Year 2000 Computing Crisis

The United States, with nearly half of all computer capacity and 60 percent of Internet assets, is the world's most advanced and dependent user of information technology, according to the President's Commission on Critical Infrastructure Protection. Because of the urgent nature and potentially devastating impact of the Year 2000 problem, including the disruption of vital government services, GAO has designated the Year 2000 problem as a high-risk area for the federal government. (See GAO/HR-97-9, Feb. 1997.) This testimony briefly discusses the Year 2000 risks facing the nation, highlights GAO's major concerns with the federal government's progress in correcting its systems, identifies state and local government Year 2000 issues, and discusses critical Year 2000 data exchange issues.

GAO noted that: (1) the public faces a high risk that critical services provided by the government and the private sector could be severely disrupted by the year 2000 computing crisis; (2) the year 2000 could cause problems for the many facilities used by the federal government that were built or renovated within the last 20 years and contain embedded computer systems to control, monitor, or assist in operations; (3) overall, the government's 24 major departments and agencies are making slow progress in fixing their systems; (4) in May 1997, the Office of Management and Budget (OMB) reported that about 21 percent of the mission-critical systems for these departments and agencies were year 2000 compliant; (5) in May 1998, these departments reported that 40 percent of the mission-critical systems were year 2000 compliant; (6) unless progress improves dramatically, a substantial number of mission-critical systems will not be compliant in time; (7) in addition to slow governmentwide progress in fixing systems, GAO's reviews of federal agency year 2000 programs have found uneven progress; (8) some agencies are significantly behind schedule and are at high risk that they will not fix their systems in time; (9) other agencies have made progress, although risks continue and a great deal of work remains; (10) governmentwide priorities in fixing systems have not yet been established; (11) these governmentwide priorities need to be based on such criteria as the potential for adverse health and safety effects, adverse financial effects on American citizens, detrimental effects on national security, and adverse economic consequences; (12) business continuity and contingency planning across the government has been inadequate; (13) in their May 1998 quarterly reports to OMB, only four agencies reported that they had drafted contingency plans for their core business processes; (14) OMB's assessment of the status of federal year 2000 progress is predominantly based on agency reports that have not been consistently reviewed or verified; (15) GAO found cases in which agencies' systems compliance status as reported to OMB had been inaccurate; (16) end-to-end testing responsibilities have not yet been identified; (17) state and local governments also face a major risk of year 2000-induced failures to the many vital services that they provide; (18) recent surveys of state year 2000 efforts have indicated that much remains to be completed; and (19) at the time of GAO's review, much work remained to ensure that federal and state data exchanges will be year 2000 compliant.