Chief Information Officer and Year 2000 Coordinator from the Year 2000 State Compliance Program records (2000-51)

Historical note

Y2K coordinator for the state of Rhode Island - Sally Spadaro Chief Information Officer of the Office of Library and Information Services (OLIS) is Barbara Weaver Legislative mandate: Governor’s Executive Orders 97-1 and 99-1.

Executive Order 97-1 mandated that the Chief Information Officer of the Office of Library and Information Services would be named Coordinator of the Year 2000 remediation efforts by the state government. Her task would be to establish a Year 2000 task force consisting of representatives of the Office of Information Processing and other state agencies affected by this issue. She was to report to the Governor and Director of Administration, by June 30, 1997, the scope of the problem and recommendations for correcting it. The recommendations should include options with cost estimates to repair problems. All state agencies were urged to cooperate fully in this initiative.

Executive Order 99-1 mandated that all department heads/directors designate a Y2K team for the department to include representatives from information technology, finance, and management/operations. The team shall report directly to the department director. The team was to achieve the goals for the resolution of departmental Y2K issues within the time frame provided. These goals were to include remediation, testing, developing contingency plans, confirming vendor/supplier compliance and IV and V (Independent Quality Assurance Review and Year 2000 Independent Validation and Verification) of all mission critical and other systems. Testing of the systems would include simulation of operations of the systems as they will be used after December 31, 1999. Reports by the Y2K teams to the director and CIO required of this executive order included: - a report updating the department’s prior report(s) as to the current statue of Y2K compliance efforts including the preparation of contingency plans and confirmation of vendor/supplier compliance for all systems within the department (on or before January 31, 1999).

99-1 also required the CIO review departmental reports and approve reasonable variances from the schedule provided on or before February 15, 1999. Monthly reports were required beginning March 15, 1999 and were to include status of Y2K remediation efforts, progress on tasks as listed, any variances in completing the required tasks,. Copies of the report were to be filed with the CIO. Summaries of the reports were to be reported to the Governor and made available on the states Y2K web site. This executive order also required that departmental directors defer any purchasing of computer systems not directly relating to Y2K remediation efforts and adoption of new or amended regulations (between June 30, 1999 and March 31, 2000) that would require upgrades or modification of computer programs and operations. Additionally, this executive order encouraged other political subdivisions (i.e. cities and towns) similar measures to ensure that vital services continue to be provided to citizens of the state.

See Rhode Island Information Resources Management Board Third Annual Progress Report of Governor Lincoln Almond and the Rhode Island General Assembly July 2000. www.irmb.state.ri.us/Annual2000/Default.htm

OLIS was charged with notifying agencies what is required to make systems Y2K compliant, establish standards, monitor progress and ensure that computers get fixed and tested.

From RIPEC REPORT (Comments on Your Government: A Special Bulletin of the Rhode Island Public Expenditures Council) Rhode Island ‘s Year 2000 Computer Program. Four areas which required attention of state and local governments were:

• 1. internal computer systems include mainframe and client/server systems, desktop personal computers and distributed networks.
• 2. infrastructure includes property, equipment, and machinery (is this where embedded chips fall in?) such as HVAC systems, traffic control and fire alarm/security systems.
• 3. external data interchanges involve the trading of data between two or more systems (i.e Federal and state or state and local governments)
• 4. legal liability

June 1997 - Don Estes and Associates of Waltham, MA drafted a report that was presented to the CIO. This report focused on major agencies but did not include the university or judiciary systems. The report assessed the internal systems but did not include an inventory or assessment of infrastructure or external data exchanges. The report highlighted "the need for immediate, resolute, and accountable management with sufficient authority …to assume control of an agency project if timelines are not met."

June 1998 - Computer Consultant David Hall drafted an update of the previous report and noted the lack of a Year 2000 master plan, no readiness or compliance standards, no formalized year 2000 awareness program, no contingency plans for dealing with possible impacts on state government functions or its citizens and no formal reporting process in place to bring year 2000 project status to the attention of legislative or executive levels.

Y2K specific grants were awarded to agencies for Year 2000 internal systems projects through the Y2K office. Agency funds were also devoted to Year 2000 projects.

Contingency Plans - The RING and Emergency Management Agency have been working together to develop contingency plans and the Federal Emergency Management Agency (FEMA) as issued reporting requirements regarding each state’s preparation for year 2000 problems.

RIPEC recommended that the state form a task force of agency directors to prioritize projects and monitor implementation. Tests should be formed on compliant systems especially those deemed as mission critical. Oversight hearings should be held to monitor status of Y2K efforts, infrastructure and external data exchanges must be inventoried and assessed for Y2K compliance, the Office of Municipal Affairs should work with local governments to address Y2K issues, outreach efforts to the public sector on the Y2K issues.

Financial Integrity and Accountability Act (FIAA) of 1986 - In compliance with, an evaluation of the computing, information, business and environmental systems and of external data interfaces of systems in state agencies were performed. The evaluation was performed in compliance with the questionnaires and guidelines issued by the Department of Administration. Reports of these evaluations were submitted to the Governor and outlined the agencies’ major systems, electromechanical equipment and interfaces, the Year 2000 compliance stage of each and the financial resources spent or needed to make each system compliant. (The Office of Accounts and Control substituted its annual review of agency performance required by the FIAA with a Year 2000 Compliance Review).