Accessibility Skip to Top Navigation Skip to Main Content Home  |  Change Text Size  |  Contact IRS  |  About IRS  |  Site Map  |  Español  |  Help  
magnifying glass
Advanced Search   Search Tips

Financial Management Information System (FMIS)

 

Privacy Impact Assessment –  Financial Management Information System (FMIS)

FMIS System Overview

The Financial Management Information System (FMIS) is an operational system that supplies the reports and data that are used for the audit of the Custodial Financial Statements of the IRS by the General Accounting  Office (GAO).  A major objective of the custodial Financial reporting system is to be continuously and accurately responsive to regular and ad hoc requests for custodial financial reports.

FMIS is currently in the Control phase of the IRS CPIC process where it is continuously monitored for cost, schedule, and project performance. The IRS ensures that operational systems are executed in a disciplined, well-managed, and consistent manner through timely oversight, quality control, and executive review.

To better understand the IRS compliance with provisions of the Chief Financial Officers (CFO) Act and the system development environment, it is important to understand that the IRS has two separate financial operations, which independently track the funds, and result in six separate financial statements.  One financial operation is Administrative and accounts for the appropriated funds.  The other is Custodial (FMIS) and tracks tax collection.

The Administrative financial operations, information systems, and statements are similar to those found in any large corporation. However, the Custodial financial operations, information systems, and associated statements track tax revenues processed through the lRS pipeline. The pipeline is the IRS' tax return processing channel that begins at initial receipt of tax returns and remittances and tracks the information/funds through postings on the Master Files, many large databases. 

The Custodial Financial Accounting System is unique in complexity and scope.  FMIS is comprised of two key sub programs, Revenue and Refunds (R&R) and Unpaid Assessments (UA).  Each key component is described as follows:

Revenue and Refunds
This system is used to identify all of the detailed transactions that posted to the Individual Master Files (IMF), Business Master Files (BMF), Individual Retirement Accounts File (IRAF), and Non-Master Files (NMF) during the fiscal year. These detail transactions are broken down into Revenue transactions, Refund transactions, Other Transactions that are part of the fiscal year, and Other Transactions that are not part of the fiscal year. Once these breakouts are done, revenue and refund reversal transactions are matched to the transactions they reverse. Paper and electronic reports are generated and distributed to the Office of the CFO and to GAO. The detailed files provide support for the amounts from the Interim Revenue Accounting Controls System (IRACS). The files are also made available to GAO for sampling and to validate the financial statements.

Unpaid Assessments
The objective of Unpaid Assessments is to continue to provide the users, Chief Financial Officer  (CFO), Research, Compliance, and GAO, with required program changes for reporting, researching and auditing of the financial statements for debit balance and frozen credit modules.  The near term objectives are to support:

Fiscal Year 2003 Interim Audit Changes 6-03
Fiscal Year 2003 Fiscal Year End (FYE) Audit Changes 10-03
Filing Season 2003 Changes 1-03
Provide an Unpaid Assessment data feed to CAP 11/03

The system is used to:

* Prepare the IRS Financial Statements and support the GAO financial audit
* Produce reports for trending on operational impact
* Feed the Business Performance Management System (BPMS)
* Populate the Compliance Data Warehouse (CDW)
* Form the basis for the data feeds to the Custodial Accounting Project (CAP)
* Extract assessments to be used for the Federal Payment Levy Program (FPLP)
* Track and Report Modules having credit balances as part of the frozen credit process.

System of Record Number(s)

Treasury/IRS 22.034--Individual Returns Files, Adjustments and Miscellaneous Documents Files
Treasury/IRS 22.054--Subsidiary Accounting Files
Treasury/IRS 22.061--Individual Return Master File (IRMF)
Treasury/IRS 24.030--CADE Individual Master File (IMF)
Treasury/IRS 24.046--CADE Business Master File (BMF)
Treasury/IRS 26.019--Taxpayer Delinquent Accounts (TDA)
Treasury .009--Treasury Financial Management Systems
Treasury/IRS 34.037--IRS Audit Trail and Security Records System

Data In the System

1. Describe the information (data elements and fields) available in the system in the following categories: 

a) Taxpayer:  See core record layouts
b) Employee: XXX maintains a user access log that can track the employee’s use of the system through their user ID.
c) Audit Trail Information (including employee log-in info):  Aprroved IRS
Personnel are required to fill out Form 5081 in order to be given access to the system.  Audit trails are in place for the XXX XXXXXXX and they capture the following data:  USERID, password, date, time of access, time of logoff, and what was accessed.
d) Other (describe)

FMIS uses all of the following types of data: Account, Accounting Policy, Activity, Appropriation, Audit Trail, Budget Center, Budget Event, Employee, Expense Account, Financial Analysis Information, Position, Project, Tax Law and Voucher. All data collected by FMIS is in the category of Sensitive but Unclassified (SBU).

All data is extracted/obtained from the Master Files (MF) Individual Master Files (IMF), Business Master Files (BMF), Individual Retirement Accounts File (IRAF), and Non-Master Files (NMF), which contain information on individuals and businesses. Please see the attached lists of data elements (core record layouts) extracted.

2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.

a) IRS -  All data is extracted from the Master Files at the XXXXXX
    XXXX XXXX XXXXXXXXX.
b) Taxpayer – All data is extracted from the Master Files at XXX. 
c) Employee – N/A
d) Other Federal Agencies – N/A; FMIS provides data to other Federal Agencies
e) State and Local Agencies – N/A; FMIS provides data to State and Local Agencies
f) Other third party sources – N/A

3. Is each data item required for the business purpose of the system? Explain.

Yes. Each data item is necessary in support of the IRS Custodial Finance Statement Audit.  FMIS supplies reports and data used to prepare the IRS Custodial Financial Statements and supports the GAO Annual Fiscal Year Financial Statement Audit.   IRS Custodial financial statements are a significant part of the overall Treasury financial statements compiled for the government-wide financial statements each year, also audited by GAO.

4. How will each data item be verified for accuracy, timeliness, and completeness?

To verify accuracy of the data, the Log Accounting Report System (LARS) is being used as our control.

5. Is there another source for the data? Explain how that source is or is not used.  No.

6. Generally, how will data be retrieved by the user?

Data will be retrieved via secure lines from employee workstations to the XXX XXXXXXXXXXXXX.

7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier? 

Yes. Data can be retrieved by a personal identifier, such as a SSN.

Access To The Data

8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?

Approved IRS Personnel, such as, the Chief Financial Officer, Business Systems Development Project Manager, Technical Advisor, Developers, Contractors and Managers have approved sign-on privileges and passwords.

In order to receive this, each user is required to fill out Form 5081 in order to be given access to the system. Users of the system are authenticated and controls are in place to ensure that the user only has access to that data for which they have a business need to see.

9. How is access to the data by a user determined and by whom?

Managers and Contracting Officer’s Technical Representatives (COTR) determine access. It is determined on an individual and “as needed” basis. Form 5081 has to be completed in order for access to be granted. Because this is a steady stack legacy system, programmers require access for continued maintenance.  FMIS requires programmers and report prepares to be authorized.  Access control information is provided by the IRS organizational chart and delegation orders. 

10. Do other IRS systems provide, receive, or share data in the system? If YES, list the system(s) and describe which data is shared. If NO, continue to Question 12.

Applications sending Data include: Automated Non-Master File (ANMF), Business Master File Outputs (BMF OUTPUTS), Business Master File Posting and Analysis, BMF Analysis, Business Master File Returns Transaction File Processing (BMF RTF), Individual Master File Outputs (IMF OUTPUTS), Individual Master File Posting and Analysis, IMF ANALYSIS, Individual Master File Returns Transaction File (IMF RTF), Individual Retirement Account File Outputs (IRAF OUTPUTS).  This data is reported in the following statements:

* Prepare the IRS Financial Statements and support the GAO financial audit
* Produce reports for trending on operational impact
* Feed the Business Performance Management System (BPMS)
* Populate the Compliance Data Warehouse (CDW)
* Form the basis for the data feeds to the Custodial Accounting Project (CAP)
* Extract assessments to be used for the Federal Payment Levy Program (FPLP)
* Track and Report Modules having credit as part of the frozen credit process.

Applications receiving data are CDW, BPM), and GAO, an external entity.

11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment?

The IMF, BMF, IRAF, and NMF have Privacy Impact Assessments.

12. Will other agencies provide, receive, or share data in any form with this system?

GAO receives reports and data files.  The Treasury Inspector General for Tax Administration (TIGTA) may also request data files.

Administrative Controls Of Data

13. What are the procedures for eliminating the data at the end of the retention period?

XXX disposes of obsolete data. XXX may have their own controls in place. We have no control over that procedure.

14. Will this system use technology in a new way? If “YES”, describe. If “NO”, go to Question 15.

No. This system will be replaced by Modernization.

15. Will this system be used to identify or locate individuals or groups? If so, describe the business purpose for this capability.  No.

16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring.  No.

17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently?  Explain.

No. FMIS is strictly a reporting system. It feeds the Business Performance Management System (BPMS) and is used as an analytical tool by the operating divisions to make business decisions.

18. Does the system ensure “due process” by allowing affected parties to respond to any negative determination, prior to final action?

N/A. FMIS does not deal directly with taxpayers.

19. If the system is web bases, does it use persistent cookies or other tracking devices to identify web visitors?  N/A
 


Page Last Reviewed or Updated: November 24, 2004