Actions Have Been Taken to Improve the Privacy Program; However, Some Privacy Controls Have Not Been Fully Implemented and Assessed

Date Issued

Wednesday, June 14, 2023

Submitting OIG

Treasury Inspector General for Tax Administration

Other Participating OIGs

Treasury Inspector General for Tax Administration

Agencies Reviewed/Investigated

Internal Revenue Service

Report Number

2023-20-034

Report Type

Audit

Agency Wide

Yes

Number of Recommendations

Questioned Costs

Funds for Better Use

Open Recommendations

This report has 1 open recommendations.

Recommendation Number	Significant Recommendation	Recommended Questioned Costs	Recommended Funds for Better Use	Additional Details
4	No	$0	$0
The Chief Privacy Officer should ensure that privacy controls for cloud systems are implemented within one year from when updated FedRAMP guidance is approved and released. However, if this is not feasible, the privacy controls should be implemented following the current established continuous monitoring testing plan.