United States Government Accountability Office Before the Subcommittee on Government Operations Committee on Oversight and Reform House of Representatives For Release on Delivery Expected at 10 00 a m ET Wednesday October 7 2020 INFORMATION TECHNOLOGY IRS Needs to Address Operational Challenges and Opportunities to Improve Management Statement of Vijay A D'Souza Director Information Technology and Cybersecurity GAO-21-178T October 7 2020 INFORMATION TECHNOLOGY IRS Needs to Address Operational Challenges and Opportunities to Improve Management Highlights of GAO-21-178T a testimony before the Subcommittee on Government Operations Committee on Oversight and Reform House of Representatives Why GAO Did This Study What GAO Found The IRS a bureau of the Department of the Treasury relies extensively on IT to annually collect more than $3 trillion in taxes distribute more than $400 billion in refunds and carry out its mission of providing service to America’s taxpayers in meeting their tax obligations This year IRS also relied on IT to process and disburse economic impact payments totaling hundreds of billions of dollars to millions of Americans in accordance with the Coronavirus Aid Relief and Economic Security Act IRS expects to spend $3 2 billion on IT for fiscal year 2020 Information technology IT operational challenges have hampered the Internal Revenue Service’s IRS ability to effectively carry out its responsibilities For example GAO was asked to testify about IT management at IRS Specifically this testimony summarizes GAO’s prior reports on IT challenges that IRS has faced in carrying out its operational responsibilities and on opportunities for the agency to improve the management of its IT investments To do so GAO reviewed its previously issued reports identifying IT operational challenges and opportunities to improve the management of its systems and incorporated information on the agency’s actions in response to related recommendations • In May 2020 GAO reported that new and continuing deficiencies in information system security controls over financial and tax processing systems included deficiencies related to access controls segregation of duties and other areas These collectively represented a significant deficiency in risks of unauthorized access to modification of or disclosure of financial reporting and taxpayer data and disruption of critical operations GAO made 18 new recommendations to address these deficiencies bringing the total number of GAO cybersecurity recommendations that IRS has not yet implemented to 132 • A January 2020 GAO report stated that customer service representatives and frontline managers reported frequently experiencing computer problems that adversely affected their ability to serve taxpayers Specifically they reported their computers freezing or taking excessive time to reboot These computer problems could cause phone calls to disconnect before taxpayer issues were resolved which required taxpayers to call back and wait in the queue again GAO recommended that IRS address this challenge IRS now has actions underway to implement GAO’s recommendation GAO has also issued several reports identifying numerous opportunities for the IRS to improve the management of its IT investments IRS has addressed some of the related recommendations but other important ones are not yet implemented For example • In June 2018 GAO reported that IRS had not fully implemented key risk management practices for three mission critical systems facing significant risks due to their reliance on legacy programming languages outdated hardware and a shortage of human resources with needed skills For example for one of the systems the more than 50-year old Individual Master File IRS was using assembly language and Computer Business Oriented Language COBOL —languages that were both developed in the 1950s As a result of these and other findings in its report GAO made 21 recommendations to IRS As of September 2020 IRS had implemented three of the 21 recommendations • In June 2016 GAO reported that IRS had established IT investment priorities that supported two types of activities—operations and modernization While IRS had developed a process for prioritizing operations activities it did not have such a process for modernization Accordingly GAO recommended that IRS develop this process to better assure Congress and other decision makers that the highest priorities are funded In September 2020 the agency told GAO that it expected to implement this process for the fiscal year 2022 budget cycle What GAO Recommends GAO has made a number of recommendations to IRS to address IT challenges and needed improvements While IRS has generally agreed with these it still needs to implement the numerous critical recommendations that remain outstanding View GAO-21-178T For more information contact Vijay D’Souza at 202 512-6240 or dsouzav@gao gov United States Government Accountability Office Letter Letter Chairman Connolly Ranking Member Hice and Members of the Subcommittee I am pleased to be here today to discuss the management of information technology IT at the Internal Revenue Service IRS IRS relies extensively on IT to annually collect more than $3 trillion in taxes distribute more than $400 billion in refunds and carry out its mission of providing service to America’s taxpayers in meeting their tax obligations For fiscal year 2020 the agency expects to spend approximately $3 2 billion for IT investments including $2 6 billion or 82 percent for operational systems and approximately $576 million or 18 percent for development modernization and enhancement This year in addition to fulfilling its usual responsibilities IRS was charged with distributing millions of economic impact payments to individuals and households in accordance with the Coronavirus Aid Relief and Economic Security Act CARES Act and implement other provisions to provide emergency assistance for individuals families and businesses affected by the COVID-19 pandemic 1 IRS relied on IT to help address this responsibility and as of July 31 2020 the Department of Treasury Treasury and IRS had processed and disbursed 163 9 million payments totaling $273 5 billion 2 As you know the effective and efficient acquisition and management of IT investments has been a long-standing challenge in the federal government For this reason we added improving the management of IT acquisitions and operations to our high-risk areas for the federal government in February 2015 3 Further as was highlighted in a hearing 1Pub L No 116-136 § 2201 a 134 Stat 281 336–37 codified at 26 U S C § 6428 2GAO COVID-19 Federal Efforts Could Be Strengthened by Timely and Concerted Actions GAO-20-701 Washington D C Sept 21 2020 3GAO High-Risk Series An Update GAO-15-290 Washington D C Feb 11 2015 GAO’s high-risk program identifies government operations with vulnerabilities to fraud waste abuse and mismanagement or in need of transformation to address economy efficiency or effectiveness challenges Every 2 years we issue an update that describes the status of these high-risk areas and actions that are still needed to assure further progress and identifies new high-risk areas needing attention by Congress and the executive branch Financial benefits to the federal government due to progress in addressing high-risk areas from fiscal years 2006 through 2018 totaled nearly $350 billion Page 1 GAO-21-178T IRS IT Management held before your committee in July 2020 the pandemic has exacerbated these challenges As agreed with your office my statement today summarizes a number of our previously issued reports that have highlighted IT operational challenges at IRS and opportunities for the agency to improve the management of its IT investments 4 In developing this testimony we reviewed our previously issued reports identifying IT operational challenges at IRS and on IRS’s efforts to modernize its systems We also incorporated information on the agency’s actions in response to recommendations we made in these previous reports The reports cited throughout this statement include detailed information on the scope and methodology of our prior reviews We conducted the work on which this statement is based in accordance with generally accepted government auditing standards Those standards require that we plan and perform the audit to obtain sufficient appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives Background The mission of the IRS a bureau within the Treasury is to provide America’s taxpayers with top quality service by helping them understand and meet their tax responsibilities and to enforce the tax law with integrity and fairness to all In carrying out its mission IRS annually collects over $3 trillion in taxes from millions of taxpayers and manages the distribution of over $400 billion in refunds In March 2020 the CARES Act was enacted into law to provide emergency assistance and health care response to individuals households and families affected by the COVID-19 pandemic 5 Among 4See for example GAO Information Technology IRS Needs to Take Additional Actions to Address Significant Risks to Tax Processing GAO-18-298 Washington D C June 28 2018 Information Technology Management Attention Is Needed to Successfully Modernize Tax Processing Systems GAO-18-153T Washington D C Oct 4 2017 Information Technology IRS Needs to Improve Its Processes for Prioritizing and Reporting Performance of Investments GAO-16-545 Washington D C June 29 2016 and Information Technology Federal Agencies Need to Address Aging Legacy Systems GAO-16-468 Washington D C May 25 2016 5Pub L No 116-136 134 Stat 281 2020 Page 2 GAO-21-178T IRS IT Management other things the act included a provision for IRS to distribute economic impact payments to individuals As previously noted as of July 31 2020 Treasury and IRS had processed and disbursed 163 9 million payments totaling $273 5 billion 6 IRS Relies on IT Investments to Carry Out Its Mission and Responsibilities IT plays a critical role in enabling IRS to carry out its mission and responsibilities For example the agency relies on information systems to process tax returns account for tax revenues collected send bills for taxes owed issue refunds assist in the selection of tax returns for audit and provide telecommunications services for all business activities including toll-free access to IRS customer service representatives for assistance with their tax filing questions In addition starting in April 2020 IRS relied on IT to process and disburse economic impact payments totaling hundreds of millions of dollars to address its responsibilities under the CARES Act We have previously reported on a number of the agency’s mission critical IT investments supporting its tax processing responsibilities These include the following modernization investments • Customer Account Data Engine 2 CADE 2 is being developed to replace core functions of the Individual Master File investment—IRS’s authoritative data source for individual tax account data which accounts for a large portion of tax processing activities 7 CADE 2 data is also expected to be made available for access by downstream systems such as the Integrated Data Retrieval System for online transaction processing by IRS customer service representatives IRS expended $100 million on this investment in fiscal year 2019 In September 2020 we identified CADE 2 as one of the federal government’s critical IT acquisitions 8 • Enterprise Case Management is to provide an enterprise solution for performing case management across IRS’s business units According to the agency its current case management systems provide limited visibility into case management practices among programs and 6GAO-20-701 7IRS initially intended for CADE 2 to replace the Individual Master File investment However in May 2019 IRS told us that it had changed the scope of the investment to focus on modernizing only the most complex and critical aspects of the Individual Master File 8GAO Information Technology Key Attributes of Essential Federal Mission-Critical Acquisitions GAO-20-249SP Washington D C Sept 8 2020 Page 3 GAO-21-178T IRS IT Management cause process redundancies as well as multiple handoffs that can lead to among other things increased risks Enterprise Case Management is expected to address these limitations The agency reported spending $60 million on the investment in fiscal year 2019 We have also reported on the following operations and maintenance investments • End User Systems and Services EUSS provides desktops laptops mobile devices software incident management services and asset management services to end users in IRS The agency reported spending $187 million on this investment in fiscal year 2019 • The Individual Master File is IRS’s system for processing individual taxpayer account data The agency uses this system to update accounts assess taxes and generate refunds as required during each tax filing period Virtually all IRS information system applications and processes depend on output directly or indirectly from this data source and it was used as a key system for determining eligibility for making the economic impact payments to individuals IRS uses assembly language code 9 and Common Business Oriented Language COBOL 10 languages that were developed in the late 1950s and early 1960s to program this system which began operation in the late 1960s The agency reported spending $19 million on the Individual Master File investment in fiscal year 2019 • Mainframes and Servers Services and Support provides for the design development and deployment of server middleware and large systems and enterprise storage infrastructures including supporting systems software products databases and operating systems This investment has been operational since 1970 IRS reported spending $559 million on this investment in fiscal year 2019 9As we reported in May 2016 assembly language code is a low-level computer language initially used in the 1950s Programs written in assembly language are conservative of machine resources and quite fast however they are much more difficult to write and maintain than other languages Programs written in assembly language may only run on the type of computer for which they were originally developed 10COBOL which was introduced in 1959 became the first widely used high-level programming language for business applications The Gartner Group a leading IT research and advisory company has reported that organizations using COBOL should consider replacing the language as procurement and operating costs are expected to steadily rise and because there is a decrease in people available with the proper skill sets to support the language Page 4 GAO-21-178T IRS IT Management • IRS’s IT Spending Has Been Steady with a Slight Increase Over the Past 10 Years The Return Review Program is IRS’s primary system for fraud detection As such it supports the agency’s capabilities to detect resolve and prevent criminal and civil tax noncompliance According to the agency between January 2015 and September 11 2019 the Return Review Program prevented over $10 73 billion of revenue in confirmed fraud The agency reported spending $105 million on this investment in fiscal year 2019 As previously noted IRS plans to spend approximately $3 2 billion on IT investments during fiscal year 2020 including $2 6 billion or 82 percent for operations and maintenance activities and approximately $576 million or 18 percent for development modernization and enhancement The agency’s IT spending has been steady with a slight increase over the past 10 years and a gradual decrease in development modernization and enhancement spending Figure 1 shows IRS’s IT spending for fiscal years 2011 through 2020 budgeted Figure 1 IRS’s Information Technology Spending for Fiscal Years 2011 through 2020 Note Numbers are adjusted for inflation in 2019 dollars Page 5 GAO-21-178T IRS IT Management IRS Issued a Plan to Guide Its IT Modernization Efforts In April 2019 IRS issued a plan to guide its IT modernization efforts through fiscal year 2024 This plan defined major categories of work necessary to transform the agency’s technology and deliver a modernized taxpayer experience in support of its mission Specifically the plan identified a series of capabilities to be delivered for four categories of work known as modernization pillars—taxpayer experience core taxpayer services and enforcement modernized IRS operations and cybersecurity and data protection In addition the plan defined two phases for delivering these capabilities the first phase is scheduled to occur between fiscal years 2019 and 2021 and the second phase is scheduled to occur between fiscal years 2022 and 2024 IRS also stated that successful implementation of the plan depended on obtaining certain hiring flexibilities and multiyear funding at somewhat predictable levels The agency reports to Congress on the status of its modernization deliverables through quarterly reports summarizing accomplishments for the past quarter and plans for the upcoming quarter We have work underway to examine IRS’s performance against the goals established in its modernization plan IT Operational Challenges Have Hampered IRS’s Ability to Effectively Carry Out its Responsibilities We have reported that in recent years IRS has generally successfully implemented tax code changes Nevertheless we have identified some IT operational challenges which have hampered the agency’s ability to effectively carry out its responsibilities We have made recommendations to IRS to address these challenges and the agency is at various stages of implementing them For example • In our May 2020 report summarizing our review of information system security controls in support of our audit of IRS’s fiscal years 2019 and 2018 financial statements 11 we noted new and continuing deficiencies in information system security controls Specifically we identified 11 new deficiencies in controls over certain financial and tax processing systems related to access controls configuration management segregation of duties and information security management program controls These new and continuing deficiencies collectively represented a significant deficiency in increased risk of unauthorized access to modification of or disclosure of financial reporting and taxpayer data and disruption of critical operations We made 18 recommendations to address these 11GAO Management Report Improvements Are Needed to Enhance the Internal Revenue Service’s Information System Security Controls GAO-20-411R Washington D C May 13 2020 Page 6 GAO-21-178T IRS IT Management deficiencies bringing the total number of recommendations on deficiencies in information security controls that have not yet been implemented to 132 IRS agreed with our recommendations and stated its commitment to improving its financial management internal controls IT posture and the overall effectiveness of its information systems controls • In our January 2020 report on IRS’s performance for the 2019 filing season 12 we noted that customer service representatives and frontline managers had frequently experienced issues with their computers that affected their ability to serve taxpayers Specifically 60 of 67 representatives and managers told us that they had frequently experienced computer problems such as freezing or taking excessive time to reboot or difficulty logging on We observed these technical difficulties during our visits to IRS service centers The representatives and managers noted that these problems had worsened with the installation of a new telephone system They noted that these computer problems could cause phone calls to disconnect before the taxpayer’s issues were resolved thus requiring the taxpayer to call back and wait in the queue again We also reported that 25 customer service representatives had noted that they had limited technical support onsite and would ask their managers or others for support if possible or attempt to resolve problems on their own IRS officials acknowledged the computer freezes and limited onsite support to address them and stated they were working to address the issues As a result of our findings we recommended that IRS perform regular monitoring of fluctuations in system downtime charges such as increases overall or by specific units to determine what if any factors are interrupting customer service representatives’ work The agency generally agreed with our recommendation and stated that it has actions underway to implement it • In our February 2020 report summarizing our review of IRS’s implementation of the business provisions of the Tax Cuts and Jobs Act 13 we noted that IRS was not able to capture all tax return 12GAO 2019 Tax Filing IRS Successfully Implemented Tax Law Changes but Needs to Improve Service for Taxpayers with Limited-English Proficiency GAO-20-55 Washington D C Jan 15 2020 13GAO Tax Cuts And Jobs Act Considerable Progress Made Implementing Business Provisions but IRS Faces Administrative and Compliance Challenges GAO-20-103 Washington D C Feb 25 2020 Pub L No 115-97 131 Stat 2054 2017 is commonly known as the Tax Cut and Jobs Act of 2017 Page 7 GAO-21-178T IRS IT Management information in Extensible Markup Language XML format—a format that allows for greater accessibility and analysis Rather the agency captured significant amounts of return information in Portable Document Format PDF which was challenging for officials to use for data analytics and trend analysis One of the two business operating divisions in our review that was using the PDF data was taking steps to convert the data into a format that was more usable for compliance purposes However the other division had not reviewed the costs and benefits of converting PDF forms for its scope of work to determine which forms if any would be a good use of IRS resources to convert to XML format to help with compliance efforts Consequently we recommended that this business operating division 1 identify the costs and benefits of retroactively transcribing certain taxpayer data and then 2 implement transcription based on this determination IRS disagreed with these recommendations stating that retroactively transcribing data is a resource-intensive manual process As of August 2020 the agency did not plan to take action on them However we believe that converting data in instances where the benefits outweigh the costs would better position IRS to more effectively and efficiently pursue its mission of ensuring taxpayer compliance • In our December 2019 report regarding online services 14 we noted that IRS had established a goal to “modernize the taxpayer experience” in its April 2019 IT Modernization Plan To do this the agency proposed to develop new services including delivering taxpayer notices electronically and modernizing online installment agreements provided that IRS continued to receive the requested resources from Congress However we noted that IRS had not incorporated taxpayer input into its prioritization process for these new services because it prioritized services primarily based on their potential to benefit IRS’s operations or because they could be developed quickly We pointed out that this was not consistent with the Office of Management and Budget’s OMB guidance which stated that new digital services should be designed around user needs with data-driven analysis influencing management and development decisions In addition we noted that IRS ran the risk of developing online services which may be of lower priority to taxpayers or that taxpayers would not utilize Consequently we recommended that the agency include taxpayer input as an element of its identification and 14GAO Tax Administration Taxpayer Input Could Strengthen IRS's Online Services GAO-20-71 Washington D C Dec 19 2019 Page 8 GAO-21-178T IRS IT Management prioritization process for new online services IRS agreed with our recommendation and stated it has actions underway to implement it IRS Is At Various Stages of Implementing GAO’s Recommendations to Improve Its IT Management Over the past several years we have reviewed IRS’s efforts to manage its IT acquisitions and have identified areas of opportunity for improvements including some which could address the IT operational challenges we have identified As a result we have made over 30 recommendations to the agency since 2016 aimed at reducing risk to IT management and implementing improvements IRS has addressed some of the recommendations and is at various stages of implementing others For example • In May 2016 we reported on legacy IT systems across the federal government noting that these systems were becoming increasingly obsolete and that many of them used outdated software languages and hardware parts that were unsupported by the vendor 15 As part of that work we highlighted IRS’s use of assembly language code and COBOL—a language developed in the late 1950s and early 1960s— to program its legacy systems We noted the need for agencies to move to more modern maintainable languages as appropriate and feasible Further we noted that a leading IT research and advisory company had reported that organizations using COBOL should consider replacing the language and that there should be a shift in focus to using more modern languages for new products We also pointed out that the use of COBOL presented challenges for agencies given that procurement and operating costs associated with this language would steadily rise and because fewer people with the proper skill sets would be available to support the language Further we reported that the Individual Master File was over 50 years old at that time and although IRS was working to modernize it the agency did not have a time frame for completing the modernization or replacement of the system Thus we recommended that Treasury direct its CIO to develop a plan to modernize or replace legacy systems including time frames activities to be performed and 15GAO Information Technology Federal Agencies Need to Address Aging Legacy Systems GAO-16-468 Washington D C May 25 2016 Page 9 GAO-21-178T IRS IT Management functions to be replaced or enhanced The department had no comments on our recommendation As previously noted IRS’s CADE 2 investment is intended to replace core functions of the Individual Master File However as we recently reported 16 IRS has not yet determined a time frame for completing the investment In addition in September 2020 IRS’s Acting Chief Information Officer and Deputy Commissioner for Operations told us that IRS was in the initial stages of developing a strategy to fully replace and retire the Individual Master File • In June 2016 we reported that IRS had developed IT investment priorities which supported two types of activities—operations and modernization 17 For operations IRS had developed priority groups such as 1 critical business operations infrastructure operations and maintenance and 2 delivery of essential tax administration taxpayer services We noted that IRS had developed a structured process for allocating funding to its operations activities consistent with best practices however it had not fully documented this process For modernization IRS had identified priorities for modernization activities such as developing web applications to help reach IRS’s future state vision however the agency did not have a structured process for its modernization activities We recommended that IRS develop and document its processes for prioritizing IT funding for both operations and modernization activities The agency agreed with the recommendations and has since implemented one of them and taken steps to implement the other Specifically IRS documented its process for prioritizing its operations activities Regarding modernization activities in September 2020 IRS’s Acting Chief Information Officer and Deputy Commissioner for Operations stated that the agency was developing and documenting a structured process for prioritizing modernization activities These officials said that the agency expected to document the process by November 2020 and to implement it for the fiscal year 2022 budget cycle to coincide with the start of phase 2 of the modernization plan • In June 2018 we reviewed the performance of selected IRS investments the extent to which IRS had identified and taken steps to 16GAO-20-249SP 17GAO-16-545 Page 10 GAO-21-178T IRS IT Management address the risks associated with three mission critical legacy systems—the Individual Master File Integrated Data Retrieval System and Mainframes and Servers Services and Support—and IRS’s implementation of key IT workforce planning practices 18 We found that the five selected investments in the operations and maintenance phase that we reviewed had performed internal qualitative assessments of performance as required by OMB however the analyses did not address all key factors such as strategic and business results specified in OMB guidance Further we reported that the three mission critical legacy systems faced significant risks due to their reliance on legacy programming languages outdated hardware and a shortage of human resources with needed skills However IRS had not fully implemented key risk management practices and may have been challenged in effectively mitigating risks to minimize their impact on the agency’s ability to carry out its mission We also noted that while IRS had initiated IT workforce planning efforts including developing an inventory of the current IT workforce it had not fully implemented any of the key IT workforce planning practices we had identified in prior work 19 As a result of these and other findings in our report we made 21 recommendations to IRS The agency did not agree or disagree with the recommendations but said it would provide a plan for addressing each recommendation As of September 2020 IRS had implemented three recommendations including updating operational analyses for Integrated Data Retrieval System and Mainframe Servers and Support System and updating its risk management plan for the Mainframe Servers and Support System to account for identifying risk as we had recommended IRS had also taken steps to update its risk management plan to prepare analyze prioritize and mitigate risks for several investments Related to the IT workforce in September 2020 IRS’s Acting Chief Information Officer and Deputy Commissioner for Operations Support told us that IRS had hired six technology leaders to support its IT modernization and online services programs using hiring flexibilities that Congress had recently granted the agency 20 18GAO-18-298 19GAO IT Workforce Key Practices Help Ensure Strong Integrated Program Teams Selected Departments Need to Assess Skill Gaps GAO-17-8 Washington D C Nov 30 2016 20These Page 11 hiring flexibilities are known as “streamlined critical pay authority ” GAO-21-178T IRS IT Management • In March 2019 in a review of enterprise-wide strategic workforce planning efforts we reported that IRS’s Human Capital Office had limited staffing capacity to hire employees in hard-to-fill positions such as IT positions which held risks for the agency’s ability to implement the Tax Cuts and Jobs Act 21 We reported that the agency was undertaking a variety of activities to improve its hiring capacity but had not determined how each activity would be evaluated and would contribute to increased hiring capacity or associated outcomes In addition we noted that changes in the agency’s hiring processes had been confusing to managers and had contributed to hiring delays We also noted that clear guidance on hiring request requirements would better position IRS to avoid the risk of hiring delays for mission critical occupations We acknowledged that the IT organization had taken steps to address skills needs by developing a skills and competency inventory of its workforce as noted above We made six recommendations to IRS that included implementing its delayed workforce planning initiative evaluating actions to improve the agency’s hiring capacity and addressing changes in its processes that have contributed to hiring delays The agency agreed with our recommendations As of September 2020 IRS had implemented two of the recommendations and had taken steps to implement the remaining four In summary given IRS’s extensive reliance on IT to carry out its mission of providing service to America’s taxpayers in meeting their tax obligations it is important that the agency address the recommendations we have made to address the challenges and opportunities for improving the management of its IT investments we have identified in recent years While the agency has implemented some recommendations it has many more important ones that it still needs to address Continued attention to implementing our recommendations will be vital to helping IRS ensure it is effectively carrying out its mission and responsibilities and managing its efforts to modernize its aging IT systems and ensure its multibillion dollar investment in IT is meeting the needs of the agency 21GAO Internal Revenue Service Strategic Human Capital Management is Needed to Address Serious Risks to IRS’s Mission GAO-19-176 Washington D C Mar 26 2019 Page 12 GAO-21-178T IRS IT Management Chairman Connolly Ranking Member Hice and Members of the Subcommittee this completes my prepared statement I would be pleased to respond to any questions that you may have GAO Contacts and Staff Acknowledgments 104556 If you or your staffs have any questions about this testimony please contact me at 202 512-6240 or at dsouzav@gao gov Individuals who made key contributions to this testimony are Sabine Paul Assistant Director Shea Bader Michael Bechetti Roger Bracy Heather Collins Donna Epler Rebecca Eyler William Hutchinson Melissa King Lori Martinez Analyst in Charge Meredith Moles Monica Perez-Nelson and Erin Saunders-Rath Page 13 GAO-21-178T IRS IT Management This is a work of the U S government and is not subject to copyright protection in the United States The published product may be reproduced and distributed in its entirety without further permission from GAO However because this work may contain copyrighted images or other material permission from the copyright holder may be necessary if you wish to reproduce this material separately GAO’s Mission The Government Accountability Office the audit evaluation and investigative arm of Congress exists to support Congress in meeting its constitutional responsibilities and to help improve the performance and accountability of the federal government for the American people GAO examines the use of public funds evaluates federal programs and policies and provides analyses recommendations and other assistance to help Congress make informed oversight policy and funding decisions GAO’s commitment to good government is reflected in its core values of accountability integrity and reliability Obtaining Copies of GAO Reports and Testimony The fastest and easiest way to obtain copies of GAO documents at no cost is through our website Each weekday afternoon GAO posts on its website newly released reports testimony and correspondence You can also subscribe to GAO’s email updates to receive notification of newly posted products Order by Phone The price of each GAO publication reflects GAO’s actual cost of production and distribution and depends on the number of pages in the publication and whether the publication is printed in color or black and white Pricing and ordering information is posted on GAO’s website https www gao gov ordering htm Place orders by calling 202 512-6000 toll free 866 801-7077 or TDD 202 512-2537 Orders may be paid for using American Express Discover Card MasterCard Visa check or money order Call for additional information Connect with GAO Connect with GAO on Facebook Flickr Twitter and YouTube Subscribe to our RSS Feeds or Email Updates Listen to our Podcasts Visit GAO on the web at https www gao gov To Report Fraud Waste and Abuse in Federal Programs Contact FraudNet Website https www gao gov fraudnet fraudnet htm Automated answering system 800 424-5454 or 202 512-7700 Congressional Relations Orice Williams Brown Managing Director WilliamsO@gao gov 202 512-4400 U S Government Accountability Office 441 G Street NW Room 7125 Washington DC 20548 Public Affairs Chuck Young Managing Director youngc1@gao gov 202 512-4800 U S Government Accountability Office 441 G Street NW Room 7149 Washington DC 20548 Strategic Planning and External Liaison James-Christian Blockwood Managing Director spel@gao gov 202 512-4707 U S Government Accountability Office 441 G Street NW Room 7814 Washington DC 20548 Please Print on Recycled Paper