![[am.net]](http://am.net/amnet1.gif)
![[AM Computers]](http://am.net/amcomin1.GIF)
![[ROCkET]](http://am.net/rocet1.gif)
![[Community]](http://am.net/commu1.gif)
![[Advertise on the Net!]](http://am.net/ad1.gif)
Year 2000 Project Outline
Awareness
- Senior management awareness and commitment to identifying Y2K issues for the company. Determining needs & standards for date handling.
- Staff awareness & training on proper handling of dates & potential issues in data interchange between software with different date windows.
- External awareness of Y2K issues by customers, business partners, investors / SEC.
Assessment (Internal)
- Identify mission-critical or high-risk systems requiring more detailed attention.
- Identify the systems, business processes, machinery, etc. that may be date-dependant. Count and separate into distinct units that can later be assessed for Y2K readiness/compliance.
- Conduct comprehensive inventory using automated tools if possible of all units to create a list of risk factors.
- Establish comprehensive procedures for collecting, documenting, using and updating compliance information supplied by vendors of products and services in question. Tools to automate this step are available as well.
- Produce & evaluate remediation options for identified problems with cost and timeline of implementation.
- Develop an Action Plan that includes contingency plans for business continuity should remediation efforts for a particular item not finish in time.
Assessment (External)
- Y2K is a problem of global proportions. It affects every business and infrastructure. It is imperative to analyze potential impact of failure of external factors important to the company. In addition to obtaining Y2K-readiness information from all vendors/partners, contingency plans for critical infrastructure failure should be formulated.
Action
- The Action Plan will determine whether to fix, upgrade, replace, or even abandon non-compliant items. Automated tools and methods can assist in implementing fixes, many of which may need testing prior to implementation. Compliance information obtained from the vendor is sufficient for most types of units but mission-critical, high-risk, and complex systems require real-world testing.
- Automated tools should be used to verify that software on every PC is installed in accordance with vendor expectations for compliance and to lock down settings that will guarantee consistent date handling on all computers. Disabling the ability to install and/or run unapproved software and/or proactively monitoring any changes to important files on all computers is an important element of continual compliance for years to come.
- Detailed documentation of what it took to get to Y2K compliance is critical for Disaster Recovery and should also be incorporated into the contingency plans.
Advance Planning
- 100% readiness cannot be guaranteed. Plans should be made that detail operations in the absence of critical systems. Such plans should describe procedures and criteria for invoking, operating under and ending the plan.
- Occurrences of data with Y2K problems should be treated like viruses and isolated. Quarantining & limiting access to high-risk data in advance may be much more effective than inspecting all data for compliance.
Audit
- Conducting a post-remediation audit is an excellent way to verify that no important steps in this complex process were missed and that they were properly documented, thus helping to protect your company from legal liability.
Download this page as a Word
document
Download the full Project Outline as Word
document
Download a PowerPoint presentation on our Y2K Project Outline
E-mail comments about this page to the webmaster
© Copyright 1999 by AM Computers
1040-B N. Dutton Ave, Santa Rosa, California 95401
1-800-579-2018 · (707) 579-2010 · http://am.net
 |
 |
|
 |
 |
