Accessibility Skip to Top Navigation Skip to Main Content Home  |  Contact IRS  |  About IRS  |  Site Map  |  Español  |  Help  

Advanced Search   Search Tips

Change Management Tracking System

 

Privacy Impact Assessment – Change Management Tracking System (CMTS)

CMTS System Overview:

CMTS is a configuration change management tool used to control and manage changes to routers and switches on the IRS Infrastructure Backbone. Changes to routers and switches on other network monitoring and support systems are also processed via the CMTS application. CMTS consists of a database which maintains change requests in a ticket format.  The CMTS application contains detailed configuration change requests information (both routine and emergency) and is used to track both management review/approval and implementation status. The CMTS application is accessed via the Network Management Control Center (NMCC) web site at http://nmc.no.irs.gov/. Only authorized IRS employees and contractors can access the CMTS application.

Systems of Records Number: 

Treasury/IRS 34.037 – IRS Audit Trail and Security Records System

Data in the System

1. Describe the information (data elements and fields) available in the system in the following categories:
A. Taxpayer
B. Employee
C. Audit Trail Information (including employee log-in info)
D. Other (Describe)

A.  The CMTS system does not contain taxpayer data.

B. Employee information contained in CMTS consists of First name, last name, telephone number, office location, e-mail address, user ID, and password.

C. CMTS does not have the capability to support auditing functionality itself, instead, Modernization and Information Technology Services - 14 (MITS-14) General Support System (GSS) auditing captures user log on/off activities.  Altiris, a security audit and compliance product, monitors the system log, security log, and application log.  Audit record content includes:
1.  date and time of the event;
2.  the component of the information system (e.g., software component, hardware component) where the event occurred;
3.  type of event;
4.  individual requesting the change; and
5.  the outcome (success or failure) of the event.

D. Change request ticket number and date of change request

2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.
A. IRS
B. Taxpayer
C. Employee
D. Other Federal Agencies (List agency)
E. State and Local Agencies (List agency)
F. Other third party sources (Describe)

A.  Not applicable.  CMTS does not have information flowing to or from other systems. All data is manually entered into the application.

B.  Not applicable.

C.  First name, Last Name, Telephone Number, Office Location, e-mail Address, and request information are entered manually into CMTS by users / employees.  Manual checks are performed by both employees and supervisors to ensure the data is correctly and accurately entered into CMTS.  User IDs are uniquely assigned to individual persons and are not shared.

D.  Not Applicable.
E.  Not Applicable.
F.  Not Applicable.

3. Is each data item required for the business purpose of the system?  Explain.

Yes.  First name, Last Name, Telephone Number, Office Location and e-mail Address information is kept in order to allow others to contact the Requestors, Validators and Approvers if there are questions relating to the a specific request.  This information is needed for System Administrators for changes to be implemented or if there are questions relating the CMTS system. 

4. How will each data item be verified for accuracy, timeliness, and completeness?

First name, Last Name, Telephone Number, Office Location, e-mail Address, and request information are verified by the Validator and then again by the Approver.  They make sure that the information is appropriate and sufficient. 

The information is then reviewed by the Approver to verify that the information is correct.

The CMTS application provides an array of input validation to ensure the accuracy, completeness, and validity of data being entered into the application.  First, CMTS checks to ensure that all data entered into the input screens are complete.  If any required data is missing, the empty input fields are marked with “???” to indicate incomplete data. Next, the input is checked for validity.  The size of the input fields is  constrained to the size of the field in the database. Therefore, there is no potential for an overflow of data since the field sizes in the database have been restricted.  Furthermore, data is checked to ensure it is the proper data type.  For example, the application will return an error if a telephone number is not in numeric format.  Then, logic checks are performed to ensure the data is accurate. Users are not allowed to proceed unless all errors have been corrected.

Date Format Validation
All dates must be entered in the mm/dd/yyyy format. Only the numbers are entered; the system generates the “/” when the record is saved. A four digit year must be entered.  The format of the date is validated in CMTS.

Another layer of validation is performed in the back end by using DB2’s CheckData utility, which runs through all tables to check for referential integrity. 

Since all data is entered manually into CMTS by Operators and Area, Campus or Computing Center employees, manual checks are performed by both Validators and Approvers to ensure the data is correctly and accurately entered into CMTS.

5. Is there another source for the data?  Explain how that source is or is not used.

CMTS does not have information flowing to or from other systems. All data is manually entered into the application either by the Requestor, by the CMTS Operators, or Docket Room employees.

6. Generally, how will data be retrieved by the user? 

CMTS access is only granted to those who have a User ID and password.  The Resource Access Control Facility (RACF) ensures that each user has a unique user ID and password.

Within the Change Management Procedure are several specific roles.  Users of the CMTS will fill these roles according to the types of Change Requests submitted to the system.

Requestors, Validators, Approvers, and Implementors may search the CMTS database by accessing the CMTS system, and choosing one of the following menu items:

* New Change Request – Enables Requestors to submit a New Change Request to CMTS.  New Change Request must follow the process outlined in the Change Management Procedure and requires prior approval.  It is anticipated that the approval process be conducted within 3 working days of request submission.

* View My Change Requests – Provides a menu for Requestors to review the Change Requests they have submitted.  The Requestor will have read-write access to their ticket up until the Validator makes their decision.  After the Validator has submitted their section, the original request becomes read-only for the Requestor.

* List of Change Requests Not Yet Approved - Provides the user (Validator, Approver, or Implementor) read-write access to the “Not Yet Approved” section of the Change Requests.

* View All Change Requests – Enables users (Validators, Approvers, or Implementors) to review the status of all Change Requests submitted.  Users have read-only access, but they will be able to view the progress of all requests.

* Near-Term Implementation Schedule – Enables users (Validators, Approvers, or Implementors) to review the status of all Change Requests near implementation. Incomplete tickets scheduled before today and Tickets to be implemented in the coming 7 days.

* Search Change Requests - Enables users (Validators, Approvers, or Implementors) to perform specific searches on CMTS data.  Searches may be by keyword, ticket number, status of ticket, or date range.

7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier? 

No.  There is no way to retrieve information using any personal identifier in CMTS.  Change requests are accessed by keyword, ticket number, status of ticket, or date range only. 

Access to the Data

8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?

CMTS contains several different user access levels; each level has different limitations and capabilities.  Specifically, a user’s level of access depicts what screens a user can view as well as their ability to update and modify data within those screens.  A user’s level of responsibility dictates what access level he/she is granted.

A Requestor is any user with access to the CMTS who identifies a change and submits a Change Request.  Any user of the NMCC Web Site can submit a Change Request to CMTS. 

The Validator is an Area, Campus, or Computing Center representative with authority to make decisions about the network.  The Validator will be chosen based on the location on the network where the change is requested.  The Validator will make recommendations to the Approver as to whether the change should be made. Validation is the first step in the Approval process.  The Validator must complete their assessment and communicate with the final Approver.

The Approver is a member of the NMCC management staff with authority to make decisions about the network.  The Approver will work with the Validator to approve the Change Request. 

The Implementor is a user that is capable of making a network change.  The Requestor may be the Implementor of their own change, or the Validator and Approver may select another technician.

The CMTS Administrator is a member of the NMCC staff who maintains the CMTS.  The CMTS Administrator will handle the administrative tasks associated with keeping the CMTS database.  The CMTS Administrator has no authority for approving requests or implementing changes and is not responsible for coordinating changes, or scheduling activities.

Contractors have access to the CMTS system in the roles of  Requestor, Validator, Administrator, and Developer.

9. How is access to the data by a user determined and by whom? 

RACF ensures that each user has a unique user ID and password which is only granted by going through the 5081 process and receiving authorization from his/her manager.  Once approved through the appropriate channels, the 5081 system sends an automatically generated message to the user.  Once the user signs acceptance within the 5081 system, the 5081 system provides the user with the password. In addition, the profile of the user based on his/her RACF user ID is created in CMTS by the CMTS Administrator.  RACF allows access to the mainframe but the CMTS profile is needed to allow access to CMTS.  After 30 days of inactivity, RACF locks the user out and after 90 days the user’s RACF account is removed.   When the user’s RACF account is removed, the user would have to go through the 5081 process again to regain access.

If a user has miskeyed their password, a call may be placed to the Enterprise Computer Center (ECC) - Detroit help desk.  The help desk has the authority to RESUME a user’s password without changing the password (assuming the user knows their password).  This will allow the user to access the system if the password they enter matches the password in the RACF database.

If a user forgets his/her password, he/she can contact an Administrator who will issue them a default password and upon entering the application the user will be prompted to change his/her password to one of his/her choosing. 

If a user claims his/her account has been compromised an Administrator will enter the table records and delete the user ID.  The Administrator would then call security in the ECC - Detroit.  The user would be issued a new user ID and password through the 5081 process. 

Contractors hold Requestor Validator, Administrator, and Developer roles within CMTS.  All contractors with access to the CMTS system must attain National Agency Check with Law and Credit Investigation for Moderate Risk Contractor Position clearances.

10. Do other IRS systems provide, receive, or share data in the system?  If YES, list the system(s) and describe which data is shared.  If NO, continue to Question 12.

CMTS functions as a predominately online application that resides on the Modernization and Information Technology Services - 14 (MITS-14) General Support System (GSS) and relies on it for infrastructure security controls.  However, it does not maintain an application interconnection with this GSS nor does it process data to or from MITS-14.

Access to the CMTS is through the Network Management Control Center (NMCC) Web Site.  Registration to use the Web Site is required for access to the CMTS. 

Again, there are no interconnections between CMTS and other IRS owned systems or external systems.

11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment?  Not applicable.

12.  Will other agencies provide, receive, or share data in any form with this system?

No.  No other agencies provide, receive or share data in any form with CMTS.

Administrative Controls of Data

13.  What are the procedures for eliminating the data at the end of the retention period?

Active information is kept indefinitely.  There is no set time for destruction of active files at this time.  Inactive Back-up information is destroyed after 3-5 years as directed by IRM 2.7.4, Management of Magnetic Media (Purging of Sensitive But Unclassified (SBU) Data and Destruction of Computer Media), which provides those procedures used for sanitizing electronic media for reuse (e.g., overwriting) and for controlled storage, handling, or destruction of spoiled media or media that cannot be effectively sanitized for reuse (e.g., degaussing). 

14.  Will this system use technology in a new way?  If "YES" describe.  If "NO" go to Question 15. No.

15.  Will this system be used to identify or locate individuals or groups?  If so, describe the business purpose for this capability.

Yes.  The system may be used to identify and locate Requestors, Validators and Approvers if there are questions relating to a specific request.  System Administrators can also be identified in order to implement changes to CMTS or if there are questions relating to the CMTS system.

16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring.

No.  CMTS itself has no tool by which to monitor individuals or groups.  However, as with all Network Management Control Center (NMCC) Web Sites, system monitoring of inappropriate or unusual activity is reported to management, local security personnel, and the Computer Security Incident Response Capability (CSIRC).  CSIRC which is part of the MITS-14 System. 

17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently?  Explain.

The system is used only to process and track change requests.  There is no way to differentiate between users within their level of access.

18.  Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action?

If the Requestor enters incorrect information, the Approver can make a change on behalf of that user. The system itself does not make any determinations. 

If a Requestor claims his/her account has been compromised, an Administrator will enter the table records and delete the user ID.  The Administrator would then call security in the ECC - Detroit.  The user would be issued a new user ID and password through the 5081 process.  
 
19.  If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors?

No persistent cookies or other tracking devices are used to identify web visitors.