U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

The Endpoint Detection and Response Solution Has Been Deployed to Most Workstations and Is Operating As Intended, but Improvements Are Needed

Report Information

Date Issued
Report Number
2021-20-065
Report Type
Audit
Joint Report
Yes
Participating OIG
Treasury Inspector General for Tax Administration
Agency Wide
Yes (agency-wide)
Questioned Costs
$0
Funds for Better Use
$0
View Report

Recommendations

The Chief Information Officer should ensure that the Cybersecurity Endpoint Detection and Response team correctly maps user assignments to the associated Active Directory domain group(s) via the access control system.

The Chief Information Officer should maintain documentation to support that default password changes or disabling occurred before or immediately after an application has been implemented.