SAN MATEO (04/10/2000) - Late last year, rumblings arose over the costs associated with the near-universal mobilization of Y2K efforts. Amid increasingly confident predictions about a successful date change, the ballooning estimates of the final bill began to cast shadows over IT departments.
Could a less drastic approach have saved some of the billions spent on readiness? Did alarmists, or possibly profiteers, drive the expense of Y2K preparedness to ruinous levels?
In hindsight, the answers are not necessarily clear. Although some IT shops point to valuable lessons learned and procedures adopted post-Y2K, and industry boosters of various stripes describe benefits for future projects, others sum up much of the effort as overkill.
There's no firm figure for the total spending on Y2K readiness, but IT outlays related to the exercise have been estimated at well into the hundreds of billions of dollars worldwide. International Data Corp.'s 1999 tally for IT spending was $122 billion in the United States, and $282 billion worldwide, with further spending of $13 billion nationally and $38 billion worldwide expected this year.
Largely because the reporting and accounting of Y2K remediation costs vary so widely, estimates of Y2K spending have bounced between extremes, from 5 percent to 30 percent of the average IT budget.
Government and industry officials vigorously defended the spending levels and the scope of the readiness measures after the relatively placid date change.
But driving much of the cost debate is the question of whether or not the Y2K measures yielded any lasting benefits for IT operations.
Getting a grip on the enterprise
Apart from basically agreeing that the measures helped stave off disaster, or weather a tempest in a teapot, observers have conflicting opinions on the collateral benefits issue.
"It's best to look at where organizations are in terms of their understanding of IT processes and understanding of their systems inventory," says Kazim Isfahani, an analyst at Giga Information Group, a market research company in Cambridge, Massachusetts.
Among the IT functions that stood to benefit from the endeavor, asset management ranks high, Isfahani says. Also, many companies put in place quality assurance teams and came away from the preparations with application test beds, he adds.
"That can be invaluable," Isfahani says. "Going forward, they have to try to apply metrics to new e-commerce-type projects. That can lead to a decline in test times and bug detection, and a shortened time to market. Since development is increasingly happening in Web time, [IT teams] automatically have some efficiencies in developing for the Web, if they added a process orientation mind-set from Y2K."
Regardless of the appropriateness of the spending levels, IT organizations that adopted beneficial procedures and acquired critical insight into their systems are theoretically in a position to capitalize on their earlier work.
One such operation is the Bonneville Power Administration, a Department of Energy utility in Portland, Oregon. Bonneville sells power generated by dams on the Columbia and Snake Rivers to wholesale customers in Oregon, Washington, Idaho, and Western Montana.
"There's a tremendous amount of intelligence that we generated through Y2K remediation," says Joe O'Rourke, CIO at Bonneville Power. "It's likely going to be used in our vision and approach to e-business and e-commerce, but more short-term, it's a question of how we apply that experience to things like inventory management, configuration management, and control."
One of the most beneficial by-products of Y2K is the IT inventory, O'Rourke says.
"We've enhanced our configuration management process and expansion processes," O'Rourke says, adding that the IT asset management needn't be cutting edge.
"The systems we use to track IT inventory are not very sophisticated. We have several databases that maintain all the intelligence."
Improved IT processes
Not surprisingly, security was another IT discipline bolstered by the Y2K initiative, O'Rourke adds.
"With the threats that were publicized --Trojan horse viruses and other horrific animals -- we stepped up cybersecurity," O'Rourke says. "That includes any analog line that was inbound. And [we] stepped up security on routers and switches. And that's going to stay in place."
Another point driven home by the Y2K readiness effort was the relative viability of maintaining custom applications, as opposed to off-the-shelf packages.
"We certainly gained a fuller understanding of what it takes to maintain, enhance, and grow software in a custom fashion," O'Rourke says. "Through the Y2K effort, it became very clear that the more customization an organization applies to an application, the more complex and costly the problems when events such as viruses targeted at applications and networks occur."
Strengthening IT-business ties
Because the business-IT partnership is more in sync, the thinking goes, companies should be better positioned to initiate e-commerce projects. Of course, much of that logic comes from software vendors and others with a stake in these new projects.
"There has been a lot of spin doctoring to try to find benefits, but the fact is we fixed more than we needed to," says John Ganz, an analyst at IDC, in Framingham, Massachusetts. "But the good news for 2000 is that IT budgets won't be depressed [by funds being diverted to Y2K]."
Whereas many IT shops gained a higher profile within their organizations and top executives nervously looked their way to prepare for the approaching date change, Bonneville Power's IT department was firmly ensconced at the corporate table, O'Rourke explains.
"We have had a heightened view of enterprise information technology, largely due to the issues that are coming in our industry: deregulation, the separation of business lines mandated by Congress," O'Rourke says. "Because there is imminent change in our organization, we are very focused on technology to enable effective change."
Bonneville, which stepped down its Y2K command center in mid-January and dropped its heightened alert at the end of February, has kept its management team in place will continue to do so for roughly the next year, says O'Rourke, who cited requirements of maintaining legal response teams.
"I don't foresee any litigation of any sort, but we need to have people on call at a moment's notice," O'Rourke says.