Committee on Ways and Means, Subcommittee on Oversight, Subcommittee Report on the Year 2000 Computer Problem

Committee on Ways and Means
U.S. House of Representatives
Washington, D.C. 20515

Subcommittee on Oversight

August 6, 1998

The Honorable Bill Archer
Chairman
Committee on Ways and Means
1102 Longworth House Office Building
Washington, D.C. 20515

Dear Mr. Chairman:

The purpose of this letter is to transmit to the full Committee on Ways and Means the report of the Subcommittee on Oversight on the year 2000 problem, commonly known as "Y2K," as it relates to the major program areas within the Committee's jurisdiction. This report was approved by the Subcommittee on August 6, 1998.

The United States, with almost half the world's computer capacity and 60 percent of the world's Internet assets, is the most advanced, and most dependent, producer and user of information and telecommunications technologies. Most computers, computer systems, and telecommunications networks in use in the Federal government today will not be able to function in the year 2000 and beyond unless they are modified.

This is of particular concern as it applies to the Federal programs within the jurisdiction of the Committee on Ways and Means, including those administered by the U.S. Department of the Treasury, U.S. Department of Health and Human Services (HHS), and the Social Security Administration (SSA). Among the major programs are tax and trade administration, Medicare, and Social Security. The computers serving the programs within the Committee's jurisdiction affect more than 260 million Americans. The revenue programs affect every taxpayer and every business, and the benefit programs impact the health and well-being of millions. These Americans rely on the vital services they receive and cannot afford to have them disrupted by computer failures; nor can they afford to have the computers produce erroneous penalty assessments, notices, refund or benefit checks.

Most of the computers in use in the Federal government today store information for a year in a two-digit format. While fixing the two-digit year format is technically simple, the process for analyzing, renovating, and testing computers and computer systems, including embedded computer chips, to identify and correct the errors involves a very complex management task. A massive logistical effort is also needed for those computers and systems that must interact, including those that interact through telecommunications networks. Telecommunications networks are critical to Social Security checks getting to seniors, hospitals and doctors being paid by Medicare, and taxpayers being properly and efficiently served by the Internal Revenue Service (IRS). For these services to continue into the year 2000 without disruption, each of these agencies must successfully renovate their own systems and be able to effectively interact with the renovated systems of the Treasury Department's Financial Management Services (FMS), which has responsibility for actually making the payments to the beneficiaries and taxpayers.

Further complicating this technical, managerial, and logistical challenge is the fact that most of the systems that the agencies must renovate are old and have software written in nearly obsolete programming languages. Agencies have encountered serious problems in their earlier attempts to modernize these antiquated systems, especially in delivering systems that provide the required functionality on schedule and within budget.

Modifying computer code requires programming skills that are in short supply. Recruiting and retaining qualified personnel is a major concern, which will undoubtedly become more difficult and expensive as the year 2000 draws closer.

In response to your request, the Subcommittee on Oversight held two hearings on the Y2K problem to identify the issues that need to be effectively addressed for the major programs within the Committee's jurisdiction to continue to provide critical services without disruption in the year 2000 and beyond. The Subcommittee hearings focused on the implications of the Y2K computer problem for program beneficiaries and taxpayers, potential risks to program missions, and major remaining program vulnerabilities.

On May 7, 1998, the Subcommittee on Oversight held its first Y2K hearing. Federal program officials testified on the progress they have made in renovation efforts, the risks they have identified, and how they are attempting to mitigate those risks. Representatives of major financial services institutions, including those who interact with the agencies that administer these programs, testified along with information system industry observers on their Y2K experience, the most perplexing Y2K challenges remaining, and actions needed to prevent disruptions in program services. On June 16, 1998, the Subcommittee held its second hearing on Y2K issues as they relate to telecommunications. The Subcommittee received testimony from representatives of various segments of the telecommunications industry and other industry observers, who described relevant Y2K issues, progress toward addressing those issues, and the remaining challenges. The Subcommittee also received testimony and related study reports from the U.S. General Accounting Office (GAO) in both of its Y2K hearings.

Issues raised at the Subcommittee's Y2K hearings included the importance of making Y2K conversion a national priority; the adverse impact potential legal liability is having on Y2K information sharing and communications; and the adequacy of funding and other resources available for the required system renovations. Many of these Y2K issues have been the subject of other Congressional oversight hearings, dating as early as April 1996, which have encouraged the Administration to establish Y2K as a national priority and to focus attention on Y2K renovation. On February 4, 1998, President Clinton established the Council on Year 2000 Conversion. On July 14, 1998, the President presented his first major policy address on Y2K.

With regard to legal liability issues, the Administration has taken two initiatives to promote greater Y2K information sharing and communication. The Department of Justice Antitrust Division approved a proposal to allow the discussion and exchange of information on the Y2K issue. This Justice position was intended to ease concerns about information sharing resulting in antitrust action. The other initiative relates to proposed legislation to provide protection against legal liability for those who share in good faith information about Y2K experiences and solutions. However, more needs to be done by the Administration as well as the Congress to further these initiatives and resolve the related issues.

Based on its review, the Subcommittee found that SSA is relatively well positioned to have its systems renovated to function properly in the year 2000. This is primarily because SSA was the first to start its Y2K conversion efforts and its management has provided strong and consistent leadership on each phase of the conversion effort. SSA is currently working with FMS to test its entire process, including payments to beneficiaries.

The Subcommittee believes that HHS is in the weakest position, relative to SSA and Treasury, in having its systems renovated in time for the year 2000. The progress of the Health Care Financing Administration (HCFA) is of greatest concern because HCFA, as well as the contractors upon which it relies heavily to process Medicare claims and payments, initially expected to do their processing on a system which has since been abandoned because of major system development difficulties. Therefore, multiple older systems must be renovated by both HCFA and its contractors, and the time remaining to complete the renovations is extremely tight. Other HHS Y2K concerns involve inadequate information about biomedical device readiness, and the late start in renovating systems for welfare and child support programs, which involve numerous interdependencies between State and Federal systems.

Treasury is apparently in a stronger position than HHS, but not as strong as SSA. The major concern is the inadequate progress made to date by the FMS, which provides for the payments for SSA, Medicare, and other Federal programs. IRS is also of concern because of the sheer magnitude of the effort required, the poor record IRS has for modernizing its systems and managing its information systems environment and the status of telecommunications capabilities whose renovation is being done by contractors and managed by the Treasury. The U.S. Customs Service (Customs) has brought new management attention to Y2K to help overcome earlier struggles with systems development projects and a late start in its Y2K conversion efforts.

The assessments made by the Subcommittee on Oversight about the Y2K readiness of the SSA, HHS and Treasury agencies responsible for the major programs within the Committee's jurisdiction are consistent with those made by the Government Management, Information, and Technology Subcommittee (Horn Subcommittee), and by the Office of Management and Budget (OMB).

Based on these assessments, the Subcommittee on Oversight is concerned that, with the possible exception of Social Security, vital services to taxpayers and beneficiaries may be disrupted or otherwise jeopardized by computer system or telecommunication network failures unless the following recommendations are adopted:

1. The Administration should more aggressively promote the Y2K problem as a national priority;

2. Businesses, computer industry suppliers, and others should have the capability to communicate and share information about Y2K problems and solutions without fear of legal liability;

3. Agencies should test their renovated systems fully and ensure they interact with other systems as needed to carry-out their related functions;

4. Agencies should develop contingency plans to ensure vital services are not disrupted, since realistically all systems will not be renovated fully by January 1, 2000;

5. Agencies should monitor their Y2K efforts closely to ensure their human resources and expertise are commensurate with the renovation tasks that remain to be completed;

6. The Administration and Congress should ensure that Y2K funding is adequate for government agencies to have the resources and expertise needed to update and renovate their systems;

7. Small businesses should be encouraged to take the necessary actions to ensure their computer and telecommunications systems will be able to function properly in the year 2000 and beyond; and

8. The Congress should work with the Administration to ensure the necessary oversight is provided so that the Y2K challenge is met successfully.

The Committee may want to consider tax incentives for small businesses to encourage them to proceed expeditiously with needed Y2K renovations. Representative Karen Thurman, a Member of the Subcommittee, has introduced legislation, H.R. 4134, to increase by $20,000 the amount a small business is permitted to expense for the purpose of making its systems Y2K compliant.

The Subcommittee will continue to be diligent in its oversight activities to ensure vital services to beneficiaries and taxpayers are not disrupted because of Y2K-related system failures or malfunctions. The Oversight Subcommittee has requested that GAO continue its studies of SSA, HCFA, IRS, FMS, Customs, and others. The Subcommittee is also monitoring the efforts of the appropriate Inspector General offices, which have considerable efforts underway to assess system readiness along with validating the renovations reported by the various agencies. The Subcommittee also is coordinating its efforts with the ongoing efforts of the Horn Subcommittee, House Y2K Task Force, Senate Special Committee Year 2000 Technology Problem, OMB and the Council on Year 2000 Conversion to monitor the Federal agencies' and private sector progress and readiness for the year 2000.

We hope our assessments and recommendations will provide useful guidance to the Committee in addressing this critical challenge.

Sincerely,

Nancy L. Johnson, Chairman	William J. Coyne, Ranking Member
Rob Portman	Jerry Kleczka
Jim Ramstad	John S. Tanner
Jennifer Dunn	Karen L. Thurman
Philip S. English
Wes Watkins
Jerry Weller
Kenny Hulshof

Attachments

REPORT OF THE SUBCOMMITTEE ON OVERSIGHT

ON THE YEAR 2000 COMPUTER PROBLEM

Background

With tremendous advances in technology in recent decades, governments and businesses world-wide have become increasingly reliant on computers. Telecommunications systems and networks are also critical to the operations of nearly every public and private sector organization. The United States, with almost half the world's computer capacity and 60 percent of the world's Internet assets, is the most advanced, and most dependent, producer and user of information and telecommunications technologies.

Historically, most computers, computer systems, telecommunications networks, and embedded computer chips only store a two-digit number for the year, which makes the year 2000 indistinguishable from the year 1900. Those that are dependent upon this two-digit year format will likely either shut down completely or produce incorrect data. Without proper renovation or replacement, malfunctions will cause many costly problems for both government and commerce. Some computers cannot be modified and must be replaced. Although most of the attention concerning the year 2000 problem, commonly known as "Y2K," initially focused on computers and computer systems, there is a growing recognition of the vulnerabilities of telecommunications networks, because a single noncompliant component could potentially shut down an entire network. In addition, there are many items, like elevators and security systems, that are not generally thought of as computer systems but have embedded computer chips. Many of these embedded chips are date-dependent and require replacement in order to function properly in the year 2000 and beyond.

Most computers, computer systems, telecommunications networks, and embedded chips in use in the Federal government today will not be able to function in the year 2000 and beyond unless they are modified. This is of particular concern as it applies to the Federal programs within the jurisdiction of the Committee on Ways and Means, including those administered by the U.S. Department of the Treasury, U.S. Department of Health and Human Services (HHS), and the Social Security Administration (SSA). Among the major programs are tax and trade administration, Medicare, and Social Security. The computers serving the programs within the Committee's jurisdiction affect more than 260 million Americans. The revenue programs affect every taxpayer and every business, and the benefit programs impact the health and well being of millions. These Americans rely on the vital services they receive and cannot afford to have them disrupted by computer failures; nor can they afford to have the computers produce erroneous penalty assessments, notices, refund or benefit checks.

While fixing the two-digit year format is technically simple, the process for analyzing, renovating, and testing computers and computer systems to identify and correct the errors involves a very complex management task. A massive logistical effort is also needed for those computers and systems that must interact, including those that interact through telecommunications networks. Telecommunications capabilities are critical to Social Security checks getting to seniors, hospitals and doctors being paid by Medicare, and taxpayers being properly and efficiently served by the Internal Revenue Service (IRS). For these services to continue into the year 2000 without disruption, each of these agencies must successfully renovate their own systems and be able to effectively interact with the renovated systems of the Treasury Department's Financial Management Services (FMS), which has responsibility for actually making the payments to the beneficiaries and taxpayers.

Most of the systems that the agencies must renovate are old, further complicating this technical, managerial, and logistical challenge. Agencies have encountered serious problems in their earlier attempts to modernize the antiquated systems, especially in delivering systems that provide the required functionality on schedule and within budget. For example, IRS and Health Care Financing Administration (HCFA) have had difficulty renovating or replacing their old systems and have had to abandon previous modernization plans. Some systems are too old to renovate and need to be replaced, which requires considerable time and expertise. The software has often been written in nearly obsolete languages, and the computer code has been changed numerous times over the years without adequate documentation.

Modifying this computer code requires programming skills that are in short supply and may not be readily available. Modifying telecommunications components and networks requires unique expertise that has also been in short supply. Some agency officials expressed concern over their ability to recruit and retain information systems employees with the necessary expertise to handle the conversions, and even their ability to supplement their workforce with contractor support, because of the escalating demand for a finite talent pool and the escalating costs for that expertise. Costs are not the only issue, as specialized knowledge of agencies' sometimes antiquated systems is not easily transferable, if at all, to other employees or contractors. In the recently-enacted IRS restructuring bill, Congress provided the IRS Commissioner with personnel flexibilities that will allow him to attract the technical and managerial skills needed to handle such challenges as Y2K.

Subcommittee Hearings

On May 7, 1998, the Subcommittee on Oversight held a hearing to explore Y2K issues for the programs within the jurisdiction of the Committee on Ways and Means (See Appendix I). The Subcommittee explored the management plans and processes the relevant agencies had initiated to renovate or replace their systems. Of particular interest to Subcommittee Members were the implications of the Y2K problem for various program beneficiaries, potential risks to program missions, and major remaining program vulnerabilities. Agency officials, private sector representatives, and U.S. General Accounting Office (GAO) witnesses testified on the risks and mitigation strategies related to Y2K problems.

The private sector witnesses, in particular, called for the President and Congressional leaders to establish the Y2K problem as a national priority, and to ensure the problem gets the attention, funding, and other resources necessary for success. Among the issues of great concern identified by the witnesses at the hearing for agency attention were: priority setting, progress monitoring, system testing, contingency or continuity planning, and resource and expertise availability. Telecommunications capabilities were also of concern because of the agencies' increasing reliance on outside suppliers and carriers for renovated components and networks, as well as the lack of information as to how those renovations were proceeding. Of particular concern was how the renovation efforts of private sector telecommunications suppliers and carriers correspond to Federal government agency time-frames for renovating, testing, and implementing their computer systems, as well as for devising their contingency plans.

On June 16, 1998, the Subcommittee held a hearing on the nation's telecommunications infrastructure (See Appendix II). The infrastructure is composed of the public sector network (hundreds of local telephone companies and long distance carriers), the Internet, and millions of government and private sector telecommunications and computer networks. The Subcommittee studied the impact that the Y2K problem may have on the telecommunications infrastructure, and how major programs within the Committee's jurisdiction may be affected. Specifically, the Subcommittee explored implications of critical infrastructure component failures on tax administration, Medicare, Social Security, and other programs within the Committee's jurisdiction. A Federal Communications Commission official, telecommunications industry observers and representatives, and a GAO witness testified on the Y2K readiness of the industry, and the remaining risks and challenges.

For example, witnesses said that testing posed unique risks for telecommunications renovations, because the entire infrastructure cannot be taken out of production to validate the renovated components in their normal operating environment. Nevertheless, they also said that testing telecommunications components and networks to the extent possible is crucial to successful renovations, and establishing contingency plans in the event of telecommunications failures or malfunctions are important to ensure that operations are not at risk.

Another difficult issue raised was the reluctance of telecommunications firms to share information about the readiness of their components or networks because of fear about vulnerability to liability lawsuits. As a result, agency officials did not know whether renovated telecommunications components would be delivered to them in time for testing. The officials recognized that they needed to test their entire system and network configuration to ensure their programs would run properly in year 2000 and beyond. This dilemma, however, is not unique to telecommunications firms, as electric power companies and others have also expressed concern about their vulnerabilities to liability, and have therefore been reluctant to share Y2K-related information.

Other Congressional Oversight of the Y2K Problem

Congress has recognized Y2K as a problem with serious implications for the government, commerce, and the economy. The Subcommittee on Government Management, Information, and Technology, of the Committee on Government Reform and Oversight, held the first of a series of Y2K hearings on April 16, 1996. That Subcommittee has been joined in many of its oversight hearings by the Subcommittee on Technology, Committee on Science. A House Y2K Task Force has also been appointed to provide Congressional leadership on this problem, which complements the efforts of the Senate's Special Committee on Year 2000 Technology Problem. Many other committees have been active in their oversight of the Y2K problem as it relates to programs within their jurisdictions. Congressional oversight has encouraged the Administration to make Y2K a higher priority and give it the focused attention needed to ensure systems are renovated properly in time to prevent vital services from being discontinued and disruptions to government, commerce, or the economy.

Administration Action on the Y2K Challenge

The President's budget for Fiscal Year 1999 included about $2.25 billion for Y2K renovations and related contingencies. On February 4, 1998, President Clinton established the Council on Year 2000 Conversion and named John Koskinen to be its Chairman and Assistant to the President on Y2K matters.

On July 14, 1998, the President presented his first major policy address on Y2K. The President stressed the urgency of the challenge. He lauded the efforts underway by people in the Congress, government, and business--especially those of John Koskinen. He asked Congress to fully fund his budget. The President specifically pointed out that too many businesses, especially small and medium sized firms, will not be ready unless they begin to act now.

He issued three challenges to the business community. First, he called for every business to take responsibility for making sure it is ready by assessing its exposure, asking its vendors and suppliers to be ready as well, and developing contingency plans in case critical systems fail or vendors fail to deliver. Second, he said businesses should exchange and pool information among themselves in order to learn from one another's experiences and solutions. Third, businesses should inform customers about what is being done to address the Y2K problem to help maintain confidence. The President described two initiatives to encourage more open communication on Y2K experiences and solutions: (1) a Department of Justice position relative to antitrust, and (2) proposed legislation to limit legal liability. These initiatives are discussed further below.

Information-Sharing Initiatives

The Antitrust Division of the Department of Justice (Justice) presented its position on the exchange of information about resolving the Y2K computer problem in a July 1, 1998, approval of a private sector information-sharing proposal from the Securities Industry Association to let its members and their computer services suppliers discuss and exchange information on the Y2K issue. Justice stated that sharing information about the Y2K problem would not lessen competition in the procurement of computer services. Justice also stated that the information sharing would not pose competitive risks unless it involved the disclosure of pricing or customer information. Justice further said that the information exchanges should not diminish competition among the Association's members and might even have a pro-competitive effect by reducing costs and/or speeding up the resolution of Y2K issues.

The Administration sent proposed "Good Samaritan" legislation to the Congress on July 27, 1998, entitled the "Year 2000 Information Disclosure Act". The proposal would establish a uniform standard of legal liability to protect those who share Y2K information in good faith from claims based on disclosures and exchanges of information. This narrow protection from liability would extend only to the good faith sharing of information and would not provide protection from liability should systems not work properly in the year 2000 and beyond.

Representative David Dreier and Representative Christopher Cox introduced H.R. 4140 on July 16, 1998, which is legislation to (1) limit the financial liability of companies that take steps to avoid Y2K failures, and (2) provide a targeted antitrust exemption to encourage corporate cooperation in solving problems. This proposed legislation would effectively codify the Justice antitrust position, and provide broader liability protection than the "Good Samaritan" legislation.

Assessment of Y2K Readiness for the Major Programs Within the Jurisdiction of the Committee on Ways and Means

Based on its review, the Subcommittee determined that SSA is relatively well positioned to have its systems renovated to be able to function properly in the year 2000. The Subcommittee was impressed with SSA's early planning and conscientious management. This is primarily because SSA was the first to start its Y2K conversion efforts and its management has provided strong and consistent leadership on each phase of the conversion effort. Additionally, SSA has already renovated a large portion of its systems and is proceeding with systems testing and continuity planning.

The Subcommitte believes that HHS is in the weakest position, relative to SSA and Treasury, to have its systems renovated in time for the year 2000. The progress of HCFA is of greatest concern. HCFA, as well as the contractors upon whom it relies heavily to process Medicare claims and payments, initially expected to be using a new Medical Transaction System. That system, however, was abandoned because of major system development difficulties. Multiple older systems must now be renovated by both HCFA and its contractors, and the time needed to complete the renovations is a major concern. HCFA management is also concerned about its ability to compel its contractors to maintain the capability necessary to continue Medicare processing. Consequently, the Administration has proposed legislation to reform HCFA's relationship with its contractors. The contractors, on the other hand, suggest that they only need funding and guidance from HCFA to renovate their systems in time. HCFA has also raised concerns about its ability to do the renovations along with the programming changes needed to implement the Balanced Budget Act and other new provisions which it claims may place a strain on both the time and resources available. Other HHS Y2K concerns involve inadequate information about biomedical device readiness, and the late start in renovating systems for welfare and child support programs.

The Subcommittee assessed Treasury as being in a stronger position than HHS, but not as strong as SSA. Some of its major program areas have not yet demonstrated sufficient progress, even though management attention to Y2K has significantly improved. The major concern is inadequate progress made to date by FMS, which provides for the payments for SSA, Medicare, IRS and other Federal programs. FMS has recently changed management and has recognized the need to be more focused on its Y2K readiness. The IRS is also of concern because of the sheer magnitude of the effort required to update its systems, and the poor track record IRS has for modernizing its systems and managing its information systems environment. Commissioner Charles O. Rossotti has personally made this a priority. Among the Commissioner's top concerns are telecommunications systems which are being renovated by contractors and managed by Treasury. The U.S. Customs Service (Customs) has brought new management attention to Y2K to help overcome earlier struggles with systems development projects and a late start on its Y2K conversion efforts.

The assessments made by the Oversight Subcommittee about the Y2K readiness of the agencies responsible for the major programs within the Committee's jurisdiction are consistent with those made by the Government Management, Information, and Technology Subcommittee (Horn Subcommittee), and by the Office of Management and Budget (OMB). The Oversight Subcommittee based its assessments primarily on its two Y2K hearings and related research. Based on quarterly reports from all the federal departments on Y2K status and progress, as well as on other information about Y2K renovation efforts, the Horn Subcommittee has graded each department's Y2K performance, and OMB has ranked departments by tiers.

Oversight Subcommittee Recommendations

The Subcommittee is concerned that, with the possible exception of Social Security, vital services that programs within the Committee's jurisdiction provide to taxpayers and beneficiaries may be disrupted or otherwise jeopardized unless the following recommendations are adopted:

1. The Administration should more aggressively promote the Y2K problem as a national priority;

The President has established the National Council on Year 2000 Conversion, presented a major policy address, and proposed legislation to limit liability. It is equally important the Administration use the many resources at its disposal to elevate the profile of this critical issue and energize the public through the press and in public events.

2. Businesses, computer industry suppliers, and others should have the capability to communicate and share information about Y2K problems and solutions without fear of legal liability;

Proposed legislation intended to encourage information-sharing on Y2K experiences and solutions needs to be passed in order to allow focus of the private sector on solving Y2K problems rather than being concerned about vulnerability to lawsuits for the information they may share. This information-sharing should benefit not only those currently trying to renovate their systems, but also those who have not yet begun the renovation effort by allowing them to take advantage of the experience of others.

3. Agencies should test their renovated systems fully and ensure they interact with other systems as needed to carry-out their related functions;

Testing is critical to identifying renovation problems before systems are put into use and to prevent beneficiaries or taxpayers from being adversely affected. Those with testing experience have cautioned that fully testing a system may take about three times longer than initially expected, and as much as half the total time needed for an entire system renovation. System or end-to-end testing is particularly important to successful renovation, especially for determining the ability to interact with others upon whom one must rely on to carry out the mission. This testing is particularly difficult for the telecommunications systems. Consequently, renovations must be done in a timely manner, no later than the March 31, 1999, date set by the Office of Management and Budget, to be able to identify and effectively correct problems. The necessary resources, expertise, and techniques also need to be secured in time to be applied properly.

4. Agencies should develop contingency plans to ensure vital services are not disrupted, since realistically all systems will not be renovated fully by January 1, 2000;

Contingency or continuity plans are critical for all systems, even those thought to be renovated, because there may be disruptions or failures in power, water, or telecommunications that may not be within the control of an agency. There must be sufficient time and resources provided for these plans, including time and resources to test their validity and effective implementation. This issue will become more critical as 2000 draws closer and it becomes more evident which systems may not be renovated in time. This planning must also be done to ensure the best options are considered for maintaining the continuity of vital program services.

5. Agencies should monitor their Y2K efforts closely to ensure their human resources and expertise are commensurate with the renovation tasks that remain to be completed;

The IRS Commissioner and others raised concerns about the resources available to renovate old systems and to reprogram obsolete computer code. The agencies received some additional assistance when the Administration provided authority for the agencies to recruit retirees with needed expertise to supplement the current workforce. As the demand for information systems and telecommunications expertise increases, it may be necessary to find other innovative ways to secure the needed talent.

6. The Administration and Congress should ensure that Y2K funding is adequate for government agencies to have the resources and expertise needed to update and renovate their systems;

Witnesses at the Subcommittee' s hearings suggested that the funding requested by the Administration may not be sufficient to complete renovations, which may become apparent as agencies proceed with their efforts. The certainty of the funding will be necessary to allow agencies to make comprehensive Y2K plans and secure the needed resource and expertise, including contractor support. The adequacy of funding and resources needs to be monitored closely as the scarcity of the requisite expertise may cause Y2K costs to escalate as time becomes a greater factor.

7. Small businesses should be encouraged to take the necessary actions to ensure their computer and telecommunications systems will be able to function properly in the year 2000 and beyond; and

Small businesses may be the most vulnerable to Y2K system failures because many have not yet started Y2K renovations and may not have the resources, expertise, or funds to do the necessary renovations. With the importance of small business to the vitality of the nation's economy, the Committee may want to consider tax incentives for small businesses to encourage them to proceed expeditiously with needed Y2K renovations. Representative Karen Thurman, a Member of the Subcommittee, has introduced legislation, H.R. 4134, to increase by $20,000 the amount a small business is permitted to expense for the purpose of making its systems Y2K compliant.

8. The Congress should work with the Administration to ensure the necessary oversight is provided so that the Y2K challenge is met successfully.

The Congress must maintain vigilant oversight of the Y2K efforts. The emphasis of congressional oversight to date has been on systems status and renovation progress. The emphasis will likely need to shift to what will not be renovated in time, and what can be done to ensure the continuity of services. Oversight should also be properly targeted to maintain the focus of those responsible for the renovation on getting the job done right.

The Subcommittee intends to continue to be diligent in its oversight activities to ensure vital services to beneficiaries and taxpayers are not disrupted because of Y2K-related system failures or malfunctions. The Oversight Subcommittee has requested GAO to continue its studies of SSA, HCFA, IRS, FMS, Customs, and others. The Subcommittee will also monitor the efforts of the appropriate Inspector General offices which have considerable efforts underway to assess system readiness, along with validating the renovations reported by the various agencies. The Subcommittee also is coordinating its efforts with the ongoing efforts of the Horn Subcommittee, House Y2K Task Force, Senate Special Committee Year 2000 Technology Problem, OMB and the Council on Year 2000 Conversion to monitor the Federal agencies' and private sector progress and readiness for the year 2000.

APPENDIX I

WAYS AND MEANS SUBCOMMITTEE ON OVERSIGHT HEARING ON YEAR 2000 ISSUES RELATIVE TO PROGRAMS WITHIN ITS JURISDICTION, May 7, 1998

PURPOSE: The hearing explored the year 2000 issues for the major program areas within the jurisdiction of the Committee on Ways and Means. In particular, the Subcommittee examined the implications of the year 2000 computer problem, commonly known as "Y2K," for the various program beneficiaries, the potential risks to program missions, and major remaining program vulnerabilities.

WITNESSES:

Agencies--

The Honorable Charles O. Rossotti, Commissioner, Internal Revenue Service

The Honorable John Callahan, Assistant Secretary, Office of Management and Budget, U.S. Department of Health and Human Services

Mr. John Dyer, Principal Deputy Commissioner, Social Security Administration

Mr. James A. Flyzik, Assistant Secretary, Information Systems and Chief Information Officer, U.S. Department of the Treasury

Ms. Constance E. Craig, Assistant Commissioner, Information Resources, Financial Management Services, U.S. Department of the Treasury

Ms. Vincette Goerl, Assistant Commissioner, Finance, U.S. Customs Service, U.S. Department of the Treasury

Private Sector--

Mr. John Bace, Research Director, Gartner Group, Inc., Rosemont, Illinois

Mr. Harris N. Miller, President, Information Technology Association of America

Mr. Steven McManus, Communications Manager, BankBoston, Boston, Massachusetts

Ms. Irene Dec, Vice President, Information Systems, Prudential Insurance Company of America

Ms. Jennifer Jackson, General Counsel, Connecticut Hospital Association, on belalf of American Hospital Association

Ms. Mary Nell Lehnhardt, Senior Vice President, Office of Policy and Representation, Blue Cross and Blue Shield Association

U.S. General Accounting Office--

Ms. Lynda D. Willis, Director, Tax Policy and Administration Issues, General Government Division; accompanied by Ms. Sherrie Russ, Assistant Director

Mr. Joel C. Willemssen, Director, Information Resource Management, Accounting and Information Management Division; accompanied by Mr. Randy Hite, Assistant Director

HEARING SYNOPSIS:

The private sector witnesses admonished the Subcommittee to do whatever it can to make solving the Y2K problem a national priority. The Subcommittee was reminded that the United States has close to half the world's computer capacity and 60 percent of Internet assets, making the U.S. the world's most advanced and dependent user of information technology. The Subcommittee was also cautioned that if these systems-- many of which perform functions and services critical to the nation-- suffer disruption, it could create a widespread crisis.

The agency officials testified on the progress that they have made in their conversion efforts, the risks they have identified, and how they are attempting to mitigate those risks. The officials described Y2K as their number one technology priority with each expressing a keen awareness of the importance of successfully meeting this challenge. They described the extensive resources that they have committed to ensure an orderly computer conversion. They also articulated the considerable risks that they still face, and the efforts that they are undertaking to manage those risks and thereby avert potentially catastrophic implications for Social Security and Medicare beneficiaries and taxpayers. While each voiced confidence that their agencies were on schedule to meet this considerable challenge, they recognized the enormity of the task ahead, and the reliance they must place in others for their own success.

Remaining Challenges--Agencies' Perspectives

IRS Commissioner Charles Rossotti, a highly successful technology professional, acknowledged that he is still learning about the magnitude of this effort, as it presents the largest conversion and testing challenge known to him. His counterparts agreed with his assessment, with everyone expressing the belief that they were doing everything within their power to meet the challenge. For the most part, the agencies' officials testified that they are currently performing the computer conversions identified as being needed, with some having tested the converted systems. The tasks remaining include completing system conversion and testing, performing integrated or end-to-end tests of entire processes, independently validating successful conversion, and developing contingency plans should system disruptions arise. Some of these tasks involve working with other organizations with which an agency shares data or upon which it relies to carry out its processes. For example, IRS and SSA share important account information and both rely on FMS to produce checks for taxpayers or beneficiaries, respectively. Some agency officials expressed concern over their ability to retain information systems employees with the necessary expertise to handle the conversions, and even their ability to supplement their workforce with contractor support, because of the escalating demand for a finite talent pool and the escalating costs for that expertise. Costs are not the only issue, as specialized knowledge of agencies' sometimes antiquated systems is not easily transferable, if at all, to other employees or contractors. At the time, this issue was not expressed as a critical impediment, but it remains a concern as the year 2000 approaches.

Magnitude of the Challenge--Independent Perspective

Neither the private sector panel nor the GAO witnesses questioned the determination or accounts of the agency officials to ensure they meet this substantial challenge, but they did raise concerns about how much remains to be done and how little time there is to do it. The private sector witnesses stressed the magnitude of the challenge as being immense, much greater than they had initially thought. They said their efforts began over three years ago, which is fortuitous because the conversion and testing has taken every bit of that time and more. For example, a private sector witness said that testing had taken three times longer than expected and 50 percent of the entire conversion time for her organization.

A GAO witness cited a recently-issued report entitled YEAR 2000 COMPUTING CRISIS: Potential for Widespread Disruption Calls for Strong Leadership and Partnerships. This report credits agencies with the progress they have made, but concludes that with the remaining risks and current pace not all mission-critical systems will be successfully converted in time. GAO calls for more action to mitigate the remaining risks to avoid debilitating results. GAO also cites vulnerabilities in vital economic sectors of the nation, like telecommunications, health, safety, and small business. Interdependencies of related systems across public and private sectors increase the risk of a cascading wave of failures or interruptions of essential services. The report also discusses similar interdependencies of related systems internationally.

GAO acknowledged that as the year 2000 has drawn nearer and the scope of the challenge has become clearer, the Federal government's response to the crisis has grown as well. GAO credited Congressional oversight as being key to increasing the focus of OMB and agency attention on the Y2K problem. For example, after numerous Congressional oversight hearings on the need for more focused Y2K attention, in February 1998, the President issued an executive order establishing a President's Council on Year 2000 Conversion to recognize the national and international aspects of the problem.

John Koskinen, who was named the Assistant to the President and Chair of the Council, differed with GAO on the leadership role the Council should play in implementing numerous GAO recommendations. However, in his formal response to the GAO report, he agreed that issues involving the economic sectors, along with others that are national or international, are beyond the control of individual Federal agencies. He believed that his role needs to be as a catalyst, facilitator, and coordinator, and that the Council should only create and directly manage new national forums for specific sectors of the economy, such as energy and telecommunications. Mr. Koskinen has, in fact, created such national forums and has taken a global approach to his new duties. The Subcommittee agrees with GAO and Mr. Koskinen that the last thing needed at this time is the creation of a new bureaucracy. However, Mr. Koskinen does not have the authority to compel partnerships between public and private sectors; among economic sectors; or across local, State, Federal, and other countries' governments.

A National Mandate

Chairman Johnson asked GAO to give thought to how to formulate a national mandate to make sure that people responsible for system renovations get the needed information and action in time to mitigate any risks and avert a disaster. GAO discussed the following findings in its recently-issued report:

Setting priorities is critical. As it becomes increasingly evident that there is not enough time to successfully convert all mission-critical systems across the Federal government, it is imperative that the Executive Branch identify those systems, that if not fixed, could most seriously threaten health, safety, national security, or economic well-being. These priority systems must also be able to interact with data or processes that are shared. Contingency plans should be developed immediately for those systems not deemed to be high priority to ensure sufficient time and resources are available.

Monitoring agencies' progress must be comprehensive and reliable. The reports on agency progress must include all agencies and systems, including those sharing information, and include data that accurately reflects their status relative to the expectations for each phase of conversion and time remaining available for conversion.

Testing, including end-to-end testing, for entire processes must be performed. Sufficient time, resources, and expertise must be made available to do this critical testing so problems can be identified and corrected before the system is in production. This is an area in which agencies have generally not been as diligent as necessary. Most agencies have said they want to use all or most of 1999 for this end-to-end testing, although some schedule slippage may affect their ability to do so.

Requiring independent verification and validation of Y2K programs, including testing, is critical to the integrity of the conversion process. Agencies may use Inspector Generals' Offices, contractors, and others with the requisite expertise to ensure their Y2K program has the necessary steps to ensure each phase is completed, thoroughly and accurately. This must be done independently of officials with conversion responsibility.

Developing contingency or business continuity plans is imperative. Such plans must be developed for all systems to ensure that the processes or programs served will be able to function in the event successful conversion is not completed on time. The plans may require functions to be handled through manual processes, other converted systems, or other means for working around non-converted systems. The plans must also consider any interdependencies with other systems.

Developing a resource strategy is essential. OMB and OPM have already taken some actions to help agencies to attract and retain personnel with the requisite expertise to carry out the conversions, but agencies need to identify creative ways to ensure they have the necessary resources beyond the year 2000. Likewise, similar plans must be developed and actively monitored to ensure the funds, personnel, other expertise, and equipment are available when needed.

Establishing an ability to address government-wide issues needs strengthening. Numerous issues are beyond the control of any particular agency, such as responsibility or control over various economic sectors or governments. These issues may need to be addressed by a broader authority to make the necessary arrangements for agencies to ensure their systems are, in fact, fully and successfully converted.

Liability Protection

Chairman Johnson asked both the private sector and GAO panelists how to avoid Y2K problems. The liability protection issue was identified by several witnesses as the crux of industries' reluctance to share information or deliver Y2K certified equipment or components. It was raised specifically about biomedical devices or equipment and telecommunications components.

Biomedical Devices

The American Hospital Association witness offered some suggestions for Congress in her written statement, including the following idea on liability protection:

"Congress should enact some form of immunity from liability for health care providers that have taken steps to prevent year 2000 problems from affecting patient care -- for example, relying on the FDA's data base of medical devices and equipment for information about year 2000 compliance . . . Providers should not be liable for damages for the year 2000 limitations of those products and systems."

The HHS testimony discussed the initiative HHS has taken with over 16,000 biomedical equipment manufacturers, which has resulted in a FDA Internet web site of manufacturers' information about the Y2K compliance of their equipment. A GAO witness told the Subcommittee that GAO is looking into the biomedical device area, including the FDA web site, for another committee. He offered a preliminary observation that manufacturers' information is just now coming forward and has sometimes changed from initial postings.

Telecommunications

Both the IRS Commissioner and Treasury Chief Information Officer expressed concern about telecommunications, with their concern centered around vendor schedules for delivering releases of their components or systems that are certified as Y2K compliant. Treasury bureaus cannot plan on testing the telecommunications aspects of their systems until vendor delivery is made, nor can they proceed with end-to-end testing. Both GAO witnesses cited telecommunications as a major concern for all agencies since they have to rely on vendors to deliver compliant components or systems. The reason this concern rises above others is that the telecommunications industry has not been very forthcoming with information about exactly when and what it will be able to deliver and certify as Y2K compliant. The industry is thought to be quite concerned about its liability exposure and has chosen not to put out information until it is absolutely certain of its validity. The later information and deliveries are, the greater the difficulty for agencies with regard to component or end-to-end testing as well as contingency planning. Realistically, with the normal procurement cycle times needed, agencies cannot pursue alternative suppliers-- especially since nearly the entire industry is in the same position. With an increasing reliance on telecommunications for providing services to beneficiaries and taxpayers, and so much still unknown about compliant deliveries, telecommunications is a serious and widespread vulnerability for agencies' Y2K programs.

Since the hearing, the Subcommittee staff has further explored with GAO the validity of the industry's belief that protection is needed against liability and the posture agencies find themselves on this issue. The GAO officials illustrated the frustration shared across agencies by describing a meeting of industry representatives and agency officials, that was arranged by the CIO Council, to better understand one another's needs. Not all of the key vendors attended, with some last-minute cancellations, and little information was exchanged-- even on the reasons for the industry's reluctance to be more forthcoming. So, the Subcommittee is left with a concern that the industry is more worried about liability than in the agencies' needs for specific information.⁽¹⁾

At a briefing for Congressional staff on May 22, 1998, John Koskinen said he has Assistant Attorney General Joel Klein's agreement that the Department of Justice Antitrust Division to write a business advisory to let companies know that sharing information across industries to facilitate Y2K compliance will not be viewed as an antitrust violation. [The business advisory was issued on July 1, 1998.] Mr. Koskinen said the other reason for vendor reluctance to share information is, in his opinion, bad legal advice. He believes sharing information on compliance efforts actually protects vendors against legal liability, and he offers that observation to any audience that he addresses.

As discussed above relative to IRS, the Subcommittee understands that the telecommunications sector is concerned about liabilities that may arise from Y2K failures and is reluctant to share information about the capabilities of its systems or components until they are tested and delivered. There may very well be other reasons for telecommunications companies reluctance to share information, for example, they may not have compliant components yet or are concerned about the compliance of their components in different agency environments. Regardless, this reluctance to share information presents a dilemma for agencies that cannot be certain when they will get delivery and be able to test in their own environment, including end-to-end testing.

Some agencies, including IRS, have recently taken a more aggressive posture with their telecommunications vendors to promote better communications. IRS, Treasury, and TRW have recently formed teams to work together to install and test Y2K components or systems in test facilities, with plans to have the teams pursue testing in the IRS processing environment. SSA has also worked with its vendors to obtain specifics on delivery schedules, and related costs, as well as to reduce those specifics to contractual commitments. GSA officials advised the Subcommittee that they are seeing some recent progress in information availability from vendors about the compliance of their components, but vendors are still reluctant to put out information until the components have been successfully tested. Apparently not much of the related software development has been completed. While there are some reports of a recent increase in information flow, that flow must be continued and expanded.

This communication may help ease some anxiety, but reliance on the industry to deliver compliant components in time to be properly tested is a concern as the Y2K deadline approaches. Many deliveries are expected this fall, with any slippage likely to cause constraints in testing plans which pose risks to the affected agencies. Another risk as time passes is whether the vendors will be able to produce enough of the Y2K compliant components, including embedded chips, to satisfy all of their customers' needs. Therefore, the agencies must have firm contractual arrangements in place as soon as possible to set delivery quantities, times, and costs. Should they have reason to doubt the vendors can deliver as specified, the agencies should provide for contingency arrangements-- secondary suppliers, system workarounds, or other ways to ensure their missions can be accomplished.

1. The same basic concerns about increasingly restrictive information flow between industry and government agencies were raised for the electric utility industry in a recent hearing held by Chairwoman Constance Morella before the Science Subcommittee on Technology, Committee on Science. The concerns were raised by agency officials and trade association representatives about having to be reliant on the electric utilities delivery of Y2K compliant equipment, including upgrades to imbedded chips, with little specific information on what will be delivered, when, and at what cost.

APPENDIX II

WAYS AND MEANS OVERSIGHT SUBCOMMITTEE HEARING ON YEAR 2000 TELECOMMUNICATIONS ISSUES RELATIVE TO PROGRAMS WITHIN ITS JURISDICTION, June 16, 1998

PURPOSE: The hearing explored the Y2K issues for the nation's telecommunications infrastructure and its impact on the major programs within the jurisdiction of the Committee on Ways and Means. In particular, the Subcommittee examined the implications of the Y2K risks posed by the telecommunications infrastructure, including those posed by critical infrastructure component failures.

WITNESSES:

Agencies--

The Honorable Michael Powell, Defense Commissioner, Federal Communications Commission; and Chairman, Telecommunications Subcommittee, President's Commission on Year 2000 Conversion

Private Sector--

Mr. David Baker, Managing Director, Schwab Washington Research Group

Mr. Gerald A. Roth, Vice President, Technology Programs, GTE Labs Technology and Systems, Alexandria, Virginia

Mr. John Pasqua, Director, AT&T, Warren, New Jersey

Ms. Ronnie Lee Bennett, Vice President, Program Management, Lucent Technologies, San Ramone, California

Ms. Pricilla Gutherie, Vice President and General Manager, TRW, Fairfax, Virginia

Mr. William O. White, Senior Director, Information Technologies. U.S. West, Denver, Colorado

U.S. General Accounting Office--

Mr. Joel Willemssen, Director, Information Resources Management, Accounting and Information Management Division

HEARING SYNOPSIS:

During the Subcommittee's Y2K hearing on June 16, 1998, the witnesses described recent progress that has been made in making various facets of the telecommunications infrastructure Y2K compliant, as well as initiatives to improve information sharing and communications about Y2K compliance within the telecommunications industry and its customers. The witnesses, however, also described concerns about their vulnerability to legal liability and other impediments to more open communication. They also talked about the remaining challenges to making the telecommunications infrastructure Y2K compliant, including the fact that even after extensive testing of components and networks, the compliance of the entire infrastructure cannot be verified until the year 2000 because it cannot be taken down to test in its entirety. Therefore, effective contingency planning is particularly important for those who rely heavily on telecommunications for carrying out their missions. These issues relate to the state of Y2K readiness for the telecommunications industry in the United States, which is thought to be much further advanced than its counterparts overseas.

Collectively, the witnesses described the telecommunications infrastructure as being a complex web of components including switches, routers, systems, and networks that operate together to transmit voice and data. The infrastructure provides a seamless inter-connectivity between a wide range of networks and carriers. Telecommunications has become critical to the operations of nearly every public and private sector organization. The witnesses described the process being used to ensure that each part of the infrastructure will be able to operate properly in the year 2000 and beyond. The process is essentially the same as the one used for ensuring Y2K compliance for computer systems; that is, awareness, assessment, renovation, validation, and implementation. They described the industry as generally being through the assessment phase and well into renovation, with compliant components expected to be ready for customer delivery by the third or fourth quarter of 1998. These components, for the most part, will have been laboratory tested when delivered and will need only to be tested in the organization's production environment.

The witnesses said that each phase of the process must be completed to ensure the compliance of each component, and must be carefully coordinated to ensure the desired inter-operability of the entire telecommunications infrastructure. They singled out testing of the infrastructure as unique because it cannot realistically be replicated or taken out of operation to be tested. Therefore, while components may be certified as Y2K compliant, there is no real assurance that they will be compatible or function properly in operation on January 1, 2000. Consequently, contingency plans are particularly important for organizations to have alternate ways to carry out their missions in the event of failure in their telecommunications capability.

Remaining Challenges

The Subcommittee learned that the telecommunications industry is generally well aware of the magnitude of the Y2K problem and is proceeding to renovate and test components for delivery to customers in the third or fourth quarter of 1998. The industry is probably further along in its renovations than the agencies within the Committee's jurisdiction expect it to be according to their testimony in the Subcommittee's May 7, 1998, hearing. The industry representatives explained that there has been a reluctance to share information about Y2K readiness of components because of the fear that the information could be used against a supplier or carrier in a liability lawsuit. As a result, telecommunications firms have been reluctant to make information available, even to customers, until they have tested renovated components, rather than take the chance that they would have to modify information upon learning more about a component's compliance. Even though the firms know that more information would be helpful for their customers to manage their own Y2K renovation programs, many in the industry remain so concerned about being subjected to a lawsuit that they are reluctant to share more information.

Some industry witnesses suggested that Congress could ease this reluctance to share information by passing legislation to provide limited protection against lawsuit for those who share information in good faith to help reduce Y2K-realted problems. They said there was a separate effort underway with the Department of Justice Antitrust Division for industry to get some assurance from Justice that sharing information for the purpose of solving the Y2K problem would not be considered as an anti-competitive practice or violation of the antitrust laws. [On July 1, 1998, Justice formally established this position in response to a request from the Security Industry Association.] While such a Justice position should ease concerns about information-sharing on Y2K subjecting an organization to antitrust suit by the government, the industry witnesses said that legislation would be needed to provide some protection against private lawsuit.

While the concern about legal liability continues to have a dampening effect on information sharing, the witnesses described a number of efforts and forums that are being used within the telecommunications industry to improve the flow of information about the readiness of various components. One industry observer offered that among the reasons for information lagging on telecommunications was that everyone was initially focused on their own internal computer systems. Now that they realize they are also dependent on others, like telecommunications carriers and suppliers, more attention is being afforded those interdependencies. Both agency and industry witnesses testified that many in the telecommunications industry have been aware of the Y2K issue and working on it for years, as early as 1995. They acknowledge more information is being made available as testing forums have emerged, but also advocate the need for liability protection. The AT&T witness challenged others to join its recent initiative to put information out for public and customer consumption, while agreeing that relief would be welcome.

The TRW witness provided the perspective of a systems integrator, and articulated the dilemma the constrained information flow poses for customers of telecommunications components. She said among the most important things to do is effectively scheduling the renovation, testing, and implementation of components; and among the most difficult is reacting to suppliers and carriers who do not deliver compliant components consistent with that schedule. While the agency witnesses at the Subcommittee's May 7 hearing expressed frustration with not knowing when their telecommunications vendors were going to be able to deliver, the industry witnesses at this hearing said, for the most part, they will be delivering Y2K compliant components to their customers in the third or fourth quarters of 1998 after they have been tested in Bellcore or other labs. They also said that they are now communicating their schedules with their customers. The Lucent witness said the company expected to be able to satisfy all of its customers' orders for components, but also urged others who have not yet determined their needs to do so as quickly as possible so their needs can be considered in Lucent's production schedules.

While testing is a critical issue for Y2K readiness for all organizations, the telecommunications aspects of testing are unique in a couple of ways. Telecommunications components may test as Y2K compliant when tested individually or even in a test lab, but may not function properly in a customer's production environment. Inter-operability testing is an important aspect of the testing regime which to some extent can be done in a lab, but must also be done in the production environment. However, even with this testing, there cannot be complete assurance that the entire telecommunications infrastructure is Y2K compliant until it is in operation on January 1, 2000. This, as the witnesses explained, was because the infrastructure cannot realistically be taken down to test its compliance. The industry is working through cooperative arrangements to test components both individually and as they may normally be configured in operations. It is also working with customers to design inter-operability testing in the customer's operating environment to mitigate as many of the risks as they can. These tests, however, will not be done before year-end 1998 in most organizations because the telecommunications components will not be delivered in time to do them earlier.

The limitations of inter-operability testing for the telecommunications infrastructure makes contingency planning essential as well as difficult since organizations are becoming increasingly reliant on telecommunications to carry out their missions. The witnesses were uniform in their belief that organizations must be prepared for the possibility that they may have some telecommunications outages, and make provisions for getting their work done during those outages. While considerable time remains to develop such contingency plans, those plans will require resources, logistics, and other considerations that must be provided for well in advance of the ultimate need. The Federal Communications Commission witness said the FCC intends to continue to encourage the industry to proceed expeditiously to make the infrastructure Y2K compliant to minimize the likelihood of failure. His concerns were far more pronounced for international compliance since he does not believe the same amount of awareness and attention have been given to Y2K as has been by the domestic telecommunications industry. For that reason, he is chairing the Year 2000 Conversion Council Telecommunications Subcommittee, and believes those organizations reliant on telecommunications for conducting international business must be particularly diligent in providing for effective contingencies. The GAO witness agreed with the importance of contingency planning in this area and offered a guide his office has published to assist those in devising effective plans.