1. Column
  2. Checklist

Preparing for the Year 2000 issue.


Related
TOPICS
    Uncategorized Article


How to Prepare for the Year 2000 Problem

A strong intervention plan is necessary to avoid a catastrophic disruption in an organizations computer operations on January 1, 2000. Internal auditors and management can be better prepared by addressing the questions below. (For more on this subject, see pages 33-44)
 
ORGANIZATIONAL AWARENESS
Are all areas of the organization aware of the potential ramifications?
Has management communicated this awareness to employees?
Is the board of directors aware of the organizations vulnerability?
 
RISK ASSESSMENT
Is there an inventory of systems within the organization?
Has management conducted a detailed risk assessment for each system?
Is management able to identify the extent of the problem?
When could the first Y2K problem occur?
Has a risk assessment of the legal liabilities been made?
Has the risk assessment addressed business partners and their systems preparations?
 
RESOURCES
What financial resources are needed?
What staff and systems resources are needed?
Are there control procedures for outsourced or contracted services?
 
PROJECT PLANNING
Has a Y2K project been developed, written and communicated?
Have project standards been developed?
What priorities and timetables have been established?
Has overall responsibility for the project as well as for each segment of the project been assigned?
Are users actively involved in the project?
Have business partners been contacted?
Have vendors provided assurances that their products are in compliance?
 
TESTING
Has the information systems (IS) department developed a test plan for critical applications, systems software and communications?
Does the organization have an adequate test environment that mirrors the production environment?
Has the IS department conducted tests to ensure the Year 2000 compliance system can correctly operate both before and after 2000? This should be completed by the end of 1998.
Have auditors evaluated the test plan and planned to conduct an audit review of Year 2000 testing by the end of 1998?
 
MONITORING
Are reporting mechanisms in place to allow for periodic monitoring of the project?
Do senior management and the board of directors receive periodic updates on the status of the project?
What additional internal auditing requirements are needed?
Source: The Institute of Internal Auditors.


SPONSORED REPORT

Implementing a global statutory reporting maturity model

Assess your organization's capabilities and progress toward an ideal state of global statutory reporting. Sponsored by Workiva.

100th ANNIVERSARY

Black CPA Centennial, 1921–2021

With 2021 marking the 100th anniversary of the first Black licensed CPA in the United States, a yearlong campaign kicked off to recognize the nation’s Black CPAs and encourage greater progress in diversity, inclusion, and equity in the CPA profession.