ML20203G789
| ML20203G789 | |
| Person / Time | |
|---|---|
| Issue date: | 02/09/1999 |
| From: | Shirley Ann Jackson, The Chairman NRC COMMISSION (OCM) |
| To: | Bennett R, Dodd C, Horn S, Kucinich D HOUSE OF REP., SENATE |
| References | |
| NUDOCS 9902220061 | |
| Download: ML20203G789 (17) | |
Text
..
39
.f UNITED STATES g% -
y NUCLEAR REGULATORY COMMISSION WASHINGTON, D.C. 20555 4001 1
February 9, 1999 CHAMMAN The Honorable Stephen Horn, Chairman Subcommittee on Government Management, Information and Technology Committee on Government Reform and Oversight United States House of Representatives Washington, D.C. 20515-6143 i
Dear Mr. Chairman:
in response to your request of May 20,1997, I am enclosing the U.S. Nuclear Regulatory Commission's (NRC) February 1999 quarterly report on the Year 2000 (Y2K) problem as submitted to the Office of Management and Budget (OMB).
l We are extremely pleased to inform you that, as of February 5,1999, we have completed every j
element of our program to address the Y2K problem as it relates to systems internal to the NRC. We have-o Remediated all mission-critical systems and verified that existing contingency plans for them address any system failures (including Y2K-related failures) and cover any business continuity concerns.
o Remediated all non-mission-critical systems (NRC's business-essential and non-critical categories).
o Resolved allissues related to exchanging data with outside entities.
o Replaced all non-compliant hardware as necessary to address the embedded-chip problem.
o Tested all NRC-owned telecommunications equiprnent and replaced non-Y2K-compliant I
components as needed. All of our telecommunications services providers have stated
)
that they will be compliant by mid-1999.
o Verified that the Y2K problem will not affect systems related to the operation and maintenance of agency buildings.
y Our entire Y2K program to address automated systems internal to NRC was completed well ahead of schedule and under budget. This result is attributable to the dedication and spirit of the NRC staff and our supporting contractors who used every opportunity to increase efficiency on the basis of lessons learned as our program progressed.
c 9902220061 99020f PDR COMMS NRCC i
CORRESPONDENCE PDR j
. To verify independently the effectiveness and accuracy of our Y2K program, the NRC's Office of the Inspector General (OlG) conducted ongoing program reviews. On August 14 and November 17,1998, respectively, the OlG reported to the agency the results of its reviews, which showed that NRC's external efforts pertaining to licensee Y2K issues were appropriately aggressive and NRC's internal Y2K management program was thorough and effective.
The staff of the Chief Information Officer (CIO) will continue to monitor the operational status of all systems that have been remediated for Y2K problems throughout the remaining months in 1999 and well into 2000 to ensure that they are performing satisfactorily and have no Y2K related failures.
If you would like a more in-depth review of the success of our Y2K program, the agency's CIO and our Y2K Program Manager are available to meet with you and members of your staff at your convenience.
Sincerely, b
Enclosure:
As stated l
4
r UNITED STATES c
4 NUCLEAR REGULATORY COMMISSION I
o WASHINGTON, D.C. 2055W1 r.
(l February 9, 1999 l
+
CHAIRMAN f
The Honorable Robert F. Bennett, Chairman Special Committee on the Year 2000 l
Technology Problem United States Senate Washington, D.C. 20510L
Dear Mr. Chairman:
Enclosed is the U.S. Nuclear Regulatory Commission's (NRC) Year 2000 (Y2K) status report l
for the period ending February 15,1999.
We are extremely pleased to inform you that, as of February 5,1999, we have completed every element of our program to address the Y2K problem as it relates to systems internal to the NRC. We have -
o Remediated all mission-critical systems and verified that existing contingency plans for them address any system failures (including Y2K-related failures) and cover any i
business continuity concerns.
)
o Remediated all non-mission-critical systerns (NRC's business-essential and non-critical categories).
o
- Resolved all issues related to exchanging data with outside entities.
Replaced all non-compliant hardware as necessary to address the embedded-chip o
problem.
o Tested all NRC-owned telecommunications equipment and replaced non-Y2K-compliant components as needed. All of our telecommunications services providers have stated
~
that they will be compliant by mid-1999.
o Verified that the Y2K problem will not affect systems related to the operation and maintenance of agency buildings.
Our entire Y2K program to address automated systems internal to NRC was completed well ahead of schedule and under budget. This result is attributable to the dedication and spirit of the NRC statt and our supporting contractors who used every opportunity to increase efficiency on the basis of lessons learned as our program progressed.
i l
I l
i '
To verify independently the effectiveness and accuracy of our Y2K program, the NRC's Office of the inspector General (OlG) conducted ongoing program reviews. On August 14 and l
November 17,1998, respectively, the OlG reported to the agency the results of its reviews, which showed that NRC's external efforts pertaining to licensee Y2K issues were appropriately aggressive and NRC's internal Y2K management program was thorough and effective.
The staff of the Chief Information Officer (ClO) will continue to monitor the operational status of j
all systems that have been remediated for Y2K problems throughout the remaining months in i
1999 and wellinto 2000 to ensure that they are performing satisfactorily and have no Y2K
+
related failures.
1 If you would like a more in-depth review of the success of our Y2K program, the agency's CIO
]
and our Y2K Program Manager are available to meet with you and members of your staff at your convenience.
I l
Sincerely, i
iA >
Enclosure:
As stated I
i i
~
i l
l l
1 f
UNITED STATES f'
4 NUCLEAR REGULATORY COMMISSION WASHINGTON. D.C. 20555-0001 g
February 9, 1999 CHAIRMAN The Honorable Christopher J. Dodd Special Committee on the Year 2000 Technology Problem United States Senate Washington, D.C. 20510
Dear Senator Dodd:
Enclosed is the U.S. Nuclear Regulatory Commission's (NRC) Year 2000 (Y2K) status report j
for the period ending February 15,1999.
We are extremely pleased to inform you that, as of February 5,1999, we have completed every element of our program to address the Y2K problem as it relates to systems internal to the NRC. We have -
l i
o Remediated all mission-critical systemt and verified that existing contingency plans for them address any system failures (including Y2K-related failures) and cover any business continuity concerns.
o Remediated all non-mission-critical systems (NRC's business-essential and non-critical j
categories).
o Resolved all issues related to exchanging data with outside entities.
Replaced all non-compliant hardware as necessary to address the embedded-chip l
o problem.
o Tested all NRC-owned telecommunications equipment and replaced non-Y2K-compliant components as needed. All of our telecommunications services providers have stated that they will be compliant by mid-1999.
O Verified that the Y2K problem will not affect systems related to the operation and maintenance of agency buildings.
Our entire Y2K program to address automated systems internal to NRC was completed well ahead of schedule and under budget. This result is attributable to the dedication and spirit of the NRC staff and our supporting contractors who used every opportunity to increase efficiency on the basis of lessons learned as our program progressed.
I 1
1 I
.... -.. - - -.. - ~
j l
2-
?
I To verify independently the effectiveness and accuracy of our Y2K program, the NRC's Office of the Inspector General (OlG) conducted ongoing program reviews. On August 14 and.
l November 17,1998, respectively, the O!G reported to the agency the results of its reviews, which showed that NRC's external efforts pertaining to licensee Y2K issues were appropriately aggressive and NRC's internal Y2K management program was thorough and effective.
i
.The staff of the Chief Information Officer (CIO) will continue to monitor the operational status of all systems that have been remediated for Y2K problems throughout the remaining months in i
1999 and well into 2000 to ensure that they are performing satisfactorily and have no Y2K' related failures.
)
If you would like a more in depth' review of the success of our Y2K program, the agency's CIO -
.and our Y2K Program Manager are available to meet with you and members of your staff at your convenience.
Sincerely,
&.h -
Enclosure:
As stated i
!=
1
)
4
.-r.
n..
-... -.. ~
UNITED STATES
,p
.k NUCLEAR REGULATORY COMMISSION l
0j j
WASHINGTON. D.C. 205554001 L
'S e
'j g* *.. j February 9 1999 Il
. CHAIRMA N l
The Honorable Dennis J. Kucinich Subcommittee on Government Management, Information and Technology..
Committee on Government Reform and Oversight United States House of Representatives Washington,' D.C. 20515
Dear Congressman Kucinich:
Enclosed is the U.S. Nuclear Regulatory Commission's (NRC) Year 2000 (Y2K) status report for the period ending February 15,1999.
We are extremely pleased to inform you that, as of February 5,1999, we have completed every element of our program to address the.Y2K problem as it relates to systems internal to the NRC. We have-Remediated all mission-critical systems and verified that existing contingency plans for o
them address any system failures (including Y2K-related failures) and cover any business continuity concerns.
o Remediated all non-mission-critical systems (NRC's business-essential and non-critical l
categories).
'o Resolved all issues related to exchanging data with outside entities.
Replaced all non-compliant hardware as necessary to address the embedded-chip o
problem.
i o
Tested all NRC-owned telecommunications equipment and replaced non-Y2K-compliant components as needed. All of our telecommunications services providers have stated that they will be compliant by mid-1999.
o
. Verified that the Y2K problem will not affect systems relcted to the operation and maintenance of agency buildings.
Our entire Y2K program to address automated systems internal to NRC was completed well ahead of schedule and under budget. This result is attributable to the dedication and spirit of the NRC staff and our supporting contractors who used every opportunity to increase efficiency _
j on the basis of lessons learned as our program progressed.
4 l
r i,
l '..
p i
c 2-To verify independently the effectiveness and accuracy of our Y2K program, the NRC's Office of the inspector General (OlG) conducted ongoing program reviews. On August 14 and November 17.,1998, respectively, the OlG reported to the agency the results of its reviews, which showed that NRC's external efforts pertaining to licensee Y2K issues were appropriately l
l
_ aggressive and NRC's internal Y2K management program was thorough and effective.
l The staff of the Chief Information Officer (ClO) will continue to monitor the operational status of l
all systems that have been remediated for Y2K problems throughout the remaining months in 1999 and well into 2000 to ensure that they are performing satisfactorily and have no Y2K related failures, j
If you would like a more in depth review of the success of our Y2K program, the agency's CIO l
and our Y2K Program Manager are available to meet with you and members of your staff at your convenience.
i Sincerely, j
b I
Enclosure:
As stated i
i 1
i l
i 4
l I
l
Status of the Nuclear Reaulatory Commission's Year 2000 Efforts Quarterly Report for February 1999 1.
Overall Proaress. Provide a report of the status of agency efforts to adoress the Year 2000 problem, which includes an agency-wide status of the total number of mission-critical systems.
Total Number of Number Number To Number To Number To Mission-Critical Systems Compliant Be Replaced Be Repaired Be Retired 7
7 0
0 0
- 11. Proaress of Systems Under Repair. Provide a report of the status of agency efforts to address the Year 2000 problem, which includes the status of systems under repair.
- a. Status of mission-critical systems being repaired.
Number of Mission-Critical Systems Assessment Renovation Validation implementation Milestones Sep 1997 Sep 1998 Jan 1999 Mar 1999
- Current Number 4
4 4
4 4
Complete
- Completed February 5,1999,
- b. Provide a description of progress for fixing or replacing mission-critical systems.
All of our mission-critical systems have been renovated, validated, and implemented in our production environments as of February 5,1999.
- c. Provide a description of progress in fixing non-mission-critical systems.
Our non-mission-critical systems are assigned to one of two categories in order to make explicit decisions about establishing their priority for repair:
Business-Essential Systems: Any system that is integral to agency processes that are required for meeting agency statutory, programmatic, legal, or financial obligations.
Typically, the agency could function without any major impact on its operations if any of these systems malfunctioned and was unavailable for up to 3 or 4 weeks while being repaired.
Non-Critical Systems: Any system that is not mission-critical or business-essential; unavailability would therefore represent only an inconvenience to the agency. Typically, these systems can be unavailable for extended periods (1 to 2 months or more) while they are being repaired, and manual processes can be readily used in their place, if necessary.
[
l
t All of our business-essential and non-critical systems have been renovated, validated, and implemented in our production environment as of February 5,1999.
- d. Provide a description of the status of efforts to inventory all data exchanges with outside entities.
We have assessed all areas of the agency that have the potential to exchange data with other Federal, State, and local governments, as well as with international and commercial entities. Three systems were identified that exchange data with NRC.
Two of these systems exchange data with one source, and one system exchanges i
data with six sources.
Discussions with NRC data exchange partners reveal that two exchanges are already Year 2000 (Y2K) compliant and five exchanges do not require NRC to make any changes. The final data exchange is contained in one of NRC's mission-critical cystems. This system has been renovated, validated, and implemented. All our work in this area has been completed.
- e. Provide a description of efforts to address the Year 2000 problem in other areas.
Office of the Inspector General Activity Our Office of the inspector General (OlG) has been closely monitoring our Y2K efforts regarding both our internal systems and efforts with our licensees. On August 14, 1998, OlG reported that our efforts regarding licensee Y2K issues were appropriately aggressive. On November 17,1998, OlG reported that our internal Y2K management program was thorough and effective. OlG will continue to review our program documentation for accuracy and completeness.
Reoulatory issues i
(i) Power Reactors As discussed in previous quarterly reports, the NRC issued Generic Letter (GL) 98-01 to licensees of all operating reactors on May 11,1998. This generic letter was sent to gain assurance that licensees are effectively addressing the Y2K problem at their facilities.
NRC has received all the initial responses from its power reactor licensees. All responses state that the licensee has pursued, and is continuing to pursue, a Y2K readiness program similar to the one outlined in NEl/NUSMG 97-07," Nuclear Utility Year 2000 Readiness," augmented appropriately in the area of risk management, contingency planning, and remediation of embedded systems. NEl/NUSMG 97-07 recommends methods for utilities to attain Y2K readiness and thereby ensure that l
their facilities remain safe and continue to operate within the requirements of their l
license. l l
l The Nuclear Energy institute (NEI), in collaboration with Nuclear Utilities Software t
Management Group (NUSMG), issued a new guidance document, NEi/NUSMG 98-07, " Nuclear Utility Year 2000 Readiness Contingency Planning," in August 1998, which incorporates guidance in the areas of contingency planning, business continuity, and risk management. NRC reviewed NEl/NUSMG 98-07 and finds that it provides good guidance for augmenting Y2K readiness program in the area of contingency planning. It is expected that all nuclear power plant licensees will i
incorporate NEl/NUSMG 98-07 into their Y2K readiness programs.
in September 1998, the NRC began conducting Y2K readiness sample audits at 12 nuclear power plants. These audits evaluate the effectiveness of those measures licensees are taking to identify and correct Y2K problems at their facilities. Audit reports are made available on the agency Web site. We have completed all planned audits, which included audits of the Monticello, Seabrook, Brunswick, Davis-Besse, Hope Creek, Limerick, Wolf Creek, Watts Bar, Waterford, North Anna, Washington Nuclear Unit 2, and Braidwood nuclear power plants.
The audits focused, first, on those areas of the Y2K readiness program affecting plant safety, followed by those areas important to safety (including continued plant operation). Licensee contingency planning was also reviewed during the audits.
Audit findings have confirmed that licensees are implementing effective Y2K readiness programs and are on schedule to achieve readiness in accordance with GL 98-01 guidance. Audit results have not indicated a need for further NRC regulatory action, and we have no indication that significant Y2K problems exitt with safety-related systems that could directly affect the ability of nuclear powe; plants to safely operate and shut down.
In December 1998, the NRC participated in the NEl-sponsored Y2K readiness workshop in Atlanta, Georgia at which the NRC exchanged information with nuclear power industry licensee representatives, including the results of audits completed to date. Other topics discussed at the workshop included contingency planning and I
system remediation methods.
In January 1999, the NRC issued a supplement to GL 98-01 that provides nuclear power W.nt licensees with a voluntary alternative response to the second response required by GL 98-01. This alternative response, which is also due by July 1,1999, will provide the overall Y2K readiness status of the nuclear power plant rather than just those aspects pertaining to the terms and conditions of the license and NRC regulations. This alternative is consistent with the Year 2000 Information and l
Readiness Disclosure Act (Public Law No.105-271) enacted in October 1998.
l l
Each licensee will provide confirmation of Y2K readiness and compliarce with its license with respect to the Y2K problem in July 1999 when the seconc response to GL 98-01 or the supplement is due. In accordance with GL 98-01 or the supplement, if the facility-specific Y2K readiness program is incomplete on July 1,1999, the licensee's response must include a status report, including completion schedules of work remaining to be performed to confirm that the facility is or will be Y2K ready by l.
i 2000. NRC expects to complete its review of the second response to GL 98-01 or the supplement by September 1999, and any unresolved safety issues would be promptly addressed at that time.
(ii) Fuel Cycle Facilities and Materials Licensee Since November 17,1997, materials and fuel cycle inspectors have been instructed to l
confirm receipt of NRC's information notices by materials and fuel cycle licensees and certificate holders; to determine whether the licensees and certificate holders have identified any potential problems associates with the Y2K issue; and to note any corrective actions taken by the licensees sad certificate holders. Generic Y2K information received from inspectors will oe passed on to NRC licensees. To date, no generic Y2K issues have been identifiet.
In June 1998, in order to gain the oecessary assurance that fuel cycle licensees and
]
certificate holders are effectively resolving the Y2K problem, the NRC issued GL 98-
- 03. Similar to the generic letter 'or power reactors, GL 98-03 requires fuel cycle licensees and certificate holders to provide written information concerning the implementation of the Year 200L Readiness Program and confirmation that facilities are Y2K ready.
All nine fuel cycle licensees and certificate holders responded to the first requirement of GL 98-03 and reported that they have established a Year 2000 Readiness Program. Six have stated that they will be Y2K ready by July 1999. Two of the licensees reported that they will be Y2K ready by October 1999. One licensee reported that it will be Y2K ready by December 1999.
On August 12,1998, a third information notice (IN 98-30) pertaining to the Y2K computer problem was sent to material and fuel cycle licensees and certificate holders, reminding them of the Y2K problem and discussing how the Y2K problem could affect their operation.
In support of the President's Council on Year 2000 Conversion, NRC has participated in and provided information to the health care sector and the environmental protection sector. Further, NRC participated in the Y2K medical exercise at George Washington University Hospital.
In an effort to provide our medical licensees with Y2K information, NRC has been working with the Food and Drug Administration (FDA). NRC has briefed FDA on its Y2K activities and provided FDA with Y2K information on medical devices. In turn, FDA briefed NRC on its Y2K activities. NRC and FDA will continue to share Y2K information.
(iii) Contingency Planning The NRC has developed a draft Contingency Plan that will be used to deal with unforeseen Y2K problems that may affect NRC-licensed facilities. This l
plan has been placed on the NRC's external Y2K Web site (http://www.nrc. gov /NRC/ NEWS / year 2000.html) to facilitate external stakeholder coordination and to solicit input. After external stakeholder input has been incorporated into the plan, it will be submitted to the Commission for formal approval. The NRC is also actively participating in several interagency working groups that are planning for Y2K contingencies. These groups include the Catastrophic Disaster Response Group and the President's Council Y2K Emergency Services Sector working group. The NRC plans to conduct exercises in preparation for potential Y2K problems. We anticipate that at least one of the exercise scenarios will simulate failure of mission-critical systems that support NRC's incident response capability and require implementation of NRC contingency plans for those systems.
Embedded Chios We have analyzed and identified embedded cnip systems at the NRC. Forward date testing of some embedded chip systems is problematic since access is limited to embedded chip system control programs. As a result, both the nuclear industry and the NRC rely on the manufacturer's certification to establish compliance and, where possible and appropriate, in-house testing to confirm compliance.
In the area of microcomputers and laser printers, we have successfully tested our harovare with available testing software to determine compliance. NRC has resolved all issues related to embedded systems and has replaced all microcomputers that have non-compliant chips.
In the area of local area and wide area network computer components, one of our mission-critical systems being replaced covers all of this infrastructure. We previously reported herein that this mission-critical system is now 100-percent complete.
f.
Provide a description of efforts to address the Year 2000 problem for agency buildings.
All agency building systems were assessed. We determined that there are four building system categories that could have Y2K issues; environmental, fire protection, security access control and alarms, and elevator.
Vendors for these systems were contacted, and we received written responses from them.
As of the date of this report, we have determined that continued safe operation of systems in the four categories mentioned above will not be affected by the Year 2000 date rollover.
- g. Provide a description of efforts to address the Year 2000 problem in your telecommunications systems.
Telecommunications Eauipment NRC sent letters to its various telecommunications equipment vendors nationwide in order to determine their progress in addressing the Year 2000 problem as it relates to their _ _ _ - _ _ - _ _ _ _
a products. All of the vendors have responded, been contacted by telephone, or had their Internet site accessed to determine status.
We have performed the work necessary to ensure that 100 percent of our telecommunications infrastructure is compliant or is not affected by Y2K issues.
We have also contacted our telecommunications service providers to determine their plans to achieve Y2K compliance. All of our service providers have responded that they are compliant or will be compliant by mid-1999.
- h. Provide a description of the status of the Year 2000 readiness of each government-wide system operated by the agency.
NRC has no systems in this category, l.
Other information demonstrating agency progress.
No other information is offered.
- j. Efforts to ensure that Federally supported, State-run programs will be able to provide services and benefits.
In February 1998, NRC provided information to the Agreement States (AS) to increase their awareness of the Y2K p oblem. Information was provided on the nature and scope of potential problems for materials licensees and the actions NRC was taking to encourage NRC materials licensees to examine their computer systems and software. NRC recommended AS encourage their licensees to conduct similar examinations. NRC also asked AS to share information with NRC on any Y2K problems identified by AS licensees that could impact NRC, other AS, or their licensees.
To help facilitate AS efforts in addressing potential Y2K problems, NRC established a link to NRC Y2K information at the Office of State Programs web site. NRC also informed the AS about the availability of the NRC's list server that e-mails the latest Y2K information to each subscriber.
During the past 18 months, the Chair of the Management Review Board has also questioned AS managers about their State's Y2K activities. The AS managers have indicated that Y2K issues in their programs are being addressed as a part of statewide efforts. At this time, NRC is not aware of any Y2K issues, affecting materials licensees, identified in AS.
Ill. Verification Efforts.
Describe your independent validation and verification program.
Systems repaired by Y2K program contractors were independently verified and validated by a three-level approach. The first level, unit testing, was performed by contract 6-
[
1
personnel who actually repaired the system code. The second and third levels were performed by personnel who were not involved with system repairs. The second level of testing was performed by contractor personnel assigned to a permanent quality assurance group, using an established test plan. Third-level testing was performed by the NRC personnel who use the system, also using an established test plan. Only when written approval was received from all three testing levels did we consider the system validated.
All annotated test plans are retained in our Y2K files, along with all written approvals.
Systems repaired by NRC program offices (and their contractors) underwent a comparable validation process. We reported these systems as validated only when the Senior Executive Service director of the responsible office certified validation in writing.
IV. Organizational Responsibilities.
There is no change from the previous report.
V. Business Continuity and Continaency Plans.
Describe your agency's approach and progress to ensure continuity of your core business functions.
NRC has an established program that predates the Y2K program and that develops, maintains, and updates the agency's business continuity plans in accordance with Federal guidance, including Office of Management and Budget (OMB) Circular A-130, Appendix lit,
" Security of Federal Automated Information Resources." The objective of this program is to ensure that appropriate business continuity plans are put in p'a;e for all of the NRC's general purpose systems and rnajor applications, which include the raission-critical applications identified in our Y2K g agram. The process of developing the plans entails several steps:
Conduct a business impact analysis and risk assessment.
Develop a security plan.
Test the security plan.
Certify and accredit the system.
Develop a disaster and business continuity plan.
Train personnel and test the disaster and business continuity plan.
The Office of the Chief Information Officer uses contractor resources obtained through the General Services Administration's multiple award contract for computer security services to assist with its efforts in this area, including the conduct of facilitated risk assessments and development of plans.
By their nature, business continuity plans cover a wide range of possible events, ranging from software and hardware problems to major natural disasters. These plans also take a significant amount of time to prepare in their entirety.
Because of the immediacy of the Y2K problem, NRC has made a special effort to ensure that the contingency business continuity plans for its mission-critical systems specifically address I,
failures resulting from the Y2K pnbiert.
NRC's seven mission-critical systems support three core functions. One system supports the interchange of information agencywide and is our administrative local area network. Three systems support our response capability in the event of a nuclear emergency and reside in our Emergency Operations Center. The remaining three systems support the tracking and inspection of nuclear materials.
These three groups of systems are independent of each other and have no complex interrelationships with any other systems except for dependencies on the U.S.
telecommunications infrastructure.
Only one of our mission-critical systems relies on electronic data provided by other automated systems, so failures of external or internal automated systems will not affect our mission-critical systems. This mission-critical system is one of the three in our Emergency Operations Center. It receives real-time data from nuclear reactor sites in the event of a declared emergency. The Center has its own backup generator to provide power to its electronic components in the event of a power outage, as well as contingency plans dealing with the loss of any of its electronic, telecommunications, or computerized functions.
i In all cases, our mission-critical systems are non-complex, stand-alone systems that support a separate area within one of our three core functions. Compared to large, complex applications dealing with millions of records and complex real-time processes, NRC's mission-critical systems are relatively simple and deal with a volume of information that is small enough to manage by manual means, if necessary, or if automation is temporarily unavailable.
Our contingency plans are commensurate with the nature of our mission-critical systems and have been prepared by the functional area business people. In all but one case, these plans have an option that assumes total automation unavailability, thus requiring that we revert to manual niethods to continue support of the mission-critical functional area. These manual methods have been successfully used by our business people in the past when their systems did not exist or were temporarily unavailable. The case previously mentioned that does not assume total automation unavailability is associated with our administrative local area network (LAN). This network supports our e-mail function, comrr.en document storage, and makes Pdministrative software (word processing, etc.) available through the LAN. However, administrative software is also present as a contingent redundancy on each workstat;on, so if the LAN were unavailable, necessary documents in progress can be rekeyed to centinue
{
work, New documents can be created, stored locally, and shared by floppy disk. Since the network has significant redundancy, complete unavailability of the LAN for any protracted length of time is considered ver) enlikeiy.
Our business-area people prepared these plans to ensure that we will continue to conduct mission-critical business in the event of any system failures.
VI. Exception Report on Systems.
There are no exceptions to report.
i Vll.
Systems Scheduled for implementation After March 1999. Include a list of those l
mission-critical systems where repair or replacement cannot be implemented by the March 1999 deadline.
All mission-critical systems have been implemented.
V!il.
Other Manaaement Information.
- a. Costs (dollars in millions).
1 Fiscal Year 1996 1997 1998 1999 2000 Total j
Current Cost j 0.0*
2.4 4.0 3.9 0.0 10.3
- ltem is $45,000.
- b. Explain dramatic changes in cost.
Since we have completed our program for all systems, the resources budgeted for FY 2000 will not be needed. Therefore, we are reporting a.6M reduction in our FY 2000 budget. Also, we expect our actual expenditures for FY 1999 to be less than budgeted. We will not know the exact cost for our program until final billing is recr>ved from eur Y2K contractors.
- c. Changes to schedule, number of mission-critical systems, number of systems
. behind schadule, or number of systems scheduled to be implemented after March 1699.
There are no changes to our schedule or to the number of mission-critical systems. All mission-critical systems have been renovated, validated, and implemented.
- d. Concerns with the availability of key personnel.
J No concerns exist about the availability of key personnel.
- e. Problems affecting progress?
No problems affecting progress exist.
l If you have any questions about this report, please contact Arnold E. (Moe) Levin at 301-415-7458 or via electronic mail at AEL1 @NRC. gov.
4 d
1 *
.-.