendent of
public instruction, State of Washington; and Rich Bergeon,
consultant, Nuevue International, LLC, Audit 2000.......... 589
Cortez, Elias, director, Department of Information
Technology, State of California; Joel Willemssen, Director,
Civil Agencies Information Systems, U.S. General Accounting
Office; Doug Cordiner, principal auditor, Bureau of State
Audits, California State Auditor's Office; Joan Smith,
supervisor, Siskiyou County, on behalf of the Regional
Council of Rural Counties; and Cathy Capriola,
administrative services director, city of Citrus Heights... 12
Hall, Garth, manager of project 2000, Pacific Gas & Electric
Co.; Karen Lopez, division manager, administrative
services, Silicon Valley Power; Frances E. Winslow,
director, Office of Emergency Services, city of San Jose;
William Lansdowne, chief of police, city of San Jose; and
John McMillan, deputy fire chief, city of San Jose......... 353
Hall, Garth, manager of Y2000 project, Pacific Gas and
Electric Corp.; Tom Latino, public safety director, Pacific
Bell, appearing for Mike Petricca; Roy Le Naeve, senior
project manager, Y2K readiness program, Sacramento
Municipal Utility District; Steve Ferguson, chief of
information technology, county of Sacramento, accompanied
by Carol Hopwood, emergency management, county of
Sacramento................................................. 116
O'Rourke, Joe, chief information officer, Bonneville Power
Administration; Jerry Walls, project manager, embedded
systems, Puget Sound Energy; James Ritch, deputy
superintendent, finance and administration, Seattle City
Light; Marilyn Hoggarth, Washington State public affairs
manager, General Telephone Co.; Dave Hilmoe, division
director, Water Quality and Supply, Seattle Public
Utilities; and Brad Cummings, Y2K program manager,
University of Washington Academic Medical Centers.......... 542
Tschogl, Kathleen, manager, governmental and regulatory
affairs, Raley's Supermarkets; Alan Rabkin, general
counsel, senior vice president, Sierra West Bank, on behalf
of the California Bankers Association; Guy Koppel, chief
information officer, U.C. Davis Medical Center; and Holly
Delaney, year 2000 program, Mercy Healthcare Sacramento.... 169
Whitworth, Brad, Y2K marketing and communications manager,
Hewlett Packard Co.; Pat Cavaney, year 2000 program
manager, customer service and support group, Hewlett
Packard Co.; Richard Hall, director, california
governmental affairs, year 2000 program manager, Intel
Corp.; Tom Latino, product manager, Pacific Bell; and Ralph
Tonseth, director of aviation, San Jose International
Airport.................................................... 301
Willemssen, Joel C., Director, Civil Agencies Information
Systems, General Accounting Office; Chris Hedrick,
director, Washington State Year 2000 Office; Clif Burwell,
Y2K program manager, King County, WA; Marty Chakoian,
project manager, city of Seattle Year 2000 Office; and
Barbara Graff, emergency preparedness manager, city of
Bellevue, WA............................................... 451
Willemssen, Joel, Director, Civil Agencies Information
Systems, U.S. General Accounting Office; Mark Burton, Y2K
project manager, city of San Jose; Dana Drysdale, vice
president, information systems, San Jose Water Co.; Ronald
E. Garratt, assistant city manager, city of Santa Clara;
and Christiane Hayashi, year 2000 communications manager,
city of San Francisco...................................... 192
Letters, statements, etc., submitted for the record by:
Aikens, Willie, Director, companywide process and strategy,
the Boeing Co., prepared statement of...................... 592
Bergeon, Rich, consultant, Nuevue International, LLC, Audit
2000, prepared statement of................................ 618
Burton, Mark, Y2K project manager, city of San Jose, prepared
statement of............................................... 236
Burwell, Clif, Y2K program manager, King County, WA, prepared
statement of............................................... 503
Capriola, Cathy, administrative services director, city of
Citrus Heights, prepared statement of...................... 79
Chakoian, Marty, project manager, city of Seattle Year 2000
Office, prepared statement of.............................. 518
Cordiner, Doug, principal auditor, Bureau of State Audits,
California State Auditor's Office, prepared statement of... 64
Cortez, Elias, director, Department of Information
Technology, State of California, prepared statement of..... 15
Drysdale, Dana, vice president, information systems, San Jose
Water Co., prepared statement of........................... 241
Enticknap, Joan, executive vice president, Seafirst Bank,
prepared statement of...................................... 599
Ferguson, Steve, chief of information technology, county of
Sacramento, and Carol Hopwood, emergency management, county
of Sacramento, prepared statement of....................... 155
Garratt, Ronald E., assistant city manager, city of Santa
Clara, prepared statement of............................... 246
Graff, Barbara, emergency preparedness manager, city of
Bellevue, WA, prepared statement of........................ 526
Hall, Garth, manager of Y2000 project, Pacific Gas and
Electric Corp., prepared statements of.................. 118, 355
Hall, Richard, director, california governmental affairs,
year 2000 program manager, Intel Corp., prepared statement
of......................................................... 336
Hayashi, Christiane, year 2000 communications manager, city
of San Francisco, prepared statement of.................... 260
Hedrick, Chris, director, Washington State Year 2000 Office,
prepared statement of...................................... 498
Hilmoe, Dave division director, Water Quality and Supply,
Seattle Public Utilities, prepared statement of............ 578
Hoggarth, Marilyn, Washington State public affairs manager,
General Telephone Co., prepared statement of............... 571
Horn, Hon. Stephen, a Representative in Congress from the
State of California:
Merced County document................................... 87
Prepared statements of............................. 5, 190, 447
Jordan, William, deputy superintendent of public instruction,
State of Washington:
Information concerning Y2K readiness..................... 606
Prepared statement of.................................... 611
Lansdowne, William, chief of police, city of San Jose,
prepared statement of...................................... 428
Le Naeve, Roy, senior project manager, Y2K readiness program,
Sacramento Municipal Utility District, prepared statement
of......................................................... 149
Lopez, Karen, division manager, administrative services,
Silicon Valley Power, prepared statement of................ 364
McMillan, John, deputy fire chief, city of San Jose, prepared
statement of............................................... 433
O'Rourke, Joe, chief information officer, Bonneville Power
Administration, prepared statement of...................... 545
Ose, Hon. Doug, a Representative in Congress from the State
of California, prepared statement of....................... 9
Petricca, Mike, Pacific Bell, prepared statement of.......... 145
Ritch, James, deputy superintendent, finance and
administration, Seattle City Light, prepared statement of.. 561
Smith, Joan, supervisor, Siskiyou County, on behalf of the
Regional Council of Rural Counties, prepared statement of.. 73
Tonseth, Ralph, director of aviation, San Jose International
Airport, prepared statement of............................. 346
Tschogl, Kathleen, manager, governmental and regulatory
affairs, Raley's Supermarkets, prepared statement of....... 171
Walls, Jerry, project manager, embedded systems, Puget Sound
Energy, prepared statement of.............................. 556
Whitworth, Brad, Y2K marketing and communications manager,
Hewlett Packard Co.:
Information concerning Hewlett Packard's program......... 321
Prepared statement of.................................... 304
Willemssen, Joel, Director, Civil Agencies Information
Systems, U.S. General Accounting Office, prepared
statements of....................................... 22, 194, 453
Winslow, Frances E., director, Office of Emergency Services,
city of San Jose, prepared statement of.................... 420
THE YEAR 2000 COMPUTER PROBLEM: LESSONS LEARNED FROM STATE AND LOCAL
EXPERIENCES
----------
FRIDAY, AUGUST 13, 1999
House of Representatives,
Subcommittee on Government Management, Information,
and Technology,
Committee of Government Reform,
Sacramento, CA.
The subcommittee met, pursuant to notice, at 9 a.m., in the
Sacramento Board of Supervisors Chambers, room 1450, 700 H
Street, Sacramento, CA, Hon. Steve Horn (chairman of the
subcommittee) presiding.
Present: Representatives Horn and Ose.
Staff present: J. Russell George, staff director and chief
counsel; Bonnie Heald, director of communications and
professional staff member; and Grant Newman, clerk.
Mr. Horn. I'm Steve Horn, the chairman of the House
Subcommittee on Government Management, Information, and
Technology. The presiding officer today will be Mr. Ose, who is
a valued member of this committee and represents part of this
area as we go north, I guess, from Sacramento a little bit and
various other areas. And I'm just going to make an opening
statement and then he's going to preside. And I will have the
opportunity to ask some questions. He will, too. And we have an
excellent panel today which should give a real good feel for
where we are in government, at least in California and with
some of the private utilities and others.
The hearing is in order as a quorum is present, and I, of
course, thank Mr. Ose and the staff for all they've done to
make this a very pleasant visit in my home State of California.
I represent the area from Long Beach, CA, and I grew up in
northern California where I still have a ranch at San Juan
Batista. So when I got off the plane a few years ago when I was
university president, a lady came up to me and I don't know how
she ever knew I ever had anything to do with anything, and she
said, ``You're stealing our water.''
So I understand northern California, the views. It's tough
to get water; and believe me, when you have a ranch, it's even
tougher.
The year 2000 computer problem, which is the subject of
today's hearing, affects nearly every aspect of operations in
the government and the private sector and, therefore, impacts
all of us.
From Social Security and Medicare to telephone service and
electric power, the year 2000 computer bug is the largest
management and technology change and challenge that we as a
community and as a Nation have confronted. No single
organization, city or State, can solve the problem alone, nor
can they guarantee their computers will work until the
organizations and agencies that exchange data with them are
also compliant.
Almost all of the agencies now report their critical
computer systems have been renovated. These are the computer
systems that must continue functioning in order for Federal
agencies to provide their services. That is only part of the
complex job that lies ahead. The agency must now complete
systemwide testing to ensure that these are renovated and new
computers are compatible with other computer systems. As most
computer students know, when you tinker with one area of a
computer system, you can create unexpected problems in another
area.
The problem was created in the mid-1960's when many of you
know, at least my age, you had computers which filled a room of
this size, and they had very little memory. The laptop you get
now has as much memory as that whole room of computers. And
somebody said, ``Hey, why are we punching in a four-digit
year?'' Instead of 1967, let's just say 67 and knock the 19
off. And, that gained them some memory. I was running the
university then, and I'm well aware of the really difficult
time we had to get enough memory. And of course, they knew even
then that in the year 2000 it would be 00, not 2000, and that
would confuse the computer to get either 1900 or 2000, and they
wouldn't know what to do. It would just be simply 00.
So some attention was given to this early on in the 1980's,
and we had one department where a very able programmer told all
of the brass, ``Hey, we've got to start work on this. This is
1987.'' They never did a thing. They are still getting If's,
once we got into this in 1996. It's been very slow.
That's the Department of Transportation and obviously FAA
is the key aspect there. They're moving ahead. They've got an
excellent Administrator that's picked up the pieces that hadn't
been picked up in years. And the other group that had done it
on its own was the Social Security Administration. They knew we
looked ahead to 1989 that we've got to deal with it because
we've got 50 million different customers here for one program
and 43 for another one. And they did it all on their own. There
was no precedential guidance in budget and management and they
just did it.
And, therefore, they've been the first to really be 100
percent compliant, and we shouldn't have any problems on that
front. And 3 years ago we started our first hearing, which was
roughly April 1996. And we've held about 30 hearings and issued
about eight report cards monitoring the status of the executive
branch of the Federal Government.
We wrote the President in 1997. We said, ``You've got to
appoint somebody to coordinate this full-time within the
executive branch.'' He acted on that. That was 1997; he acted
on it in 1998. And, in effect, Mr. Koskinen took office in
April 1998. He's done a very fine job. He's pulled a lot of
people together. They are also working with the industrial
sector and various panels and so forth. So all of that has been
helpful.
At our first hearing we asked the Gardner Group, ``How much
you think it's going to cost the Federal Government and
nation?'' They said, ``Well, it's $600 billion worldwide
problem. We're half the computers in the world, so it will be
about $300 billion. That's the private sector and State and
local government.'' And I said, ``How much for the Federal
Government?'' They said, ``It's going to cost about $30
billion.''
As I got into this more and more, I thought that was a
little high and knew more likely it would be $10 billion. We're
now at the $9 billion mark with the Federal Government through
September 30th. We might well use another billion in the last
closing panic bit, if there is any of getting the right people
in the right place at the right time. It might hit $10 billion.
But basically they've done it with that amount of $9 billion,
and we're going to have our opening witness with a very fine
representative of the General Accounting Office who has kept
tabs on the executive branch in their role as the watchdog
programmatically and financially on behalf of the legislative
branch.
So in addition to programs such as Social Security,
Medicare and the Nation's air traffic control system, 10 of
these federally funded programs are operated by the State.
These programs which depend on State and county computers, as
well as the Federal systems, include Medicaid, food stamps,
unemployment insurance, child support enforcement and a myriad
of other things. None of the 10 programs will be ready for the
year 2000 until December, leaving little if any time to fix
unforeseen problems. Data exchanges and interdependencies exist
at all levels of government and the private sector. A single
failure could disrupt the entire chain of information.
The Social Security Administration, for example, maintains
a data base of Social Security payment information for eligible
citizens. When these payments are due, the Social Security
Administration sends the information to the Department of the
Treasury's Financial Management Service, where the check is
issued, and then either electronically deposit it into a
personal bank account or deliver it by the U.S. Postal Service.
Each of these agencies has its own network of computers. If
even one of them fails, the entire system will break down and
the check will not be delivered. Fortunately, the Social
Security Administration has been working on this problem for 10
years and it's in good shape. But even the best prepared
computers won't work without power. Two of the most essential
questions involving the year 2000 challenge are, will the
lights stay on and the gas pumps remain full. For without
electricity and fuel, farm crops cannot move from field to
table and commerce cannot flow from factory to household.
The year 2000 computer problem also presents other
potential threats to communities, from computed interrupting
services, such as 911, to delays in assistance for disasters,
such as California's all too familiar earthquakes, floods,
fire, you name it, we do it. Why we are here today is to
examine California's readiness for this challenge as well as
the preparations being made by regional local governments and
businesses. But even with the best of plans, no one can predict
what might or might not happen once the clock ticks midnight
this New Year's Eve. The only certainty is that the January 1st
deadline cannot be extended.
I understand that California and Sacramento have been
working hard toward meeting this deadline. And I welcome
today's witnesses and look forward to the testimony.
And with that, Mr. Ose will preside and Chair as the
chairman pro tem. He's a valued member of our committee in
Washington. Since we're in his district, he's going to chair it
and run us through it, and I will ask some questions and so
will he.
Does the gentleman from California have an opening
statement?
[The prepared statement of Hon. Stephen Horn follows:]
[GRAPHIC] [TIFF OMITTED] T0954.001
[GRAPHIC] [TIFF OMITTED] T0954.002
[GRAPHIC] [TIFF OMITTED] T0954.003
Mr. Ose. I do, Mr. Chairman.
First of all, let me thank you for coming all this distance
to visit with us today. Your work on this subject has been the
backbone of everything we're trying to do to make sure this
does not become a problem. As arcane as the subject is, the
country owes you a great debt of gratitude.
First, I'd like to thank everyone for joining us today at
this special field hearing. Today we are going to look at how
State and local government entities, utilities and selected
businesses in the community have prepared their computer
systems for the next century.
On the Federal level, this committee has reviewed the
Federal Government's Y2K preparations for several years under
the guidance of Chairman Horn. So far this year, it's a long
title, but the Government Reform Committee's Government
Management, Information, and Technology Subcommittee, of which
Mr. Horn is chairman and on which I sit, has held over a dozen
hearings on the Y2K computer problem.
As Chairman Horn contends, the Federal Government has been
slow to act on the problem. As a result, some of the agencies
have had to work overtime to become compliant with the
challenge. At this point, about 94 percent of the government's
mission-critical systems will be ready for January 1st--excuse
me, are ready for January 1st. And the remaining 6 percent have
yet to be completed.
The purpose of this hearing, again, is to look beyond the
Federal Government and see how localities are dealing with this
problem. On the State level, it appears that the State of
California's followed a similar path as the Federal Government
identifying the problem and going to work on it.
The State Auditor prepared a report in February 1999 and
the director of the Department of Information Technology is
here with us today to discuss it. As in the Federal Government,
the State is hustling, if you will, to make sure that their
systems comply as of the end of the year, and I'm looking
forward to this testimony.
I'm also pleased to see that we have a wide variety of
witnesses who will testify before us today. We'll hear from the
representative of Sacramento County and from the Sacramento
County Emergency Services. We have someone from my city, the
city of Citrus Heights. We'll have a representative from the
Regional Council of Rural Counties, and finally from the
Government Accountability Office.
We're also going to receive testimony from utility
providers, those being PG&E, Pacific Bell, and SMUD. Finally,
we'll hear from important industries on the private side such
as banking, agriculture, and health care.
I look forward to everyone's testimony, and I hope this
hearing will help educate the public on our region's
preparedness for the year 2000.
[The prepared statement of Hon. Doug Ose follows:]
[GRAPHIC] [TIFF OMITTED] T0954.004
[GRAPHIC] [TIFF OMITTED] T0954.005
[GRAPHIC] [TIFF OMITTED] T0954.006
Mr. Ose. I would like to invite the first panel down for
their testimony. We're going to have you sit right here with--
so those folks, Joel Willemssen, Elias Cortez, Doug Cordiner,
Joan Smith, Cathy Capriola if you would come join us down here.
OK. We're going to have Mr. Cortez testify first. He's got
a 10 a.m. flight. But before we get into that, this being a
congressional oversight hearing, I need to swear the witnesses.
Folks, if you'll raise your right hands.
Do you solemnly swear the testimony you will give before
this subcommittee will be the truth, the whole truth and
nothing but the truth?
Let the record show the witnesses responded in the
affirmative.
[Witnesses sworn.]
Mr. Ose. So, Mr. Cortez, you're up. Thank you for joining
us.
STATEMENTS OF ELIAS CORTEZ, DIRECTOR, DEPARTMENT OF INFORMATION
TECHNOLOGY, STATE OF CALIFORNIA; JOEL WILLEMSSEN, DIRECTOR,
CIVIL AGENCIES INFORMATION SYSTEMS, U.S. GENERAL ACCOUNTING
OFFICE; DOUG CORDINER, PRINCIPAL AUDITOR, BUREAU OF STATE
AUDITS, CALIFORNIA STATE AUDITOR'S OFFICE; JOAN SMITH,
SUPERVISOR, SISKIYOU COUNTY, ON BEHALF OF THE REGIONAL COUNCIL
OF RURAL COUNTIES; AND CATHY CAPRIOLA, ADMINISTRATIVE SERVICES
DIRECTOR, CITY OF CITRUS HEIGHTS
Mr. Cortez. Good morning. Honorable chair and members, on
behalf of Governor Davis, I welcome you and your committee to
the State of California.
I am Elias Cortez, chief information officer for the State
of California and director of the Department of Information
Technology. I would like to thank the members of the
subcommittee and all your staff for the opportunity to deliver
a brief statement on California's comprehensive year 2000
program. Based on recent reviews and detailed analysis of the
Y2K program, efforts not only within the State, but across the
Nation, we're confident that California's approach to the year
2000 issue is progressive and comprehensive.
The executive order D-3-99, signed by Governor Gray Davis
in February 1999, identified the Y2K issues as the State's No.
1 information technology priority. This emphasizes and ensures
that the State's resources are focused on public safety,
economic stability, continuation of business, and the
uninterrupted delivery of essential government services to all
of California's citizens and business partners. The executive
order empowered me to lead and make bold, decisive initiatives
to assess, validate, and communicate the status of Y2K
remediation and preparedness activities.
The executive order also empowered me with authority over
all information technology units and resources within the
State. Through this role, I forged successful partnerships with
representatives of both the public and private sectors,
including local governments and State governments and other
State entities such as the Governor's Office of Emergency
Services, and various committees and task forces convened by
the Governor.
Our main purpose and focus was to accelerate and escalate a
progressive and successful year 2000 program, and included are
subcommittees such as the year 2000 executive committee, year
2000 business economy task force, the year 2000 business
council, the year 2000 emergency preparedness task force, and
the year 2000 communications and outreach task force. As we
implemented and enhanced our year 2000 program in February
1999, we found that government entities were not as prepared as
we had thought or had been previously reported, and as a
result, we immediately accelerated and escalated our year 2000
program through the proactive implementation of a statewide
program management office for Y2K and the development of
prescriptive methodologies based on the industry best practices
for Y2K.
This approach is documented in the Department of
Information Technology's Strategic Plan, which is included in
the documents supplied to you. California's year 2000 program
is a comprehensive approach to the year 2000 remediation and
preparedness and includes the establishment of baseline status
for more than a 100-plus State entities, an assessment of each
entity, a high-level analysis and the assessment results, and
the independent validation and verification of those entities
with a mission-critical system's focus by external vendors.
The assessment and review outcomes are tracked through a
corrective action planning process. This process ensures
accountability and action and focus from the entities with the
corrective action plans and resources in place that they are
required to complete prior to September 1, 1999. A compilation
of the State Department Status Information is presented for
review on-line on the web on the California Y2K website, which
is www.year2000.ca.gov. This bold-step initiative allows any
government entity or citizen to access objective, quantitative,
current information about State entities' Y2K efforts.
Additionally, the website information communicates entity
status to business partners within and external to the State
government entity and structure. California's Y2K program has a
significant commitment to ensuring that business continuity and
contingency planning occurs for all entities.
The year 2000 management program office, the statewide
program, must receive a completed and tested plan from each
entity prior to October 1999. The commitment to business
continuity and contingency planning echoes a message of
Governor Davis' executive order and ensures a seamless delivery
of services in order to make the century change a nonevent.
In addition to technical assessments and reviews, our Y2K
program consists of extensive communication and outreach
activities. These include year 2000 emergency preparedness and
business continuity and contingency planning, conferences,
infrastructure industry roundtables, legislative-sponsored
attendance in hearings in which we participated; additional
activities are anticipated over the coming months and the new
year relative to communications and outreach on Y2K.
Finally, we have raised the bar regarding end to end
testing. We will broaden and strengthen interface testing of
data with all our partners in local government to ensure that
mission-critical public safety, health and welfare and
education services are delivered uninterrupted into the new
year.
We have a successful and productive collaboration with
counties and local governments and even private sector
organizations relative to the services that we deliver from the
State. All Y2K activities conducted by the State of California
are a direct reflection to the decisive actions taken in
support of Governor Davis' administration and the legislature,
as well as an unprecedented cooperation among State government
entities and partners for the State.
Recent accomplishments by the program will allow the State
to ensure continuity of State and county mission critical
services to the community at large regardless of unforeseen
information system impacts.
I'm extremely confident that California can and will
deliver the mission-critical services for residents before,
during and after the century event.
In summary, the State has been extremely proactive and
focused on California's expectations of uninterrupted services
by doing the following things:
We focused in the area of addressing the most challenging
issues and mission-critical priorities first and concentrating
on the greatest impacts to health, safety and revenues. We've
maintained public trust in the infrastructure that Californians
depend on by accurately reporting the progress made and any
challenges facing forward, managing those to date, making sure
that there is a workable solution in place to provide
uninterrupted service if an unforeseen year 2000 event occurs,
preparing for the unexpected year 2000 related impacts by
anticipating scenarios and directing the resources necessary to
maintain confidence in our communities via the Office of
Emergency Services.
Again, thank you for giving the State the opportunity to
testify before you about our comprehensive year 2000 program.
We are proud not only to share our current status, but we have
proactively shared our methodologies with all local government,
small business and entities relative to Y2K.
Thank you.
[The prepared statement of Mr. Cortez follows:]
[GRAPHIC] [TIFF OMITTED] T0954.007
[GRAPHIC] [TIFF OMITTED] T0954.008
[GRAPHIC] [TIFF OMITTED] T0954.009
Mr. Ose. Director, if I may, in deference to your time,
we're going to ask what few questions we have of you first so
that you can catch your plane.
First of all, you mentioned the website that you had, the
www.year2000.California.gov. I want to make sure that we've got
that correctly identified as www.year2000.ca.gov., right?
Mr. Cortez. Yes, sir.
Mr. Ose. So if anybody is watching, that's a first--that's
one resource everybody can use.
The other question I have most directly is under Chairman
Horn's leadership, one of the things that has been most
apparent is that our initial attempts to cure this problem have
been changed or governed by agencies' self-examination after
the fact. And what I'd like to find out is: There are three
particular situations I'm concerned about.
First, is it the agencies themselves who are reporting on
their compliance, or do you have an independent third party
doing that?
Second, since, say, January 1st, have you seen any material
change in the degree of readiness amongst the agencies?
And, finally, as it affects regional and local governments
in particular, has the State been able to provide any financial
assistance to those levels of government to help them get into
compliance?
Mr. Cortez. Thank you.
Regarding the agencies, we are very proud to say that that
was a concern for our legislature coming in. Again, the program
wasn't where we had expected it to be. We did see prior to our
acceleration and escalation of this program a need for
independent validation of verification. We immediately
implemented that program. No entities do self-assessment or
self-reporting. We've put that behind us. Our new program not
only allows us to do current triages, but we have ongoing
statewide program management in which we continually track on a
weekly basis and post on line on our web the status of any
corrective action plans required for these departments.
Furthermore, we're proud to say we're putting that on the
web so that any local government and citizens who have any
concerns regarding our compliancy or status can go on line and
see positive steps taken, actions that need to be taken, and
corrective actions and plans in place and resources with dates
proactively displayed. So we are totally having an objective
review. It's all external and it's independent. And, again, we
have a multitude of vendors that are helping us with that
process.
Second, the issue on the degree of readiness, we have seen
an extreme acceleration and escalation of the Y2K program, and
we've even documented that on line. So when you see the
department status, you can see the initial baseline and its
actual validation where it was when we started the program and
where it currently is. And you can see some major improvement
and action items taken care of. So we view this program as
extremely successful and have recommended to other local
government entities not only the methodology that we use; we
post it on line and they can download it and use it as a tool
kit for themselves if they don't have resources to hire
expensive consultants. And many government entities have taken
the opportunity to do so.
And, furthermore, we continually assess on a week-to-week
basis and allow the departments to give current status. So, as
an example, if a department finds an issue that hadn't been
dealt with prior to this, it gets red-flagged again and brought
into the loop of the program. So we have a comprehensive review
of all issues left to be compliant and complete into the new
year.
Regional governments, we have proactively been out in the
community working with regional governments sharing our
methodologies at no cost to them. We're doing conferences. We
are aggressively pursuing a communication and outreach program
making sure that our message and their message is in sync with
the community. We have proactively worked with the legislature
to provide dollars so that we can fund such programs. And,
again, at this point, the funding that has been put in place I
know has gone to core programs and other programs. Again, at
this point, I'm not aware of legislation with additional
funding.
Mr. Ose. Chairman Horn.
Mr. Horn. Just one brief question. I know the Governor
doesn't run the State education systems here, but increasingly
Governors do, and I wondered if you as the chief technology
boss of the State have a feel for what's happening on K-12,
what's happening at the community college level, what's
happening at the California State University level. And we do
have one witness from the UC-Davis campus, the medical school,
but I wondered what you know about what's happening at the
University of California, also.
Mr. Cortez. Yes. We are proud to say that we've had the
opportunity to work side by side with Assembly Member John
Dutra, Chair of the Assembly Information Technology Committee,
and we've gone across the State and had hearings like this in
similar forums, and we have seen that smaller government
entities, not just school districts, have had financial
challenges that they recently have come out of, and so their
starts with the Y2K program have been late.
I personally have met the leader of the Board of Education
for our State and have shared our methodology. We have
proactively worked with them on the assessment for their
department. They take--all government entities take this
challenge seriously, and we are continuously working with them.
And as an example, through communications and outreach programs
trying to disseminate Y2K status and methodologies through
their broadcast system. We do and we have found in again
smaller government entities that financial strains have been an
issue for them. As we did in one case, a city up in northern
California, they used $100,000 reserve plus borrowed $50,000 to
complete their Y2K program.
So all in all we've seen a major impetus to get the job
done. We've seen many challenges on a different level, and we
believe the smaller government entities do need help not only
in methodologies, but resources. And they need to shift their
own internal resources to get this job done, as we've seen with
other local government entities.
Mr. Horn. Well, I appreciate that answer. The State auditor
has a representative here after you, and we'll ask him some of
the questions, but the statewide audit in February I'm sure was
helpful in assessing where you were. I don't know the degree to
which California departments have, say, an inspector general
because there's another--at least at the Federal level, another
independent authority that can call them as they see them. Are
you concerned about the verification of what some of the
departments are submitting?
Mr. Cortez. Actually, I'm confident to say that we've taken
the auditor's report to heart. We welcome all their comments.
We aggressively pursued as we have expanded and escalated our
program all their issues into our program. We reported to them
currently and recently about the program and the status of the
program. We do not use self-assessment. We do not believe
that's the appropriate measure of Y2K. We have proactively
worked with what we call the Y2K Business Council.
Right across the mountains here, we have the leaders in the
world on technology. And we are lucky to have used them, and
they have committed their CIOs to be our compass and guide for
our Y2K program; and we've been able to take industry best
practices, procedures, and policies, such as software freezes
and other things that are related to a good compliant
information project--Y2K information project in place. And so
we're confident that not only the recommendations from the
Bureau of State Audits we've taken into account and
implemented; but, furthermore, we've got an additional set of
eyes on our program and advisory to our program and that has
embellished our program tremendously.
Mr. Horn. Thank you very much.
Mr. Ose. Director, thank you. Appreciate you coming.
Now to the rest of the panel, I appreciate your patience.
That's very courteous to extend that to the director. So we'll
just go down the list.
Mr. Willemssen. Thank you, Congressman, for inviting us
here today. Chairman Horn, as requested, I'll briefly summarize
our statement on the Y2K readiness for Federal Government,
State and local government, in key economic sectors.
Regarding the Federal Government, reports indicate
continued progress in fixing, testing and implementing mission-
critical systems. Nevertheless, numerous critical systems must
still be made compliant and must undergo independent
verification and validation. The most recent agency quarterly
Y2K reports due to OMB today should provide further information
on agency progress. Our own reviews of selected agencies have
shown uneven progress and remaining risks in addressing Y2K
and, therefore, point to the importance of business continuity
and contingency planning.
Even for those agencies that have clearly been Federal
leaders such as the Social Security Administration, work still
remains to ensure full readiness. If we look beyond individual
agencies and systems, the Federal Government's future actions
will need to be increasingly focused on making sure that its
high priority programs are compliant. In line with this, OMB
has identified 43 high-impact programs such as Medicare and
food safety. As you know, Mr. Chairman, we're currently
reviewing for you the executive branch's progress in addressing
these high-impact programs. Available information on the year
2000 readiness of State and local governments indicates, also,
that much work remains. For example, according to recently
reported information on States, about eight States had
completed implementing less than 75 percent of their mission-
critical systems. Further, while all States responding said
they were engaged in contingency planning, 14 reported their
deadlines for this as October or later.
State audit organizations, including the California State
Auditor, as earlier mentioned, have also identified significant
Y2K concerns in areas such as testing, imbedded systems, and
contingency planning.
Mr. Ose. Mr. Willemssen, just a moment. If everyone would
turn off their pagers and cell phones, that would be a great
benefit to the witnesses. Thank you.
Mr. Willemssen. Another area of risk is represented by
Federal human services programs administered by States,
programs such as Medicaid, food stamps and child support
enforcement. Of the 43 high-impact priorities identified by
OMB, 10 are State-administered Federal programs such as these.
OMB reported data on the systems supporting those kinds of
programs show that numerous States are not planning to be ready
until close to the end of the year. Further, this is based on
data that has not been independently verified.
Recent reports have also highlighted Y2K issues at the
local government level. For example, last month we reported on
the Y2K status of the 21 largest U.S. cities. On average, these
cities reported to us completing work for 45 percent of their
key services.
Y2K is also a challenge for the public infrastructure in
key economic sectors. Among the areas most at risk are health
care and education. For health care we've testified on several
occasions on the risks facing Medicare, Medicaid and biomedical
equipment. In addition, last month we reported that while many
surveys have been completed on the Y2K readiness of health care
providers, none of the 11 surveys we reviewed provided
sufficient information with which to assess the true status of
these providers. For education, last week's report of the
President's Council on Y2K conversion indicates that this
continues to be an area of concern. For example, according to
the council report, many school districts could have
dysfunctional information systems because less than one-third
of institutions were reporting that their systems were
compliant.
That concludes a summary of my statement, and I'd be
pleased to address any questions you may have.
[The prepared statement of Mr. Willemssen follows:]
[GRAPHIC] [TIFF OMITTED] T0954.010
[GRAPHIC] [TIFF OMITTED] T0954.011
[GRAPHIC] [TIFF OMITTED] T0954.012
[GRAPHIC] [TIFF OMITTED] T0954.013
[GRAPHIC] [TIFF OMITTED] T0954.014
[GRAPHIC] [TIFF OMITTED] T0954.015
[GRAPHIC] [TIFF OMITTED] T0954.016
[GRAPHIC] [TIFF OMITTED] T0954.017
[GRAPHIC] [TIFF OMITTED] T0954.018
[GRAPHIC] [TIFF OMITTED] T0954.019
[GRAPHIC] [TIFF OMITTED] T0954.020
[GRAPHIC] [TIFF OMITTED] T0954.021
[GRAPHIC] [TIFF OMITTED] T0954.022
[GRAPHIC] [TIFF OMITTED] T0954.023
[GRAPHIC] [TIFF OMITTED] T0954.024
[GRAPHIC] [TIFF OMITTED] T0954.025
[GRAPHIC] [TIFF OMITTED] T0954.026
[GRAPHIC] [TIFF OMITTED] T0954.027
[GRAPHIC] [TIFF OMITTED] T0954.028
[GRAPHIC] [TIFF OMITTED] T0954.029
[GRAPHIC] [TIFF OMITTED] T0954.030
[GRAPHIC] [TIFF OMITTED] T0954.031
[GRAPHIC] [TIFF OMITTED] T0954.032
[GRAPHIC] [TIFF OMITTED] T0954.033
[GRAPHIC] [TIFF OMITTED] T0954.034
[GRAPHIC] [TIFF OMITTED] T0954.035
[GRAPHIC] [TIFF OMITTED] T0954.036
[GRAPHIC] [TIFF OMITTED] T0954.037
[GRAPHIC] [TIFF OMITTED] T0954.038
[GRAPHIC] [TIFF OMITTED] T0954.039
[GRAPHIC] [TIFF OMITTED] T0954.040
[GRAPHIC] [TIFF OMITTED] T0954.041
[GRAPHIC] [TIFF OMITTED] T0954.042
[GRAPHIC] [TIFF OMITTED] T0954.043
[GRAPHIC] [TIFF OMITTED] T0954.044
[GRAPHIC] [TIFF OMITTED] T0954.045
[GRAPHIC] [TIFF OMITTED] T0954.046
[GRAPHIC] [TIFF OMITTED] T0954.047
[GRAPHIC] [TIFF OMITTED] T0954.048
[GRAPHIC] [TIFF OMITTED] T0954.049
Mr. Ose. We're going to go through the other witnesses and
then come back for questions. I actually think there are
microphones on the table here in the event you want to sit to
give your testimony. You're welcome to stand, of course.
Mr. Cordiner, from the State Auditor's Office.
Mr. Cordiner. Mr. Chairman, Congressman, and Members, I
appreciate the opportunity to speak to you this morning on a
very important topic. Thus far our office has had two
opportunities to review the Y2K effort in California. The first
of our audits was published in August 1998. Under the former
administration, agencies self-reported their progress on
remediating their systems to the Department of Information
Technology, and we were concerned that those reportings were
accurate reportings. So we looked at several of the systems of
these agencies and found that they were overly optimistic as to
where they currently were in their progress. In addition, we
did some survey work and found the same held true for some
other agencies.
Moreover, there were many of these agencies that had not
begun to do business continuity planning, which we felt was
critical in light of the fact that they would seem to be
lagging behind on the remediation progress. Most were doing
planning, but it was more of a disaster recovery type of
planning rather than concentrating on what would happen if
their remediation efforts failed or weren't done in time.
Based on our recommendations in the first audit, the
legislature again wanted us to look at this area, and we did
publish another report in February 1999. This time we looked--
we chose a sample of what we considered the most critical
agencies supplying services to Californians, and that would
include health and safety, payment systems, and revenue
agencies. We chose a sample of 14 agencies to look at. We
looked at the critical systems supporting those programs and
found that 11 of the 14 agencies had not completed their
remediation of critical systems that by a previous
administration Executive order should have been done by
December 31, 1998.
Areas that weren't finished included thoroughly testing
their systems, dealing with the threats posed by imbedded
technology that those systems depend on, as well as data
exchange partners. They hadn't fully agreed on formats or some
hadn't tested that agreed-upon format to ensure that
information passed between the data exchange partners would be
seamless and wouldn't cause a corruption of data.
We also found that one of the State's two large data
centers that many agencies depend on to support their systems
didn't have--it had a risky strategy for Y2K in that the
infrastructure that these other agencies depend on hadn't been
thoroughly tested to determine that it would work. And they
also had noncompliant products out there that they had notified
others that they shouldn't use, but they hadn't removed them as
we felt would be prudent in the circumstance.
Last, we looked at the infrastructure, mainly
telecommunications and the power grid, and we found that with
the decentralization that has occurred in this industry, there
are many players, if you will, that oversee segments of the
infrastructure, but there was no centralized place that one
could go to determine, you know, what's the progress on, say,
telecommunications, or what's the progress on whether all the
providers of power are fully ready to meet the new century.
That concludes my summary, and I would be glad to answer
any questions.
Mr. Ose. We appreciate that. We're going to go ahead and
have the other two testify and then we'll just take questions
as a whole.
Mr. Cordiner. Thank you.
[The prepared statement of Mr. Cordiner follows:]
[GRAPHIC] [TIFF OMITTED] T0954.050
[GRAPHIC] [TIFF OMITTED] T0954.051
[GRAPHIC] [TIFF OMITTED] T0954.052
[GRAPHIC] [TIFF OMITTED] T0954.053
[GRAPHIC] [TIFF OMITTED] T0954.054
Mr. Ose. I stand corrected. We would like you to give your
testimony up here at the podium.
This is Joan Smith, supervisor from Siskiyou County. Thank
you for joining us.
Ms. Smith. Thank you, Congressman Ose. Good morning. I want
to thank you for the opportunity to provide testimony for the
subcommittee with regards to the year 2000 readiness of local
governments. I'm here today speaking on behalf of the Regional
Council of Rural Counties [RCRC], which is an organization that
represents 27 of California's rural counties. I would like to
begin by thanking our distinguished congressional
representatives for taking time from their busy schedules to be
here in Sacramento today. A warm northern California welcome to
all of you.
The issues that we are addressing are of great importance
to the communities represented by Congressman Ose and
throughout rural California. There are only 140 days left
before the year 2000, and we still have much work to do. The
Y2K preparedness level of local government varies widely within
the State of California. California has 58 counties, 471
cities, and over 2,300 independent special districts. Some are
ready right now, but many, most, are not.
Today's hearing is especially important because it concerns
the readiness of public services their citizens come in contact
with every day. Here's where the rubber hits the road for fire,
police and the programs and services counties provide for
children and families and the basic services that allow
communities to function and the economy to grow. It is vital
that the citizens in rural California have confidence that
county services will still function and that there are
realistic contingency plans should any systems fail.
Recently, the General Accounting Office was asked to
identify the Y2K status of key services provided by the
Nation's 21 largest cities, as was testified here today.
As of early July, America's largest cities report on
average that they have completed 43 percent of the work that
will be required for an uneventful transition to the year 2000.
Information from the National Association of Counties estimate
that only 27 percent of the more than 3,000 counties it
represents nationwide have completed Y2K testing. Apparently,
more than 2,000 counties have a lot of work to do in the next
140 days.
Siskiyou County Y2K experiences. As was previously stated,
I'm from the very top of the State, Siskiyou County. We
border--we have a population of approximately 45,000 people,
and we're located on the Oregon border, and we lie between the
counties of Modoc and Del Norte. Siskiyou County began its year
2000 preparedness program in October 1998, with the formation
of an interdepartmental task force.
Mr. Chairman, I just wanted to let you know our
Superintendent of Schools, Barbara Dillan does sit on our Y2K
task force and they are working with us and bringing things up
to date. This task force works to identify essential services
for each county department, institute contingency planning,
coordinate systems testing, test all essential communication
systems by the manufacturer, ensure medical facilities have
replaced essential equipment and have additional supplies
available, create a coordinated response procedure for
potential increase in medical response, including home health
patients, address potential increase in law enforcement calls,
conduct over 100 community awareness programs, develop planning
information for all county departments, cities and special
districts in our area.
The county of Siskiyou has worked with our region's
electric and telephone service providers to ensure that their
systems will be fully functional. We are fortunate that our
electric provider, Pacificorp, has completed its Y2K compliance
testing. In fact, they have rolled their date forward. They are
now in the year 2000. They managed to work out any bugs that
they had, and we are still functioning in the year 2000 in our
area. The Federal Department of Energy has advised us to
prepare for the potential of a 2- to 3-day power outage during
the first month of the year 2000.
Siskiyou County has actively worked with other governmental
entities in the community in the development and implementation
of our Y2K preparedness plan to make the transition to the new
year as smooth as possible. We believe that our hard work and
advance planning related to the Y2K issue will leave us in good
shape for anything that may come our way.
The Regional Council of Rural Counties, in response to this
hearing, commenced a survey to gauge the year 2000 readiness of
our member counties of which you have a copy of the results
before you. While this survey is only a snapshot of rural
county preparedness, it does provide an interesting accounting
of how local governments perceive they are doing. For your
information, we have attached a copy of the survey and a
computation.
The first section of the Y2K Compliance Survey asked the
rural counties to identify the systems they have checked and if
and where any problems have occurred and identified. The
responses indicated that they are actively checking programs
such as 911 emergency systems, jail functions, data bases,
billing/payroll, mobile data systems, communication
infrastructure, wastewater treatment and a number of other
systems.
Several counties have checked and have made needed
adjustments to 100 percent of their critical systems. Many of
the counties responded they are not checking systems within
their counties, that they are the responsibility of State,
Federal or private entities. These systems would include rail
crossings, mass transit systems and traffic control systems.
However, most of the respondents are working with their
telephone, electricity, and water suppliers to ensure that
these operations are being examined.
The county of Alpine responded that there are no public
elevators in the entire county to check and that their 911
emergency services are provided by Douglas County, NV.
The second area of the Y2K Compliance Survey asked the
rural counties to note who they are currently working with to
determine their ability to interface with other systems. They
indicated they were working with State entities, cities,
counties and special districts, schools and community
organizations to test specific critical interfaces. The
counties of Yuba and Shasta have expressed that they have
worked closely with their health care providers. Only five of
the counties say they have communicated directly with Federal
entities regarding Y2K issues. There appears to be little
district Federal-to-county technology interface, with most
payment and communication systems being linked between the
Federal and the State.
The third section of the survey focused on risk assessment.
Most of the counties have developed a formal year 2000
preparedness plan and have completed between 50 and 95 percent
of the necessary compliance checks. The 15 counties in the
survey assessed their combined current readiness is 73 percent.
The counties of Lassen and Alpine indicated they do not have
official year 2000 preparedness plans. Most of the counties
stated that they are attempting to address the Y2K issues
internally, and only two counties, Glen and El Dorado, have
hired outside consultants to assist them with their effort.
The responses show that 69 percent of counties currently
employ a full-time information technology staff person.
The last section asks the counties to indicate the amount
and type of public outreach on year 2000 issues that they have
conducted. The survey shows the counties have effectively
utilized community forums, media presentations to businesses--
media--excuse me--presentations to business and social
organizations, and public service announcements to communicate
how they are preparing, especially to the elderly community.
Many of the counties have developed a brochure or have
posted information on their webpages to inform their community
about Y2K issues. Merced County's website is located at
222.co.shasta.ca.us and Shasta County is www.co.shasta.ca.us.
They are two very good examples.
Before you is a copy of the Y2K Cookbook. This was
developed by Merced County with the assistance of the State of
California, the Department of Information Technology or DOIT,
as we call it.
In conclusion, for the past 3 years California's rural
counties have invested hundreds of hours of staff time,
replaced and upgraded hardware and software and have spent
millions of dollars to prepare for Y2K. The survey and recent
conversations with rural county Y2K representatives appear to
indicate that most of the counties will be well prepared for
any potential disruptions that may occur due to the changeover
at the end of the year.
As stated by several counties, the potential of losing
services such as electricity or telephone service is not much
greater than the possibility of a severe snowstorm, flood or
forest fires, all of which we have survived. We strongly
believe that no matter what, everyone should always be prepared
in case of an emergency. That means having warm blankets, extra
food and water, flashlights and backups for all systems
containing program logic.
There has been a fair amount of media attention focused on
people acquiring survivalist property in rural areas, food and
gas hoarding, and the impact of increased traffic on rural
roads as people escape urban areas. These doom-and-gloom
forecasts will potentially lead to additional impacts upon
county services that will be difficult to assess.
California's rural counties are looking forward to a smooth
transition to the year 2000 and are working hard to ensure that
our citizens and businesses will not be adversely impacted by
the failure of any governmental-operated systems. Thank you.
Mr. Ose. Thank you for joining us, Supervisor Smith.
[The prepared statement of Ms. Smith follows:]
[GRAPHIC] [TIFF OMITTED] T0954.055
[GRAPHIC] [TIFF OMITTED] T0954.056
[GRAPHIC] [TIFF OMITTED] T0954.057
[GRAPHIC] [TIFF OMITTED] T0954.058
[GRAPHIC] [TIFF OMITTED] T0954.059
Mr. Ose. Our last witness is Cathy Capriola from the city
of Citrus Heights.
Ms. Capriola. Good morning. On behalf of the Citrus Heights
City Council and our community, I'd like to say thank you for
the opportunity to participate in this congressional hearing.
Citrus Heights is in a very fortunate position relative to
the year 2000. As Congressman Ose knows, since he served on the
Citrus Heights Incorporation Project and was president of that
at one time, we are a newly incorporated city. We became a city
on January 1st and opened our doors for business to the
community in July 1997. So because of that and because of the
kind of character of our community and the service delivery,
we're in a far better position probably than most of our peer
agencies.
There are three reasons that we're somewhat of an anomaly
with the year 2000. One is because we are a startup, so we have
no legacy systems. All of our technology is new, and we have no
custom applications that have been developed in-house through
the years. We're just installing our local area network and are
completing that and at this point have held off on purchasing
any other specialized software until the year 2000 passes.
We also have a limited scope of operations. Because we're
not a full service city, again, as a newly incorporated city of
88,000, a number of special districts provide services to our
residents. So those individuals in the area of parks and
recreation and water retain the programmatic policy and the
year 2000 responsibility.
The third area that makes us a little different is we're a
contract city, more like some of the southern California cities
where we contract back to other jurisdictions and the private
sector for services. Specifically back to Sacramento County
that provides our law enforcement--very, very well, solid
waste, and street and related infrastructure maintenance. So
we're coordinating with Sacramento County and private firms
that provide services for us and communicating with them.
In terms of what the city has done--a complete inventory
and prioritization of what we do have, and that's 98 percent
complete. The systems we currently use require some
remediation--and even with new technology there are still
patches and tinkering that needs to occur. So, we will be
completing that within the next 45 days. We're doing some
community outreach. We'll be holding some workshops with our
community in September and also working with our contracting
agency, Sacramento County, et cetera, on emergency operations
and some of our mission critical items.
So overall, just to summarize, I think that for we as a
city, timing is everything, and we became a city at the right
time on this one. And we're in a very fortunate position. Just
the way we're structured, being new, we're less complex in
scope and smaller than all of our peers. I'd be happy to answer
any questions.
Mr. Ose. Thank you, Cathy.
[The prepared statement of Ms. Capriola follows:]
[GRAPHIC] [TIFF OMITTED] T0954.060
[GRAPHIC] [TIFF OMITTED] T0954.061
[GRAPHIC] [TIFF OMITTED] T0954.062
Mr. Ose. Now, as far as how we proceed from here, many of
you have not participated in a congressional hearing. What we
do is the chairman and I will direct questions at the witness
and you're free to answer. If there is something you care to
add to someone else's testimony, be happy to take that
testimony.
So with that, Mr. Chairman, would you like to proceed?
Mr. Horn. Well, let me ask Mr. Willemssen, who has been a
faithful attender at every single one of our field hearings for
the last 3 years, what you heard this morning, how does that
fit in with other things the General Accounting Office has
looked at in other areas and States? And are we missing
something here that we should ask about, and what do you think
it is?
Mr. Willemssen. One area that you might want to pursue with
some of the witnesses, I realize the State IT director is no
longer here, but I heard touched on very briefly but you may
want to pursue a little more, testing of data exchanges with
other organizations.
Many of the witnesses talked about where they are at with
their own systems and they are making great progress; but as
you know as well as anyone, the testing of data exchanges is
especially critical to make sure that there aren't any
disturbances that affect the systems outside of your control.
And I think your question earlier to the State Director on the
education side again points to that.
I know that Secretary of Education has expressed great
disappointment with the low number of schools who have opted to
test their data exchanges with the Federal Department of
Education on loans and grants. And I think that it would be
worthwhile for California, among other States, to begin looking
at how well their postsecondary schools are actually doing in
the testing of those exchanges, because my understanding is
nationally it still remains a very low number who have taken
advantage of it.
Mr. Horn. I think you're correct. I wrote a letter to the
Secretary of Education Riley about a month and a half ago. I
don't think we have an answer to it yet, but our feeling was
given the lack of money in many school districts and the
smaller ones along the Pacific Coast where you've got a lot of
rural schools still, and I'm proud to say I went to one, I
thought I got a great education, but the fact is this takes
money. And I think I told him to make an estimate for us and
see what's needed and would they administer the program.
Mr. Willemssen. The other thing I might add, Mr. Chairman,
is taking a look at the California State Auditor's Report of
February 1999, I thought that raised some good issues. The
question, if I were in your chair that I would want to ask, is
what their plans are for upcoming review, if they have an audit
or report that is due to be issued so there could be some check
on the statements that were made by the State director of IT.
Mr. Horn. What plans does the State Audit operations have?
Mr. Cordiner. The way our office operates, we do audits at
the request of Joint Legislative Audit Committee and thus far
they have not asked us to do any further work in this area.
However, based on our prior reports, we do get periodic updates
on the progress of our recommendations and whether they've been
implemented or not; and insofar as that goes, a lot of what Mr.
Cortez said we're encouraged by, the planning that has gone
into this. And the new administration, obviously they've
dedicated considerable resources. We're still somewhat
concerned, however, in that the last quarterly report that was
generated by the Department of Information Technology which
came out in July indicated while a number of agencies that are
deemed critical agencies that have programs that are highly
necessary for Californians and that they depend on have
progressed, they're still--one of the things that is measured
and you were concerned earlier with was, ``Well, how much
independent work has been done?''
Now, clearly there has been independent work done on
assessing where they are currently at to get a measurement, but
another part of DOIT's planning is to have an independent
verification and validation of those very critical systems to
see, ``OK, they are ready for the date change.'' That has not
occurred in any of the ones that are listed on the website, to
my knowledge. And so there is still a concern in that area.
In addition, we had recommended in our February 1999 report
that particularly for critical programs that business
continuation planning be done by June 30, 1999 which mirrors
industry standards so that there's enough lead time for those
that require hiring additional staff or whatever the work
around is going to be for that to occur. In addition, to be
able to test that plan to see if it's viable.
And we saw again in the last quarterly report that those
plans are being requested. They drafted them in August and the
final in September, and now I see in the prepared comments that
that date has slipped even further, and so they are looking for
one that's been fully tested in October. Well, if they fall
short of the mark, that's pretty close to an immoveable date.
So we've got some concerns in that area.
I failed to mention in my statement because of the time
constraints that one of the issues we looked at in the February
1999 report was also to survey every State agency that was in
the Governor's budget. 140 of them are responsible for 460
programs. We found that for two-thirds--nearly two-thirds of
the programs or the systems supporting the programs they
operate, one or more critical steps wasn't completed at that
point in time, which was December 31, 1998, and that nearly
one-half of the agencies did not have business continuation
plans.
Mr. Horn. You're absolutely right. In terms of verification
approach, and I wondered if as the welfare system in the State
with the Federal billions and the State billions and then the
county welfare in 58 counties, what is the interconnection
there between the smaller welfare groups like San Benito and
San Luis Obispo?
Mr. Cordiner. As far as the Y2K exposure, a lot of it is
the interface that Joel mentioned earlier. It's critical both
upstream and down for State agencies to be able to seamlessly
communicate with both the Federal, local and outsiders. Say,
Medi-Cal, for instance, has third-party providers. It's a
tremendous amount of interface that goes on.
Mr. Horn. Has much of that been tested, to your knowledge?
Mr. Cordiner. To my knowledge, the quarterly report--in
fact, I looked at the appendix that was attached to that that
lists every one of the departments, and some indicated that
they completed testing, or at least say they have, or an
independent party says they have without the independent
verification of it that they have tested their data exchange.
For others, that information was not included, when we've known
based on our past work that these systems that didn't indicate
anything about data interchange do have that. So I don't know
what the status is, to tell you the truth.
Mr. Horn. This question isn't necessarily on the year 2000,
but it's a computer question, and that's the deadbeat dad
situation. In Congress we had to get an exemption for
California because you would have had a lot of money taken away
since I think--what is it--about 24, 25 counties don't like the
L.A. system and wanted their own system, and where are we on
that?
Mr. Cordiner. The current status on that--it's fortuitous
you ask. I was on that. We just released an audit report on the
5th on that. What California tried to do is create a consortia
which would have been a link--four systems, including Los
Angeles, would have been linked together, and that would have
been the State's plan to develop a statewide automated child
enforcement system. That was recently rejected. That plan was
rejected at the Federal level.
We are now back to basically square one where the Health
and Welfare Data Center which is responsible for developing the
IT solution for this program has awarded four different
contracts to vendors to come up with a design. The winner of
that will be given a future contract to develop or replicate an
existing system for California to use. So we're--in my mind,
we're years away from a statewide automated system. There are
systems in use out there, and the ones that we visited, most of
them are Y2K ready now. Some weren't and they were migrating to
other systems that were.
Mr. Horn. Thank you.
Mr. Ose. If I may follow up on something, Mr. Cordiner, in
your testimony you talked about noncompliant products being
used I believe at the Teale Data Center?
Mr. Cordiner. Correct.
Mr. Ose. After the Teale data operator advised everybody
not to use those same products, and my question is whether or
not we're still using those noncompliant products?
Mr. Cordiner. Based on their last response to our audit,
those have been--they are in the process of removing them.
Mr. Ose. That was the critical question, whether they
complied with their own recommendation.
Second, if I might, I know that the director of--I like the
acronym DOIT--the director of DOIT testified about the
independent verification validation, but in your opinion, are
those truly independent?
Mr. Cordiner. We haven't really reviewed--I know they had
established a prequalified pool of vendors that could meet the
need. We didn't really look at that process and we haven't
really evaluated what's being done in the IV&V to determine
that. The answer to that question, I would hope that they are.
And I think you know this isn't about pointing a finger.
Mr. Ose. I understand.
Mr. Cordiner. And I think Mr. Cortez is sincere in wanting
this to be done the best possible way. So with that in mind,
I'm confident that those people are doing a good job.
Mr. Ose. Do I understand that your charge to do an audit
follows a request? In other words, you cannot move independent
of having received a request either from the Governor's office
or the Legislature?
Mr. Cordiner. That's correct.
Mr. Ose. OK.
Mr. Horn. If I might ask one more question.
Mr. Ose. Certainly.
Mr. Horn. One question comes to mind, having read in The
Sacramento Bee this morning makes me ask this, a 15-year-old
that knifes and kills a woman older than him, and he's out as a
juvenile and should have been locked up earlier. And that gets
down to what's happening in a number of States when they
checked for 2000 conformity, they found their jail/prison
security systems are opening the doors sometimes. And unless
they check that, you're going to have a real problem. I
wondered in terms of the sheriffs and State and if the audit
team has gone into any of that?
Mr. Cordiner. We--in our last audit, we looked at the
Department of Corrections and we looked at two specific
systems. One was where the prisoners were at. You know, their
status, reporting status. We found that to be OK. The other was
an imbedded chip issue with the electrified fences that
encompass 23 of 33 institutions. They still had work to do on
those, so there was no assurance that those work as intended.
It's my understanding that Mr. Cortez had a group of
independent contractors go out and see where that was at, but I
see on his website that Corrections still is designated with a
pink, which is a high-risk element associated with their
ability to be ready at the appropriate time. We were assured,
however, during hearings that Corrections has backup systems to
those electrified fences whereby if push came to shove they
would have 24/7 guards in the towers. So hopefully we can sleep
a little bit better knowing that.
Mr. Horn. Yeah. Interesting.
Mr. Ose. Supervisor Smith, the question I have is given the
nature of my district, seven of my eight counties are
effectively rural, what are the unique challenges that the
rural counties are facing? Have we been helpful? Has the State
been helpful and what can we do to assist solving those
problems that are unique?
Ms. Smith. Well, Congressman, as I had mentioned, we have
the Y2K Cookbook which the State did assist in; and going on
line, I believe, is very helpful with the smaller counties that
don't have the ability to hire the technology. In Siskiyou
County we're fortunate that we do have a technology staff, if
you will. Small, but they've been helping us with what our Y2K
task force has come forward with. I was surprised to see the
small amount of interface with the Federal level. So most of
our interface comes up at the State level. So we are working
with the State.
What our biggest challenge right now is I think we've gone
in internally and we've done our planning there, but I believe
what our biggest challenge is and what we're in the process of
doing is getting out to the public. We're going into the
smaller communities.
We're finding that we're getting calls on a daily basis
from the elderly community who are very concerned and
frightened, ``What if the electricity goes out?'' It's very,
very cold in Siskiyou County in January, and they are concerned
about heating and about telephones. So we're getting out to the
public. We're telling them what we've done. We're also advising
them to have--as I had mentioned in any emergency, to have
things on hand in case of an emergency: Warm blankets, extra
food, extra water, for at the most a 2- to 3-week period, but
we're saying 2 to 3 days as has been advised, I believe, by the
State and Federal Government.
I think that having some funding available which I believe
the State has some available, I'm not sure at the Federal
level, it's very helpful for some of the smaller counties. As
you know, the budgets are very restrictive in the smaller
counties and we don't have a lot of extra money, although
Siskiyou County has been in the process of replacing a lot of
our computer system and we have spent probably half a million
dollars doing that and we will probably be spending another
$100,000 between now and the end of year in replacing the
things that we have to. We are also are hoping we will be up
and ready to go by at least October because, as Mr. Cordiner
said, in October there is not a whole lot extra you can do at
that time.
Most of the counties--I was surprised and pleased to see
that most of the counties are addressing this issue. I think
that in the area--many of the areas that has not been addressed
are the very small areas such as the service districts and
small water companies and we're working very hard to work with
them. It would be nice if the State would help us with that and
the Federal Government, Because they just don't have the staff
to do it nor the money, and those are the areas that we're
concerned about.
Mr. Horn. If I might, Mr. Chairman, without objection, I'd
like to see the Merced document entered into the record in
full.
Mr. Ose. Without objection.
[The information referred to follows:]
[GRAPHIC] [TIFF OMITTED] T0954.063
[GRAPHIC] [TIFF OMITTED] T0954.064
[GRAPHIC] [TIFF OMITTED] T0954.065
[GRAPHIC] [TIFF OMITTED] T0954.066
[GRAPHIC] [TIFF OMITTED] T0954.067
[GRAPHIC] [TIFF OMITTED] T0954.068
[GRAPHIC] [TIFF OMITTED] T0954.069
[GRAPHIC] [TIFF OMITTED] T0954.070
[GRAPHIC] [TIFF OMITTED] T0954.071
[GRAPHIC] [TIFF OMITTED] T0954.072
[GRAPHIC] [TIFF OMITTED] T0954.073
[GRAPHIC] [TIFF OMITTED] T0954.074
[GRAPHIC] [TIFF OMITTED] T0954.075
[GRAPHIC] [TIFF OMITTED] T0954.076
[GRAPHIC] [TIFF OMITTED] T0954.077
[GRAPHIC] [TIFF OMITTED] T0954.078
[GRAPHIC] [TIFF OMITTED] T0954.079
[GRAPHIC] [TIFF OMITTED] T0954.080
[GRAPHIC] [TIFF OMITTED] T0954.081
[GRAPHIC] [TIFF OMITTED] T0954.082
[GRAPHIC] [TIFF OMITTED] T0954.083
[GRAPHIC] [TIFF OMITTED] T0954.084
[GRAPHIC] [TIFF OMITTED] T0954.085
[GRAPHIC] [TIFF OMITTED] T0954.086
[GRAPHIC] [TIFF OMITTED] T0954.087
[GRAPHIC] [TIFF OMITTED] T0954.088
[GRAPHIC] [TIFF OMITTED] T0954.089
[GRAPHIC] [TIFF OMITTED] T0954.090
Mr. Horn. I think it would be helpful for people in the
hearing.
Mr. Ose. In case anybody would like to see what that looks
like, it's the yellow book, actually pretty attractive. If you
can get a copy and pass it to your colleagues, that would be
great. But it will be entered into the record.
Ms. Smith. We do have a few extra copies available, and
it's also on the website--on the Merced website, the
www.ca.merced.--wait a minute.
Mr. Ose. www.co.merced.ca.us.
Ms. Smith. Thank you.
Mr. Ose. As far as the newest, largest city in the State,
that means Citrus Heights, is it just happenstance that brings
you to the fortuitous position you are, or are there things
you've done in particular that we could share with other
municipalities as far as an effort to be Y2K compliant?
Ms. Capriola. As I mentioned in my testimony, I think it is
the timing. We don't have old systems. We don't have legacy
systems that we're trying to create or bring up to date. In
some ways it's an enviable position that we're in. And I would
wish it upon everyone. But I think we've also learned from our
colleagues who have gone through the process that's been
articulated by State and Federal guidelines in terms of what we
should be trying to do in trying to work with those service
providers, Sacramento County and private firms that do provide
a great deal of services for us, to make sure that the service
delivery continues.
The one good thing, I think, that is coming out of year
2000 is that it's an opportunity for every organization to kind
of step back and review what their technology systems are and
it's kind of this crisis that's pushing us to get rid of some
systems that need to be moved on; but change is hard, as we
know, especially in large organizations. So I actually think
that out of every crisis, including this one, there are very
good things that are happening to our governments and to--so we
become more entrepreneurial with better services and systems
coming out at the end, though the process is painful and
expensive.
Mr. Ose. Do you have anything else to add, Mr. Chairman?
Mr. Horn. Well, you're absolutely correct, and we've raised
that question often in the hearings and a lot are doing exactly
what you're doing, and that's the right thing to do. You can
get rid of a lot of them or combine them or whatever, and this
is the chance to do it.
Mr. Ose. Well, I would like to express the appreciation of
Chairman Horn and myself for the testimony of the witnesses
this morning. I know some of you have come quite a distance. We
appreciate you participating. We're going to stay on this. One
thing I hear everybody talking about is the interrelationship
and the interdependencies between the Federal, State, and
local, you know. We're kind of in this together so we need to
keep working together.
So I again thank you.
With that, Mr. Chairman, I'd like to bring the second panel
down. Thanks for coming.
Second panel is--we're going to take a short break here,
but the second panel is Garth Hall with PG&E, Mike--is it
Petricca?
Mr. Latino. It's Tom Latino.
Mr. Ose. OK. It's Tom Latino with Pacific Bell, Roy Le
Naeve and Steve Ferguson accompanied by Carol Hopwood. These
will be largely utilities and service providers at the local
level. So having heard from the State and local government, now
we're into a new group.
Now I need to again swear everybody in.
[Witnesses sworn.]
Mr. Ose. Let the record show that the witnesses answered in
the affirmative.
So, again, what we'll do here is we'll take testimony from
the witnesses in total, and then come back with questions. We
do request you go to the podium provided.
And with that, Garth you're first. This is Garth Hall with
PG&E, the manager of their Y2K project.
STATEMENTS OF GARTH HALL, MANAGER OF Y2000 PROJECT, PACIFIC GAS
AND ELECTRIC CORP.; TOM LATINO, PUBLIC SAFETY DIRECTOR, PACIFIC
BELL, APPEARING FOR MIKE PETRICCA; ROY LE NAEVE, SENIOR PROJECT
MANAGER, Y2K READINESS PROGRAM, SACRAMENTO MUNICIPAL UTILITY
DISTRICT; STEVE FERGUSON, CHIEF OF INFORMATION TECHNOLOGY,
COUNTY OF SACRAMENTO, ACCOMPANIED BY CAROL HOPWOOD, EMERGENCY
MANAGEMENT, COUNTY OF SACRAMENTO
Mr. Hall. Mr. Chairman, members of the committee, I really
appreciate the opportunity on behalf of PG&E Corp. to talk to
you today. I represent the corporate program office across all
the lines of business nationwide. You know PG&E, the utility.
But the businesses nationwide, I assure you, have adopted and
followed the same standards across the board that we have
applied in utility, and I have been responsible in ensuring all
of those things. I know that is of interest to you because of
your national interest, but I will now focus up on the utility
because that is the scope of the California hearing today.
Our program, of course, covers all of the elements that
have traditionally been discussed and some of which you heard
of today: The inventory process, the analysis process, the
remediation, the fixing process, the testing, finally the
certification process, and then the very important contingency
planning process. All of those elements are very, very far
along across our corporation and in the utility as well.
In July, we were very pleased to report to the North
American Electric Reliability Council, which has received a
charter from the Department of Energy, that we--for all the
electric delivery systems in the utility--we are ready. So that
means that anything that has to do with delivery of power to
the consumers, we have assessed, we have fixed, we have tested,
and we have certified. That includes, also, the power
generation plants, the hydro and the fossil power plants that
we still own, understanding, of course, that we have sold many
lately. So all of those that we own in those domains are
included in that. So that should be of enormous relief to those
who have concerns about power, and we heard some of those
reflected today.
In addition to that, we are very, very far along in the
nuclear power area. We are down to less than 1 percent of items
still in testing in the gas supply area and in the nuclear
generation area at Diablo Canyon. There are very, very few,
fewer than a handful of things, left in testing and
certification of all those is expected in September. By
November 1st, the California Public Utilities Commission
requires us to file a written certification as to our state of
readiness across all of our departments and functions in the
utility. And we fully expect to file at that time that we are
ready across the board, that everything is tested, certified
and is ready.
Even though we are very confident about all of these
things, we have also taken contingency planning very seriously.
Every one of our mission-critical business partners, suppliers
and government agencies has a contingency plan developed by us.
In other words, for each one of those entities that we depend
on to a strong degree for our ongoing continuation of business,
we have already developed a contingency plan. Even when we are
fairly confident, as with Pac Bell and many of the others that
are represented today, that the service will be there and
reliable, we still have developed a contingency plan.
In addition to that--at a higher level--we have developed
business recovery plans that are really just continuations of
our standard business recovery planning. As everyone would
appreciate, we face storms, earthquakes, floods, during which
power outages and gas line interruptions can occur. Our
organization, having been trained and practiced in response to
those, is the same organization that would have to deal with
any type of high-level disaster whether driven by storms or Y2K
or anything. Even though the probability of those may be very,
very slight, we have drilled those internally twice in the
utility now, making sure that everybody understands what they
would have to do; and we have participated in one nationwide
drill in April, organized by the North American Electrical
Reliability Council, and we will do that again on September
9th.
We also recognize the importance of communicating our
readiness out to the community, have met with over 100 various
customer groups, including Hewlett Packard, Wells Fargo, Shell
Oil, the Woodland Chamber of Commerce, many city councils, many
county boards of supervisors, water agencies and trade groups.
We will continue to do that. We understand the importance of
communicating our readiness so people understand and have
advice on how they should prepare. That's going to be an
ongoing process for us.
With those remarks, I thank you again for the opportunity.
Mr. Ose. Thank you, Mr. Hall.
[The prepared statement of Mr. Hall follows:]
[GRAPHIC] [TIFF OMITTED] T0954.091
[GRAPHIC] [TIFF OMITTED] T0954.092
[GRAPHIC] [TIFF OMITTED] T0954.093
[GRAPHIC] [TIFF OMITTED] T0954.094
[GRAPHIC] [TIFF OMITTED] T0954.095
[GRAPHIC] [TIFF OMITTED] T0954.096
[GRAPHIC] [TIFF OMITTED] T0954.097
[GRAPHIC] [TIFF OMITTED] T0954.098
[GRAPHIC] [TIFF OMITTED] T0954.099
[GRAPHIC] [TIFF OMITTED] T0954.100
[GRAPHIC] [TIFF OMITTED] T0954.101
[GRAPHIC] [TIFF OMITTED] T0954.102
[GRAPHIC] [TIFF OMITTED] T0954.103
[GRAPHIC] [TIFF OMITTED] T0954.104
[GRAPHIC] [TIFF OMITTED] T0954.105
[GRAPHIC] [TIFF OMITTED] T0954.106
[GRAPHIC] [TIFF OMITTED] T0954.107
[GRAPHIC] [TIFF OMITTED] T0954.108
[GRAPHIC] [TIFF OMITTED] T0954.109
[GRAPHIC] [TIFF OMITTED] T0954.110
[GRAPHIC] [TIFF OMITTED] T0954.111
[GRAPHIC] [TIFF OMITTED] T0954.112
[GRAPHIC] [TIFF OMITTED] T0954.113
[GRAPHIC] [TIFF OMITTED] T0954.114
[GRAPHIC] [TIFF OMITTED] T0954.115
Mr. Ose. Mr. Latino.
Mr. Latino. Good morning. My name is Tom Latino and I am
director of the Public Safety Organization for Pacific Bell. I
appreciate the opportunity to update you on SBC's readiness for
the year 2000, and I'm happy to say that we have some great
news to share. The bottom line is that when you pick up the
phone on January 1st of the year 2000, our network will be
ready to serve you just as it always has and so will the
wireless, data, Internet, and other services which we provide.
We spent nearly 4 years preparing for this issue. As of
June 30th virtually all necessary upgrades have been completed.
A very few upgrades are scheduled to be completed by September.
As we wrap up these upgrades, we will continue to focus on
testing and finalizing our business continuity plans. All of
our services will be tested and retested in simulated year 2000
environments prior to January 1st.
Our testing efforts also go well beyond our own network.
SBC is working with the Alliance for Telecommunications
Industry Solutions to test our services in conjunction with
other communications companies and other industries. As a
matter of fact, ATIS recently announced the successful
completion of a Y2K test involving communication networks
serving the credit card and financial industries. SBC and other
communication carriers had no difficulty in transmitting
financial data in a simulated Y2K environment. We have also
worked closely with Telco Year 2000 Forum, which in December
completed tests showing that local networks are prepared to
provide uninterrupted service.
This internal and third-party testing provides further
evidence that Y2K will be a nonevent for our customers. And
while we strongly believe that that will be the case, we also
recognize that factors outside of our control could potentially
impact our services. To further ensure continuous quality
service, SBC is enhancing its business continuity plans to
prepare for Y2K contingencies. These plans are an extension of
Southwestern Bell's existing procedures for providing service
in the event of an emergency or natural disaster.
As part of these business continuity plans, SBC will
increase staffing at customer support in business centers
during peak periods leading up to and including the New Year's
holiday weekend. We also are establishing command centers
throughout our service territory to ensure a smooth transition
to the new year. As you can tell, Y2K readiness has been a very
big job. All told SBC has spent $200 million to prepare for
Y2K. SBC's Y2K project management team is led by an officer of
the company, and each of our major business units have
dedicated Y2K coordinators responsible for managing year 2000
issues within their organization.
To keep our customers up to date on our progress, SBC's Y2K
team maintains a comprehensive website with the latest
information available. Anyone looking for detailed information
on our Y2K readiness can access the Preparing for the
Millennium Section of SBC's website at www.sbc.com. The site
includes a selection that allows you to check on the readiness
of the central office switch that serves your community. You
can also register at the website to receive a copy of SBC's
final readiness report.
Thank you again for the opportunity to provide this update.
Mr. Ose. Thank you, Mr. Latino.
[The prepared statement of Mr. Petricca follows:]
[GRAPHIC] [TIFF OMITTED] T0954.116
[GRAPHIC] [TIFF OMITTED] T0954.117
Mr. Ose. Next Mr. Le Naeve. He's the senior project manager
for the Y2K readiness program at Sacramento Municipal Utility
District.
Mr. Le Naeve. Good morning, Mr. Chairman, members of the
committee. I am Roy Le Naeve, the senior project manager for
the Sacramento Municipal Utility District's Y2K program. I
thank you for the invitation to speak here today.
Sacramento Municipal Utility District, commonly referred to
as SMUD, is a community-owned utility that services
approximately a half million customers. We are the second
largest community-owned utility in California and the fifth
largest nationally. SMUD has 11 generating facilities with a
maximum generating capacity of 1140 megawatts. Our purchase
requirements ranges from zero to 1500 megawatts with largest
purchases generally occurring during the summer months.
Our customer base includes some very influential entities
such as the county seat, the Sacramento County, a major State
prison in Folsom--Mr. Horn referred to prisons earlier--the
California Independent System Operator located headquarters and
their control center in Folsom, the Western Area Power
Authority, also headquartered in Folsom, the Office of
Emergency Services for the entire State of California, and the
residing body and support locations for the State of
California.
We clearly recognize and strive to meet our serious
responsibility to provide a high quality of dependable and
reliable power to our customers. At the outset of the Y2K
project, SMUD recognized and respected the public's concern. We
also understood that in spite of any eventual successes of
overcoming the threat of Y2K problems, if those successes were
not credibly presented to the public, a sense of personal
concern would continue.
Consequently, as our project was put together, the task of
communicating openly and frequently to our customers and the
public at large was placed very high in our project plan. This
has been achieved through a variety of processes such as news
events, community forums, special media presentations, key
account presentations, bill inserts, and the SMUD website. We
believe the word is getting out.
Over the last 6 months we have seen a noticeable drop in
what was previously widespread Y2K anxiety as SMUD is receiving
less and less requests for Y2K information. We formalized our
Y2K project in the late part of 1997 by inventorying all the
items in the district that may be subject to Y2K anomalies, or
the bug as you've heard of them. At the end of the inventory we
placed each item in two major categories: mission critical and
nonmission critical.
To date, we placed and prioritized more than 1,500 items
onto the Y2K vulnerable list. Each of SMUD's inventory items
have received reviews, evaluations, and in the case of mission
critical items, serious testing. As of this date there are 35
items remaining on the list for disposition and currently
undergoing remediation. SMUD has plans to remediate or replace
all the outstanding items by October 1st, 1999. SMUD's Y2K
efforts have enabled it to declare all of its 11 generating
facilities Y2K compliant.
The year 2000 compliance for SMUD means that all mission
critical systems have been tested for proper operation through
the 1999 year and into the year 2000 timeframe. Further, where
remediation actions were required, appropriate actions were
taken. The systems were retested and no reasons are known to us
that would preclude the system from performing into the year
2000.
To date, all the generation and distribution systems have
undergone vigorous test requirements and they have been
declared Y2K ready with minor exceptions by the North American
Reliability Council. The exceptions deal with nongenerating
requirements. For example, affluent meters are very important
to us but are not important for the sake of producing
electricity. As a point of interest, the meters in question had
been made compliant and will be installed in our system prior
to October 1999. Our Y2K project has received the highest
possible organizational oversight from executive management.
As the Y2K project manager, I report on a weekly basis to
an executive sponsor. On a monthly basis I brief and receive
guidance from the entire SMUD executive team. Additionally, I
brief and receive policy direction from our entire board of
directors on a monthly basis. This practice is scheduled to
continue well into the year 2000.
As Americans we enjoy the best and most reliable electric
service in the world. While each utility plays its respective
role, the high service reliability is achieved because of a
network of utilities that have joined together to work
together. The North American Electric Reliability Council
promotes the reliability of the electric supply for North
America and it oversees our Y2K activities.
Over the past months we have worked with NRC and the
utilities to be ready to respond. In April we exercised all of
our national and local communications capabilities to ensure
that we could talk to each other under degraded communications
capabilities. The next national exercise is scheduled for
September 9th. The exercise is scripted to be a dress rehearsal
for the night of rollover. We anticipate that much will be
learned concerning our posturing activities in preparation for
the new year.
In summary, SMUD offers no guarantee. We do a test. We have
searched, evaluated, tested, reevaluated every vulnerable item
known to us, and we're unaware of anything that would keep the
lights from burning as bright on the night of rollover as they
do today. Thank you.
Mr. Ose. Thank you, Mr. Le Naeve.
[The prepared statement of Mr. Le Naeve follows:]
[GRAPHIC] [TIFF OMITTED] T0954.118
[GRAPHIC] [TIFF OMITTED] T0954.119
[GRAPHIC] [TIFF OMITTED] T0954.120
[GRAPHIC] [TIFF OMITTED] T0954.121
Mr. Ose. Mr. Ferguson from the city of Sacramento.
Mr. Ferguson. Thank you very much. My name is Steve
Ferguson. I'm CIO information officer for the county of
Sacramento.
Mr. Ose. Excuse me.
Mr. Ferguson. On behalf of the county Board of Supervisors,
I wish to welcome your committee and all of the witnesses today
to our community.
On the Y2K issue, the county began addressing its Y2K
issues back in 1995. In 1995 we formed a Y2K steering committee
consisting of county executives and key business players. We
began a formal assessment of our status risks and remediation
alternatives at that time. Our Board of Supervisors has taken a
very strong interest in this issue. They have made it clear to
us that they expect to be informed on how the county is doing.
In response to that, our first comprehensive assessment report
was made to our Board of Supervisors in June 1998.
Subsequently, we have updated the information of that report in
February and the first part of this month. The Board has asked
we give them a final readiness report in December 1999.
I thought I would take a few minutes to review a few of the
key points that we've given to our Board that were identified
in that report. The county of Sacramento plans to spend over
$60 million in remediation of Y2K. While that may not be
impressive at the Federal level or State level, it certainly
represents a sizable investment for this community. There have
been some big benefits out of that. No. 1 is we have used that
investment. We have leveraged that investment to provide a
technological foundation for the county's future. This
foundation will help us provide better and more efficient
community services in the future.
For example, we've upgraded our networks that will allow us
to engage in e-commerce. We have upgraded our applications that
will allow us to more interactively interact with our citizens
in foreign e-government, and the IT work forces have had the
opportunity to learn new skills.
The county is planning for a number of Y2K-related
activities. We've been discussing some of the business
continuity issues. We're also aware as provider of local
services to a large community that we have public safety issues
that have to be dealt with as well. We are planning the
operation of a joint emergency operation center with the city
of Sacramento over the millennium change, and we are planning
numerous table-top exercises to prepare for what we expect to
be a high level of activity due to celebrations around Y2K. We
also realize we have a responsibility to communicate readiness
to our citizens and our county public information officer has
been very active in preparing a countywide public information
campaign.
We've shared with our Board a number of concerns about our
readiness in Y2K. I thought I'd just summarize those quickly
for you. The first area of concern is the Family Support Bureau
of child support issues. A recent failure in the State project
has put the county at risk. We do not have time to remediate
legacy systems in that area. However, plans are under way to
implement a system, one of the four consortiums that was
mentioned by your earlier testimony in the child support area,
and that's planned to go live in November of this year.
Embedded chips, as others have mentioned, have been a major
concern. The county operates numerous facilities from clinics
to crime labs to jails and the airport, and we have been making
major inroads in the testing and remediation of those types of
issues. We believe most of that has been corrected and it will
be operational through the millennium.
In the public safety arena, we've identified Y2K problems
in our criminal justice systems. Pleased to report that just
last month the Y2K readiness system went on line. The Sheriff's
Department has identified Y2K problems with their computer-
aided dispatch. They are now in the process of contingency
planning should that system fail.
These problems, as I mentioned, are being addressed and we
will continue to keep our Board informed on progress. A final
area of concern that other members--other witnesses today have
touched upon is the area of State interfaces. The county of
Sacramento relies heavily on communication with the State of
California. Myself and other CIOs throughout the State have
expressed concerns repeatedly over the last few years about
this, and I want to express my appreciation to Mr. Cortez, who
has taken our concerns to heart and the State has renewed its
focus in assisting counties in testing and working on those
interfaces.
Again, thank you very much for the opportunity to testify
today on behalf of Sacramento County, and we hope that your
visit to the area is enjoyable.
Mr. Ose. Thank you, Mr. Ferguson.
[The prepared statements of Mr. Ferguson and Ms. Hopwood
follow:]
[GRAPHIC] [TIFF OMITTED] T0954.122
[GRAPHIC] [TIFF OMITTED] T0954.123
[GRAPHIC] [TIFF OMITTED] T0954.124
[GRAPHIC] [TIFF OMITTED] T0954.125
[GRAPHIC] [TIFF OMITTED] T0954.126
[GRAPHIC] [TIFF OMITTED] T0954.127
Mr. Ose. Mr. Chairman, would you like to proceed?
Mr. Horn. Wonder if Mr. Willemssen could join us at the
table. He's our all-around expert in Washington for the General
Accounting Office. It's part of the legislative branch.
Mr. Ose. Without objection.
Mr. Horn. We always like to hear what he says. He's been to
I don't know how many States now, but if he's putting pins on
them, I think he will hit about 50.
Mr. Le Naeve. Does he have easy questions?
Mr. Willemssen. Sometimes.
Mr. Ose. It's the answer we're after, Mr. Le Naeve.
Mr. Horn. Go ahead. What's your reaction now? You've heard
the whole second panel, you've heard the first panel.
Mr. Willemssen. I thought you might want to followup on a
couple of things that Mr. Hall and Mr. Le Naeve pointed out
just to confirm the August 3rd, 1999 report of the North
American Electrical Reliability Council does identify Pacific
Gas & Electric as Y2K ready and does identify Sacramento
Municipal Utility District as ready with limited exceptions, as
was testified to. The report also notes 84 percent of the Y2K
programs of all these bulk electrical suppliers have been
audited and reviewed, some of them by internal auditors, some
by external reviewers. It does not identify which ones have had
those kind of reviews. You may find it useful to ask the
witnesses today if they've had independent verification and
validation reviews and if those reviews are--the reports of
those reviews are publicly available.
Mr. Horn. That's a good question. I also would wonder, on
that report by the council, is there any difference in terms of
the state of analysis and surety between the nuclear and
nonnuclear reactors.
Mr. Willemssen. There is a distinction made, and I believe
the latest data on nuclear facilities indicates that there are
approximately 35 such facilities that still have some
exceptions that are being aggressively dealt with.
Mr. Horn. Because you know the Nuclear Regulatory
Commission has told us they were going to do a 10 percent
audit. We objected and said, ``Why don't you do 100 percent?''
And they objected, and said, ``You don't understand what we're
doing.'' And I said, ``Fine. Put it in writing.'' I don't think
I've still heard from them in writing. It helps hone the mind
when you get them to put it down on paper, but I was curious
what's happening in that area.
You heard the question. I just wondered if you have any
thoughts in response to Mr. Willemssen's point.
Mr. Hall. Let me speak for PG&E. On the August 3rd report
by the North American Electrical Reliability they were correct,
in referring to PG&E, that they reflected our report to them
that our electric delivery systems were totally ready. In other
words, our systems are tested and certified.
The question about Diablo Canyon, which is our nuclear
power plant, I'll just focus on that. That's 1 of the 35 that
were reported to the Nuclear Regulatory Commission as having
limited exceptions. It has one, and that will be in place and
certified by September. The NRC, of course, is watching things
very closely, and we are very diligently working with them. In
terms of audits, the NRC, in terms of the contingency planning
arena, selected six plants nationwide, to my best knowledge,
one of which happened to be Diablo Canyon. Diablo Canyon was
audited by the NRC very exhaustively in terms of its readiness
for handling emergencies in terms of contingency plans, and we
have the report on that. That was very favorable. To my best
knowledge, it's available to the public at the NRC's website.
It's a publicly available document.
If I missed anything, please followup.
Mr. Horn. Anyone else like to comment on Mr. Willemssen's
question?
Mr. Le Naeve. I would just comment about the auditing of
our project. Our auditing department works specifically and
directly for the general manager which bypasses about 10 levels
of the bureaucracy, if you will. There are three full-time
auditors that I call them the truth sayers. They don't work for
me, which means that they make me tell the truth. Two of them
are SMUD employees, and the other is an outside auditor. In
terms of being ready with exceptions, the rules are always a
little sticky. Our plants, as I have testified, are very
capable tonight to generate everything that it's supposed to
generate. The meters, they're affluent monitoring meters that
we need that data in order to report the types of pollutants
that are going into the air and they meet with Federal
standards and State standards but they have nothing to do with
the generation capability.
Mr. Horn. Any other thoughts, comments, anything else from
the General Accounting Office?
Mr. Willemssen. I felt one thing that you have asked at
prior hearings and especially in terms of counties is when they
had actually started their Y2K efforts. The year that the
county started in 1995 is generally much earlier than what
we've heard in other jurisdictions throughout the country, so I
think that's worth noting.
I also think it's worth noting what the county mentioned in
terms of its plans for additional table-top contingency plan
exercises, no matter what good of shape they are in because so
much is outside of their control, I think that is a worthwhile
effort to pursue.
Mr. Horn. I guess I'd ask this panel, what is the sort of
continuity and fallback plan that you have? For example, the
Federal Government when we ask them, ``Where were your
contingency plans?'' And most of them said, ``Oh, we're
depending on the U.S. Postal Service.'' So we held a hearing
with the United States Postal Service, and it turned out they
didn't have a contingency plan. So if something is falling
through the cracks, how do we solve that problem with the
utilities?
Mr. Hall. Did you want to go first?
Mr. Le Naeve. In our case we are mandated by NRC. If not
just a prudent action, we have contingency plans that takes
into account our worst-case scenario as well as our worst-
probable scenario and those contingency plans basically means
we operate our system manually and we exercise accordingly. But
to my knowledge, we have a contingency plan for just about any
eventuality, not the least of which is Y2K. In the case of Y2K,
we certainly don't expect any structural damage, which is what
we typically have during storms. So I believe, speaking
certainly for SMUD, we have contingency plans in place and we
exercise them.
Mr. Hall. As far as PG&E, in addition to the remarks I made
during my testimony about that, over the New Year weekend for a
period of 4 days solid, we will be activating to the highest
level of preparedness our emergency operation centers, which
really places additional staff operating people in the field
and at all key places and at the central location. Even though
we don't expect anything to happen, we want to make sure
everybody is prepared and ready, and the preparedness of those
people goes very deep in terms of the activities they would
have to undertake.
It also does include, by the way, invitations and close
links with OES, Office of Emergency Services, directors from
the counties and from the State who are tied into our
distribution emergency centers. And so are the police force and
fire station links. That's where the linkage occurs. So the
good part of this is for emergencies unrelated to Y2K, those
practices and infrastructures and procedures are in place.
What we're doing with Y2K is just bringing them up to a
level where everybody is there, ready, in case anything
happens, which we do not expect.
Mr. Horn. Well, it's like Jeopardy. You answered the
question before I asked it. I'm curious because in some States
we find there's a lack of frequencies where they can
communicate. There is just overload, and we had that in L.A.
County about 10 years ago where none of the police departments
could talk to the Sheriff's office or anything else. And
they've remedied that. They needed some more frequencies. So I
take it it's not a problem for you, where you operate. You have
what, two-thirds of California, at least?
Mr. Hall. Approximately so. Frequencies--apart from
depending on Pac Bell, we have our own internal telephone
network which covers the entire area independently. We also are
relying on radio, and we also will be having satellite
telephones as backup in a few key locations if everything else
fails, including Pac Bell, which we do not expect.
Mr. Latino. Mr. Congressman, Pacific Bell certainly will be
ready. Business continuity plans are in place. They have been
socialized with the appropriate support personnel and those
systems that require those plans will, in fact, be fully
staffed. We will have plans to activate our command centers as
well as our network operation centers. Once again, they will be
fully operational as well as fully staffed.
Additionally, specifically as it concerns public safety, we
will have knowledgeable personnel in the field at key public
safety sites in order to assist in any identification,
isolation and resolution of trouble. Moreover, we will have
established a command center for our 911 infrastructure itself.
Additionally, we have worked extensively with our 364
public safety answering sites in order to ensure they take
steps to have contingency plans in place such as alternate
answer. And last, we have worked closely with our directory
assistance in the event, the unlikely event, of a 911 failure
where seven-digit emergency numbers could be communicated to
the public.
Mr. Horn. Interesting.
Mr. Le Naeve. I'd just like to say we are in exactly the
same situation. We typically have 2,500 employees. That night
20 percent of those folks will be up and running and in their
office and in their locations both in our emergency center as
well as our energy management center as well as manning our key
bulk substations, which are things we typically would not do
just in the eventuality that something happens.
Mr. Horn. Does SMUD have the natural gas as one of its
products?
Mr. Le Naeve. We are a purchaser. We don't produce any--
matter of fact, Mr. Hall's company produces and issues most of
our gas. We don't deliver gas to anybody.
Mr. Horn. Reason I ask that, in Eastern Europe and Central
Europe we have a major natural gas problem where most of that
is supplied by the Russians and through either pipeline or
ship; and this is, of course, January, and it could be if that
can't get through that or is utilized or leakage or whatever,
you would have most of Eastern and Central Europe freezing
pretty badly. Because if it was a Y2K affair that triggered
something--and we know that there are microchips involved in
the refinery and in the ships that haul that's under
compression and so forth. So we don't have that problem here?
Mr. Le Naeve. Not at SMUD.
Mr. Horn. OK.
Mr. Ferguson. If I could comment on the county's
preparedness contingency planning. Like any other local
government in California, we have considerable experience
responding to natural disasters. With one exception, the county
is preparing for Y2K similarly to prepare for any other
disasters that's also our flood season here. So we're prepared,
the exception being that, and we've discussed this at great
length, many times, the response of natural disaster depends
upon mutual aid between governmental jurisdictions. We realize
at this point that this problem could be very widespread. So
we're not counting on mutual aid in our preparations.
Mr. Ose. If I may inquire, Mr. Ferguson, as it relates to
the airport, December 31st is typically a pretty heavy travel
day. As it relates to the airport operations, what, if
anything, has the county--how has the county interfaced or
interacted with FAA or operations at the airport to ensure that
an unlikely contingency can be handled out there, that being
the system goes down for either an unfortunate lack of power or
an imbedded chip failure or something of that nature?
Mr. Ferguson. Well, the rest of the--fall into three
categories. Businesses, which I briefly addressed in my
responses, to the extent they need to get bills paid and
payroll out.
Second area is in the imbedded chip area. These are systems
that run the airport, everything from the parking tickets
dispensing system and fuel dispensing, et cetera. We assisted
the airport. They've done a very good job in evaluating those
imbedded chips and we have a program under way.
Third area of risk, we call this retractable kinds of risk.
To the extent that the airport depends on the Federal Aviation
Administration to control traffic, we have no opportunity to
deal with that. It's just something we depend on someone else
to provide as well as with the airlines. They have their own
major business systems that run their reservations ticketing
operations. And we are relying on them, as we are at the FAA,
to deal with their Y2K risks. All reports we have at this time
is that they are making good progress.
Mr. Ose. You're confident about the county success rate of
progress to date on the systems that they have authority over
or responsibility for?
Mr. Ferguson. I would say the county is--it's at the 90
percent rate in terms of remediation across the board at this
point.
Mr. Ose. Are you going to be at 100 percent come the first
of the year? That's the question.
Mr. Ferguson. Probably 99.99 percent. There are obviously
going to be a few areas we miss, a small computer in a remote
office, but we don't expect that to have any impact on our
business operations.
Mr. Ose. I want to visit on one other aspect of this. SMUD
has a website?
Mr. Le Naeve. I'm sorry, sir?
Mr. Ose. Does SMUD have a website?
Mr. Le Naeve. We do.
Mr. Ose. OK. And Pacific Bell has a website?
Mr. Latino. Yes, sir.
Mr. Ose. And PG&E has a website?
Mr. Hall. Indeed, we do.
Mr. Ose. And I'm curious whether or not on any of those
websites, in the unlikely event of a failure wherever, your
subscribers, your ratepayers, or your service recipients could
access those websites for contingency alternatives?
Mr. Le Naeve. In our case, Congressman, that whole website
issue is being discussed as it is and will continue to be right
up to the night of rollover. We're getting several reports from
the FBI and a few other places of criticality of people coming
in and getting into our system and attempting to bug it, if you
will. And getting into our system of direct path is through our
website. We are toiling--emphasize the decision has not been
made--but we're toiling with the possibility of shutting that
website down for a few hours before and a few hours after the
actual rollover.
Now, should the disaster happen that we've all heard about,
clearly we would expect to communicate either through the
National Emergency Broadcast System or some other means to get
the word out as to what we're going to be doing. We will be in
constant contact with the county. They will be in contact with
us, and we would look to the county and to the State to assist
us in getting out whatever word we need to. But to tell this
committee that we are going to guarantee that they can access
our website, I'm unable to do that.
Mr. Ose. I'm more interested in, say, between now and 11:59
on December 31st, posting information on the website in your
respective organizations in the event of X----
Mr. Le Naeve. We do that, yes, sir.
Mr. Ose. Pacific Bell do that and PG&E?
Mr. Hall. We have some guidelines and questions--typical
key questions and answers that have been asked--for public
information, but it is an idea that I want to take back with me
and pursue a little more. I think there is some more merit in
that idea that we haven't pursued all the way. I think
especially approaching the year end timeframe there may be a
subset of our customers that might choose to look first there.
So I'm going to take that back and take a closer look at the
opportunities for that.
Mr. Ose. It would seem to me even if the websites--in order
to shut off access from someone trying to hack, even if the
websites are shut down at least between now and then, people
can print out or pull down off the web these very suggestions
and print them out and keep them readily available.
Mr. Le Naeve. We do that, Congressman, even to the point of
the use of portable generators, which is a big fear that the
average person would attempt to use a portable generator and
without some basic knowledge and understanding all they do is
get into a self-destruct mode. So we use our website to get
that type of information out as well and to caution them for
the proper usage as well as the most common asked questions.
There's a shred out to our website that is Y2K specific and we
update that at a minimum on a monthly base.
Mr. Ose. As a representative from a rural area, you can
understand my concern. Many of my people have livestock that
require regular water and regular feed.
Mr. Le Naeve. Sure.
Mr. Ferguson. If I may just briefly comment on the county's
website efforts. We, too, have a website. However, we are aware
that we serve all the constituents of Sacramento County, many
of which may not have access in their homes to Internet
technology. So our program is multifaceted and involves a
public information campaign, town hall meetings, and actual
written material that we're mailing out in our utility bills to
try and get exposure to the broadest level of our constituency.
Mr. Ose. Now, there's a date coming up in September,
September 9, 1999, which I'm familiar with, but would anybody
care to briefly explain what that date comprises? It's a
virtual equivalent in some instances to the December 31, 1999
rollover.
Mr. Ferguson. I think that's something that's been
overexaggerated a little bit. Commonly in the old days
programmers used a collection of nines perhaps to represent the
end of a file or some other condition. Fortunately, I think
most computers would represent that date as September 9, 1999.
So it's unlikely it will cause some of the predicted failures
that people have talked about. But in all of our remediation
efforts of our legacy systems, we have examined that as well as
other Y2K-related issues. There's a date coming up in February
2000 which would be the first leap year date after the change
of the millennium, making sure that is corrected as well.
Mr. Ose. Some of you have actual tests going to transpire
on the 9th of September?
Mr. Latino. Pacific Bell, Congressman, is continually
ongoing in their testing requirements. Specifically in relation
to September 9, 1999, we have prepared a separate business
continuity plan for that day where we will have people staffed
at our critical systems, and I'm addressing specifically our
911 system. And we have a scheduled list task to be performed
in order that the right metrics can be evaluated to ensure that
processing is going as expected.
Mr. Le Naeve. In our case, the reason NRC decided to play
the national exercise on September 9th was precisely for that
reason. That puts all the required forces in the utilities in
the right place in the eventuality that something did happen.
Mr. Horn. Mr. Latino, it's good to hear that Pacific Bell's
911 lines will operate. Isn't there a problem here with the
people that are taking those calls? Most of them are either law
enforcement or established by city managers, however, and how
vulnerable does that make--you might have a good capability,
but what's the human element here?
Mr. Latino. Certainly the human element here is to make
sure that there is not miscommunication, and toward that end,
we have really launched an extensive effort in 1999 to
communicate with our public safety partners. We've done this
through numerous letters indicating the status of their
equipment that we, in fact, provide and the need for them to
check with other systems that we do not have responsibility
for. We have participated in over one dozen forums, both with
the public as well as with public safety personnel. We have
sent out bill notices and inserts to further communicate the
status of the 911 infrastructure concerning Y2K. And just as we
said, we have distributed this to every public safety agency in
the State that we supply which is, once again, our cookbook on
how prepared we are for Y2K with 911.
Mr. Horn. If you could submit that for the record, maybe we
can get a lot of it in the hearing.
Mr. Latino. Yes, sir.
Mr. Ose. Without objection.
[Note.--The publication prepared by Pacific Bell entitled,
``Pacific Bell Public Safety Solutions'' is retained in the
files of the subcommittee.]
Mr. Ose. Now, before I go on with my other questions, I
want to get the website addresses each of you have in the
record. It's www.smud.com and www.sbc.com?
Mr. Latino. Yes, Mr. Congressman.
Mr. Ose. www.pge.com.
Mr. Hall. Right. And I just emphasize that's ``pge''
without the ``&.''
Mr. Ose. Right. Just the letters, no ampersand.
Mr. Le Naeve. Sorry, sir. You said SMUD dot--ours is org,
o-r-g.
Mr. Ose. www.smud.org in your case?
Mr. Le Naeve. Yes.
Mr. Ferguson. And the county's website is
www.co.sacramento.ca.us.
Mr. Ose. Sacramento all the way out.
Mr. Ferguson. Spelled.
Mr. Ose. All 10 letters.
Mr. Ferguson. It's a mouthful.
Mr. Ose. Couple of other questions, if I might. I know PG&E
receives some gas from foreign sources, that being Canada, and
Pacific Bell is going to receive calls from overseas
presumably, and SMUD perhaps by wheeling may receive energy
from Canada, either through WOP or otherwise. Are there
challenges each of you face in interacting with companies that
might not be Y2K compliant and how are you dealing with those?
Mr. Hall. You mentioned PG&E first so I'll respond first--
and we also include gas from Texas.
Mr. Ose. That's a foreign country, too.
Mr. Hall. That's a foreign country to us, indeed. But to be
frank, initially the Canadian utilities were not under the same
freedoms or onuses to reveal the status of their programs as
their U.S. counterparts were, and so we initially had
difficulty obtaining valid information as to where they were
going and where they were.
That has changed. And we have derived--and our affiliates
who actually transport the gas from the Northwest have
derived--very good information and have participated in several
face-to-face meetings where a substantial amount of readiness
information has been shared--to the point where we are very
comfortable that they have taken it seriously. They'll be
ready.
So I think at this point we see both from the Texas side
and from the Canadian side that we do not see any issues there
that we can identify right now.
Mr. Latino. Congressman, if I may add, our corporate
headquarters is in Texas. So we have a very good relationship
with that particular foreign country. And certainly we are
testing internally. There are two key forums from the
telecommunications perspective we have worked closely with. The
first one is Telco forum, which consists of 21 suppliers, and
that forum interactively with those suppliers tested 82
different telecommunication elements. And those elements were
chosen as a result of them being representative across Northern
America.
When you start looking from an overseas perspective and
long distance calls completing, the other organization which we
conducted testing with is known as ATIS, the Alliance for
Telecommunications Industry Solutions. Those testing has been
done and the results have, in fact, been successful.
Mr. Le Naeve. In our case, most, if not all, the power we
purchase comes from the organization, from the Western States
Coordinating Council or those agencies that are members, and,
as Mr. Hall says, we're now encouraged that Canada is on board.
And speaking for SMUD, we believe they are at least as well off
in being prepared as we are. And I'm even more encouraged after
today because the bulk of the power we buy, we get it from
PG&E. So I'm satisfied.
Mr. Ose. How about at the airport? I know we have--we have
a single carrier coming into the airport from foreign--Canadian
Air, can they fly into Sacramento airport?
Mr. Ferguson. Personally, I'm not familiar with all the
carriers out at the airport. I did want to mention one other
public--quasi-public utility. Sacramento County and the Office
Communication Information Technology operates Sacramento
Regional Radio System, which supplies public safety radio
services to all the agencies in the region. We operate a system
that contains about 8,000 portable and mobile radios and
supplies communication services to the sheriff, the police
department, utilities, the fire districts. That system has been
tested and is Y2K compliant.
Mr. Ose. Well, gentlemen, I want to say that I appreciate
you coming down here. What I hear you saying is the systems are
going to be ready, and I can tell you as a representative of a
large agricultural area and numerous urban areas, you give me a
great deal of comfort in that respect. I'm going to hold you
accountable.
Mr. Chairman, anything else?
Mr. Horn. No, that's it. That was asked.
Mr. Ose. I got this covered. Let's go ahead and release
this panel. Again, our appreciation and bring the third panel
down.
So we need to have Kathleen Tschogl, Alan Rabkin, Guy
Koppel and Holly Delaney.
I saw Kathleen walk out the back of the room. Better get in
here, we're waiting on you.
Mr. Willemssen, you might want to just sit up here because
you'll probably have to move back up here eventually.
As we have with other panels, I would like to swear you in
as we do with every other congressional testimony, so if you'll
rise.
Do you solemnly swear that the testimony you will give
before this subcommittee will be the truth, the whole truth,
and nothing but the truth?
Let the record show the witnesses answered in the
affirmative.
[Witnesses sworn.]
Mr. Ose. We're going to start with Kathleen Tschogl from
Raley's. She's the manager of governmental and regulatory
affairs with Raley's Supermarkets. Please go to the podium to
present your testimony.
STATEMENTS OF KATHLEEN TSCHOGL, MANAGER, GOVERNMENTAL AND
REGULATORY AFFAIRS, RALEY'S SUPERMARKETS; ALAN RABKIN, GENERAL
COUNSEL, SENIOR VICE PRESIDENT, SIERRA WEST BANK, ON BEHALF OF
THE CALIFORNIA BANKERS ASSOCIATION; GUY KOPPEL, CHIEF
INFORMATION OFFICER, U.C. DAVIS MEDICAL CENTER; AND HOLLY
DELANEY, YEAR 2000 PROGRAM, MERCY HEALTH-CARE SACRAMENTO
Ms. Tschogl. I didn't bring any pictures because they say
that a picture is worth 1,000 words. So I just brought 1,000
words. I hope that's OK.
Mr. Ose. We have a picture here.
Ms. Tschogl. OK. On behalf of Raley's Supermarkets, I'd
like to thank you for the opportunity to speak before you today
about the issue of Y2K and the food industry. With the year
2000 only a few months away, resolving this problem is an
urgent necessity. It's been estimated that the average major
food company will spend $27 million to become Y2K compliant,
combining to an industry total of $1.8 billion. You will be
relieved to know the Grocery Manufacturers of America reports
that 95 percent of its members have already completed and
tested their Y2K upgrades. The overwhelming amount of time and
money invested leaves us confident that the food industry will
be well prepared for the year 2000.
At Raley's we began upgrades in 1997 by analyzing and
testing our current systems, including telecommunications,
internal software, and point of sale hardware. These upgraded
systems have been operating successfully since June 30th of
this year. An area of great concern to our customers is the
electronic funds transfer, the EFT network. Debit and credit
card terminals at cash registers are run by computers, and many
people fear they will be either unable to use their ATM cards
or that inaccurate transactions will take place. To solve this
problem, Raley's and other supermarkets have completed
certifications with their EFT network providers on Y2K
readiness.
Perhaps even more important than attending to one's own Y2K
problems is making sure others are taking care of theirs. In an
industry so heavily reliant upon a network of suppliers,
manufacturers, shippers and retailers, it is essential that
every link in the supply chain be strong enough to handle the
new millennium. We're working closely with vendors and
suppliers on their Y2K compliance efforts. We keep a list of
all outside companies who may possibly affect our Y2K readiness
and receive regular updates on their efforts.
The great amount of media hype surrounding Y2K have
customers worried that food shortages will occur and that their
supermarket's shelves will be empty. The food industry has been
hard at work since 1997 to make sure that this does not happen.
We would like to remind the public that grocery stores are
well accustomed to dealing with natural disasters, storms and
holiday rushes. We are no strangers to providing goods and
services during the harshest conditions. We are completely
capable of ordering and receiving additional supplies as
necessary. No change in supplies expected. We urge customers
not to stockpile any more water or food than they would
normally do in preparation for winter. The bulk of our concerns
are not internal but related to outside government programs and
regional utilities. These are areas beyond our control. We as
an industry urge the government to provide support and
oversight so that these crucial systems operate efficiently,
allowing goods to be manufactured, transported, and supplied to
the public.
Another possible Y2K concern is connected to the food
assistance program. Many of our customers rely upon programs
such as WIC and food stamps. These programs often rely upon
electronic benefit transfers creating a possible Y2K problem.
While they are not under the industry control, we have been
working with the USDA to prepare these systems for the new
millennium. We request the Government give the necessary
attention to the programs in connection to the Y2K issue so
that we may continue to serve the people who rely on them.
We take our responsibility to provide for the people
seriously. We've been working to ensure that our customers'
needs will be met. We have tested, retested, and reinforced our
systems for the year 2000. Raley's plans to have a Y2K team on
hand throughout the New Year weekend to handle any
complications that may unexpectedly arise. We are more than
prepared for the year 2000.
Thank you.
Mr. Ose. Thank you.
[The prepared statement of Ms. Tschogl follows:]
[GRAPHIC] [TIFF OMITTED] T0954.128
[GRAPHIC] [TIFF OMITTED] T0954.129
[GRAPHIC] [TIFF OMITTED] T0954.130
[GRAPHIC] [TIFF OMITTED] T0954.131
[GRAPHIC] [TIFF OMITTED] T0954.132
Mr. Ose. Mr. Rabkin, general counsel, senior vice president
of Sierra West Bank, testifying on behalf of the California
Bankers Association.
Mr. Rabkin. Thank you very much. I appreciate the
opportunity to be here today and to speak to you concerning the
banks' readiness for Y2K.
My name is Alan Rabkin. I am the general counsel and senior
vice president of a regional bank by the name of Sierra West
Bank, which was recently acquired by Bank of the West.
Now we serve the eastern California and western Nevada
markets, so I can speak to you on those issues, but I'm
generally familiar with what banks are doing nationwide. I'm
knowledgeable about the banks' security aspect of Y2K since I
served on SCC panels to formulate rules concerning that issue.
I've seen firsthand the operational lending and other aspects
of the year 2000, and I hope I know what I'm talking about.
Well, I've got good news for you. I think this is the
shining moment for banks in the United States. We have done our
work. We have gotten down to business. We have made our
equipment ready. We have ordered new equipment when it's not
ready. We have fixed and tested, retested, created plans and
educated the public and our customers. Together we have
assessed risks, account risks, loan risks, facilities risks. We
canceled staff vacations. We've generally taken our lumps on
1999 earnings. We basically have done what a responsible bank
should do, but we're not completely done. We always have things
to do, but we certainly are through the door of compliance and
we will meet the dawn of the new millennium with completely
updated, fully compliant Y2K systems.
I like to say in my public presentations that if Father
Time needs cash at the new millennium, we will deliver it. So
what does this mean? What can we expect? Are there going to be
major problems in the Y2K systems for banks?
The answer is, I can't predict exactly what will happen,
but I will tell you that I doubt it. Some of you have read
about recent problems in Y2K areas dealing with banks. Just
about a week ago I opened the papers and there was an article
about a company by the name of Affiliated Computer Services, a
small Texas-based ATM provider who seems to have some sort of
Y2K failure in their software systems. But when you look into
the problem, it wasn't Y2K related at all. Instead, it was
simply a software upgrade failure. It was simply a lack of
fully engineered upgrade. And that happens a lot these days.
Recently in the area I'm in, a local regional airline
carrier introduced an upgrade not related to Y2K, and that
upgrade did not take well, and their whole system went down,
they backed up with their prior system, they made the fixes and
they came back on line.
This is the reality of computing in the 1990's. So once you
get beyond the potential for errors caused by new software
introduction, I think you'll find that banking has very, very
few Y2K problems left to it. In fact, I myself still have all
my money--or most of my money in FDIC-insured institutions. I'm
fully confident I won't lose one dollar. I'm fully confident
I'll be able to withdraw as much or as little money as I need.
I'm fully confident my cash needs will be met on a day-to-day
basis. I do need money to get through the end of the year and
probably the best New Year's celebration of the millennium.
However, I don't think I need my life savings to do that.
What's more of a Y2K concern to me, however, is the
misinformation that I see daily. You know Y2K is good theater,
and I'm getting a little tired of it, especially when it comes
to ads like those run by KIA Motors Corp. implying that banks
are not Y2K compliant. Frankly, there's no proof for that. In
fact, there's opposite proof. All the Federal banking agencies,
the Securities and Exchange Commission, even Alan Greenspan
have represented banks as the poster child of Y2K compliance.
We are the good conduct citizens of Y2K. We got started very
early.
So what's all this misinformation about? Well, the L.A.
Times came out with a story about a week ago saying even though
it's been shown that banks are 99 percent compliant, that 42
percent of the consumers still believe ATMs will not operate.
And 38 percent fear checks will bounce, and 20 percent believe
that Y2K will shut down the banks.
So we have to do a better job. We have to market our skills
better in Y2K. We have to get the word out that banks are fully
compliant, and if there are any glitches they will be dealt
with. So we are going to be more proactive. We're going to
market Y2K just like we market our bank products. I think
you've seen that recently with banks such as Union Bank who
have the ``Y2K OK'' campaign going statewide right now.
Every delivery system will be used to get the word out
between now and the end of the year; statement stuffers, public
speaking, these hearings. Everything so that we can get face to
face with our customers. And we will ask the customers what
they are not aware of, what they need more information on, and
we will be good corporate citizens going into the end of the
year.
So with that proactive attitude, we continue to win the
race. We continue to be up front and we feel that Y2K if it's
not a dud, will certainly be a dud as to banking. So I'm here
to answer any questions you might have concerning the banking
industry, but we have arrived. We may have to be at work on
January 1st just to be sure; but if you see us a little tipsy
on January 2nd of the new millennium it's because we're
celebrating a very, very good performance by the banking
industry.
Thank you.
Mr. Ose. Thank you, Mr. Rabkin.
Mr. Koppel, who is the chief information officer of U.C.
Davis Medical Center is here to join us, also.
Mr. Koppel. Thank you and good morning. First, let me
apologize, I have neither a picture nor a thousand words
prepared. We had some communications mix-up and we just--last
evening I found out I was selected to appear here this morning.
I would like to address the Y2K issues in terms of UCD Med
Center and the health system. The health system is the
combination of the school of medicine and the medical center.
We in the health systems began looking at Y2K issues back in
1995 and 1996 and we took advantage of opportunities with our
electronic systems to begin modifying in-house development, and
making sure we had tractional language for acquisition of new
systems.
In 1997 the university office of the president started
formalizing the process and brought all the university medical
centers and campuses together and developed a reporting system
in which we participate. In July 1998 the UC Health Systems in
Sacramento developed a task force. I co-chair that task force,
and we have representatives from all across the organization
that represents major operations and functionality areas. We
developed an action plan, which tests all the obvious
processes: Inventory, assessment, renovation, all the things
that are necessary for Y2K readiness.
The major areas of concern that we have are--because we're
in the patient care business, of course, trying to be self-
sufficient in case everything fails. So the areas that we've
looked at are not only information systems, but our health and
safety areas with fire alarms, water and power. And I'd just
like to say in terms of water and power, we're very fortunate
to have a brand new power plant that is driven by natural gas.
It has a secondary backup system, diesel. Our third redundancy
is SMUD, and our fourth redundancy is portable generators that
will plug into each of our major buildings. As far as water
goes, we're depending on the city, but we have two wells in
place right now, the third one going into the infrastructure is
being constructed. I don't think water and power will be an
issue.
Most of the medical equipment that we have is another major
issue. We've notified vendors. We inventoried all of our
equipment. We have tested it and set aside funding for
acquisition of new equipment as we realize in some cases the
vendors will not be upgrading for Y2K compliancy. Most of the
orders for the new equipment and replacement equipment have
been submitted, and will be on hand well ahead of the Y2K time
period.
As far as office automation and facilities go, we've taken
all kinds of measures to make sure that our office automation
has contingency and business continuity depending on those
systems. We put into place a program whereby we can interrogate
and mitigate any PC-related problems in terms of resetting
clocks, replacing chips or parts in the PCs. We've also
addressed the issues of contracts, making sure that all of our
contracts with people we do data exchange have Y2K compliant
statements. We've notified all of our vendors and have gotten
responses back from vendors regarding supplies and availability
of supplies.
As far as the actual Y2K orientation itself, we have been
audited by the State Division of Audit and we came through
fairly good. The audit report would say that there is one
system that they looked at, that had a plan for testing, but at
the time they looked at it, it wasn't tested due to the fact
that we had to add some equipment. That system has now been
tested and validated. Most all of our electronic systems have
been modified, replaced, tested and validated. For those that
are not completed will be completed, those well ahead of year
2000.
The plan that we have at the Med Center is that we're going
into the year 2000 very optimistically, but we also are going
to hedge our bets by having a full staffing of our disaster
recovery center, and we're going to be having full staff of any
major area of concerns.
Telecommunications, I'd like to talk to you about that for
a minute. We're self-sufficient. We have our own switching
system. We have a backup, Pac Bell. We utilize an 800 megahertz
radio system which is connected for emergency purposes to the
county of Sacramento, and we also have an emergency phone
system that is hard wired throughout the medical center in case
of failure of Pac Bell or in our own switching systems.
I think that kind of concludes what I'd like to say, and
I'd be happy to answer any questions.
Mr. Ose. Thank you, Mr. Koppel. We're going to take
questions at the end of all the testimony.
Finally, our last panelist is Holly Delaney, who is in
charge of the year 2000 program with Mercy Healthcare
Sacramento.
Ms. Delaney. I'd like to thank you, Congressman Ose and
Chairman Horn, for the opportunity to present here today Mercy
Health-care Sacramento's Y2K preparedness status. As you may or
may not know, Mercy Healthcare Sacramento is a division of CHW,
which is located down in San Francisco. They are a 48 Facility
Healthcare System. We here in Mercy Healthcare Sacramento have
seven hospitals, including skilled nursing facilities, home
health organizations and clinic locations known as Med Clinic
in the area.
We began our year 2000 program in 1997 by developing an
impact analysis. At the time the study identified 21
application system upgrade projects at a total of $2 million.
In addition to that, we developed a Project Management Office
at the corporate level that addresses all Y2K processes;
including testing methodologies, standards for application
systems, biomedical devices, facility equipment, computer
hardware and network electronics. The PMO has tested all of our
biomedical devices throughout our 48 facilities, our clinic
locations and home health locations, et cetera, facilities
equipment, which means elevators, alarm systems, fire
suppression systems, et cetera, application systems and PC
hardware, network and telecom.
We, like most organizations, have utilized the seven-phase
Y2K compliance approach, which I'm sure you've heard a little
bit about today: Inventory, assessment, planning, upgrade,
testing, remediation and contingency planning. With limited
staff resources and a set time for completion for Y2K, Mercy
instituted a Y2K project prioritization process to ensure our
patient critical Y2K systems were addressed first, so that we
could continue to provide excellent quality patient care as we
have for the last 100 years.
Our current Y2K status, interesting how quickly these
numbers grow after you continue to investigate, has gone up to
an estimate of $15 million effort, with 26,000 staff hours to
make our medical equipment and support systems Y2K compliant.
Mercy has since identified a total 108 application systems
upgrade projects, 63 of which we consider patient critical
systems. And out of a total of 12,829 biomedical devices
identified only 344, which is about 3 percent, failed our Y2K
testing and either required replacements or upgrade. So that's
pretty good news for the community at large that patients
pretty much can rely on biomedical devices. That would be
things like IV pumps, EKG machines, defibrillators, et cetera.
Only 3 percent of these were determined to be noncompliant
through our testing efforts, and we are in the process of
remediating all of those.
Our current status, 84 percent of our patient critical
applications systems are currently Y2K compliant. They have
been tested and upgraded. By August 31st we believe 97 percent
of our patient critical application systems will be Y2K
compliant. All PC network telecom equipment will be Y2K
compliant by the end of August, and all biomedical devices and
facility's equipment will be Y2K compliant by September. All
contingency plans are currently complete. They have been
distributed to all the departments in our organization and
we'll be undergoing a quality review process at--I believe it's
next week, to test those plans out and our staff's ability to
follow and understand those plans.
The various issues that we found in addressing our Y2K
problem are that hardware and software vendors have continually
changed their Y2K compliance status, causing us to reevaluate
our cost, staff resources, and project completion dates. Many
of our small software vendors are charging excessive fees and
are slowing down our upgrade process for becoming Y2K
compliant. These are the one-man, two-man owned shops with PC-
based software that are basically holding us hostage at times
because they just don't have the wherewithal to complete all
the upgrades.
Third party software providers, we call them trading
partners or EDI trading partners, both the data people and the
vendors that we get supplies from at times cannot be tested or
upgraded by Mercy. This includes some of our electronic claims
remittance providers. We do have some risk in that area.
However, we've mitigated this risk through contingency planning
and basically we have manual processes in place by which we can
continue to submit claims in a manual method.
In addition, small isolated PC-based systems were difficult
to inventory. And I'm sure everybody who is dealing with the
Y2K effort has identified that. Thus, they're being identified
as we complete our PC upgrades. This provides very little time
for us to remediate. However, these are not patient critical
systems, and they are mostly business systems used for
efficiency, not the core critical business system processes.
We're concentrating on contingency planning for these
systems and basically people will have to do these efforts
manually. Thank you.
Mr. Ose. Thank you, Ms. Delaney.
If you followed our panel list, you'll see that panel one
is largely State and local government with a municipality.
Panel two is largely utilities; and panel three is largely
food, money, and health care kind of thing. So there is some
sense or some method to our madness.
If I may, Mr. Chairman, I'm going to proceed with my
questions; and you can wrap up, and we'll do the paperwork, if
you will, kind of thing.
Ms. Tschogl, one of the questions I have is it--and it
relates to Mr. Rabkin, also. The electronic funds transfer
mechanism that many of your customers use, I want to make sure
people understand that that's going to work when they come in
at the end of the year, that the transactions are going to be
accurate, that the system is going to be available. As I
understood your testimony, that was the case that you have
spent considerable effort making sure in conjunction with your
partners, your business partners, that that will be available
for folks?
Ms. Tschogl. Our information services people have confirmed
to me that they are absolutely certain that the electronic
funds transfer mechanism will be working. You can probably talk
more about the electronics.
Mr. Ose. Turn that mic.
Ms. Tschogl. Turn this?
Mr. Ose. There you go. Much better.
Mr. Rabkin. Mr. Chairman, fortunately, the regulators--
banking regulators have not stopped at banks. They've gone out
to the vendors of banks and have examined vendors of banks on
both mandatory and cooperative basis. On each of the primary
Federal regulators both the Fed at fed.gov or fdic.gov or
occ.gov you'll see listings of critical vendors like First Data
or FDR, who are the primary drivers of what we call ACH or
bank-card type transactions, and they've gone out and rather
than make each bank test their driver of these systems, they've
gone out and tested them with all the resources of the
Government, which is very helpful. And, also, some enlarged
banks have double-checked those findings and have checked the
primary vendors as well and those noncompliant vendors are
shown with their noncompliance status; but most, I would say,
generally all, of the primary drivers of these very critical
ACH wire transfer-type scenarios have been checked by the
banking regulators.
Mr. Ose. ACH is Automated Clearing House?
Mr. Rabkin. Clearing House, that's correct. So this is not
just one particular bank telling you that this will happen
appropriately. It's the banking regulators telling us all that
it will happen appropriately, and that's why I have comfort in
it.
Mr. Ose. So folks are engaged in electronic commerce
whether they be on vacation or down at the grocery store or out
in the rural areas buying feed or fertilizer and they wish to
do electronic commerce. It seems as if the system is prepared
whether it be at Raley's or at Henry Miller's Implement Dealer
up in Yuba City or whomever. The system appears to be prepared
for that ability to be achieved.
Mr. Rabkin. That's correct. From what I've heard today, and
prior testimony, we'll have power. We'll have phones. We'll
have the banking and driver systems. Those are the critical
elements to transacting any debit/credit transaction in any
bank or merchant situation. So we have all the critical core
elements to transact those transactions.
Mr. Ose. So the financial system will be available. Let me
explore, if I might, a little bit one issue that comes up
regularly that we're all very attuned to whether we live in
cities or in rural areas is food quality. And I know Raley's
has an ongoing extensive program for food quality.
Are there--is there any indication that there will be
anything but a consistent high level of quality of product in
the grocery stores by virtue of anything related to the Y2K
problem?
Ms. Tschogl. Absolutely not. There will be no change
whatsoever; and as I mentioned earlier, we have dealt with
power outages before, and in the event in a rural community or
outlying area there really is a power outage, we've done this
before and we have backup generators that will operate
efficiently. Our refrigeration units are going to operate
efficiently, just like they have every other time that we've
had a little glitch in the system. This is not going to be any
different.
Mr. Horn. If I might just ask a question here. How about
bottled water, will a lot of people do you think----
Ms. Tschogl. We predict that there will be people buying a
lot more bottled water than they normally would, but I don't
predict they are going to be buying that bottled water a week
before the new year. I think they are probably going to start
gearing up for it throughout. It's not necessary, but I do
think that people will be doing this. There will probably be a
run on plastic--empty plastic bottles for putting their own
water in, but it's not going to be a crisis situation at the
supermarket.
Every major supermarket has been preparing for this for
years, and it's not what turned out to be at one point was a
computer problem has escalated into another problem. That's all
of our own making in our imaginations here about what's going
to happen with food shortages.
Mr. Ose. I hear you saying----
Ms. Tschogl. And batteries. There will be no price gouging
either, I might add. I don't know if you were going to ask that
question, but that is another concern that some people have,
that batteries are going to go for four dollars each when it
gets into a crisis situation. I think you may have some of
that. In some areas it may happen, but it won't happen in any
of the major supermarkets across the country. I can speak for
my colleagues in other supermarket chains that I won't mention.
Mr. Ose. If I may follow on, Mr. Koppel and Ms. Delaney, I
know that Ms. Delaney's organization just opened a state-of-
the-art trauma center out near my home town, if you will,
actually it's in Carmichael. We're going to claim it's in
Citrus Heights anyway. I want to make sure, one thing I heard
Ms. Delaney talk about was the compliance levels in equipment,
but I didn't hear Mr. Koppel speak about that. I wanted to come
back to that, particularly as it relates to embedded chips and
equipment that's been held for a couple, 3 years. You were very
clear that you're down to about a 3 percent noncompliance rate.
Ms. Delaney. That's what we started with.
Mr. Ose. You're even below that now?
Ms. Delaney. Correct. We'll be 100 percent compliant with
our biomedical devices by September.
Mr. Ose. Is that going to be the case also at the Med
Center?
Mr. Koppel. We've identified--I thought I spoke to that
issue, but I probably brushed over it quickly. We took an
inventory and made a complete assessment of all of our medical
equipment and to date we have purchased approximately $270,000
worth of equipment that we think needs to be replaced such as
defibrillators, heart fusion pumps and small items. We expect
there will be a few more. I can't tell you what the percentage
is, but it's a fairly low percentage in comparison to the
overall amount of investments that we made. The only medical
equipment that is outstanding in terms of actual proof testing
is some of our larger equipment like our MRIs, some CTs,
cardiac catherization units, and the reason those are untested
is because the vendors have notified all the users not to test
these systems in the field. They are being tested at the
factories and wherever else they have their testing sites. The
reason being is some of these systems are so complex, if you
set the time ahead, there's no going back on it. So it will
just mess up the operating system; but except for that, we have
plans to replace and we have the funding to replace all
equipment that is not Y2K compliant, and it will be in before
Y2K.
Mr. Ose. Ms. Delaney--I appreciate that. Ms. Delaney, you
brought up something I thought was particularly farsighted, and
that was the claims submittal process for people who are
enrolled in HMOs or who are on Medicare or Medicaid or Medi-
Cal. It's clear that Mercy in particular has given some thought
to making sure that claim process doesn't bog down and become a
nightmare either. Can you just kind of go over that for us
briefly, please.
Ms. Delaney. The biggest difficulty that we have found is
in third parties claims administrators. Generally they have
software that they've developed in-house and one in particular
we're having difficulty getting upgraded.
Mr. Ose. Turn that mic around a hundred and eighty degrees.
There you go. Nope, that's wrong.
Ms. Delaney. I'll just talk closer. How's that?
So that is one of the difficulties we are finding. However,
that won't prevent the provision of patient care. That just
prevents us from getting our money for the provision of
patients' care. So although we're concerned about it from an
organizational standpoint, our patients should not be concerned
at all. As I said, we do have provisions to submit those claims
manually, and we are working as a corporation with some of
those organizations to provide our clout to get those systems
rectified and Y2K compliant. But that is an issue the third-
party payors are not always compliant.
Mr. Ose. We have a very large organization in the U.S.
Government called the Health Care Financing Agency [HCFA] in
particular has had some difficulty just making sure that they
are going to be compliant. Are you anticipating any difficulty
there? And when you're finished, Mr. Willemssen, I'd appreciate
any input you might have on this particular issue, too, with
respect to Medicare claims and the like.
Ms. Delaney. No. I read the reports on HCFA and I'm pretty
sure--I know--they actually in the past have instituted--for
example, when they've changed large computer systems, they've
instituted a continued payment system, so I'm pretty sure that
if anything should happen with the payment system, what they
will probably do is just continue the average payments to the
healthcare systems. So we're pretty confident that that won't
be a financial risk to us.
Mr. Willemssen. HCFA and Medicare represent one of the
highest risk Federal programs that remains. The administrator
has made a lot of excellent progress, but because they got such
a late start and they have such a widespread intricate heavily
computerized set of systems, they still have a long ways to go
and limited time to do it. They are still overlapping
remediation and testing activities that are occurring over the
next few months. So there is still reason for concern.
Reason for optimism is similar to what she pointed out.
They have done a lot of good efforts in the contingency
planning area, so that in the event there are disruptions, they
will be prepared with backup plans. Those backup plans still
need some further refinement and testing, however. So overall
there's still definite room for concern on HCFA and Medicare.
They are aware of it. They are working as aggressively as
possible on it.
If I also might point out, Congressman, in relation to
comments you made earlier on biomedical equipment, I thought it
useful to point out, I don't believe the witnesses had
mentioned that there is a FDA data base on biomedical equipment
that includes Internet links to over 400 manufacturers, and it
indicates what those manufacturers say about their items. We've
looked at that and there are over 35,000 products identified by
those manufacturers, and about 4,500 of them are considered
noncompliant. It may be--if the witnesses here haven't already
done so, it may be worth their while to compare their efforts
against what's reflected in those websites so it can match up
any anomalies.
Mr. Horn. On that point, Mr. Chairman, you were with us at
the Cleveland hearing, I believe, and the very excellent
representative from the Cleveland clinic talked about how they
have this site where all the emergency room equipment could be
checked against that, and the UC Davis submission is very
impressive on how you people have been at this for a long time
and well organized. I'm just curious, have you used the same
site as the Cleveland clinic and a lot of them are using?
Mr. Koppel. I'm not aware that we have. I know that we're
working in conjunction with the purchasing department I know
they have went out and interrogated these sites, and I'm sure
they are working very close with our technical engineering
department along these lines. I personally am not aware of
that.
Ms. Delaney. I have a quick comment about biomedical
devices. CHW, when they began testing or when they chose to
look at biomedical devices, found it was very difficult even
from the manufacturer to determine which biomedical devices
were Y2K compliant, because often the serial numbers didn't
even reflect what embedded chips, et cetera, were in each
device. So that's why we chose to go ahead and test all of our
devices, and that is about 50 percent of the healthcare
providers chose testing versus reviewing the data bases and the
various information out there. We did choose to test because we
started this early on, and we're very confident that we have
the accurate information about Y2K because of that test.
Mr. Ose. Mr. Chairman.
Mr. Horn. I don't have any further questions. I think the
panel has been excellent. I don't know if Mr. Willemssen has
anything.
Mr. Willemssen. Nothing else to add, Mr. Chairman.
Mr. Horn. Thank you all. You were all impressive. You're
right about the banks. We had them in our first hearing and the
Clearing House and Mr. Greenspan and others have been doing a
great job in making sure they comply, and the banks have done a
great job.
Mr. Rabkin. Maybe we should be giving away bottled water
rather than toasters.
Mr. Horn. How about plates in the Depression.
Mr. Ose. Lower interest rates.
Thank you all for participating.
Mr. Horn. We have thanks to the staff here. And our staff
director for the Subcommittee on Government Management,
Information, and Technology is J. Russell George, and he's the
chief counsel for the subcommittee. And on my right--your
left--is Bonnie Heald, the professional staff member
responsible for this hearing and the director of communications
for the subcommittee. And the gentleman who was alert and
moving those microphones around was Grant Newman, our clerk.
And we had a lot of help from Mr. Ose's staff. And we want to
thank Dan Scopek and Donna Willborn with Metro Cable,
production director, and we also had from Mr. Ose's staff,
Tory--you pronounce it----
Mr. Ose. Tovey Giezentanner.
Mr. Horn. Tovey Giezentanner and Peter DeMarco. And our
court reporter is Maria Esquivel-Parkinson, and we thank you
very much for sticking with us. It's tough sometimes when you
can't get a rest or anything else.
With that, if there are no further comments, I thank you
for all you've done for this subcommittee.
Mr. Ose. I do have a closing remark, Mr. Chairman. Under
your guidance we have been able to bring together here this
morning government at all levels to talk about the challenges
we face. We've been able to bring the critical utility
providers together to talk about their level of preparedness.
In my opinion, we've brought together the most critical
elements of private industry, that being banking, food and
delivery, if you will, and healthcare to talk about their
relative levels, and this would not have happened without your
interest and participation and those of us in Sacramento who
will benefit from this. On their behalf I say thank you for
taking the time to come.
Mr. Horn. Well, I thank you because I tell you, we've been
through a lot of these, Mr. Ose and I and the staff, and just
by chance and lot of hard work has been a really broad-based
operation here, and I've been very pleased with the quality of
testimony, both your oral testimony, your response to
questions, as well as your written testimony which
automatically goes in the record the minute the chairman
recognizes you.
We're sorry we have to cut it down sometimes to 5 minutes,
but we want to get to the questioning, and that's where we
learn the most, we think, because we've already read your
documents and we thank you all for coming and the panels before
you.
And with that, we're going to recess this hearing to
tomorrow in the Silicon Valley in San Jose. We will have the
last hearing in
northern California, and then we're going on to the State of
Washington next week for year 2000 testimony with the help of
the Discovery Institute, which is a major foundation in
Seattle. So with that, if there's no further comments, this is
recessed to San Jose tomorrow.
[Whereupon, the subcommittee was recessed.]
THE YEAR 2000 COMPUTER PROBLEM: LESSONS LEARNED FROM STATE AND LOCAL
EXPERIENCES
----------
SATURDAY, AUGUST 14, 1999
House of Representatives,
Subcommittee on Government Management, Information,
and Technology,
Committee on Government Reform,
San Jose, CA.
The subcommittee met, pursuant to notice, at 10 a.m., in
the San Jose City Hall, City Council Chambers, North First
Street, San Jose, CA, Hon. Stephen Horn (chairman of the
subcommittee) presiding.
Present: Representative Horn.
Staff present: J. Russell George, staff director and chief
counsel; Patricia Jones, American Political Science Association
congressional fellow; Bonnie Heald, communications director;
Chip Ahlswede, clerk; Casey Beyer, chief of staff, Congressman
Tom Campbell's district office staff.
Mr. Horn. This hearing of the House Subcommittee on
Government Management, Information, and Technology will come to
order. I'd like to welcome the residents of Silicon Valley, the
San Jose Region for joining us today for the subcommittee's
11th field hearing on the year 2000 technology challenge.
The year 2000 computer problem affects nearly every aspect
of operations in the government and the private sector. In
Social Security and Medicare to local telephone service,
electrical power and home personal computers, the year 2000
computer bug has certainly been a large management and
technology challenge for all of us. No single organization,
city, State or even country can solve the year 2000 problem
alone, nor can they guarantee their computers will work until
the organizations and agencies that exchange data with them are
also compliant.
The year 2000 problem was created in the mid-1960's when
programmers seeking to conserve limited computer storage
capacity began designating the year in two digits rather than
four. In other words, if you had 1967, they saved memory on 19
and put in 67, and that was pretty soon practice, and you had
two-digit years. Now they knew there would be a problem when
there was a year 2000 because it would register 00 and a
computer probably wouldn't know whether it was 1900 or 2000 or
whatever it was, and those systems might malfunction, corrupt
data or shut down completely. But they were optimists. They're
Americans. They said, ``Technology will solve this.'' The fact
is technology hasn't solved it. There's no silver bullet. It's
a serious situation.
Our first hearing was held in April 1996, and we had the
clearing house, the banks, a number of key parts of our
society, and they have been working steadily to make sure that
those basic economic indicators and processes in our society
work. But our focus as the subcommittee has been on the
executive branch of the Government of the United States, and we
found them ill prepared. And it took them about 2 more years
despite our prodding to get prepared, and they finally
appointed an individual to give full-time efforts to it, and
he's done an excellent job.
Mr. Koskinen is an assistant to the President and heads the
Year 2000 Conversion Council, and we have had the pleasure of
working with them. And our report cards you see out there on
the desk are one of the prods we use to get them to face up to
these matters, and slowly this is happening. We're optimistic.
We think it will all be done prior to January 1, 2000. Current
estimates show that the Federal Government will spend nearly $9
billion to fix its computer system in this fiscal year which
ends September 30th. It might well go into another billion if
there's the sort of panic mode, shall we say. If that's what we
worried about in the beginning, let's have careful management,
good organization and work systematically to achieve the goals,
and they're finally getting that there. So as I said, I have
faith that this will work. I have often said the figure will
reach $10 billion, and it might.
Recently, the President's Office of Management and Budget
identified 43 essential Federal programs such as Social
Security, Medicare, and the Nation's air traffic control
system. Each day these programs provide critical services to
millions of Americans. Of those 43 programs, 10 are federally
funded, State-run programs including Medicaid, food stamps,
unemployment insurance and child support enforcement. Based on
the data we received in May, all of these State-run programs
were not scheduled to be ready for the year 2000 until
December, leaving little, if any, time to fix unforeseen
problems.
Data exchanges and interdependencies exist in all levels of
government and throughout the private sector. A single failure
in the chain of information could have very severe
repercussions. For example, Social Security Administration
maintains a data base of Social Security payment information
for eligible citizens. One data base has about 50 million
citizens registered in it and another 43. When these payments
are due, the Social Security Administration sends that
information to the Department of the Treasury's financial
management service where the check is issued and either
electronically deposited into the personal bank account of the
client, or it's delivered by the U.S. Postal Service. Each of
these agencies has its own network of computers. If even one of
them fails, the entire system breaks down, and the check will
not be delivered.
Indeed, many of the Federal executive branch agencies and
Cabinet departments have said, ``Well, our contingency plan is
the U.S. Postal Service.'' When we saw that, we decided to hold
a hearing with the U.S. Postal Service, and it turned out they
had no contingency plan for themselves. So we're not sure about
the various agencies on their fallback. But it will be slow.
Fortunately, the Social Security Administration has been
working on the problem for 10 years, and they're in good shape.
And the only other one at this point 'til our next report is
what we called in the old days the weather service. They're
right on target. If there were still a few farms in the Santa
Clara Valley, those farmers would be very happy. They could get
all the weather news they want as they drive their tractors
through the furrows and orchards of Santa Clara County, but
they're hard to find anymore.
But even well-prepared computers won't work without power.
One of the most essential questions involving the year 2000
challenge, and we'll have some testimony on this before us
today, will the lights stay on? Without electricity our modern
society would be relegated back to the proverbial stone age,
and that would have a major effect on our economy. We remember
the General Motors strike in Michigan? That would be a drop in
the bucket compared to power outages, assembly lines stopping,
hundreds of suppliers that make up some major products such as
airplanes for my own constituency where Boeing and the former
Douglas operations, suppliers come from all over America. So
blackouts, inadvertent or vertent, I guess, they can cause real
economic damage.
Our Nation has made great strides in the advancement of
information technology to which we owe the credit to many
corporate residents of Silicon Valley. We're extremely
fortunate today to have as witnesses representatives from high
technology companies that develop hardware, software,
microchips and processors that enable our computer systems to
function on a daily basis. We're very interested to hear how
these companies have approached the year 2000 technology
challenge and their experiences in dealing with this issue as
we approach the new millennium.
No one can predict what might or might not happen once the
clock ticks past midnight this New Year's Eve. The only
certainty is that this January 1st deadline cannot be extended.
So I welcome today's panel of witnesses.
[The prepared statement of Hon. Stephen Horn follows:]
[GRAPHIC] [TIFF OMITTED] T0954.133
[GRAPHIC] [TIFF OMITTED] T0954.134
Mr. Horn. We will have two panels here and panel three
after that.
And then the first one, I'd like to call those witnesses
forward: Joel Willemssen, the Director of the Civil Agencies
Information Systems of the U.S. General Accounting Office; Mark
Burton, the Y2K project manager for the city of San Jose; Dana
Drysdale, vice president, information systems, San Jose Water
Co.; Ronald E. Garratt, assistant city manager, city of Santa
Clara; Christiane Hayashi, the year 2000 communications manager
for the city of San Francisco. If you will come forward, this
is an investigating committee of the House, so we have the
following process: We would ask you to stand, raise your right
hands to affirm the oath to the truth of the testimony, and
then I'll make some other requirements.
[Witnesses affirmed.]
Mr. Horn. The clerk will note that all five witnesses have
affirmed the oath. As we introduce each one of you, your full
statement is automatically put in the record, and these records
get very thick as you can imagine, but you have some excellent
information in the full statement. We would like you to
summarize, if you could, to 5 minutes if you need a few more,
OK. But if you could do it in five, that leaves time for a
dialog between you and us, and between yourselves, and I think
that is all very fruitful often, if we get that done.
So let us start, then, with the first witness we have, and
he follows us around America, precedes us, and that is Mr.
Willemssen, the Director of the Civil Agencies Information
Systems for the General Accounting Office. That is an arm of
the legislative branch since 1921, and they have given us
outstanding service in terms of looking at this very tightly,
both on the economics, on the accounting and on the
programmatic arrangements. They put out, with every new
Congress, a high-risk profile on the various agencies of the
government, and we use that as a model to examine what the
executive branch is doing. So Mr. Willemssen, it's all yours.
STATEMENTS OF JOEL WILLEMSSEN, DIRECTOR, CIVIL AGENCIES
INFORMATION SYSTEMS, U.S. GENERAL ACCOUNTING OFFICE; MARK
BURTON, Y2K PROJECT MANAGER, CITY OF SAN JOSE; DANA DRYSDALE,
VICE PRESIDENT, INFORMATION SYSTEMS, SAN JOSE WATER CO.; RONALD
E. GARRATT, ASSISTANT CITY MANAGER, CITY OF SANTA CLARA; AND
CHRISTIANE HAYASHI, YEAR 2000 COMMUNICATIONS MANAGER, CITY OF
SAN FRANCISCO
Mr. Willemssen. Thank you, Mr. Chairman. As requested, I'll
briefly summarize our statement on the Y2K readiness of the
Federal Government, State and local government and key economic
sectors.
Regarding the Federal Government, reports indicate
continued progress in fixing, testing and implementing mission-
critical systems. Nevertheless, numerous critical systems must
still be made compliant, and must undergo independent
verification and validation. The most recent agency quarterly
Y2K reports due to OMB yesterday should provide further
information on agency progress.
Our own reviews of selected agencies have shown uneven
progress and remaining risks in addressing Y2K, and therefore
point to the importance of business continuity and contingency
planning. Even for those agencies that have clearly been
Federal leaders such as the Social Security Administration,
some work still remains to ensure full readiness. If we look
beyond individual agencies and systems, the Federal
Government's future actions will need to be increasingly
focused on making sure that its high priority programs are
fully compliant. In line with this, OMB has identified 43 high
impact programs such as Medicare and food safety.
Available information on the Y2K readiness of State and
local governments indicates that much work remains. For
example, according to recently reported information on States,
about eight States had completed implementing less than 75
percent of their mission-critical systems. Further, while all
States responding said that they were engaged in contingency
planning, 14 reported the deadlines for this as October or
later. State audit organizations, including the California
State Auditor, have also identified significant Y2K concerns in
areas such as testing embedded chips and contingency planning.
Another area of risk is represented by Federal human
services programs administered by States, programs such as
Medicaid, food stamps, unemployment insurance and child support
enforcement. OMB recorded data on the systems supporting these
programs showed that numerous States are not planning to be
ready until close to the end of the year, and further, this is
based on data that have not been independently verified.
Recent reports have also highlighted Y2K issues at the
local government level. For example, in July we reported on the
Y2K status of the 21 largest U.S. cities. On average these
cities were reporting completing work on about 45 percent of
their key services.
Y2K also remains a challenge for the public infrastructure
and key economic sectors. Among the areas most at risk are
health care and education. For health care, we've testified on
numerous occasions on the risks facing Medicare, Medicaid and
biomedical equipment. In addition, last month we reported that
while many surveys have been completed on the Y2K readiness of
health care providers, none of the 11 surveys we reviewed
provided sufficient information to assess the true status of
these providers.
For education, last week's report of the President's Y2K
Conversion Council indicates that this continues to be an area
of concern. For example, according to that report, many school
districts could have dysfunctional information systems because
less than one-third of institutions were reporting that their
systems were compliant.
That completes the summary of my statement, and after the
panel is done, I'll be pleased to address any questions. Thank
you.
Mr. Horn. Thank you very much for that very helpful and
thoughtful statement.
[The prepared statement of Mr. Willemssen follows:]
[GRAPHIC] [TIFF OMITTED] T0954.135
[GRAPHIC] [TIFF OMITTED] T0954.136
[GRAPHIC] [TIFF OMITTED] T0954.137
[GRAPHIC] [TIFF OMITTED] T0954.138
[GRAPHIC] [TIFF OMITTED] T0954.139
[GRAPHIC] [TIFF OMITTED] T0954.140
[GRAPHIC] [TIFF OMITTED] T0954.141
[GRAPHIC] [TIFF OMITTED] T0954.142
[GRAPHIC] [TIFF OMITTED] T0954.143
[GRAPHIC] [TIFF OMITTED] T0954.144
[GRAPHIC] [TIFF OMITTED] T0954.145
[GRAPHIC] [TIFF OMITTED] T0954.146
[GRAPHIC] [TIFF OMITTED] T0954.147
[GRAPHIC] [TIFF OMITTED] T0954.148
[GRAPHIC] [TIFF OMITTED] T0954.149
[GRAPHIC] [TIFF OMITTED] T0954.150
[GRAPHIC] [TIFF OMITTED] T0954.151
[GRAPHIC] [TIFF OMITTED] T0954.152
[GRAPHIC] [TIFF OMITTED] T0954.153
[GRAPHIC] [TIFF OMITTED] T0954.154
[GRAPHIC] [TIFF OMITTED] T0954.155
[GRAPHIC] [TIFF OMITTED] T0954.156
[GRAPHIC] [TIFF OMITTED] T0954.157
[GRAPHIC] [TIFF OMITTED] T0954.158
[GRAPHIC] [TIFF OMITTED] T0954.159
[GRAPHIC] [TIFF OMITTED] T0954.160
[GRAPHIC] [TIFF OMITTED] T0954.161
[GRAPHIC] [TIFF OMITTED] T0954.162
[GRAPHIC] [TIFF OMITTED] T0954.163
[GRAPHIC] [TIFF OMITTED] T0954.164
[GRAPHIC] [TIFF OMITTED] T0954.165
[GRAPHIC] [TIFF OMITTED] T0954.166
[GRAPHIC] [TIFF OMITTED] T0954.167
[GRAPHIC] [TIFF OMITTED] T0954.168
[GRAPHIC] [TIFF OMITTED] T0954.169
[GRAPHIC] [TIFF OMITTED] T0954.170
[GRAPHIC] [TIFF OMITTED] T0954.171
[GRAPHIC] [TIFF OMITTED] T0954.172
[GRAPHIC] [TIFF OMITTED] T0954.173
[GRAPHIC] [TIFF OMITTED] T0954.174
Mr. Horn. Our next witness is Mark Burton, the Y2K project
manager for the city of San Jose, and, Mark, we're delighted
with the kindness of the city administration to let us use
their City Council Chamber today. So we thank you.
Mr. Burton. Thank you. Good morning. Thank you for
opportunity to speak before the subcommittee on the city of San
Jose's efforts in preparing for a rollover in the millennium
and how we're addressing the year 2000 computer problem.
The city began its year 2000 efforts in the summer of 1997,
and since that time has allocated over $10 million toward this
effort, with $6 million of that at our airport alone to
mitigate the impacts of Y2K computer interruptions.
The Y2K Office in the Information Technology Department has
had the responsibility for coordination of planning and
remediation activities for Y2K efforts. In addition, the
Information Technology Department has responsibility for the
mitigation and year 2000 readiness for the city's traditional
computer systems. Individual departments have focused on their
internal systems and operational issues, and the Y2K task force
comprised of representatives from all departments have focused
on coordination activities between the departments and acted as
a clearing house for Y2K information.
In early 1999, recognizing the potential impacts of service
interruptions on our critical health and safety services, a
second Y2K Public Health and Safety Task Force was created to
concentrate on the readiness for these services. This Public
Health and Safety Task Force's focus is on emergency and health
issues. Some examples include water service, waste water
treatment, emergency medical response, emergency police
response, sewage collection and storm drainage.
Our year 2000 project has four major areas: Computer
systems, embedded systems chips, business continuity planning
and public information. In the computer systems area, systems
and hardware were inventoried and assessed for operation into
and through the year 2000. We inventoried and assessed over 160
systems and 150 applications for computers and servers. After
Y2K assessment, decisions were made to repair, upgrade, replace
or retire in-house and vendor supplied software. 15 systems
remain in the remediation process at this time.
For embedded systems chips, in critical service areas
including our Convention Center, police and fire departments,
municipal water service, telecommunications and streets, the
city obtained services of expert contractors in embedded chips
to assist in the inventory assessment. In these six
departments, 2,500 pieces of equipment were inventoried and
assessed. While the majority of the equipment was found to be
year 2000 compliant in the assessment phase, over 30 percent
was found questionable, and just over 1 percent not Y2K
compliant.
While interesting to find embedded systems chips in
equipment, appliances and other things taken for granted both
at home and work, it was surprising to find non-year 2000
compliant chips in our fire department's defibrillators. They
are now year 2000 compliant, and Deputy Chief McMillan will go
into more detail about the defibrillators.
In late 1998 the city began its business continuing
planning with development of department Y2K contingency
strategies for mission critical and essential services and
equipment. Preliminary plans were developed between December
1998 and March 1999 with more comprehensive plans recently
completed in July. We are not only preparing the computer
systems for the date change, we are also preparing contingency
strategies which will be implemented, if required, to minimize
disruptions of critical services. In the case of a temporary or
more extended service interruption, we must be prepared with
recovery strategies to bridge the gap and continue supplying
critical services.
With our dependency on others for services and products in
our complex industrial technological society, we are taking the
steps to ensure the continuation of critical city services
should there be interruptions. Staff has developed detailed
contingency plans for all critical services and systems. These
contingency plans are based on our existing emergency
operations plan, and they detail the procedures necessary to
mitigate service impacts related to year 2000 failures, either
locally, or in the event of power-grid outages or utility
systems malfunctions. Dr. Winslow's testimony covers some of
the training and practice exercises used to prepare staff and
tune our contingency plans.
The last component of our Y2K project I want to speak of is
the public information phase. The city with the assistance of a
media consultant is in the process of developing a public
outreach campaign to reach out to residents to assist them with
year 2000 home readiness. We're coordinating this with Santa
Clara County and targeting our initial release for October to
coincide with the 10th anniversary of the Loma Prieta
earthquake. The emphasis will be on emergency preparedness, not
only for year 2000, but for any emergency, be it earthquake or
other natural disaster. Another area of concentration will be
to educate city employees in home preparedness so they will be
ready to respond to any Y2K problems with the knowledge that
their families are OK.
The city of San Jose has made good progress on its systems
readiness for Y2K. However, due to our reliance on others for
key services and supplies, the city is taking steps to be ready
for Y2K interruptions whether they come from within or from a
third party. The city's goal is clear, to be prepared for Y2K.
Mission-critical systems and services must be ready for the new
millennium, and at this time we see no reason that the city
should not meet this goal.
In conclusion, I'd like to thank the committee for the time
to speak on the city of San Jose's year 2000 efforts.
Mr. Horn. Well, thank you very much for your well-organized
description of what you've gone through and what some of the
implications are, and we'll get back to some of this in the
question period.
[The prepared statement of Mr. Burton follows:]
[GRAPHIC] [TIFF OMITTED] T0954.175
[GRAPHIC] [TIFF OMITTED] T0954.176
Mr. Horn. Dana Drysdale is the vice president, information
systems for the San Jose Water Co.
Mr. Drysdale. Thank you, Chairman Horn. In the interest of
time, I will skip our greeting and summary that's in the
written statement and go directly to some detail which will be
of use to you. We're very pleased to be here today. In my
testimony, San Jose Water Co. will be referred to as SJWC.
SJWC's Y2K readiness program can be summarized into six
major steps. These steps are: No. 1. Customer contact. Every
customer that requests information regarding San Jose Water
Co.'s Y2K readiness program receives a personal written reply.
Additionally, there is Y2K information on sjwater.com. That's
our website.
Step 2. Major power and water supplier contact. Both
Pacific Gas and Electric Co. and the Santa Clara Valley Water
District are critical to the normal operation of Silicon
Valley's water system. These organizations have a Y2K readiness
program. SJWC and all local water retailers meet quarterly as a
group with the Water District. The April 21, 1999 meeting was
devoted to a discussion of Y2K.
The district shares knowledge of State and Federal water
project readiness levels. As of June 1999, SJWC understands
that the State completed the modification to its network to be
Y2K ready and that these modifications are being tested by a
consultant. As a result of the April 21st meeting, the district
and SJWC identified a continuous supply of electrical power as
a concern. Additional information about this is included in
Step 6, contingency planning.
Step 3 of our program. Review of software and hardware
products. SJWC uses standard commercially available computer
hardware and software packages. This means we do not have a
significant development environment at the San Jose Water Co.
All SJWC hardware and software suppliers perform significant
Y2K testing of their products. In many cases, these software
and hardware providers also engage independent testing
organizations, such as ITAA or NSTL. To the best of our
knowledge, all software and hardware products used in SJWC's
water system are Y2K ready.
Where practical, SJWC repeated aspects of these tests. For
example, water distribution for most of Silicon Valley is
controlled by SJWC's sophisticated SCADA System. SJWC performed
a successful Y2K system test of the SCADA System's servers and
remote telemetry unit's hardware and software.
Step 4. Contacts with governments, other suppliers and
business partners. All replies from these folks indicate a Y2K
readiness program.
Step 5 of the program. Employee awareness and education.
SJWC's executive committee regularly discusses the Y2K
readiness program. SJWC's chief financial officer, controller,
and vice president of information systems--that's three
different people--participated in a Y2K test of SJWC financial
and materials systems.
The company's technology committee meets quarterly or as
needed to ensure that SJWC uses technology appropriately. The
technology committee is also involved in Y2K readiness. For
example, this committee has an ``embedded controller'' project.
Committee members identified functions in their area that might
be subject to control of a computerized clock and contacted the
manufacturer to ensure Y2K readiness. Please note that SJWC's
water-related computer systems typically manage water based on
demand and not time.
Step 6 of the program. Contingency planning. The chief
contingency planning concerns for Silicon Valley's water supply
include the import water and electrical power concerns
identified in step 2 above. SJWC contingency plans are common
for many possible situations in Silicon Valley, including
earthquakes.
Water resources in the valley are managed under an
integrated plan by Government Agencies, by the Water District
and by water suppliers such as SJWC. 50 percent of our water is
imported from State and Federal water projects, and is treated
at District treatment plants.
Approximately 35 percent and 15 percent, respectively, of
Silicon Valley's water is supplied by SJWC operated wells or
through local surface water. Local surface water depends on
local rainfall. In the event of a disaster or emergency that
impacts ground water supplies--excuse me--import water
supplies, significant additional ground water is available from
SJWC operated wells.
SJWC has excellent working relationships with Pacific Gas
and Electric Co. and other power suppliers. In the event of
power interruptions, SJWC's experience is that power is
restored as quickly as possible. SJWC also has emergency
generation facilities that operate the water system during
power interruptions such as those experienced during the 1989
Loma Prieta earthquake. However, sustained regional power
outages have serious impacts on water operations.
The SJWC portion of Silicon Valley's water system is
designed with local finished water storage reservoirs. This
means that water is in the valley. In many cases, full local
reservoirs and tanks will gravity feed water to customers.
Power is needed to initially fill these reservoirs.
On the morning of a typical January day, SJWC will have
approximately 2 days of finished water in Silicon Valley in
these reservoirs. If power is completely interrupted for more
than 2 days, water would be supplied using SJWC emergency
facilities alone. Operating the water system under emergency
conditions during a sustained regional power outage is very
different than typical water delivery, this is beyond that
first couple days, and may result in some water supply outages.
Disaster planning and generation facilities are coordinated
with county and city agencies and the California Public
Utilities Commission. SJWC customers and employees enjoy many
benefits from participating in regional emergency preparedness
and encourage everyone to take advantage of their city and
county emergency planning services.
San Jose Water Co. thanks Chairman Horn and House staff for
the opportunity to present testimony. Additional information is
available at sjwater.com or by phone at (408) 279-7900.
Mr. Horn. Thank you. That's a very thorough presentation,
and you're talking about a key ingredient for all of us. We
don't last too long without water. Thank you for coming with
that.
[The prepared statement of Mr. Drysdale follows:]
[GRAPHIC] [TIFF OMITTED] T0954.177
[GRAPHIC] [TIFF OMITTED] T0954.178
Mr. Horn. The next witness is Ronald E. Garratt, assistant
city manager for the city of Santa Clara. Mr. Garratt.
Mr. Garratt. Thank you, Mr. Chairman. I thank you for
inviting me to speak today on the subject of Y2K readiness in
the city of Santa Clara. I'm both the assistant city manager
and year 2000 project manager for the city.
Before I describe the city's Y2K readiness program, I would
like to briefly acquaint you with the city of Santa Clara.
Santa Clara is a full-service municipality providing police,
fire and utility services to approximately 103,000 residents
and over 10,000 businesses. Somewhat unique to Santa Clara, we
are one of only four cities in the greater Bay Area that own
and operate an electric utility. Later on this morning you will
be hearing from Karen Lopez, Silicon Valley Power's Y2K program
manager.
The city of Santa Clara is either headquarters for or
services a major campus site for a number of leading
internationally known high-tech companies: Intel, Sun
Microsystems, Hewlett Packard, 3Com, Applied Materials and
National Semiconductor to name a few.
Like other organizations, the city of Santa Clara knows the
importance of year 2000 readiness, and is focused on our
ability to store and manage data through the millennium change
and into the next century. The city's formal year 2000 program
began in 1997. However, the city's actual remediation efforts
commenced approximately 5 years ago through the systematic
replacement of major departmental computer systems. In point of
fact, replacement of the city's then existing mainframe driven
COBOL based operating programs were driven as much or more by
the need for increased performance and enhanced user
functionality as the need to eliminate the expression of a year
in a two-digit field.
Over the past 5 years, the city has spent nearly $22
million replacing critical computer systems. $7\1/2\ million in
public safety systems, including the new 911 emergency dispatch
system, the new 800 MHz trunked radio system, new police and
fire records management systems and telephone system upgrades.
$5\1/2\ million for utility systems including the electric
substation telemetry control, power scheduling and water system
pump control upgrades. $5 million for finance systems including
a new utility building system and a finance system data
warehouse. $2 million for computer network improvements
including the upgrade to Y2K compatible personal computers for
all system users, and the upgrade of all network hardware and
software to Y2K compatible standards. $1 million for public
works systems including the upgrade of the city's traffic
control system.
The city is working aggressively toward being a Y2K ready
organization for all major systems no later than September 1999
with the exception of two departmental computer systems that
will be fully operational by November 1999.
The city's Y2K readiness focuses on two major strategies:
Replace or repair. As I mentioned earlier, it has been the
city's primary goal to replace non-Y2K compatible systems
rather than repair them with one major exception. In 1997 it
was determined that replacing the COBOL based core accounting
system, comprised of the general ledger and payroll systems,
with a Y2K compliant enterprise accounting system could not be
accomplished in the time remaining. The city engaged a
consultant to modify the program code to accept year 2000 day
calculations. These core accounting systems were tested and
verified as Y2K ready in 1998.
The city has inventoried departmental computer systems,
both hardware and software. Y2K readiness has been determined
through a combination of vendor validation, system testing and
third party consultant review. The city has employed
verification and validation software to test all desktop user
hardware and software for Y2K compliancy. Where appropriate,
external computer interfaces have been validated. Examples
include the city's 911 interface with the regional phone system
and the city's financial interface with our primary bank.
One primary goal of the city's Y2K strategy is to ensure
residents and businesses that the city of Santa Clara is
working diligently on their behalf to minimize disruptions
caused by the potential year 2000 computer problems. We've
communicated our progress through a number of channels: Face-
to-face meetings with major businesses and the Chamber of
Commerce, regular updates posted on the city's website, cable
cast over the city's Government channel, and printed in the
city newspaper which is distributed to all residents and
businesses. Additionally, we're in the process of holding a
series of Y2K meetings throughout the community to update and
advise neighborhoods on individual and family emergency
preparedness. Over the next 3 months, we will be mailing out
materials on home and small business preparedness for possible
Y2K caused disruptions.
As we have moved in to the later portion of 1999,
contingency planning has surpassed remediation as the primary
Y2K focus for the city. We are both encouraged and assured by
Y2K remediation efforts occurring in both the private and
public sectors in the Silicon Valley, but we also understand
our day-to-day reliance on complex, far-reaching interconnected
computer systems. Given the millions of lines of programming
code contained in these systems and the thousands of embedded
chips that control these systems, we fully anticipate the
possibility of Y2K disruptions in the community and the region
as a whole. We are advising the community to prepare for
possible Y2K disruptions much in the same manner as a household
would prepare for an earthquake or flood threat. We are
advising moderation in food and supply stockpiling and the
amount of cash kept on hand. The Y2K preparedness checklist
would contain certain unique characteristics such as advising
households to keep hardcopy financial records for the later
part of 1999. We do not believe Y2K preparedness needs to be
dramatically different than typical household emergency
preparedness.
The city has been preparing for possible Y2K disruptions
through a series of tabletop exercises and problem simulations
that allow staff to practice and perfect the emergency response
systems. By the completion of this series of emergency
exercises we will have involved agencies such as the school
district, our local hospital and the Red Cross to enhance the
ability to coordinate our emergency response. Additionally, the
city departments are reviewing manual work-around procedures
that would allow at least a basic level of city services to be
maintained in critical areas if computer systems were to fail.
The city's emergency operation center will be open and
fully staffed over the New Year's period. We will track Y2K
related events over the Internet as they unfold through the
dateline through Asia into Europe and across the Eastern United
States. We will maintain a telephone bank to quickly respond to
community concerns or rumors. In the event of a major regional
disruption in electric power or communications, the city has
fall-back alternatives available on a very localized basis. We
are prepared for an extended Y2K response period if that
becomes necessary.
In closing, I want to thank the committee for the
opportunity to speak this morning. On behalf of the City
Council of the city of Santa Clara, I extend our appreciation
to the committee for your diligence and efforts in determining
year 2000 readiness throughout this nation. Thank you.
Mr. Horn. Thank you. We appreciate your remarks.
[The prepared statement of Mr. Garratt follows:]
[GRAPHIC] [TIFF OMITTED] T0954.179
[GRAPHIC] [TIFF OMITTED] T0954.180
[GRAPHIC] [TIFF OMITTED] T0954.181
[GRAPHIC] [TIFF OMITTED] T0954.182
[GRAPHIC] [TIFF OMITTED] T0954.183
[GRAPHIC] [TIFF OMITTED] T0954.184
[GRAPHIC] [TIFF OMITTED] T0954.185
[GRAPHIC] [TIFF OMITTED] T0954.186
[GRAPHIC] [TIFF OMITTED] T0954.187
[GRAPHIC] [TIFF OMITTED] T0954.188
[GRAPHIC] [TIFF OMITTED] T0954.189
Mr. Horn. Christiane Hayashi is the year 2000
communications manager for the city of San Francisco. Thank you
for coming.
Ms. Hayashi. Thank you, Mr. Chairman, I want to thank the
subcommittee for the opportunity to participate in the national
dialog on this topic. I also want to take the opportunity to
personally thank the General Accounting Office for all the
invaluable information that they have passed along that has
been of use to the State and local governments, and I'm sure
even private businesses as well.
I brought with me as written testimony a rather long report
to the San Francisco Board of Supervisors. Unfortunately it was
prepared as an internal document and it's hot off the presses.
I didn't get a chance to repackage it for external viewing. So
the only clue that it's from San Francisco is the CCSF acronym
at the top corner of the page. I apologize for that. We'll take
care of that when we get back to the office.
Mr. Horn. When you say it's an internal document, you can
be sure the press will want that one more than any.
Ms. Hayashi. There are 75 copies on the table, so
everyone's welcome to it. It's a document that we prepared.
It's the most recent Y2K status for the San Francisco Board of
Supervisors, and it contains detailed status reports for each
of the 14 mission-critical departments in the city as
designated for the focus of this Y2K preparation. But actually,
I'd like to talk about something that's not in that report, and
I'd be happy to take any specific questions on status as well.
Everyone who's dealt with Y2K for any period of time can
rattle off the improved procedures, inventory assessment,
remediation, testing, contingency planning, supplier
verification, and most recently identified some elements of due
diligence as independent validation and verification, and the
city is, of course, actively engaged in this process. But what
has emerged as one of the most important elements of Y2K
preparation is public awareness.
It's become apparent to many jurisdictions as you've heard
in prior testimony that whether Y2K has seriously harmful
effects to society could depend on the individual citizen's
level of preparation for it and how they react to it. And by
public awareness, I mean, first of all, that we get accurate
information to the public so that they can evaluate whether
their government's efforts are addressing all of their needs in
a due diligence process, and so that the public can share the
Government's confidence when certain systems are certified as
Y2K ready, and also so that each person and household can
assess what their risks are based on their personal needs and
priorities. For example, the person who requires medication
might assess the risks to the pharmaceutical industry and
decide how much medication to keep around the house in the
event of need.
And also by public awareness, I mean that we get
information to the public about how they should prepare. At
this point, enough agencies and businesses have accomplished
enough work so that those following Y2K progress are breathing
a little easier about the potential effects of New Year's Eve
on the social and economic fabric of the United States, at
least from a technical perspective, although we do recognize
much work remains to be done.
The banking and utility industries and their associated
regulatory agencies have expressed pretty good levels of
confidence that their services will continue uninterrupted.
Consumer automobiles have been warranted by the manufacturers
and most central systems of public and private organizations
will have received at least some attention by the end of the
year. Most governments have achieved substantial readiness and
rapid progress continues.
But the fact remains that we can expect some surprises from
Y2K, and a significant danger remains that a public panic
reaction could have severely detrimental effects. People need
to understand that they can expect Y2K-related headaches in the
first half of next year, so that they shouldn't run screaming
into the streets the first time that the lights flicker. They
also need to take advantage of this opportunity to prepare to
be just a little bit self-reliant.
Personal Y2K preparation is like buying fire insurance. Is
it likely that your house will burn down? Not really, but there
is a chance, and the value of your home and its contents are
sufficiently important that you take the time and spend the
money to protect it against that eventuality. Having purchased
that fire insurance, you can feel secure that come the worst,
you have some protection.
Similarly in the Y2K context, it's looking very unlikely
that there will be serious infrastructure breakdowns. However,
because of the complex interdependencies of our high-tech
society, what could fail and for how long remains a great
uncertainty. Just as agencies have looked over their
inventories assessing the compliance, fixed their non-compliant
systems, tested their fixes and made back-up plans, so the
citizens should identify their personal priorities for the
mission-critical systems, like insulin to a diabetic. They
should assess their risk of failure of those systems such as
checking the websites of the manufacturers of the elements that
you might have at home. They should fix what they can, such as
downloading fixes for their personal computing systems from
manufacturer's websites, and they should identify the
alternatives to those things that could fail, but are beyond
their individual capacity to fix, such as keeping a supply of
essential and nonperishable groceries of the household needs.
Above all, people should be prepared for Y2K by remaining
rational and avoiding hysteria about the millennium. Panic
could result in long-term economic problems, rioting, looting
and other socially unproductive behavior. Now is the time for
people to remember that we are low-tech human beings. There's
nothing standing between us and the earth and the sunlight and
the air we breathe. Our families and friends don't have
computer chips. Our social network will remain intact. Since no
one has ever suggested that Y2K will result in spontaneous
combustion, we should have most of our personal possessions
around us.
With just a little bit of preparation, we can provide
ourselves with Y2K insurance. In California where we've had at
least three major earthquakes, raging fires, power outages and
alternating drought and floods during this century, it's merely
common sense to make your household self-reliant in a few
fundamental respects: Nonperishable food, water, necessary
medicine, flashlights, a little cash, security of important
documents.
But for ourselves and each other, we can use this
fascinating Y2K historical event as an opportunity to
strengthen our human bonds and improve our collective future.
That's the message of optimism and personal empowerment that we
feel is an important part of San Francisco's readiness effort.
Thank you.
Mr. Horn. Well, thank you. That's very well stated, and you
are right on the mark, and as I listen to you, I think you
probably get the last word when you see the mayor who is used
to having the last word. So thanks for coming and sharing those
insights with us. We appreciate it.
[The prepared statement of Ms. Hayashi follows:]
[GRAPHIC] [TIFF OMITTED] T0954.190
[GRAPHIC] [TIFF OMITTED] T0954.191
[GRAPHIC] [TIFF OMITTED] T0954.192
[GRAPHIC] [TIFF OMITTED] T0954.193
[GRAPHIC] [TIFF OMITTED] T0954.194
[GRAPHIC] [TIFF OMITTED] T0954.195
[GRAPHIC] [TIFF OMITTED] T0954.196
[GRAPHIC] [TIFF OMITTED] T0954.197
[GRAPHIC] [TIFF OMITTED] T0954.198
[GRAPHIC] [TIFF OMITTED] T0954.199
[GRAPHIC] [TIFF OMITTED] T0954.200
[GRAPHIC] [TIFF OMITTED] T0954.201
[GRAPHIC] [TIFF OMITTED] T0954.202
[GRAPHIC] [TIFF OMITTED] T0954.203
[GRAPHIC] [TIFF OMITTED] T0954.204
[GRAPHIC] [TIFF OMITTED] T0954.205
[GRAPHIC] [TIFF OMITTED] T0954.206
[GRAPHIC] [TIFF OMITTED] T0954.207
[GRAPHIC] [TIFF OMITTED] T0954.208
[GRAPHIC] [TIFF OMITTED] T0954.209
[GRAPHIC] [TIFF OMITTED] T0954.210
[GRAPHIC] [TIFF OMITTED] T0954.211
[GRAPHIC] [TIFF OMITTED] T0954.212
[GRAPHIC] [TIFF OMITTED] T0954.213
[GRAPHIC] [TIFF OMITTED] T0954.214
[GRAPHIC] [TIFF OMITTED] T0954.215
[GRAPHIC] [TIFF OMITTED] T0954.216
[GRAPHIC] [TIFF OMITTED] T0954.217
[GRAPHIC] [TIFF OMITTED] T0954.218
[GRAPHIC] [TIFF OMITTED] T0954.219
[GRAPHIC] [TIFF OMITTED] T0954.220
[GRAPHIC] [TIFF OMITTED] T0954.221
[GRAPHIC] [TIFF OMITTED] T0954.222
[GRAPHIC] [TIFF OMITTED] T0954.223
[GRAPHIC] [TIFF OMITTED] T0954.224
[GRAPHIC] [TIFF OMITTED] T0954.225
[GRAPHIC] [TIFF OMITTED] T0954.226
Mr. Horn. Let me ask some general questions for the panel
as a whole. I've long felt since I got into this in 1996 that
this is a management problem, not just a technological problem,
and I'd sort of like to know from you now that you've been
through this process, what are the management principles you
followed that you think, for those that haven't really become
involved in this, you could give them a little guidance?
So let's just go right down the line. I think I'm going to
let you pass, Mr. Willemssen. Let's have your colleague there,
Mr. Burton, from the city of San Jose. What's the management
approach you've taken and where responsibility is being placed
and so forth?
Mr. Burton. I think the No. 1 issue has been awareness, and
that's for managers throughout the organization to be aware.
Whether or not it's from a standpoint of the general issue of
the year 2000 preparedness or the individual services and key
equipment items, to ensure that they are year 2000 compliant.
It's, I think, self-realization you have to begin with, and if
you're in denial, you certainly wouldn't begin addressing the
problem.
Mr. Horn. Mr. Drysdale.
Mr. Drysdale. Our management approach is based on
communication, participation and involvement by really
everybody. So when I mentioned that our executives participated
in the test, that was true. We were all there on Saturday
working on it, and the same thing is true of our staff. We work
together as a team. So primarily involvement, participation,
continued good communications, we try to practice every day at
work. That's just a common approach.
Mr. Horn. Mr. Garratt.
Mr. Garratt. I think the fact that I have been assigned as
the Y2K project coordinator from the city manager's office
rather than a chief information officer is indicative of the
visibility the council and the city management chose to give
this issue. We have departments who have been working in very
rigorous ways to solve their individual proprietary situations,
but it does require a certain level of oversight and
coordination and a constant message that enough is never quite
enough. And that's the approach we've taken.
Mr. Horn. Ms. Hayashi.
Ms. Hayashi. In the city of San Francisco which is a fairly
decentralized city, the multiple programs primarily take
responsibility for all their own operations. It was an
important step in the Y2K effort to create a central, city-wide
organization that existed to help coordinate the efforts
between the departments, coordinate the communications about
the interdependencies between departments, because a lot of
departments that rely on the phone services, for example, are
dependent on another city department for providing those
services. Also for centralizing some of the issues to avoid
duplication of work, and directing resources also, because as
we've seen departments that perhaps don't have enough resources
in their own pockets, that we could direct some personnel and
some expertise to them so that they can get the job
accomplished quickly.
So the central oversight has been critically important, and
I think I agree with the message of motivation as well, that
everybody needs to keep working as hard as they can.
Mr. Horn. Since we have three cities on this panel, San
Francisco, Santa Clara and San Jose, I'm curious if any of you
have had the type of exercise that Rockville, MD and Lubbock,
TX ran through where they advanced the date forward, in a
department in the middle of the night and then see what happens
to your emergency coordination operation. Has any of you done
that at this point, or have we just dealt individually with
adaptation of codes?
Ms. Hayashi. That has been done in San Francisco, but
again, many of these year 2000 readiness preparations were done
on a department-by-department basis. So we haven't had a city-
wide exercise, but there has been a lot of date simulation
testing in individual departments.
Mr. Horn. Because certainly when you have department
responsibility, the question is do they have connection with
other departments to get their job done?
Ms. Hayashi. Exactly. And that's why the central program
management office is the grease that keeps those wheels moving.
Mr. Garratt. I have heard the Rockville staffers and the
Lubbock staffers explain the exercise they went through. We
have not attempted to perform something like that. We pushed
certain systems beyond the millennium. We had the unique
experience in one system where it went beyond and operated, but
it was very difficult to pull it back. And there was a bug in
the software from that perspective. But we've been fairly
limited and judicious on pushing these systems as a unit.
Mr. Burton. In the city of San Jose we have pushed the date
forward on our network, our city-wide network, to the year 2000
and exercised the system. I believe that was back in March, and
have a plan to do that again in September over the Labor Day
weekend. In addition, for our computer clusters for
applications we have tested systems with the system dates
rolled forward, as well as the individual applications, flexing
them with functionality in the next century. Our first test in
that was in the month of May this year. We actually have a test
underway today in our computer center with a date rolled
forward to the year 2000. We also have one scheduled for August
28th and again on Labor Day, as I mentioned.
Mr. Horn. Some have mentioned over the last few years that
there are some additional dates we need to be concerned with,
and your comment on September, I thought I'd use that,
September 9, 1999 bothers some people as it might mess up some
computers because that apparently was used as a symbol for a
number of computer programs in the past, and the other being
the fact that we have a little extra day in February 2000.
Does any of that concern you one way or the other?
Mr. Burton. We identified 19 key high-risk dates
potentially. The high risk dates have been examined against the
application to find out what dates that application would have
at risk. Our testing plan includes flexing a minimum of two of
those dates for applications: most assuredly the roll over as
well as leap day, and then identification of some other date.
For instance, not only do you face January 1st and leap day,
but with remediated code, et cetera, we're concerned about
month end closes, quarterly closes, fiscal year closes and
calendar year closes in these remediated applications. So there
are quit a few dates that we're looking at.
Mr. Horn. Mr. Garratt, any thoughts on that?
Mr. Garratt. As I mentioned in my presentation, we've
replaced a good number of our systems with object-oriented
programming languages, C++, that deal with the year as a four-
digit equation. Our finance system has been remediated, and we
are aware, and we will be watching very carefully certainly on
September 9th. The programmers have looked into the system to
make a determination if that could be a problem. They did not
believe it will be a problem.
Mr. Horn. That's very interesting, and I wonder how about
San Francisco? Have you done that?
Ms. Hayashi. Yes, yes. Leap year and other potentially
sensitive dates are a part of what we have taken into
consideration in examining the IT systems.
Mr. Horn. Mr. Drysdale, you've given us very helpful
information on the water, and as understand it, there are
200,000 public water systems regulated under the Safe Drinking
Water Act that serve about 240 million people in our country.
The remaining population obtains most of their drinking water
from private wells. So I'm curious, is the San Jose Water Co.
ready for January 1, 2000, to ensure that there are no
violations associated with the Safe Drinking Water Act?
Mr. Drysdale. Yes, Chairman Horn, our water quality staff
is part of the group that would be available that evening. But
typically, our staff that works around the clock monitors for
different types of matter that can be in water that might
indicate a violation of the Safe Drinking Water Act. Generally,
when the water is tested here in the valley for all the
required different types of chemicals and matter that can be in
the water, typically we have non-detectable traces. It's not
possible to detect anything that would be required by current
regulations. So as far as wells, private wells, here in town
are, the oversight for that is the Santa Clara Valley Water
District. So we work with them as far as monitoring our own
wells, but private wells, we don't have that responsibility.
Mr. Horn. Does the Santa Clara Valley Water District
include all of southern Santa Clara County? How does that work?
Mr. Drysdale. Yes, it does. In general, that would be a
fair description of their service area.
Mr. Horn. That includes the Pajaro River, which is a river
on the southern end of the county, marks the border.
Mr. Drysdale. I believe it would.
Mr. Horn. I'm just curious, because you've mentioned
Federal and State water that you have access to, which I assume
is coming through the San Luis Reservoir, isn't it?
Mr. Drysdale. Yes, it is. There's San Luis Reservoir water,
and there's also water that's directly piped into the valley to
the two treatment plants that the district operates. One is on
the east side of the valley, and one is on the west side of the
valley.
Mr. Horn. Is there projected, given the population growth
in San Jose and Santa Clara County, is it projected that it
will have a very tight situation on water whether it be the
year 2000 or not?
Mr. Drysdale. I'm not familiar with those projections, but
I don't believe that there's a problem. I do attend some of the
water retailer meetings with the district, and there's never
been expressed any concern for that.
Mr. Horn. Now for the agricultural use where they do have
wells on a number of these farms. What's been the water level?
Has it been going down substantially in the last 20, 30 years?
Mr. Drysdale. No. On the contrary, with the use of import
water, the primary supply for the valley ground water is at
record levels.
Mr. Horn. Where do you touch the water supply? What's the
footage digging a typical well?
Mr. Drysdale. Depends upon the usage, the nature of the
soil, the nature of rock. There are different levels. But one
very good example not far from here, we have a local highway
that's about 15 or 18 feet below the surface level and water is
percolating through that highway right now, and that's a
problem that people are trying to deal with. So the water is
typically quite high.
Mr. Horn. That's interesting. In Los Angeles what many of
us know as the Century Freeway named after my predecessor, Glen
Anderson, who chaired the Transportation Committee of the
House, turns out they have exactly that problem, that water's
coming up there, and the water replenishment agencies are now
billing the State Highway Department for taking their water.
It's having its amusing aspects, but it becomes very difficult
when your freeway starts moving around. So that's happening
here. That's fascinating.
Let me ask Mr. Willemssen who has gone through many panels,
that raises good questions as his colleagues do in GAO.
Mr. Willemssen. One issue that was briefly touched upon by
one or two of the witnesses that I would encourage all the
organizations here to keep in mind is the value of independent
verification and validation efforts, especially to the extent
that you can publicize those efforts and let citizens know that
another set of eyes has indeed gone in and taken a look at your
most important systems and made judgments about their
compliance status. That can go a long ways in further assuring
citizens' readiness. That's one thing to keep in mind.
An additional item, and you touched on this in one of your
questions, there are tremendous value in testing business
continuity and contingency plans. There are things that come up
during these test exercises that were never considered early
on, so I would also encourage the organizations to consider
that.
In addition, I believe the city of San Francisco
representative mentioned the importance of communicating to the
citizens during the rollover period. I believe the States and
localities will be hearing much more from FEMA regional offices
and from the executive branch on the plans of John Koskinen's
information coordination center in this regard with their
purpose of trying to get out reliable, consistent information
to the public during the rollover period. The individuals here
should be playing a role in that and will be getting further
information on it.
Mr. Horn. Thank you. Any questions you'd like to ask of
your colleagues now that you've heard all of this, and any
questions we should have asked but didn't have the brains to
ask, we'd like to take those questions too. So anybody have
some additional thoughts after hearing the dialog?
OK. Everybody's satisfied there. Driving home to San
Francisco you're not going to say, ``Gee, I should have asked
that''?
Ms. Hayashi. I think we'll have other opportunities to talk
to each other.
Mr. Horn. At midnight, January 1st?
Ms. Hayashi. No. I think the interagency dialog has been
very valuable, and everybody is taking advantage of it.
Mr. Horn. I should ask, where are you all going to be that
night, January 1st? I assume you're in your command
headquarters on water, electric and all the rest. Yeah.
Well, I'll be flying on a plane. We'll see what happens
there. I've told the FAA Administrator don't upset the
controllers that day, will you. Leave them alone.
Anyhow, thanks for coming. You've had very thorough things.
There's some excellent work where people could be used either
on bills or everything else to get the message over. I think
we'll steal liberally from all of your ideas. Thank you.
Ms. Hayashi. Please do.
Mr. Horn. OK. We're moving to panel two. Panel two consists
of some of the key corporations in Silicon Valley as well as
Pacific Bell and the San Jose International Airport. We'll be
glad to fly in and out of. It's a fine airport.
We have Mr. Whitworth, Mr. Cavaney and Mr. Hall and Mr.
Latino, Mr. Tonseth. I think that's it.
OK. Gentleman, if you raise your right hands.
[Witnesses affirmed.]
Mr. Horn. The clerk will note that all five have been
affirmed, and we will begin with Mr. Whitworth. And as I
mentioned earlier, you might not have been here, automatically
that full statement of yours goes in the record. We'd like you
to summarize it so we'll have more time for questions and
answers and dialog, but we appreciate all of your hard work and
thank you for coming.
Mr. Brad Whitworth is the Y2K marketing & communications
manager for Hewlett Packard Co. We're glad to have you here,
very distinguished name in computing.
STATEMENTS OF BRAD WHITWORTH, Y2K MARKETING AND COMMUNICATIONS
MANAGER, HEWLETT PACKARD CO.; PAT CAVANEY, YEAR 2000 PROGRAM
MANAGER, CUSTOMER SERVICE AND SUPPORT GROUP, HEWLETT PACKARD
CO.; RICHARD HALL, DIRECTOR, CALIFORNIA GOVERNMENTAL AFFAIRS,
YEAR 2000 PROGRAM MANAGER, INTEL CORP.; TOM LATINO, PRODUCT
MANAGER, PACIFIC BELL; AND RALPH TONSETH, DIRECTOR OF AVIATION,
SAN JOSE INTERNATIONAL AIRPORT
Mr. Whitworth. Good morning, Mr. Chairman. I am pleased to
be with you today to talk about the year 2000 program at HP.
The timing for my appearance really couldn't be better. We just
passed an important internal milestone in HP's Y2K program that
I'll tell you about in just a moment.
HP is a worldwide electronics company, yet we're here in
Silicon Valley. 1998 revenues over $48 billion. We employ about
120,000 people and conduct business in more than 120 countries
around the world. We are the second largest computer company in
the world, the 14th largest company in the Fortune 500.
Probably best known for LaserJet and InkJet printers, PCs and
our high performance computer systems. We're also the maker of
hand-held calculators for students, patient monitoring systems
for intensive care nurses, gas chromatographs for chemists.
Y2K takes on three dimensions for us as an organization.
First is that we had to make sure that the 36,000 products that
we sell and ship today are all Y2K ready. Second, we want to
make sure that customers who purchased products from HP in the
past know the Y2K compliance status of their HP products and
that they understand the need to check the readiness of HP gear
in their own environment. And third, we're working hard to make
sure that Y2K doesn't create any problems for our own
operations. So we've been checking everything from orders
processing systems in our Atlanta sales office to the
electricity supplied to our Puerto Rican manufacturing facility
to the phone system in our Beijing, China, operation.
I'll spend some time talking about the first and third
points in our Y2K program on products and our own operations,
and then my colleague, Pat Cavaney, will tell you about the
ways we've been working with our customers around the world and
how we're helping them prepare for the move to the next
century.
Let me start with that third dimension to our Y2K program,
our internal readiness. I mentioned we just passed an important
milestone in our Y2K program. We had an internal readiness date
of July 31st. We picked that date as the one by which we'd have
all of our critical information technology systems and business
processes ready for Y2K, and based on the reports from our
managers around the world, we made it. In only a few instances
do we still have some exceptions remaining, but we're confident
that we'll be resolving those in the next few weeks.
Meeting that target date of July 31st was not a trivial
matter for a company of our size and complexity. For example,
it meant checking the Y2K readiness of 150,000 personal
computers, another 24,000 computer workstations, about 8,500
critical business software applications, 300 PBX systems,
13,000 servers, 2,700 routers, and all of these located in HP
offices in more than 50 countries. That means we also had to
check with more than 110,000 suppliers all over the world. We
rely upon them for about 600,000 parts that we use to
manufacture our products. They provide us everything from
microprocessors to monitors. We're generally satisfied with
their readiness programs.
However, the complexity of that supply chain and that
chain's reliance on a global network of transportation
providers to move raw materials subassemblies and finished
products does represent HP's largest Y2K vulnerability. This is
particularly true outside the United States where we've
discovered, as have Y2K experts like the Gartner Group, some
countries have been late in addressing Y2K. So we're working
closely with all these suppliers. But because many of these
issues are beyond our direct control, we're spending a lot of
time developing contingency and backup plans. I would certainly
say that this is the area of focus for us for the rest of the
year.
Now let me tell you about the HP products that I mentioned.
When we launched our Y2K program, we needed to make sure that
all of today's products were Y2K compliant. We also needed to
work back through thousands of products we've delivered in
prior years to determine if they're Y2K ready, and also we
needed to put in place a process to make sure that all of our
future product offerings are also ready for Y2K.
When we started a few years ago, there was no industrywide
definition for year 2000 compliance, no testing standard. So we
developed our own, based in part on GTE's Y2K test pattern that
our IT organization had been using since 1996. We've been using
it companywide ever since, and it's become a model in the
industry to organizations like I-Triple E and NSTL, who
developed their standards. Most important for us, it's now
embedded as part of our ongoing test processes we use for every
new product we introduce.
So where do we stand today with our products? Well, all of
the products that we've introduced since July 1, 1998 are Y2K
compliant, and almost half of 115,000 products in our
compliance data base are fine with Y2K simply because they
don't process dates at all. There are large families of some of
our largest and most popular products where there are no Y2K
problems. For example, our DeskJet printers, our scanners and
all but early versions of one model of our LaserJet printer are
all Y2K compliant. We do have some older products that are not
Y2K compliant. Most of these non-compliant products have been
obsolete for some time. They are no longer supported by HP.
However, we've made an important commitment to our
customers on these older products. For every product that we've
delivered since January 1, 1995, we will have a Y2K update or a
replacement product available, and available at no additional
charge if the product is covered under a support contract or
warranty. One of the industry consultants who has studied our
program calls this commitment to customers the most generous
he's seen. But really, Y2K isn't about our policy or products
or internal operations. Y2K is really about our customers and
making sure that they have the information and the know how
that they need to get their own computing environments ready
for Y2K and continue their businesses.
So I'd like to ask Pat Cavaney to share with you some more
details about our customer Y2K programs, and what we've done so
far, and what we'll be doing in the months ahead.
[The prepared statement of Mr. Whitworth follows:]
[GRAPHIC] [TIFF OMITTED] T0954.227
[GRAPHIC] [TIFF OMITTED] T0954.228
[GRAPHIC] [TIFF OMITTED] T0954.229
[GRAPHIC] [TIFF OMITTED] T0954.230
[GRAPHIC] [TIFF OMITTED] T0954.231
[GRAPHIC] [TIFF OMITTED] T0954.232
[GRAPHIC] [TIFF OMITTED] T0954.233
[GRAPHIC] [TIFF OMITTED] T0954.234
[GRAPHIC] [TIFF OMITTED] T0954.235
[GRAPHIC] [TIFF OMITTED] T0954.236
[GRAPHIC] [TIFF OMITTED] T0954.237
[GRAPHIC] [TIFF OMITTED] T0954.238
[GRAPHIC] [TIFF OMITTED] T0954.239
[GRAPHIC] [TIFF OMITTED] T0954.240
[GRAPHIC] [TIFF OMITTED] T0954.241
Mr. Cavaney. Good morning, Mr. Chairman. I appreciate the
opportunity to speak with you today regarding Hewlett Packard
and our approach to Y2K readiness in our role as a provider of
customer support for our products. My name is Pat Cavaney, and
I'm the year 2000 manager for Hewlett Packard's Customer
Service and Support Group.
HP has employees and authorized distributors in 120
countries providing service and support all the way from homes
to small businesses to large Fortune 500 corporations. Our goal
is to help our customers achieve their own Y2K readiness. In
his statement, my colleague mentioned the extensive products
evaluation HP has performed on our current and past products
and what we're doing to offer Y2K updates for our previously
shipped products.
I'd now like to briefly address how HP has approached
informing and supporting our customers through extensive
proactive and communication efforts. This is the most far-
reaching customer communication program that HP has ever
undertaken. A key goal for HP is to reach as many customers as
possible to make sure they check the status of their HP
equipment as well as the readiness of their entire IT
environment. Under the umbrella of the company-wide effort to
inform customers, each of HP's major business segments has
initiated a customer outreach program. Let me highlight a few
of these for you.
Our customer support organization has mailed Y2K
information to all of its current customers under a support
contract and informed them of the compliant status of every
product covered under a support agreement. Today I've brought
two such brochures that we've used in period mailings to our
customers to inform them of the need to take action. Our
Enterprise Computing sales organization has conducted Y2K
meetings with several thousand of larger customers around the
world. Hewlett Packard has also informed our customers of any
computing and health care products purchased directly from HP
since 1995 which is not compliant, whether it's under a support
agreement or not. Last, we provided our channel partners who
resell HP products with Y2K information which they can provide
to their customers.
In addition, these proactive communications programs HP's
year 2K program offices around the world respond to customers'
requests daily for information about the Y2K readiness of our
products. These groups of HP employees answer questions,
letters, faxes and surveys that customers may pose about Y2K.
We've also made sure that all HP call centers and response
centers worldwide and staff are trained to handle Y2K
questions. HP's field organization is being equipped with the
latest information on product compliance, services, upgrade
programs for our customers and tools to assist customers with
their Y2K readiness.
HP's central Y2K website has been active since early 1997
and is now attracting more than 250,000 visitors a month. Our
website contains our product compliance data base listing
status of the more than 100,000 current and past HP products
Brad mentioned. For customers who do not have access to the
Internet or our website, our call centers and sales and support
offices will respond to any Y2K inquiry we receive.
We're working hard to inform the millions of customers who
are not on a support contract with HP about our Y2K efforts.
We're including a Y2K message in every press release the
company issues in 1999, in the annual report, in select
advertisements and direct mail campaigns in many countries and
in key messages at trade shows and conventions such as at HP
World next week in San Francisco.
The other manner in which Hewlett Packard will assist its
customers' transition successfully to the next millennium is
through our enhanced customer support capacity and providing
additional self-help tools directly to our customers. HP
expects that the year 2000 issue will increase the number of
phone calls for support into our call centers and response
centers. While we can't precisely predict exactly how many
calls we will receive for year 2000 support, we anticipate an
increase in customer demand as we reach the latter stages of
1999 and 2000, particularly around the New Year's period for
the rollover weekend. We believe that we'll see the greatest
increase between the period of November 1st, 1999 and March
3rd, 2000. To address the needs for additional customer
assistance during this period, we've taken specific action as
part of our enhanced support capacity program. We have
increased the staffing at our support call centers over this
past year. We have developed specific employee work policies
governing employee vacations and availability not only over the
rollover weekend, but also in the surrounding months as well,
not only for our call center and engineering personnel, but
also the labs that are the escalation paths for those
organizations. We have plans to redirect other HP resources on
customer assistance activity should that be the case, and we've
implemented new support tools and technology to more easily
provide assistance to our customers including enhanced self-
help tools that are available on our year 2K website.
The year 2K rollover weekend and surrounding period is
certainly not expected to be business as usual. Our customer
support response centers will be open for the rollover weekend
to provide Y2K assistance for our customers. In fact, for that
weekend we will also expand our after-hours coverage staffing
in our response centers to provide additional support. As
another way additional information and assistance will be
provided to our customers around the clock, HP will be
implementing a fast track method to identify, analyze and
report Y2K issues through our electronic support center website
to customers worldwide later this year. This is an enhancement
under an already existing feature that we have in our support
response centers.
In conclusion, the year 2K rollover and the surrounding
period will be a time HP will ask all employees to focus on
assisting our customers. HP is committed to making the
transition to the next century a successful one for our
customers and for our company, and certainly Hewlett Packard
thanks you for the opportunity to share our year 2000 program
with you today.
[The information referred to follows:]
[GRAPHIC] [TIFF OMITTED] T0954.242
[GRAPHIC] [TIFF OMITTED] T0954.243
[GRAPHIC] [TIFF OMITTED] T0954.244
[GRAPHIC] [TIFF OMITTED] T0954.245
[GRAPHIC] [TIFF OMITTED] T0954.246
[GRAPHIC] [TIFF OMITTED] T0954.247
[GRAPHIC] [TIFF OMITTED] T0954.248
[GRAPHIC] [TIFF OMITTED] T0954.249
[GRAPHIC] [TIFF OMITTED] T0954.250
[GRAPHIC] [TIFF OMITTED] T0954.251
[GRAPHIC] [TIFF OMITTED] T0954.252
[GRAPHIC] [TIFF OMITTED] T0954.253
Mr. Horn. Well, thank both of you very much. If I had my
checkbook here, I'd sign up right now. You two are real
marketers.
So I'm looking forward, Mr. Hall, to your marketing also.
You're with one of the great firms of this valley, and that's
the Intel Corp. Richard Hall is the director of California
governmental affairs and the year 2000 program manager.
Mr. Richard Hall. Thank you, Mr. Chairman. Actually, as I
listened to Hewlett Packard's testimony, I could probably say
ditto to about 99 percent of it, because our programs are very
much in parallel with theirs as a similarly structured company
in the same industry. But let me stick to my planned remarks
with a few extra comments.
First, I want to express our thanks as an industry and
company to this subcommittee. I believe that in unison with
Chairman Bennett's committee in the other house, that you have
achieved a very high level of public attention for the year
2000 problem that otherwise would not have been achieved. In
particular, the report card methodology that you've used on a
quarterly basis has focused media and public attention to that,
and to me it's really a case study in how to succeed in getting
attention to something that's very difficult to get attention
to on a good day.
Mr. Horn. Well, thank you. It does have its impact. The
State Department finally cleared up their small number of
mission-critical systems, and somebody asked them from a
computer journal, ``How did you finally do it, the move from
the F to the A-minus stage?'' And they said, ``Well, I guess my
boss was just tired of all those Fs.'' So it helped.
Mr. Richard Hall. Precisely. In that context, it's not in
my prepared testimony, but in listening to the public sector
representatives this morning, I wanted to make this remark. For
another presentation I did on the year 2000 recently on July
30th in a nice place up in South Lake Tahoe, I did an analysis
of 1 day's news media coverage regarding the year 2000. I
picked an interesting day. It was July 21st, 9 days before I
was up there, and on that day there was a good news development
on the year 2000 and a bad news development.
The first was Mrs. Garvey's announcement that the FAA had
achieved, and she said without qualification, full compliance
on the year 2000, and the public should have no concerns. On
that same day, Mrs. Williams-Bridgers of the U.S. Department of
State testified before the Congress that one-half of the 161
countries that the U.S. Department of State had analyzed around
the world for year 2000 capability had the potential for severe
infrastructure disruptions which would in turn effect U.S.
trade and commerce in significant ways.
Now, the following day, July 22nd, in the 30 major U.S.
daily newspapers there were seven stories about Mrs. Garvey's
announcement and about Ms. Bridger's testimony. There were 130
stories about day six of the Kennedy/Bessette tragedy, a 16 to
1 ratio. I'm not drawing a value judgment there, but I'm
pointing out where attention has been focused in the American
public mind and conscience about this, and a concern that I
would express is that as we get closer, today we have 139 days
remaining until the date rollover, as we get closer, the public
and media attention will shift from very low gear to extremely
high gear. We'll go from an under reaction to an overreaction,
and this parallels comments made by some of the representatives
today of the municipalities who are struggling to develop and
execute public information campaigns.
Now after my editorial diversion, I will return to my text
and a few comments, and I'll tell you about Intel. The other
task that this subcommittee and Chairman Bennett's committee on
the Senate side played such an important role in achieving was
the final passage of H.R. 775, known as the Y2K Act, signed by
the President on July 20th. I took note at the time that that
bill was signed by the President Pro Tem of the Senate, Senator
Thurmond, who will turn 97 years old on December 5th, still the
oldest American political leader, electronically signed the
bill and transmitted it by e-mail to the White House for the
President's signature. I thought that was an historic
development in and of itself. It creates a necessary legal
framework for potential litigation over the year 2000 and over
the next 3 years, and was a milestone development for this
country.
Let me offer you in my brief time four observations from
Intel Corp.'s standpoint. First of all, 10 days ago we
announced internally, and I'm delighted to announce the same
externally today, that Intel Corp. had achieved 100 percent,
and again, 100 percent, not 99.9 percent, compliance of all
internal systems. Of all the applications and systems that run
Intel's business systems worldwide, we are now complete.
No. 2, as of today, by our own internal measurement
methodology, 95 percent of our mission-critical and priority
suppliers around the world are either year 2000 capable or have
contingency plans in place that have satisfied us in terms of
the capability of continued support of Intel's business.
Third, on a less bright note, we continue to have concerns
at Intel about the readiness of external infrastructure, power,
telecommunications, water, transportation in certain critical
foreign geographies. Our experience, my own experience as part
of Intel's year 2000 team traveling to a number of foreign
countries, I spent nearly 2 weeks in Japan in May as one
example, parallels what the State Department has found. In
fact, I coincidentally crossed paths twice with the State
Department team in the month of May. We were on some of the
same airplanes and going to some of the same places, meeting
some of the same people. That experience also parallels what
the GartnerGroup has publicly described for the U.S. Congress
and the media about the concerns regarding foreign
infrastructure and its readiness, particularly in Asia and the
Pacific.
Last, in brief summary I'd like to say, as Hewlett Packard
remarked, our public website which is www.intel.com contains a
vast wealth of information about our year 2000 readiness, our
products, our strategies, our programs, far more than I could
adequately summarize today. Under the guidance of Congress
established in October 1998 under the first major Federal law
that was passed, we have done as full a job of disclosure as I
think we are able to do about all aspects of Intel's year 2000
readiness.
So again, I'd like to thank you, Mr. Chairman, and your
subcommittee for an excellent job of oversight and drawing
public attention. We'd like to thank you for the legislation
passed in July, and I hope that I've given you an adequate
overview of Intel's position today at 139 days before the date
rollover.
Mr. Horn. Well, that's a very helpful statement, and we'll
get into some of the foreign experiences in the question period
here. They're very important.
[The prepared statement of Mr. Richard Hall follows:]
[GRAPHIC] [TIFF OMITTED] T0954.254
[GRAPHIC] [TIFF OMITTED] T0954.255
[GRAPHIC] [TIFF OMITTED] T0954.256
[GRAPHIC] [TIFF OMITTED] T0954.257
[GRAPHIC] [TIFF OMITTED] T0954.258
[GRAPHIC] [TIFF OMITTED] T0954.259
[GRAPHIC] [TIFF OMITTED] T0954.260
Mr. Horn. Next we have a 2-day involvement with this
subcommittee. Tom Latino is the product manager for Pacific
Bell. He was with us in our Sacramento hearing yesterday, and
we're delighted to see you again.
Mr. Latino. Good morning. My name's Tom Latino and I am the
director of the public safety organization for Pacific Bell. I
appreciate the opportunity to update to you on SPC's readiness
for the year 2000, and I'm happy to say we have some great news
to share.
The bottom line is that when you pick up the phone on
January 1st, our network will be ready to serve you just as it
always has, and so will the wireless, data, Internet and other
services we provide. We spent nearly 4 years preparing for the
Y2K issue. As of June 30th, virtually all necessary Y2K
upgrades have been completed. A very few upgrades are scheduled
to be completed by September.
As we wrap up these upgrades, we will continue to focus on
testing and finalizing our business continuity plans. All of
our services will be tested and retested in simulated year 2000
environments prior to January. Our testing efforts also go well
beyond our own network as SPC is working with the Alliance for
Telecommunications Industry Solutions, or ATIS, to test our
services in conjunction with other communication companies and
other industries. As a matter of fact, ATIS recently announced
the successful completion of recent Y2K tests involving
communication networks serving the credit card and financial
industries. SPC and other communication carriers had no
difficulty in transmitting financial data in the simulated
environment.
We have also worked closely for Telephone Year 2000 Forum
which in December completed tests showing that local networks
are prepared to provide uninterrupted service. This internal
and third-party testing provides further evidence that Y2K will
be a non-event for our customers, and while we strongly believe
that will be the case, we also recognize that factors outside
of our control could potentially impact our service. To further
ensure continuous quality service, SPC is enhancing its
business continuity plan to prepare for Y2K contingencies. The
plans are an extension of Southwestern Bell's existing
procedures for providing service in the event of an emergency
or natural disaster.
As part of these business continuity plans, SPC will
increase staffing and customer support at business centers
during peak periods leading up to and including the New Year's
holiday. We are also establishing command centers throughout
our service territory to ensure a smooth transition to the New
Year.
As you can tell, Y2K readiness has been a very big job. All
told, SPC has spent nearly $200 million to prepare for Y2K.
SPC's Y2K project management team is led by an officer of the
company and each of our major business units have a dedicated
Y2K coordinator responsible for managing our year 2000 issues
within their organizations. To keep our customers up to date on
our progress, SPC's Y2K team maintains a comprehensive website
with the latest information available. Anyone looking for
detailed information on our Y2K readiness can access the
preparing for the millennium section on SPC's website at
www.spc.com. This site includes a section that allows you to
check on the readiness of the central office switch that serves
your community. You can also register at the website to receive
a copy of SPC's final readiness report.
Thank you again for the opportunity to provide this update.
Mr. Horn. Well, thanks very much, and we do want to list
all your numbers so people can reach you. That's a very good
service you all have on that.
Mr. Ralph Tonseth is director of aviation for San Jose
International Airport. I must say I always enjoy coming in and
out of San Jose. You run a very good operation there. Where
does that rank in the airports in California, just as a
curiosity?
Mr. Tonseth. Mr. Chairman, San Jose International Airport
is currently the fourth largest airport in the State of
California, currently handling more than 11 million passengers
annually and 250 million pounds of air freight annually. At the
current time, we also are the employment site for more than
5,300 individuals and are the only commercial airport in the
Santa Clara County, and therefore the Silicon Valley for the
provision of commercial air services, and so we therefore take
the responsibility very seriously to support all of these great
corporations and the transportation needs both for individuals'
trips and for air cargo services.
I'd like to thank you, Mr. Chairman, for the opportunity to
present to this subcommittee the report of San Jose
International Airport on our Y2K program. Like many others, we
have long recognized the need to address what has been called
the millennium bug problem, and we began our program in the
summer of 1997, and since that time have expended internally
more than 10,000 staff hours and expended more than $6 million
to reduce the chance of service interruptions related to
potential Y2K problems. I'd like to give you just a very brief
overview of our program, since it really does integrate many
sectors of our local economy.
Under specific direction from the FAA, we have identified
all mission-critical systems related to air transportation,
both in hardware, software and embedded chips that may impact
airport operations for the year 2000. We've also been working
on an ongoing basis with suppliers both from the private and
public sectors to ensure us that their systems that we use are
compliant and therefore will not negatively impact passenger or
freight customers.
Early on we performed a set of risk analyses and set
priorities for compliance, and we have, to the best of our
ability, confirmed by means of testing that all airport
critical systems and equipment do meet the year 2000
requirements. We expect to have all of our airport systems,
with the exception of our parking and revenue control systems
ready by September 30th, 1999. That system, the Parking Control
System will be Y2K compliant by November. We've developed
detailed contingency plans for all systems, and those plans
have been antiquated with our existing emergency operations
programs.
The scope of our program at the airport has been extensive.
We have identified 54 critical systems containing over 4,000
individual components. Each of these systems has been
thoroughly reviewed and assessed to determine the level of
risk, and in addition, each of these system's potential for
health, safety and other impacts have been evaluated.
We also have invested in hiring two independent consultants
and have gained from them considerable insight into the year
2000 program. The first of these was a consultant that provided
an embedded chip inventory, which we completed in May 1998. And
the second firm provided us a project management and
documentation expert.
The current status as of today is that eight critical
airport systems that were found to be deficient have been
replaced totally or upgraded and tested. 26 systems were found
not to have embedded time/date components within them. These,
however, have been also tested and replaced or upgraded where
feasible. Five systems are currently being replaced as we speak
and are expected, as I mentioned earlier, to be completed by
September 30th. And we are currently working with other city
departments, tenants or others and FAA to complete the
compliance process for the remaining 15 systems we've
identified.
We have made good progress, I believe, in dealing with this
problem. We have allocated the appropriate time in staff and
resources to deal with it. Our main concern as of today,
really, is our dependence upon public utilities, fuel
suppliers, telecommunication suppliers and others whose
services are beyond our control. However, we will continue to
work with these people to coordinate our efforts to make sure
that we have everything up to date by the year 2000.
We will have on staff on the evening of December 31st, 40
additional personnel that would not normally be on station. We
will open our emergency response center to deal with any
potential problems that may arise, and as you may know from the
new requirements from the FAA, we will, between midnight and
the time we open for first operation the next morning, test,
verify and report to the FAA at headquarters verification that
all of our systems are working.
In conclusion, I'd like to thank the committee for coming
to our nice city and holding this hearing, and I'd like to
assure you that San Jose International Airport is up to date
and really do aspire to make sure that if you do choose to land
here on the morning of January 1st in your aircraft, I will be
happy to meet you at the gate.
Mr. Horn. Thank you. We might do that. I was born in Santa
Clara County, so I'm pretty familiar with this county.
[The prepared statement of Mr. Tonseth follows:]
[GRAPHIC] [TIFF OMITTED] T0954.261
[GRAPHIC] [TIFF OMITTED] T0954.262
Mr. Horn. Now, let's go back, and if we can get Mr.
Willemssen at the table, I think, my friend, that there's a
chair right there. And I'd like to ask Mr. Willemssen, Joel,
what have you heard from this panel that you'd like to bring to
the floor, and we can talk about it.
Mr. Willemssen. I thought of a couple things that might be
interesting, especially with HP and Intel here, is if they can
give us a general perspective on what they think about embedded
chips and the Y2K issue. Because if you look back at Y2K and
how it's rolled out over the last several years, in the early
years, this was really viewed as a mainframe issue, COBOL, and
then after that, the embedded chip issue got a lot of play, a
lot of concern. I think that's leveled off to some degree.
So to the extent that one can generalize on the embedded
chip issue and on the extent of the IRTC problem, I think that
would be useful.
Mr. Horn. How about that, gentlemen?
Mr. Whitworth. With embedded chips at Hewlett Packard, most
of what we're looking at is as a user of these, whether it's a
manufacturing production environment, or things that you read
about, the elevators and escalators in office buildings and
those sorts of things. In our testing, both in the facilities
side of things and the manufacturing groups, as they've gone
through testing, embedded chips have really not proven to be a
significant issue at all. In very rare instances we found some
things, usually in working with the manufacturer of that
particular piece of equipment, we found that it's much lower
expectation, or actual results than what we had expected to
find. So it's been almost a non-issue for HP in terms of the
embedded chip problem.
Mr. Horn. How about it, Mr. Hall? What's the Intel view on
this?
Mr. Richard Hall. Two points: One is it's ironic in that
about somewhere around 90, 99 percent of all of the chips or
microprocessors that Intel has ever manufactured are the kind
that go inside personal computers or servers, and by their very
nature, they never have, now nor ever could have, any date
dependent functionality. The software that runs on them may
very well, but the hardware itself does not.
Over the years as really more of a sideline, we have
manufactured as a company embedded process control chips, and I
would concur with HP's general view both in terms of our
internal operations and in terms of those products which over
the years Intel has sold for embedded process control, that the
problem turned out to be defined down to a much smaller scope
than what was originally feared. A much smaller percentage of
embedded process controllers actually have date sensitive
functions, and most of those in turn have proven easier to
remediate than originally thought.
However, there's a simple human fact here. It relates back
to the observation, Mr. Chairman, that you made, which is one
that we agree with. Year 2000 is a management and resource
problem more than it is a technical problem, and even though
the embedded process control issue in the United States with
Intel or Hewlett Packard or worldwide is smaller than
originally conceived as we've talked about, the fact is that if
you don't go in and fix the thing, it will not operate
correctly, and those organizations in any country's public or
private sector that don't go in and fix and test directly are
going to have significant failures, and that's an issue of
management attention and resources. Those would be some
observations I have.
Mr. Horn. How many embedded chips does Intel put out in
year?
Mr. Richard Hall. I don't have that number today, Mr.
Chairman. It's a relatively small number. If you look in terms
of microprocessors we're probably manufacturing and selling
somewhere around 10 million a month. Embedded process control
would be a tiny fraction of that today. Very small. In the few
100,000, perhaps, if that.
Mr. Horn. Would it be fair to say that half of your sale of
those would be to foreign countries and industry in foreign
countries?
Mr. Richard Hall. About 55 or 60 percent of the
corporation's sales today as a whole are outside of North
America. So if the pattern parallels, for embedded process
control parallels that, yes, sir, that would be correct, but I
do not have full data for you today.
Mr. Horn. Could you just run through off the top of your
head what the average citizen might run, think about, in terms
of embedded chips in things that are very close to them in
their house or in driving to work or in traffic signals, this
kind of thing?
Mr. Richard Hall. All of those that you just mentioned,
plus inside their VCR, their cellular telephone and several of
the appliances they have around their home. All of us over the
last few years have added more and more embedded process
control in our lives. By some estimates, the average American
has somewhere between 50 and 100 embedded process control
devices surrounding him or her, and they have not ever seen a
single one or actually know what they do.
Again, the good news is the vast majority, for instance,
those in vehicles, primarily to the extent that they have a
measurement of time, they measure things like the cycles that
the engine turns over, not time according to the Gregorian
calendar established by Pope Gregory IV in 1563, which is what
actually got us into this problem. If you want to trace it back
historically. I have a humorous story about that, I won't
burden you with today.
Mr. Horn. Why not?
Mr. Richard Hall. Well, I've said in a few other venues
that if you wanted to bring the ultimate witness before a
public body, particularly the U.S. Congress, it would have to
be Julius Caesar, because he established the Julian calendar in
the first century. That calendar was with 12 months and X
number of days and weeks and all that which we take for
granted.
That calendar was then modified by Pope Gregory IV in the
year 1563, and over the next four centuries, as Western Europe
became economically and militarily and politically dominant,
there is a period of European colonization, the rest of the
world adopted the Gregorian calendar which originated in 1563.
Then in the second half of the 20th century, we taught the
Gregorian calendar to our machines, and that's the historical
lead-up to why we have this problem. If we developed a
different calendar using some different counting system tracing
back to Julius Caesar we wouldn't have had this hearing today.
That's the historical reason for the year 2000 problem.
To try to answer your specific question, to complete my
answer to your specific question, Mr. Chairman, in summary, the
number of embedded process control chips that everyone relies
on today is very large, but the vast majority of them, in fact,
do not have date sensitive functionality that is going to cause
them to fail at the millennium rollover. I hope that's a good
summary answer.
Mr. Horn. It's very helpful. In some of our hearings we've
been curious in terms of reactors, let's say nuclear reactors,
other types of equipment that might be related to a power
supply of one sort or another, and could something happen in
terms of the distribution system once that energy is generated.
Because obviously, we'll get more into it in the next panel,
it's one of toughest problems we face is will your suppliers,
let's say, have sufficient power to keep their lines going, and
if they don't, we ought to know about it, because that really
would be a problem.
So I don't know if any of you have any reaction to that.
Mr. Latino. Certainly from SPC's perspective we have
extensive power generation capabilities. We have reviewed all
of our contracts with fuel suppliers to ensure that we will
have a steady stream of fuel, and if you may remember, Mr.
Chairman, approximately a little over a year ago a major
municipality suffered or endured a power failure; the phone
systems kept on working.
Mr. Horn. That's good news. Good ol' Ma Bell still lives.
Well, any other comments on Mr. Willemssen's point down
there? How about it? You satisfied?
Mr. Willemssen. If I could, Mr. Chairman, indulge you in
one related issue, yesterday you heard from two witnesses from
two major health care providers that they have elected to test
on their own their biomedical equipment rather than rely on
what the manufacturers say. Most manufacturers of biomedical
equipment say not to do that for fear of disrupting the device
or getting false readings. HP mentioned early on in their
statement that among their products are patient monitoring
systems and other biomedical equipment items.
I was curious about what Hewlett Packard's view might be on
major health care providers going out and testing biomedical
equipment items on their own and what kind of impact it could
have.
Mr. Whitworth. We actually have been encouraging all of our
customers, whether it is a health care provider or a major
corporation or nonprofit organization to do the tests.
But I think what happens in the industry is the HP
equipment is used in an environment where it might be attached
to another computer system, and you need to check those relays,
the interface between the two. So while we can test our
products in our labs, and we can come up with a company-wide
testing process that we use for everything from our personal
computers to our health care products, we then encourage people
to take those products and test them in their own environment.
So we are probably just the opposite of what you have heard,
which is please do test and make sure that in your own
environment, which is probably different from our own test
labs, the thing behaves the same way that it does for us, and
if it doesn't, tell us. We want to see if there is some sort of
a problem that we haven't been able to discover, and
fortunately that has not been the case in the health care side
of things for HP.
Mr. Horn. When we were in Cleveland last year, we had a
witness from the Cleveland Clinic, which is a rather well-known
hospital complex in America, that they were checking all of
their equipment, obviously, in the emergency room, and that
there was a website where hospitals around the country could
put on, A, the manufacturer's name, the model number, all the
rest, and they wouldn't have to reinvent the wheel every day
around the Nation.
Are you familiar with that, and are there other websites or
other corporate websites you have where they can check your
equipment and note what model they have and should they be
concerned?
Mr. Whitworth. One of the beautiful things about the web, I
think, it's allowed that degree of specialization to exist
within industry groups and special user groups. We cooperate
fully, provide them with the information that we have, and I
think the sharing within the industry is also very, very
important.
As I mentioned, a Hewlett Packard PC might have an Intel
chip. It might be running a Microsoft piece of software and
application, and we have established consortia where we will
try to make sure the technical response is coordinated so that
we don't end up pointing fingers at one another, and we come up
with the adequate response that a customer might want. So
somebody calls in to Microsoft and they determine it's HP, they
know exactly where to go in HP to get the response, and the
flip of that is true as well.
Mr. Horn. How about Intel on that? Is there a way your
customers can get back in in relation to the chip problem?
Mr. Richard Hall. Yes. We have a large number of people, in
fact, coincidentally most of them reside where my office is
located near Sacramento in a town called Folsom. Several
hundred people in our customer support division, just like HP,
who are fully trained to deal with all of the year 2000 issues,
and also have people in all of the Intel sales and marketing
geographies around the world who are prepared to cover all
these issues in detail as they come in on the 1-800 line system
that our company has, just like HP's.
Mr. Horn. Mr. Willemssen, any more comments on that?
Anybody have any more questions you'd like to raise having
heard all of your colleagues on the subject? Phone company we
know is happy.
But anyhow, I just have one more and that gets back to your
suppliers yet. I take it you've all done an inventory of your
suppliers to see if anything would slow up. I don't know if
you're using a Japanese inventory system where it's flowing
into your assembly line on a steady basis.
Have you had any problems with suppliers being 2000
compliant?
Mr. Whitworth. We have at HP. In fact, one of our
departments, the corporate procurement department that manages
the relationship for some of the key suppliers that are common
to a number of HP organizations made it a priority to first set
up a survey to find out what our suppliers were doing. If they
didn't get the answers that they were looking for, we would go
and spend time and do in-depth interviews with some of our key
suppliers.
We have in some instances moved from a single source supply
to dual sourcing because we weren't comfortable with the
conditions, and we also said some of the companies we were not
comfortable with, we would eliminate from future possible
business within HP. So we have made that sort of a condition
for doing business with HP. But it hasn't been in a, let's call
it a mean-spirited way. Part of our job is to get with that
supplier and work with them to see if we can improve their own
Y2K readiness following some of the patterns and some of the
lessons that we've learned at HP. So we're trying the best we
can to do that. It's being done all over the world, not just
here in the United States, because our supply chain is
everywhere.
And I'd say the general response we've gotten has been
very, very positive from the suppliers. But that probably is
the biggest degree of uncertainty, because each of those
suppliers then in turn relies upon someone else who relies upon
someone else, and it's very difficult from a corporate
standpoint at HP to follow that chain all the way up and down
and really take total ownership for guaranteeing the answers
are right.
Mr. Horn. Mr. Hall, is that pretty much the way Intel has
handled it?
Mr. Richard Hall. Yes. We've cut off some suppliers, not a
large number, but we've stopped doing business with some.
Before the end of the calendar year, there are more that we'll
have to stop doing business with, and I doubt we will resume
doing business with them, because the failure to address and
manage the year 2000 problem is a demonstration of incompetence
which would disqualify them from doing business with us in the
future. It's unfortunate, but I think you're going to find this
phenomenon accelerating very rapidly as the calendar goes by
toward December.
Mr. Horn. It sort of surprises me when they've got major
firms such as yours and HP that they wouldn't conform to assure
you the supply source that they are. I would think what's
doing? Have they got other customers that just don't care about
it, or what would they do?
Mr. Richard Hall. I don't know the answer. I have the same
question, and I don't know the answer.
Mr. Horn. Well, if we have any, I'd be fascinated by that,
because I think it's a major problem down the line for all of
you, and I'm glad you're on top of it.
That's all the questions I have on this subject. We might
send a few to you afterwards, if you wouldn't mind just
replying to us. We'll put in that objection at this point in
the record.
I wish a good part of America tuned in and listened to this
panel and the last panel, because I think they would have
learned a lot. So I thank you all for coming out on a Saturday
and not sailing or whatever you do on Saturdays, and thanks for
coming.
We're down to panel three now.
Garth Hall, the manager of project 2000 is with the Pacific
Gas & Electric Co.; Karen Lopez, division manager,
administrative services, Silicon Valley Power; Dr. Frances E.
Winslow, director, Office of Emergency Services, city of San
Jose; William Lansdowne, chief of police, city of San Jose;
John McMillan, deputy fire chief, city of San Jose.
Please come forward. I think you can see those signs. OK.
We've got everyone behind the right sign. I see. If you don't
mind, please stand up; raise your right hands.
[Witnesses affirmed.]
Mr. Horn. The clerk will note that all five witnesses
affirmed.
And we will start with Mr. Hall. We're delighted to see him
again. He was with us in our statewide hearing in Sacramento
yesterday, and I notice your statement is even larger today.
What did you do? Work all night? We didn't get the full version
yesterday.
STATEMENTS OF GARTH HALL, MANAGER OF PROJECT 2000, PACIFIC GAS
& ELECTRIC CO.; KAREN LOPEZ, DIVISION MANAGER, ADMINISTRATIVE
SERVICES, SILICON VALLEY POWER; FRANCES E. WINSLOW, DIRECTOR,
OFFICE OF EMERGENCY SERVICES, CITY OF SAN JOSE; WILLIAM
LANSDOWNE, CHIEF OF POLICE, CITY OF SAN JOSE; AND JOHN
McMILLAN, DEPUTY FIRE CHIEF, CITY OF SAN JOSE
Mr. Hall. Mr. Chairman, it is indeed a pleasure to be here
again today on behalf of PG&E Corp. I oversee all of the
companies within our nation-wide energy business, including the
utility, which of course is a major area of interest today, and
I can assure you again, as I did yesterday, that the standards
for our Y2K readiness across all lines of business has been
equally as high as it has been in the utility.
Our program, of course, had all the elements that have been
discussed from the beginning of inventory all the way through
contingency planning that I mentioned yesterday. We have been
through all that process with all of our affiliates including
the utility, and in July we were very pleased in the utility,
PG&E, to inform the North American Electric Reliability Council
which received a request from the Department of Energy to
oversee the utilities nation wide in terms of their electrical
reliability, in July we were pleased to report that all of our
electric delivery systems are Y2K ready. That includes our
hydro and our fossil power plants that we still own. And in
addition to that, we have a handful of items left to test
across our gas and nuclear energy arenas, and expect to achieve
full compliance with those very soon, by September.
Even though we are very confident in our internal systems
that I've just summarized, we're still taking our external
dependencies very seriously. We have up to 2000 mission-
critical business partners, suppliers and government agencies
that we have identified, and have developed for each of those a
contingency plan in case they fail to supply the service to us.
Even though in almost all cases we have received very
satisfactory responses back from them, and we have a fairly
high degree of confidence based on that, and have had dialogue
with them that they will be ready as well, we have still taken
that precaution, because of social responsibility to provide
high quality electric power and gas supply, to make sure that
we have contingency plans in place to assure the public we will
be ready.
At a higher level, as mentioned yesterday, we have
performed two rounds of high-level business recovery drills,
which is our customary practice to deal with storms,
earthquakes and similar disasters, focussing now to make sure
that the teams that would respond to those kinds of disasters,
including the IT teams, are very well prepared to deal with any
Y2K events, which, of course, we do not expect.
We also recognize, again, the importance of communicating
to our customers and others our readiness, and we have met with
over 100 external customer groups and have assured them and
demonstrated our program, answered their questions about how
they should interact with us, and have prepared everyone to be
ready.
In fact, we will have, over the New Year's weekend, the
transition period, we'll be elevated to the highest state of
readiness we have within our capability, which is the level at
which we deal with any major outage or any storm-related or
earthquake outage. We will be at that level of deployment,
ready for any emergency over the New Year weekend. That
includes all of our distribution emergency centers, including
those here in Santa Clara County. That's where we have our
closest connection with emergency services of fire departments,
police departments, and Offices of Emergency Services. Those
connections will be well established.
We have also met with many customer groups, as I mentioned,
Hewlett Packard, Wells Fargo, Catholic Healthcare West for
example, Shell Oil, government agencies, city of Milpitas for
example, Santa Clara County, also trade groups, for example the
California League of Food Processing. All of these groups we
have shared information with. They have, to our best knowledge,
been very satisfied with that information, and we have opened
opportunities for them to hear more if they need to. We have a
website available at www.pge.com, which has a Y2K section with
current status information and other information as well.
With that, I conclude my remarks. Thank you again.
Mr. Horn. Thank you.
[The prepared statement of Mr. Garth Hall follows:]
[GRAPHIC] [TIFF OMITTED] T0954.263
[GRAPHIC] [TIFF OMITTED] T0954.264
[GRAPHIC] [TIFF OMITTED] T0954.265
[GRAPHIC] [TIFF OMITTED] T0954.266
[GRAPHIC] [TIFF OMITTED] T0954.267
[GRAPHIC] [TIFF OMITTED] T0954.268
Mr. Horn. We now have Karen Lopez the division manager,
administrative services for Silicon Valley Power.
Ms. Lopez. Mr. Chairman, thank you for inviting the city of
Santa Clara's Electric Utility, Silicon Valley Power, to
address you today on the year 2000 readiness.
Mr. Horn. Do you want to move that right in front of you.
Mics are difficult nationwide.
Ms. Lopez. I usually don't have a problem with speaking too
loudly, so we'll try that.
My name is Karen Lopez. I am the division manager for the
administrative services for Silicon Valley Power, and I'm also
our year 2000 project team leader. I would first like to tell
you a little bit about Silicon Valley Power.
Silicon Valley Power is the municipal electric utility for
the city of Santa Clara. As you heard earlier from Mr. Ron
Garratt, our assistant city manager, Santa Clara is a charter
city located in the heart of Silicon Valley. The city offers
electricity and energy services through the trademarked name of
Silicon Valley Power. Since 1896, the city has provided
electric service to the businesses and citizens within its
boundaries. Santa Clara has an estimated population of 103,000
people. At the end of December 1998, Silicon Valley Power
served approximately 46,500 customers, and had a total sales of
2,506 GWh with a peak demand of 443.8 MW. Almost 87 percent of
Silicon Valley Power's energy sales are made to industrial
customers such as Intel, 3COM, Sun Microsystems and other
internationally known corporations.
To provide electric services within its service area,
Silicon Valley Power owns and operates generation, transmission
and distribution facilities. Silicon Valley Power also
purchases power and transmission services from others, and
participates in several joint power agencies with other
municipalities.
Silicon Valley Power has a year 2000 readiness project plan
that articulates the steps that we have taken over the past
several years to be ready to maintain a reliable supply of
power to our customers into the next millennium. As a part of
this plan, Silicon Valley Power formed a project team
consisting of representatives from each of our divisions to
coordinate our activities. The project team has established
milestones, assigned responsibilities and monitors our progress
toward minimizing the year 2000 risks to our customers and to
our continued reliable supply of services to those customers.
Silicon Valley Power internally inventoried and assessed
all computing systems, equipment and software, for year 2000
readiness. We also contracted with an external vendor for the
inventory and assessment of all other Silicon Valley Power
equipment for potential year 2000 risks from embedded systems.
That inventory and assessment were both completed in 1998 and
continue to be updated as changes occur.
Silicon Valley Power has not identified any internal system
critical to our supply of electrical service to our customers
that is not year 2000 ready. All of our business critical and
non-critical systems and equipment either have been remediated
or are in the process of being remediated. This process is
expected to be completed before September 1st. The testing of
all systems capable of being tested without impact to our
customers will also be completed by September 1st. Due to the
constant demand of supply of electricity to our customers, it
is not fully possible to test all of our equipment without
disruption of that supply. However, let me say again, that
Silicon Valley Power has not identified any non-year 2000 ready
system or equipment that is critical to our ability to supply
electricity to our customers.
The amount of dollars that Silicon Valley Power has and
plans to expend in total on our year 2000 readiness efforts has
not been formally developed, since year 2000 concerns have been
incorporated into our technology projects over the past several
years. However, since those concerns, or those technology
projects and concerns were not exclusive drivers to these
projects, a breakdown of costs that relate directly to the year
2000 would be extremely difficult to perform.
Our staff has met with all of our business partners
regarding their and our year 2000 readiness efforts. We send
representatives to and participate in the year 2000 readiness
meetings of various agencies including the Western Area Power
Agency, the Northern California Power Agency, the North
American Electric Reliability Council, the California Municipal
Utilities Agency, and the Independent Systems Operators.
Although there are no plans at this time for Silicon Valley
Power to be a formal participant in interagency testing,
Silicon Valley Power has, and will continue, to monitor the
year 2000 readiness activities of our partners, suppliers,
vendors and customers for any potential impact on our ability
to continue to supply those services to our customers. Silicon
Valley Power will remain vigilant in this area.
For over 100 years Silicon Valley Power has provided a
reliable supply of electrical services to our customers. During
this time, the city of Santa Clara has experienced several
major natural disasters such as floods and earthquakes. From
these experiences we have developed contingency plans and
emergency plans to minimize any external impact on our ability
to continue to provide electrical services. In addition, we are
in the process of developing year 2000 specific contingency
plans. On April 9th, in conjunction with the North American
Electric Reliability Council's drill, Silicon Valley Power
conducted an internal year 2000 readiness contingency planning
drill with representatives from all Silicon Valley divisions,
power divisions, and several other city departments such as our
Fire and Police. We will also hold a year 2000 rollover
staffing simulation and readiness preparation exercise on
September 9th, concurrent with the planned North American
Electric Reliability Council drill.
Silicon Valley Power has been extremely active in its
efforts to educate and to communicate regarding our concerns
and efforts for year 2000 readiness. We have held educational
meetings with all Silicon Valley Power staff, with our major
industrial customers, both individually and in groups, with our
commercial or small business customers, our residential
customers and through our City Council. Future meetings are
scheduled with each of these groups to not only continue our
educational efforts, but to provide informational updates on
our year 2000 readiness status.
In closing, I want to thank the committee for the
opportunity to be here today, and on behalf of the city of
Santa Clara's City Council, I want to extend our appreciation
to this committee for its efforts in trying to look at this
throughout the Nation.
Mr. Horn. Well, thank you very much, Ms. Lopez.
[The prepared statement of Ms. Lopez follows:]
[GRAPHIC] [TIFF OMITTED] T0954.269
[GRAPHIC] [TIFF OMITTED] T0954.270
[GRAPHIC] [TIFF OMITTED] T0954.271
[GRAPHIC] [TIFF OMITTED] T0954.272
[GRAPHIC] [TIFF OMITTED] T0954.273
[GRAPHIC] [TIFF OMITTED] T0954.274
[GRAPHIC] [TIFF OMITTED] T0954.275
[GRAPHIC] [TIFF OMITTED] T0954.276
[GRAPHIC] [TIFF OMITTED] T0954.277
[GRAPHIC] [TIFF OMITTED] T0954.278
[GRAPHIC] [TIFF OMITTED] T0954.279
[GRAPHIC] [TIFF OMITTED] T0954.280
[GRAPHIC] [TIFF OMITTED] T0954.281
[GRAPHIC] [TIFF OMITTED] T0954.282
[GRAPHIC] [TIFF OMITTED] T0954.283
[GRAPHIC] [TIFF OMITTED] T0954.284
[GRAPHIC] [TIFF OMITTED] T0954.285
[GRAPHIC] [TIFF OMITTED] T0954.286
[GRAPHIC] [TIFF OMITTED] T0954.287
[GRAPHIC] [TIFF OMITTED] T0954.288
[GRAPHIC] [TIFF OMITTED] T0954.289
[GRAPHIC] [TIFF OMITTED] T0954.290
[GRAPHIC] [TIFF OMITTED] T0954.291
[GRAPHIC] [TIFF OMITTED] T0954.292
[GRAPHIC] [TIFF OMITTED] T0954.293
[GRAPHIC] [TIFF OMITTED] T0954.294
[GRAPHIC] [TIFF OMITTED] T0954.295
[GRAPHIC] [TIFF OMITTED] T0954.296
[GRAPHIC] [TIFF OMITTED] T0954.297
[GRAPHIC] [TIFF OMITTED] T0954.298
[GRAPHIC] [TIFF OMITTED] T0954.299
[GRAPHIC] [TIFF OMITTED] T0954.300
[GRAPHIC] [TIFF OMITTED] T0954.301
[GRAPHIC] [TIFF OMITTED] T0954.302
[GRAPHIC] [TIFF OMITTED] T0954.303
[GRAPHIC] [TIFF OMITTED] T0954.304
[GRAPHIC] [TIFF OMITTED] T0954.305
[GRAPHIC] [TIFF OMITTED] T0954.306
[GRAPHIC] [TIFF OMITTED] T0954.307
[GRAPHIC] [TIFF OMITTED] T0954.308
[GRAPHIC] [TIFF OMITTED] T0954.309
[GRAPHIC] [TIFF OMITTED] T0954.310
[GRAPHIC] [TIFF OMITTED] T0954.311
[GRAPHIC] [TIFF OMITTED] T0954.312
[GRAPHIC] [TIFF OMITTED] T0954.313
[GRAPHIC] [TIFF OMITTED] T0954.314
[GRAPHIC] [TIFF OMITTED] T0954.315
[GRAPHIC] [TIFF OMITTED] T0954.316
[GRAPHIC] [TIFF OMITTED] T0954.317
[GRAPHIC] [TIFF OMITTED] T0954.318
[GRAPHIC] [TIFF OMITTED] T0954.319
[GRAPHIC] [TIFF OMITTED] T0954.320
Mr. Horn. Our next witness is Dr. Frances Winslow, the
director of the Office of Emergency Services, city of San Jose.
Nice to have you here.
Ms. Winslow. I guess it's still good morning. We appreciate
your coming to visit us.
Mr. Horn. Not by my watch. It's afternoon now. One of us is
wrong. This has been on my wrist for 50 years, so who knows.
Ms. Winslow. We appreciate the opportunity to have you come
to us here in Silicon Valley to discuss the topic that perhaps
is of greater interest here than in other parts of the country,
because not only are we consumers, but as you heard from our
previous panel, our economic base is greatly involved with the
high-tech community. I brought a formal testimony which I know
that you received, so I'd like to make a few informal remarks
to you here instead.
Earlier one of the panel members mentioned the impact the
media has had and how unfortunately the coverage is perhaps not
what we might have hoped. But I've been encouraged to see in
the last couple of weeks an increasing amount of interest in
the media. I brought a couple of examples today. I'm a member
of the American Planning Association. They have a whole article
on what planners can do to prepare. I'm sorry I didn't have it
last July instead of this July, but I guess better late than
never. Also there's a publication called Emergency Preparedness
News that covers hurricanes and FEMA and terrorism, and now
also Y2K readiness, and then here is the Kiwanis Club's most
recent magazine, and one of their cover stories is Y2K.
Why do I mention this? Because one of the biggest parts of
my job is dealing with the community here and answering
questions that citizens have about emergency preparedness. Five
years ago most of the questions were: What do I do if there's
an earthquake? But in the last 12 months most of the questions
have been: What do I do on December 31st? But it's been an
opportunity for my office to benefit, because it was very hard
to get people interested in things they think would never
happen like big earthquakes. But they see a date, and they have
something to focus on.
I think for us in the emergency management community, Y2K
has actually been a benefit because it helped us to get our
community aware of the need to be prepared, not only for Y2K,
but for the earthquakes that we know are inevitable in the
area. We have three faults. And also for the winter storms that
we have unfortunately on a repeated basis, and other kinds of
natural, technological and man-made disasters that could
potentially occur in our community.
And so the message that we're trying to send is that if
you're prepared for a major earthquake, you're prepared for
Y2K, because our estimate is that the most direct impact Y2K
may have on the average community could be some temporary
infrastructure blips that will be rather quickly remedied, but
if people are unaware of what they might be, they could become
frightened. Whereas by trying ahead of time to make them aware
of some of the potential issues and also the things they can do
to deal with those issues, we hope to lower the stress level,
prevent anyone from feeling a sense of panic, and help them to
be reassured that we are all living in a technological society,
and sometimes things don't work.
We are fortunate in our community to have a group of very
dedicated volunteers. We call them ``San Jose Prepared!''
They're a community emergency response team. We're part of
FEMA's nationwide effort in this field, and our team is growing
every quarter as we add new trained folks. But right now we
have over 500 members who are scattered throughout the
community of over 900,000 community members. They have received
16 hours of training and gone through a 2-hour exercise. It's
usually an earthquake scenario, but it gives them some
confidence that they can deal with unexpected disasters. We
also equipped them with some skills, so that if our normal
public safety systems are temporarily overwhelmed they can
begin to provide some of those services to their own neighbors
in their own communities until professionals are able to triage
them into the system.
That group began preparing actively in January of this year
for Y2K, and in the packet that I gave you, you have a copy of
the Y2K newsletter that we distributed to those folks. They're
our ambassadors throughout the community. They contact their
own neighbors and friends and pass this word along. In
addition, we have a website for our group, and one of the
elements on our website is the Y2K page so that they can refer
neighbors and friends who are computer oriented to get this
information for themselves.
The American Red Cross also followed this spring with the
creation of a brochure, and I've given that to you as well, and
that's available on the American Red Cross website. That's
another place where people can go to get basic personal
preparedness information which is good not only to get through
January, but also for the potential of earthquakes and floods
in the future.
The other part of my office's responsibility, however, is
to the internal organization of the city of San Jose to assist
departments in developing contingency plans and to maintain the
emergency operation center for the city. In order to help those
who might be working in the EOC, we have worked with Mark
Burton and others to develop some exercises and testing
opportunities for the city staff.
We began with what we call a facilitated discussion where
the leaders of the various departments came together to say
what they thought their plans were, and we thought it was very
important for them to hear each other, because some plans
interacted with other plans, and if everybody plans to use the
same generator at the same time, that was going to be a
problem. So the facilitated discussion allowed us to begin to
review what kind of plans each department had and how they
might interact with other departments with the goal of being
able to support each other through this time period.
In addition, we have a tabletop exercise scheduled for just
a couple of weeks which, now building on the facilitated
discussion, we hope will allow us to have a much smoother plan,
one that will be fully integrated and where all of the support
pieces are in place. However, we have also scheduled a third
one for October to make sure as a kind of second test that the
plans are working, that the expectations have been fulfilled,
and we are scheduling this in the middle of the month of
October so that if there are still last minute things that need
to be cared for, there's an adequate timeframe available for
the departments to do any last minute procurement or planning
for personnel staffing before the time comes when they need to
be activated.
In most communities, New Year's Eve is a busy time for the
public safety community just because people like to go out and
party; they drive around sometimes when they shouldn't be
driving, and they create a certain level of demand for medical
services, police services and other kinds of response services
under very ordinary New Year's conditions. This year isn't an
ordinary New Year. Most people unaware of history really do
think that this is some sort of a turn of the millennium or
some sort of cataclysmic date, and so there are plans for big
parties, big religious celebrations and other kinds of big
community gatherings. So in the downtown, we have the potential
to have more people than usual present in one area at one time.
In addition it's winter, and as part of California that can
mean rain and sometimes very heavy rain.
And then finally, of course, everything that we do on New
Year's Eve depends on infrastructure. We expect the roads to
get us there and get us home. We expect the food suppliers to
have the food and the water suppliers to have the water and the
electricity to stay on so the band can play. And if all those
things continue as we hope they will, it will just be a bigger
than usual New Year's Eve party, and the community will wake up
on the 1st with a happy feeling, and we will all have enjoyed
being together on New Year's Eve.
But because we have to be prepared for things to go less
than optimally, we have a plan to open our emergency operation
center at 3:30 p.m. Initially it will be staffed by our amateur
radio operators who will be communicating with their colleagues
in Australia, New Zealand, Japan, other parts of Asia and
Europe, places where Y2K will have already been experienced or
will be in the process of being experienced. We hope to be able
to learn something from that surveillance that may assist us in
last minute preparations. In addition, we will have our
emergency public information officers present to survey the
media to see what kind of information is being given out to the
public by the media, and to see how the East Coast cities will
experience the event first and are discussing their issues.
At 8:30 we will have the members of the senior staff of the
city of San Jose join the city manager in the Emergency
Operation Center, and we will be there for as long as we are
needed or until 8:30 the following morning, whichever comes
first. If it turns out that issues occur that do require
continued monitoring and presence, we will then be replaced for
the next 12 hours by our executive staff of the city. I think
this is important, for the Congress to be aware of the high
level of importance that's placed on this event by the
leadership of the city of San Jose. It's not the most junior
person who gave up their New Year's Eve party with the family,
but the most senior. And I think that that level of commitment
is indicative of the level of commitment that exists throughout
this organization, not only for Y2K, but for all events that
can impact our community.
We have a help line that's always in place, 277-HELP. We've
used it for many years during flood events in the winters. The
public is familiar with it. This will be staffed to allow
people who may have concerns or questions to easily reach us
without impacting our 911 or 311 systems.
We hope that we're prepared, and we hope that our
preparations turn out to have been an appropriate level of
caution rather than a needed event. Thank you very much for
coming to visit us, and we hope you'll come back sometime when
you can just have fun.
Mr. Horn. Thank you very much, Dr. Winslow.
[The prepared statement of Ms. Winslow follows:]
[GRAPHIC] [TIFF OMITTED] T0954.321
[GRAPHIC] [TIFF OMITTED] T0954.322
[GRAPHIC] [TIFF OMITTED] T0954.323
[GRAPHIC] [TIFF OMITTED] T0954.324
[GRAPHIC] [TIFF OMITTED] T0954.325
[GRAPHIC] [TIFF OMITTED] T0954.326
Mr. Horn. Pardon my ignorance, but what's a 311?
Ms. Winslow. I should probably let the chief answer that
question.
Mr. Horn. How about it, Chief? You're next anyhow. We're
delighted to have you.
Mr. Lansdowne. Thank you very much, Mr. Chairman. I'm Bill
Lansdowne, and I'm very honored to be the police chief of this
great city of San Jose. I intend to respect everybody's time
and your time here in this meeting and follow the three ``Bs''
of testimony: Be right, be brief, and be quiet.
As it applies to our systems and our preparedness for the
San Jose Police Department, community of San Jose, there are
three major systems within police communications which handle
police and fire calls. They are the telephones, the radio and
the CAD system, and the telephones are two separate systems.
One is the 911 emergency dispatch CAD system, and the other is
311, which is the non-emergency line. That is being monitored
on a 24-hour basis, and takes some of the pressure off 911.
There are three existing systems like that in the country. We
were one of the pilot programs, and it's been very effective
for us to really provide the best possible service.
Mr. Horn. What type of calls would you get on that 311
line? Do people really differentiate it?
Mr. Lansdowne. Very much so, Mr. Chairman. On the 911 line
we get the emergency calls where there's a possibility of
violence or a need for a emergency dispatch. Under 311 calls,
we get the information for reports that can be taken at later
dates, and many cases just information that the public wants to
call in to the police department to determine or get an answer
for.
Mr. Horn. Go ahead. I just wanted to learn what this was.
Mr. Lansdowne. Yes, sir. I would be delighted to give you a
tour of our system. It's been very effective, and I think
you'll see it's copied throughout the country.
Mr. Horn. Yes.
Mr. Lansdowne. The telephone and radio systems have been
tested and are Y2K compliant, and the CAD system which is the
backbone of the entire process, will be certified prior to
January 1st, and we expect it to be certified very shortly.
However, in the event of a partial or complete failure of any
of the three systems and the expected calls for service, the
following contingency plans have been developed and will be put
into place for police services.
To provide for our ability to handle the expected increased
calls for services, the communications personnel will be on 12-
hour shifts for a 48-hour period to help us make a
determination of what level of service that we need to continue
to provide the community of San Jose. The telephone system has
a backup failsafe system that allows the telephone calls to be
rerouted to lines that will accommodate both emergency and non-
emergency calls from the public.
Our dispatching of officers in the field can be converted
to manual operation if the computer aided dispatch service
loses power and begins to go down. In the event of a partial
loss of radio power, our system has the ability to transfer
units to other radio channels. In the event of a complete loss
of radio power, we are prepared to use the portable radio
systems referred to as the dispatcher-in-a-box system. This
system is designed to be placed out at a remote location in the
city, and will provide our communication link throughout the
city of San Jose. The contingency plans to use five Fire
Battalion stations also in place as remote transmitting
locations.
As it applies to our police patrol staff, selected patrol
division watches are scheduled to work 12-hour shifts for a 48-
hour period. The Special Operations Division which is a very
large section within our organization of the San Jose Police
Department is being called back, and the officers are scheduled
also to work 12-hour shifts, which will give us approximately
100 additional officers for that particular night to be
available for calls for services.
Patrol staffing following New Year's Eve will be based on
evaluation of the previous night's events. Similar to the other
major events, the Police Department has a contingency plan to
put in place 12-hour shifts. We have extensive experience for
natural disasters here in the city of San Jose, and we can
immediately go to emergency operation.
I'd like the assure this subcommittee and the community of
San Jose that we have planned for the new millennium for the
Y2K problem very well, and there is nothing that's going to
happen that this city and this police department is not fully
prepared to handle quickly and efficiently, providing that same
level of service to this community that they have learned to
expect, appreciate and demand.
And with that is my short comment.
Mr. Horn. Well, I appreciate it. Those were very succinct
and to the point.
[The prepared statement of Mr. Lansdowne follows:]
[GRAPHIC] [TIFF OMITTED] T0954.327
[GRAPHIC] [TIFF OMITTED] T0954.328
Mr. Horn. And your colleague from the fire department, John
McMillan, deputy fire chief, city of San Jose, we're glad to
hear from you.
Mr. McMillan. Thank you, Mr. Chairman. Good afternoon and
welcome, also your staff. We appreciate having you today, and
I'm honored to have the opportunity to be a witness and speak
for today.
San Jose Fire Department has evaluated mission-critical and
mission-essential core services for our Y2K readiness in the
city of San Jose. As of this submission, the department is
confident that we will be able to fulfill our mission serving
the citizens of San Jose. Fire department staff continues to
evaluate these mission-related systems and processes and is
developing a contingency method of service delivery in the
event that any unforeseen Y2K problems should occur. We are
specifically focusing on and making decisions in the following
areas: One of the very interesting topics for us over the last
4 or 5 months is our defibrillators that we have on all of our
advanced life support fire engines. It's a very good moment for
me at this point in time, and Mark Burton mentioned it earlier,
all 50 of our emergency medical defibrillators are now Y2K
compliant. They all received two new embedded chips that will
now allow those to be fully serviceable through the Y2K
process.
We placed a hold on releasing all of our surplus fire
apparatus. We are in good times. Over the last 5 years we
purchased practically an entire fleet of new fire engines and
aerial ladder trucks, but by buying these types of apparatus,
we also were buying apparatus that's state-of-the-art and have
a lot of embedded systems. To prepare for any unforeseen
problems, we have not released any of our old apparatus we had.
We are very proud to say today that we have 15 fire engines in
reserve we're holding until well into the next year to see how
we survive going through Y2K.
Mr. Horn. Just out of curiosity, were your old ones 2000
compliant?
Mr. McMillan. Very good question, sir. What we can say is
many of those apparatus were 1970's, early 1980's, that did not
have the complex computer systems on them. They were the kind
of apparatus that you or I might be able to open the hood of
our car and change a spark plug or know where the distributor
is. They're very basic, not really complicated, and they were
apparatus we had around between 15 and 30 years, so we can't
guarantee anything, but one thing we do know, that if anything
goes down, we have a lot of equipment to back it up, and
that's, at this point, what is most critical to us, that we
would have a fleet that's in good service and ready to go with
back-up.
Mr. Horn. The reason the subcommittee's interested in fire
equipment is one of our first hearings was in New Orleans with
the Baton Rouge chief there also, and one said to the other,
``Well, gee, we haven't even thought of the fire trucks yet.''
And one had a pumper that was compliant and a ladder that
wasn't, or vice versa, as the case may be, and I just wondered
if you have that kind of relationship. Sometimes where one
wasn't working at all, you could squirt the water up there, but
you couldn't get up on the ladder, but you could get the ladder
up, but you couldn't get the water out and so forth. So I was
just curious what you found out in your equipment.
Mr. McMillan. We're confident that our equipment is going
to work, but like any other organization that provides services
to citizens, we're doing everything we can to have back-ups. We
feel good that we do have this reserve fleet right now that can
support us. What we understand about embedded systems is that
maybe just a specific engine or truck out there might fail that
night. If that's the case, we're ready to back it up with other
equipment that's going to pump just as well.
We have sent a memorandum to our city Y2K coordinator, Mark
Burton, identifying resources that the fire department will
need around the Y2K millennium period, and this memorandum
includes additional food, water, sanitation electrical pumps
and dispatching equipment that we feel will help support us
through the period.
We've also, over the past year, upgraded all of our
computers. We were all MAC based, and we are now all PC based
that are all Y2K compliant. All of our embedded systems, this
includes over 420 pieces of equipment, are now compliant. This
has been accomplished by either a letter of compliancy from the
manufacturer or actual chip upgrades installed by the
manufacturers.
We are working currently with the city General Services
Department to identify fuel and power needs for our fire
stations and apparatus.
And just giving you an example of one of the issues we
wanted to deal with right up front, we go through about $50,000
worth of latex medical gloves every year. We are required when
our fire fighters go out on any type of medical call to don
latex gloves, and we found out earlier this year that they come
from Asia. And because we don't know what the Asian nations are
doing as far as Y2K preparedness, we have placed an order
through an open P.O. We have annually with the vendor to buy
practically $50,000, our full allotment, all at one time. We
haven't figured out where we're going to warehouse it, but
we're going to have all the gloves here early and not later so
we don't have a problem in the next 6 months.
At this point in time, we have no information that would
lead us to believe that our ability to deliver critical and
essential services will be impaired by Y2K problems. There are
two core service areas in the fire department in San Jose that
we have identified that we are working, when we talk about our
fire department contingency plan for the city of San Jose,
these are the areas that we're working closely with. One's our
Bureau of Field Operations. This is our first core service, and
its responsibility is to mitigate emergency incidents in the
community including fires, medical emergencies, hazardous
material events, rescue situations and natural or terrorist
caused disasters.
The emergency response system is effective when all
components necessary for service delivery are readily available
and functioning harmoniously. Just to give you an example, we
have, in the city of San Jose, we will have 31 fire stations
open during Y2K, and we will have everybody around the clock,
194 positions, assigned to those 31 fire stations. We also have
an effective way of implementing call-backs systems to notify
people if we need additional staff to support us during periods
of need.
Our second core service is providing emergency dispatch and
communication services for all our emergency response
operations for the San Jose Fire Department, and the
responsibility for all emergency communications systems is
shared among the police department, fire department and our
information technology department.
The key elements for Y2K readiness that we will be working
on in the immediate future include establishing a final
staffing plan and making necessary notifications to personnel
impacted. We will be working closely with the police and
information technology departments on the final Y2K upgrades on
the city's CAD system. We will be working with our own Bureau
of Field Operations staff and our Bureau of Fire Prevention
staff, our fire inspectors. What we hope to do is get our fire
prevention inspectors, our Haz. Mat. inspectors, our engineers
on board where they can be in service and enabling during any
field operations emergencies during Y2K. Finalizing
contingencies in case private utilities such as water supplies,
sanitary sewer systems and power supplies fail.
And one thing that we've just decided to do over the last
week is we want to put together a package for all of our fire
department employees on how they can be more Y2K compliant in
their own residences. What we're feeling is if we could get
them to be a little less apprehensive during any kind of
emergency over Y2K, they might be more apt to be available to
come down to the city of San Jose and help us in need.
In summary, the San Jose Fire Department has prepared this
plan assuming a worst-case scenario, similar to how we may have
to operate in a major disaster. If all or some technology
systems fail, we will be prepared to operate in a manual mode.
As in any situation where a high demand is placed on our
resources, and our capabilities and effectiveness may be
limited by a number of external forces, our goal is to provide
the highest level of emergency services possible. To do this
will likely result in prioritization of emergency calls in
order to mitigate the most serious incidents.
Thank you, sir.
[The prepared statement of Mr. McMillan follows:]
[GRAPHIC] [TIFF OMITTED] T0954.329
[GRAPHIC] [TIFF OMITTED] T0954.330
[GRAPHIC] [TIFF OMITTED] T0954.331
Mr. Horn. Thank you. That's most useful, and I look forward
to the details on that.
Let me ask our power suppliers, Pacific Gas and Electric,
Silicon Valley Power. There are about 3,200 independent
electric utilities, I think, in the United States, and there's
about 80 percent of the Nation's power generation comes from
250 investor owned public utilities. We all know it takes a
high degree of automation, and you've mentioned that, to
operate our country's national power grid.
But just to get it in the record at this point in terms of
the lights being able to stay on, the assembly lines being able
to run, I guess I would ask what is being done to keep home
owners and businesses informed about potential failures in
their energy management system, or are you just assuming with
the general education, which has been very good, that you've
let out to your customers, either in bill or special sessions
or whatever, I'm just curious, are people, are some of your
customers worried that there might be an interruption, and if
so, what? Is there a back-up to that, either within the grid or
if we talk about hospitals and emergency rooms, some of them
say we've got 72 hours of power based on diesel generators and
all that. I don't know. Is that really useful? I mean, it will
work for awhile, but suppose we have 3 or 4 days out, and they
can't get the fuel and they're sort of just behind the eight
ball?
So I'd just be curious what your thoughts are on this.
Mr. Garth Hall. From PG&E's point of view, I would say that
our customer base has an uneven, on average a modest level of
interest and concern about it. Our website, which I mentioned
earlier, receives about 9,000 hits a year in the section that
deals with Y2K--sorry, 9,000 a month. That's the current rate
of hits, which given our service territory is not very large.
We have, of course, bill inserts that have gone out to
inform the public, the customers, as to our readiness and
direct them to normal preparedness, that I think Dr. Winslow
suggested, will be appropriate for this time of the year as
we're going into the winter storms, and for earthquakes. That's
a good opportunity to brush up on the type of items that you
would typically want to have in store for these types of
emergencies. Y2K is an opportunity for folks to think about
preparedness for general emergencies like these.
But in addition to that, I did mention that we have had,
for all the customer groups that have expressed an interest,
we've had face-to-face meetings with them and presentations to
point where I think we've seen them tail off in that type of
demand for a meeting, although we're ready at any time to meet
with folks who are interested.
We plan additional inserts into the bills that go out to
our customers to just keep them updated. We think that there is
going to probably be some level of increased interest as we
approach the end of the year, and we will definitely be
updating our website to provide any current status information.
We think that our call centers which people, customers, well
know, which has a 1-800 number, will be very, very capable and
well prepared to answer any questions that people have if they
want to call in with any need for information. During the New
Year transition timeframe we expect that the press will be very
interested in what's going on, and we're preparing ways in
which we can keep them informed in real time as to what's going
on.
Those are some of the steps we've taken. We'll probably do
additional things as we go through.
Mr. Horn. Ms. Lopez, do you want to add anything to that?
Ms. Lopez. Actually, it's pretty much the same thing as we
are doing. I think we have one advantage in being a small,
local municipal service. We have many of our citizens that are
concerned actually drop in and talk to us. But we do have,
which we have sponsored and we have two more scheduled to be
sponsored, meetings within the communities themselves, at the
library, one at a local park. Plus, as I said, we have done
with all the commercial and industrial customers, had several
meetings, and we will have more.
I think it's not a matter of awareness. I am, I guess,
amazed somewhat at the level of concern and that the number of
individuals seems to be very small that have concerns, but of
those that are concerned or even partially aware, electricity
does seem to be their No. 1 priority.
As to your question regarding generation, we are
encouraging all of our households, have back-up fuel as a
concern. We have allocated within the city areas where we can
have extra fuel that could be delivered if it were needed. We
don't believe it will be, but we have made preparations for
that.
We also have--we don't have within our city the ability to
completely supply generation for all of our needs. We must rely
on ol' PG&E for that. We do have some measures available,
particularly for emergency type facilities and situations that
we think will be adequate if anyone would need them.
Mr. Horn. I was going to ask you on the point you just
raised, which was, PG&E is the source for what percentage of
your power? You buy it from them at a good deal, is that it?
Ms. Lopez. Yes, sir. Probably, not probably, definitely the
majority of our power, we would be unable to sustain service,
other than very minimally with our in-city generation.
Mr. Horn. What percent of your total power is provided by
PG&E?
Ms. Lopez. I think it's somewhere around 95 percent.
Mr. Horn. 95?
Ms. Lopez. 95 percent.
Mr. Horn. And you generate the last 5 percent how?
Ms. Lopez. Yes, sir. Well, we don't normally generate it.
We normally use 100 percent from without, but we do have
abilities within our city for some generation.
Mr. Horn. What is that? Your own generators?
Ms. Lopez. Yes, sir. Our own power.
Mr. Horn. Fuel operated?
Ms. Lopez. Yes, sir.
Mr. Horn. Now, if PG&E is in a caught, how many of those
contracts do you have out that you supply from PG&E, and if you
were in a squeeze, do you cancel those contracts or can they
count on it?
Ms. Lopez. Would they cancel? We wouldn't cancel those
contracts.
Mr. Horn. Well, would PG&E cancel them, I guess what I'm
asking Mr. Hall is, in other words, if you're put with a major
disaster on your hands, do you just cancel the contracts for
small power companies and feed your more prominent customers or
areas that might not have small companies?
Mr. Garth Hall. That's not the approach at all. Let me just
mention in a sound byte that the electric restructuring that
has been initiated across the Federal terrain has had a very,
very big impact over the last 2, 3 years in California. Right
now, the power that is delivered to Santa Clara and many other
very language cities and customers, often they have very, very
little now comes from PG&E. They contract for supply from
independent providers. I think you mentioned that in your prior
question, of which there are many thousands of individual
generators now. That is the bulk source of most of the power.
Our primary responsibility in the electric side is in the
delivery, and that is the area where, in fact, cities like
Santa Clara and many others do depend on us very much for our
reliability, we've focussed very much on that.
Let me just mention one additional thing that might be
reassuring, that the Western Systems Coordinating Council,
which is a part of the North American Reliability Council in
dealing with the western systems reliability, have announced
plans over the New Year transition, which would be several
hours before midnight hour and several hours afterwards,
whereby all of the power plants within that jurisdiction will
have additional reserves. The way they will do that is bring
additional power plants online and back all of those that are
online down a bit. So that if there are, heaven forbid, some
power plant failures due to microchip problems or whatever,
that they will have additional reserves to instantly step up
and provide additional power.
In addition to that, the demands, I think, even Santa Clara
would receive from the Pacific Northwest, by the entire
Northwest, those vulnerabilities, if there are any, will be
reduced by reduced schedules across the entire so that we are
more self-sufficient for that vulnerable period, just with the
normal state. So I think very prudent measures have been made
to avoid the types of failures that we have contemplated
nationally amongst power plants.
Finally, I will say that since we're an owner of a very
large independent power producer with more than 25 power plants
across the United States, I have personally overseen their Y2K
compliance efforts they have been through, and I believe this
is fairly typical, as stringent a Y2K program as anything that
the utility has done. So I think their readiness is equally as
strong as I'm representing for the utility.
Mr. Horn. Mr. Willemssen has joined us at the table. Let me
ask you what we didn't ask you yesterday just for this record.
Santa Clara is a very urbanized county and very complex, and
great demands on power. Get across the Pajaro River into San
Benito County, you have people, farms stretched out over, maybe
a mile apart, half mile apart, 10 miles apart.
What do you find in terms of the rural part of the PG&E
jurisdiction as you go up, let's say, Sierra County and Plumas
and all the way to the Oregon border. Are you finding different
reactions to the year 2000 in the rural areas where they don't
have the money to sort of adapt to whatever systems they're
using? What's been the experience?
Mr. Garth Hall. We have found it to be fairly uneven.
Yesterday we had a representative from, I believe, Siskiyou
County, and I think that was interesting, because they
demonstrated a very high level of awareness for a county with a
relatively small population.
That is uneven in our experience. Wherever there is a need
or interest, we have been responsive and tried to provide the
information. As I mentioned, most of them, in fact, all of the
them, in their emergency services at the police level and at
the Office of Emergency Services level, are very aware of the
distribution emergency centers that we have uniformly
positioned across our service territory, and are well versed in
interacting with those centers at times of emergencies.
So from the staff who deal with emergency, from their point
of view, we think we have excellent contact. From the general
public point of view, again, fairly uneven.
Mr. Horn. Interesting.
Do you want to add anything, Ms. Lopez, based on your
experience?
Ms. Lopez. No, sir.
Mr. Horn. Let me ask the chief and Dr. Winslow and Mr.
McMillan, the deputy fire chief, how ready are we on the 911
systems that typically rely on older telecommunications and
computer equipment? Do you feel that if there's a flood of
these calls because people are just upset or whatever; they
don't know; it's like having an eclipse nobody told us about;
it's awful dark outside. We'll phone you. So what's your
reaction to that system?
Mr. Lansdowne. Mr. Chairman, Bill Lansdowne from the police
department. We have planned for this. We will have additional
persons who will be on standby and actively working the phones.
So we will easily be able to handle any anticipated increase in
the number of calls.
We just recently upgraded our 911 system. It's state-of-
the-art. It's compliant. I don't think that we're going to have
any trouble at all handling the 911 increase in calls. I'm very
proud to state that we currently handle our pickup of 911 calls
within 2.2 seconds, which is one of the fastest in the Nation
of any city this size. Of course we handle 900,000 people here.
Mr. Horn. On the frequencies that different police forces
have within Santa Clara County, I'm curious, is there a united
frequency here? I went through this in L.A. County several
years ago, and we have 81 cities in that county and 10 million
people. We've got the Sheriff. We've got the University of
California, California State University, State Police, all
different little jurisdictions, if you will.
Is there any problem here that you lack the frequencies
that you need to communicate to smaller groups within various
cities and police forces?
Mr. Lansdowne. None of our systems are compatible right now
with the State agencies, Highway Patrol and the local
jurisdictions, Santa Clara and San Jose, and the county
jurisdiction. But the communication systems are linked, and
that will be the way that we will have to communicate from
department to department, if we are required to do a Mutual Aid
System. I think we are very fortunate in the State of
California that we have a very comprehensive Mutual Aid System,
and all of the agencies, the sheriff, the local agencies in the
Bay Area regions are prepared to provide whatever mutual aid
which will be requested from us, and we have that system in
place.
Mr. Horn. You could provide that in terms of triggering it
by what? Telephone? Radio frequency?
Mr. Lansdowne. The system triggering is calling the sheriff
who is the natural disaster person within the county, and then
they would trigger at the level they need. My understanding and
maybe the panel can add to that, is that the State will be up
and ready to put that system in place and operate it during the
New Year's.
Mr. Horn. Now, will that be a permanent system or is that
just for potential emergencies?
Mr. Lansdowne. It's for potential emergencies, natural
disasters of which this State has a lot of experience.
Mr. Horn. That's for sure. We have the biggest number of
disasters in the Nation. When you look at it from the
Mississippi, they have floods. We outdo them with earthquakes.
I think the Loma Prieta is still the most expensive Federal
investment isn't it?
Ms. Winslow. Northridge.
Mr. Horn. Northridge is still? I know there's a few things
not settled yet on hospitals and whatnot, but so what's that?
About 16 billion?
Ms. Winslow. That's the FEMA cost. If you look at the
insurance loss on top of that, it's a much bigger number.
I'd just like to clarify on the Mutual Aid System. The
Mutual Aid System has been in place since the 1950's, and it's
maintained at all levels of law enforcement on one chain and
fire on the other chain. At the top of the chain is the State
Office of Emergency Services. They will be opening the State
Operations Center and the Regional Operations Centers in each
regional office, which is Sacramento, Oakland and in your area
it's at the Los Alamitos former reserve center. Those will be
open December 30th, and they will open through the 2nd.
Mr. Horn. Now, are the National Guard and the Army Reserve
also tied into these? What sort of relationship would you have
there? Let's say you had a riot.
Ms. Winslow. The National Guard is called out by the
Governor on a request from the local chief of police, and the
military is only activated under very unique circumstances
where the Governor and the President concur.
Mr. Horn. All right.
Mr. Lansdowne. I would like to say, Mr. Chairman, that they
are on standby, and they will have people in the operation of
Emergency Services Centers during a 72-hour period. They could
be activated at a moment's notice with a call to the Governor
of the State of California.
Mr. Horn. And those frequencies exist with the Federal
portion like the Reserve and the National Guard, so there is
rapid communication there other than telephone? Let's say with
all due respect to Pacific Bell, but.
Mr. Lansdowne. Yes, sir. Those systems are in place. We can
have Federal assistance very quickly.
Mr. Horn. Mr. Willemssen, what do you have to add to this
panel? I saw you taking a lot of notes.
Mr. Willemssen. I just thought that you, Mr. Chairman,
might also get some value out of hearing in the Y2K emergency
services area what kind of assistance and interaction that the
individuals here received from FEMA and any kind of
communications they received recently from the newly formed
Information Coordination Center headed by General Kind. There
are a lot of activities under way that will involve not only
the FEMA regional offices, but all the States and localities,
and I think it would be of interest to hear what kind of
communications have occurred at this point.
Mr. Horn. Yeah. Well, don't all rush to the microphone now.
Ms. Winslow. I guess I'll just have to deal with this one
because my office deals with people the most. I don't think
there's really a politically correct way to say this. We
haven't heard anything from anybody.
Mr. Horn. In other words, there's a lot of work to be done
between now and December.
Ms. Winslow. I only know what I read in the newspaper.
Mr. Horn. I see. So how's the system supposed to work? Is
it supposed to work through the FEMA regional office or
directly out of Washington or what?
Ms. Winslow. No. In California we have a structure called
the Standardized Emergency Management System, which establishes
the way that we relate to each other. So the cities together
with the county are called an Operational Area, and we're the
Santa Clara County Operational Area. We're part of the Coastal
Region which goes from the Oregon border to the southern border
of Monterey County, and from the ocean to the coastal
foothills, and along that strip, we are joined through that
office in Oakland, which serves as a head of that. We have
periodic meetings, four times a year, with the Coastal Region
Leadership. Generally information that we get from FEMA comes
through the State through the Coastal Region to us at those
meetings.
Mr. Horn. And you're meeting twice a year?
Ms. Winslow. No. Four times.
Mr. Horn. Four times a year.
Ms. Winslow. In fact, there's a meeting at the end of this
month. So perhaps that's the time. This is a relatively new
effort on FEMA's part. It may be that at the August meeting
they'll present the information, but to date we haven't
received anything that I'm aware of.
Mr. Horn. OK. Mr. Willemssen.
Mr. Willemssen. I would just add that the newly formed ICC
and FEMA are planning a major exercise September 9th. It's
supposed to involve the unifying State contacts. The plan is
that each of the unified State contacts is supposed to supply
information upwards to individual FEMA Regional Offices, which
will then be supplied upwards to the national level. You may be
hearing more about that shortly.
Mr. Horn. September, 9th, 1999, is also the nationwide
power grid drill; is that correct? Is that tied in with the
same thing by FEMA?
Mr. Willemssen. No. Those are predominantly separate
efforts, although John Koskinen will obviously be monitoring
both simultaneously.
Mr. Horn. That's the representative to the President, the
executive branch.
Any other questions we have? Any other thoughts any of you
have after having listened to three panels including yourself?
Well, if you have them, we'll be glad to put them in. We
keep the record open for a week or so, and we'll put them in at
this point. And we have several questions from the audience,
and we will be writing to the relevant panel members, and we'll
put them in at the appropriate place in the record. So without
objection that will be done.
I just want to say as one that was brought up in this area,
I appreciate very much all of the fine work that these three
panels have done. I think that's been very helpful that you
sort of restore our confidence in the degree to which local
government, the county, the particular groups whether it be
hospitals that we had on the panel of yesterday, police today,
and all the rest of it, that people are cooperating and are
working together, and that is, I think, impressive.
Let me just thank the staff that have worked on this
particular hearing. J. Russell George, staff director. There we
are, down, front row seat. Did you pay a high ticket price for
that? He's our chief counsel also.
To my left and your right is Patricia Jones. Patricia is
with us as a fellow, congressional fellow of the American
Political Science Association.
And Bonnie Heald, our communications director, is also in
the front row, a professional staff member.
And Mr. Ahlswede is not here. He's already ahead of us in
Portland, and he is the clerk.
And then Seann Kalagher, an intern, is around here
somewhere. There you are. Good to see you.
And then from Mr. Campbell's staff, Casey Beyer is the
chief of staff, and we thank him for his help.
And Sally Wilson is our court reporter, and we thank you
very much for going through 3 hours of this yourself.
And with that we wish you well, and we recess this meeting.
[Whereupon, at 12:50 p.m., the subcommittee was recessed,
subject to the call of the Chair.]
THE YEAR 2000 COMPUTER PROBLEM: LESSONS LEARNED FROM STATE AND LOCAL
EXPERIENCES
----------
TUESDAY, AUGUST 17, 1999
House of Representatives,
Subcommittee on Government Management, Information,
and Technology,
Committee on Government Reform,
Seattle, WA.
The subcommittee met, pursuant to notice, at 9 a.m., at the
Henry M. Jackson Federal Building, 915 Second Avenue, Seattle,
WA, Hon. Stephen Horn (chairman of the subcommittee) presiding.
Present: Representative Horn.
Also present: Representatives McDermott and Dunn.
Staff present: J. Russell George, staff director and chief
counsel; Matthew Ryan, senior policy director; Patricia Jones,
congressional fellow; Chip Ahlswede, staff assistant; and Grant
Newman, clerk.
Mr. Horn. Good morning. I'm Steve Horn, chairman of the
House Subcommittee on Government Management, Information, and
Technology. This hearing, which recessed in California on these
issues, will now come to order.
I particularly welcome and thank my two colleagues from the
Seattle area, Congresswoman Jennifer Dunn and Congressman Jim
McDermott. We're delighted to have them with us, and they will
participate as full members in terms of asking questions,
opening statements, whatever. We will treat them with great
courtesy because they are major leaders within the House of
Representatives and their respective parties.
And we are here to discuss a topic of worldwide interest,
the so-called year 2000 computer problem, also known as Y2K,
and commonly referred to as the millennium bug. The year 2000
technology challenge affects just about every aspect of
Federal, State and local government operations. Furthermore, it
affects private sector organizations and could impact the lives
of most individuals. From Social Security to utilities to local
emergency management, the year 2000 computer bug has certainly
been a huge and large management and technological challenge
for all of us. No single organization, city, State, or even
country, can solve the year 2000 problem alone.
We have 136 days before January 1, 2000. There is only one
certainty with the year 2000 problem: that date is certain, and
no one is certain as to what will exactly happen on that day.
Our goal is to ensure that citizens' vital services are
maintained. There are many unknowns, including international
readiness.
The problem, of course, dates back to the mid-1960's, when
programmers, seeking to conserve limited computer storage
capacity and memory, began designating the year in two digits
rather than four. In other words, the year 1967 became '67 in
the computer. And they knew at that time that when you got to
the year 2000, it would come up 1900, and the computer wouldn't
know if it was 2000 or 1900. The computer would be confused.
And that's what we have been working on for the last 4 or 5
years.
And they said at the time, ``Well, we won't have to worry.
After all, we're Americans, and technology will solve this.''
Well, it won't. It hasn't. And just hard work and going
through those codes and everything else is what it has taken to
prepare for the January 1, 2000 situation.
Our subcommittee has the jurisdiction over the executive
branch agency and Cabinet departments on matters of economy,
efficiency, and effectiveness. We held our first hearing on the
problem in the spring of 1996. Since that time, we've held over
30 hearings and issued eight report cards to monitor the status
of the Federal Government's year 2000 computer solution.
You will hear today from the State of Washington that they
have 423 mission-critical, or essential, computer systems. The
Federal Aviation Administration, one Federal agency, has
roughly the exact same number.
This is a situation that relates to interoperability
between the Federal Government, the State government, the
county governments and the local and city governments.
Current estimates show that the Federal Government will
spend nearly $9 billion to fix its computer systems. I've often
said the figure will probably reach about $10 billion by the
end of the December 31st calendar year.
And we have also worked on looking at business continuity
and contingency plans as well as Federal. We work with Mrs.
Morella's Committee on Technology of the House Science
Committee that relates to Mr. Bennett's Senate committee. The
Senate didn't start on this until 2 or 3 years after we did,
and they started in roughly February 1998. The administration
started with putting a full-time person on the job in April
1998.
These plans that we have looked at on a quarterly basis
provide critical insurance in the event of unforeseen problems.
Recently, the President's Office of Management and Budget
identified 43 essential Federal programs, such as Social
Security, Medicare, the Nation's air traffic control system,
the weather system. Each day, these programs provide critical
services to millions of Americans. Of these 43 programs, 10 are
federally funded, State-run programs, such as Medicaid, food
stamps, unemployment insurance, and child support enforcement.
Several of these State-run programs are not scheduled to be
ready for the year 2000 until December, leaving little, if any,
time to fix unforeseen problems.
Data exchanges and interdependencies exist at all levels of
government and throughout the private sector. A single failure
in the chain of information could have severe repercussions.
For example, the U.S.' Social Security program has been
ahead of everybody else on its own initiative. No President
ever had to tell them what to do. They decided in 1989 to do
it, and they were the first Federal agency to have 100 percent
compliance.
The Social Security Administration maintains data
containing pertinent Social Security payment information for
eligible citizens. When payments are made, the Social Security
Administration sends payment data to the Department of the
Treasury's Financial Management Service. Now, that was way
behind this year. They are now coming up to snuff. This service
cuts the Federal checks, which are generally electronically
deposited directly into the person's bank account at a local
financial institution.
Three organizations move and manipulate data to make these
payments happen; each uses a network of computers. If a payment
is mailed to the individual's home, the U.S. Postal Service
plays a key role. And most of the Federal agencies told us that
their contingency was the U.S. Postal Service.
We then held a hearing with the Postal Service, and it
turns out they had no contingency plan. So there are problems
there.
The bottom line is, if any one of these entities fails,
from the Federal Government to the local bank or with the
Postal Service, the checks going to the home of a deserving
individual simply might not ever get there.
Now, multiply this situation by the 43 to 50 million
different checks Social Security makes out in 1 month and you
can appreciate the magnitude of just one aspect of the year
2000 issue.
Fortunately, the Social Security Administration has been
working on the problem, as I said, since 1989, and it's 100
percent compliant.
But for computers to work, we need energy, electric power,
whether it be hydro, nuclear, wind, whatever, and that is
essential. And we will hear today from the local utilities.
We've done that in every city we've been in, which are roughly
about 20 city and State visits.
One of the most essential questions concerning the year
2000 challenge is, ``Will the lights stay on?'' Without
electricity, the assembly lines of one sort or another simply
stop, and people would be let off after a certain period if
there was a drastic blackout that went beyond just a few days,
and our modern society might seem to be in the Stone Age when
there is no power. We look forward to hearing today from the
Bonneville Power Administration, Seattle City Light, and Puget
Sound Energy to answer that question.
From a personal standpoint, I realize that when confronted
with a personal emergency--and you do, too--I can call 911 for
assistance, and we should feel confident that that phone will
be answered promptly and that a competent authority will
respond rapidly. So we will be hearing from public safety
individuals, as we do at every city hearing.
Year 2000 computer problems present other potentially
serious threats at local levels, from the potential
interruption of a city's call for fire or police assistance to
delays in a State's ability to request emergency or disaster
assistance from the Federal Government.
One thing is certain: there are only 136 days until January
1st, and the clock is ticking. Accordingly, the testimony we
receive today will help our understanding and the community's
understanding of the full extent of the year 2000 problems in
the State of Washington.
Today, we have three knowledgeable panels to provide a
picture of year 2000 readiness in both the public and private
sectors, and I welcome all of our witnesses. But first, I'd
like to call, in terms of seniority, which is the way we
resolve these conflicts in the House of Representatives, the
gentleman from Seattle and State of Washington, Mr. McDermott,
for any opening statement he might wish to make.
[The prepared statement of Hon. Stephen Horn follows:]
[GRAPHIC] [TIFF OMITTED] T0954.332
[GRAPHIC] [TIFF OMITTED] T0954.333
Mr. McDermott. Thank you very much. Welcome to Mr. Horn,
the good representative from Long Beach, where I spent a couple
of years back in 1968 to 1970 during the Vietnam War. So I know
a little about your district, and it's good to have you here.
I really do not have an opening statement because I really
came to hear what's going on. We've had lots of hoopla and
we've passed bills to get rid of liability for Y2K and all
these sorts of things in Congress, but I've not yet heard in my
own community, in an organized way, where we stand. So I'm very
eager to hear what we have today, and I thank you for coming to
Seattle to have this hearing.
Mr. Horn. I'm delighted to have my classmate from the
elections of 1992, Jennifer Dunn, who has been a real leader in
her party and an excellent representative from her area, here.
And as you know, Washington is one of the most progressive
States in the country. And with your great port, The Boeing
Aircraft Co., which I also have a part of--in other words,
Douglas Aircraft, which is now Boeing, is in my district--so we
have a lot in common. And Norm Dicks and I won't have to argue
with each other.
Ms. Dunn. That's a relief.
Steve, we're so happy you're here with us today. And it's
certainly the pleasure of all of us, those joining us in the
audience, to welcome you on what's something like the 20th
hearing on Y2K problems that may be in existence, and success
stories that we know certainly do exist around this Nation.
I want to thank, too, Bruce Chapman of the Discovery
Institute. Bruce, perhaps you could stand at the back of the
audience. Bruce has been a great facilitator of this meeting
today, as we invited Congressman Horn to join us in Seattle.
And Bruce Chapman will host him at lunch today so that we can
hear a little bit more about what's happening behind the scenes
on Y2K.
I also want to mention a couple of the folks in the
audience that are particularly important to me. We have three
members of my Youth Advisory Council sitting in the audience
today, and they came because they are interested in what's
going on in this Nation. And they are 3 among 30 young people
who advise me on issues across the board and give us a point of
view that we often do not receive, which is that of young
people who are operating in the real world out there.
So I'd like to ask Mary Basinger and Nicole Leonce and Omar
Hakim to stand. Mary is from Green River Community College, and
Nicole goes to Kentwood High School, and Omar is a student at
Newport High School. And we're delighted that you could be here
today with us.
As most of us would agree, the importance of preparation
and readiness for year 2000 simply cannot be understated. So
much of Americans' daily lives revolve around computer
transactions and digital events that most people probably are
not even aware of.
Now, I'm an old systems engineer with the IBM Co. during
the 1960's, and that was my job out of Stanford University. And
I see you're a graduate, too. But I came home to Seattle and
did a lot of work, and I remember the long hours of turning
people's accounting systems into computer programs, and then
the even longer hours of debugging those programs.
And so my particular concern is how the testing of the
programs that have been started and that we'll hear about
today, how the testing is going and whether we will be reliably
sure that by the time we have that turnover, those tests will
result in successful systems.
It's up to all of us to be sure that when the clock turns
to midnight on December 31st of this year, water, power, and
emergency services are on line and are working for the
residents of our State. So I, too, look forward to hearing the
testimony of the folks who have joined us here today.
We also need to know about the interactions among the
companies and the agencies we'll hear from today, and the
Federal agencies that Jim McDermott and I actually oversee,
since we're members of the Oversight Subcommittee of the Ways
and Means Committee in the U.S. Congress.
Now, we have participated in a large number of oversight
hearings on the readiness of Federal agencies under the
jurisdiction of the Ways and Means Committee, like the Social
Security Administration. And as Congressman Horn says,
fortunately that administration is well ready to get those
checks in the mail, and that's something we're very concerned
with.
The IRS is another agency under our jurisdiction, not in
quite such good shape, unfortunately, but doing better under a
great manager who has taken over the IRS.
Medicare and the U.S. Customs Service are also under our
jurisdiction, so we have heard hearings from those agencies.
Now, they are all in different stages of readiness for Y2K,
and they all have comprehensive plans to fix the problem ahead
of time and to deal with emergencies should those arise.
As the clock winds down on the millennium, it's our job to
continue to oversee these efforts. And the fact that
Congressman Horn has seen fit to come into the Seattle area and
offer an opportunity for us to hear from the different agencies
should be certainly congratulated, and I think it will do us
all a lot of good to hear what's going on in the Seattle
community and the State of Washington today.
I want to thank you particularly, Congressman Horn, for
coming here and doing this for us.
Mr. Horn. Thank you very much, Representative Dunn.
Let me just explain how this subcommittee functions. We'll
have three panels. Each one will probably take about an hour.
The individuals in each panel will be as they are shown in the
agenda. We simply go down the line.
We have their written papers. They automatically become
part of the record when we introduce them. We'd like them to
summarize those remarks and presentation in about 5 minutes.
And counsel here will sort of keep track. And the reason for
that is we'd like a dialog within the panel and between the
subcommittee and my two colleagues from Washington and the
individuals here who think we get at the questions and the
understanding best that way. And we thank you very much for the
very fine papers you've filed with us.
We will also, as an investigating committee of the House,
swear in all panels. If you have staff back of you that
supports you, please, we'll have them stand with you--the clerk
will note who has affirmed the oath--and that permits the
testimony to be taken.
So if the first panel would stand and raise your right
hands. And anybody in your support staff, please have them
stand. I only do one baptism. We have five at the witness
table, two behind.
[Witnesses sworn.]
Mr. Horn. I take it the two back there look like they also
affirm. So the clerk will note that, and we'll proceed. Now,
our lead witness in every panel we have across the Nation is a
representative of the General Accounting Office. The General
Accounting Office was established by law in 1921, when the
President was also given a Bureau of the Budget, and the
Congress, which is the legislative branch. And it's the GAO,
the General Accounting Office, that works for us, and they work
on both fiscal matters and programmatic matters.
And Joel Willemssen, who will be the first witness here,
the Director of Civil Agencies Information Systems, has been in
every one of our panels.
Now, we had several going last week. He happened to fly to
Washington on Saturday and come back Sunday so he could be here
in Seattle. And we also ask Mr. Willemssen to join us at each
panel in the dialog, because he can pull it together on a
national experience and relate it for us in what he has heard
in this particular series of experiences.
So Mr. Willemssen, Director of Civil Agencies Information
Systems, General Accounting Office, we're delighted to have you
start the panel.
STATEMENTS OF JOEL C. WILLEMSSEN, DIRECTOR, CIVIL AGENCIES
INFORMATION SYSTEMS, GENERAL ACCOUNTING OFFICE; CHRIS HEDRICK,
DIRECTOR, WASHINGTON STATE YEAR 2000 OFFICE; CLIF BURWELL, Y2K
PROGRAM MANAGER, KING COUNTY, WA; MARTY CHAKOIAN, PROJECT
MANAGER, CITY OF SEATTLE YEAR 2000 OFFICE; AND BARBARA GRAFF,
EMERGENCY PREPAREDNESS MANAGER, CITY OF BELLEVUE, WA
Mr. Willemssen. Thank you.
Mr. Chairman, Congresswoman, Congressman, thank you for
inviting GAO to testify today. As requested, I'll briefly
summarize our statement on the readiness of the Federal
Government, State and local governments, and key economic
sectors.
Regarding the Federal Government, reports indicate
continued progress in fixing, testing, and implementing
mission-critical systems. Nevertheless, numerous critical
systems must still be made compliant, and must undergo
independent verification and validation. The most recent agency
quarterly reports, which were due to OMB last Friday, should
provide us more updated information on where the Federal
Government stands.
Our own reviews of selected agencies have shown uneven
progress and remaining risks in addressing Y2K, and therefore
point to the importance of business continuity and contingency
planning. Even for those agencies that have clearly been
Federal leaders, such as the Social Security Administration,
some work remains to ensure full readiness.
If we look beyond individual agencies and individual
systems, the Federal Government's future actions in the months
remaining will need to be increasingly focused on making sure
that its highest priority programs are year 2000 compliant. In
line with this, OMB has identified 43 high-impact priorities,
such as Medicare and food safety.
Available information on the Y2K readiness of State and
local governments indicates that much work remains. For
example, according to recently reported information on States,
about eight States had completed implementing less than 75
percent of their mission-critical systems. Further, while all
States responding said that they were engaged in contingency
planning, 14 reported their deadlines for this as October or
later.
Another area of risk is represented by Federal human
services programs administered by States, programs such as
Medicaid, food stamps, child support enforcement, unemployment
insurance.
OMB-reported data on the systems supporting those programs
show that numerous States are not planning to be ready until
later this calendar year. Further, this is based on data that
has not been independently verified.
Recent reports have also highlighted Y2K concerns at the
local government level. For example, last month we reported on
the Y2K status of the 21 largest U.S. cities. On average, these
cities reported completing work for 45 percent of their key
services.
Y2K is also a challenge for the public infrastructure and
key economic sectors. Among the areas most at risk are health
care and education.
For health care, we've testified on numerous occasions on
the risks facing Medicare, Medicaid, and biomedical equipment.
In addition, last month we reported that while many surveys had
been completed on the Y2K readiness of health care providers,
none of the eleven surveys we reviewed provided sufficient
information to assess the true status of providers nationwide.
For education, this month's report of the President's
Council on Y2K Conversion indicates that this continues to be
an area of concern. For example, according to the Council
report, many school districts could have dysfunctional
information systems because less than one-third of institutions
were reporting that their systems were compliant.
Mr. Chairman, that completes the summary of my statement.
Thank you again for the opportunity. And after the panel is
done, I'll be pleased to answer any questions.
[The prepared statement of Mr. Willemssen follows:]
[GRAPHIC] [TIFF OMITTED] T0954.334
[GRAPHIC] [TIFF OMITTED] T0954.335
[GRAPHIC] [TIFF OMITTED] T0954.336
[GRAPHIC] [TIFF OMITTED] T0954.337
[GRAPHIC] [TIFF OMITTED] T0954.338
[GRAPHIC] [TIFF OMITTED] T0954.339
[GRAPHIC] [TIFF OMITTED] T0954.340
[GRAPHIC] [TIFF OMITTED] T0954.341
[GRAPHIC] [TIFF OMITTED] T0954.342
[GRAPHIC] [TIFF OMITTED] T0954.343
[GRAPHIC] [TIFF OMITTED] T0954.344
[GRAPHIC] [TIFF OMITTED] T0954.345
[GRAPHIC] [TIFF OMITTED] T0954.346
[GRAPHIC] [TIFF OMITTED] T0954.347
[GRAPHIC] [TIFF OMITTED] T0954.348
[GRAPHIC] [TIFF OMITTED] T0954.349
[GRAPHIC] [TIFF OMITTED] T0954.350
[GRAPHIC] [TIFF OMITTED] T0954.351
[GRAPHIC] [TIFF OMITTED] T0954.352
[GRAPHIC] [TIFF OMITTED] T0954.353
[GRAPHIC] [TIFF OMITTED] T0954.354
[GRAPHIC] [TIFF OMITTED] T0954.355
[GRAPHIC] [TIFF OMITTED] T0954.356
[GRAPHIC] [TIFF OMITTED] T0954.357
[GRAPHIC] [TIFF OMITTED] T0954.358
[GRAPHIC] [TIFF OMITTED] T0954.359
[GRAPHIC] [TIFF OMITTED] T0954.360
[GRAPHIC] [TIFF OMITTED] T0954.361
[GRAPHIC] [TIFF OMITTED] T0954.362
[GRAPHIC] [TIFF OMITTED] T0954.363
[GRAPHIC] [TIFF OMITTED] T0954.364
[GRAPHIC] [TIFF OMITTED] T0954.365
[GRAPHIC] [TIFF OMITTED] T0954.366
[GRAPHIC] [TIFF OMITTED] T0954.367
[GRAPHIC] [TIFF OMITTED] T0954.368
[GRAPHIC] [TIFF OMITTED] T0954.369
[GRAPHIC] [TIFF OMITTED] T0954.370
[GRAPHIC] [TIFF OMITTED] T0954.371
[GRAPHIC] [TIFF OMITTED] T0954.372
[GRAPHIC] [TIFF OMITTED] T0954.373
[GRAPHIC] [TIFF OMITTED] T0954.374
[GRAPHIC] [TIFF OMITTED] T0954.375
Mr. Horn. Thank you very much. Our next witness is Chris
Hedrick. He is the director for the State Year 2000 Office for
the State of Washington. Mr. Hedrick.
Mr. Hedrick. Thank you very much, Mr. Chairman, Congressman
McDermott, Congresswoman Dunn. I appreciate the invitation to
testify before the committee.
Washington State government is a complex organization.
We've got 39 major agencies with over 400 mission-critical
computer systems and 43 agencies with embedded chips in systems
that support vital public services and a higher education
system that's very broad.
As long ago as 1993, State agencies recognized the
challenge and began working on this issue. In 1995, the State
Department of Information Services established a central
program to get computer data systems for State agencies and
higher educational institutions ready for the date transition.
We've adopted a phased approach: conducted inventories,
identified the resources needed to correct the problems, and,
in cases, asked the State legislature for those resources,
conducted pilot projects, and actually converted the systems.
All along, we've had independent assessments of our progress,
outside auditing, and rigorous testing. All State agencies have
also established and completed contingency plans in case vital
public services are interrupted by other factors.
In 1997, Governor Locke established two goals for State
government's Y2K efforts: no interruption of vital public
services, and no loss of accountability for public resources.
We've spent over $80 million trying to achieve those goals, and
we've made some progress.
Risk assessment and independent auditing have been really
key to our efforts. Here's how the process works. The State
agencies have contracted with independent risk assessors who
evaluate all the mission-critical computer systems and embedded
systems. Then another contractor compiles this assessment data,
analyzes it through a standardized process, and issues regular
progress reports, such as this one.
This contractor gives us a report card based on our
progress. We get either red, yellow, or green ratings, or blue
if the system is certified. As you can see from this page, our
most recent report is all blue and green. Over 98 percent of
State government computer systems are now fully compliant.
The important part about this independent risk assessment
is that the information is released to the cabinet with the
governor in his regular cabinet meetings and to the press on
the same day, and we've found that to be a powerful management
tool.
As I said, over 98 percent of our mission-critical data
systems have satisfactorily completed the test for Y2K
compliance. Those few programs that are not done will be
completed over the next several weeks. And all computer systems
in State agencies and higher educational institutions have
established contingency plans. We have adopted the General
Accounting Office standards for contingency planning, and those
have been very useful in our efforts.
We've had some initial successes. In January of this year,
our unemployment claims system made a successful transition.
That system looks forward a year for eligibility benefits. Last
month, our State financial systems had a successful transition
to fiscal year 2000. And these successful efforts give us
increasing confidence in our ability to deal with the calendar
year change next January.
But in addition to our efforts to take care of our own
computer systems and ensure that they'll make the transition
successfully, we've taken on the responsibility of providing
the public with information and an array of tools to ensure
their own preparedness. We've conducted a series of workshops
across the State, both for the public, for small businesses,
and for local governments.
We've been very aggressive about our use of the Internet in
providing public information. In fact, we're building a system
where every individual citizen can go to our website and pull
down their own personalized profile with information about the
readiness status of each local government, electricity, natural
gas providers----
Mr. Horn. Let me suggest--I'm an expert now on
microphones--you need to get that pointed very close to you,
otherwise they won't hear you in the back of the room.
Mr. Hedrick. Thank you. Readiness status of local
governments, electricity, natural gas providers, financial
institutions and government benefit programs.
Underlying all of our work in public information is our
belief that people make good choices if they have good
information. And we think it is our responsibility not to sugar
coat that information, but to provide the public with the best
information available.
In assembling that information, we have also provided, both
in print and on the web, two volumes of the Washington State
Year 2000 Readiness Report. The third volume will come out in
November. These reports are written with the help of staff from
various State agencies, from local governments, and from our
private sector advisory group, which includes representatives
of all the major industries.
They include information about the Y2K preparedness in
Washington State of a variety of sectors, including local and
State government, electricity, telecommunications, financial
services, natural gas and petroleum, water supply and
treatment, emergency management, health care, environmental
quality programs, insurance, food supply, public safety, and
transportation.
We believe that we've been pretty responsible about making
our house in order, but we also believe it's our responsibility
to ensure that the citizens of Washington State have a pretty
good idea of how messy or clean the Y2K house is for the rest
of the State.
In that effort, Mr. Chairman, at the State level, we share
your national goal, and we appreciate what you've been doing on
the Federal level. Thank you for the opportunity to testify.
I'll be happy to take questions at the conclusion.
Mr. Horn. We'll do it when all the panel has participated.
Let me say that we will take questions from the audience
written out on a card. And staff will be going up and down each
side, and if you have paper--I think staff have the paper and
the index cards--please feel free to write them out, and then
we will put
those questions that you have into the dialog at the end of
this panel.
And so let us now go to Mr. Clif Burwell, the Y2K program
manager for King County. Thank you for coming, Mr. Burwell.
[The prepared statement of Mr. Hedrick follows:]
[GRAPHIC] [TIFF OMITTED] T0954.376
[GRAPHIC] [TIFF OMITTED] T0954.377
[GRAPHIC] [TIFF OMITTED] T0954.378
Mr. Burwell. Thank you very much, Chairman Horn,
Congresswoman Dunn, Congressman McDermott. Can you hear me?
Mr. Horn. You'll have to talk into that microphone or you
won't be heard past your colleague to the left.
Mr. Burwell. OK. I'm very happy to be here on behalf of
King County. I'm wondering if I would be in trouble if I
admitted that I was one of those programmers in 1967 that you
mentioned that was compressing those dates. I think now I'm
having payback now by being----
Mr. Horn. Were you using COBOL?
Mr. Burwell. We were using COBOL.
Mr. Horn. Well, I actually made a little program in COBOL,
not as many as the two of you. But I must say, they are
suddenly gaining justice. The Federal Government has permitted
anybody that knows anything about COBOL--they'll still get
their Federal pension check, and they can sign a $100,000
contract to solve the problem.
Ms. Dunn. Now we'll get a little credit there. We get to
earn a few paychecks by restoring the problem that we created.
Mr. Horn. Right.
Mr. Burwell. King County took this problem very serious in
1996, and the Council initiated a proviso. The executive
supported that proviso in establishing the Y2K Program Office.
And we started our work in three phases. Phase I was the
mainframe/centralized system, which King County, at that time,
had a lot of systems. Then we moved to the agency systems. And
then the third phase is the independent audit and
certification.
Our project overall is--King County now is 88 percent
complete at this time, with most mission-critical systems being
done. The systems that aren't done are primarily vendor systems
that had to be replaced because they were not compliant.
Our project was organized by business area, and I'd like to
quickly go through that. The four business areas that we're
addressing are law, safety, and justice, general government,
transportation and land use, and health and human services.
In the area of law, safety, and justice, basic police
services in King County are Y2K-ready. The E-911 system within
King County is Y2K-ready. Criminal investigation, fingerprint
identification, special operations, et cetera, all within the
public safety area, are ready. Our fingerprint system is being
replaced, and that will be implemented in October. Prosecuting
attorney systems are ready. Superior court systems, ready.
Adult detention and youth detention systems are ready. In
the youth services area, we had one system that had to be
replaced, a major system, and that is scheduled for October.
All of our infrastructure systems, wide-area network, those
kind of systems, have been tested and audited and are ready.
Our 800-MHz communication system which interfaces
throughout the region is ready. I mentioned the E-911 system
for King County is ready. We're monitoring several public
safety answering points in the region as far as their progress,
and all 911 systems supported by our system with U.S. West will
be ready in September.
Our elections management systems, animal regulation
systems, finance systems, construction systems, ready.
One of our challenges has been in the transportation area
with transit. The transit division is heavily laden with
computer systems, and we've made excellent progress in that
area, and expect to have everything ready by September.
An important part of our program is working with the
community, and we've done that through what we've called a
stakeholders committee, involving both the private sector and
the public sector. And we operate this committee through our
Emergency Operations Center. Members of that committee include
the State, Boeing, Banking Association, city of Seattle,
Weyerhaeuser, and several other agencies.
The objective of that committee is to really do the
outreach program so that we can communicate and educate not
only the other jurisdictions, but the citizens and our
employees.
So overall, King County is 88 percent ready with mission-
critical systems, and we expect to be ready no later than
October. And again, I would be happy to answer any questions at
the appropriate time. Thank you.
[The prepared statement of Mr. Burwell follows:]
[GRAPHIC] [TIFF OMITTED] T0954.379
[GRAPHIC] [TIFF OMITTED] T0954.380
[GRAPHIC] [TIFF OMITTED] T0954.381
[GRAPHIC] [TIFF OMITTED] T0954.382
[GRAPHIC] [TIFF OMITTED] T0954.383
[GRAPHIC] [TIFF OMITTED] T0954.384
[GRAPHIC] [TIFF OMITTED] T0954.385
[GRAPHIC] [TIFF OMITTED] T0954.386
[GRAPHIC] [TIFF OMITTED] T0954.387
[GRAPHIC] [TIFF OMITTED] T0954.388
[GRAPHIC] [TIFF OMITTED] T0954.389
[GRAPHIC] [TIFF OMITTED] T0954.390
[GRAPHIC] [TIFF OMITTED] T0954.391
Mr. Horn. Thank you very mucn. Mr. Marty Chakoian is the
year 2000 project manager for the city of Seattle. Thank you
for coming.
Mr. Chakoian. Thank you. And on behalf of Mayor Paul
Schell, I'd like to welcome you to Seattle.
The city of Seattle, of course, provides essential life and
safety services--police, fire protection, emergency medical
services, traffic control--to our half-million residents. We
also are directly responsible for many local utilities:
electricity, drinking water, sewer and drainage services, solid
waste removal. Those are services provided by city departments,
and you'll be hearing from them on the next panel.
Many of these services depend to one degree or another on
computer systems, and they will not be disrupted by the year
2000 problem.
I was asked last February to establish a central project
office to coordinate this effort, city-wide. Since then, we've
adopted a date standard, promulgated a formal methodology.
We've trained departments on how to use tools and techniques to
be successful. We've prioritized the work of the city. We have
an overall project plan with activities and milestones.
And we're assisting departments directly with their
embedded systems, the evaluation of products and services,
testing, and contingency planning. We're not finished yet, but
we will finish, and we'll finish on time, and we've laid the
foundation to ensure success.
Let me tell you where we are at this point. Over 93 percent
of our physical computer systems are now Y2K compliant. The
city's fiber backbone data network has been upgraded and is
compliant. A new police 911 center has been installed, and
we're doing an end-to-end test with U.S. West this week.
Likewise, we've evaluated our radios, mobile data
terminals, other essential equipment, and determined it to be
Y2K compliant.
Of our 90 mission-critical applications, over 80 percent of
those have now been remediated. And that includes the most
critical things, like police and fire dispatch, electrical
energy management system, water laboratory information system,
our library system, our municipal court system, our core
financial and payroll systems.
The ones that we're still working on, things like a system
in our parks department that schedules ball fields, a receipt
payment system for building permits, and the system that
assigns staff to events at the Seattle Center, those systems,
as well as our minor systems, will also be remediated.
But we're not stopping there. We have, in addition, a
formalized testing program that we require our applications to
go through under the direction of the project office, using a
test plan template that we've adopted from the State. We've
also gone through our embedded systems to ensure that our water
and electrical systems, our wastewater system, solid waste
systems, communications equipment, fire boats, police stations,
emergency medical equipment, even the equipment at our zoo and
our aquarium is Y2K compliant.
We're working with our vendors, with other government
agencies to ensure that they likewise will be able to continue
to work with us. And each city department is developing
contingency plans. Some of those have already been exercised.
We're going to have a city-wide exercise in October.
And, like other government agencies, we're working closely
with the public. We have materials now at our libraries and
community centers. We've produced a video that we're sharing
with the public on how neighborhoods can work together. And
we're doing more and more direct personal contact with our
senior citizens and community groups.
One thing, however, does concern us about the year 2000.
Seattle, as you know, is an international city. We're going to
be hosting the World Trade Organization this November. Port of
Seattle is the fifth largest port in dollar volume in the
Nation, and the Port of Tacoma not too far behind. It's been
estimated that, per capita, Washington State is the most trade-
dependent State in the country, with one of every four jobs
related to international trade.
And so I was concerned when I read the testimony of
Jacquelyn Williams-Bridgers, who is the Inspector General for
the Department of State, talking to the U.S. Senate, reporting
that the global picture is cause for concern.
She says that the global community is likely to experience
Y2K-related failures in every sector, every region, and at
every economic level. She says that this may result in creating
economic havoc and social unrest in some countries, and in
addition to the impact on the families living in those
countries, she says that it could extend to the international
trade arena, where a breakdown in any part of the supply chain
would have a serious impact on the United States and world
economies.
So we in Seattle are very grateful for the work that your
committee has done to ensure that the Federal Government will
be Y2K compliant, and we would appreciate your continued
support of those efforts, as well as working with the Federal
agencies. We're trying to ensure that our international trading
partners can also be Y2K compliant and continue to work with us
in the future.
In conclusion, I'd like to simply invite you to come back
to Seattle to spend New Year's Eve with us at the Seattle
Center if you happen to be in the neighborhood. We're going to
have over 100,000 people there, and I think it's going to be a
great place to ring in the new year. Thank you.
[The prepared statement of Mr. Chakoian follows:]
[GRAPHIC] [TIFF OMITTED] T0954.392
[GRAPHIC] [TIFF OMITTED] T0954.393
[GRAPHIC] [TIFF OMITTED] T0954.394
[GRAPHIC] [TIFF OMITTED] T0954.395
[GRAPHIC] [TIFF OMITTED] T0954.396
Mr. Horn. Well, I appreciate the offer. Ms. Dunn says be
sure the elevator works. And we'll get into microdots and
microchips later.
But I have already committed myself, in almost every
hearing, to do my usual trip to California from Dulles
International to Los Angeles International. And I've got the
FAA Administrator, who is a very able person, to also go on a
trip. I've offered the east-west stuff, but last time she was
going from National in Washington to La Guardia in New York.
And I told her, ``Hey, just don't upset the controllers before
I get on board, if you don't mind.'' So I might take you up on
that.
OK. Last member of this panel is Barbara Graff, the
emergency preparedness manager for the city of Bellevue. Thank
you for coming.
Ms. Graff. Thank you. Good morning, Congressmen Horn and
McDermott. Congresswoman Dunn, welcome home. In decades past,
Bellevue has been referred to as the bedroom community of
Seattle. These days, we refer to Seattle as the dining-room
community of Bellevue.
I am the emergency preparedness manager for the city of
Bellevue, and though my costume implies that I am a single
department representative, our division is in charge of an all-
hazard program for all city services and departments.
Our city has been dealing with the problems posed by the
year 2000 using a team effort. The technological problems
associated with Y2K have been mitigated under the leadership of
our Information Services Department. An interdepartmental
preparedness plan to deal with any consequences has been
developed by our emergency preparedness organization.
My division has been responsible for educating the public.
And our city council and senior staff team have been
responsible for providing support, leadership and resources to
prepare the community.
The city of Bellevue has been actively addressing year 2000
issues for several years. A strategic plan was developed in
1997. 24 major computer systems were evaluated to determine the
cost benefit of replacement versus modification. Programming
updates have been completed, tested and implemented for all
systems for which modification was determined appropriate. The
remaining seven systems are in various stages of replacement,
and will be completed and operational by the end of September.
As a precautionary measure, however, contingency plans have
also been developed for remediating or running parallel
modified systems through the new year.
Research has been conducted on the more than 500 products
which contain process controllers or microchips, and an
independent consultant has recently studied, tested and
validated the city's Y2K remediation work.
Early this year, the city's Emergency Operations Board
developed a Y2K readiness plan outlining contingency measures
to ensure no disruption of critical services for our customers,
similar to the State of Washington's goal. This augments a
comprehensive all-hazard emergency operations plan that had
already been in place for 8 years. This includes: one, an
aggressive public outreach self-preparedness campaign; two,
working closely with our partners in service delivery, such as
Puget Sound Energy, Overlake Hospital, and the Seattle Public
Works Department; and three, preparing our own employees so
they'll be ready to assist the community in any circumstance.
Our Emergency Preparedness Division has applied the same
philosophy to Y2K preparedness that we have given to the 50,000
people in our community over the last 8 years about earthquake
preparedness. The better informed our community is about
potential problems, the more likely that they will take
appropriate self-preparedness steps and the less likely that
emergency services will be overwhelmed.
We're making use of all possible public education formats,
including videos on local governmental and community college
channels, newsletter and newspaper articles, classes and
workshops. Our ``Stomp on the Millennium Bug'' brochure is
available at all city facilities, it's on our city webpage, and
we display it throughout the community. We also make sure it's
in the hand of every fifth grader at all public and private
schools. They're the ones who get their parents to take action.
We've met with the Chamber of Commerce and Bellevue
Downtown Association regarding specific concerns for small to
medium-sized businesses who may not have the resources or
inclination to engage in general disaster preparedness, let
alone prepare for this specific threat.
We've directly mailed a letter to all city B & O taxpayers
and the chamber of commerce mailing list providing resources
and information to prepare their businesses.
We're encouraging neighborhoods to organize themselves
according to the Strengthening Preparedness Among Neighbors
program that recognizes that many times your best source of
help in region-wide disasters is your neighbor.
Emergency generator power is available at parks department
community centers, which could be used as mass care shelters.
Protocols are already in place to fuel our vehicles, top off
our water tanks, utilize manual procedures where appropriate,
and assign appropriate staff to work through critical time
periods.
Our emergency management organization has already conducted
two tabletop exercises this year to identify any weakness in
our contingency plans and improve our operational readiness.
Bellevue, like many jurisdictions, will be activating our
Emergency Operations Center on December 31st, and we will be
appropriately staffed and ready to respond to any circumstance.
Arrangements are already in place with other important
partners, such as our ham radio operator group, churches, the
Red Cross, service clubs, and city volunteers.
A great deal of progress has been made. Many people are
preparing themselves for the same harsh conditions that a
winter storm would bring: cold weather, scattered power
outages, difficulties with communications and transportation. A
lot of work has been done to fix the technological problems.
Still, we believe there is reason for concern.
Triaged, or sorted, fixes for many organizations means that
a lot of work remains undone, opportunists with malicious
intent, just-in-time delivery of goods and services, and the
ripple effect of inadequate fixes for basic problems.
Although no organization, public or private, can
realistically offer a guarantee that Y2K will have no effect on
their service, we can offer the assurance that we're ready to
meet any consequence of the date change.
Bellevue is treating Y2K as an opportunity to practice
consequence management. First, we're aggressively mitigating
our own technological problems before they can occur. Second,
we're strengthening the partnership we had already created with
our community in disaster preparation. Third, we're preparing
to deal with whatever consequence may come our way in the new
year. In any event, at the end of this year, we'll be better
prepared to have our community and governmental services ready
for the next earthquake or real disaster.
Bellevue, however, is only one part of the picture. There
are countless agencies related to each other through the common
use of products and services. The year 2000 will be, among
other things, a great revelation of just how dependent we are
on one another. It's also an extraordinary opportunity to
strengthen our ability to count on one another. Thank you very
much.
[The prepared statement of Ms. Graff follows:]
[GRAPHIC] [TIFF OMITTED] T0954.397
[GRAPHIC] [TIFF OMITTED] T0954.398
[GRAPHIC] [TIFF OMITTED] T0954.399
[GRAPHIC] [TIFF OMITTED] T0954.400
[GRAPHIC] [TIFF OMITTED] T0954.401
Mr. Horn. That's a fascinating presentation. This is the
first time I've heard of fifth graders involved, and I think
it's a terrific idea. And a number of cities are trying to use
their billing method and everything else to get messages, but
if you hit all the citizenry, that, too, is amazing.
Now, what I'd like to ask is one or two questions, then I'm
going to ask my colleagues to do it. And staff will go around
and get your written questions, and we'll work those into the
dialog. And then Mr. Willemssen will close out the dialog based
on what he's heard this morning.
So let me begin. And we'll start with Mr. Hedrick and all
of you. I'd like to go down the line. You've been immersed in
this for a number of years, each of you.
I've said from the very beginning this is a management
problem, not a technological problem. Sure, we use this or
that, experts in computers and whatnot. But now that you've
been through this, if you could do it over, what would you do
that you didn't do? And you sort of might have stumbled into it
like everybody else has stumbled into it.
So what would you contribute to us, Mr. Hedrick, on what
relates to you, that you wish you had done 2 or 3 years ago?
Mr. Hedrick. Well, I agree with you that this, at the very
beginning, was a technology issue and rapidly evolved into a
management issue. And we've actually learned some very good
lessons in State government about how to manage complex
problems that we're adapting for some future use.
For example, our group of deputy directors at State
agencies has met twice a month to assess our progress on Y2K,
and is now continuing to meet twice a month to map our progress
on building more digital government and electronic commerce.
If we had to change something, I think we would have looked
at the problems of embedded systems earlier than we did. As I
mentioned in my testimony, we've been looking at our IT systems
for 6 years now, and those are complete, essentially. Our
embedded systems, though we've found fewer problems than
perhaps we expected, we had to address more rapidly than we
probably should have.
Mr. Horn. Mr. Burwell, any suggestions, now that you've
gone through this exercise? What would you like to have done
over, earlier?
Mr. Burwell. Well, I think one of the things would be,
again, the embedded systems. We didn't really understand the
impact and how to test those.
I think one of the things we found early on, we were
treating it like just a technology problem, and clearly it
wasn't. And I think we would get agency involvement from the
business side involved earlier. When we started our process, we
were really working technology with LAN administrators, et
cetera, not the people that knew the business and what were
really the essential services.
I think early on, also, we would have shifted the emphasis
from resolving and fixing PCs and desktop equipment. That was
our easiest job. That was absolutely the most easy job. It was
dealing with applications and vendors and that sort of thing.
And so we would have addressed that sooner on in the project.
And finally, we weren't prepared to deal with and archive
and index the volumes and volumes of information that my office
was getting from the agencies. And that can be a real benefit
in getting that information from all of the agencies and it
becoming the base for a business and a technology inventory.
Mr. Horn. Mr. Chakoian.
Mr. Chakoian. I certainly agree with what my colleagues
have said. I guess I would answer the question a little bit
differently in terms of what have we learned that we can now
institutionalize? What are the lessons we have learned that can
become part of our way of doing business?
And certainly having a better understanding of the
relationships between our applications and the business
functions that they serve; keeping business people more closely
involved in decisions about the computer systems;
standardization has been a big boon for us; really learning how
to do good testing, we need to make that part of our way of
doing business; and contingency planning.
I think we have made huge strides in having good
contingency plans in place that will not only serve us for Y2K,
but for any kind of problem or emergency that we face. So all
of those things need to become part of our way of doing
business.
Mr. Horn. Ms. Graff, if you had to do a few things over,
what would they be?
Ms. Graff. One of the easiest things about preparing for
Y2K was the fact that we already had an all-hazard emergency
operations plan for the city in place. Therefore, what we did
for this specific threat was simply take a close look at our
planning assumptions to figure out what's different about this
event than any other regional disaster, such as an earthquake.
I think what we would have done differently, had we had the
opportunity, was lobby for exactly the actions that Congress
took, which actually led the way to more businesses and
entities sharing information with each other, rather than under
the incentive of watching out for a lawsuit, trying to keep
themselves in business. And those are the kind of partnerships
that prepare any type of region or single entity for a
disaster. Hopefully, like Marty mentioned, we'll learn and
carry into the future some of the benefits of how we prepared
for Y2K.
Mr. Horn. Let me now yield to my colleagues here, and start
with Ms. Dunn, on any questions she might have of the panel.
Ms. Dunn. Let me just ask Mr. Willemssen a question off the
top, because you caught my attention, Mr. Willemssen, when you
talked about the Social Security Administration and you said
that there is some work, minimal work, that remains to make
sure that the Social Security Administration is fully ready.
Can you tell us what that work would be?
Mr. Willemssen. I testified approximately 2\1/2\ weeks ago
on Social Security, and the testimony touched on Y2K.
Among the areas that SSA still had to work on is one of
their mission-critical systems had not yet been certified as
compliant. Second at that time, they had approximately six data
exchanges with outside entities that had not been fully tested
and certified.
Third, SSA was using a quality assurance tool, after
everything had been remediated and tested and implemented, as a
double-check to see if there were any problems that could be
identified with this independent quality assurance tool, and
they did find some problems that they are now following up on.
And finally, another key area was that SSA had still
remaining testing of their key contingency plans that they had
to do.
So there were a number of remaining tasks, but I'm
confident that they'll get them done, because one thing that
has been very evident among the Federal agencies is that Social
Security is the leader. They've been very responsive to us
whenever we've raised issues, and they immediately take action
to address those issues.
Ms. Dunn. Thank you very much. That's good to know.
Let me ask a question of Mr. Hedrick. We recently read that
three States are now Y2K compliant. You say that 98 percent of
our State computer systems are fully compliant. How long will
it be until we become a member of that wonderful list of only
three now?
Mr. Hedrick. There are six State agency computer systems
that have some testing remaining to do that will be completed
over the next 6 weeks.
We also, as part of the auditing and assessment process,
have looked at the status of higher educational institutions in
the State, and there are a couple of those that have systems
that will be completed over the next 6 to 8 weeks, also.
Ms. Dunn. Thank you very much. I wanted just to mention to
Ms. Graff, because your city is part of my district, and I'm
very proud to represent more than half of Bellevue, I liked
your comment about Seattle being the restaurant community for
Bellevue. That's pretty appropriate these days.
In the work that you are doing on behalf of the city, have
you run into problems of fear of liability from companies that
you've been dealing with? Is this what you were saying to us
earlier?
Ms. Graff. Not as much fear of liability as generic apathy
to get ready for any type of disaster. In other words, they're
in about that third phase of denial, that this really won't be
that bad.
And we'd just as soon that they would treat it in such a
way that this might not be that bad, but the earthquake will
be. Get ready once and you're ready for everything.
So I wouldn't say that there's too much of that negative
kind of energy on the local level from the businesses that
we've talked with or the Chamber or the Bellevue Downtown
Association, but it's a matter of getting their interest level
up to do something.
Ms. Dunn. Good. Mr. Chakoian and Mr. Burwell, I wanted to
just ask you, as you have been so involved in organizing this
for King County and Seattle, what are you most fearful of? Is
there some area that comes to the top of your mind if you were
asked what are you worried about? What are you worried about
maybe for your families or your community as we move toward
Y2K?
Mr. Burwell. That's a good question. And I get that
question an awful lot from friends and family and colleagues.
My biggest fear is really the public hype and what's going to
happen if you see your neighbor buying extra loaves of bread or
filling up every vehicle and going to the bank and that sort of
thing, and that we have to deal with with education.
But that's my fear, more than the technology or power
outage or that sort of thing, is having to deal with citizens
overdoing it and not being educated. That really, this is just
like--treat it like a storm, a three to 5-day storm, not a
Seattle storm of one flake of snow, but a Chicago storm where
you might be without transportation for 3 or 4 days.
But to me, it's what I'm calling the public hype that I'm
worried about, that things might get exaggerated. We've heard
rumors of possibly a couple of movies coming out the last
quarter of this year, and what is that going to do to the
public minds? So that's my concern.
Mr. Chakoian. Other than the long-term economic factors,
which I've already mentioned I'm concerned about, I think in
the short term, I have to agree with Clif. We will be ready to
operate as normal. It will be a normal time for us because
we'll be prepared. And if the public behaves normally, then
we'll all get through this fine.
If everybody picks up the phone at the stroke of midnight
and calls 911 to see if it works, it won't work because the
lines will be jammed. But if everybody acts in a normal,
responsible way, I think we'll be fine.
Ms. Dunn. Thank you. So as one of the members of our
audience, Mr. Lloyd Robbins, has said in a question that I
would submit to be asked later, he has said that we must be
able to provide the public with adequate assurance that any
possible problems after January 1, 2000, will be minimal, and
that this will be quickly corrected. Thank you.
Mr. Horn. The gentleman from Washington, Mr. McDermott.
Mr. McDermott. Thank you, Mr. Chairman. It's always
heartening to hear that everything is perfect and it's going to
work well. And I've been around long enough to always wonder if
that's exactly true.
Are there any systems at either the State or city or county
level that you think are liable to fail in this period?
Important systems, let me make that clear, because one of the
systems you said you were still working on was the distribution
of ball fields. And I'm not sure, on January 1st, how important
whether or not you can get the lights on at the Queen Anne
Community Center to play soccer is. So I'm talking about
important systems.
Mr. Chakoian. Well, the parks department considers that an
important system. It is on their mission-critical list, and it
will be ready by January. But other systems also will be ready.
There is no system on our mission-critical list that I can
think of that I'm particularly worried about.
On the other hand, we'll have contingency plans in place in
case any of our external interfaces don't work. So if there's a
problem with any of our vendors or suppliers, we'll have work-
arounds for that.
So I'm not saying today that everything will be perfect,
but I am saying we'll be ready for whatever happens. And the
mayor has given us the charge of ensuring that there is no
disruption in basic service to the public, and we will honor
that and we'll achieve it.
Mr. McDermott. King County?
Mr. Burwell. Well, I am worried. I'm confident, and I feel
that we are ready, but I am worried because there are so many
variables involved in this project, from the outside, from
vendors, from power sources, from interfaces with other
systems, our systems with the State of Washington, et cetera,
and anything can cause a problem.
But I'm confident in that we can fix the problems. We have
contingencies. We have backups. We have test plans for the
actual rollover weekend. And I've been in this business a long
time, and we're good at solving problems quickly, if there are
problems. And like Marty from the city, we don't expect
problems. We think we're prepared. But there's probably going
to be some problems, but we're prepared to fix them quickly.
Mr. McDermott. The State?
Mr. Hedrick. We've identified over 400 mission-critical
systems. Every single one of them is going to be fixed and
tested. But we live in a very interdependent environment where
it is impossible to test every conceivable interface with other
data, for example, from the Federal Government, but we will
ensure that we meet the government's goals of no interruptions
in service or loss of accountability.
But we've established very detailed contingency plans. As
other panelists have mentioned, this has been a great
opportunity to do contingency planning that we should have been
doing in any case and have been doing in any case, but have
improved a number of those contingency plans that will be
useful in the case of any disruptions.
Mr. McDermott. One of the things that troubles me about
this whole business is you all mention vendors, the interface
between government and the vendors. And what's a little bit
troublesome to me was Congress passing a bill giving blanket
freedom from liability to vendors. And because that takes the
pressure off, it seems to me, to get up and get running,
exactly what was suggested by Ms. Graff, that some people say,
``Well, it's not going to be much of a problem. No problem,
we'll fix it by and by.''
I wonder to the extent of what vendor areas do you see as
the most difficult ones where you interface with the vendors
from the outside? What are the most difficult ones?
Mr. Chakoian. I guess I'll take a crack at that. We've
identified 396 key vendors and suppliers that the city of
Seattle depends on, and we're contacting those one by one and
going through with them, trying to ascertain what is their year
2000 program, how are they doing, what level of confidence do
we have of them.
And so far, those discussions are going very well. Most of
the companies that we deal with are larger companies that have
the resources, and so on, to do the same kinds of things that
we're doing.
What does concern me is not that somebody won't be in
business the first couple of weeks in January, but that
overall, the worldwide connectivity of suppliers and products
that these vendors depend on in the long term could have an
impact.
So I don't expect to see anything in January or February
where a company that we depend on can't do business with us.
I'm concerned about, over the first 6 months, seeing some of
our key business partners perhaps have some difficulties based
on their international dependencies.
Mr. Burwell. Without getting specific on a specific vendor,
vendors and ourselves are reluctant to use the word
``compliant.'' We've been advised by our prosecuting attorney
not to use that word; ``We're Y2K-ready,'' or, ``We will be
Y2K-ready,'' again, because there are so many variables.
And so that's kind of how we answer questions about our
state of readiness, that we're trying to avoid the word
``compliant.''
But I've found with some vendors, one in particular that I
would rather not mention, that is so reluctant that they won't
give us a status, and we have to go to sources like the web and
those kind of things to get information, but is one pretty
critical vendor who we believe is ready but will not give us
any statement of readiness.
Mr. McDermott. Is that a liability question, a legal
question? They don't want to set themselves up having said,
``I'm compliant,'' and then it turns out that----
Mr. Burwell. I think it is. I think it is. And just
recently I got a phone call, and it was a recorded message from
a vendor, and it went on for minutes, what they will and what
they won't do, and if you do this and if you don't do this, and
blah, blah, blah, our product is not ready.
And it was a very disappointing statement to me that a
vendor would announce their readiness, or lack of it, via a
recorded phone message.
That's just kind of two examples of what I've faced, but
there's a reluctance by many to say ``we're compliant'' because
of the variables and outside influences on their ability to be
compliant. So they're reluctant to communicate that.
Mr. McDermott. At the State level?
Mr. Hedrick. We have tested every vendor-related
information technology issue. But State government is dependent
upon a wide variety of vendors, from the buildings that we
lease--and we've asked for Y2K assurances on all of those--to,
for example, foster care and health care that State government
contracts for.
We do not have the capacity, for example, to independently
audit every single one of the Y2K statuses of all health care
providers in this State which we regulate and, in many cases,
are vendors because we pay bills.
Our Department of Health has sent letters to every single
health care provider that we regulate and demanded assurances
that they're dealing with the Y2K problem, and let them know
that they're going to be responsible for carrying out their
responsibilities come the beginning of the year, and demanding
a response back.
And one of the interesting things that we've done is, last
week, we released on the World Wide Web and to the press the
names of every hospital, for example, in the State that sent us
back the letter, and every one that didn't. And that got their
attention pretty quickly once that was released.
So again, it goes back to our fundamental belief that we
need to provide the public with as much information as
possible, and that people will make good decisions based upon
that good information. But we live in a world of uncertainties.
Mr. McDermott. I didn't mean to exclude Bellevue. Have you
had problems with vendors?
Ms. Graff. We're pretty much in the same boat as Seattle
is, that it's very difficult to get a clear compliancy
statement from absolutely all of our vendors. A lot of us are
in this form-letter chain system right now where they send us a
form letter, we send one back, we send a more complicated one,
they send a more complicated form letter back.
I think that one of our biggest concerns, quite frankly,
are the testing procedures that still need to be done
throughout the remainder of the year. I think we're all aware
of the fact that unless you have the folks from the vendors or
the manufacturers available to help in the testing procedures
for equipment that has microprocessors or microchips, you may
well invalidate the warranty associated with that equipment.
And I think that more and more people who are just now
getting to the testing phase, and if their schedule is perfect
and nothing interrupts them and there's enough technicians to
go around, they'll say, ``Yes, we will be done by such and such
a day later this year,'' whether or not there's actually enough
folks to go around to do that. So I still have a little caution
about the testing procedures.
Mr. McDermott. Thank you, Mr. Chairman. I think it's an
issue that we need to look at carefully in terms of what kind
of liability exclusion we give people.
Mr. Horn. Let me just ask a brief question, just because it
comes up in different cities and counties and States. In the
case of State prisons and in the case of county jails, those
systems, in terms of releasing people, we've found in a couple
of cases that they had real problems with that regard. And I'm
just curious what the jail and prison situation is?
Mr. Hedrick. All of our correctional institutions are fully
compliant.
Mr. Horn. So you won't be letting people out that shouldn't
be out?
Mr. Hedrick. The default is to close the doors, not to open
them.
Mr. Horn. How about King County?
Mr. Burwell. I heard the default was to open the doors.
But in King County, our adult detention facilities,
including the Regional Justice Center in Kent, are all Y2K
compliant. And we have very strong contingency plans for
recovering if there are any problems. But they've all been
tested and are Y2K-ready.
Mr. Horn. I want to get in the audience questions very
rapidly. So one of them here is: would the Y2K problem affect
the stock market?
The answer is: they're OK. Back in our first hearing in
1996, they were working on this. They have done extensive
testing in terms of the stock exchanges, and there's no problem
there. There's no problem with the clearinghouse. There's no
problem with the banks. I talked to Chairman Greenspan 4 years
ago on this, and he delegated it to Mr. Kelley, one of the
governors, and the banks are in great shape, basically. So we
don't have to worry about that one.
And then: what's the status of the Health Care Financing
Administration? And my colleagues have an interest in that
because that relates to Medicare and Medicaid.
And we do have a problem with some of the fiscal
intermediaries, and we will be holding another hearing on that.
But they have a very able administrator, and I think she's
going to be on top of it. But it is a major problem without a
question there.
Mr. Willemssen, do you want to add something to that?
Mr. Willemssen. Just to concur with your statement. The
Health Care Financing Administration and Medicare remain one of
the highest-risk Federal agencies. HCFA is busily working at
Y2K, and also busily working at the contingency plans in the
event that there are disruptions.
Mr. Horn. Now, here's a question for Mr. Burwell, that
organizations such as the city of Seattle have been working
since 1993 to 1996, and have reached 80 to 88 percent
compliance, says this individual in the audience. How can they
fix the remaining 12 to 20 percent in 90 days, at least by the
end of September?
Mr. Burwell. I guess that was addressed to me, even though
they were mentioning the city.
For King County, we're at about 88 percent right now of our
mission-critical systems. Where we're waiting is basically for
vendor systems that are replacing noncompliant systems. Those
systems are installed and being tested. So we really don't feel
there's a problem with reaching that.
Mr. Horn. But that was the question the person had. You've
said 88 percent, and they were wondering how you get the
remainder, and would you be able to do it in a timely way,
either in the city or the county?
Mr. Burwell. And we would, because it's just a matter of
installation.
Mr. Chakoian. It's the same with the city of Seattle. It's
not like we're now starting on those remaining 20 percent of
the systems. In fact, much like King County, we've already
purchased the software. It's been installed. It just hasn't
been put into production yet.
Mr. Horn. Does either the county or the city have a
hospital that's a public hospital?
Mr. Burwell. Yes. We support, at least in part, Harborview.
Mr. Horn. Now, the emergency rooms have been one that we've
had a lot of testimony on. And when we were in Cleveland with
the Cleveland Clinic, which is one of the top hospital
facilities in America, they talked about the World Wide Web
system that all hospitals can access in terms of manufacturer,
manufacturer's model, date of this equipment, and so forth. So
they don't have to reinvent the wheel, nationwide. The
information is there from the contractor and manufacturer, as
well as the hospitals.
So I just wondered if you were making use of that?
Mr. Burwell. I'm not personally--the University of
Washington is overseeing the medical programs there and at
Harborview. And I apologize. The only thing I can respond to is
that I've heard them say at our stakeholder meetings that they
are Y2K-ready.
Mr. Hedrick. Those are actually state-funded institutions.
The University of Washington Medical Center, as part of our
assessment process, have gone through our outside auditing
process and they are ready. They had some problems early on,
but they've resolved those.
Mr. Horn. Here's a question, and Mr. Willemssen, I'll let
you answer that one. Please define ``Y2K-ready'' and ``Y2K
compliant.'' Are they the same?
Mr. Willemssen. No two people will give you the same answer
on that. I think it was touched on, I believe, by Mr. Burwell a
little bit earlier, about, that generally speaking, the term
``Y2K-ready'' is held in a bit lower level of stature, and
``Y2K compliance'' is considered a more difficult standard to
achieve.
But in order to really understand those terms, you've got
to get to the actual definitions and exactly what the vendor,
in this case, is referring to by that particular term.
Mr. Horn. Here is one really for all. Are there score cards
or report cards for other municipalities and internationally?
Are there these cards?
The answer is no. It's simply been our subcommittee's view
that, working with the General Accounting Office, we could
translate all the gobbledygook of the quarterly reports and
sort of give a view to the Nation, because we're all familiar
with grading.
And this is not a pass/fail thing. We actually have worked
out between the ``Fs'' and the ``Ds'', and the administration
as a whole has gone through ``Ds'', ``C-minuses'', ``C-
pluses''. They're now at ``B-minus''. We're confident they'll
get to the ``A'' in a bit.
And the State Department, which was mentioned a little
while ago, the State Department is particularly interesting.
We've given them ``Fs'' consistently for several years. And
then finally, they moved from ``F'' to ``A minus''. And one of
the computer newspapers said to one of the supervisors there,
``How did that happen?'' And the supervisor said, ``I guess my
boss just got tired of having them give me `Fs.' '' And so it's
the last-minute student that's very bright and works all night
and finally gets it.
So the State Department has been in that situation. And, of
course, the problem there is a lot of interconnections. Not as
many as we think abroad, because they are pretty much self-
contained in a lot of their computer systems.
But we have a major problem in terms of developing nations.
And the World Bank, I had asked 3 years ago for the Secretary
General of the U.N. to put an international conference
together. They finally did a year ago, and 120 nations showed
up. And Mr. Koskinen and I both went up for that one, and it
was really an excellent dialog.
And just recently, the U.N. again held a meeting, and as I
remember, 173 nations showed up. The World Bank picked up the
tab for a lot of this. So it's a last-minute bit, but we have
real problems in some of the developing nations in this regard.
And a lot of that relates to our trade, to businesses. And if
businesses in certain countries can't connect--especially with
your great port here--with their subsidiaries in the United
States or in Europe, we have problems. And so that's still an
open matter.
Then one question was: how do we safeguard ourselves
against opportunistic groups that want to take advantage of Y2K
failures?
That's a very good question. There will be a lot of nuts
that come out of the woodwork, and they'll want to scare you
out of the whole building, and you need to not bite. And this
was said very well by Ms. Graff. You look at it as just a
regular emergency. In the case of California, I think about
earthquakes, think about fires, think about floods. We have all
of them. And so do you in many ways.
And we just have to systematically be prudent and say,
``Keep a little bit of food around.'' When I tell my Mormon
friends, ``Gee, we ought to have at least a couple weeks or
couple months,'' they say, ``Look, we've been doing a couple of
years forever. So don't worry about us.''
But that said, just be prudent and get a battery supply and
all the rest of it. So I wouldn't worry on that if we, as was
said, use common sense. And that's important.
And then Mr. Willemssen; could computers that read 2000 as
1900 cause problems? How severe?
That's the problem. I don't know what else we can say to
it.
Mr. Willemssen. That's the subject of today's hearing.
Mr. Horn. Exactly.
In your written statement, they said to Mr. Willemssen,
that the Federal Office of Management and Budget established
target dates for agencies to complete business continuity and
contingency plans. Has OMB implemented your suggestions? Why or
why not?
Mr. Willemssen. They have not implemented our suggestion of
establishing specific dates on when the business continuity
plans need to be tested, which we recommended those plans be
tested no later than September 30th.
It's one thing to have a plan on a piece of paper and put
on a shelf, but you have to test the plan to make sure that
it's actually going to work should some of these risks realize
themselves.
We're not aware, as of right now, that OMBL, established
that date. We know they are putting a lot of emphasis in the
area of contingency plans, but essentially leaving it up to the
agencies to determine when they're going to test.
Mr. Horn. I might add that with OMB, when Dr. Raines was
director--that's one or two directors ago--he did a first-rate
job in taking over on an attempt at the reporting. And the key
there is what some of you mentioned. We've had outside
verification.
Well, in the case of the executive branch, we asked the
inspectors general, which have been created by Congress in all
the major agencies, to be that verifier, because when we ask
the agencies to produce what are their mission-critical
systems, that's strictly an agency determination, and it's the
right way to go at it because they should know what is most
important for them. And I suspect the State looked at it the
same way.
Ms. Dunn says Dr. Raines is from Seattle. Obviously, a good
person, right? He's now with Fannie Mae. You can tell he's a
bright person and got out of the executive branch. That's not
said about any administration. It's just that you can't beat
being at Fannie Mae, and he went there.
The letter of Mr. Robbins and Mr. Bevan of JHB Consulting
wanted us to ask this question: who did the independent
verification and validation on your systems? And I guess we
just go right down the line.
And Mr. Hedrick, who did it in the case of the State?
Mr. Hedrick. Well, as I mentioned before, we have a two-
level system of assessment and auditing. There are a number of
different computer consultants that have done assessments at
different State agencies and higher educational institutions. A
company called Sterling & Associates did the overall risk
assessment and this rating.
Mr. Horn. Let me state the rest of the question: if you did
your own internal remediation and testing, why didn't you have
your software systems validated and verified by an independent,
outside organization?
So that's the whole question.
Mr. Burwell.
Mr. Burwell. And that's a very valid point. And we did do
that with an outside consultant, and I hired outside
contractors to conduct that IV&V.
Mr. Horn. Mr. Chakoian.
Mr. Chakoian. Yes, we've worked with Data Dimensions to do
our assessment, and they're continuing to work with us to do
this ongoing audit of our systems and processes.
Mr. Horn. Ms. Graff.
Ms. Graff. The city of Bellevue used Coda Consulting, Inc.
Mr. Horn. Well, as they say here, ``We hope that your
hearings will be able to provide the public with adequate
assurances that any possible problems after January 1st, 2000
will be minimal and quickly remedied.''
And we thank you all. We're going to have to move to the
next two panels, but we really appreciate the dialog here.
Mr. Willemssen, do you have any point in particular before
they get up? I'm sorry I didn't call on you sooner, but I
wanted to get those questions in.
Mr. Willemssen. Just one quick point that was mentioned
earlier about concern of public overreaction. In my experience,
the best way to counter that is by providing, transparently,
data on readiness that has been independently verified.
I think you've heard from the witnesses on this panel that
they are doing that or plan to do that. And again, our
experience shows that's the best way to counter public
overreaction.
Mr. Horn. I think you've got it absolutely. Put all the
cards on the table.
Thank you, each of you, for coming. A very helpful dialog
and very helpful statements. Thanks for coming.
We now will call forward the second panel. And members of
the second panel are Mr. O'Rourke, chief information officer,
Bonneville Power Administration; Jerry Walls, the project
manager for embedded systems, Y2K, at Puget Sound Energy; James
Ritch, deputy superintendent, finance and administration,
Seattle City Light; Marilyn Hoggarth, manager, Washington State
public affairs, General Telephone; Dave Hilmoe, division
director, water quality and supply, Seattle Public Utilities;
and Brad Cummings, Y2K program manager, University of
Washington Academic Medical Center.
Ladies and gentlemen, if you'd stand and take the oath. And
anybody who is going to talk behind you stand, too. So I think
we've got eleven covered.
[Witnesses sworn.]
Mr. Horn. The clerk will note all the witnesses and their
supporters and assistants behind them have taken the oath.
So we will begin, Mr. O'Rourke, with you. And I enjoyed
seeing the Bonneville Dam recently. And you are the chief
information officer of the Bonneville Power Administration, so
we look forward to hearing you.
Mr. O'Rourke. Thank you, Mr. Chairman.
Mr. Horn. And again, we're talking about summarizing the
statement. Don't read it. We've got it. That's automatically in
the record right now.
Mr. O'Rourke. I understand.
STATEMENTS OF JOE O'ROURKE, CHIEF INFORMATION OFFICER,
BONNEVILLE POWER ADMINISTRATION; JERRY WALLS, PROJECT MANAGER,
EMBEDDED SYSTEMS, PUGET SOUND ENERGY; JAMES RITCH, DEPUTY
SUPERINTENDENT, FINANCE AND ADMINISTRATION, SEATTLE CITY LIGHT;
MARILYN HOGGARTH, WASHINGTON STATE PUBLIC AFFAIRS MANAGER,
GENERAL TELEPHONE CO.; DAVE HILMOE, DIVISION DIRECTOR, WATER
QUALITY AND SUPPLY, SEATTLE PUBLIC UTILITIES; AND BRAD
CUMMINGS, Y2K PROGRAM MANAGER, UNIVERSITY OF WASHINGTON
ACADEMIC MEDICAL CENTERS
Mr. O'Rourke. Thank you, Mr. Chairman, distinguished
members of the House subcommittee. In the role of chief
information officer, I am responsible to the administrator for
BPA's Y2K readiness. We appreciate the opportunity to appear
today, and I appreciate your continued support for this
important issue.
Let me get right to the bottom line. Bonneville is
confident that our system will operate safely and reliably on
New Year's Day, 2000. We are Y2K-ready, and we're confident the
lights will stay on.
I don't say that lightly. BPA has taken Y2K very seriously.
We're keenly aware of the importance of the power system to the
safety and welfare of the Pacific Northwest. We have a long
history of exemplary customer service of providing safe, low
cost, reliable electricity, and we don't intend allowing Y2K to
affect that.
I'd briefly like to talk today about three major reasons
why we are so confident BPA will meet the Y2K challenge. First,
we've had a methodical program in place since 1995. Second, we
have worked closely with our business partners to coordinate
Y2K preparations. And third, we're not resting on our laurels.
We continue to monitor our systems and redefine and refine our
contingency plans right up to and beyond January 1st, 2000.
BPA is a Federal power marketing agency. We sell about 40
percent of the electrical power and about 75 percent of the
transmission service in Oregon, Washington, Idaho and western
Montana.
We do not own or operate generating facilities. The
wholesale power we sell is generated by 29 Federal dams on the
Columbia and Snake Rivers that are owned and operated by the
Army Corps of Engineers and the Department of Interior's Bureau
of Reclamation, and one nuclear plant owned and operated by
Energy Northwest.
We saw early that Y2K was critical. We started an inventory
of our systems in 1995, and eventually we inventoried over 700
systems, hardware, software and embedded systems and chips.
We made testing mandatory for mission-critical and mission-
essential systems and equipment. Where needed, we remediated,
then we retested. Then we subjected the program process and
test results to an independent review and verification of
findings.
Our Y2K-ready systems are on line now, operating the
transmission system. We've already passed two critical Y2K
dates, December 31st, 1998, and April 9, 1999. By the time
January 1, 2000 rolls around, we will have dealt with a third
critical date, September 9, 1999.
Secretary Richardson has called our BPA program an example
of just plain hard work. And certainly working with the
Department of Energy CIO office and their Y2K management team
has helped us achieve BPA's objective and the Department's
objective: as of March 31st, 1999, BPA is Y2K-ready.
In our efforts, we've worked closely with our generation
partners and Federal dams, the nuclear plant and the Western
Systems Coordinating Council, or WSCC, and with our utility
customers.
The Corps of Engineers and Bureau of Reclamation both
announced they were Y2K-ready March 31, 1999. Energy Northwest
announced its Y2K readiness June 30, 1999.
The 107 power systems in the WSCC plan to operate their
transmission grids interconnected over the New Year's weekend.
The WSCC grid is designed to operate more reliably when
interconnected. If load and generation is lost, the generators
in the WSCC can help each other stabilize their system. WSCC's
Y2K task force is planning operations for critical Y2K dates,
and conducting Y2K drills and training.
Since our customers' transmission and distribution systems
interconnect with ours, they can impact our reliability. We
have inventoried the places where our transmission grid
interconnects with theirs and collaborated on Y2K readiness,
and, as well, we have emergency communications systems set up
with all of our wholesale customers.
Finding, testing and remediating, while important, is only
one piece of our program. Contingency planning and clean
management is where we're focusing our program at this time. No
one can predict the future on January 1, 2000, or even
tomorrow. That's why we do contingency planning, because there
are no guarantees.
BPA has, for years, been bringing the system back on line
quickly, seamlessly, following winter storms and lightning
strikes, often when end users don't even know it.
The foundation of BPA's Y2K contingency plan is to operate
our system so that we have more cushion over the New Year's
weekend. BPA's hydro system actually provides more cushion than
a system that uses mostly thermal plants. Hydro power can be
brought on and off line quickly in response to changes.
Our partners at the Federal dams will also be prepared to
operate on manual controls. So dispatchers, and BPA's system as
well, predates automation. Thereby, our substations can be
operated manually.
We've got the components in place. BPA is ready. Our Y2K-
ready systems are up and running. Our generation partners are
Y2K-ready, and we continue to be vigilant. That's why I can say
that we're confident that BPA's power system will continue to
operate safely and reliably at all key Y2K dates.
Mr. Chairman, that concludes my testimony, and we'll
certainly be happy to respond to any questions or
recommendations from the panel on our Y2K readiness program.
[The prepared statement of Mr. O'Rourke follows:]
[GRAPHIC] [TIFF OMITTED] T0954.402
[GRAPHIC] [TIFF OMITTED] T0954.403
[GRAPHIC] [TIFF OMITTED] T0954.404
[GRAPHIC] [TIFF OMITTED] T0954.405
[GRAPHIC] [TIFF OMITTED] T0954.406
[GRAPHIC] [TIFF OMITTED] T0954.407
[GRAPHIC] [TIFF OMITTED] T0954.408
[GRAPHIC] [TIFF OMITTED] T0954.409
[GRAPHIC] [TIFF OMITTED] T0954.410
Mr. Horn. That's very helpful information. And we'll wait
until we're all done, and then we'll have the dialog and
questions.
Jerry Walls is the project manager for embedded systems on
the Y2K project for Puget Sound Energy. Mr. Walls.
Mr. Walls. Good morning, Mr. Chairman, members of the
committee. I want to thank you for inviting Puget Sound Energy
here today to discuss our Y2K efforts.
Based in Bellevue, WA, Puget Sound Energy is an investor-
owned utility that has served the Puget Sound region for about
100 years. We have approximately 550,000 natural gas customers
and 900,000 electric customers.
We began working on Y2K issues approximately 3 years ago.
On June 30th of this year, we filed a report with the North
American Electric Reliability Council stating that we believe
all of our mission-critical systems are Y2K-ready. This
conclusion results from both our own internal seven-step
approach to Y2K readiness, but also as well as working with our
service providers to ensure that they are also Y2K-ready. In
addition to our electricity operations, our gas operations also
were Y2K-ready by our June 30th deadline. And we believe that
on December 31st, 1999, that we will be conducting business as
usual in both our electric and gas operation.
Puget Sound Energy conducted a very extensive program to
identify and check every component and system. If they found a
problem, that problem was remediated and fixed.
As part of that assessment and remediation, we did an
extensive amount of testing to ensure that our systems were
Y2K-ready. This included, in many of our systems, what we would
call an integrated end-to-end test of all of the integrated
systems. This is both internal and external to our company.
Our objective, overall, was to learn that our gas
operations, our electric generation, transmission and
distribution, and telecommunication systems were all Y2K-ready.
Through this $14 million process that we've been going
through for the past 3 years, we physically surveyed more than
1,500 sites in 11 counties in the State of Washington. And
through that process, we evaluated more than 25,000 separate
items for date sensitivity that could have caused Y2K problems.
However, interestingly enough, throughout this process, our
Y2K team did not find a single item that we felt would have
caused a severe disruption of either our gas or electric
systems.
However, working with those systems that either control or
monitor our energy systems or telecommunications, we did find
Y2K issues, and these would have hampered our operations and
caused us to use manual backup systems that we've used in past
times. But again, by June 30th, all the problems I just
mentioned were Y2K-ready and they've been tested.
In addition to those items I discussed, in our field areas,
in the sites we visited, we replaced more than 500 separate
devices that were not Y2K-ready. And probably close to two
dozen separate computer systems were remediated, to some
extent, for those systems that monitor or control our energy
systems or our telecommunications systems. Again, in total, of
all of the items that we looked at, less than 2 percent of
these required remediation.
Beyond the assessment and remediation of our own embedded
systems, another important part of our work was contact with
our critical service providers of energy and other critical
services such as telecommunications. They have reported to us
that they are Y2K-ready, and we have confidence in what they
tell us.
While we are pleased with our own Y2K initiative, it's
important to have backup plans in place. And as we reported to
NERC on June 30th, we cannot make absolute guarantees, of
course, because Y2K is very complex. However, we have, as part
of our readiness effort, a comprehensive contingency plan.
Contingency planning is not new to Puget Sound Energy. We have
had emergency plans in place for the 33 years that I've worked
at this company, and before.
Our comprehensive plan defines what we would think as
unlikely Y2K scenarios that could occur on any part of our
system. And part of the plan also includes detailed procedures
and plans, how we would address any misadventure that could
occur during the Y2K period.
The plan includes staffing plans. We have more than 250
people onsite throughout our company, in mission-critical areas
in our company, as well as, well before the rollover period,
we'll have our Emergency Operations Center open, as we do
during any company emergency.
Our contingency planning has also included participation in
the nationwide NERC drill on April 9th, which was a
telecommunication drill. And we will also participate in the
NERC drill on September 8th and 9th. We will be participating
in that.
Also, we have internal drills that we will conduct from now
throughout the year, as we do every year when we prepare for
wintertime.
And with that, Mr. Chairman, that concludes my remarks.
[The prepared statement of Mr. Walls follows:]
[GRAPHIC] [TIFF OMITTED] T0954.411
[GRAPHIC] [TIFF OMITTED] T0954.412
[GRAPHIC] [TIFF OMITTED] T0954.413
Mr. Horn. Thank you very much.
Mr. Ritch. Mr. Ritch is the deputy superintendent, finance
and administration branch for Seattle City Light.
Mr. Ritch. Thank you, Mr. Chairman and honorable members.
Thank you for inviting Seattle City Light to testify regarding
our utility's year 2000 readiness. I'm especially pleased to be
here, since it's another opportunity to let our customers know
that we are highly confident that our power will not be
interrupted by the transition into the year 2000.
In the way of background, Seattle City Light serves over
350,000 customers. In a typical year, we supply approximately
75 percent of our load from our own hydroelectric plants in the
northwest. Seattle City Light is the seventh largest
municipally owned utility. We are very proud that Seattle City
Light offers the lowest cost, most reliable electricity in
urban America. It is our mission to give our customers safe,
economical, reliable electric service. We take this mission
very seriously.
We have taken the Y2K rollover challenge very seriously as
well. Seattle City Light has been working to solve our Y2K
problems since 1995. In February, Seattle City Light created a
central Y2K project office to facilitate Y2K legal review,
maintain project records, and coordinate the assessment and
remediation testing and contingency planning for critical
business functions.
In order to keep track of what's critical, we broke our
business into essentially eight critical functions, half of
which involved the generation and delivery of power, the other
half involved things like billing, payroll, paying vendors,
getting materials, et cetera.
On the business application side, we have most of our work
force devoted to field operations. These are the people that
make sure that the electricity is generated, transmitted,
distributed to our customers.
To keep things running smoothly, we use many computers to
keep track of materials, schedule field crews, even enter time
sheets. Every day, over 100 different field crews head out for
work. When we went through our systems, we found that many of
these business applications could not successfully process the
year 2000 date.
We also need to provide accurate billing and account
information services to our customers. Our computer systems
generate over 10,000 bills and process over $1 million worth of
receipts every day. Early on, we determined that many of these
systems also could not get you from 1999 to 2000. These are
just two examples of how software works in basically the back
office of Seattle City Light.
I'm pleased to report that we have now completely
remediated all 16 of our mission-critical business
applications. We're now stepping through the city of Seattle's
Y2K certification process for these critical systems. And it's
important to remember that these systems do not affect our
ability to deliver power to our end customers.
On the operations side--and the BPA mentioned how important
this is--the system is very interconnected. Seattle City Light
has been working with the Western States Coordinating Council
and North American Electric Reliability Council in coordinating
our Y2K efforts.
In early May, the U.S. Department of Energy asked NERC to
assume leadership in preparing electrical utilities for the
transition to the year 2000. That was in 1998. June 30th was
the date for utilities to have remediation and testing
completed for mission-critical systems. And these systems are
things like relays, et cetera, that make sure that electricity
is delivered.
Only about 5 percent of our electric system's equipment
contain embedded systems. For example, of the 5,000 protected
relays that are used in our system, only 80 contain embedded
systems. The vast majority of our field equipment is made up of
electro-mechanical devices that pose no Y2K failure risk.
Since a lot of the work is, and I think the embedded
systems, at least for us, is one of the more difficult ones, we
also hired a consulting firm, TAVA/Beck, to go through some of
the inventorying that we did to make sure that we captured all
of the potential areas of exposure in the embedded systems
side. This would include systems at our powerhouses,
substations, communications facilities, and our system control
center. Based on their work, we are very confident that we have
found and remediated those systems that had embedded chip
issues.
As of June 30th, all mission-critical generation,
transmission and distribution equipment used in the production
and delivery of power has been tested, remediated and declared
ready for operation in the year 2000 and beyond. In the earlier
panel, you talked a little bit about supplier readiness. We did
contact over 400 of our vendors, and we got responses back from
90 percent. About half of them said they were Y2K compliant.
Another 25 percent said they would be by the end of the year.
And the other 25 percent are still trying to figure out how to
respond to us. So I think that we are experiencing similar
issues.
Just one thing about contingency planning. The nature of
the electricity business is that you have to be ready for any
kind of emergency, whether it's lightning storms, earthquakes
or fires, or what have you. We have well-established procedures
in place to make sure that the power, if it goes out, comes
back on as soon as possible.
Over the rollover period, we will have staff at our
powerhouses and system control centers and elsewhere to make
sure that things flow as smoothly as possible.
I guess, finally, we have had our program checked over by
an independent quality assurance consultant. We have had very
successful results in that, and that reinforces our confidence
that Seattle City Light's power will not be interrupted by the
transition to the next millennium. Thank you very much.
[The prepared statement of Mr. Ritch follows:]
[GRAPHIC] [TIFF OMITTED] T0954.414
[GRAPHIC] [TIFF OMITTED] T0954.415
[GRAPHIC] [TIFF OMITTED] T0954.416
[GRAPHIC] [TIFF OMITTED] T0954.417
[GRAPHIC] [TIFF OMITTED] T0954.418
[GRAPHIC] [TIFF OMITTED] T0954.419
[GRAPHIC] [TIFF OMITTED] T0954.420
Mr. Horn. Thank you.
The gentleman from Washington, Mr. McDermott.
Mr. McDermott. I just want to ask this question, because
everybody uses this term, an ``embedded system,'' as opposed to
what? What's the alternative to an embedded system?
Mr. Ritch. I guess it would be one that could be attached
to the side. No.
The term is something that at least I kind of attribute to
my technology people, and it's a chip that's embedded, if you
will, into a device that you wouldn't think of as data
processing.
So I think one of the first examples were elevators and
building control equipment. They have chips, clocks, if you
will, that regulate when things go on and off, and they get
called embedded because the device is embedded in the rest of
the equipment.
Mr. McDermott. As opposed to a computer system sitting at
somebody's desk that doesn't have a piece of software in it? Is
it software versus chip?
Mr. Ritch. You guys want to take a crack at this one?
Mr. O'Rourke. An embedded chip is a device, at BPA, for
example, that is embedded in our transmission system and sends
signals back to our control center that indicate to us the
health of that transmission line.
Mr. McDermott. Those are the problems? The embedded ones?
You don't see them, you don't have access to them, they're just
out there. Like in my car, where there's embedded systems all
through the car.
Mr. O'Rourke. They certainly are installed by design in our
transmission system. And again, that's what gives us control
information of the frequency the transmission system is
operated at, the quantity of power that's currently being
transmitted over the transmission system.
And for additional information, this is Brian Furumasu, our
technical expert at Bonneville. I'm sure he can answer the
question much more eloquently.
Mr. Furumasu. Yes, Representative McDermott. I'll give you
an example. We use relays to protect our transmission lines.
Prior to microprocessors, they were electromechanical devices,
so they had no computers at all. Coils, and it was a mechanical
device.
So more recently, within the last 10 years, we've had
microprocessors now that perform all of those same functions.
And those relays are called embedded systems.
Mr. McDermott. Thank you. Thank you, Mr. Chairman.
Mr. Horn. You're quite welcome. It's a good question. And
the Pentagon has millions of them, and that's why they're a
little delayed. And as was noted, you have it in your car, you
have it in your traffic lights, in most cases you have it in
your microwave stove that does your sandwich, and so forth. So
they're around, and they are difficult to deal with.
We now have Ms. Hoggarth. Marilyn Hoggarth is the manager
of the Washington State public affairs for the General
Telephone Co.
Ms. Hoggarth. Thank you. Well, we, as the other
organizations, have already tested our systems for Y2K
compliance as of June 30th, and our entire network is ready to
go.
We take the opportunity in what we call the maintenance
window--after midnight and before 6 a.m.--to repair and test
our systems, anyway. And during that timeframe, we've been able
to make sure that everything is Y2K compliant.
Regarding our vendors, if a vendor was not able to come up
to the bar by the time we needed to be pretested, they simply
were not our vendors anymore. We either were able to perform a
work-around, have the vendor upgrade the system, or we changed
to something else.
A good example of this, although a small and I wouldn't say
critical one, but one that's probably easy to visualize, is in
Blaine, Washington, an area that we acquired in the ConTel
merger several years ago, we had a message manager system,
which is a voice-messaging system, that simply was not fixable.
That was replaced with the GTE voice mail system. So those
kinds of decisions were made down the line on all scales of the
switching network.
We, too, will be participating in basically a dry run,
shall we say, on September 9th of this year, fully staffing our
Emergency Operations Center. That will also be fully staffed on
December 31st and into January 1st of next year.
Our Y2K efforts will not end with January 1st. We'll
continue operating that office for several weeks after that,
and we'll just have to see how it goes. We're confident that
the system will work correctly.
Our biggest challenge is to continue to communicate to the
public the difference or the demarcation between the public
switch network and telephone terminal equipment that sits on
someone's desk or in their home.
Any telephone that has date and time sensitivity could be
susceptible to Y2K problems. We have set up 800 number hot
lines, websites, those types of things, lots of ways for
customers to contact us regarding their specific situation. In
the case of our major accounts, and this includes the 911
centers that we serve, those will receive individual attention
from account managers.
On a broader basis, we're, of course, doing press releases,
issuing public information, doing bill inserts--it's
questionable how many people read their bill inserts, but we
try; it's one way to get ahold of everyone--to let them know
that they have responsibility for the telephone equipment
that's sitting in their home and business.
Now, some customers are savvy to the fact that there is a
difference between the public switch network and many are not.
They still think of the telephone system as being one
contiguous, end-to-end system, not understanding the whole
concept of deregulation there.
The public switched network, being our responsibility, is
ready. We do tell people to check with whoever the vendor is
for their telephone equipment, and that may not be GTE in many
cases. So there is the potential there for a breakdown of the
system. If someone has an older PBX, for instance, one of the
big switchboards, that type of thing, that we don't maintain,
we don't have responsibility for that specifically, and we have
been communicating to our customers that they then must check
with their vendor for that piece of equipment.
As far as compliance on an international basis, GTE had a
role in the Year 2000 Forum in late 1998. We cosponsored the
first major Y2K international government and business meeting
in London. It was called the Global Year 2000 Summit.
And in connection with the Summit, GTE also hosted a half-
day working session dedicated to interoperability testing for
other participants. That's for telecommunications networks and
systems that will work into the year 2000.
Being an international company, we, of course, have
concerns about how everyone will interoperate with
telecommunication systems and other companies. I can't speak
for their preparedness.
We feel, domestically, that the telephone networks are in
good shape, that there should not be a problem there. We
certainly expect to have commercial power, but in the instance
of not having commercial power, just as we would in any storm
situation, we have backup generators in all of our switching
offices that have a fuel supply that can keep them going for
several days, and, as you'd mentioned before, treat this like
it's a bad storm scenario. That is the preparation we're making
on that level.
As the manager of our emergency operation center pointed
out as he was preparing to staff the center for New Year's Eve,
we will have the opportunity to watch the news from across the
world and the Nation. And being on the West Coast, should there
be anything serious happening on the East Coast, we at least
have a few hours to do something about it. Not that we
anticipate having to do that, but that is perhaps the luck of
the draw for us out here on the West Coast.
We feel we've anticipated everything, but should there be a
gremlin out there that we have not anticipated, we're able to
watch what happens to the East Coast first.
[The prepared statement of Ms. Hoggarth follows:]
[GRAPHIC] [TIFF OMITTED] T0954.421
[GRAPHIC] [TIFF OMITTED] T0954.422
[GRAPHIC] [TIFF OMITTED] T0954.423
[GRAPHIC] [TIFF OMITTED] T0954.424
[GRAPHIC] [TIFF OMITTED] T0954.425
Mr. Horn. Thank you very much.
And next is Dave Hilmoe, the division director of a very
important resource that we all need. Maybe we can do without
electricity for a while, but you can't do without water. And
he's in the Water Quality Supply Division of the Seattle Public
Utilities. Mr. Hilmoe.
Mr. Hilmoe. Thank you, Mr. Chairman. Marty Chakoian, who
was on the previous panel, is actually originally the Seattle
Public Utilities Y2K director. He was doing such a good job for
us in Y2K preparedness that he was asked to lead the city
effort. We hope he's going to come back to us here in another
year or so. He's covered a lot of the technology issues and
city-wide issues, and so I've got a bit more of an operational
focus.
I'm pleased to be here today to tell this committee and our
customers that all of our core services--water supply,
drainage, wastewater conveyance and solid waste removal--will
be ready for the next millennium.
SPU began work on Y2K in 1996. Our Information Technology
Division initiated organizational awareness, inventory,
assessment and remediation projects. We realize Y2K could have
been a serious business continuity issue, but through hard work
and intense investigation, we can now say that Y2K is little
direct threat to our ability to deliver core services that are
essential to our customers.
SPU serves 1.3 million customers, about half directly in
the city of Seattle and half through wholesale districts.
Geography and simple technology are the reasons why SPU has
low inherent risk from Y2K disruptions. The Seattle water
system, although large, is a very simple, redundant, and
primarily gravity-fed system. Our main water supplies come from
the western slopes of the Cascade Mountains. On average, over
80 percent of the water we supply reaches our direct service
customers without any pumping.
We have minimal use of Y2K-vulnerable technology. Our water
system monitoring and control consists of mostly older
technology, with a heavy reliance on human decisionmaking.
That said, let me give you a few specific examples of what
we've done to get ready. We upgraded our current water supply
monitoring and control system to a Y2K-compliant version
earlier this year. We reviewed all of our supply and treatment-
related embedded systems, and replaced those that were not
compliant. And we remediated all critical business
applications.
We needed to hire an outside contractor to complete and
test the one water Y2K-related project that we could not
complete on time and with our own staff. We are contacting all
of our critical suppliers to reduce risk of service disruption.
For example, an adequate stock of disinfection chemicals is
going to be on hand, so we have no concerns about
transportation or production disruptions.
Our experience with multiple-day power outages at our main
treatment plants during the 1993 inaugural day storm, and our
experience with other emergencies have supported the creation
of detailed, Y2K-specific contingency plans. And the keys to
those plans are reliable backup communications, trained staff
that are either on duty or on standby during the Y2K boundary
period, and the availability of backup equipment.
We are purchasing additional equipment to remove dependency
on electricity for water service areas that cannot be gravity
fed. We have very high confidence in City Light and Puget
Power. This is part of our plan.
Our water supply contingency plans have been tested and
refined with two tabletop exercises, and those plans will be
integrated now with an additional department-wide testing
exercise in September, and a city-wide contingency plan test in
October.
The story for drainage and wastewater is similar. Our
system is relatively simple. Runoff and sewage primarily flows
by gravity from customers to intake points on King County
Metro's trunk sewer line and the treatment plant. Where gravity
doesn't do the work, we use lift stations.
Critical stations already have backup power. The monitoring
system for the 72 lift stations was determined to have a Y2K
issue, and is being replaced with a new central system.
Solid waste services have been reviewed for issues related
to heavy equipment, contracts for collection and long-haul
trucking. Scale house software systems have been upgraded.
Readiness of the industrial trash compactors has been assured,
and landfill management systems have been addressed. Again,
prior experience and existing emergency operations plans have
supported development of specific Y2K contingency plans.
We have provided our customers with information on Y2K
readiness directly in bill inserts, a webpage, and
presentations to community groups--those are going to
accelerate here toward the end of the year--and indirectly via
reporting to the city of Seattle, State of Washington, and
utility associations. And we've been responding to local media
requests also in a full and timely fashion.
In short, Seattle Public Utilities is ready for Y2K. We
have made our very best efforts to ensure that quality drinking
water will continue to flow, and drainage, sewer and solid
waste services will all continue to work as usual.
Thank you, again, for the opportunity to testify.
[The prepared statement of Mr. Hilmoe follows:]
[GRAPHIC] [TIFF OMITTED] T0954.426
[GRAPHIC] [TIFF OMITTED] T0954.427
[GRAPHIC] [TIFF OMITTED] T0954.428
[GRAPHIC] [TIFF OMITTED] T0954.429
Mr. Horn. Well, thank you. Water is key.
Brad Cummings, Y2K program manager with the University of
Washington Academic Medical Centers. Mr. Cummings.
Mr. Cummings. Chairman Horn, thank you for this opportunity
to give you the latest information on our year 2000 preparation
activities. Again, I'm Brad Cummings. I represent the
University of Washington Academic Medical Centers, which
includes the University of Washington Medical Center and
Harborview Medical Center.
I'm also accompanied today by Tom Martin, who is the
Medical Centers' Director of Information Systems and Chief
Information Officer, and Chris Martin, who is Harborview's
Administrative Director for Emergency Services.
The objective of the Medical Centers' year 2000 effort is
to continue to provide vital services to our patients
throughout the Y2K rollover period. As two of the largest
hospitals in the Puget Sound area, we recognize the vital role
we play in the lives of area citizens, and we have committed
significant resources to reduce our exposure to the risk and
disruption due to year 2000 issues.
We recognize Y2K as not purely a technical problem, but
also a risk mitigation and business issue, with an approach to
match.
As referenced earlier, our efforts have been regularly
monitored by the State of Washington risk assessment review
process, which have helped us to further improve our Y2K
procedures.
I've been in this role for 2 years. I am pleased to report
on the progress and share information about our overall
preparedness.
At this point, 90 percent of our computer systems are now
determined to be Y2K compliant, and 100 percent of all systems
with the highest priority are Y2K compliant. The remaining
computer systems work consists of lower priority items, and we
expect to complete that work by September 30th.
Our clinical engineering directors are in the process of
completing a major and successful effort to inventory and
assess the over 6,000 medical devices on hand at each medical
center. Currently, less than 1 percent of those devices are not
yet classified as Y2K compliant, and we are upgrading or
replacing those devices as soon as they become available from
their respective vendors.
Any device that is still not considered Y2K compliant by
December will be removed from service at the hospital and
alternative procedures will be followed.
Our hospital facilities' systems are all determined to be
Y2K compliant at this point. Those include heating,
ventilation, air conditioning, security systems, fire alarm
systems, and the system to deliver water, steam, and medical
gases to where they are needed.
As hospitals, we are also required for our accreditation
and licensing to be capable of functioning independently of
electrical utility power. So in the unlikely event that power
is disrupted, we will have emergency power generators and we
will continue to be able to operate vital services at each
hospital.
We have recently completed tests at both hospitals in which
the regular utility power was shut off. Emergency generator
power successfully took over within seconds, allowing the staff
to provide vital services and to experience just how the
hospital would function under such circumstances.
The Y2K contingency planning we have done has also proved
worthwhile in assessing our preparation for other potential
emergencies, such as an earthquake.
Although we feel confident in our overall preparedness for
Y2K, the reality is that nobody knows for certain what exactly
will take place on New Year's Eve, and, as is everyone, we are
somewhat dependent on events outside of our direct control.
So we have taken a significant contingency planning effort,
using our existing emergency preparedness procedures as the
foundation. This includes not only identifying work-arounds in
the event that systems or devices are not operating correctly,
but we are arranging to have increased staffing on hand over
the Y2K rollover period.
Our intent is to have both hospitals' Administrative
Command Centers operational on New Year's Eve, and to also
closely coordinate with the State and county Emergency
Operation Centers to monitor and assess the Y2K situation as it
develops.
We are emphasizing to all medical center employees the
important relationship between their preparedness at home and
their ability to report to work and help maintain full
operation of our hospitals.
We are also confident in the area of regional collaboration
toward Y2K, particularly among hospitals. Traditionally,
regional hospitals have worked together in time of emergency to
share needed supplies, take patients if necessary, and perform
other steps as required to ensure the continuation of patient
care. We have been working closely with the Washington State
Hospital Association on Y2K as part of their existing emergency
preparation activities. The year 2000 issue lends itself well
to collaboration among hospitals, and we see that as another
risk mitigation step available to us as necessary.
Finally, it is important to remember that health care
services can be provided in a low-tech environment if
absolutely necessary. The service may not be as efficient as
far as the utilization of hospital staff, and it may complicate
billing and collection of payment, but health care is still
ultimately provided by skilled professionals who are trained to
provide that care even in the absence of high-tech equipment.
The concept of triage is also fundamental, and the medical
centers are staffed with professionals who are trained and
prepared to allocate potentially scarce hospital resources to
the patients who are most in need. In the event that Y2K events
disrupt the hospitals, patients will be triaged appropriately
to provide the best overall allocation of service the medical
centers can provide.
In conclusion, I continue to be impressed with the degree
of commitment shown by all levels of the medical centers'
personnel, supported by the highest level of administration,
for addressing the Y2K issue head-on. And I believe that the
University of Washington Academic Medical Center is providing
leadership in this area.
If citizens need to be in the hospital over the New Year's
period, they can feel fully confident that Harborview and UW
Medical Center will, as always, be able to serve whatever vital
needs they have. That concludes our remarks.
Mr. Horn. Well, thank you very much, Mr. Cummings.
Let's start with the question I asked the last panel on the
management side. If you had to do it over, what have you
learned from the management side and when would you have done
something else?
Mr. Cummings. I think that the earlier you start Y2K, the
better. However, it's important to keep focused on Y2K. I think
the contingency planning effort has been vital in this step,
looking at how we would operate things if they're not
available. And that's been extremely valuable.
I don't think that I would change significantly what we've
done as a result of going through this the first time, but I
think that, overall, our approach has been good.
Mr. Horn. Mr. Hilmoe.
Mr. Hilmoe. Marty Chakoian covered some of that on the last
panel. I'd say that starting contingency planning a little bit
earlier would have been of some benefit to us for Y2K. We've
got an active plan right now, which allowed us to refine that
not only for Y2K, but also for other emergencies that we may
see here in the Northwest.
Mr. Horn. Ms. Hoggarth.
Ms. Hoggarth. I would say, from preparation of the network
perspective, there wouldn't be anything that we would do
differently.
However, you can never have too much public information. As
I mentioned before, there will, of course, be people who
overreact to the whole Y2K concept, or some that simply choose
not to read the information that we've sent them.
Of course, we're prepared for those contingencies, but that
would be the one thing that I would suppose you could do more
of, but at some point you're at the point of no return.
Mr. Horn. Mr. Ritch.
Mr. Ritch. I think that we would try to get ownership of
the problem from the operations people a little bit sooner to
get at these embedded systems. It's easy to see where the PCs
are. It's a little bit harder to see where some of these other
chips might be. So that's one thing.
The other thing, I think, would be to think of this more as
an opportunity to talk to your customers and come up with a
little better communication strategy for public information.
Mr. Horn. Mr. Walls, anything you'd do differently?
Mr. Walls. I don't think we would. We started off using a
consulting firm that had been through this once or twice
before. Along the way, we continued to talk with other
utilities up and down the west coast on what worked for them
and what didn't.
However, it did seem like it would have been nice to inject
somewhat more time in the process. Even though we think we
started in time, it's an enormous project. And I don't think we
would change much, if anything.
Mr. Horn. Mr. O'Rourke.
Mr. O'Rourke. I'd echo my colleagues. I don't think we
would change our program significantly, but given Bonneville
Power Administration's public responsibility, I think we
probably could have executed a public information campaign much
earlier to give the status of what we have accomplished and get
the facts out in the public arena.
Mr. Horn. Since Bonneville is statewide, I'd like to know
from each of you the degree, if you have any, of rural
customers as opposed to urban. And is there a special problem
there in terms of reaching the needs of rural customers as
opposed to simply urban, narrow-density, high-density living
and this kind of thing?
What about it, Mr. O'Rourke.
Mr. O'Rourke. Our wholesale customers are comprised of
metropolitan areas, rural co-ops. And what we have found is, in
the rural environments of the Pacific Northwest, there's far
less technology that would compromise distribution of
electricity.
Mr. Horn. Mr. Walls? Any rural customers to worry about? Is
there a difference in readiness between the rural and the urban
customer?
Mr. Walls. Not at all. The process we use in downtown
Bellevue is the same process used in rural Yelm. Same seven-
step process of checking every device to ensure that it's
ready. There was no difference in the way that we looked at our
customers.
Mr. Horn. Mr. Ritch.
Mr. Ritch. All of our customers are in the greater Seattle
area.
Mr. Horn. Ms. Hoggarth.
Ms. Hoggarth. We do have a large number of rural customers.
However, our network has been 100 percent digital since
September of last year, so there's no difference for the rural
customer and the urban one.
Mr. Horn. Mr. Hilmoe.
Mr. Hilmoe. We service 26 wholesale districts, primarily in
the urban area. Some of them are a bit more rural, some of them
are relatively small, and we've got active communication with
all of those customers just to make sure that any
interdependencies are covered.
Mr. Horn. Mr. Cummings.
Mr. Cummings. Although our patients come from a multistate
area, all of our services are provided here in the greater
Seattle area.
Mr. Horn. Let me ask my colleague from the State of
Washington, Mr. McDermott, if he has some questions.
Mr. McDermott. Just one sort of personal question after
listening to all of this. You say, Ms. Hoggarth, that what sits
on my table at home is mine, that you have no responsibility
for it. So that means that that AT&T answering machine that I
bought 10 years ago is compliant or not compliant? What's going
to happen to me?
Ms. Hoggarth. Well, you need to check with your vendor. And
that is our big message. And we do have a GTE Phone Mart at
Alderwood.
Mr. McDermott. But if it simply says to me that on January
2, 1900, Charlie Johnson called me and left the following
message, I'm going to get the message, or I'm not going to get
the message, or will the phone ring?
Ms. Hoggarth. Well, that depends. The different types of
equipment that are out there are so varied that that is why
we're taking the position that you do need to check with
whoever provided that to you. If it's an AT&T system, then
they, I assume, have an 800 number, as we do. We've also
provided some 800 numbers, fax numbers, websites here, where
you can contact us with specific questions about your equipment
that we will try to answer from our Y2K office in Dallas. If it
is, though, something that was provided directly from AT&T, for
instance, we would refer you back to them.
Time and date sensitivity, it's so varied from one
telephone to the next. If you're simply looking at the basic
phone with no caller ID, no date of any kind on it, nothing
like that, you don't have to worry. But if you're looking at
something that has the built-in features, like the caller ID
phones and answering machine, those kinds of things, there is
cause for concern, but I couldn't answer for the other vendors.
Mr. McDermott. So what you're really saying is that
everybody should open their bill and read everything in there,
including how much they had to pay this month?
Ms. Hoggarth. At least for the rest of the year.
Mr. McDermott. At least for the rest of the year. OK. Thank
you. Thank you, Mr. Chairman.
Mr. Horn. Here's an interesting one. And I ask all of you
this, because it's been a major worry, nationally. Have you
tested compliant systems with noncompliant systems? And if so,
will the old data corrupt the year 2000 remediated data? What
degree has that test gone on?
Mr. Cummings. In some sense, it doesn't make sense to test
compliant systems with noncompliant systems. The assumption is
they're going to be compliant.
The answer is: it is possible to have corrupt data from
noncompliant systems interface with compliant systems and cause
problems. What you're doing is looking to isolate yourself from
the noncompliant data.
Again, nobody is completely independent. We all interface
with different people. That's why it's so important to stay in
contact with all of your interface partners to make sure that
the data that you are getting is going to be compliant.
Mr. Horn. How about it, Mr. Hilmoe.
Mr. Hilmoe. You're asking a civil engineer here, so I need
to get our technology person up here to answer that one.
Mr. Horn. As a verification or testing system, did you try
noncompliant data? Because that's what we've been told from day
one in 1996 when we got into this, is that even if we
remediated the code, and that with people abroad, especially in
developing nations, that that might pollute our work. And I
don't know.
If you've got somebody, great. Let them identify themselves
and title of their job.
Mr. Deane. My name is Thatcher Deane. I'm the Y2K
coordinator for Seattle Public Utilities.
Mr. Horn. Just so we've got the name straight--we've got a
reporter here that's going to have to translate all this--so
spell it out for me.
Mr. Deane. It's Thatcher, T-H-A-T-C-H-E-R, last name is
Deane, D-E-A-N-E.
Mr. Horn. Very good.
Mr. Deane. And I would actually answer the question this
way and say that Y2K is not a computer virus. We're not talking
about infection of a compliant system by a noncompliant system.
We're talking about the interfaces. And yes, we are looking at
all of our interfaces related to our systems.
Mr. Horn. That's very helpful. Ms. Hoggarth.
Ms. Hoggarth. I'll call on Dennis Smith, one of our local
managers.
Mr. Horn. Mr. Dennis Smith. And what is your title with
GTE?
Mr. Smith. I'm the area manager for network operations.
As far as testing compliant and noncompliant systems, I
would agree with the gentleman on the end there that we really
don't--it is kind of a non-issue, testing compliant with
noncompliant.
Mr. Horn. Well, will noncompliant data lead to difficulties
with those codes that you've already remediated? Does that
cause you to go backward or what?
Mr. Smith. I suppose that--and I can't accurately answer
that question.
Mr. Horn. In other words, you haven't tried to add corrupt
data that hasn't been remediated into your system that has
been?
Mr. Smith. We would try to isolate one from the other.
Mr. Horn. OK. Well, that's wonderful if you can know it,
but a lot of people are going to connect somehow that don't
know it. So I just wondered what type of defenses do you put up
in a system like that?
Mr. Smith. I just don't know that I can accurately answer
that question.
Ms. Hoggarth. I would say from our perspective that once
someone tries to hit the public switch network, say, with a
telephone that's not compliant, the phone itself isn't going to
work, so they're never going to get access going back inbound
into the switching network.
As far as our old data on customer records, those types of
things, those have all been updated to new systems over the
last 4 years. So on an outbound calling basis--we're on a
network provisioning basis--we don't have the corrupted data in
the network. So to that degree, we're isolated from it.
Mr. Horn. Thank you. Mr. Ritch.
Mr. Ritch. I guess I don't think that I can add much to
what Thatcher Deane said about going through all of our
interfaces, hand systems, and how they talk to each other to
make sure that all of those things are compliant. And in our
case, we could make a decision to leave something noncompliant,
but that would mean, at least in my view, that we'd stop using
it and we would take that system and toss it. So I don't think
it's much of an issue, either.
Mr. Horn. Mr. Walls.
Mr. Walls. During our remediation, for example, on our
energy management systems, those systems that manage our
transmission and generation system, anything that that connects
to, any system that that's integrated with they would test as
an overall system.
Literally, Congressman, there are hundreds of tests one
will do on each one of these systems to ensure. And like the
others, I've looked at the tests, but I don't recall us
transporting corrupted data into those systems, because
everything we integrate with is compliant or Y2K-ready at this
time.
Mr. Horn. Mr. O'Rourke.
Mr. O'Rourke. Congressman, a key component of our Y2K
program was to migrate all of the information that was
maintained in our older systems to Y2K-ready systems. So again,
to echo some of my colleagues here, it became a nonissue.
Mr. Horn. Mr. Walls, a person in the audience has a
question for you, and it says: did you check the embedded chips
in each device, or did you just check one of the devices and
assume the others with some model number, et cetera, were OK,
or did you just ask the vendor?
Mr. Walls. We did a number of things. Obviously, in a power
system where we have 800,000 electric customers with their
electronic meters, we did not test all 800,000 meters.
What we did in all areas, whether they're protective
relays, metering devices, fault recorders, whatever that device
might be, we took a representative example of those devices and
then conducted the test.
In some situations, we isolated whole sections of our
transmission or generation system and tested a community of
devices in an integrated test. So we did not test every device,
but we tested enough in each one of the releases and revisions
to ensure that we were confident we were Y2K-ready.
Mr. Horn. Mr. Cummings, this is directed to you by a member
of the audience, and it's an interesting problem that we face
nationwide, and that's prescription drugs. Many are imported.
What is being done to stockpile imported medications if our
foreign suppliers cannot provide them because of their own Y2K
problems? An example is Denmark, which provides one-half of the
insulin used by diabetics in the United States.
Mr. Cummings. That's a very good question. We are looking
at all of our supplies, including pharmaceuticals, really on an
item-by-item basis, to identify the risk associated with each
one, and looking at it on a vendor-by-vendor basis as well.
As I mentioned before, traditionally, hospitals have been
very collaborative as far as sharing scarce supplies. We are in
close contact with the pharmaceutical community, with the
vendors and with manufacturers, and we are relying on the
information they're providing us.
The reality is that there is definitely some risk,
especially as we get outside of the United States. I think I
would agree with some of the earlier comments that the United
States is better prepared than any other country. Again, we're
looking at that as, what are alternatives to different drugs.
And that's a challenging question.
Mr. Horn. Thank you. Mr. Willemssen, do you have any sum-up
based on this panel? Give the gentleman a live microphone. It's
taped with cement to the carpet.
Mr. Willemssen. One comment. On the question that was
raised about data exchanges, and one system being compliant and
one system not, let me throw out a different scenario.
Two systems are compliant, according to the organizations.
One was compliant due to expanding the date field. The other
one was compliant due to a windowing technique that was used.
Even though each of those organizations view their systems as
compliant, when the data exchange occurs, if it hasn't been
adequately tested and addressed for those differing data
streams, it won't work properly, and there is the risk of
corrupted data.
So going beyond the example that was posed in the question,
we even have a problem where one organization says it's
compliant and another one does, but unless they've tested that
data exchange, you don't know from one end to the other whether
it will work as intended.
Mr. Horn. Thank you. That's very helpful.
Well, we're going to move on now. We thank each of you. And
we're going to have panel 3: Willie Aikens, the director of
companywide process and strategy, the Boeing Co.; Don Jones,
director of year 2000 readiness at Microsoft; Joan Enticknap,
executive vice president, Seafirst Bank, a Bank of America
company; William Jordan, deputy superintendent of public
instruction, State of Washington; Rich Bergeon, consultant,
NueVue International, Audit 2000.
If you and your staff that might make a written or oral
statement would stand up and raise your right hands. And we
have three staff members and five witnesses.
[Witnesses sworn.]
Mr. Horn. The clerk will note all of them affirmed.
And we'll start with Mr. Aikens, the director of
companywide process and strategy for the Boeing Co.
STATEMENTS OF WILLIE AIKENS, DIRECTOR, COMPANYWIDE PROCESS AND
STRATEGY, THE BOEING CO.; DON JONES, DIRECTOR OF YEAR 2000
READINESS, MICROSOFT CORP.; JOAN ENTICKNAP, EXECUTIVE VICE
PRESIDENT, SEAFIRST BANK; WILLIAM JORDAN, DEPUTY SUPERINTENDENT
OF PUBLIC INSTRUCTION, STATE OF WASHINGTON; AND RICH BERGEON,
CONSULTANT, NUEVUE INTERNATIONAL, LLC, AUDIT 2000
Mr. Aikens. Mr. Chairman, the Boeing Co. is excited that
you are holding this conference. We are very, very pleased to
share the status of where the Boeing Co. is, and to provide any
information to the public that would make this challenge less.
As you'll notice to your right, the Boeing Co. is not an
island. This is a world challenge. We have customers in 145
countries, and we operate in 27 States in this country. So my
challenge is very easy: all I have to do is keep those 27
States ready for Y2K. And I relish this challenge.
Now, we started, at the Boeing Co., in 1993. We recognized
this problem early. Our CEO, Phil Condit, and his staff, were
involved.
We report to our board every 2 months. And this has been
going on for the last 2\1/2\ years. My boss, the CIO, the chief
information officer, is responsible for this whole challenge.
And I look at this on a daily basis with all of our operating
groups.
Now, this is not a new problem, and this is not a separate
problem. This is a sustaining, day-to-day situation, and you
don't need a brand-new organization to conquer this challenge.
And as you will see in some of my charts, this is the way we
treated it.
Each operating group must conquer this challenge. It's not
something where you can put up a Taj Mahal and say, ``All
right, you will pull the strings.'' I just happen to be the
program manager, with some program managers in each of our
operating groups.
This is the situation. In 1998, we remediated all of our
systems. And in 1999--this is what we're all about--they were
ready in 1998, and the 1999 challenge was to put them back in
production. That's what the problem is here. 98 percent of
those are back in production, and the 2 percent are not
material; they're being replaced before September 30th.
Now, the key is that we have done, from a business
standpoint, scenario testing; i.e., in the Boeing Co., we need
to follow the money. So we start with our customers, and we
reversed the sequence on processes and systems. And we'll be
talking that on my presentation. We're not counting critical
computing systems. They are only tools in our process.
And once you look at the scenario testing with the partners
and suppliers, then you'll know if you need to have a critical
system with a contingency plan. Every system doesn't need a
contingency plan. The critical system that might break does.
As you can see, we've followed the normal process of
looking at everything, finding it, fixing it, putting it back
into production. When you talk Y2K, if you look at the
applications, well, we have many applications. They are all
back in production. But you don't just concentrate--I need a
dial tone--on computers, but I also have to look at things that
are outside of my control, and those are the suppliers.
And more importantly--and I won't go through all of these--
here is the embedded we've been talking about. These are the
product embedded. They're not all equal, but in order to do the
Y2K challenge, you need to look at all of these activities,
with desktops being the lowest priority. We can always do
those. But those are the things that are in my company.
So it boils down to contingency planning. And we talk
contingency planning not as an item, but you're looking at
rollover and what happens after we cover it.
We profusely took GAO's information and we made sure that
we used that guideline. Now we're into making sure that the
other people are doing what they should do at our sites.
And as outreach, we've been working at this for the last 4
years. We've been to London, New York, Washington. We've had
every meeting with the FAA, and we've had the industries, and
also we put the biggest armada of customers, 330, in Seattle.
Now, I could give you more, but you've only given me 5
minutes. For the last 20 seconds, Mr. Chairman and
Congresswoman Dunn and counsel, I'd like to take you on a 20-
second ride with our chairman, Alan Mulally, who sat in our 737
and looked at whether or not we were ready.
We set the clock back to 11:30 on December 31st. And I'd
like for you to put on your safety belts, and let's roll.
[Videotape is played.]
Mr. Aikens. There are no safety-of-flight issues with our
airplane. And I invite you to look at our website, because John
Koskinen asked us to put up a website so the small to medium-
sized businesses could profit. And if you look at our website,
that's exactly what we have done.
[The prepared statement of Mr. Aikens follows:]
[GRAPHIC] [TIFF OMITTED] T0954.430
[GRAPHIC] [TIFF OMITTED] T0954.431
[GRAPHIC] [TIFF OMITTED] T0954.432
Mr. Horn. That's very helpful. I agree with the Minister of
China, that when Mr. Shuster, chairman of our Transportation
Committee on which I serve, went over there, and he said, ``No
Boeing, no going.''
Now, why some of their cousins are getting an Airbus, I'm
wound up on that subject this week. So we'll see what happens.
Anyhow, let us go on now to Mr. Jones, who is the director
of the year 2000 readiness at Microsoft. Glad to have you here.
Mr. Jones. Mr. Chairman, on behalf of Microsoft, Bill
Gates, and Steve Ballmer, thank you for inviting us to testify.
In addition, we'd like to thank you for your passage and
support of the Information Readiness and Disclosure Act, as
well as the recently passed Y2K Act.
My remarks today center around four key areas. The first is
Y2K and the personal computer, followed by Microsoft's efforts
in three areas, internal readiness, product readiness, and
customer readiness.
As the year 2000 relates to the personal computer, there is
some good news. The PC was always designed to support four-
digit dates. There is no two-digit date usage within the PC in
Microsoft software.
There's been a lot of discussion today about compliance
definitions. What we've determined is the compliance
definitions globally have many different meanings, and they
vary within the United States, even by agency. This makes it
very hard for an organization to declare compliance. We've
applied a set of compliance criteria to our products, and I'll
discuss that later. What we're seeing as far as customers and
government and where they're at now with the year 2000
programs: most have moved on from requesting product
information from Microsoft to really focusing on contingency
planning with Microsoft as a vendor. We'll be there for them
should they have any issues come January 1, 2000.
We've seen inadequate work to date in contingency planning,
both within the government sector as well as in small and
medium businesses, and finally enterprises.
One concern that we do have is some economic data that's
beginning to become apparent, and that's that about three-
tenths of 1 percent of the GDP will move into 1999 from the
year 2000. That means companies are going to stockpile at least
a percentage of their raw materials preparing for the year
2000. This could cause a downturn in earnings across corporate
America in the first quarter of the calendar year 2000.
Microsoft's year 2000 program has three facets: customer
preparedness, product readiness, and internal preparedness.
On the customer preparedness front, there was discussion
earlier today about quelling the masses as it relates to
hysteria with respect to Y2K. We've launched a consumer
campaign which will contact 60 million users of Microsoft
products across the globe. According to the Postal Service,
this could be the largest mailing, ever, beyond tax forms.
We've developed a program which encompasses what the year
2000 challenge is and made it very simple for our end users,
our customers, essentially being hardware, software and data.
With respect to hardware, contact your PC manufacturer; with
software, we've got a great website, as do the other software
manufacturers; and finally, data, and that's converting your
two-digit date data to four-digit date data.
Of note in the customer preparedness area, all Microsoft
information, resources and tools are free as it relates to the
year 2000, as is our customer support or dial-in lines. To
quantify that for the committee, we expect to ship
approximately 18 million resource CDs globally, which equates
to about the same number of CDs we shipped of Windows '95.
Our internal effort consists of about 300 or so people in
development, and about 3,000 overall in supporting our
customers. On the product preparedness front, we've tested
3,200 products to date. Of those, 98 percent are compliant. Of
note, the panel members who presented to you earlier today have
all been testing Microsoft products as well. We feel this is
the largest industry testing effort, ever. And to date, we've
had exactly one customer-reported bug as it relates to
Microsoft products.
On our website utilization, we have three: a consumer
website designed for the average home user or small business;
an IT pro website designed for enterprise customers and large
businesses; and finally, a developer website, designed for
people using Microsoft development tools to build applications.
We've experienced approximately 10 million unique users to
these three websites in the last year. We've delivered 45
million page views of information.
Of note, we're seeing dramatic increases in the last three
months of small businesses and consumers returning to us for
information resources. That increase has been on the order of
about 107 percent per month, month over month, for the last
three months. We think this is excellent news, and it goes to
demonstrate the great work being done by the SDA and the
industry in rallying consumer awareness for the year 2000.
As it relates to internal preparedness, our definition of
being prepared internally is: no impact on operations. We have
the ability to develop and distribute patches and resolve
customer issues with or without power. We have battery backup
and generator backup to our product support services locations
globally.
One thing I do want to close with--I understand I've got 30
seconds left or so--one issue that keeps us awake at night is
the concept of malicious viruses being launched on or about the
year 2000. To date, we've had seven that have been instigated
that looked like they were launched from Microsoft, which, in
fact, weren't. We're working with the Federal Bureau of
Investigation to find the perpetrators of those and to bring
them to justice.
But clearly, we think the year 2000 is an opportunity for
hackers to develop viruses and launch them either at the turn
of the millennium or in the new millennium. And that concludes
my comments. Thank you.
Mr. Horn. Thank you very much. That's helpful. And I'm glad
to say the perpetrators have been nailed.
Joan Enticknap is the executive vice president, Seafirst
Bank, and you're now a Bank of America company. Welcome. It's a
great bank.
Ms. Enticknap. Thank you. Thank you, Chairman Horn and
Congresswoman Dunn, for this opportunity to testify on the
important issue of year 2000 preparedness. My name is Joan
Enticknap, and I am the manager of Commercial Banking for
Washington and Idaho for Seafirst Bank, a Bank of America
company. I am also responsible for year 2000 preparedness for
the Northwest region.
Seafirst has been serving customers in Washington State for
129 years, and is Washington State's largest commercial bank.
Bank of America, with $614 billion in assets, is the
largest bank in the United States. And the company serves more
than 30 million households and over 2 million businesses,
offering customers the largest and most convenient delivery
network.
I am pleased to be here today and to share with you the
plans our company has put in place to make the year 2000 date
change a non-event for our customers.
The banking industry is squarely in the center of attention
because of its critical role in our national infrastructure and
the role it plays in how our communities perceive and
ultimately react to the date change.
I am proud to say that the financial services industry has
been recognized as a leader in year 2000 preparedness. As one
example, the GartnerGroup, a technology research and consulting
group, has stated that the financial services industry leads
all other industries in preparedness.
Our various regulators are closely monitoring the banking
industry's relative strength and readiness in its preparations.
Our industry is being monitored by the President's Council on
Year 2000 Conversion, and our industry's state of readiness is
a matter of public record and can be found at any number of
regulatory websites.
As a federally chartered and federally insured bank, we are
held to rigorous oversight by the Office of the Comptroller of
the Currency, the Federal Deposit Insurance Corporation, and
the Board of Governors of the Federal Reserve.
At Bank of America, our goal is to thoroughly prepare our
company and its subsidiaries for year 2000, and make the date
change a non-event for our customers. As part of the Bank of
America organization, Seafirst Bank has been an active
participant in these efforts.
Through its predecessor organizations, NationsBank Corp.
and BankAmerica Corporation, Bank of America began addressing
the year 2000 in 1995. Through the second quarter of 1999, we
have spent approximately $477 million on year 2000
preparations, and more than 3,000 people have worked on the
project.
Our approach included four phases. The first phase,
analysis, required us to inventory our software and systems,
including over 4,400 systems and projects that needed analysis
and possible modification.
The second phase, remediation, involved replacing,
modifying, or retiring appropriate components as identified
during the analysis phase. We were substantially complete at
the end of 1998 with that process.
The third phase is testing, which assesses whether our
systems identify and process dates accurately. This involves
testing the links between our internal systems as well as
testing interconnections between our systems and systems
outside the bank. By itself, testing has made up over half of
our year 2000 efforts.
The fourth phase is compliance. In the compliance phase, we
internally certify that systems, projects and infrastructure
are ready for year 2000, and we implement processes to ensure
that these systems, projects and infrastructure will continue
to identify and process dates accurately through the year 2000
and thereafter.
We have successfully met our year 2000 deadline of June 30,
1999, for testing key processes and technology, and have met
all Federal regulatory requirements. With this major
achievement, we are ready for January 1, 2000.
Now that we are ready for 2000, we are devoting
considerable effort to maintaining that status. We are also
devoting considerable effort to addressing and monitoring the
status of our 13,000 vendors.
Another important part of our process, which you've heard a
lot about today, is business continuity planning. We have built
on our experience of continuity planning, and we've dealt with
continuity plans routinely in a company of this size. We're
refining and testing our existing continuity plans to ensure
that we will continue to serve customers in case of any
incidents related to the date change.
Beyond that, we think communication will play a key role in
how our customers and associates and our communities respond to
change. Therefore, we're regularly communicating with our
consumers, corporate and commercial customers, and that
includes suggested steps to our consumers on how they can
prepare for year 2000.
As I stated earlier, our goal is to make the date change a
non-event for our customers. Just as we do today, we will
maintain the safety, security, and accuracy of customer
accounts and account records through the millennium and beyond.
We are aware, however, that a number of organizations and
individuals are recommending that consumers take some or all of
their money out of the bank. We encourage customers to
seriously consider the security implications of doing this.
In conclusion, I want to summarize our industry's and my
company's state of readiness for year 2000. Our industry is a
leader in year 2000 preparedness, and Bank of America has been
addressing the date change issue since 1995, and we are ready
for the year 2000.
Thank you for the opportunity to update the committee on
our industry and our company's preparedness.
[The prepared statement of Ms. Enticknap follows:]
[GRAPHIC] [TIFF OMITTED] T0954.433
[GRAPHIC] [TIFF OMITTED] T0954.434
[GRAPHIC] [TIFF OMITTED] T0954.435
[GRAPHIC] [TIFF OMITTED] T0954.436
[GRAPHIC] [TIFF OMITTED] T0954.437
[GRAPHIC] [TIFF OMITTED] T0954.438
Mr. Horn. Well, thank you very much. That's most helpful.
Mr. Jordan is the deputy superintendent of public
instruction for the State of Washington.
Mr. Jordan. Thank you, Chairman Horn, Representative Dunn.
I'm Bill Jordan, deputy superintendent of public instruction
for the State of Washington. The K-12 education system for
Washington's 1 million K-12 students includes 296 school
districts and 2,071 school sites.
I'm happy to have this opportunity to discuss Y2K concerns
with you, because this is an important opportunity for Federal,
State, and local governments to work together in ensuring Y2K
compliance and assisting community efforts to be prepared for
any related problems that may arise.
Most of the Y2K work at the State level in the educational
organization has taken the form of checking internal electronic
data systems and mechanical support systems to guard against
potential blowouts and loss of important electronic data, basic
heat and light systems, and vendor services.
As an agency, the Office of Superintendent of Public
Instruction has contacted the nine educational service
districts, ESDs, throughout this State to verify activities of
local districts and schools. Our educational service districts
have provided workshops, information, and, in some instances,
considerable technical assistance to help school districts and
schools prepare for avoiding potential Y2K problems.
Generally, midsize and larger districts have worked on
checking electronic equipment and developing Y2K plans. At
educational Service District 112 at Vancouver, they have been
very active in helping the 30 districts in their region qualify
for risk management insurance. They've developed a Y2K planning
manual and helped districts make plans for a variety of
contingencies and scenarios that could result from Y2K
problems.
Other ESDs and districts----
Mr. Horn. Excuse me. Do you have a copy of that document?
Mr. Jordan. I do.
Mr. Horn. Great. I'd like it inserted in the record at this
point without objection. Thank you.
[The information referred to follows:]
[GRAPHIC] [TIFF OMITTED] T0954.439
[GRAPHIC] [TIFF OMITTED] T0954.440
[GRAPHIC] [TIFF OMITTED] T0954.441
[GRAPHIC] [TIFF OMITTED] T0954.442
Mr. Jordan. Other service districts have worked in similar
ways. Potential problem areas are likely to be in smaller
districts, with limited numbers of staff and resources to deal
with in-depth planning and preparation. These districts and
communities need expertise and resources. Community planning
has often taken the form of planning for a 3-day event. We now
realize that there is potential for a longer period of
disruption and the need for a larger coordinated effort to move
toward full community preparedness.
Controlled tests of community systems reveal two things.
First, there is a broad interdependence of community electronic
systems. A water system may be compliant and functioning, but
its interactions with other systems may place a strain on both
systems and lead to failure and resulting problems.
Tests need to involve the range of community systems--
electronic systems, utilities, transportation, distribution
systems, and all type of electronic tools and appliances.
Critical needs, such as heat, water, food distribution,
transportation, communications, health care and other
interconnected services could be affected.
Second, many have focused on the prevention of problems but
less on contingency plans and broader community preparedness.
All of us hope that the efforts taken to date will be
sufficient to avert any disruption. Given the pervasiveness of
automated electronic systems and the widespread use of embedded
chips, it's difficult to guarantee that all systems will
function. It's imperative that communities are prepared to meet
any problems that may arise.
Preparation for Y2K should be no different from any other
form of emergency. Community preparedness for any disruption or
emergency is the right thing to do. Schools frequently play an
important role in providing shelter, food and support for other
needed community services.
I'm recommending that Federal, State and local governments
and community agencies join together actively and visibly in a
careful evaluation and promotion of community preparedness.
This preparedness must extend beyond the checking of electronic
systems and include preparedness for related Y2K disruptions as
well as other possible disasters or emergencies that would call
on community schools as a resource.
We recommend the following: citizen education programs that
provide guidance to citizens about the potential problems that
might be experienced; local contingency planning and
preparedness efforts that can give citizens a sense of
confidence that they will not be left alone to cope with
problems or emergencies; controlled community preparedness
tests that build coordinated community interagency capacity to
deal with emergencies--local emergency management offices can
provide valuable leadership in this area; the coordination of
Federal, State and local actions can provide early responses to
possible needs for water, food supplies, fuel, shelter and
emergency services.
I want to thank you again for this opportunity to talk
about Y2K preparedness in our schools in Washington State.
[The prepared statement of Mr. Jordan follows:]
[GRAPHIC] [TIFF OMITTED] T0954.443
[GRAPHIC] [TIFF OMITTED] T0954.444
[GRAPHIC] [TIFF OMITTED] T0954.445
[GRAPHIC] [TIFF OMITTED] T0954.446
[GRAPHIC] [TIFF OMITTED] T0954.447
Mr. Horn. Well, we appreciate that. We haven't really had
much testimony from the K-12 sector, so I'm delighted to have
your statement.
Mr. Bergeon, consultant with NueVue International Audit
2000.
Mr. Bergeon. Chairman Horn, Representative Dunn, it's a
great pleasure for me to be here today.
I think I have the unenviable task of addressing the small
to medium business environment, which I've been consulting with
for quite some time. I'd like to say that given my experience
here in Seattle, there's probably no city in the country I'd
rather be in when the clock turns over.
In the last few years, my work has been going on with
various commercial banks, and I've been very pleased with the
kinds of things I've seen coming through the Federal Reserve
and all of the other agencies as part of that movement.
I think that we are about to see probably the proof of the
pudding here in the next few months when the banks are going to
be asked to really evaluate their credit customers and to
actually do something about it. It's already been a very active
movement by the banks, and that has made a world of difference
in the small and medium business area being aware and making
the move, but there's still a long ways to go in the small
business area.
Just a few months ago I had an opportunity to talk with a
number of ports. And I've worked with the Port of Tacoma and
Port of Seattle and know they're moving along extremely well,
and they should be ready well before the year 2000 arrives.
But in talking with many of the ports around the area, I
found that most of them have started relatively recently, and
they have a certain amount of work that they have to get done
and to finish that up before the end of the year. So we still
have, in our port areas, both with the smaller airports and the
marine facilities in and around the northwest, still have a lot
of work to do.
I have had an opportunity to work with a number of
different business areas. I will give you an example of a
trucking firm that is in the Seattle area. I found that they
were aggressive. They had moved on their problem. They had two
things to worry about: APC and their accounting software. They
replaced both of those.
But in going over with them what their exposures were to
the Y2K, we found something like 19 systems over which they
were dependent but had absolutely no control. What was even
more disconcerting is they had no idea about how to approach
them and had no idea of how to perform or build a contingency
plan. So we still have that kind of an issue that we have to
deal with in the small business arena.
I also reviewed a small manufacturing company that was Y2K
compliant, and in doing the review, found that they had missed
seven embedded systems, which reinforces the fact that most of
these companies that are doing the work by themselves because
they can't afford outside consultants are potentially going to
miss some things that maybe a ``professional''--and I want to
put that in quotes--would capture.
I've also worked with the fishing boat industry and had an
opportunity to tour a number of fishing boats and look at the
computers and equipment on board the fishing boats. I'd like to
tell you that the navigation systems are, for the most part,
redundant for the larger ships, and even for some of the
smaller ones. So that's not going to be an issue unless they
all give different readings.
But for the most part, the fishing boats are heavily
dependent upon equipment with embedded systems, and there has
not been a lot of communication from vendors to the fishing
boat operators within the last year.
I've also had an opportunity to talk with one of those
fishing boat operators and have reviewed their home system,
their at-base system, and found that while their programmer had
gone through and said that they were compliant, he was, in
fact, unaware of the scope of testing that needed to be done in
order to achieve compliance.
So again, there is a difference when you get into the small
business area about the depth of knowledge and the amount of
work that has to be done.
I think that I would like to reinforce the concerns about
the December timeframe and potential reaction by the public,
both in the food area and in the petroleum area. There are
strong concerns amongst the business people about potentially
not having enough supply to meet demand, that they could get
out of hand. Education is important and essential, and we do
have to get out there and do more for them on that particular
problem.
I am also concerned, as my co-speaker from Microsoft said,
about the amount of business that's moving from the first
quarter of 2000 into the last quarter of 1999. For many small
businesses, this could have an impact, because their cash-flow
issues are stronger than most of the larger companies'.
With that, I'd like to conclude my comments.
[The prepared statement of Mr. Bergeon follows:]
[GRAPHIC] [TIFF OMITTED] T0954.448
[GRAPHIC] [TIFF OMITTED] T0954.449
[GRAPHIC] [TIFF OMITTED] T0954.450
[GRAPHIC] [TIFF OMITTED] T0954.451
Mr. Horn. Well, thank you, Mr. Bergeon. Are you familiar
with the pamphlet that the Small Business Administration put
out on this?
Mr. Bergeon. Yes, I am. I'm very glad to have seen it. I
wish it had come out about a year ago.
Mr. Horn. Well, it came out last July, actually, is when
they first showed it to me.
Mr. Bergeon. I'm thinking the year earlier.
Mr. Horn. Did you find it useful?
Mr. Bergeon. Yes. I think most of the companies that have
seen it were awakened to things that they hadn't realized. And
as I said, I just wish it had come out probably a year ahead of
when it did.
Mr. Horn. Did it tell them enough to deal with the
remediation, or was something else needed?
Mr. Bergeon. There again, most of them are trying to do the
work on their own, with the resources that they have available
or can bring to bear. Not all of these resources are
knowledgeable or skilled. The SBA pamphlet has done a great
deal to remediate that problem, but there are still issues that
come up that they don't know how to address.
Mr. Horn. Let me ask the question I've asked the two
previous panels. If you could rethink where you've been on
this, what from the management side would you now change and go
at it in another way if you had to do it over?
Mr. Bergeon. Well, I started in the Y2K business in 1992,
and I started with big businesses, because consulting
companies, for the most part, get the attention of big
businesses and make most of their money with big businesses.
I would like to have started with the small business arena
probably about 4 years ago, and I would think that if we had
this to do over again, I would do that.
Mr. Horn. Mr. Jordan, what would you do if you had to roll
back the clock and say, ``Gee, we should have done this at this
point in time''?
Mr. Jordan. We should have spent more time on better
communication and contingency planning.
Mr. Horn. Now, when you say ``contingency planning,'' what
are you thinking of?
Mr. Jordan. Well, school districts and schools are very
dependent on vendors, outside sources, to keep us working. And
we should have started earlier on making plans for the checking
of integrated systems and vendor sources and contingencies if
our food supply doesn't come in for food service or fuel supply
doesn't come in to transport our buses.
Mr. Horn. With your overview of education in the State, did
the major cities, such as Seattle, Tacoma, others, have a plan
in the city school systems? And how would you relate what was
happening in the rural school systems? And I'm just curious,
from your perspective, what do you see there and what should
they have done earlier?
Mr. Jordan. Probably the best answer--I can defer to one of
our previous speakers regarding perhaps what's happened with
the city of Seattle or King County in their relationship with
the school district.
My feelings regarding rural school districts are that they
are in need of resources to find people to check out systems or
relying on the educational service district to provide
expertise or support. So they are probably in a position of
less preparedness than the larger districts.
Mr. Horn. Well, I'm thinking of when they were wiring
classrooms. A lot of this was volunteer effort by people that
were familiar with computers and wanted to help out and provide
those opportunities.
And I guess Mr. Jones--we might ask him. Microsoft is,
without question, probably the largest computer firm in America
in terms of software?
Mr. Jones. Second largest.
Mr. Horn. Second largest. Who is the No. 1?
Mr. Jones. IBM.
Mr. Horn. Big Blue is still No. 1.
Anyhow, I just was curious. You probably remember that
volunteer effort to wire different rooms in schools. Was there
anything like that applied to the remediation situation on the
year 2000?
Mr. Jones. Well, there have been several things done in
that area. I mean, we've worked with a number of school
districts to wire them, the first thing.
Second, there have been nonprofit organizations in Seattle,
such as Empower, and what they've done is they've worked with
all the other nonprofits to prepare them for the year 2000.
Y2K for nonprofits is a huge challenge. They don't have the
technical expertise nor the financial means to do a great job
of preparedness, so they're relying on industry or other
nonprofits that specialize in supporting them in those areas.
Mr. Horn. Ms. Enticknap, what's your feeling on it? If you
could roll back the clock and say, ``Gee, we should have done
it this way,'' what would you have done differently?
Ms. Enticknap. Financial institutions benefited from a very
active regulatory support, and so the Federal Financial
Institutions Examination Council [FFIEC], came out very early
with recommendations. We had already started work. So we, as I
say, benefit from a very active regulatory environment, shall
we say, so we've been ready.
Mr. Horn. Well, you're in the corporate culture now of two
major banks. Was there a difference between how Seattle versus
Bank of America had approached this from?
Ms. Enticknap. No. Actually, we've been part of Bank of
America since 1983, and we just didn't change our name. So
we've been part of Bank of America and have played an active
role in the overall corporate planning process and remediation
process.
Mr. Horn. Mr. Aikens, how about Boeing? Does Boeing ever
make a mistake? Would you ever go back?
Mr. Aikens. I think we've made a mistake.
Since we started early, the one thing that I think would
have helped is if we could have resolved the fear that the
suppliers had. Somehow we needed to resolve that, because it
limited the communication. Although we started in 1993, working
with our suppliers in 1994, they were still very reluctant to
share. And if we could have worked to eliminate that fear, I
think that would have been better.
Mr. Horn. Well, that's a good point.
Allow me just to go through some of these cards that the
audience has provided. I guess, Mr. Jones, here's one for you:
please explain the Y2K brochure Microsoft plans to mail out and
who will receive it.
Mr. Jones. The brochure is essentially called ``Action for
Small and Medium Businesses and Consumers.'' Basically, the
criteria for who will receive that mailing is anyone who has
registered a product since 1995. For businesses, enterprise
businesses, we then reduce the duplication in names and only
send one mailing to the Y2K program manager of a specific
enterprise.
Mr. Horn. Are there any Microsoft products that are not Y2K
compliant?
Mr. Jones. Of the 3,200 we've tested, about 2 percent, or
roughly 80. And for those products, we have either an upgrade
path or a work-around available.
Mr. Horn. Recent reports illustrate that small to medium-
sized businesses are not doing enough to prepare. What is your
confidence level--I think it's really directed at you, Mr.
Bergeon--as to is it a low confidence or high confidence in
terms of the supply chain?
Mr. Bergeon. Again, in dealing with the small and medium
businesses, we're going to cover a lot of territory. And let me
break it down into two groups first.
The medium-sized businesses, I think, are coming along
extremely well. I have a high degree of confidence that most of
them will be in pretty good shape by the end of this year. They
will be working heavily into the last quarter.
Small businesses, it's about 50 percent right now. I'm
seeing more and more interest, but still a reluctance to do
anything at this point, because they've got other issues
they're dealing with and they still have cash-flow issues. Many
of them still are not aware of things like contingency plans.
And they have expressed a great deal of fear about why
should they do something when they still expect some of the
other systems to fail around them. So there's still a lot of
hesitancy or a lot of disbelief in government, et cetera. I've
heard it said the ``close enough for government work'' phrase
all too often. And so my confidence, I think, with the small
businesses is not as high. It's only about 50 percent right
now.
Mr. Horn. How about the supplier confidence you have, Mr.
Jordan?
Mr. Jordan. With the State of Washington, which probably
most of our school districts rely on for information services
and data services, we have a high level of confidence.
With some local vendors, they are also expressing
reluctance to give us assurance that they will be able to
supply us with our needed services because they are not sure
that they will be supplied with the materials and the backup
that they have.
So in some of our larger systems, we feel very confident;
in others--and depending on the size of the business--not very
confident.
Mr. Horn. Ms. Enticknap.
Ms. Enticknap. We are confident that the small businesses
that we are working with, we've tried to provide as much
information as possible, including guides, checklists and
seminars, both for our small and medium-sized businesses. So
we've tried to outreach to those businesses to provide as much
information as we could.
Mr. Horn. Since we've got you here, what impacts could
noncompliant international banks have on your operations?
Ms. Enticknap. We've been working very closely with the
partners internationally that we use, including testing, and
are confident that we will be able to manage any risks as they
come up.
Mr. Horn. What about the confidence you have in your
suppliers becoming compliant?
Mr. Aikens. We have something like 33,000 suppliers, and
we've been working to get that down. We have less than 100 that
have not responded exactly like we want, and we're dealing face
to face with those. We are confident that we will resolve that
issue.
Mr. Horn. And we have a number here for Mr. Jones. Do you
want to comment on the suppliers?
Mr. Jones. I do, actually. An inverse view of that is
Microsoft is a supplier to many of the people who have
testified here today. And to quantify that for you, we have
received approximately 9,000 requests for information from
Microsoft per week. And we expect by the time the year ends, we
will have processed well over 1.4 million requests for
information. And that's above and beyond the website
utilization that we have.
Mr. Horn. Someone wanted us to be more specific, and the
request is this: are Windows 95 and Windows 98 compliant?
Mr. Jones. Windows 95 and Windows 98 are both compliant.
There is a software update available.
Mr. Horn. Is Office 97 compliant?
Mr. Jones. Office 97 is compliant with software updates.
Mr. Horn. And here is a nonprofit volunteer in the
community: please explain the Empower program to help
nonprofits meet Y2K compliance.
Mr. Jones. Certainly. Empower is a local nonprofit
organization designed to support other nonprofits through
technology. They have database analysts, programmers and
developers on staff. They launched a program called the Y2K
Data Service here in Seattle, and that ran about 6 weeks ago,
and they went and touched about 200 nonprofit organizations,
and they verified the readiness of their PCs and installed the
software updates or any patches that were necessary.
They had volunteers from Microsoft, from Boeing, from many
of the large organizations within the Seattle area. They're
going to do another one of those later in the year. And
``www.Empower.org'' is their website.
Mr. Horn. The final two questions are for Mr. Aikens, and
they're along the line of the ones for the banks, and that to
you is: what contingency plans are being made for employees in
high-risk areas, like Russia, in terms of Boeing personnel,
Boeing customers, whatever, in terms of the year 2000 and
working with Russia?
Mr. Aikens. Well, we have a normal contingency plan for all
of our people, and Y2K is no different. We have emergency
operation centers in 12 States, and also abroad. So we work
with each one of those countries, and our people will be
protected.
Mr. Horn. I just happened to visit your Sea Launch facility
in my hometown of Long Beach this last week, and it was really
impressive, with Russian, Ukrainian, Norwegian, United States,
and United Kingdom cooperation. That's really a great
endeavour.
Mr. Aikens. It is a very interesting site.
Mr. Horn. We'd be glad to have you send some 737 production
down there, too, before I leave town, please.
``What can you tell us about the Global Positioning System
readiness on August 21st and 22nd, 1999?'' says one member of
our audience.
Mr. Aikens. We're completely ready. And what we have done
is we've contacted the vendors that have the information, at
least have the satellites, and we have demanded--it sounds
pretty strong--that all of those systems be ready. Boeing has
run through its tests, and we are completely satisfied that
there will be no problem with the Global Positioning System.
Mr. Horn. I thank you. And I now yield to Representative
Dunn for the questions she has, and we're delighted she is with
us here.
Ms. Dunn. Thanks very much, Mr. Chairman.
Mr. Jones, you mentioned a couple of times, or it was
mentioned on your behalf, that you've worked a lot with
nonprofits. And we haven't heard anybody testify from the
nonprofit sector. And I am most curious myself, having been
very involved with this sector in most of my background, what
kind of progress are the nonprofits making toward compliance
for Y2K?
Mr. Jones. I would rank them at the bottom of the list,
with enterprises being most compliant and nonprofits being the
least. That's singularly the area that concerns us the most.
They typically have outdated technology, which, of course,
induces more areas for Y2K liability. And while they are
turning their attention to Y2K now, it is relatively late for
those organizations.
Ms. Dunn. So we should pay some attention there.
Mr. Jones. Absolutely.
Ms. Dunn. I think that's important, Mr. Chairman.
Let me ask you, in general, a question I know Mr. McDermott
had asked earlier as I was outside for another meeting on the
impact on somebody's home. And I think he phrased it in terms
of whether his answering machine would work or not.
What else do you see is going to be a problem for the
ordinary person going through his life on the 1st day of the
new millennium? What will they notice?
And then I have another followup question I want to ask a
couple of you on that. Anything that occurs to any of you in
any order.
Mr. Jones. From the PC standpoint, I'll address that
component. Depending on how you use your PC--say you use your
PC primarily to surf the web or play games--by and large, you
could do nothing, turn your PC on on January 1st, and you'd be
just fine.
If you use your PC for complex calculations or checkbook
management, budget management, then certainly you need to take
some preparedness steps. On average, we're seeing those steps
take about an hour to do in the home.
Ms. Dunn. Is there someplace where people can get
information on how to do that?
Mr. Jones. Microsoft has a great website, of course.
Ms. Dunn. Anything else? Anything you're worried about,
your wife is worried about, your husband is worried about, your
children are worried about?
Mr. Bergeon. Having moved into a condo in downtown Seattle,
I had a lot of things to worry about, including elevators and
environmental control systems, so we did do some checking.
We've found that if you have an environmental control
system that was purchased within the last few years, you're
pretty safe. But most of the houses have had environmental
control systems that were installed some time ago, and some,
some small percentage, do have some computer embedded chips in
them. It's not clear whether or not those are going to be
prepared or not. And I haven't done a study of them, but that
is a concern that some homes might have.
Ms. Dunn. Anybody else?
Mr. Aikens. Well, we have a very extensive program within
Boeing for all of our employees that have PCs. And we have a PC
assistant that will allow them to take a look to see if their
computer is Y2K-ready. They can take this kind of information
to the home as well.
And in addition to that, the Boeing Employees Credit Union,
which is not a part of Boeing, has sent out a list of things
that they need to do. And in that way, they will check with
Microsoft or any of the other vendors as to what needs to be
done. By and large, we think that it really won't be that much
of an impact on the homes.
Ms. Dunn. Good. Thank you. I have just one last question.
There was something that alarmed me that I heard earlier in
this hearing, and that was when one of the folks who was
testifying said he'd heard there were going to be a couple of
movies coming out on the Y2K.
And you can translate that very quickly, having been
through that era of every possible disaster in the world
becoming part of a movie. And it's our responsibility here, all
of us who have taken part in this hearing today, to make sure
that the institutions we're affiliated with are compliant.
What happens, though--because we know the psychology of
this is going to be very important, especially in the
possibility that you run into all the time, Mrs. Enticknap, of
people taking their money out of banks, or you run into, Mr.
Aikens, of people not flying on airplanes--what happens and
what is the response? And are you prepared with a contingency
plan if something like this happens toward the end of the year?
We've got a November release for some big movie. How are we
going to calm people down and help them understand, especially
seniors, who worry a lot about things like this?
Mr. Aikens. I'll take it. Naturally, Boeing is a primary
target to have a 747 crashing into the Empire State Building.
These kinds of things come up all the time. And what we think
is the best way to combat that is with education, and that's
where we think that our outreach program is very effective.
The contingency plan is that there is not much we can do
about Hollywood doing things like this, but we think education
is the answer. And that's what we want to be sure that we tell
the public--here's what we're doing--and let's leave it at
that.
Ms. Enticknap. From the bank's standpoint, we have an
active communication program under way. We will be sending out
and continue to send out statement stuffers. Again, people tend
to not read their statements, so we also have information on
our websites and also in our banking centers. And we also are
working with the Federal Reserve. The Federal Reserve is
printing an additional $50 billion of currency for the end of
the year, and all banks are working together to make sure that
we're monitoring cash usage.
But more importantly, we're working with senior citizens
and others to really understand the implications of taking
their money out, and urging people to recognize that the safest
place for their money is a bank.
Ms. Dunn. Anybody else have any comments?
Mr. Jordan. We agree that education is critical to making
sense of this. And one of the things we'd like to stress is
that this is an opportunity for community agencies--profit,
nonprofit, big and small business--to come together and clearly
state for the community what is and what isn't. That will belay
a lot of fear and cut through any media marketing that might go
along with the production that you scenario.
But we believe that if a community gets together, and each
agency says we've done this, this, this, and this, and get that
out to their local people that trust them and rely on them
every day, that would have a big impact.
Ms. Dunn. Thank you.
Mr. Horn. Thank you very much for coming, Ms. Dunn. She
does a great job for you in Washington.
Let me thank a lot of people that have been involved in
this hearing. We'll start with the two Members of Congress and
their staff. Congressman McDermott and his Seattle district
office staff has been helpful--Damian Cordova, legislative
assistant, Jane Sanders, the scheduler.
And Congresswoman Dunn's Washington and Mercer Island
district office staff, Susan McColley, district director, Kara
Kennedy, the press, Doug Badger, legislative director.
And for the Discovery Institute, which is also our host in
Seattle, obviously president Bruce Chapman, who has been a
great public servant, both nationally and in this State and in
this city, I've known him for 40 years as a person of honor and
integrity; Nancy Sclater, the vice president; Rob Crowther, the
public and media relations; Steve Jost, events coordinator.
And our faithful court reporter, Jeff Wilson. And then the
staff of the Subcommittee on Government Management,
Information, and Technology which has done a great job for the
last 6 years. J. Russell George, staff director and chief
counsel, is seated practically outside of the room there in
back; Matthew Ryan is to my left and your right, he's the
senior policy director that worked on the hearing.
And then we have a very fine young lady who is an American
Political Science Association congressional fellow with
Congress for a year, and her full-time employment is career
servant for the National Security Agency, and that's Patricia
Jones.
Patricia, are you here? Well, she had to leave.
Chip Ahlswede, I believe, is here, staff assistant; and
Grant Newman, the committee clerk. Grant, there they are.
They're all in the back row.
So I want to thank you all. I want to thank the people of
Seattle and your experts that we had as a sounding board, shall
we say, for our various aspects of the Y2K problem. You've put
a lot of good information in the record today, and we will make
use of it and share it with other communities. Thanks for
coming.
With that, we are adjourned.
[Whereupon, at 12:20 p.m., the subcommittee was adjourned.]
�