« iepriekšējāTurpināt »
U.S. SENATE—Continuing OFFICE OF THE SERGEANT AT ARMS AND DOORKEEPER—Continuing
Senator BENNETT. All right. We now will go back to the Sergeant at Arms. They are about to make a chart presentation and, as I said, Mr. Casey, you need not feel quite as rushed as you might of before, because Senator Roth has come and gone. We appreciate your courtesy in allowing us to accommodate the chairman.
Mr. CASEY. It is not everyone who gets to be sandwiched in between Senator Warner and Senator Roth. That is not bad company, actually.
SERGEANT AT ARMS STRATEGIC PLANNING GOALS
Provide the Senate with a secure IT environment that protects sensitive information and ensures data integrity. Provide the Senate with: outstanding IT service and support -responsive computing and communications technology
- optimum use of emerging technologies, including internet
Establish a centralized procurement function which will assure performance that satisfies customers, protects Senate interests, and obtains best values.
I was just discussing at the moment of the break that we had four strategic goals that were assigned to us by the ongoing Senate strategic plan. That is that chart there. We reported to the Rules Committee on those goals the first week in February. I would be glad to make available to you the substance of our report on the progress of meeting that strategic plan, if the committee would like to have that
Senator BENNETT. Thank you. We will put it in the committee files.
Mr. CASEY. You will note the first of those goals, Mr. Chairman, is year 2000.
We can talk a lot about the organizational items in the Sergeant at Arms, but I think there are a couple of these items like year 2000 of particular interest to this committee, so let us get to that.
We feel there is no more important task for us to be successful at than making sure that the Senate is year 2000 compliant. Experts have suggested to us and we have ongoing consultants working with us on year 2000. They suggest that what is complicated about this particular problem is not the technical fix to either the hardware or the software, but the complexity and the enormity of the task of managing year 2000 compliance.
In Cetober 1996 we began using the GAO model, the five-phase rexfund model on how to approach the year 2000 problem.
The five phases are awareness, assessment, renovation, validathin, and, of course, the last one is implementation.
Phase 1 is awareness. That is what everybody has been doing, what we continue to do. We have got an ongoing outreach program to Senate offices not only to be aware of what the overall systems are, year 2000, but what unique applications they may have on their own systems that are year 2000 that they are going to have to take a look at as well.
We have an outreach page on Webster, so we are continuing to try to drive home the message to be aware of what is going.
We have identified in the second phase, our core business applications, our systems. We have done an inventory of our computers and our vulnerabilities, and we have prioritized their conversion and their replacement.
As a side note in response to a question asked by Congressman Saxton, the Joint Economic Committee has 77 computers in the Senate side, 28 of which are already compliant, 24 of which are compliant-ready, and 5 which are not, so that is his status. That comes about by the assessment phase that we have completed.
Phase 3 is renovation. Obviously, the renovation is the conversion, the replacement, the elimination of either the applications, the systems, or the hardware that causes the problem.
Our renovation strategy for four of the mission-critical statements is as follows. On the office automation networks and desktop computers, we will basically make them compliant through routine life cycle replacements, or BIOS upgrades.
In plain English, the vast majority of all of our desktop systems and computers will only require an upgrade on the software.
I notice everybody looking at that chart. That which is green is good. It is done. That which is yellow is not quite as good, but pretty good. It means that they are compliant-ready and they will be ready to take the upgrade. That which is red is bad. As you can see in the PC's and gateways, 15 percent are already completed.
In terms of numbers, Mr. Chairman, that is 1,370 of our PC's are compliant. You are right to say that in December we were at 63. We are now capable and turning PC's that are compliant-ready into compliant to about the tune of 500 a week.
The yellow, that which is compliant-ready, is the universe we are working on now, and the red, of course, is that which is noncompliant, which means they have to be replaced or retired.
And the MAC's you see up there, I know there are some MAC offices. Basically we have 15 MAC's.
Mr. CICCOLELLA. Twelve that are not compliant. The others are compliant.
Mr. CASEY. It is 500 a month, is how we are turning the compliant-readies.
Senator BENNETT. Do you have enough months? I guess you do. Ten months gives you 5,000, so you end this year with 2,200.
Mr. CASEY. We basically have 15 months to go.
Mr. CASEY. Laptops are the largest noncompliant area. Mainly that is because of the nature of the laptop. Laptops go places, go home, get in the car. They do not become the critical device that people use for computing. Basically the red is going to be replaced. Those are the 286's and 386's. We cannot make them compliantready. They will be replaced.
The file servers, the same situation there exists. We will replace 14 of them. We have got 8 percent already compliant, and the others are getting ready to be compliant.
In the core business applications, here we are talking about our financial management, legislative information, et cetera. Both Mitretek and GĂO tell us that this is where our greatest problems lie.
Our strategy here, however, is total replacement, and we are in the process of doing that. From a hardware perspective the necessary mainframe hardware upgrade has been accomplished and is being tested now, so it is the applications that we have to put on that hardware system.
Data and telecommunications networks are being addressed in a previously approved and previously funded 5-year plan, and generally they are compliant. As you can see there, there is a very small sliver at both the data network and the voice network where we have problems in the States, and the State PBX's and modems will just simply have to be replaced.
There are a couple of items up there. There is a large red box at the bottom. During the course of the assessment we basically isolated those things that are critical mission core functions. Those are the ones we are looking at now.
Obviously, when the year 2000 comes there will be some things that will not make it through the window. We would like to address them. We would like to take care of all that, but in terms of the red at the bottom, those are those that are nonmission critical. If we finish the rest of our mission-critical on-time, and the way we hope we can get it accomplished, we will be addressing those.
The last one up on top, core business _applications and mainframes, there was the issue of the Capitol Police. We found a patch, or a way to bring the Capitol Police's mainframe networks into compliance for the year 2000, so we found a way to fix that problem.
Phase 4 is validation. We are not there yet. And phase 5 of this program is the full implementation, or the use of contingent plans where necessary.
So currently we are in the process with Mitretek on board and GAO validating our methodologies to address the year 2000 issue. There are the numbers.
PREPARED STATEMENT I have a secret weapon as well. We hired a chief of operations, Mr. Chick Ciccolella, who comes to us after a distinguished career in the Army. He is a world-class manager. He has taken over the