1. In resolution GC(42)/RES/11 on "Measures to address the Year 2000 (Y2K) issue", adopted on 25 September 1998, the General Conference urged Member States "to share information with the Secretariat regarding diagnostic and corrective actions being planned or implemented by operating and regulatory organizations at their nuclear power plants, fuel cycle and/or medical facilities which use radioactive materials to make these facilities Y2000 ready". The General Conference encouraged the Secretariat, "within existing resources, to act as a clearing house and central point of contact for Member States to exchange information regarding diagnostic and remediation actions being taken at nuclear power plants, fuel cycle and/or medical facilities which use radioactive materials to make these facilities Y2000 ready", urged the Secretariat "to handle the information provided by Member States carefully", and requested the Director General to report to it at its forty-third (1999) regular session regarding this resolution. This report - an updated version of a report considered by the Board of Governors in June 1999 - has been prepared to fulfil this last request from the General Conference.

2. The General Conference emphasized in the resolution that, "if they have not already done so, Member States should take all necessary efforts to have contingency plans in place at operating and regulatory organizations well before 31 December 1999 in order to handle potential problems which may arise at that time at those nuclear facilities".

3. On the subject of the Y2K computer system problem, the fifty-third session of the United Nations General Assembly adopted resolution A/RES/53/86 on 7 December 1998 calling "upon Governments, public and private sector organizations and civil society to share locally, regionally and globally information about their experiences in addressing the year 2000 problem", and requesting the Secretary-General to take steps to ensure that all parts of the United Nations system take measures to ensure that their computers and equipment with embedded microprocessors are year 2000 compliant well before the target date by drawing up a plan of action for the United Nations system. The United Nations General Assembly also requested the Secretary-General "to ensure that the United Nations system closely monitors actual and potential sources of funding to support the efforts of the developing countries and countries with economies in transition to address the year 2000 problem, and to facilitate the dissemination of relevant information on those funding possibilities to the Member States". The General Assembly urged, in the resolution, "all Member States to emphasize the importance of contingency planning and to develop such plans to address the potential for possible large scale failures in the public and private sectors".

4. Following the adoption of resolution GC(42)/RES/11 by the Agency's General Conference, the Director General asked the Secretariat to draw up an action plan to assist Member States in addressing the Y2K issue by compiling information, developing documents providing guidance for the identification of potential Y2K computer system problems, together with suggested remedial actions, and by offering a forum for information exchange. The Agency's Action Plan, as contained in document GOV/INF/1998/24, was presented to the Board of Governors at its November 1998 session. The Action Plan presented, in addition to measures requested by the General Conference, measures to address potential difficulties in the Agency's own operations during the transition to the year 2000 and other critical dates, as well as possible assistance to Member States in this area. The plan mentioned the Secretariat's intention to address the Y2K problems at research reactors and waste management facilities in addition to nuclear power plants, fuel cycle facilities and medical facilities which use radioactive materials.

5. Owing to the importance and urgency of the safety related matters addressed in resolution GC(42)/RES/11, the Secretariat submitted two documents to the Board of Governors for its consideration at its March 1999 session, one on safety measures to address the Y2K issue at nuclear power plants and research reactors and at radioactive waste management facilities (GOV/1999/12), and another document on safety measures to address the Y2K issue at medical facilities which use radiation generators and radioactive materials (GOV/1999/13).

   THE Y2K ISSUE AND MEMBER STATES

6. The steps that the Secretariat initiated to assist Member States in addressing the Y2K issue concerned:
   • The development of guidance documents;
     
   • The exchange of information and experience with and between Member States;
     
   • Assistance and services to Member States; and
     
   • Communications with Member States.

7. It must be emphasized that it is for each Member State to evaluate the information received from the Secretariat and make its own independent judgement as to the value and applicability of that information with regard to Y2K compliance in that Member State and that, accordingly, the Secretariat cannot accept any responsibility or liability as regards the use by Member States of any information received from the Secretariat relating to the Y2K issue.

   Nuclear Power Plants and Research Reactors

8. The Secretariat sent letters to Member States on 22 September 1998 on the potential impact of the Y2K problem on nuclear power plants and research reactors worldwide. National regulatory authorities were requested to complete a questionnaire on actions being taken in their country on this issue.

9. The Agency published a guidance document entitled Achieving Y2000 (Y2K) Readiness: Basic Processes issued as IAEA-TECDOC-1072 and also accessible in electronic form on the Agency's WorldAtom Y2K Internet site. Compiled by a team of international experts, the document is intended to help operators of nuclear power plants and research reactors and managers of other types of nuclear facilities who have embarked on Y2K programmes to discover, understand and solve Y2K problems. The document is based mainly on existing international experience in this field and covers such topics as:
   • Initial assessment, including inventory, of all potentially affected software and embedded systems;

   • Detailed assessment of each item to evaluate failure modes and how they will perform following each of the several Y2K critical dates;

   • Remediation;

   • Y2K final testing and validation of inventory items;

   • Contingency plans.

10. At the end of January 1999, the Secretariat held a five day workshop on the use of this guidance document within the framework of a technical co-operation project in the European region on nuclear safety regulatory and legislative infrastructure (RER/9/052). The workshop was attended by 40 participants from 27 countries. Assistance in the organization of the workshop and the services of lecturers were provided by the United States Department of Energy. Eighteen training modules and supporting information from the workshop are available in English and Russian. The information is accessible in electronic form on the Agency's information WorldAtom Y2K Internet site.

11. By the end of July 1999, 21 Member States with nuclear power plants and/or research reactors had responded to the questionnaire sent out by the Agency on 22 September 1998, namely Armenia, Bulgaria, Canada, the Czech Republic, Finland, Germany, Hungary, India, Indonesia, Japan, the Republic of Korea, Mexico, the Netherlands, Pakistan, Slovakia, Slovenia, Spain, Sweden, Ukraine, the United Kingdom and the United States. Information was provided by these States on measures taken or planned, guidance documents, information received from nuclear power plants, problems identified in nuclear power plants, and contingency plans.

12. All of these States have taken measures and have Y2K readiness programmes in place, with a schedule to complete all actions needed to demonstrate Y2K readiness by the latter part of this summer. One Member State had already begun implementing its Y2K readiness programme in 1996, four States began in 1997, and the other 16 States began last year.

13. With regard to Y2K guidance documents, some Member States have prepared documents of their own; others do not have their own guidance documents, but have recommended those from the United Kingdom and the USA to the operators of their nuclear installations. In general, Member States that do not have specific Y2K guidance documents either have detailed plans whose implementation is controlled by their respective nuclear regulatory authorities or have recommended the Agency's Y2K guidance document to the operators of their nuclear installations.

14. According to the information received to date from the 21 Member States, two of them did not identify any Y2K related problems in their nuclear installations, some are currently conducting investigations in that regard, and the others have identified Y2K related problems which are not safety related but which could affect the continuous operation of the nuclear installations in question. The complete information provided by each of these States has been made available on the Department of Nuclear Safety's Web pages and is accessible through the Agency's Y2K Web site. Active contacts are being pursued with those countries which have Y2K readiness programmes in place but have not as yet provided any information to the Agency.

15. A group of international experts assembled by the Secretariat developed a document entitled "The impact of the year 2000 issue on electricity grid performance and nuclear power plant operations in Bulgaria, the Russian Federation and Slovakia" (issued as IAEA-TECDOC-1095). The document addresses the potential for grid instabilities and their influence on nuclear power plant operations. It is intended for operators of nuclear power plants and electricity grids in Central and Eastern Europe and in the Commonwealth of Independent States. The Secretariat will hold a workshop on the Y2K issue at the interface between electricity grid performance and nuclear power plant operations from 13 to 15 September 1999 in Sofia, Bulgaria. The purpose of the workshop will be to enable senior representatives of national and regional electricity grid authorities and of nuclear power plant operating organizations to exchange information on their Y2K readiness. The workshop is being held within the framework of a technical co-operation project for the European region (RER/4/011) on improving nuclear power plant operation management.

16. The Y2K issue in nuclear power plants was taken up at a specialists meeting convened by the Secretariat from 6 to 8 October 1998 in Garching (Germany) on "The Design and Assessment of Instrumentation and Control Systems in Nuclear Power Plants Coping with Rapid Technology Change", and at a meeting from 17 to 19 November 1998 in Vienna of the Agency's International Working Group on Training and Qualification of Nuclear Power Plant Personnel. Reports from these two meetings have been taken into account in the implementation of the Agency's Action Plan.

17. The Secretariat has designed an assistance programme consisting of missions to specific nuclear power plants and research reactor sites to assist the operators in setting up and implementing an organized Y2K readiness programme in accordance with the guidance document (IAEA-TECDOC-1072). The objective is to help in developing a facility inventory and databases that can be shared by participants in the programme. Together with plant managers and staff, teams of experts assess and review plant equipment, process computers and information technology systems for Y2K compliance. Internationally recognized Y2K experts and observers from countries with similar facilities take part in the missions. The activities of the teams are co-ordinated with those of teams set up by the United States Department of Energy and by certain utilities that have co-operation agreements with the utilities requesting such missions. In addition, the Secretariat reached agreement with the World Association of Nuclear Operators (WANO), the International Union of Producers and Distributors of Electrical Energy and the Commission of the European Communities on all matters relating to the conduct of the missions, particularly the reference guidance documents, the team structure and composition, task description, report format and financial support.

18. A mission to the Chernobyl Nuclear Power Plant (Ukraine) operating RBMK reactors took place from 12 to 23 April 1999. Information provided by WANO was useful in setting up a team of three experts from British Nuclear Fuels Limited Magnox Generation. In addition to the staff of the plant, two observers from the Ignalina Nuclear Power Plant (Lithuania) and Kursk Nuclear Power Plant (Russian Federation) took part in the mission. Subsequently, there have been missions to the Bohunice Nuclear Power Plant in Slovakia, the Qinshan and Guangdong Nuclear Power Plants in China and the Zaporozhe Nuclear Power Plant in Ukraine. Missions to the South Ukraine Nuclear Power Plant in Ukraine, the Metzamor Nuclear Power Plant in Armenia, the Kozloduy Nuclear Power Plant in Bulgaria and the Krško Nuclear Power Plant in Slovenia are scheduled for August and September. Missions conducted after September, at the request of Member States, will focus on reviewing remediation actions taken and contingency plans.

19. From 12 to 16 July 1999, the Secretariat conducted an international workshop on the Y2K issue at nuclear power plants for the purpose of exchanging information on the results of assessments carried out and remedial measures taken by nuclear regulatory authorities and plant operators. The international workshop addressed topics such as contingency planning for the transition to the year 2000, the results of recent Agency missions to the Chernobyl Nuclear Power Plant and the Bohunice Nuclear Power Plant, and the inventorization, prioritization and testing of Y2K-susceptible equipment. A special session was held for nuclear safety regulators, and there were sessions on specific reactor types, including WWERs and RBMKs.

20. The regulators reported that national arrangements for dealing with the Y2K challenge were in place in their respective countries, with the guidelines published by the Agency being widely used in determining regulatory requirements or as a basis for the formulation of national guidelines. The results suggest that nuclear power plants are well on the way to attaining the Y2K-related milestones established by regulatory authorities. In most of the countries in question, the results of regulatory reviews are being reported to the governments. Most final reports are due in the last quarter of 1999. The operators of WWERs reported on - inter alia - their testing activities, and some stated that further testing would be conducted during outages. In general, the Y2K vulnerabilities found through testing and through software reviews had been not in control systems, but in monitoring and display systems and in data logging. The participants in the RBMK session discussed the use of automated source code scanning tools for testing purposes, focusing on their reliability and on the saving of time achievable through using them.

21. The international workshop was attended by 52 participants and lecturers from Armenia, Brazil, Bulgaria, China, the Czech Republic, France, Hungary, India, the Islamic Republic of Iran, the Republic of Korea, Lithuania, Mexico, Pakistan, Romania, the Russian Federation, Slovakia, Spain, Sweden, Ukraine, the United States and Uzbekistan. Representatives of the World Association of Nuclear Operators (WANO) also attended. The workshop report and the presentations made during the workshop are available on the Agency's NUSAFE web site (http://www.iaea.org/ns/nusafe/y2000/y2kwsjul.html). The workshop participants requested the Agency to hold, in October, a further workshop for the sharing of information on contingency plans.

    Nuclear Fuel Cycle and Waste Management Facilities

22. Regarding nuclear fuel cycle and waste management facilities, the Secretariat addressed Y2K issues at:
    • Radioactive waste management facilities;
    • Uranium enrichment facilities;
    • Uranium fuel fabrication facilities;
    • Mixed oxide (MOX) fuel fabrication facilities;
    • Away-from-reactor spent fuel storage facilities; and
    • Reprocessing facilities.

23. The Secretariat convened a group of experts who met from 20 to 22 January 1999 and produced a report entitled Safety Measures to Address the Year 2000 Issue at Radioactive Waste Management Facilities. This report has been published as a technical document (IAEA-TECDOC-1073) and is available on the Agency's Y2K Web site. The experts drew attention specifically to Y2K problems in computer based systems for process control and data processing that could lead to a failure during normal operations of certain systems, such as temperature controls, off-gas systems, feed flow and control of composition. The recommendations apply in particular to the vitrification of high level waste^1/ arising from spent fuel reprocessing, bituminization of low and intermediate level waste, incineration of organic radioactive waste, drying of liquid radioactive waste, cementation of low and intermediate waste and storage of radioactive waste.

24. A report on "Potential Vulnerabilities of Nuclear Fuel Cycle Facilities to the Year 2000 Issue and Measures to Address Them" was prepared by a group of specialists who met from 24 to 26 March 1999. The report addresses Y2K problems in uranium enrichment, uranium fuel fabrication, MOX fuel fabrication, away-from-reactor spent fuel storage facilities and spent fuel reprocessing facilities that could affect computer based systems for stirring chemical solutions and/or for driving cooling equipment, ventilation and off-gas treatment systems. The specialists recommended that the licensees of these nuclear fuel facilities take the following points into consideration whenever Y2K readiness is not fully secured, and also as precautionary measures:
    • Nuclear fuel cycle facilities should stop production, if technically possible, before the Year 2000 crossover date. Other critical dates may demand similar actions, depending on the facility. However, during shutdown, safety functions should remain operational;

    • Nuclear fuel cycle facilities should restart operations according to strictly controlled procedures. All necessary checks should be made at restart to ensure that all safety conditions are met; and

    • Care is required for investigative testing of in-service equipment, as this may introduce faults and cause unexpected hazardous events.

    The report has been published as a technical document (IAEA-TECDOC-1087) and is accessible in electronic form via the Agency's Y2K Internet site.

25. A questionnaire requesting information on Y2K readiness was sent to Member States operating fuel cycle facilities. The responses to the questionnaire that have reached the Secretariat (eight Member States had responded as of 31 July 1999) are being put into the Nuclear Fuel Cycle Information System Database, which will be accessible on the Internet. It should be noted that two Member States had already indicated that they intend to temporarily shut down the operational production processes of their reprocessing plants just before the end of 1999.

26. On 1 and 2 July 1999, the Secretariat conducted an international workshop on "Safety Measures to Address the Year 2000 Issue at Radioactive Waste Management and Fuel Cycle Facilities". The international workshop - in which Austria, Belgium, Germany, Italy, the Russian Federation, the United Kingdom and the United States participated - produced a report that is being issued as IAEA-TECDOC-1111 and will be made accessible in electronic form on the Agency's WorldAtom Y2K Web site.

27. Whereas the focus in the reports on the Y2K issue at radioactive waste management facilities and at nuclear fuel cycle facilities had been on the sensitivity of facilities to Y2K problems and on recommending solutions, the focus of the international workshop was on sharing the experience gained in dealing with Y2K problems.

28. Among other things, the international workshop addressed:
    • the question of the prioritization - from the point of view of the safety relevance of processes and facilities - of the work still to be done in the time remaining until the end of the year;

    • "work around" strategies, particularly the changes of dates and the limitations associated with such strategies and the problems associated with running a facility idle or stopping production or shutting down a facility at critical dates;

    • the problems of keeping facilities in a safe state during shutdown and of restarting facilities;

    • contingency plans, which should be available for all safety-relevant items of a facility or process;

    • the possibility of common mode failures; and

    • the possible non-availability of public services such as electricity, water supplies and telephone communications.

    Medical Facilities

29. The Secretariat, through a circular letter sent on 1 December 1998, drew the attention of Member States to the problems that may arise with the advent of the year 2000 at medical facilities using radioactive materials or particle accelerators and invited them to provide the Agency with all relevant information. To assist Member States in addressing this issue, a report entitled Safety Measures to Address the Year 2000 Issue at Medical Facilities which use Radiation Generators and Radioactive Materials was prepared by a group of experts who met in Vienna from 14 to 18 December 1998. The report was published as a technical document (IAEA-TECDOC-1074) and is accessible in electronic form. The experts recommended that a systematic approach to the Y2K problem be adopted in order to ensure that all radiation generators, radiation sources, equipment and systems for radiotherapy and nuclear medicine diagnosis and therapy are Y2K compliant. Ancillary and auxiliary equipment and systems such as treatment planning computers, accelerator control systems, recording and verification systems, activity meters and dosimetry equipment, as well as custom-made equipment and systems, should be tested for Y2K compliance. The report was sent by the Secretariat to all Member States requesting them to bring it to the attention of the competent authorities and to share information on actions taken with respect to equipment and systems assessment, testing, remediation and contingency plans.

30. From 28 to 30 June 1999, the Secretariat, with the co-operation of the World Health Organization, conducted an international workshop on "Safety Measures to Address the Year 2000 Issue at Medical Facilities which use Radiation Generators and Radioactive Materials". The international workshop - in which Argentina, Australia, Bulgaria, China, Cyprus, the Czech Republic, Finland, Greece, Italy, Lithuania, Peru, Sweden and the United States participated - produced a report that is being issued as IAEA-TECDOC-1108 and will be made accessible in electronic form on the Agency's WorldAtom Y2K Web site.

31. Some Member States which did not participate in the international workshop, and which could have considerable numbers of computer programs not supported by manufacturers and therefore need to take preventive measures, may have made few or no preparations for the year 2000. The issue is one of great significance and urgency: if adequate preparations are not made, the risk exists of patients receiving incorrect treatments (overdoses or underdoses) or incorrect diagnoses, resulting in compromised medical care or even in injury.

32. In order to facilitate the setting of priorities and the allocation of resources, the international workshop's report contains - by way of example - lists of possibly affected items used in the various areas of application of radiation in medicine, lists of possible events resulting from the Y2K issue, classifications of items and events according to severity (clinical significance) and probability, suggestions as to procedures to be followed and precautions to be taken in evaluating, remediating and testing, suggestions as to simple generic tests, and a list of subjects to be covered by contingency plans. However, the examples given in the report are only of a generic nature and not exhaustive, and they cannot be specific to individual pieces of equipment and software. It is the responsibility of each State to ensure that all its equipment is Y2K compliant.

    Emergency Response Plan

33. The Agency's obligations under the Convention on Early Notification of a Nuclear Accident (INFCIRC/335) and the Convention on Assistance in the Case of a Nuclear Accident or Radiological Emergency (INFCIRC/336) are implemented through the Emergency Preparedness and Response Unit, which maintains the Agency's Emergency Response Plan and associated procedures and checklists, and conducts appropriate training and exercises. The Emergency Response Plan defines the objectives, assigns responsibilities and authorities for decision making, and defines the concept of operations of the response system, including the public information aspects. This plan, which has been thoroughly reviewed and overhauled this year, forms the basis of the Agency's anticipated response to the Y2K problem.

34. Because of the particular threats posed by the Y2K problem, the Emergency Preparedness and Response Unit has carried out a risk analysis, identifying potential threats to its capabilities and developing contingency plans. However, although the Unit has tested and planned for implementation in 2001 of a more extensive use of Web technology for information exchange, the existing system relies primarily on conventional and dedicated communications lines (telephone and facsimile). Computer related aspects such as contact point databases and assessment codes have been guaranteed to be Y2K compliant, and paper backups already exist. The most serious problems would occur if the conventional communications lines (telephone and facsimile) were to fail. Backup fax carriers that are already Y2K compliant have been engaged. Moreover, the use of other means of communication (through computer networks or satellite links) as a backup system is being actively explored. Contingency protocols for exchanging information are being drawn up for contact points under the two Conventions. A newsletter is being circulated twice a year concerning emergency arrangements; the August 1999 edition will specifically address the contingency plans in place and the expectations of States Party to the Conventions.

35. The Emergency Preparedness and Response Unit is ready to provide assistance in the event of Y2K-related accidents if requested by Member States to do so pursuant to the Convention on Assistance in the Case of a Nuclear Accident or Radiological Emergency.

    Safeguards

36. Y2K problems could affect the safeguards and physical protection activities carried out by the Agency and Member States. To ensure the continued effective implementation of safeguards and physical protection, these problems should be addressed on a co-operative basis. In order to deal with the Y2K issue as it relates to Agency safeguards, the Department of Safeguards identified internal issues as well as the following four areas of potential impact on Member States and organizations:
    • Nuclear material accountancy: The cornerstone of the Agency's verification activities of State declarations is nuclear material accountancy. The maintenance and timely submission of correct and complete records and reports by the facility operators and the State System of Accounting and Control of Nuclear Material (SSAC), which generally rely on specific software and computer systems, are critical for the successful implementation of safeguards;

    • Measurements and evaluation: Nuclear material produced, processed and used at the facilities is measured and evaluated by the Agency, facility operators and, in some cases, the SSAC using different types of non-destructive analysis equipment and software. An accurate and reliable operator measurement system is critical for successful verification of the nuclear material at facilities.

    • Process control and monitoring systems: Systems for process control and monitoring are installed in nuclear facilities. These are primarily used for operational activities and rely mainly on computer-based systems and embedded components to function. The systems may also interface directly with nuclear material accounting and measurement systems.

    • Physical protection equipment systems: Physical protection is provided by States to protect nuclear material from theft and nuclear facilities from sabotage. Physical protection systems include such equipment as access control devices, intrusion detection, closed circuit television, central alarm station and communication systems which rely on computer based systems and embedded components to function.

37. A letter was sent by the Secretariat to Member States and organizations on 19 May 1998 informing them of a Y2K problem that might affect the production of nuclear material accountancy reports. The letter offered two alternative solutions and requested the State to contact the Agency to indicate which date reporting form they preferred. On 13 January 1999, a reminder for a response was sent to those States from which a response was expected but had not yet been received. Another letter, specifically drawing the attention of Member States and organizations to Y2K issues with respect to software contained in safeguards equipment was sent on 22 October 1998.

38. An international seminar entitled "Year 2000 (Y2K): Progress and Co-operation", organized by the Department of Safeguards, was held on 1–5 February 1999. The seminar was attended by representatives from 48 countries, as well as representatives from companies involved in providing information technology services. It provided a forum for information exchange on Y2K problems as they relate to safeguards instrumentation, application software, reporting systems and to physical protection issues. There were extensive discussions and exchanges, both during the plenary meeting and in separate sessions, which identified common Y2K problems. In addition, the need for contingency planning was emphasized. During the seminar, several States indicated that they needed to update their accountancy software and expressed an interest in receiving support in the form of advice or the provision of software.

39. In the areas of measurement and evaluation, and process control and monitoring systems, responses to a questionnaire sent by the Secretariat indicate that all States have begun working on the Y2K problem, with completion expected between August and October of this year. Forty per cent have developed contingency plans in case the deadline is not met. If assistance is needed, it is principally in the area of rectifying the problem (as opposed to identifying it or seeking assistance in replacing the system). The seminar identified actions that State regulatory authorities and operators should take to analyse their physical protection systems, including the development of an action plan. Furthermore, recommendations were formulated for drawing up contingency plans should part or all of the physical protection systems fail. The Secretariat may convene a working group in the autumn to consider any outstanding questions or problems.

40. In conjunction with the seminar, a questionnaire was issued on the status of Member State Y2K preparations. The primary objective of the questionnaire was to collect information which would help the Agency and individual Member States to determine the status of Y2K compliance with regard to safeguards and to identify areas where assistance and guidance may be required. In addition, safeguards inspectors were requested to distribute the questionnaire to facility operators and State authorities to gain a better understanding of the status of Y2K efforts in States.

41. Requests for assistance have been received from eleven countries. These requests, which were received both during and after the seminar, are mostly in the area of equipment, SSAC software and physical protection systems. Contacts have been made with these States in order to define the needs more precisely, and assistance has been provided. In order to provide this assistance, the Department of Safeguards has initiated support programme tasks with three Member States which are prepared to provide technical and other services in this area. The Secretariat is acting as a facilitator to identify the necessary actions and indicate where the assistance can be obtained. The requests for assistance could cover any of the following areas:
    • Training to help States evaluate existing accounting software, and upgrade it or develop new Y2K compliant software;

    • Provision of Y2K compliant software;

    • Provision of guidance/assistance on physical protection issues;

    • Organization of assistance missions whereby an expert or small team of experts will visit a State encountering problems and providing direct advice;

    • Establishment of contingency plans.

    THE Y2K ISSUE IN THE AGENCY'S OPERATIONS

42. The Secretariat's internal information technology infrastructure, consisting of system software, networks, hardware and standard software platforms and related instrumentation, are being checked and, where necessary, revised to ensure Y2K readiness. The control of information systems not only resides in the Division of Scientific and Technical Information (NESI), but is also distributed across different programme areas. Any attempt to ensure the Y2K compliance of all information systems in the Secretariat requires the active participation of the different Departments and Divisions.

    Action Taken Towards Y2K Readiness

43. An "Agency-Wide Year 2000 Task Force", chaired by a representative of NESI, was established in December 1996 and is composed of representatives of all Departments. Regular meetings have been held since then and will continue to be held to discuss application verification and conversion for Y2K compliance of all computing platforms. Assistance and guidance to all application systems development staff and users is regularly provided, including training and distribution of guidance documents. A training session for application development staff on Y2K testing was held as early as 3 June 1998.

44. The information technology infrastructure, as well as all applications, have or are being tested for Y2K compliance. Critical systems, meaning those systems whose normal operation is essential to the Agency's work and objectives, have been identified. The following Agency hardware and software infrastructure components have been categorized as critical:
    • The central computing environment (electricity, air, fire alarms, access security, secondary diesel power supply);

    • Network hardware supporting internal and external communications;

    • Mainframe facilities supporting vital Agency information systems, including those for UNIDO, UNOV and UNRWA;

    • All backup facilities;

    • UNIX hardware and software required for vital Agency information systems and Internet communication internally, with other United Nations organizations and Member States;

    • Microsoft NT related server equipment and operating system software, including major components such as database systems, electronic mail and other application related products (Access, Excel, etc.).

45. With respect to information systems applications, the critical components are:
    • Finance, procurement, personnel and publishing in the Department of Management;

    • The Energy and Economic Data Bank, Power Reactor Information System and global databases in the Department of Nuclear Energy;

    • International Safeguards Information System (ISIS), inspection and illicit trafficking related systems in the Department of Safeguards;

    • Technical Co-operation Experts Management System, project and field procurement related systems in the Department of Technical Co-operation.

46. By the end of June, out of 36 components of the information technology infrastructure, 28 had been tested or converted to be Y2K compliant. The testing and verification of the other components is in progress. Concerning information systems applications, 138 out of 159 applications have been tested or converted to be Y2K compliant and five applications will be discontinued or moved to other Y2K compliant systems. The information technology infrastructure and information system applications are both expected to be Y2K compliant by October 1999.

47. The Department of Safeguards has identified 113 instrument systems, of which 13 are currently not Y2K compliant. In addition, of the 16 instrument systems which are the property of Member States but in joint use at facilities, most are already Y2K compliant, and the Member States in question have stated that the rest will be converted by October 1999.

48. The Division of Budget and Finance has three major systems for which Y2K processing is a concern. They are the payroll system, the travel system (ATLAS) and the financial management system. The payroll and travel systems have been tested and found to be Y2K compliant.

49. The present financial management system (FICS) used by the Agency is not Y2K compliant, though the supplier of the software has had Y2K compliant versions available to all customers holding a current maintenance support agreement. The Agency decided, however, not to assign resources to implement these new versions. Rather, it was deemed more appropriate to take the opportunity to develop a new financial system not only to meet Y2K needs but also to respond to user requests from other Departments in the Agency for greater functionality. Consequently, the Agency's Financial Information Management System (AFIMS) project was conceived, based on software that is Y2K compliant.

50. The Secretariat has been in contact for some time with major vendors and suppliers providing products and services to the Agency in order to determine which upgrades or alterations are needed to make these products Y2K compliant. Concerning the equipment to be provided by the Agency to developing Member States in the framework of technical co-operation projects, as of June 1998 all purchase orders require the contractor to certify that all goods delivered will accurately process dates and times for the 20th and 21st centuries, including leap year calculations, when used in accordance with the product documentation provided by the contractor. It is the responsibility of Member States to ensure that all equipment already in their possession, including equipment obtained through the Agency's technical co-operation programme, is Y2K compliant.

    Contingency Plans

51. Year 2000 risk assessment and contingency planning is an essential part of the Action Plan. The assessment, in combination with the contingency planning, minimizes potential failures that may be encountered and ensures operational continuity before and beyond the year 2000. In addition to this, it minimizes any adverse impact on Agency programmes, communication with Member States and internal administrative demands. It includes careful planning for emergencies as well as recovery and, if required, the provision of alternate means, such as manual procedures instead of the existing electronic data processing, in case of potential difficulties. Contingency planning efforts encompass all of the Agency's critical systems. Risk assessment and contingency planning for potential impacts in the case of failures and disruptions during the millennium changeover was started in the third quarter of 1998 with the participants of the Y2K Task Force identifying critical application systems and specifying priorities.

52. The development of an emergency plan before and after the millennium crossover is under way and will be completed by early October 1999. The Secretariat intends to carry out at that time a simulation exercise to test the year-end transition of all critical applications and information technology components. It consists of a crisis centre with a co-ordinator, key staff coverage for support from all Departments, and applicable manual procedures if system procedures fail. Power failures potentially affecting the Agency's Headquarters and central computing facilities have been evaluated and remedies will be tested during October. This will be done together with Buildings Management of the Vienna International Centre (VIC) and third party suppliers of electrical power and in-house facilities.

53. Emergency diesel generators will be in operation to support essential facilities and provide the necessary power for up to 36 hours for the United Nations Security and Safety Service, elevators, emergency lights and the central computing environment. In the case of longer emergency periods, tanks can be refilled with fuel to provide unlimited electrical power. The computing and electronic facilities of the Medical Service are also included in the contingency plan in order to provide uninterrupted services to all United Nations organization staff and their authorized dependents.

54. As far as AFIMS is concerned, there is confidence that the system will be ready on time and successfully introduced into production on 1 January 2000. The only outstanding matter is the completion of the closure of the 1999 fiscal year. Ideally this should take place in the existing operational environment using the current FICS system. To limit the use of FICS beyond 1999, the bulk of the closure will be completed before the end of 1999. However, as a contingency, it is planned to examine the possibility of performing some limited processing of FICS in early 2000 to complete the closing smoothly and avoid to the extent possible manual preparation of financial closing entries and statements.

    Y2K on the Internet

55. Through the Agency's WorldAtom Internet site, the Secretariat, in mid-February 1999, put into place a series of Web pages that were developed by the Division of Public Information to co-ordinate the global exchange of information on the Agency's Y2K activities and related topics. The site (http://www.iaea.org/worldatom/program/y2k) is designed as a one-stop directory for information about Y2K activities in the Agency, its Member States and international organizations within and outside the United Nations system. The site covers four broad categories: documents and reports; information about Agency activities related to nuclear safety, radioactive waste management, medical facilities, safeguards, and internal computer systems; current news and viewpoints of experts; and links to other Y2K Internet information resources, including sites in more than 20 Member States. The attachment to this report lists Agency documents that have been made available so far on the WorldAtom Y2K pages. In addition, the site features access to an extensive range of additional information about activities of the Agency and its Member States.

56. An interactive feature of the Y2K pages is an on-line news group through which interested scientists, government officials, journalists, and members of the public can exchange information by electronic mail. There are about 100 participants in the news group, including energy journalists and government and industry officials.

    Y2K Co-ordination Within the United Nations System

57. A number of steps have been taken to ensure that there is a co-ordinated response by the United Nations system to the Y2K issue, as different organizations could face similar problems arising from the interruption of services at Headquarters and in the field, particularly energy services, telecommunications, transport, financial and other essential services. A system-wide co-ordinated approach is being taken to deal with contingency planning and logistics, as well as financial and personnel matters. This was the subject of discussions at meetings of the Consultative Committee on Administrative Questions (CCAQ) of the United Nations in February and March 1999. Guidelines are being developed to mitigate the impact of any disruption to banking, payroll and other financial operations. Contingency plans, crisis management teams, standby teams, etc., have been drawn up on the basis of risk assessment. The security and safety of staff in the context of Y2K concerns are being addressed by the United Nations Security Co-ordinator.

58. Similarly, information is being exchanged between United Nations organizations on ways of addressing Y2K issues through the Inter-Organizational Information Systems Co-ordination Committee (ISCC). Responses to questionnaires, updated every three months, and guidance documents developed by the different agencies are shared by information system managers in the various organizations of the United Nations system through the ISCC.

59. The Agency is in constant communication with Vienna based United Nations organizations on approaches and solutions to Y2K issues as it supplies information technology infrastructure services to some of these organizations. UNIDO has a Facility Management Agreement with the Agency that covers the support of mainframe, Internet and network platforms. Some UNOV applications are executed under the UNIDO mainframe environment. With UNIDO's concurrence, hardware and software components, some of which are part of the Agency's computing infrastructure, have been tested and converted for Y2K compliance, though it is UNIDO's responsibility to test and convert their application information systems for Y2K readiness. CTBTO, UNDCP, UNIDO and UNOV have Web servers for Internet and firewall systems that are located at the Agency, in addition to the UNDCP production server equipment. Electrical diesel power facilities used for the Agency's central computing environment are also available for these organizations. The crisis centre, as described under the section on Contingency Plans, can be made available to other United Nations organizations at the VIC. UNIDO, in charge of Buildings Management, is responsible for planning and negotiations with third party suppliers on all matters relating to the physical environment of the VIC such as electrical power, air conditioning, access security, elevators and fire protection systems.

    Resources

60. For the Agency's operations, available human and financial resources are presently used to assess, test and convert all applications and the information technology infrastructure. All other activities relating to information exchange and assistance to Member States are implemented within existing resources, either from the regular budget or the Technical Co-operation Fund, as well as from extrabudgetary resources. The services of cost-free experts have been provided by Sweden and the USA. Extrabudgetary funds were received from Australia, Japan, the Netherlands, the United Kingdom and the USA for Y2K review missions to nuclear power plants.

GC(43)/7
Attachment

General Conference Resolution and Board Documents
(These documents are also available in electronic form to registered users of the GovAtom services at http://intranet.iaea.org/pmo_docs).

• Measures to Address the Year 2000 (Y2K) Issue - GC (42)/RES/11 (25 September 1998)

• IAEA Action Plan on the Year 2000 (Y2K) Computer Problem - GOV/INF/1998/24 (November 1998)

• Safety Measures to Address the Year 2000 Issue at Radioactive Waste Management Facilities - GOV/1999/12 (March 1999)

• Safety Measures to Address the Year 2000 Issue at Medical Facilities Which Use Radiation Generators and Radioactive Materials - GOV/1999/13 (March 1999)

Technical Documents (TECDOCs)
(Note: Internet addresses are provided for documents in electronic form on the IAEA's WorldAtom Web site).

• Achieving Y2K Readiness: Basic Processes - IAEA-TECDOC-1072
  (http://www.iaea.org/ns/nusafe/y2000/y2kguidan.htm)

• Safety Measures to Address the Year 2000 Issue at Radioactive Waste Management Facilities - IAEA-TECDOC-1073
  (http://www.iaea.org/worldatom/program/y2k/tecdoc1073.pdf)

• Safety Measures to Address the Year 2000 Issue at Medical Facilities Which Use Radiation Generators and Radioactive Materials - IAEA-TECDOC-1074
  (http://www.iaea.org/worldatom/program/y2k/tecdoc1074.pdf)

• Potential Vulnerabilities of Nuclear Fuel Cycle Facilities to the Year 2000 Issue and Measures to Address Them - IAEA-TECDOC-1087
  (http://www.iaea.org/worldatom/program/y2k/tecdoc1087.pdf)

• Safety Measures to Address the Year 2000 Issue at Medical Facilities which use Radiation Materials - IAEA-TECDOC-1108
  (http://www.iaea.org/worldatom/program/y2k/tecdoc1108.pdf)

• Safety Measures to Address the Year 2000 Issue at Radioactive Waste Management and Fuel Cycle Facilities - IAEA-TECDOC-1111
  (http://www.iaea.org/worldatom/program/y2k/tecdoc1111.pdf)