IRS Asked to Improve Security at its Offices

November 15, 2013

The Internal Revenue Service needs to take additional steps to improve security at some of its facilities, according to a new report.

Due to the nature of the IRS’s mission, the organization remains a target for those who are angry at the tax system or the government, the report noted. Threats of violence directed at the IRS’s 100,000 employees at more than 600 facilities throughout the country have increased during a time of continued financial hardship. In the one-year period between October 2010 and September 2011, there were more than 1,400 reported threat incidents directed towards IRS employees and infrastructure.

The report, by the Treasury Inspector General for Tax Administration, identified deficiencies in the IRS’s Physical Security Risk Assessment Program and found that most but not all IRS facilities received risk assessments as required. As a result, the IRS may have security vulnerabilities that are not identified and addressed in a timely manner, thereby placing IRS employees and taxpayers at risk.

IRS employees may be exposed to many difficult, threatening, and even extremely dangerous situations because of daily and ongoing interactions with the public, an earlier report released in January noted.

The IRS is required to conduct comprehensive and timely risk assessments to identify and address vulnerabilities in physical security. The overall objective of TIGTA’s latest review was to determine whether physical security risk assessments were conducted as required at all IRS facilities, said Accounting Today.

The new report found that while the IRS completed risk assessments at nearly all of its facilities, it did not review 14 facilities. Five of those facilities remained open as of calendar year 2013 and the other nine facilities were closed prior to calendar year 2013.

In addition, the IRS did not conduct risk assessments at 49 other facilities that were not specifically occupied by IRS employees but were located in or adjacent to IRS facilities. These 49 facilities, which included childcare centers, parking lots and garages, storage units, and a credit union, are not specifically occupied by IRS employees. The IRS said that security at those buildings were the responsibility of the Federal Protective Service but did not provide evidence that that the facilities received a risk assessment.

Completed risk assessments prepared by the IRS identified numerous needs for additional security countermeasures, such as posting signs advising of video surveillance or relocating walls to allow security guards to see visitors entering the facility. However, TIGTA found that some countermeasures were not acted upon. The IRS cited resource constraints as a reason that countermeasures were not implemented, said Accounting Today.

TIGTA made seven recommendations to the IRS’s director of physical security and emergency preparedness. IRS management agreed with the recommendations and plans to implement corrective actions to address them. For example, the IRS plans to ensure that inventory records include all relevant information and develop a process to ensure that required countermeasures are in place and functioning at all Taxpayer Assistance Centers.

“Ensuring the security of IRS employees, facilities and taxpayers is of the utmost importance to us,” IRS chief of agency-wide services David A. Grant wrote in response to the report.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 November

This month, Security magazine brings you the Security 500 Report, Rankings and Thought Leader Profiles. How does your enterprise compare to others? Which security programs are leading the way? Also this month, we highlight how to plan, prepare for and build resilience to protests and other unplanned events, video surveillance tools for SMBs and more.

View More Create Account

IRS Asked to Improve Security at its Offices

Related Articles

Related Products

Report Abusive Comment