Amidst all the pronouncements from the Internal Revenue Service touting the number of taxpayers flocking to electronic filing in one form or another, the Government Accountability Office has issued a report warning that the threat of a security breach remains high.

The GAO's March 24 report did praise the IRS for working to improve its information security over the past year, but said that the agency still needs to implement a comprehensive information security program.


"Collectively, these weaknesses increase the risk that sensitive financial and taxpayer data will be inadequately protected against disclosure, modification or loss, possibly without detection, and place IRS operations at risk of disruption," the GAO said in its executive summary.

The report later added, " Until the IRS fully implements a comprehensive, agency-wide information security program, its facilities and computing resources and the information that is processed, stored and transmitted on its systems will remain vulnerable."

The report found that the IRS has failed to adequately implement electronic access controls like user accounts and passwords, user rights and file permissions, and security-related event monitoring. The IRS also has not done enough to physically secure computers and networks or crack down on unauthorized software changes, the report said.

In a review initiated after last year's GAO report highlighted more than 40 weaknesses in the agency's system, the IRS said that it did not find any evidence of lost or stolen taxpayer data.

Register or login for access to this item and much more

All Accounting Today content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access