U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Information Technology: Improvements Are Needed in Enterprise-Wide Disaster Recovery Planning and Testing

Report Information

Date Issued
Report Number
2017-20-024
Report Type
Audit
Joint Report
Yes
Participating OIG
Treasury Inspector General for Tax Administration
Agency Wide
Yes (agency-wide)
Questioned Costs
$0
Funds for Better Use
$0
View Report

Recommendations

The Chief Information Officer should complete the enterprise-wide business impact analysis in accordance with the IRS business impact analysis methodology.

The Chief Information Officer should enhance the IRS process of identifying the applications and systems that support the mission essential functions to ensure the authoritative identification mapping is distributed enterprise-wide on a defined and regular basis.

The Chief Information Officer should collaborate with the IRS business operating divisions at least annually to identify the relative recovery priorities of systems and applications and maintain the proper list of applications restoration order for critical business processes 1 through 3 and by location.
Recommendation rejected by IRS

The Chief Information Officer should collaborate with the IRS business operating divisions to reach consensus regarding the maximum tolerable downtime or recovery time objective for each mission essential function.

The Chief Information Officer should verify through testing that the IRS IT organization is able to recover mission essential functions within the maximum tolerable downtimes or recovery time objectives for mission essential functions established by the business operating divisions.