Preparing for the Year 2000 issue.




How to Prepare for the Year 2000 Problem

A strong intervention plan is necessary to avoid a catastrophic disruption in an organizations computer operations on January 1, 2000. Internal auditors and management can be better prepared by addressing the questions below. (For more on this subject, see pages 33-44)
 
ORGANIZATIONAL AWARENESS
Are all areas of the organization aware of the potential ramifications?
Has management communicated this awareness to employees?
Is the board of directors aware of the organizations vulnerability?
 
RISK ASSESSMENT
Is there an inventory of systems within the organization?
Has management conducted a detailed risk assessment for each system?
Is management able to identify the extent of the problem?
When could the first Y2K problem occur?
Has a risk assessment of the legal liabilities been made?
Has the risk assessment addressed business partners and their systems preparations?
 
RESOURCES
What financial resources are needed?
What staff and systems resources are needed?
Are there control procedures for outsourced or contracted services?
 
PROJECT PLANNING
Has a Y2K project been developed, written and communicated?
Have project standards been developed?
What priorities and timetables have been established?
Has overall responsibility for the project as well as for each segment of the project been assigned?
Are users actively involved in the project?
Have business partners been contacted?
Have vendors provided assurances that their products are in compliance?
 
TESTING
Has the information systems (IS) department developed a test plan for critical applications, systems software and communications?
Does the organization have an adequate test environment that mirrors the production environment?
Has the IS department conducted tests to ensure the Year 2000 compliance system can correctly operate both before and after 2000? This should be completed by the end of 1998.
Have auditors evaluated the test plan and planned to conduct an audit review of Year 2000 testing by the end of 1998?
 
MONITORING
Are reporting mechanisms in place to allow for periodic monitoring of the project?
Do senior management and the board of directors receive periodic updates on the status of the project?
What additional internal auditing requirements are needed?
Source: The Institute of Internal Auditors.


NEWS

IRS sets start date for tax season

The IRS announced that tax season will start in late January and that it will issue refunds to taxpayers despite the partial shutdown of the federal government.

PODCAST

Why CPAs can’t wait on automation tools

What do accounting firms waiting on others to develop AI, automation, and data analytics tools have in common with a baseball fan sitting in a stadium filling with water at an exponential rate? The answer could determine your firm’s fate.