TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION

 

 

 

Annual Assessment of the Business Systems Modernization Program

 

 

 

September 14, 2009

 

Reference Number:  2009-20-136

 

 

This report has cleared the Treasury Inspector General for Tax Administration disclosure review process and information determined to be restricted from public release has been redacted from this document.

 

Phone Number   |  202-622-6500

Email Address   |  inquiries@tigta.treas.gov

Web Site           |  http://www.tigta.gov

 

September 14, 2009

 

 

MEMORANDUM FOR CHIEF TECHNOLOGY OFFICER

 

FROM:                            Michael R. Phillips /s/ Michael R. Phillips

                                         Deputy Inspector General for Audit

 

SUBJECT:                    Final Audit Report – Annual Assessment of the Business Systems Modernization Program (Audit # 200920021)

 

This report presents the results of our annual assessment of the Business Systems Modernization (Modernization) Program.  The overall objective of this review was to assess the progress of the Internal Revenue Service (IRS) Modernization Program for Fiscal Year 2009, as required by the IRS Restructuring and Reform Act of 1998.[1]  This review was included in the Treasury Inspector General for Tax Administration Fiscal Year 2009 Annual Audit Plan under the major management challenge of Modernization of the IRS.

Impact on the Taxpayer

The Modernization Program, which began in 1999, is a complex effort to modernize the IRS’ technology and related business processes.  This effort will involve integrating thousands of hardware and software components.  All of this must be done while replacing outdated technology and maintaining the current tax system.  The objective of the Modernization Program is to address these crucial challenges, manage the inherent risks of modernization, and deliver a level of service American taxpayers expect.

Synopsis

In December 1998, the IRS hired the Computer Sciences Corporation as its PRIME contractor[2] for the Modernization Program.  The IRS originally relied on the PRIME contractor to act as a systems integrator to find and manage the best expertise and technical resources to achieve its organizational goals.  In January 2005, due to budget reductions and concerns about the adequacy of the PRIME contractor’s performance, the IRS began transitioning many activities from the PRIME contractor and taking over the primary role as the systems integrator for all projects.

The IRS has spent 11 years and received more than  $3 billion on the Modernization Program.

The IRS originally estimated the Modernization Program effort would last up to 15 years and incur contractor costs of about $8 billion.  The Program is in its 11th year and has received approximately $2.71 billion for contractor services, plus an additional $353 million for internal IRS costs.

The Modernization Program accomplishments extend from the development of Program Management Offices and enterprise architecture to the implementation of systems and applications that improve the IRS’ ability to administer and enforce compliance with the nation’s tax laws, while providing quality customer service.

For the past year, Modernization Program management development activities have generally met the objectives of the IRS Modernization Program.  These activities included the development and implementation of strategic planning and program management efforts in the form of the Information Technology Modernization Vision and Strategy, Enterprise Data Access and Data Strategy Implementation Programs, and a tiered program management structure designed to act as an enterprise governance model.

The Modernization Program has also continued to develop and deploy modernized applications.  New capabilities include enhancements to the Customer Account Data Engine that incorporated new tax law provisions including the processing of Economic Stimulus Act of 2008[3] payments, and the ability of IRS employees to access taxpayer account information through the Account Management Services system.

The IRS has recognized that, in addition to the accomplishments achieved in the Modernization Program, it faces significant challenges in meeting the requirements of the next phase of project development and systems integration.  The immediate challenge is the future of the Customer Account Data Engine, the acknowledged centerpiece throughout the life of the Modernization Program.  The IRS Program Integration Office is considering using elements from the Individual Master File and the current Customer Account Data Engine to significantly reengineer the IRS tax account management process.  The continued improvement to managing individual taxpayer accounts will be curtailed until the use of the reengineered database is implemented and made available for integration with other systems and applications.  Further, the challenge in modernizing the management of business taxpayer accounts has yet to be considered.

The past year’s Modernization Program performance did not continue the trend of improvement it demonstrated in the prior 3 years.  The shortfall in performance is presented in a Modernization Program analysis of project development cost and schedule variance (see Appendix VI).  The IRS has also experienced a turnover of executives that challenges the Program’s continued long-term success.

Further, a control process to manage the Modernization and Information Technology Services (MITS) organization’s Highest Priority Initiatives process has been discontinued.  The MITS organization established the Customer Relationship and Service Delivery organization to support the overall technology performance of the IRS and MITS organization.  The Customer Relationship and Service Delivery organization is currently developing processes that will be used to replace the Highest Priority Initiatives process and plans to submit the draft process to the Chief Technology Officer for review.  The MITS organization is currently focusing on process improvements throughout the organization using industry best practices.  The MITS Leadership team determined that this will provide a more comprehensive, integrated, disciplined, and effective management approach for process improvements than the previous Highest Priority Initiatives process.

Since 1995, the IRS has identified and reported the Modernization Program as a material weakness.  The IRS recognizes the need to incorporate necessary program management disciplines and has plans to implement a process improvement strategy.  This strategy will allow the Modernization Program to continue to improve its management practices by incorporating industry best practices.  However, we believe the Modernization Program should continue as a material weakness until the modernization material weakness action plan is updated and the improvement strategy is accomplished.

Response

The Chief Technology Officer responded that the IRS was pleased that the annual assessment recognized the MITS organization’s accomplishments in providing quality customer service.  The IRS also appreciated acknowledgement of the continued development and deployment of modernized applications.  In response to our comments on the use of the Information Technology Modernization Vision and Strategy planning process, the IRS related that it expanded the breadth of the business technology included in this strategy and is establishing a pre-selection process for investment planning.  Management’s complete response to the draft report is included as Appendix XI.

Copies of this report are also being sent to the IRS managers affected by the report conclusions.  Please contact me at (202) 622-6510 if you have questions or Alan R. Duncan, Assistant Inspector General for Audit (Security and Information Technology Services), at (202) 622-5894.

  

Table of Contents

 

Background

Results of Review

The Modernization Program Has Delivered Business Value

The Modernization Program Has Continued to Further Its Program Management and Project Development Activities

The Modernization Program Is Being Refocused

Further Improvements Can Be Made to Management of the Modernization Program

Appendices

Appendix I – Detailed Objective, Scope, and Methodology

Appendix II – Major Contributors to This Report

Appendix III – Report Distribution List

Appendix IV – Enterprise Life Cycle Overview

Appendix V – Modernization Program Funding

Appendix VI – Project Cost and Schedule Variance Analysis

Appendix VII – Modernization Program Project Accomplishments

Appendix VIII – Open Recommendations Related to Modernization Program Material Weaknesses

Appendix IX – Recent Treasury Inspector General for Tax Administration Reports on the Internal Revenue Service’s Modernization Program

Appendix X – Glossary of Terms

Appendix XI – Management’s Response to the Draft Report

 

Abbreviations

 

e-File

Electronic Filing

IRS

Internal Revenue Service

MITS

Modernization and Information Technology Services

TIGTA

Treasury Inspector General for Tax Administration

  

Background

 

The Internal Revenue Service (IRS) Restructuring and Reform Act of 1998[4] requires the Treasury Inspector General for Tax Administration (TIGTA) to annually evaluate the adequacy and security of IRS information technology.  This report provides our assessment of the IRS Business Systems Modernization (Modernization) Program from June 2008 through June 2009.

The Modernization Program, which began in 1999, is a complex effort to modernize the IRS’ technology and related business processes.  This effort involves integrating thousands of hardware and software components.  All of this is being done while replacing outdated technology and maintaining the current tax system.  While the Modernization Program encompasses dozens of projects and systems, the core projects that the IRS has referred to as the “Pillars of Modernization” are the:

  • Customer Account Data Engine[5] – intended to replace the Master File system as the official repository of tax account information.
  • Modernized e-File – intended to replace the existing electronic filing (e-File) platform used for electronic filing of tax returns for both business and individual taxpayers.
  • Account Management Services – intended to replace the existing Integrated Data Retrieval System that provides IRS employees with the ability to view, access, update, and manage taxpayer accounts.
  • Data Strategy – a comprehensive strategy for the collection, consolidation, storage, and distribution of data.

In December 1998, the IRS hired the Computer Sciences Corporation as its PRIME contractor for the Modernization Program.  The IRS originally relied on the PRIME contractor to act as a systems integrator to find and manage the best expertise and technical resources to achieve its organizational goals.  In January 2005, due to budget reductions and concerns about the adequacy of the PRIME contractor’s performance, the IRS began transitioning many activities from the PRIME contractor and taking over the primary role as the systems integrator for all projects.

The IRS planned to complete the Modernization Program in 15 years at a cost of approximately $8 billion.

The IRS originally estimated the Modernization Program effort would last up to 15 years and incur contractor costs of approximately $8 billion.  The Program is now in its 11th year and has received approximately $2.71 billion for contractor services, plus an additional $353 million for internal IRS costs.  Appendix V presents an analysis of Modernization Program funding since its inception.

The compilation of information for this report was conducted at the TIGTA office in Laguna Niguel, California, during the period March through June 2009.  The information presented in this report is derived from TIGTA audit reports issued since July 2008,[6] and the Government Accountability Office report on the Modernization Program’s Fiscal Year 2009 Expenditure Plan.[7]  These previous audits and our limited analyses were conducted in accordance with generally accepted government auditing standards.  Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our conclusions based on our audit objective.  We believe the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objective.  Detailed information on our audit objective, scope, and methodology is presented in Appendix I.  Major contributors to the report are listed in Appendix II.

  

Results of Review

 

The Modernization Program Has Delivered Business Value

The Modernization Program accomplishments encompass the development of program management offices and operations and modernized systems and applications.

The Modernization Program accomplishments extend from the development of an enterprise architecture and program management operations, to the implementation of systems and applications that improve the IRS’ ability to administer and enforce compliance with the nation’s tax laws, while providing quality customer service.  The IRS has established offices and staffs to manage Modernization Program disciplines including the Enterprise Life Cycle,[8] program governance, systems engineering, configuration management, requirements development and management, system and application testing, and transition management.  The Modernization Program is continuing to complete its organizational makeup and is maturing in the role as the primary systems integrator.

The Modernization Program has also continued to develop and deploy modernized applications.  New capabilities include improvements to the Customer Account Data Engine that incorporated new tax law provisions including the processing of Economic Stimulus Act of 2008[9] payments, and the ability of IRS employees to access taxpayer account information through the Account Management Services system.

Customer Account Data Engine

Our post-implementation review[10] of the Customer Account Data Engine showed that Customer Account Data Engine Release 3 accurately processes and records tax return and tax account information.  The Customer Account Data Engine project team successfully implemented Release 3 requirements that enable the system to more successfully accept, record, and process tax return information.

The Customer Account Data Engine processed more than 39.4 million individual income tax returns (approximately 30 percent of all individual tax returns filed) and issued more than $58 billion in refunds during the Calendar Year 2009 tax return filing season.  This is a significant increase over the 30 million tax returns (approximately 21 percent of all individual tax returns filed) processed by the Customer Account Data Engine in Calendar Year 2008, and the 11.2 million tax returns processed in Calendar Year 2007.

Account Management Services

The Account Management Services system provides IRS employees with the tools to access information quickly and accurately in response to complex customer inquiries.  The Account Management Services project management team generally followed established systems development processes.  In the development and deployment of Account Management Services Releases 1.3 and 2.1, the Modernization and Information Technology Services (MITS) organization developed and maintained documentation to meet Enterprise Life Cycle requirements for deliverables and work products.  It also incorporated the use of project work breakdown structure schedules, task orders and modifications, and meeting minutes.

Modernized e-File

The Modernized e-File system accepted 3.5 million electronically filed business tax returns for the 2008 tax year, which far exceeded the filings for the previous tax year.  All business forms are now accepted on the Modernized e-File system, such as corporations, partnerships, exempt organizations, excise tax returns, and applications for an automatic extension of time to file certain business returns.  The increase for Tax Year 2008 is 139 percent more than Tax Year 2007 and represents about 28 percent of the total business return receipts for Tax Year 2008.

Other systems

Additional products delivered by the Modernization Program include the e-Services application that creates a web portal to promote the goal of conducting most of the IRS’ transactions with tax practitioners electronically, and the Integrated Financial System that operates as the IRS’ accounting system of record, replacing the core financial systems, including expenditure controls, accounts payable, accounts receivable, general ledger, budget formulation, and purchasing controls.

Appendix VII presents the Modernization Program project accomplishments during the past year.

The Modernization Program Has Continued to Further Its Program Management and Project Development Activities

For the past year, Modernization Program management development activities have generally met the objectives of the IRS Modernization Program.  The Program included the development and implementation of strategic planning and program management efforts in the form of the Information Technology Modernization Vision and Strategy, Enterprise Data Access and Data Strategy Implementation Programs, and a tiered program management structure designed to act as an enterprise governance model.

Information Technology Modernization Vision and Strategy

The MITS organization has revised the Information Technology Modernization Vision and Strategy to expand the scope of modernization to include business and technology functions that were not previously included.  This process reflects collaboration between the business functions and the MITS organization, where difficult decisions are made and tradeoffs are based on an enterprise view.

In its third year, the Information Technology Modernization Vision and Strategy planning process continues to mature.  The current release of the Information Technology Modernization Vision and Strategy has been expanded to embody all technology services and products delivered by the IRS.  In addition, the Information Technology Modernization Vision and Strategy Program Office was created.  The mission of this Office is to enable the prioritization and selection of MITS organization investments by employing mature processes that proactively engage stakeholders to develop investment strategies that are aligned with the IRS enterprise-wide strategic plans.  This Office coordinates, formulates, and presents to senior executives the key data points required to make informed investment decisions.

Enterprise Data Access and Data Strategy Implementation Programs

The Data Strategy is designed to provide standardized access to official IRS data sources; eliminate redundant, inconsistent, and outdated data; and provide guidance to identify and use data effectively and efficiently to gather and manage taxpayer account information.  The Enterprise Data Access and Data Strategy Implementation Programs are the major components of the Data Strategy.  These Programs are in development and projects related to them have been initiated and, in some cases, completed.  The MITS organization’s plans for the Data Strategy address the goals of the Information Technology Modernization Vision and Strategy, and the MITS organization is making progress in achieving those goals.

Tiered program management

To better manage the information technology investments, the Chief Information Officer outlined a business commitment to implement an IRS enterprise-wide information technology tiered program management structure.  The Program Control and Process Management Division has made significant progress directing, developing, and implementing tiered program management activities.  For example, it has developed and distributed standardized reporting templates with documented processes and procedures for the executive steering committees.  In addition, the IRS has created a master list of information technology projects to track and assign oversight.  Each IRS organization has formed or is planning to form its own individual Program Management Office to execute the new tiered program management processes and procedures while providing oversight and management to assigned information technology projects.

The Modernization Program Is Being Refocused

The IRS has recognized that, in addition to the accomplishments achieved in the Modernization Program, it faces significant challenges in meeting the requirements of the next phase of project development and system integration.  The IRS has stated that a strategy correction is needed to meet changing business needs, have a more agile information technology environment, and reduce risks with associated costs to build and maintain systems.

The immediate challenge recognized by the IRS is the future of the Customer Account Data Engine, the acknowledged centerpiece throughout the life of the Modernization Program.  Currently, the Customer Account Data Engine operates concurrently with Individual Master File processing.  This requires that work must be done across the two environments, increasing the complexity of the filing season and resulting in a greater risk for errors in processing taxpayer account information.  In addition, concerns about the increasing complexities and questions of scalability with the existing system led to the development of the new strategy.  Future planned releases of the existing Customer Account Data Engine contain far more complex business requirements, more interfaces with other systems, and have a far greater effect on employees and visibility with taxpayers.

Further, the ability to obtain qualified technical resources and sufficient funding will challenge the successful delivery of future Customer Account Data Engine releases.  Since the IRS initiated the Customer Account Data Engine project in 1999 and spent $335 million in development costs, it has been able to process only approximately 30 percent of the individual income tax returns filed.  In the course of the project development, the Computer Sciences Corporation (the PRIME contractor) played dual roles as program integrator and systems developer.  While the project did achieve substantial capabilities during this period, the IRS changed the contractor role from integrator to developer.  The change was due to budget restrictions and performance.  The IRS also considered how and to what extent to use contractor resources for project development.  The past experience in managing contractor performance and the availability of resources for future development will drive the consideration for identifying and applying qualified technical resources.

To address these challenges, the IRS established Program Integration Office solution teams to consider using elements from the Individual Master File and the current Customer Account Data Engine to significantly reengineer the IRS’ tax account management process.  This reengineering effort (if adopted) will end future new Customer Account Data Engine capabilities.  A relational database will be developed that will use some of the Customer Account Data Engine routines and primarily rely on moving current Individual Master File processing from a weekly to a daily processing cycle.

Although the IRS expects the reengineering effort to allow the Modernization Program to provide the service desired for taxpayers and employees, the effort is currently in the design stage.  The state of the Modernization Program is static until plans are approved, systems are designed and developed, and operations are implemented.  The continued improvement to managing individual taxpayer accounts will be curtailed until the use of the reengineered database is available for downstream systems and applications.  Further, the challenge in modernizing the management of business taxpayer accounts has yet to be considered.

Further Improvements Can Be Made to Management of the Modernization Program

Although the Modernization Program has continued to help improve IRS operations, project development activities have not always effectively implemented planned processes or delivered all planned system capabilities.  The past year’s Modernization Program performance did not continue the trend of improvement it demonstrated in the prior 3 years.  The shortfall in performance is presented in a Modernization Program analysis of project development cost and schedule variance.  The IRS has also experienced a turnover of executives, which has resulted in changes to the Modernization Program direction.  Further, a control process to manage the MITS organization’s Highest Priority Initiatives has been discontinued without the implementation of a compensating control to provide MITS organization executives the vehicle to identify and resolve its most significant challenges.

Since 1995, the IRS has identified and reported the Modernization Program as a material weakness.  Because of the risks involved in the above conditions, and to maintain a high level of attention, focus, and accountability, we believe the Modernization Program should remain as a material weakness.

TIGTA reviews have identified weaknesses in program management processes throughout the life of the Modernization Program.  The processes with weaknesses include:

·        Configuration management.

·        Requirements development and management.

·        Risk management.

·        Contract negotiation and management.

·        Enterprise Life Cycle compliance.

·        Program management.

·        Security controls.

While the MITS organization has improved its controls over these processes as the Modernization Program has continued to mature, several weaknesses continue to exist.  We have identified continued problems in requirements development and management, program management, contract management, and security controls as presented in the following examples from TIGTA reports during the past year.

Requirements development and management

Long-term system requirements issues challenged the Customer Account Data Engine project.  As a followup to our July 2007 report,[11] we reported in September 2008[12] that:

·        The Customer Account Data Engine processing demands were quickly reaching the capacity of the current system, both in the storage and retrieval of data and the processing speed for daily transactions.

·        The ability of the Customer Account Data Engine to access historical taxpayer account information currently residing on the Individual Master File had to be resolved to enable requirements for future developed Customer Account Data Engine releases.

·        The expectation of significant increases in the Customer Account Data Engine taxpayer population, processing capacity, and data storage required consideration to meet future operational needs.  The engineering staff performed the last formal study of Customer Account Data Engine processing capacity in Calendar Year 2004 and had not determined the long-term processing capacity requirements.

We summarized our work in September 2008 by relating, “The absence of a comprehensive direction in designing and developing efficient computer processing will affect the Customer Account Data Engine project’s ability to deliver intended capabilities.  Unless sufficient time and effort are provided to deliver the capabilities needed to support the long-term objectives and goals, the Customer Account Data Engine will be unable to process tax returns for all individual and business taxpayers as planned.”

By establishing a Program Integration Office, the IRS has recognized the need to reassess the Customer Account Data Engine project capabilities and future requirements, and use this experience to reengineer its plans for processing individual tax accounts.  Some of the risks the Program Integration Office considered as significant factors in the reengineering include identifying and defining the major data classes and data stores for tax administration, identifying business requirements, and incorporating yearly filing season updates and legislative changes.  Addressing these requirements early in the reengineering process should add to the potential success of the Program Integration Office efforts.

Program management

While the IRS has made progress in implementing an IRS enterprise-wide information technology program management structure, additional actions are needed to address current weaknesses in providing effective oversight and management of all information technology projects.  The IRS has not fully:

·        Documented policies and procedures for developing a complete portfolio of information technology projects.

·        Completed the establishment of Program Management Offices for all IRS organizations.

·        Implemented the project health assessment process.

·        Provided consistent and continual monitoring and oversight of major information technology projects through the executive steering committees.

Contract management

Managing and monitoring contract development and performance has been a factor in the success of Modernization Program project delivery.  The IRS has made progress in negotiating contract development to meet the needs of the project requirements, and is maturing in its ability to identify and properly apply contractor resources.  Although progress has been made, continued improvement is needed in providing contracted resources to meet project requirements and schedule demands.

An example of the need to improve the IRS’ contract development activity was identified in the contracted work for the Account Management Services system.  The contract for this project was performance-based, finalized in a timely manner, and monitored.  However, the contract was not developed in a manner to appropriately control spending across releases.  Because of the form of the contract and the absence of key internal controls over funding, the Account Management Services project management team experienced difficulty in managing project funding.

A total of approximately $17.4 million was spent across Account Management Services releases (funds budgeted and allocated to 1 release, but used for another release).  This $17.4 million included almost $5.4 million of development costs and $12 million for infrastructure and project management costs.  The infrastructure and project management costs did benefit multiple releases.  However, allocation of these funds to multiple releases did not go through the required MITS organization governance process for approval.

Security controls

Our reviews identified vulnerabilities in the security controls implemented with the development of the Customer Account Data Engine, Account Management Services, and Modernized e-File systems.  The IRS has taken steps to resolve or is in the process of resolving these vulnerabilities.

Modernization Program performance has been inconsistent

In our 2008 Annual Business Systems Modernization Assessment,[13] we reported that improvements in the management of the Modernization Program had contributed to the IRS’ increased success in implementing modernization projects and in meeting cost and schedule commitments for most deliverables.  Specifically, 19 (95 percent) of the 20 associated project milestones scheduled for completion were completed within the 10 percent cost estimate variance, and 18 (90 percent) of the 20 milestones were delivered within 10 percent of schedule estimates.

However, since our 2008 assessment, the Modernization Program has not achieved the same level of success.  From May 2008 to May 2009, 5 (29 percent) of the 17 project milestones scheduled for completion were significantly over cost estimates.  These projects were between 30 percent and 375 percent over budget.  In addition, 3 (18 percent) of 17 milestones were significantly behind schedule.  These projects were between 15 percent and 54 percent behind schedule.  Appendix VI presents the cost and schedule variance for Modernization Program project releases delivered from May 2008 through May 2009.  IRS Management did inform us during our closing conference on August 5, 2009, that the variances were revised in July 2009 to reflect changes in the baseline figures used to compute the variances.

Figure 1 presents an analysis of the Modernization Program management’s ability to deliver project segments without significant variances.  The analysis shows that the Program was making steady progress in delivering project segments within cost and schedule estimates until Calendar Year 2009.

Figure 1:  Percentage of Modernization Project Segments Delivered Without Significant Variances

Figure 1 was removed due to its size.  To see Figure 1, please go to the Adobe PDF version of the report on the TIGTA Public Web Page.

Frequent changes in executive management may be affecting long-term program performance

The Modernization Program has experienced significant and frequent turnover of high level IRS and Modernization Program executives.  Since the Program began in 1999, three Commissioners, five Chief Information Officers, and, recently, a Chief Technology Officer have been responsible for the Program.  Many of these executives have made major changes to the Program’s direction and strategies during their tenure.  These changes have made it challenging to achieve continuity to result in long-term success.

IRS designation of the Modernization Program as a material weakness should continue

The Modernization Program should continue to be designated a material weakness because of the risks involved with the redesign of the Customer Account Data Engine and associated systems, the replacement of a key process used to manage MITS organization weaknesses and challenges, and the continued system development concerns discussed previously.

Redesign of the Customer Account Data Engine

The picture was removed due to its size.  To see the picture, please go to the Adobe PDF version of the report on the TIGTA Public Web Page.

As presented previously, the Modernization Program is in a state of refocus.  Limitations in Customer Account Data Engine capabilities, including those reported by the TIGTA and the Government Accountability Office in previous years, have resulted in an effort to reengineer processing of individual taxpayer accounts and the ability to use downstream systems to improve customer service.  With the pending changes and the yet to be determined implementation of a reengineered process, the risks to the success of the Modernization Program are significant.

Replacement of the Highest Priority Initiatives process

From August 2005 through February 2009, IRS executives and managers used the Highest Priority Initiatives process to identify and seek resolution for the most significant issues facing the Modernization Program.  This process was expanded to include initiatives affecting the MITS and the Deputy Commissioner for Operations Support organizations, as well as corrective actions associated with Government Accountability Office and TIGTA report findings.  The IRS also intended to use this process as a means to eventually downgrade the Modernization Program material weakness.

The MITS organization established the Customer Relationship and Service Delivery organization to support the overall technology performance of the IRS and MITS organization.  Concurrently, the Highest Priority Initiatives process was discontinued.  The MITS organization informed us that it is currently developing processes that will be used to replace the Highest Priority Initiatives process and plans to submit the draft process to the Chief Technology Officer for review.  The MITS organization is currently focusing on process improvements throughout the organization using industry best practices.  The MITS Leadership team determined that this will provide a more comprehensive, integrated, disciplined, and effective management approach for process improvements than the previous Highest Priority Initiatives process.

Until the Highest Priority Initiatives process is replaced, the MITS organization adds risk in its ability to manage its challenges, as well as controlling corrective actions to TIGTA and Government Accountability Office report findings.  The IRS’ corrective action responses to TIGTA and Government Accountability Office recommendations were evaluated and submitted as Highest Priority Initiatives candidates, when appropriate, and were selected at the discretion of executive leadership.  Appendix VIII presents TIGTA audit recommendations with current IRS open corrective actions related to the Modernization Program material weakness, which includes 3 of 15 open recommendations that were identified as candidates for resolution through the Highest Priority Initiatives process.

A current plan is not in place to reduce the Modernization Program material weakness

The Federal Managers’ Financial Integrity Act of 1982[14] requires each Federal Government agency to prepare for Congress and the President an annual report that identifies material weaknesses and the agency’s corrective action plans and schedules.  Since 1995, the IRS has identified and reported systems modernization as a material weakness.  The IRS developed a material weakness action plan in response to the initial identification of the material weakness in Fiscal Year 1995.  However, the Modernization Program material weakness action plan has not been updated to include weaknesses subsequently reported since Fiscal Year 2003 by the TIGTA, the Government Accountability Office, and IRS studies.

In 2008, IRS management reported that it was using the Highest Priority Initiatives process to help eliminate the Modernization Program material weakness.  With the changes planned for this process and the pending implementation of a replacement, the MITS organization currently does not have a vehicle to downgrade and eventually eliminate the Modernization Program material weakness.

The IRS recognizes the need to incorporate necessary program management disciplines and has plans to implement a process improvement strategy.  This strategy will allow the Modernization Program to continue to improve its management practices by incorporating industry best practices.  However, we believe the Modernization Program should continue as a material weakness until the modernization material weakness action plan is updated and the improvement strategy is accomplished.

Management’s Response:  The Chief Technology Officer responded that the IRS was pleased that the annual assessment recognized the MITS organization’s accomplishments in providing quality customer service.  The IRS also appreciated acknowledgement of the continued development and deployment of modernized applications.  In response to our comments on the use of the Information Technology Modernization Vision and Strategy planning process, the IRS related that it expanded the breadth of the business technology included in this strategy and is establishing a pre-selection process for investment planning.  

 

Appendix I

 

Detailed Objective, Scope, and Methodology

 

The overall objective of this review was to assess the progress of the IRS Business Systems Modernization (Modernization) Program for Fiscal Year 2009,  as required by the IRS Restructuring and Reform Act of 1998.[15]  To accomplish this objective, we:

I.                    Determined the current condition of the Modernization Program.

A.     Reviewed TIGTA audit reports issued from July 2008 through June 2009[16] and seven previous Modernization Program annual assessment reports (issued in Fiscal Years 2002, 2003, 2004, 2005, 2006, 2007 and 2008).[17]

B.     Reviewed IRS Oversight Board reports on the Modernization Program for Fiscal Year 2009.

C.     Reviewed Government Accountability Office reports relevant to Modernization Program activities for Fiscal Year 2009.

D.     Determined the TIGTA audit recommendations related to the Modernization Program material weakness with incomplete IRS corrective actions.

II.                 Determined the status and condition of the Modernization Program reported by the IRS by reviewing documentation related to:

A.     The Chief Technology Officer’s material weaknesses, corrective actions, and statuses.

B.     The IRS Information Technology Modernization Vision and Strategy program.

C.     The August 2008 Business Systems Modernization Expenditure Plan and Business Systems Modernization Monthly Performance Measures Reports to analyze cost, schedule, and capability status and accomplishments.  We did not validate the information provided by the IRS on the cost, scope, and business value of the Modernization Program.  We analyzed these documents to:

1.      Determine overall variances between planned and actual costs and schedules, and obtain reasons for significant variances.

2.      Determine the extent planned capabilities were delivered as proposed in the August 2008 Business Systems Modernization Expenditure Plan.

D.     The Highest Priority Initiatives status reports to determine the current efforts by the MITS organization to improve the Modernization Program.

1.      Analyzed Highest Priority Initiatives reported for the Modernization Program during Fiscal Year 2009.

2.      Assessed the adequacy of activity to address these initiatives.

E.      The monthly IRS Modernization Has Delivered Real Business Value status reports from July 2008 to April 2009 to provide perspective on business value released into production.

 

Appendix II

 

Major Contributors to This Report

 

Margaret E. Begg, Acting Assistant Inspector General for Audit (Security and Information Technology Services)

Scott A. Macfarlane, Director

Edward A. Neuwirth, Audit Manager

Mark K. Carder, Senior Auditor

Bruce Polidori, Senior Auditor

Glen J. Rhoades, Senior Auditor

Louis V. Zullo, Senior Auditor

 

Appendix III

 

Report Distribution List

 

Commissioner  C

Office of the Commissioner – Attn:  Chief of Staff  C

Deputy Commissioner for Operations Support  OS

Deputy Commissioner for Services and Enforcement  SE

Commissioner, Wage and Investment Division  SE:W

Chief Information Officer  OS:CTO

Associate Chief Information Officer, Applications Development  OS:CTO:AD

Associate Chief Information Officer, Enterprise Services  OS:CTO:ES

Director, Procurement  OS:A:P

Director, Office of Program Evaluation and Risk Analysis  RAS:O

Deputy Associate Chief Information Officer, Applications Development  OS:CTO:AD

Deputy Associate Chief Information Officer, Business Integration  OS:CTO:ES:BI

Deputy Associate Chief Information Officer, Systems Integration  OS:CTO:ES:SI

Director, Stakeholder Management  OS:CTO:SM

Chief Counsel  CC

National Taxpayer Advocate  TA

Director, Office of Legislative Affairs  CL:LA

Office of Internal Control  OS:CFO:CPIC:IC

Audit Liaisons:

Chief Technology Officer  OS:CTO

Commissioner, Wage and Investment Division  SE:W

Associate Chief Information Officer, Applications Development  OS:CTO:AD

Senior Operations Advisor, Wage and Investment Division  SE:W:S

Director, Program Oversight  OS:CTO:SM:PO

Chief, GAO/TIGTA/Legislative Implementation Branch  SE:S:CLD:PSP:GTL

 

Appendix IV

 

Enterprise Life Cycle Overview

 

The Enterprise Life Cycle is the IRS’ standard approach to business change and information systems initiatives.  It is a collection of program and project management best practices designed to manage business change in a successful and repeatable manner.  The Enterprise Life Cycle addresses large and small projects developed internally and by contractors.

The Enterprise Life Cycle includes such requirements as:

·        Development of and conformance to an enterprise architecture.

·        Improving business processes prior to automation.

·        Use of prototyping and commercial software, where possible.

·        Obtaining early benefit by implementing solutions in multiple releases.

·        Financial justification, budgeting, and reporting of project status.

In addition, the Enterprise Life Cycle improves the IRS’ ability to manage changes to the enterprise; estimate the cost of changes; and engineer, develop, and maintain systems effectively.  Figure 1 provides an overview of the phases and milestones within the Enterprise Life Cycle.  A phase is a broad segment of work encompassing activities of similar scope, nature, and detail and providing a natural breakpoint in the life cycle.  Each phase begins with a kickoff meeting and ends with an executive management decision point (milestone) at which IRS executives make “go/no-go” decisions for continuation of a project.  Project funding decisions are often associated with milestones.

Figure 1:  Enterprise Life Cycle Phases and Milestones

Phase

General Nature of Work

Milestone

Vision and Strategy/
Enterprise Architecture Phase

High-level direction setting.  This is the only phase for enterprise planning projects.

0

Project Initiation Phase

Startup of development projects.

1

Domain Architecture Phase

Specification of the operating concept, requirements, and structure of the solution. 

2

Preliminary Design Phase

Preliminary design of all solution components.

3

Detailed Design Phase

Detailed design of solution components.

4A

System Development Phase

Coding, integration, testing, and certification of solutions.

4B

System Deployment Phase

Expanding availability of the solution to all target users.  This is usually the last phase for development projects.

5

Operations and Maintenance Phase

Ongoing management of operational systems.

System Retirement

Source:  The Enterprise Life Cycle Guide.

 

Appendix V

 

Modernization Program Funding

 

Figure 1 presents the cumulative funding received by the Business Systems Modernization (Modernization) Program for contractor costs.

Figure 1:  Modernization Program Funding Timeline (Dollars are cumulative)

Figure 1 was removed due to its size.  To see Figure 1, please go to the Adobe PDF version of the report on the TIGTA Public Web Page.

 

Figure 2 presents the funding received annually by the Modernization Program for program management and development of business and infrastructure projects.

Figure 2:  Modernization Program Funding by Fiscal Year

Figure 2 was removed due to its size.  To see Figure 2, please go to the Adobe PDF version of the report on the TIGTA Public Web Page.

 

Figure 3 presents the cumulative funding received by the Modernization Program for non-contractor costs of managing Modernization Program activities.  The IRS stated that approximately 25 percent of its non-contractor budget since Fiscal Year 2001 has been used to support non-Modernization Program activities in the IRS.

Figure 3:  Non-contractor Modernization Program Funding Timeline by Fiscal Year (Dollars are cumulative)

Figure 3 was removed due to its size.  To see Figure 3, please go to the Adobe PDF version of the report on the TIGTA Public Web Page.

 

Figure 4 presents the funding received annually by the Modernization Program for non-contractor costs of managing Program activities.

Figure 4:  Non-contractor Modernization Program Costs by Fiscal Year

Figure 4 was removed due to its size.  To see Figure 4, please go to the Adobe PDF version of the report on the TIGTA Public Web Page.

 

Figure 5 depicts the Modernization Program funding for non-contractor and external (contractor) costs to manage Program activities.

Figure 5:  Internal and External Modernization Program Costs (in millions)

Figure 5 was removed due to its size.  To see Figure 5, please go to the Adobe PDF version of the report on the TIGTA Public Web Page.

 

Appendix VI

 

Project Cost and Schedule Variance Analysis

 

This table presents the cost and schedule variance for Business Systems Modernization Program project releases delivered since May 2008 and currently in progress.  The statistics presented reflect the cost and schedule estimates of these projects at the time of their initial design.

Release

Current
Finish
Date

Milestone[18]

Cost Variance (Dollars)

Cost Variance (Percentage)

Schedule Variance (Days)

Schedule Variance (Percentage)

Customer Account Data Engine

4.1*

July 24, 2008

4

-$8,000,000

-36%

-10

-3%

4.2*

January 15, 2009

4

$10,000,000

49%

-51

-20%

5

March 17, 2009

2-3

$0

0%

113

30%

5

April 30, 2009

4a

$0

0%

0

0%

5.2

January 31, 2010

4b

$0

0%

0

0%

Account Management Services

1.2

November 13, 2008

5

$0

0%

1

1%

1.3

December 5, 2008

4b

$4,762,000

127%

16

8%

1.3

May 31, 2009

5

$3,773,000

375%

0

0%

2.1

June 24, 2008

3

-$86,000

-3%

0

0%

2.1

December 9, 2008

4a

$760,000

30%

0

0%

2.1

August 5, 2009

4b

-$423,000

-10%

36

15%

Integrated Production Model

1.1

June 30, 2008

4b

$0

0%

0

0%

4

June 30, 2008

3-4a

$0

0%

0

0%

4

December 16, 2008

4b

$0

0%

1

1%

Modernized e-File

5.5

April 2, 2009

3-5

-$2,000,000

-14%

2

1%

6

July 18, 2008

3

$2,800,000

40%

63

54%

6.1

May 14, 2010

4a-5

$0

0%

0

0%

The IRS provided information that in July 2009 it rebaselined the cost variance to offset $8 million
Source:  IRS Applications Development organization – Resources Management office.

 

Appendix VII

 

Modernization Program Project Accomplishments

 

Table 1 presents the Modernization Program project accomplishments since our June 2008 annual assessment of the Business Systems Modernization Program.[19]

Table 1:  Modernization Program Project Accomplishments

PROJECT

DESCRIPTION

RECENT STATISTICS

Account Management Services[20]

Account Management Services is a strategic program to deliver improved customer support by leveraging legacy systems.  The Account Management Services system will provide customer service representatives and tax examiners with the tools to access information quickly and accurately in response to complex customer inquiries.  Account Management Services system will deliver the technical and functional infrastructure necessary to undertake the modernization of the Integrated Data Retrieval System, and modernize and retire the Desktop Integration and the Correspondence Imaging System. 

Account Management Services Release 1.3 deployment was completed on February 20, 2009, and provided increased functionality for customer service representatives.  The release integrates two legacy systems, the Correspondence Imaging System and the Desktop Integration, into the Account Management Services system and modernizes the technology infrastructure for the image inventory components (formerly the Correspondence Imaging System).

Customer Account Data Engine

The Customer Account Data Engine replaces the IRS Master File, the repository of all taxpayer information.

Customer Account Data Engine Release 4.2 adds the capabilities to process certain revenue receipt transactions, extensions to file tax returns, and last name changes.

Customer Account Data Engine Release 4.2 was successfully deployed on January 19, 2009.  As of May 22, 2009, Release 4.2 posted almost 40 million individual tax returns and issued more than
34.4 million refunds totaling in excess of
$57.8 billion.

The Customer Account Data Engine processes refunds on an average of 5 days faster than Individual Master File processing.

Modernized e-File

The Modernized e-File provides the electronic filing capability of more than
150 forms and schedules for large corporations and small businesses (U.S. Corporation Income Tax Return (Form 1120) family), tax-exempt organizations (Return of Organization Exempt From Income Tax (Form 990) family), partnerships (U.S. Return of Partnership Income (Form 1065) family), and associated extension forms [e.g., Application for Automatic Extension of Time to File Certain Business Income Tax, Information, and Other Returns
(Form 7004)].

Modernized e-File Release 5.5 was deployed on
January 5, 2009, and delivered the redesigned
Form 990.  Release 5.5 exited Milestone 5 unconditionally on April 2, 2009.  As of
April 6, 2009, more than 3.2 million returns had been submitted and more than 2.6 million returns had been accepted.

Returns submitted through the Modernized e-File have an average 8 percent processing error rate, compared to 24 percent for transcription-based paper processing.  The Modernized e-File offers
100 percent data capture that is available to IRS customer service representatives online and in real time.

Source:  IRS Applications Development organization – Resources Management office.

 

Appendix VIII

 

Open Recommendations Related to Modernization Program Material Weaknesses

 

Table 1 lists TIGTA audit recommendations with current IRS open corrective actions related to the Modernization Program material weakness.

Table 1:  TIGTA Recommendations Related to the
Modernization Program Material Weakness

The Modernization, Information Technology and Security Services Organization Needs to Take Further Action to Complete Its Human Capital Strategy (Reference Number 2003-20-209, dated September 22, 2003)

2003-20-209

Finding 1, Recommendation 1

To ensure the MITS organization has sufficient data to determine human capital demands, the Chief Information Officer needs to support the Director, Management Services, to work with offices throughout the MITS organization to identify the human capital demand.  The demand includes information to adequately plan the number, location, and assignment schedule of human capital assets for existing information systems (from owners in the Information Technology Services organization) and future MITS organization operations (from owners in the Business Systems Modernization office). 
Due Date:  December 31, 2010.

The Business Systems Modernization Program Has Achieved Mixed Success in Addressing Weaknesses Identified in Internal and External Studies (Reference Number 2006-20-003, dated November 21, 2005)

2006-20-003

Finding 1, Recommendation 2

To ensure study weaknesses and previous recommendations concerning change/configuration management are addressed, the Associate Chief Information Officer, Enterprise Services, should create an overall plan that includes defined tasks, responsible individuals, and estimated completion dates for implementing the standardized configuration management toolset.  Due Date:  December 31, 2010.

The Modernization and Information Technology Services Organization’s Revised Post Implementation Review Procedure Can Be Improved (Reference Number 2007-20-001, dated October 26, 2006)

2007-20-001

Finding 1, Recommendation 1

The Chief Information Officer should direct the Program Performance Management office to develop a schedule to perform Post Implementation Reviews for releases deployed and to identify and obtain staffing resource commitments needed from the Program Performance Management office, the Office of Program Evaluation and Risk Analysis, and appropriate business unit representatives to effectively execute the Post Implementation Reviews.  The Chief Information Officer should also direct the Program Performance Management office to eliminate the requirement to perform Post Reviews of milestone completion activities after milestone exits, with the option of identifying any lessons learned for further project progress through the Milestone Exit Reviews.  Due Date:  March 1, 2010.

2007-20-001

Finding 1, Recommendation 2

The Chief Information Officer should direct the Program Performance Management office to implement a procedure to control Post Implementation Review results that ensures appropriate executives and decision makers have access to these documents. 
Due Date:  March 1, 2010.

2007-20-001

Finding 1, Recommendation 3

The Chief Information Officer should direct the Program Performance Management office to identify skills and abilities desired for Post Implementation Review team members and ensure team assignments consider these qualifications.  The Program Performance Management office should develop a training guide for Post Implementation Review team members to provide them with an understanding of the purpose, objectives, and processes of the Post Implementation Review.  Due Date:  March 1, 2010.

The Modernization and Information Technology Services Organization Can Improve Its Budget Formulation, Execution, and Review Processes (Reference Number 2007-20-064, dated May 9, 2007)

2007-20-064

Finding 1,

Recommendation 1

The Chief Information Officer should implement a process to develop the entire MITS organization budget in line with the Information Technology Modernization Vision and Strategy’s rolling 5-year prioritized plan.  The budget process should consider organizational goals for each of the MITS organization components and include costs for operations and maintenance of existing computer systems, telecommunication systems, and other programs such as end-user support and help desk activities. 
Due Date:  October 1, 2009.

The Information Technology Enterprise Governance Structure Needs Further Process Improvements to Ensure Adequate Oversight (Reference Number 2008-20-134, dated July 31, 2008)

2008-20-134

Finding 1,

Recommendation 1

The Chief Information Officer should work with other IRS executives to develop a complete and accurate master Information Technology project listing with formally approved and documented policies and procedures to continually update the portfolio.  These procedures should include a standard set of Information Technology terms that have been approved and communicated to all IRS organizations.  Due Date:  August 1, 2009.

Customer Account Data Engine Project Management Practices Have Improved, but Continued Attention Is Needed to Ensure Future Success (Reference Number 2008-20-151, dated September 11, 2008)

2008-20-151

Finding 1,

Recommendation 2

The Chief Information Officer should develop an updated estimate of the processing and storage requirements, including the related costs, to support the long-term objectives and goals of Customer Account Data Engine operations.  Due Date:  July 1, 2009.

The Modernization Vision and Strategy Program Is Achieving Desired Results, but Risks Remain (Reference Number 2009-20-008, dated October 31, 2008)

2009-20-008

Finding 2,

Recommendation 1

The Chief Information Officer should include guidelines for performance measurement and reporting in the updated Modernization Vision and Strategy Plan. 
Due Date:  December 1, 2009.

Implementing the Data Strategy Will Make System and Application Development More Efficient and Effective (Reference Number 2009-20-022, dated February 19, 2009)

2009-20-022

Finding 2,

Recommendation 1

The Chief Technology Officer should quantify and communicate the benefits that will be realized from implementing the Data Strategy, to be in a better position to promote the Data Strategy and justify and receive funding through budget requests and MITS organization governance directives.  Due Date:  July 15, 2009.

2009-20-022

Finding 3,

Recommendation 1

The Chief Technology Officer should develop a method to determine the priority for IRS systems and data assets to begin following the Data Strategy and when systems and data assets can be retired due to the Data Strategy.  Due Date:  September 1, 2009.

Initial Efforts to Develop a New Web-based Portal Environment Were Not Successful (Reference
Number 2009-20-079, dated May 19, 2009)

2009-20-079

Finding 1,

Recommendation 1

The Chief Technology Officer should work with the Commissioner, Wage and Investment Division, to develop a process to ensure that new projects seeking approval and funding during the information technology governance process, and which are not part of the Modernization Vision and Strategy process, are properly identified and their portal needs are considered.  The new process should be similar to existing procedures to ensure a uniform analysis is conducted for projects that are not part of the Modernization Vision and Strategy process.  Due Date:  October 1, 2009.

Modernization Program Uncertainties Are Affecting the Account Management Services Project Development (Reference Number 2009-20-071, dated June 9, 2009)

2009-20-071

Finding 2,

Recommendation 1

The Chief Technology Officer should direct project management teams and contracting officers to propose modernization task orders with the ability to readily account for system development activity funding on a release basis and, for major modernization development projects, on a milestone basis.  Designating contract activities for specific release and milestone capital development activities will provide clear funding and reporting traceability and more accessible assessments of contract funding progress.  Due Date:  June 1, 2010.

2009-20-071

Finding 2,

Recommendation 2

The Chief Technology Officer should reinforce existing governance procedures to Modernization and Information Technology Services organization executives and managers about release-specific project funding, the need to gain approval of funding reallocations, and requirements to communicate these changes to stakeholders. 
Due Date:  February 1, 2010.

2009-20-071

Finding 2,

Recommendation 3

The Chief Technology Officer should provide training and desk procedures on the proper use of release-specific (and, where applicable, milestone-specific) project funding.  The procedures should provide detailed steps for preparing, reviewing, and approving requisitions.  The procedures should include, at a minimum, the following controls: 
1) when requisitions are initiated, requisition preparers, financial plan managers, and approvers must verify that the narrative describing the work to be performed in the requisition is clear and identifies the project release supported and compare the internal order code to the narrative to ensure the correct release is being charged for the expense and
2) before requisitions are executed, the project manager must verify that the actual work requisitioned supports the release to be charged for the cost.  Due Date:  October 1, 2009.

Source:  TIGTA audit reports issued from September 2003 through June 2009 and the Joint Audit Management Enterprise System.

 

Appendix IX

 

Recent Treasury Inspector General for Tax Administration Reports on the Internal Revenue Service’s Modernization Program

 

Table 1 lists TIGTA reports related to the IRS Modernization Program issued from July 2008 through June 2009 and the associated findings, recommendations, and IRS corrective actions.

Table 1:  Recent TIGTA Reports, Findings, and Corrective Actions

Report Title, Reference Number, and Date

Finding and Recommendation

Corrective Action

Correspondence Imaging System Performance Has Improved, but Additional Measures Are Needed to Ensure That the System Performs As Expected

2008-20-130

July 9, 2008

Finding 1:  The Correspondence Imaging System continues to experience random periods of instability and performance issues.

Recommendation:  The Chief Information Officer should ensure that the corrective actions taken subsequent to our audit work to address the open recommendations identified by the Incident Analysis Team have been completed and were effective in improving Correspondence Imaging System performance.

The Applications Development organization, partnering with the Enterprise Operations organization, provided a document showing the successful completion of each Incident Analysis Team recommendation, action, and results to the Customer Service Executive Steering Committee and to the TIGTA. 
Status:  Closed August 5, 2008.

Recommendation:  The Chief Information Officer should ensure that adequate actions are taken to reduce and prevent the same instability and performance issues from occurring after the Correspondence Imaging System is merged with the Accounts Management Services system.

Following the large-path methodology, the IRS will implement Accounts Management Services Release 1.3 drop 2, which is a complete re-architecture of the Correspondence Imaging System.  This will ensure that adequate actions are taken to reduce and prevent instability and performance issues once the Correspondence Imaging System has merged the with Accounts Management Services system. 
Status:  Closed March 27, 2009.

 

Finding 2: Information in the Correspondence Imaging System Business Case was incomplete and inaccurate.

Recommendation:  The Chief Information Officer should ensure IRS project officials timely request Department of the Treasury approval to merge and close investments and restate expected costs and benefits.

The Chief Information Officer agreed with this recommendation and will conduct presentations to the Executive Steering Committees as part of their enterprise governance process to reinforce the need to secure Department of the Treasury approval when a decision to merge investments has been made.  Also, IRS project officials will prepare the new Exhibit 300 required to effectively merge the Correspondence Imaging System and the Account Management Services system investments and will restate the expected costs and benefits. 
Status:  Closed January 29, 2009.

The Information Technology Enterprise Governance Structure Needs Further Process Improvements to Ensure Adequate Oversight

2008-20-134

July 31, 2008

 

Finding: A complete
tiered-program management structure has not been fully implemented to ensure effective oversight and control of all information technology projects.

Recommendation:  The Chief Information Officer should work with other IRS executives to develop a complete and accurate master Information Technology project list with formally approved and documented policies and procedures to continually update the portfolio.  These procedures should include a standard set of Information Technology terms that have been approved and communicated to all IRS organizations.

Building on work already completed, the IRS master Information Technology project list will incorporate projects and operational applications in the IRS portfolio.  It will use the governance process to develop, approve, and communicate formal policies and procedures to continually update the portfolio as well as a standard set of information technology terms. 
Status:  Open.  Due Date is August 1, 2009.

Recommendation:  The Chief Information Officer should ensure the proposed governance directive is approved and communicated throughout all levels of the IRS and work with IRS executives to require all IRS organizations to adhere to the Program Control and Process Management Division governance processes.

The Enterprise Governance Directive was approved by the Chief Information Officer with concurrence by the Deputy Commissioner for Services and Enforcement and the Acting Deputy Commissioner for Operations Support, effective November 25, 2008.  The MITS organization Program Management Offices and the Business Systems Planning offices participated in the development of the Directive in order to foster an enterprise-wide adherence.  Key IRS stakeholders were briefed on the final content, and it will be published on the Governance web site and in the Process Asset Library.
Status:  Closed December 1, 2008.

Recommendation:  The Chief Information Officer should establish formal policies and procedures to ensure the health assessment process is consistently applied and followed across all IRS organizations.

The IRS will issue a directive and guidance and conduct an enterprise-wide campaign of education and sustained support for the control organizations in order to ensure consistency of the health assessment process. 
Status:  Closed April 28, 2009.

Recommendation:  The Chief Information Officer should ensure policies and procedures are developed or revised to require control organizations to review all assigned major information technology projects monthly and present projects to the appropriate governance board’s attention when established thresholds are exceeded.

The IRS will develop a directive and guidance to ensure all assigned major Information Technology projects are reviewed monthly by the appropriate Information Technology control organizations and presented to the appropriate governance board’s attention when established thresholds are exceeded. 
Status:  Closed April 28, 2009.

Customer Account Data Engine Project Management Practices Have Improved, but Continued Attention Is Needed to Ensure Future Success

2008-20-151

September 11, 2008

 

Finding 1:  Long-term issues continue to challenge the Customer Account Data Engine project.

Recommendation:  The Chief Information Officer should ensure that a Historical Data Conversion solution is in place to enable the Customer Account Data Engine to process transactions related to issues such as balance-due conditions.

The Customer Account Data Engine Project Office will partner with key stakeholders to develop a decision paper to assess how to proceed with the Historical Data Conversion as it relates to Customer Account Data Engine’s continued development.  The project office will develop a plan and schedule for Historical Data Conversion implementations based on the decision paper. 
Status:  Closed April 9, 2009.

Recommendation:  The Chief Information Officer should develop an updated estimate of the processing and storage requirements, including the related costs, to support the long-term objectives and goals of Customer Account Data Engine operations.

The Enterprise Services organization will update Customer Account Data Engine end-state processing and storage design estimates as measured in Millions of Instructions Per Second and Terabytes, respectively.  Estimates will include direct costs associated with processing and storage requirements.  Indirect costs such as software license fees, professional services, labor charges, and maintenance fees will not be included in cost estimates. 
Status:  Open.  Due Date is July 1, 2009.

Finding 2:  Processing of economic stimulus payments put the Customer Account Data Engine Release 4 project schedule at risk.

Recommendation:  The Chief Information Officer should use a standardized process to determine the effect on the Customer Account Data Engine project’s scope, cost, and delivery schedules when unplanned initiatives are mandated for implementation.  These effects should be measured to the extent possible and reported to the IRS Commissioner and other stakeholders as a means for communicating the consequences to previously planned Customer Account Data Engine capabilities.

The Customer Account Data Engine team reviewed the current governance procedures for assessing impacts and risks in the event of unplanned, mandated initiatives.  No gaps were identified; however, a Project Review Checklist was developed in line with these procedures to ensure that release managers are consistent in their approach and documentation. 
Status:  Closed November 25, 2008.

The Enterprise Systems Management Program Is Making Progress to Improve Service Delivery and Monitoring, but Risks Remain

2008-20-161

September 12, 2008

Finding 1:  Funding for contractor support was not always provided in a timely manner.

Recommendation:  The Chief Information Officer should ensure that the Enterprise System Management projects receive timely and sufficient funding, or revise the projects’ tasks, to ensure efficient use of contractor support funds and continuity of funding.

The Enterprise System Management projects have been discussed and tasks and deliverables have been re-scoped to align with Fiscal Year 2009 budget projections and availability of resources.
Status:  Closed October 23, 2008.

Finding 2:  The Enterprise System Management projects did not always have adequate executive steering committee oversight to ensure that issues and risks were resolved in a timely manner.

Recommendation:  The Chief Information Officer should place Enterprise System Management projects under the governance of the Infrastructure Executive Steering Committee to ensure that risks and issues are resolved in a timely manner.

The Enterprise System Management projects are now under the governance of the Infrastructure Executive Steering Committee to ensure risks and issues are timely resolved. 
Status:  Closed September 23, 2008.

Finding 3:  Controls over licenses for software on servers and software tool purchases should be improved.

Recommendation:  The Chief Information Officer should acquire software tools to track licenses of software used agency-wide on servers to track and better evaluate software usage and related costs.

The IRS has acquired and implemented the IBM Tivoli License Compliance Manager product to track and manage all software licenses used agency-wide on servers in order to better evaluate software usage and related costs. 
Status:  Closed January 29, 2009.

Recommendation:  The Chief Information Officer should ensure that all tools meeting Enterprise System Management organization software tool criteria and requested by all IRS organizations are submitted to the Enterprise System Management organization for approval through the IRS Web Request Tracking System.

The Internal Revenue Manual revision adding an Enterprise System Management organization review for information technology acquisitions has been submitted for review and incorporation into the next published revision of Internal Revenue Manual 2.21.1.  This revision ensures that requisitions for information technology enterprise tools meeting the Enterprise System Management organization criteria incorporated an Enterprise System Management organization review in its Web Request Tracking System approval path. 
Status:  Closed October 23, 2008.

The Internal Revenue Service Deployed Two of Its Most Important Modernized Systems With Known Security Vulnerabilities

2008-20-163

September 24, 2008

Finding:  Internal Revenue Service organizations and oversight groups did not consider known security vulnerabilities to be significant enough to either resolve the vulnerabilities or deploy the systems with conditional restrictions.

Recommendation:  The Director, Business Modernization Office, and the Director, Customer Service, serving as the Co-Chairs of the Customer Service Executive Steering Committee, should consider all security vulnerabilities–including those associated with general support systems–that affect the overall security of the Customer Account Data Engine and the Account Management Services before approving milestone exits.  Equal emphasis should be placed on security and functionality.

The Co-Chairs of the Customer Service Executive Steering Committee do not approve milestone exits unilaterally; instead, they are two of several voting members of the Customer Service Executive Steering Committee.  The IRS will continue to follow the governance process documented in the Customer Service Executive Steering Committee charter and consider all security vulnerabilities to ensure best practices are in place for the successful delivery of project security and functionality.  Status:  Closed October 2, 2008.

Recommendation:  The Customer Account Data Engine and the Account Management Services Project Managers should provide more emphasis to both preventing and resolving security vulnerabilities identified during Enterprise Life Cycle processes.

The IRS will continue to follow the existing Enterprise Life Cycle processes for identifying, confirming, and resolving security vulnerabilities at the requirements, design, development, and testing life cycle stages, with an increased emphasis on both preventing and resolving security vulnerabilities identified during the Enterprise Life Cycle processes.  The IRS will also strengthen processes for capturing and documenting all Executive Steering Committee meeting minutes. 
Status:  Closed October 23, 2008.

Recommendation:  The Wage and Investment Division Directors of the Customer Account Data Engine and the Account Management Services, in their roles as system owners, should approve interim authorities to operate when significant security control weaknesses exist in system environments.  These interim authorities to operate should contain specific terms and conditions in accordance with IRS policy, including corrective actions to be taken by the information system owners and a required time period for completion of the corrective actions, before authorities to operate are granted.

The IRS will continue to operate in accordance with Internal Revenue Manual 10.8.1.42, which states that the Designated Approving Authority verifies that security assessments are conducted to determine that security controls are effectively operating, correctly implemented, and meeting the security requirements of the system.  Based on the results of these risk assessments, the Designated Approving Authority, along with the approval of the appropriate governance board (Executive Steering Committee), accepts risks and may grant full, interim, or deny authority to operate.  If and when significant control weaknesses are found to exist in system environments, an interim authority to operate will be issued with the appropriate timelines based on judgment of the level of risk.  Status:  Closed October 2, 2008.

Recommendation:  The Associate Chief Information Officer, Cybersecurity, should recommend interim authorities to operate when significant security vulnerabilities exist in system environments.

The IRS has been recommending interim authorities to operate when significant security vulnerabilities exist in system environments as a standard part of the IRS certification and accreditation process that was vetted with the National Institute of Standards and Technology and rated “satisfactory” for two consecutive annual Federal Information Security Management Act reporting cycles. 
Status:  Closed October 2, 2008.

Recommendation:  The Associate Chief Information Officer, Cybersecurity, should continue efforts to improve the accuracy and completeness of risk information in the security assessment reports by listing the general support system controls that are not yet implemented in the system environment and documenting concurrence by the Security Engineering Office and the Office of Privacy when reporting that vulnerabilities identified during milestone reviews have been corrected.

The certification and accreditation process has been modified and includes documented concurrence by the Security Engineering Office and/or the Office of Privacy when reporting that vulnerabilities identified during milestone reviews have been corrected in the security assessment report.  The IRS will update standard operating procedures to incorporate these process changes and continue to strengthen the process by including the relevant general support system plan of action and milestones as an attachment to each application security assessment report. 
Status:  Closed December 22, 2008.

Office of Audit Comment:  While the IRS agreed with all of our recommendations, the related corrective actions for the first four recommendations are focused on continuing to follow existing processes or strengthening current processes.  As stated in the report, we believe the existing security vulnerabilities were not caused by process deficiencies.  Instead, IRS offices did not carry out their responsibilities for ensuring that security weaknesses were corrected before deployment.

Customer Account Data Engine
Release 3 Successfully Processes Individual Tax Return and Tax Account Information

2009-20-001

October 24, 2008

Finding:  Customer Account Data Engine Release 3 began processing tax returns in August 2007, and successfully incorporated new requirements to accept and process tax return and tax account information.  For the first time, the Customer Account Data Engine processed two math error notices and an Earned Income Tax Credit informational notice.  In addition, the Customer Account Data Engine accurately processed almost all economic stimulus payments.

Recommendation:  No recommendations were made.

No corrective actions were required because the report did not make any recommendations.

The Modernization Vision and Strategy Program Is Achieving Desired Results, but Risks Remain

2009-20-008

October 31, 2008

Finding 1:  The process for developing total cost estimates can be improved.

Recommendation:  The Chief Information Officer should ensure the reliability of the cost estimation process by implementing procedures to compare actual project operations and maintenance costs to initial estimates and revising the estimation process, if necessary.

The IRS will implement procedures to compare actual project operations and maintenance costs to initial estimates and revise the estimation process when necessary. 
Status:  Closed March 27, 2009.

Finding 2:  Modernization Vision and Strategy program performance measurement standards need further development.

Recommendation:  The Chief Information Officer should include guidelines for performance measurement and reporting in the updated Modernization Vision and Strategy Plan.

The IRS will update the Modernization Vision and Strategy Plan to reference performance measures and reporting.  This update will be included in the Calendar Year 2009 annual publication. 
Status:  Open.  Due Date is December 1, 2009.

The Internal Revenue Service Deployed the Modernized E-File System With Known Security Vulnerabilities

2009-20-026

December 30, 2008

Finding:  Security vulnerabilities were not given sufficient attention during the development and accreditation of the Modernized
 e-File system.

Recommendation:  The Submission Processing Executive Steering Committee should consider all security vulnerabilities, including those associated with general support systems, that affect the overall security of the Modernized e-File system and the Modernized Tax Return Database before approving milestone exits.

The IRS will continue to follow the governance process documented in the Submission Processing Executive Steering Committee charter, which includes review of all security vulnerabilities, including those associated with general support systems, before milestone exits.  Consistent with governance procedures, these milestone exit review discussions will be documented in the Submission Processing Executive Steering Committee meeting minutes. 
Status:  Closed January 13, 2009

Recommendation:  The Commissioner, Wage and Investment Division, and the Chief Information Officer should provide more emphasis to both preventing and resolving security vulnerabilities identified during Enterprise Life Cycle processes to the Modernized e-File system project office.

The IRS will continue to follow the existing Enterprise Life Cycle processes for identifying, confirming, and resolving security vulnerabilities at the requirements, design, developmental, and testing life cycle stages, with an increased emphasis in both preventing and resolving security vulnerabilities identified during the Enterprise Life Cycle.  The IRS will also strengthen the process for capturing and documenting all executive steering committee meeting minutes. 
Status:  Closed January 13, 2009

Recommendation:  The Director, Electronic Tax Administration and Refundable Credits, Wage and Investment Division, as the Modernized e-File system owner, should approve interim authorities to operate when significant security control weaknesses exist in system environments.  These interim authorities to operate should contain specific terms and conditions in accordance with IRS policy that must be met, including corrective actions to be taken by the information system owners and a required time period for completion of the corrective actions, before authorities to operate are granted.

The IRS will continue to operate in accordance with Internal Revenue Manual 10.8.1.42, which states that the Designated Approving Authority verifies that security assessments are conducted to determine that security controls are effectively operating, correctly implemented, and meeting the security requirements of the system.  Based on the results of these risk assessments, the Designated Approving Authority, along with the approval of the appropriate governance board (Executive Steering Committee), accepts risks and may grant full, interim, or deny authority to operate.  If and when significant control weaknesses are found to exist in the system environments, the IRS will issue an interim authority to operate with the appropriate timelines based on judgment of the level of risk. 
Status:  Closed January 13, 2009

Office of Audit Comment:  Although the IRS agreed with all of our recommendations, its related corrective actions are focused on continuing to follow existing processes or strengthening current processes.  As stated in the report, we believe that the existing security vulnerabilities were not caused by process deficiencies.  Instead, IRS offices did not carry out their responsibilities for ensuring that security weaknesses were corrected before deployment.

Implementing The Data Strategy Will Make System and Application Development More Efficient and Effective

2009-20-022

February 19, 2009

Finding 1:  Sustaining the Data Strategy effort will allow for more efficient and effective system development and operations.

Recommendation:  The Chief Technology Officer should work with IRS senior executives to consider the priority of the Data Strategy effort in relation to the MITS organization’s budget and provide the necessary funding so that the Data Strategy can be successfully implemented as an integral component of the Information Technology Modernization Vision and Strategy.  The funding method needs to support the development, implementation, and maintenance of the Data Strategy as it facilitates and supports IRS data access.

While the IRS agrees with the spirit and intent of the recommendation, it cannot agree to fund any one project without considering each year’s annual budget.  The actions taken to prioritize all information technology demand with IRS senior leadership limits the Chief Technology Officer’s ability to direct resources to specific development projects.  Priorities for the limited information technology resources are driven through a service-wide priority process.  Notwithstanding, it is the IRS’ intent over the long term to move the IRS to a data-centric organization. 
Status:  Rejected. 

Office of Audit Comment:  The Data Strategy is cited by the IRS as one of the “four pillars of Modernization.”  We believe the IRS should place a high enough priority on the Data Strategy that the project is considered for a relevant portion of available funding.  Without providing adequate resources to secure this portion of the foundation, the Modernization effort is weakened.  Insufficient resources and commitment could lead the Data Strategy to the same result experienced by previous efforts – partially completed projects that did not provide the intended goal.

Finding 2:  Quantifying the benefits of the Data Strategy will strengthen the commitment for implementation.

Recommendation:  The Chief Technology Officer should quantify and communicate the benefits that will be realized from implementing the Data Strategy, to be in a better position to promote the Data Strategy and justify and receive funding through budget requests and MITS organization governance directives.

The Data Strategy Implementation Program Office will quantify its benefits, including those derived from eliminating redundant storage, using the Modernization Vision and Strategy costing model developed by the Enterprise Data Management Office.  This process will only address new Modernization Vision and Strategy projects, as existing and non-Modernization Vision and Strategy projects are not subject to the costing model.  For Modernization Vision and Strategy projects that already exist, the Data Strategy Implementation Program Office will quantify and extract the benefits from their budget. 
Status:  Open.  Due Date is July 15, 2009.

Finding 3:  A method to include systems and data assets in the Data Strategy should be developed.

Recommendation:  The Chief Technology Officer should develop a method to determine the priority for IRS systems and data assets to begin following the Data Strategy and when systems and data assets can be retired due to the Data Strategy.

The Data Strategy Implementation Division within the Applications Development organization will analyze IRS systems and data assets to develop a plan for determining a prioritization methodology for these systems and assets to be incorporated into the Data Strategy. 
Status:  Open.  Due Date is September 1, 2009.

Initial Efforts to Develop A New
Web-based Portal Environment Were Not Successful

2009-20-079

May 19, 2009

Finding: Procedures are not in place to continuously identify new projects needing portal support.

Recommendation:  The Chief Technology Officer should work with the Commissioner, Wage and Investment Division, to develop a process to ensure that new projects seeking approval and funding during the information technology governance process, and which are not part of the Modernization Vision and Strategy process, are properly identified and their portal needs are considered.  The new process should be similar to existing procedures to ensure that a uniform analysis is conducted for projects that are not part of the Modernization Vision and Strategy process.

The Chief Technology Officer organization and the Wage and Investment Division will partner together to improve coordination intended to ensure that all major new projects needing portal services will receive analysis that is similar to existing procedures.  To effect this change, the Enterprise Services organization-led Modernization Vision and Strategy team and the Wage and Investment Division Electronic Tax Administration function will collaborate in a timely manner to identify priority projects and decision data.  This will be accomplished by tailoring existing portfolio identification and management procedures to optimize the impact from a time and resource perspective and to ensure the capture of key elements necessary for informed decision making.  The steps selected from the current procedures will meet the specific needs of the project and an explanation of why specific actions are tailored will be recorded for each of these items.  The end result will be a process that identifies investment opportunities which are channeled through an engineering and estimation process to ensure that any portal needs are identified, considered, and properly addressed. 
Status:  Open.  Due Date is October 1, 2009.

Modernization Program Uncertainties Are Affecting the Account Management Services Project Development

2009-20-071

June 9, 2009

Finding 1:  Work has been suspended on future Account Management Services project releases.

Recommendation:  The Chief Technology Officer should ensure that the Account Management Services project development activities follow the appropriate governance process to redirect remaining Account Management Services funding to complete Releases 1.3 and 2.1.

The Account Management Services project request to realign funds to complete Releases 1.3 and 2.1 followed the governance process.  The request received approval from the Customer Service Executive Steering Committee on December 5, 2008, and from the MITS Enterprise Governance Board on January 23, 2009.  Notification was made to the Department of the Treasury and the Office of Management and Budget.
Status:  Closed February 18, 2009.

Finding 2:  Adequate project funding controls were not implemented.

Recommendation:  The Chief Technology Officer should direct project management teams and contracting officers to propose modernization task orders with the ability to readily account for system development activity funding on a release basis and, for major modernization development projects, on a milestone basis.  Designating contract activities for specific release and milestone capital development activities will provide clear funding and reporting traceability and more accessible assessments of contract funding progress.

The Associate Chief Information Officer for Management’s Financial Management Services Business Systems Modernization team will meet with 1) the Procurement organization to discuss how the recommendation can be incorporated with Procurement guidelines and 2) Business Systems Modernization project managers to assess current practices and determine what changes are necessary to ensure implementation of the TIGTA’s recommendations, amended if necessary by Procurement’s input.  Based on the results of these discussions, the Financial Management Services Business Systems Modernization team will issue budgetary guidelines.  The IRS does not believe there is a governance impact to Recommendation 2. 
Status:  Open.  Due Date is June 1, 2010.

Recommendation:  The Chief Technology Officer should reinforce existing governance procedures to MITS organization executives and managers about release-specific project funding, the need to gain approval of funding reallocations, and requirements to communicate these changes to stakeholders.

The Associate Chief Information Officer for Management’s Financial Management Services Business Systems Modernization team will review current procedures for release-specific project funding, parameters around funding reallocations and external stakeholder notifications to ensure they reflect the latest guidance, and then reissue existing procedures to executives and managers.  The team will partner with the Enterprise Services organization’s Program Governance Office to reinforce existing governance procedures and to ensure that this topic is included as an agenda item for discussion at appropriate Executive Steering Committee meetings. 
Status:  Open.  Due Date is February 1, 2010.

Recommendation:  The Chief Technology Officer should provide training and desk procedures on the proper use of release-specific (and, where applicable, milestone-specific) project funding.  The procedures should provide detailed steps for preparing, reviewing, and approving requisitions.  The procedures should include, at a minimum, the following controls:  1) when requisitions are initiated, requisition preparers, financial plan managers, and approvers must verify that the narrative describing the work to be performed in the requisition is clear and identifies the project release supported, and  compare the internal order code to the narrative to ensure the correct release is being charged for the expense and 2) before requisitions are executed, the project manager must verify that the actual work requisitioned supports the release to be charged for the cost.

The suggested controls have been discussed with Applications Development organization requisition preparers, reviewers, and approvers and are now in place.  Formal desk procedures, including the appropriate use of release-specific and
milestone-specific project funding, are under development. 
Status:  Open.  Due Date is October 1, 2009.

Source:  TIGTA audit reports issued from July 2008 through June 2009.

 

Appendix X

 

Glossary of Terms

 

Term

Definition

Account Management Services

A project that will modernize the capability to collect, view, retrieve, and manage taxpayer information.

Best Practice

A technique or methodology that, through experience and research, has proven to reliably lead to a desired result.

Byte

A byte is commonly used as a unit of storage measurement in computers, regardless of the type of data being stored.  It is also one of the basic integral data types in many programming languages.  Generally, a byte is a contiguous sequence of eight binary digits.

Popular Use and
Standard Meaning

Name

Symbol

Quantity

kilobyte

KB

210 (103)

megabyte

MB

220 (106)

gigabyte

GB

230 (109)

terabyte

TB

240 (1012)

Customer Account Data Engine

The foundation for managing taxpayer accounts in the IRS modernization plan.  It will consist of databases and related applications that will replace the existing IRS Master File processing systems and will include applications for daily posting, settlement, maintenance, refund processing, and issue detection for taxpayer tax account and return data.

Data Strategy Implementation Program

An initiative for implementing the data strategies that define the Enterprise Data Architecture, define the current and future data requirements, reduce and/or eliminate data duplication within the enterprise, provide solutions for information access and sharing, support interoperability among information systems, and support IRS business goals.

Enterprise Computing Center

Supports tax processing and information management through a data processing and telecommunications infrastructure.

Enterprise Data Access Program

An Extensible Markup Language Relational Database and Integrated Production Model.  The Extensible Markup Language Relational Database became operational in Fiscal Year 2006 and provides the IRS Tax Exempt and Government Entities Division with electronically filed business returns in a relational database that captures and associates data using common attributes.  The Integrated Production Model will provide a consolidated database of tax return and account data in a single repository for compliance data used in the case selection processes. 

Enterprise Life Cycle

A structured business systems development method that requires the preparation of specific work products during different phases of the development process.

Executive Steering Committee

Oversees investments, including validating major investment business requirements and ensuring that enabling technologies are defined, developed, and implemented.

Filing Season

The period from January through mid-April when most individual income tax returns are filed.

Highest Priority Initiatives Process

A process IRS executives and managers used to identify and seek resolution for the most significant issues facing the Modernization Program.  IRS executives and senior managers were appointed to oversee the plans to resolve each of the Highest Priority Initiatives, and progress was reported monthly.  New initiatives were identified every 6 months.

Information Technology Modernization Vision and Strategy

A 5-year plan that drives investment decisions, addresses the priorities around modernizing front-line tax administration and supporting technical capabilities, and leverages existing systems (where possible) and new development (where necessary) to optimize capacity, manage program costs, and deliver business value on a more incremental and frequent basis.

Infrastructure

The fundamental structure of a system or organization.  The basic, fundamental architecture of any system (electronic, mechanical, social, political, etc.) determines how it functions and how flexible it is to meet future requirements.

Integrated Data Retrieval System

The IRS computer system capable of retrieving or updating stored information; it works in conjunction with a taxpayer’s account records.

Integrated Production Model

A consolidated source of core taxpayer data (e.g., tax account, tax return, and third-party data) and business application data to be used by a wide range of business applications to support case identification, selection, prioritization, and delivery.

Master File

The IRS database that stores various types of taxpayer account information.  This database includes individual, business, and employee plans and exempt organizations data.

Material Weakness

Office of Management and Budget Circular A-123, Management’s Responsibility for Internal Control, dated December 2004, defines a material weakness as any condition an agency head determines to be significant enough to be reported outside the agency.

Milestone

The “go/no-go” decision point in a project and is sometimes associated with funding approval to proceed.

Modernized e-File

The modernized, web-based platform for filing approximately 330 IRS forms electronically, beginning with the
U.S. Corporation Income Tax Return (Form 1120),
U.S. Income Tax Return for an S Corporation (Form 1120S), and Return of Organization Exempt From Income Tax (Form 990).

PRIME Contractor

The Computer Sciences Corporation, which heads an alliance of leading technology companies brought together to assist with the IRS’ efforts to modernize its computer systems and related information technology.

Relational Database

A database that captures data using common attributes found in the data set.

Release

A specific edition of software.

Task Order

An order for services planned against an established contract.

Work Breakdown Structure

A deliverable-oriented grouping of project elements that organizes and defines the total scope of the project.

 

Appendix XI

 

Management’s Response to the Draft Report

 

The response was removed due to its size.  To see the response, please go to the Adobe PDF version of the report on the TIGTA Public Web Page.


[1] Pub. L. No. 105-206, 112 Stat. 685 (codified as amended in scattered sections of 2 U.S.C., 5 U.S.C. app., 16 U.S.C., 19 U.S.C., 22 U.S.C., 23 U.S.C., 26 U.S.C., 31 U.S.C., 38 U.S.C., and 49 U.S.C.).

[2] See Appendix X for a glossary of terms.

[3] Pub. L. No. 110-185, 122 Stat. 613.

[4] Pub. L. No. 105-206, 112 Stat. 685 (codified as amended in scattered sections of 2 U.S.C., 5 U.S.C. app., 16 U.S.C., 19 U.S.C., 22 U.S.C., 23 U.S.C., 26 U.S.C., 31 U.S.C., 38 U.S.C., and 49 U.S.C.).

[5] See Appendix X for a glossary of terms.

[6] Appendix IX presents the TIGTA reports used in formulating this Modernization Program assessment.

[7] Internal Revenue Service’s Fiscal Year 2009 Expenditure Plan (GAO-09-281, dated March 2009).

[8] See Appendix IV for an overview of the Enterprise Life Cycle.

[9] Pub. L. No. 110-185, 122 Stat. 613.

[10] Customer Account Data Engine Release 3 Successfully Processes Individual Tax Return and Tax Account Information (Reference Number 2009-20-001, dated October 24, 2008).

[11] Vital Decisions Must Be Made to Ensure Successful Implementation of Customer Account Data Engine Capabilities (Reference Number 2007-20-080, dated July 13, 2007).

[12] Customer Account Data Engine Project Management Practices Have Improved, but Continued Attention Is Needed to Ensure Future Success (Reference Number 2008-20-151, dated September 11, 2008).

[13] Annual Assessment of the Business Systems Modernization Program (Reference Number 2008-20-129, dated June 24, 2008).

[14] 31 U.S.C. Sections 1105, 1113, 3512 (2000).

[15] Pub. L. No. 105-206, 112 Stat. 685 (codified as amended in scattered sections of 2 U.S.C., 5 U.S.C. app., 16 U.S.C., 19 U.S.C., 22 U.S.C., 23 U.S.C., 26 U.S.C., 31 U.S.C., 38 U.S.C., and 49 U.S.C.).

[16] See Appendix IX for a detailed list of recent TIGTA reports and associated findings.

[17] Annual Assessment of the Internal Revenue Service’s Business Systems Modernization Program (Reference Number 2002-20-189, dated September 27, 2002); Annual Assessment of the Business Systems Modernization Program (Reference Number 2003-20-208, dated September 29, 2003); Annual Assessment of the Business Systems Modernization Program (Reference Number 2004-20-107, dated June 3, 2004); Annual Assessment of the Business Systems Modernization Program (Reference Number 2005-20-102, dated August 10, 2005); Annual Assessment of the Business Systems Modernization Program (Reference Number 2006-20-102, dated June 30, 2006); Annual Assessment of the Business Systems Modernization Program (Reference Number 2007-20-121, dated August 24, 2007); and Annual Assessment of the Business Systems Modernization Program (Reference Number 2008-20-129, dated June 24, 2008).

[18] See Appendix IV for description of the various Enterprise Life Cycle milestones.

[19] Annual Assessment of the Business Systems Modernization Program (Reference Number 2008-20-129, dated
June 24, 2008).

[20] See Appendix X for a glossary of terms.