Weaknesses in the Internal Revenue Service’s IT program could expose taxpayers to identity theft, according to an audit made public today by the Treasury Inspector General for Tax Administration.
“TIGTA identified weaknesses within the IRS’s Cybersecurity program pertaining to continuous monitoring, configuration management, identity and access management, privacy impact assessments, external connections, and audit trails,” said the annual report for 2014. “Weaknesses within the IRS’s Information Technology Program could result in computer operations that become compromised, disrupted, or outdated.”
The report also noted that while a pilot program found that the agency’s existing fraud detection system failed to find 10,348 cases of identity theft, resulting in $43 million in refunds, as well as an additional 350,000 potentially fraudulent returns, the IRS has not planned to replace its current system.
While the IRS made overall progress with respect to the Affordable Care Act, the audit also identified “issues with the Coverage Data Repository, the Affordable Care Act Verification Service, interagency testing, and the Final Integration Test program.”