Purpose

This is to outline why the need for a Y2K Due Diligence Certificate.

Why the need for a Certificate?

The proposed Certificate is to show trading partners that a Y2K checking and remediation process has been followed. More important as the user data is continually changing this Certification has to take place at regular intervals to confirm that Network Data Exchange (NDE) is Y2K Compliant. A proposed definition of NDE is:

"Computers files that are used by the user that have not been prepared by that user."

ie. files that are:

1. imported off floppy disk
2. attachments sent by e-mail via LANS and WANS
3. received via the Internet both as e-mail and file downloads
4. received from Value Added Networks"

There are a number of levels of certification:

1. The Y2K plan of action has been prepared
   1. Someone nominated as responsible
   2. Key trading partners identified
   3. Time & resources for remediation allocated

2. The computerised assets have been listed

3. The Initial checking and Remediation process completed
   1. Basic Input/Output System (BIOS) Hardware
   2. Real Time Clock (RTC) Hardware
   3. Operating System (O/S) Software
   4. Application Software (A/S) Software
   5. User Data (U/D) User Data
   6. Network Data Exchange (NDE) User Data
   7. Macros (MAC) Software

4. Monthly certificates for on-going Y2K remediation

Confirming the Certification Process

The only way that the Y2K Due Diligence process can be confirmed is by using the Internet to regularly send key fields to the OIC Web Site to confirm that the Y2K Due Diligence process has been completed and maintained.