2. Inventory your applications, preferably using software tools

Most computers will have tens, hundreds, or even thousands of application programs scattered across their disks. As a result, the process of identifying these applications and their Y2K compliance status can potentially be very time-consuming. For this reason, we suggest that you consider using software tools to scan for and identify installed application programs.

These are two categories of tools you might consider using for this purpose:

• Inventory-only tools
  
  These tools report on what application programs are installed. You'll then need to manually check the Y2K compliance status of your programs.
  
  
• Inventory & compliance status tools
  
  These programs report on what application programs are installed, and will also provide you with Y2K compliance information for some - perhaps many - of these programs. You may still need to manually check the Y2K compliance status of some of your programs.

What these tools do

These inventory-only tools report on what application programs are installed on a computer's disks. Depending on the tool, they may report on the names, versions, and vendors of your application programs, and may also provide additional information. (For example, some tools can report on whether Windows applications are 32-bit or 16-bit programs.)

Typically you can print these reports or save them on your disk as text documents. Some of the more fully-featured commercial programs can also send these reports over a network to a central database on one of your PCs. This may allow you to see at a glance what applications are installed within your department, how many copies are installed, what versions are in use, and so on.

What types of tools are available

There are a variety of no-cost and commercial tools for this purpose. For a list of some tools you might consider, see Software Tools for Finding & Resolving Y2K Problems .

Most such tools are available for industry-standard PCs running DOS and Windows operating systems. A few tools are available for other types of computers, such as Macintoshes.

Important limitations and caveats when using tools

These tools won't do all the work for you. You'll still need to carefully check their reports, both to fill in any missing pieces and to verify some facts or conclusions.

Some significant limitations and caveats (cautions) of inventory tools can include:

1. Sheer numbers of applications.
   
   It's easy to be distracted by the "noise" of the hundreds or thousands of application programs that your software tools might report as being installed on a typical computer's disks. Even a "bare bones" PC on which just the Windows 95 operating system - alone - has been installed may already have over 100 application programs!
   
   To add to this clutter, some tools might incorrectly identify auxiliary files - such as library files, overlay files, and the like that are typically executed indirectly - as application programs.
   
   Many of these programs are likely to be insignificant or completely irrelevant to your Y2K assessment efforts. For this reason, it's important to keep focused on your priority applications
   
   
2. Missing applications.
   
   Because of the mechanisms by which some tools identify applications, it is possible that they might simply miss reporting on some installed programs.
   
   
3. Unrecognized applications.
   
   Some tools may be able to locate applications, but may not be able to identify them by recognizable names, and may not be able to report on their vendors and/or versions. Particularly in the DOS and Windows environments, certain applications might only be reported on with short filenames such as DC7.EXE or with generic names such as REGISTER.EXE.

Example

Below is an excerpt from a sample report created on a PC running Microsoft Windows 95 using an inventory-only software tool, Sassafras Software's no-cost KeyAudit. (A report from this tool was selected solely for illustrative purposes, and its use here does not signify endorsement of the tool by UC Berkeley.)

In the sample below, KeyAudit's tab-delimited text report was opened in Microsoft Excel, and just four columns (fields) from the report were selected for display:

What these tools do

Like the inventory-only tools described above, these inventory & compliance status tools report on what application programs are installed on a computer's disks. Depending on the tool, they may report on the names, versions, and vendors of your application programs, and may also include some additional information. (For example, some tools can report on whether Windows applications are 32-bit or 16-bit programs.)

In addition, tools in this category go further by also providing Y2K compliance information for at least some of the installed programs. Depending on the tool you're using, it may report some or all of the following:

• The Y2K compliance status of (at least some of) your application programs;
  and/or
  
• The URLs for your vendors' Web home pages and/or Y2K home pages;
  and/or
  
• What Y2K patches or upgrades may be available for these applications and where to find them;
  and/or
  
• What Y2K date usage issues you might encounter with these programs.

Typically you can print these reports or save them on your disk as text documents. Some of the more fully-featured commercial programs can also send these reports over a network to a central database on one of your PCs. This may allow you to see at a glance what applications are installed within your department, how many copies are installed, what versions are in use, and so on. Some of these tools can also identify what numbers and percentages of your department's applications have Y2K problems, and track your department's progress over time in resolving these problems.

What types of tools are available

Tools in this category are likely to be commercial products. For a list of some tools you might consider, see Software Tools for Finding & Resolving Y2K Problems .

Most of these tools are available for industry-standard PCs running DOS and Windows operating systems. A few tools in this category are available for other types of computers, such as Macintoshes.

Some of these inventory & compliance status tools are sold as 'stand-alone' programs, while others are included along with a number of other Y2K-related tools in "tools suite" products.

Important limitations and caveats when using tools

In addition to the three major limitations and caveats of inventory tools listed above, there are some additional limitations you should be aware of when using tools that attempt to identify your applications' Y2K compliance status:

1. Applications for which compliance status is unavailable.
   
   Software tools typically identify applications via one or more of their unique characteristics. Applications may be recognized by matching names, sizes, creation or modification dates against a database; by looking for entries in the Windows Registry; or viewing 'resources' or text stored within the program.
   
   Once a software tool has identified an application program, it then compares it against its internal Y2K compliance database. The databases used by popular tools typically have information on approximately 5,000 to 15,000 DOS and Windows applications and/or about 1,500 Macintosh applications.
   
   If a tool can't recognize an application program, it can't identify its Y2K compliance status. Similarly, if a tool can recognize a program, but has no entry for it in its compliance database, it can't identify its compliance status.
   
   
2. Out-of-date compliance status information.
   
   As noted below, vendors occasionally revise their compliance statements for some applications.
   
   Some tools vendors are very diligent in frequently updating their tools' compliance databases to keep up with the latest compliance status changes. The databases used by other tools may lag somewhat behind. Either way, you should consider that some reports on your applications' compliance status could potentially include some information which is outdated and thus incorrect.
   
   We suggest that, when evaluating tools for use in your department, you check with tools vendors to determine the frequency of their compliance database updates. You might also ask whether the compliance information reported by their tools is marked with a 'date of last update.'
   
   In the case of your most critical programs, it is still important to obtain the most up-to-date compliance information from your application program's vendor, regardless of what a tool may report.
   
   
3. Incomplete compliance status information.
   
   Some tools may tell you if an application is compliant, compliant with 'minor issues,' or non-compliant, but might not provide you with any more meaningful details. For more complete information, you may still need to refer to your vendor's original compliance statement.
   
   
4. Inability to distinguish applications which have been "patched" or updated for Y2K compliance.
   
   Many tools may not be capable of distinguishing programs that already have had vendor-provided Y2K "patches" or updates applied from those which have not.

Example

Below is an excerpt from a sample report created on a Macintosh using using an inventory and compliance status software tool, MacReadyNow!. This tool is a product of IT Pathways , part of the Carpathia Consulting Group. (A report from this tool was selected solely for illustrative purposes, and is reprinted by permission. Its use here does not signify endorsement of the tool by UC Berkeley.)

1. Back up your data.

Make sure that your computer's data has been completely backed up and can reliably be restored before making any changes.

2. Decide whether the issues which make this application "non-compliant" are important to you.

In at least a few cases, the unresolved Y2K issues which a vendor has identified as making a program "non-compliant" might be ones that you can live with.

You'll need to be absolutely sure that these issues, when they affect one of your priority application programs, will not disrupt key departmental functions. And it is probably a good idea to check with other members of your department's Y2K project team, or with computer support staff members or other colleagues, to review your decision. If you have even the slightest doubt about this, continue with the steps below.

It's especially important to note that if your application program shares data with other programs, either on your own computer or one someone else's computer, certain unresolved Y2K issues could potentially cause inaccurate data to be exchanged, with potentially far-reaching consequences.

If you do retain a non-compliant application program, be sure to make a record (or "log entry"), to be associated with its computer, which highlights that this program has been kept and explains why it was not replaced or retired.

3. Decide whether you can retire the application program.

4. Decide whether to upgrade the program or to switch to a different program.

• Upgrading to a newer, Y2K compliant version of the same application program; or
  
  
• Switching to a different application program with equivalent functionality.

• Does a newer, Y2K compliant version of this application exist?
  
  
• Are there one or more replacement application programs available which offer essentially the same set of functions ("functionality") that you're currently using?
  
  
• Will any of these replacement programs - whether a newer version of the program you're now using or a different program - be able to satisfactorily read the documents you've created using the current version of your program?
  
  If this is important to you, you'll need to investigate this in depth, and potentially also conduct your own testing.
  
  
• Will any of these replacement programs require a newer operating system (OS)?
  
  For example, if your current critical application runs under Windows 3.x, but your choice for a replacement program runs only under Windows 95, 98, or NT, you would need to upgrade your OS. If so, this could potentially trigger a chain of other required upgrades to hardware and application software.
  
  In at least a few cases, a requirement that a single critical program be replaced by a newer Y2K compliant program might compel you to replace an entire computer and all of its other application programs!
  
  
• Will any of these replacement programs require hardware upgrades?
  
  Even if a newer operating system is not required, will any of the plausible replacements for a critical application require that you install more memory (RAM), disk space, or other hardware upgrades?
  
  Consider that, even after installing hardware upgrades, some replacement program might run unacceptably slowly on older computers. This might make it more practical to replace these with newer computers, rather than upgrading the older machines.

5. Decide when to check for future Y2K status revisions.

1. Back up your data.

Make sure that your computer's data has been completely backed up and can reliably be restored before making any changes.

2. Install available Y2K updates or patches.

Identify any vendor-provided patches or updates which can at least partially resolve the application's Y2K issues.

If such patches or updates are available:

• Download or otherwise obtain these patches or updates.
  
  
• Install them, carefully following the vendor's instructions.
  
  
• Make a record (or "log entry"), to be associated with this computer, that identifies that these patches or updates have been installed.

3. Identify remaining Y2K issues.

Use the vendor's detailed compliance statement (typically found on the vendor's Web site), a software tool's report, or your own testing to determine what unresolved Y2K "minor issues" will remain in this application.

4. Identify whether the remaining issues are important to you.

Identify whether these remaining issues are important to you, based on the way that this application is being used.

For example, a particular function within an application program may have unresolved Y2K issues. However, if this function is a trivial one, or you don't use it at all, its Y2K issues may not be important to you. This application may thus be effectively compliant.

5. Identify workarounds, if any, for any important Y2K issues which remain.

If the remaining issues are important to you, identify whether there might be any workarounds available.

In other words, is there a straightforward and practical way that the user(s) of this application program can change the way that they work so that they will not encounter its Y2K issues?

For example, if entering dates with two-digit years might trigger some Y2K problems, is it feasible for this program's user(s) to always enter dates with four-digit years?

If you decide that a workaround is both required and feasible, be sure to make a record (or "log entry"), to be associated with each computer running this application program that clearly identifies that this workaround will be used.

6. Determine whether this application has any Y2K "date usage issues."

At least some Y2K "compliant" applications - including those which are "compliant with 'minor issues'" and might not otherwise present significant Y2K risks - can nonetheless exhibit Y2K problems if carelessly used .

For example, you might trigger Y2K problems by entering dates in a particular way, or through date-related errors in custom-written macros, scripts, or programs. This may be particularly likely in the case of spreadsheet, database, and statistical programs, among others.

In the case of your most critical applications, take the time to read your vendors' Y2K compliance statements carefully - in their entirety - so that you are fully aware of what Y2K "date usage issues," if any, you might encounter when using these programs.

7. Decide when to check for future Y2K status revisions.

Mark your calendar or Y2K project schedule with the future date(s) when you'll check to determine whether this application's vendor might have further revised its Y2K compliance statement.

In particular, you might look for any patches or upgrades which might resolve the remaining "minor issues" affecting your program, or for the discovery of additional problems which might cause the vendor to downgrade the program to "non-compliant" status.

8. If any important Y2K issues remain, regard this program as non-compliant.

Finally, if the unresolved Y2K issues which remain in this application program are important to you, and can't feasibly be worked around, treat this application as though it were non-compliant and proceed with the steps on the Non-compliant applications checklist, above.

1. Back up your data.

2. Install available Y2K updates or patches.

• Download or otherwise obtain these patches or updates.
  
  
• Install them, carefully following the vendor's instructions.
  
  
• Make a record (or "log entry"), to be associated with this computer, that identifies that these patches or updates have been installed.

3. Determine whether this application has any Y2K "date usage issues."

At least some Y2K "compliant" applications can exhibit Y2K problems if carelessly used . For example, a user might potentially encounter such problems by entering dates in a particular way, or through date-related errors in custom-written functions, macros, or scripts. This may be particularly likely in the case of spreadsheet, database, and statistical programs, among others.

In the case of your most critical applications, take the time to read your vendors' Y2K compliance statements carefully - in their entirety - so that you are fully aware of what Y2K "date usage issues," if any, you might encounter when using these programs.

4. Decide when to check for future Y2K status revisions.

Mark your calendar or Y2K project schedule with the future date(s) when you'll check to determine whether this application's vendor might have further revised its Y2K compliance statement.

What you'll need to look for are situations where the program's vendor has discovered new problems. These might induce your vendor to offer new patches or upgrades; to add to the list of Y2K "date usage issues" of which you'll need to be aware; or to downgrade the program to "compliant with 'minor issues'" or "non-compliant" status.