TIGTA Report: IRS Computer Security Center Effective, Could Be Better

By AccountingWEB Staff
 
The Computer Security Incident Response Center (CSIRC), which is responsible for monitoring the IRS network for cyber attacks and computer vulnerabilities (twenty-four hours, 365 days a year), "is effectively performing most of its responsibilities for preventing, detecting, and responding to computer security incidents," according to a new report publicly released by the Treasury Inspector General for Tax Administration (TIGTA).
 
"However, further improvements could be made," said Treasury Inspector General for Tax Administration J. Russell George.
 
While Treasury Inspector General for Tax Administration J. Russell George states that the CSIRC "is effectively performing most of its responsibilities for preventing, detecting, and responding to computer security incidents," he says further improvements could be made.
George noted that:
  • The CSIRC's host-based intrusion detection system is not monitoring 34 percent of IRS servers, which puts the IRS network and data at risk.
  • The CSIRC is not reporting all computer security incidents to the Department of the Treasury, as required. 
  • The CSIRC incident response policies, plans, and procedures are either nonexistent or are inaccurate and incomplete.

The TIGTA recommended that the Assistant Chief Information Officer, Cybersecurity, direct the CSIRC to:

  1. Develop its Cybersecurity Data Warehouse capability to correlate and reconcile active servers connected to the IRS network with servers monitored by the host-based intrusion detection system;
  2. Revise and expand the Memorandum of Understanding with the TIGTA Office of Investigations to ensure that all reportable and relevant security incidents are shared with the CSIRC;
  3. Collaborate with the TIGTA Office of Investigations to create common identifiers to help the CSIRC reconcile its incident tracking system with the TIGTA Office of Investigations' incident system; 
  4. Develop a standalone incident response policy or update the policy in the IRS's Internal Revenue Manual with current and complete information; 
  5. Develop an incident response plan; and
  6. Develop, update, and formalize all critical standard operating procedures.
 
The IRS agreed with the recommendations, and corrective actions are planned or in process for five of the six recommendations. Although the IRS agreed with the recommendation to correlate and reconcile active servers connected to the IRS network with servers monitored by the host-based intrusion detection system, its proposed corrective actions did not address the TIGTA's recommendation. Specifically, the IRS did not commit to implementing the controls the TIGTA recommended.
 
 
Related articles:

 

You may like these other stories...

IRS audits less than 1 percent of big partnershipsAccording to an April 17 report from the Government Accountability Office (GAO), the IRS audits fewer than 1 percent of large business partnerships, Stephen Ohlemacher of the...
Legislation coming out of Washington just might reduce homeowners' burden for disaster insurance. It's a topic very much on everyone's minds since the mudslide in Oso, Washington. The loss of human life was...
Divorce is hard, and the IRS isn't going to make it any easier. The IRS generally says "no" to tax deductions that might ease the pain of divorce. In certain circumstances, however, you might be able to salvage...

Upcoming CPE Webinars

Apr 22
Is everyone at your organization meeting your client service expectations? Let client service expert, Kristen Rampe, CPA help you establish a reputation of top-tier service in every facet of your firm during this one hour webinar.
Apr 24
In this session Excel expert David Ringstrom, CPA introduces you to a powerful but underutilized macro feature in Excel.
Apr 25
This material focuses on the principles of accounting for non-profit organizations' revenues. It will include discussions of revenue recognition for cash and non-cash contributions as well as other revenues commonly received by non-profit organizations.
Apr 30
During the second session of a four-part series on Individual Leadership, the focus will be on time management- a critical success factor for effective leadership. Each person has 24 hours of time to spend each day; the key is making wise investments and knowing what investments yield the greatest return.