NEW YORK-“The only clear advantage to not planning is that disaster will come as a complete
surprise,” Philip E. Lian said last week at International Business Communications’ Year 2000 Contingency
Planning conference.
Lian is vice president of Finpro Millennium Insurance Services, a unit of J&H Marsh &
McLennan Inc., New York, that provides insurance for Y2K computer software and hardware
problems.
Contingency planning to keep “the profit zone” of core business functions operative despite
inevitable Y2K glitches “is the essence of strategic risk management,” Lian said.
Strategic risk
management at the enterprise level has been around a long time, but its importance has been elevated substantially as
the days grow shorter before the year 2000 debuts, he said.
“The vast majority of significant share price drops
(in recent years) has been due to share price not meeting expectations,” Lian said.
“This is due mostly to
operational and strategic risks, of which Y2K is one.”
Citing studies released in December by two firms, Cap
Gemini and Beach/Oleson, Lian said the majority of this country’s largest corporations already have experienced
failures related to the year 2000, and 98 percent of them expect more of the same this year.
All of these companies
expect annoying problems, 99 percent anticipate disruptive problems, 65 percent, critical problems, and 10 percent
expect catastrophic problems. Of those that experience a catastrophe, Lian said he expects 10 percent to 20 percent
“won’t survive.”
For companies astute enough to go beyond Y2K compliance efforts to complete
contingency planning, the strategic risk analysis involved will help them recognize “merger and growth
prospects,” he said.
Lian referred conference attendees to Strohl Systems’ Web site at www.strohl-
systems.com for information about software to aid in preparing a checklist of alternative courses of action should
different internal or external systems fail. Strohl’s Internet site has links to a variety of other, similar providers, he
said.
Many people mistakenly confuse contingency planning with disaster recovery, said David R. Lewellyn, a
principal of Carreker-Antinori Consulting Group, Dallas.
“Disaster recovery focuses on internal problems
with networks, billing, facilities, operations, management systems,” he said.
Contingency planning also
includes mission-critical external functions and systems, including suppliers, customers, utilities and distribution
channels.
Another key difference is that disaster is a rare event, but the year 2000 is a certainty so that contingency
planning for it takes on more urgency, he said.
Early warning systems and back-up plans must be in place, Lewellyn
added. These include target dates well before Jan. 1, 2000, for seeking alternative suppliers and distributors should
those a company relies on now not meet verifiable Y2K compliance requirements.
Another concern to consider
and address early is the potential for panic, which may cause supply shortages and price hikes that ripple through the
system.
“You also must think about your competitors. What if they are ready before you and make a big deal
about it?” he said.
“Or, if some fail, can you respond when their customers come to you? How will you
handle this additional workload at the last minute?”
Retention programs, especially for key employees, also
are essential to contingency planing for the millennium bug, Lewellyn said.
“Near the end, some companies
will get desperate and offer premium prices, especially for old COBOL (Common Oriented Business Language)
programmers who understand the old legacy systems,” he said.
Meticulous retention of Y2K compliance
initiative records also is essential to defend against the lawsuits that are likely to come in the years following 2000, he
said.
Lewellyn said the Y2K bug has been called “death by 1,000 paper cuts.”
Rather than an
outright and obvious failure, “the most common problems will come from data pollution from systems that look
like they’re working, then spread all the hidden ‘gotchas’ to other systems.”
Contingency planning means the
enterprise and its profit-making endeavors will continue, possibly over a long term, despite a key system or systems
that have failed. Disaster recovery means a short-term business interruption while a system that no longer works is
repaired.
