Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (82.02 KB, 1 trang )
Appendix I
Material Weaknesses, Significant Deficiency,
and Compliance Issues
Page 109 GAO-12-165 IRS’s Fiscal Years 2011 and 2010 Financial Statements
financial information used by management and increase the risk that
sensitive agency and taxpayer information may be compromised. These
deficiencies also increase the risk that errors or irregularities may affect
IRS’s financial information and not be detected and corrected in time to
prevent material misstatement of IRS’s financial statements or other
internal and external reports.
24
During fiscal year 2011, IRS management devoted attention and
resources to addressing the agency’
s information security controls. The
agency developed enterprise-wide security initiatives that are designed to
improve its controls and provide management with the ability to measure
the state of IRS’s controls. For example, IRS formed cross-functional
working groups with knowledge of the IRS internal systems to address
identified areas considered at risk.
Nevertheless, the agency made limited progress in corre
cting information
security weaknesses we identified in previous audits. IRS addressed
approximately 15 percent of the 105 open recommendations that we had
previously reported. For example, IRS took action to address
recommendations related to (1) encrypted data transfers for its Integrated
Financial System (IFS),