U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Security Vulnerability Management and Configuration Compliance of a General Support System and Major Application Need Improvement

Report Information

Date Issued
Report Number
2024-200-057
Report Type
Audit
Joint Report
Yes
Participating OIG
Treasury Inspector General for Tax Administration
Agency Wide
Yes (agency-wide)
Questioned Costs
$0
Funds for Better Use
$0
View Report

Recommendations

The Chief Information Officer should timely remediate or mitigate all vulnerabilities in accordance with IRS policies.

The Chief Information Officer should ensure that systems are in place to reconcile the temporary and unknown repositories to verify that assets are assigned to an established group.

The Chief Information Officer should ensure that systems are in place to reconcile duplicate accounting of assets in the repository.

The Chief Information Officer should reconcile assets to reflect the operating environment.

The Chief Information Officer should evaluate the temporary and unknown repositories to establish ownership of assets.