Accessibility Skip to Top Navigation Skip to Main Content Home  |  Change Text Size  |  Contact IRS  |  About IRS  |  Site Map  |  Español  |  Help  
magnifying glass
Advanced Search   Search Tips

Wireless eOrdering System

 

Privacy Impact Assessment – Wireless eOrdering System (WeOS)

WeOS System Overview

WeOS is an Internal Revenue Service (IRS) minor application/system that has been categorized as low risk.  WeOS is an automated intranet service wide inventory, ordering and tracking system for cell phones issued to IRS employees. Employees can access XXXXXXXX and order a cell phone card through the National Office representative located at the XXXX XXXX XXXX. The National Office representative is responsible for calling card order processing and focuses on service wide inventory control, vendor coordination, annual database validation, and processing and control of approximately 8000 cell phones.

Employees access the WeOS web site and complete the automated cell phone order form.  An email message is sent to the immediate manager (i.e., first level manager) that a cell phone order form was completed and to go to a specific Intranet address to review and take action on the employee request.  The manager will review the information for accuracy and, assuming the manager concurs that the employee should receive a cell phone, approves the request.  An email is then sent to the second level manager.  The second level manager or designee will review and approve the automated request for processing.  The National Office representative reviews the cell phone request, identifies a local point of contact to receive and issue the cell phone to the requestor when delivered, and places the cell phone order with the vendor.  Notification of approval by the immediate and second level managers is mandatory before the National Office representative is authorized to order the cell phone.

Any IRS employee with a valid standard employee identifier (SEID) can access WeOS.  The primary type of data used within WeOS is asset data.  WeOS is not used by parties outside of the IRS, nor is it accessible outside of the IRS Intranet.

Systems of Records Notice

Treasury 009. Treasury Financial Management System
Treasury/IRS 36.003 General Personnel and Payroll Records

Data in the System

1. Describe the information (data elements and fields) available in the system in the following categories:
A. Taxpayer
B. Employee
C. Audit Trail Information (including employee log-in info)
D. Other (Describe)

A.  No taxpayer data is kept in the WeOS system. 

B.  Employee – First name, last name, Standard Employee Identifier (SEID), Organization Code, cell phone number, first level manager’s name, second level manager’s name, e-mail address, and post of duty address.

C.  All orders, inventory, and requestor changes are logged in the daily security log (to include the SEID and date and timestamp of user logins and logouts).  WeOS relies on the MITS-2 GSS for implementation of this control. There is no audit capability in the WeOS application itself. 

MITS-2 GSS auditing monitors user workstation and log on/off activities.  It also monitors system administrator and security administrator activities while in their specific roles.  The audit logs have critical event information (type of event, source of event, time and date of event, user accountable for event).

D.  No other types of data are kept in the WeOS system. 

2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.
A. IRS
B. Taxpayer
C. Employee
D. Other Federal Agencies (List agency)
E. State and Local Agencies (List agency)
F. Other third party sources (Describe)

A.  The WeOS application shares information with the Corporate Authoritative Database (CADS). WeOS checks CADS as-needed to match the employee name, business unit, with their respective manager and second level manager.

B.  No taxpayer data is provided to WeOS.

C.  Employee first name, last name, Standard Employee Identifier (SEID), Organization Code, cell phone number, first level manager’s name, second level manager’s name, e-mail address, and post of duty address are obtained from CADS.

D.  No data on WeOS is provided by other Federal Agencies.

E.  No data on WeOS are provided by State and Local Agencies.

F.  There are no third party sources for data held on WeOS.

3. Is each data item required for the business purpose of the system?  Explain.

Yes.  All data items are required for the business purpose of the system.  The system collects SEID, employee name, name of first level manager and second level manager, cell phone number and e-mail address, as well as post of duty address.  Data can be retrieved by organization code, as well.  There are various purposes for the collection of this information: 
1.  to determine which employees did not validate their cell phones; 
2.  to determine how many cell phone users are in specific Business Operating Divisions (BODs) for budgeting purposes;
3.  to pull all validated cell phone numbers to determine out year budgets; and
4.  to also determine how many phones have been replaced because they have been lost, stolen or broken.  This helps to determine if there is a pattern of neglect.

In brief, the system tracks the assignment and disposition of electronic devices issued to certain employees when management determines that the device will help them do their job.

4. How will each data item be verified for accuracy, timeliness, and completeness?

Accuracy of the data will be validated by the User and organizational change updates that occur via data download from the CADS database on a bi-weekly basis.   The User’s time keeper makes changes within the timekeeping system and causes needed updates to occur in WeOS.   The term “User” is defined as first level, end users of the WeOS system.

SEID and password are used to log into the LAN.  Users are only permitted to access the cell phone order and cell phone validation functions of WeOS. No information can be changed from within WeOS by Users, Information Technology Services (ITS) Points of Contact, and Application Administrators.  As an additional precaution, Users are required to validate their cell phone information annually to ensure that there is an accurate record of cell phone users.

Only WeOS System Administrators can access all application functions, add/delete information from the database, and assign/change privileges (e.g., read, write) for users, and input information into the application for reports.

Only Developers can make changes to tables, reports, queries, and data, and can also assign/delete databases and assign user privileges within WeOS.

To help ensure accuracy, the application does not permit any actions to be performed by users without first authenticating. 

5. Is there another source for the data?  Explain how that source is or is not used.

No.  There is no other source for the data.  All information in WeOS is obtained from CADS.

6. Generally, how will data be retrieved by the user? 

All Users must first login to their workstation using their IRS intranet account. This requires both an SEID and a password.  After a User has logged-in to their workstation, they enter XXXXXX in their web browser to access WeOS. WeOS validates the Users SEID and allowable privileges against information contained in CADS and the WeOS access table. 

Once access has been obtained, all Users may order a new wireless device, check on the status of an order, browse plans and devices, review policies, procedures and guidelines. Or he or she may validate a phone.  Users are not able to access information about other Users.

ITS Points of Contact may view orders, view ITS approvals, view device reports, view equipment returns, and view cell phone validation reports.

Application Administrators may access the system to view orders, view approvals, view device reports, view equipment returns, or view cell phone validation reports.

Administrators may perform a query of the database using:
• First Name
• Last name
• Organization Code
• SEID
• Mobile Number assigned

7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier? 

Yes.  Information is retrievable by SEID, cell phone number, and first and last name of the user.

Access to the Data

8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?

Users may place a device order request validate an existing cell phone, view information regarding ITS points of contact, cellular devices and plans, employee wireless discount plans, ordering wireless devices, and the policy for wireless device usage.  Authorized contractors, may use the system as Users and can order cell phone equipment.  Those contractors must hold a valid SEID, password, and maintain a valid account.  They also must receive approval from the first level manager and second level manager to receive any cell phone equipment.

ITS Points of Contact (another category of end user in the WeOS system) may view orders, view ITS approvals, view device reports, view equipment returns, and view cell phone validation reports.

Application Administrators may view orders, view ITS approvals, view device reports, view equipment returns, and view cell phone validation reports, send reminders to ITS and customers for returned phones Send service cancellation request to vendors, Generate reconnect reports, view new usage exception reports, view stored usage exception reports.

System Administrators may access all application function, add/delete information from the database, and assign/change privileges (e.g., read, write) for Users, and input information into the application for reports this includes editing tables, viewing all orders, making changes to orders, deleting orders, adding administrator, delete and deleting administrators.

MITS-2 GSS auditing monitors system administrator and security administrator activities while in their specific roles.  The audit logs have critical event information (type of event, source of event, time and date of event, user accountable for event) useful in intrusion detection and system forensics should an attack occur.

Access to audit logs is also restricted to only the appropriate individuals to prevent unauthorized deletion or change of audit events.  However, privileged users are authorized to select relevant events to be audited and/or reviewed. 

Developers (including contractors) may access live data, edit tables, see all orders, make changes to orders, delete orders, add administrators, delete administrators, delete databases, and change structures of databases. Only developers have full access and are able to update the application.

9. How is access to the data by a user determined and by whom? 

The application will allow access to authorized personnel only.  Access is managed to the application by first level managers, and Application Administrators.

While WeOS does not follow the Online 5081 process for granting access to the application specifically, all users, to include IRS employees and contractors, must go through the OL5081 process to access the IRS LAN which is required in order to access WeOS in the first place.  The user’s SEID and password are therefore required to log into the LAN and get to the WeOS system.  After a User has logged-in to the LAN, they enter XXXXXXXX in their web browser to access WeOS.  WeOS validates the User’s SEID and allowable privileges against information contained in CADS and the WeOS access table and grants the User his or her authorized permissions.

Contractors have access to the system both as Users and as Developers. In order to be granted access to WeOS, they must attain a National Agency Check with Law and Credit Investigation for Moderate Risk Contractor Position clearance in order to access the system. 

As stated previously in this response, contractor users must be approved through the OL5081 registration process to access the IRS LAN which is required to access WeOS.

10. Do other IRS systems provide, receive, or share data in the system?  If YES, list the system(s) and describe which data is shared.  If NO, continue to Question 12.

Yes.  As listed above in question 2A, the Corporate Authoritative Database (CADS) system provides information to the WeOS system. WeOS checks CADS as-needed to match the employee with their respective manager. No Memoranda of Understanding or (MOUs) or Interconnection Security Agreements (ISAs) exist between CADS and WeOS.

11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment?

The CADS system received an approved Security Certification on February 4, 2005, but it has not yet received an approved Privacy Impact Assessment.  The CADS Security Certification will expire on February 4, 2008.

12.  Will other agencies provide, receive, or share data in any form with this system?

No.  The data in WeOS is not provided by or supplied to any other agency.

Administrative Controls of Data

13.  What are the procedures for eliminating the data at the end of the retention period?

WeOS performs an automated purge of the database when the problem is resolved, and/or data is no longer needed.  WeOS relies on the MITS-2 General Support System (GSS) to eliminate audit data.  The GSS eliminates audit data in accordance with the IRM 2.7.4.  IRM 2.7.4, Purging of  Sensitive But Unclassified (SBU) Data and Destruction of Computer Media, provides those procedures used for sanitizing electronic media for reuse (e.g., overwriting) and for controlled storage, handling, or destruction of spoiled media or media that cannot be effectively sanitized for reuse (e.g., degaussing).  At this time, a specific data retention period is not defined.

14.  Will this system use technology in a new way?  If "YES" describe.  If "NO" go to Question 15.  No.

15.  Will this system be used to identify or locate individuals or groups?  If so, describe the business purpose for this capability.

Yes.  For individuals, the system will list a record for each employee provisioned with electronic devices.  The records will be used to keep track of device ownership.  This supports the business purpose of the system. When an employee no longer has the devices, his/her name and record is marked as inactive and eliminated from the system. 

Records of groups are used to identify whether or not an individual is a member of a particular group of people who have ordered cell phones en masse.  This feature meets the business purpose of the system by allowing administrators to track individual orders that are a part of a single large quantity device order that has been placed by a particular group.

Because wireless devices must be delivered to employees, post of duty address information is also needed to meet the business purpose of the system.

16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring.

Yes.  WeOS monitors individual usage rates for the electronic communications devices.  It is not capable of monitoring the calls, nor the movement of employees themselves.

Logging-in to the WeOS system creates a record, and all actions while in the system are recorded, and a log is kept of orders, inventory and requester changes within the system. WeOS System Administrators do not review the application audit records for inappropriate activities. WeOS relies on the MITS-2 GSS for audit functionality support. 

No other kind of monitoring takes place within the WeOS system.

17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently?  Explain.

No.  The system only tracks individuals who have already been issued or who have ordered wireless devices.  The system is not used to revoke the privilege of usage of a wireless device or the system itself.

18.  Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action?

N/A.  The system only tracks individuals who have already been issued or who have ordered wireless devices.  The system does not make or process negative determinations about Users.  In addition, Users have the ability to correct or edit their information by accessing their accounts through the WeOS intranet site.

19.  If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors?

No persistent cookies or other tracking devices are used to identify web visitors.
 


Page Last Reviewed or Updated: June 23, 2006