CONTINUEThis site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.
  1. Front Page
  2. News By Topic
  3. IRS Information Security Criticised

IRS Information Security Criticised

by Mike Godfrey,, Washington

28 December 2010

The information security programme implemented by the United States’ Internal Revenue Service (IRS) has been found to be generally compliant with the Federal Information Security Management Act (FISMA) legislation, but a report by the Treasury Inspector General for Tax Administration (TIGTA) identified certain areas where the programme was not fully effective.

FISMA was enacted to strengthen the security of information and systems within federal agencies. As part of the legislation, the Offices of Inspector General must perform an annual independent evaluation of each federal agency’s information security policies and procedures and evaluate its compliance with FISMA requirements. The TIGTA’s audit report reflects an independent evaluation of the status of information technology security at the IRS for the 2010 fiscal year.

The TIGTA found three programme areas where the IRS met the level of performance specified by the 2010 FISMA checklist. Those areas were the IRS’s certification and accreditation programme, incident response and reporting programme, and remote access management.

However, the TIGTA also found that the IRS’s information security programme was not fully effective in the areas of configuration management, security training, plans of actions and milestones, identity and access management, continuous monitoring management, contingency planning, and contractor systems oversight.

“The IRS collects and maintains a significant amount of personal and financial taxpayer information and relies heavily on computerized systems to support its responsibility in collecting taxes,” said J. Russell George, the TIGTA. “As custodians of taxpayer information, the IRS has an obligation to protect the confidentiality of this sensitive information against unauthorized access or loss. The failure to do so could expose taxpayers to invasion of privacy and financial loss or damage from identity theft and other financial crimes.”

TAGS: tax | law | Internal Revenue Service (IRS) | legislation | United States

To see today's news, click here.


Tax-News Reviews

Cyprus Review

A review and forecast of Cyprus's international business, legal and investment climate.

Visit Cyprus Review »

Malta Review

A review and forecast of Malta's international business, legal and investment climate.

Visit Malta Review »

Jersey Review

A review and forecast of Jersey's international business, legal and investment climate.

Visit Jersey Review »

Budget Review

A review of the latest budget news and government financial statements from around the world.

Visit Budget Review »

Stay Updated

Please enter your email address to join the mailing list. View previous newsletters.

By subscribing to our newsletter service, you agree to our Terms and Conditions and Privacy Policy.

To manage your mailing list preferences, please click here »