IRS Command Center can do More to Protect IT

The IRS has not gone far enough in implementing best practices at its Service Operations Command Center, which ensures the normal operation of mainframes and servers used to receive and process tax returns.

According to the Treasury Inspector General for Tax Administration (TIGTA) in an August 16 report, the command center, which implemented the Information Technology Infrastructure Library (ITIL), could be more proactive. The ITIL is a set of best practices for managing IT services.

The command center has already put in place the event management, incident management and problem management service operations processes called for by ITIL. However, the report added that, “additional improvements are needed to show continued progress with and demonstrate efficiencies gained fr om implementing them.”

The audit found that most of the incidents were resolved within acceptable time lim its, but personnel could examine incidents to identify trends.

“Reviewing incident ticket data to discover the types of problems that occur more frequently can help the SOCCB identify problems that may occur in other places within the IRS's information technology infrastructure, as well as show that repeated failures have not been adequately resolved and are likely to continue to occur,” the report said.

Recommendations called for revising procedures to examine trends, do a staffing and workload analysis, update the strategic plan, ensure training occurs and implement additional ITIL performance measures. IRS officials agreed with all recommendations.