Improvements Are Needed to Strengthen Electronic Authentication Process Controls

The Chief Information Officer should clarify IRS and contractor responsibilities related to preventing automated attacks, including tracking contractor activities and tools with respect to their responsibilities.

The Chief Information Officer should establish a process to monitor the results and effectiveness of controls to prevent/detect automated attacks.

The Chief Information Officer should ensure that Security Operations organization management supports and implements IRM policy with respect to security specialists' role in monitoring and analyzing audit trails.

The Chief Information Officer should ensure that the IRS provides security specialists with adequate tools and related training to perform analysis as described in audit plans.

The Chief Information Officer should implement enhancements to audit log analysis to provide for automated mechanisms to integrate audit review, analysis, and reporting processes and to correlate audit records across different repositories to gain organization-wide situational awareness.