Myth: If your organization
has achieved Y2K compliance, there is no reason to worry.

Reality: Even if your
organization is Y2K compliant, the organizations you interact
with may not be bug-free. Any exchange of data with such a network could
have
serious repercussions.

Myth: Y2K is a problem
of the IT department.

Reality: It can affect
anybody and everybody. As most of the essential utilities like banks,
electricity and airlines depend heavily on IT, even the common man using
these facilities will have to face the music.

Myth: It is a problem
of the West. Indians needn’t panic.

Reality: In a global world, where
supply chains extend beyond international boundaries, breakdown in one
region can and will have an impact on other parts of the world.

…and the debate continues. As the Y2K deadline draws near, there
is a whole range of issues that still remain unclear. Whether due to media
hype or as a fallout of the panic created by the West, even the common
man is worried. Will the power grids collapse and lead to a complete blackout?
Will bank records go haywire? Does it mean people have to withdraw all
their cash? Will confusion in train or flight schedules cause accidents?
How many of these perceptions will actually come true is anybody’s guess.
Experts insist that although the issue is of serious concern, there is
no reason for such panic. “Public perceptions such as these can create
a lot of problems. Nothing of this sort will happen. As of now I can say
that the mission critical sectors are generally safe though there could
be minor glitches here and there,” says Dr S. Ramakrishnan, National
Y2K Coordinator, Department of Electronics.

Impact
on utililities

The
Central government seems to be on its toes, working hard to maintain all
essential utilities. The Prime Minister’s IT task force recommended setting
up a corpus of Rs700 crore. The objective of this fund was to facilitate
initiatives in government departments, public sector undertakings and
other government affiliations, to solve this problem. The Y2K Action Force,
which was set up to monitor the compliance status in the country, has
identified eleven sectors targeted as critical –power, railways,
civil aviation, ports, defense, atomic energy, telecommunications, department
of space, banking, finance, insurance and petroleum. It has instructed
all 65 departments in the government to set up independent action forces
to prepare compliance programs with target dates which could be monitored.
It is also undertaking detailed review of these 11 sectors. Says Montek
Singh Ahluwalia, Chairman, Y2K Action Force, “The areas of concern
obviously are those which use computers intensively. In each of these,
the use of computers is sufficiently significant to justify detailed scrutiny.
With these efforts we are quite hopeful that we will not have any significant
problems.”

Among the critical sectors, power is of utmost
concern to the Indian industry. It is more prone to the Y2K problem because
of the fact that there are numerous embedded chips in power plants. The
problem manifests itself more so in this case because of the fact that
failure in one major component of generation can lead to cascading failure
of the grid. On the critical power sector, Ahluwalia points out that contingency
plans were being put in place throughout the power sector to avert any
major crisis (See page 106a). Based on information available to date,
the maximum capacity that had a chance of being affected was less than
10% of total capacity. Only 27 of the 315 plants could possibly face Y2K
problems. The rest would not face problems, he adds. In a seminar organized
by CII, R. N. Srivastava, Chairman, CEC confirmed that a region-wise review
program had been put in place, and the Southern region had already been
reviewed and only two plants had been found non-compliant.

The industry feels that in
India, the sectors that seem to be making most progress in tackling the
Y2K issue are telecom and financial services. Ahluwalia points out that
the banking and finance sectors have actually covered the problems arising
from within each sector itself, and is now addressing second and third
order problems arising from linkages to other sectors. According to SR
Mittal, Chief General Manager, IT, RBI, the only parts of the banking
sector that were not 100% compliant were rural banks, and these were 96%
compliant. Within RBI itself, the only aspects that are not fully compliant
are some of the applications that have interfaces with banks. Mittal also
stresses on the importance of contingency planning, and says that the
RBI is trying to put together 40-45 contour points to keep in mind when
doing contingency planning.

Of the 23 stock exchanges in India, 16 were
already compliant, according to OP Gahrotra, Senior Executive Director,
SEBI. One or two exchanges may not be compliant by the end of this year,
but these would only account for about 2% of total transactions, and these
transactions could be taken over by other exchanges. Otherwise,the
only areas where capital markets could face a problem are registrars and
share transfer agents, especially the small ones.

The tourism industry is apprehensive
about disruption in flight schedules and railways, but even these sectors
are on track. “The passenger reservation service, which has large
public interface is the most vulnerable area. But our entire system is
undergoing thorough testing,” says V. Kumaran, Additional Member,
Railways Board.

Action time

Although
most of the critical sectors are well under control, this does not leave
any room for complacence. “As a nationwide coordinator, I am saying
that till the 31st Dec, you cannot relax for even a single day. You have
to keep
pushing and checking, have more and more testing. We might have left out
something,” says Ramakrishnan. DoE along with various other organizations
such as NIC, NASSCOM and CMC have been actively involved in creating awareness
about the issue through nationwide seminars, conferences and advertisements.
They are keeping a tab on the industry and its compliance activities.
At the same time, they also provide assistance through help desks to assist
both solution providers and end users. A huge amount of government resources
have been allocated for this purpose. DoE’s budget for media campaigning
itself amounts to Rs10.4 crore and an additional Rs6.3 crore has been
allotted for other assistance activities. Besides organizing such campaigns,
there is a strong urgency to create confidence among the masses.
According to Ahluwalia, maximum transparency is desirable in order to
build public confidence, and the Action Force has been striving to maintain
transparency by putting up all their sectoral reports on their website.

The private sector

Studies indicate that
most of the large enterprises, which started their Y2K work well in
time, have either completed or are in the last stages
of completion. Even the smaller companies are not totally ignorant about
the urgency of the situation (See DQ Survey on page 123).

In this final,
decisive stage, the role of any CEO is more important than at any other
stage in an organization’s Y2K journey. It is important that an organization
communicates its compliance efforts to the government. I would also urge
CEOs to put pressure and give incentives to their employees by linking
annual bonus to Y2K efforts, feels Rajendra S. Pawar, CII National Committee
on IT.

A number
of vendors such as Microsoft, Infosys, Lotus, IBM, TCS and others are
also providing solutions and services to support corporate efforts in
achieving compliance. A variety of solutions have to be designed to suit
the needs of different customers. And some of them do act tough. Says
Nandan M Nilekani, President, Chief Operating Officer and Managing Director,
Infosys, “There are still a large number of people who believe that
this is hype. Currently, the CIO of a company has to walk in and ask the
CEO to spend lots of money and effort on something that has no return
on investment.”

However,
there are many who will leave nothing to chance. Says Ramachandran S,
EDP Chief, TAFE (Tractors and Farm Equipment), “We have taken several
contingency steps, as we cannot take any chances if the system is down.
Therefore, in addition to rectifying the Y2K systems and processes, we
have set up alternate systems in case of a crash. We have also designed
parallel systems if offices can’t function. As a third measure, we have
also put in place a manual system.” Looking at the way the industry
is gearing up compliance efforts, there appears to be no reason to worry.
In fact, experts insist that it is still not late to take action. Says
Ramakrishnan, “The notion that it is already too late to do anything
about Y2K is somewhat misplaced. Although many people don’t approve of
our late campaign we are still going ahead.” According to him, the
private sector has an advantage because once the management attention
is drawn, they can move very fast.

What if it hits you?

In spite
of this optimism, the fear of the unknown does haunt the minds of many.
What if you place a valuable order and just when you have to complete
your shipment, you discover that the supplier has not processed the order
because he has lost all the records. You may not only lose money, but
it could also hit your entire business.

What if you
visit your faithful bank and find that you cannot withdraw any money.
Even if the bank was completely Y2K ready, it might have interacted with
some financial institution that is not. Bad data from other organizations
and systems could reintroduce problems that have already been fixed. The
list of such ‘what if’ questions is endless.

According
to Nripendra Misra, Additional Secretary, Ministry of Commerce, with the
Electronic Data Interchange (EDI) coming into force from the end of this
year, compliance would be quite a complex issue as it would also depend
greatly on the compliance of parties at the other end of transactions.

One must
remember that the Y2K problem is not just about fixing individual computer
systems. It is also a problem of complex business dependencies. The supply
chain is only as strong as the weakest link. R. Gopalakrishnan, Executive
Director, Tata Sons, points out that it is not just important to be prepared
internally or within a sector, preparation must extend to a company’s
entire network – vendors, customers and dealers.

Due to the pervasiveness,
extent and uniqueness of this problem, there will be a large set of these
unknowns that even go a long way into the next century. The possibility
of these scenarios makes it imperative for organizations to have effective
contingency plans in place. This would involve recognizing critical dependencies
in key processes, assessing the impact of a failure in any given dependency
and listing alternate processes or work

The ultimate attack

Contingency
planning forms an essential part of the Y2K exercise. With only a few
weeks left to go, it is now time for that final assault. One needs to
anticipate the problems that may arise within the organization and outside,
evaluate their effect on critical business processes and formulate a plan
to keep the business running. While the likelihood of a complete collapse
is very low, some areas need more attention than the other. According
to Gartner Group, less than 10% of the compliance problems will last for
more than three days so the potential risk is low. Some items like taxes,
mortgage payments or real estate sales can be deferred due to the date
change and should not be a major concern. One should plan for a moderate
degree of disruption of basic services. The Y2K Action force set up in
the country has instructed all critical sectors to be ready with their
contingency plans (See page 105). "We have emphasized in each
sector that plans put in place should be carefully checked and double
checked and contingency plans should also be worked out," says Ahluwalia.

The first
step in contingency planning is identifying mission critical applications
whose disruption could cause a shutdown, revenue loss, litigation, loss
of customers or health hazards. The internal and external dependencies
have to be further pinned down. After an evaluation of risks, one has
to work out alternative ways to tackle failure. Once that is fixed, a
plan for resumption of normal processes also needs to be outlined. The
rectified systems have to be maintained and rechecked. Gopalakrishnan
says that clean management techniques need to be undertaken so that systems
that have been put in place do not get corrupted between now and 1st January,
2000. Some steps could be like reviewing, purchasing
orders for Y2K compliance, reviewing in-house systems and applications.

From a global perspective

Even after
completing a thorough testing of the system, a final verification through
a third party audit certification is also required. While every company
in the UK has gone through the audit, in India the coverage is as poor
as 15%. Ramakrishnan explains, "We have not been able to do it because
we started late. But we hope to complete this audit by November. By then
you’ll have a much better picture of the scenario."

The western countries had
begun their compliance efforts long ago
in 1996, whereas India woke up to it only in 1998. Some international
observers feel that India appears to be lagging behind in Y2K preparedness.
It is ranked in the third tier by the Gartner Group, which estimates breakdowns
in half of the Indian companies. Ramkrishnan explains, "When you
start late obviously you cannot expect the best rating. If you want to
complete a 36-month job in a period of 12 months, you compromise here
itself. There could be a quality problem. The data you provide for certification
may not be up to the mark."

The US Department,
however, points out that India is not heavily reliant on computers. Problems
are expected to be at the state or regional level, rather than in the
national systems. The general unpreparedness might come as a surprise
to those who know India’s reputation for producing excellent software,
but this strength is also part of India’s weakness. On the contrary, software
professionals from India are much in demand. "Indian software industry
can play a role in change and test tasks. They have a bigger role to play
as consultants and project managers. Due to the complexity of project
management, the Y2K problem will help the Indian software industry develop
a breed of excellent projects managers," says Nilekani of Infosys.

Considering
the fact that the level of computerization in India is not so high, does
it mean that Y2K is more of a hype created by the West? Ahluwalia replies,
"Even while accepting the fact that penetration of IT and computerized
systems is relatively low in India, we cannot take the warnings relating
to the Y2K problem lightly. Breakdown on account of non-compliance of
systems in any part of the economy will have an impact on the rest. Some
of the important sectors of the economy are linked to the outside world
and, therefore, it will be very essential for India, as one of the emerging
economies of the globe, to ensure that its economy does not suffer on
account of the problems such as Y2K."
Plans put in place should be carefully checked
and contingency plans should also be worked out

No doubt
that countries which depend heavily on computers have more to worry. At
the same time, India can’t afford to lag behind if it wants to be globally
competitive. But even with the best of efforts, the enigma of the millennium
bug will continue to daunt the average individual till the effect actually
gets activated. And debate between myths and realities shall continue
till the clock finally strikes midnight of the new millennium.

Shweta
Verma
with bureau inputs.