The Government Accountability Office has reviewed the Internal Revenue Service's data security and discovered 14 new vulnerabilities. GAO said Thursday that it evaluated IRS' information security controls in fiscal year 2018 and recommends the revenue agency to bolster protection of financial and taxpayer information. The new evaluation report follows previous studies on the matter within IRS.
The new audit covered the areas of access controls, configuration management, segregation of duties, contingency planning and information security programs. The fiscal 2018 study generated a total of 20 new recommendations, adding to 107 remaining recommendations from previous assessments. GAO also found that IRS had implemented recommendations from previous assessments as of Sept. 30, 2018, reducing the number of unaddressed previous recommendations from 154 to 107.