U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Breadcrumb

Improved Tax Return Filing and Tax Account Access Authentication Processes and Procedures Are Needed

Report Information

Date Issued
Report Number
2016-40-007
Report Type
Audit
Joint Report
Yes
Participating OIG
Treasury Inspector General for Tax Administration
Agency Wide
Yes (agency-wide)
Questioned Costs
$0
Funds for Better Use
$0

Recommendations

The Deputy Commissioner for Services and Enforcement should develop a Service-wide strategy that establishes consistent oversight of all authentication needs across IRS functions and programs including all interactions with individuals face-to-face, online, and through the telephone. In addition, the IRS should ensure that responsibility for implementing the strategy is optimally aligned to provide centralized oversight and facilitate decision making for the development and integration of all forms of authentication including frameworks, policies, and processes across the IRS.

The Deputy Commissioner for Services and Enforcement should ensure that the level of authentication risk for all current and future IRS online applications accurately reflects the risk to the IRS and taxpayers should an authentication error occur.

The Deputy Commissioner for Services and Enforcement should ensure that the implemented authentication processes used for all current and future online applications provide the level of assurance required by National Institute of Standards and Technology (NIST) standards for the determined level of authentication risk.