IRS
Technological Solutions
Improvements in technology for a public organization: The IRS
The IRS is a public agency that affects virtually every American's life. Even Americans who do not owe taxes must submit forms to the IRS, detailing their economic status. The IRS contains a wealth of information that would be of interest to someone attempting to impinge upon the security of the organization, including Social Security and financial data. To ensure people's identities are not compromised and that all financial data is stored in an accurate fashion, the IRS's Computer Security Incident Response Center (CSIRC) has the responsibility of "preventing, detecting, reporting, and responding to computer security incidents targeting IRS computers and data" (Nevius 2012).
However, there are serious problems with the CSIRC. Firstly, a recent audit of the CSIRC's found that its "host-based intrusion detection system is not monitoring 34% of IRS servers, which puts the IRS network and data at risk" for a fairly considerable percentage of citizens (Nevius 2012). "In addition, the CSIRC is not reporting all computer security incidents to the Treasury Department, as required. During the period audited, TIGTA found 84 computer security incidents that were not reported to Treasury, including five incidents involving sabotage or intrusion" (Nevius 2012). The reason for this is that there is no clear chain of command or bureaucratic method in place at the IRS regarding incident response policies and to whom they should be reported. Such "plans, and procedures are either nonexistent or are inaccurate and incomplete" (Nevius 2012).
The IRS must improve the scope of its server monitoring, to ensure that all servers are monitored to ensure that there are no security breaches. This would require the IRS to "develop its cybersecurity data warehouse capability to correlate and reconcile active servers connected to the IRS network with servers monitored by the host-based intrusion detection system" (Nevius 2012). Standard operating procedures must also be put into place for reporting potential breaches. This requires updating the IRS manual detailing to whom security breaches must be reported and the nature of which breaches of security are most critical.
As well as 'beefing up' its general security, the IRS is also in an ongoing project with Lockheed Martin to streamline its procedures. In 2007, Lockheed was contracted to "automate the process to prepare, manage and store customer account notices, significantly reducing production time and enhancing taxpayer service. This system will serve as a backbone to provide timely and accurate notices to taxpayers and will allow IRS employees faster access to taxpayer accounts" (Lockheed Martin wins two contracts to help modernize IRS technology, 2007, Red Orbit). The new system also allows for the organization to more easily "create IRS publications, manuals, specialized tax products and the million of tax forms distributed to the public each year" (Lockheed Martin wins two contracts to help modernize IRS technology, 2007, Red Orbit). Through the availability of information on its website, citizens have greater access to the materials they need from the IRS and expedited tax refunds, which improves the image of the organization in the public eye. Expedited reporting also results in expedited accounting for the agency overall.
You’re 87% through this paper. Sign up to read the full paper.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.