The group, which runs the only worldwide certification program for IT asset managers, released six questions on Monday that it thinks lawmakers and federal investigators should ask about the missing e-mails of former IRS official Lois Lerner, a central figure in the targeting affair.
To review, the IRS said it lost years worth of Lerner’s e-mails when her hard drive crashed in 2011. The agency also said it destroyed the device after trying to recover the data with help from its IT specialists and forensics experts.
Although this issue has become politicized, there’s little doubt that authorities should look into the matter. After all, National Archivist David Ferriero told a congressional committee at a hearing last month that the IRS “did not follow the law” when it failed to inform the National Archives and Records Administration of Lerner’s lost e-mails.
IAITAM president and founder Barbara Rembiesa posed the following questions for the IRS in a news release on Monday:
1.) What happened to the IRS’s IT asset managers who appear to have disappeared at a key juncture?
Ordering the destruction of a hard drive and documenting that process would be handled by trained, certified IT asset managers, according to IAITAM. But the group’s records show that at least three IRS IT asset managers were shuffled out of their positions around the time of the May 2013 inspector general’s report that detailed the agency’s targeting practices.
IAITAM said investigators need to “determine if these in-house IT asset managers were removed from the picture as the IRS email investigation heated up.”
2.) Where is the documentation to prove that the IRS wiped or destroyed Lois Lerner’s hard drive?
So far, we only have the word of IRS officials. IAITAM said its standards call for clear proof and records of destruction when drives are wiped or eliminated. “Until that documentation is provided, the hard drives should be considered lost, not destroyed,” Rembiesa said.
3.) Were the drives destroyed by an outside vendor or firm? If so, by who, and can they verify the destruction?
Hiring a specialized firm to destroy IT assets is not unusual for federal agencies, according to IAITAM. If the IRS used this method to destroy Lerner’s hard drive, there would be an additional layer of documentation to show that the action took place, the group said.
4.) What are the IRS’s specific policies and procedures on document retention when hard drives are damaged or destroyed?
The IRS almost certainly has specific policies and procedures for reclaiming and destroying hard drives, according to IAITAM. “In large organizations, hard drives don’t just get bulk erased,” Rembiesa said.
If the IRS followed its standards properly, there would be documentation of failed attempts to recover data from the hard drives and for destroying them. So far, we only have e-mails that the IRS released showing that Lerner was working with IT specialists to recover her files and that those efforts failed.
5.) What is the IRS’s disaster-recovery policy?
Loss of data at large organizations is fairly common, but failing to find a way to recover the data is not common, according to IAITAM. The group said investigators need to understand exactly what the IRS would typically do when data is lost, as well as whether the agency followed those guidelines in Lerner’s case, and, if not, then why.
6.) Where are Lois Lerner’s Blackberry e-mails?
IAITAM said investigators need to determine whether the IRS’s Blackberry communications are secure and what is on the “enterprise server.”
“It is difficult to imagine that none of the emails in question were done on a mobile basis,” Rembiesa said. “If so, there may be a freestanding stream of email records that would not be impacted by the Lerner hard drive loss.”