What a circus!

There are many people who viewed the whole Y2K scenario with an enormous amount of suspicion. Given the evidence, it's hard to blame them

Was it really only a year ago that we were frantically working day and night to ward off the millennium bug? Rightly or wrongly there are many people who view the whole Y2K scenario with an enormous amount of suspicion. Given the evidence, it's hard to blame them. After all, here was a supposedly "far seeing industry" that didn't see the Year 2000 coming. Having spent £20bn averting the crisis the nation discovers, in the Y2K post mortem, that it is no better off than countries like Italy, which spent a tiny fraction of that money, yet wasn't plunged into darkness.

But a lot of hidden benefits have actually come out of the whole exercise. If anything, Y2K forced IT departments to take stock of themselves. For the first time ever, some companies discovered how much hardware and software they actually had. They established comprehensive records of who was using which applications and in which versions, a complete inventory of hardware and, of course, some idea of how much undocumented code there was in their system.

The Y2K crisis allowed IT managers to take control of their departments again. It gave them a better idea of where the money was going and how it could be spent more wisely. If Y2K taught us anything, it is that we spent too much money on PCs, for no great return, said one IT manager, who added that in future his company will hold onto its PCs a lot longer before it upgrades.

Indeed, it is arguable that Y2K actually strengthened the IT director's hand. Steve Hampson, a director with SAP consultancy Diagonal, is one who believes this to be the case. "It's a boardroom issue now. It should always have been really, but the millennium bug suddenly made everyone become an expert on IT," he says.

For companies like Diagonal, the more people on the board who take an interest in IT, the better. Granted, post-Y2K they have seen a slowdown on IT spending by customers, but that is less to do with a Y2K backlash than the "fluffiness of the e-commerce sector". "The next big project after Y2K would be e-commerce, but that's been so volatile, with so many companies crashing and burning, that people are waiting for the dust to settle," says Hampson. The millennium, he insists, has not changed thinking on IT spending and a lot of good things came out of it.

Change for the better

Tom Mannix, the US-based IT director of Guardian Life Insurance, says things have changed for the better. Mind you, it is an experience he says he never wants to live through again. But the main advantage is it has given the company a framework for a system of working that will make sure the company will never be so disorganised again. "Y2K laid the ground work for a new era of organisation," says Mannix.

From now on no one within the company will be able to alter or upgrade an application without documenting exactly what they have done. One of the positives to come out of Y2K is that years of accumulated rogue code should have been eliminated. The source code in many companies had been updated and patched so many times that nobody knew how one Y2K-related change would affect a previously smooth process.

Another revelation that compliance testing revealed was that the inventory of hardware was about as accurately recorded as source code. The story about the major corporation that thought it had 50,000 PCs, only to discover the real figure was nearer 75,000 when forced to carry out an audit, is as apocryphal as any other Y2K anecdote.

Towards the end of this year those who did the most comprehensive studies of their inventory could begin to get a return on their investment. The two big projects mooted for this year, should they ever get off the ground, are e-commerce and a Windows 2000 upgrade. Both require considerable amounts of groundwork that the millennium projects might have already covered.

"The companies that did the best audits around Y2K are the ones that will be able to enjoy the benefits of a Windows upgrade soonest," says Olivier Thierry, vice president of product management for NetIQ, an inventory management company. "Before you attempt any sort of upgrade, you need to know what hardware and software you have out there, what operating systems you have and what your IT infrastructure is capable of running," he says.

This, he admits, depends on how disciplined IT departments have been in keeping track of their inventory. A lot will have changed at some companies between now and last December. "One ASP I know has 5,000 servers now, but will have 50,000 by the end of the year. What configuration changes will have taken place by then? The manual work needed to keep up to date is incredible," says Thierry.

The Y2K audit is a solid foundation but it needs to be built on before major upgrades are attempted, because too much time has passed since Y2K, when the last snapshot of the IT landscape was taken."Companies really need to build on that by doing a full audit now," says Thierry. Of NetIQ's global customer base of 500, 80% of them are prepared to upgrade to Windows 2000, he says, and this would not have been possible without Y2K.

Another area of improvement, post Y2K, has been the quality of project management. The scale and intensity of Y2K operations has been a crash course in management control. Though business should always be the driver of project work and IT the enabler, warns Hugh Stewart, managing director of services company Calleo UK, the lesson of Y2K was that sometimes IT work must take precedence in order to achieve a business objective.

"If organisations are not plugged into the very real correlation between business and IT they will lose," says Stewart. Y2K has made companies wiser to getting value for money from IT, he reports. Executives should be keenly aware of where they stand with their projects, and the uniform application of this procedure has added credibility to the IT department's efforts. At the same time, they need to develop a consistent methodology for managing large IT projects. This means incorporating repeatable best practices, such as the best methods for reporting status, putting together a project plan and designating individual responsibilities.

Communication between different departments is another aspect of business that, arguably, has been honed by the Y2K crisis. The relationship between IT and business staff and their roles was exposed to an unprecedented extent by Y2K.

On the other hand, the IT department got an enormous insight into the rest of the business. Working on Y2K contingency planning with business people helped the IT group realise how intertwined the two worlds are.

Y2K strengthened the relationships between partners too. Hugh Kearns, managing director of Y2K consultants Carpathia was issuing dire warnings at the end of last year about the impending chaos we were all about to be plunged into. One of his bug bears, apart from the lack of government money being thrown at Y2K (presumably £20bn wasn't quite enough) was that the supply chain would be particularly vulnerable. The logic was that the weakest companies in the supply chain would affect everyone else, so everyone should be brought up to scratch.

As Kearns said at the time, "Some companies will be in so much trouble they'll go under. Others will be severely wounded. If you have your wits about you could buy into your supply chain." One year on, and the supply chains of most companies are poised to be automated, thanks to people like Kearns, who did much to frighten companies into compliance.

Moratorium on IT spending

After Y2K, there seems to have been a moratorium on IT spending. The suppliers of IT goods and services have been devastated by this. Computacenter, one of the UK's most successful services companies, has seen its shares go into freefall. The German software giant SAP, which is the world's biggest enterprise resource planning supplier, saw its sales suddenly flattening off. Profit warnings to the City are an almost daily occurrence in the IT sector.

There are several explanations advanced for this. "In the run up to the year 2000, you could sneak practically any expenditure past the accountants if you said it was for the Y2K compliance project," says one project manager at a large pharmaceutical company. "Maybe there's been a backlash against that. Mind you, having said that, you can always get expenditure signed off these days if it is 'urgent for the e-commerce project'."

At the beginning of this year there was a feeling from some quarters that the exaggerated claims of the IT industry had been exposed. One electronics company even took consultants to court over what it claims were highly overstated warnings of the danger of Y2K. It appointed law firm Masons to try to recover the £400,000 it claims it was conned into spending on a new system that was totally unnecessary.

The passing of Y2K was supposed to have released a great flood of IT projects. It hasn't. Possibly, this is because so much money was spent last year that budgets have been trimmed. It's more likely that most companies have decided to build on the good habits that the crisis taught them and that next year will see the most controlled roll out of projects ever seen in the business.

It could become an annual event. Don't laugh, but there are people still prepared to argue that the millennium meltdown hasn't even started yet. The year 2000 was a breeze compared to the turmoil that will be caused when we move into the year 2001. Fasten your seatbelts and prepare for a rough ride.

Five good habits you could adopt to benefit from Y2K

  • Put a procedure in place that documents all bespoke code developed by your employees. Anyone who fails to do so should have to pay the wages of the contractors who get called in.
  • Stay on top of your inventory. Having gathered all that information together at great expense, don't lose count of your hardware and software. You will need it soon if you decide to upgrade to, say, Windows 2000.
  • Y2K at least improved the profile of IT at work. Now everyone knows who you are, build on those relationships to improve your standing at work.
  • The whole millennium project will have forced people who took part in it to have improved their project management skills. Don't let this slip past it's a valuable skill. You should now have a more disciplined approach to maintaining a consistent methodology, more regular and understandable status reporting skills (so everyone knows where they are with a project) and a finely honed sense of adhering to best practices.
  • The fact-finding mission extended not just to your own IT architecture, but those of your partners and suppliers. You were forced into working better with suppliers to maintain system compliance. This is something you will build on as business-to-business supply chain e-commerce projects are rolled out.

Negative aspects: the Y2K backlash

The fixes have caused unexpected problems for some companies. Here are some of the pitfalls that companies have already encountered as well as some that loom on the road ahead:

  • Too little return on investment on Y2K makes it harder for IT departments to get projects funded in future.
  • Some companies used patching or windowing techniques to make it through the rollover (to fool the computer into thinking the century hasn't turned). These windowed dates take systems up to 2029.
  • There is a backlog of application development projects. Companies that focused on Y2K to the exclusion of everything else may find themselves at a competitive disadvantage.
  • Security. Analyst firm Gartner Group has warned that electronic theft exceeding $1bn could occur by 2004 at a single organisation or company, because of "trap doors" left open intentionally by programmers and consultants who had access to sensitive areas in corporate systems during Y2K remediation.

Read more on IT risk management