<DOC>
[106th Congress House Hearings]
[From the U.S. Government Printing Office via GPO Access]
[DOCID: f:61120.wais]
ARE THE FEDERAL GOVERNMENT'S CRITICAL PROGRAMS READY FOR JANUARY 1,
2000?
=======================================================================
JOINT HEARING
before the
SUBCOMMITTEE ON GOVERNMENT MANAGEMENT,
INFORMATION, AND TECHNOLOGY
of the
COMMITTEE ON GOVERNMENT REFORM
and the
SUBCOMMITTEE ON TECHNOLOGY
of the
COMMITTEE ON SCIENCE
HOUSE OF REPRESENTATIVES
ONE HUNDRED SIXTH CONGRESS
FIRST SESSION
__________
APRIL 13, 1999
__________
Committee on Government Reform
Serial No. 106-52
Committee on Science
Serial No. 106-53
__________
Printed for the use of the Committee on Government Reform and the
Committee on Science
Available via the World Wide Web: http://www.house.gov/reform
______
U.S. GOVERNMENT PRINTING OFFICE
61-120 CC WASHINGTON : 1999
COMMITTEE ON GOVERNMENT REFORM
DAN BURTON, Indiana, Chairman
BENJAMIN A. GILMAN, New York HENRY A. WAXMAN, California
CONSTANCE A. MORELLA, Maryland TOM LANTOS, California
CHRISTOPHER SHAYS, Connecticut ROBERT E. WISE, Jr., West Virginia
ILEANA ROS-LEHTINEN, Florida MAJOR R. OWENS, New York
JOHN M. McHUGH, New York EDOLPHUS TOWNS, New York
STEPHEN HORN, California PAUL E. KANJORSKI, Pennsylvania
JOHN L. MICA, Florida PATSY T. MINK, Hawaii
THOMAS M. DAVIS, Virginia CAROLYN B. MALONEY, New York
DAVID M. McINTOSH, Indiana ELEANOR HOLMES NORTON, Washington,
MARK E. SOUDER, Indiana DC
JOE SCARBOROUGH, Florida CHAKA FATTAH, Pennsylvania
STEVEN C. LaTOURETTE, Ohio ELIJAH E. CUMMINGS, Maryland
MARSHALL ``MARK'' SANFORD, South DENNIS J. KUCINICH, Ohio
Carolina ROD R. BLAGOJEVICH, Illinois
BOB BARR, Georgia DANNY K. DAVIS, Illinois
DAN MILLER, Florida JOHN F. TIERNEY, Massachusetts
ASA HUTCHINSON, Arkansas JIM TURNER, Texas
LEE TERRY, Nebraska THOMAS H. ALLEN, Maine
JUDY BIGGERT, Illinois HAROLD E. FORD, Jr., Tennessee
GREG WALDEN, Oregon JANICE D. SCHAKOWSKY, Illinois
DOUG OSE, California ------
PAUL RYAN, Wisconsin BERNARD SANDERS, Vermont
JOHN T. DOOLITTLE, California (Independent)
HELEN CHENOWETH, Idaho
Kevin Binger, Staff Director
Daniel R. Moll, Deputy Staff Director
David A. Kass, Deputy Counsel and Parliamentarian
Carla J. Martin, Chief Clerk
Phil Schiliro, Minority Staff Director
------
Subcommittee on Government Management, Information, and Technology
STEPHEN HORN, California, Chairman
JUDY BIGGERT, Illinois JIM TURNER, Texas
THOMAS M. DAVIS, Virginia PAUL E. KANJORSKI, Pennsylvania
GREG WALDEN, Oregon MAJOR R. OWENS, New York
DOUG OSE, California PATSY T. MINK, Hawaii
PAUL RYAN, Wisconsin CAROLYN B. MALONEY, New York
Ex Officio
DAN BURTON, Indiana HENRY A. WAXMAN, California
J. Russell George, Staff Director and Chief Counsel
Matt Ryan, Senior Policy Director
Bonnie Heald, Communications Director/Professional Staff Member
Mason Alinger, Clerk
Faith Weiss, Minority Counsel
COMMITTEE ON SCIENCE
HON. F. JAMES SENSENBRENNER, Jr., (R-Wisconsin), Chairman
SHERWOOD L. BOEHLERT, New York GEORGE E. BROWN, Jr., California,
LAMAR SMITH, Texas RMM**
CONSTANCE A. MORELLA, Maryland RALPH M. HALL, Texas
CURT WELDON, Pennsylvania BART GORDON, Tennessee
DANA ROHRABACHER, California JERRY F. COSTELLO, Illinois
JOE BARTON, Texas TIM ROEMER, Indiana
KEN CALVERT, California JAMES A. BARCIA, Michigan
NICK SMITH, Michigan EDDIE BERNICE JOHNSON, Texas
ROSCOE G. BARTLETT, Maryland LYNN C. WOOLSEY, California
VERNON J. EHLERS, Michigan* ALCEE L. HASTINGS, Florida
DAVE WELDON, Florida LYNN N. RIVERS, Michigan
GIL GUTKNECHT, Minnesota ZOE LOFGREN, California
THOMAS W. EWING, Illinois MICHAEL F. DOYLE, Pennsylvania
CHRIS CANNON, Utah SHEILA JACKSON-LEE, Texas
KEVIN BRADY, Texas DEBBIE STABENOW, Michigan
MERRILL COOK, Utah BOB ETHERIDGE, North Carolina
GEORGE R. NETHERCUTT, Jr., NICK LAMPSON, Texas
Washington JOHN B. LARSON, Connecticut
FRANK D. LUCAS, Oklahoma MARK UDALL, Colorado
MARK GREEN, Wisconsin DAVID WU, Oregon
STEVEN T. KUYKENDALL, California ANTHONY D. WEINER, New York
GARY G. MILLER, California MICHAEL E. CAPUANO, Massachusetts
JUDY BIGGERT, Illinois VACANCY
MARSHALL ``MARK'' SANFORD, South VACANCY
Carolina
JACK METCALF, Washington
Subcommittee on Technology
CONSTANCE A. MORELLA, Maryland, Chairwoman
CURT WELDON, Pennsylvania JAMES A. BARCIA, Michigan**
ROSCOE G. BARTLETT, Maryland LYNN N. RIVERS, Michigan
GIL GUTKNECHT, Minnesota* DEBBIE STABENOW, Michigan
THOMAS W. EWING, Illinois MARK UDALL, Colorado
CHRIS CANNON, Utah DAVID WU, Oregon
KEVIN BRADY, Texas ANTHONY D. WEINER, New York
MERRILL COOK, Utah MICHAEL E. CAPUANO, Massachusetts
MARK GREEN, Wisconsin BART GORDON, Tennessee
STEVEN T. KUYKENDALL, California TIM ROEMER, Indiana
GARY G. MILLER, California
Ex Officio
F. JAMES SENSENBRENNER, Jr., GEORGE E. BROWN, Jr., California+
Wisconsin+
C O N T E N T S
----------
Page
Hearing held on April 13, 1999................................... 1
Statement of:
Lee, Diedre, Acting Deputy Director for Management, Office of
Management and Budget; Fernando Burbano, Chief Information
Officer, U.S. Department of State; Richard Nygard, Chief
Information Officer, U.S. Agency for International
Development; Anne F. Reed, Chief Information Officer, U.S.
Department of Agriculture; Joel C. Willemssen, Director,
Civil Agencies Information Systems, U.S. General Accounting
Office; and James J. Flyzik, Chief Information Officer,
U.S. Department of the Treasury............................ 10
Letters, statements, etc., submitted for the record by:
Biggert, Hon. Judy, a Representative in Congress from the
State of Illinois, prepared statement of................... 5
Burbano, Fernando, Chief Information Officer, U.S. Department
of State, prepared statement of............................ 67
Flyzik, James J., Chief Information Officer, U.S. Department
of the Treasury, prepared statement of..................... 82
Horn, Hon. Stephen, a Representative in Congress from the
State of California, memorandum dated March 26, 1999....... 103
Jackson-Lee, Hon. Sheila, a Representative in Congress from
the State of Texas, prepared statement of.................. 7
Lee, Diedre, Acting Deputy Director for Management, Office of
Management and Budget:
Information concerning specific criteria................. 107
Information concerning emergency funds................... 91
Prepared statement of.................................... 14
Nygard, Richard, Chief Information Officer, U.S. Agency for
International Development, prepared statement of........... 59
Reed, Anne F., Chief Information Officer, U.S. Department of
Agriculture, prepared statement of......................... 40
Stabenow, Hon. Debbie, a Representative in Congress from the
State of Michigan, prepared statement of................... 9
Willemssen, Joel C., Director, Civil Agencies Information
Systems, U.S. General Accounting Office, prepared statement
of......................................................... 21
ARE THE FEDERAL GOVERNMENT'S CRITICAL PROGRAMS READY FOR JANUARY 1,
2000?
----------
TUESDAY, APRIL 13, 1999
House of Representatives, Subcommittee on
Government Management, Information, and
Technology of the Committee on Government
Reform, joint with the Subcommittee on
Technology of the Committee on Science,
Washington, DC.
The subcommittees met, pursuant to notice, at 1:07 p.m., in
room 2318, Rayburn House Office Building, Hon. Connie Morella
(chairwoman of the Subcommittee on Technology) and Hon. Stephen
Horn (chairman of the Subcommittee on Government Management,
Information, and Technology) presiding.
Present: Representatives Morella, Horn, Biggert, Ose,
Turner, Gutknecht, Miller, Barcia, Rivers, Stabenow, and
Jackson-Lee.
Staff present from the Subcommittee on Government
Management, Information, and Technology: J. Russell George,
staff director and chief counsel; Matt Ryan, senior policy
director; Bonnie Heald, director of communications, and
professional staff member; Mason Alinger, clerk; Richard Lukas,
intern; Faith Weiss, minority counsel, Committee on Government
Reform; and Earley Green, minority staff assistant, Committee
on Government Reform.
Staff present from the Subcommittee on Technology: Jeff
Grover, staff director; Ben Wu, professional staff member; Joe
Sullivan, clerk; Michael Quear and Martin Ralson, minority
professional staff members.
Mrs. Morella. The joint hearing of the Technology
Subcommittee of the Science Committee as well as the
Subcommittee on Government Management, Information, and
Technology of the Government Reform Committee will come to
order.
On March 31st, the administration announced that, according
to the most recent data obtained from agencies, 92 percent of
Federal systems had met the governmentwide goal of Y2K
compliance. With less than 8\1/2\ months remaining until
January 1, 2000, it is heartening to hear that nearly all
mission-critical systems within the 24 major Federal
departments and agencies are Y2K compliant.
The administration tells us that these systems have been
tested and implemented, and will be able to accurately process
data into the year 2000. This is certainly a welcome change
from a year ago, and it is a tribute to the thousands of
dedicated and skilled Federal employees who have been working
to ensure that critical government operations and services will
continue uninterrupted into the next millennium and beyond.
While progress appears to have been made in addressing Y2K
internally, each agency must now begin the more vital function
of outlining actions that are needed for systems to work
externally. The new challenges facing each agency include
performing end-to-end testing, as well as developing business
continuity and contingency planning. These challenges are
certainly not minor. No one should be fooled or lulled into the
false sense of security over the recent Federal Y2K
improvements. Much more work remains to be done to ensure the
continuity of our critical Federal programs and systems. We, in
Congress, will continue to provide vigilant Y2K oversight and
intend to work diligently and cooperatively with the
administration to ensure the delivering of vital services to
the American people.
Today we have a distinguished panel of witnesses to assist
our House Y2K Working Group in receiving a current status
report on the efforts of the U.S. Government in correcting the
year 2000 computer problem after the President's March 31, 1999
deadline.
This hearing will present the Office of Management and
Budget and the General Accounting Office with an opportunity to
comment on the administration's year 2000 efforts. In addition,
this hearing will lay the groundwork for the administration to
demonstrate the overall readiness of its critical business
functions--functions that the American public rely upon.
There will also be testimony from four agencies that have
yet to testify in joint Y2K hearings before the Technology
Subcommittee and the Government Management, Information, and
Technology Subcommittee. And that is the Department of
Agriculture, the Agency for International Development, the
Department of State, and the Department of the Treasury. It
should be noted, however, that these 4 agencies were among the
11 agencies that were not yet totally compliant by the March
31st deadline.
I look forward to hearing from our panel, and I am now
going to turn to the co-Chair of this hearing, the chairman of
the Government Management, Information, and Technology
Subcommittee, the gentlemen from California, Mr. Horn.
Mr. Horn. Thank you very much, Madam Chairman. We have just
passed a significant milestone in the Federal Government's
efforts to update its computers systems for the year 2000. On
March 31st, the President's deadline for all mission-critical
computers to be year 2000 compliant, 92 percent of the
Government's departments and agencies reported that their 6,123
mission-critical computer systems are ready for the new
millennium. We, in Congress, are pleased with this progress,
considering that only three short years ago several agencies
were unaware of the programming glitch that could shut down or
corrupt their computer systems on January 1, 2000.
A lot of hard work has been going on inside the executive
branch of the Federal Government. Nevertheless, 8 percent of
the agencies' mission-critical systems failed to meet the
President's March 31st deadline. These systems, found within 11
departments, are vital to the health and well-being of millions
of Americans. They must be fixed before we can focus entirely
on end-to-end testing. From food stamps to Medicare and
Medicaid, these programs serve our most vulnerable citizens--
the seniors, the poor, the chronically ill.
Today's hearing marks the beginning of a new phase in our
year 2000 oversight. We will move from our focus on computer
systems to begin examining entire Federal programs. We want to
be assured that these programs operate seamlessly, whether the
date is December 31, 1999, or January 1, 2000. We are pleased
to welcome the witnesses before us today, and I look forward to
their testimony.
Thank you, Madam Chairman.
Mrs. Morella. Thank you, Chairman Horn.
It is now my pleasure to recognize the ranking member of
the Technology Subcommittee, the gentlemen from Michigan, Mr.
Barcia.
Mr. Barcia. Thank you, Chairwoman Morella and Chairman
Horn. I want to join my colleagues in welcoming everyone to
this afternoon's hearing. And while this series of hearings on
Federal agencies' Y2K efforts have been largely critical of the
administration, I would like to take this opportunity to
compliment their recent efforts.
Last Wednesday, the White House announced that 92 percent
for Federal Michigan--excuse me, mission----
Mrs. Morella. Michigan--see? [Laughter.]
Mr. Barcia [continuing]. Michigan, my home State--mission-
critical systems were now Y2K compliant. In fact, 13 of the
largest departments reported 100 percent compliance with their
Michigan--excuse me, mission-critical systems. [Laughter.]
In addition, the FAA recently tested its systems at Denver
Stapleton Airport and found no noticeable problems. Ultimately,
while much work remains to be done, our Federal agency should
be commended for their efforts. I also want to commend OMB for
their leadership on this issue. A recent memo to the agency
heads from Jack Lu highlights the need to ensure that not only
must agency systems be compliant, but that their data exchange
partners be Y2K compliant as well. Further, Director Lu called
for the need to publicly demonstrate the overall readiness of
integrated Federal, State, and private systems, as well as the
programs that they support. I am pleased to see OMB take this
leadership role, as Director Lu's memo outlines my own concerns
regarding Federal Y2K efforts.
Recognizing the need to share detailed information with the
public, testing data exchanges, and developing complementary
business contingency plans are consistent with key provisions
in H.R. 4682, which I introduced at the end of the last
Congress.
As I said earlier, much work remains to be done, and today
we will hear from four agencies who are behind schedule.
However, given the bleak prognosis we heard 1 year ago, much
progress has been made and credit should be given where credit
is due. I want to thank all of the witnesses for appearing
before the committee, and I look forward to your comments.
Thank you, Madam Chairman.
Mrs. Morella. Thank you, Mr. Barcia.
I would now like to recognize Mr. Turner, the gentleman who
is on the Government Reform Committee, for any opening comments
he may have.
Mr. Turner. March 31st was the self-imposed deadline for
the executive branch to have implemented Y2K-compliant computer
systems and, as of that date, the Federal Government reported
that 92 percent of its systems were compliant. This is evidence
of a strong commitment and solid progress in the executive
branch on the issue.
The Federal Government, of course, cannot afford to relax
its efforts. A number of significant Federal agencies have not
finished their Y2K conversion, as has been revealed by this
subcommittee's review of the status of the Department of
Defense and the Federal Aviation Administration, both of which
are behind in their repairs. Today we will consider the status
of Y2K conversion in several other agencies, including the
Departments of State, Treasury, Agriculture, and the Agency for
International Development.
Conversion work is not finished when the systems are
repaired; systems must be tested. The Government must conduct
end-to-end and business continuity testing for significant
Federal systems. That is, instead of simply testing one system
individually, the Government must test how well its systems
coordinate with other systems in performing business functions.
Successful functioning of Government systems on January 1,
2000 will require coordination and testing of Federal, State,
and local computer systems, as well as those in the private and
non-profit sectors. Government functions not only cross
departmental lines, but also cross Federal, State, and local
jurisdictions. It is clearly not enough to assure that the
Federal systems work, because States administer many important
Federal benefits, and if these State systems fail, people will
not get their benefits, and the Federal Government will in turn
fail.
Therefore, I would like to thank the witnesses who are
gathered here today to explain the remaining work that the
Federal Government will be undertaking before the date change,
and I would urge that this effort be devoted to assuring that
the Federal, State, and local systems collectively can deliver
the necessary benefits and crucial government services.
Thank you, Madam Chairman.
Mrs. Morella. Thank you, Mr. Turner.
[The prepared statement of Hon. Judy Biggert, Hon. Sheila
Jackson-Lee, and Hon. Debbie Stabenow follow:]
[GRAPHIC] [TIFF OMITTED]61120.001
[GRAPHIC] [TIFF OMITTED]61120.002
[GRAPHIC] [TIFF OMITTED]61120.003
[GRAPHIC] [TIFF OMITTED]61120.004
[GRAPHIC] [TIFF OMITTED]61120.005
Mrs. Morella. Distinguished panelists, I am going to ask
them if they will rise, since it is a policy of this committee
to swear in those who will testify and raise your right hands.
[Witnesses sworn.]
Mrs. Morella. The record will indicate affirmative response
from all, and we do have a distinguished panel.
We have Ms. Deidre Lee, who is the Acting Deputy Director
for Management of the Office of Management and Budget; Mr. Joel
Willemssen, who is no stranger to this committee, who is the
Director of Civil Agencies Information Systems of the U.S.
General Accounting Office; we have Ms. Ann Reed, who is the
Chief Information Officer of the U.S. Department of
Agriculture; we have Richard Nygard, who is the Chief
Information Officer for the U.S. Agency for International
Development; we have Mr. Fernando Burbano, who is the Chief
Information Officer for the U.S. Department of State, and we
have Mr. James Flyzik, who is the Chief Information Officer for
the U.S. Department of Treasury.
Ladies and Gentlemen, it is customary that we give you each
about 5 minutes maximum. Anything that you have submitted to us
in its entirety will be included in the record, and that gives
us an opportunity, then, to fire away with any questions.
So, if that order is acceptable to you, we will start off
then with you, Ms. Lee.
STATEMENTS OF DIEDRE LEE, ACTING DEPUTY DIRECTOR FOR
MANAGEMENT, OFFICE OF MANAGEMENT AND BUDGET; FERNANDO BURBANO,
CHIEF INFORMATION OFFICER, U.S. DEPARTMENT OF STATE; RICHARD
NYGARD, CHIEF INFORMATION OFFICER, U.S. AGENCY FOR
INTERNATIONAL DEVELOPMENT; ANNE F. REED, CHIEF INFORMATION
OFFICER, U.S. DEPARTMENT OF AGRICULTURE; JOEL C. WILLEMSSEN,
DIRECTOR, CIVIL AGENCIES INFORMATION SYSTEMS, U.S. GENERAL
ACCOUNTING OFFICE; AND JAMES J. FLYZIK, CHIEF INFORMATION
OFFICER, U.S. DEPARTMENT OF THE TREASURY
Ms. Diedre Lee. Are we on?
Mrs. Morella. Yes.
Ms. Diedre Lee. Very good.
Good afternoon, Chairwoman Morella, Chairman Horn, members
of the subcommittee.
As you know, I have been Acting Deputy Director for
Management since April 1st. And as any average person, I am
certainly aware of the Y2K issue. But I am still somewhat new
to this issue at OMB, and I have been working closely with the
OMB staff to come up to speed. I am pleased to appear before
the subcommittee today to discuss the Government's progress on
the year Y2K. I will do my best to answer your questions.
Chairwoman Morella and Chairman Horn, I would like to start
by thanking you and the other members of the subcommittee for
your ongoing interest in Y2K problem and its potential
implications for our country. Your focus has increased
awareness, emphasized the importance of the remediation
activities, and helped to ensure that we will be ready.
Today, I would briefly like to address the progress that
has been made in the Federal arena; our challenges and next
steps, and funding.
As you know, the administration has been working for more
than 3 years on the problem. Agencies have been working through
the phases of awareness, assessment, renovation, validation,
and implementation. Each phase has been a challenging one as
Federal agencies work through the process of systematically
identifying and prioritizing mission-critical systems;
addressing the implications of the systems and equipment
containing embedded chips, such as security systems, heating
and air conditioning units, et cetera; working with data
exchange partners; testing and retesting systems; and working
with service-delivery partners such as contractors, banks,
vendors, State, local, and tribal governments to ensure that
the programs will be ready, and they can be supported by the
Federal Government.
Last year, former Director Franklin Raines established the
ambitious goal of having 100 percent of the Federal
Government's mission-critical systems Y2K compliant by March
31, 1999--well ahead of many private sector system remediation
schedules. I am pleased to report, as you have all noted, that
the Federal Government nearly achieved this goal. As John
Koskinen and former Deputy Director for Management, Ed DeSeve,
noted at the National Press Club on March 31st, ``92 percent of
the Federal Government's mission-critical systems met the
governmentwide goal of being Y2K compliant by March 31, 1999.
These systems have been remediated, tested, and they are back
in operation.''
This represents a dramatic improvement from the progress of
the Federal Government a year ago, when in February 1998, only
35 percent of the agency mission-critical systems were
compliant. Overall progress in the Federal Government is a
tribute to the hard work, skillful and dedicated work of
thousands of Federal employees and contractors. And while much
work remains to be done, we fully expect the Government's
mission-critical systems will be Y2K compliant before January
1, 2000.
While several agencies are here to discuss their specific
progress--and you noted Treasury Department, the Department of
Agriculture, the State Department, and the U.S. Agency for
International Development--I will provide you with some overall
figures. And, again, as you noted, 13 of the 24 major
departments now report that 100 percent of their mission-
critical systems are Y2K ready, and those are listed in my full
testimony, so I will move on.
Of the remaining, three agencies are between 95 and 99
percent; four between 90 and 94 percent ready; and three
between 85 and 90 percent. So, we are up there in the higher
percentage ratings.
Based on monthly agency reports received April 10th--so
there is a little bit of an update here--we gained 1 percent
over the last week, and we are now at 93 percent ready. And
from a base of about 6,100, critical systems 408 remain to be
finished. And of those, 163 are non-defense and 245 are
defense.
We are preparing to issue guidelines asking the agencies to
report, beginning May 15th, on their remaining mission-critical
systems by name and to include a timetable for completing the
work. And then, agencies will report monthly. So, that will
identify our mission-critical systems.
Agencies have set realistic goals for the completion of
their work and are working hard to finish these systems. We are
confident that every mission-critical system will be ready by
year 2000. However, the critical task is to make sure that not
just systems, but the programs that they support will be ready.
In response, we are taking a look at the Federal Government
from the individual's point of view to determine what programs
have the most direct and immediate impact on the public.
On March 26th, OMB issued guidance to the agencies that
identified 42 high-impact programs and directed Federal
agencies to take the lead on working with Federal agencies,
State, tribal, and local governments, contractors, banks, and
others to ensure that these programs critical to public health,
safety, and well-being will provide undisrupted services.
Examples include Medicare, unemployment insurance, disaster
relief, weather service, et cetera. Agencies have also been
asked to help their partners develop year 2000 programs and to
ensure that their reports are ready, if they have not already
done so. Our goal is to publicly demonstrate that these
programs will operate seamlessly.
By March 15, 1999, agencies have also been asked to provide
to OMB a schedule and milestones for key activities in each
plan, a monthly report of progress against that schedule, and a
plan date for an event or events to announce that the program
as a whole is Y2K ready. Clearly, this initiative requires a
great deal of cooperation and hard work, but success is in
everyone's interest.
And while these programs are critical to the work of
government, the smooth operations of government also rely on
functions that may not have an immediate and direct effect on
the public at large, but, nevertheless, are essential to sound
management of the agency, such as financial management systems
or personnel systems. These functions have been identified as
core business functions, and are also being worked.
Agencies are developing business continuity and contingency
plans to assure that their core business functions will
operate. We have directed the agencies to follow the GAO
guidance on preparing their plans, and additionally, many
agencies are working closely with their Inspectors General and/
or expert contractors in the development of the plans. While it
is expected that the business continuity and contingency plans
will continue to change through the end of the year, as
agencies update and refine their assumptions, and as they
continue to test and modify their plans, we have asked agencies
to submit their plans no later than June 15. We will work with
the agencies to assure governmentwide consistency of their
basic assumptions surrounding the year 2000.
Funding: The most recent allocation of Y2K emergency
funding transmitted on April 2, 1999, provides a total of $199
million to 20 Federal agencies. Fourteen of these agencies have
received emergency funding in earlier allocations, and funding
will be used for various Y2K compliance activities, including
testing to ensure that the systems are Y2K compliant;
replacement of embedded computer chips; creation and
verification of continuity of operation and contingency
planning; and cooperative activities with non-Federal entities
in support of the President's Council on Year 2K Conversion.
Agencies have benefited greatly from access to emergency
funds and much of their progress can be credited to this.
Continued access to emergency funding is essential to continued
progress on the Y2K problem. However, the Senate version of the
fiscal year 1999 emergency supplemental appropriation bill
would reduce the non-defense Y2K emergency fund by $973
million. I urge the conferees to strike this reduction, which
is unwise at this time. Not only would it eliminate the
remaining balance in the emergency fund of approximately $500
million, but it would also force agencies to stop planned and
ongoing procurements for Y2K-related activities. It would also
force agencies to terminate contracts, where this can be done
without penalty, in order to recapture the additional $468
million.
Resources must remain available for agencies to carry out
aggressive strategies to achieve compliance and to develop and
implement contingency plans that will ensure uninterrupted
operations and service delivery. In recent months, the pace
toward achieving governmentwide compliance has quickened
considerably. Much of this improvement can be attributed to the
emergency fund, which has ensured that adequate resources
remain available to agencies as they develop and refine
effective strategies for achieving Y2K compliance. With the
year 2000 approaching, we should build on our success, not take
steps to undermine it.
In conclusion, during the 262 days remaining before the
year 2000, we plan to complete work on the remaining mission-
critical systems, with monthly reports beginning May 15th; we
plan to conduct end-to-end testing with the States and other
key partners, placing special emphasis on readiness of programs
that have a direct impact on the public; and we plan to test
and complete business continuity and contingency plans, are due
by June 15th.
This is a busy time, so I would like to thank you very much
for the opportunity to allow me to share this information with
you on the administration's progress. OMB remains committed to
working with the committee and the Congress on this critical
issue, and I would be pleased to answer any questions you may
have.
[The prepared statement of Ms. Lee follows:]
[GRAPHIC] [TIFF OMITTED]61120.006
[GRAPHIC] [TIFF OMITTED]61120.007
[GRAPHIC] [TIFF OMITTED]61120.008
[GRAPHIC] [TIFF OMITTED]61120.009
[GRAPHIC] [TIFF OMITTED]61120.010
Mrs. Morella. Thank you, Ms. Lee. We let you exceed the
deadline because you had so many milestones and dates to tell
us about, we felt were very important.
It is a pleasure now to recognize Mr. Willemssen from GAO.
Mr. Willemssen. Thank you, Chairwoman Morella, Chairman
Horn, Ranking Member Barcia, Ranking Member Turner. Thank you
for inviting GAO to testify today on the status of
governmentwide Y2K. As requested, I will briefly summarize our
statement.
As noted, the Federal Government's most recent reports
showed continued improvement in addressing Y2K. Despite this
progress, however, there are vital government functions with
systems that are not yet compliant. Additionally, not all of
the government systems have undergone independent verification
and validation.
In addition, achieving compliance of individual systems,
while very important, does not necessarily ensure that a key
business function will continue to operate through the change
of the century. Other key actions are essential to achieving
this goal. For example, as noted earlier, end-to-end testing is
extremely important. That is needed to verify that a set of
interrelated systems supporting an overall function will work
seamlessly and work together as we move to the next century.
In addition, business continuity and contingency plans are
essential. In this regard, OMB has previously asked Federal
agencies to identify their core business functions that are to
be addressed in their business continuity and contingency
plans, as well as to provide key milestones for the development
and testing of such plans.
To ensure that key activities, such as end-to-end testing
and contingency planning, are fully addressed for the most
important Government programs, we have previously recommended
to the executive branch that the Government set Y2K priorities.
In late March, OMB implemented our recommendation by
issuing a memorandum to Federal agencies identifying 42 high-
impact programs. For each program, a lead agency was designated
to take a leadership role in convening program partners in
developing a plan to ensure that the program will operate
effectively. Two days from now, lead agencies are to provide to
OMB a schedule and milestones of the key planned activities for
these high-impact priorities. The quality and completeness of
these plans will be a major factor in the success of this
effort and in assuring the public that Y2K will be addressed
for the most critical government functions.
About one-quarter of these high-impact programs identified
by OMB are State-administered programs, such as food stamps and
Medicaid. As we previously testified, several of these
programs, such as Medicaid, are at risk. Recent data from OMB
on State-administered systems shows that there is a continuing
reason for concern and a need for Federal/State partnerships.
Specifically, there is a large number of State systems reported
not to be due to be compliant until the last half of 1999.
One agency that has worked for some time on Y2K with its
State partners is the Social Security administration. Since our
report in late 1997, SSA has strengthened its approach with
States on disability determination services. It designated a
full-time team with project managers and requested biweekly
status reports, and obtained from each State a plan specifying
milestones, resources, and schedules for completing Y2K tasks.
SSA's activities in this area can serve as a model for other
Federal agencies as they go forward with their State-
administered programs and their State partners.
In summary, it is clear that the Federal Government has
made excellent progress on Y2K over the last couple of years.
However, much more remains to be done to ensure the continued
delivery of vital services. That concludes a summary of my
statement. At the end of the panel, I will be pleased to
address any questions you may have. Thank you.
[The prepared statement of Mr. Willemssen follows:]
[GRAPHIC] [TIFF OMITTED]61120.011
[GRAPHIC] [TIFF OMITTED]61120.012
[GRAPHIC] [TIFF OMITTED]61120.013
[GRAPHIC] [TIFF OMITTED]61120.014
[GRAPHIC] [TIFF OMITTED]61120.015
[GRAPHIC] [TIFF OMITTED]61120.016
[GRAPHIC] [TIFF OMITTED]61120.017
[GRAPHIC] [TIFF OMITTED]61120.018
[GRAPHIC] [TIFF OMITTED]61120.019
[GRAPHIC] [TIFF OMITTED]61120.020
[GRAPHIC] [TIFF OMITTED]61120.021
[GRAPHIC] [TIFF OMITTED]61120.022
[GRAPHIC] [TIFF OMITTED]61120.023
[GRAPHIC] [TIFF OMITTED]61120.024
[GRAPHIC] [TIFF OMITTED]61120.025
[GRAPHIC] [TIFF OMITTED]61120.026
[GRAPHIC] [TIFF OMITTED]61120.027
Mrs. Morella. Now, I am pleased to recognize Ms. Reed from
the Department of Agriculture.
Ms. Reed. Thank you, Chairwoman Morella, Chairman Horn,
Ranking Member Barcia. I appreciate this opportunity to share
with you where the Department of Agriculture stands with
respect to Y2K.
We are committed to assuring that our programs will be
viable after January 1st. We recognize our responsibility for
food safety and inspection, food and nutrition programs, rural
economic development, natural resources and conservation,
research and education, and, of course, programs which support
America's farmers.
USDA is currently tracking 350 mission-critical systems; 93
percent of these systems are compliant and fully deployed. We
have an additional number of systems where the remediation work
has been done, but eight of them have yet to achieve full
deployment; ten systems are still undergoing remediation or
replacement; and five are anticipated to be retired.
Secretary Glickman has identified 52 of our systems as
departmental priority systems because the programs that they
support have major health and safety implications, financial
impact, or economic repercussions.
Our priorities are to achieve 100 percent compliance and
implementation of all critical mission-critical and non-
mission-critical systems, conduct the end-to-end testing,
coordinating with the States, banks, and other Federal agencies
as appropriate, continue to perform independent validation and
verification on our priority systems, finalize our business
continuity and contingency plans, and continue to assess Y2K
impacts on the food supply.
OMB has identified four USDA programs on its list of 40
high-impact Federal programs. They include three nutrition
programs; the food stamp program, women and infant children
program, and child nutrition programs.
The fourth is food safety and inspection. Food and
nutrition programs are vital to the availability of food for
millions of Americans, especially those who are neediest. The
Food and Nutrition Service, FNS, has been working diligently to
remediate its own mission-critical systems that support these
programs. Fourteen are fully compliant; the final two will be
compliant by the end of this month. FNS has performed testing
on its communication links between the State systems and our
internal systems. Testing to this point has been successful.
We are working with State partners and territories who
actually deliver the services to the public. Since June 1997,
USDA and other Federal departments have jointly established
expedited approval procedures for State acquisition of ADP
resources necessary to support their Y2K efforts. We believe
that most of the States are using their own resources for this,
since only two have actually chosen to use our expedited
approval.
FNS is also tracking each State's progress. They must
certify to us that they are compliant in hardware, software,
and telecommunications. They must also share with us their
business continuity and contingency plans.
The Food Safety Inspection Service regulates a vital part
of our food supply: meat, poultry, and eggs products. Twenty-
six States have programs which complement the FSIS health
program. Within FSIS, our Food Safety and Inspection Service,
seven of eight mission-critical systems are now compliant and
fully deployed. The remaining one should be done by the end of
this summer. We have an overall business continuity contingency
plan and are working very closely with the States and with the
plants to assure that they are aware of what needs to be done
to support Y2K.
In addition to these programs, there are other programs
that the Department is treating as high impact, because of
their economic, financial, and health and safety impact. These
include farm loan and assistance programs; and rural
development programs; animal, plant and health inspection
programs; fire management program; and the Federal employee
payroll system and Thrift Savings Plan. To date, 47 of the
systems which support these mission-critical priority programs
are compliant and fully deployed; five systems remain to be
completed and should be completed no later than July.
USDA also chairs the Food Supply Working Group of the
President's Council on Year 2000 Conversion. I will just share
with you that we do not anticipate any major disruptions to the
food supply, but will continue to work and report on this area,
as we will continue to support outreach to our small
businesses. We have a major outreach program that we have
undertaken in cooperation with the Department of Commerce and
the Small Business Administration.
In conclusion, all of our work is designed to ensure that
USDA's critical programs are available to the American public
without disruption, and we have a lot of work left to do, but
we believe that we are up to this challenge.
Thank you.
[The prepared statement of Ms. Reed follows:]
[GRAPHIC] [TIFF OMITTED]61120.028
[GRAPHIC] [TIFF OMITTED]61120.029
[GRAPHIC] [TIFF OMITTED]61120.030
[GRAPHIC] [TIFF OMITTED]61120.031
[GRAPHIC] [TIFF OMITTED]61120.032
[GRAPHIC] [TIFF OMITTED]61120.033
[GRAPHIC] [TIFF OMITTED]61120.034
[GRAPHIC] [TIFF OMITTED]61120.035
[GRAPHIC] [TIFF OMITTED]61120.036
[GRAPHIC] [TIFF OMITTED]61120.037
[GRAPHIC] [TIFF OMITTED]61120.038
[GRAPHIC] [TIFF OMITTED]61120.039
[GRAPHIC] [TIFF OMITTED]61120.040
[GRAPHIC] [TIFF OMITTED]61120.041
[GRAPHIC] [TIFF OMITTED]61120.042
[GRAPHIC] [TIFF OMITTED]61120.043
Mrs. Morella. Thank you, Ms. Reed.
We have been joined by Mr. Miller from California; by Mrs.
Biggert from Illinois; and now we recognize Mr. Nygard.
Mr. Nygard. Thank you, Madam Chairwoman. Madam Chairman,
members of the subcommittee----
Mrs. Morella. Excuse me, Mr. Nygard. We are going to have a
vote coming up, but I think we will have a chance to hear your
testimony and then go vote. We will recess for about 15 minutes
and then come back, and pick up then with the Department of
State.
Thank you.
Mr. Nygard. Should I proceed?
Mrs. Morella. We want to make sure--we never feel
comfortable or secure around here with those buzzers. They
succeed--OK, great. You may proceed. [Laughter.]
Mr. Nygard. Thank you, Madam Chairwoman. Madam Chairwoman,
Chairman Horn, members of the subcommittee, I am pleased to
appear today to report on the progress of the U.S. Agency for
International Development, or USAID, in achieving Y2K systems
compliance. In short, we at USAID are confident that our
mission-critical systems will be Y2K compliant well before the
end of this year, and that our agency will operate successfully
on and after January 1st of next year.
Let me talk, first, about our mission-critical systems. As
you are aware, we did not achieve Y2K compliance for these
systems by the end of March, the governmentwide target date.
Until early February, we had expected that three of the five
systems that need to be repaired would be implemented by March
31st, but problems discovered during the testing phase delayed
our efforts and forced us to move back our completion dates.
These delays in all three systems were the result of problems
encountered outside the systems themselves and were caught as
we tested the broader processes that the systems support.
Our time and attendance systems, for example, rely on the
government-wide International Cable System to transmit data
back to Washington from our field posts. A program which
extracts data from the cable system needed to be repaired to be
Y2K compliant. The problem with the other two systems,
personnel and payroll, resulted from an interface or linkage
between the two systems whose code was not Y2K compliant. Once
discovered, these problems were quickly fixed. All three
systems are back in testing, and we plan for them to be fully
implemented by May 15th.
Before turning to our other mission-critical systems, let
me clarify what USAID defines as ``implementing its Y2K-
compliant systems.'' A system is implemented, in our view, when
it is up and fully running, both at our headquarters and our
overseas posts. This means our testing must include not only
the systems themselves, but any connections to other systems or
processes, such as that to the cable system mentioned above,
that are needed for the mission-critical system to operate. It
also means that our field posts, which we call missions, must
have received and put into operation any necessary hardware and
software needed to run the repaired systems.
This point is relevant to our fourth mission-critical
systems, overseas accounting. This system is renovated and
field testing at two overseas post will commence next week. The
required software and equipment have been sent to our 40
accounting stations overseas, and we expect implementation to
be complete worldwide by the end of May. The main risk for this
system is logistical rather than technical. The possibility
always exists that equipment being sent overseas may be lost or
stolen in transit. We are taking all possible precautions in
this regard, including having our overseas staff pick up the
equipment at airports immediately when it arrives in the
country.
Our fifth critical system is USAID's new management system,
which performs accounting, budgeting, and procurement functions
at our Washington headquarters. The complexity of this system
means that substantial work is needed to renovate it. We have
utilized funding from the government-wide Y2K supplemental to
apply additional programming and other resources to the task,
and believe it will be renovated by the end of this month and
fully tested and implemented by the end of July.
Our efforts have been greatly assisted by the methods of
program management and measurement used by our prime
contractor. Each step is laid out carefully and progress toward
implementation of each system is quantified in terms of points
for value earned to date. This approach has given us a high
level of confidence that all of our mission-critical systems
will be up and running, Y2K compliant worldwide, within the
next few months, because we now know precisely what has been
done and what needs to be done.
Let me next mention the steps we are taking to assure that
our agency will be able to carry out essential business
functions if automated information systems are unable to
operate for reasons beyond our control. Since last fall, our
Chief Financial Officer staff has been working to develop
contingency plans that will assure the continuity of business
operations for three basic processes: funds distribution,
obligation of funds, and payments. All are broad categories and
involve multiple applications.
Payments, for example, includes providing funding to
vendors and grantees who deliver goods and services to USAID,
but also includes meeting the agency payroll. I am pleased to
report that these contingency plans, whose preparation is being
assisted by a highly qualified contractor, are well along and
will be field tested and finalized during the summer.
A final point I want to discuss is the ability of our field
missions overseas to continue operating and providing
assistance to the countries in which they are located. We have
sent teams from Washington to 50 of our overseas posts to
examine each mission's operating systems, the information
technology used in its assistance programs, and in many cases
the host country infrastructure upon which our missions depend
to operate. We are working closely with the Department of State
and other agencies who operate overseas to assure that
essential functions will continue next January.
As we get closer to January 1, 2000, more information will
be generated about the situation in the countries where we
work, and
we will have a much better idea of the extent to which our
ability to operate will be affected. This matter is of great
concern to us, and we will continue to watch it closely country
by country.
That completes my statement. Thank you very much.
[The prepared statement of Mr. Nygard follows:]
[GRAPHIC] [TIFF OMITTED]61120.044
[GRAPHIC] [TIFF OMITTED]61120.045
[GRAPHIC] [TIFF OMITTED]61120.046
[GRAPHIC] [TIFF OMITTED]61120.047
[GRAPHIC] [TIFF OMITTED]61120.048
Mrs. Morella. Thank you very much, Mr. Nygard.
Sorry for the interruptions. We are going to temporarily
recess for about 20 minutes, and then we have not only this
vote, but then another 5-minute vote. So, we are now recessed.
[Recess.]
Mrs. Morella. We will reconvene the joint hearing of the
two subcommittees in the interest of time, and I am going to
recognize, if he is ready, Mr. Burbano, from the Department of
State.
Mr. Burbano. Thank you, Chairwoman Morella and other
distinguished members.
I plan to provide you with an overview of the Department's
year 2000 challenge and the status of some of our key year 2000
initiatives. Our discussion today will focus on highlighting
several noteworthy activities within the Department which will
progressively ensure State's core business functions operate
seamlessly during, and beyond, the millennium crossover.
Let me begin by saying the Department has maintained year
2000 as one of its top management priorities. From the
Secretary down, we are committed to ensuring the Department's
systems and operations will run uninterrupted through and
beyond the millennium rollover. I am happy to report that our
focus and hard work is yielding results. As evidence of our
progress, OMB recently recognized the Department's improved
results by raising us from tier one, inadequate progress, to
tier two, progress. OMB and GAO also cited State for progress
in other areas, including modernization in computer security,
and for our leadership role in providing year 2000 support to
U.S. operations overseas.
From an organizational perspective, the Department has
taken many steps to ensure that it has the appropriate
management talent, structure, and approach in place to
successfully manage State's significant year 2000 challenge.
Specifically, we have assembled an experienced management team
to oversee State's year 2000 program.
I personally bring previous year 2000 management experience
at the National Institutes of Health, and I have established a
Deputy CIO for year 2000 to manage the day-to-day operations of
the Year 2000 Program Management Office. Along with the Deputy
CIO for year 2000, I have met separately with each of the
Assistant Secretaries on a monthly basis to review individual
bureau progress toward remediation, project test results,
contingency planning efforts, and other year 2000 related
activities. Additionally, the Under Secretary for Management
meets monthly with the Assistant Secretaries at a steering
committee meeting to manage State's year 2000 efforts
throughout the Department.
From a remediation perspective, the Department of State has
identified 59 systems which support enterprise-wide mission-
critical functions. Additionally, the Department of State has
the unique challenge of deploying 32 of its 59, or 54 percent,
of its mission-critical systems to over 260 posed throughout
the world.
In order to ensure the Department is capable of sustaining
our core business functions beyond the year 2000, we have
established a four-phase approach to assess, remediate, verify,
and re-verify the readiness of our mission-critical systems and
support of the Department's core business functions. Our four-
phase approach includes aggressive global deployment and
implementation of our most critical technology-based systems
and independent certification of our mission-critical
applications, a process based on end-to-end testing of our core
business functions, and, finally, coordinated business
continuation activities which span the year 2000 boundary.
First, we believe the Department of State has made
significant progress in readying its systems for the year 2000
rollover. The Department has completed the remediation of all
59 mission-critical applications, and we are well underway in
the implementation of our critical and routine systems.
Currently, the Department has completed implementation of 53 of
its 59 mission-critical systems, or 90 percent. Ninety-seven
percent will be completed by the end of April and 100 percent
by May 15th.
Second, the Department of State has established a rigorous
year 2000 compliance certification process, heavily leveraging
the experience and independence of the Office of the Inspector
General. Once a mission-critical application has been
thoroughly and successfully tested by the bureau, verified and
validated by the Department's Year 2000 Program Office, my
office, along with the Department's OIG, conducts an
independent review of the project, using the best-of-class
certification and testing guidelines in order to determine the
depth and breath of the bureau level of test. If necessary, the
Department may require the bureau to conduct further testing
and revalidation to ensure my office and the OIG are confident
that the application will not fail in the year 2000.
The third element of our four-phased approach is to conduct
a process-based end-to-end test of those Department of State
business functions which rely heavily on technology. The A-core
functions which we test at an enterprise level include
security, command and control, electronic mail, medical,
logistics, personnel, financial, and counselor functions. One
of the critical success factors of our end-to-end test includes
our intent to test the suitability and viability of the system-
level, post-level, and Department-level contingency plans. In
spite of our best efforts, we may have system failures in the
Department, infrastructure failures in the countries where we
have U.S. missions, and political or economic dislocations
which may ultimately impact our ability to perform the business
of State.
As such, our forth--and at this point our final--element of
our multi-phased approach is the development of an integrated
and overarching business contingency plan. In order to prepare
for potential year 2000 due system or infrastructure failures,
the Department of State is finalizing contingency plans to
ensure the continuation of core activities. The Department's
contingency plan and approach focuses on maintaining the
overall continuation of business in the face of year 2000
failures, rather than enabling information technology.
On the international front, the Department of State has
developed an overseas contingency planning toolkit to allow
each of the embassies and consulates and missions the ability
to develop location-specific contingency plans by balancing the
needs and priorities of the particular post against the year
2000 readiness of that host country. While global and
deployment and certification of our most critical systems will
remain our top near-term priority, the Department will continue
to aggressively pursue ways to ensure the business of State is
able to continue beyond the year 2000.
Thank you.
[The prepared statement of Mr. Burbano follows:]
[GRAPHIC] [TIFF OMITTED]61120.049
[GRAPHIC] [TIFF OMITTED]61120.050
[GRAPHIC] [TIFF OMITTED]61120.051
[GRAPHIC] [TIFF OMITTED]61120.052
[GRAPHIC] [TIFF OMITTED]61120.053
[GRAPHIC] [TIFF OMITTED]61120.054
[GRAPHIC] [TIFF OMITTED]61120.055
[GRAPHIC] [TIFF OMITTED]61120.056
[GRAPHIC] [TIFF OMITTED]61120.057
[GRAPHIC] [TIFF OMITTED]61120.058
[GRAPHIC] [TIFF OMITTED]61120.059
[GRAPHIC] [TIFF OMITTED]61120.060
[GRAPHIC] [TIFF OMITTED]61120.061
Mrs. Morella. Thank you very much, Mr. Burbano.
I wanted to acknowledge that we have here at the hearing
Mr. Gutknecht from Minnesota and Ms. Jackson-Lee from Texas.
Mr. Flyzik, from Department of Treasury, we look forward to
your testimony, sir.
Mr. Flyzik. Chairwoman Morella, Chairman Horn, members of
the subcommittee, thank you for the opportunity to appear today
to discuss the Department of Treasury's progress on the year
2000 computer problem.
As the Deputy Assistant Secretary for Information Systems
and Chief Information Officer, I am the overall program manager
for Treasury for this effort. I brief Secretary Rubin
periodically and provide him a weekly report on our status. The
Assistant Secretary for Management and CFO and I meet on a
recurring basis with all bureau heads to review their progress,
and, of course, we have working groups meeting regularly for
information technology, non-IT, and telecommunications
components of our program.
Since I testified before Congressman Horn's subcommittee in
March of last year, Treasury has made significant progress in
ensuring our mission-critical systems will operate correctly,
and our core business processes will function normally on
January 1, 2000. Treasury has identified a total of 328
mission-critical IT systems; 9 of these systems are being
retired and 293, or 91.8 percent, are year 2000 compliant.
Eight of our 14 bureaus met the mandate of March 31st. Three
bureaus are projected to implement 11 of the remaining 26
systems by the end of April, and thereby obtain compliance.
Thirteen of the remaining 15 systems belonging to 3 bureaus--
the Bureau of Alcohol, Tobacco and Firearms, the Financial
Management Service, and Internal Revenue Service--are expected
to be implemented by midyear. The last two are new IRS
initiatives which are being delayed until after the tax season.
Three of Treasury's most visible bureaus--the IRS,
Financial Management and U.S. Customs--have made tremendous
progress this past year. IRS is now 90 percent compliant. FMS
is able to now make 90 percent of its payments, over 775
million annual payments, using year 2000 compliant and tested
systems. This includes monthly Social Security and supplemental
security payments, veterans' benefits payments, IRS tax
refunds, Railroad Retirement Board annuity payments, Federal
salary payments, and vendor payments. The remaining payment
systems are on target for implementation this month, including
the Office of Personnel Management Payment System through which
FMS issues Federal annuity payments. The system is already
compliant, but cannot be implemented until mid-April due to a
dependency on a required interface.
Customs met the goal of achieving year 2000 compliance for
its mission-critical IT systems by September 1998. In fact, the
Customs year 2000 program has successfully met program
milestones established by Treasury, OMB, and the GAO. The
combined audit team from General Accounting Office and Treasury
and Inspector General's Office found that Customs had
established an effective year 2000 program control. In
addition, the Customs' year 2000 program was 1 of 19 Federal
programs, out of a field of 200, to receive the Government
Executive magazine's 1998 government technology leadership
award.
Treasury is continuing with an aggressive approach in
addressing non-IT devices that contain embedded chips. To date,
we are over 90 percent compliant and expect to be fully
compliant by June. We have been proactive in working to achieve
compliance in telecommunications systems. We expect to complete
interoperability testing analysis, independent verification,
and validation of our corporate voice systems in May. We are
also endeavoring to complete interoperability and IV&V testing
of our corporate data network, the Treasury Communications
System, by May. I convene and chair biweekly executive meetings
in our command center to monitor our progress on
telecommunications.
Last summer, we established interagency services programs
to address interconnections and interoperability of our
disparate systems. The scope includes all corporate Treasury
systems, as well as non-Treasury services upon which we rely.
We believe that we are aggressive and are a leader in the
government for interoperability testing.
As bureaus near completion for achieving year 2000
compliance for their mission-critical systems, the Department
is placing increased emphasis on year 2000 business continuity
and contingency plans, as well as focusing on completion of
systems and independent verification and certification
interfaces, and then testing and changing management processes.
We are also designing a Treasury emergency information
coordination center that will address any contingency planning
needs at Treasury while also specifically addressing the day-
one strategy for January 1st.
Our cost estimates for fixing the year 2000 computer
problem have continued to rise in our submission of the
February report to OMB; we now estimate a total cost of $1.92
billion, of which approximately $1.53 billion are appropriated
resources.
On a positive note, there are some good outcomes for the
future as a result of our efforts on year 2000. For the first
time ever, we have a complete inventory of all Treasury IT,
non-IT, and telecommunication systems and components. Wherever
possible, we are modernizing our IT, eliminating duplicative
systems, and migrating to standard commercial solutions, as we
fix year 2000 problems. We developed and refined program and
project management skills, and created a new culture of our
bureaus working together to meet common goals. Beyond year
2000, these efforts will allow Treasury to provide improved
government services.
I believe that Treasury has an excellent overall year 2000
program in place, and I will commit to you that we are taking
all steps necessary to ensure that Treasury's core business
processes will continue to function without disruption as we
cross into the year 2000. Nothing less than 100 percent
compliance and uninterrupted delivery of our core business
services would be acceptable to the American public or to me
personally.
Thank you for the opportunity to meet with you today to
discuss the actions being taken by the Department of Treasury
in addressing the year 2000 computer problem. I will be happy
to answer any questions you may have on this critical matter.
[The prepared statement of Mr. Flyzik follows:]
[GRAPHIC] [TIFF OMITTED]61120.062
[GRAPHIC] [TIFF OMITTED]61120.063
[GRAPHIC] [TIFF OMITTED]61120.064
[GRAPHIC] [TIFF OMITTED]61120.065
[GRAPHIC] [TIFF OMITTED]61120.066
[GRAPHIC] [TIFF OMITTED]61120.067
[GRAPHIC] [TIFF OMITTED]61120.068
[GRAPHIC] [TIFF OMITTED]61120.069
[GRAPHIC] [TIFF OMITTED]61120.070
Mrs. Morella. Thank you, Mr. Flyzik. I am glad to see there
are some positive spinoffs also that accrue to this diligent
attempt for compliance.
In terms of questioning, we will also try to take about 5
minutes each and then go around for another round as necessary.
So to Ms. Lee, in your testimony you mentioned Federal
funding for year 2000, and it is true that last year Congress
appropriated $3.35 billion just for year 2000 efforts, more
than the administration had requested, and yet many in the year
2000 community believe that additional funds may still be
necessary. And, quite frankly, on many we are expecting that
the President would request additional funding in his budget.
Is it still OMB's position that it will not be necessary to
appropriate additional funds for year 2000?
Ms. Diedre Lee. At this point, we believe that the
emergency funding is adequate to address the needs that have
been identified.
Mrs. Morella. How certain are you of this? What do you use
for validation of that?
Ms. Diedre Lee. The latest request that has been submitted
and is in the waiting period is $199 million, which leaves
about $500 million. Based on expenditures to date and the best
knowns of the unknowns, we believe that is going to be
adequate. But we will continue to keep you apprised as we work
our way through it.
Mrs. Morella. I hope you will. And do you think that there
is a pretty reasonable chance that there will be a request for
more money in the forthcoming months?
Ms. Diedre Lee. That would be a prediction on my part. I
would be glad to try and get you more information on that.
Mrs. Morella. It is just very interesting, because we have
consistently felt that the administration has underestimated
what the cost would be.
Ms. Diedre Lee. Well, it certainly has grown from the
original estimate. As the agencies continue to work on this and
as more and more of the systems are remediated, and we move
toward the completion we believe the funding is adequate. These
business continuity and contingency plans, will look across the
systems and try to ensure that we really do have the seamless
delivery. We are making a lot of progress and it appears at
this moment that we are going to get there with the funds we
have. I will certainly validate that and get back to you.
Mrs. Morella. Good. Thank you.
[The information referred to follows:]
To date, we've utilized emergency funds mainly to remediate
Federal systems, test and validate results and develop Business
Continuity and Contingency Plans. We continue to review agency
funding requirements on a case by case basis as they are
forwarded to OMB. At the moment, we do not anticipate the need
for additional supplemental funding for these activities.
However, if additional funding requirements do arise, we will
make you award of those requirements as soon as possible.
Mrs. Morella. Mr. Willemssen, would you agree?
Mr. Willemssen. One important thing to keep in mind is
that, in the event that contingency plans, as we move to the
end of 1999 and into the next century, need to be activated, it
is important that some amount of these emergency funds be held
back so that they can, if needed, be available for use. So I
think that it is extremely important that you continue your
oversight with regard to the amount of funds that have been
allocated to date. On the DOD side, 85 percent of the amount
has been allocated; on the civilian side, with the recent
announcement of the fifth allocation, I believe it is in the
neighborhood of the amount of three quarters of the $2.25
billion. So I think it is important to keep that in mind, that
we have some amount of funds available in the event we have to
implement contingencies.
Mrs. Morella. I would like to ask you, Mr. Willemssen--and
if Ms. Lee wants to comment--what Federal agencies are you most
concerned with regards to meeting a January 1, 2000 deadline?
Mr. Willemssen. The agencies that we would currently view
at the highest risk would start probably with the Health Care
Financing Administration and the Medicare program in
particular, but we also have concerns with Medicaid, which is,
as you know, a State-administered program. Despite as we
testified last month, a tremendous amount of progress made by
the Federal Aviation Administration, we continue to view that
also as a high-risk agency because of, as we testified, the
many, many events and system implementations that yet remain,
and the heavy reliance on a computerized environment to carry
out air traffic control activities. In addition, I think HHS's
Payment Management System, which is responsible for putting out
more than $165 billion annually in grants and other funds to
organizations, I think that is a fairly important system that
needs continued attention. And then, as reflected in the
statistics that OMB has put together based on agencies'
submissions, the Department of Defense still has a number of
systems that are not yet compliant.
Mrs. Morella. Picking up on what you said and looking at
also your testimony, which focused basically on State's systems
and how their readiness is essential for what you have said,
Medicare and Medicaid and food stamps, temporary assistance,
needy families, is there legislation that would be necessary to
help with regards to States' system that you would recommend?
Mr. Willemssen. We do not see it at this point, the need
for legislation. That could very well be the case within the
next couple of months, to the extent that the partnerships that
are necessary between the Federal Government and State
governments do not realize themselves. Hopefully, at this point
in time, we can reach those partnerships in a voluntary
fashion.
One of the items that we pointed out in the testimony also,
and related to this, is getting the necessary information on
data exchanges, which is integral to these kinds of programs,
and to the extent that States and/or Federal agencies are not
providing that kind of information, then in the very near
future we may have to look at legislative remedies.
Mrs. Morella. That is interesting to me. It could even be
an Executive order, couldn't it? That could handle that?
Mr. Willemssen. Possibly, yes.
Mrs. Morella. And I would think that the timing would be
such that we do not have too much time before a decision will
have to be made.
Mr. Willemssen. There is not much time. I would point to
the April 15th submissions, due in 2 days on these critical
programs--and to the extent that we see the necessary
partnerships and detail on the plan and milestones on the
State-administered programs, I think that will give us a higher
level of comfort that things will be done as is necessary. To
the extent that we do not see the detail in those submissions,
then I think there is more room for concern.
Mrs. Morella. Thank you.
My time has expired. It is now my pleasure to recognize
Chairman Horn.
Mr. Horn. Thank you very much.
Let me asked both the General Accounting Office and the
representative of the Office of Management and Budget, is there
any evidence in the recent submissions as to meeting the March
31st deadline of manipulation of data on the status of mission-
critical systems? In another words, are agencies gaining the
numbers to appear better positioned then they are, and what do
we know about that. And has GAO looked at it, in particular;
has OMB looked at it?
Mr. Willemssen. We have looked at that when we go into
particular agencies and looked at how they are assessing,
renovating, validating, and implementing particular systems. We
have not seen any evidence of an agency consciously trying to
game the system and play the numbers in order to make
themselves look better. We have seen evidence that, as agencies
get into their year 2000 programs, and better understand what
they are dealing with, and better understand what is truly
mission-critical, that there have been some dramatic changes in
the numbers. The further into their programs that the agencies
are, the less change that we have seen. I know there has been
concern about the diminishing number of mission-critical
systems. Frankly, I am more concerned with the high-impact
programs and making sure that the systems, the partners, the
data exchanges, the data flows all supporting those high-impact
programs work as intended. At this point and time, we need to
focus on those and make sure that those are compliant from an
end-to-end perspective.
Mr. Horn. Ms. Lee.
Ms. Diedre Lee. I would certainly reiterate that the number
of mission-critical systems has fluctuated. We have watched
that very closely to ensure that problem systems are not
dropped off to reach 100 percent. We think we validated that is
not the case, because, otherwise, we would have 100 percent
across the board. Certainly I will reiterate that, when we
first started identifying mission-critical systems, there are a
lot of human beings involved, and, of course, ``my system is,
by definition, mission-critical.'' As more planning was done,
we found that although the immediate system user might consider
it to be mission-critical, it really was not in the larger
sense. For example there was a particular agency that
originally had identified a system that scheduling for an
advisory committee as mission-critical, and we subsequently
determined that that probably could be moved to the less
critical activity. Those kind of things have been happening.
Mr. Horn. In you testimony, you mentioned what the Senate
had done to some of the requests for funding. When Dr. Raines
was the Director of the Office of Management and Budget, he put
the emphasis--as did this Subcommittee on Government
Management, Information, and Technology of the House--on
reprogramming money being used to fix up the year 2000
situation, and we strongly backed him on that. The Speaker
noted that we would give the administration--Speaker at that
time--every dime they want, and they got every dime they wanted
when they gave us a decent justification.
What has happened to the reprogramming, and couldn't have
these agencies used more reprogramming money?
Ms. Diedre Lee. There certainly has been a mix of the
appropriated funds planned in the budget as well as this
particular emergency supplemental. The definition of those
differences were ones that were in the appropriated amount,
were those that could be more or less foreseen and were
planned. The emergency supplemental was used more for the
contingency planning, and as things developed, more and more
systems and issues were found. Reprogramming has been done to a
certain extent, but right now we feel that the emergency
funding is the way to solve these particular contingencies.
Mr. Horn. Madam Chairman, without objection, I would like
to have a letter from the Office of Management and Budget as to
the reprogramming money that existed on September 30, 1998, the
end of that fiscal year, and what happened to it, for all 24
major agencies--what is the programming money; what was applied
to year 2000; what was sent back to the Treasury, et cetera--I
would like it included at this point in the record.
Mrs. Morella. Without objection, so ordered.
Mr. Horn. OK. Now, on the U.S. Agency for International
Development, Mr. Nygard, we have watched the charts for 2 years
now where your seven critical systems, not one of them was
adapted to become 2000 compliant. How come? Seems to me seven
is pretty simple to deal with.
Mr. Nygard. Well, Mr. Chairman, seven should be pretty
simple to deal with. As I indicated in my statement, five of
those systems need to be repaired; one is going to be
outsourced, and we are in the process of doing that now, and
the seventh one will be discontinued because it is no longer
needed. Of the other five, we had hoped that three of them
would be completed by the deadline, but in our end-to-end
testing we found bugs outside the systems themselves, but in
the linkages with the other systems that caused us to delay our
progress. The last two are continuing to move forward and four
of the five are renovated now; the fifth will be renovated by
the end of the this month, and we expect will be completed by
the end of July for the last one, and by May for the others in
terms of implementation. We simply did not make the deadline.
We got a late start and encountered problems in testing.
Mr. Horn. Mr. Nygard, when did you become the Chief
Information Officer of the Agency for International
Development?
Mr. Nygard. Officially, I became the Chief Information
Officer last October 28th.
Mr. Horn. Was there one before you?
Mr. Nygard. Yes, there was a Chief Information Officer up
until June 1997, and then there was a gap, and I was sort of
unofficially acting in that capacity until April of last year,
and then from April until October I was the Acting Chief
Information Officer.
Mr. Horn. In 1996-1997, we were told that the Agency for
International Development was getting new systems and,
therefore, the problem would be solved--and this was before
your beat, obviously--and they got the new system and nobody
asked to make sure it was 2000 compliant. Yet when they replied
to our survey of the Subcommittee on Government Management,
Information, and Technology, it was clear they were buying the
new system and did not have to worry about it because it would
be compliant. So where did that all go wrong? It is not on your
beat; it is prior to your beat.
Mr. Nygard. Well, it is on the Agency's beat certainly. We
did not buy a new system; we were attempting to develop our own
system. We wanted to have a client-server-based system, and at
that time there just were not government-wide, commercial, off-
the-shelf systems that we could use. So, we tried a very
ambitious approach. The underlying software for that system was
Oracle and was year 2000 compliant, but in the individual
applications that we developed inside the Agency, we were not
able to do them in a sufficiently integrated fashion, so that
the date, the four-digit date, was done the same way in all of
them. So what we had thought in 1996, going into the process,
was going to result in easy year 2000 compliance, turned out
not to be the case, and we have been working on fixing that
since last year.
Mr. Horn. You mentioned that we do not seem to have off-
the-shelf client-oriented systems. Now I would think that
problem would be on the doorstep of the General Services
Administration. I would say to Ms. Lee, and wasn't it? Why
didn't the General Services Administration have client-
oriented, off-the-shelf stuff? We had $4 billion down the drain
by the Federal Aviation Administration in this administration.
We had $4 billion down the drain in the Internal Revenue
Service in this administration. Now, where is the problem?
There ought to be, GSA ought to have stuff off-the-shelf. Why
doesn't it? Do you get it from GSA? Do you go out and do your
own thing?
Mr. Nygard. Mr. Chairman, they do now. At the time we were
looking to develop an agency-wide system back in the early
1990's, all of the commercial off-the-shelf systems that
existed were still what are called mainframe systems rather
than client-server. We were trying to move ahead of the
technology that existed for government agencies at the time and
to develop a client-server-based agencywide system. What exists
now, and what we are going to be using, will be off the GSA
schedule, commercial off-the-shelf financial system to begin
with.
Mr. Horn. Well, I am delighted to hear that $8 billion
results in something. So, that is good news to me today.
Thank you, Madam Chairman.
Mrs. Morella. Thank you, Chairman Horn.
I am pleased now to recognize Ms. Jackson-Lee for any
questions she may have.
Ms. Jackson-Lee. As usual, let me thank the chairwoman for
what has been an ongoing series of very vital hearings, and I
appreciate very much the insight that has been given, and of
course experienced some of the pain that we have evidenced here
today in some of our hearings. I would like to followup on a
line of question- ing, and hope that the panelists recognize
that all of us in Congress want to be able to be of help to
this process that is befuddling most of America.
I think the new state of confusion for the country is
certainly surrounded or is around year 2000, meaning that if
you go into any community and raise the question, you will get
all kinds of answers of what it means, and I have said for some
it means survivalist camps, and others underground facilities,
and just a lot that we hope we can clarify. And so it is
important that the Federal Government be as prepared as it
possibly can.
To followup on that, then I would like to ask all of the
witnesses to give me a sense of what is the general level of
preparedness that you believe State governments are engaged in
and why, and if you don't know the answer, why we don't know
the answer? Why should we be engaged on the Federal level to be
able to assess what is going on in our State governments,
because don't they interrelate with the Federal system, and
therefore there is a serious impact that will occur if our
State governments--50 of them--are not up to speed, and what
specific actions do you think we should take? And I would like
to start with the GAO on that question.
Mr. Willemssen. A couple points that I would like to make:
First of all, the data that we have seen among States, there is
a tremendous variance among States on their readiness, and even
within States, among different programs, there is quite a bit
of variance in readiness. So, on one hand, it is hard to
generalize. However, if one had to generalize based on the data
that we have seen, I think you would say that the State
governments overall are behind the Federal Government. One of
the reasons for that is that most of the data that we have seen
at the State government level is self-reported information.
There are few instances where other organizations have gone in
and looked at the data. In some cases the ground truth is
actually a little worse than what has been reported.
Last year when he took a look at some of the key human
services programs, the self-reported State data we were
provided was quite disappointing. Regarding Medicaid systems,
only about 16 percent of those were considered compliant, and
that was self-reported information. Based in part, on those
kinds of data points, the Health Care Financing Administration
actually hired a contractor to go out to all 50 States to help
them to try to get on top of this issue.
So I think that the State issue is one of concern, I think
it is one, though, that has been recognized by the executive
branch, in large part through the recent memorandum that they
have issued focusing on about 10 of the State-administered
programs. And with Federal agency lead partners helping with
those States, I think that has the potential to go a long ways
toward helping to address this issue.
Ms. Jackson-Lee. Can you name for us and help us find a
bottom line for the five worst States that are not in
compliance?
Mr. Willemssen. Actually, the report we did in November, it
was hard to generalize even at a State level, because within a
State the food stamp program may have been in better shape then
the Medicaid, whereas the Temporary Assistance for Needy
Families Program may have been very bad. So, even within the
State, it was difficult to generalize.
I will say that there are certain States that have been
working on this for some time. The State of Pennsylvania, for
example, has been considered a leader within the year 2000
arena; that is not again to say that every program within that
State is necessarily where it needs to be. Other States have
also, within pockets, received publicity and good press for
their excellent efforts, but, again, it is hard to generalize
within a given State, because even a chief information officer
within a State may not have full control and authority over all
of those programs.
Ms. Jackson-Lee. Mr. Willemssen, you are using great
diplomacy by answering my question with a positive, but I will
try to pursue it with you directly and separately from this
hearing, as to where some of our States are that need serious
help. Because I believe the question that Chairwoman Morella
asked you about whether or not we may need more money, it seems
that we might need more money to be able to assist some of the
States that may not be where we need them to be.
And I see the red light, if the chairwoman would indulge me
just for a question and I won't ask the rest of the panel to
answer that question.
I thank you, Mr. Willemssen, but I will ask Ms. Reed to
followup. In particular, I am concerned--I chair the
Congressional Children's Caucus--and I am concerned with
respect to the Agriculture Department. Child nutrition, food
stamps, WIC, rely heavily on State information systems, and we
understand that some States won't even be in compliance until
1999. So what contingency plans is USDA engaging in to help
some of these States with their compliance?
Let me, before you answer that, just note to my friend from
USAID, that we applaud the great work that you do. I have just
returned from Africa and I know the work that you do, and in
difficult areas, in developing nations. However, it seems that
it will be a great burden if you have seven systems and all
seven of them are not working at this point.
My time has run out, but if you are able to answer that
comment--if the chairwoman indulges me--otherwise, I would take
your answer in writing, but I would like to hear from Ms. Reed,
who is with USDA.
Ms. Reed. The Food and Nutrition Service has been working
with the States since 1967 to make sure that they are aware,
and that we are aware, of what needs to be done in these
arenas.
Ms. Jackson-Lee. Did you say 1967?
Ms. Reed. 1997.
Ms. Jackson-Lee. Thank you.
Ms. Reed. I apologize. We weren't quite that prescient.
[Laughter.]
Ms. Jackson-Lee. You are quite ahead of your time.
Ms. Reed. Thank you for that.
However, we do now receive quarterly reports from the
States. We have one that is just imminent here; the last report
that I have is from December. A number of the States are
reporting that they are compliant, but, as you indicate, some
of the States do show that they don't plan to be compliant
until quite late in the year. So we are requiring business
continuity plans from each State. We are actually requiring
each State to certify their compliance as we move into these
later months. Our State directors and regional directors are
working very intensively with the States to assure that we have
the most information possible and, where necessary, can provide
technical assistance to them.
Mrs. Morella. Thank you, and thank you, Ms. Jackson-Lee.
Ms. Jackson-Lee. Thank you.
Mrs. Morella. Mr. Gutknecht, I am delighted to recognize
you, sir, for the questioning.
Mr. Gutknecht. Thank you, Madam Chair, and it is good to be
here.
Let me start by saying that I have had a couple of townhall
meetings in my district about year 2000, and I am happy to
report the State and local government officials who have
testified--at least in my State--are more than eagerly moving
forward with their plans, and I think we are making tremendous
progress--at least in my State. And I feel pretty good about
what we hear from some of the Federal agencies.
But I want to come back to a point that Dr. Horn raised,
and I think the real issue is about accountability. You know,
it is disturbing that the FAA and--I will try to be
diplomatic--in the end we wasted $4 billion, the FAA, and the
story is that we also wasted $4 billion with the IRS. And I am
not certain who to address this question to, but it strikes me
that in the private sector, and one of the reasons--I think at
least the major corporations; I am not so certain about small
businesses--the only area that I am really worried about in
terms of where we are going to be January 1st of next year, in
my opinion, has much more to do with what is happening with
small businesses, who are to busy or haven't taken the time, or
for whatever reason. The SBA, Madam Chair, I might just say--
and we should make this available and maybe connect somehow to
our website, whatever---SBA does have a wonderful kit that they
have put together, including a CD ROM that sort of helps walk
small business through what the problems are and what they need
to look for, and so forth. And I really want to congratulate
the SBA.
But I want to come back to a point that concerns me and it
is the word ``accountability.'' I think most major businesses--
and we have had major airlines and some of the power companies
and other companies come and testify at our townhall meetings
about what they are doing with year 2000. They understand that
this is serious. In fact, my first hearing we had, I think
there were six companies that testified, and collectively, they
were investing somewhere in the neighborhood of $150 million to
make certain their systems would work on January 1, 2000. The
reason, I think, is they understand that ultimately they are
going to be held accountable.
I think the question that I have for anyone who wants to
respond to it--you know, in the private sector there is an
unwritten system of rewards and punishments. And I might just
ask this question--maybe somebody can answer it--in both the
situation with the FAA and the IRS, was anybody replaced or
demoted because of the $4 billion which was wasted?
Mr. Flyzik. If you would like, from the perspective of
Treasury, I would suggest to you that the majority of the folks
at the IRS that were part of that are no longer at the IRS. I
don't know, specifically, whether or not it was resulting
directly from this or not. I will suggest to you that we have
learned some lessons, and I will suggest to you that we were
building systems back then with some 1980's approaches with
1990's technologies. I think, the Klinger-Cohen legislation,
passed by the Congress, clearly, puts responsibility on the
CIO. I do believe that the legislation passed by the Congress
makes it clear that the chief information officers are now
responsible. I accept that responsibility and plan to stay
through the year 2000 program at Treasury, and we jokingly say
that CIO may mean ``Career is over,'' if we do not meet our
year 2000 requirements. But I think the Congress passed the
Klinger-Cohen legislation that makes it clear that CIO's are
now accountable, and I think some of those lessons of the past
are the reason the legislation was passed.
Mr. Gutknecht. Anybody else want to respond to that? Is
that generally felt throughout the various agencies, that
people are going to be held accountable?
I see some heads nodding; those don't show up on the tape.
Ms. Reed. I will, on behalf of the Department of
Agriculture--the Secretary of Agriculture has made it very
clear that not only the CIO is accountable, but every single
Under Secretary, every single agency administrator; their jobs
are on the line, to make sure--our jobs are on the line--to
make sure that we can continue to deliver USDA's programs. He
has been most clear and emphatic on that point.
Mr. Burbano. I would like to second that from the State.
The Under Secretary for Management has put the responsibility
for year 2000 delivery on every Assistant Secretary, including
the CIO, which is me.
Mr. Gutknecht. All right, can I change the subject real
quick, because I see the yellow light is already gone, and
really I want to come back to Mr. Burbano.
As I say, I feel fairly confident that somehow our State
and Federal Government and local governments are going to slug
through this thing, but I am much more concerned about what is
going to happen in foreign countries. I don't know how well you
guys are plugged into--you are the best guesses we have got in
terms of what is going to happen in some other countries, some
of our trading partners around the world. What is your best
guess, what is going to happen?
Mr. Burbano. OK, we have an international working group
comprised of several agencies in the international affairs
arena, co-chaired by the Department of Defense and State
Department, and the Secretary has tasked each chief of mission,
the Ambassador, to fill out a contingency plan toolkit that we
have, which is due back April 16, which we will then put
together and look where the gaps are. It is very detailed. It
looks at the energy, water, transportation, telecommunications,
healthcare, finance, public services, and technology systems of
every post and every country, and based on what we have seen in
there, we will be in a position to do that. So that is one side
of the house.
The other side of the house is we are collecting
information from all the different agencies, as well as
different private sector firms such as Gartner, putting it
together, and we plan to have that information available
sometime during this summer, which will give us that kind of
information. Obviously, you know, we have to be concerned about
possible release of that data in order not to cause harm. So we
are in the mist of grappling with that issue. But we plan to be
prepared to have that information this summer, and we plan to
prepare to have these contingency plans post-by-post, country-
by-country. April 16th is when we are due, and then we have to
do some analysis, and so forth.
Mr. Gutknecht. OK, thank you.
Mrs. Morella. Thank you, Mr. Gutknecht.
Mr. Burbano, picking up on that same issue, what percentage
of State Department year 2000 funds are being specifically
designed for embassies abroad?
Mr. Burbano. I would like to get those figures back to you.
I don't have it broken down by overseas, but I would like to
get those figures back to you.
Mrs. Morella. Sure, that would great, because I am actually
also interested in whether or not the allocation is based on
certain criteria that you have established. I mean, for
instance, would our embassy in Italy have more in the way of
year 2000 funding then our embassy in Tanzania? I mean, what do
you use for criteria in that regard? And then, you know, I am
interested also--and I know my colleagues are, too--in what
contingency plans you have for embassies and in countries that
are not year 2000 compliant. I think we have all had
experiences with questioning the authorities in so many of the
countries, including industrialized countries, and find that
their responses seem to be in a vacuum with regard to
understanding the situation, let alone implementing it. So if
you could get that information to me, and actually to all of
you, I guess I would ask the agency representatives, the CIO's.
GAO has, in its testimony, made many recommendations, such
as establishing the target dates for contingency plans, the
end-to-end testing, requiring the agency head to certify that
systems are truly compliant, implementing a moratorium on
software changes to ensure that these systems are compliant at
the turn of the century. And I guess I would ask you is, do you
agree with those recommendations? Do you plan to implement
them? And I will start with any one of you, any one who wants
to begin.
Mr. Flyzik. Throughout the entire process of year 2000, we
have had at Treasury a very positive working relationship with
GAO. We have used the GAO guidance throughout the entire
process, their contingency planning model, and it truly has
been a value-added kind of work process we have used with GAO,
and we intend to continue to use their guidance.
I think the change management moratorium will be relatively
controversial. There are many, of course, industry counterparts
that have strategic plans where they are moving forward, and as
changes are made in the commercial sector, it will impact some
of the things we are doing.
We also have, for example, at Treasury the IRS, where tax
law changes are going to require certain changes. What we will
likely do at Treasury is implement some type of exception
process to minimize any changes, but I think we will need some
flexibility in that guidance for things that are just out of
our immediate control.
Mr. Burbano. At the State Department this past fall we
issued a moratorium on development other than year 2000. We did
have an exception process for security, health, and other
items. Up to date, we have put about 26 systems on the shelf as
a result of not being year 2000 or security-or health-related.
We are also issuing a moratorium this July on operating systems
and off-the-shelf systems, and in September for application
systems.
In terms of an earlier question about the countries and
embassies, as I mentioned, when we get back our contingency
plans which look at various systems I talked about--the energy,
the water, transportation, telecommunications, healthcare,
finance, public services, and technology--that is our criteria.
We see where the gaps are, and when we get the information this
summer from the international working group as to where the
countries are, as opposed to the post, we will put those
together and we will clearly see, you know, what additional
funds are needed based on those two items, the post situation
and the country situation.
Mr. Nygard. We at USAID have also been following the GAO
guidance pretty closely. We find it useful, particularly the
moratoriums. It has helped us to fend off requests from inside
the agency and elsewhere for changes, just saying that year
2000 has to have the highest priority. So we found it very
useful guidance and have been following it closely.
Ms. Reed. I certainly will echo that for the Department of
Agriculture. We have tried very consistently to follow their
guidance and have found it quite helpful in that regard. We,
too, will be looking very closely at the change management
program. We are extremely cognizant of the need to assure that
there is stability as we go into the year 2000.
One of the issues that we are continuing to wrestle with is
that some of the software that has been determined to be
compliant by vendors, who continuously send us patches and
upgrades. We certainly want to be in a position, if a software
vendor recommends to us that we need something for year 2000
compliance that we had not foreseen earlier or they had not
foreseen earlier, that we still able to implement it. So we
need to be looking carefully at just how we approach achieving
that stability.
Mrs. Morella. I would like to also just briefly ask you,
are all of the four agencies that we have before us, have all
of you undergone the independent verification and validation
process? Say yes and no.
Mr. Flyzik. Absolutely.
Mr. Burbano. Yes, and I would say that we have done it at
two levels. We did it first within the CIO office in the
bureau, and then we are doing it at a second level with the
Office of the Inspector General, and we developed that
criteria. So we are actually going through it twice.
Mr. Nygard. Yes, we, too, are using independent validation
and verification, and then after that, all of our systems will
be reviewed by our Inspector General. So we have two stages as
well.
Ms. Reed. IV&V has been a very, very key part of our year
2000 management program and will continue to be, as has our
work with the Inspector General.
Mrs. Morella. And, Ms. Lee, will you be requiring that all
agencies undergo the IV&V?
Ms. Diedre Lee. That is part of the system, not only the
mission-critical system assessment, but also as we do the
seamless program checks; we will verify that that has been
done.
Mrs. Morella. What if agencies say they don't have the time
to do it? Would you be helpful?
Ms. Diedre Lee. We haven't heard that to date, and because
of the schedules of the mission-critical systems, that schedule
that they put in place includes the IV&V piece. In fact, some
of the agencies that are not yet 100 percent, that is the piece
they are missing; they have gone that far. If they haven't
completed that, they are not in the 100 percent category.
Mrs. Morella. Well, thank you.
Chairman Horn, your turn at bat.
Mr. Horn. Thank you very much.
The Director of OMB sent out memorandum to the head of the
executive departments and agencies, dated March 26, 1999, and
without objection, I would like that included in the record at
this point, because my questions will relate to that
memorandum.
Mrs. Morella. Without objection, so ordered.
[The information referred to follows:]
[GRAPHIC] [TIFF OMITTED]61120.071
[GRAPHIC] [TIFF OMITTED]61120.072
[GRAPHIC] [TIFF OMITTED]61120.073
[GRAPHIC] [TIFF OMITTED]61120.074
Mr. Horn. Ms. Lee, there are roughly 19 departments and
agencies that are shown in his attachment, and that is where
the 42 programs come from. I wonder if you could just tell me,
how were those 42 programs selected?
Ms. Diedre Lee. We actually went out to the agencies and
got agency input, as well as other governmental input. I think
this might be a time to mention that, as we were talking about
concerns of the States and other governments, we do have the
President's Council on Year 2000 Conversion, and they have been
very active in dealing with the Governors' associations,
outreach programs, meetings, et cetera. That is also going on
as we speak, and generally John Koskinen, who represents that
group, speaks of their outreach activities and their
accomplishments.
But through the consultation process with the agencies, and
with the State and local governments, and in assessing the
programs that had direct impact on people, this list was
developed. But, it is an ongoing list, and should you have
other programs that you feel are important, we are more than
happy to add those, and make sure we have a lead agency
assigned to it and that we monitor the progress.
Mr. Horn. Well, was the criteria based on what is the most
that these programs are in relation to people? Is that it? You
just said that.
Ms. Diedre Lee. I can get you the specific criteria that we
went through, but, generally, it was: what are the major
programs that cross agency lines that we couldn't say are
mission-critical? Programs that may cross numerous agencies,
State, local governments, and that have a delivery or an end
product that we think we directly affects health, welfare, and
safety of people.
[The information referred to follows:]
We have asked Federal agencies to work with their partners
to assure that all Federal programs will work. In developing
the list of high impact programs about which agencies are
reporting status information to OMB, we looked at the Federal
government from an individual's point of view and selected
programs that, if interrupted, would have a direct and
immediate impact on individuals.
Mr. Horn. Well, as it reads, you are absolutely right, that
is the basic criteria, it would seem to me, both with other
agencies to the Federal Government, as well as with State and
local agencies, and I don't have a problem with that. But I
guess I would ask the question, where are some of the very
difficult programs that might not meet that criteria, but must
be taken care of long before January 1, 2000? Let me give you
an example.
I don't have a problem with the Department of Defense
having its two programs of military hospitals and military
retirement. Granted, they are, in essence, very much like what
you have under USDA, or you have under HHS, or you have under
HUD programs that affect a lot of people. I guess what I do
worry about is, where is about the 100 or so readiness programs
that the Department of Defense ought to have on this list? Is
there a separate list floating around?
Ms. Diedre Lee. OMB didn't create a separate list, but we
do acknowledge and recognize the Department of Defense has a
lot of military programs. Certainly, some would say you could
add them to this list. But because we generally say they are
not something that an individual per se has an interaction
with, the Department of Defense on military systems are not put
on this particular list. Nevertheless, we are very aware of
that issue and DOD is tracking their mission-critical systems
as well.
Mr. Horn. So you have a list of the readiness programs?
Ms. Diedre Lee. I believe DOD has that list. I can
certainly get it for you. I don't have it at this meeting.
[The information referred to follows:]
The Department of Defense is closely tracking the Y2K
status of its readiness programs. We are confident that the DoD
systems will be ready for the new millennium and that the
Department will be able to continue to carry out its missions.
Mr. Horn. All right, because I guess I would ask you, what
are the key programs that are not on this list, and that would
include all agencies? I mean have we--is this it? Or are there
others even on the domestic non-military agencies?
Ms. Diedre Lee. These are the 42 high-impact programs that
we have identified on the non-military side, with those two
exceptions. But it is a continuing list, and as we progress
farther in the business continuity and contingency plans, we
could identify additional programs to be added.
Mr. Horn. Now, as I understand it, there are master plans
for each of these high-impact programs to guide the key
organizations to be sure that they work, one, together; No. 2,
that they really work, and No. 3, that they be brought in, I
guess by, April 15th. Is that roughly it?
Ms. Diedre Lee. We are looking for the business continuity
and contingency plans to be in on April 15th, 2 days from now.
We will then look at those plans, along with GAO, for
thoroughness and other issues. That is going to give us the
next step on. If they are thorough and descriptive and end-to-
end, we have one situation, versus if there are pieces of
information missing or holes or there is non-continuity, we
have another situation.
Mr. Horn. It is good to know that on April 15th, when
taxpayers are sweating out paying the revenue side of the coin,
that agencies are sweating it out paying the expenditures side
of the coin. So that----
Ms. Diedre Lee. Share the wealth?
Mr. Horn [continuing]. I find a certain symbolism in this;
maybe you don't? In your opinion, when will these high-impact
programs be certified as year 2000 ready?
Ms. Diedre Lee. It will be program by program. I wish I
could tell you there is going to be one date. But that is going
to be part of the plan, and part of the contingency plan is
going to maintain the schedules and the milestones. From there
we will set up the tracking mechanism. I feel certain that we
will be back to discuss that with you further.
Mr. Horn. OK. Now, let me ask both you and Treasury, to
which this is relevant, the President held his second statement
on the year 2000 acknowledging Social Security's very good job
of compliance. I had assumed, when he did that, that he also
knew that the Treasury's Financial Management Service had been
2000 compliant. And I guess I need to ask the Treasury
representative, is the Treasury's Financial Management Service
compliant? Because, as you know, it needs to turn out about 43
million checks a month from the Social Security Administration.
I guess I would ask you, to what degree is FMS compliant?
Mr. Flyzik. Chairman Horn, as noted in my testimony, over
90 percent of the payment systems are now using year 2000
compliant software, including Social Security and supplemental
security income payments. The last payment system to be made
compliant is the Office of Personnel Management Payment System
for Federal annuity payments. That system is ready to go at the
FMS and it is waiting on an interfacing system. For those
systems where FMS did not meet the March 31st deadline, you
should be aware that FMS, in many cases, is waiting on other
interfaces with other agencies to actually implement year 2000
compliant systems. So, the FMS system is ready to go.
Mr. Horn. OK, let us just take Social Security. Is it ready
to go 100 percent on Social Security? Can they cut the checks?
Can they send them? Then the question is, what about the
depositories, credit unions, banks, whatever?
Mr. Flyzik. Yes, in terms of cutting the checks, the answer
is yes. In terms of the banks, the depositories are. Office of
the Controller of Currency, as well as the Office of Thrift
Supervision, continue inspection programs. Their latest report
sent to the Congress indicates over 90 percent of the financial
institutions being year 2000 ready. So, we are on a very
positive trend. We are putting together and are doing testing
among FMS, IRS, Social Security, and all of the revenue
collection agencies, as well as the payment agencies, end-to-
end and interoperability testing, simulating configurations in
a laboratory environment.
Mr. Horn. OK, let me just go down the line: Are you ready
to submit your April 15th report and plan to OMB? Will you be
able to do it on time? How about Treasury?
Mr. Flyzik. Yes, we will, and sitting right behind me is my
program manager--who does all the work that I get all the
credit for--is working on that as we speak.
Mr. Horn. So if you go, he goes, is that it? [Laughter.]
OK, or is it the other way around?
Let me ask the gentleman from the Department of State: Are
you ready on that April 15th?
Mr. Burbano. Yes, we are ready.
Mr. Horn. OK. Let me ask Mr. Nygard of the Agency for
International Development.
Mr. Nygard. Mr. Chairman, I think we get a bye on that; we
don't have any systems on that list.
Mr. Horn. Well, I would have put you on the list 3 years
ago, Mr. Nygard. So, I mean, what is there left to do? Are you
going to be able to do this job in AID or are we going to go
back to the abacus?
Mr. Nygard. No, we are there. We will do the job; no
question.
Mr. Horn. OK. Yes. They are now your ward, by the way; you
are the guardian now of AID, right? So what is happening on the
Department of State with its new child?
Mr. Burbano. Well, we are integrating with USI and with
ACTA, and we have met and continue to meet with USI and ACTA,
and we plan to be fully compliant with our systems with both of
those before the end of the year at this point. I would like to
say, in terms of the 40 systems that you were addressing on the
passport issue, that system is out of the independent test and
validation phase; it is in deployment, and we plan to have that
system fully implemented, the 14 passport offices, by the end
of this month. So, not only will we have our report in, but we
will have the system fully implemented by the end of this
month.
Mr. Horn. Well that is good news, because you do--what--
over a million passports a year?
Mr. Burbano. Yes.
Mr. Horn. I know it is substantial and you have had a very
efficient operation, as I have seen it. So this will carry that
on?
Mr. Burbano. Absolutely. So, again, we are fully
implemented by the end of this month on our one system that is
on that list.
Mr. Horn. Now, will the Agency for International
Development be part of your jurisdiction?
Mr. Burbano. No, that is why I was saying it is USI and
ACTA. We do work closely as my counterpart mentioned.
Mr. Horn. You are all in the same building, so I wouldn't
think it is to hard to communicate.
Mr. Horn. No, no, we work together, but we are not
integrating their systems as we are with USI and with ACTA, so
we do work and exchange information. They are part of the
international working group as well, and they are out there in
the post collecting information, sharing it with us; we are
sharing it with them. So, we do work closely and help each
other, but their systems are not being integrated with ours.
Mr. Horn. OK, how about the Department of Agriculture, Ms.
Reed, are you going to be able to give them something on April
15th?
Ms. Reed. We will be able to provide something, I will tell
you that I think that it will require additional work,
particularly the section on food safety, where we serve as the
lead agency. I think we have pretty good command of what we
have been doing within USDA, but we need to reach out to our
partners across the Federal sector to assure we have
incorporated their work, and quite frankly, that may take us
just a little bit longer to do, but we will meet that
commitment, because we take it very seriously.
Mr. Horn. One of the columns on our quarterly report card
has been the contingency plan. A lot of agencies have said it
is the U.S. Post Office, in other words, mailed the checks,
rather then electronically deposit. We then had a hearing with
the U.S. Postal Service, and they have no contingency plan. So
I find that rather interesting, and we have the phrase ``in
progress'' for most of the 24 major executive agencies and
Cabinet departments. I just would like to ask the four agency
people here today, are we going to get in Congress another in-
progress-type thing on your contingency plan, or do you have a
contingency plan before the next quarterly report?
Mr. Flyzik. At the Treasury Department we established March
31st, this past March, as the date for all of our bureaus to
work on business continuity and contingency plans. On March
31st, all but four of the bureaus had those plans into my
office; the other ones are coming in now or will be in very
shortly. We are going to do an analysis of those plans and put
them together to come up with a Treasury-wide approach. So, we
feel at Treasury we are ahead of the curve a little bit in this
particular area and will look forward to reporting to you as we
do the analysis of where we stand on the plans.
Mr. Horn. State?
Mr. Burbano. For the State Department, we have 59 mission-
critical systems. Out of the 59, we have 47 systems that have
been completely finished and verified; 12 are in the mist of
being finalized, and we plan to have those finalized by June.
Mr. Horn. So you are saying, you don't need a contingency
plan?
Mr. Burbano. Oh, no, no, no. I am saying we have a
contingency plan for each of them.
Mr. Horn. For each of them?
Mr. Burbano. Right, that is why I was saying, out of those
59, 47 are solid green.
Mr. Horn. Fine. How about the Agency for International
Development?
Mr. Nygard. We are in the process of completing our
contingency plans. We expect them to be completed by June 30.
So, for our next quarterly report you will get an ``in-
progress'' from us, but progress is going as per schedule, and
we will be implementing those plans by the beginning of the
summer.
Mr. Horn. Agriculture?
Ms. Reed. We sent out guidance to our agencies last fall on
business continuity and contingency planning. I have received
the first draft from all agencies within USDA, except for one;
I expect to have that one shortly. We have been reviewing that
draft, and I can tell you that it is version one. We know we
will have more work to do, but we feel relatively confident
that we will have a strong business continuity and contingency
plan in place by June 15th.
Mr. Horn. Well, I thank all of you. I am going to have to
leave for another meeting, and thank you, Ms. Chairman.
Mrs. Morella. Thank you, Mr. Chairman.
And I am going to just ask one other question. Actually--I
don't know--maybe it was in your testimony, Mr. Burbano, but it
was reference to the year 2000 Program Management Office's
strike teams. What do the strike teams do? Sounds like
terrorism to me.
Mr. Burbano. Well, we needed a strike team. You know, when
I came on board we were zero compliant, and, you know, it took
a lot to get us to 90 percent within 11 months. So, what I did,
with my Deputy CIO for year 2000, is we got together and we
decided we needed some strike teams to come in to not only do
analysis, but provide assistance to each bureau to get us up
there quickly in our steep curve of implementation. And they
have actually provided the assistance, besides the analysis, in
order to do test validations for helping contingency plans, for
helping remediate, and so forth. So in all phases they have
helped out, and continued to help out, the bureaus.
Mrs. Morella. It just seems to me, from what has been
stated in your wonderful testimony and response to our
questions, that we are looking to April 15th for a view of the
critical programs beyond what you have told us today: plans,
milestones, also business continuity plans that I think is so
important, and then as we go on to the end-to-end testing. So
much more needs to be done, but I just am very much impressed
with the progress that has been made. And as somebody who
cares, as Mr. Horn does, very much about Federal employees, I
do want to applaud you for responding to the challenge and the
task. It is not all over yet, but, again, your cooperation in
so doing I hope is a model for the States and local
governments. Again, we will be back to you and hope you will be
back to us about it.
So I want to thank you all for coming before us. Thank you,
Ms. Lee, and Mr. Willemssen, and Ms. Reed, Mr. Nygard, Mr.
Burbano, and Mr. Flyzik.
And I wanted to pick up the tradition that was established
by Chairman Horn, and that is to acknowledge the staff who
helped to put the committee hearing together: J. Russell
George, who is with the Subcommittee on Government Management,
Information, and Technology; Matt Ryan, senior policy director
for GMIT; Bonnie Heald, who is the director of communications;
Mason Alinger, who is the clerk; Richard Lukas, the intern.
Technology is Jeff Grove, staff director; Ben Wu, professional
staff member; Joe Sullivan, the clerk. And on the minority
side, Faith Weiss, who is the counsel; Earley Green, staff
assistant; Michael Quear; Marty Ralston, committee staff, and
our court reporter, Kristine Mattis.
And I thank you all, and the joint committee is now
adjourned.
[Whereupon, at 3:25 p.m., the subcommittees were
adjourned.]
-
�