Treasury Inspector General for Tax Administration
Office of Audit
THE CUSTOMER ACCOUNT DATA ENGINE 2 DATABASE IMPLEMENTATION PROJECT MADE PROGRESS IN DESIGN ACTIVITIES, BUT IMPROVEMENTS ARE NEEDED
Issued on September 20, 2011
Highlights of Report Number: 2011-20-110 to the Internal Revenue Service Chief Technology Officer.
IMPACT ON TAXPAYERS
The mission of the Customer Account Data Engine 2 (CADE 2) Program is to provide state-of-the-art individual taxpayer account processing and technologies to improve service to taxpayers and enhance Internal Revenue Service (IRS) tax administration. Once completed, the new modernization environment should allow the IRS to more effectively and efficiently update taxpayer accounts, support account settlement and maintenance, and process refunds on a daily basis, all of which will contribute to improved taxpayer services.
WHY TIGTA DID THE AUDIT
The overall objective was to review the preliminary and detailed designs of the CADE 2 database to ensure that the design is secure and satisfies the stated requirements, and that project management practices adhere to Enterprise Life Cycle standards and processes for the related design milestones.
WHAT TIGTA FOUND
The CADE 2 Database Implementation Project team made progress to complete design activities and address security and privacy controls. For example, the Database Implementation Project team closed issues identified from the CADE 2 database Extract, Transform, and Load prototypes and addressed requirements and business rules. In addition, an improved Project team and Cybersecurity organization partnership addressed Database Implementation security and privacy controls and made critical decisions relating to security of the database. Despite overall progress, improvements are needed to ensure key activities for the Design Specification Report, audit plan, and database trial initializations are timely, and the Interface Control Documents and Work Breakdown Structure comply with Enterprise Life Cycle criteria.
WHAT TIGTA RECOMMENDED
TIGTA recommended that the Chief Technology Officer ensure key activities and deliverables (including security) are completed timely and, if not, an assessment is made to determine the impact or risk of not completing the required activity; the Enterprise Life Cycle guidance is kept current and includes all artifacts needed for projects following the Iterative Path; and several other system development process improvements are implemented to ensure the CADE 2 system functions as designed when deployed into IRS operations.
In its response to the report, the IRS agreed with four of TIGTA’s recommendations and has taken or plans to take appropriate corrective actions. The IRS disagreed with TIGTA’s recommendation to ensure the Internal Revenue Manual guidance for the Enterprise Life Cycle is current and addresses the artifacts needed for the Iterative Path. The IRS stated the Internal Revenue Manual is updated annually and reflects the required artifacts. Further, the IRS indicated that when projects proceed through milestone reviews without the artifacts identified in the Internal Revenue Manual, they do so under a tailored plan, a practice also outlined in the Internal Revenue Manual.
TIGTA found that the IRS’s project tailoring plan contained the artifacts from the Internal Revenue Manual and was not subsequently updated to include an updated artifact based on the Iterative Path approach. As a result, TIGTA maintains that the Internal Revenue Manual needs to be updated to make the guidance more effective in managing projects following the Iterative Path. Until the Internal Revenue Manual guidance can be revised during the next annual update cycle, the IRS should consider sending out additional guidance based on lessons learned.
READ THE FULL REPORT
To view the report, including the scope, methodology, and full IRS response, go to:
Email Address: TIGTACommunications@tigta.treas.gov
Phone Number: 202-622-6500
Web Site: http://www.tigta.gov