Privacy Impact Assessment – Strategic Planning Database System (SPDS)
SPDS System Overview
The Strategic Planning Database System (SPDS) is a three-tiered web-based database system that automates some of the Strategic Planning Cycle functionality for the IRS Modernization and Information Technology Services (MITS) organization. The purpose of the SPDS is to consolidate data for, and automate the production of, the following key MITS reports:
* Strategy and Program Plan (S&PP)
* Business Plan
* Business Performance Review (BPR)
The SPDS contains generic and program specific data needed to produce the reports listed above centralizes strategic planning and budgeting data so that MITS strategic goals and budget plans outlined in the S&PP provide input to the actions and schedules developed in the Business Plan. In addition, the SPDS leverages the performance and resources plans laid out in the Business Plan to measure actual vs. planned performance reported by the Business Performance Review. The SPDS provides user interfaces and functionality through web forms to allow users to input data needed by the S&PP, Business Plan, and BPR and output canned and ad hoc reports. SPDS users are identified by their IRS NT login ID (SEID). Each user is assigned configured a role by the System Administrator that restricts what data the user can view and update. Please verify that the User’s Manager Assigns the ROLE and not the System Administrator. Please refer to my question for question #9 below. System Administrators are designated by the System Owner. A User’s Manager files a request with the System Administrators to have a user added and configured a specific role. All role assignment requests are handled directly by the System Administrator and do not require the Online 5081. System Administrators are responsible for adding and configuring users in the SPDS, while User Managers are responsible for designating which users should have access to the system, what role they are responsible for, and filing user change requests with the System Administrators.
System of Records Number(s)
Treasury/IRS 36.003 General Personnel and Payroll Records.
Treasury/IRS 34.037 IRS Audit Trail and Security Records System Information
Data in the System
1. Describe the information (data elements and fields) available in the system in the following categories:
Taxpayer
Employee
Audit Trail Information (including employee log-in info)
Other (Describe)
Taxpayer: None
Employee: SPDS user information including name, title, phone number, email, location, organization, and NT login ID (SEID).
Audit Trail Information: Revision history What elements are captured for this history and is this part of the Audit Trail? - Specifically the date and time a data record was created, who the data record was created by, the date and time a data record was last modified, who the data record was last modified byof the user who created and last modified the data record in the SPDS.
Other: Data elements necessary to produce the MITS Strategy and Program Plan, Business Plan, and Business Performance Review such as MITS operational and supporting data, budget resource information, division and investment portfolio status, and performance measures.
2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.
IRS
Taxpayer
Employee
Other Federal Agencies (List agency)
State and Local Agencies (List agency)
Other third party sources (Describe)
IRS: MITS operational and supporting data is obtained from the Strategic Planning Office, budget resource information from the Resources Allocation Office, and performance measures measuring MITS operational and organizational performance from the Performance Analysis and Reporting Office and Service Level Management Office within MITS.
Taxpayer: None
Employee: SPDS user accounts are created and updated by the System Administrators.
Federal Agencies: None
State and Local Agencies: None
Third Party Sources: None
3. Is each data item required for the business purpose of the system? Explain.
All SPDS data items are necessary for users to update and produce the MITS Strategy and Program Plan including:
* Strategies, Operational Priorities, and Improvement Projects
* Major Management Challenges
* Trends, Issues, Problems, and Solutions
* Initiatives and Reinvestments
* Resources and Measures
* Users and Roles
4. How will each data item be verified for accuracy, timeliness, and completeness?
Data is updated and reported on a monthly and/or yearly basis. The database stores the revision history with the creation and last modification dates to verify how old the information is. Only assigned users can modify specific data elements based on the system requirements and are responsible for updating and reviewing the data as dictated by the S&PP, Business Plan, and BPR reporting schedules.
5. Is there another source for the data? Explain how that source is or is not used. No
6. Generally, how will data be retrieved by the user?
The SPDS provides web forms for users to view and update data. In addition, users can retrieve the data through canned and ad hoc reports.
7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier?
Users are identified by their NT login ID (SEID). Each user is assigned configured a specific role by the System Administrators. Read and write access to data is restricted according to the role assigned to the user.
A User’s Manager files a request with the System Administrators to have a user added and configured a specific role. All role assignment requests are handled directly by the System Administrator and do not require the Online 5081. System Administrators are responsible for adding and configuring users in the SPDS, while User Managers are responsible for designating which users should have access to the system, what role they are responsible for, and filing user change requests with the System Administrators.
Access to the Data
8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?
Users: SPDS users have read and write access to specific data depending on the role assigned to them configured by the System Administrators. Again does the system administrator or the manager assign the roles? A User’s Manager files a request with the System Administrators to have a user added and configured a specific role. All role assignment requests are handled directly by the System Administrator and do not require the Online 5081. System Administrators are responsible for adding and configuring users in the SPDS, while User Managers are responsible for designating which users should have access to the system, what role they are responsible for, and filing user change requests with the System Administrators.
Managers: IRS Managers have read and write access to specific data depending on the role assigned to them configured by the System Administrators. Does a manager’s manager grant access to the manager via the 5081 process? IRS Managers file requests with the System Administrators to have a user added and configured a specific role. All role assignment requests are handled directly by the System Administrator and do not require the Online 5081. System Administrators are responsible for adding and configuring users in the SPDS, while IRS Managers are responsible for designating which users should have access to the system, what role they are responsible for, and filing user change requests with the System Administrators.
System Administrators: System Administrators have read and write access to all data in the system. System Administrators are designated by the System Owner and serve as the Super Users to the SPDS While the main responsibility of System Administrators is to maintain the users in the system, System Administrators also serve as a fail safe to update or undo erroneous or obsolete data, as well as to archive data and initialize the database for the next reporting cycle. The SPDS tracks the System Administrator’s activities by recording which data records the System Administrator created, the date and time the data records were created, which data records the System Administrator modified, and the date and time the data records were last modified.
Developers: The contractors developing the system have read and write access to all data in the system.
How is contractor and developer access determined? The Contractor/Developer access is determined by the Contractor’s Manager, in this case, the SPDS Technical Point of Contact and System Owner.
9. How is access to the data by a user determined and by whom?
Users are identified by their NT login ID (SEID). System Administrators assign configure each user a specific role. Roles are pre-defined in the system based on the system requirements. The user’s assigned configured role dictates which specific data can be viewed and modified by the user. For example, user accounts can only be updated by those assigned to the “System Administrator” role.
Please explain here the method by which access is determined, does a user manager assigned the access via the 5081 process.
System Administrators are designated by the System Owner. A User’s Manager files a request with the System Administrators to have a user added and configured a specific role. All role assignment requests are handled directly by the System Administrator and do not require the Online 5081. System Administrators are responsible for adding and configuring users in the SPDS, while User Managers are responsible for designating which users should have access to the system, what role they are responsible for, and filing user change requests with the System Administrators.
10. Do other IRS systems provide, receive, or share data in the system? If YES, list the system(s) and describe which data is shared. If NO, continue to Question 12. No.
11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment?
The SPDS C&A application is currently in process with Mission Assurance.
12. Will other agencies provide, receive, or share data in any form with this system? No.
Administrative Controls of Data
13. What are the procedures for eliminating the data at the end of the retention period?
At the end of each reporting cycle, the System Administrator can baseline the data for the reporting period, which is stored permanently in XML in the database. Users have the ability to retrieve baselined historical data at any time for historical purposes.
All data has a retention period – where the data is to be archived and remove from active access. Please refer to IRM 1.15.2 for more information.
S&PP and Business Plan data shall be archived and removed from write access on a yearly basis. BPR data shall be archived and removed from write access on a quarterly basis. Data is archived in the form of XML documents stored in the database. Archived data shall be accessible on a read-only basis for historical purposes for a period of seven years, at which point the archived data can be destroyed.
14. Will this system use technology in a new way? If "YES" describe. If "NO" go to Question 15.
Yes, the SPDS eliminates paper data and manual processes by consolidating data in a database system. As a web-based system, it is accessible by IRS users from the IRS intranet. Data is stored in the database and can be downloaded via canned and ad hoc reports in the form of HTML, XML, MS Word, or MS Excel.
15. Will this system be used to identify or locate individuals or groups? If so, describe the business purpose for this capability. No.
16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring. No.
17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently? Explain. No.
18. Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action? Not Applicable.
19. If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors? No.
|
