The Government Accountability Office (GAO) has reported “new and continuing deficiencies” in the Internal Revenue Service’s (IRS) information technology systems that could affect the agency’s sensitive programs and information.
GAO said in a report released last week that there are 11 new deficiencies in IRS’s information system security controls that support financial and tax-related operations. Such deficiencies include issues in configuration management, duty segregation and information security management. According to the watchdog, IRS resolved 13 out of 127 recommendations detailed in prior reports as of September 2019.
“Until these new and continuing control deficiencies, which collectively represent a significant deficiency, are fully addressed, IRS financial reporting and taxpayer data will remain unnecessarily vulnerable to unauthorized access, modification, or disclosure,” GAO said.
The agency analyzed IRS financial statements from fiscal years 2018 to 2019 as part of the audit.