Treasury Inspector General Reports December, 2015
|
|
- Neal Reynard Nicholson
- 5 years ago
- Views:
Transcription
1 Treasury Inspector General Reports December, 2015 Treasury Inspector General for Tax Administration Office of Audit Improved Tax Return Filing and Tax Account Access Authentication Processes and Procedures Are Needed Issued on November 19, 2015 The increasing number of data breaches in the private and public sectors means more personal information than ever before is available to unscrupulous individuals. Much of these data are detailed enough to enable circumvention of most authentication processes. As such, it is critical that the methods the IRS uses to authenticate individuals identities provide a high level of confidence that tax information and services are provided only to individuals who are entitled to receive them. WHY TIGTA DID THE AUDIT Failure to adequately authenticate taxpayers filing a tax return and accessing tax account services can lead to identity theft. The increased availability of personal information warrants an assessment of the authentication risk across IRS services. TIGTA performed this audit to assess IRS efforts to authenticate individual taxpayers identities at the time tax returns are filed and when services are provided. WHAT TIGTA FOUND
2 Taxpayers continue to desire electronic products and services that enable them to interact and communicate with the IRS. However, the continued challenge in expanding its portfolio of electronic products and services is that the IRS must ensure that tax account-related information and services are provided only to individuals who are entitled to receive them. Although the IRS recognizes the growing challenge it faces in establishing effective authentication processes and procedures, it has not established a Service-wide approach to managing its authentication needs. The IRS should establish a function that is optimally placed in the organization and provide it with the authority needed to ensure that authentication policies and procedures are consistent and comply with Government information security standards Service-wide. The IRS recognizes the need to establish a Service-wide approach to managing its authentication needs and has established two groups that focus on taxpayer authentication. However, neither of these groups provides for cross-functional management, oversight, and continued evaluation of the IRS s existing authentication processes to ensure that they address current and future needs. In addition, authentication methods used for current online services do not comply with Government Information Security Standards. For example, TIGTA analysis of the e-authentication processes used to authenticate users of the IRS online Get Transcript and Identity Protection Personal Identification Number applications found that the authentication methods provide only single-factor authentication, despite the Government standards requiring multifactor authentication for such high-risk applications. As a result, unscrupulous individuals have gained unauthorized access to tax account information. WHAT TIGTA RECOMMENDED TIGTA recommended that the Deputy Commissioner for Services and Enforcement develop a Service-wide strategy that establishes consistent oversight of all authentication needs across IRS functions and programs, ensure that the level of authentication risk for all current and future online applications accurately reflects the risk, and ensure that
3 the authentication processes meet Government Information Security Standards. The IRS agreed to implement all three recommendations. Treasury Inspector General for Tax Administration Press Release December 21, 2015 The IRS Needs to Better Ensure That Refunds on Potentially Fraudulent Tax Returns Are Not Erroneously Released A computer programming error and the ineffective monitoring of potentially fraudulent tax returns resulted in the erroneous release of more than $46 million in refunds by the Internal Revenue Service (IRS) during Calendar Year 2014 before the information had been verified as correct. That is among the findings of an audit report publicly released today by the Treasury Inspector General for Tax Administration (TIGTA). TIGTA initiated this audit because an IRS employee reported to the TIGTA Office of Investigations that the IRS was not working some taxpayer cases in which refunds were held. The Office of Investigations identified that the IRS did not timely address these tax accounts to
4 ensure that the refunds are not erroneously released. TIGTA assessed IRS processes to ensure that tax refunds are not erroneously released. The IRS s Return Integrity and Compliance Services organization is responsible for identifying, evaluating, and preventing the issuance of improper refunds. This mission includes protecting revenue by identifying potentially fraudulent tax returns and verifying the accuracy of reported income and withholding information. The IRS reported that the Integrity and Verification Operations function prevented more than $15 billion in refunds for over 2 million tax returns for confirmed identity theft or fraud during Calendar Year TIGTA identified that, because of a programming error, over $27 million of refunds were erroneously issued for 13,043 Tax Year 2013 tax returns. The programming error is overriding the IRS s two-week processing delay on some refund tax returns that the IRS identifies as potentially fraudulent. These are tax returns that the IRS Examination function also identified as claiming a questionable tax credit. The portion of the refund that the Examination function does not review is erroneously issued before the IRS can complete its verification of income and withholding. TIGTA also identified 3,910 Tax Year 2013 returns that the IRS selected for verification with no indication that tax examiners verified the returns. The IRS issued refunds totaling over $19 million for these tax returns. Refund holds were either not set correctly or not functioning as intended. While the IRS has made important strides in its programs that prevent the issuance of fraudulent refunds, our auditors found that it is not always ensuring that tax examiners timely complete their verification work before releasing refunds, said J. Russell George, Treasury Inspector General for Tax Administration. TIGTA recommended that the IRS: correct the programming that is erroneously overriding the twoweek return processing delay needed to ensure that refunds are not issued before screening and verifying the tax returns; develop a periodic reconciliation process to ensure that refunds associated with identified potentially fraudulent tax returns are not erroneously released;
5 develop a process to ensure that tax examiners verify a potentially erroneous refund claimed by a taxpayer within the refund hold period or place an unexpiring refund hold on the taxpayer s account until verification can be completed as required; and identify why refund holds placed on some accounts were not delaying processing of the tax returns and address the causes. The IRS agreed with all recommendations and stated that it was taking corrective action. Treasury Inspector General for Tax Administration Office of Audit Treasury Inspector General for Tax Administration - Federal Information System Modernization Act Report for Fiscal Year 2015 Issued on September 25, 2015 The Federal Information Security Management Act of 2002, and its recent amendment, the Federal Information Security Modernization Act (FISMA) of 2014, were enacted to strengthen the security of information and systems within Federal Government agencies. The IRS collects and maintains a significant amount of personal and financial information on each taxpayer. As custodians of taxpayer information,
6 the IRS has an obligation to protect this sensitive information against unauthorized access or loss in accordance with FISMA requirements. WHY TIGTA DID THE AUDIT As part of the FISMA legislation, the Offices of Inspectors General are required to perform an annual independent evaluation of each Federal agency s information security programs and practices. This report presents the results of TIGTA s FISMA evaluation of the IRS for Fiscal Year WHAT TIGTA FOUND The IRS s Information Security Program generally complied with the FISMA requirements. Three program areas met all FISMA performance attributes specified by the Department of Homeland Security: Risk Management, Incident Response and Reporting, and Contingency Planning. Four other security program areas met all attributes with the exception of two or fewer program attributes that were not met: Security Training, Plan of Action and Milestones, Remote Access Management, and Contractor Systems. However, three security program areas failed to meet FISMA requirements overall due to not meeting many of the performance attributes specified by the Department of Homeland Security: Continuous Monitoring Management, Configuration Management, and Identity and Access Management. Until the IRS takes steps to improve its security program deficiencies and fully implement all security program areas in compliance with FISMA requirements, taxpayer data will remain vulnerable to inappropriate and undetected use, modification, or disclosure. WHAT TIGTA RECOMMENDED TIGTA does not include recommendations as part of its annual FISMA evaluation and reports on only the level of performance achieved by the IRS using the guidelines issued by the Department of Homeland Security for the applicable FISMA evaluation period.
7 Treasury Inspector General for Tax Administration December 1, 2015 TIGTA Releases Review of IRS FISMA Compliance The Treasury Inspector General for Tax Administration (TIGTA) performed its annual evaluation of the information security programs and practices of the Internal Revenue Service (IRS), as required by the Federal Information Security Modernization Act (FISMA). This report presents the results of TIGTA s evaluation for Fiscal Year TIGTA found that the IRS s Information Security Program generally complied with the FISMA requirements. Three program areas met all FISMA performance attributes as specified by the Department of Homeland Security: Risk Management, Incident Response and Reporting, and Contingency Planning. Four other security program areas met all attributes, with the exception of two or fewer program attributes that were not met: Security Training, Plan of Action and Milestones, Remote Access Management, and Contractor Systems. However, three security program areas failed to meet FISMA requirements overall due to not meeting many of the performance attributes specified by the Department of Homeland Security:
8 Continuous Monitoring Management, Configuration Management, and Identity and Access Management. Until the IRS takes steps to improve its security program deficiencies and fully implement all security program areas in compliance with FISMA requirements, taxpayer data will remain vulnerable to inappropriate and undetected use, modification, or disclosure. The IRS collects and maintains a significant amount of personal and financial information about taxpayers, said J. Russell George, Treasury Inspector General for Tax Administration. As custodians of this sensitive information, the IRS has an obligation to protect it against unauthorized access or loss, he added. TIGTA does not include recommendations as part of its annual FISMA evaluation and reports on only the level of performance achieved by the IRS using the guidelines issued by the Department of Homeland Security for the applicable FISMA evaluation period. Treasury Inspector General for Tax Administration Office of Audit Annual Assessment of the Internal Revenue Service Information Technology Program Issued on September 30, 2015
9 In Fiscal Year 2014, the IRS collected about $3.1 trillion in Federal tax payments, processed hundreds of millions of tax and information returns, and paid about $374 billion in refunds to taxpayers. In addition, the IRS employs almost 87,000 people in 551 facilities nationwide. The IRS relies extensively on computerized systems to support its financial and mission-related operations. Weaknesses within the IRS s Information Technology Program could result in computer operations that become compromised, disrupted, or outdated, which could adversely affect the IRS s ability to meet its mission of providing America s taxpayers with top-quality service by helping them understand and meet their tax responsibilities and enforcing the law with integrity and fairness to all. WHY TIGTA DID THE AUDIT TIGTA annually assesses and reports on an evaluation of the adequacy and security of IRS information technology as required by the IRS Restructuring and Reform Act of Our overall objective was to assess the progress of the IRS s Information Technology Program including security, modernization, and operations for Fiscal Year WHAT TIGTA FOUND Cybersecurity remains a major challenge for the Federal Government, and the IRS continues to work toward securing tax information and maintaining taxpayer privacy. TIGTA identified weaknesses within the IRS s Cybersecurity program pertaining to continuous monitoring, configuration management, identity and access management, privacy impact assessments, external connections, and audit trails. In addition, the IRS is developing a new system that uses data analytics to combat identity theft and tax fraud. During its pilot in Calendar Year 2014, the Return Review Program identified 10,348 identity theft cases totaling $43 million in refunds and an additional 350,000 potentially fraudulent returns that were not detected by the existing fraud detection system. However, the IRS has not planned for the retirement of its existing fraud detection system. The IRS continues to develop or upgrade its systems to meet its obligation as the Nation s tax administrator. TIGTA identified concerns with Windows workstation and server upgrades, Integrated
10 Enterprise Portal operations, and the Customer Account Data Engine 2 program. Finally, the IRS made significant progress developing new systems supporting the Affordable Care Act. However, TIGTA identified issues with the Coverage Data Repository, the Affordable Care Act Verification Service, interagency testing, and the Final Integration Test program. WHAT TIGTA RECOMMENDED Because this report was an assessment report of the IRS s Information Technology Program based on TIGTA audit reports issued during Fiscal Year 2015, TIGTA did not make any recommendations. Treasury Inspector General for Tax Administration Office of Audit Improvements Are Needed in the Identity Protection Specialized Unit to Better Assist Victims of Identity Theft Issued on October 27, 2015 As part of the IRS s strategy to reduce taxpayer burden caused by identity theft, the Identity Protection Specialized Unit (IPSU) was formed in October The IPSU is a dedicated unit to enable victims of identity theft to have their questions answered and obtain assistance in having their issues resolved quickly and effectively.
11 WHY TIGTA DID THE AUDIT In May 2012, TIGTA reported that the IRS should reassess the role of the IPSU because it was not meeting its original purpose of providing taxpayers with a single assistor to work with each identity theft victim to answer questions and resolve his or her issues. This audit was initiated to follow up on the current effectiveness of the IPSU in meeting its goals. The objective of this review was to determine whether the IPSU results in a streamlined process to help resolve identity theft cases, including providing victims with a single point of contact. WHAT TIGTA FOUND The majority of identity theft victims are no longer provided with an IPSU single point of contact. The IRS indicated that budgetary constraints do not allow for a single employee to be assigned to each identity theft victim. However, the IRS has stated that it remains committed to continuing to provide victims of identity theft with the centralized IPSU hotline to obtain assistance. The IRS noted that obtaining assistance via contact with the hotline does not depend on the availability of a single customer service representative, who may be unavailable because he or she is performing other casework. In addition, required acknowledgement and case status letters were not always issued to taxpayers. Our review of a statistically valid sample of 51 IPSU cases from the 24,509 that were closed in Fiscal Year 2014 identified 19 cases (37 percent) for which the customer service representative either did not send or timely send the taxpayer one or more of the required letters. Also, research is not always effectively conducted to identify and assist taxpayers who submit identity theft claim documentation without their Social Security Number. Our review of a statistically valid sample of 51 cases from a population of 2,612 individuals identified 18 (35 percent) for which IRS information could have been used to identify the Social Security Number. Instead, the IRS closed the case as not having sufficient information from the individual to enable the IRS to identify a corresponding Social Security Number.
12 Finally, a comprehensive process has not been established to ensure that IPSU customer service representatives timely address taxpayer voic messages. WHAT TIGTA RECOMMENDED TIGTA recommended that the IRS ensure that required acknowledgement and case status letters are timely sent to victims of identity theft. In addition, the IRS should ensure that cases submitted without a complete Social Security Number are properly researched and that a process is developed whereby customer service representatives timely respond to taxpayers voic messages. The IRS agreed with all three recommendations and plans to conduct ongoing quality and managerial reviews to identity opportunities to improve the timeliness of acknowledgements sent to taxpayers. The IRS stated that additional training was provided to employees on how to properly research cases for the full Social Security Number. In addition, the IRS plans to issue updated guidance with specific procedures that address voic s related to identity theft.
IRS Connections to External Systems: Improvements are Needed, TIGTA Finds
Treasury Inspector General for Tax Administration November 5, 2015 IRS Connections to External Systems: Improvements are Needed, TIGTA Finds Service (IRS) do not have proper authorization or security agreements,
More informationTreasury Inspector General Reports -Issued February, 2016
Treasury Inspector General Reports -Issued February, 2016 TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION Highlights Direct Debit Installment Agreement Procedures Addressing Taxpayer Defaults Can Be
More informationTREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION
TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION Results of the 2015 Filing Season August 31, 2015 Reference Number: 2015-40-080 This report has cleared the Treasury Inspector General for Tax Administration
More informationTreasury Inspector General for Tax Administration Reports - October, 2018
Treasury Inspector General for Tax Administration Reports - October, 2018 TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION Office of Audit Highlights THE TAXPAYER PROTECTION PROGRAM INCLUDES PROCESSES
More informationTREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION
TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION Detection Has Improved; However, Identity Theft Continues to Result in Billions of Dollars in Potentially Fraudulent Tax Refunds September 20, 2013 Reference
More informationSPECIAL REPORT. What to Do If Your Client Is a Victim of Tax-Related Identity Theft
SPECIAL REPORT What to Do If Your Client Is a Victim of Tax-Related Identity Theft What to Do If Your Client Is a Victim of Tax-Related Identity Theft Tax-related identity theft revolves around the fraudulent
More informationAPPENDIX D Examples of Significant Deficiencies and Material Weaknesses
Page A 136 Standard APPENDIX D Examples of Significant Deficiencies and Material Weaknesses D1. Paragraph 8 of this standard defines a control deficiency. Paragraphs 9 and 10 go on to define a significant
More informationTREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION
TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION Better Adherence to Procedures Is Needed to Accurately Assess the Volunteer Tax Return Preparation Program June 17, 2016 Reference Number: 2016-40-045
More informationTREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION
TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION Actions Are Needed to Ensure Proper Use of Individual Taxpayer Identification Numbers and to Verify or Limit Refundable Credit Claims March 31, 2009 Reference
More informationTREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION
TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION Substantial Changes Are Needed to the Individual Taxpayer Identification Number July 16, 2012 Reference Number: 2012-42-081 This report has cleared the
More informationRed Flags Rule Identity Theft Training Program
Red Flags Rule Identity Theft Training Program October 2017 Purpose of Training The purpose of the UA Little Rock Identity Theft Prevention Program is to reduce the exposure of financial and personal loss
More informationPART 6 - INTERNAL CONTROL
PART 6 - INTERNAL CONTROL INTRODUCTION The A-102 Common Rule and OMB Circular A-110 (2 CFR part 215) require that non-federal entities receiving Federal awards (i.e., auditee management) establish and
More informationAccounts Receivable and Debt Collection Processes. Internal Controls and Compliance Audit
This document is made available electronically by the Minnesota Legislative Reference Library as part of an ongoing digital archiving project. http://www.leg.state.mn.us/lrl/lrl.asp O L A OFFICE OF THE
More informationLIST OF SUBSTANTIVE CHANGES AND ADDITIONS Route To: Partners PPC's Guide to Dealing with the IRS Managers. Twenty second Edition (June 2014)
LIST OF SUBSTANTIVE CHANGES AND ADDITIONS Route To: Partners PPC's Guide to Dealing with the IRS Managers Staff File Twenty second Edition (June 2014) The following are some of the features of this year
More informationCANADA GOOSE HOLDINGS INC.
CANADA GOOSE HOLDINGS INC. WHISTLEBLOWER POLICY CP08 02 18 CP08 02 18 Page 1 of 10 CANADA GOOSE HOLDINGS INC. WHISTLEBLOWER POLICY 1. PURPOSE CP08 02 18 This Whistleblower Policy (the Policy ) sets out
More informationDAWSON PUBLIC POWER DISTRICT 300 South Washington Street P. O. Box Lexington, Nebraska Tel. No.- 308/324/2386 Fax No.
DAWSON PUBLIC POWER DISTRICT 300 South Washington Street P. O. Box 777 - Lexington, Nebraska - 68850 Tel. No.- 308/324/2386 Fax No.-308/324/2907 CUSTOMER POLICY IDENTITY THEFT PREVENTION I. OBJECTIVE Page
More informationSchedule of Findings and Questioned Costs For the Year Ended December 31, 2011 SECTION II FINANCIAL STATEMENT FINDINGS
Schedule of Findings and Questioned Costs 2011-FS-1 Preparation of Financial Statements (Repeated from Prior Year) Finding Type. Material Weakness in Internal Control over Financial Reporting. Criteria.
More informationFEDERAL HOUSING FINANCE AGENCY OFFICE OF INSPECTOR GENERAL
FEDERAL HOUSING FINANCE AGENCY OFFICE OF INSPECTOR GENERAL Enhanced FHFA Oversight Is Needed to Improve Mortgage Servicer Compliance with Consumer Complaint Requirements AUDIT REPORT: AUD-2013-007 March
More informationTREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION
TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION The Earned Income Tax Credit Program Has Made Advances; However, Alternatives to Traditional Compliance Methods Are Needed to Stop Billions of Dollars
More informationGuidelines for Electronic Retail Payment Services (ERPS 2)
Guidelines for Electronic Retail Payment Services (ERPS 2) Issue Date: Effective Date: 1 February 2019 Foreword The 2019 Guidelines for Electronic Retail Payment Services (ERPS 2) represent the first update
More informationTOWN OF WEST BROOKFIELD, MASSACHUSETTS MANAGEMENT LETTER FOR THE YEAR ENDED JUNE 30, 2007
TOWN OF WEST BROOKFIELD, MASSACHUSETTS MANAGEMENT LETTER FOR THE YEAR ENDED JUNE 30, 2007 To the Board of Selectmen Town of West Brookfield West Brookfield, Massachusetts Dear Members of the Board: In
More informationMinnesota State Colleges and Universities Identity Theft Prevention Program
Effective 3-18-09 Identity Theft Prevention Program 1 This is the Minnesota State Colleges and Universities Identity Theft Prevention Program, including more detailed guidelines. The initial Program was
More informationRed Flag Rule Procedures Under Princeton University s Identity Theft Prevention Program Effective: December 31, 2010
Red Flag Rule Procedures Under Princeton University s Identity Theft Prevention Program Effective: December 31, 2010 Princeton University employees are responsible for detecting Red Flags consistent with
More informationChristopher Newport University. Policy: Red Flag Identity Theft Identification and Prevention Program Policy Number: 3030
Christopher Newport University Policy: Red Flag Identity Theft Identification and Prevention Program Policy Number: 3030 Executive Oversight: Executive Vice President Contact Office: Comptroller s Office
More informationTREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION
TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION RECOVERY ACT The Internal Revenue Service Faces Significant Challenges in Verifying Eligibility for the September 29, 2009 Reference Number: 2009-41-144
More informationFebruary 5, 2014 Hearing with IRS Commissioner Koskinen
William C. Cobb President & CEO February 5, 2014 The Honorable Charles Boustany, Chairman The Honorable John Lewis, Ranking Member U.S. House of Representatives Committee on Ways & Means Subcommittee on
More informationAudit Report 2018-A-0001 City of Lake Worth Water Utility Services
PALM BEACH COUNTY John A. Carey Inspector General Inspector General Accredited Enhancing Public Trust in Government Audit Report City of Lake Worth Water Utility Services December 18, 2017 Insight Oversight
More informationWashington Association of Sewer and Water Districts (WASWD) IDENTITY THEFT PREVENTION PROGRAM
IDENTITY THEFT PREVENTION PROGRAM Note: This sample identity theft prevention program is for informational purposes only. It may not be suitable for your district depending on its size, complexity and
More informationUnited States Department of the Interior
United States Department of the Interior Office of Inspector General Washington, D.C. 20240 C-IN-BOR-0094-2002 February 21, 2003 Memorandum To: From: Subject: Commissioner, Bureau of Reclamation Roger
More informationUniversity of Cincinnati FACTA Red Flag Identity Theft Prevention Program
FACTA Red Flag Identity Theft Prevention Program FACTA Red Flag Policy Program, page 1 of 6 Contents Overview 3 Definition of Terms 3 Covered Accounts..3 List of Red Flags 3 Suspicious Documents...4 Suspicious
More informationIV:07:11 IDENTITY THEFT PREVENTION POLICY SECTION 1: BACKGROUND
IV:07:11 IDENTITY THEFT PREVENTION POLICY SECTION 1: BACKGROUND The risk to Volunteer State Community College ( College ) its faculty, staff, students and other applicable constituents from data loss and
More informationPreview of Observations from 2016 Inspections of Auditors of Issuers
Vol. 2017/4 November 2017 Staff Inspection Brief The staff of the Public Company Accounting Oversight Board ( PCAOB or Board ) prepares Staff Inspection Briefs ( Briefs ) to assist auditors, audit committees,
More informationREVENUE PROTECTION: Ongoing Problems with IRS Refund Fraud Programs Harm Taxpayers by Delaying Valid Refunds
MSP #16 REVENUE PROTECTION: Ongoing with IRS Refund Fraud Programs Harm Taxpayers by Delaying Valid Refunds RESPONSIBLE OFFICIALS Jodi Patterson, Director, Return Integrity and Correspondence Services
More informationIRS Funding Cuts Continue to Compromise Taxpayer Service and Weaken Enforcement By Chuck Marr, Joel Friedman, and Brandon DeBot 1
820 First Street NE, Suite 510 Washington, DC 20002 Tel: 202-408-1080 Fax: 202-408-1056 center@cbpp.org www.cbpp.org Updated April 1, 2015 IRS Funding Cuts Continue to Compromise Taxpayer Service and Weaken
More informationACTION: Final regulations and removal of temporary regulations.
This document is scheduled to be published in the Federal Register on 08/03/2018 and available online at https://federalregister.gov/d/2018-16717, and on govinfo.gov [4830-01-p] DEPARTMENT OF THE TREASURY
More informationCollege Savings Plans of Maryland
Audit Report College Savings Plans of Maryland July 2012 OFFICE OF LEGISLATIVE AUDITS DEPARTMENT OF LEGISLATIVE SERVICES MARYLAND GENERAL ASSEMBLY This report and any related follow-up correspondence are
More informationGeorgia Health Information Network, Inc. Georgia ConnectedCare Policies
Georgia Health Information Network, Inc. Georgia ConnectedCare Policies Version History Effective Date: August 28, 2013 Revision Date: August 2014 Originating Work Unit: Health Information Technology Health
More informationPCI Training. If your department processes credit card information, it is CRITICAL that you understand the importance of protecting this data.
PCI Training This training is to assist you in understanding the policies at Appalachian that govern credit card transactions and to meet the PCI DSS Standards for staff training to prevent identity theft.
More informationIdentity Theft Prevention Program Procedure
Identity Theft Prevention Program Procedure Procedure Number 9.6P Effective Date 6/16/2010 1.0 PURPOSE The college shall operate an Identity Theft Prevention Program (Appendix A) according to the written
More informationH 7789 S T A T E O F R H O D E I S L A N D
======== LC001 ======== 01 -- H S T A T E O F R H O D E I S L A N D IN GENERAL ASSEMBLY JANUARY SESSION, A.D. 01 A N A C T RELATING TO INSURANCE - INSURANCE DATA SECURITY ACT Introduced By: Representatives
More informationGAO. TAX ADMINISTRATION Information on Selected IRS Tax Enforcement and Collection Efforts. Testimony Before the Committee on Finance U.S.
GAO United States General Accounting Office Testimony Before the Committee on Finance U.S. Senate For Release on Delivery 10:00 a.m. EDT on Thursday, April 5, 2001 TAX ADMINISTRATION Information on Selected
More informationINTERNATIONAL PAPER COMPANY
INTERNATIONAL PAPER COMPANY AUDIT AND FINANCE COMMITTEE CHARTER (Amended and Restated as of December 12, 2017) Purpose and Role of Audit and Finance Committee The Audit and Finance Committee (the Committee
More informationSchedule of Federal Audit Findings and Questioned Costs
Schedule of Federal Audit Findings and Questioned Costs Riverside Fire Authority Lewis County January 1, 2009 through December 31, 2009 1. The Authority s internal controls are inadequate to ensure compliance
More informationStatement of Robert Ryan, Senior Director of Government Relations TransUnion, LLC. Before the. Subcommittee on Crime, Terrorism and Homeland Security
Statement of Robert Ryan, Senior Director of Government Relations TransUnion, LLC Before the Subcommittee on Crime, Terrorism and Homeland Security Of the Judiciary Committee HR 1731: The Identity Theft
More informationNEW YORK STATE DEPARTMENT OF FINANCIAL SERVICES PROPOSED 23 NYCRR 500 CYBERSECURITY REQUIREMENTS FOR FINANCIAL SERVICES COMPANIES
NEW YORK STATE DEPARTMENT OF FINANCIAL SERVICES PROPOSED 23 NYCRR 500 CYBERSECURITY REQUIREMENTS FOR FINANCIAL SERVICES COMPANIES I, Maria T. Vullo, Superintendent of Financial Services, pursuant to the
More informationState Department of Assessments and Taxation
Audit Report State Department of Assessments and Taxation February 2018 OFFICE OF LEGISLATIVE AUDITS DEPARTMENT OF LEGISLATIVE SERVICES MARYLAND GENERAL ASSEMBLY For further information concerning this
More informationOffice of the Clerk of Circuit Court Carroll County, Maryland
Audit Report Office of the Clerk of Circuit Court Carroll County, Maryland September 2011 OFFICE OF LEGISLATIVE AUDITS DEPARTMENT OF LEGISLATIVE SERVICES MARYLAND GENERAL ASSEMBLY This report and any related
More informationEveryone's at Risk - Combating the Increasing Threat of Identity Theft and Online Fraud. Capital of Texas Enrolled Agents CPE November 3, 2009
Everyone's at Risk - Combating the Increasing Threat of Identity Theft and Online Fraud Capital of Texas Enrolled Agents CPE November 3, 2009 When was the first significant instance of identity theft in
More informationIdentity Theft Prevention Program Lake Forest College Revision 1.0
Identity Theft Prevention Program Lake Forest College Revision 1.0 This document supersedes all previous identity theft prevention program documents. Approved and Adopted by: The Board of Directors Date:
More informationLA12-23 STATE OF NEVADA. Audit Report. Public Employees Benefits Program Legislative Auditor Carson City, Nevada
LA12-23 STATE OF NEVADA Audit Report Public Employees Benefits Program 2012 Legislative Auditor Carson City, Nevada Audit Highlights Highlights of Legislative Auditor report on the Public Employees Benefits
More informationComptroller of Maryland Revenue Administration Division
Audit Report Comptroller of Maryland Revenue Administration Division September 2016 OFFICE OF LEGISLATIVE AUDITS DEPARTMENT OF LEGISLATIVE SERVICES MARYLAND GENERAL ASSEMBLY For further information concerning
More informationTRAVELTOKENS SALE PRIVACY POLICY Last updated:
TRAVELTOKENS SALE PRIVACY POLICY Last updated: 23.11.2017 STATUS AND ACCEPTANCE OF PRIVACY POLICY 1. This Privacy Policy (hereinafter referred to as the Policy ) sets forth the general rules of Participant
More informationTitle Insurance and Settlement Company Best Practices
ALTA Best Practices Framework: Title Insurance and Settlement Company Best Practices Page 1 of 8 ALTA Best Practices Framework The ALTA Best Practices Framework has been developed to assist lenders in
More informationSOCIAL SECURITY ADMINISTRATION
SOCIAL SECURITY ADMINISTRATION Since 2001, the Administration: Improved productivity by 13.1 percent, enabling the agency to provide more accurate and a wider variety of services with fewer resources than
More informationAIMS COMMUNITY COLLEGE PROCEDURE IDENTITY THEFT PREVENTION - RED FLAG PROCEDURE
3-950A AIMS COMMUNITY COLLEGE PROCEDURE IDENTITY THEFT PREVENTION - RED FLAG PROCEDURE HISTORY In response to the growing threat of identity theft, the United States Congress passed the Fair and Accurate
More informationby: Stephen King, JD, AMLP
Community Bank Audit Group Compliance Management Structure / Compliance Risk Assessment June 2, 2014 by: Stephen King, JD, AMLP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS
More informationAudit Report 2018-A-0011 Town of Glen Ridge Revenue and Credit Cards
PALM BEACH COUNTY John A. Carey Inspector General Inspector General Accredited Enhancing Public Trust in Government Audit Report Town of Glen Ridge Revenue and Credit Cards July 16, 2018 Insight Oversight
More informationOffer in Compromise. Ley Mills COSS SL-Field. December 21, 2016
Offer in Compromise Ley Mills COSS SL-Field December 21, 2016 Offer in Compromise Pre-Qualifier Tool Good candidate? Reasonable offer amount? Use as guide for Doubt as to Collectibility offer 2 Offer in
More informationPolson/ Ronan Ambulance Service Identity Theft Prevention Program
Purpose Polson/ Ronan Ambulance is committed to providing all aspects of our service and conducting our business operations in compliance with all applicable laws and regulations. This policy sets forth
More informationPolicy Statement. Definitions -Covered Account -Identifying Information -Identity Theft -Red Flag
Page 1 Austin Peay State University Identity Theft Prevention POLICIES Issued: March 25, 2017 Responsible Official: Vice President for Finance and Administration Responsible Office: Information Technology
More informationIdentity Theft Prevention Program
Identity Theft Prevention Program In December 2008 the VSC Board of Trustees recognized that some activities of the VSC are subject to the provisions of the Fair and Accurate Credit Transactions Act (FACT
More informationIDENTITY THEFT DETECTION POLICY
IDENTITY THEFT DETECTION POLICY PC 6.9 Date of Last Update: May 05, 2009 Approved By: President's Cabinet Responsible Office: Business and Finance POLICY STATEMENT Grand Valley State University (GVSU)
More informationNEW CYBER RULES FOR NEW YORK-BASED BANKING, INSURANCE AND FINANCIAL SERVICE FIRMS HAVE FAR-REACHING EFFECTS
REGULATORY LAW ALERT JUNE 2017 NEW CYBER RULES FOR NEW YORK-BASED BANKING, INSURANCE AND FINANCIAL SERVICE FIRMS HAVE FAR-REACHING EFFECTS OVERVIEW In potentially the most significant state-level expansion
More informationTOWN OF SOUTHAMPTON, MASSACHUSETTS. Management Letter. For the Year Ended June 30, 2014
TOWN OF SOUTHAMPTON, MASSACHUSETTS Management Letter For the Year Ended June 30, 2014 TABLE OF CONTENTS INTRODUCTORY LETTER 1 PAGE CURRENT YEAR ISSUES 1. Improve Internal Controls Over Payroll Disbursements
More informationUniversity of Connecticut IDENTITY THEFT PREVENTION PROGRAM
University of Connecticut IDENTITY THEFT PREVENTION PROGRAM I. BACKGROUND II. III. IV. PURPOSE AND SCOPE DEFINITIONS IDENTIFICATION & DETECTION OF RED FLAGS V. APPROPRIATELY RESPONDING WHEN RED FLAGS ARE
More informationSouth Carolina General Assembly 122nd Session,
South Carolina General Assembly 122nd Session, 2017-2018 R184, H4655 STATUS INFORMATION General Bill Sponsors: Reps. Sandifer and Spires Document Path: l:\council\bills\nbd\11202cz18.docx Companion/Similar
More informationMiddlebury Institute of International Studies Identity Theft Prevention Program
Middlebury Institute of International Studies Identity Theft Prevention Program I. PROGRAM ADOPTION Middlebury Institute of International Studies, hereafter referred to as the Institute, has developed
More informationSussex Bank Online Banking Agreement. Our Agreement
Sussex Bank Online Banking Agreement Our Agreement This Online Banking Agreement and Disclosure Statement (the "Agreement") provides the terms and conditions governing the use of online banking service
More informationCounty of Chester Office of the Sheriff
County of Chester Office of the Sheriff Management Letter Margaret Reif, Controller To: Carolyn B. Welsh, Sheriff Introduction On June 4, 2018, Internal Audit completed an audit of the Office of the Sheriff
More informationGAO INTERNAL REVENUE SERVICE. Remaining Challenges to Achieve Lasting Financial Management Improvements
GAO United States General Accounting Office Testimony Before the Subcommittee on Government Management, Information and Technology, Committee on Government Reform and Oversight, House of Representatives
More informationData Security Addendum for inclusion in the Contract between George Mason University (the University ) and the Selected Firm/Vendor
Data Security Addendum for inclusion in the Contract between George Mason University (the University ) and the Selected Firm/Vendor This Addendum is applicable only in those situations where the Selected
More informationExtension of Time to File Certain Information Returns. SUMMARY: This document contains final and temporary regulations
This document is scheduled to be published in the Federal Register on 08/13/2015 and available online at http://federalregister.gov/a/2015-19932, and on FDsys.gov [4830-01-p] DEPARTMENT OF THE TREASURY
More informationAllegany County Public Schools
Financial Management Practices Audit Report Allegany County Public Schools January 2013 OFFICE OF LEGISLATIVE AUDITS DEPARTMENT OF LEGISLATIVE SERVICES MARYLAND GENERAL ASSEMBLY This report and any related
More informationStatewide Integrated Financial Tools (SWIFT) July 2011 through July 2012
This document is made available electronically by the Minnesota Legislative Reference Library as part of an ongoing digital archiving project. http://www.leg.state.mn.us/lrl/lrl.asp O L A OFFICE OF THE
More informationOFFICE OF THE CONTROLLER CITY OF PHILADELPHIA PENNSYLVANIA. Alan Butkovitz City Controller
OFFICE OF THE CONTROLLER CITY OF PHILADELPHIA PENNSYLVANIA REPORT ON INTERNAL CONTROL AND ON COMPLIANCE AND OTHER MATTERS FOR THE CITY OF PHILADELPHIA FISCAL 2006 Alan Butkovitz City Controller REPORT
More informationTempleton Municipal Light and Water Plant
Templeton Municipal Light and Water Plant RED FLAG POLICY 1. POLICY It is the policy of the Templeton Municipal Light and Water Plant (TMLWP) that information compiled on all customers and employees is
More informationDesigning Privacy Policies and Identifying Privacy Risks for Financial Institutions. June 2016
Designing Privacy Policies and Identifying Privacy Risks for Financial Institutions June 2016 Program Overview Regulatory Environment Who Needs a Privacy Program and Common Questions Components of a Comprehensive
More informationGAO TAX ADMINISTRATION. New Compliance Research Effort Is on Track, but Important Work Remains
GAO United States General Accounting Office Report to the Chairman and Ranking Minority Member, Committee on Finance, U.S. Senate June 2002 TAX ADMINISTRATION New Compliance Research Effort Is on Track,
More information1102 Longworth House Office Building 1102 Longworth House Office Building Washington, DC Washington, DC 20515
The Honorable Lynn Jenkins Chairwoman Ranking Member Subcommittee on Oversight Subcommittee on Oversight House Committee on Ways and Means House Committee on Ways and Means United States House of Representatives
More informationMaking the IRS Work. Jonathan B. Forman University of Oklahoma College of Law Roberta F. Mann University of Oregon School of Law
Making the IRS Work Jonathan B. Forman University of Oklahoma College of Law Roberta F. Mann University of Oregon School of Law Our Focus Our Paper considers how to redesign the federal tax system so that
More informationAUDIT AND FINANCE COMMITTEE Wednesday, June 17, 2009
Item: AF: A-1 AUDIT AND FINANCE COMMITTEE Wednesday, June 17, 2009 SUBJECT: REQUEST FOR APPROVAL OF FLORIDA ATLANTIC UNIVERSITY S IDENTITY THEFT PREVENTION PROGRAM. PROPOSED COMMITTEE ACTION Recommend
More informationMiddlebury College Identity Theft Prevention Program
Middlebury College Identity Theft Prevention Program I. PROGRAM ADOPTION Middlebury College has developed this Identity Theft Prevention Program ("Program") pursuant to the Federal Trade Commission's Red
More informationReport on Internal Control Over Statewide Financial Reporting. Year Ended June 30, 2011
O L A OFFICE OF THE LEGISLATIVE AUDITOR STATE OF MINNESOTA FINANCIAL AUDIT DIVISION REPORT Report on Internal Control Over Statewide Financial Reporting Year Ended June 30, 2011 February 16, 2012 Report
More informationLIST OF SUBSTANTIVE CHANGES AND ADDITIONS. PPC s Guide to Dealing with the IRS. Twenty-fourth Edition (June 2016)
LIST OF SUBSTANTIVE CHANGES AND ADDITIONS PPC s Guide to Dealing with the IRS Twenty-fourth Edition (June 2016) The following are some of the features of this year s update of PPC s Guide to dealing with
More informationTestimony. Submitted for the Record. American Bankers Association. Financial Institutions and Consumer Credit Subcommittee
Testimony Submitted for the Record from the American Bankers Association for the Financial Institutions and Consumer Credit Subcommittee of the Committee on Financial Services United States House of Representatives
More informationAUDIT UNDP COUNTRY OFFICE AFGHANISTAN FINANCIAL MANAGEMENT. Report No Issue Date: 10 December 2013
UNITED NATIONS DEVELOPMENT PROGRAMME AUDIT OF UNDP COUNTRY OFFICE IN AFGHANISTAN FINANCIAL MANAGEMENT Report No. 1233 Issue Date: 10 December 2013 Table of Contents Executive Summary i I. Introduction
More informationMecklenburg County Department of Internal Audit. Office of Tax Collector Cash Collection Audit Report 1562
Mecklenburg County Department of Internal Audit Office of Tax Collector Cash Collection Audit Report 1562 July 6, 2016 Internal Audit s Mission Internal Audit Contacts Staff Acknowledgements Obtaining
More informationFebruary 2016 Recommendations
February 2016 Recommendations We conducted our audits in accordance with the Auditor General Act and the standards for assurance engagements as set out in the CPA Canada Handbook Assurance. This report
More informationReporting on Internal Control in an Integrated Audit
1 Reporting on Internal Control in an Integrated Audit I. Internal Control This section presents the AICPA's attestation standards related to reporting on internal control over financial reporting in an
More informationDepartment of Budget and Management Office of Personnel Services and Benefits
Audit Report Department of Budget and Management Office of Personnel Services and Benefits December 2011 OFFICE OF LEGISLATIVE AUDITS DEPARTMENT OF LEGISLATIVE SERVICES MARYLAND GENERAL ASSEMBLY This report
More informationLexisNexis Developing an Effective Red Flags Rule Program
LexisNexis Developing an Effective Red Flags Rule Program Program Checklist R O I : R E T U R N O N I N F O R M AT I O N S O LU T I O N S Customer Development Authentication & Screening Fraud Prevention
More informationDepartment of Commerce. July 1, 2007, through March 31, 2010
O L A OFFICE OF THE LEGISLATIVE AUDITOR STATE OF MINNESOTA FINANCIAL AUDIT DIVISION REPORT Department of Commerce Internal Control and Compliance Audit July 1, 2007, through March 31, 2010 December 9,
More informationEXCEL FEDERAL CREDIT UNION S Online Banking External Transfer Authorization and Service Agreement
EXCEL FEDERAL CREDIT UNION S Online Banking External Transfer Authorization and Service Agreement This Online Banking External Transfer Authorization and Service Agreement ( Agreement ) states the terms
More informationInformation sharing between Inland Revenue and the
Information sharing between Inland Revenue and the Ministry of Social Development A Government discussion document Hon Anne Tolley Minister for Social Development Hon Michael Woodhouse Minister of Revenue
More informationTaking care of what s important to you
A v i v a C a n a d a I n c. P r i v a c y P o l i c y Taking care of what s important to you Table of Contents Introduction Privacy in Canada Definition of Personal Information Privacy Policy: the ten
More informationFISMA CALIFORNIA STATE UNIVERSITY, CHANNEL ISLANDS. Report Number July 20, 2004
FISMA CALIFORNIA STATE UNIVERSITY, CHANNEL ISLANDS Report Number 03-12 July 20, 2004 Members, Committee on Audit Anthony M. Vitti, Chair Roberta Achtenberg, Vice Chair Herbert L. Carter Moctesuma Esparza
More informationCombating ID Theft with the Help of Payroll Professionals
PENNSYLVANIA STATEWIDE PAYROLL CONFERENCE Indiana University Of Pennsylvania Philip G. Yamalis Senior Stakeholder Liaison October 7, 2016 Future State Resources for Payroll Professionals Combating ID Theft
More informationPrivacy and Security Standards
Contents Privacy and Security Standards... 3 Introduction... 3 Course Objectives... 3 Privacy vs. Security... 4 Definition of Personally Identifiable Information... 4 Agent and Broker Handling of Federal
More informationOffice of Public and Indian Housing Real Estate Assessment Center, Washington, DC
Office of Public and Indian Housing Real Estate Assessment Center, Washington, DC Physical Inspection Operations Division Office of Audit, Region 6 Fort Worth, TX Audit Report Number: 2018-FW-0003 August
More informationNEVADA SYSTEM OF HIGHER EDUCATION PROCEDURES AND GUIDELINES MANUAL CHAPTER 13 IDENTITY THEFT PREVENTION PROGRAM (RED FLAG RULES)
NEVADA SYSTEM OF HIGHER EDUCATION PROCEDURES AND GUIDELINES MANUAL CHAPTER 13 IDENTITY THEFT PREVENTION PROGRAM (RED FLAG RULES) Section 1. NSHE... 2 Section 2. UNR... 4 Section 3. WNC... 8 Chapter 13,
More information