IRS requests priority help

A mounting list of unfinished corrective actions identified by Inspector General for Tax Administration auditors for the Internal Revenue Service's modernization and information technology service has led tax agency officials to request help from auditors in prioritizing the items' urgency.

"We have a finite level of resources in the IT budget in the IRS," said W. Todd Grams, the tax agency chief information officer. "We can't address all of them in a single year and make any appreciable progress," he told Federal Computer Week.

Tax administration auditors have identified more than 140 shortcomings that need a corrective action, said Margaret Begg, assistant inspector general with jurisdiction over IRS information systems programs.

"There was recognition that the tracking and monitoring of the corrective actions may not have been as strong" at the IRS, Begg said.

"I would rather actually close out and knock a few of them out rather than make a little progress on a lot of them," Grams said. Treasury auditors and IRS officials should meet by March to reach agreement on which actions will gain priority, he added.

The most recent Treasury audit report also shows tax agency's process for identifying and managing security weaknesses is flawed and ineffective. Consequently, information provided to the Office of Management Budget under Federal Information Security Management Act (FISMA) is misleading, the report states.

The number of reported weaknesses has been significantly understated because IRS officials considered each tax administration or Government Accountability Office audit as one weakness. Tax agency officials reported 319 system-level weaknesses for its 80 major systems in its most recent report to the Treasury Department. But, "generally, operational and technical control weaknesses were not reported," the audit states.

IRS officials also overstated their progress on rectifying those weakness. Tax agency officials assumed that if a system was certified and accredited, then any weaknesses discovered by auditors had been sufficiently addressed. "This assumption is not valid since certified and accredited systems can still have security weaknesses," auditors said.

The audit recommends two corrective actions. IRS officials responded to the audit by accepting both, stating they have established a working group that is constructing "an enterprise approach to instituting FISMA as a core organizational process," and that the tax agency will also develop a cross-referenced matrix of corrective actions with testing efforts that should be in place by mid-October.

About the Author

David Perera is a special contributor to Defense Systems.


  • Congress
    U.S. Capitol (Photo by M DOGAN / Shutterstock)

    Funding bill clears Congress, heads for president's desk

    The $1.3 trillion spending package passed the House of Representatives on March 22 and the Senate in the early hours of March 23. President Trump is expected to sign the bill, securing government funding for the remainder of fiscal year 2018.

  • 2018 Fed 100

    The 2018 Federal 100

    This year's Fed 100 winners show just how much committed and talented individuals can accomplish in federal IT. Read their profiles to learn more!

  • Census
    How tech can save money for 2020 census

    Trump campaign taps census question as a fund-raising tool

    A fundraising email for the Trump-Pence reelection campaign is trying to get supporters behind a controversial change to the census -- asking respondents whether or not they are U.S. citizens.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.