Third of Agency Servers Aren’t Screened, Placing Data at Risk, says Treasury Department auditors. IRS IT security at IRS puts its data at risk, auditors say. IG: Incident response policies, plans and procedures are “either nonexistent or are inaccurate and incomplete” IRS agrees with the recommendations, but says it’s not done enough to implement recommended controls. IRS: “The CSIRC is not monitoring 34 percent of IRS servers, which puts the IRS network and data at risks””]
Source: https://www.cuinfosecurity.com/ig-questions-effectiveness-irs-monitoring-a-4651