Safeguarding Taxpayer Information:

An Evaluation of the Proposed Computerized Tax Administration System

LCD-76-115, Jan 17, 1977

Contact:

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

The proposed Internal Revenue Service (IRS) computer system, the Tax Administration System, was examined to determine safeguards for personal taxpayer information. Major threats to a network of this type are from untrustworthy users or from unauthorized access.

Although absolute computer security is not practicable, the Tax Administration System will provide a high level of protection through technical, administrative, and physical controls. Some of the safeguards in the present system have weaknesses which should be corrected within the framework of existing security procedures. The use of cryptographic devices will depend on an IRS determination based on its risk and threat analysis, but present evidence does not indicate that the cost is warranted. In addition, consideration should be given to: establishing a national data processing security office, guarding against unauthorized access, controlling employee access, improving physical security and control of information media, and seeking legal and other means to limiting disclosure of information.

Status Legend:

More Info
  • Review Pending-GAO has not yet assessed implementation status.
  • Open-Actions to satisfy the intent of the recommendation have not been taken or are being planned, or actions that partially satisfy the intent of the recommendation have been taken.
  • Closed-implemented-Actions that satisfy the intent of the recommendation have been taken.
  • Closed-not implemented-While the intent of the recommendation has not been satisfied, time or circumstances have rendered the recommendation invalid.
    • Review Pending
    • Open
    • Closed - implemented
    • Closed - not implemented

    Recommendation for Executive Action

    Recommendation: Consideration should be given to: establishing a national data processing security office, guarding against unauthorized access, controlling employee access, improving physical security and control of information media, and seeking legal and other means to limiting disclosure of information.

    Agency Affected:

    Status: Closed

    Comments: Please call 202/512-6100 for additional information.