IRS commits to better financial management

IRS commits to better financial management

By Shruti Dat'

GCN Staff

The IRS is embarking on a multiyear overhaul of its financial management systems, whose computer security and financial reporting capabilities are inadequate, a recent General Accounting Office audit found.

IRS chief information officer Paul Cosgrave said it would cost at least $100 million to create an integrated financial management system. The project falls under the umbrella of the IRS' business systems modernization.

'The key to better financial management at the IRS is improved technology. Many of the solutions can only be found in new or enhanced automated systems,' IRS chief financial officer Lawrence Rogers said.

The tax agency will tap funds from its Information Technology Investment Account for the modernization, Cosgrave said.

The IRS received $35 million last July and $33 million in December from the fund to develop a revised modernization blueprint with Prime contractor Computer Sciences Corp.

The House Appropriations Committee said the agency's third funding request for the modernization of its systems totals $176.3 million. Cosgrave declined to confirm that figure, saying the tax service is awaiting approval from Congress and GAO.

The IRS will select from five financial management systems approved by the Joint Financial Management Improvement Program for federal agencies to rectify the weaknesses in its current systems, Cosgrave said.

The IRS currently uses two subsystems'a customized custodial system for financial reporting and an administrative system for accounts payable and receivable from American Management Systems Inc. of Fairfax, Va.

'We recognize that IRS' financial management systems were not designed to meet current systems and financial reporting standards,' said Gregory D. Kutz, GAO associate director of governmentwide accounting and financial management issues, who testified at a Feb. 29 hearing of the House Government Reform Subcommittee on Government Management, Information and Technology.

The GAO audit, Internal Revenue Service: Results of Fiscal Year 1999 Financial Statement Audit, revealed design and operational flaws and weak computer security.

Those problems raise questions about the reliability of the IRS' financial information, Kutz said.

'IRS relies extensively on computer information systems to perform basic functions, such as processing tax returns and payments, maintaining sensitive taxpayer data, calculating interest and penalties, and generating refunds,' Kutz testified.

'Consequently, weaknesses in controls over its computer information systems could impair IRS' ability to perform these vital functions and increase the risk of the unauthorized disclosure, modification or destruction of taxpayer data,' he said.

The IRS didn't challenge the report.

'We agree that [computer security] continues to be correctly reported as a material weakness,' Rogers said.

Taking control

IRS commissioner Charles O. Rossotti has moved the authority for all computer operations under direct control of the CIO Office, Rogers said.

Two former GAO executives who are experts in IT security are spearheading the CIO Office's computer security program, Rogers said.

Cosgrave said the IRS has mitigated 75 percent of GAO's computer security concerns. The agency is implementing a servicewide computer security planning and management program for its service centers and computer facilities, Cosgrave said.

The audit said the IRS still lacks:

•'Effective implementation of controls to prevent, limit or detect access to computing resources

•'Adequate separation of systems administration and security administration responsibilities

•'Software configuration to secure the integrity of system programs, files and data

•'Sufficient plans to test activities and inappropriate system configurations.

The IRS has improved the reliability of year-end information reported to the Treasury Department. But it still relies on costly, time-consuming and labor-intensive processes, GAO said.

'The path to improved short-term results will remain labor-intensive for the next few years, until core financial and management systems can be reconfigured and/or replaced,' Treasury deputy CFO Steven App said.

GAO said the IRS lacks a subsidiary ledger to track and accumulate the status of unpaid assessments. It cannot promptly identify and focus collection efforts on accounts most likely to prove collectible, impeding its ability to detect, prevent and correct errors in taxpayers' accounts, the GAO report said.

Current systems cannot automatically link multiple assessments made for a tax liability and do not automatically reflect the payment as a reduction in related accounts, GAO said.

The agency must labor with current systems and processes 'until we are able to replace the archaic legacy data systems not in use. There is no other alternative,' Rogers said.

The IRS has established the Financial and Management Controls Executive Steering Committee to use a risk-based management approach, Rogers said.

inside gcn

  • network

    6 growing threats to network security

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group