Even though the IRS has made improvements in information security, there are still weak spots in its in system access controls, audit trails, and remediation of security flaws, according to a new report.
The
TIGTA found that, since last year’s assessment report, the IRS has taken important steps to correct system performance issues of the Modernized e-File system, but it identified several systems development issues that should be addressed to further strengthen and support the IRS’s modernization efforts. For example, its review of the Customer Account Data Engine 2 database determined that existing data quality issues prevented the downstream interfaces from being implemented. (See
“Since the IRS now relies extensively on its computer systems to carry out the responsibilities of administering our nation’s tax laws, it must ensure that those systems are effectively secured to protect sensitive financial and taxpayer data,” said Inspector General J. Russell George. “TIGTA found that the IRS’s Modernization Program remains at risk.”
Among the other issues discussed in the report were the need for the service to strengthen its hardware and software management processes; the need for improvement of taxpayer access to account information online; and the potential benefits of a “Bring Your Own Device” pilot program.
The assessment did not include any specific recommendations for the IRS, but some of the individual audits mentioned in the assessment did.