Close Close
Popular Financial Topics Discover relevant content from across the suite of ALM legal publications From the Industry More content from ThinkAdvisor and select sponsors Investment Advisor Issue Gallery Read digital editions of Investment Advisor Magazine Tax Facts Get clear, current, and reliable answers to pressing tax questions
Luminaries Awards

Regulation and Compliance > Federal Regulation > IRS

IRS watchdog finds PPACA problems

Your article was successfully shared with the contacts you provided.

The teams helping the Internal Revenue Service implement new health law programs need to pay more attention to security configuration control settings.

Alan Duncan, an assistant inspector general at the office of the Treasury Inspector General for Tax Administration, and other office officials have given that assessment in a final audit report on the IRS information technology program.

The Patient Protection and Affordable Care Act requires the IRS to help with activities such as verifying the income and family size of exchange plan applicants, and to help with providing a new premium tax credit for some middle-income health insurance buyers.

In August 2013, the IRS had 292 employees in its PPACA program management office. In fiscal year 2013, which ended Sept. 30, that office had a budget of about $97 million, or about 4 percent of total IRS information technology organization spending.

Investigators often find problems with improper security configuration control settings at the IRS, Duncan and colleagues write in their report.

Investigators found configuration control setting problems when they looked at the PPACA premium tax credit program and also at two other, unrelated programs – a Treasury Internet Connections initiative and a project that would allow several virtual servers to run on one computer.

One top priority for the IRS PPACA premium tax credit team is to stick to “important systems development controls for configuration and change management,” officials said.

The team also has to do a better job of sticking to systems development controls for fraud detection and mitigation, officials said.

The IRS PPACA family information verification program team should come up with a better process for sticking to configuration management guidelines when baseline requirements change, and it also has to do a better job of communicating PPACA program configuration control board emergency meeting processes, officials said.

See also:


© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.