Preparing for the Year 2000 issue.




How to Prepare for the Year 2000 Problem

A strong intervention plan is necessary to avoid a catastrophic disruption in an organizations computer operations on January 1, 2000. Internal auditors and management can be better prepared by addressing the questions below. (For more on this subject, see pages 33-44)
 
ORGANIZATIONAL AWARENESS
Are all areas of the organization aware of the potential ramifications?
Has management communicated this awareness to employees?
Is the board of directors aware of the organizations vulnerability?
 
RISK ASSESSMENT
Is there an inventory of systems within the organization?
Has management conducted a detailed risk assessment for each system?
Is management able to identify the extent of the problem?
When could the first Y2K problem occur?
Has a risk assessment of the legal liabilities been made?
Has the risk assessment addressed business partners and their systems preparations?
 
RESOURCES
What financial resources are needed?
What staff and systems resources are needed?
Are there control procedures for outsourced or contracted services?
 
PROJECT PLANNING
Has a Y2K project been developed, written and communicated?
Have project standards been developed?
What priorities and timetables have been established?
Has overall responsibility for the project as well as for each segment of the project been assigned?
Are users actively involved in the project?
Have business partners been contacted?
Have vendors provided assurances that their products are in compliance?
 
TESTING
Has the information systems (IS) department developed a test plan for critical applications, systems software and communications?
Does the organization have an adequate test environment that mirrors the production environment?
Has the IS department conducted tests to ensure the Year 2000 compliance system can correctly operate both before and after 2000? This should be completed by the end of 1998.
Have auditors evaluated the test plan and planned to conduct an audit review of Year 2000 testing by the end of 1998?
 
MONITORING
Are reporting mechanisms in place to allow for periodic monitoring of the project?
Do senior management and the board of directors receive periodic updates on the status of the project?
What additional internal auditing requirements are needed?
Source: The Institute of Internal Auditors.


SPONSORED REPORT

Revenue recognition: A complex effort

Implementing the new standard requires careful judgment. Learn how to make significant accounting judgments and document them and collaborate with peers for consistent application.

TECHNOLOGY Q&A

How to create maps in Excel 2016

Microsoft Excel 2016 has two new mapping capabilities. J. Carlton Collins, CPA, demonstrates how to make masterful 2D and 3D maps in Excel 2016.

QUIZ

News quiz: Economy and health care changes top CPAs’ list

CPA decision-makers’ economic outlook and the House Republicans’ proposed tax changes as part of replacing the Patient Protection and Affordable Care Act received attention recently. See how much you know with this short quiz.