Auditors slam Michigan's tax security

The Michigan Treasury Department's mainframe system for processing taxes is vulnerable to unauthorized access and fraud, state auditors said.

'General controls over access to mainframe systems were not effective,' according to the auditor general's report, which found 'a significant risk that the department's system of internal controls could not prevent or detect unauthorized access to or use of confidential taxpayer information.' Nor could the internal controls prevent fraudulent financial transactions, the report said.

The department lacked a comprehensive IT security program, auditors said. It also did not control access to the critical production account through which individuals could access tax files as well as other state financial systems.

The department also failed to impose effective program and data change controls, according to the auditors, and therefore was at risk for unauthorized data changes.

Officials agreed with the auditors' findings and said the department had partially complied with or would implement the audit recommendations, according to the report.

inside gcn

  • security compliance

    Security fundamentals: Policy compliance

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group