Report says IRS computer security weaknesses compromise tax data

Weaknesses in the Internal Revenue Service information security systems compromise the confidentiality and integrity of sensitive systems and taxpayer data, although the IRS has made progress toward improving its systems, the General Accounting Office said in a report released Monday.

An underlying cause of the weakness is that the IRS has not fully implemented certain elements of its agencywide information security program. The IRS has not adequately identified or assessed the risks it faces and consequently has not determined which security measures are necessary nor implemented compliance programs.

The GAO recommended that the IRS commissioner direct the chief information officer and manager of each division to assess information security risks and implement policies to boost security awareness among employees and to monitor the effectiveness of its new controls.