Substantial Progress Has Been Made in Implementing the Insider Threat Capability, but Improvements Are Needed

The Chief Information Officer should ensure that the User Behavior Analytics Capability (UBAC) project implementation plan includes actions to determine and assess the risk posture of high value assets. To efficiently complete these actions, the UBAC function should obtain and review the documentation of all high value assets and related risk assessments of those assets performed by other IRS programs, if available. The identified high value assets¿ risks should be addressed as part of the capability implementation.

The Chief Information Officer should ensure that status reports align with the National Insider Threat Task Force recommendations and include sections to address program improvement and major impediments or challenges.

The Chief Information Officer should ensure that the UBAC project implementation plan includes the National Insider Threat Task Force's recommended training for UBAC personnel. In addition, the IRS should document all UBAC training efforts and, at least annually, ensure that all UBAC personnel have completed the required training.