MEMORANDUM

 

TO:                  James M. Eagen III

                        Chief Administrative Officer

 

FROM:            Robert B. Frey III

                        Deputy Inspector General

 

DATE:            December 21, 1999

 

SUBJECT:      Audit Report - Year 2000 Testing and Contingency Planning Efforts

                        Should Minimize Risk of Date Related Failures (Report No. 99-CAO-09)

 

     This is our final report on the Chief Administrative Officer’s (CAO) progress in identifying and resolving Year 2000 issues.  The objectives of this audit were to assess the status of CAO Year 2000 compliance testing efforts; adequacy of business continuity and system contingency plans; and status of compliance with prior audit recommendations.  In this report, we did not identify any conditions requiring corrective action and no recommendations were made.

 

     In response to our November 5, 1999 draft report, your office concurred with our report.  The December 1, 1999 management response is incorporated in this final report and included in its entirety as an appendix.

 

     We appreciate the courtesy and cooperation extended to us by your staff.  If you have any questions or require additional information regarding this report, please call me or Christian Hendricks at (202) 226-1250.

 

cc:       Speaker of the House

Majority Leader of the House

Minority Leader of the House

Chairman, Committee on House Administration

Ranking Minority Member, Committee on House Administration

Members, Committee on House Administration

 

YEAR 2000 TESTING AND CONTINGENCY PLANNING EFFORTS SHOULD MINIMIZE RISK OF DATE RELATED FAILURES

 

I.  INTRODUCTION

 

Background

 

Complete and thorough Year 2000 compliance testing is essential to provide reasonable assurance that new or modified systems process dates correctly and will not jeopardize the House’s ability to perform core business operations after January 1, 2000.  Moreover, since the Year 2000 computer problem is so pervasive, potentially affecting systems software, applications software, databases, hardware, firmware and embedded processors, telecommunications, and external interfaces, the requisite testing is extensive and expensive.  This audit, the fourth in a series of Office of Inspector General (OIG) Year 2000 reviews, concentrated on determining the adequacy of the Chief Administrative Officer’s (CAO) Year 2000 compliance testing and business continuity and contingency planning.

 

During the quarter ending September 30, 1999, the CAO completed Year 2000 compliance testing on critical House systems, including the Member and staff payroll contingencies, the fixed asset contingency, mainframe operating system upgrades and remaining House Information Resources (HIR) renovated mainframe applications.  As criteria for testing, the CAO adopted the General Accounting Office (GAO), Year 2000 Computing Crisis: A Testing Guide.  The guide describes key processes for effectively designing, conducting, and reporting test results.  The testing process consists of several phases (i.e. unit, software integration, systems acceptance and end-to-end testing) performed in a sequential order of increasingly more complex levels of testing.  Successful testing at the more complex levels is dependent upon complete testing at the lower levels.  For example, unless interfacing systems have been thoroughly tested on their own, it would be much more difficult to isolate and correct errors that occur in end-to-end testing of several systems simultaneously. 

 

Unit testing is performed to verify that individual software subprograms, subroutines or procedures work as intended.  Software integration testing verifies that units of software, whether subprograms, programs, or applications, work together as intended after they successfully pass unit testing.  System acceptance testing is performed by and for users to determine that the complete system, consisting of the renovated software program, target hardware, and systems software satisfies the users’ functional, performance, and security

requirements.  Finally, end-to-end testing verifies that a defined set of interrelated systems operate as intended in a live production environment. 

 

Concurrent with the testing effort, the CAO continued development of Business Continuity and Contingency Plans (BCCP) using the GAO, Year 2000 Computing Crisis: Business Continuity and Contingency Planning Guide as criteria.  The guide describes four phases for reducing the risk and potential impact of Year 2000 induced information system failures on core business processes.  The first phase, Initiation, involves establishing a business continuity project work group, strategy, and master schedule.  The second phase, Business Impact Analysis, assesses the potential impact of mission critical system failures.  The third phase, Contingency Planning, identifies contingency plans and implementation modes and triggers, develops a “zero day” strategy and procedures for the period between December 30, 1999 and January 3, 2000 and establishes business resumption teams.  The final phase, Testing, validates the business continuity strategy.

 

Objective, Scope, And Methodology

 

The audit objectives were to assess, as of October 31, 1999, the status of the CAO unit, integration, acceptance and end-to-end Year 2000 compliance testing efforts; the adequacy of the Business Continuity and System Contingency Plans; and status of prior audit recommendations.  The audit methodology involved selecting three projects from the CAO Year 2000 Program Plan for detailed review based on mission criticality, reported status, visibility, and other risk factors affecting the testing efforts.  The projects selected included the Office Accounting for Windows, the Financial Management System (FMS) Staff Payroll Contingency and the Fixed Asset Contingency.  The Office Accounting for Windows was selected for review because it was the first to implement the CAO’s Year 2000 compliance testing methodology.  The FMS Staff Payroll Contingency project was selected for review because the staff payroll replacement system will not be ready for operation by January 1, 2000, increasing the need for a successful testing process.  Likewise, the Fixed Asset Contingency was selected for review because the Fixed Assets Information Management System (FAIMS) replacement would not be ready for operation by October 1, 1999, the start of the House 2000 fiscal year.  We assessed each project by reviewing available documentation, conducting interviews with key personnel, and comparing test results to test plans.  For contingency planning, we attended bi-weekly planning meetings, conducted interviews with key personnel and compared House plans to the GAO, Year 2000 Computing Crisis: Business Continuity and Contingency Planning Guide.  Finally, we evaluated the adequacy of actions taken by management to correct specific conditions noted in prior audit reports.

 

Our audit covered the period January 8, 1999 through October 31, 1999, and was conducted in accordance with Government Auditing Standards issued by the Comptroller General of the United States.

 

Internal Controls

 

During the review, we evaluated internal controls over the Year 2000 initiative.  The internal control issues we identified are described in the Results of Review section of this report.

 

Prior Audit Coverage

 

The OIG first addressed Year 2000 issues in an audit report entitled, Improvements Are Needed In The Management And Operations Of The Office Of The Chief Administrative Officer,

(Report No. 96-CAO-15, Finding F), dated December 31, 1996.  The finding concluded that House Year 2000 activities needed the benefit of a team leader assignment, an assessment of office level systems within the House environment, and an analysis to determine the impact of phasing out legacy application systems. 

 

The audit recommended that the CAO prepare a comprehensive Year 2000 strategy for the Committee on House Oversight’s (CHO)[1] review and approval.  The Acting CAO concurred with the audit recommendation.  Subsequent management actions were adequate to close the recommendation.

 

The OIG conducted its first follow-up audit entitled, House Needs to Refocus Its Efforts To Meet the Year 2000 Deadline, (Report No. 97-CAO-13), dated September 29, 1997.  This audit recommended that HIR institute project management controls over the process, revise and prepare follow-on documentation related to the Year 2000 plan, revise Year 2000 cost estimates, and update budget requests.  Further recommendations were to coordinate data exchange issues with external organizations, adopt standard Year 2000 compliance contract language for information technology procurements, and expedite decisions regarding the replacement of mission critical information systems.  The CAO concurred with the recommendations.  Subsequent management actions were adequate to close the recommendations.

 

Because of the Year 2000’s critical nature and inflexible deadline, the OIG conducted its second follow-up audit entitled, Prompt Actions Needed to Meet the Year 2000 Deadline,

(Report No. 99-CAO-01), dated January 8, 1999.  This audit recommended that HIR conduct comprehensive system acceptance and end-to-end testing on all applications, system software, and hardware to ensure they will work properly in the Year 2000; acquire replacement systems for several non-Year 2000 compliant systems; complete renovation work on the Fixed Asset Contingency project; document all Year 2000 renovations; develop business continuity and contingency plans; and finally, revalidate its resource estimates for Year 2000 resources. The CAO concurred with the recommendations.  Subsequent management actions evaluated during this review were adequate to close the recommendations.  (See Exhibit for the status of these prior recommendations.) 

 

II.  RESULTS OF REVIEW

 

Based on the projects reviewed, we concluded that the CAO Year 2000 compliance testing methodology was both structured and adhered to best business practices.  For the systems reviewed, the Test Teams complied with the Year 2000 Test Plan procedures.  Also, the CAO’s House-wide Business Continuity and Contingency Plans (BCCP), while not finalized as of the end of our fieldwork, complied with best business practices and adequately address threats that may affect House operations as a result of potential Year 2000 problems.  The House is preparing its BCCP in concert with the Legislative Branch Year 2000 Coordination Group Capitol Complex contingency planning that at the end of fieldwork had also not been finalized.[2]  While no significant findings were noted during the review, some minor observations and suggestions for improvement were provided under separate cover to CAO management. 

 

Year 2000 Compliance Testing.  We evaluated CAO Year 2000 compliance testing for the Office Accounting for Windows, the Financial Management System (FMS) Staff Payroll Contingency and the Fixed Asset Contingency projects and found the process to be adequate, complete and in conformance with best business practices.  For the three systems reviewed, the Test Teams complied with the CAO’s Year 2000 Test Plans.  Due to the different renovation techniques employed for the Fixed Asset Contingency project, we assessed its four mainframe applications; i.e., Office Systems Management (OSM) COBOL, OSM (Natural) NATOES, Office Furnishing Systems (OFS), and Information Resources Inventory (GIS) [3] based on the Year 2000 renovation technique.  For the OSM COBOL application we performed a detailed analysis due to the potential implementation risk associated with the CAO using the interim “date encapsulation[4]” renovation technique.  Conversely, we did less testing in the OSM, OFS, and GIS applications due to the lesser implementation risk associated with the CAO using the  “date expansion[5]” renovation technique. 

 

For the Office Accounting for Windows and the OSM COBOL applications, we performed a detailed mapping of critical Year 2000 Test Plan steps to the Test Report to assure the Test Team executed test steps in accordance with Test Plan objectives.  Our audit efforts focused on the following critical Test Plan steps: preparation of related project documents; meeting important milestones; reporting; carrying out unit and system tests; independently validating test results; monitoring deviations; producing test deliverables; scheduling testing and rating compliance.  For the FMS Staff Payroll Contingency, OSM (Natural) NATOES and OFS applications we narrowed our review to verifying that the Test Team tested applicable dates in the Year 2000 Test Plan; captured, logged, and tracked testing deviations; and obtained written user acceptance of the renovated and tested applications.  Finally, for the OSM COBOL and FMS Staff Payroll Contingency, we reviewed the adequacy of user acceptance testing efforts.

 

For the three systems reviewed, we validated that the Year 2000 Test Plans were complied with.  Specifically, that all applicable dates were tested; deviations were documented and resolved; independence between system user, Test Team members and application specialists was maintained; and status reports reflecting the results were accurate.  We also noted an effective use of automated testing tools such as HourGlass (advances system date) and Hipersation (captures production data and replays in a test environment).

 

 

 

 

Our review of CAO testing processes revealed the following internal control strengths, that will minimize the risk of date related failures in House systems on or after January 1, 2000.  Specifically, we noted that: 

 

·       The Year 2000 Test Plan phases and dates covered the test scenarios recommended in the

GAO, Year 2000 Computing Crisis: A Testing Guide.

·       Test Reports providing documentary evidence supporting the execution of critical test plan steps were required.

·       Automated testing tools were available and used effectively and efficiently.

·       Deviations in testing results were required to be captured, logged and tracked through successful resolution.

·       Separation of duties between the Application Specialists, Test Team and system users was defined to help ensure the integrity of testing process.

• Users were required to provide written acceptance of system compliance based upon their independent functional, performance, and security testing.

·       Test monitoring was performed and documented through Test Team status reports and the quarterly Year 2000 Program Plan.

 

Business Continuity and Contingency Plans.  The House’s Business Continuity and Contingency Plans (BCCP) while not finalized as of the end of our fieldwork, complies with best business practices and adequately addresses threats that may affect House operations as a result of potential Year 2000 problems.  To assess the adequacy of the BCCP, we attended the bi-weekly CAO contingency planning meetings chaired by the Year 2000 Program Manager, conducted interviews with key personnel, mapped the draft House-wide Contingency Planning for the Year 2000 Guide (i.e. BCCP) to the GAO, Year 2000 Computing Crisis: Business Continuity and Contingency Planning Guide and participated in a peer review of the individual House entity contingency plans.

 

Our review of the process to develop the BCCP revealed the following strengths in the draft House-wide Contingency Planning for the Year 2000 Guide.  These strengths should help ensure continued operation in the event that renovated and tested House systems encounter unanticipated Year 2000 problems; information and data provided by governmental partners causes a failure in the House; or public infrastructure services-including power, water, transportation, and voice and data telecommunications are interrupted.  Specifically, we noted that the guide:

 

·       Implements the requirements of the GAO, Year 2000 Computing Crisis: Business Continuity and Contingency planning Guide.

·       Establishes communications methods prior to, during and after the Year 2000 weekend between the Legislative Branch Critical Incident Command Center (CICC), Clerk,

 

 

 

Sergeant at Arms (SAA) and Chief Administrative Officer Coordination Centers[6] and Members and staff.

·       Addresses functional testing of critical systems over the New Year’s weekend.  Personnel assigned to critical House system Business Resumption Teams will test system functionality.  If a Business Resumption Team determines a system is not functional due to a Year 2000 failure, the team will implement the system’s contingency plan.

·       Establishes roles, responsibilities and Year 2000 duties for the Clerk, SAA, CAO and the Business Resumption Teams.

·       Addresses Year 2000 readiness seminars for Members and staff; training for Clerk, SAA and CAO personnel who have Year 2000 duties; and testing of contingency plans. 

·       Provides a roadmap of major activities, by business process, that will be undertaken during the remainder of 1999 to prepare the House for the New Year’s weekend.

·       Requires for individual House entities to develop their own detailed contingency plans to supplement the House-wide Contingency Planning for the Year 2000 Guide.

 

At the end of audit fieldwork, the guide was being staffed through the House officers for approval.  The guide will not be finalized, however, until the Legislative Branch Coordination Group Capital Complex contingency plan is complete.  Close coordination with the Legislative Branch initiative is imperative to the success of both plans.  At the end of audit fieldwork, no date has been set for final approval of the plans.

 

Conclusion

 

Based on the test work performed, it is our opinion that the CAO has followed a structured and best practices approach in testing critical House business processes for Year 2000 compliance and in planning for Year 2000 contingencies.  Based on our prior audit work and the CAO’s timely resolution of the issues raised in our audit reports, we believe the House has minimized the risk of date related failures that may arise on or after January 1, 2000.

 

Recommendations

 

No recommendations resulted from this review.

 

 

 

Audit Report/Recommendations	Implementation Status	Comments on Corrective Actions Taken And/Or Planned	Date of Completion
Audit Report No. 99-CAO-01, entitled Prompt Actions Needed to Meet the Year 2000 Deadline, dated January 8, 1999:
1.  Complete testing guidance for Year 2000 project managers by November 30, 1998.	Closed	House Information Resources prepared revised guidance based on comments received for the OIG staff and others.  The last item needed in the guidance, a sample test plan, was completed on December 1, 1998.	December 1998
2. Secure a contractor to assist with acceptance testing on renovated systems by November 30, 1998.	Closed	House Information Resources prepared a scope of work for the necessary testing and there are several contracts that provide the required support.	December 1998
3. Complete development of test plans for each Year 2000 project by January 31, 1999.	Closed	House Information Resources prepared test plans for all applications identified for Y2K renovation.	January 1999
4. Procure, install, and implement an isolated test environment for Year 2000 testing by February 15, 1999.	Closed	House Information Resources purchased and installed a separate test bed (a RISC 6000 with an OS 390 emulation card) for Y2K testing.	February 1999
5.  Develop standardized documentation requirements for project managers to document the Year 2000 changes made in the programs, the location of changes or new code, the location of bridge programs and the techniques being used to convert dates between files, applications, and data exchanges.  This documentation effort should be completed by January 31, 1999.	Closed	House Information Resources incorporated a requirement to document Year 2000 changes in the "Year 2000 Testing Guideline."  Year 2000 Deviation Reports document changes made to programs.  The Year 2000 Test Project Manager, with the cooperation of project managers, compiled a listing of software used to generate bridges or interface files between systems.  Documentation was also developed when the automate discovery tool was used for ADABAS applications.	January 1999
6.  Complete and document system acceptance and end-to-end testing using Year 2000 critical dates to test the system and identify potential errors by June 30, 1999.	Closed	House Information Resources completed Year 2000 Ready testing for all applications identified for Year 2000 renovation.  Additionally, parallel and functional testing was completed for the staff payroll and Office Systems Management applications.	August 1999
7.  Procure, test, and implement commercial software packages to replace the non-Year 2000 compliant Members Information Network/Integrated Systems and Information Services Federal Funding by March 31, 1999.	Closed	House Information Resources started the replacement operations in June 1999.	June 1999
8.  Select, procure, test, and implement a Year 2000 compliant, commercial software package to replace the non-Year 2000 compliant Members Payroll by September 30, 1999.	Closed	House Information Resources placed a new service in production in September 1999.	September 1999
9.  Complete renovation work on the existing Fixed Assets Management System by April 14, 1999.	Closed	House Information Resources and Office Systems Management has completed renovation and testing of the contingency Fixed Assets Management System.	October 1999
10. Develop a House-wide business impact analysis to assess business continuity issues by June 30, 1999.	Closed	The BCCP team developed a list of critical House business processes.  The list is included in the draft “Contingency Planning For The Year 2000” Guide that is being reviewed by House officers.	October 1999
11. Develop contingency plans for mission critical systems by October 31, 1999; and validate the business continuity strategy, test contingency plans, and update disaster recovery procedures by   November 30, 1999.	Closed	The BCCP team prepared a Draft "Contingency Planning For The Year 2000" Guide for the House of Representatives.  The overall Plan addresses critical system Contingency Plans, Infrastructure, Communications, Staffing, Scheduling, Roles and Responsibilities and Testing.  House officers are reviewing the Plan.  Additionally, critical system contingency plans are scheduled to be tested by the end of November 1999.	October 1999
12. Review the Year 2000 cost estimates after developing test plans and while developing business continuity and contingency plans to ensure that adequate funding will be available for the remainder of the Year 2000 project, and revise the budget requests as necessary by May 1, 1999.	Closed	The CAO requested each Associate Administrator to review their Year 2000 programs and requirements and verify whether additional funding would be required, considering any BCCP related costs.  The CAO provided the OIG with copies of the “budgetary rationale” presented for those items where additional funding was considered and CAO wide costs as of March 15, 1999 and April 30, 1999 to show where revisions had been incorporated.	April 1999