Have you stood up’ your Y2K command center?

By Steven C. Davis

President

DavisLogic, LLC

Simpsonville, MD

Q.How important has contingency planning been for year 2000 (Y2K) preparation?

A.We know now that we are all at risk of some level of Y2K disruptions. Despite massive investments in Y2K remediation, most organizations recognize that they cannot locate and fix all the "bugs" lurking within their internal systems, much less correct those residing in systems of their suppliers, distributors, service providers, and overseas partners.

As a result, by early 1998, many organizations began Y2K contingency planning designed to help them cope with potential failures. By late 1998, some organizations had even conducted exercises to test their readiness.

Many are still vulnerable to Y2K trouble

These Y2K exercises and simulations have underlined the fact that most organizations remain both vulnerable to multiple, concurrent disruptions of their primary operations and liable to lawsuits (from suppliers, business partners, and investors) and/or serious damage to their public image.

Indeed, as zero hour approaches, industry and government leaders recognize that Y2K disruptions — both major and minor — are likely to crop up for months and perhaps even years. Organizations that do not rise to the Y2K contingency management challenge are at risk of production disruptions and systemic failures that will significantly affect their ability to achieve their goals. For business and industry, that may mean lost revenues. For government, it may mean disruption of public services.

On the brighter side, organizations that do succeed in managing Y2K contingencies will find that the effort expended on this particular problem will provide substantial benefits far into the future by enhancing their ability to cope with all types of natural, technological, and terrorist incidents.

Q. What is the final step in contingency planning?

A. I am assuming you already have taken the fundamental steps to prepare for Y2K such as performing threat assessments of critical areas, then developing and training on contingency plans.

Now you are ready for the final step — you must establish an organizational entity to put contingency management theory into practice. It is time to "stand up" that Y2K command center.

The key to making your Y2K command center a success is to establish a center that is designed with enterprise contingency management as the goal. Therefore, the successful Y2K command center’s mission is to perform these functions:

Inform and alert.

The command center must both give and receive information. It is critical to inform everyone both within the organization’s system as well as throughout the entire supply chain about Y2K preparations and threats. It is equally important to undertake around-the-clock intelligence gathering to identify potential Y2K threats and provide prompt notification to crisis managers, employees, government, and the public.

Command and control.

The command center must provide the command and control functions necessary to put multiple contingency plans into action — triggering them as needed, providing the triage structure required to allocate resources and personnel, and ensuring effective direction of the response operations.

Verify and document.

The command center must create a mechanism to verify the steps taken to respond to a threat and preserve a record of those actions to protect employees, infrastructure, and shareholder value as well as demonstrate adherence to "best practices" by documenting all information received and steps taken.

But how will these responsibilities play out in the course of preparing for and responding to actual Y2K incidents? How, for example, will you offer key players around the world easy access to information on the status of preparedness, threat assessments, event alerts, and countless other elements to make informed judgments? How can the command center track personnel and other resources so they can be deployed at any time? How will you provide employees, executive, board, shareholders, and even the public, with a steady stream of information and updates about incidents and their resolution?

Put your team together

The command center is more than a place; it is the focal point of a complex, integrated process. For that process to work — for your command center to succeed — you must begin with two critical components: the command center team and the command center information system.

Q. How do you build your Y2K command center team?

A. The first step in establishing a Y2K command center is to develop a team. While this team should include Y2K project staff, a separate and dedicated team trained on contingency plans and command center procedures will be needed to effectively respond to the multitude Y2K issues that may develop.

Once the team is selected, it is responsible for establishing a Y2K command center following these steps:

• select a manager and cross-organizational team members;

• establish response teams;

• dedicate a command center location;

• determine physical requirements and layout;

• determine communication procedures;

• select and implement an information management system;

• establish documentation procedures for post-Y2K performance audit;

• exercise plans and procedures;

• activate the command center.

Q. How do you select the right command center information system?

A. The Y2K command center is ultimately a center for information management and decision making. Its primary purpose is to gather and process all of the information required to plan for and respond — quickly and effectively — to potential Y2K incidents.

The best-prepared Y2K command centers will be ones that have implemented an enterprisewide information system designed specifically for contingency management. It must be robust and flexible enough to perform numerous critical functions yet easy enough to use during a crisis.

More importantly, it must meet the mission objectives of your Y2K command center stated previously.

Viewing Y2K as an opportunity

This is clearly a big job but, with the right management approach and tools, your command center can do it successfully — saving your organiza- tion time, money, and aggravation every step of the way.

Y2K is a tremendous opportunity for contingency management to seize the day. If Y2K ends up having only a small impact on your organization, you will, nonetheless, have put responsible contingency management on the perceptual map for employees, management, executives, and shareholders.

The lessons you learn and steps you take right now will pay long-term benefits by helping you avoid the negative effects of everything from a minor workplace accident to a major fire or other emergency. And if Y2K does result in major consequences, your organization will have protected itself, its employees, and its shareholders from harm by ensuring continuity of your enterprise.

In either case, your organization’s experience in dealing with Y2K represents a unique opportunity to improve the way you manage all kinds of potential continuity threats far into the 21st century.

(For more information on contingency planning, visit the DavisLogic Web site at www.DavisLogic. com.)