Active Directory Oversight Needs Improvement and Criminal Investigation Computer Rooms Lack Minimum Security Controls

The Chief Information Officer should review the current scope of the ADTAB's defined oversight responsibilities and modify as necessary to ensure that the ADTAB is providing agencywide oversight of the AD architecture, including the AD forests that operate outside of the Enterprise Operations organization.

The Chief Information Officer should update the existing ADTAB charter and ensure that all individual forest owners are appropriately represented on the ADTAB.

The Chief, CI, with assistance from the Chief Information Officer, should complete a cost analysis to 1) determine the efficacy of relocating CI assets in each of the field offices to existing IRS computer rooms versus upgrading the CI computer rooms to ensure that assets are protected in accordance with Federal and IRM security requirements and 2) implement the most cost effective solution.

Complete a cost analysis to 1) determine the efficacy of relocating CI assets in each of the field offices to existing IRS computer rooms versus upgrading the CI computer rooms to ensure that assets are protected in accordance with Federal and IRM security requirements and 2) implement the most cost-effective solution.

The Chief, CI, with assistance from the Chief Information Officer, should ensure that CI computer rooms are immediately updated to comply with IRM requirements for Limited Areas, key and cipher lock combination controls, and stand alone fire extinguishers while a cost effective solution regarding the computer room location is identified and implemented.