In-Depth

Leon Kappelman: Lessons learned form the year 2000 crisis

Leon Kappelman, Ph.D. is a researcher, writer, speaker, teacher and consultant dedicated to helping organizations better manage their information assets. This University of North Texas Associate Professor is Program Chairman of the SPG Year 2000 Conference & Expo, as well as co-chair of the Society for Information Management's (SIM) Year 2000 Working Group. We spoke with him recently.

We've asked a few people if the lessons we've learned from year 2000 date conversion are something we can take forward. Surprisingly, some think it's a waste of time. What do you think?

I think there are several categories of knowledge, skill and attitudinal benefits. The first is that, at least in those enterprises that choose to do this properly, managers are forced to get a good handle on their information assets. That means the hardware, software, how things interact, data and interfaces, both inside and outside the enterprise walls. This positions us for better management and more efficiency, eliminating things that are not necessary; but it also prepares us for new interfaces and new interoperability. So, there are some real benefits in terms of getting a better grip on information assets in general.

The second category, I would say, is the people issue. If you've pulled this off, you've figured out how to recruit, organize and motivate a team of software professionals and how to use tools to leverage their skills. You also probably had to use outsourcing and insourcing contractors. You had to master a lot of people skills and build yourself a strong team. You take those two things together - a good handle on your assets, and a good handle on your people - and it sets you up for some very positive advantages.

Third, you've developed a synergy between knowing the assets and having the people. You've had this winning mentality created - that one, we had to do it; two, that we could do it; and three, that we did it and we did it within a deadline. That's a rare event for I/T. That's a very positive experience for us to meet an urgent business need. And certainly, you gain a sense of accomplishment that's needed going forward. Moreover, you've gained credibility for I/S in the enterprise.

Fourth, you've had experience dealing with massive reengineering. Though the change itself was trivial taken one piece at a time, as a whole project it was enormously complicated. We're going to have more of these events - whether it's going to be euro, zip codes, universal product codes or any number of things that are going to be changing as we go forward. There may be some legislative events  that we haven't even anticipated yet. This kind of knowledge, this kind of experience, this kind of enterprise skill, is going to be invaluable to be able to cope with these things in the future.

And fifth, because the project was so massive, because it touched everything, because it forced resource restraints and new levels of communication and cooperation in the enterprise, and reassessing whether something was mission-critical and doing serious triage that only business people could have helped with - you're going to have a much better sense of how I/T aligns with and supports the business.

Given that those pieces have been added to the knowledge, skill and attitude base of the enterprise - combined with having a better grip on information assets, a strong group of people, as well as the skills to deal with outsourcing and contractors situations - I think you're setup for some very strong competitive advantages. A company that will be able to go into the next century and be fully functional is going to have a serious competitive advantage too, while its competitors are busy fixing what's broken and dealing with irate customers. It's an opportunity to grow market share. And while they're busy fixing everything, it's an opportunity to initiate new competitive I/T projects and to pull them off while your competitors are cleaning up their mess.

This is going to set you up for another thing: It's going to be a good time for acquisitions. There are going to be fire sales. If you can't grab the market share, you can probably buy it. It's going to change the landscape in a lot of industries to benefit those who had it together, and, quite frankly, probably decimate those who did not.

If they solved the problem, will they be more or less likely to go away from Cobol, to go in and replace the systems?

If what you want to build is a transaction-oriented business system, I don't know anything better than Cobol to write it in. In the world of custom-built transactional applications, I'm not sure what the alternative is to Cobol. That doesn't preclude off-the-shelf software and those kinds of initiatives. But I'd say that with Cobol or any custom-built [application], you control your own destiny in terms of standards. Although a lot of the repairs needed because of year 2000 are self-inflicted through custom-built applications, a lot of it is externally imposed by vendors' improper and inadequate standards.

Perhaps we'll be a bit whimsical here. A manager has just accomplished a Y2K project. He or she is made head of an e-commerce project. What do they impart to young Java programmers?

Standardization. Good quality practices. Independent verification and validation. We're an industry out of control in the managerial sense. I don't mean someone should come in and control us, although if we leave enough damage done from Y2K, they're going to show up at our doorsteps. In terms of managerial control, we have very few measurements of our quality. Most shops don't do any quality practices. We have almost no outside verification or validation of our products. We have basically poor quality practices, poor interoperability and standardization. Just look at E-mail. How many different formats of E-mail messages come in partially truncated with different ways needed just to open them up? It's just chaos, even E-mail, something we know we all have to connect on.

This is not acceptable, because what we end up with is a big I/T management problem and a big user productivity problem. We have this wonderful technology that we can do marvelous things with, and we're squandering it, both in terms of the use of the I/T professionals and in terms of how it really does help users. Nobody on this planet I've ever talked with looks forward to the next upgrade because they know it's going to be a pain. It's time to start focusing on quality, standards, real interoperability and verification.

Are metrics better accepted than in the past? Is there a payoff?

Certainly greater acceptance than there was a decade ago. Even still, the majority of shops can't even realistically get up to Level One on the [Capability] Maturity Model, which means they're not even dreaming about metrics yet. They still don't even have a repeatable process. Certainly there are those better shops that do use metrics, but they're still the exception.

Why do we have this productivity paradox? Why do they say we can't measure the payoffs of I/T investments? Maybe, in the grand scheme of things, we haven't created any payoff. We eliminated some level of activity because we eliminated some jobs and automated them. But at the same time, we've created all this work that has to be done patching this mess together. We waste a lot of user time too.

As managers look at pools of talent they're always looking for some hot new programming skill. There doesn't seem to be a system for capitalizing on the people we have.

I/T professionals snicker at those still using Windows 3.1 or an older version of something. That's probably a very wasteful thing to do. We do the same thing with our human resources. Most people leave this business within a decade or so. Our retention rate as an industry, not just as enterprises but as an industry, appears to be horrendous, perhaps not even one in three stay one decade after college. There is something radically wrong with how we're dealing with our people. Maybe it's in terms of personnel practices, but maybe it's something else. Maybe it's that they realize what a wasteful approach to managing information assets we have, and they just go on to something less chaotic. We have this 'go get 'em from overseas' [point of view], but we have a lot of talent here we haven't kept.

I have seen developers hang it up because they're sick of working on projects that get canned. Who's done a good job? Which companies have found new ways to work with people?

Well, we're seeing a lot of it in Y2K because it's basically boring, tedious work, even with tools. It's not an exciting project to those on the front lines making and testing repairs. Companies - Prudential, Wells-Fargo, L.L. Bean - are coming up with all kinds of innovative practices. I know of those because they are on the SIM Working Group with me. And I know a lot first-hand about the things they've done. But I'm sure there are many others; if you keep your teams on those projects, it's all you can do.

Money gets you only so far. You have to do other things and let people know that there's going to be a career ahead. A lot of companies are providing time off with paid training guarantees, various kinds of bonus programs - Chubb Insurance even set up a dedicated campus area for its year 2000 teams. There are a lot of practices being developed because of these year 2000 projects. A lot of them are just good human resource practices anyway.

Year 2000 has gotten wide publicity. The high priests of technology have been discovered by the world at-large. There's a lot of fear in that type of press coverage.

There sure is. But if you look at the studies of the public's confidence in different institutions, high-tech companies rate significantly higher than anything else. It's hard for the public to believe that the technology they've come to rely on - and little do they know to what extent they do rely on it; they're just starting to wake up to that too - is built upon this frail house of technical cards. It's hard for them to believe [it], and when they start to, they get very afraid. It causes them to question assumptions they have never questioned.

Year 2000 does that in a lot of ways, not just to the public at-large. It causes enterprises to question a lot of assumptions they've never questioned. It's no reflection on individuals. This doesn't mean we're bad. Basically, we're an industry totally out of control and with no adult supervision.

This is common in new industries. The problem is ours has proliferated and taken a major role in so many levels of our infrastructure, both technical and economic, that something as trivial as a date problem can basically put so much at risk. It's not just about financial systems, it's about communications, all kinds of medical devices, all kinds of manufacturing equipment, and that, in this short 50-year window of time, we've basically put this technology every place. The whole house of cards is at risk because of something that appears trivial at first glance - we left two digits out. It's going to be a rude awakening.

This is typical in the evolution of an industry. They're given some slack in the beginning because they're insignificant, and then there's growth and there are problems and then a reaction. If you take the extent to which this happens, it is usually a function of how many people the industry kills at a time.

We got along without seatbelts for many years.

Yes, because people are only killed one at a time or a couple at a time in a car. Trains, on the other hand, were early to be regulated because they killed a bunch of people at a time. So, it turns out the railroads were one of the first regulated industries, both in terms of track sizes and safety things like brake standards. If a train goes out of control, there's lots of property damage. Another one that was regulated fairly early was electronic appliances. The reason was that the insurance companies got involved because when electric appliances failed you typically had a fire, death and property damage. If you notice, every piece of electrical equipment in our lives has an Underwriters Laboratory tag on it. It doesn't say 'Electrical Safety' laboratory; it says 'Underwriters' because this was something that was initiated by the insurance companies. I think we're going to see something like this happen in our industry. The extent to which this is imposed on us will be a function of how much damage we do, and the extent to which we're able to begin doing some of these things for ourselves before lawyers and legislators get here. Because they're coming. Actually, they're already here. They're already messing with us. Y2K will just accelerate it.

I saw an ad for Y2K insurance while watching the football game last Sunday.

The legal issues are growing. We should be paying close attention to this. There is a bill that just passed in Congress that started out as the "Good Samaritan bill," now it's called the Year 2000 Information and Disclosure Act. Although it has some excellent things in it, such as a waiver of antitrust restrictions on sharing information within industries, I hope it doesn't have a "perpetrator protection act" for the enterprises that created this problem and refused to fix it.

So I/T managers will have to be more aware of legal problems that may arise?

It could happen externally - being imposed on us. But it boils down to the fact that we need better quality practices and we need to behave more ethically. If we were doing those two things - practicing good quality and following our own code of ethics as laid out by organizations like the ACM - we wouldn't have this mess.

What's the future for those vendors and consultants who have concentrated on the year 2000 effort?

I think it's something you'd have to consider on an individual basis. I/T has always been focused on solving the current problem or on installing the new cool thing. Most of them will know how to survive. A lot of the Y2K tools were just adaptations of tools that were there for other things, and some of the new tools are being adapted to do other things too. In general, the prognosis of our industry as a whole is good. But again, it boils down to individual cases. Some are just there for the short run, but for those who want a long-term place in this industry and are willing to play fairly and provide good products and services, there will be opportunities.