<PRE>&lt;DOC&gt;
[105th Congress House Hearings]
[From the U.S. Government Printing Office via GPO Access]
[DOCID: f:41005.wais]


           WILL FEDERAL COMPUTERS BE READY FOR THE YEAR 2000?
=======================================================================

                                HEARING

                               before the

                 SUBCOMMITTEE ON GOVERNMENT MANAGEMENT,
                      INFORMATION, AND TECHNOLOGY

                                 of the

                              COMMITTEE ON
                           GOVERNMENT REFORM
                             AND OVERSIGHT
                        HOUSE OF REPRESENTATIVES

                       ONE HUNDRED FIFTH CONGRESS

                             FIRST SESSION
                               __________

                           FEBRUARY 24, 1997
                               __________

                           Serial No. 105-12
                               __________

Printed for the use of the Committee on Government Reform and Oversight


                     U.S. GOVERNMENT PRINTING OFFICE
41-005                       WASHINGTON : 1997
________________________________________________________________________
For Sale by the Superintendent of Documents, U.S. Government Printing Office
Internet: bookstore.gpo.gov  Phone: toll free (866) 512-1800; (202) 512-1800  
Fax: (202) 512-2250 Mail: Stop SSOP, Washington, DC 20402-0001


              COMMITTEE ON GOVERNMENT REFORM AND OVERSIGHT

                     DAN BURTON, Indiana, Chairman
BENJAMIN A. GILMAN, New York         HENRY A. WAXMAN, California
J. DENNIS HASTERT, Illinois          TOM LANTOS, California
CONSTANCE A. MORELLA, Maryland       ROBERT E. WISE, Jr., West Virginia
CHRISTOPHER SHAYS, Connecticut       MAJOR R. OWENS, New York
STEVEN H. SCHIFF, New Mexico         EDOLPHUS TOWNS, New York
CHRISTOPHER COX, California          PAUL E. KANJORSKI, Pennsylvania
ILEANA ROS-LEHTINEN, Florida         GARY A. CONDIT, California
JOHN M. McHUGH, New York             CAROLYN B. MALONEY, New York
STEPHEN HORN, California             THOMAS M. BARRETT, Wisconsin
JOHN L. MICA, Florida                ELEANOR HOLMES NORTON, Washington, 
THOMAS M. DAVIS, Virginia                DC
DAVID M. McINTOSH, Indiana           CHAKA FATTAH, Pennsylvania
MARK E. SOUDER, Indiana              TIM HOLDEN, Pennsylvania
JOE SCARBOROUGH, Florida             ELIJAH E. CUMMINGS, Maryland
JOHN SHADEGG, Arizona                DENNIS KUCINICH, Ohio
STEVEN C. LaTOURETTE, Ohio           ROD R. BLAGOJEVICH, Illinois
MARSHALL ``MARK'' SANFORD, South     DANNY K. DAVIS, Illinois
    Carolina                         JOHN F. TIERNEY, Massachusetts
JOHN E. SUNUNU, New Hampshire        JIM TURNER, Texas
PETE SESSIONS, Texas                 THOMAS H. ALLEN, Maine
MIKE PAPPAS, New Jersey                          ------
VINCE SNOWBARGER, Kansas             BERNARD SANDERS, Vermont 
BOB BARR, Georgia                        (Independent)
------ ------
                      Kevin Binger, Staff Director
                 Daniel R. Moll, Deputy Staff Director
                       Judith McCoy, Chief Clerk
                 Phil Schiliro, Minority Staff Director
                                 ------                                

   Subcommittee on Government Management, Information, and Technology

                   STEPHEN HORN, California, Chairman
PETE SESSIONS, Texas                 CAROLYN MALONEY, New York
THOMAS M. DAVIS, Virginia            PAUL E. KANJORSKI, Pennsylvania
JOE SCARBOROUGH, Florida             MAJOR R. OWENS, New York
MARSHALL ``MARK'' SANFORD, South     ROD R. BLAGOJEVICH, Illinois
    Carolina                         DANNY K. DAVIS, Illinois
JOHN E. SUNUNU, New Hampshire
------ ------

                               Ex Officio

DAN BURTON, Indiana                  HENRY A. WAXMAN, California
          J. Russell George, Staff Director and Chief Counsel
                         Mark Uncapher, Counsel
                          Andrea Miller, Clerk
           David McMillen, Minority Professional Staff Member
          Mark Stephenson, Minority Professional Staff Member


                            C O N T E N T S

                              ----------                              
                                                                   Page
Hearing held on February 24, 1997................................     1
Statement of:
    McClenaghan, Eliza, Chief Information Officer, Department of 
      State; Emmett Paige, Assistant Secretary, Command, Control, 
      Communications, Computers and Intelligence, Department of 
      Defense; Patricia Lattimore, Chief Information Officer, 
      Department of Labor; John J. Callahan, Chief Information 
      Officer, Department of Health and Human Services; Michael 
      Huerta, Associate Deputy Secretary, Acting Chief 
      Information Officer, Department of Transportation; and Mark 
      D. Catlett, Chief Information Officer, Department of 
      Veterans Affairs...........................................    29
    Willemssen, Joel C., Director, Information Resources 
      Management, Accounting and Information Management Division, 
      General Accounting Office, accompanied by Keith Alan 
      Rhodes, Technical Director, Office of Chief Scientist; and 
      John Stephenson, Assistant Director........................     8
Letters, statements, etc., submitted for the record by:
    Callahan, John J., Chief Information Officer, Department of 
      Health and Human Services:
        Information concerning progress on year 2000 readiness of 
          HHS computer systems...................................    69
        Prepared statement of....................................    73
        Report on the critical systems of the HCFA and CDC.......   115
    Catlett, Mark D., Chief Information Officer, Department of 
      Veterans Affairs, prepared statement of....................    94
    Davis, Hon. Tom, a Representative in Congress from the State 
      of Virginia, prepared statement of.........................     5
    Huerta, Michael, Associate Deputy Secretary, Acting Chief 
      Information Officer, Department of Transportation, prepared 
      statement of...............................................    83
    James, Bill, U.S. Air Force, information concerning global 
      positioning system.........................................   113
    Lattimore, Patricia, Chief Information Officer, Department of 
      Labor, prepared statement of...............................    47
    McClenaghan, Eliza, Chief Information Officer, Department of 
      State, prepared statement of...............................    32
    Paige, Emmett, Assistant Secretary, Command, Control, 
      Communications, Computers and Intelligence, Department of 
      Defense, prepared statement of.............................    39
    Sessions, Hon. Pete, a Representative in Congress from the 
      State of Texas, prepared statement of......................     7
    Willemssen, Joel C., Director, Information Resources 
      Management, Accounting and Information Management Division, 
      General Accounting Office, prepared statement of...........    11


           WILL FEDERAL COMPUTERS BE READY FOR THE YEAR 2000?

                              ----------                              


                       MONDAY, FEBRUARY 24, 1997

                  House of Representatives,
Subcommittee on Government Management, Information, 
                                    and Technology,
              Committee on Government Reform and Oversight,
                                                    Washington, DC.
    The subcommittee met, pursuant to notice, at 10 a.m., in room 2154, Rayburn House Office Building, Hon. Stephen Horn 
(chairman of the subcommittee) presiding.
    Present: Representatives Horn, Davis of Virginia, Maloney, 
and Davis of Illinois.
    Staff present: J. Russell George, staff director and chief 
counsel; Mark Uncapher, counsel; Andrea Miller, clerk; Jean 
Gosa, minority administrative clerk; David McMillen, and Mark 
Stephenson, minority professional staff member.
    Mr. Horn. The Subcommittee on Government Management, 
Information, and Technology will come to order. Today, the 
subcommittee will once again visit the so-called year 2000 
problem facing the Federal Government and its vast array of 
computer systems.
    For at least three decades, many computer systems have used 
two digits, not four, to represent the year; for example, 
``66'' instead of 1966. The aim was to gain more electronic 
storage in the early computers which did not have the capacity 
which they have today. Although more storage was gained by the 
two-digit year, major difficulties will arise in the year 2000 
when that year is ``00'' and the computer cannot differentiate 
between the year 1900 and the year 2000.
    When we first looked into this problem a year ago, very few 
Federal agencies knew or cared about the issue. The good news 
is that every Federal agency now knows there is a problem. The 
bad news is that only a few of them have specific, realistic 
plans to solve the problem before the stroke of midnight on the 
last day of 1999.
    Here is the problem in a nutshell: Not only Federal 
Government computers, but also computers worldwide, face 
potentially disastrous disruptions unless they are properly 
reprogrammed to recognize that a double zero is 2000. If they 
are not adapted, they will not be able to calculate dates, 
ages, schedules, or other functions that are essential to 
running nearly every program of the Federal Government. If we 
do not fix this problem, we face the potential of electronic 
chaos.
    This has serious implications for millions of Americans who 
depend on Government computers for Social Security and 
veterans' benefits, unemployment checks, weather forecasts, 
airline schedules, and financial transactions as simple as 
cashing a check or as complex as managing a trillion-dollar 
currency exchange. In short, the possibility for nationwide 
disruption is almost endless, and without careful planning and 
deliberate action, it will be endless.
    This morning we will hear from the Chief Information 
Officers of key Federal Departments and agencies on the 
progress they have made thus far in preventing a complex and 
difficult problem from becoming a full-fledged catastrophe. 
These Chief Information Officers, or CIO's as they are called, 
are receiving a baptism by fire. Their positions were created 
only a year ago by the Clinger-Cohen Act which seeks to make 
Federal agencies more effective in their use of information 
technology.
    Earlier this year the subcommittee asked each Department 
and agency to respond to detailed questions regarding their 
plans to address the year 2000 problem. Every Department has 
responded, which is refreshing; however, the quality of the 
response varies widely. Frankly, that is very troubling because 
it suggests a continuing lack of urgency in a situation that 
faces a very clear and abrupt deadline, which we know down to 
the exact second, which cannot be extended.
    At this point, the subcommittee wants answers to some very 
basic and vital questions. Among these are: Has each Department 
now defined the size and scope of the problem? What computer 
systems are vulnerable to disruption? Do they know how many 
computer codes need to be reprogrammed? How and when will this 
be done, and by whom? Most important, has each Department and 
agency set clear priorities for action? Have the agencies 
identified the systems that are critical to Government 
operations?
    Congress needs to be reassured that we do not face the 
possibility of computer disruptions in several critical areas: 
those affecting the public health and safety, national security 
and financial systems, including Government benefit programs. 
Members of Congress would also like to feel certain that we 
have an overall grasp of the complexities that we face so that 
the continuing interactions of Federal, State, local and 
private sector computer networks do not recontaminate systems 
which we have corrected.
    This subcommittee finds it very troubling that 12 of the 14 
Federal Departments plan to implement their solutions in the 
final 3 months of 1999. This strikes me as dangerously 
optimistic planning, especially since this subcommittee has 
monitored dozens of Government computer modernization programs 
that have seldom, if ever, been completed as planned, on time 
and on budget. Need I mention the IRS and the FAA?
    Perhaps it is possible for thousands of computer 
programmers in hundreds of locations to rewrite millions of 
lines of code with the precision and the delicacy of a finely 
choreographed ballet, but I find it hard to believe that the 
ballerina will also kick a field goal in the final seconds of 
the last quarter.
    I do not mean to be unduly pessimistic or alarming, but I 
do think we need to be very careful in setting clear priorities 
and realistic plans to solve what could be either a minor bump 
on the electronic superhighway or a full-scale disaster. The 
difference between those two outcomes will be decided largely 
by the work of the witnesses who are before us today.
    We will receive testimony from Joe Willemssen, the Director 
of the Accounting and Information Management Division in the 
General Accounting Office, who will provide the GAO's 
assessment of the steps which Federal Departments and agencies 
must take to address the year 2000 problem. He is joined by 
Keith Alan Rhodes, the technical director of the Office of 
Chief Scientist, and John Stephenson, the Assistant Director, 
Accounting and Information Management Division, all from the 
General Accounting Office.
    The second panel will consist of those who have the role of 
Chief Information Officer in six different Federal Departments: 
Ms. Eliza McClenaghan of the Department of State; Mr. Emmett 
Paige of the Department of Defense; Ms. Patricia Lattimore of 
the Department of Labor; Mr. John Callahan of the Department of 
Health and Human Services; Mr. Michael Huerta of the Department 
of Transportation; and Mr. Mark Catlett of the Department of 
Veterans Affairs.
    We welcome all of you. Before getting to the testimony, I 
will ask the ranking member on the Democratic side, Mrs. 
Maloney of New York, for her opening statement.
    Mrs. Maloney. Thank you very much, Mr. Chairman.
    The public has awakened to this issue since we first raised 
it last April. I hope that through this hearing we can continue 
the process of bringing this problem to the attention of the 
American public. The agencies before us today are involved in 
some of the most critical functions of our Government: 
international travel, defense, unemployment insurance, food and 
drug safety, transportation, and veterans' benefits. We cannot 
afford for these agencies to fail in their mission because 
their computer cannot keep track of time across the change in 
the millennium.
    When we surveyed these agencies last spring, I was 
distressed to learn that over half of the agencies we surveyed 
are only beginning to address this problem. Since that hearing, 
there has been substantial progress, but there is a long way to 
go.
    The General Accounting Office has put together a useful 
assessment guide, and I look forward to hearing more about it 
today. It is a useful guide for agencies to use in planning 
their project resolving this computer problem. However, a plan 
is just a piece of paper and says nothing about implementation.
    The Computer Security Act required each agency to prepare a 
computer security plan, and I am sure each agency could produce 
that plan for all of us at the drop of a hat. However, as GAO 
pointed out in the high-risk reports, computer security in 
Government agencies is woefully inadequate. The plan is useless 
unless it is implemented.
    Today's witnesses are representative of what is happening 
in Government agencies. Some, like the Department of 
Transportation, were slow to answer our inquiry. Today, they 
will report substantial progress from their August 1996 
response to our survey. Others, like the Department of State, 
were in good shape last summer and have progressed from there.
    There is still, however, an overriding concern about 
whether the appropriate level of management oversight and 
resources are being directed to the problem. We cannot afford a 
failure in this conversion. That is why the General Accounting 
Office placed the year 2000 on the high-risk list and that is 
why we are having this hearing today.
    Thank you for coming.
    Mr. Horn. I thank the gentlewoman from New York. A quorum 
is present. Mr. Davis of Virginia, I believe, has a statement 
that he will provide for the record.
    [The prepared statements of Hon. Tom Davis and Hon. Pete 
Sessions follow:]
[GRAPHIC] [TIFF OMITTED] T1005.001

[GRAPHIC] [TIFF OMITTED] T1005.002

[GRAPHIC] [TIFF OMITTED] T1005.003

    Mr. Horn. We will now begin with the testimony. As you 
know, the tradition in this committee is to swear all 
witnesses, so if all three of you would stand.
    [Witnesses sworn.]
    Mr. Horn. The clerk will note all three witnesses have 
affirmed.
    Mr. Willemssen will please proceed.

    STATEMENTS OF JOEL C. WILLEMSSEN, DIRECTOR, INFORMATION 
  RESOURCES MANAGEMENT, ACCOUNTING AND INFORMATION MANAGEMENT 
DIVISION, GENERAL ACCOUNTING OFFICE, ACCOMPANIED BY KEITH ALAN 
RHODES, TECHNICAL DIRECTOR, OFFICE OF CHIEF SCIENTIST; AND JOHN 
                 STEPHENSON, ASSISTANT DIRECTOR

    Mr. Willemssen. Mr. Chairman, Ranking Member Maloney, 
Congressman Davis, thank you very much for inviting us here 
today to testify on the year 2000 problem.
    In summarizing my statement, I will briefly touch on the 
implications of the Y2K issue and then spend a little time 
talking about a guide that we have put together, sort of a 
step-by-step approach that agencies can follow in implementing 
their year 2000 programs.
    Mr. Chairman, within the last year, as you pointed out, the 
awareness of the year 2000 issue has gone up dramatically, in 
large part due to some of the efforts of this subcommittee. As 
was mentioned, GAO has recently placed the year 2000 issue on 
its list of high-risk issues because of the dramatic effects 
that it could have if not rectified by the year 2000.
    Virtually every citizen could be affected by the year 2000 
issue if not corrected, and that is why we have placed it on 
the high-risk area. For example, every Government benefits 
program, ranging from Social Security to veterans' benefits to 
subsidized housing, could be affected.
    Correcting the problem is going to be labor-intensive and 
time-consuming. Many of these systems that we are talking about 
are over 20 years old. They have application languages that are 
fairly old, in some cases obsolete, and in some cases the 
documentation is lacking. Also, many of the components of the 
system, other components beyond the application languages, will 
be affected by the date problem: operating systems, 
telecommunications, data base management systems.
    However, the challenge involved in the year 2000 issue is 
primarily managerial. It requires top management, and senior 
executives in each agency, including the head of the agency and 
the Chief Information Officer, to be firmly aware of the issue 
and what they plan to do to resolve it. That awareness and the 
plan to resolve it need to be communicated throughout the 
agency.
    As I mentioned up front, GAO has developed a guide that 
provides what we think is a useful framework for agency 
managers to use in planning and implementing their year 2000 
programs. We have put together this guide in large part based 
on some of the work of the Best Practices Subcommittee of the 
Federal Year 2000 Interagency Committee. We also identified 
some of the best practices of the leading information 
technology organizations in the private sector.
    If I may, I want to take a couple of minutes and highlight 
some of the major phases of the guide that we have put 
together. That guide, by the way, we are releasing today as an 
exposure draft.
    Mr. Horn. Please do, and at this point, without objection, 
that guide will be placed in the record to be printed.
    [Note.--The report entitled, ``Year 2000 Computing Crisis: 
An Assessment Guide,'' GAO/AIMD-10.1.14, can be found in 
subcommittee files.]
    Mr. Willemssen. As shown here on the chart, we have laid 
out the five phases, each of which needs to be supported by 
strong program and project management.
    The first phase, the awareness phase, as you have 
previously pointed out, we have pretty much completed.
    We have come a long way on this in the last year, but among 
the critical elements that need to take place in this phase is 
important for the agency to explicitly define the problem, make 
sure that you have executive support for not only problem 
identification, but the need to put a plan in place to rectify 
the problem.
    It is also important that the word be spread across the 
agency, that all employees know about the problem and what the 
plans are to fix it. Similarly, it is very important that an 
agency establish an overall team to take the lead in putting 
together the plan and, most importantly, implementing that plan 
before the year 2000.
    The second major phase of the guide is the assessment 
phase. As you pointed out, most of the Federal agencies are in 
that phase currently. It is a crucial phase that includes such 
activities as assessing in much more detail the kind of impact 
that can occur with the Y2K problem, which could happen on any 
mission-critical system.
    In addition, it is important that an agency identify its 
core lines of business as part of that inventory and prioritize 
its systems. It is not necessarily realistic to think that an 
agency is going to be able to fix every system. It is important 
in this assessment phase to set priorities and decide what we 
are going to fix first, and what we will fix second, and so on.
    Also, an important element within this phase is the need 
for an agency to put together a contingency plan: What happens 
in the event of a year 2000 failure? Then, what do we do? It is 
important that kind of plan be in place.
    The next critical phase is the renovation phase. 
Essentially this is where the agency needs to go in and make 
the changes to its systems. In doing that, an agency 
essentially has three options.
    One, it can go into its existing systems and modify the 
code as necessary to try to get it to be year 2000 compliant; 
or, second, it can design and implement entirely new systems 
that would be year 2000 compliant and replace its existing 
systems; or, third, in going through the priority-setting 
process, agencies may find that they have systems that really 
are not that important anymore. In fact, that could be one of 
the side benefits of this entire exercise, is that agencies 
identify systems that are no longer needed and they can simply 
eliminate them.
    Another key aspect within this phase is the need for the 
agency to modify its interfaces after identifying them. An 
agency needs to be careful that it does not allow data from 
outside sources to come into its internal systems and corrupt 
their system. So it is an especially important point for them 
to cover within this phase.
    The next phase: validation. This is, again, an especially 
critical area that we want to make sure that agencies spend 
enough time on. Essentially what we are looking at here is 
agencies testing to make sure that the changes they have put in 
are, in fact, going to work. In many cases this is going to 
take agencies at least a year to do, and we generally have set 
aside the entire calendar year 1999, to address most of this 
phase.
    And the last phase, somewhat in conjunction with putting 
our changed systems into effect, will still include some amount 
of testing, especially as it relates to integration and 
acceptance testing. Some agencies may also find it is very 
useful to have two systems running in parallel, the existing 
system and the new system, to reduce risks.
    In summary, Mr. Chairman, I would like to reiterate for any 
organization or agency that does not take the year 2000 issue 
seriously, they are risking a crisis. Fortunately, within the 
last year the awareness level is up. So we have an opportunity, 
I think, through executive management support and leadership to 
actually fix this problem.
    That concludes a summary of my statement. I would be 
pleased to address any questions that you may have or the other 
Members.
    [The prepared statement of Mr. Willemssen follows:]
    [GRAPHIC] [TIFF OMITTED] T1005.004
    
    [GRAPHIC] [TIFF OMITTED] T1005.005
    
    [GRAPHIC] [TIFF OMITTED] T1005.006
    
    [GRAPHIC] [TIFF OMITTED] T1005.007
    
    [GRAPHIC] [TIFF OMITTED] T1005.008
    
    [GRAPHIC] [TIFF OMITTED] T1005.009
    
    [GRAPHIC] [TIFF OMITTED] T1005.010
    
    [GRAPHIC] [TIFF OMITTED] T1005.011
    
    [GRAPHIC] [TIFF OMITTED] T1005.012
    
    [GRAPHIC] [TIFF OMITTED] T1005.013
    
    Mr. Horn. We thank you very much for that concise 
statement. I thought your testimony, which I read last night, 
was excellent, and I think that handbook is going to be very 
helpful.
    As you know, when we started these hearings about a year 
ago, the Gardner Group said this is a $600 billion worldwide 
problem, and since America has half the computers, it is a $300 
billion U.S. problem and it would be a $30 billion Federal 
Government problem.
    I felt those figures were a little high. Now, our latest 
figure from the Office of Management and Budget, the 
President's management arm, says that, well, they estimate 
about $2.3 billion will be the cost of conversion. As I read 
Mr. Paige's testimony, the Chief Information Officer of the 
Department of Defense, DOD would be half of that $2.3 billion.
    Now, based on your experience, where does GAO come out on 
this as to the estimated cost to the Federal Government?
    Mr. Willemssen. I think the estimate that has been provided 
to date, $2.3 billion, we have to keep in mind that that is 
considered not the most reliable estimate in view of the fact 
that almost all agencies are not yet through the assessment 
phase. I think between now and this summer you are going to see 
estimates varying dramatically from what we have now.
    I think OMB is the first to recognize that. They have come 
up with a dollar figure right now, but that amount is going to, 
I think, change quite a bit once agencies really get in and 
understand what they have to fix. Most agencies are not at that 
stage yet and will not be for several more months.
    Mr. Horn. In my discussions with the Director of OMB a 
month ago, I expressed the hope that this would not be seeking 
new money, but that they would reprogram existing money. The 
main reason being, No. 1, they have the funds there, most of 
these Departments, for reprogramming; No. 2, if we sit around 
waiting for a new budget year, we will lose a year, and it is 
urgent we move in this direction.
    Does the General Accounting Office have any view on that 
matter?
    Mr. Willemssen. Not to reiterate, but it is important that 
the assessment phase get completed as quickly as possible. But 
I would also point out it is important that agencies look at 
their year 2000 program in view of other priorities that they 
may have in the information technology arena.
    This cannot necessarily be seen as just a simple add-on to 
other modernization projects that they may have. This has to be 
looked at in total, year 2000 program plus all the other funds 
that we spend on information technology, and there needs to be 
a prioritization process that the agency goes through for all 
of those.
    Mr. Horn. You heard my testimony about being a little 
distressed that they are pushing the envelope, if you will, so 
close to when actual D-Day is. Do you feel that is a major 
problem and they should move things up earlier to allow for the 
usual snafus that occur in computer programs?
    Mr. Willemssen. Our biggest point on the timeframes was, it 
is absolutely critical that at least a year be left at the end 
for 1999, to do most of the testing and implementation. If an 
agency is in 1999, and still making major changes and has not 
entered its testing program yet, then I would be very 
concerned. So at this point any schedule for an agency that 
shows testing starting sometime late in that year, I would be 
concerned.
    Mr. Horn. We are going to be hearing from some of the key 
Chief Information Officers. We are not hearing from all of 
them. We will follow that up in writing. Of those that are 
testifying this morning, does the GAO have any sense of which 
ones are much further behind than they say they are?
    Mr. Willemssen. Unfortunately, we have not yet completed 
any work on specific agencies. As you may know, we do have 
ongoing work at several agencies, including the Department of 
Defense, the Veterans Administration, the Social Security 
Administration, the Health Care Financing Administration, and 
the Internal Revenue Service, and we will very shortly be 
beginning a review at the Federal Aviation Administration.
    We have tried to select those agencies where we think the 
impact of a Y2K failure would be most dramatic on the American 
citizenry.
    Mr. Horn. Very good.
    I now yield to the ranking Democrat, Mrs. Maloney of New 
York.
    Mrs. Maloney. First, I want to thank you and the General 
Accounting Office for laying out a very useful guide for how 
agencies can prepare for the millennium problem. But, as I said 
in my opening statement, a plan is just that, a plan, a piece 
of paper, and I would like to ask what do you think that your 
Department or what do you think Congress should be doing to 
make sure that the agencies respond; that they actually 
implement the plan? What followup do you think is necessary?
    Mr. Willemssen. I will first cover us and then speak toward 
the Congress.
    Our strategy essentially in doing work in this area is 
threefold: One is to put together some guidance that Federal 
agencies could use, which we are, as you said, releasing that 
exposure draft today.
    The second element of our strategy is to go into the more 
high-risk agencies and do readiness assessment reviews, which 
we currently have ongoing at five agencies. And then as we near 
the deadline, the third part of our strategy is to go into some 
depth on selected mission-critical systems, to see that indeed 
the fixes that need to be in place are there.
    Speaking from the Hill's perspective, I think one of the 
most useful things that you can do is to continue to have 
forums such as this, so that the word keeps getting out that 
this is an important issue. We have to see progress. I think 
the more routine that you hold hearings like this, the more we 
can be assured that progress is being made.
    As an aside, look at where we are today on the awareness 
issue compared to the hearing that was held last April. It has 
made quite a difference.
    Mrs. Maloney. Do you believe that Congress needs to write 
any type of legislation or just use the oversight power?
    Mr. Willemssen. My initial reaction is to use oversight, 
but I have not, to be honest, given that a lot of thought.
    Mrs. Maloney. As you said in your statement, it is probable 
to believe that some agencies will have some failure in this 
endeavor in getting ready for the millennium problem. At this 
point in time, what do you think the probability is that we 
will have a failure in some of our official systems?
    Mr. Willemssen. I think there is a high probability that 
there will be some failures. I think the important point is 
that those failures be limited to low-priority systems and 
lines of business.
    In fact, as I might have mentioned earlier, I do not think 
it is necessarily realistic to think an agency can fix 
everything and, therefore, I think setting priorities is 
especially important. To the extent that we can limit our 
exposure to the lower priority applications, I think we will be 
better off.
    Mrs. Maloney. Does each agency now have an oversight team 
and a budget to address this problem?
    Mr. Willemssen. I cannot speak toward that. I do not have 
the information. It would be my guess that they have done 
something in terms of reporting to OMB, but we have not done 
the detailed work at each of the 24 agencies to know that for 
sure.
    Mrs. Maloney. I think that is a critical question. If they 
have not even appointed a staff and allocated a budget to 
address the problem, I can assure you it will not be handled. I 
would think that that is something you should begin today to 
look at.
    Second, do you have any form now for evaluating which 
critical systems would possibly collapse, are not going to be 
able to respond to the ``00'' crisis?
    Mr. Willemssen. The form we are using predominantly right 
now is the detailed step-by-step instructions in the guide that 
we are publishing. I think a key element that gets at your 
question is to identify again the highest priority systems. And 
then, as I pointed out earlier, we will plan to go in some 
depth with some of our senior technical staff in looking at the 
coding to see that the system fixes have been made.
    Mrs. Maloney. Obviously, some areas are of a greater crisis 
potentially for the Nation: Social Security, transportation. I 
would think that you should make a list of those that are the 
most critical to the functioning of the Nation and go in there 
immediately and make sure that it is taken care of. I can see a 
monumental problem in this country if we do not address this, 
and there is no reason we cannot begin in the timeframe we 
have.
    Mr. Willemssen. We have started at the Social Security 
Administration, and we are just initiating work at the Federal 
Aviation Administration.
    Mrs. Maloney. What other agencies are on your list for high 
critical?
    Mr. Willemssen. Well, the Department of Defense has been a 
critical Department that we have wanted to look at, and we have 
been in there for several months. In addition, the Health Care 
Financing Administration, which is responsible for Medicare and 
Medicaid programs, and also the Veterans Administration, which 
is responsible for issuing veterans' benefits.
    We are also considering looking at the Federal Reserve and 
the Securities and Exchange Commission to see what oversight 
activities they have in mind for banks and financial 
institutions.
    Mrs. Maloney. Well, there are two stages. No. 1 is 
isolating those agencies which are the most critical to the 
Nation; the second is whether or not these agencies are 
responding to the crisis. It appears you have not done anything 
in the second level.
    Mr. Willemssen. We have not published any work yet on that 
second level. We do have the ongoing reviews and will be 
publishing later this spring and this summer, and we will be 
able to comment on some of those high-profile agencies.
    Mr. Horn. I thank the ranking Democrat, and I now yield to 
Mr. Davis of Virginia for 5 minutes of questioning.
    Mr. Davis of Virginia. I found very interesting the fact 
you noted that some of the severely older, poorly programmed 
and documented applications developed 15 years ago, that this, 
in a sense, may be the silver lining because it may be cheaper 
to come in and, rather than convert these, replace these 
applications. That is an opportunity to do that.
    I do not know how the timeframe stretches out in terms of 
our ability to do that; where the level of analysis is on these 
so we can plan right away to do that. Do you have any feel for 
how far along they are?
    Mr. Willemssen. Generally speaking, the agencies are in the 
midst of doing that. Some are a little further ahead than 
others. In addition to the opportunity to replace, I think 
there is an opportunity to eliminate, also.
    Mr. Davis of Virginia. That is a good point.
    I think it was in the 6th century A.D. when Dionysius 
Exiguus, again among the first who brought the consecutive year 
calendar to America--I mean to the world; and the year 999, 
with the end of the millennium, history writers would recall 
that people, both Christians and pagans, were crowing at the 
moon.
    At the end of the millennium, now we find out in the year 
999 nobody even knew what year it was. Frankly, the calendar 
was kind of an ``in'' thing and most people did not know what 
it was. The irony is that in the year 1999 everyone will know 
it is the year 1999 except the computers, who have obviously a 
very important role to play in our world today, and we will not 
be ready for that.
    I am concerned about what the costs are going to be in 
terms of what the administration has set forward at this point. 
You have done some analysis and say we are still in the middle 
of that, but I do not see, under any scenario, where the costs 
the administration is coming in with are going to be enough.
    If we do not address that in the fiscal appropriation for 
this year and have a better feel for this in a very short 
order, we will be way behind the eight ball a year from now 
when we go through the next appropriation period, and it will 
be hard to get any contracts out or anything else.
    Any thoughts on that?
    Mr. Willemssen. One issue I would bring up, possibly when 
the panel of CIO's is up here, is I think the CIO's may have 
revised and in some cases have larger cost estimates today than 
what they had even a few weeks ago when they reported to OMB, 
as they have gone further into the assessment process. So I 
would encourage you to continue asking the cost question, 
because as agencies go further into the assessment phase and 
learn more about what they actually have to do, even within the 
next month or two, I think you will get more reliable cost 
figures.
    Mr. Davis of Virginia. I think that is important for us to 
get a handle for on this reason: It does not have to be the 
President's budget because Congress will end up putting the 
appropriation together anyway. But to the extent that is not 
addressed as part of the appropriations process, and the work 
needs to get done and the agencies recognize it has to get 
done, what they will do is go into other IT procurements and 
then cancel those or put those off, and Congress will not get a 
say in them at all. And there will be some devastating 
consequences for many of our IT contractors, but also for the 
kind of work we want to do that we think needs updating in 
other Departments.
    Any thoughts on that?
    Mr. Willemssen. Well, it is absolutely critical that as 
part of this process, to pick up on the point you made, 
agencies have to look at priorities from the whole information 
technology budget arena and think about trading off some of the 
year 2000 compliant activities against other initiatives that 
they may have ongoing, because there will obviously be a limit 
on the amount of resources that are available.
    Mr. Davis of Virginia. Do you have any feel for, at this 
point, the level of what could go wrong if we do not make the 
changes? We know some agencies are way ahead of the curve. We 
have Chairman Horn's report card last year. I think everybody 
is looking for an improved grade this time. But I wonder if you 
can share some of the consequences if this is not followed 
through on.
    Mr. Willemssen. Certainly. I will let Mr. Rhodes, who has 
followed that issue a little more closely, respond to that, if 
that is OK.
    Mr. Rhodes.
    Mr. Rhodes. I can give you one example from the Defense 
Logistics Agency. They have a system at DLA Columbus that 
issues contracts for 3 years. They have already encountered in 
microcosm this problem.
    A contract was let for 3 years to begin on January 1, 1997. 
A 1997 year delinquency notice was issued. It was caught in 
time and not given to the contractor. The contract lasted for 3 
years and, of course, will end on January 1, 2000.
    This is just on the business side. It is one thing if I am 
an individual contractor, and I get a 1997 year delinquency 
notice, and I live in Columbus and I come back and say, ``Well, 
obviously this is incorrect.'' But the errors that are smaller 
than that can be much more insidious, and the ability for the 
contractor to then come back and even understand that the 
problem has existed--that is where you move into the level of 
crisis. If everyone's getting a 1997 year delinquency notice on 
their contract, then there are a lot of people standing at your 
contracting officer's door.
    Mr. Davis of Virginia. So you can pay me now or pay me 
later, and it is more expensive to fix under pressure than 
doing it now. My concern is you can fix your system, but then 
you are talking to other systems, and you have to go that back 
and forth.
    Mr. Willemssen. That is a critical concern, dealing with 
those interfaces. Agencies will probably have to set up some 
filters or data bridges in order that the data that is coming 
in from those external sources, is identified and scrubbed 
before you allow it into your system. That is a critical issue.
    Mr. Davis of Virginia. Mr. Chairman, I see my time is up. I 
note one thing. I notice Visa is encountering this problem 
worldwide as the expiration dates now go to ``00'', and about 
10 percent of the cards are kicking back, from what I can see 
across, and then they are trying to deal with that. If we are 
faced with that at the Government level, there are some severe 
repercussions.
    Thank you.
    Mr. Horn. I might add, before calling on Mr. Davis of 
Illinois, that I was fascinated by the exchange on the Columbus 
processing center. I think it is a great improvement when they 
are issuing 1997 year delinquencies, because last year when we 
held a hearing they were issuing million dollar checks to 
contractors who said, ``We never did the job and we do not want 
the check.'' And they said, ``Oh, yes, you did; keep the 
check.'' So I think we have made much progress here, and we 
will be holding a hearing on that in a month or so.
    We are delighted to welcome a newly elected Member of 
Congress, Mr. Davis of Illinois.
    Mr. Davis of Illinois. Thank you very much, Mr. Chairman, 
and let me just say I am delighted to be here.
    You indicated that corrective action would be labor-
intensive and quite time-consuming. Do we have much of a handle 
on how much internal capacity we currently have as opposed to 
what we are going to have to seek from other sources?
    Mr. Willemssen. It is clear that in most cases agencies are 
not going to be able to handle this totally internally. That is 
why it is imperative to get through the assessment phase as 
quickly as possible, so that an agency can identify what the 
resource needs are, and can go out and contract for those needs 
that it cannot meet internally as quickly as possible.
    In many cases we are looking at systems which were 
programmed in COBOL. There are simply not a lot of COBOL 
programmers available, or if they are available, there are not 
necessarily a lot of them within the agency. So we are going to 
have to look at innovative approaches to get the kind of talent 
in that is needed to make these changes.
    Mr. Davis of Illinois. So the level of assessment will have 
a great deal to do with the timeliness of our ability to 
respond?
    Mr. Willemssen. Yes, sir.
    Mr. Davis of Illinois. Thank you.
    Mr. Horn. Mrs. Maloney has a followup question.
    Mrs. Maloney. You mentioned that we may not have, quote, 
the talent, end quote, in the agencies to respond to this 
problem. Oftentimes our more talented programmers are hired by 
the private sector. Also, with the reinventing Government there 
has been a general downsizing of Government.
    How do you propose that we get the talent that we need to 
handle this problem? You responded to Mr. Davis' question by 
saying he is entirely right we may not have the talent to 
address it. And you said there would be innovative approaches. 
What are the innovative approaches that you are looking at to 
bring the talent in to address it?
    Mr. Willemssen. Innovative approaches such as putting 
together requests for proposals for a given level of 
programming support, for a given application language, for a 
certain mission-critical system. If you don't have it in-house, 
put it out in the marketplace and see if you can get an 
adequate response.
    My only concern is that we need to do that quickly because 
the more we wait, the less talent in total, private and public, 
that will be available.
    Mrs. Maloney. And then to followup with a question posed by 
the chairman earlier on the cost, the $30 billion estimate is 
now $2.1 billion. Does the $2.1 billion include the cost for 
innovative proposals to possibly the private sector to bring in 
talented programmers to handle it?
    Mr. Willemssen. Not to be evasive, but I am not sure. My 
guess would be it probably generally does not, but we have not 
analyzed that in depth for each of the 24 agencies at this 
point.
    Mrs. Maloney. Well, we are galloping toward a budget, 
hopefully, so any information needs to be put before us very 
quickly.
    Mr. Willemssen. We will do that.
    Mr. Horn. I thank the gentlewoman. Some of my questions to 
end this are related to cost.
    One of them is, when we make these estimates as to what it 
is going to cost to make the conversion, to what degree is it 
appropriate to try and estimate the lines of code that are 
affected by the ``00'' bit and put a value on those lines to 
change?
    As I remember, a lot of estimates have been made. I do not 
know if it is out of the air or not, if we have a line of code 
affected, we have to bring it up and deal with it and it is $1 
in cost, so if you have 30 million lines you have a $30 million 
problem.
    Do you think that is a sensible basis on which to make 
these estimates?
    Mr. Willemssen. Lines of code can be one useful metric or 
indicator to use, but using lines of code alone is probably not 
wise. In fact, with some application languages you may not want 
to use them at all. You may want to choose something like 
function points. When we are looking at 40, 50, 60 different 
types of application languages. In some cases lines of codes 
can work and the dollar-per-line estimate is reasonable; in 
other cases it is not.
    So I would not say throw it away; I would say it is useful, 
but only in conjunction with other available metrics.
    Mr. Horn. Have you had a chance to talk to the people at 
OMB that made the $2.3 billion estimate, and what is their 
basis for that? Was there any comparability between 
departments?
    Mr. Willemssen. My understanding is that that estimate is 
essentially a compilation of what was submitted by the 
agencies.
    Mr. Horn. We do not know if there is a common criterion by 
which a judgment can be made.
    Mr. Willemssen. I think that is a good question to ask some 
of the CIO's.
    Mr. Horn. We will get to that, then, so those CIO's in the 
audience, phone your Deputy and see what happened before you 
take the oath.
    Some observers have suggested that the year 2000 problem is 
most severe with the older, poorly programmed and documented 
applications that were developed, say a decade and a half, two 
decades ago. Does it make more sense for the Federal Government 
simply to replace those rather than convert those? Is there any 
feeling at GAO on this?
    Mr. Willemssen. I think it really needs to be taken on a 
case-by-case basis. In many cases it may be wise to replace, 
but, again, we have to keep the calendar in mind so that we can 
put in a replacement system in time. We have to be able to 
start now.
    In some cases where the code is old, it may have been 
written in an assembler language that is tied to a particular 
piece of hardware and there are not a lot of folks around 
anymore who actually know that language, it may be most 
beneficial to actually just try to replace. Again, assuming it 
is a high-priority system.
    Mr. Horn. Let me move to another area. The gentleman from 
Virginia is the distinguished chairman of our Subcommittee on 
the District of Columbia. To what degree do we know, if any, 
that the District of Columbia, to which the Federal Government 
has a major interest, do they have any problems in this area? 
Are we even looking at them or thinking about them?
    Mr. Willemssen. Unfortunately, I have no basis to comment 
on that. We have not done any work and at this point we have no 
plans to do so.
    Mr. Davis of Virginia. It is good news/bad news. 
Unfortunately, the city has invested so little in information 
technology they do not have much to repair. They are so far 
behind where they need to be otherwise, so I do not think it is 
the huge problem it has been in other States.
    Mr. Horn. So if they do something, they can be Cinderella.
    Mr. Davis of Virginia. Exactly.
    Mr. Horn. That is good news. Any further questions from any 
member of the panel of the GAO?
    Will you gentlemen be here to hear some of the other 
testimony?
    Mr. Willemssen. Certainly, if that is what you would like.
    Mr. Horn. Yes, I would like you to listen to it, and maybe 
at the end come back and we will have a discussion of what we 
heard and what we think we ought to be doing in the GAO area.
    I thank you all for coming. You always do a splendid job in 
laying out the case for it. I was very impressed by the written 
testimony. Obviously, all of this is in the record, even though 
you summarized a lot of that, and I think that handbook will be 
immensely helpful.
    Mr. Willemssen. Thank you, Mr. Chairman.
    Mr. Horn. We now have the Chief Information Officers of the 
various agencies, if they would please come forward. We will 
swear you in.
    [Witnesses sworn.]
    Mr. Horn. All six affirm, I will so inform the clerk, and 
it will be noted in the record.
    We will simply go in the order in which we have listed you 
under panel two, and the first Chief Information Officer would 
be Eliza McClenaghan.
    We are delighted to have you here from the Department of 
State, and we would welcome a summary basically of your 
testimony, because some, Department of Labor in particular, 
while very interest-
ing, is also very long, and in order to get to the questions 
Members
have, we would be most grateful if you could summarize it in 5
minutes. If that takes a little longer, that will not bother 
me, but I don't want a half-hour reading of the written 
statements. That is automatically in the record anyhow. So if 
we can summarize most of the testimony, we will be grateful.

  STATEMENTS OF ELIZA McCLENAGHAN, CHIEF INFORMATION OFFICER, 
    DEPARTMENT OF STATE; EMMETT PAIGE, ASSISTANT SECRETARY, 
 COMMAND, CONTROL, COMMUNICATIONS, COMPUTERS AND INTELLIGENCE, 
  DEPARTMENT OF DEFENSE, ACCOMPANIED BY BILL JAMES, U.S. AIR 
     FORCE; PATRICIA LATTIMORE, CHIEF INFORMATION OFFICER, 
   DEPARTMENT OF LABOR; JOHN J. CALLAHAN, CHIEF INFORMATION 
   OFFICER, DEPARTMENT OF HEALTH AND HUMAN SERVICES; MICHAEL 
 HUERTA, ASSOCIATE DEPUTY SECRETARY, ACTING CHIEF INFORMATION 
  OFFICER, DEPARTMENT OF TRANSPORTATION; AND MARK D. CATLETT, 
   CHIEF INFORMATION OFFICER, DEPARTMENT OF VETERANS AFFAIRS

    Ms. McClenaghan. Thank you, Mr. Chairman.
    I am Eliza McClenaghan, Chief Information Officer of the 
Department of State. I have the responsibility for providing 
policy guidance and direction to ensure that, among other 
things, Department of State computer hardware and software 
applications will be able to handle the year 2000 calculations.
    The Department responded to a request for information the 
subcommittee made on January 14, 1997. I understand the 
description we provided for our year 2000 activities will be 
made a part of the hearing record. Accordingly, in my opening 
remarks I will briefly highlight our activities to date, note 
the next steps in our program and reiterate our management 
structure.
    The problem: We began to address the year 2000 challenge in 
fiscal year 1996. We used the better part of that year to 
analyze Department hardware and software applications as they 
relate to the problem. As a result of the surveys at our 
domestic and overseas sites, and extensive discussions among 
our systems managers and with outside consultants, we have 
accurately defined the problem we face.
    In total, the Department has over 220 applications 
consisting of 35.3 million lines of code. They are written in 
17 different programming languages. We have determined that 141 
applications consisting of 27.7 million lines of code will need 
to be corrected.
    With respect to hardware, the Department has 250 mini-
computers, more than 18,000 personal computers, and several 
hundred network systems that support these 141 applications. 
Our biggest challenge is the minicomputer base that will have 
to be upgraded or replaced and the applications on the 
minicomputers that will have to be corrected.
    It will also be necessary to have appropriately trained 
personnel to, for example, manage contracts, validate and test 
changes, and implement revised systems. We estimate the total 
cost will be approximately $135.2 million.
    Our plans: There are several components to our strategy. We 
are capitalizing on the fact the year 2000 problem comes at a 
time when we are investing in an infrastructure modernization 
program. We will make investments that satisfy year 2000 in 
infrastructure modernization goals.
    Secretary Albright has cited our need for resources 
necessary to maintain U.S. leadership and for the tools 
required to get that job done. To support the Secretary we have 
established, under the leadership of the CIO, a strategic 
information resources plan that will, when fully implemented, 
replace our current dependence on substantially obsolete and 
proprietary technology that cannot readily accommodate many 
standard business applications. By integrat-
ing our year 2000 investment plans for the information resource 
capital investment plans necessary to modernize our 
infrastructure, we will leverage our investments to the maximum 
advantage.
    A planning process is integral to development of an IRM 
strategic plan. That process includes procedures for the 
analysis and prioritization of proposed IRM capital 
investments. We have studied, for example, the 141 software 
applications to which I referred earlier and determined, in 
consultation with the department users, that 85 are mission-
critical.
    We have defined mission-critical as either directly 
affecting the public, such as passport and visa processing; 
essential department operations such as payroll, personnel and 
telegram distribution; or essential to national security 
responsibilities such as intelligence research. Of the 85 
mission-critical applications, 57 are not year 2000 compliant, 
and these 57 account for 19.8 million lines of code.
    The code in 40 of the applications will be rewritten and 
the balance will be replaced. Those applications are either 
developed centrally for deployment to multiple domestic and 
overseas sites or are centrally developed and operated.
    Department applications are supported by four major systems 
platforms: mainframes, minicomputers, personal computers, and 
client service systems. Our biggest problem is in the 
minicomputer base: 271 minicomputer systems are noncompliant 
and the manufacturer will not have the year 2000 operating 
system for 74 of them. These latter systems must, therefore, be 
replaced.
    Our milestones: The Department has established milestones 
to ensure timely conversion of its systems and platforms. Using 
guidelines provided by OMB, we have successfully completed the 
awareness milestone and the inventory phase of the assessment 
milestone. By June 1997, we will have completed our renovation 
schedule and our test plans. Renovation and validation and 
implementation of mission-critical systems and other systems 
will be completed in August and November 1999, respectively, so 
that the Department can meet its commitment to be fully 
compliant by December 1999.
    The cost: As I noted earlier, we estimate the total cost to 
become year 2000 compliant will run $135.2 million. This 
estimate covers the cost between fiscal year 1996 and fiscal 
year 2000 to identify necessary changes, evaluate the cost 
effectiveness of making those changes, make changes, test 
systems and develop contingency plans. The cost estimate does 
not include the cost of upgrades or replacements that would 
otherwise occur as part of the normal system life cycle cost.
    Management: We do not underestimate the scope of the 
problem at hand, and have put in place a management structure 
that will provide policy direction and oversight to all 
operating elements of the department. As I stated at the 
outset, I have met the responsibility for providing policy 
guidance and direction to ensure that Department of State 
computer systems and hardware and software applications will 
handle year 2000 calculations. Our year 2000 project office is 
responsible for implementing that guidance and direction.
    I have a good working relationship with the system managers 
throughout the department, at domestic sites and overseas. I 
believe we have a collegial environment conducive to productive 
collaboration. At the same time, we have established a 
functioning IRM program board, comprised of 12 senior 
department officials and chaired by the CIO, which will review 
program implementation at key decision points. On balance, I 
believe our management structure is appropriate and sound.
    Mr. Chairman, that concludes my opening remarks and I will 
be happy to answer your questions.
    [The prepared statement of Ms. McClenaghan follows:]
    [GRAPHIC] [TIFF OMITTED] T1005.014
    
    [GRAPHIC] [TIFF OMITTED] T1005.015
    
    [GRAPHIC] [TIFF OMITTED] T1005.016
    
    [GRAPHIC] [TIFF OMITTED] T1005.017
    
    Mr. Horn. Well, we thank you very much. We are going to ask 
all the panel to testify before we throw it open to questions.
    Our next witness has made frequent appearances before both 
the subcommittee and the full committee. General Paige comes to 
this job with a distinguished career in the Army, where he 
retired as a Lieutenant General, and he has evidenced more 
Distinguished Service Medals out of the civilian sector and the 
military sector, I think, than almost anyone I know.
    So welcome in your new role as Chief Information Officer.
    Ltg. Paige. Thank you very much, Mr. Chairman and members 
of the committee. I want to thank you for the opportunity to 
testify before you today, and I do not want to tell you that I 
am looking forward to coming back again and again, but I do 
appreciate being here this morning.
    As I testified to you in April 1996, the Department of 
Defense considers the year 2000 millennium change to be 
potentially a serious problem and we are dealing with it 
aggressively. All of DOD is using the structured five-phase 
approach for resolving the problem.
    This approach, as you might know, was first developed by 
the Air Force and was adopted for use across the Federal 
Government through the Chief Information Officer Council's Year 
2000 Interagency Committee. We are well into the first phase of 
that approach, which is to raise awareness of the problem with 
the senior leaders, managers and decisionmakers throughout the 
Department.
    As you are probably aware, we officially began the 
awareness campaign in November 1995, after many earlier e-mails 
alerting people all around the world that the problem existed. 
Today, I would like to believe that virtually every commander 
or senior leader in the Department is aware that the problem 
exists and that it could affect them in many ways.
    Taken as a whole, the Department is far down the road to 
completing the second phase, in which our systems are assessed 
for the year 2000 impact and compliance. We have a backbone 
management tool, the Defense Integration Support Tools, or the 
DIST, that we are using as a corporate data base to maintain 
inventory and track essential elements of information about our 
systems. We are using the tool to record the progress of our 
systems as they move toward retirement or year 2000 compliance.
    Each of the components, including the military departments, 
report the results of their ongoing assessments, and all 
actions planned are taken to my office. This information will 
also be given to the General Accounting Office in their ongoing 
year 2000 audit of the Department.
    Some of our defense agencies have progressed beyond the 
assessment phase into the renovation and validation phases, 
primarily because they started on the problem early, as early 
as 1991 in some cases. In the case of the defense agencies that 
started early, and in most of our weapon systems programs, the 
year 2000 fixes are taking place as normal systems maintenance. 
And I have no doubt that they will be ready long before that 
dreaded Saturday morning of January 1, 2000.
    The Comptroller and I co-chaired the first of a series of 
interface assessment workshops to ensure the systems that are 
in his functional area or that have direct interfaces with the 
financial systems will be year 2000 compliant. These interface 
assessment workshops will continue semiannually until all of 
our systems in each of the functional areas, that is, not only 
finance, intelligence, but on and on, are compliant.
    Dr. Hamre and the senior leaders in the entire financial 
community across the Department have left no doubt that they 
are aware and concerned. Their participation and assumption of 
leadership to make it happen was clearly demonstrated during 
that functional area assessment.
    Since I last testified, we have undertaken a number of year 
2000 activities. Our participation in the Federal CIO 
Interagency Council has been continuous, and has resulted not 
only in the adoption of the five-phase process for the Federal 
Government but also in the development of a best-practices 
document to back up that process, a Federal Acquisition 
Regulation clause, and conferences to raise awareness and share 
lessons learned on assessments.
    We are working closely with OMB and GAO to share the status 
of our activities and concepts on how to fix the year 2000 
problem. We established a Year 2000 Steering Committee, led by 
our Deputy Secretary of Defense, the Honorable John White, so 
that critical issues are brought before the Department's senior 
leadership for immediate decision and action.
    We are working toward fixing the year 2000 problems in the 
Department, and you have the reports furnished in response to 
your letters to the military departments. If you have had the 
time to review those responses, I hope that you were as 
impressed as I am that they understand the problems and are 
hard at work to solve them. I have had the opportunity to 
review the detailed plans from some of our overseas commands, 
and I assure you that the professionalism is evident.
    We recognize that we need to get on with it, find, fix and 
test every mission critical system in the Department, to 
include our support systems, which were referred to by some 
folks as management information, or other admin and LOG 
systems.
    As I mentioned earlier, the CIO's of the military 
departments and I, on February 12, 1997, submitted to this 
committee responses to 10 questions to help you evaluate where 
the Department of Defense is in relation to solving the year 
2000 problem. These responses reinforce the fact that the 
Department's senior leaders and systems managers are not 
waiting until the last minute to test, validate and implement 
their year 2000 solutions but are, indeed, taking aggressive 
action to plan for and fix the year 2000 date-related issues 
early on.
    This year we are closer than last year, and we know we 
cannot change the deadline for solving this problem. January 1, 
2000 will be here whether or not we are ready. Each time we are 
required to answer additional calls for information from the 
Office of Management and Budget, GAO, or from Members of 
Congress, it stretches our resources, both manpower and 
funding, a little thinner. If you were to ask how you can help, 
my response would be to help in reducing the drain on our 
resources by reducing the number of special reporting 
requirements. We are reprogramming resources from all areas to 
use in solving the year 2000 problem. We need to use those 
resources to the maximum extent for that purpose.
    I appreciate the opportunity to share with you the year 
2000 initiatives that have been put in place to bring the 
Department's systems to full year 2000 compliance. You can be 
confident that DOD will get the job done and we will be 
prepared on January 1, 2000, to perform our mission. We will 
not let America down. Your continued support is critical to the 
Department's success.
    Thank you.
    [The prepared statement of Ltg. Paige follows:]
    [GRAPHIC] [TIFF OMITTED] T1005.018
    
    [GRAPHIC] [TIFF OMITTED] T1005.019
    
    [GRAPHIC] [TIFF OMITTED] T1005.020
    
    [GRAPHIC] [TIFF OMITTED] T1005.021
    
    [GRAPHIC] [TIFF OMITTED] T1005.022
    
    [GRAPHIC] [TIFF OMITTED] T1005.023
    
    [GRAPHIC] [TIFF OMITTED] T1005.024
    
    Mr. Horn. Thank you, General.
    The next witness is Patricia Lattimore, who is now the 
Chief Information Officer for the U.S. Department of Labor.
    Welcome.
    Ms. Lattimore. Good morning.
    I, too, welcome the opportunity to briefly describe the 
Department's year 2000 preparatory activities. We have reported 
to you a number of positive efforts to date, some of which 
began over a decade ago. I think that you will see from our 
report that the Department is making excellent progress toward 
our singular goal, to ensure that all Department of Labor 
systems transition successfully to the next century and do so 
in a manner that allows the Department to carry out its mission 
of providing the best possible service to America's workers 
without interruption.
    As the examples in our submission demonstrate, the 
Department has a long-standing commitment to serving the public 
and thus to ensuring that its automated systems meet the 
challenge of the year 2000.
    The Department's Chief Information Officer structure is 
coordinating the Department's year 2000 project plans and 
detailing required actions. We have 58 mission-critical systems 
that need conversion. Six of those are already year 2000 
compliant; 34 are scheduled to be completed for compliance by 
the end of 1998; we have 18 that were scheduled for conversion 
early to mid 1999, and those are currently under review to see 
if we can move their conversion into the 1998 window.
    We are reviewing these plans carefully and closely 
scrutinizing completion dates, especially those that stretch 
into 1999, to see if we cannot expedite some of that through 
additional resources or reprioritization. We have measured our 
progress to date against the Government-wide year 2000 
guidelines published by OMB, and we believe our conversion 
approach to be consistent with OMB's 5-pronged goal and 
timetable approach.
    As the newly appointed CIO for the Department, I place 
strong emphasis on achieving a structured and goal-oriented 
approach to our total information technology environment. We 
are working to create a stronger, more cohesive IRM program 
responsive to the mandate and full intent of the Information 
Technology Management Reform Act.
    Through the combined efforts of our actions completed to 
date, those currently under way, and ongoing coordination and 
information sharing, we feel we are well on the way to 
mastering the year 2000 challenge. Nonetheless, we recognize 
the challenge is unprecedented. The efforts we have undertaken 
have few models in terms of scope or complexity. A project of 
this magnitude always has room for improvement, and we hope to 
benefit by the constructive dialog that this hearing will 
generate.
    [The prepared statement of Ms. Lattimore follows:]
    [GRAPHIC] [TIFF OMITTED] T1005.025
    
    [GRAPHIC] [TIFF OMITTED] T1005.026
    
    [GRAPHIC] [TIFF OMITTED] T1005.027
    
    [GRAPHIC] [TIFF OMITTED] T1005.028
    
    [GRAPHIC] [TIFF OMITTED] T1005.029
    
    [GRAPHIC] [TIFF OMITTED] T1005.030
    
    [GRAPHIC] [TIFF OMITTED] T1005.031
    
    [GRAPHIC] [TIFF OMITTED] T1005.032
    
    [GRAPHIC] [TIFF OMITTED] T1005.033
    
    [GRAPHIC] [TIFF OMITTED] T1005.034
    
    [GRAPHIC] [TIFF OMITTED] T1005.035
    
    [GRAPHIC] [TIFF OMITTED] T1005.036
    
    [GRAPHIC] [TIFF OMITTED] T1005.037
    
    [GRAPHIC] [TIFF OMITTED] T1005.038
    
    [GRAPHIC] [TIFF OMITTED] T1005.039
    
    [GRAPHIC] [TIFF OMITTED] T1005.040
    
    [GRAPHIC] [TIFF OMITTED] T1005.041
    
    [GRAPHIC] [TIFF OMITTED] T1005.042
    
    [GRAPHIC] [TIFF OMITTED] T1005.043
    
    [GRAPHIC] [TIFF OMITTED] T1005.044
    
    [GRAPHIC] [TIFF OMITTED] T1005.045
    
    Mr. Horn. We thank you very much.
    Our next Chief Information Officer is John J. Callahan, 
Department of Health and Human Services.
    Mr. Callahan. Thank you very much, Chairman Horn and 
Ranking Member Congresswoman Maloney. We appreciate the 
opportunity to testify before the subcommittee today.
    I am also accompanied by Dr. Neil Stillman, who is the 
Deputy Chief Information Officer in the Department. We have 
submitted our testimony for the record, and I will summarize, 
as requested.
    The subcommittee is correct about the nature and the 
urgency of the problem. We at the Department are very cognizant 
of the need to have year 2000 compliant systems. We understand 
the sensitive nature of our various programs underneath our 
jurisdiction, and it is our intent, obviously, to meet the 
deadlines contained therein.
    Clearly, the subcommittee is also correct that there are 
different estimates of the severity of the year 2000 problem. 
Some say that we can't possibly succeed and we'll have massive 
failures of our computer systems. Others, I believe 
incorrectly, say it is a bit of a minimal problem, it is not 
rocket science--you've probably all heard that--and that we'll 
be able to get there from here.
    The Department, in general, views the problem as serious 
but manageable, and we feel that all our OPDIV's will meet the 
goal of having--operational divisions, will meet the goal of 
having year 2000 compliant systems.
    Let me briefly talk about the HHS response to the year 2000 
compliance problem. First of all, in the area of organization, 
we have to meet our year 2000 compliance plan problem along the 
lines of our operating divisions. We have 13 operating 
divisions, and they are all in the process of constructing and 
organizing their plans. We have CIO's in every single operating 
division, Deputy CIO's in each operating division, as well as 
day-to-day year 2000 compliance managers for those operating 
divisions.
    As to priority, both the Secretary and the Deputy Secretary 
have made this a top priority of the Department as well as I in 
my capacity as the Chief Information Officer. At this point, if 
I could, Chairman Horn, I would like to submit for the record a 
communication from the Deputy Secretary to that effect.
    Mr. Horn. Without objection, it will be inserted and 
printed in the record at this point.
    [The information referred to follows:]
    [GRAPHIC] [TIFF OMITTED] T1005.046
    
    [GRAPHIC] [TIFF OMITTED] T1005.047
    
    Mr. Callahan. We have just recently completed our personal 
meetings with all our operating division CIO's. We've gotten 
good reports from them. These reports form the basis for the 
material that was submitted to the committee.
    Second, the area of budget. You raise a good concern about 
the budget. Right now we estimate that we will have to spend 
somewhere on the order of $90.7 million through the year 2000. 
Seventy-eight percent of that will go to some of our most major 
agencies: The Health Care Financing Administration, CDC, and 
NIH. Currently we estimate that they can do this within this 
budget, but I will say also, I wear the hat as Assistant 
Secretary for Management and Budget and I can assure you that 
as we go through the budget process, both in the execution of 
the 1997 budget and the preparation of the 1999 budget, we will 
make sure that they have the resources for reprogramming or 
revised estimates for the year 2000 problem.
    Let me just give you a brief synopsis of the dimensions of 
the problem inside the Department and what we have achieved. 
All 13 of our operating divisions have completed their 
awareness phase of the year 2000 problem. We think they will 
complete their assessments of the year 2000 problem by March 
1997. We estimate that six of our operating divisions will be 
fully compliant by the end of 1997, one by 1998--this is 
calendar 1998--and we hope that the remaining OPDIV's will be 
finished up by 1999, hopefully the first quarter. But this is 
something that we'll look at closely.
    Of our 1,027 information systems, 389, we believe, will be 
year 2000 compliant at the end of 1997, 39 percent by 1998, and 
23 percent by 1999.
    The big ones are complex. You know the complexity of these 
systems. HCFA, for example, has 69 information systems. This is 
the agency that administers Medicare, Medicaid, and a variety 
of systems. They have 15.6 million lines of code to analyze and 
to determine the priority of their various systems. They are 
doing that now, and this is one of the agencies which we will 
take a close look at.
    The CDC, a different type of complexity: 230 information 
systems, 12 million lines of code, but their big problem is 
dealing with their external partners, State health agencies, et 
cetera, and they are now in the process of devising systems so 
that they will be able to accept a noncompliant year 2000 data 
system and make it compliant within their own systems.
    The FDA is replacing a good deal of its internal systems. 
They are pursuing an agency-wide system of architecture, and we 
feel that they are making good progress in that area.
    Then finally, NIH works with the university research 
community throughout the country in terms of making their 
systems compliant.
    Problems in meeting our year 2000 goal: Clearly, budget is 
one; you've correctly identified it. We are going to go back 
once again and ask them for very, very precise and prudent and 
reliable budget estimates, and those will be rolled into our 
budget process.
    Interface with external systems: This is also a major 
problem. Quite frankly, we cannot be sure that all State and 
local data systems that we interact with will be year 2000 
compliant. We intend to cooperate with the National Association 
of State Information Resource Management officials, and we will 
develop in each agency a system to make sure we only accept 
year 2000 compliant systems.
    We also need to continue to monitor with inside the agency 
our purchase of hardware and make sure we have the appropriate 
warranties which we will have and make sure the agencies use 
that 90-day period to ensure that their hardware is year 2000 
compliant.
    So in conclusion, Chairman Horn, we think the year 2000 
problem is a serious one. The Department on behalf of Secretary 
Shalala and Deputy Secretary Thurm would commend you for your 
oversight hearings, would urge you to keep them up; it may get 
painful at times, but it is a necessary process. We think it's 
a manageable goal, and we will try to meet it as best we can.
    Thank you.
    [The prepared statement of Mr. Callahan follows:]
    [GRAPHIC] [TIFF OMITTED] T1005.048
    
    [GRAPHIC] [TIFF OMITTED] T1005.049
    
    [GRAPHIC] [TIFF OMITTED] T1005.050
    
    [GRAPHIC] [TIFF OMITTED] T1005.051
    
    [GRAPHIC] [TIFF OMITTED] T1005.052
    
    [GRAPHIC] [TIFF OMITTED] T1005.053
    
    [GRAPHIC] [TIFF OMITTED] T1005.054
    
    Mr. Horn. Thank you very much.
    Our next witness has also been before us a number of times. 
The Associate Deputy Secretary of the Department of 
Transportation, Mr. Huerta, is now the Acting Chief Information 
Officer.
    Welcome.
    Mr. Huerta. Thank you, Mr. Chairman, Ranking Member 
Maloney, and members of the committee. Thank you for the 
opportunity to share with you how the Department of 
Transportation is addressing the year 2000 problem. Clearly 
this is one of the great challenges of the information age.
    For years we've been developing more and better computer 
systems to improve the way we do business and to improve our 
lives. Now, in just 34 short months, if we do not take 
appropriate actions, those systems we have come to depend on 
may fail us.
    At the Department of Transportation, we recognize that we 
cannot afford to allow our systems to fail. One of our critical 
missions is to ensure the safety of the American traveling 
public. Many of our systems, which we are discovering cannot 
operate in the year 2000, directly support that mission.
    Our goal is to renovate the year 2000 affected systems by 
December 1998. This will allow a full year to test and ensure 
smooth implementations that have no impact on our missions. We 
know this is ambitious, but we have little choice.
    I regret that our delayed and limited response to your 
April 1996 inquiry created an impression that the Department 
was not actively addressing this impending problem. In fact, 
several of our operating administrations were actively pursuing 
solutions to the year 2000 problem at that time. Admittedly, 
however, we did lack a consistent, high level departmental 
sense of urgency. Your inquiry elevated this issue from the 
program offices who operate the Department's systems to the 
most senior management levels in the Department.
    One change that occurred is that I was named the 
Department's Acting Chief Information Officer, and the 
responsibility for overall leadership in DOT on this issue now 
resides with me. I have on my staff a full-time project manager 
whose daily responsibilities include maintaining the 
Department's inventory of systems, tracking our progress, and 
sharing other Government agencies' best practices, as well as 
serving as a facilitator and clearinghouse of information for 
our 10 operating administrations.
    The Department's organizational structure and its many 
program offices and their supporting automation--hardware, 
software, and systems--makes solving this pervasive problem a 
real challenge. Consequently, we have placed the responsibility 
for corrective actions within our operating administrations. 
Each now has an active year 2000 program under the leadership 
of a senior executive. Also, they have the detailed knowledge 
of their systems and the mission requirement to fix problems in 
their systems.
    In order to ensure support from the top of each operating 
administration, I have personally briefed our Secretary's 
Management Council on the possible consequences if the year 
2000 problem is not solved. The Council is chaired by the 
Deputy Secretary and attended by the Deputy Administrators of 
all of the operating administrations.
    In terms of the year 2000 approach, the Department is 
generally following the five-phased best practices framework 
that you heard about earlier this morning and which is outlined 
by the Interagency Year 2000 Committee. These phases, of 
course, are awareness, assessment, renovation, validation, and 
implementation. We recently reported to the Office of 
Management and Budget that DOT has now substantially completed 
the awareness phase, will complete the assessment phase by 
December 1997, and the renovation phase by December 1998. The 
validation and implementation phases, which will run 
concurrently, will be completed by December 1999.
    As you can imagine, our operating administrations face 
different problems depending upon the complexities of their 
individual systems. In an October 1996 survey, we collected 
important information about 180 systems that were being 
evaluated for year 2000 problems. We've created a data base of 
information which will be essential for tracking our progress. 
We see the information collection process as dynamic and will 
continue to refine and update the data base as additional 
system assessments are completed.
    The information we now have provides a good foundation on 
which to build, but because all of the assessments have not yet 
been completed, it still lacks complete cost information. We 
will be requiring monthly updates to the data base from all of 
our operating administrations.
    A large and crucial piece missing from our initial 
inventory is information regarding the Federal Aviation 
Administration's air traffic control systems. Sophisticated 
assessments of the en route and terminal systems applications 
are currently under way at the FAA Technical Center in Atlantic 
City, NJ. The FAA expects to have the preliminary assessment of 
this component of the air traffic control system completed in 
May of this year.
    Another major portion of the air traffic control systems 
are the communications, navigations, and surveillance 
components. These components include radar weather systems, 
voice switching and recording, radio communications, radar 
systems, global positioning systems, and others. These systems 
are beginning their assessment which the FAA will complete by 
December 31. Once assessments of these systems are completed, 
they will be added to our inventory data base and of course 
will be prioritized and then renovated.
    As a final note on our status, I'm pleased to report that 
renovations are either under way or have been completed on 
several of our systems. These include the Department's 
Integrated Personnel and Payroll System and the Federal Highway 
Administration's Motor Carrier Management Information System.
    In our recent report to OMB, we provided preliminary cost 
estimates over the next 3 years of $80.4 million to address the 
year 2000 problem. This has since been updated to include an 
additional $10 million for the U.S. Coast Guard, who have 
completed their assessment. It is safe to assume that as our 
system assessments are refined, the assessment of all the air 
traffic control components systems is completed, that our cost 
estimates will change and may rise.
    In summary, the Department of Transportation has made good 
progress in elevating the urgency of the year 2000 problem 
across the Department. Additionally, management structures are 
in place in our operating administrations and in the Office of 
the Secretary to lead to corrective efforts. Our assessments of 
system vulner-abilities are ongoing and continue to improve.
    In some, albeit limited cases, systems have already been 
fixed to accommodate the year 2000. We also recognize, however, 
that we have a long way to go. Until we are finished with our 
assessment of the large, complex, and critical air traffic 
control systems, we will have only a partial picture of the 
magnitude of the work which we have ahead of us. Clearly, only 
the most effective use of the coming months will lead to 
success, and successful we must be.
    Thank you, and I would be happy to respond to any questions 
that you or members of the committee might have on anything 
that I have said this morning or anything that is contained in 
my written testimony.
    [The prepared statement of Mr. Huerta follows:]
    [GRAPHIC] [TIFF OMITTED] T1005.055
    
    [GRAPHIC] [TIFF OMITTED] T1005.056
    
    [GRAPHIC] [TIFF OMITTED] T1005.057
    
    [GRAPHIC] [TIFF OMITTED] T1005.058
    
    [GRAPHIC] [TIFF OMITTED] T1005.059
    
    [GRAPHIC] [TIFF OMITTED] T1005.060
    
    [GRAPHIC] [TIFF OMITTED] T1005.061
    
    [GRAPHIC] [TIFF OMITTED] T1005.062
    
    [GRAPHIC] [TIFF OMITTED] T1005.063
    
    Mr. Horn. Thank you very much.
    Our last witness on this panel is Mr. Mark D. Catlett, the 
Chief Information Officer for the Department of Veterans 
Affairs.
    Mr. Catlett. Good morning, Mr. Chairman and members of the 
committee. It is my pleasure to testify on behalf of the 
Department of Veterans Affairs this morning concerning the 
readiness of our computers for the year 2000.
    As VA's Chief Information Officer, I am working closely 
with VA's administration level CIO's in leading our efforts to 
become year 2000 compliant; that is, ensuring that our 
information systems will function correctly with the dates 
beyond 1999. We are taking numerous steps to ensure that the 
VA's information systems will provide uninterrupted service 
supporting benefits delivery and medical care.
    We have recently completed a year 2000 readiness assessment 
of the major VA organizations. Over 80 information systems 
professionals and managers were interviewed in Washington and 
various field locations.
    We hired a consultant to assess our plans, testing 
methodologies, contingencies, inventories, and cost estimates. 
The readiness assessment focused on our Cemetery System, our 
Austin Automation Center, the Veterans Benefits Administration, 
and our Veterans Health Administration. Let me summarize 
quickly in each of those areas.
    For our smallest line organization, our National Cemetery 
System, the information systems supporting our cemetery systems 
are fully year 2000 compliant. We just recently replaced the 
last noncompliant systems there in December 1996.
    At our Austin Automation Center, we have been addressing 
the year 2000 problem there since 1991 through planning and the 
required conversion of software. Almost 70 percent of 
production applications are year 2000 compliant now. Our 
automation center plan will have all systems compliant by 
September 1998.
    The Veterans Benefits Administration: they have been 
developing a comprehensive plan to ensure that their systems 
will be ready for the year 2000. VBA's goal is to have all 
systems compliant by November 1998. VBA is taking several 
tracks to ensure their systems will be ready.
    We are maximizing application redesign to solve the year 
2000 problem. Our Compensation and Pension Payment System 
replacement effort and our Education Payment System replacement 
effort will replatform many of our applications on to current 
technology and make them year 2000 compliant at the same time.
    Additionally, VBA is executing a contingency plan for our 
compensation, pension, and education systems, which are the 
systems that are the large payment systems for the veteran 
beneficiaries in this Nation, to ensure their continued 
operation past the year 2000 in the event that our above 
redesigned efforts are delayed--if we are delayed in meeting 
those delivery dates.
    For our Veterans Health Administration, the primary 
information system supporting our medical facilities is known 
as the Decentralized Hospital Computer Program. All DHCP, the 
acronym, applications use MUMPS programming language. ANSI 
standard MUMPS or M language is year 2000 compliant. However, 
we must verify that programmers have followed standard 
development and programming conventions for this primary 
software. VHA is developing a plan to analyze the entire DHCP 
product line portfolio to confirm that DHCP applications are 
year 2000 ready. VHA's goal is to complete any necessary code 
conversions by May 1998.
    VHA has begun development of a plan that includes schedules 
and contingencies necessary to mitigate year 2000 impacts, but 
has not completed an overall comprehensive plan. The plan will 
address areas beyond information systems, such as biomedical 
equipment currently in use at VA medical facilities, especially 
those that input patient data in our DHCP systems. This plan 
will detail how the VHA Year 2000 Project Office will support 
and assist our networks throughout the country to achieve 
compliance throughout the medical facilities in their networks. 
The plan for our VHA system will be completed by April 1997.
    In summary, VA organizations have developed detailed 
systems inventories, testing methodologies, individual project 
plans and contingencies. Our inventories and plans include such 
key elements as estimated lines of code, number of modules, 
operating systems and commercial off-the-shelf packages. 
Additionally, the individual system and COTS inventories 
include assessments of year 2000 compliance.
    We are also working with the Year 2000 Interagency 
Committee chaired by Ms. Kathy Adams. We will be working with 
the Office of Management and Budget and other appropriate 
agencies to resolve potential issues with biomedical equipment. 
We are confident that VA information systems will be well 
prepared for the coming millennium.
    I thank you for the opportunity to appear here today and 
will be glad to answer any of the questions that you or the 
committee Members may have.
    Mr. Horn. We thank you for your testimony.
    [The prepared statement of Mr. Catlett follows:]
    [GRAPHIC] [TIFF OMITTED] T1005.064
    
    [GRAPHIC] [TIFF OMITTED] T1005.065
    
    [GRAPHIC] [TIFF OMITTED] T1005.066
    
    [GRAPHIC] [TIFF OMITTED] T1005.067
    
    [GRAPHIC] [TIFF OMITTED] T1005.068
    
    [GRAPHIC] [TIFF OMITTED] T1005.069
    
    Mr. Horn. I thought I might just go in and ask several 
questions of one Department here to try to illustrate some 
points. It is going to be the Department of Transportation, 
partly because I sit on the authorizing committee as my other 
full-time job here. I noted that back in 1989, April 1989 to be 
exact, almost the same time the Social Security Administration 
got interested in the year 2000 problem and was way ahead of 
everybody else, a component unit of the Department of 
Transportation got involved, and that was the Federal Highway 
Administration, when they began their year 2000 activity.
    The obvious question comes to mind, why didn't someone at 
the Department of Transportation report up the chain of 
command, ``hey, we have got a problem here.'' Maybe you people 
in the other administrations, bureaus, divisions by whatever 
name also have a problem? What happened was that the Department 
of Transportation, when we sent our survey out, I and the 
ranking Democrat, asked to join me on this in April 1996, they 
were one of the two departments that really got an ``F'' on 
response, even though I have great respect for the Secretary 
then, and I have got great respect for the Secretary now. But 
something was going wrong in the chain of command when you have 
got one group, the Federal Highway Administration, knows there 
is a problem, starts dealing with it, and nobody else, 
including the Secretary, seems to know it is a problem. What 
happened?
    Mr. Huerta. I can't really explain what happened in 1989, 
nor when you sent out your initial inquiry of last year. I 
didn't even know there was such a thing as a year 2000 problem 
until August when I became the Acting CIO.
    I will say that we have identified as the major difficulty 
the communication of the urgency of the problem as was cited by 
the representatives of the GAO this morning. We agree with 
their assessment that the issue is essentially one of 
management. We must ensure that the Department's top-level 
managers, both within the operating administrations as well as 
in the Office of the Secretary, have a full and complete 
understanding of the urgency of this issue and are doing what 
they can to resolve it.
    What we have put in place is a regular reporting mechanism 
not only of progress, but also as part of the budget call. We 
are asking agencies to identify their year 2000 resources, as I 
mentioned in my testimony. That is an area that we will 
continue to refine as the assessments are underway.
    To talk a little bit about the Federal Highway 
Administration and some of the progress that they have made, I 
already mentioned that one of their motor carrier systems is 
pretty much taken care of. I would also like to point out that 
they have one system, their financial management information 
system, that I think is a rarity in the Government. It is a 
system that when it was originally programmed, was programmed 
with the 4-digit date field. Someone was clearly thinking ahead 
at that point.
    Some of the complexities we will need to deal within the 
Federal Highway Administration, however, are the interfaces to 
the States and the two territories that receive Federal aid 
funds. The Federal Highway Administration has been working 
closely with the American Association of State Highway 
Transportation officials in order to ensure that this issue is 
elevated to the highest levels within the State Departments of 
Transportation with which we need to link, to ensure that our 
data is not contaminated.
    Mr. Horn. That is a very good point. I know the Department 
of Labor has the same situation. HHS was mentioned, where you 
have got tremendous partnerships with the States, and we will 
get to that later.
    But let me pursue, one of the main concerns if authors 
Clinger, former chairman of the full committee, as we all know, 
now retired, or on the other body side, author Cohen, now 
Secretary of Defense, were here, one of the reasons they got a 
law through that said, pick a Chief Information Officer, was to 
elevate this whole area into the management team of a 
particular Department. I guess what bothers me a little is you 
are the Acting Chief Information Officer, but you have got a 
lot of other responsibilities. Is there a plan to bring in a 
Chief Information Officer for Transportation?
    Mr. Huerta. Absolutely, Mr. Chairman. You have correctly 
pointed out that I am acting, and no one more than I is looking 
forward to the day that this act ends.
    Mr. Horn. Good. I am glad you are such an easy sale on this 
because your colleague right next to you from HHS is also 
Assistant Secretary for Management, and I think you are also 
CFO, are you not?
    Mr. Callahan. That's correct.
    Mr. Horn. Here in Congress, this reminds me of the story 
when the President said he had created 11 million new jobs, and 
a woman said, ``Gee, I can believe that, I have three of 
them.'' Well, I didn't know he was creating them in the 
administration. You have got three of them.
    Mr. Callahan. That is correct.
    Mr. Horn. The question is, can we really get focused in 
this area when the Assistant Secretary for Management is also 
the Chief Financial Officer, is also the Chief Information 
Officer. What do you think, Mr. Callahan?
    Mr. Callahan. The particular situation in our Department is 
under discussion with the Office of Management and Budget about 
the long-term placement of the Chief Information Officer.
    I would offer to the subcommittee one insight, though. It 
is very important for that Chief Information Officer, whoever 
he or she is, to be really at the top level of the Department. 
I feel fortunate actually in having some of these 
responsibilities because we can sort of, quite frankly, apply 
more muscle to this problem than maybe some of our other 
counterparts in other agencies. That is, for example, as 
Assistant Secretary of Management and Budget, I have an extra 
degree of leverage with regard to making sure that we have the 
resources for the year 2000 problem. That may not be the case 
in some of the other agencies.
    So I think this is a matter that is under discussion with 
OMB, but I can assure you that this whole problem will not get 
done unless it has the full backing of the Secretary, the 
Deputy Secretary and the other top people.
    Mr. Horn. I agree with you on that, but I think the 
authors' view of this in both the CFO legislation and the Chief 
Information Officer legislation was that those individuals 
should be at the highest level management team in the 
Department. I mean, good heavens, 17 years ago in a university 
I had a Chief Information Officer in my management group, and 
believe me, nobody else around that table knew what he knew on 
resource management, computers, so forth, and that is why he 
was in the room. He participated in every single decision that 
the university made in the management area.
    What bothers me is all you wonderful managers and wonderful 
CFO's, your time is chewed up, and you cannot focus on the 
problem because you have got too much to do. While it is great 
when you have got it all in one hat and you can issue it as 
Assistant Secretary for Management, you can use any of these 
hats, I am just wondering if the job is really getting done, at 
least in the intent of Congress.
    Mr. Huerta.
    Mr. Huerta. Mr. Chairman, just to talk some about how we at 
the Department of Transportation are setting up our CIO's 
office. I think one of the things that is a major significant 
point is that we are actually creating the office as a new 
entity on the core management team of the Secretary. It is for 
that reason that I initially got involved in it. Then Secretary 
Pena asked if I could convene a group of all of our operating 
administrations to look at how best to take this important 
responsibility given to us by the Information Technology 
Management Reform Act and make it real within the Department of 
Transportation. He was quite specific in saying that we do not 
simply want to take something that we are already doing and 
call it the Chief Information Officer. We needed to rethink 
that. We now have created the CIO position, and we are 
aggressively recruiting for it.
    Mr. Horn. Let me pursue some of the things in 
Transportation. I agree with you, and you agree, apparently, 
that we had a little communication problem there when one of 
the agencies is way ahead of everybody else and nobody else 
knows it, including the Secretary. But the Federal Aviation 
Administration's air traffic control modernization was 
certainly one of the most troubled information technology 
acquisitions we had, and I am not sure where we are on that. 
Maybe you could educate this committee on where we are.
    I remember my freshman year, 1993, going with the then 
chairman, Mr. Oberstar, chairman of the Aviation Subcommittee, 
out to look at it, and Mr. Mica, who is a fellow subcommittee 
chairman in this group, and I went, and you could tell just 
walking through the situation that they didn't know what they 
were doing, and several billion was being expended. Now we read 
in the paper about IRS, $4 billion down the drain. My problem 
is I don't understand why they don't catch it at the $1 million 
mark, not the $4 billion mark. Where are we in the FAA on that 
situation as it relates to the year 2000? Obviously they can 
solve that problem, they have got the storage capacity now, but 
go ahead.
    Mr. Huerta. The FAA has been working quite aggressively to 
fix the problems that they encountered in the modernization of 
the air traffic control program. Under Dr. George Donohue, who 
is Associate Administrator for Research and Acquisition, he has 
set up a very clear set of milestones and regular progress 
reports all the way up to the Secretary in terms of what is 
going on.
    I have personally participated in many briefings on the 
current status of FAA's modernization program, and I have been 
impressed that some of the old difficulties that we saw in the 
previous contracts, things like mission creep or requirements 
being added and so forth, simply are not happening in this 
instance. The program offices are able to maintain their 
calendar and maintain their budget estimates as things get 
refined and implemented. And we have had some success in 
introducing new equipment in many key FAA facilities around the 
country.
    Having said that, while we feel that the modernization 
program has turned around and is on track, we recognize that we 
need to also plan for the contingency that some elements of the 
older systems may still be operating by the year 2000, and that 
is what a lot of the ongoing assessment in FAA is looking at. 
It is clear that in the new systems which are being acquired, 
we have required that they will be year 2000 compliant. 
However, we want to make sure that we cover those 
contingencies.
    Mr. Horn. I now yield 8 minutes, since I went over, to the 
ranking Democrat, Mrs. Maloney.
    Mrs. Maloney. Thank you very much, Mr. Chairman.
    I would like to ask all of the panelists the same question 
and just have you go down the panel from State to Defense to 
Labor and all the way down. First, have you completed a survey 
of all of your systems as to the millennium problem, yes or no?
    Ms. McClenaghan. Yes.
    Ltg. Paige. No, we have not completed the survey. The 
assessment phase is still ongoing.
    Mrs. Maloney. Is still ongoing. When do you expect to 
complete the assessment stage?
    Ltg. Paige. By the first of April.
    Mrs. Maloney. By the first of April.
    Ms. Lattimore. We have completed our survey and are working 
on the second phase.
    Mr. Callahan. We have just about completed our survey. We 
will be through by the end of March.
    Mrs. Maloney. By the end of March?
    Mr. Callahan. Yes.
    Mr. Huerta. We have conducted one survey and have 
substantially completed a big chunk of it. The two pieces which 
are outstanding are air traffic control, which we expect to 
complete in May, and radar systems, which we expect to complete 
at the end of the year.
    Mr. Catlett. We have completed our survey at the VA.
    Mrs. Maloney. Second, I would like to ask all panelists, 
again starting with State, after completing your survey, have 
you prioritized those systems that absolutely must be fixed, 
that are the ones that are the most critical, and made a 
priority list so that they will be addressed first?
    Ms. McClenaghan. Yes, we have.
    Mrs. Maloney. Could we get a copy of that list then?
    Ms. McClenaghan. We will be happy to submit that with the 
testimony.
    Ltg. Paige. In the Department of Defense, each of the 
military departments will prioritize their own systems. 
Agencies will prioritize their systems. We will furnish you 
that information if you would like a copy of it.
    Ms. Lattimore. Attached to the Department of Labor's 
submission was a chart that listed our 58 mission-critical 
sensitive systems that we believe are our priority ones. Those 
are the systems that deal with benefits, entitlements and the 
fiduciary systems that interface with the States.
    Mr. Callahan. Our operational divisions will have that 
classification fully complete by the end of March, but we have 
made considerable progress both in the Health Care Financing 
Administration and CDC. They have classified their systems as 
to how critical they are, and we will provide that full 
information to the committee.
    Mr. Huerta. In our submission to the committee, we 
identified systems as either being mission-critical or not. We 
intend to refine that, particularly as we complete the 
assessment phase.
    Mrs. Maloney. Which will be when?
    Mr. Huerta. As I mentioned a little bit earlier, we will 
complete the air traffic control components in May and in 
December.
    Mr. Catlett. We have not prioritized at this point. We will 
have that completed in the spring.
    Mrs. Maloney. Thank you. And would you, when you complete 
it, submit it to the committee?
    Again, I would like to ask all of the panelists, again 
beginning with State, do you have a way to test your systems 
once the fixes have been made?
    Ms. McClenaghan. We are establishing a plan which will be 
complete in June of this year on how to test those individual 
systems. It depends upon whether it is the platform that is not 
compliant or whether it is the application, or the operating 
system, or the combination there of.
    Mrs. Maloney. Defense.
    Ltg. Paige. As you know, we have plenty of experience in 
testing systems, and we do have a way, methodologies, and 
plans, to test all of our systems.
    Ms. Lattimore. Our systems will have a detailed plan for 
testing and implementation by June of this year.
    Mr. Callahan. Our systems also will have a detailed plan 
for testing and improvement, and we will be actually testing 
some of them, and they should be compliant by, as I mentioned, 
a number, by 1997.
    Mr. Huerta. We intend to have testing plans, and as we 
indicated in our submission to the committee, it is our 
intention to spend the entire last year doing testing and 
implementation.
    Mr. Catlett. We will use our current testing methodologies, 
but as noted in terms of the schedule, many of those fixes will 
be completed in 1998, but all of them will have the year 1999 
to finish any testing that will be needed.
    Mrs. Maloney. We look forward to the results from those 
tests.
    Mr. Chairman, I have no further questions.
    Mr. Horn. Thank you very much.
    The gentleman from Virginia, Mr. Davis.
    Mr. Davis of Virginia. Thank you very much.
    Let me ask each of you, having seen the administration's 
budget submissions at this point for what they are asking for 
this program, are you all confident that in your various 
agencies and departments that you can deliver on the year 2000 
with what has been requested so far, or are you willing to keep 
an open mind at this point and maybe say you might want to 
amend the earlier submission? I will take silence as just 
saying you are happy with where things are at this point.
    Mr. Callahan. As also the budget officer for the Department 
of Health and Human Services, we did request a specific line 
item in the 1998 budget for the Health Care Financing 
Administration of $15 million, and we will continue to 
scrutinize those budget estimates very carefully, and if there 
is a need for reprogramming or reallocation within existing 
resources, we will bring that to the attention of the 
Secretary, and we will also be very vigorous in this regard in 
terms of putting together the fiscal year 1999 budget.
    Mr. Catlett. Mr. Davis, I would like to make a point here. 
As GAO noted and from what I understand of it, that report that 
OMB has prepared is the compilation of our estimates. I think 
there is a factor there that we need to understand and all come 
to a common agreement on.
    We did not include the cost for replacing systems, instead 
of recoding. So those systems that we are replacing aren't 
reflected here, and primarily the reason is that the year 2000 
is not the only reason that we are replacing those systems. We 
need to replace old systems. That work has been underway for 
some time.
    Mr. Davis of Virginia. In fact, originally when we went to 
two numbers, everybody figured they would be replaced by this 
time, is that not part of the rationale, and they haven't been 
done in many cases?
    Mr. Catlett. Yes. So again, working with you and working 
with OMB, I think we all ought to come to some understanding, 
if we want to split some of that cost and assign it to year 
2000, we may need to do that. But we didn't intentionally leave 
it out. It's just the fact that there are other reasons, 
primarily service delivery in our case, that we are replacing 
those systems.
    Mr. Davis of Virginia. Let me ask Ms. Lattimore, when OMB 
reported 2 weeks ago to this subcommittee on the cost of the 
year 2000, they indicated that the Department of Labor's costs 
were only $15 million over several fiscal years. But I also 
notice in the Department's submission to the subcommittee you 
have made a $200 million new-needs budget request to cover the 
Federal Government's share of the cost of year 2000 conversions 
for State programs such as for unemployment insurance.
    I guess my question would be, will the States be ready in 
time, are they ahead of or further behind the Federal 
Government in addressing the year 2000 problem? What steps are 
the States and the Department taking to avoid the consequences 
of receiving corrupt data from nonyear 2000 compliance systems? 
What are the consequences of corrupted data slipping through, 
and didn't the Office of Management and Budget's estimate of 
$15 million fairly dramatically understate the real budget 
impact for DOL for the year 2000?
    Ms. Lattimore. We believe the $15.2 million based on the 
information we have to date and the assessment we've conducted 
to date is accurate. The $200 million was in grant money, not 
appropriation to the Department, to meet what we felt was the 
Federal share of what we believed to be a $477 million price 
tag to appropriately handle the conversion for our interface 
with the unemployment insurance from the States.
    Mr. Davis of Virginia. That is not in the administration's 
budget, to your knowledge, is it?
    Ms. Lattimore. In fiscal year 1998?
    Mr. Davis of Virginia. Yes.
    Ms. Lattimore. Yes, it is. It is specifically there for 
that purpose.
    Our work with the States, to date--we find them to be, I 
would say, a little bit behind the Federal Government. We are 
working with the States, with the State employment security 
agencies as recently as last week, with all of their 
representatives, in Florida; and we have some ongoing sessions 
planned with them to ensure that they are able from the State 
side to work for the year 2000.
    We have the Federal aspects to ensure that we are able to 
receive the data either through appropriate conversions or we 
will have bridges built. We will be able to accept their data, 
transmit data, not allow it to corrupt our data in our systems; 
and that will be fully ready significantly prior to the 2000 
conversion date. We are working with them, though, to be 
assured that they will also be able with their internal systems 
to not just give us information and get money, but their 
systems will be able to disseminate that money within the 
State.
    So it is a two-pronged approach that Federal information 
technology systems have to work, but, in turn, our systems 
don't do the States any good if we don't help them get their 
systems up to speed whereby they can then properly disseminate 
those benefits and entitlements.
    Mr. Davis of Virginia. And you have got 50 States that are 
all giving us different priorities. I notice Nebraska has done 
a tobacco tax, a cigarette tax, to pay for that. I don't think 
that would fly up here. I would support it, but I don't think 
it is going to fly up here for getting additional money. But I 
think States are at different levels.
    Ms. Lattimore. There will be 52 different plans and 
different approaches, which is why we're working with the State 
employment security agencies. None of them will be alike or 
few. If they're alike, it will be by accident.
    Mr. Davis of Virginia. But you think the OMB estimate--
remember you're going to be back here next year and the year 
after; their estimate of $15 million fairly dramatically--you 
think it is a realistic budget impact for DOL for the year 2000 
problem?
    Ms. Lattimore. It's what we've provided OMB. If we find as 
we move through these step processes that we have 
underestimated that, we will be back again with hat in hand.
    Mr. Davis of Virginia. Just to make sure I give you some 
room to maneuver there. Does anyone else want to add or 
supplement?
    Ltg. Paige. I can assure you that the figures that we 
presented to OMB, we furnished them reluctantly because we 
figured that, first, somebody would try to hold us to the 
figures.
    Second, as far as we're concerned, the figures are not very 
important in terms of getting on with the job because we've 
tried to emphasize to everyone, not to use the year 2000 
expecting that it will provide funds to bank other things. 
We've tried to emphasize that there are no dollars coming; they 
will have to prioritize from within their organization.
    Ms. McClenaghan. At the Department of State, as I have 
mentioned, we are undergoing a modernization effort, so we're 
going to have to forgo some of those modernization activities 
in response to year 2000; but our numbers are the best numbers 
we could have at this time.
    Mr. Davis of Virginia. Our concern here is that if we don't 
get it in the appropriation process, we can't factor it in. And 
then you are taking away from other projects; sort of robbing 
Peter to pay Paul and setting different priorities.
    I know there are variables in this. I worked for a computer 
software company for many years before I came here. There are a 
lot of variables as we go through this. One of them is just 
getting good people, trying to get good COBOL people at this 
point. Their price is going up and up and up the longer we 
delay.
    Let me ask Mr. Huerta if he'd want to comment, and also on 
January 1, 2000, are you going to be flying the first plane out 
to make sure everything is working straight?
    Mr. Huerta. I will probably be on that plane as a way of 
ensuring that it does comply.
    Mr. Davis of Virginia. I will be after you on the next 
plane.
    Mr. Huerta. Regarding our estimate, we had estimated $80.4 
million to OMB, as I mentioned in my opening remarks this 
morning. We have since increased that by $10 million, based on 
the U.S. Coast Guard having completed their assessment. And we 
have two large assessments that are currently under way with 
FAA.
    Mr. Davis of Virginia. We are not trying to put anybody in 
a ``gotcha'' situation. We just want to know what it is so we 
can make the appropriate judgments from here.
    Thank you all very much.
    Thank you, Mr. Chairman.
    Mr. Horn. I might add, listening to who is going to be in 
the first and second plane, when it comes to dealing with 
computers, I learned 20 years ago, don't be the alpha site, 
don't be the beta site, be the next one. Then I think we're 
safe.
    I now am delighted to yield to the gentleman from Illinois, 
Mr. Davis.
    Mr. Davis of Illinois. Thank you very much, Mr. Chairman.
    Ms. McClenaghan, you may have answered part of the 
question, but I note that during your testimony you indicated 
that solving the year 2000 problem would require the diversion 
of scarce resources from new developments. What kind of new 
developments are you talking about?
    Ms. McClenaghan. Sitting here with my friend from DOD, 
we're looking at the defense message system as an 
implementation to replace our aging cable and information e-
mail system, and we would have to delay spending funds on that, 
as an example.
    Mr. Davis of Illinois. Thank you very much. That might lead 
right to my next question.
    General Paige, I didn't hear any projections relative to 
cost from Defense.
    Ltg. Paige. We submitted, in the response on February 12th, 
that it was about $970 million. Since that time it has 
increased to about $1.2 billion. I submit that as we continue 
the assessments, that figure will continue to rise. However, 
again, we are not going to come and ask for an additional bank 
of money to solve this problem.
    Mr. Davis of Illinois. So even though the cost may continue 
to go up----
    Ltg. Paige. We are concerned with the cost because Congress 
is concerned and OMB is concerned.
    Mr. Davis of Illinois. I would certainly say that everybody 
around here seems to be concerned a great deal about it.
    Mr. Huerta, you indicate that the FAA would complete its 
assessment phase by the end of December 1997.
    Mr. Huerta. That's correct.
    Mr. Davis of Illinois. GAO indicates that that's going to 
be about 6 months later than we need to be. How would you 
propose to make up that time?
    Mr. Huerta. The FAA is completing their assessment in 
phases. They have done their administrative work, which is 
essentially complete at this point. Their focus on air traffic 
control, that's a very significant system in and of itself, 
that we expect will be completed by May.
    What is lagging to December are radio navigation systems, 
which is again one component and an extremely important 
component, but we're not holding up renovation of the wholesale 
FAA system pending completion of every last piece of it. 
Instead, we will immediately jump into renovation of specific 
systems as we've assessed the components of them.
    Mr. Davis of Illinois. And so you would have made enough 
progress to be comfortable?
    Mr. Huerta. We don't have any choice.
    Mr. Davis of Illinois. Thank you.
    My last question, Mr. Chairman, is to Mr. Catlett.
    I know that the Veterans Administration is currently 
undergoing some reorganization. How does this impact upon, or 
does it impact upon, the preparation for corrective action?
    Mr. Catlett. Mr. Davis, I don't believe it will have much 
of an impact. The reason for that is, the reorganization 
referred to is in our health administration. As I noted in my 
testimony, the basic system that supports all of our health 
care applications is year 2000 compliant. So the work we have 
to do is at the local level, where they have made interfaces or 
made adjustments to the software, to make sure that those local 
applications are made compliant now, if they have done 
something beyond the capacity of the basic software. So that 
is, as I described it, in our health care system.
    I think our challenge there is broad but shallow. I mean, 
there's a lot of places where they have to check, but the fixes 
for those shouldn't be very significant in terms of the cost or 
the time. So that is an issue that I don't believe has to get 
raised to the new organizational level that you're referring to 
in our health care administration.
    Mr. Davis of Illinois. Thank you very much.
    I have no further questions, Mr. Chairman.
    Mr. Horn. Thank you very much.
    Let me pursue a few closing questions; then we'll ask the 
General Accounting Office to come back briefly.
    In the case of the Department of Veterans Affairs' 
submission to the subcommittee, it stated that the assessment 
had not been completed on the possible impact of the year 2000 
computer problem on biomedical equipment. Is that correct?
    Mr. Catlett. Yes, sir.
    Mr. Horn. With HHS, Mr. Callahan, is that the same 
situation there where HHS, Health and Human Services, has not 
really looked at the impact on biomedical equipment?
    Mr. Callahan. The critical agencies here, Congressman Horn, 
as we understand it, are FDA and NIH; and we have already met 
with them, alerted them to this particular problem. I think FDA 
will be coming back to us with a plan vis-a-vis their 
laboratory equipment, as will NIH; and we will supply that to 
the subcommittee.
    Mr. Horn. Do we have any sense of what medical diagnostic 
and laboratory equipment we are talking about that would be 
affected by this?
    Mr. Callahan. They have a wide variety of equipment out 
there in their labs and testing labs and in their clinics, and 
we'll provide that for the record.
    Mr. Horn. OK. If you would, we would be grateful. We think 
it is a problem we ought to be sure is handled.
    Mr. Callahan, in the subcommittee's prior hearings, which 
we held jointly with Mr. Shays' committee, on the Health Care 
Financing Administration and the new Medicare Transaction 
System for processing claims, a serious problem seemed to be 
identified, including missed deadlines, poor management.
    The original plan had been to roll out this new claims 
processing system, as I remember, in the fall of 1999. The 
deadline has now been scrapped, the existing claims processors 
are now making the year 2000 changes to their software. If the 
Medicare claims processing contractors encounter even a 
fraction of the delays that the Department has already 
experienced developing that Medicare Transaction System, then 
there is a real risk that after December 31, 1999, Medicare 
claims will not be processed in a timely manner. I think you 
alluded to that in your statement.
    So I guess what I am interested in, since this has such a 
major impact on American society, what assurances can you give 
the public, Medicare beneficiaries, and the Members of 
Congress, whose caseworkers in the district office will be 
flooded with requests if it does not work, and to the health 
care providers that rely on these billions of dollars in 
payments, that these claims will be paid when they are supposed 
to be paid after December 31, 1999?
    Mr. Callahan. HCFA is approaching this on a two-part, 
double-track basis. You are correct in the assessment that the 
Medicare Transaction System is a major system that is being 
looked at under the Investment Technology Management Review 
Act. It has been the subject of prolonged discussions between 
the Department and the Office of Management and Budget and will 
be with the Appropriations Committees very, very shortly.
    Mr. Horn. What is the nature of the discussion between the 
Department and the OMB?
    Mr. Callahan. On MTS, the basic discussion has been on the 
overall cost of moving to a Medicare Transaction System and the 
savings that will result.
    Aside from the schedule of putting into effect all the 
appropriate software, getting dedicated sites for the 
processing of the Medicare claims, there has also been a 
concern about how much will we actually save. There will be 
information provided, I'm sure, to this subcommittee and others 
about the savings that HCFA estimates can occur from a unified 
Medicare Transaction System that will prevent duplicate claims, 
et cetera, and those are being looked at by the Office of the 
Actuary.
    So we're trying to determine all the appropriate savings 
that can be made. We're trying to determine the appropriate 
costs over the many years that this thing will be put into 
effect.
    At the same time, HCFA has assured us that there is a 
double-tracking of their current contractor systems to make 
sure that they are year 2000 compliant, and we are moving, as a 
matter of fact, to a claims processing function that is outside 
of MTS that will have one Part A contractor and one Part B 
contractor that will be year 2000 compliant.
    So we're moving on this on two tracks, but I'm not going to 
kid you, this is a very, very delicate, complex project, and it 
is the subject of very intense discussion right now between the 
Department, the administration, your committee and the 
Appropriations Committee.
    Mr. Horn. I think you are very wise to have a dual-track 
system. I know every university that changed over, from some 
wonderful people at the window that did it by hand and suddenly 
did it by computerization, when the system crashed, they had to 
figure out how to go back and do it by hand for a while.
    Is this debate between OMB and the Department partly over a 
sort of government-controlled system totally or the role for 
private contractors on a regional basis?
    Mr. Callahan. The final MTS system would be contractor-
owned and contractor-operated. It is a question of how many 
contractors that we have processing claims.
    As you and other members of the committee would know, at 
one time we had a large number of contractors processing our 
claims. It was determined not only from the Congress, but by 
OMB, that we wanted to reduce those numbers of contractors. We 
have been doing that and this is one of the ways we would like 
to still try to go. But it is a complex project and we have to 
put together appropriate cost estimates on the spending side to 
get those savings that we are confident of once we get the 
system in operation.
    Mr. Horn. I yield to the ranking Democrat who has a 
followup question in this area.
    Mrs. Maloney. It is really a brief question to the State 
Department, which so far is earning an ``A'' in their readiness 
and response time and in responding to the ``00 crisis'' and 
having our computers ready for the millennium problem.
    You stated that you really are thinking ahead, both onshore 
and offshore, and that our computer system will be working. 
What about our interaction with foreign computer systems? Have 
you put any thought into that, which may not be responding 
adequately to the millennium problem?
    Ms. McClenaghan. The Department of State does not have any 
interconnection with foreign computer systems.
    Mrs. Maloney. None whatsoever?
    Ms. McClenaghan. None whatsoever.
    But we are concerned about our officers receiving reports 
in paper form or off the Internet or other kinds of 
publications and whether they can discern whether the data as 
contained in those reports is from compliant systems.
    Mrs. Maloney. Thank you very much.
    Ms. McClenaghan. You are welcome.
    Mr. Horn. Let me go to you, General Paige. As we saw in the 
Gulf war, modern warfare depends on the interconnection of very 
sophisticated electronics and linking the weapons with command 
and control systems, which is your bailiwick in the Department 
of Defense.
    I am curious if weapons systems are at risk of 
malfunctioning because of bad data coming from command and 
control systems which are not compliant. What is the worst case 
you have identified with such a malfunction?
    Ltg. Paige. I would have to give that some thought, but 
right offhand, I would say the most significant system today 
that is not compliant is GPS, that it will have more impact 
than anything else. Yet I have no doubt that GPS will be ready, 
along with all the other weapons systems and command and 
control systems in the Department of Defense.
    Mr. Horn. What is the nature of the problem with the GPS 
system? That seems such a simple thing; I wouldn't see how the 
year 2000 is connected other than in a maintenance schedule.
    Ltg. Paige. I have Mr. James from Air Force. Maybe he can 
explain that.
    Mr. James. Sir, the problem as I understand it----
    Mr. Horn. Could I just swear you in quickly.
    [Witness sworn.]
    Mr. Horn. Proceed.
    Mr. James. I'm Bill James from the Office of----
    Mr. Horn. Why don't you use a microphone, too, if you can 
get through that phalanx.
    Ltg. Paige. If you prefer, I will give you a followup, a 
written answer to the question.
    Mr. Horn. OK. But could you respond orally, though, at this 
point?
    Mr. James. Yes, sir.
    Quickly, the problem, as I understand it, is that the 
satellite itself is not at issue; it is the ground station 
handling of the signals
and that the software and the ground station, all that will be 
fixed in time.
    We'll followup with the specific information for you.
    Mr. Horn. Please, if you would.
    [The information referred to follows:]
    [GRAPHIC] [TIFF OMITTED] T1005.070
    
    Mr. Horn. In fact, to all of you, there will be questions, 
if you don't mind, that we will send down to you. We would 
appreciate your usual cooperation in giving us an answer. We 
will put them in the record at this point or where the relevant 
testimony is on that problem.
    Does any member of the committee have any further 
questions? If not, I thank you very much.
    [The information referred to follows:]
    [GRAPHIC] [TIFF OMITTED] T1005.071
    
    [GRAPHIC] [TIFF OMITTED] T1005.072
    
    [GRAPHIC] [TIFF OMITTED] T1005.073
    
    [GRAPHIC] [TIFF OMITTED] T1005.074
    
    [GRAPHIC] [TIFF OMITTED] T1005.075
    
    [GRAPHIC] [TIFF OMITTED] T1005.076
    
    [GRAPHIC] [TIFF OMITTED] T1005.077
    
    [GRAPHIC] [TIFF OMITTED] T1005.078
    
    [GRAPHIC] [TIFF OMITTED] T1005.079
    
    [GRAPHIC] [TIFF OMITTED] T1005.080
    
    [GRAPHIC] [TIFF OMITTED] T1005.081
    
    [GRAPHIC] [TIFF OMITTED] T1005.082
    
    [GRAPHIC] [TIFF OMITTED] T1005.083
    
    [GRAPHIC] [TIFF OMITTED] T1005.084
    
    [GRAPHIC] [TIFF OMITTED] T1005.085
    
    [GRAPHIC] [TIFF OMITTED] T1005.086
    
    [GRAPHIC] [TIFF OMITTED] T1005.087
    
    [GRAPHIC] [TIFF OMITTED] T1005.088
    
    [GRAPHIC] [TIFF OMITTED] T1005.089
    
    [GRAPHIC] [TIFF OMITTED] T1005.090
    
    [GRAPHIC] [TIFF OMITTED] T1005.091
    
    [GRAPHIC] [TIFF OMITTED] T1005.092
    
    [GRAPHIC] [TIFF OMITTED] T1005.093
    
    [GRAPHIC] [TIFF OMITTED] T1005.094
    
    [GRAPHIC] [TIFF OMITTED] T1005.095
    
    [GRAPHIC] [TIFF OMITTED] T1005.096
    
    [GRAPHIC] [TIFF OMITTED] T1005.097
    
    [GRAPHIC] [TIFF OMITTED] T1005.098
    
    [GRAPHIC] [TIFF OMITTED] T1005.099
    
    [GRAPHIC] [TIFF OMITTED] T1005.100
    
    Mr. Horn. I am going to ask the General Accounting Office 
to come back and take your seats, and we will round out this 
hearing.
    Let us know if you have got any problems and we can be of 
help in prodding a few people in OMB and other places. But my 
basic understanding with the Director is that it is reprogram 
money, not new money, so save those pennies at the year spend-
out period.
    Mr. Willemssen, let me ask if, in listening to the 
testimony of the Chief Information Officers, do you have some 
concerns you have gathered from some of that testimony; and, if 
so, what are they? And is GAO planning any followup efforts 
that might be affected by that testimony?
    Mr. Willemssen. I think my overriding reaction is the wide 
degree of variability you see on a readiness scale among the 
six Departments. Some are way ahead of the game; others are 
clearly not. And in some cases where they are clearly not, we 
are talking about a very critical agency. So there is clearly a 
wide degree of variability.
    As I mentioned up front, our approach is going to be, and 
already has been, to go into those agencies where an impact of 
a failure on the year 2000 would most affect the general public 
and evaluate how well the agencies are implementing their 
programs; and to the extent they are not doing what we think 
they should, we are going to be reporting that.
    We will be reporting out this spring and summer on Veterans 
Administration, and the Department of Defense. We will probably 
have some preliminary things to say about the Social Security 
Administration and possibly the Federal Aviation 
Administration; and we will also be reporting on an agency you 
brought up just a few minutes ago, the Health Care Financing 
Administration and the Medicare Transaction System. We will 
definitely have a report on that in a few months, and we will 
be prepared to talk about that in more detail at that time.
    Mr. Horn. I suspect there are some agencies perhaps we 
should have invited today. Based on GAO's analysis of at-risk 
programs within those agencies, the question would be, do they 
relate to the year 2000 problem?
    Mr. Willemssen. I guess one other critical one that comes 
to mind is, obviously, the Internal Revenue Service. The impact 
on the public could be fairly traumatic with a year 2000 
failure there. But, other than that, you have a pretty good 
cross-section here.
    One thing to maybe consider down the road is also bringing 
in some of the component agencies, who are really closer, 
hands-on, to what may be actually going on.
    Mr. Horn. To what degree will you review the State 
activities with some of these Federal-State partnerships, HHS, 
Labor, other agencies that have those relationships that go 
back 50, 60, 70 years? Should we be looking at that?
    Mr. Willemssen. That is an area of concern.
    The major assignment we have recently initiated that will 
be looking at that is at the Social Security Administration. As 
you are aware, SSA is considered to be further out front than 
any other agency; and one of the reasons we wanted to go in 
there was to see if we could find any lessons learned that 
could be applied to other agencies.
    But there is a critical interface issue there with some of 
the State systems that we will be closely evaluating, and to 
the extent we can identify some improvements and corrective 
actions we will point those out.
    Mr. Horn. Does any member of the minority, the ranking 
member, have any additional questions?
    Mrs. Maloney. Yes, thank you, Mr. Chairman.
    First of all, from the testimony we heard earlier from the 
previous panel, some were well along the road to completing the 
task and others had quite a long way to go. What incentives can 
you recommend that we could use to give these agencies to get 
them moving quicker and more accurately on this problem, those 
that need to?
    Mr. Willemssen. The best incentive that you can have is to 
continue having hearings such as these and continually asking 
the departments and agencies where they are at. In doing that, 
bring up to them what they said they were going to do several 
months ago and where are they at today.
    Mrs. Maloney. Earlier I was handing out a grade to one of 
the agencies. Based on the testimony that you heard, would you 
grade the agencies on where you think they are?
    Mr. Willemssen. I would be reluctant to do that.
    Mr. Horn. Are you a product of the sixties or what? No 
grades; everybody's at the top of the class?
    Mr. Willemssen. Once we have completed evaluations at 
specific agencies, I will be more than happy to answer that 
question.
    Mr. Horn. Good. We will bring you in, and you and I can 
flip if there's a tie. We might have incompletes next time, not 
just A, B, C, D and F.
    Mrs. Maloney. We will certainly need an early warning 
system for those that are in a critical situation. How soon do 
you think you will have before us a developed early warning 
system?
    Mr. Willemssen. Late this spring and early this summer, we 
should be in a position to begin sounding warnings on specific 
agencies. We do not have anything in place and planned yet that 
is government-wide in nature.
    We are a bit reluctant to do that, in view of the fact that 
OMB is now planning a quarterly reporting system. So we are a 
bit reluctant to overload too many of the departments and 
agencies with additional reporting requirements.
    We did consider that early on. We are standing pat right 
now and trying to work with OMB.
    Mrs. Maloney. Mr. Chairman, I think we should get OMB here 
for their early warning system, then.
    I have no further questions. Thank you.
    Mr. Horn. Mr. Davis.
    Mr. Davis of Illinois. Nothing, thank you.
    Mr. Horn. Thank you very much.
    And now I would like to conclude the hearing by thanking 
the staff that helped in the preparation.
    Our staff director for the Subcommittee of Government 
Management, Information, and Technology is J. Russell George, 
who is right behind me; and to my left, the counsel assigned 
for this particular area, so you will be hearing from him, and 
he is safe for employment for the next 4 years on this problem, 
is Mark Uncapher, who is counsel to the subcommittee; and 
Andrea Miller, our clerk, who helped put the hearing together.
    And for the minority professional staff, Mark Stephenson; 
David McMillen; and my own office, David Bartel, the chief of 
staff; and Matt Phillips, who has handled the communications 
and press aspects.
    We thank, too, our official reporters, Pam Garland and Bill 
Odom; and, with that, this hearing is adjourned.
    [Whereupon, at 12:05 p.m., the subcommittee was adjourned.]

                                   - 
