The Internal Revenue Service failed to demonstrate that it fully addressed security weaknesses in recent years, potentially leaving sensitive taxpayer information vulnerable to attack, according to an auditor’s report.
The Treasury Inspector General for Tax Administration found that the IRS had only partially implemented 42 percent of the corrective plans it checked off as completed in recent years.
“When the right degree of security diligence is not applied to systems, disgruntled insiders or malicious outsiders can exploit security weaknesses and may gain unauthorized access,” Treasury Inspector General J. Russel George said in the report.
The review showed that the IRS failed to properly track its progress toward completing many of the fixes auditors had recommended in recent years. The agency closed most of the cases without adequate documentation and did not always uploaded the necessary information into a database that helps ensure compliance.
The inspector general suggested that the IRS should strengthen its management controls and follow its internal requirements for tracking implementation of corrective measures, in addition to providing additional training to employees.
The IRS said in its response to the findings that it issued a new manual this year to help improve its monitoring practices and that the agency would audit completed actions in the future.
Follow Josh Hicks on Twitter, Facebook or Google+. Connect by e-mail at firstname.lastname@example.org. Visit The Federal Eye, The Fed Page and Post Politics for more federal news. E-mail email@example.com with news tips and other suggestions.