IRS Left Taxpayer Data Vulnerable and Lied About It 79
Bruce66423 writes with news that the IRS hasn't made much progress improving its poor IT security. From the article: "The Treasury Inspector General for Tax Administration found that the IRS had only partially implemented 42 percent of the corrective plans it checked off as completed in recent years. ...
The review (PDF) showed that the IRS failed to properly track its progress toward completing many of the fixes auditors had recommended in recent years. The agency closed most of the cases without adequate documentation and did not always upload the necessary information into a database that helps ensure compliance."
That word, "lying", stop using it (Score:4, Informative)
If you read the specifics, you'll find that there is plenty of leeway between what the auditors asked for (things like scanning for empty/default admin passwords, filing security audit reports in a central location, documenting that managers approved admin accounts, etc.) and what the IRS believed it had done to implement them.
If you ask me to implement something, I think I did so, and so I check that off as "completed", that is not lying.
This is more like a failed test case. The auditors are complaining that the IRS' implementation of their recommendations are insufficient.