GAO’s reports and testimonies give Congress, federal agencies, and the public timely, fact-based, non-partisan information that can improve government operations and save taxpayers billions of dollars.
Every year we audit IRS's financial statements.
During our FY 2020 audit, we found that corrective actions were not complete for 114 recommendations we made to address previously reported deficiencies in IRS's financial reporting and related information systems.
The Internal Revenue Service must keep its computer systems secure to protect financial and taxpayer data. Every year since FY 1997, we have assessed whether the IRS had effective controls in place to safeguard this information.
IRS must keep its computer systems secure to protect sensitive financial and taxpayer information. We assessed whether it had effective controls in place to safeguard this information in the past and again during fiscal year 2018.
The federal government relies on commercial credit agencies to help verify the identities of people who apply for benefits online—such as asking personal questions from credit files. However, the 2017 Equifax data breach has raised questions about this practice.
Each year, about 90% of people file their taxes using commercial software or a paid tax return preparer. If these "third parties" that handle your tax information are hacked, your personal information could be exposed—leaving you vulnerable to identity theft.
IRS must keep its computer systems secure to protect sensitive financial and taxpayer information. We assessed whether it had effective controls in place to safeguard this information in fiscal 2016 and 2017.
What GAO Found The Internal Revenue Service (IRS) made progress in addressing previously reported control deficiencies; however, continuing and newly identified control deficiencies limited the effectiveness of security controls for protecting the confidentiality, integrity, and availability of IRS's...
What GAO Found In March 2016 GAO reported that the Internal Revenue Service (IRS) had instituted numerous controls over key financial and tax processing systems; however, it had not always effectively implemented safeguards intended to properly restrict access to systems and information.