The Internal Revenue Service has improved its ability to recover its computer systems in case a disaster strikes, according to a new report.
The
TIGTA found that the corrective actions were being completed in an adequate way, but some other previously recommended changes have not yet been made. Specifically the IRS has not yet developed a system for keeping track of whether its employees with disaster recovery roles have been attending the annual training courses required, and it has not yet established efficient metrics to assess progress and keep track of the improvements in completing the corrective actions.
“Significant events such as the terrorist attacks on September 11, 2001 and Hurricane Katrina in August 2005 emphasize the need for organizations to have plans in place that will guarantee essential operations can continue during a wide range of emergencies,” said TIGTA Inspector General J. Russell George in a statement. “Effective disaster recovery capabilities are critical to ensuring that the IRS’s key information systems can be recovered with minimal service disruption.”
TIGTA recommended that the IRS’s chief technology officer ensure that the IRS develops both of the aforementioned changes, and the IRS agreed with the recommendations.