About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline
LOG IN
LOG IN

GAO-20-411R 1 (2020-05-13)

handle is hein.gao/gaobaebcm0001 and id is 1 raw text is: GAO U.S. GOVERNMENT ACCOUNTABILITY OFFICE 441 G St. N.W. Washington, DC 20548 May 13, 2020 The Honorable Charles P. Rettig Commissioner of Internal Revenue Management Report: Improvements Are Needed to Enhance the Internal Revenue Service's Information System Security Controls Dear Mr. Rettig: In connection with our audit of the Internal Revenue Service's (IRS) fiscal years 2019 and 2018 financial statements, we reported that although internal controls could be improved, IRS maintained, in all material respects, effective internal control over financial reporting as of September 30, 2019, based on criteria established under 31 U.S.C. § 3512(c), (d), commonly known as the Federal Managers' Financial Integrity Act.1 Those controls provided reasonable assurance that misstatements material to the financial statements would be prevented, or detected and corrected, on a timely basis. However, during our fiscal year 2019 audit, we identified new and continuing deficiencies in information system security controls that while not collectively considered a material weakness, were important enough to merit attention by those charged with governance of IRS and therefore represented a significant deficiency in IRS's internal control over its financial reporting systems.2 Although the significant deficiency in internal control over financial reporting systems did not affect our opinion on IRS's fiscal year 2019 financial statements, misstatements may occur in unaudited financial information that IRS reports internally or externally because of this significant deficiency. This report for IRS management presents the new control deficiencies we identified during our fiscal year 2019 testing of information system security controls that are relevant to IRS's internal control over financial reporting and associated recommendations to address them. The report also includes the results of our follow-up on the status of the agency's corrective actions to address deficiencies in information system security controls and associated recommendations contained in our July 2019 report that remained open as of September 30, 2018.3 1GAO, Financial Audit: IRS's FY 2019 and FY 2018 Financial Statements, GAO-20-159 (Washington, D.C.: Nov. 8, 2019). 2A material weakness is a deficiency, or a combination of deficiencies, in internal control over financial reporting, such that there is a reasonable possibility that a material misstatement of the entity's financial statements will not be prevented, or detected and corrected, on a timely basis. A significant deficiency is a deficiency, or a combination of deficiencies, in internal control over financial reporting that is less severe than a material weakness, yet important enough to merit attention by those charged with governance. A deficiency in internal control exists when the design or operation of a control does not allow management or employees, in the normal course of performing their assigned functions, to prevent, or detect and correct, misstatements on a timely basis. 3GAO, Management Report: Improvements Are Needed to Enhance the Internal Revenue Service's Information System Security Controls, GAO-1 9-473RSU (Washington, D.C.: July 18, 2019). GAO-20-41 1 R IRS Information System Security Controls Page 1

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.



Contact us for annual subscription options:

Contact Us

Already a HeinOnline Subscriber?

Log In

profiles profiles most