On Air: Federal News Network
Trending:
Listen Live
All News

Security risks found in IRS internal controls

A GAO report shows that the IRS lacked the oversight to protect taxpayer information and building security.

Federal News Network Staff
June 23, 2011 2:31 pm
2 min read
     

By Jory Heckman
Federal News Radio

The IRS is putting confidential taxpayer information at risk. So says the Government Accountability Office (GAO) in a new report on the tax agency’s internal controls.

GAO stated the IRS failed to perform background checks on mail couriers whose job was to transport taxpayer information from service center campuses (SCCs) to the post office.

These same couriers also ignored an essential IRS rule to lock the doors of their vehicles, which were carrying taxpayer returns and other sensitive information. Without clear oversight from the IRS, the infraction went unnoticed until the GAO inspection.

        Join us May 6 at 1 p.m. EST for Federal News Network's Industry Exchange Data where we'll explore how you can employ data to modernize your agency. | Register today!

The GAO also raised concerns about data security for old copy machines sent off to the trash by IRS office, since sensitive information can still be lifted from their hard drives.

IRS buildings housing personal taxpayer information also lacked the physical security systems needed to keep unauthorized personnel from gaining access.

In their report, GAO found four malfunctioning nighttime security lights. Without the security lights, surveillance cameras could not properly survey the perimeter of the building after dark. IRS procedures never called for it to do periodic security reviews at night.

Another areas of concern around IRS internal controls was employee pay. GAO said that the IRS’s payroll service, the Agriculture Department’s National Finance Center (NFC), miscalculated the wages that should have gone to IRS workers. IRS didn’t catch the oversight until August.

GAO said that if left unresolved, the internal control issues highlighted in their report could lead to:

  • Unauthorized or improper refunds, purchases, or promotions
  • Errors in the hours credited or amounts paid to staff
  • Loss or theft of cash receipts or taxpayer information
  • Security and control deficiencies at SCCs and processing facilities
  • Data errors in property records
  • Improper disclosure of taxpayer and other sensitive data.

As a result of the GAO review, the IRS now will establish a policy to wipe or remove the hard drives of copiers prior to disposal in an effort to keep employee and public records safe from intrusion.

The IRS has revised instructions to guards, including where to report light outages and adding nighttime checks into their regular security reviews.

Jory Heckman is an intern with Federal News Radio.

        Read more: All News

RELATED STORIES: Cybersecurity tops IRS challenges in 2011

(Copyright 2011 by FederalNewsRadio.com. All Rights Reserved.)

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

READ MORE
     
Related Topics
All News