For information
On 16 July 1999

Legislative Council Panel on Security
Progress of Year 2000 Compliance Work in Departments and
Related Organizations under the purview of
the Security Bureau

PURPOSE

Following the meeting of the Panel on Security on 13 May 1999, this paper further reports the progress of Year 2000 (Y2K) compliance work and contingency planning within the five departments under the purview of the Security Bureau (SB), viz. the Hong Kong Police Force, the Fire Services Department, the Immigration Department, the Correctional Services Department and the Government Flying Service.

PROGRESS

Hong Kong Police Force

2. Out of the 14 outstanding systems reported to Members at the meeting on 13 May 1999, all except one have been rectified. Rectification of the only remaining system i.e. the Traffic Radio System, is in active progress for completion by mid-July 1999.

Fire Services Department

3. Rectification work of the only outstanding system i.e. the Trunked Radio System was completed in June 1999.

Immigration Department

4. Rectification of eight outstanding computer systems, one embedded system and five line communication systems have been completed.

Correctional Services Department

5. The only outstanding computer system was rendered Y2K compliant in mid-May 1999. The 15 embedded systems, mainly Call Radio and Closed-circuit TV systems, have all been upgraded, tested and verified to be Y2K compliant.

Government Flying Service

6. The three outstanding systems, including the two helicopter navigation systems, have all been verified to be Y2K compliant.

Customs and Excise Department

7. Members have asked about the Y2K compliance status of the Customs and Excise Department (C&ED), with particular regard to those systems relevant to the SB's policy area. The Department advised that it could not isolate and report separately on those SB-related systems as its systems are generally inter-linked to perform multi-purposes under different policy areas. The Y2K compliance status of the C&ED was covered under the progress report made by the Trade and Industry Bureau to the Panel on Trade and Industry on 3 May 1999. The Department's summary report is copied at Annex A for Members' reference. As at Annex A, the two outstanding systems of the C&ED are not related to the policy area of the SB.

CONTINGENCY PLANNING

8. Members also asked for the progress of preparation of Y2K contingency plans by the five departments under the purview of the SB. The departments undertook at the Security Panel meeting on 13 May 1999 to complete their contingency plans before September 1999 and would arrange for testing of these plans to ensure the provision of effective emergency services on the Y2K critical dates. Brief outlines and scope of the departments' plans and general progress are set out at Annex B. It can be seen that the five departments have now pledged to complete their contingency plans, together with the necessary test and rehearsal of these plans, by August 1999.

PUBLICITY

9. Public education and publicity to enhance public awareness in the Y2K issues are coordinated by the Information Technology and Broadcasting Bureau. Nevertheless, the Hong Kong Police Force and the Fire Services Department have jointly considered the risk involved and the contingency measures required in the event of a general telephone system failure, which would adversely affect public access to the "999" network. Although the risk of territory-wide disruption to the telephone system is low, the Police and the FSD are working out possible fall-back arrangements for receiving distress calls through alternative systems. Starting July 1999, the Police will have a series of publicity programmes on Y2K related law and order matters. The contingency measures to enable continued public access to the "999" network will be made known to the public as part of the Police's and the FSD's publicity programmes.

Security Bureau
July 1999

Annex A-1

An extract from the Trade & Industry Panel Paper on 3 May 1999

Progress in TIB, HKETOs and Departments under TIB's purview

There are 115 mission-critical systems in TIB, HKETOs overseas and the four Departments under the purview of TIB (Trade Department (TD), Industry Department (ID), Customs and Excise Department (C&ED), Intellectual Property Department (IPD)). The position of Y2K compliance in TIB, HKETOs overseas and the four Departments is shown at Annex A-2. As at 15 April 1999, 110(96%) of the mission-critical systems have been confirmed to be Y2K compliant or have been rectified. For the remaining five (4%) mission-critical systems which have not yet been confirmed as fully compliant, two are trade-related Electronic Data Interchange (EDI) computer systems. One is the Restrained Textile Export Licence (RTEL) system which serves TD to receive applications for RTELs and to issue RTELs, another is the Trade Declaration (TDEC) system which serves C&ED and the Census and Statistics Department (C&SD) to accept TDECs lodged electronically by traders. These two systems, as well as the corresponding ones in the Tradelink Electronic Commerce Limited (Tradelink), have already been individually tested and rectified to be Y2K compliant. Joint tests for all the EDI-related systems are being performed and will be completed by May 1999. Upon the satisfactory completion of such joint testing, these EDI-related systems will be confirmed to be fully Y2K-compliant. Irrespective of the results of the joint tests for the EDI-related systems, TD (in respect of RTEL) and C&SD (in respect of TDEC) are working out the contingency plans in conjunction with other parties concerned. It is anticipated that the plans will be finalized around June 1999.

2. The remaining three non-compliant systems are line communication systems (including one Interactive Voice Response System (IVRS) in C&ED and two Private Automatic Branch Exchanges (PABX) in the HKETOs in Brussels and Washington). Rectification work is scheduled to be completed by June 1999. In the unlikely event that these systems become inoperable for any reasons, direct telephone lines, fax transmissions, E-mail communications and / or mobile phone services will be used as a fallback.

Annex A-2

Y2K Compliance of Mission-critical Systems
In TIB, HKETOs Overseas, and Departments under the Purview of TIB
(as at 15 April 1999)

Office No. of
compliant systems		No. of
non-compliant systems		Total
Trade and Industry Bureau1(100%)0(0%)1
Economic and Trade Offices16(89%)2(11%)18
Trade Department30(97%)1(3%)31
Industry Department1(100%)0(0%)1
Intellectual Property Dept8(100%)0(0%)8
Customs & Excise Dept54(96%)2Note 1(4%)56
Total :110(96%)5(4%)115

Annex B

Hong Kong Police Force

1. General Scope of Contingency Plan

The general scope of the Force's contingency plans for particular systems will include risk assessments, followed by impact assessments and then the drawing up of the actual contingencies. The general risk assessment of all systems is "failure improbable".

2. Time Frame for the Plan

Preparation of a master plan for Y2K contingency planning has been completed by the end of June 1999. Preparation of the Y2K Contingency Plan for each specific critical system started in early June and will be finalized in early July 1999. After the test and rehearsal of the plans in mid-August 1999, the overall Y2K Contingency Plan will be consolidated and finalized.

3. Special Arrangement/Deployment during Rollover to Y2K Critical Dates

The Force is still considering the curtailment of leave for Police staff. For special deployment of technical staff, a Y2K special technical task force will be formed within the Police to provide -

  1. Immediate response to Y2K-related problems reported.

  2. Special arrangements to handle emergencies.

  3. Resources to maintain normal operation of mission-critical systems within the Force.
Fire Services Department

1. General Scope of Contingency Plan

The Department has taken into account the following possible internal and external disruptions in making the risk assessment -

  1. For internal systems failure

    1. Computerized Mobilizing System in the Fire Services Communication Centre (FSCC)

    2. Telephone system in FSCC

    3. Trunked Radio System

    4. Other Sub-systems in FSCC

    5. Public Switch Telephone Network and Private Automatic Branch Exchange

    6. Appliance and Equipment

    7. Non-critical Systems

  2. For external services failure

    1. Water Pumping System

    2. Public Switched Telephone Network

    3. Lifts

    4. Mechanically Driven Equipment

    5. Automatic Fire Alarms

    6. Power supply

    7. Possible crisis involving aircrafts

    8. Possible crisis in hospitals

    9. Traffic controlling devices
Possible scenarios have been categorized into different alert levels according to the nature and severity of the situation. Appropriate level of response corresponding to the alert level will be implemented according to the prevailing situation.

2. Time Frame for the Plan

Preparation of contingency plan was completed by the end of June 99. The plan contains guidelines on training, testing and exercise. The Plan will be revised as and when necessary to take account of any feedback from testing/exercise.

3. Special Arrangement/Deployment during Rollover to Y2K Critical Dates

The following special arrangement/deployment will be implemented starting from the evening before each identified Y2K critical date which may have impact on Fire Services -

  1. Fire Services members will not be granted leave except sick leave and pre-scheduled vacation leave.

  2. Some off-duty fire and ambulance personnel will be recalled for duty to man up additional appliances which will be deployed at strategic locations to suit individual needs.

  3. An additional group of ambulance officers will take up duty at designated posts.

  4. All senior officers will take up their positions in like manner as for major natural disasters/emergency fire organization when the Director of Fire Services declares "Service Stand-to" and a group of fire personnel posted at non-operational commands will report to designated fire stations to man up additional appliances.
Immigration Department

1. General Scope of Contingency Plan

The departmental contingency plan covers the following -

  1. Priority of business operations/services. e.g. Passenger clearance at control points is accorded top priority.

  2. Contingency plans for the administrative computer systems which support the critical business functions namely, the passenger clearance at control points and the provision of immigration services to the public at the Immigration Offices.

  3. Contingency plans for the non-IT systems which have impact on the critical business functions.

  4. Proactive plans to better support the manual operations and minimize risk.

  5. Roll-over arrangements to mitigate the undesirable effects of Y2K risk.

  6. Communication strategy built on the establishment of two command centres for more effective control and monitoring of the Y2K induced failures.

  7. Resource Plan.
The risk assessment of possible internal and external disruptions are as follows -
  1. Possible risks of internal systems failure

    1. Failure of the Immigration Control Automation System

    2. Failure of the Travel Document Information System

    3. Failure of Processing Automation - Permits & Visas System

    4. Failure of Processing Automation - Registration of Persons System

    5. Failure of Processing Automation - Births Deaths & Marriage System

    6. Failure of Processing Automation - Taiwan Visit Permit System

    7. Failure of Processing Automation - Macau Visit Permit System

    8. Failure of Processing Automation - Travel Pass System

    9. Failure of Processing Automation - APEC System

    10. Failure of Processing Automation - Core System

    11. Failure of Radar System

  2. Possible risks of external systems failure

    1. Failure of Telephone System

    2. Failure of Power

    3. Failure of Supply Chain of Critical Systems

    4. Failure of Traffic Controlling Devices

    5. Failure of Systems provided by other Government Departments
2. Time Frame for the Plan

The contingency plan will be ready for internal promulgation by mid-July 1999. Test and training will be arranged before mid-August 1999.

3. Special Arrangement/Deployment during Rollover to Y2K Critical Dates

Leave will be cancelled to ensure adequate manpower support during the Y2K critical dates and periods. Back-up reserves will be identified to reinforce the front-end operations in accordance with the business priority. Standby support from Immigration Department, Electrical and Mechanical Services Department and Information Technology professionals, including the computer vendors and staff of Information Technology Services Department, will be arranged.

Correctional Services Department

1. General Scope of Contingency Plan

The Y2K contingency plan aims at protecting the core businesses of the Department, i.e. to take into custody and rehabilitate offenders and rehabilitate drug abusers, from being disrupted by external Y2K-induced system failures. In general, the scope of the contingency plan covers all departmental critical computer systems, mission-critical embedded systems and line communication systems. The risk assessment on the possible internal and external disruptions and systems failures are as follows -

  1. Possible risk of Critical Computer System

    1. Penal Records Information System

    2. Manufacturing Management and Control System

    3. Personnel Information Management System

  2. Possible risk of Mission-critical Embedded Systems

    1. Telephone Systems

    2. Closed-circuit TV Systems

    3. Electricity and Water Supply

    4. Burglar Alarm and Security Systems

    5. Lifts

    6. Mechanically Driven Equipment

  3. Failure of Electric Locks
2. Time Frame for the Plan

The departmental contingency plan is in shape and will be ready by mid July 1999. Plans will be made to test it in early August 1999.

3. Special Arrangement/Deployment during Rollover to Y2K Critical Dates

It is planned that all personnel involved in handling the Y2K issue, in particular staff of the Computer Services Unit, will be required to standby during the rollover to Y2K critical dates.

Government Flying Service

1. General Scope of Contingency Plan

The general scope of the contingency plan is to ensure operation continuity and to maintain an acceptable level of service during emergency situations addressing the following risks -

  1. Possible risks of internal system failure

    1. Failure of communication systems in Government Flying Service operations control centre

    2. Failure of aircraft navigation systems

    3. Failure of Integrate Aviation Software computer system

    4. Failures of headquarter plant and equipment

    5. Failure of non-critical computer application systems

  2. Possible risks of external system failure
    Failure of electricity power supply
2. Time Frame for the Plan

The contingency plan will be formulated in July 1999, tested by mid-August.

3. Special Arrangement/Deployment during Rollover to Y2K Critical Dates

The Y2K critical dates will be monitored and standby staff will be arranged as necessary during the period.

Note 1 One of the non-compliant systems is the EDI system for Trade Declaration (TDEC), which is jointly operated by the Customs and Excise Department and the Census and Statistics Department. The system has been individually tested and rectified to be Y2K complaint. Joint tests for all EDI-related systems operated by C&ED and C&SD, and the corresponding systems in Tradelink are being carried out and will be completed by May 1999. The other non-compliant system is a Interactive Voice Response System which is installed in the C&ED Headquarters for answering general public enquiry. This system has been replaced by a Y2K compliant system.