1. Column
  2. Checklist

Preparing for the Year 2000 issue.


Related
TOPICS
    Uncategorized Article


How to Prepare for the Year 2000 Problem

A strong intervention plan is necessary to avoid a catastrophic disruption in an organizations computer operations on January 1, 2000. Internal auditors and management can be better prepared by addressing the questions below. (For more on this subject, see pages 33-44)
 
ORGANIZATIONAL AWARENESS
Are all areas of the organization aware of the potential ramifications?
Has management communicated this awareness to employees?
Is the board of directors aware of the organizations vulnerability?
 
RISK ASSESSMENT
Is there an inventory of systems within the organization?
Has management conducted a detailed risk assessment for each system?
Is management able to identify the extent of the problem?
When could the first Y2K problem occur?
Has a risk assessment of the legal liabilities been made?
Has the risk assessment addressed business partners and their systems preparations?
 
RESOURCES
What financial resources are needed?
What staff and systems resources are needed?
Are there control procedures for outsourced or contracted services?
 
PROJECT PLANNING
Has a Y2K project been developed, written and communicated?
Have project standards been developed?
What priorities and timetables have been established?
Has overall responsibility for the project as well as for each segment of the project been assigned?
Are users actively involved in the project?
Have business partners been contacted?
Have vendors provided assurances that their products are in compliance?
 
TESTING
Has the information systems (IS) department developed a test plan for critical applications, systems software and communications?
Does the organization have an adequate test environment that mirrors the production environment?
Has the IS department conducted tests to ensure the Year 2000 compliance system can correctly operate both before and after 2000? This should be completed by the end of 1998.
Have auditors evaluated the test plan and planned to conduct an audit review of Year 2000 testing by the end of 1998?
 
MONITORING
Are reporting mechanisms in place to allow for periodic monitoring of the project?
Do senior management and the board of directors receive periodic updates on the status of the project?
What additional internal auditing requirements are needed?
Source: The Institute of Internal Auditors.


SPONSORED WHITE PAPER

Preparing the statement of cash flows

This instructive white paper outlines common pitfalls in the preparation of the statement of cash flows, resources to minimize these risks, and four critical skills your staff will need as you approach necessary changes to the process.

RESOURCES

Keeping you informed and prepared amid the COVID-19 crisis

We’re gathering the latest news stories along with relevant columns, tips, podcasts, and videos on this page, along with curated items from our archives to help with uncertainty and disruption.