Steve Henderson talked confidently about Nebraska's future plans for information technology. The fact that Henderson, the state's deputy administrator for Information Management Services, is focused on the future is remarkable given the high anxiety in government concerning the year-2000 problem. But Henderson's confidence stems from the fact that Nebraska became the first state to announce that its mission-critical systems were 100-percent Y2K compliant, according to a survey by the National Association of State Information Resource Executives (NASIRE).
Henderson is hardly gloating, however, noting that his department is diligently working on everything from contingency plans to public awareness. Yet the monkey is off Nebraska's back, so to speak. "We completed validation in March," he said. "For purposes of large-scale computing, the bread-and-butter systems are now compliant."
Good News, Bad News
It's down-to-the-wire time for states and their mission-critical systems, as the biggest IT project in computer history has a hard and fast deadline. It's also one of the most expensive computer programs ever launched. States are expected to spend $3.5 billion to renovate and repair computer systems plagued by the Y2K bug, according to the National Governors' Association (NGA).
This vast undertaking has a sense of urgency to it as the clock ticks. The good news is that most states are making great progress, according to John Koskinen, chairman of the President's Council on Year 2000 Conversion, which met with the NGA and NASIRE in March to ensure state continuity with federal planning efforts.
The bad news is that some states have far to go. "We are still getting calls from states for help, especially in the area of embedded chips and other parts of [non-critical] computer systems," said Tom Velez, CIO for Computer Technology Associates, a computer services firm based in Bethesda, Md. One problem government and the private sector are discovering, according to Velez, is that flaws are showing up in supposedly repaired software.
"IT repair work is not flawless," he said. "Software still may not be correct and may have to be revalidated."
A quick look at some numbers offers an explanation. In a March survey, NASIRE found that nearly 40 percent of its members had repaired and validated less than 50 percent of their mission-critical systems. Complicating matters are the typical delays facing those agencies that elected to migrate their systems to a new platform rather than repair code.
On the brighter side, the survey revealed that 28 percent of states and territories had repaired and validated 75 percent or more of their mission-critical systems. Topping the list, four states had validated 90 percent or more of their systems.
This elite group-- Florida, Michigan, Nebraska and Pennsylvania -- and others not far behind, bear striking similarities when it comes to their success factors in Y2K remediation. They are also moving forward on new IT initiatives while wrapping up non-critical Y2K work, and have had time to reflect and absorb valuable lessons.
Like Nebraska, Pennsylvania began Y2K planning and remediation in 1996. Charles Gerhards, Pennsylvania's deputy secretary of information technology, said the early start allowed the state to begin without any kind of panic. That calm approach, in turn, allowed Gerhards' staff to put in place a qualified project management team equipped with the proper tools for monitoring progress.
"We tracked 46,000 computer programs and required each agency to give us a date when the program was to be fixed and tested," he explained.
In addition, the Office of Information Technology issued report cards for agency progress and performance on Y2K remediation: green for acceptable, yellow for borderline and red for poor or failing performance. The results were circulated throughout the state government, so everybody knew how well everybody else was doing. "Those report card results developed into peer pressure that had a significant impact [on progress]," Gerhards said. More importantly, workers believed in the report cards because the rating was based on objective data.
Michigan began preparing for Y2K nearly 2 1/2 years ago. Like Pennsylvania, Michigan used the head start to situate the planning and management needed to complete the job on time. The work has paid off. As of March, Michigan had remediated and validated 94 percent of its mission-critical systems.
"We put a lot of effort in eliminating any duplication of effort," said CIO George Boersma. One result was the quick adoption of best practices. Another was the development of a factory for Y2K code repair. Y2K factories are available for organizations that don't have the staff or resources to correct software code that can run in the millions of lines.
Michigan was among a handful of states that set up Y2K factories within government, although the state relied on Computer Technology Associates to run the operation. In Pennsylvania, some agencies saw Y2K as an opportunity to replace their legacy systems. But at least one agency had to switch back to a remediation program for a legacy system once it became apparent that the new system wouldn't be up and running by 2000.
Shifting to New Initiatives
For states that have wrapped up most or all remediation, the Y2K effort has shifted to related issues. Nebraska has initiated a four-point strategy aimed at addressing technical issues related to other legacy systems; developing a disaster-response plan; providing information and outreach support to local governments and small businesses; and providing information to the public.
In Pennsylvania, the focus is on testing repaired code. The state is also tackling the embedded chip problem and has directed each agency to come up with a contingency business-continuity plan in case computer systems do fail.
"They have to show that they can maintain basic operations without computers," Gerhards said, "and they are required to test those plans."
Michigan is also developing contingency plans and coordinating emergency response with the state police in case severe problems arise.
The shift of resources away from Y2K -- once the work is done -- and toward network-based applications is beginning to take place. NASIRE President Mike Benzen pointed out that once the millennium bug is finally exterminated, electronic commerce will become the focus for state governments. That's the case in Nebraska, where Henderson said electronic commerce is part of the state's overall effort to improve services to taxpayers electronically.
But Henderson was quick to point out that while work is beginning to go forward on IT initiatives not related to Y2K, the state looked ahead even during the busiest days of code repair. "We knew that state government operations and policy wouldn't stand still while this was going on," he said. In 1996, the state Legislature passed a bill to fund Y2K remediation so that agencies wouldn't have to redirect funds allocated for new projects toward the crisis.
Pennsylvania's Gerhards echoed the same philosophy. "Y2K has had a minimal impact on the state's IT initiatives," he said, noting that a significant number of projects had been under way for the past 18 months. These include a massive data center consolidation effort (see Government Technology, January) and a partnership with Microsoft that will standardize Pennsylvania's 40,000-plus PCs to Microsoft software. Pennsylvania is also building a statewide public-safety radio system and overhauling its telecommunications network for data, voice and video.
Michigan's Office of Management and Budget is readying a massive strategic plan that will move that state toward a more centralized approach to delivering taxpayer services. Part of this effort is reflected in the state's consolidated data center -- Michigan was among the first states to do so -- and in its increasingly important data warehouse and, eventually, in broad-based electronic commerce.
"We've been taking a global approach with this plan," Boersma explained. "We're asking the agencies to tell us where they want to be [in terms of taxpayer service]. What we want to avoid with this plan is the replication of similar services within agencies."
Being first to complete major work on Y2K can be curse as well as a blessing. "My biggest concern is that people will declare victory and won't want to devote any more resources or time," Gerhards said. And he wasn't just referring to the present. Even if Jan. 1 passes with only minor glitches, there are ticking time bombs with other dates, including Feb. 29 -- yes, 2000 is a leap year -- and March 31 for quarterly reporting.
Despite ongoing worries, Y2K has taught states valuable lessons that can be used in future IT projects, notably project management. Faced with a deadline that couldn't be changed, states like Pennsylvania, Nebraska and Michigan relied heavily on project management, and the tools and methodologies that go along with it, to complete the job as required and on time. In fact, Michigan now has established, for the first time, an Office of Project Management. "We're dedicated to the project management philosophy," Boersma said.
Another key factor in the success of these states has been executive leadership. With Pennsylvania Gov. Tom Ridge setting Y2K remediation as a priority, there was no waffling or wavering over the issue, according to Gerhards.
"Other states have come to me and talked about the confused message from their leadership and what that did to slow down work on Y2K," he said. "That wasn't an issue here. The governor recognized the problem early on."