Audit: IRS could do more to protect databases

In all, the inspector general looked at primary databases in 13 separate IRS applications — and found medium- to high-risk vulnerabilities in each. 

The report also says that the IRS spent more than $1 million on a database protection tool that was not fully evaluated and tested — and, in the end, not completely implemented. 

{mosads}The inspector general recommended that the IRS, among other things, develop a plan to deal with and upgrade out-of-date databases.

The agency concurred with those recommendations, but disagreed that it had wasted money on the database protection tool. 

“The IRS conducted a thorough technical, cost and business-requirements analysis prior to making the change, and in the process confirmed that the new tool would save the taxpayers over $5.5 million in total cost of ownership,” said Terence Milholland, the IRS’s chief technology officer.

The agency later added in a statement that it wanted “to be very clear that while this report points out a number of technical issues, many of which have been resolved, there is no direct assertion that any taxpayer data is at risk.”

“In fact, it should be noted that many of the databases referenced in this report don’t store any taxpayer data at all,” the IRS added.

This post was updated at 3:20 p.m.

Tags

Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed..

 

Main Area Top ↴

Testing Homepage Widget

 

Main Area Middle ↴
Main Area Bottom ↴

Most Popular

Load more

Video

See all Video