Investigators find lax IT security at Treasury

The Treasury Department does not have adequate information security controls in place, according to a General Accounting Office report released Monday.

The department has had longstanding weaknesses in IT security at key bureaus such as the Internal Revenue Service and the Financial Management Service, according to the report (GAO-04-77), and without the proper precautions, sensitive Treasury information will be compromised.

The problems exist, the report said, because Treasury has not fully institutionalized its security program department-wide. GAO recommends that the Treasury secretary direct the department's chief information officer to address the challenge with more specific directives.