Accessibility Skip to Top Navigation Skip to Main Content Home  |  Change Text Size  |  Contact IRS  |  About IRS  |  Site Map  |  Español  |  Help  
magnifying glass
Advanced Search   Search Tips

Transition Management Repository

 

Privacy Impact Assessment – Transition Management Repository (TMR)

TMR System Overview

The Business Integration and Transition Management (BITM) office has developed the TMR a web based applications  This application is a project management tool for IRS projects and receiving organizations to use for transitioning new  or modified systems from the developing organization to IRS.  The purpose of the TMR is to manage transition data necessary to move from the current to the new business environment. The data is entered through a web page and housed in a database. The information is used to produce reports that will improve the capabilities for resource planning.  These applications are already developed and will continue to be the responsibility of BSM to maintain.

The TMR security certification is in process. The system resides within the IRS firewall and is used  only by IRS employees and authorized contractors.  There is no public access to the information contained in the databases.

During development and the proof of concept stage the application has been housed on the Systems Engineering & Integration (SE&I) servers.   The proof of concept stage is completed and the application is ready to transfer to the production stage. The SE&I servers are only available for engineering solutions and new development.  They do not provide a production environment.

We have requested that this application be transferred to a server infrastructure that can support security certification and a production environment. No taxpayer data is used or stored. For the TMR system there will be 50 or less users inputting data at any one time, however, reviewing of baseline data, in the TMR, is available to anyone on the IRS network.  The system will be used during the normal business day with some Saturdays. 

System of Records Number(s)

Treasury/IRS  36.003 General Personnel and Payroll Records
Treasury/IRS  38.001 General Training Records
Treasury/IRS  34.037 IRS Audit Trail and Security Records System

Data in the System

1. Describe the information (data elements and fields) available in the system in the following categories:
A. Taxpayer
B. Employee
C. Audit Trail Information (including employee log-in info)
D. Other (Describe)

A: None
B: Employee names from the Discovery Directory
C: Access to baseline data is available to users of the IRS network as read only.  An individual must apply for access rights in order to input or update information in the TMR database.  The access is reviewed and approved or denied by the TMR administrator.  The names and SEIDs are maintained, in a secure file, for those granted access.
D: N/A

2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.
A. IRS
B. Taxpayer
C. Employee
D. Other Federal Agencies (List agency)
E. State and Local Agencies (List agency)
F. Other third party sources (Describe)

A: Organizations, processes, procedures and roles are obtained from the Enterprise Architecture.  Training information will be obtained from ELMS. (Interface currently in process). Employee/contractor user names are obtained from the Directory.
B: No taxpayer data
C: User names (employees/contractors) and SEIDs are obtained from the Directory
D: N/A
E: N/A
F: N/A

3.  Is each data item required for the business purpose of the system?  Explain.

Yes, the TMR contains transition material developed based on the use of the IRS
Transition Management Guide that provides the methodology for effectively transitioning systems to IRS receiving organizations.

4. How will each data item be verified for accuracy, timeliness, and completeness?

The projects and receiving organizations that obtain and validate the information they are putting in the TMR are responsible for its accuracy.  The TMR has data integrity checks and error routines that identify inconsistencies that the user must correct.

5. Is there another source for the data?  Explain how that source is or is not used.

Additional sources for information are being investigated. For example, ELMS is being researched to determine how it can provide training material.  There will be others as they are identified or developed.

6. Generally, how will data be retrieved by the user? 

There are three ways to retrieve data from the TMR.  The first is by observation of the material that is contained in the database. The second is to extract reports that provide various types of information based on the query.  The third is to export the information into a document titled, Transition Management Plan (TMP).

7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier? 

No, the information can only be identified by project name.  The names and SEIDs of approved users are maintained in a file that is non-accessible except by the system administrator.

Access to the Data

8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?

IRS network users will have read only access to baseline project data.  Only authorized users will have access to non-baseline data. 

9. How is access to the data by a user determined and by whom? 

The project manager for projects and the manager of record for receiving organizations are the only ones authorized to approve access to the system.
* System administrator: Add/Edit/Delete any information and to Add new users, assign user roles. Grant or revoke access rights to releases.
* Release administrator: Administrator of a release is allowed to add, edit or delete any information of a release and add new users to the release.
* Release analyst: Owner of a project, allowed to add, edit or delete project related information.
* Reviewer: Allowed to view assigned releases only and to approve those TMPs.
* Survey user: Allowed to take assigned surveys.
* Guest: Not authorized to make any changes, only allow to view reports and release information for the releases that are baselined.
Users that are not designated any roles default to Guest.

10. Do other IRS systems provide, receive, or share data in the system?  If YES, list the system(s) and describe which data is shared.  If NO, continue to Question 12.

SIRM/PEARS provides process and project information to TMR.  The system interfaces with the Discovery Directory (Public interface to CADs).

SIRM (Systems Integration and Resource Management) presents multi-dimensional views of projects to support the portfolio management decision-making process.  It also provides the capability of building portfolios of selected Tier A, B, and C projects by fiscal year and performs impact analyses by analyzing different budget scenarios and dependencies to other projects.

PEARS (Project Engineering Analysis and Reporting System) contains the System Engineering & Integration Division's engineering analysis results for Tier A projects (funded via the ITIA account), Tier B projects (funded via PAC 3B account, and Tier C projects (all other funded changes to IRS' systems environment). PEARS data is integrated with SIRM and the ABA environments and is the basis on which projects are aligned with EA business processes and IRS' current systems environment.  Although primarily utilized by SE&I Analyst and Technical Leads, visitors may enter the site as guests and browse through the tabs to review specific project analysis or utilize the reports tab to display relevant project information.

11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment?  No.

12.  Will other agencies provide, receive, or share data in any form with this system?

System is for internal use only.  There will be no sharing of data with other agencies.

Administrative Controls of Data

13.  What are the procedures for eliminating the data at the end of the retention period?

* Project release data for a milestone will be archived to an inactive table once a release forward from one milestone to another. The data becomes read-only.
* Project data can be manually deleted from the active and inactive tables at any time as needed.
See IRM 1.15.57 GRS20 – Electronic Records.

14.  Will this system use technology in a new way?  If "YES" describe.  If "NO" go to Question 15.  No.

15.  Will this system be used to identify or locate individuals or groups?  If so, describe the business purpose for this capability.  No.

16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring.  No.

17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently?  Explain. No.

18.  Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action?  N/A.

19.  If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors? No.
 


Page Last Reviewed or Updated: April 14, 2006