A new TIGTA report has found that the IRS continued to give 19 contractors access to sensitive systems despite having background reports that were returned as “not favorable.” “These contractors still retained their access to one or more sensitive systems because the IRS did not take action to suspend or disable the contractors from the IRS’s systems, as required,” according to the inspector general. In addition, the report outlined a range of insufficiencies in IRS security, stating that it “has repeatedly reported that a key deficiency in the IRS’s detection and deterrence processes is not ensuring that all sensitive systems are providing complete, accurate, and usable audit trail logs for monitoring and identifying unauthorized access and for other investigative purposes.” An IRS spokesperson said due to privacy issues they could not provide specific dates for when the issues were flagged, but said they were “promptly resolved” when identified by TIGTA.
