ML20216G178
| ML20216G178 | |
| Person / Time | |
|---|---|
| Issue date: | 02/12/1998 |
| From: | Shirley Ann Jackson, The Chairman NRC COMMISSION (OCM) |
| To: | Raines F OFFICE OF MANAGEMENT & BUDGET |
| Shared Package | |
| ML20216G177 | List: |
| References | |
| FOIA-98-87 NUDOCS 9804170383 | |
| Download: ML20216G178 (7) | |
Text
a s
- e. # 4 UNITED STATES f
O.
- I',
- NUCLEAR REGULATORY COMMISSION I )* o WASHINGTON, D.C. 205 %-0001
/ Februa ry 12, 1998 CHAIRMAN The Honorable Franklin D. Raines, Director Office of Management and Budget Washington, D.C. 20503
Dear Mr. Raines:
Enclosed is the U.S. Nuclear Regulatory Commission's (NRC) Year 2000 status report as of February 15,1998. As requested in your memorandum of January 20,1998, to heads of selected agencies, " Progress Reports on Fixing Year 2000 Difficulties," we are providing
{
information on the status of agency data exchanges, our validation and verification efforts, and l
our approach to contingency planning.
Our milestones for the repair of our mission-critical systems have been adjusted to conform to the Office of Management and Budget's (OMB) new govemment-wide targets for completion of renovation, validation, and implementation. Our non-mission-critical systems are assigned to one of two categories in order to make explicit decisions about establishing their priority for repair:
- 1. Business-essential: any system that is integral to agency processes that are required for meeting agency statutory, programmatic, legal, or financial obligations. Typically, the agency could function without any major impact on its operations if any of these systems malfunctioned and was unavailable for up to 3 or 4 weeks while it is being repcired.
- 2. Non-critical: any system that is not mission-critical or business-essential and wnose unavailability would therefore only represent an inconvenience to the agency. Typically, j these systems can be unavailable for extended periods (1 to 2 months or more) while they '
are being repaired and manual processes can be readily used in their place if necessary.
Our milestones for the repair of business-essential systems will conform to OMB's targets.
Because of the minor impact that non-critical systems have on agency operations, non-critical systems will be scheduled for repair after all other systems, but before the Year 2000.
We continue to make considerable progress in addressing our Year 2000 problem. Parallel work efforts are being made on all but one of the six mission-critical systems still needing repair I or replacement, and they are on schedule to meet the OMB milestones. The schedule for the remaining system, although also conforming to the OMB milestones, is dependent on Year 2000 compliant software from a commercial source. Contingency plans are in place in the event that the schedule is not met because of vendor failure to provide Year 2000 compliant products as promised.
6//
9804170393 980415 PDR FOIA KERRIGAN98-87 PDR l
J
f 2
! In the enclosed report, we are also providing revised cost estimates for our Year 2000 program.
In January 1997, we estimated that the agency would require 59.3 million to fund the Year 2000 Program through Fiscal Year 2000. This estimate covered assessing the scope of the problem, developing plans and schedules for addressing the problem, and performing repairs.
The estimate was based on our experience in general software maintenance activities applied to the number of systems in our inventory. The estimate did not take into account the cost of performing independent validation and verification of all system repairs. We have developed, in close coordination with our Year 2000 renovation contractor, a more realistic cost estimate of
$10.9 million on the basis of the results of our assessment of all systems (completed in September 1997) and on actual contractor costs for repairs to date.
Our Chief Information Officer (CIO) continues to coordinate weekly with NRC senior executives and staff at all levels to ensure that they maintain a high level of awarenass o' Year 2000 issues and that progress in meeting our completion dates does not slip. Monthly Year 2000 status reports received from agency offices have shown progress according to plan in addressing their Year 2000 issues.
If you would like a more in-depth discussion of our continued progress with the Year 2000 program, the agency's CIO and our Year 2000 Program Manager are available to meet with members of your staff at your convenience. l l
Sincerely, Shirley Ann Jackson
Enclosure:
As stated I
i ;
'I
,y ..
V . .
Status of the Nuclear. Regulatory Commission's Year 2000 Efforts Quarterly Report for February 1998
- 1. Organizational Responsibilities. Describe how your Department / Agency is organized to track progress in addressing the Year 2000 problem.
- a. Organization. Describe responsible organizations for addressing the Year 2000 problem and provide an organization chart if organizations have changed from the previous report.
Amold Levin is the agency's Year 2000 Program Manager. His title is " Director, Applications Development Division." The Year 2000 Program Manager has 4 overall responsibility for NRC's Year 2000 Program and reports directly to the NRC Chief Information Officer (ClO). The CIO reports to the Chairman,
- b. Internal Accountability. Describe prr, cesses for assuring internal accountability of responsible organizations. Include any quantitative measures used to track performance and other methods to determine whether the responsible organizations are performing according to plan.
Intemal accountability for performance of Year 2000 activities is assured through continuous monitoring of the progress of all offices against established milestones. To assure proper accountability for Year 2000 activities, we require that Senior Executive Service directors of agency offices provide monthly progress reports to the CIO on their efforts to repair systems that contain the ,
Year 2000 problem. These reports are used to update a central Year 2000 inventory' database. Reports from the database are generated monthly to show the status of Year 2000 efforts of each office in meeting our milestone dates. To date, progress reports received from these offices have shown progress according to plan in addressing Year 2000 iseues. All facets of our Year 2000 activities are formally reviewed weekly with the ClO.
- c. Oversight. Describe the management actions taken and by whom, when a l 1
responsible organization falls behind schedule.
The Year 2000 Proi, ram Manager reviews progress reports on an ongoing basis and reports deviations from established schedules to the CIO. If any such j i
deviations are reported, the CIO will discuss them with the managers who are responsible for the systems. As part of this discussion, the ClO will determine I the remedial actions to be taken. The CIO will periodically brief the Chairman, the Executive Director for Operations, and the Chief Financial Officer of the NRC l on any schedule deviations and the status of any remedial actions taken. None ,
have occurred to date. l l
) Enclosure I
5 l
l a
.p .
2
- 2. Status. Provide a report of the status of agency efforts to address the Year 2000 computer problems.
- a. An aaency-wide status of the total number of mission-critical systems.
Total number of N0mber already _ Number being Number being Number being mission-critical compliant replaced repaired retired 7 1 3 3 0
- b. The status of mission-critical systems beina repaired.
Assessment Renovation Validation implementation Milestones Sep 1997 Sep 1998 Jan 1999 Mar 1999
% completed . 100 % 25% 25% 25%
- c. Description of Proaress. Provide a narrative description of progress, including the following elements:
(1) Status of Mission-Critical Systems o Parallel work efforts are being made to address all systems still ,
needing repair and Office of Management and Budget milestone dates will be met.
o Of the three mission-critical systems being replaced,62 percent of the modules of one system are now Year 2000 compliant. Coding is underway for the other two systems and will be completed by April 1998 and August 1998, respectively.
o No milestones for mission-critical systems were scheduled to be met during this reporting period. However, work cont;nues on ;
schedule according to plan. J (2) Status of Non-Mission Critical Systems.
Our non-mission-critical systems are assigned to one of two categories in order to make explicit decisions about establishing their priority for repair:
- 1. Business-essential: any system that is integral to agency processes that are required for meeting agency statutory, programmatic, legal, or financial obligations. Typically, the agency could function without any major impact on its operations if any of these systems malfunctioned and was unavailable for up to 3 or 4 weeks while it is being repaired.
I L - - --
r Y .. .
3
- 2. Non-cntical: any system that is not mission-critical or business-essential and whose unavailability would therefore only represent an inconvenience to the agency. Typically, these systems can be unavailable for extended periods (1 to 2 months or more) while they are bemg repaired and manual processes can be readily
'. i used in their place if necessary.
67 Business Essential Systems 17 systems have been renovated.
13 systems have been validated.
10 systems have been implemented.
19 addibonal systems are currently being repaired.
31 systems scheduled for repair, work not yet started.
53 Non-Critical Svatoms 7 systems have been renovated.
4 systems have been validated.
3 systems have been implemented.
11 additional systems are currently being repaired.
35 systems scheduled for repair, work not yet started.
(3) Date Exchanges We have surveyed all areas of the agency that have the potential to exchange data with other Federal, State and local govemments, as well as with intomational and commercial entities. Three systems were identified that exchange data with NRC. We are currently in contact with these data exchange partners to assure that data compatibility is achieved.
(4) Contingency Planning.
Contingency plans are in place for all seven mission-critical systems in the event that unforeseen problems are encountered.
NRC's non-mission-critical systems are organized into two categories:
business-essential and non-critical. If a business-essential system falls behind schedule by 2 or more months, a contingency plan will be prepared. By our definition, non-critical systems are not mission-critical or business-essential rend their unavailability would represent only a temporary inconvenicace to the agency (they are low-end administrative systems). Typically, tleac systems can be unavailable for extended periods (1 to 2 months or more) while they are being repaired, and manual processes can rea tiy be used in their place, if necessary.
Therefore, our contingency plans for these systems will be to rely on manual processes if they are not repaired in time.
a .
i, . . .
4 (5) Other Year 2Mn.imolications.
NRC has sent more than 100 letters to its various telecoramunications vendors nation-wide in order to determine their progress it addressing the Year 2000 problem.
i NRC co-sponsored a workshop with the American Nuclear Society that )
included a session on Year 2000 computer issues. NRC stated that it l expected licensees to adopt guidance established by the Nuclear Energy )
Institute (NEI) and the Nuclear Utilities Software Management Group (NUSMG) for establishing a program and a schedule, and to ultimately '
certify Year 2000 readiness. This guidance, NEl/NUSMG 37-07, was published in the Nuclear Utility Year 2000 Readiness Report (October 1997). l NRC published in the Federal Reaisigt and on the NRC Internet Web Page that staff is proposing to send a letter to all licensed utilities with I
operational nuclear power plants requiring that they inform the NRC of steps they have taken or will take to assure their computers have no problems adjusting to the Year 2000. 3 NRC also has a program underway to replace all microcomputers that have non-compliant chips. Microcomputer replacement will be completed by December 1998.
(6) Problems Affectina Proaress.
In some instances, the pace of our work depends on the schedule that commercial vendors have established for the release of either updates to existing products to bring them into Year 2000 compliancy or entirely new releases that are Year 2000 compliant. We are in constant communication with these vendors in order to work with them to ensure the the products we need are available on time. The failure of these vendors to provide Year 2000 compliant products on time may adversely affect the schedule for some of our systems.
(7) Government-wide Systems.
NRC has no systems in this category. ;
(8) Verification Efforts.
Independent verification and validation of repaired systems is being l accomplished by a three-level approach. The first, unit testing, is I performed by contract personnel who actually repair the system code.
The second and third level are performed by personnel who are not j involved with system repairs. The second level of testing is performed by contractor personnel assigned to a permanent quality assurance group, using an established test plan. Third level testing is performed by the
a ,
t ,
5 system's NRC user. When written approval is received from all three testing levels, then (and only then) do we consider the system validated and report it as such.
(9) Other Evidence of Proaress. ,
h f
No other evidence of progress is offered.
- 3. Costs.
We have revised the estimates for our Year 2000 program. In January 1997, we estimated that the agency would require $9.3 million to fund the Year 2000 Program through Fiscal Year 2000. This estimate covered assessing the scope of the problem, developing plans and schedules for addressing the problem, and performing repairs. The estimate at that time was based o.. our experience in general software maintenance activities applied to the number of systems in our inventory. Also, the estimate did not take into account the cost of {
performing an independent validation and verification of all system repairs. On the basis of j the results of the assessment of all systems (completed in September 1997) and on actual contractor costs for repairs to date, we have developed a more realistic cost estimate.
Fiscal 1996 1997 1998 1999 2000 Total i Year Cost 0.0* 2.4 4.0 3.9 .6 10.9
( w * . Item is $45,000.
- 4. Exception Report on Systems.
l No exceptions to report.
- 5. Systems Scheduled for Implementation after March 1999. Include a list of those mission-critical systems where repair or replacement cannot be implemented by the March 1999 deadline, l No mission critical system is scheduled for implementation after March 1999.
If you have any questions, please contact Amold E. (Moe) Levin at 301-415-7458 or via electronic mail at AEL1@NRC. gov.
l 1
l
) !
e I