The Internal Revenue Service is still falling short on fundamental information security measures, according to a new Government Accountability Office report.
The July 31 GAO report identified specific issues in the agency’s information security program management, such as inconsistently enforcing effective password security and insufficiently documenting authorizations for mainframe data and processing changes. GAO also said IRS was uneven in its implementation of certain components of its security program.
