AUDIT BaselineV4  FAST server based auditing - NOW there is NO EXCUSE for not auditing your PCs

So, what are the Accounting Profession doing about this?

What does the Year 2000 problem mean for small businesses?

Most people believe that the Year 2000 problem is mainly confined to mainframe and big company software systems e.g.; banks and insurance companies etc. The commonly held view is that it this "big business problem" doesn't affect small business systems and if it does, it is fairly easy to fix!

HOWEVER, there is a significant risk involved with desktop, notebook, workstation and fileserver systems for small businesses for the hardware aspects of the computer (Real Time Clock (RTC) and BIOS) PLUS shrink-wrapped packaged application and specialized software aspects. In addition, the user defined date fields in databases, spreadsheets present some further problems to be addressed.

The Year 2000 problem is widespread across every sized business, and government sector area and the small business sector area has a specific set of unique problems that have not been aired widely enough yet to get the message across. The accounting profession needs to become mobilised into action soon to enable their client base to Survive!

Specialised or "purpose built" (bespoke) software for the small business

Small businesses or Small Medium Enterprises (SME's) with "purpose built or bespoke software" e.g.; accounting packages, inventory systems, point-of-sale systems, membership systems, petrol stations, hardware stores, chemists etc. may be at risk with defined or limited date fields in their specifically built or tailored software.

Where the biggest level of risk lies relates to the ability of the small business to identify the problems inside the specialised software. SME's may have difficulty locating their "specialist software programmer" to rectify or upgrade their software (the programmer may have sold their business, merged or ceased trading) and this could have disastrous consequences as the SME relies on the software for daily business activities.

Another area to consider as a potential risk, relates to where SME's are linked electronically using EDI trading with other partners - e.g.; if the SME "passes incorrect date or data formats" to their suppliers/customers and affect their partner systems then this may bring a liability problem when systems cannot read or interpret the inbound data files incorrectly.

When are these problems going to arise?

These issues will start surfacing as major problems during 1998 and 1999. (Some trading businesses have already experienced problems during 1997 with credit card expiry dates for the Year 2000 in their own software causing the system to crash or hang! (The software wouldn't recognise '00' and said the card was expired resulting in manual card handling rather than keyed/swiped)

What are the Corporate governing bodies saying?

In Australia the Australian Securities Commission is watching the scene closely for SME's as they will be focusing on directors who fail to take appropriate action where business continuity has been affected by Year 2000 issues. The ASC said recently that they may take action against directors in this regard.  If the business entity fails due to failure to rectify Year 2000 date problems then this could also spin off to accountants and lawyers and other para professionals in terms of advising their clients.

The Australian Stock Exchange has instructed ALL listed companies to report to the Stock Exchange by 30th June 1998 the level of exposure that they have on Year 2000 and the efforts being undertaken by the organisation to rectify the matter and limit their exposure..

Australian Banks are now insisting on Year 2000 commentary from directors and owners about the SME efforts with Year 2000 compliance amongst their accounts where loans and overdraft facilities are advanced.

Insurance companies are starting to limit their level of exposure by adding Year 2000 exclusion clauses.

The Accounting Profession needs to "step-up-to-the-plate"

Most accounting firms (certainly the "Big 6") are focusing on the larger client base and providing specialist assistance on Year 2000 as part of their "audit services or technology services" approach.

However, the SME sector seems to be largely ignored as they are "too small" to look after other than for tax and end-of-fiscal-year accounting. This is a foolish move as most accounting practices derive their fees from these smaller enterprises and if these businesses go bankrupt or fail then the accounting fee structure will dry up very quickly for these accounting firms forcing secondary recessions in their area.

The economic ripple effect on taxation, local government and other utilities and services as result of the failure of these SME's  is un-quantifiable in monetary terms.

For the SME's to survive and in turn the accounting profession who service these clients, then the accounting profession should be taking a more pro-active role to assist these businesses with their Year 2000 efforts.

This means a more hands-on approach to the local SME's computing needs and requirements. In most instances the local SME will not have the IT skills to service his own needs, hence will need to rely on outside assistance.

Congratulations to all those accounting firms and practices who are already using a hands-on approach for their clients with regard to Year 2000, however indications are that there is a LARGE proportion of the accounting firms who still haven't grasped the overall magnitude of the problem and are unsure how or where to tackle the issues head-on in their own premises or in their clients premises!
 
Some simple steps that can be taken are;

STEP 1

NOW IS THE TIME LIFT YOUR AWARENESS LEVEL, by starting the testing process at the desktop level as soon as possible!   This is to ensure that you allow adequate time to conduct your own risk assessments that may follow with decisions to arrange for upgrade, replacement or retirement of the hardware and software systems currently in use.

********* YOU NEED TO CHECK EVERY PC!  ***********

To find out why you need to check every PC try out the 3 FREE tests provided with Year 2000 software which can be downloaded at;  http://www.pcprofile.com/survive.htm

You can now obtain FREE Year 2000 testing software (designed and built in Australia) that will perform 3 key tests on your Windows based PC to see whether it will Survive the Year 2000 date problem.

You might also find out using this software that some new PC's being sold in the market are NOT Year 2000 OK!!!!!!!!   (It depends on your supplier and the source of components)

After you have tried out the 3 FREE tests provided with Year 2000 software which can be downloaded at; http://www.pcprofile.com/survive.htm.    you should consider the full 8 tests that are available for a nominal registration fee. Larger sites qualify for substantial discounts on this price.

STEP 2

Whilst you are at the desktop you should also conduct a FULL software inventory to help you track down all installed software. One problem you might discover relates to illegal software installed and in use on your PC's. To find out more about the issues regarding illegal software and the Year 2000 have a look at; http://www.pcprofile.com/yr2killg.htm  Illegal software gives you no level of protection or upgrade path where you need current software to run your business.

Software Inventory System  provides wide ranges of software audit tools for desktops, notebooks, workstations & fileservers to aid Year 2000 assessment .
 
A useful tool that can accurately list the installed software on each desktop PC is AUDIT-Manager which comes with comprehensive instructions on how to identify and evaluate the results of a desktop audit. Details are listed at http://www.pcprofile.com/auditm.htm

STEP 3
 
You need to locate all the data files and spreadsheets/databases that contain dates that are likely to be impacted by Year 2000 issues. The only effective way to do this is to use a tool such as DatefindDb See http://www.pcprofile.com/y2kdn.htm
 
 

The full Year 2000 PC desktop risk analysis phase entails;
 

1. undertaking a FULL software inventory of all applications to establish WHAT software is installed on each PC at your local level.
2. understanding HOW each COTS software application interprets  2 digit year formats in fields, databases, spreadsheets etc.
3. understanding how each COTS software application handles  transferal of ASCII two digit fields BETWEEN other software applications that interface together e.g.: Foxpro exporting to Excel or  Lotus etc.
4. examination of the occurrences of two-digit and "spurious" (9/9/99 etc.) date formats in databases, spreadsheets, and other files including Electronic Data Interchange (EDI) files .
5. critical examination of software applications described as "bespoke" or "purpose built" as these are likely to  present a much bigger risk.
6. risk assessment of the magnitude of the entire enterprise PC  problem. (which is a much bigger task than all the RTC/BIOS debates still going on at the moment)
7. on-going training of end-users and in-house programmers to ensure that ALL date fields and computations are based around input of dates as 4 digit year/century formats FOREVER!
8. specialised contract clause creation in applications (VB/Access etc.) that are let to tender or specified for "bespoke building" that stipulate Year 2000 compliance e.g.: GL systems, Inventory systems, POS/warehousing systems etc.

 

Year 2000 PC risk assessment checklist.
 

1.    Test the hardware, for RTC and BIOS handling of Year 2000 and Leap Years
2.    Inventory all your software by identifying application packages
3.    Understand how your software in the inventory list handles two digit dates
4.    Assess the risk and merits of retain/upgrade/replace (both hardware and software)
5.    Identify bespoke software/purpose built software - this may present special problems of its own!
6.    Inventory legacy data (spreadsheets/databases etc.
7.    Identify the mission critical software applications (in points 2, 3 & 5)
8.    Then get on with the BIG task of assessing and rectifying all the mission critical legacy data
       taking into account which applications you settle on as being the future apps to process the legacy
       data and how they handle two digit year fields that you might import/export should you upgrade!
9.    Train users in correct use of date fields!
10.  Be prepared to repeat steps 6,7,8 & 9 over a long period of time as users can still fall back into
       old habits of using dd/mm/yy (I'm an Aussie!) UNTIL such time as Microsoft etc. put some
       "smarts" into  their apps to WARN the user when they regress!
 
ARE YOU?

Looking to manage your software compliance and auditing better than at present? See PCProfile
 

Get on with the task.
There are NO quick and easy, NO SILVER BULLET SOLUTIONS
to this BUSINESS SURVIVAL problem!

The Accounting profession has a responsible part to play in the effective survival of their own clients, their own business practice, the economy, taxation systems etc. and now is the time for action!