Office of Audit
SIGNIFICANT PROGRESS HAS BEEN MADE IN IMPLEMENTING AN ENTERPRISE RISK MANAGEMENT PROGRAM
Final Report issued on July 12, 2016
Highlights of Reference Number:† 2016-10-051 to the Internal Revenue Service Chief Risk Officer.
IMPACT ON TAXPAYERS
As a result of concerns regarding the IRSís previous use of inappropriate criteria in reviewing of organizations applications for tax-exempt status, the Acting IRS Commissioner reported in June 2013 that a series of actions have been identified to improve performance and accountability within the IRS.† These actions included implementing a formal Enterprise Risk Management program to better identify emerging risks and mitigate them before they impact performance.† Effective risk management can help the IRS more effectively administer our nationís tax system.†
WHY TIGTA DID THE AUDIT
This audit was initiated to evaluate the IRSís efforts to implement a comprehensive process for identifying and mitigating significant risks to effective tax administration.†
WHAT TIGTA FOUND
The IRS has made significant progress in its efforts to implement an Enterprise Risk Management program to provide a structured framework for the identification and mitigation of significant organizational risks.
Steps already completed include appointing a Chief Risk Officer and establishing an embedded risk management structure within each of the IRSís four operating divisions and 20 functional offices.† In addition, the IRS established a Risk Working Group (which includes representatives from the operating divisions and functional offices) and an Executive Risk Committee (comprised of IRS senior management) to facilitate collaboration on risk evaluation decisions.
In October 2014, the IRS completed an initial agency-wide risk assessment focused on using a high-level, top-down approach to identify and provide insight on enterprise risk areas.† In December 2015, the IRS completed its second agency-wide risk assessment.† The purpose of this assessment was to review risk areas across the organization in more depth, identify the top areas of risk impacting the IRS, and develop a coordinated agency-wide approach to addressing these risk areas.† Based on this analysis, 12 top enterprise risk areas were identified.† The IRS plans to complete another agency-wide risk assessment in Fiscal Year 2016.
Steps in process include integration with the IRSís strategic planning, budgeting, and internal controls processes and actively monitoring program performance.† The IRS is also working to establish risk tolerance guidelines to assist in determining acceptable levels of risk associated with various IRS business decisions.† Finally, the IRS is working to develop metrics, known as key risk indicators, to assist in signaling potential emerging risks.
WHAT TIGTA RECOMMENDED
TIGTA did not make any recommendations as a result of this review.† However, key IRS officials reviewed this report prior to its issuance and agreed with the facts and conclusions presented.
READ THE FULL REPORT
To view the report, including the scope, methodology, and full IRS response, go to:
Phone Number ††/† 202-622-6500
E-mail Address †/† TIGTACommunications@tigta.treas.gov
Website†††††† ††††††/† https://www.treasury.gov/tigta