<mods xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.loc.gov/mods/v3" version="3.3" xsi:schemaLocation="http://www.loc.gov/mods/v3 http://www.loc.gov/standards/mods/v3/mods-3-3.xsd" ID="P0b002ee18038390f">
<name type="corporate">
 <namePart>United States Government Publishing Office</namePart>
 <role>
  <roleTerm authority="marcrelator" type="text">publisher</roleTerm>
  <roleTerm authority="marcrelator" type="code">pbl</roleTerm>
</role>
 <role>
  <roleTerm authority="marcrelator" type="text">distributor</roleTerm>
  <roleTerm authority="marcrelator" type="code">dst</roleTerm>
</role>
</name>
<name type="corporate">
 <namePart>United States</namePart>
 <namePart>Government Accountability Office</namePart>
 <namePart>Accounting and Information Management Division</namePart>
 <role>
  <roleTerm authority="marcrelator" type="text">author</roleTerm>
  <roleTerm authority="marcrelator" type="code">aut</roleTerm>
</role>
 <description>Government Organization</description>
</name>
<typeOfResource>text</typeOfResource>
<genre authority="marcgt">government publication</genre>
<language>
 <languageTerm type="code" authority="iso639-2b">eng</languageTerm>
</language>
<extension>
 <collectionCode>GAOREPORTS</collectionCode>
 <category>Legislative Agency Publications</category>
 <waisDatabaseName>gao</waisDatabaseName>
 <branch>legislative</branch>
 <dateIngested>2010-08-12</dateIngested>
</extension>
<originInfo>
 <publisher>U.S. Government Printing Office</publisher>
 <dateIssued encoding="w3cdtf">1997-04-08</dateIssued>
 <issuance>monographic</issuance>
</originInfo>
<physicalDescription>
 <note type="source content type">deposited</note>
 <digitalOrigin>born digital</digitalOrigin>
 <extent>35 p.</extent>
</physicalDescription>
<classification authority="sudocs">GA 1.13:AIMD-97-49</classification>
<identifier type="uri">https://www.govinfo.gov/app/details/GAOREPORTS-AIMD-97-49</identifier>
<identifier type="local">P0b002ee18038390f</identifier>
<identifier type="former package identifier">f:ai97049</identifier>
<recordInfo>
 <recordContentSource authority="marcorg">DGPO</recordContentSource>
 <recordCreationDate encoding="w3cdtf">2010-08-12</recordCreationDate>
 <recordChangeDate encoding="w3cdtf">2011-03-23</recordChangeDate>
 <recordIdentifier source="DGPO">GAOREPORTS-AIMD-97-49</recordIdentifier>
 <recordOrigin>machine generated</recordOrigin>
 <languageOfCataloging>
  <languageTerm type="code" authority="iso639-2b">eng</languageTerm>
</languageOfCataloging>
</recordInfo>
<accessCondition type="GPO scope determination">fdlp</accessCondition>
<extension>
 <docClass>REPORT</docClass>
 <accessId>GAOREPORTS-AIMD-97-49</accessId>
 <reportNumber>AIMD-97-49</reportNumber>
 <subject>Computer security</subject>
 <subject>Tax information confidentiality</subject>
 <subject>Federal employees</subject>
 <subject>Confidential communication</subject>
 <subject>Internal controls</subject>
 <subject>Emergency preparedness</subject>
 <subject>Personnel management</subject>
 <subject>Electronic forms</subject>
 <subject>Data storage</subject>
 <subject>Tax returns</subject>
 <identifier>IRS Electronic Audit Research Log System</identifier>
 <identifier>IRS Integrated Data Retrieval System</identifier>
 <identifier>IRS Distributed Input System</identifier>
 <identifier>IRS Integrated Collection System</identifier>
 <identifier>IRS Totally Integrated Examination System</identifier>
 <type>Letter Report</type>
 <seriesAbbrev>AIMD</seriesAbbrev>
 <law congress="100" isPrivate="false" number="235"></law>
 <statuteAtLarge volume="101">
                      <pages pages="1724"></pages>
                </statuteAtLarge>
</extension>
<titleInfo>
 <title>IRS Systems Security: Tax Processing Operations and Data Still at Risk Due to Serious Weaknesses</title>
</titleInfo>
<abstract>Pursuant to a congressional request, GAO reviewed the Internal Revenue
Service&apos;s (IRS) computer security, focusing on whether IRS is
effectively: (1) managing computer security; and (2) addressing employee
browsing of electronic taxpayer data.&lt;p/&gt;GAO noted that: (1) over the last 3 years, GAO has reported on a number
of computer security problems at IRS and has made recommendations for
strengthening IRS&apos; computer security management effectiveness; (2)
nevertheless, IRS continues to have serious weaknesses in the controls
used to safeguard IRS computer systems, facilities, and taxpayer data;
(3) GAO&apos;s recent on-site reviews of security at five facilities
disclosed many weaknesses in the areas of physical security, logical
security, data communications management, risk analysis, quality
assurance, internal audit and security, security awareness, and
contingency planning; (4) for example, the five facilities could not
account collectively for approximately 6,400 missing units of magnetic
storage media, such as tapes and cartridges, which could contain
taxpayer data; (5) in addition, printouts containing taxpayer data were
left unprotected and unattended in open areas of two facilities where
they could be compromised; (6) also, none of the facilities visited had
comprehensive disaster recovery plans, which threaten the facilities&apos;
ability to restore operations following emergencies or natural
disasters; (7) one area of unauthorized access that has been the focus
of considerable attention is electronic browsing of taxpayer data by IRS
employees; (8) despite this attention, IRS is still not effectively
addressing the problem via thorough employee monitoring, accurate
recording of browsing violations, or consistent application and
publication of enforcement actions; (9) for example, IRS currently does
not monitor all employees with access to automated systems and data for
electronic browsing activities; (10) in addition, when instances of
browsing are identified, IRS does not consistently investigate them or
publicize them to deter others from browsing, and does not consistently
punish browsers; and (11) until these serious weaknesses are corrected,
IRS runs the risk of its tax processing operations being disrupted and
taxpayer data being improperly used, modified, or destroyed.</abstract>
<location>
 <url displayLabel="HTML rendition" access="raw object">https://www.govinfo.gov/content/pkg/GAOREPORTS-AIMD-97-49/html/GAOREPORTS-AIMD-97-49.htm</url>
 <url displayLabel="PDF rendition" access="raw object">https://www.govinfo.gov/content/pkg/GAOREPORTS-AIMD-97-49/pdf/GAOREPORTS-AIMD-97-49.pdf</url>
</location>
<identifier type="preferred citation">GAO/AIMD-97-49</identifier>
<location>
 <url displayLabel="Content Detail" access="object in context">https://www.govinfo.gov/app/details/GAOREPORTS-AIMD-97-49</url>
</location>
<note>Letter Report</note>
<extension>
 <searchTitle>GAO/AIMD-97-49; IRS Systems Security: Tax Processing Operations and Data Still at Risk Due to Serious Weaknesses;
            </searchTitle>
</extension>
<subject>
 <topic>Computer security</topic>
 <topic>Tax information confidentiality</topic>
 <topic>Federal employees</topic>
 <topic>Confidential communication</topic>
 <topic>Internal controls</topic>
 <topic>Emergency preparedness</topic>
 <topic>Personnel management</topic>
 <topic>Electronic forms</topic>
 <topic>Data storage</topic>
 <topic>Tax returns</topic>
 <topic>IRS Electronic Audit Research Log System</topic>
 <topic>IRS Integrated Data Retrieval System</topic>
 <topic>IRS Distributed Input System</topic>
 <topic>IRS Integrated Collection System</topic>
 <topic>IRS Totally Integrated Examination System</topic>
</subject>
<relatedItem type="isReferencedBy">
 <titleInfo>
  <title>United States Statutes at Large</title>
  <partNumber>Volume 101 Page 1724</partNumber>
</titleInfo>
 <identifier type="Statute citation">101 Stat. 1724</identifier>
</relatedItem>
<relatedItem type="isReferencedBy">
 <titleInfo>
  <title>United States Public Law 235 (100th Congress)</title>
</titleInfo>
 <identifier type="public law citation">Public Law 100-235</identifier>
</relatedItem>
</mods>