Resources for Gramm Leach Bliley Act (GLBA)

IRS needs to better monitor security compliance

www.fcw.com

The Internal Revenue Service needs to take more action to monitor and enforce compliance with security policies and procedures, and provide more effective guidance, the Treasury Inspector General for Tax Administration said in a new report.

Although IRS has made progress in its information security, it needs to be more comprehensive, the IG said. For example, the agency did not validate actions taken to correct security weaknesses, and testing to verify compliance with security configurations was inadequate.

IRS also did not adequately analyze security incidents for underlying causes. The agency did not always identify the causes of the 1,172 incidents reported in a one-year period and did not always follow up to ensure that the weaknesses were corrected, TIGTA said in the report, released today. In another audit, TIGTA said it found 15 of 20 systems did not meet basic annual testing requirements.

View the Resource

Share or bookmarklet this web page at: