The biggest job in IT management is just about to start. Unlike any other systems job, it has an immovable deadline. If a company gets it wrong, it's not just a question of system downtime; the whole enterprise faces total collapse. It's time to start working out how to defuse the millennium time bomb.
Imagine a pharmaceutical company whose computer rejects all its newly produced medicines because it thinks their sell-by date is 16 January 1900, not 16 January 2000. The fact that some computers cannot handle the first two digits in the year segment of a date field seems like a trivial problem. But when most applications, from invoicing to stock control to maintenance schedules, rely on knowing what year it is, the millennium problem may actually be the biggest nightmare to hit companies since the Wall Street crash.
The real headache is not only having to change the software; it lies in actually unearthing the original programmers of applications, checking source code and finding long-lost compilers for computer languages that time forgot. The deeper IT managers delve into the problem, the worse it seems to get.
To find out how companies can tackle the problem, and to see if UK business is gearing up for the mammoth task, Business Computer World talked to Dr Philip Wright, senior policy adviser to the technology group at the Confederation of British Industry (CBI).
The worst-case scenario? Every company faces dried up revenue streams because they can't invoice, and idle factories because their computers won't order stock. But, as Dr Wright tells us, the best bet is to heed the words of the Hitchhiker's Guide to the Galaxy: 'Don't Panic'.
Q Why doesn't the CBI have a specific technology directorate, other than the technology group within the manufacturing and international markets directorate?
A The DTI has a technology desk which supports the Information Society Initiative (ISI). This does a similar job to the CBI, in encouraging companies to use IT. We work alongside the ISI, although we don't want to tell organisations how to run their business. Companies must develop relationships with their suppliers and customers, and find out how best they can work within the information society. If anything, the Government must provide the appropriate regulatory climate for the information society.
Q That implies you see IT as purely a tool rather than a subject for attention in its own right.
A The emphasis is not on technology, but on how it can be used to improve business. The whole computer scene is driven increasingly by information; it's content driven. The UK is in a good position with respect to content: we have several excellent companies, some quite small, some very expert in niche markets, which is good news for the future. There's more added value in content. We have hardware manufacturers in Silicon Glen, and Britain has an excellent reputation for designing computer games. We shouldn't be embarrassed by that; we should be taking advantage of it.
Q How can the CBI ensure this happens?
A Our role is to help companies share information and understand their customers. By using the Internet, for example, organisations can shorten the supply chain. We're not exactly advisers, but we can facilitate discussion on the information society, its impact on employees and its effects on innovation in companies. Really, all we can do is highlight successful examples and say, 'this is what other companies are doing, why don't you consider it?' We also have Manufacturing by Design, which promotes the use of IT in schools to support the manufacturing industry. We aim to show them how IT works in manufacturing, and that it is an exciting area for pupils to work in. The promotion of best practice fits nicely into that, because we work on sharing IT expertise directly between companies and schools.
Q What about a potential disaster for the industry, such as the year 2000 problem?
A Last year, a journalist asked me about this. I wasn't really aware of the problem or its seriousness. Now, after speaking to people in the industry, we think there's a critical issue there. We can raise awareness among members with our Information Technology Brief (a CBI newsletter), and by organising regional seminars.
But we can't be too narrow minded, so we need to work with others to promote awareness at a senior level in companies. We're also working with other organisations. In July, we were invited to a meeting at the DTI by Ian Taylor, the Minister for Science & Technology, who is very tuned in to this issue. The discussions included representatives from the Bank of England and trade associations. Ian Taylor asked the CBI and the Computing Software and Services Association (CSSA) to work together to set up a group called Taskforce 2000. It's not a CBI or government body, and it can independently create networks to act as a hub for all the activities taking place.
Q How does that work? Are people feeding information back to Taskforce 2000?
A You don't want to put off developers and suppliers from doing their own thing, and we're not trying to take their place. We want to make people aware of what is going on, and if Taskforce 2000 can achieve that co-ordination of awareness-raising activity, it will be very effective. We're trying to raise awareness at board level by March. By then, companies with three-year contracts will need to assess the impact. Auditing systems is quite a lengthy process. You have to develop a strategy and, most importantly, implement it. That will take some time because you can only access your systems during downtime. And you also have to test the systems.
Q That's fairly straightforward for IT managers. But what about selling a potentially expensive solution to the board?
A IT leaders are worried about taking the problem to board level because they might be seen as the guilty party. But boards will quickly realise that every company is in the same boat. We're hesitant about putting a figure on the overall cost of a solution, mainly because we can't work it out. No one will know the figure until systems have been audited.
Q How do you make boards aware of the need to start early?
A IT leaders should highlight the positive aspects of the year 2000 problem, and not just the negative elements, such as cost. Defusing the millennium bomb will give them a window of opportunity to look at how IT is used in their companies. They can use the year 2000 problem to develop a strategy for the future. You also have to consider not just what's going on in your own company, but what's happening to your suppliers and customers.
Even small companies should be concerned about their supply chain; increasingly, Electronic Data Interchange (EDI) is commonplace and includes date codes.
Someone has to check them, whether it's a third party or the IT supplier or in-house systems people. It will take time.
Q If a key customer or supplier has a major problem, that could spell disaster for some companies, even if they are well prepared for the millennium themselves. What can the CBI do to ensure there's general compliance?
A It's not up to us to ensure that companies comply. It's sensible to work with your IT suppliers and business associates, especially if you've had a good relationship for some time, and they know your company and your IT systems. I would hope from now on that any IT contracts would specify that new systems should be millennium compliant. But the question then is 'what is millennium compliant?' We would also like to emphasise the legal implications, although we are hesitant because it's such an unclear area.
Q The software houses and manufacturers have a role in providing information to their customers.
But on the legal side, what are companies' responsibilities? I understand accountants may qualify the accounts of non-millennium compliant businesses.
A That is a possibility, but we'll have to see how it develops; it's a bit early to say for sure. But there's a distinct chance that auditors will look at the ongoing viability of a company - after all, that is part of their job. I think anything deeper than qualifying the accounts would be difficult to do, and emphasising the competitiveness of a business is the best way to convey the message to shareholders in a positive way.
Q People feel the deadline is still a long way off. But for some companies, the effects are already being felt, with sell-by dates, for example, stretching beyond 2000.
A I know of instances in which some companies have had problems with sell-by dates, but again, that's a supplier problem. Many of the large retailers in the UK are up to date with the problem, and retailing and financial services are the most advanced sectors. Some of our major companies and utilities already have people working on solving the problem. The question then becomes timing. As long as organisations have got a senior person dealing with it, that's fine. It's a management issue, not a technical dilemma. Companies can start considering how much they really depend on IT systems. I suspect that boards don't fully understand how much their companies routinely use IT.
Q What's the best-case scenario for 1 January, 2000?
A It would be everyone complaining about the fuss the CBI was making over a problem that never did any damage. If all the companies in the UK get the idea on board, and ensure they make their systems comply, and supply chain links are compliant, they won't have any problems, and they will have a greater awareness of the information society.
Q What about the worst-case scenario?
A Even businesses which have tackled the problem will need to train people to deal with emergencies which arise as a result of the millennium time bomb. Alternatively, they should be developing a mechanism to force systems to keep working for a short period until the problem can be solved.
Not all solutions will be totally successful, so everyone needs to be ready. Also, you should prepare for the fact that many staff will want to take time off in the first week of the new millennium.
Year 2000 legal issues
Bird & Bird is a London law firm specialising in technology issues. It has already looked very closely at the year 2000 problem, and is an excellent source for professional advice.
The Court of Appeal recently decided that software fell under the terms of the Sale of Goods Act 1979, which makes clear that it should be 'of merchantable quality and fit for its purpose'. In that sense, non-millennium compliant software fails to meet the terms of the Act, and companies which encounter problems come 2000 may be able to sue their suppliers.
But a specific precedent for the year 2000 problem has not been set, and it is unlikely cases will emerge much before the date itself. Equally, many software licences actually exclude the fitness of purpose clauses, leaving buyers unprotected. Including year 2000-related warranties in new contracts or licences is a must.
The other option is to estimate how much it would cost your company in system downtime if a particular application failed in the year 2000, and write a specific clause penalising your supplier for those costs.
The picture is more complex for existing agreements.
If a contract or licence runs for a specific length of time beyond 2000, it could be argued that the software has to keep working for the full length of the contract.
But Bird & Bird points out this is an untested theory.
Warranties which extend beyond 2000 may only kick in after a problem has occurred, and by then it could be too late.
Directors could face personal financial costs for company losses if they turn a blind eye to the year 2000 problem because of the fiduciary duty they owe shareholders. If the board won't listen, IT managers may want to use this as extra leverage.
Bird & Bird: 0171 415 6000
Year 2000 ready-reckoner
Ten tips to get to grips with the millennium time bomb
1. Start thinking about the problem now. There are no extensions to this deadline, and most of the best talent will have been snapped up by other companies if you leave it too late.
2. Push for the board to recognise there is a problem, and make sure everyone in the company knows how important it is. Point out that directors can be held personally liable if they ignore a problem which results in losses to their company.
3. Assign a senior executive to oversee your project.
4. Carry out a full-system audit and assign resources to the solution accordingly.
5. Highlight the benefits of implementing a solution, such as discarding dead applications and redundant lines of code, generating a complete systems audit and planning IT policy into the next century.
6. Establish your terms for millennium compliance.
Better still, use the standards set by Taskforce 2000. Also, consult with other companies, your IT suppliers, the Millennium User Group, the CSSA and specialist software companies.
7. Consider the supply chain - are your suppliers and customers aware of the problem, and are they trying to fix it? If not, reconsider your contracts with them. Insist on warranties in any contracts which rely on IT. So if anything goes wrong, there are no disputes over who is responsible. If you partner with companies on projects which rely on IT, ring-fence your own liabilities to avoid damage claims come the year 2000.
8. Ensure that all new software and hardware is millennium compliant.
Insist on warranties to cover yourself in case your vendor overlooks something in new products.
9. Make sure your auditors and accountants know you are implementing a solution; otherwise they could qualify your company accounts, and the shareholders will want to know why.
10. Don't panic. Solving the year 2000 problem is not a highly technical task. However, it does require hard work, excellent project-management skills and lateral thinking.
Taskforce 2000: 0171 562 7650
CCTA: 01603 704874
CSSA: 0171 405 2171
Peter de Jager: 001 905 792 8706; www.year2000.com
UK Year 2000 Interest Group: 01734 261424
British Computer Society: 01793 417417 www.bcs.org.uk/millen.htm
CBI: 0171 379 7400 www.brainstorm.co.uk/CBI.
Apple, Samsung, Google and others rush to go ever-higher upmarket is putting off potential customers
Laser tech can charge mobile phones from across a room
AMD's Zen chip roll-out continues with the focus on high-power embedded applications
And becomes the team's executive chairman to boot