Accessibility Skip to Top Navigation Skip to Main Content Home  |  Change Text Size  |  Contact IRS  |  About IRS  |  Site Map  |  Español  |  Help  
magnifying glass
Advanced Search   Search Tips

Bonus Pool Support Center

 

Privacy Impact Assessment - Bonus Pool Support Center

System Overview

Allow input of initial ratings for managers in the payband system; allow for review of initial ratings and input of final ratings and additional bonus shares; allow for Performance Review Boards (PRBs) to review bonus share allocations; and allow for Human Resource Organizations (HRs) to review rating distributions. Final data may be uploaded to the Treasury Integrated Management Information System (TIMIS) and the Totally Automated Personnel System (TAPS).

Systems of Records

Treasury/IRS 36.003 General Personnel and Payroll Records
Treasury/IRS 34.037 IRS Audit Trail and Security Records System

Data in the System

1. Describe the information (data elements and fields) available in the system in the following categories:

A. Taxpayer - none.
B. Employee - Org TIMIS, SSN, SEID, LOGON, NAME (F,MI,L), PAY PLAN, GRADE, STEP, PRIOR YEAR RATING W/DATE, CURRENT INITIAL RATING, CURRENT APPROVED RATING W/TO-FROM DATE, BONUS AMOUNT, REQUIRED BONUS SHARES, ADDITIONAL BONUS SHARES, SALARY W/WO LOCALITY PAY, SALARY RATE,  STATE, COUNTY, & CITY CODES & NAMES, MANAGER SEID, MANAGER SSN.

Except for those managers at the top and bottom levels of the Management hierarchy all managers will be raters and reviewing officials. Thus the SSN is needed for rating selection and the SEID is needed for the proposed future e-mail option.  (Will determine who rates the individual.)   SSNs insure that we have the correct employee. SSN is a unique identifier as retrieved from the TIMIS & TAPS files. We have found cases where employees do not have an SEID.  We have discovered that some employees do not have SEID, for reasons we cannot discern.  SEIDs may be used later for e-mail address selection from the Discovery Directory.  Eventually, this system may be manually updated to account for any lag in the processing system. That is, managers who have made a transition to a new position, but that action is not completed at the time of the download, may be changed in the system for purposes of recording the rating/reviewing data.  The additional fields are all used for identification and or calculations within the program. TEMPORARY PROMOTION NTE DATE.

C. Audit Trail Information (including employee log-in info) - User NTLogon is used for access control.

D. Other (Describe) - none.

2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.

A. IRS - Organizational titles and numbers from TIMIS & TAPS downloads.
B. Taxpayer - none.
C. Employee - Information about individuals will come from TIMIS & TAPS.
D. Other Federal Agencies (List agency) - none.
E. State and Local Agencies (List agency) - none.
F. Other third party sources (Describe) - none.

3.  Is each data item required for the business purpose of the system?  Explain.

Yes. Identification and relationships.  Raters will only see employees they are authorized to rate. Same applies to reviewers and Organizational managers and executives.

4. How will each data item be verified for accuracy, timeliness, and completeness?

Information comes from TIMIS & TAPS and will be the most current information available. Some fields, ‘rating’ & ‘bonus shares’ are input as part of the process. Other fields, ‘bonus’ & ‘rating points’ are calculated. Base information comes from the sources listed above.

5. Is there another source for the data?  Explain how that source is or is not used.  No.

6. Generally, how will data be retrieved by the user? 

Downloads will be manually accomplished by organization until a programming effort can create an automated system.  The manager’s SEID determines the organizational employees who are listed as his/her subordinates, and thus the people eligible for his/her rating.  Static database created from TIMIS & TAPS downloads. Users will access program via Intranet within the IRS Firewall

7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier? 

Yes.  Raters will only see employees they are authorized to rate. Same applies to reviewers and Organizational managers and executives.  NTLogon will be matched to the users’ SSN.  The SSN is needed to validate the user in the database and ensure proper access to only that information that the user should have access to. This also adds the additional security level of the IRS systems in that the user must have used their NTLogon and Password to access the system.  SSN is a unique identifier as retrieved from the TIMIS & TAPS files. We have found cases where employees do not have an SEID.   NT-Logon will be used to verify that this is an appropriate user since it is matched with a password to get into the IRS system.

Access to the Data

8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?

Rating Officials, Reviewing Officials, Members of Performance Review Boards, & selected Human Resources employees.

9. How is access to the data by a user determined and by whom? 

By the program manager based on need to know/use. (Bobbie Kelly is the responsible executive- she is the Director, Personnel Policy for Strategic Human Resources).  Raters will only see employees they are authorized to rate. Same applies to reviewers and Organizational managers and executives.

10. Do other IRS systems provide, receive, or share data in the system?  If YES, list the system(s) and describe which data is shared.  If NO, continue to Question 12.

It is anticipated that finalized data from this database may be uploaded to TIMIS & TAPS. Data shared would be the ‘Ratings’, ‘Rating Dates’, & ‘Bonus amounts’. As of now, it will remain in the Bonus Pool system.

11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment?  Yes.

12.  Will other agencies provide, receive, or share data in any form with this system?

No other agencies including OPM, TIGTA, GAO, or LR/NTEU get the data.   At this time, this information will only be used to validate the Management Bonus Pool. It is envisioned that the information may be used to automate the input of the data to TIMIS and/or HRConnect. The program will not retrieve any information from the above organizations.

Administrative Controls of Data

13.  What are the procedures for eliminating the data at the end of the retention period?

Deletion of the database as required by the program manager and any downstream processing requirements.  Procedures have not been established at this time.  This is an interim system for the distribution of bonus shares to managers. Once this is completed and the information is electronically transferred to HRConnect etc. the data will be deleted from the Bonus Pool system   The Bonus Pool Support System is this project. Its purpose is to ensure the correct distribution of awards.

14.  Will this system use technology in a new way?  If "YES" describe.  If "NO" go to Question 15. 

No, but it may be new to the IRS.  Performance support systems are evolving in the IRS (i.e. Mandatory Briefings, Succession Planning, & Paybanding for examples) but not all employees have been exposed to them yet.

15.  Will this system be used to identify or locate individuals or groups?  If so, describe the business purpose for this capability.

Rated Managers will be identified by their relationship to their rating manager.  For rating and review process only the appropriate managers will see employee information.  Also, an organizational structure with organization names will be used.

16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring.

For purposes of reviewing ratings and bonus shares only. Access is controlled by SSN, which is how employees are identified for access control within the database.  NTLogon, and access level settings.

17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently?  Explain.

No, the system makes no determinations.  However, employees may receive different ratings based on their performance.  Therefore, raters will only see employees they are authorized to rate. Same applies to reviewers and organizational managers and executives.

18.  Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action?

N/A. This program only supports the current rating system.  The system does not change the employee’s right to dispute ratings through existing channels.

19.  If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors?

No, session cookies only. If there is not an NTLogon in the server variables, a session variable is set on the server. This is deleted at the end of the session.
 


Page Last Reviewed or Updated: November 03, 2004