Follow-up plan for handling the year 2000 problem in Norway

Follow-up plan for handling the year 2000 problem in Norway

SUMMARY

The year 2000 will entail problems of varying scope in most areas of society. Responsibility for dealing with year 2000 problems rests with the individual business or organisation. The year 2000 problem represents a management challenge and is not simply a computer problem.

The authorities take a positive view of action already taken in the private, municipal and public sectors to address the year 2000 problem. The objective of this follow-up plan is to promote attention to and increase awareness of the year 2000 problem in order for responsible persons in commerce and industry, the central administration and municipal administration to take the requisite action in time. Problems associated with society's vulnerability and preparedness in relation to the year 2000 problem are also at centre-stage. The authorities will assess the need for further measures on a continual basis.

Twelve measures are put forward in chapters 5, 6 and 7. Responsibility for their implementation lies chiefly in the ministries. The measures are:

  1. All central and local government agencies shall carry out status analyses, and prepare progress plans and contingency plans for the year 2000.
  2. All ministries and subordinate agencies shall have a year 2000 contact person.
  3. A year 2000 guarantee is to be required in connection with government purchases and contracts.
  4. Consequences in terms of dealing with the year 2000 problem are to be taken into account when considering changes in legislation and rules.
  5. The Storting (Parliament) shall be informed twice yearly of the progress made in addressing the year 2000 problem by the central administration, municipal sector and private sector.
  6. An Aksjon 2000 unit will be set up to help disseminate information and co-ordinate action taken by the central administration, municipal sector and the private sector.
  7. A basis will be prepared for information and competence upgrading for small and medium size enterprises in regard to the year 2000 problem.
  8. A year 2000 freephone will be established for information on the year 2000 problem.
  9. Short-term extraordinary training measures will be established to qualify people for tasks in connection with the year 2000 problem.
  10. Risk and vulnerability analyses will be undertaken in critical sectors in regard to the year 2000 problem.
  11. Crisis plans shall be drawn up for critical sectors to meet unforeseen situations at the turn of the millennium.
  12. If necessary, contingency drills shall be carried out in relevant areas.

1. BACKGROUND

On 16 January 1998 the State Secretary Committee for Information Technology resolved to draw up a plan to support action taken to deal with the year 2000 problem. This was in light of the serious problems that entering the year 2000 could create for Norwegian society. The extent and nature of the functional disturbances that may ensue is uncertain. Power supplies, for example, may break down completely, and infrastructural and other problems could arise in the wake of a collapse of IT systems central to our economic system.

On 1 January 1998 the Ministry of Trade and Industry was given responsibility for coordinating IT policy, including IT security in general. The Ministry of Trade and Industry accordingly drew up a follow-up plan based on initiatives from various ministries and private sector players. The Ministry of Labour and Government Administration has a responsibility for creating an awareness of and spreading information on the year 2000 issue in the central administration, as well as a responsibility for co-ordinating IT security in the central administration.

2. OBJECTIVE OF THE PLAN

The objective of the follow-up plan is to focus further attention and awareness on the year 2000 problem in order for responsible persons in the business sector, central administration and municipal administration to take the necessary action in time. A further object is to put problems associated with society's vulnerability to and preparedness for the year 2000 problem on the agenda.

Part of the plan (chapters 1 to 6) comprises measures to prevent problems arising after 2000, while remainder (chapter 7) comprises measures for handling unforeseen problems after the turn of the century (chapter 7).

The plan is intended to make the problem visible and to clarify responsibilities in general, as well as to provide information on steps already taken and to present new measures. Responsibility for new measures initiated by the authorities rests mainly with the ministries. The authorities will follow developments related to 2000 issues closely and assess the need for any further measures on a continual basis.

3. THE YEAR 2000 PROBLEM - WHAT IS IT?

The year 2000 problem is rooted in the fact that many computer programs store the year in a date as two digits instead of four. This goes back to the dawn of the computer age when memory was expensive and programmers saved space and money by using two digits for years, i.e. 98 instead of 1998. When the new century begins many computer systems will not function properly or will make mistakes in calculation because they are not programmed to tackle the transition from 1999 to 2000. For example, dates in the year 2000 will not be handled correctly because computers may interpret the transition from 99 to 00 to mean that year 00 is less than year 99 and go backwards in time to 1900 instead of forwards. Computer systems could stop functioning as intended with the consequences this will entail for the economy and preparedness.

Embedded systems are systems controlled by built-in electronic chips. Embedded systems are to be found in lifts (elevators), pumps, fire alarms, heating and cooling systems, modern cars, telephones etc. There are believed to be about 4 million electronic chips in Norway. It is not known what proportion of them have a year 2000 problem. Because of their large numbers and the time that has elapsed since many of them were installed, it could be difficult identifying them all. The fact that a chip does not work properly need not necessarily have serious consequences, but it could cause a large-scale system to come to a stop.

For the business sector, year 2000 problems could for example entail faults in security systems, production faults resulting from mechanical failure, or breakdown of purchasing and payment systems, faults in pay and personnel systems and delays as a result of faults in order systems.

Moreover, the year 2000 problem is also a vulnerability problem since faults in, say, aircraft computer systems, traffic control systems, power stations or in equipment at an intensive care ward could put life and health in jeopardy.

Tackling the year 2000 problem is a wide-ranging and resource-demanding task. The 21st century can not be put off and we have to be sufficiently prepared for the transition. The most important systems must have priority. It is a paradox that many of those who are most familiar with the year 2000 problem show the greatest pessimism as regards the situation we may be faced with on 1 January 2000.

IT experts on the year 2000 problem are expected to be in short supply, and signs of this are already in evidence. Leading consulting firms in Norway that specialise in year 2000 solutions have virtually no spare capacity until some way into the year 2000, and many IT posts remain unfilled. This could be a problem for firms that have left things late.

To handle the year 2000 problems satisfactorily it is not enough for an agency or business to have converted its own systems. Its operation depends on an array of infrastructure services and on its partners' and suppliers' ability to handle the transition to the new century and honour their commitments. When exchanging data, the supplier and recipient need common exchange formats, and may need to synchronise a switch to new solutions.

It is difficult to estimate the costs that year 2000 problems will entail. On a global basis the amounts will be huge and the financial consequences for the individual enterprise may be serious. In various quarters it has been asserted that the world economy can expect a downturn for a time while businesses give priority to resolving year 2000 problems rather than attend to other more productive projects.

4. RESPONSIBILITIES AND LEGAL ISSUES RELATED TO THE YEAR 2000 PROBLEM

The owner of an information system or an embedded system will in principle be responsible for bringing to light and remedying potential year 2000 problems. The year 2000 problem is a management challenge, not just a computer problem. For this reason responsibility for dealing with it must be assigned to the top management and executive board of the individual agency or business. The management will also be responsible for providing the requisite information in annual reports etc.

The year 2000 problem is in principle not a matter of force majeure. Failure to convert one's equipment will therefore hardly constitute grounds for exemption from legal responsibility towards customers. Questions of rights and duties in connection with purchase, sale, service agreements, guarantees etc., in connection with the year 2000 problem must in principle be resolved in accordance with the general legal rules governing purchases, guarantees and liability for damages.

The main statutes regulating contracts are the Contract Act and the Sale of Goods Act. The Contract Act deals with entry into contracts, validity of contracts, power of attorney etc. While the rules of the Contract Act governing entry into contracts may be dispensed with by agreement, the rules on contracts' invalidity can not be departed from. For example, a contract concluded on the basis of certain assumptions which subsequently prove to be wrong may be invalid. A contract may also be cancelled if enforcing it would appear unreasonable. Interpretation of contracts is to some extent based on notions of reasonableness and equity. Moreover, several rules of interpretation are applicable, e.g. that the preferred interpretation should be the one that is least burdensome for the promisor and that a contract or agreement should be interpreted in disfavour of a party who should have expressed himself more clearly.

While the Contract Act covers most legal issues regarding purchases, it is - as in so many contexts - not possible to resolve all legal issues by reading the legislation. Legal practice, business practice etc., are also of significance in disputes related to purchases. The rules of the Sale of Goods Act may be dispensed with by agreement, but not in the case of consumer purchases.

Responsibility for dealing with year 2000 problems rests with the individual business or agency. Hence it is important for each entity to review its situation in order to identify potential legal and economic problems.

An overview of legal issues of significance when dealing with year 2000 problems follows below:

  • When renewing standing contracts, businesses should carefully review changes in contractual wording in the light of the year 2000 problem.
  • Where goods already delivered are concerned the situation can be illustrated with an example: A computer supplier has delivered a computer system that is not year 2000 compliant. The question of who is responsible must be assessed in light of the purchase agreement and any warranty/service agreements. If the agreement does not regulate such matters directly, the following must be looked into: whether the supplier has made the customer sufficiently aware of the equipment's inability to tackle the start of the new century and whether he should have done so; whether the customer was aware of this fact when the purchase was made and whether the system could be expected to function after the end of 1999. The trade press has focused on the year 2000 issue for several years; suppliers who have delivered equipment in the last couple of years or so are generally presumed to have expected the system to function after the end of 1999. The time aspect here will depend inter alia on the equipment's nature, function and agreed lifetime.
  • Agencies and businesses should demand guarantees from their suppliers confirming that they have done what is necessary to ensure year 2000 compliance. This applies to all types of contract, for example contracts with regular suppliers and for one-off deliveries of technical equipment etc.
  • Where new standing contracts are concerned the question of year 2000 compliance must be regulated as exhaustively as possible, through for example year 2000 guarantees.
  • Relations with customers should be mapped. Does the firm deliver equipment that is not year 2000 compliant? Who in the event is responsible. Failure to ensure year 2000 compliance could entail a supply problem and liability vis-à-vis customers.
  • Agencies and businesses must consider whether omission to ensure year 2000 conversion of equipment could inflict personal harm or financial loss to third parties, and whether they might in that case be rendered liable.
  • In connection with the acquisition of businesses or parts of businesses it is important that agreements regulate any year 2000 problem that may arise. The buyer must assure himself that computer equipment is year 2000 compliant or be aware that action to ensure year 2000 compliance will have to be taken, which may entail costs.
  • Insurances should be examined to ascertain whether any liability vis-à-vis customers, financial loss in the event of disruptions etc., is covered. Insurance companies are keen to disclaim responsibility. A number of insurance companies have let it be known that insurances do not cover damage or faults in computer hardware and software in connection with the transition from 1999 to 2000.
  • When adapting computer equipment, agencies and businesses must be aware that computer software may be protected by law and/or agreement, so that only the seller/developer of the program can alter it.

5. FOLLOW-UP IN THE CENTRAL ADMINISTRATION AND MUNICIPAL SECTOR

5.1 Introduction

The central administration and municipal sector perform key functions in society. It is therefore essential that they are well prepared for the transition to the year 2000.

The year 2000 problem is a line responsibility and the ministries have a control responsibility in this field vis-à-vis subordinate agencies. The issue must be dealt with by the individual ministry and the individual agency, being the system owners and equipment owners. It is the system owner who is familiar with and best qualified to resolve any year 2000 problem.

The ministries must, as part of their control responsibility vis-à-vis subordinate agencies, draw attention to the problem in order for those responsible to take the requisite action. As regards state-owned subordinate companies, state enterprises etc. where the undertaking and its executive board are responsible for year 2000 issues, the ministries should put the year 2000 problem on the agenda using established management and other appropriate channels. Responsibility rests with each institution's top manager who must monitor year 2000 activities closely.

Responsibility for resolving the year 2000 problem at the local government level rests with the individual municipality. This follows from the fact that each primary municipality and county municipality is independent and politically controlled at the local level. There appear to be wide variations as regards the individual municipality's approach and progress in dealing with the year 2000 problem.

5.2 Existing activities in the central administration and municipal sector

  • Since 1996 the Ministry of Labour and Government Administration has striven to instill awareness of the year 2000 problem in the central administration. At the turn of the year 1996/97 the ministry made a survey of action taken by all ministries and subordinate agencies to deal with the year 2000 problem. The survey gave the impression that there was an awareness of the problem and that agencies are addressing it.

    In the period January - March 1998 the same ministry made a new survey of action taken by all ministries and subordinate agencies to deal with the year 2000 problem. The preliminary results of the survey were presented on 3 April 1998. The three main preliminary findings of the survey are:

    1. While there is increasing awareness of the year 2000 as a problem for the operations of central government, close to half of all central government agencies have yet to implement projects and measures to resolve the problem, or begun to plan such measures.
    2. Risk assessments and contingency planning are largely non-existent in agencies and ministries.
    3. Resources to do the job are already in short supply, and this situation will probably worsen in 1998 and the first half of 1999. In general the replies suggest that awareness of the year 2000 problem has grown since last year's survey. Even so only about 1/3 of the respondents have set up their own projects and appointed a project manager for the year 2000. Larger agencies are virtually the only ones to have performed risk analyses.
  • The risk analyses that have been undertaken relate almost exclusively to internally developed systems. Risks in connection with sub-contracts, the agency's own ability to deliver and systems containing embedded electronics have received scant attention. Respondents made virtually no mention of contingency planning. Only about 2.5% of all participants in the survey state that they have such plans. None of the major agencies have prepared concrete contingency plans.
  • The Ministry of Labour and Government Administration has asked all ministries to draw up plans for closely monitoring, through their agency management programmes for the years 1998, 1999 and 2000, the progress of year 2000 projects in their subordinate agencies, cf. letter of 4 December 1997.
  • The state-sponsored year 2000 Forum was established in 1997 and in December the same year was merged with the year 2000 Group which draws participants from commerce and industry. The year 2000 Group meets regularly and is an arena where public and private system owners, suppliers of IT equipment and software etc., exchange information on the year 2000 issue.
  • In April 1998 the Association of Local Authorities circulated a checklist/guide to municipalities and county municipalities on the year 2000 problem. Municipalities are encouraged to disseminate this to all levels of the local administration.
  • The Confederation of Norwegian Business and Industry (NHO) is inviting public sector representatives to top management conferences arranged at county venues for managers in the private and public sectors on the subject of security in connection with the transition to the year 2000. The focus will be on business preparedness for year 2000, on earmarking of budget resources and on getting responsible managers in businesses, state institutions and county municipal institutions, county council chairmen and county executives, municipal council chairmen and other senior local government officers to enter the arena.

5.3 New activities

Measure 5.3.1. Status analysis, progress plans and contingency plans in central and local administration

Measure: All central and local government agencies are to make a status analysis, and draw up a progress plan and a contingency plan for the year 2000. Reporting in the central administration will be through the usual channels. The sectoral ministries will report to the Ministry of Labour and Government Administration. Common reporting guidelines will be drawn up.

Responsible: Sectoral ministries. Ministry of Labour and Government Administration responsible for coordination and instigation.

Time schedule: First report 15 August 1998, thereafter twice yearly.

Agencies and institutions will make an overall analysis of and submit a status report on activities in regard to the year 2000 issue, and draw up progress plans for handling year 2000 problems up to the turn of the century. They must have a contingency plan for dealing with any failure of factors critical to their activity or with disruptions of major areas of society of significance for their activity.

Common guidelines for reporting must be drawn up. Reporting in the central administration will be through the normal channels. The sectoral ministries will report to the Ministry of Labour and Government Administration. Reporting in the municipal administration should be to the top administrative manager and political leadership in the individual primary and county municipality. Municipalities will also be encouraged to report on their work on risk analysis and contingency plans to the county governor.

The Ministry of Labour and Government Administration's survey of year 2000 preparedness at ministries and subordinate agencies has resulted in an overview of the position in the central administration as of the first quarter of 1998.

Measure 5.3.2. Year 2000 contact person

Measure : A year 2000 contact person to be designated in each ministry and in subordinate agencies. The contact person will help to co-ordinate activities and ensure a good flow of information

Responsible: Management at the individual ministries and agencies

Time schedule: Contact persons must be appointed by 15 May 1998 at the latest

Year 2000 contact persons are intended to promote good co-ordination of activities and a good information flow. The Ministry of Labour and Government Administration will co-ordinate any joint activities or information directed at year 2000 contact persons.

Measure 5.3.3. Year 2000 guarantees in connection with public purchases and contracts

Measure: Year 2000 guarantees to be requested in connection with public purchases and contracts

Responsible: All ministries, government agencies and enterprises in the municipal sector

Time schedule: Immediately

As a big customer the public sector should be utilised to encourage awareness, co-operation and involvement on the part of suppliers. The year 2000 problem already forms a natural part of tender and contract assessments in some contexts. Where public purchases and contracts are concerned, purchasing managers should in general request a year 2000 guarantee where it is natural to do so. The year 2000 problem should also be taken into account in relation to standing contracts that extend beyond the year 2000.

5.3.1. Consequences of changes in laws and regulations

Measure: Consequences for year 2000 compliance should be taken into account when considering changes in laws and regulations.

Responsible: Sectoral ministries

Time schedule: Immediately

Most agencies will face demanding tasks in resolving year 2000 problems, for example checking and rectifying large, specially developed IT systems. Consequences for the work on the year 2000 problem must therefore be carefully assessed when introducing and implementing changes in laws and regulations.

Even relatively small changes in the regulations may entail major changes in IT systems. Updating the systems can in some cases require large resources and entail unnecessary delays for the work on year 2000 compliance in agencies and businesses. For this reason resources must to the largest possible extent be channelled to dealing with the year 2000 problem in the critical period before and after the turn of the century.

Measure 5.3.5. Information to the Storting (Parliament)

Measure: Information twice-yearly to the Storting on progress made in dealing with the year 2000 problem in the central administration, municipal sector and private sector in connection with budget presentations.

Responsible: Sectoral ministries. Ministry of Trade and Industry has co-ordinating responsibility

Time schedule: First report in connection with the government budget around 1 October 1998, thereafter in conjunction with each budget presentation.

The Storting must be informed of progress made in addressing the year 2000 problem in the central administration, municipal sector and private sector through the annual budget bills and the revised national budget. The sectoral ministries are required to report on their own and subordinate agencies' position in regard to year 2000 in their ordinary budget proposals. The Ministry of Trade and Industry will prepare an overall report on action taken to overcome the year 2000 problem.

6. FOLLOW-UP IN THE PRIVATE SECTOR

6.1 Introduction

Many large firms in the private sector have long focused on the year 2000 issue and have come a long way in their preparations for dealing with the problem. It is worrying that the bulk of small and medium-size enterprises (SMEs)(1), which make up a substantial share of Norwegian commerce and industry, do not yet seem to have "woken up" to the year 2000 problem. There are many reasons for this, one of which is a lack of comprehension of the issue. The Confederation of Norwegian Business and Industry (NHO) has a wide-ranging information campaign directed at SMEs. By implementing further information campaigns aimed at raising awareness of the year 2000 problem at SMEs, the authorities can serve as a catalyst for ongoing activities.

6.2 Some central activities initiated by the private sector

Among several important initiatives in commerce and industry are the following:

  • The NHO has taken steps to instill an awareness of the year 2000 issue among member firms. It has initiated a wide-ranging information campaign directed at SMEs and is preparing various information material intended to get businesses to identify the problems, give a brief account of the computer problem, review their security situation and take a closer look at the legal issues.
  • The Norwegian Office Machine and Equipment Dealers Association (Norwegian acronym: KDL) operates information and public relations activities, and has drawn up simple aids for firms including one giving a "year 2000 definition and compliance requirements".
  • The Norwegian Standards Association recently published the booklet "Year 2000 compliance" in conjunction with KDL and the Federation of Norwegian Commercial and Service Enterprises. This is a guide for SMEs and is designed as an easy-to-read project tool.
  • It is in the interest of any firm to let its customers and partners know that it is addressing the year 2000 problem. The Oslo Stock Exchange recommends all listed companies that expect to spend a lot of time and resources resolving IT issues related to the year 2000 to give an account of their efforts, either in the annual report, interim reports or by other means. Companies are called on to do this during 1998.
  • For very many companies a natural channel for information on the year 2000 issue is the annual report. Limited companies are required to include in their annual report information on factors of importance for judging their position and result of operations that does not appear in the accounts. This includes circumstances arising after the end of the financial year (cf. Companies Act No. 59 of 04.06.76, section 11-12). One of the auditor's tasks is to see that this is actually done, and also that the company handles risk factors satisfactorily.
  • Many major companies and IT suppliers are focusing on problems in relation to customers and partners. To this end many system suppliers are carrying out year 2000 projects on customers' premises, engage in some measure of public relations activity and post product information on the Internet. A shortage of IT competence and steadily increasing demand for year 2000 consultants and equipment, lead system suppliers to anticipate problems in meeting customer needs.

6.3. New activities initiated by the authorities vis-à-vis the private sector

Information is important in instilling an awareness of the year 2000 problem. A series of information measures has been implemented under business sector auspices. The government supports these measures and is keen to supplement them in a positive manner. New measures initiated by the authorities are described below.

Measure 6.3.1. Establishment of an Aksjon 2000 unit

Measure: Establishment of an Aksjon 2000 unit that will assist in disseminating information and co-ordination between the central administration, municipal sector and private sector.

Responsible: Ministry of Trade and Industry in conjunction with sectoral ministries.

Time schedule: The unit to be established and operative by 1 June 1998 at the latest.

An action unit, named Aksjon 2000(2), is being set up to ensure that the work done on the information and guidance front is co-ordinated with the year 2000 problem in the central administration, municipal sector and the private sector. The unit will also contribute to spreading information, and will monitor and keep abreast of other countries' handling of the year 2000 problem. Expert- and working-groups will be set up as and when required. The Aksjon 2000 unit will meet regularly and submit quarterly reports to the Ministry of Trade and Industry. The unit should have its own website.

The Aksjon 2000 unit will comprise 10 key persons from the central administration, municipal sector and private sector. The unit will have a secretariat of three persons able to support its activities and information effort on a full-time basis.

Measure 6.3.2. Information project targeted at SMEs

Measure: A basis to be laid for measures designed to increase small and medium-size enterprises' understanding of and competence in dealing with the year 2000 problem.

Responsible: Sectoral ministries. Ministry of Trade and Industry has co-ordinating responsibility

Time schedule: Immediately

The authorities wish to support existing information activities and to facilitate information about the year 2000 problem. This will help to instil among managers a greater understanding of the year 2000 issue and how it should be handled by the individual firm. The Aksjon 2000 unit will be assigned an important role in this work. Information should be posted on the Internet and be transmitted through the established advisory service at the central and local levels. The project must as far as possible be co-ordinated with other existing measures in the private sector.

Measure 6.3.3. Year 2000 freephone

Measure: Establishment of a year 2000 freephone for information about the year 2000 problem

Responsible: Ministry of Trade and Industry

Time schedule: This service to be operative by 1 September 1998 and for a time after the turn of the century

An information hub will be established where consumers, private industry, the central administration and municipal administrations can obtain information on the year 2000 problem. This facility, in the form of a year 2000 freephone, will be hooked up to a business hotline ("Narviktelefonene") operated under the auspices of the Norwegian Institute of Technology and Innovation. The institute has the required infrastructure available and is a resource environment with experience from similar types of telephone services. Anyone calling the year 2000 freephone will have their questions answered, be referred elsewhere and/or be sent relevant information. The telephone will be staffed by operators familiar with the year 2000 issue and experienced in gleaning relevant information from various information channels. This service should be linked to relevant web pages.

Measure 6.3.4. Competence 2000

Measure: Establishment of short-term extraordinary training programmes to qualify persons to perform year-2000-related tasks

Responsible: Sectoral ministries. The Ministry of Trade and Industry is responsible for co-ordination and progress

Time schedule: Training to start on 1 August 1998 at the latest

There is already a serious shortage of IT skills. Many types of expertise are needed to deal with the year 2000 problem. A number of functions are of a relatively trivial nature, while others require spearhead competence. In order to increase the supply of qualified persons able to handle simpler 2000 tasks in the company sector, short-term training programmes are being implemented through government institutional channels and in conjunction with other course providers in the private and public sector. This will assist persons in obtaining extraordinary competence/special training which can be instantly used to deal with concrete year 2000 problems.

7. PREPAREDNESS IN CRITICAL AREAS OF SOCIETY

7.1 Introduction

Modern society is so complex that even minor disruptions of important social functions can have far-reaching consequences. Technical and economic developments that offer opportunities and challenges also increase society's vulnerability. Society's management apparatus, for example, depends on telecommunications for its efficiency, while the telecommunications network is dependent on a stable power supply. The power supply is in turn dependent on other central functions in society.

Most areas of society in Norway will be affected by the year 2000 problem to greater or lesser extent. This makes it essential to focus on reducing vulnerability in critical sectors, and to ensure that those who provide critical services subject to a high degree of vulnerability are aware of the potential consequences of disruptions. Awareness of society's vulnerability to disruptions in the supply of important goods and services must also be raised.

A key principle of civil preparedness is that each ministry is responsible for contingency measures within its specific area, including contingency planning in subordinate agencies. The Ministry of Justice has a sector-overlapping, coordinating responsibility in the civil preparedness sphere (based in a Royal Decree of 16 September 1994). Hence civil preparedness involves a wide variety of players.

7.2 New activities

Measure 7.2.1. Risk and vulnerability analyses for critical areas

Measure: Risk and vulnerability analyses of the year 2000 problem to be carried out in critical sectors

Responsible: Sectoral ministries.

Time schedule: Analyses to be completed in November 1998

The sectoral ministries have a line responsibility vis-à-vis subordinate agencies and supervisory bodies. Particular mention should be made of the allocation of public responsibilities in the following critical areas:

  • Health sector: Ministry of Health and Social Affairs
  • Energy production and supply: Ministry of Petroleum and Energy
  • Banking and financial sector: Ministry of Finance
  • Communications and transport: Ministry of Transport and Communications
  • Defence/defence systems: Ministry of Defence
  • Police, rescue service and civil defence: Ministry of Justice
  • Goods and services in the distributive sector, manufacturing, construction and shipping: Ministry of Trade and Industry

Agencies in critical sectors will carry out risk and vulnerability analyses in order to identify problems and draw up an action plan for progress towards the year 2000. Responsibility for implementation vis-à-vis the most important sectors rests with the sectoral ministries. Existing measures aimed at critical areas of society are dealt with in the attached annex.

Measure 7.2.2. Emergency plan for critical areas

Measure: Emergency plans to be drawn up for critical sectors to meet unforeseen situations at the turn of the millennium.

Responsible: Sectoral ministries.

Time schedule: Emergency plans to be drawn up by the spring of 1999

Based on completed risk and vulnerability analyses, each individual ministry is responsible for preparedness within its sectoral areas and will draw up an emergency plan for its area in spheres where this is necessary. Emergency plans must contain preparatory measures and measures for tackling unforeseen situations as and when they arise.

Measure 7.2.3. Preparedness drills

Measure: Preparedness drills to be carried out in relevant areas if necessary

Responsible: Sectoral ministries

Once the status for the various sectors has been ascertained, consideration should be given to the necessity of carrying out preparedness drills focusing on handling crises that could arise in important areas of society as a result of the year 2000 problem.

ANNEX

EXISTING MEASURES TARGETED AT CRITICAL AREAS OF SOCIETY

Examples of activities within important areas of society follow below.

Health and social sector:

  • The action plan for IT in the public health service for 1997-2000 states: "It is important that all institutions in the health sector review their systems and clarify whether this is a substantive issue for the institution and in the event take the necessary corrective action in good time before 31.12.1999".
  • The Norwegian Directorate for Product and Electrical Safety has taken an initiative to ensure year 2000 compliance of electromedical equipment. In January 1998 the Directorate launched a survey by circulating an enquiry to about 250 suppliers and about 95 hospitals. The closing date for replies was 1 April 1998. The Ministry of Health and Social Affairs will assess appropriate measures based on the results of the survey.

    As of 15 April 1998 the response to the survey was very poor; only 51 suppliers and 20 hospitals had replied. While the survey does not appear to have brought to light faults of a serious safety nature, faults in respect of dates and calculation of persons' ages do occur. On the whole suppliers take a positive view of helping hospitals to upgrade. However, the problem is sizeable and major suppliers claim that they lack the capacity needed to check all equipment and have replied that they will get back with more details in due course. Some hospitals have completed the process, and for a small number there will be no problems whatsoever. The Directorate for Product and Electrical Safety is still gathering information, and as soon as this reaches a representative level the data will be reviewed. The work will continue up to the turn of the century.

  • Selected state institutions will be asked by the Ministry of Health and Social Affairs to prepare plans detailing concrete milestones and financial resources geared to the challenge envisaged. These plans, signed by the top manager at each institution, should be completed by June 1998. The plans will be subject to a systematic follow-up by the ministry.
  • A circular on the problem is being prepared and will be sent to county municipalities and municipalities as well as relevant private enterprises in their capacity as institution owners. The circular will also be sent to the institutions in question. The circular will be prepared during the spring of 1998.
  • The National Insurance Administration launched a wide-ranging year 2000 project in 1997 which is scheduled for completion in the summer of the year 2000. This project will ensure that social security payments are unaffected by the year 2000 problem.

Energy production and supply

  • The Norwegian Electricity Federation has set up a steering group to address a number of issues concerning production and distribution security in connection with the transition to the year 2000. The object is to avoid potential harm to persons and property, or serious disruption of electricity supplies. All automated systems controlling the operation of waterways, power stations, switching stations and overhead line operation are potential problem areas. Alongside action to deal with the computer problem, extra energy supply preparedness must be developed. This extra preparedness will make it possible to control power supply systems manually at local level if parts of the power network or production system fail, or other faults arise. The Norwegian Electricity Federation and the Norwegian Water Resources and Energy Administration will cooperate closely to tackle any problems that arise.
  • The individual players in the petroleum sector have worked for some time on preventive measures to handle the year 2000 problem. In 1997 operators of on-stream fields set up the Y2k Oil and Gas Forum to strengthen and co-ordinate preventive efforts related to the year 2000 problem. The Norwegian Oil Industry Association supports this forum. The Y2k Oil and Gas Forum meets monthly. Its efforts are aimed at various groups of enterprises that supply goods and services to the petroleum sector.
  • In 1997 the Norwegian Petroleum Directorate started a programme to monitor the industry's implementation of measures related to the year 2000 problem that are required to safeguard people, the environment and economic assets - including uninterrupted operation and supply security.

Banking and the financial sector

  • The banking and financial sector has long focused on the year 2000 problem, and many major institutions and businesses have come a relatively long way in dealing with it.
  • Kredittilsynet (the Banking, Insurance and Securities Commission) issued to banks, life insurance companies and non-life insurance companies a circular asking them to improve their systems with a view to pre-empting year 2000 problems. Kredittilsynet has set specific requirements in that connection and asked for status report on action taken.

Communications and transport

  • Following an initiative by the Directorate for Civil Defence and Emergency Planning, the Norwegian Defence and Research Establishment in 1994 started a three-year research project entitled "Protection of society". Based on an overall assessment of society's vulnerability, the project found that three sectors in particular singled themselves out: telecommunications/IT, leadership/communication and power supply. It recommended further studies in these fields, especially telecommunications/IT and power supply in light of these sectors' mutual dependence. Against this background the Ministry of Justice, Ministry of Defence, Ministry of Transport and Communications and Directorate for Civil Defence and Emergency Planning have joined forces to take the project forward. In the first stage the focus will be on telecommunications/IT. The project is scheduled for completion by 1 January 1999, depending on funding. The project could provide important information about society's vulnerability to functional disruptions and dependence on necessary infrastructure, and form the basis for crisis prevention and, in the event, crisis management. The Ministry of Justice has formally asked the Norwegian Defence and Research Establishment to incorporate the year 2000 problem in the project.

(1) In Norway SMEs are seen as enterprises with less than 100 employees

(2) In english «Action 2000».

This page was last updated October 22 1998 by the editors