United Nations

A/53/574


General Assembly

Distr. GENERAL  

4 November 1998

ORIGINAL:
ENGLISH




                                                       A/53/574
       
                                                       Original: English

       
General Assembly
Fifty-third session
Agenda item 160
Global implications of the year 2000 
  date conversion problem of computers


       Steps taken within the United Nations system to resolve the
            year 2000 date conversion problem of computers


                   Report of the Secretary-General


        I.     Introduction


1.   The General Assembly, at its fifty-second session,
adopted resolution 52/233 entitled "Global implications of
the year 2000 problem of computers". In that resolution, the
Assembly requested the Secretary-General "to report to the
General Assembly at its fifty-third session on the steps taken
within the United Nations system and with Member States
to resolve this problem". The present report summarizes the
various actions taken by the United Nations system to
address this matter.

2.   The year 2000 problem or "millennium bug" stems
from the fact that many hardware and software systems use
only two digits to identify the year. If not converted by the
target date of 31 December 1999, these systems will
recognize "00" not as the year 2000 but 1900. Electronic
systems that are not year-2000-compliant and that involve
processes based on dates will shut down, or produce
meaningless or misleading results, or revert to some other
date. Since all equipment configurations with embedded
systems that use chips or code, and handle dates, could be
affected, the problem is not limited to computer systems.
As a result of this problem, compounded by the possibility
of a domino effect, whole systems of the economy and
critical government operations could experience significant
disruptions.

3.   It is becoming increasingly clear that there is a very
low probability that all potentially affected systems will be
identified and converted by the deadline. Virtually all
efforts to remedy the millennium problem are focused on
systems deemed to be mission-critical, that is, those where
a malfunction could have serious consequences to the work
of Governments, organizations and companies in the private
sector.


       II.     Status of year 2000 compliance
               within the United Nations
               Secretariat


4.   The Secretariat has put significant effort into ensuring
that all its mission-critical systems will continue to operate
correctly. Through the Information Technology Services
Division (ITSD) within the Office of Central Support
Services of the Secretariat, departments at Headquarters and
at offices away from Headquarters have been made aware
of the seriousness of the year 2000 problem, and efforts for
its resolution have been coordinated at different levels
covering all areas that would be potentially affected.

5.   Information technology services in the Secretariat are
decentralized. ITSD is responsible for the maintenance and
operation of the wide area network and technological
infrastructure and enterprise applications at Headquarters.
A special project team is in charge of the development and
implementation of the integrated management information
system (IMIS). Departmental applications are supported by
the respective departments. The local information
technology infrastructure and software systems at the
regional commissions and offices away from Headquarters
are managed autonomously by those offices. The
responsibility for year 2000 compliance follows that
delineation. ITSD functions as focal point for coordinating
and monitoring year 2000 activities Secretariat-wide.


        A.     Steps taken by Headquarters


6.   As early as December 1996, a memorandum was
issued by ITSD to all heads of department explaining the
year 2000 phenomenon, advising them to review all
departmental computer applications for year 2000 impact,
and suggesting that the necessary budgetary provisions be
made to ensure the availability of adequate funds to replace
or reprogram non-compliant applications. As a follow-up
to that memorandum, in July 1997, a survey to assess the
level of compliance of software applications was issued by
ITSD to all members of the provisional Information
Technology Coordination Committee. Finally, in November
1997, a report was prepared by ITSD at the request of the
Ad Hoc Working Group on Informatics of the Economic and
Social Council, outlining the approach adopted by the
Secretariat for meeting the year 2000 challenge.

7.   Year 2000 activities gathered momentum again in May
1998 when the Director of ITSD requested departments and
offices to examine, for compliance, all equipment not
considered to be computer equipment but using embedded
chips, such as fire alarms, security systems, elevators and
conference support systems. At the same time, the Assistant
Secretary-General of the Office of Central Support Services
issued a memorandum to all heads of department and offices
requesting a report on what measures had been taken by
each office regarding the year 2000, what degree of
compliance had been achieved so far, what strategies had
been adopted to achieve full and timely compliance, and
what problems could be anticipated.

8.   At the request of the Secretary-General, the Board of
Auditors conducted a quick study in order to assess the
preparedness of United Nations Headquarters, funds and
programmes, as audited by the Board, for managing the year
2000 issue. The Board surveyed the information and control
systems at Headquarters and in 14 funds, programmes and
other bodies. The survey was based on a questionnaire
issued in connection with the above-mentioned
memorandum from the Assistant Secretary-General of the
Office of Central Support Services to all departments and
offices and was followed up by interviews with offices in
New York.

9.   In order to obtain an independent review of the year
2000 preparedness of the Secretariat, a request for proposal
was prepared by ITSD to carry out an overall risk
assessment and recommend solutions for all affected
applications and equipment. The objective of the request
was to perform a year 2000 impact analysis that covers
applications, databases, telecommunications systems and
computer hardware and software. Although the management
of departmental end-user software is decentralized and
under the responsibility of the departments and offices
concerned, those applications were included in the request
for proposal. The contractor is further required to prepare
a complete inventory of the applications. A contractor has
been selected and the study is expected to be completed by
the beginning of 1999. IMIS and the United Nations Joint
Staff Pension Fund were excluded from the study, since it
was decided to address those areas separately.

10.  A summary of the current status of compliance of
various elements of the technological infrastructure is given
below.


        1.     Telephone systems

11.  A contract for upgrading the software that controls the
private automatic branch exchange (PABX) and related
systems has been signed. The upgrade will make this service
fully year-2000-compliant. Implementation is expected to
be completed in 1998.


        2.     Message switch

12.  Financial provisions have been made to replace the
present facilities with a year-2000-compliant system. This
project will be completed by the fourth quarter of 1999.


        3.     Local area network

13.  The operating system of all servers and related
software is being upgraded with compliant and vendor-certified 
versions. Decentralized servers are currently being
consolidated and replaced by compliant equipment that will
be located in a central computer room. The upgrade project
for the network switches and routers that was initiated in
1997 has been completed. The network environment is
expected to be year-2000-compliant by the beginning of
1999.


        4.     Personal computers

14.  The 5,200 personal computers connected to the local
area network of Headquarters have recently been replaced
by state-of-the-art hardware and software making the
desktop environment fully compliant.


        5.     Wide area network

15.  A significant part of the United Nations network
consists of facilities leased from commercial operators.
Those service providers, such as the International
Telecommunications Satellite Organization, AT&T and
others, have still to confirm that their operations are 
year-2000-compliant. The United Nations part of the operation
will be independently validated through the impact analysis
mentioned earlier. Timely corrective action to ensure
compliance of all components will be taken on the basis of
the recommendations of the study.


        6.     Mainframe facilities

16.  The mainframe systems of the Secretariat were
relocated to Geneva in 1996 and are now managed by the
International Computing Centre. The operating system and
other commercial software run on the computers of the
Centre are year-2000-compliant. The mainframe operation
of the Centre has been made available to users for
compliance testing of their applications. To facilitate the
impact analysis, a detailed schedule for the tests is being
coordinated by ITSD with the respective user departments.


        7.     Test environment for non-mainframe
               applications

17.  A model environment replicating the basic hardware
and software components of the United Nations network has
been set up by ITSD to allow users to test departmental
personal-computer and server-based applications for
compliance.


        8.     Equipment configurations with embedded chips

18.  The different departments of the Secretariat are taking
actions including contacting vendors to seek formal
assurance of compliance and replacing equipment as
required to ensure that mission-critical services such as
elevators, security and conference support systems will
continue to be operational beyond the deadline.

19.  The status of compliance of enterprise and
departmental applications varies, depending on when the
systems were first introduced. Older software is less likely
to be compliant. In particular, legacy off-the-shelf software
packages will have to be replaced by new products. As part
of the impact analysis to be conducted by a contractor, those
systems will be assessed and detailed recommendations will
be made. A review of the most mission-critical systems has
already been completed.


        9.     Integrated management information system

20.  The IMIS application is year-2000-compliant by
design. In the system itself, all dates are composed of eight
digits. A new version of the operating system for the
hardware was successfully tested at one duty station and will
soon be installed on all machines with the UNIX operating
system, including those used for purposes other than IMIS.
The implementation of IMIS has greatly reduced the year
2000 exposure of the United Nations that would have arisen
if legacy systems to support finance, procurement, personnel
etc. continued to be in production beyond the year 2000. At
Headquarters, releases 1, 2 and 3 are in production and
release 4 (payroll) is scheduled to be implemented by mid-1999. 
In order to avoid risks resulting from major
unexpected problems in connection with the implementation
of IMIS release 4, the current payroll system is also being
upgraded and applications interfacing with IMIS are being
reviewed for compliance.


       10.     Optical disk system, e-mail, Internet and other
               enterprise applications

21.  Plans to upgrade the software and other facilities
associated with the optical disk system, e-mail, the Internet
and other enterprise applications are in place and will be
updated as part of their natural life cycle. Already to date,
most of the enterprise applications are considered year-2000-compliant.


       11.     Departmental applications

22.  Departmental applications are computer applications
designed to meet the specific needs of processes that are
unique to individual departments, such as statistical
analysis, library systems and simulation models. An
inventory of those applications and a summary of the current
status of preparedness of individual departments of the
Secretariat was presented by the Board of Auditors in a
study entitled "Study report of the Board of Auditors on the
preparedness of the United Nations for managing the year
2000 issue". That report, together with the independent risk
assessment that will commence shortly, will provide the
basis for a detailed examination of exposure in connection
with specific data calculations, which will then be ranked
to determine priorities for remedying the software so as to
minimize the possible impact on the work of the
Organization.


        B.     Steps taken by offices away from
               Headquarters


23.  Offices away from Headquarters are in different stages
of preparedness. A briefing document and questionnaire was
circulated to those offices early in 1998, and an update of
their activities in this area is expected in response to a
request from Headquarters issued in September 1998.

24.  Most offices away from Headquarters depend on IMIS
to replace their legacy administrative applications with a
system that is year-2000-compliant. On a transitional basis,
the current system will have to be maintained for retroactive
processing and reporting. All duty stations with the
exception of the Economic and Social Commission for
Western Asia (ESCWA) have undertaken to upgrade their
payroll and accounting systems to be year-2000-compliant.
IMIS releases 1 and 2 have been implemented in all offices
away from Headquarters. Plans for the implementation of
releases 3 (accounting) and 4 (payroll) in all offices away
from Headquarters are currently being formulated. Releases
3 and 4 will become operational at ESCWA during 1999.
The schedule for the other duty stations will depend on local
conditions.

25.  The majority of the financial applications of the
United Nations Office at Vienna are maintained by UNIDO.
Work by UNIDO on compliance of those mainframe
applications has started and is to be completed by the end
of March 1999. The key components of the network of the
Office are already year-2000-compliant and other hardware
and software elements will be replaced by mid-1999.

26.  To build awareness among staff, the Economic
Commission for Europe (ECE) has published a year 2000
note on their intranet. A detailed strategy for making the
ECE environment year-2000-compliant has been developed
and work to remedy all hardware and software problems by
the deadline is under way. ESCWA has set up a year 2000
task force, appointed focal points for all critical areas, and
defined a detailed action plan that is being implemented.

27.  The United Nations Office at Nairobi provides
information technology services to the United Nations
Environment Programme (UNEP) and the United Nations
Centre for Human Settlements (UNCHS). The year 2000
issue is being addressed as part of an extensive system
conversion project initiated in 1996 with the objective of
integrating UNEP and UNCHS applications on a common
platform.

28.  Similar work is in progress at the other offices away
from Headquarters. The Economic Commission for Africa
is in the process of replacing most of its information
technology infrastructure. The new hardware and software
solutions will be fully year-2000-compliant. All old systems
will be decommissioned by the end of 1999. The Economic
and Social Commission for Asia and the Pacific (ESCAP)
has been investigating since early 1997 the question of 
in-house preparedness, and has compiled an inventory list of
business-critical systems. Suppliers of the building
automation system, elevators, telephone systems etc. have
been contacted and requested to provide formal compliance
statements or recommendations for remedial action.


        C.     Contingency planning


29.  Although mission-critical systems like IMIS are
already fully year-2000-compliant, the need for contingency
planning is recognized by the Secretariat. Even if the power
supply and telecommunications infrastructure operated by
the United Nations are fully compliant, links to external
systems make them vulnerable. The possibility of a domino
effect may have a negative impact on all applications and
equipment configurations that have an interface with
external systems. Contingency planning should identify such
interdependencies.

30.  Among the non-critical systems, not all may be
converted in time and some compliance aspects may be
overlooked. A contingency plan should make provision for
crisis management, dealing with system failure and ensuring
operational recovery; but most importantly, it should
identify priorities and specify levels of performance
degradation that the Organization can temporarily work
with.

31.  The paradigm of contingency planning is that in an
environment that is facing a problem, a solution can be
found by resorting to external resources that remain
unaffected by the problem. However, since the year 2000
date conversion is a global concern, that assumption does
not apply. Contingency planning for the year 2000 thus
appears to be only partly a technical exercise, but mostly
a management issue. The focus must be on identifying
people and facilities that are essential for minimizing
damage and putting a management structure in place that
will effectively address problems.

32.  The Secretariat is taking action along those lines.
ITSD is establishing a monitoring system that will make it
possible to track progress in compliance at the departmental
level and at offices away from Headquarters. For the time
immediately after the deadline, a crisis management
structure will be created and human and technical resources
will be identified that will be on alert to address potential
problems.


        III. Status of year 2000 preparedness of
             other United Nations organizations


33.  Regarding issues of information technology, including
the year 2000 problem, funds and specialized agencies of
the United Nations system report to their respective
governing bodies. The role of the Secretariat vis-a`-vis those
organizations is limited to disseminating information,
coordination and participation in the work of inter-agency
bodies such as the Information Systems Coordination
Committee of the Administrative Committee on
Coordination (ACC).

34.  The Secretary-General, in a letter dated 30 October
1998, brought General Assembly resolution 52/233 to the
attention of the members of ACC and stressed the need for
greater coordination and cooperation in the area of
information technology beyond the year 2000 issue. The
issue was first raised by the Under-Secretary-General for
Management on behalf of the Secretary-General at the high-level 
meeting of the Consultative Committee on
Administrative Questions (CCAQ) held in February 1998.
Follow-up action taken in connection with the above-mentioned 
resolution is expected to be on the agenda of the
CCAQ meeting scheduled for early 1999.

35.  Some of the programmes, funds and specialized
agencies of the United Nations system are in an early stage
of assessment and planning, while others are already
compliant or in the process of conversion or replacement
of their systems. The study by the Board of Auditors
referred to above (paragraph 22) gives a detailed report of
the actions taken and the current status of preparedness of
the different organizations.

36.  Although each organization is responsible for its own
year 2000 compliance programme, the need for coordination
has been recognized. The ACC Information Systems
Coordination Committee has created formal mechanisms for
the exchange of information and sharing of experiences on
the activities undertaken. The Information Systems
Coordination Committee, in cooperation with the year 2000
focal points of the International Labour Organization and
the International Monetary Fund, has developed pages on
the World Wide Web that will be used, within the restricted
Web site of the Information Systems Coordination
Committee, to collect input from organizations for further
analysis and to facilitate its discussion of the year 2000
problem. Those activities are being very well supported by
the individual organizations. Status reports concerning year
2000 compliance of participating organizations are
available on-line and tabulated information on essential
systems and services is regularly updated.

37.  Further, the Information Systems Coordination
Committee, in cooperation with the World Intellectual
Property Organization, has developed a year 2000
compliance checklist that covers automated systems and
equipment with embedded microdevices that should be
checked for compliance. The Web site of the Committee
also provides cross-references to other Web sites of the
United Nations system, including those of programmes and
funds, dealing with the year 2000 issue.

38.  The Information Systems Coordination Committee,
at its sixth session in October 1998, considered the
development of further system-wide reporting mechanisms
that have become necessary in connection with the
implementation of Assembly resolution 52/233. The
individual organizations will continue to report internally
to their governing bodies regarding year 2000 compliance.


        IV.  Steps taken with Member States to
             resolve the year 2000 problem


39.  The Ad Hoc Open-ended Working Group on
Informatics of the Economic and Social Council has taken
the lead in raising awareness among Member States of the
nature of the year 2000 problem and actions to be taken.
The report on international cooperation in the field of
informatics submitted by the Secretary-General to the
Council (E/1998/44) outlines the steps taken by the
Working Group to build awareness among Member States
and permanent observer missions of the seriousness of the
problem.

40.  The General Assembly, in its resolution 52/233, calls
upon the Council to prepare guidelines on which Member
States may be able to draw in addressing the diverse aspects
of the year 2000 problem. To facilitate the work of the
Council, the Working Group has drafted guidelines
summarizing best practices for assessing and solving year
2000 problems and for establishing contingency plans. The
guidelines were circulated as an official document of the
Council (E/1998/85). In the above-mentioned letter to ACC
dated 30 October 1998, the Secretary-General drew
attention to paragraph 6 of resolution 52/233, in which the
Assembly requested him to ensure that the United Nations
system would facilitate the dissemination of relevant
information on funding possibilities to assist developing
countries and countries with economies in transition to
address the year 2000 problem.

41.  ESCAP, at its fifty-fourth session, expressed deep
concern about the year 2000 problem and urged all
Governments in the region to make its resolution a high
priority. ESCAP is assisting Governments in that task
through its standing newsletters ("Government
computerization newsletter", December 1997 and June 1998
issues) and through meetings and conferences. A year 2000
workshop held in June 1998 was organized jointly with the
Statistical Institute for Asia and the Pacific and attended by
23 national statistical offices. The ESCAP Committee on
Statistics will follow up that initiative at its eleventh session
to be held in November 1998. Reports on ESCAP year 2000
activities and related documents are available on-line on the
Internet.

42.  ESCWA is coordinating a regional network of focal
points in both the public and the private sector. Year 2000
awareness will be raised through a media campaign and a
regional conference organized by ESCWA. Activities to
create capabilities for providing advisory missions to
countries in the region are under way. Similar action has
been taken by other regional commissions and United
Nations organizations.

43.  The World Bank and other organizations in the United
Nations system are considering coordinated action
concerning year 2000 outreach to developing countries to
ensure that all efforts within the United Nations system have
optimum impact and that overlapping and duplications are
minimized. In an approach similar to the one proposed in
the above-mentioned guidelines (E/1998/85), the World
Bank is conducting a campaign aimed first at raising
awareness, then at providing guidelines on best practices
to client country Governments in the design of national
strategies and programmes.

44.  Given the conferences, specialized publications and
journals already available, as well as the proliferation of
information disseminated through Internet sites of agencies,
vendors and other organizations, the United Nations, with
its limited resources, cannot aspire to making significant
contributions beyond what is already being done by others.



        V.     Concluding remarks


45.  In an increasingly networked world, computerized
systems exchange data. The systems are often owned and
managed by different entities, and in those circumstances,
the failure of one to achieve year 2000 compliance may
have an impact on the operations of others that are fully
compliant. The recognition of a domino effect created by
non-compliant data that are passed through a network has
led to the understanding that the millennium bug is not
limited to the technical level and individual computer
systems, but is also a management and coordination
problem.

46.  There are a number of estimates of the global costs of
resolving the year 2000 problem that differ considerably.
For the United Nations, it is important to distinguish
between those activities which are year-2000-specific, such
as the impact assessment study and code remediation in
applications, and those which result in year 2000
compliance but are a part of the normal life cycle of
computer systems. Equipment is replaced on a regular basis
and software is upgraded independently of the year 2000
deadline.

47.  In 1997, when the budget for the biennium 1998 1999
was prepared, no special provisions were made to address
the year 2000 issue. Given the importance of the year 2000,
the relevant projects and activities in the context of the
reform initiatives of the Secretary-General are being funded
from existing resources on a priority basis. Replacement
projects and upgrading originally scheduled for the
biennium 2000-2001 had to be initiated earlier, to ensure
system compliance by the end of the current biennium.
Since the highest priority has been given to the above-mentioned 
activities, other projects are only progressing
within the limits of the remaining resources.

                           -----

 

This document has been posted online by the United Nations Department of Economic and Social Affairs (DESA). Reproduction and dissemination of the document - in electronic and/or printed format - is encouraged, provided acknowledgement is made of the role of the United Nations in making it available.

Date last posted: 10 January 2000 10:05:30
Comments and suggestions: esa@un.org