Information Security: IRS Needs to Enhance Internal Control Over Financial Reporting and Taxpayer Data
DIANE Publishing, May 1, 2011 - 32 pages
The Internal Revenue Service (IRS) relies extensively on computerized systems to support its financial and mission-related operations and on information security controls to protect financial and sensitive taxpayer information that resides on those systems. As part of an audit of IRS's FY 2010 and 2009 financial statements, the auditor assessed whether controls over key financial and tax processing systems are effective in ensuring the confidentiality, integrity, and availability of financial and sensitive taxpayer information. To do this, the auditor examined IRS information security policies, plans, and procedures; tested controls over key financial applications; and interviewed key agency officials at four sites. This is a print on demand report.
What people are saying - Write a review
We haven't found any reviews in the usual places.
addition agency’s audit trail comprehensive information security Computer Security computing centers computing resources configuration management contingency planning controls over key corrected a previously corrective actions cryptography current operating environment database administration disaster recovery documented effective employees financial and sensitive financial and tax financial and taxpayer fiscal year 2010 FISMA requires fully implemented key Government Accountability Office implemented key components individuals information security policies information security program information security weaknesses insider threats internal control Internal Revenue Manual Internal Revenue Service IRS made progress IRS policy IRS’s fiscal ledger system material weakness physical security policies and procedures previously identified weakness previously reported weaknesses processes in place procurement systems progress in correcting recommendations responsibilities restricted areas reviewed risk assessments segregation of duties sensitive information sensitive taxpayer information software vulnerability system for tax-related system security plans tax processing systems tax-related activities technical controls tests and evaluations unauthorized access unencrypted updated vulnerabilities