One of the most critical issues the Internal Revenue Service (IRS) faces this year is the need to make its computer systems Year 2000 (Y2K) compliant. The IRS is a $1.7 trillion financial service organization, dependent on its computer systems to process tax returns, issue refunds, deposit payments, and provide employees access to taxpayer data. The conversion of the IRS’ minicomputer (Tier II) systems is critical to the success of the overall Y2K compliance effort.

This review was initiated to evaluate corrective actions taken in response to an earlier Treasury Inspector General for Tax Administration audit report entitled, Increased Validation and Oversight of Year 2000 Minicomputer Conversion Efforts are Needed to Strengthen Testing and To Avoid Further Delays (Report Reference # 199920054, dated August 1999). These corrective actions included:

• Proper identification and classification of systems which did not meet compliance targets.
• Implementation of an Independent Audit and Readiness Verification (IA&RV) process to validate renovation actions and results of system testing.
• Monitoring conversion progress and issuance of contingency plans, as needed.

The IRS took actions to address concerns raised in our earlier report. The Tier II Risk Assessment Dashboard Report, which monitors conversion of minicomputer systems, now focuses on systems that have not yet been made Y2K compliant, and reports on their progress. The IA&RV process was established to provide assurance that conversion activities are occurring as reported. Contingency planning has been ongoing and covers most IRS systems.

However, late conversion dates and gaps in contingency planning result in continuing conversion risks for IRS minicomputer systems.

The IRS has made significant progress to ensure that the nation’s tax processing infrastructure will continue to function in the Year 2000 and beyond. However, based on the October 29, 1999, Tier II Risk Assessment Dashboard Report, three mission critical minicomputer systems and eight non-mission critical minicomputer systems had not yet been converted in the field sites where they operate (see Appendix IV for details).

The IRS is committed to ensuring continuity of its business operations in view of potential Y2K disruptions. It has developed and implemented a contingency planning program to reduce the risk of failure and disruptions based on core business processes. However, our evaluation of contingency planning for four mission critical systems identified one, the Block Batch Tracking System (BBTS), that was not covered by an existing contingency plan. This system has been made Y2K compliant, but a contingency plan is necessary to address potential problems resulting from systems that transfer data to and from the BBTS.

The BBTS establishes control over incoming tax returns, and tracks them through processing. The failure of BBTS in the Year 2000 could halt the processing of over 100 million tax returns, including tax payments in excess of $200 million, and could impact approximately 1,500 employees nationwide.

Management’s Response: The IRS’ official comments were not available as of the date of this report. However, we summarized comments provided by the Century Date Change (CDC) Project Director below and incorporated more details in the body of the report.

The CDC Project Director indicated that Y2K compliant versions of all mission critical Tier II systems and all but five non-mission critical systems have been implemented. He agreed that a contingency plan had not been prepared for the BBTS, but that the IRS determined the impact of a loss of the BBTS would be minimal from a business standpoint because the tracking operation can be performed manually.

The CDC Project Director also responded that his office has an active process for monitoring Year 2000 risks, including Tier II applications. Based on their monitoring and the other actions taken, the risk that the IRS will be unable to provide critical Tier II service, to taxpayers or to internal users, is minimal.