The agency responsible for actually managing the running of government, the State Services Commission, in the news recently for creating a Y2K Project Office headed by troubleshooter John Belgrave, last year issued a “could not fail” list of government agencies in the event of problems arising from the year 2000 programming glitch.
The list, which comprises 56 departments or agencies, includes many of the obvious: Health, Defence, Fire Service, Police, Courts and Corrections, Customs, Blood Service, Reserve Bank, numerous health bodies. But why the GSCB but not the SIS? Why Radio New Zealand but not TVNZ? Why Fisheries but not Education? The SSC - and the government - no doubt has its reasons, but trying to extract those and other basic facts from our elected representatives is a task that would be unenvied by Sisyphus.
Computerworld contacted the offices of six ministers responsible for 17 government departments or agencies. No-one in any minister’s office was able to report on what each of the minister’s departments was doing with regard to Y2K. None of them could say which person was responsible for doing the actual work in each department, or how much had been spent, or how much was budgeted to be spent. Most of them pointed to the SSC’s Y2K Project Office as the source of such information, some pointed to the Readiness Commission and one office (WINZ) even referred Computerworld to the wrong agency - the Crown Company Monitoring and Advisory Unit or CCMAU, which only looks after SOEs - as "the people responsible for looking after our Y2K project".
It gets even harder to fathom. "Ensuring that computer systems function appropriately is an operational matter and is therefore the responsibility of the boards of individual SOEs," writes a spokesperson for the Minister for State Owned Enterprises, Tony Ryall.
As to Y2K remediation costs, no figures are immediately available and only one ministry volunteered to do their sums to provide Computerworld with a useful answer. Almost a week later we were advised this would take "a few days to sort out". Eventually the following reply was received: "I'm advised Mr Williamson is the minister to talk to about government departments’ readiness for the year 2000."
Ryall’s office gave typical responses to Computerworld’s written questions about Y2K costs and responsibilities. As to how much had been spent on Y2K work to date: "No overall figures on this have been collated and it would be difficult to compile meaningful data on this. For instance, issues associated with compliance have caused the replacement of some computer equipment earlier than originally planned. However, in many instances the new equipment has replaced ageing equipment that would have had to be replaced soon in any event. Thus it is meaningless to describe the entire cost of the new equipment as arising from year 2000 compliance."
United Party MP Peter Dunne, a vocal critic of governmental Y2K inaction, isn’t at all surprised by that few people were willing, or able, to talk. "There’s no overall strategy and there’s no agency taking overall responsibility for Y2K."
While Dunne believes the Y2K Readiness Commission - effectively an advisory body for smaller businesses - is doing a great job, he says it is underfunded and was set up too late. Dunne wants to see government take Y2K seriously and set itself up in a leadership role. "Government is busy rushing round proving all is well rather than trying to get to the bottom of the problem."
A starting point
Government’s interest in Y2K began in earnest in October 1996, when a Government Administration Committee was formed. With Clem Simich as head, the committee included Labour’s IT spokeswoman, Marian Hobbs, ACT’s Rodney Hide and Trevor Mallard. Such senior politicians were chosen to intimate the gravity of the situation. Their report, an "Inquiry into the year 2000 date coding problem", was handed to the Minister of Information Technology, Maurice Williamson, late in 1997 but wasn’t tabled in parliament until April 1998. No one was there to read the report, however; parliament was in recess.
The report explains the potential for disaster in clear, precise language. It uses examples from Britain, Australia and the US as well as including a case study taken from WestpacTrust’s Y2K project.
The findings are clearly laid out and a list of recommendations goes into the problem in some depth.
The government, it says, should immediately form a task force to look further into the issue; government should assess all the "critical areas" such as health, water and sewerage systems, energy and telecommunications. The task force should co-ordinate contingency planning in case of a massive failure in the infrastructure. Other recommendations included government contacting trading partners in the Asia-Pacific region to "seek assurances" that they are taking appropriate steps towards compliance and that Ministers themselves be directly responsible for ensuring each department head deals with Y2K effectively.
Also worthy of note is the recommendation that government require that all departments must "complete their Y2K action plans by 31 December 1998 to allow for possible failures from 1 January 1999 and for one full year of testing prior to 2000".
The report put the cost of fixing Y2K problems in government-controlled systems at a minimum of $120 million and pointed out that every agency was funding Y2K work out of existing budgets.
"We consider that it is too early to close the door to government assistance in this matter " Appropriate funding provisions should be made in the areas identified as requiring attention"".
It should be noted that in May 1998 the budget made no mention of Y2K with regard to either government spending or potential damage to the economy. The Australian budget, released in the same week as the New Zealand budget, included several hundred million dollars worth of extra Y2K spending. There was an additional $A126 million for Y2K projects within the federal government and a further $A5.5 million to promote awareness of the issue.
Concurrently, the Auditor-General’s office conducted a survey of 256 government departments, CHEs, port and energy companies and local bodies, among others. The Auditor-General’s office is charged with monitoring government entities from an external point of view. It doesn’t become involved in running departments or fixing problems, it just keeps an objective eye on what departments are doing and how they spend our money.
The survey findings were released in a report entitled, "Is the Public Sector ready for the Year 2000?". The short answer to that question was: no. At the end of 1997, despite 20% of those agencies surveyed actually having experienced some form of Y2K disruption, only 60% of "public sector entities" had set priorities for a Y2K action plan, let alone begun work on remediation. Of those 256 entities, the worst responses came from "Local Authorities" and "Port and Energy Companies", with "Crown Health Enterprises" not far ahead.
One local authority had identified the year 2000 risks to its central administrative systems, but no thought had been given to electronic systems for monitor the operation of plant and equipment forming part of vital supply networks to the community, the report noted.
A follow-up report is before the minister at the moment and is expected to show that local bodies are still lagging behind in the race to December 31.
Government’s response to the Committee’s report on Y2K was to set up a Task Force in May 1998. Charged with "recommending options to the government on any steps that should be taken now so that New Zealand is able to continue to conduct business through the Year 2000" the Task Force was made up of a number of high profile members of the IT community. In September the Task Force report, with its 12 recommendations, was presented to government. Of these 12 the two most expensive options, a mass-media public awareness campaign and a re-think on Inland Revenue’s approach to taxation with regards to Y2K, were rejected out of hand as being of little benefit.
The report did lead to the formation of the Y2K Readiness Commission, which has begun an information campaign targeted at small to medium enterprise (SME) businesses as well as putting up a Web site devoted to New Zealand’s current Y2K status.
But the commission is not responsible for ensuring any agency’s compliance - it has a purely advisory role and can make suggestions but has no real power to force an agency to spend money on Y2K. That power lies in the State Services Commission and its newly formed Y2K Project Office, officially launched last month. The Office was set up by deputy commissioner Ross Tanner.
"It’s an extension of our existing programme. I discovered I was spending a lot of my time on Y2K when I’ve got a number of other tasks that need attending to as well," says Tanner.
He appointed John Belgrave as head of the Office, who has an extensive history with the SSC and most recently was head of the Electricity Supply Association. He is, by default, the last link in the government Y2K chain and has the legal power to back up his demands.
"There is provision in the State Sector Act that does enable, in certain situations, the State Services Commissioner to direct agencies. But that’s an authority I would only use as a last resort."
The local angle
A failure in one of the 56 agencies the office considers "high impact" would result in catastrophe, possibly even loss of life, and as such are to be monitored very closely. One group of bodies notably not on the Project Office’s list is that of local authorities, and there’s a good reason for that. Central government has no control or power over local bodies in any way, shape or form. They are entirely independent and neither the SSC or the Auditor-General’s Office have any rights or powers to investigate local authority compliance programmes.
"We are considered in the higher risk category, along with electricity, telecommunications and the rest of the infrastructure. We’re water and sewerage and that’s pretty important," says Carol Stigley, the Chief Executive of Local Government New Zealand. Stigley was on the Y2K Task Force and is very keen to keep as many chief executives, mayors, councillors and the like up to date on Y2K.
"If water and sewerage don’t keep going then your citizens and businesses are down the gurgler with it." She is advocating a triage policy coupled with a contingency planning round.
"Don’t wait until you’ve finished your remediation programme and then find that you’re not going to finish in time, is our message."
Although every council is working through its Y2K policy, some are further behind than others.
"It’s the same old story, some are relying too heavily on letters of assurance and not doing enough of their own testing." Stigley is insistent in pushing the testing message and believes that roughly two-thirds of all councils are "well on the way" to being compliant. She believes the largest problem facing local councils is that of a lack of quality information coming out of electricity suppliers.
"The reforms are muddying the water quite considerably." Stigley says the majority of councils are quite concerned that their local electricity suppliers are not revealing information and are instead releasing pat legal answers that help no-one.
Some real progress
At the end of the day it seems clear that government’s approach to Y2K is at a turning point. Until now the response has been to look more deeply at the problem and then hold another survey.
"They seem to be promoting the 'all is rosy' picture of Y2K, rather than pushing the message 'it's time to get down to business'" says Dunne, who points to the lack of leadership at the top as being an influencing factor on the wider business community.
Another report from the Auditor-General's office is due out this month. The Readiness Commission web site continues to paint a picture of the country as a whole. Y2K minister Maurice Williamson will report to cabinet on a monthly basis and is demanding that the 58 key agencies do the same.
But still the questions remain: how much will it cost? How much have we already spent? Who is responsible? If a company goes under because the water shuts off fails for a month, who takes the blame? If someone dies in a hospital because of a Y2K bug, who goes to jail?
At the opening session of parliament, on February 16, Jenny Shipley made this statement about Y2K.
"We're preparing the country to cope with the millennium bug. We have imposed on all Government departments and entities the tough discipline of reporting monthly on their Y2K preparedness. That has been a tough wake-up call for many and some still have a lot of work to do. We're seeing they do it."
There were 319 days to go before January 1, 2000 when she made that statement. Whether or not her government is in power on the day itself, someone will still have to be held accountable for Y2K.