Accessibility Skip to Top Navigation Skip to Main Content Home  |  Change Text Size  |  Contact IRS  |  About IRS  |  Site Map  |  Español  |  Help  
magnifying glass
Advanced Search   Search Tips

CFO Audit management System

 

Privacy Impact Assessment - Chief Financial Office Audit Management System (CFO-AMS)

CFO-AMS System Overview

The Office of Unpaid Assessment Analysis under the Chief Financial Officer (CFO) is responsible for analyzing and reporting on the entire unpaid assessments for the IRS.  This includes reporting on the operational aspects of this inventory, determining how to report this inventory for financial statements, determining systemic and procedural problems that may affect the accuracy of this information, and preparing and sending a Congressional requested report of all taxpayers who owe $10 million or more.

To do this, the Office of Unpaid Assessment Analysis relies on the summary level reports (no taxpayer identifying information) and the detailed unpaid assessment records (with taxpayer identifying information) that make up the reports that Information Services creates at Martinsburg as part of the Accounts Receivable Management Information System (AR/MIS).

The Office of Unpaid Assessment Analysis is developing a management information system that will interface XXXXXXXXXXXXXXXXXXXXXXXXXXX and the XXXXXXX XXXXXXXXXXXXX in Compliance Research to download and store both summary level reports, and detailed taxpayer specific data from the series of management information reports that we extract from the master files.
 
Data in the System

Question 1. Generally describe the information to be used in each of the following categories:

Taxpayer:  To further analyze this inventory, and to deal with the sampled cases selected by the General Accounting Office during our fiscal year financial statement audits, the Office of Unpaid Assessment Analysis must also deal with live taxpayer specific data.  Currently, the master file extracts of live taxpayer data are downloaded, stored and controlled by analysts in the Kansas City Service Center.  These downloaded files contain the taxpayer’s identification numbers, the Master File Tax code (MFT), tax periods, and more than 50 summarized data fields from the master file.  They do not however include the taxpayer’s names or addresses. These files are used to control cases during analyses, and during the financial audits.  To fully analyze these cases we require actual master file transcripts, we order actual tax returns, and the three analysts perform Integrated Data Retrieval System (IDRS) research in Kansas City.  We rely on the existing controls in place in the service centers to control access to the taxpayers’ information, and to protect taxpayer privacy.  The Office of Disclosure is involved in the audit process and has authorized the pulling and sharing of this data with the General Accounting Office.

The remaining National Office analysts in the Office of Unpaid Assessment Analysis must also interact and analyze the control files that contain taxpayer identification numbers.  CAMS (CFO Audit Management System) will control this data using the XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.  The system will use discretionary access control access to resources.  

Employee:   There is no employee data on the system.
 
Other: The information that we will house on CAMS is summary level data and reports that come from the Accounts Receivable Management Information System (AR/MIS). The data in AR/MIS is extracted monthly from the individual master file (IMF), the Business Master File (BMF), the Individual Retirement Account File (IRAF), and the automated non-master file (NMF).  The monthly Accounts Receivable Dollar Inventory (ARD)I record created represents a snapshot of the debit module balances that exist on each of these master files, and cannot be modified or changed.  We use this data to report on our operational inventory of assessments for compliance purposes, and for preparing our financial statements.   We will be extracting and analyzing this non-taxpayer specific data from both the reports created at Martinsburg Computing Center (MCC), and the data that resides in the Compliance Data Warehouse (CDW) in Compliance Research.

Question 2: What are the sources of the information in the system?

We will be extracting the Unpaid Assessment data from both the Accounts Receivable Management Information System (AR/MIS) at MCC, and the same data loaded into the Compliance Data Warehouse in Compliance Research.

a. What IRS files and databases are used?

The ARDI (Accounts Receivable Dollar Inventory) data in AR/MIS is extracted monthly from the Individual Master file (IMF), the Business Master File (BMF), the Individual Retirement Account File (IRAF), and the automated Non-Master File (NMF).  The primary files used are fixed formatted .PRN files that get loaded into Lotus spreadsheets.

b. What Federal Agencies are providing data for use in the system?  None

c. What State and Local Agencies are providing data for use in the system?
None

d. From what other third party sources will data be collected?  None

e. What information will be collected from the taxpayer/employee?  None

3.a.b.c. 
a. How will data collected from sources other than IRS records and the taxpayer be verified for accuracy? b. How will data be checked for completeness? c. Is the data current? How do you know?

a. The ARDI records that are used for analysis are direct sub sets of the actual Masterfile. The information provided is in the form of an aggregate sample. When these data are analyzed during the audit the analyst of the Office of Unpaid Assessment Analysis verifies it for accuracy.

b. The data is checked for accuracy during the time it is entered into the various Masterfiles (Non-Masterfile, the Individual Masterfile, the Business, and the Individual Retirement Account Fund) throughout the Campuses. When samples from the Masterfile are downloaded to CAMS the data is already checked.

c. Whether the data is current is irrelevant because 1. CAMS is a analytical tool. 2. When a sample is generated the date we use to pull our sample may be a date that is one to fifteen years old. That is the main reason that we sample data in an aggregate form. Our office disputes the findings of the General Accounting Office by going over case files pulled from the sample aggregate and mitigating or eliminating unclear findings during the audit of the IRSs Custodial Financial Statement. Thereby, verifying the accuracy of the Masterfile system to the General Accounting Office.
 
4. Are the data elements described in detail and documented?  If yes, what is the name of the document?

Yes, the entire AR/MIS system and its routines are fully documented in the following Program Requirements Package (PRP):

Project Name: ARDI/Financial MIS Extracts and Reports

IMF -   Project No. 713 PRP 480 Section 95;
BMF -  Project No. 713 PRP 180 Section 15;
ANMF - Project No. 713 PRP 180 Section 287; and
IRAF - Project No. 713 PRP

These PRPs are maintained and managed by the Financial MIS Section IS:AD:CC:I:BJ in the Information Systems Division.

Access to the Data

Question 1. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Other)?

Access to the CAMS system will be limited to the immediate staff of the Office of Unpaid Assessment Analysis and several programmers in MITS. This will include, the Director, analysts in the National Office, several National Office analysts with Post of Duty at the Kansas City Service Center, and the systems administrator.

Question 2. How is access to the data by a user determined?  Are criteria, procedures, controls, and responsibilities regarding access documented?

The Director, Office of Unpaid Assessment Analysis has the final approval of personnel accessing the system. The procedure for a users requesting access to the system is to submit a Form 5081 to the Office of Unpaid Assessment Analysis. The 5081 is checked by the Director of Unpaid Assessment Analysis to ensure a background investigation has at least been initiated. After he/she approves the request, the Form 5081 is forwarded to the systems administrator. The systems administrator then grants the user access to the requested resource and files the Form 5081.
 
Question 3. Will users have access to all data on the system or will the user’s access be restricted?  Explain.

All employees in this section will initially have access to all data to perform their required assignments.  Since each analyst will have their own individual logins and passwords to log into the domain, employees can be profiled with specific read, write, and execute permissions. The Director, Office of Unpaid Assessment Analysis determines who has access to CAMS and what level of access. The average user for CAMS will be given default directory access to the FTP directory, where he or she can upload and download files.

Question 4. What controls are in place to prevent the misuse (e.g. browsing of data by those having access?)

In general, while there are taxpayer identification numbers on some of the files that the analysts will be required to analyze, because the records do not have taxpayer names and addresses on the files, the employees would need to make additional IDRS or master file inquiries to identify an individual taxpayer.  Since only the analyst in the Kansas City Service Center have access to IDRS and can generate master file transcripts, the manager in that area can control what information is being requested and for what reasons.  There are also adequate controls built into IDRS to detect browsing. The file extracts and sampled case files then serve as the control for showing why a taxpayer account was accessed and reviewed. As with all of IRS’s systems that house sensitive data  unauthorized browsing of sensitive information is strictly prohibited and fall under the guidelines of UNAX.
 

Question 5. a.  Do other systems share data or have access to data in this system?  If yes, explain.

Enterprise System Administrators can access the data once it has been loaded into our system. However they must observe the guidelines the local system administrator has to follow to protect privacy data. As discussed above we are extracting the data that will go into this system from both the Accounts Receivable Management Information System (AR/MIS) at XXXX, and the data that has been loaded into the Compliance Data Warehouse in Compliance Research. The systems administrator can audit actions of the user through XXXXXXXXXXX  XXXXXXXXXXXXXXXXXXXXXXXXXXX. Also, auditing can set for individual resources through the properties menu. 

b.  Who will be responsible for protecting the privacy rights of the taxpayers and employees affected by the interface?

The Office Director will be responsible for protecting the privacy rights of the taxpayers and employees using the guidelines documented and covered with each employee in Document 10280, Safeguarding Taxpayer Records, in Document 9936, the Manager’s Guide to Promoting Workplace Security, and in the IRS Computer Security document.

Question 6. a.  Will other agencies share data or have access to data in this system (International, Federal, State, Local, Other)?

At certain times of the year the selected members of the General Accounting Office will have access to the system. Before the receive access to CAMS they would have to submit a 5081 to the Office of Unpaid Assessment Analysis. 

b. How will the data be used by the agency? 

The data may be used in conjunction with the audit of the IRSs Custodial Financial Statements being conducted by the General Accounting Office

c. Who is responsible for assuring proper use of the data?

While other agencies or users may have direct access to this data and system, the Director is responsible for ensuring that any data that is provided by the analysts in the Office of Unpaid Assessment Analysis using this data and system are authorized to receive it under IRC 6103.

d. How will the system ensure that agencies only get the information they are entitled to under IRC 6103?

While no other agency or users have direct access to this data and system, the Director of Unpaid Assessment Analysis is responsible for ensuring that any data that is provided by the analysts to other agencies have been approved and authorized by the Office of Disclosure under direct IRC 6103 requests.  This would currently include the final $10 million and over reports that we prepare and send to the Chairman of the House Ways and Means Committee.

Attributes of the Data

Question 1. Is the use of the data both relevant and necessary to the purpose for which the system is being designed?

Yes.  Currently there is no database of Unpaid Assessment that can be accessed to perform the level of analyses the Office of Unpaid Assessment Analysis requires.  This system is being designed to house data, but also to access more detailed data for performing individual analyses of Unpaid Assessment.  This is not a major IRS system, but merely a data warehouse for supporting analyses of the existing ARDI data more efficiently.

Question 2. a.  Will the system derive new data or create previously unavailable data about an individual through aggregation from the information collected?  No.

b. Will the new data be placed in the individual’s record (taxpayer or employee)?  No.

Question 3. a.  If data is being consolidated, what controls are in place to protect the data from unauthorized access or use?   Not applicable.

b. If processes are being consolidated, are the proper controls remaining in place to protect the data and prevent unauthorized access?  Explain?  Not applicable.

Question 4. a.  How will be data be retrieved?  Can it be retrieved by personal identifier?  If yes, explain.

Each CAMS user will have a log in and password to logon to the domain.  They will be given pass through access to the FTP directory.  The analyst can upload and download files into their workstation for analyses.  While the data has taxpayer identification numbers, data is normally not retrieved this way.  Data will be retrieved most often by master file status, or by some other variable contained in the Unpaid Assessment record.
      
What are the potential effects on the due process rights of taxpayers and employees of:              

a. consolidation and linkage of files systems;  None
b. deprivation of data;  None
c. accelerated information processing and decision making;
None
d. use of new technologies.  None

How are the effects to be mitigated? Not applicable


Maintenance of Administrative Controls

Question 1.  a.  Explain how the system and its use will ensure equitable treatment of taxpayers and employees.

Analyses are performed on the unpaid assessment data to report all aspects of what makes up the inventory, and to identify systemic and procedural problems impacting the inventory.  The intent of the data analysis is to identify problems related specific taxpayers records for purposes of determining what level of compliancy taxpayers are reporting accurate tax returns. Records are selected in an aggregate collection solely to perform research of how accurately taxpayers reported their income and how effectively that information is stored in the Masterfile. Because some of the records stored on the system have taxpayer identification numbers in them the system XXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXX. Also, adequate controls are being set in the XXXXXXXX XXXXXX to protect the data from unauthorized access and usage.

Employees are limited through Discretionary Access Control.

b.  If the system is operated in more than one site, how will consistent use of the system and data be maintained in all sites?

There is only one system located and maintained at the National Office.

c.  Explain any possibility of disparate treatment of individuals and groups.

As discussed before, the analyses are performed on the unpaid assessment data to determine how to report for financial purposes, to explain the aspects of what makes up the inventory, and to identify systemic and procedural problems impacting the inventory. The intent of the data and the system for this office’s use is not to identify specific taxpayers for purposes of administering the tax laws.  It is solely to perform research down to the taxpayer specific record to ensure that the reports are accurately prepared at Masterfile based on the coding available.  There is no potential for disparate treatment of either individuals or groups.

Question 2.  a.  What are the retention periods of data in this system?
       
Since there is no database of unpaid assessment, and the monthly files created at master file are only maintained for downloading for 90 days, the summary level reports we receive will be retained indefinitely.  We anticipate keeping several months of data active on the system.  This data will then be moved to CD ROM or   permanent storage. 
The taxpayer specific data will be maintained as long as the analyses or the financial statement audit is being performed, and then will be also stored on CD ROM and secured in a secure storage facility for future use.
 
b.  What are the procedures for eliminating the data at the end of the retention period?  Where are the procedures documented?

The Systems Administrator (SA) will periodically review files on the system for usage, then with the cooperation of the Director of Unpaid Assessment Analysis and the analysts, the SA will archive the files to a write once, read only medium like CD ROM.
 
c.  While the data is retained in the system, what are the requirements for determining if the data is still sufficiently accurate, relevant, timely, and complete to ensure fairness in making determinations?

The data and reports to be used on this system come directly from the master file.  Since each extract is specific to a time period, the data comes directly from the master file record, and the users do not have the ability to change or modify the actual variables in the data, the data will always be accurate, relevant, and complete.  To further ensure the data is accurate and complete, MITS programmers will copy the files directly to CAMS. 

Question 3.  a.  Is the system using technologies in ways that the IRS has not previously employed (e.g. Caller-ID)?  No.

b.  How does the use of this technology affect taxpayer/employee privacy?  It has no effect on taxpayer/employee privacy.

Question 4.  a.  Will this system provide the capability to identify, locate, and monitor individuals?  If yes, explain.  Yes. User activity can be audited while they access the system.

b. Will this system provide the capability to identify, locate, and monitor groups of people?  If yes, explain.  Yes. XXXXXXXXX has the capability to monitor who has accessed the systems and what resources they are using. However, this operation cannot be accomplished with groups because with the exception of the Enterprise systems administrators we only allow individual users access to the system.

c.  What controls will be used to prevent unauthorized monitoring? CAMS uses UNAX and Discretionary Access Control to control unauthorized monitoring of SBU information. Discretionary Access Controls only allow the user to access the resources they have permission to access and nothing else. Discretionary Access Control is set by the systems administrator.  UNAX is controlled by Audit Trail analysis at the SAAS system.

Question 5.  a. Under which Systems of Record notice (SOR) does the system operate?  Provide number and name.

Although AR/MIS is aggregated, there are Privacy Act systems that cover the records that are to be aggregated. The Privacy Act systems of records that cover AR/MIS are the following: 
 
Treasury/IRS 22.060--Automated Non-Master File (ANMF)
Treasury/IRS 22.061--Individual Return Master File (IRMF)
Treasury/IRS 24.030--CADE Individual Master File (IMF), (Formerly: Individual
Master File (IMF))
Treasury/IRS 24.046--CADE Business Master File (BMF) (Formerly: Business
Master File (BMF)
Treasury/IRS 26.016--Returns Compliance Programs (RCP)
Treasury/IRS 26.019--Taxpayer Delinquent Accounts (TDA)

Files including subsystems: (a) Adjustments and Payment Tracers Files, (b)
Collateral Files, (c) Seized Property Records, (d) Tax SB/SE, W&I,
LMSB Waiver, Forms 900, Files, and (e) Accounts on Child Support
Obligations
Treasury/IRS 26.020--Taxpayer Delinquency Investigation (TDI) Files
Treasury/IRS 34.037- IRS Audit Trail and Security Records System
Treasury 00.009 Treasury Financial Management System (formerly Treasury/DO .210--Integrated Financial Management and Revenue System

Question 5.  b. If the system is being modified, will the SOR require amendment or revision?  Explain.  No.  Any planned modification to the system would be to upgrade the hardware and/or the operating software to a newer version. These types of changes do not change the overall function, use, or the relationship between our system and the systems of record. 
 


Page Last Reviewed or Updated: November 03, 2004