The US Treasury Inspector General for Tax Administration (TIGTA) has publicly released its review of two Internal Revenue Service (IRS) modernized systems that were deployed with known security vulnerabilities, placing the security and privacy of taxpayer information at risk.
The Customer Account Data Engine (CADE) will provide the foundation for managing all taxpayer accounts and will replace existing tax processing systems. The Account Management Services (AMS) will provide faster and improved access by employees to taxpayer account data. However, TIGTA found that security weaknesses in controls over sensitive data protection, system access, monitoring of system access, and disaster recovery have continued to exist even though key phases of the CADE and the AMS have been deployed. The report concludes that as a result, the IRS is jeopardizing the confidentiality, integrity, and availability of an increasing volume of tax information for millions of taxpayers as these systems are put into operation.
"The IRS continues to struggle with security vulnerabilities in its modernized systems. It recognizes, as we all do, the inherent risk in any IT system," commented J. Russell George, Inspector General, Treasury Inspector General for Tax Administration. "In the case of the CADE and AMS the Service was aware of, and even self-identified, these weaknesses. This is very troublesome."
TIGTA found that the IRS has established policies and procedures for security and privacy requirements, but it did not follow those guidelines during the planning and design phases for both systems. The report also found that IRS officials did not carry out their responsibilities for ensuring the identified weaknesses had been fully addressed prior to deployment.
TIGTA identified some of these vulnerabilities in prior audit reports on the CADE and other modernization projects. To remedy the vulnerabilities identified in the current report, TIGTA recommended several solutions, including that IRS officials consider all security vulnerabilities which affect the overall security of these systems before implementation.
IRS officials generally agreed with TIGTA’s recommendations.
.
Network Tweets
Network BlogsContent
provided by
|
Archive | Resources | Partners | Site Map | Links | Newsletter Archive | Contact | RSS Feeds | About | Syndication | Advertising & Marketing | Recruitment | Terms & Conditions | Privacy & Cookies
Copyright © 2012 - All Rights Reserved - Tax-News.com
IMPORTANT NOTICE: Tax-News.com has taken reasonable care in sourcing and presenting the information contained on this site, but accepts no responsibility for any financial or other loss or damage that may result from its use. In particular, users of the site are advised to take appropriate professional advice before committing themselves to involvement in offshore jurisdictions, offshore trusts or offshore investments.
Write a comment