Accessibility Skip to Top Navigation Skip to Main Content Home  |  Change Text Size  |  Contact IRS  |  About IRS  |  Site Map  |  Español  |  Help  
magnifying glass
Advanced Search   Search Tips

Server for Research Project Management (SRPM)

 

Privacy Impact Assessment – Server for Research Project Management (SRPM)

SRPM System Overview

In July, 2003, Research began a project to install Project Server 2002 for Research use Service wide. Project Server 2002 provides web access to project information by project managers, team members, executives and project stakeholders. Server 2002 XXX XXX XXX XXX for data storage and analysis. In addition XXX XXX XXX XXX. Project Server 2002 includes XXX XXX XXX XXX XXX, a document and issue tracking software which will expand our use of the technology to store current project documents and track significant issues on a project by project basis.  It will be utilized by all IRS Research functions for project scheduling, determining project costs, tracking completion of tasks, providing executives with views to determine project status and determine capacity to accept additional projects, provide stakeholders and project customers with a method of viewing project status via the web, provide team members with web based access to update task information.

System of Records Number

Treasury/IRS 34.037 IRS Audit Trail and Security System.

Data in the System

1. Describe the information (data elements and fields) available in the system in the following categories:

A. Taxpayer
B. Employee
C. Audit Trail Information (including employee log-in info)
D. Other (Describe)

A. None
B. name, title, location, work schedule via resource calendar
C. None in Project Server, standard audit trails are enabled at operating system level.
D. NA

2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.

A. IRS
B. Taxpayer
C. Employee
D. Other Federal Agencies (List agency)
E. State and Local Agencies (List agency)
F. Other third party sources (Describe)

A. Project name, project customer, strategy, operational priorities (op) or mprovement projects (ip), project number.
B. None
C. task update information, calendar changes
D. None
E. None
F. None

3.  Is each data item required for the business purpose of the system?  Explain.

Yes – system provides web access to research project information for executives, project managers, team members and stakeholders

4. How will each data item be verified for accuracy, timeliness, and completeness?

Project managers create their project plans and shares with team members and their respective research chief for approval

5. Is there another source for the data?  Explain how that source is or is not used. 
 No.

6. Generally, how will data be retrieved by the user? 

Via Project Web Access, a web based program linked to Project Server 2002

7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier? 

File name for project files, employee name for resource information

Access to the Data

8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?

All research staff in SB/SE, LMSB, W&I, and NRP – approximately 400 employees.  Project Server system administrators are selected from the research staff.  MITS employees will have administrative access to the server for backup, installation of software updates, etc.

9. How is access to the data by a user determined and by whom? 

Each Research Operating Division will have system administrators who add users and set their permissions for data access, normally limiting access to their projects and resources.  User access is controlled via Windows NT authenication.

10. Do other IRS systems provide, receive, or share data in the system?  If YES, list the system(s) and describe which data is shared.  If NO, continue to Question 12.  NO

11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment?  N/A

12.  Will other agencies provide, receive, or share data in any form with this system? 
NO

Administrative Controls of Data

13.  What are the procedures for eliminating the data at the end of the retention period?

Intended retention period is three years.  Data is eliminated via IRM 1.15.3 – Disposal of Records.

14.  Will this system use technology in a new way?  If "YES" describe.  If "NO" go to Question 15.   NO

15.  Will this system be used to identify or locate individuals or groups?  If so, describe the business purpose for this capability.  NO

16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring.  NO

17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently?  Explain.  NO

18.  Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action?  N/A

19.  If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors?  NO


 

 

4
                                                                                                                                 Page                                                          

 

 
 


Page Last Reviewed or Updated: November 18, 2004